formbook

General

Target

tmp
Size

257KB
Sample

221202-k7wjwsga2x
MD5

db34b27822c1c7d80e7e59ed743ce22c
SHA1

f888efab5bfd957947b95877b4c5c73067dad197
SHA256

3cfd81b824673a6ba23d472bd09d5e7610a3346cce6f23956507af5eab63c012
SHA512

860a92c61d02b1429853c529234ca0885cc37065503a14918ddfd722fd3281f1179fa036315a867eb36475e93db391307255e214b78733d8fd4ce7c93ed7a066
SSDEEP

6144:QBn1+chufZq/1wTiFDMwMBUvosOPuoXK+qvcAYzy/:g+ciAyeUavOha+nAYI

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

pr28

Decoy

huaxinimg.com

baorungas.com

comercializadoramultimus.com

blr-batipro.com

wantagedfas.uk

1thingplan.one

cweilin.com

lorienconsultingllc.com

jdzsjwx.com

casafacil.site

hkacgt.com

hasid.africa

92dgr97k4hr9.com

cvbiop.xyz

1wbskm.top

fantasticmobility.com

goodchoice2022.com

hafizpower.com

familiajoya.com

fundscrahelp.info

Targets

- Target
  
  tmp
- Size
  
  257KB
- MD5
  
  db34b27822c1c7d80e7e59ed743ce22c
- SHA1
  
  f888efab5bfd957947b95877b4c5c73067dad197
- SHA256
  
  3cfd81b824673a6ba23d472bd09d5e7610a3346cce6f23956507af5eab63c012
- SHA512
  
  860a92c61d02b1429853c529234ca0885cc37065503a14918ddfd722fd3281f1179fa036315a867eb36475e93db391307255e214b78733d8fd4ce7c93ed7a066
- SSDEEP
  
  6144:QBn1+chufZq/1wTiFDMwMBUvosOPuoXK+qvcAYzy/:g+ciAyeUavOha+nAYI
Score

10^/10

formbook pr28 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2