formbook | 1a0757646caa77704f3d029fa9abbb2d6846d134f7b29eb87f4eaaea134a84f5 | Triage

Sharing

General

Target

1a0757646caa77704f3d029fa9abbb2d6846d134f7b29eb87f4eaaea134a84f5
Size

414KB
Sample

221206-ecl43shc77
MD5

dfdeda2af8f802749ea92a46f1a15eb0
SHA1

1d4e20830f0059222251681524b8d04e2ef06b6c
SHA256

1a0757646caa77704f3d029fa9abbb2d6846d134f7b29eb87f4eaaea134a84f5
SHA512

207f6dd61ddbdeb216b5fe0385c406d4819475e99378930645bbd97add3832732b71a15fcfd80175478ad8d1b06234822699fc39a6fc5f6e06930a1e1393e114
SSDEEP

6144:PBnxm/hZudIIuLpVS0GKkGhxi4Y9p8Q2GNpoWkzxVeQMXdipolitSnIFkAFWQ:LzdIZpQ0lk2x0KVzL8diClQq4kc

Score

10^/10

formbook h3ha rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

h3ha

Decoy

ideas-dulces.store

store1995.store

swuhn.com

ninideal.com

musiqhaus.com

quranchart.com

kszq26.club

lightfx.online

thetickettruth.com

meritloancubk.com

lawnforcement.com

sogeanetwork.com

thedinoexotics.com

kojima-ah.net

gr-myab3z.xyz

platiniuminestor.net

reviewsiske.com

stessil-lifestyle.com

goodqjourney.biz

cirimpianti.com

Targets

- Target
  
  1a0757646caa77704f3d029fa9abbb2d6846d134f7b29eb87f4eaaea134a84f5
- Size
  
  414KB
- MD5
  
  dfdeda2af8f802749ea92a46f1a15eb0
- SHA1
  
  1d4e20830f0059222251681524b8d04e2ef06b6c
- SHA256
  
  1a0757646caa77704f3d029fa9abbb2d6846d134f7b29eb87f4eaaea134a84f5
- SHA512
  
  207f6dd61ddbdeb216b5fe0385c406d4819475e99378930645bbd97add3832732b71a15fcfd80175478ad8d1b06234822699fc39a6fc5f6e06930a1e1393e114
- SSDEEP
  
  6144:PBnxm/hZudIIuLpVS0GKkGhxi4Y9p8Q2GNpoWkzxVeQMXdipolitSnIFkAFWQ:LzdIZpQ0lk2x0KVzL8diClQq4kc
Score

10^/10

formbook h3ha rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

formbookh3haratspywarestealertrojan