formbook | 469162ec601c979d1e51ad44ea01fa8a4520d650773e7280918128b43691f2e4 | Triage

Sharing

General

Target

469162ec601c979d1e51ad44ea01fa8a4520d650773e7280918128b43691f2e4
Size

327KB
Sample

221214-lnchcace6v
MD5

a0f1b339ef38c5d545a7357492b8a327
SHA1

fc4da48839297bac23538e32354b72fc68d464ba
SHA256

469162ec601c979d1e51ad44ea01fa8a4520d650773e7280918128b43691f2e4
SHA512

7143ea53ac918c1affe6bf55f7bd8214e70b02f4bd0bd966eb1ab765822806800ed7d44bdaa49d07c560925393db7aa7fadf954e1381ed201beecfbc85af0a53
SSDEEP

6144:vEb2RYmNJaftegaqDDsjZ5dbr+tzKCc2omW5B8tCaJBg7F/k9:im/aF/54jZb3Ez9crB8Cak7xk9

Score

10^/10

formbook sk19 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sk19

Decoy

21diasdegratitud.com

kx1993.com

chasergt.com

837news.com

naturagent.co.uk

gatorinsurtech.com

iyaboolashilesblog.africa

jamtanganmurah.online

gguminsa.com

lilliesdrop.com

lenvera.com

link48.co.uk

azinos777.fun

lgcdct.cfd

bg-gobtc.com

livecarrer.uk

cbq4u.com

imalreadygone.com

wabeng.africa

jxmheiyouyuetot.tokyo

Targets

- Target
  
  469162ec601c979d1e51ad44ea01fa8a4520d650773e7280918128b43691f2e4
- Size
  
  327KB
- MD5
  
  a0f1b339ef38c5d545a7357492b8a327
- SHA1
  
  fc4da48839297bac23538e32354b72fc68d464ba
- SHA256
  
  469162ec601c979d1e51ad44ea01fa8a4520d650773e7280918128b43691f2e4
- SHA512
  
  7143ea53ac918c1affe6bf55f7bd8214e70b02f4bd0bd966eb1ab765822806800ed7d44bdaa49d07c560925393db7aa7fadf954e1381ed201beecfbc85af0a53
- SSDEEP
  
  6144:vEb2RYmNJaftegaqDDsjZ5dbr+tzKCc2omW5B8tCaJBg7F/k9:im/aF/54jZb3Ez9crB8Cak7xk9
Score

10^/10

formbook sk19 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

formbooksk19ratspywarestealertrojan