formbook

General

Target

tmp
Size

236KB
Sample

221219-mntmaseg83
MD5

aabb09c3690d466afdfbbaeb791a8bc8
SHA1

128095dc05c3bdc4c00966f6c11ac79117f44833
SHA256

44bf46793f182055af9af6112cfd1236073c6ab0c879d0cffb49154e5c1c85dd
SHA512

b63268fa65e1346cfb31c0a0e2fc744c7f62a3b49bf287906562b4fb97f7190798132655ad7d2062c203d28d366cf5f273624b7abeb4446e150aae1f30dcdb65
SSDEEP

6144:FkwvQpUiezSv/iMQYDfyZepKpDLd8vG3be2x:EpReuiojyZTLd8Grfx

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

8rmt

Decoy

3472cc.com

takecareyourhair.com

kontolajigasd21.xyz

daihaitrinh.net

syncmostlatestinfo-file.info

lovesolutionsastrologist.info

angelapryan.com

rio727casino.com

jjsgagets.com

devyatkina.online

thegoldenbeautyqatar.com

czytaj-unas24live.monster

timepoachers.com

gayxxxporn.site

72308.xyz

kristanolivo.com

hijrahfwd.com

bmfighters.com

alfamx.website

handfulofbabesbows.com

Targets

- Target
  
  tmp
- Size
  
  236KB
- MD5
  
  aabb09c3690d466afdfbbaeb791a8bc8
- SHA1
  
  128095dc05c3bdc4c00966f6c11ac79117f44833
- SHA256
  
  44bf46793f182055af9af6112cfd1236073c6ab0c879d0cffb49154e5c1c85dd
- SHA512
  
  b63268fa65e1346cfb31c0a0e2fc744c7f62a3b49bf287906562b4fb97f7190798132655ad7d2062c203d28d366cf5f273624b7abeb4446e150aae1f30dcdb65
- SSDEEP
  
  6144:FkwvQpUiezSv/iMQYDfyZepKpDLd8vG3be2x:EpReuiojyZTLd8Grfx
Score

10^/10

formbook 8rmt rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2