formbook | 32a70d3b6c2a40554037f062ea3e768888ca7c4f05b7e2b1f66f4acb05a67aa7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32a70d3b6c2a40554037f062ea3e768888ca7c4f05b7e2b1f66f4acb05a67aa7
Size

367KB
Sample

230206-pazx9sdg67
MD5

e4c1322e603225807fdc8da0bd5db805
SHA1

7ed0070478a6a65a18971ca0364635212c128367
SHA256

32a70d3b6c2a40554037f062ea3e768888ca7c4f05b7e2b1f66f4acb05a67aa7
SHA512

f029fd65855e40546b397404118a225cc85a4f87324aabbb71c143dc4e2b4ce7075c54cbe55669ed5a726fcb21a3ee5ed59d35d81739c76dade80e871fef19bb
SSDEEP

6144:FYa6SU4VIXmDSvMDe3m1mYb4ecR8dVu9ZOLbkuX7arnhCuyaiBQYOqL8IgtO6Dz:FYkU4VumWvMDe3m1me4ehi9ZADGrhCIx

Score

10^/10

formbook nes8 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

nes8

Decoy

simantsfamily.com

ninobrowndelivery.net

y94x.info

huibi01.vip

davidspanu.com

swegon.tech

moapulsa.com

coveredseguros.com

owltoon.site

loyalguardianop.com

banca-particulares.icu

innovativanimal.com

girlschools.top

smartbed-gb-tok.life

vhail.store

bluffdalecitizens.info

asmcpn.us

wordybag.online

smmfsa.com

jinglunqhd.com

Targets

- Target
  
  32a70d3b6c2a40554037f062ea3e768888ca7c4f05b7e2b1f66f4acb05a67aa7
- Size
  
  367KB
- MD5
  
  e4c1322e603225807fdc8da0bd5db805
- SHA1
  
  7ed0070478a6a65a18971ca0364635212c128367
- SHA256
  
  32a70d3b6c2a40554037f062ea3e768888ca7c4f05b7e2b1f66f4acb05a67aa7
- SHA512
  
  f029fd65855e40546b397404118a225cc85a4f87324aabbb71c143dc4e2b4ce7075c54cbe55669ed5a726fcb21a3ee5ed59d35d81739c76dade80e871fef19bb
- SSDEEP
  
  6144:FYa6SU4VIXmDSvMDe3m1mYb4ecR8dVu9ZOLbkuX7arnhCuyaiBQYOqL8IgtO6Dz:FYkU4VumWvMDe3m1me4ehi9ZADGrhCIx
Score

10^/10

formbook nes8 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbooknes8ratspywarestealertrojan