formbook | ab8fa0dda1daa490598653ad71df25b26af3dc5b54434c68bccdff3eda13f96e | Triage

Sharing

General

Target

ab8fa0dda1daa490598653ad71df25b26af3dc5b54434c68bccdff3eda13f96e
Size

293KB
Sample

230328-hbsf9ahd58
MD5

7c85964484c4e3471124dd4dd5ef34df
SHA1

9a98592a83e9d3ba1dcbe52000e63f9940270fd7
SHA256

ab8fa0dda1daa490598653ad71df25b26af3dc5b54434c68bccdff3eda13f96e
SHA512

46f1d69d8a787b946084fbb3caa12a4ae7a723b0591d3fd2be8f0a9915ed3702f7f771dc52e2f008b51bb291a223f3df56d4a3dc789dc88b50d7f281f71a0e0d
SSDEEP

6144:/Ya6ecZBUdAW0HmqIUjrBxEsjolC06nbGY9kbdVMZYIOS+Fgoka:/YQnd+GaLEsfnbGKkDax5+Vka

Score

10^/10

formbook gn35 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gn35

Decoy

igusa.top

1cweb.online

ifoundmymind.com

highlightscorner.africa

kareeberg.com

conjurai.com

airforcevillagesinc.space

3dprintingpro.net

montelent.africa

willowscatsitting.co.uk

dental-implants-64653.com

byunfussy.com

jbpaintsolutions.com

caliner-bebe.com

hjd54c.com

ronabarandgrill.co.uk

financechainz.com

jsqualitycars.com

cortinasagave.store

barrowfordceltic.org.uk

Targets

- Target
  
  ab8fa0dda1daa490598653ad71df25b26af3dc5b54434c68bccdff3eda13f96e
- Size
  
  293KB
- MD5
  
  7c85964484c4e3471124dd4dd5ef34df
- SHA1
  
  9a98592a83e9d3ba1dcbe52000e63f9940270fd7
- SHA256
  
  ab8fa0dda1daa490598653ad71df25b26af3dc5b54434c68bccdff3eda13f96e
- SHA512
  
  46f1d69d8a787b946084fbb3caa12a4ae7a723b0591d3fd2be8f0a9915ed3702f7f771dc52e2f008b51bb291a223f3df56d4a3dc789dc88b50d7f281f71a0e0d
- SSDEEP
  
  6144:/Ya6ecZBUdAW0HmqIUjrBxEsjolC06nbGY9kbdVMZYIOS+Fgoka:/YQnd+GaLEsfnbGKkDax5+Vka
Score

10^/10

formbook gn35 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

formbookgn35ratspywarestealertrojan