formbook | 441b9e71d315dbc21471e1c3cf9824c4303ba40effa313c89345f399cf28cda2 | Triage

Sharing

General

Target

441b9e71d315dbc21471e1c3cf9824c4303ba40effa313c89345f399cf28cda2
Size

289KB
Sample

230404-s1224aab6s
MD5

07267fb4371d348b4acecd5ebfab5d48
SHA1

53bd5d2a9e2426bdb10608c07ae0816dcbb819c6
SHA256

441b9e71d315dbc21471e1c3cf9824c4303ba40effa313c89345f399cf28cda2
SHA512

b330149c07e37a2605153d95c307e0ef030aa60f4857f7d520925fa9dbfed7cd7a27252a4d7ec0025b0339b271b27d150d2f0781021b3bef255e4945c31080ca
SSDEEP

6144:PYa6E1fCKW2rYT4SL+03K09Yeus7s6Zijbz2ZOIKQJmCHRq8PCXpe:PYKUKW2rYT4SLRaF6Z5ZONWxqO

Score

10^/10

formbook sa79 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sa79

Decoy

aidigify.com

angelavamundson.xyz

glicotoday.fun

agencyforbuyers.com

blacklifecoachquiz.com

4e6aqw.site

huawei1990.com

diyetcay.online

chesirechefs.co.uk

generalhospitaleu.africa

hfewha.xyz

lemons2cents.com

rahilprakash.com

kave.tech

netlexfrance.net

youthexsa.africa

car-covers-40809.com

bambooactive.store

fotobugil48.com

kuhler.club

Targets

- Target
  
  441b9e71d315dbc21471e1c3cf9824c4303ba40effa313c89345f399cf28cda2
- Size
  
  289KB
- MD5
  
  07267fb4371d348b4acecd5ebfab5d48
- SHA1
  
  53bd5d2a9e2426bdb10608c07ae0816dcbb819c6
- SHA256
  
  441b9e71d315dbc21471e1c3cf9824c4303ba40effa313c89345f399cf28cda2
- SHA512
  
  b330149c07e37a2605153d95c307e0ef030aa60f4857f7d520925fa9dbfed7cd7a27252a4d7ec0025b0339b271b27d150d2f0781021b3bef255e4945c31080ca
- SSDEEP
  
  6144:PYa6E1fCKW2rYT4SL+03K09Yeus7s6Zijbz2ZOIKQJmCHRq8PCXpe:PYKUKW2rYT4SLRaF6Z5ZONWxqO
Score

10^/10

formbook sa79 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

formbooksa79ratspywarestealertrojan