formbook

General

Target

AGRUBU 0550.06092023.pdf.exe
Size

467KB
Sample

230609-ptf99scb33
MD5

6e108faf5eeb7791325b1059ecbe617b
SHA1

1681e84c42516e88b50f2b7b51555baea1db50d1
SHA256

d612f5bbe5a52c3bfa7bae355fea53d60f252f0bad240bf12af3d31666b5fcf1
SHA512

ae524ca31944958a2fc27c35725c57e8881656b242d5f2dcf964112393f014c9ddea77d5b9b1f386dcd00ed6599324fea9978a3d43935f6c0773544e608606a2
SSDEEP

6144:+Ya6vdMC5muIKMGOZ9pgeOr+Nr+cNo0XUuvNS:+YXpkaCpTN5Uu0

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn84

Decoy

psptek.com

seshoo.com

dogwalknwoof.com

teamdaigle.com

mimzevents.com

algerimarket.com

rr251r55r.xyz

indialgbtq.com

huatongdk.com

couplecoaches.com

fleshlierwickerwork.com

ambito365.store

hoaified.com

shunsuikeji.com

uiomke.xyz

xn--12c4dfj4gtc.net

pika-moon.fun

breakingbarriersglobal.com

aqua-ammo.com

nmc380.top

Targets

- Target
  
  AGRUBU 0550.06092023.pdf.exe
- Size
  
  467KB
- MD5
  
  6e108faf5eeb7791325b1059ecbe617b
- SHA1
  
  1681e84c42516e88b50f2b7b51555baea1db50d1
- SHA256
  
  d612f5bbe5a52c3bfa7bae355fea53d60f252f0bad240bf12af3d31666b5fcf1
- SHA512
  
  ae524ca31944958a2fc27c35725c57e8881656b242d5f2dcf964112393f014c9ddea77d5b9b1f386dcd00ed6599324fea9978a3d43935f6c0773544e608606a2
- SSDEEP
  
  6144:+Ya6vdMC5muIKMGOZ9pgeOr+Nr+cNo0XUuvNS:+YXpkaCpTN5Uu0
Score

10^/10

formbook sn84 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2