formbook

General

Target

UPDATED SOA.zip
Size

223KB
Sample

230704-htsjzabd77
MD5

aeef1e741da1ba9fe7c2a4d5dd616f9a
SHA1

d7449d2216fe4ec21f9a9a482ee89831f3b2e874
SHA256

4c6ea9785fdf124605e0b3e65540926d787d903d47f95df1a95bbfbbc198d0ca
SHA512

d2afeb8f24cde6bc1e8d8bac8fda6a50c4ab01b3f7309eea7cd7351ef835626ec96bae4aa38fd66b6b99fc780c535fe0fb771ee980354b62e09775292fbb3711
SSDEEP

6144:kpU8PLhQwItFTtycQJe+TGXO7t4I3Nc3P6PZ5re:ePLuwItdtBzO4iSCx5a

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

s28y

Decoy

whytry.shop

readyconcreto.com

redbudvending.com

prosblogs.com

litescales.sbs

campinglager.beer

serenitysuite.health

starbytescafe.com

youbi.cyou

hg301d.cfd

nissanvideos.com

kedou25.com

relovedresses.com

contourbioinc.com

usrinfo.top

i8ep58.cfd

wildcatcreekhomes.com

mpocash.mobi

shisokj.vip

jiangwan.top

Targets

- Target
  
  UPDATED SOA.exe
- Size
  
  237KB
- MD5
  
  d7dce4a617bf4fd2c8a461c8100d0875
- SHA1
  
  db21cd510a5bb8953fdf63ad0785ba22ccc99403
- SHA256
  
  fa3a477577604a91938f7650b04d3dfaa1d8ec12578d3bb2618817529c8b5797
- SHA512
  
  0a4055c55a607de7f38df43c898a3e35de536707e5ac55680a74b531e08863477f759b40cbe522f373a86adc57fecc73f49a07d09265d71495c6d3b6553ab9fa
- SSDEEP
  
  6144:vYa6fnp4hNwItFltkcQJ4+DGbO7tO23Ni3PmPZGra:vYVnp4HwItTtX1qOIEOxG+
Score

10^/10

formbook s28y rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2