formbook

General

Target

238864be2d731bc5838b95c8bb50b961d19f04b6b64d3daf323db967266fa458
Size

238KB
Sample

230704-qlk4xsfa4x
MD5

8ec5b6656574a65d6f57b1f27decd161
SHA1

6cfb91be22a7c684e04cdc3e4e36f3c43c7e702f
SHA256

238864be2d731bc5838b95c8bb50b961d19f04b6b64d3daf323db967266fa458
SHA512

b0848c25c587590b47349faef70e48f64995fbe566bcd55bf360181193bc04f5af5d18a1bfd85f01c7d3b01c6d69f11b4d2b8f21bd6fcaf5cbc82a2b5112f933
SSDEEP

6144:PYa6VVMUOy1kznVL5hQg0KLB2GkjRLL7w6rdv+:PYfmukbVLH70KMJjRbw6rdv+

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

da23

Decoy

jiuse896.com

htdingguanji.com

gbwnxhdxaudxi.com

stakoov.com

tuttu517.com

shubaerc.com

bytxon.xyz

9ihoa7.com

pacificpanacea.com

hubawatch.com

hei0obbq8sp9te.xyz

19xqe6.cfd

anagecre.com

fwradi.online

45188.icu

institutdelama.com

picateers.pro

ewmsty.site

yamaharigs.com

jistream.com

Targets

- Target
  
  238864be2d731bc5838b95c8bb50b961d19f04b6b64d3daf323db967266fa458
- Size
  
  238KB
- MD5
  
  8ec5b6656574a65d6f57b1f27decd161
- SHA1
  
  6cfb91be22a7c684e04cdc3e4e36f3c43c7e702f
- SHA256
  
  238864be2d731bc5838b95c8bb50b961d19f04b6b64d3daf323db967266fa458
- SHA512
  
  b0848c25c587590b47349faef70e48f64995fbe566bcd55bf360181193bc04f5af5d18a1bfd85f01c7d3b01c6d69f11b4d2b8f21bd6fcaf5cbc82a2b5112f933
- SSDEEP
  
  6144:PYa6VVMUOy1kznVL5hQg0KLB2GkjRLL7w6rdv+:PYfmukbVLH70KMJjRbw6rdv+
Score

10^/10

formbook da23 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2