formbook | 8b57c28d168dbb2d1f1a7520c4331c657ba9970be6eba72a552b58ad3519e0e8 | Triage

Sharing

General

Target

8b57c28d168dbb2d1f1a7520c4331c657ba9970be6eba72a552b58ad3519e0e8
Size

330KB
Sample

230919-l4mcgsgc8v
MD5

847c4cd760ad16321f9ec78b672e81da
SHA1

b0e07be4c8c4eb5996cf640a170485ef5268b027
SHA256

8b57c28d168dbb2d1f1a7520c4331c657ba9970be6eba72a552b58ad3519e0e8
SHA512

835bf6c1e490756fc6802271d2bab047b0b322b65b7fd5a5260acb728fc54771f9298fde205304ea13ecadcf561c15d1af116085d8d80160bb323b9653384644
SSDEEP

6144:vYa63g64a5n8qTnqjbZVTPeB2iAdZS+CiBttk7HtH/oLx4iBUhez:vY5g64a5ntnqHX22KiB0fG4mP

Score

10^/10

formbook sy22 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sy22

Decoy

vinteligencia.com

displayfridges.fun

completetip.com

giallozafferrano.com

jizihao1.com

mysticheightstrail.com

fourseasonslb.com

kjnala.shop

mosiacwall.com

vandistreet.com

gracefullytouchedartistry.com

hbiwhwr.shop

mfmz.net

hrmbrillianz.com

funwarsztat.com

polewithcandy.com

ourrajasthan.com

wilhouettteamerica.com

johnnystintshop.com

asgnelwin.com

Targets

- Target
  
  8b57c28d168dbb2d1f1a7520c4331c657ba9970be6eba72a552b58ad3519e0e8
- Size
  
  330KB
- MD5
  
  847c4cd760ad16321f9ec78b672e81da
- SHA1
  
  b0e07be4c8c4eb5996cf640a170485ef5268b027
- SHA256
  
  8b57c28d168dbb2d1f1a7520c4331c657ba9970be6eba72a552b58ad3519e0e8
- SHA512
  
  835bf6c1e490756fc6802271d2bab047b0b322b65b7fd5a5260acb728fc54771f9298fde205304ea13ecadcf561c15d1af116085d8d80160bb323b9653384644
- SSDEEP
  
  6144:vYa63g64a5n8qTnqjbZVTPeB2iAdZS+CiBttk7HtH/oLx4iBUhez:vY5g64a5ntnqHX22KiB0fG4mP
Score

10^/10

formbook sy22 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbooksy22ratspywarestealertrojan