formbook | 014ed741b83b7bd4572f9fb1285ebecf658b74eb367b712614034c28b9af4845 | Triage

Sharing

General

Target

014ed741b83b7bd4572f9fb1285ebecf658b74eb367b712614034c28b9af4845
Size

361KB
Sample

231102-b86xksfa8x
MD5

5670f0e7e08a909949216672d3428e66
SHA1

8c8e8e7715e87810ad4d1f943279e081b7fded0e
SHA256

014ed741b83b7bd4572f9fb1285ebecf658b74eb367b712614034c28b9af4845
SHA512

ac8ecdffd2991dbcde5eb86eb3525c40c4f1be468c22f03826c39228594764c2e38a7f82ce75537a8e3400d0dc68d674303c51a7ad424fca08c807898e70c28e
SSDEEP

6144:F8LxBspf+q388vnDdsnm0GJPldFNehNTZGbQvtovLZIXahPxCpO2yjP2k5:/p9Dxsm0GJPRNehNtGbQvtoD6Xa6poB5

Score

10^/10

formbook sy22 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sy22

Decoy

vinteligencia.com

displayfridges.fun

completetip.com

giallozafferrano.com

jizihao1.com

mysticheightstrail.com

fourseasonslb.com

kjnala.shop

mosiacwall.com

vandistreet.com

gracefullytouchedartistry.com

hbiwhwr.shop

mfmz.net

hrmbrillianz.com

funwarsztat.com

polewithcandy.com

ourrajasthan.com

wilhouettteamerica.com

johnnystintshop.com

asgnelwin.com

Targets

- Target
  
  014ed741b83b7bd4572f9fb1285ebecf658b74eb367b712614034c28b9af4845
- Size
  
  361KB
- MD5
  
  5670f0e7e08a909949216672d3428e66
- SHA1
  
  8c8e8e7715e87810ad4d1f943279e081b7fded0e
- SHA256
  
  014ed741b83b7bd4572f9fb1285ebecf658b74eb367b712614034c28b9af4845
- SHA512
  
  ac8ecdffd2991dbcde5eb86eb3525c40c4f1be468c22f03826c39228594764c2e38a7f82ce75537a8e3400d0dc68d674303c51a7ad424fca08c807898e70c28e
- SSDEEP
  
  6144:F8LxBspf+q388vnDdsnm0GJPldFNehNTZGbQvtovLZIXahPxCpO2yjP2k5:/p9Dxsm0GJPRNehNtGbQvtoD6Xa6poB5
Score

10^/10

formbook sy22 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbooksy22ratspywarestealertrojan