formbook | 8b51db0c1e9ae35680633093f289e1a8e6bc7ace6917fb4ae17624ab7e24a6b0 | Triage

Sharing

General

Target

0221dcfd786601ea3e97128ba5e23278.bin
Size

610KB
Sample

231231-bctmdabber
MD5

36b2e1d720871325eb416d6991527377
SHA1

f653720052999e571520f16b8df9b1b833a35e07
SHA256

8b51db0c1e9ae35680633093f289e1a8e6bc7ace6917fb4ae17624ab7e24a6b0
SHA512

241d0bcd22b14b41888e93c51c200778bed376664f6ddc4b8b4ad5d7bcd0fa606eb4bb0b6b1244ad9837bb125149a5ffc88a3f7b7f9790f541d7395e47cb7fd5
SSDEEP

12288:+Fyq4nE+C8rHFbtAEbOOJOjQGFaW2Zo8ehTNlihKqT31yFSL2TNDhK:+MPnECr7DLiavQoJyFSa8

Score

10^/10

formbook gy14 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gy14

Decoy

mavbam.com

theanhedonia.com

budgetnurseries.com

buflitr.com

alqamarhotel.com

2660348.top

123bu6.shop

v72999.com

yzyz841.xyz

247fracing.com

naples.beauty

twinklethrive.com

loscaseros.com

creditspisatylegko.site

sgyy3ej2dgwesb5.com

ufocafe.net

techn9nehollywoodundead.com

truedatalab.com

alterdpxlmarketing.com

harborspringsfire.com

Targets

- Target
  
  37597a431d5cc8ef90c319b77d356ff6be15ba32df42b69b36561f226236d3ee.exe
- Size
  
  795KB
- MD5
  
  0221dcfd786601ea3e97128ba5e23278
- SHA1
  
  6d768e1299b5903ead6030b32e1e6a2aed881e1a
- SHA256
  
  37597a431d5cc8ef90c319b77d356ff6be15ba32df42b69b36561f226236d3ee
- SHA512
  
  99fe04e8fb1fe1738b17bf0a149b891376dc760f613318892682da65bc5576fe6c6d2315833515f53851de2dc216bd32a7dd5c09e39e61faee28c1f647ea1cef
- SSDEEP
  
  12288:PNk0/uOQAWuzQ5e119/mGZ7dgWwwNBLl0xA3:Fk0/xQhSKe11HiWFNBqxA3
Score

10^/10

formbook gy14 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookgy14ratspywarestealertrojan

behavioral2