formbook | 4d0cc11f2470361bfd753f45700c1e7bf94ef33957f16295ae2bba602b6e8456 | Triage

Sharing

General

Target

24eb3f795b03348fec49632640ccee32
Size

857KB
Sample

231231-c7lqpacaa6
MD5

24eb3f795b03348fec49632640ccee32
SHA1

4f28a646ed198eeab5345cff845637daa8849310
SHA256

4d0cc11f2470361bfd753f45700c1e7bf94ef33957f16295ae2bba602b6e8456
SHA512

66be6f27fe15d33269710370c80ad6177b67ae249d52dc3c69c3fbd3c75897fe7e42315038dfc02af27d028f23b994c7a9f8e0fea287d67beaab1e621f7612de
SSDEEP

12288:xQDc9F3nC0Py3gAh51v4dIccxC9I8XCdDl0kPnHO/zWsjsWKxcZOu7KCPuUX+xAi:x0vihcxC60WcsPxsOmWe/MMg

Score

10^/10

formbook odse rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

odse

Decoy

braedlifestyle.com

morganjohnsondesign.online

surup-v48.club

diypoolpaint.sydney

v-b7026-ghhh.space

vetyvar.com

lollydaisy.com

campsitesurvival.com

autocalibre.com

fusiontech3d.com

xn--udkog0cvez259c82sa.xyz

eccentricartist.com

jc-zg.com

wacwin.com

livehealthychoice.com

visijuara.com

phigsa.com

sabayawork.com

afcerd.com

joeyshousesessions.com

Targets

- Target
  
  24eb3f795b03348fec49632640ccee32
- Size
  
  857KB
- MD5
  
  24eb3f795b03348fec49632640ccee32
- SHA1
  
  4f28a646ed198eeab5345cff845637daa8849310
- SHA256
  
  4d0cc11f2470361bfd753f45700c1e7bf94ef33957f16295ae2bba602b6e8456
- SHA512
  
  66be6f27fe15d33269710370c80ad6177b67ae249d52dc3c69c3fbd3c75897fe7e42315038dfc02af27d028f23b994c7a9f8e0fea287d67beaab1e621f7612de
- SSDEEP
  
  12288:xQDc9F3nC0Py3gAh51v4dIccxC9I8XCdDl0kPnHO/zWsjsWKxcZOu7KCPuUX+xAi:x0vihcxC60WcsPxsOmWe/MMg
Score

10^/10

formbook odse rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookodseratspywarestealertrojan

behavioral2