formbook | 6f0a6315305a918cfaa7ec77275bd65a0acddbbac8b631ffe4dfb846a057a607 | Triage

Sharing

General

Target

243a8239525e29608f4302fd0eb4fac1
Size

782KB
Sample

231231-cqzafsgba8
MD5

243a8239525e29608f4302fd0eb4fac1
SHA1

a4bb6dea844f68aa144b5c049606b430cc5f766a
SHA256

6f0a6315305a918cfaa7ec77275bd65a0acddbbac8b631ffe4dfb846a057a607
SHA512

9ecf3b460507eac67d3a77be0e77af47d3ae8dbe3c57769e70a835ee917ea5606aef06b6c31e9b790f62e79ef15ce5d78a3114b6d80559e76daa285ee8374afa
SSDEEP

24576:bLC0jLOu7gThUyuPfJDcOQuIvYZnytHPi:vC0jF7gTOyuPfOuIvYY

Score

10^/10

formbook vd9n rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vd9n

Decoy

theunwrappedcollective.com

seckj-ic.com

tyresandover.com

thetrophyworld.com

fonggrconstruction.com

hopiproject.com

sktitle.com

charlotteobscurer.com

qjuhe.com

girlzglitter.com

createmylawn.com

hempcbgpill.com

zzdfdzkj.com

shreehariessential.com

226sm.com

getcupscall.com

neuralviolin.com

sanskaar.life

xn--fhqrm54yyukopc.com

togetherx4fantasy5star.today

Targets

- Target
  
  243a8239525e29608f4302fd0eb4fac1
- Size
  
  782KB
- MD5
  
  243a8239525e29608f4302fd0eb4fac1
- SHA1
  
  a4bb6dea844f68aa144b5c049606b430cc5f766a
- SHA256
  
  6f0a6315305a918cfaa7ec77275bd65a0acddbbac8b631ffe4dfb846a057a607
- SHA512
  
  9ecf3b460507eac67d3a77be0e77af47d3ae8dbe3c57769e70a835ee917ea5606aef06b6c31e9b790f62e79ef15ce5d78a3114b6d80559e76daa285ee8374afa
- SSDEEP
  
  24576:bLC0jLOu7gThUyuPfJDcOQuIvYZnytHPi:vC0jF7gTOyuPfOuIvYY
Score

10^/10

formbook vd9n rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Command and Scripting Interpreter

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

formbookvd9nratspywarestealertrojan

behavioral2

formbookvd9nratspywarestealertrojan