formbook | 0db69b2a71bd238fc32ea291ded5f68fc4b1505b2186abab3ef002ae86fa98a2 | Triage

Sharing

General

Target

42effe5da837ba9288de706bb29612da
Size

1.0MB
Sample

240105-gscxfsfcf4
MD5

42effe5da837ba9288de706bb29612da
SHA1

762f1138213ea8e5381f7d3d1a9fcb78b1e009a6
SHA256

0db69b2a71bd238fc32ea291ded5f68fc4b1505b2186abab3ef002ae86fa98a2
SHA512

6ffbc6770a5317d8a2b2141de1109384d0a1617ad04b28b2af42e764dcb3881cb1e0e681709afa6da407bfcdfaf00472530bd79f36419938ca0f078df50bbb24
SSDEEP

24576:hoQTELkqzHeklDoKeRn9BIxQXd/L6SHrjUSEH/NJKaoDi1EL:hoQYoqzHeG62xQXdznHUd1JKlDrL

Score

10^/10

formbook vd9n rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vd9n

Decoy

theunwrappedcollective.com

seckj-ic.com

tyresandover.com

thetrophyworld.com

fonggrconstruction.com

hopiproject.com

sktitle.com

charlotteobscurer.com

qjuhe.com

girlzglitter.com

createmylawn.com

hempcbgpill.com

zzdfdzkj.com

shreehariessential.com

226sm.com

getcupscall.com

neuralviolin.com

sanskaar.life

xn--fhqrm54yyukopc.com

togetherx4fantasy5star.today

Targets

- Target
  
  42effe5da837ba9288de706bb29612da
- Size
  
  1.0MB
- MD5
  
  42effe5da837ba9288de706bb29612da
- SHA1
  
  762f1138213ea8e5381f7d3d1a9fcb78b1e009a6
- SHA256
  
  0db69b2a71bd238fc32ea291ded5f68fc4b1505b2186abab3ef002ae86fa98a2
- SHA512
  
  6ffbc6770a5317d8a2b2141de1109384d0a1617ad04b28b2af42e764dcb3881cb1e0e681709afa6da407bfcdfaf00472530bd79f36419938ca0f078df50bbb24
- SSDEEP
  
  24576:hoQTELkqzHeklDoKeRn9BIxQXd/L6SHrjUSEH/NJKaoDi1EL:hoQYoqzHeG62xQXdznHUd1JKlDrL
Score

10^/10

formbook vd9n rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

formbookvd9nratspywarestealertrojan

behavioral2

formbookvd9nratspywarestealertrojan