formbook | 8df17054582dadea3ec01f53993e88ebc0c6068cd724498230889617088aba90 | Triage

Submit
Reports

Overview

overview

Static

static

3

Receipt.exe

windows7-x64

Receipt.exe

windows10-2004-x64

Sharing

General

Target

910e6f84392c4202a7aecec7e272ec88_JaffaCakes118
Size

363KB
Sample

240603-jzncwaaa34
MD5

910e6f84392c4202a7aecec7e272ec88
SHA1

87d576afbc597b8bad33711adcbf09c2ffcd3006
SHA256

8df17054582dadea3ec01f53993e88ebc0c6068cd724498230889617088aba90
SHA512

e63bbee09f3e27d652edef460fc0d4813297d68de961484b47a866faafdcf18e2f95ce226554cd11b47e56247b74e4e2655d7bceb811e8d9d44f3f3bf42fc8d1
SSDEEP

6144:01j4BhZIY9fq6SmciNIIykyD16mMMycRrmGiGMWwOrmtBgjDwGVJoy2aQ2v9v+:m0kY9fEmciaIykY8zMycRrmGi92rmKDY

Score

10^/10

formbook ch rat spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Receipt.exe

Resource

win7-20240419-en

formbook ch rat spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Receipt.exe

Resource

win10v2004-20240508-en

formbook ch rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

formbook

Version

2.9

Campaign

ch

Decoy

online-resources.website

Targets

- Target
  
  Receipt.exe
- Size
  
  566KB
- MD5
  
  b087df97441c10a635821f5125039903
- SHA1
  
  188bdd07174280b2abaec985c2e2013bd05ed719
- SHA256
  
  b79cfaa7a2e97cbaab90bca401cd0099210c653bc1fbb38dccab617e4c5299ca
- SHA512
  
  81ef38afbc8352a530ffb31a365491271aa1c31e64533d4e1069bbbd493853617f9d84fd1b62424cbef77f0e2376bd44f72990a43d9de7d6d0f45d57583e2980
- SSDEEP
  
  12288:TjVnUiQvH1etl72rtwlXbI7XHgZQKhJgeCmR:XUsD72rtwlXsLHgZpJEW
Score

10^/10

formbook ch rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookchratspywarestealertrojan

behavioral2

formbookchratspywarestealertrojan

© 2018-2024

Terms | Privacy