formbook

General

Target

eb3a413a0c429934a855be955e984dc0N.exe
Size

1024KB
Sample

240813-q5vsgaxblh
MD5

eb3a413a0c429934a855be955e984dc0
SHA1

f3e72d00c9cdfeb200eeb1216fa05000e809a462
SHA256

da5e0937154966ad0f773e1c91e0116099c51fe15a745a7f2ed3857cd1aa9101
SHA512

80b4e899656e8dbc961034a5f01cc0a78e01534b699b6768a81132b53302514ad07e41e76d1faf43cfc5086e685f1cc5e60fa6f59a7ae4e46415db31f32ba14c
SSDEEP

24576:bVexEpFDcLc1N6/1hZ+1YhXODdwq4JEWCbtyLdw6cEcK:btN6N2jELdw6

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

mr8

Decoy

art-burger34.com

childcareos.com

bernardo.gallery

sadocdecoracionsl.com

xn--jh1as32a9kco1c.com

foodidelivery.com

chicagolandhomeswitharacely.com

eastbayprep.com

fohcoflooring.com

bororedsfootballacademy.com

xrip.ltd

free-boyband-tickets.win

hongxinmuju.com

kkkk030.com

camilaigor.com

graveber.com

botuoi88.com

aerostarmc.com

vapewerx.com

e-daftar.com

Targets

- Target
  
  eb3a413a0c429934a855be955e984dc0N.exe
- Size
  
  1024KB
- MD5
  
  eb3a413a0c429934a855be955e984dc0
- SHA1
  
  f3e72d00c9cdfeb200eeb1216fa05000e809a462
- SHA256
  
  da5e0937154966ad0f773e1c91e0116099c51fe15a745a7f2ed3857cd1aa9101
- SHA512
  
  80b4e899656e8dbc961034a5f01cc0a78e01534b699b6768a81132b53302514ad07e41e76d1faf43cfc5086e685f1cc5e60fa6f59a7ae4e46415db31f32ba14c
- SSDEEP
  
  24576:bVexEpFDcLc1N6/1hZ+1YhXODdwq4JEWCbtyLdw6cEcK:btN6N2jELdw6
Score

10^/10

formbook mr8 discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2