formbook

General

Target

cb723d514a98b4d825222314945c680011cf2ba21dafd5cd9129fe144083b944.exe
Size

402KB
Sample

240819-cjdp6sycme
MD5

bb06ed23d87e32af51577a5c513154a4
SHA1

0465630ce40cd3eaf1e9f92daaccc16b9c3241e7
SHA256

cb723d514a98b4d825222314945c680011cf2ba21dafd5cd9129fe144083b944
SHA512

7915237ef8485cc63b57ce13adfffccf87510f896eac248299e3c5325c70a2e50b5657ed532ea09767c873d31afe3b956fbe807b6b4384ec6fa99836fb19d0a9
SSDEEP

6144:zmb3/3zvZ74J5spMIUYYKUeq7a/WUuufBvRiD5a:2v54Jq1B6L7UuupA

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

rn10

Decoy

kedai168et.com

mental-olympics.com

pussybuildsstrongbones.net

857691.shop

hisellers.net

exposurecophotography.com

beaded-boutique.net

wednesdayholdings.com

plesacv.xyz

manonlineros.com

a0204.shop

333689g.com

dyprl716h.xyz

pulseirabet.com

fnet.work

bo-2024-001-v1-d1.xyz

ongaurdsecurity.com

giulianacristini.com

miladamani.com

magicalrealmshopkeeper.online

Targets

- Target
  
  cb723d514a98b4d825222314945c680011cf2ba21dafd5cd9129fe144083b944.exe
- Size
  
  402KB
- MD5
  
  bb06ed23d87e32af51577a5c513154a4
- SHA1
  
  0465630ce40cd3eaf1e9f92daaccc16b9c3241e7
- SHA256
  
  cb723d514a98b4d825222314945c680011cf2ba21dafd5cd9129fe144083b944
- SHA512
  
  7915237ef8485cc63b57ce13adfffccf87510f896eac248299e3c5325c70a2e50b5657ed532ea09767c873d31afe3b956fbe807b6b4384ec6fa99836fb19d0a9
- SSDEEP
  
  6144:zmb3/3zvZ74J5spMIUYYKUeq7a/WUuufBvRiD5a:2v54Jq1B6L7UuupA
Score

10^/10

discovery formbook rn10 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2