formbook | 1259432f41bd872ef92450755035a516b40fcae624473c3dbd64efe7d89987b1 | Triage

Sharing

General

Target

Befehl.pdf.exe
Size

397KB
Sample

240819-jcdj6avcnj
MD5

134e7cb7484eabfbab70b96763bf9051
SHA1

d4c7881c41908a28908a32e46ab01e0f82afcbe4
SHA256

1259432f41bd872ef92450755035a516b40fcae624473c3dbd64efe7d89987b1
SHA512

059ad8b692b8a7b7a92e222bc82caf8b304063a924c75367d42477222185b98f6b31613db1699439a0a9b6b0b7de0ae0c56fea97bc3ec9c039f146b517cfa214
SSDEEP

6144:j1FxhzvZ74J5spMIUYYKUeq7a/WUuufzttMOtQb5:j7v54Jq1B6L7UuuLbM9b5

Score

10^/10

formbook rn10 discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

rn10

Decoy

kedai168et.com

mental-olympics.com

pussybuildsstrongbones.net

857691.shop

hisellers.net

exposurecophotography.com

beaded-boutique.net

wednesdayholdings.com

plesacv.xyz

manonlineros.com

a0204.shop

333689g.com

dyprl716h.xyz

pulseirabet.com

fnet.work

bo-2024-001-v1-d1.xyz

ongaurdsecurity.com

giulianacristini.com

miladamani.com

magicalrealmshopkeeper.online

Targets

- Target
  
  Befehl.pdf.exe
- Size
  
  397KB
- MD5
  
  134e7cb7484eabfbab70b96763bf9051
- SHA1
  
  d4c7881c41908a28908a32e46ab01e0f82afcbe4
- SHA256
  
  1259432f41bd872ef92450755035a516b40fcae624473c3dbd64efe7d89987b1
- SHA512
  
  059ad8b692b8a7b7a92e222bc82caf8b304063a924c75367d42477222185b98f6b31613db1699439a0a9b6b0b7de0ae0c56fea97bc3ec9c039f146b517cfa214
- SSDEEP
  
  6144:j1FxhzvZ74J5spMIUYYKUeq7a/WUuufzttMOtQb5:j7v54Jq1B6L7UuuLbM9b5
Score

10^/10

discovery formbook rn10 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

formbookrn10discoveryratspywarestealertrojan