formbook

General

Target

a68bc9acb795949fa2d0ee4a4ea0d7242ed87c9a3017af29a8bca49e6814ae37.exe
Size

607KB
Sample

240831-b5xjqsydrf
MD5

690b2cd2a36fa7511b2d935a1efdc47f
SHA1

588f35c534c2ed93368446a25dde5f964119119f
SHA256

a68bc9acb795949fa2d0ee4a4ea0d7242ed87c9a3017af29a8bca49e6814ae37
SHA512

5c96a1de338f2994693d0316e72a287ef0001926ca6a24d436d07d7d4e9c381a3bc1226cf567c16f5f600cd2b472130822798dd00ca9cfde09e4257c062db9ff
SSDEEP

12288:tVVln+HKifVQp+l3qRzNFCRZpUEmTITBDnjgqwEi87wruW:5dCKwQpM3wZIHUypjgqri87+uW

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

hc58

Decoy

reunioncoins.com

slot88win.today

diamondcarp.com

poke138.site

cratermaketing.com

mutokiva.website

thstocks5.online

openaquasurge.com

prodsdigital.com

exileescape.com

iqcjuetaudtj.com

bwexhaustprofl.com

indiglobalconnect.com

pushkeyclub.com

stephvin.top

lifebione.com

hannahmegery.com

brookchivell.com

bioskyline.com

nonprofitgrants.online

Targets

- Target
  
  a68bc9acb795949fa2d0ee4a4ea0d7242ed87c9a3017af29a8bca49e6814ae37.exe
- Size
  
  607KB
- MD5
  
  690b2cd2a36fa7511b2d935a1efdc47f
- SHA1
  
  588f35c534c2ed93368446a25dde5f964119119f
- SHA256
  
  a68bc9acb795949fa2d0ee4a4ea0d7242ed87c9a3017af29a8bca49e6814ae37
- SHA512
  
  5c96a1de338f2994693d0316e72a287ef0001926ca6a24d436d07d7d4e9c381a3bc1226cf567c16f5f600cd2b472130822798dd00ca9cfde09e4257c062db9ff
- SSDEEP
  
  12288:tVVln+HKifVQp+l3qRzNFCRZpUEmTITBDnjgqwEi87wruW:5dCKwQpM3wZIHUypjgqri87+uW
Score

10^/10

formbook hc58 discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2