formbook | 03269bda6be4990239d665ef46687005678b5d7cb217b7a65219d7927cc78420 | Triage

Sharing

General

Target

21092024_0117_20092024_e-Invoice.zip
Size

806KB
Sample

240921-bnw7msybra
MD5

9044dd2fd0a6329abb0ff8176759aedc
SHA1

f7158b29927d6557e5c3758031d35c9e7124d1cc
SHA256

03269bda6be4990239d665ef46687005678b5d7cb217b7a65219d7927cc78420
SHA512

09253f99077b212be0fef7c9e333dd3340f24aaa96084b750e11efcdc50bf27f779fc5b42e05856b4464db4cb40030afca8e699294dbaf44b6d5207ea869f086
SSDEEP

24576:TzaqtRE5KkvYGknBJ8wjqJ1lly3KKwkxg4:fDWKkwGIwwS4ZwkJ

Score

10^/10

formbook c89p discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

c89p

Decoy

ftersaleb.top

dcustomdesgins.net

ostbet2024.live

rhgtrdjdjytkyhretrdjfytd.buzz

atauniversity.tech

idoctor365.net

x-design-courses-29670.bond

ellowold-pc.top

ransportationmmsytpro.top

areerfest.xyz

artiresbah-in.today

ijie.pro

torehousestudio.info

69-11-luxury-watches.shop

earing-tests-44243.bond

hits.shop

hzl9.bond

lood-test-jp-1.bond

livialiving.online

usymomsmakingmoney.online

Targets

- Target
  
  e-Invoice.exe
- Size
  
  1.1MB
- MD5
  
  9cff570bbd99193ba8618ba6c5491a13
- SHA1
  
  3848185fe5c08b05b27fbfa65cfadbf3096e908d
- SHA256
  
  ede8ae39d91066365f959fc9c98f0b47add88604ce95829a9618a15274faef3f
- SHA512
  
  191376aa71d6119d270a13692e8eadd06a492bc6777313fcc7bc27ebdc3244e902703bd8b206c3bfddf353131e1c2c9b7014e346649d1eb691d426d13764b34b
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaC+BJ8a3qVH/by3Q4w0jgo:7JZoQrbTFZY1iaC+wakmnw0X
Score

10^/10

formbook c89p discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookc89pdiscoveryratspywarestealertrojan

behavioral2

formbookc89pdiscoveryratspywarestealertrojan