formbook | d102c80796109d88222970309735b0dced68e86ea9b641e0ee11ad2706a3db1c | Triage

Sharing

General

Target

z61SwiftCopyOfPayment.exe
Size

1.1MB
Sample

240925-k17ctawhnl
MD5

f2ef24cf0f51c2f7b5f612243dcac938
SHA1

abc30508a040bb72079c289a922e6364ebf62c90
SHA256

d102c80796109d88222970309735b0dced68e86ea9b641e0ee11ad2706a3db1c
SHA512

5f5fffa434ff8832694f1422fbc8469f36c4e61252705ba5c723301a2d32c0714f3c4e0ffca6dc2b21ab75728f6efe9b5e531e216627fa9bdc70816f3de93f83
SSDEEP

24576:uRmJkcoQricOIQxiZY1iaCbApJSHxzkx2eHC:7JZoQrbTFZY1iaCGIadi

Score

10^/10

formbook jd21 discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jd21

Decoy

bankownedproperties-0.bond

slab-leak-repair-74697.bond

tvtwenty20sr.top

scw-iot.net

circusenergy.online

030002787.xyz

propertiesforrentus11.bond

defi-banksystem.online

gkbet168.net

joycasino-ed46.top

sctttc-or.top

borghardt.xyz

therealtorpeddler.info

macexpress.online

bobbyharvey.store

dating-dd-de.info

thetrue.one

alqahtani.site

mahlubini.africa

truck-driver-jobs-42274.bond

Targets

- Target
  
  z61SwiftCopyOfPayment.exe
- Size
  
  1.1MB
- MD5
  
  f2ef24cf0f51c2f7b5f612243dcac938
- SHA1
  
  abc30508a040bb72079c289a922e6364ebf62c90
- SHA256
  
  d102c80796109d88222970309735b0dced68e86ea9b641e0ee11ad2706a3db1c
- SHA512
  
  5f5fffa434ff8832694f1422fbc8469f36c4e61252705ba5c723301a2d32c0714f3c4e0ffca6dc2b21ab75728f6efe9b5e531e216627fa9bdc70816f3de93f83
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCbApJSHxzkx2eHC:7JZoQrbTFZY1iaCGIadi
Score

10^/10

formbook jd21 discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookjd21discoveryratspywarestealertrojan

behavioral2

formbookjd21discoveryratspywarestealertrojan