formbook

General

Target

cace2b741d02629edfde9bb2c833be3ca8f456e26d930f31e0e84115e5fcd61a
Size

807KB
Sample

240925-mcp5qszdrp
MD5

08e55c3f56211503ecf2675016d6879c
SHA1

35fac399416e5cfa1bf2938b670d41b0bd1c86e5
SHA256

cace2b741d02629edfde9bb2c833be3ca8f456e26d930f31e0e84115e5fcd61a
SHA512

22264f30f1e3e93e9a90607747327af87dfd4d9db0eb07c0887eaf9ce3734634aec78d8e7eba2c22055693cc6b31c68c375661355436b0633576877c432e0067
SSDEEP

24576:PiJHKKknrTvYn4WCFj3brJIVqym7Nl/XTL:sHKKknrTvu4bDy073DL

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

k94g

Decoy

nstandgoz.xyz

dhd-treatment-37310.bond

13s-braces-us-ze.fun

umdona.shop

96ph803ql.bond

kka9max.net

corporate-10.xyz

edicalassistance869840.online

lobalresources-bh.xyz

3145978.xyz

ovdaawebsite.online

etting-thailand.net

icloud.xyz

poxk.shop

25ks-ls72510.cyou

women.info

iwyrfbfvhv9.asia

luratu.xyz

ffordable-power-charger.today

edanuryilmaz.xyz

Targets

- Target
  
  29082024103711.uue.exe
- Size
  
  1.1MB
- MD5
  
  ab51c2953feb4e79fa1bfc3e90b3384f
- SHA1
  
  30fc5dd917ce3361943866497ed231d875b84928
- SHA256
  
  7e3e815abe2f87d670088db321e77e591a29824d734877eb33d15a6da25262b9
- SHA512
  
  70438bd9ac9bcc5d74d346374bee261086549d40aba517f4df3bb1b7994d97a076e6683937237d7d6bbef4882106e6b9935d3e7572bb56b778ebc9f1a4d1230f
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCiFjlhrzIBuyW7JH/wT5:7JZoQrbTFZY1iaCEJEA7hY5
Score

10^/10

formbook k94g discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2