formbook

General

Target

6d2540eeff1a42dc52bb8eae9b15b4486f6a345ac282e601509f9d98896ee769
Size

188KB
Sample

241121-ysn36awmc1
MD5

d2d23492e37c959820e2fbbbe8d6a4c0
SHA1

58c3d0da65b2f746c5465dc17d3f710a583e8dc3
SHA256

6d2540eeff1a42dc52bb8eae9b15b4486f6a345ac282e601509f9d98896ee769
SHA512

61fc1fe8055da484aa0780f123acd11ec61927ba6c5670cff9ec23a074894d8e58ea03930f0d85d4a60882f24304fa455740dc5e4795092323f6785130aa47cd
SSDEEP

3072:fp3qJHjpMt7WY5u9Qn77za5efqv20OQ6B55ESbRusSDt/M/MvVWcl9EGeK:fp6JDIih47K5i0h6B5KSbMMMvVWcXEG

Score

10^/10

Malware Config

Extracted

Family

formbook

Campaign

ncpr

Decoy

bVBX5DcJzr9yf94C3w==

pAza9ePFpFp759M=

GeHCdpsX/21yf94C3w==

A86m2jOAb2lCta5KjFGSBLa0Bdru/eQt

bEERX4lbMxXbYU3pYqPIU32+

XLFilcOTXqV04j9CxpgWTXS2

UQTWj58OqzP2ew==

MqVmrtvUwL+EuyI6FfY+xgYaxA==

Fe3ugYgE7GZT3UohKWCrog==

YsWZa7gt9HJXwDhOrwIWTXS2

9mk4g8/Nnlp759M=

g01M0Tsk/vVnrhpC5zZrpw==

ec6PYogewB7aZw==

JveT+/6JbtwGUcTPwA==

EO3y7N6/n5uK0eyQ+bdcU7x9zA==

SRMfKoboyEnEDYOUZWns8TU=

kW15b1o+IOtNpgst5zZrpw==

gUo40RWBHijfIAiuuMdrKA+WMdA=

HvDy2QVdG2cjuiJC7WrE6i4=

uwOMiN8j6q9/966Mltg=

Targets

- Target
  
  6d2540eeff1a42dc52bb8eae9b15b4486f6a345ac282e601509f9d98896ee769
- Size
  
  188KB
- MD5
  
  d2d23492e37c959820e2fbbbe8d6a4c0
- SHA1
  
  58c3d0da65b2f746c5465dc17d3f710a583e8dc3
- SHA256
  
  6d2540eeff1a42dc52bb8eae9b15b4486f6a345ac282e601509f9d98896ee769
- SHA512
  
  61fc1fe8055da484aa0780f123acd11ec61927ba6c5670cff9ec23a074894d8e58ea03930f0d85d4a60882f24304fa455740dc5e4795092323f6785130aa47cd
- SSDEEP
  
  3072:fp3qJHjpMt7WY5u9Qn77za5efqv20OQ6B55ESbRusSDt/M/MvVWcl9EGeK:fp6JDIih47K5i0h6B5KSbMMMvVWcXEG
Score

10^/10

formbook ncpr rat spyware stealer trojan discovery
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2