formbook

General

Target

JaffaCakes118_9b354b92d2c5becdc341db31ec8c5824e107844f900219f11872d74d7d5259cc
Size

575KB
Sample

241225-tskzaaxrbw
MD5

2564106613e613e8f59ce0d8c0cb133d
SHA1

5d747ad3d72b29a62969f7a7ff55272b777162b2
SHA256

9b354b92d2c5becdc341db31ec8c5824e107844f900219f11872d74d7d5259cc
SHA512

51f5d732f5dfe3d536d1490366b66fba9a5bf58a20d817a539d311834ffc668c878dda45656c04d3ac7e42461d46b99d706d92f76402f0e292e096d0d8ad5cc4
SSDEEP

12288:OUZHZrBu7aBd5dBoBz3chUZHZrBu7aBd5dBoBz3c:NJd9dyJVJd9dyJ

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ef9s

Decoy

uglycurves.com

onseruim.xyz

watsonmetaverse.com

metapunter.online

hongxiuzai2.com

joyofdancemovement.com

tonextstation.com

nexxxt.cloud

1socc.com

yuanqinghao.icu

palikosacademy.com

odyssey-economist.com

makandcheesecakes.com

brutal-cv.review

x2bm.xyz

saveourcountry.icu

bussshst.xyz

dhimasweb.xyz

freedomlast.com

qeqeqe.online

Targets

- Target
  
  2021-11-08_10-53.exe
- Size
  
  367KB
- MD5
  
  ecb84031e5d8da0d04377ed332364ed4
- SHA1
  
  ae8a576f346b80eef7893f8e47fce6e20317e0e7
- SHA256
  
  42e3407ee7eeca6eca0bf3d45cdea37e09ee82574890787d6338c65f3865e310
- SHA512
  
  43d195444dfeaab096ebefee8351562a02c4b674ddd11ebaa2a0a5cb982a4679273ce655e30302677f36e6f4107db6971a262a2eb7f8a247f15023041ff446e1
- SSDEEP
  
  6144:qWJJTsPsxnDn17gEkSznYaFeZqaWKFHeuzbgwu6L7ITsqSigaTwVf:/JJ1rhgLSEUtunnn7s
Score

10^/10

formbook ef9s rat spyware stealer trojan discovery
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
behavioral1 behavioral2
- Target
  
  bin_2021-11-08_10-53/bin_2021-11-08_10-53.exe
- Size
  
  367KB
- MD5
  
  ecb84031e5d8da0d04377ed332364ed4
- SHA1
  
  ae8a576f346b80eef7893f8e47fce6e20317e0e7
- SHA256
  
  42e3407ee7eeca6eca0bf3d45cdea37e09ee82574890787d6338c65f3865e310
- SHA512
  
  43d195444dfeaab096ebefee8351562a02c4b674ddd11ebaa2a0a5cb982a4679273ce655e30302677f36e6f4107db6971a262a2eb7f8a247f15023041ff446e1
- SSDEEP
  
  6144:qWJJTsPsxnDn17gEkSznYaFeZqaWKFHeuzbgwu6L7ITsqSigaTwVf:/JJ1rhgLSEUtunnn7s
Score

10^/10

formbook ef9s rat spyware stealer trojan discovery
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook family

Formbook payload

Formbook

Formbook family

Formbook payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4