formbook | 270ae3c9673c2f6d3e11e5dab49d33741c7a24fb493beca2876abcbb5901db9d | Triage

Sharing

General

Target

RE01.exe.sc
Size

520KB
Sample

241230-cnwfsavkgq
MD5

6544d732fba17d55644a72fd352b89c4
SHA1

d6dbced2975720f23d0cac726e4a8dea81b65544
SHA256

270ae3c9673c2f6d3e11e5dab49d33741c7a24fb493beca2876abcbb5901db9d
SHA512

fda2dc083fb2c77e738c1100f7de3a75fd697a7f2980feb8e5781878c63ac1df17400cbd20f30465c3b32e0309e96be50971244c0294b2857a8459535d12e56a
SSDEEP

6144:6Qttl0WdGjFZichhs1HK69P/8newQ96mQYwEAhG:37bdGjeEm1/t8newQ96uwZhG

Score

10^/10

formbook be discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

be

Decoy

rihamc.com

boundlesslc.com

friendsandfoundationhpl.info

coryanneva.com

trackdaybuddy.com

f-cielo.com

cnyoubu.com

jewellrybyrhomel.com

mineopqq.site

rapidqi.com

iprugby.net

suzhoufuyao.com

codinghome.net

aliqua3.com

swashbucklr.com

radiosityandroid.com

parpanama.com

mixtapebooster.com

vermudes.com

sisutechpartners.com

Targets

- Target
  
  RE01.exe.sc
- Size
  
  520KB
- MD5
  
  6544d732fba17d55644a72fd352b89c4
- SHA1
  
  d6dbced2975720f23d0cac726e4a8dea81b65544
- SHA256
  
  270ae3c9673c2f6d3e11e5dab49d33741c7a24fb493beca2876abcbb5901db9d
- SHA512
  
  fda2dc083fb2c77e738c1100f7de3a75fd697a7f2980feb8e5781878c63ac1df17400cbd20f30465c3b32e0309e96be50971244c0294b2857a8459535d12e56a
- SSDEEP
  
  6144:6Qttl0WdGjFZichhs1HK69P/8newQ96mQYwEAhG:37bdGjeEm1/t8newQ96uwZhG
Score

10^/10

discovery formbook be rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

formbookbediscoveryratspywarestealertrojan