formbook

General

Target

AC885D6C380D9945DC8D2A7DA3F9F11C8B4F5CCA0694ABB031D67009F8199213
Size

1.2MB
Sample

250103-jqedlsxqdn
MD5

2f9f420ce8696e4023df23d7fb12c87d
SHA1

fe38bf7aca5900eafae8fc160d9237ee78fbacc3
SHA256

ac885d6c380d9945dc8d2a7da3f9f11c8b4f5cca0694abb031d67009f8199213
SHA512

8cb054cd64fac8ebfcf2c841e05f884303862901f6eb55b5b9c84adb64d225bc3537b2d6d35be4fdecff34ed025cdb821f17f3d2cbdea5875f027c2999bd351b
SSDEEP

24576:eqDEvCTbMWu7rQYlBQcBiT6rprG8aWSl57vZtF9oRG3rP:eTvC/MTQYxsWR7aW4viGb

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

k94g

Decoy

nstandgoz.xyz

dhd-treatment-37310.bond

13s-braces-us-ze.fun

umdona.shop

96ph803ql.bond

kka9max.net

corporate-10.xyz

edicalassistance869840.online

lobalresources-bh.xyz

3145978.xyz

ovdaawebsite.online

etting-thailand.net

icloud.xyz

poxk.shop

25ks-ls72510.cyou

women.info

iwyrfbfvhv9.asia

luratu.xyz

ffordable-power-charger.today

edanuryilmaz.xyz

Targets

- Target
  
  AC885D6C380D9945DC8D2A7DA3F9F11C8B4F5CCA0694ABB031D67009F8199213
- Size
  
  1.2MB
- MD5
  
  2f9f420ce8696e4023df23d7fb12c87d
- SHA1
  
  fe38bf7aca5900eafae8fc160d9237ee78fbacc3
- SHA256
  
  ac885d6c380d9945dc8d2a7da3f9f11c8b4f5cca0694abb031d67009f8199213
- SHA512
  
  8cb054cd64fac8ebfcf2c841e05f884303862901f6eb55b5b9c84adb64d225bc3537b2d6d35be4fdecff34ed025cdb821f17f3d2cbdea5875f027c2999bd351b
- SSDEEP
  
  24576:eqDEvCTbMWu7rQYlBQcBiT6rprG8aWSl57vZtF9oRG3rP:eTvC/MTQYxsWR7aW4viGb
Score

10^/10

formbook k94g discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook family

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2