Overview

overview

10

Static

static

5

Maersk Ar...58.exe

windows7-x64

10

Maersk Ar...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Maersk Arrival Notice ready for Bill of Lading 238591458.exe

  • Size

    1.1MB

  • Sample

    240613-kr3y2awajp

  • MD5

    7d8eba7ae0e5cb213b8b3c8d202d69eb

  • SHA1

    2f4fdf21a78bf6128a3cffe55e916b7daad175c9

  • SHA256

    d67c467e851c6f18a79386dbbae7049d07c9c6381a98d141638eef7d83106373

  • SHA512

    38de5d3e64362d445e4d4469fded251d29a5502f980fe9a6fce710111f26f3efeb5e41ca8839ec391905cec46fc20cff16303412f84356f38456b5dac3193e43

  • SSDEEP

    24576:bAHnh+eWsN3skA4RV1Hom2KXMmHaDeipba5:2h+ZkldoPK8YaDTU

Score
10/10
formbookss63ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ss63

Decoy

catpig.xyz

chatladyanzensei7.site

onewayonepaydroptaxi.com

bima188.lol

wealth-km.online

seepao27200.top

6c958u9.lol

fbyu57ytsd.shop

baranetentegre.com

webaichimie.com

h3k38q2.lol

abicomsrl.com

338kp.vip

rescuecube.com

bubatz-t.com

psgluxuryapartments.com

goodfellowlawfirm.com

bais141.com

imingchu.com

ekzeanjfolzaks.top

Targets

    • Target

      Maersk Arrival Notice ready for Bill of Lading 238591458.exe

    • Size

      1.1MB

    • MD5

      7d8eba7ae0e5cb213b8b3c8d202d69eb

    • SHA1

      2f4fdf21a78bf6128a3cffe55e916b7daad175c9

    • SHA256

      d67c467e851c6f18a79386dbbae7049d07c9c6381a98d141638eef7d83106373

    • SHA512

      38de5d3e64362d445e4d4469fded251d29a5502f980fe9a6fce710111f26f3efeb5e41ca8839ec391905cec46fc20cff16303412f84356f38456b5dac3193e43

    • SSDEEP

      24576:bAHnh+eWsN3skA4RV1Hom2KXMmHaDeipba5:2h+ZkldoPK8YaDTU

    Score
    10/10
    formbookss63ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks