Overview

overview

10

Static

static

3

TT-SWIFT-S...er.exe

windows7-x64

1

TT-SWIFT-S...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TT-SWIFT-Schindler.exe

  • Size

    2.4MB

  • Sample

    240617-qwvfcatanf

  • MD5

    c2105f208d13b645b762e3c592969bb8

  • SHA1

    9d1ee2c7c7f9fdf744f0bca64e26693aceaeabe9

  • SHA256

    2ee5255934af2f37c295770b441baf6f12e4483e7eb5281df70a4a0164521c70

  • SHA512

    23a1427df886d8f5b84b7ae6012905a9e3215785b95f59e0535fa003b2eef79594bcd8653c1bf7056ec1ff92b9cfded8a44055807b3d63f34046d531dcd5b64f

  • SSDEEP

    12288:C42m6rLTvbLZlRxTeOw7sR9yZRq+JtpHc0rC0V/77EfRGW6p0GCE9Kg:6m6rLzbtRTeF4crC0Vz7EfIW6p024g

Score
10/10
formbookm10eratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

m10e

Decoy

yallanal3b.store

centrumturkiye.net

ibl303.com

cobuyseattle.com

verdictvaultlegal.com

qak8b.live

www63396aa.com

libertydiscountcleaners.com

65a3.com

korabli.site

midsouthinssolutions.com

polakampus.site

pinadaycare.com

bhuzsvjwjyowlqe.xyz

www9143685.com

cbhconsulting.online

jesusparticles.info

tryih.com

imevqszk.xyz

gdelmt597c.top

Targets

    • Target

      TT-SWIFT-Schindler.exe

    • Size

      2.4MB

    • MD5

      c2105f208d13b645b762e3c592969bb8

    • SHA1

      9d1ee2c7c7f9fdf744f0bca64e26693aceaeabe9

    • SHA256

      2ee5255934af2f37c295770b441baf6f12e4483e7eb5281df70a4a0164521c70

    • SHA512

      23a1427df886d8f5b84b7ae6012905a9e3215785b95f59e0535fa003b2eef79594bcd8653c1bf7056ec1ff92b9cfded8a44055807b3d63f34046d531dcd5b64f

    • SSDEEP

      12288:C42m6rLTvbLZlRxTeOw7sR9yZRq+JtpHc0rC0V/77EfRGW6p0GCE9Kg:6m6rLzbtRTeF4crC0Vz7EfIW6p024g

    Score
    10/10
    formbookm10eratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks