Overview

overview

10

Static

static

3

rAXDBwN46Wuxlc8.exe

windows7-x64

10

rAXDBwN46Wuxlc8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rAXDBwN46Wuxlc8.exe

  • Size

    593KB

  • Sample

    240627-yyl6ra1aqp

  • MD5

    1c35913e1129c47ca535b3aea8d90078

  • SHA1

    35f1cbcd7a52a3e1441d0f8cd67076e75b260b7a

  • SHA256

    9c5ada1bea0116faaa4cb16f966f2fa5af05d79293b2cb3b953d22d0d17ae680

  • SHA512

    a06df95313ed8708aaa34674041b3fe75122574ae334b69295ea049c110e5893143cd0ccfb0140eecebe7c15ed518e6c90a5f978569ba417fed41333d85dfe8d

  • SSDEEP

    12288:V0JJwqLx/cHWzonE/DpX3Rx3UOMkPwCJTNmSWEtUP8XcoESZRYT57:VZtHEdX3H3eCJTNGrYXY

Score
10/10
formbookdy13ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dy13

Decoy

manga-house.com

kjsdhklssk51.xyz

b0ba138.xyz

bt365033.com

ccbsinc.net

mrwine.xyz

nrxkrd527o.xyz

hoshi.social

1912ai.com

serco2020.com

byfchfyr.xyz

imuschestvostorgov.online

austinheafey.com

mrdfa.club

883106.photos

profitablefxmarkets.com

taini00.net

brye.top

ginsm.com

sportglid.com

Targets

    • Target

      rAXDBwN46Wuxlc8.exe

    • Size

      593KB

    • MD5

      1c35913e1129c47ca535b3aea8d90078

    • SHA1

      35f1cbcd7a52a3e1441d0f8cd67076e75b260b7a

    • SHA256

      9c5ada1bea0116faaa4cb16f966f2fa5af05d79293b2cb3b953d22d0d17ae680

    • SHA512

      a06df95313ed8708aaa34674041b3fe75122574ae334b69295ea049c110e5893143cd0ccfb0140eecebe7c15ed518e6c90a5f978569ba417fed41333d85dfe8d

    • SSDEEP

      12288:V0JJwqLx/cHWzonE/DpX3Rx3UOMkPwCJTNmSWEtUP8XcoESZRYT57:VZtHEdX3H3eCJTNGrYXY

    Score
    10/10
    formbookdy13ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks