Overview

overview

10

Static

static

3

80TeZdsbeA6B6j4.exe

windows7-x64

10

80TeZdsbeA6B6j4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80TeZdsbeA6B6j4.exe

  • Size

    606KB

  • Sample

    240704-r5vm5szfnh

  • MD5

    7442aa90a9c0f8cce9a010e6c0d02adc

  • SHA1

    3ade4ebfd27f0e827d1d5678702c18f5cb3b869b

  • SHA256

    af3cf8969b0fdaa379f685e9c822eb12d92c0b7103743671dcd006346ca6df78

  • SHA512

    20561792fb78f87d3ac8c941af91d9660b503872bdae4f6cbfd8dcd93c904f95f436ecd7edabf1c01165da942257ff4a2e4359fe531d1cb3d188f1b413293562

  • SSDEEP

    12288:RSBofC1PIC44NN91so6zo7/v75WaU4UzlrT8dggA5wFk1d+6D0i0:RS/16GX14zg375W4M2uyFYYxi

Score
10/10
formbookmc10ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mc10

Decoy

sttcorp.one

jack88.lat

owl-protect.com

hnszrrn.com

at89v2.com

h147.top

takle4creators.com

fondsa.xyz

mantenopolice.com

shophansler.com

dessertt.com

thecollisionmagazine.com

tatesfluffyfrenchies.com

h1f2v.rest

bluewandltd.com

cuplaho2003.shop

2thetcleaningservice.com

yc85w.top

natursache.shop

allmyabilities.com

Targets

    • Target

      80TeZdsbeA6B6j4.exe

    • Size

      606KB

    • MD5

      7442aa90a9c0f8cce9a010e6c0d02adc

    • SHA1

      3ade4ebfd27f0e827d1d5678702c18f5cb3b869b

    • SHA256

      af3cf8969b0fdaa379f685e9c822eb12d92c0b7103743671dcd006346ca6df78

    • SHA512

      20561792fb78f87d3ac8c941af91d9660b503872bdae4f6cbfd8dcd93c904f95f436ecd7edabf1c01165da942257ff4a2e4359fe531d1cb3d188f1b413293562

    • SSDEEP

      12288:RSBofC1PIC44NN91so6zo7/v75WaU4UzlrT8dggA5wFk1d+6D0i0:RS/16GX14zg375W4M2uyFYYxi

    Score
    10/10
    formbookmc10ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks