Overview

overview

10

Static

static

3

327vRde1h3nsEEG.exe

windows7-x64

10

327vRde1h3nsEEG.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    327vRde1h3nsEEG.exe

  • Size

    684KB

  • Sample

    240705-ktvqfayajf

  • MD5

    f665dfddb68cd78380ddf97c1194f475

  • SHA1

    1345e5c2fe0ebe79f4d9bd842f69cc789a29bfc2

  • SHA256

    0b6552f35a24fdef4ea92e7a0f48775178603092f271c406568ead3851cc37dd

  • SHA512

    1b430fc947d44d9c823c73038ed8f9b4b8a361cc8db52330c58d133dc0e6eda4fb719dd5662ce29703b4ab05e106e81d1848a91797bc52740f56b696a2406c98

  • SSDEEP

    12288:Eon5t/oCK1R0bMfzqKka41XtFVMxkeB69sMB8zFQRvuu89wCCwhas:3At0bmzrkD1Hax+s7zaCCw

Score
10/10
formbookmc10ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mc10

Decoy

sttcorp.one

jack88.lat

owl-protect.com

hnszrrn.com

at89v2.com

h147.top

takle4creators.com

fondsa.xyz

mantenopolice.com

shophansler.com

dessertt.com

thecollisionmagazine.com

tatesfluffyfrenchies.com

h1f2v.rest

bluewandltd.com

cuplaho2003.shop

2thetcleaningservice.com

yc85w.top

natursache.shop

allmyabilities.com

Targets

    • Target

      327vRde1h3nsEEG.exe

    • Size

      684KB

    • MD5

      f665dfddb68cd78380ddf97c1194f475

    • SHA1

      1345e5c2fe0ebe79f4d9bd842f69cc789a29bfc2

    • SHA256

      0b6552f35a24fdef4ea92e7a0f48775178603092f271c406568ead3851cc37dd

    • SHA512

      1b430fc947d44d9c823c73038ed8f9b4b8a361cc8db52330c58d133dc0e6eda4fb719dd5662ce29703b4ab05e106e81d1848a91797bc52740f56b696a2406c98

    • SSDEEP

      12288:Eon5t/oCK1R0bMfzqKka41XtFVMxkeB69sMB8zFQRvuu89wCCwhas:3At0bmzrkD1Hax+s7zaCCw

    Score
    10/10
    formbookmc10ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks