Overview

overview

10

Static

static

1

v0hRSGca3D2Z7cW.exe

windows7-x64

1

v0hRSGca3D2Z7cW.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    v0hRSGca3D2Z7cW.exe

  • Size

    779KB

  • Sample

    240428-kxqwnacd4t

  • MD5

    79869ac2557f532c7db50785f59f8057

  • SHA1

    4458bc01d37a3a3feb24b8da5b9f8190356c59d8

  • SHA256

    6465b2c5702a723c7229e33fdf38676e3b0e0049b5b632e2fe6e210713f6a7e7

  • SHA512

    b2079da931d878accc6c2f7f81f07b313689bcbeccb7319a3b1fac7dcf3abfc44406a40d48215bd8d74519bed1d266a3ccb81549b5fe14bd41c4600698647fea

  • SSDEEP

    12288:HuqnHvjNIrpf9rN/mc/ChYgp70NtH95FYIqe17df6dFFHCApvlmJg0kR:H7PjKr5BNDUYgl8tdDY1qBf6d/HCApdr

Score
10/10
formbookbe03ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

be03

Decoy

458q14v4ams2.com

priceoctopus.com

betinplay.xyz

bcnd.xyz

1510soliveavenue.com

mcdpropertypros.com

reddcrownexpress.com

rewardlabs.shop

burenbrand.com

revand.io

tractionendurancecoaching.com

jotaerreshopp.com

shopboyg.com

dakor.shop

groundswellmag.life

nehagadodia.com

dancarellibizbroker.com

meconline.co

ttmq.cc

thegoldenyouph.com

Targets

    • Target

      v0hRSGca3D2Z7cW.exe

    • Size

      779KB

    • MD5

      79869ac2557f532c7db50785f59f8057

    • SHA1

      4458bc01d37a3a3feb24b8da5b9f8190356c59d8

    • SHA256

      6465b2c5702a723c7229e33fdf38676e3b0e0049b5b632e2fe6e210713f6a7e7

    • SHA512

      b2079da931d878accc6c2f7f81f07b313689bcbeccb7319a3b1fac7dcf3abfc44406a40d48215bd8d74519bed1d266a3ccb81549b5fe14bd41c4600698647fea

    • SSDEEP

      12288:HuqnHvjNIrpf9rN/mc/ChYgp70NtH95FYIqe17df6dFFHCApvlmJg0kR:H7PjKr5BNDUYgl8tdDY1qBf6d/HCApdr

    Score
    10/10
    formbookbe03ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks