Overview

overview

10

Static

static

vv.exe

windows7_x64

10

vv.exe

windows10_x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vv.exe

  • Size

    775KB

  • Sample

    200707-vf2rm48l3e

  • MD5

    7507fa9b94527509a21acb9bfe828508

  • SHA1

    05caf17950016f78f93551a87456582778991a07

  • SHA256

    2edc612812919760be42de00fde052d6808281cd5009fb6050b21b67cc6db93f

  • SHA512

    44569de61755f46c4d3e6b190ab7c2ab426996dd36bb491b53a1b79f92a6f4cc287f2ca9ba790104b641f16770aea3130f6ea5a46cb03c0a23dbf35c83b79b35

Score
10/10
formbookpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      vv.exe

    • Size

      775KB

    • MD5

      7507fa9b94527509a21acb9bfe828508

    • SHA1

      05caf17950016f78f93551a87456582778991a07

    • SHA256

      2edc612812919760be42de00fde052d6808281cd5009fb6050b21b67cc6db93f

    • SHA512

      44569de61755f46c4d3e6b190ab7c2ab426996dd36bb491b53a1b79f92a6f4cc287f2ca9ba790104b641f16770aea3130f6ea5a46cb03c0a23dbf35c83b79b35

    Score
    10/10
    trojanspywarestealerformbookpersistence

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Adds Run entry to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks