SKM_C36821010708320.exe

General
Target

SKM_C36821010708320.exe

Size

766KB

Sample

210113-v4y6f614g6

Score
10 /10
MD5

15d8096422d137c7388908bb2be61ec4

SHA1

e67d261ef38eb251fb97a466d83c95e75d286ebe

SHA256

fae57c2f185899220dff608004ab571822fc14cc02aa7e30b1cd5db7be4beea8

SHA512

83d38e2e5540d1a2790f834e62bd1cc6978eae92c6d70ca875b72e0d33852473b68b36b99c4fe05e3c100283dee6353e45f907eecbb9369d730c17c5c20bb1f5

Malware Config

Extracted

Family formbook
C2

http://www.ameeraglow.com/6bu2/

Decoy

shuttergame.com

beyondregions.com

cuttingedgetinting.com

riveraspanishfoods.com

jfksn.com

rtplay2020.com

idahofallsobituaries.com

qf432.com

magandaconfections.com

suremlak.com

tuproductividadpersonal.com

ziswmyxaw.icu

howtolovemybody.com

signpartnerpro.com

conservative-forward.com

bhscsh.com

todowine.com

garrettthermaldetector.com

bunbook.com

ehealthla.com

mojacreations.com

2kantxt.com

aqustea.com

sheilataman.com

phymath.science

sctuba.com

columbusestatesseniorliving.com

opyalliy.pro

bestgiftforu.com

cad-office-iserlohn.com

gorgeus-girl-full-service.today

easthaus-modern.com

snoozefest.online

service-xwcrvxsz.icu

flavourcosmetics.com

news247alert.com

944ka.xyz

bcheap3dmall.com

crepkonnect.com

purelili.com

pushupbras.net

ctsafaris.com

sprinkleforever.com

engagingsci.coach

aihint.com

icxrus.com

7vitrines.com

mrsgariepy.com

bikewitha.pro

adv-assist.com

Targets
Target

SKM_C36821010708320.exe

MD5

15d8096422d137c7388908bb2be61ec4

Filesize

766KB

Score
10 /10
SHA1

e67d261ef38eb251fb97a466d83c95e75d286ebe

SHA256

fae57c2f185899220dff608004ab571822fc14cc02aa7e30b1cd5db7be4beea8

SHA512

83d38e2e5540d1a2790f834e62bd1cc6978eae92c6d70ca875b72e0d33852473b68b36b99c4fe05e3c100283dee6353e45f907eecbb9369d730c17c5c20bb1f5

Tags

Signatures

  • Formbook

    Description

    Formbook is a data stealing malware which is capable of stealing data.

    Tags

  • Formbook Payload

    Tags

  • Deletes itself

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1