Overview

overview

10

Static

static

e58bbe8181...6d.exe

windows7_x64

10

e58bbe8181...6d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e58bbe8181fc690e1b6d806514afaa6d.exe

  • Size

    871KB

  • Sample

    210114-d3p1b9byna

  • MD5

    e58bbe8181fc690e1b6d806514afaa6d

  • SHA1

    351a819674f7293a00dfed0f9e8c08a1dadad562

  • SHA256

    30dd3160b2a93b2b20726e2707ad4781b8e6e3802865fc1f0582a3b9eb1644e0

  • SHA512

    717ff39223e387d82e7b2fee06f9866bdcf86bfbaf5c7d42c435a568d7998810dd18a8703d345657badb13a54b4620cb2201739c28b08a4c0e52185c609e64d1

Score
10/10
formbookratspywarestealertrojan

Malware Config

Extracted

Family

formbook

C2

http://www.bytecommunication.com/aky/

Decoy

jeiksaoeklea.com

sagame-auto.net

soloseriolavoro.com

thecreatorsbook.com

superskritch.com

oroxequipment.com

heart-of-art.online

liwedfg.com

fisherofsouls.com

jota.xyz

nehyam.com

smart-contact-delivery.com

hoom.guru

dgryds.com

thesoakcpd.com

mishv.com

rings-factory.info

bero-craft-beers.com

podcastnamegenerators.com

856379813.xyz

Targets

    • Target

      e58bbe8181fc690e1b6d806514afaa6d.exe

    • Size

      871KB

    • MD5

      e58bbe8181fc690e1b6d806514afaa6d

    • SHA1

      351a819674f7293a00dfed0f9e8c08a1dadad562

    • SHA256

      30dd3160b2a93b2b20726e2707ad4781b8e6e3802865fc1f0582a3b9eb1644e0

    • SHA512

      717ff39223e387d82e7b2fee06f9866bdcf86bfbaf5c7d42c435a568d7998810dd18a8703d345657badb13a54b4620cb2201739c28b08a4c0e52185c609e64d1

    Score
    10/10
    formbookratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks