Overview

overview

10

Static

static

Nuevo orden pdf.exe

windows7_x64

10

Nuevo orden pdf.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nuevo orden pdf.exe

  • Size

    886KB

  • Sample

    210504-ann6at2ewn

  • MD5

    02a32cc05efbf5236a8c0928d3c9170e

  • SHA1

    fa3a639f15116da149b14d832b9255528f0bfe65

  • SHA256

    5930cfa7dd5664e104c299fce83451021349922b6b02774235eae6bd14fad464

  • SHA512

    22c8ba32af4a695410652d2d6fcbf79e1804eb9ffd4328f5377e20485052366f53467fc6691070787ae750d8c5b8304e446df803b0375ca45268bc1e264f26ea

Score
10/10
formbookratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.lovetarot.online/sqxs/

Decoy

creid-network.com

dinningatcastlehill.com

fundadilla.com

fashionmdeasy.com

magentos6.com

pushpartybdp.com

streamingnetwork.xyz

sevenredwalls.com

hsuehsun.space

leanbirthdaycake.com

rocketmortgagedeceit.com

cashflowdb.com

smilebringerdesign.com

naomicoleclinic.com

wingsforklift.com

newsounding.com

48hrbusinessrescue.pro

101osthoff456.com

attleticgreens.com

xx233.xyz

Targets

    • Target

      Nuevo orden pdf.exe

    • Size

      886KB

    • MD5

      02a32cc05efbf5236a8c0928d3c9170e

    • SHA1

      fa3a639f15116da149b14d832b9255528f0bfe65

    • SHA256

      5930cfa7dd5664e104c299fce83451021349922b6b02774235eae6bd14fad464

    • SHA512

      22c8ba32af4a695410652d2d6fcbf79e1804eb9ffd4328f5377e20485052366f53467fc6691070787ae750d8c5b8304e446df803b0375ca45268bc1e264f26ea

    Score
    10/10
    formbookratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks