Overview

overview

10

Static

static

1

2938377373...74.exe

windows7_x64

10

2938377373...74.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29383773738387477474774.exe

  • Size

    617KB

  • Sample

    211111-vm9acsbgb8

  • MD5

    5acf0ea10b1a066dc0e959b16775b65a

  • SHA1

    53c8f522717f86b011396816a2ded4d01a33b0c8

  • SHA256

    418718725035504832c3febfb2372a9a5bb117d9811dcc67d1f290f8dd9900f4

  • SHA512

    377a4ef79d36e4d91542a2d8f1e47c06d13f78ed12e3047b5a933a04e6cb2bb2d3a11d93f3983818b02e3984338de1e7c2ff0d910b0c436fee2cd840c7ca17e3

Score
10/10
formbookob7yratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ob7y

C2

http://www.metanewsroom.net/ob7y/

Decoy

ipsdjf.com

mlphntec.com

restaurant-day.store

writeramylong.com

flokigamefi.com

usetianyi.xyz

punishstrikebreaker.quest

ericnfleming.com

dhhwtieen.xyz

milfhackers.com

fewefie.store

pithstsdiet.store

kirsten-hemmerich.com

casinolopoca.com

sigag.xyz

geilepoes.com

metawhatsapp.art

sarjin.xyz

toprabatte.net

lotofbrave.club

Targets

    • Target

      29383773738387477474774.exe

    • Size

      617KB

    • MD5

      5acf0ea10b1a066dc0e959b16775b65a

    • SHA1

      53c8f522717f86b011396816a2ded4d01a33b0c8

    • SHA256

      418718725035504832c3febfb2372a9a5bb117d9811dcc67d1f290f8dd9900f4

    • SHA512

      377a4ef79d36e4d91542a2d8f1e47c06d13f78ed12e3047b5a933a04e6cb2bb2d3a11d93f3983818b02e3984338de1e7c2ff0d910b0c436fee2cd840c7ca17e3

    Score
    10/10
    formbookob7yratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks