General

  • Target

    26006717388ba82289d13403ed220f37.exe

  • Size

    847KB

  • Sample

    220126-s1xsdafbe5

  • MD5

    26006717388ba82289d13403ed220f37

  • SHA1

    72b108134cac9476fb1eccb6cdbcc8a2e6127c55

  • SHA256

    fccb02b0403cae9441c58753519e4c216735cf2bdce838c8ad2b26b35fd59493

  • SHA512

    67bd2d6906194b48f36eb1a47152cd91ed8ae323894f5dbf281fc55674e85ffee76798a3b9c448d4d2c569722845a63bb849b66ae798a087c174931d92ed2e30

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

qugo

Decoy

sathapornstainlesssteel.com

everythingisaninvestment.com

appsbyraf.com

superhornygirl.club

christmastreeclass.com

cheatdayztogo.com

aadent7.com

divinitypath.com

figuli563.com

distanzalojistik.com

pricelesslookyto-looktoday.info

pcaaems.com

itsnewmovie.com

4kx.claims

rental-aruyo.com

psiek.com

justnobleempress.com

40daysfor40nights.com

91266w.com

csi-texas.biz

Targets

    • Target

      26006717388ba82289d13403ed220f37.exe

    • Size

      847KB

    • MD5

      26006717388ba82289d13403ed220f37

    • SHA1

      72b108134cac9476fb1eccb6cdbcc8a2e6127c55

    • SHA256

      fccb02b0403cae9441c58753519e4c216735cf2bdce838c8ad2b26b35fd59493

    • SHA512

      67bd2d6906194b48f36eb1a47152cd91ed8ae323894f5dbf281fc55674e85ffee76798a3b9c448d4d2c569722845a63bb849b66ae798a087c174931d92ed2e30

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook Payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks