c47f67b3b696c414c6877e088c13cd6b569586f41fb8c0b4341276d6130546ce | Triage

Submit
Reports

Overview

overview

Static

static

Purchase O...es.exe

windows7-x64

Purchase O...es.exe

windows10-2004-x64

Sharing

General

Target

Purchase Order Frank Manufactures.exe
Size

1.3MB
Sample

220725-bnyqgahabm
MD5

32434444d1b2d9901449af917cf18c45
SHA1

f673c3a29258d7b0d540e6fb83c3d22059ad760b
SHA256

c47f67b3b696c414c6877e088c13cd6b569586f41fb8c0b4341276d6130546ce
SHA512

b994784d3228704f2ace28b7f0f2081cd83c4c8af1cbd4e6ee7fe4eea11b80cb7cd69ad451a04a37130eb7c79b55f6ee02c32e0cda249a5d9769ea13bbd0d7ee

Score

10^/10

suricata

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order Frank Manufactures.exe

Resource

win7-20220715-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Purchase Order Frank Manufactures.exe

Resource

win10v2004-20220721-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Purchase Order Frank Manufactures.exe
- Size
  
  1.3MB
- MD5
  
  32434444d1b2d9901449af917cf18c45
- SHA1
  
  f673c3a29258d7b0d540e6fb83c3d22059ad760b
- SHA256
  
  c47f67b3b696c414c6877e088c13cd6b569586f41fb8c0b4341276d6130546ce
- SHA512
  
  b994784d3228704f2ace28b7f0f2081cd83c4c8af1cbd4e6ee7fe4eea11b80cb7cd69ad451a04a37130eb7c79b55f6ee02c32e0cda249a5d9769ea13bbd0d7ee
Score

10^/10

suricata
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- suricata: ET MALWARE FormBook CnC Checkin (POST) M2
  suricata: ET MALWARE FormBook CnC Checkin (POST) M2
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy