Overview

overview

10

Static

static

SecuriteIn...77.exe

windows7-x64

10

SecuriteIn...77.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.W32.AIDetectNet.01.31977.9932

  • Size

    743KB

  • Sample

    220811-vppczaaabm

  • MD5

    7fec302fb7fda8d63cd8d9c466f01e5b

  • SHA1

    5b311b76fd7bc658f690078b6a23472a0b7faa86

  • SHA256

    763970f258b4eb5ee6ea668e1474af284bcb600d5ecddc7068188cd2ca5ee4d6

  • SHA512

    e042c72e6e7776ebda89412090e600328e551eff919b431138bd2a2f40af0279af5c9a66aa64ef73168a8ab8b011020f07d74e4a41cfb6a9b43b7df085622ca1

Score
10/10
formbookp94aratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

p94a

Decoy

wishgrove.com

parqueveiculos.com

spiderwebs.online

chulkanadham.com

cdtuan.net

zxazm.com

payment6528832.xyz

fengtaiol.com

bffsmovie.com

aliceseagerfitness.com

garisluruskonsulindo.website

analytical-gutter.net

ahcq8.com

fenyoga.com

ecleptic.cat

conjurecrafts.com

aquaway.date

apenpokkenschoonmaakbedrijf.com

zgramr.top

boweknives.site

Targets

    • Target

      SecuriteInfo.com.W32.AIDetectNet.01.31977.9932

    • Size

      743KB

    • MD5

      7fec302fb7fda8d63cd8d9c466f01e5b

    • SHA1

      5b311b76fd7bc658f690078b6a23472a0b7faa86

    • SHA256

      763970f258b4eb5ee6ea668e1474af284bcb600d5ecddc7068188cd2ca5ee4d6

    • SHA512

      e042c72e6e7776ebda89412090e600328e551eff919b431138bd2a2f40af0279af5c9a66aa64ef73168a8ab8b011020f07d74e4a41cfb6a9b43b7df085622ca1

    Score
    10/10
    formbookp94aratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks