Overview

overview

10

Static

static

SecuriteIn...03.exe

windows7-x64

10

SecuriteIn...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.W32.AIDetectNet.01.19103.4711

  • Size

    907KB

  • Sample

    220826-mtds2accf7

  • MD5

    6807429b32e437ff338145eb82c74158

  • SHA1

    b3938736b063030fec977173f82f87252fdf0ffa

  • SHA256

    c66ff049f11cfe883a9ddc52b37768ca54834392939c250daec1408a1be81abf

  • SHA512

    b0676a2211570daf62fa766539a5701a0a3db573771d05573e3bfede04aa0530115e68b0154cf0b30282eda33bb7b3960f82adc9d16a2fde9255a86923f5fedb

  • SSDEEP

    24576:KQrnanWsDcR2XbZskhTARuApCq/R5xS2I:xi/Di2XyuAwq/ZS

Score
10/10
formbookp94aratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

p94a

Decoy

wishgrove.com

parqueveiculos.com

spiderwebs.online

chulkanadham.com

cdtuan.net

zxazm.com

payment6528832.xyz

fengtaiol.com

bffsmovie.com

aliceseagerfitness.com

garisluruskonsulindo.website

analytical-gutter.net

ahcq8.com

fenyoga.com

ecleptic.cat

conjurecrafts.com

aquaway.date

apenpokkenschoonmaakbedrijf.com

zgramr.top

boweknives.site

Targets

    • Target

      SecuriteInfo.com.W32.AIDetectNet.01.19103.4711

    • Size

      907KB

    • MD5

      6807429b32e437ff338145eb82c74158

    • SHA1

      b3938736b063030fec977173f82f87252fdf0ffa

    • SHA256

      c66ff049f11cfe883a9ddc52b37768ca54834392939c250daec1408a1be81abf

    • SHA512

      b0676a2211570daf62fa766539a5701a0a3db573771d05573e3bfede04aa0530115e68b0154cf0b30282eda33bb7b3960f82adc9d16a2fde9255a86923f5fedb

    • SSDEEP

      24576:KQrnanWsDcR2XbZskhTARuApCq/R5xS2I:xi/Di2XyuAwq/ZS

    Score
    10/10
    formbookp94aratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks