Overview

overview

10

Static

static

74489f3a31...8d.exe

windows7-x64

10

74489f3a31...8d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74489f3a31c0ade073151f7bb046d245e1ab29a436a5b93b1fe42b353f00828d

  • Size

    1.0MB

  • Sample

    221003-kx44aahcfl

  • MD5

    922d8a7ed88d75b8cc2b971d0e464044

  • SHA1

    7360809341a6d72704ef85a3abbbf914ff5f6c4a

  • SHA256

    74489f3a31c0ade073151f7bb046d245e1ab29a436a5b93b1fe42b353f00828d

  • SHA512

    a5ea853d5d87b77131c1d9f165f50a7295fc190aeb69887cbce7e19c9e0fca930fccfb0428b583fdc2065c5c8851878e02348f50f7f69a20e213b4d5d23d9888

  • SSDEEP

    24576:vq0o170veaGP3QerQrSKs9dTGL1y48l9omDW5wbJ:vqTpAaoecr7XP0imjb

Score
10/10
formbookc1noratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

c1no

Decoy

NOAZ1GtFnUx1bqjUWmD6

sUBk3CYAoWuQfq3UWmD6

5vwrVl0msDtpEkYt

VtL6sSoIchhMStcj5DxYbm3FBw==

BKjy1ZxyhhuJ2guPWUI=

eAgklPLAE7zgqOmwRqPNOQLXz1Y=

aApC9n9Zp0ZhObwjLLLUAg1cjsx6Lg==

OrLZYLeFBavC1cD5+A==

jJm87eu4hy/QMbYE/wzDRQLXz1Y=

s63OS5RsBKrY3FurpDZXbm3FBw==

hyxwKsePxJNCwwejbEg=

l5667e2vQOkM4hFPE5yA0Q==

wTtVQBT04YkyoNKoN53GFV9m2hpS

+pzWhBnS26FJqiRyZXQrqR1Ow/1B

d/VHx031x5W2

GjhhiKSDZ/1txQejbEg=

nDhRjp5e9JeQiKzm+gqI41hdV5nFhsI=

ws4wtUMZYA1pEkYt

GazXV6Fr6akfcvxEOcbpTTCmMEq7Jg==

2vAOHufF5MT6VdU=

Targets

    • Target

      74489f3a31c0ade073151f7bb046d245e1ab29a436a5b93b1fe42b353f00828d

    • Size

      1.0MB

    • MD5

      922d8a7ed88d75b8cc2b971d0e464044

    • SHA1

      7360809341a6d72704ef85a3abbbf914ff5f6c4a

    • SHA256

      74489f3a31c0ade073151f7bb046d245e1ab29a436a5b93b1fe42b353f00828d

    • SHA512

      a5ea853d5d87b77131c1d9f165f50a7295fc190aeb69887cbce7e19c9e0fca930fccfb0428b583fdc2065c5c8851878e02348f50f7f69a20e213b4d5d23d9888

    • SSDEEP

      24576:vq0o170veaGP3QerQrSKs9dTGL1y48l9omDW5wbJ:vqTpAaoecr7XP0imjb

    Score
    10/10
    formbookc1noratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks