Overview

overview

10

Static

static

1

jetsoff887453.exe

windows7-x64

10

jetsoff887453.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5A1F5C9AFD9762D7813453E8FD7017ED1CC61E991CB850B9A0D1D689E554F553

  • Size

    213KB

  • Sample

    221116-zac4lsgg6w

  • MD5

    45c514b9ffb30c922c271b5c8cc8141d

  • SHA1

    1ef67259d41f9dec7c077e6cb559099c4f2e49fc

  • SHA256

    5a1f5c9afd9762d7813453e8fd7017ed1cc61e991cb850b9a0d1d689e554f553

  • SHA512

    f5491622fdb35579f27153687e6fd120379ceb8b2fee2c1d815068173d9e949c9b1fa414c6be0ffce29088d5e6c2a7cfdb39cdb2e1cacf43ddd1232782cb4297

  • SSDEEP

    6144:MYvI1U/P1j0fXTgBF+PhfM3lhaDcPbUSnHnQFIxD5pE:MYvI1APB0y+ZfM3lADc4EQCxnE

Score
10/10
formbookje14ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

je14

Decoy

innervisionbuildings.com

theenergysocialite.com

565548.com

panghr.com

onlyonesolutions.com

stjohnzone6.com

cnotes.rest

helfeb.online

xixi-s-inc.club

easilyentered.com

theshopx.store

mrclean-ac.com

miamibeachwateradventures.com

jpearce.co.uk

seseragi-bunkou.com

minimaddie.com

commbank-help-849c3.com

segohandelsonderneming.com

namthanhreal.com

fototerapi.online

Targets

    • Target

      jetsoff887453.exe

    • Size

      226KB

    • MD5

      1eea2dfdae7eb894956ca1c1640f68c5

    • SHA1

      d84785baefe3f1fce5bbd9cf93c03bb09d8a20e8

    • SHA256

      45b23c325946154b6990adf193926f99019ccc14f815a9768c208494197d3208

    • SHA512

      64efce3783fd512b03cff3e3c3b93bda7ddf793f199e64809a13c64b948e91deb68dddb1394e5a24353ab42012df88e4a7f0a213b29e9ae3f006bff19755572d

    • SSDEEP

      6144:MEa0NOhe6ib7DKeu/cIJyJJnJCDTRn5lAAfh:XONibPeOJnJY9Dh

    Score
    10/10
    formbookje14ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks