Overview

overview

10

Static

static

ORDEN DE C...df.exe

windows7-x64

10

ORDEN DE C...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ORDEN DE COMPRA DE DICIEMBRE pdf.zip

  • Size

    439KB

  • Sample

    221130-sblc2sae64

  • MD5

    8debb09f0b82017d7cf26ca9c645f85b

  • SHA1

    757d900b36b1c4d9e364ba7b1a590d04c3f1f872

  • SHA256

    b6af4d62365de0a1bd4af15eb2012438146996caba9eab8ac1a89e904c8eca30

  • SHA512

    ce3c199f89e59f34da3efd7ad750936e2f0d615224357ac391d38225691bab281824bed3940176cea130319f80ed3c8423a5e292a2b2086319575c8546e5aeef

  • SSDEEP

    6144:bTiWVJdMCaA+wMkY08sso3K4hu+Ho1rNxsFTdKCPbKjVb79tJqn7IqnZspp:KCdzahXtss14A+ICF4CzuR3y7IqZspp

Score
10/10
formbookd0a7ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

d0a7

Decoy

ngpjqd.top

provider1.net

themetaverseloyalties.com

tylpp.com

pmjewels.com

87napxxgz8x86a.com

djolobal.com

fmbmaiamelo.com

naijabam.online

networkingbits.com

beesweet.live

sexarab.homes

promptcompete.com

midsouthradio.com

23mk.top

bnhkit.xyz

2ozp56.bond

vehiclesgroups.com

healthycommunitynow.com

cwzmesr.com

Targets

    • Target

      ORDEN DE COMPRA DE DICIEMBRE pdf.exe

    • Size

      573KB

    • MD5

      e5666f11a9f07f0b5754f6e24be28ee7

    • SHA1

      df09902dda3e6917bed30d53505384b60dadfa0a

    • SHA256

      dbbbb6acb1f5da76b3a7b03130d5e8235ac8fcb43f16fdb7e226bcc595fde196

    • SHA512

      e14242f82ae798afdad460d99a70bc9977f8c566a7da6d19287b906b03b1e24425d7481fa5a4aa93cde9288bf6a7b3195f90147f28e7d6e76175fa4d4fb82caf

    • SSDEEP

      12288:QqXGLLa1ptsstO8w0WRMCJO7BkFIqpwp:QqWvqhOsmIqpwp

    Score
    10/10
    formbookd0a7ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks