Overview

overview

10

Static

static

SecuriteIn...89.exe

windows7-x64

10

SecuriteIn...89.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.8878.21189.exe

  • Size

    772KB

  • Sample

    221201-nnwx4age5w

  • MD5

    225616a6672687c30a85b7b18467518b

  • SHA1

    054d5fec9212ea53cb04c1d28a6063c5a4c065c3

  • SHA256

    4556daea929e88c1831b8a92814ae2f57b9b8a57be14487a03650ee81d36b67e

  • SHA512

    c21643a6a1ad305fd83b31ef3105a22502addd21860bec29a1e0318703417093549b6a2709df2739c5358669abaf67f9c9e367f127d2a633b3dbe0b25f7f368b

  • SSDEEP

    24576:kQmnzQE9U3G6PDIaRBNlwCbvk74FRXBaf8i8HtQCZt9lM:kQmzQvGeDrrNzAURw89/O

Score
10/10
formbookntzbratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

ntzb

Decoy

ec/NM1mI984Gb/9r

LIh84/7lSr8jyCJjNRy3cy5K/w==

ywyL4wf5IYKQvdNGr5hpUcZk

ibXIRT7wwpAGb/9r

jvlCCTIkf3aEc0yrhiKei9M=

JpvChtpFpghexluRIQ==

ufPzZvM9cUyAySmfh3VZ

IWlUsdnOG2qvOYvJMp9v2/IU7Q==

AShx1yFdwhMDEvts6yKei9M=

G0s8BkB7oPAhNESxLJisov0O4g==

5whNpsfrfGq6bT5VM5c=

7YrOda8xKRZpbX55Rp0=

lff5IDBTuCxnxluRIQ==

s/nqUHamCtIGb/9r

IqvUNFmH8soGb/9r

l8GtEDwvaHre8/VBHFv+wQ==

cb4m5SZjvr4EuU20ORuv4zoQMrY=

msP5quMgh5TOcT5VM5c=

yvEWmNz1G6jvgN1EHFv+wQ==

ZfcqLcYYqRdu9EWF7mUynGEx7sib

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.8878.21189.exe

    • Size

      772KB

    • MD5

      225616a6672687c30a85b7b18467518b

    • SHA1

      054d5fec9212ea53cb04c1d28a6063c5a4c065c3

    • SHA256

      4556daea929e88c1831b8a92814ae2f57b9b8a57be14487a03650ee81d36b67e

    • SHA512

      c21643a6a1ad305fd83b31ef3105a22502addd21860bec29a1e0318703417093549b6a2709df2739c5358669abaf67f9c9e367f127d2a633b3dbe0b25f7f368b

    • SSDEEP

      24576:kQmnzQE9U3G6PDIaRBNlwCbvk74FRXBaf8i8HtQCZt9lM:kQmzQvGeDrrNzAURw89/O

    Score
    10/10
    formbookntzbratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks