Overview

overview

10

Static

static

SecuriteIn...41.exe

windows7-x64

10

SecuriteIn...41.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.389.22386.8541.exe

  • Size

    552KB

  • Sample

    221201-v4as5abh59

  • MD5

    b715de27a553217c49d78c598bb21369

  • SHA1

    881f25a7c5c4f20d503a60d2824ab9df0382bf7b

  • SHA256

    95f44db4638c9a3804bffdb3c202b3de5a503a3847606dec40996524af217faf

  • SHA512

    cf1ce92ebc822e4c9de9cb329f3bf5bf80430a6e7e4fdc6ecf84a06ffd818599339724d29ef85e97919c3b0183dbcd0c365b37c90660a8efb0f6e848f4850df2

  • SSDEEP

    12288:gWoHX/RF7mXZF6rslyyGG8arnuTeokpcaTy+yHKoN9jq:XOjSSr3yGmzaUyRj9j

Score
10/10
formbooktz8tratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

tz8t

Decoy

ny77rjODcxSfmMf2

Ro4c30aR3N8pqxgoKOH0nKpZ1DM=

Xz784MkvjnVyiOwsbwxpwblQv47KIw==

8E5DQ8nbaEVgDiQqlbCmBos=

n+Jwl1GgHG8xHU1BsHDG

KImMWN0zhg/fESvJ2Nc=

4NkRrZjFCmbstx7pIg==

kephKeYrhstVQqQYSObEksSLgDY=

pepRAInR/Ngl0ybL/xL+xaOJc2GUt9g=

0LcrLqfr4sQR9hDlIg==

WfSuYQ9im6fudNHAuU4qnBQwqlKg

SxQnURRzi2WtMVt/vNk=

iz4tST2moq0zPngkKg==

eLUdrzCjBM/pmw6rqF8sBRjLcc9OFtA=

+4qzyKMNHP4/6UoaVVp6VWhKbi8=

JOxXem3SKvkKf7xTTOdC9p8FMA==

anepSdQmIC6nN2795qU6Bm/qXvZ9x3a9

5k32ENdAijGAfu5OggFjy5Q=

2us845cGIIQ7LZEBArySuEk53z4=

Y48EB4G+/0vY3h9NmaVhJP9bv47KIw==

Targets

    • Target

      SecuriteInfo.com.Trojan.PackedNET.389.22386.8541.exe

    • Size

      552KB

    • MD5

      b715de27a553217c49d78c598bb21369

    • SHA1

      881f25a7c5c4f20d503a60d2824ab9df0382bf7b

    • SHA256

      95f44db4638c9a3804bffdb3c202b3de5a503a3847606dec40996524af217faf

    • SHA512

      cf1ce92ebc822e4c9de9cb329f3bf5bf80430a6e7e4fdc6ecf84a06ffd818599339724d29ef85e97919c3b0183dbcd0c365b37c90660a8efb0f6e848f4850df2

    • SSDEEP

      12288:gWoHX/RF7mXZF6rslyyGG8arnuTeokpcaTy+yHKoN9jq:XOjSSr3yGmzaUyRj9j

    Score
    10/10
    formbooktz8tratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks