Overview

overview

10

Static

static

SecuriteIn...07.exe

windows7-x64

10

SecuriteIn...07.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.389.22148.19507.exe

  • Size

    987KB

  • Sample

    221202-lgjcbagf3t

  • MD5

    665060ac5399f40563e4666981973308

  • SHA1

    57b54841e4985d25307721ce4ebe562e62889f01

  • SHA256

    4ab85efebfd81e20170cceb7f76e9fa010952504265fc5b5d0319b1131c60ea8

  • SHA512

    b7161af111836015c0ace8878dd19f34c5ac8d7f9ec52b86ddcabd9df3d637a01a6bcc96eb460fa2fe6280a02465429219b8a16dffe4447d1f1bd56b325b021e

  • SSDEEP

    12288:5Xdgh/iS0Rt23QBud56qmDrf/z2Db9fYZpOfMzz4/iaR73TirdKl5Hx1QdbWog:5Ngh/d2t6mTnz2DbIei+burc7

Score
10/10
formbookqmparatspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

qmpa

Decoy

IEiN8oqOnNUEkfZd

LWyAr1P5PHPV

tMGP9gYCIc9DKQ==

fWi2stCh2E3DBWuEK612

B3LCCi2JvPxfNA==

NjLnNjX+DDWt/VuEK612

AvK5/JdMDLztPRg=

U+zn2FswDLztPRg=

3bRIXGwsIc9DKQ==

EXmAoj3/7Cyl+VuEK612

1gkKPklP1odxx7c/Zm+L6HeV4g==

1cMaHDg0ypV0vbT2Ibh+/5Cj5xmAVxA=

MSyBdIV+6nFRloTQAwmFklQ=

qilszGJvhMUsHgaUx/MNSKuo6A==

WYKLwmYEij4q2Hy6sOc=

sjII/IyFmORBFPJ2dVjpG0Q=

mTjzaRwZ9OsEkfZd

iL27vFhbX5ECbBIJxvJKbPHFf9M=

5A5Xr0D5PHPV

IpxsaTO4a1/I

Targets

    • Target

      SecuriteInfo.com.Trojan.PackedNET.389.22148.19507.exe

    • Size

      987KB

    • MD5

      665060ac5399f40563e4666981973308

    • SHA1

      57b54841e4985d25307721ce4ebe562e62889f01

    • SHA256

      4ab85efebfd81e20170cceb7f76e9fa010952504265fc5b5d0319b1131c60ea8

    • SHA512

      b7161af111836015c0ace8878dd19f34c5ac8d7f9ec52b86ddcabd9df3d637a01a6bcc96eb460fa2fe6280a02465429219b8a16dffe4447d1f1bd56b325b021e

    • SSDEEP

      12288:5Xdgh/iS0Rt23QBud56qmDrf/z2Db9fYZpOfMzz4/iaR73TirdKl5Hx1QdbWog:5Ngh/d2t6mTnz2DbIei+burc7

    Score
    10/10
    formbookqmparatspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks