Overview

overview

10

Static

static

DHL Notifi...df.exe

windows7-x64

10

DHL Notifi...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DHL Notification_pdf.exe

  • Size

    828KB

  • Sample

    221205-j4eljaba99

  • MD5

    8a8dd3ae4c5731acff6cd279d87702eb

  • SHA1

    f874fcd17517e88bec44350a17309ec26b58d8fc

  • SHA256

    cdf5c57b42c0d59cf1d683dd2e1999a2bc874fda7c521b25af910f80fd012691

  • SHA512

    10f928e68acee2371a75e7e7b80745f2e377cc980c812657c3cdddd2951801d897fcbb70cd1400864df4dfba2231e84f546f3c1149a92e3125f1f6fd93bfa2db

  • SSDEEP

    12288:dWnciekg586aWHffaOTWE5AlUsOetrCGBbK8z2b5Uyx1093QdQ0uyG:0nZeB5O8fa171FtdJK8z2lh10F+Yy

Score
10/10
formbookj17jratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

j17j

Decoy

playphf.live

solarthinfilmtec.com

gdhaoshan.com

posh-designs.com

369andrewst.com

doverupblications.com

hengshangmei.com

decungo.com

checksinthemaiil.com

4localde.com

wetakeoveryourhousepayments.com

overcharge-center.com

mmmmmboulder.com

almaszarrin.net

enterpriseturkey.com

lanierfurniture.com

lhzb726-gw021.vip

onuiol.com

dmitrytodosyev.com

117uuu.com

Targets

    • Target

      DHL Notification_pdf.exe

    • Size

      828KB

    • MD5

      8a8dd3ae4c5731acff6cd279d87702eb

    • SHA1

      f874fcd17517e88bec44350a17309ec26b58d8fc

    • SHA256

      cdf5c57b42c0d59cf1d683dd2e1999a2bc874fda7c521b25af910f80fd012691

    • SHA512

      10f928e68acee2371a75e7e7b80745f2e377cc980c812657c3cdddd2951801d897fcbb70cd1400864df4dfba2231e84f546f3c1149a92e3125f1f6fd93bfa2db

    • SSDEEP

      12288:dWnciekg586aWHffaOTWE5AlUsOetrCGBbK8z2b5Uyx1093QdQ0uyG:0nZeB5O8fa171FtdJK8z2lh10F+Yy

    Score
    10/10
    formbookj17jratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks