Overview

overview

10

Static

static

71dcac38a6...42.exe

windows7-x64

10

71dcac38a6...42.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    71dcac38a6bf66dfc49a933ccfcf01bfce78edc276d11ac181b2924ebf0b9e42.exe

  • Size

    615KB

  • Sample

    221207-rs27fsfb72

  • MD5

    f5f1fe50baeaa8103aaa723ddcbc7eb2

  • SHA1

    81cae721012ae3d859210d708182bc0af4772772

  • SHA256

    71dcac38a6bf66dfc49a933ccfcf01bfce78edc276d11ac181b2924ebf0b9e42

  • SHA512

    3dae926dd42fcf73d0636a0aa80e897a5ad33553757a1108a34b773a7457bb74524a7cde2f68d2cca394bde15db84c4b7db683546b32f4354facbe5f0501329c

  • SSDEEP

    12288:QJvylmTMGbO6JVWAeiwWG2zVj/b5CeK75/o3o5TP107kyLL1XXMQ:Wv2mTMGbr/zNoeqq0TaoyLJnM

Score
10/10
formbooke7nbratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

e7nb

Decoy

PsTzh30CVEdk

lubNs/ediiAunBs=

508fP8IdRzd/

U549ZBc72VO65OOIBgw=

Zrhzpl05MNXVsnltXG7VJcZMaQ==

PHkdSJEyEOSxOwb6W0mv9ciuW+ybmQMt

uirizUluo2S80tubABs=

NSBqCst2TQsoCuPQCWrVJcZMaQ==

XgULikLb6PkeOubi

5YBDKpVGIrvCFbOc3Q==

8DbiHNWtmTAyw1YsjH/lL8TpimUu8ygl

nxj1I6Op1IGJVRbN7gpx

0KvxaFuA6cBryzDH1Lni7s9W

1rS3Dk9oxD/fRA==

eMFF9fHMPRZFILKx5WCRng==

pMxC7OGKd0jbCYRVMHnbFur1N+DU

nZzNQDhdyK5hEL2QkPhrtYVHz7k62Y0=

siXP5iXuAcxnhZBayg==

dP6jOfGxmFQDW+zPoDtnpnY=

MidVv6GxFvuwx5R5/w4=

Targets

    • Target

      71dcac38a6bf66dfc49a933ccfcf01bfce78edc276d11ac181b2924ebf0b9e42.exe

    • Size

      615KB

    • MD5

      f5f1fe50baeaa8103aaa723ddcbc7eb2

    • SHA1

      81cae721012ae3d859210d708182bc0af4772772

    • SHA256

      71dcac38a6bf66dfc49a933ccfcf01bfce78edc276d11ac181b2924ebf0b9e42

    • SHA512

      3dae926dd42fcf73d0636a0aa80e897a5ad33553757a1108a34b773a7457bb74524a7cde2f68d2cca394bde15db84c4b7db683546b32f4354facbe5f0501329c

    • SSDEEP

      12288:QJvylmTMGbO6JVWAeiwWG2zVj/b5CeK75/o3o5TP107kyLL1XXMQ:Wv2mTMGbr/zNoeqq0TaoyLJnM

    Score
    10/10
    formbooke7nbratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks