Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

PO-230102_...23.exe

windows7-x64

10

PO-230102_...23.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO-230102_May 2023.exe

  • Size

    222KB

  • Sample

    230508-s7vllabd94

  • MD5

    41b41296821338a634d99d5b5c749ec1

  • SHA1

    747470c76d47d50eaaa891edcc2f17b22b07d1c9

  • SHA256

    272872a41e4e0ae720f6f61e50320720cf0313fe65d4c039334ed6c0cb7f37b0

  • SHA512

    7e6e6892661051c9135ca042bc0af85dbbee366080ac326893a62666c4f54401bf1111b1c60c300f3a29b9ad26dfd71848a622215917f739d29ad882451e5ed0

  • SSDEEP

    3072:d0gHHDGWvgDE4u+gCGHjEmELWQ88ffVls4:WkDBuEawAWE3Vls

Score
10/10
formbookg3thratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g3th

Decoy

casemierlawncare.com

715harrison.com

laiwudj.com

jhy6id3bgsu.cfd

gewnaj.xyz

hullo.social

animejoyy.com

florenceodd.click

accountingassociatesil.com

cxuu39.shop

isabelladowns.com

checkstart.net

b2bmails.ru

wehantz.com

thejjwhyte.com

jerusalemfoundationsusa.com

newagreement19.com

findel.xyz

czanniversaryring.com

ape5n.com

Targets

    • Target

      PO-230102_May 2023.exe

    • Size

      222KB

    • MD5

      41b41296821338a634d99d5b5c749ec1

    • SHA1

      747470c76d47d50eaaa891edcc2f17b22b07d1c9

    • SHA256

      272872a41e4e0ae720f6f61e50320720cf0313fe65d4c039334ed6c0cb7f37b0

    • SHA512

      7e6e6892661051c9135ca042bc0af85dbbee366080ac326893a62666c4f54401bf1111b1c60c300f3a29b9ad26dfd71848a622215917f739d29ad882451e5ed0

    • SSDEEP

      3072:d0gHHDGWvgDE4u+gCGHjEmELWQ88ffVls4:WkDBuEawAWE3Vls

    Score
    10/10
    formbookg3thratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks