Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SWIFT Transfer (103) 022FT10230717045.exe

  • Size

    752KB

  • Sample

    230718-gqe9sshc71

  • MD5

    dd4f4d6dc2c71e6ad5a6b0abf45f8d5e

  • SHA1

    e90bf49def5509412e3c1f10f959c7a8ce121e9a

  • SHA256

    61894dd6d947ab1237c08e4f020e6462fdc7a96903c7cf27523d4e21304c1612

  • SHA512

    aa46b3c2542b2df05bc0a3bf3e15f34c80673090ba97c1b9ab8f86fb8827e3e45ad9adf9dfbefe7aa48a1d35c4dab2ef2c11c3748ec880ec40c2cbbc453e8d39

  • SSDEEP

    12288:Mf+vUyubcW9Roj0fb/WT4UkuZKXP0s95N3KO6GUPy1h8F0XgbeOTRqymNBoIlz1g:MG8VbcW9Roj0fzW/ZacsB16NP8+7UycC

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn26

Decoy

resenha10.bet

gulshan-rajput.com

xbus.tech

z813my.cfd

wlxzjlny.cfd

auntengotiempo.com

canada-reservation.com

thegiftcompany.shop

esthersilveirapropiedades.com

1wapws.top

ymjblnvo.cfd

termokimik.net

kushiro-artist-school.com

bmmboo.com

caceresconstructionservices.com

kentuckywalkabout.com

bringyourcart.com

miamiwinetour.com

bobcatsocial.site

thirdmind.network

Targets

    • Target

      SWIFT Transfer (103) 022FT10230717045.exe

    • Size

      752KB

    • MD5

      dd4f4d6dc2c71e6ad5a6b0abf45f8d5e

    • SHA1

      e90bf49def5509412e3c1f10f959c7a8ce121e9a

    • SHA256

      61894dd6d947ab1237c08e4f020e6462fdc7a96903c7cf27523d4e21304c1612

    • SHA512

      aa46b3c2542b2df05bc0a3bf3e15f34c80673090ba97c1b9ab8f86fb8827e3e45ad9adf9dfbefe7aa48a1d35c4dab2ef2c11c3748ec880ec40c2cbbc453e8d39

    • SSDEEP

      12288:Mf+vUyubcW9Roj0fb/WT4UkuZKXP0s95N3KO6GUPy1h8F0XgbeOTRqymNBoIlz1g:MG8VbcW9Roj0fzW/ZacsB16NP8+7UycC

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.