Overview

overview

10

Static

static

3

Payment Copy.exe

windows7-x64

10

Payment Copy.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payment Copy.exe

  • Size

    267KB

  • Sample

    230828-nrpyysaf49

  • MD5

    2887f9fdbaf24615ea6835c63239e8f2

  • SHA1

    fa0253b40157a5820a528d8859064343bde6f14e

  • SHA256

    cbcfd7f5e01a53f530bebf71dc07ddac59b03d2ee0f5825f541e3bf668d6abc5

  • SHA512

    ff53ad4debf4c5a73a3e4827c96dcf340a9062af6a7bcb3c151e0b242cfeee51cc7a0469a27a340597eea6b2ecc9183b25270009db4629c1375e5234067836b6

  • SSDEEP

    6144:PYa6W3DlkyTDcyV6NyyPGONwUUpg2za88ijpiafP9at0yDd9eC6V:PYAzlVctNyyPGvtjasxfVEBS/

Score
10/10
formbooksn26ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn26

Decoy

resenha10.bet

gulshan-rajput.com

xbus.tech

z813my.cfd

wlxzjlny.cfd

auntengotiempo.com

canada-reservation.com

thegiftcompany.shop

esthersilveirapropiedades.com

1wapws.top

ymjblnvo.cfd

termokimik.net

kushiro-artist-school.com

bmmboo.com

caceresconstructionservices.com

kentuckywalkabout.com

bringyourcart.com

miamiwinetour.com

bobcatsocial.site

thirdmind.network

Targets

    • Target

      Payment Copy.exe

    • Size

      267KB

    • MD5

      2887f9fdbaf24615ea6835c63239e8f2

    • SHA1

      fa0253b40157a5820a528d8859064343bde6f14e

    • SHA256

      cbcfd7f5e01a53f530bebf71dc07ddac59b03d2ee0f5825f541e3bf668d6abc5

    • SHA512

      ff53ad4debf4c5a73a3e4827c96dcf340a9062af6a7bcb3c151e0b242cfeee51cc7a0469a27a340597eea6b2ecc9183b25270009db4629c1375e5234067836b6

    • SSDEEP

      6144:PYa6W3DlkyTDcyV6NyyPGONwUUpg2za88ijpiafP9at0yDd9eC6V:PYAzlVctNyyPGvtjasxfVEBS/

    Score
    10/10
    formbooksn26ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks