Overview

overview

10

Static

static

3

Statement ...23.exe

windows7-x64

1

Statement ...23.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Statement Of Account 2023.exe

  • Size

    1.1MB

  • Sample

    230922-r5vyxaae89

  • MD5

    fe13115acb8c1517503b3f68cc4c4970

  • SHA1

    20efe2e5d9b1447fa9810fc6461607d8db6f5c40

  • SHA256

    99160f7ca07e18bc3a131520825ab4ce8d2f4c57b63bffc89d8e18d5a7fa25ce

  • SHA512

    0936580ecbbac61b0122edadf70376bb39c1ba8ab1386f385404dac36568eac7147eef0ecc2f7f19e6ed12f8a49ffd2f6bf09c8cebb5cf5e6db8a7daed64e459

  • SSDEEP

    24576:8A5ppyChPhZIIncSuBMT8mJD/pi3rXkfxR:F5Dtr35u+T87XK

Score
10/10
formbooksn26ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn26

Decoy

resenha10.bet

gulshan-rajput.com

xbus.tech

z813my.cfd

wlxzjlny.cfd

auntengotiempo.com

canada-reservation.com

thegiftcompany.shop

esthersilveirapropiedades.com

1wapws.top

ymjblnvo.cfd

termokimik.net

kushiro-artist-school.com

bmmboo.com

caceresconstructionservices.com

kentuckywalkabout.com

bringyourcart.com

miamiwinetour.com

bobcatsocial.site

thirdmind.network

Targets

    • Target

      Statement Of Account 2023.exe

    • Size

      1.1MB

    • MD5

      fe13115acb8c1517503b3f68cc4c4970

    • SHA1

      20efe2e5d9b1447fa9810fc6461607d8db6f5c40

    • SHA256

      99160f7ca07e18bc3a131520825ab4ce8d2f4c57b63bffc89d8e18d5a7fa25ce

    • SHA512

      0936580ecbbac61b0122edadf70376bb39c1ba8ab1386f385404dac36568eac7147eef0ecc2f7f19e6ed12f8a49ffd2f6bf09c8cebb5cf5e6db8a7daed64e459

    • SSDEEP

      24576:8A5ppyChPhZIIncSuBMT8mJD/pi3rXkfxR:F5Dtr35u+T87XK

    Score
    10/10
    formbooksn26ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks