Overview

overview

10

Static

static

3

Statement ...23.exe

windows7-x64

1

Statement ...23.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Statement Of Account 2023.rar

  • Size

    927KB

  • Sample

    230922-r9ahrsaf49

  • MD5

    61f8413f949a26f64f682a9264e38b87

  • SHA1

    8bc10a2cfa536c8320a28aa4e155f848968cdb8f

  • SHA256

    a7e1189af14bcd8743a40b3bb29d42a6aad0ed7894c6214c85cb7772b3b39c5c

  • SHA512

    fa60c3a9ad91bb530c7122373a974bd34feef180ec9c077b1a5924829a2066783a6f4c08bdece527cccd79a872cce786da662a9b482a4c5b68a13eca48d70d08

  • SSDEEP

    24576:WNHerDwr84BPXd8MGOgZiIh81LXHB07/Djy+Bi3:8HeHd2+nZVsjS/Djy+BO

Score
10/10
formbooksn26ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn26

Decoy

resenha10.bet

gulshan-rajput.com

xbus.tech

z813my.cfd

wlxzjlny.cfd

auntengotiempo.com

canada-reservation.com

thegiftcompany.shop

esthersilveirapropiedades.com

1wapws.top

ymjblnvo.cfd

termokimik.net

kushiro-artist-school.com

bmmboo.com

caceresconstructionservices.com

kentuckywalkabout.com

bringyourcart.com

miamiwinetour.com

bobcatsocial.site

thirdmind.network

Targets

    • Target

      Statement Of Account 2023.exe

    • Size

      1.1MB

    • MD5

      fe13115acb8c1517503b3f68cc4c4970

    • SHA1

      20efe2e5d9b1447fa9810fc6461607d8db6f5c40

    • SHA256

      99160f7ca07e18bc3a131520825ab4ce8d2f4c57b63bffc89d8e18d5a7fa25ce

    • SHA512

      0936580ecbbac61b0122edadf70376bb39c1ba8ab1386f385404dac36568eac7147eef0ecc2f7f19e6ed12f8a49ffd2f6bf09c8cebb5cf5e6db8a7daed64e459

    • SSDEEP

      24576:8A5ppyChPhZIIncSuBMT8mJD/pi3rXkfxR:F5Dtr35u+T87XK

    Score
    10/10
    formbooksn26ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks