Overview

overview

10

Static

static

3

2e4b5cbafd...d0.exe

windows7-x64

1

2e4b5cbafd...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e4b5cbafd808de79dee394ce1278cd0

  • Size

    862KB

  • Sample

    231231-jv45tsdael

  • MD5

    2e4b5cbafd808de79dee394ce1278cd0

  • SHA1

    a07f59e5a108304b29e3ae13189870c07780749b

  • SHA256

    c27adae0af4b3c5c71d33f4707fc1e0c51cd9ed61f88169014a6022fabc87dc8

  • SHA512

    e4bd548183bdbb6f12a8262b958c1f001a794c2e6e7386dbaa5a3c290dae10f4bc874d8a376f1f4456dd340acfe38948f461a44585f1626294ae7bc675627ad8

  • SSDEEP

    24576:Ub4NpPvss1FceTZ1uFC4XAi3hU8gBinA9:UbgtvsAvnmSOQBin4

Score
10/10
formbookmxwfratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

    • Target

      2e4b5cbafd808de79dee394ce1278cd0

    • Size

      862KB

    • MD5

      2e4b5cbafd808de79dee394ce1278cd0

    • SHA1

      a07f59e5a108304b29e3ae13189870c07780749b

    • SHA256

      c27adae0af4b3c5c71d33f4707fc1e0c51cd9ed61f88169014a6022fabc87dc8

    • SHA512

      e4bd548183bdbb6f12a8262b958c1f001a794c2e6e7386dbaa5a3c290dae10f4bc874d8a376f1f4456dd340acfe38948f461a44585f1626294ae7bc675627ad8

    • SSDEEP

      24576:Ub4NpPvss1FceTZ1uFC4XAi3hU8gBinA9:UbgtvsAvnmSOQBin4

    Score
    10/10
    formbookmxwfratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks