Overview

overview

10

Static

static

3

790939840c...66.exe

windows7-x64

10

790939840c...66.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    790939840cb426b9f163776c2c478966

  • Size

    831KB

  • Sample

    240127-cwvjfsbcc2

  • MD5

    790939840cb426b9f163776c2c478966

  • SHA1

    d0ec41b2b85db2a4e874c14a16466f827e170027

  • SHA256

    0ea81e325568a6d5c8ecde8ce0198dabe9553e237ef46b328240d7f51231d3bb

  • SHA512

    3f6bed2d6e2e749282ea3e614efda00c82946e5c7954b2e36c1278d590019cbecd04ff4edb6131bee4046f57424cdc8a3c50f5ca7df1160a1472e907af2c25bc

  • SSDEEP

    24576:8dnaNnWfVembCSq9dnxWlh73bwwI+hYnl7daP6a:AaN4VewM2b

Score
10/10
formbookmxwfratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

    • Target

      790939840cb426b9f163776c2c478966

    • Size

      831KB

    • MD5

      790939840cb426b9f163776c2c478966

    • SHA1

      d0ec41b2b85db2a4e874c14a16466f827e170027

    • SHA256

      0ea81e325568a6d5c8ecde8ce0198dabe9553e237ef46b328240d7f51231d3bb

    • SHA512

      3f6bed2d6e2e749282ea3e614efda00c82946e5c7954b2e36c1278d590019cbecd04ff4edb6131bee4046f57424cdc8a3c50f5ca7df1160a1472e907af2c25bc

    • SSDEEP

      24576:8dnaNnWfVembCSq9dnxWlh73bwwI+hYnl7daP6a:AaN4VewM2b

    Score
    10/10
    formbookmxwfratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks