General

  • Target

    68b6beb98136f26d1a4ff3fcbb7f2ee5_JaffaCakes118

  • Size

    507KB

  • Sample

    240401-fwz1qaeh22

  • MD5

    68b6beb98136f26d1a4ff3fcbb7f2ee5

  • SHA1

    f6662a481570f1cbfaf0b7e3d798d4cc78e14ea2

  • SHA256

    de2d33fe728754190016e5ed66fe93fc6212884da68f52ace01205fea357ec22

  • SHA512

    363734d8087111f99d4cab82855a9a054eae3823f11f6e7b97c689b834782683fc23784cc19666cb2607b40747bfb9b68b06740df3fc5396570314d0976b79a7

  • SSDEEP

    12288:z3bQGf4GH3cn+brPQuxDUNov+VrRzUtwa8c2ixN:zr7MnkPQuRaRzwMc

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

hue4

Decoy

omniforexsignalsreviews.com

safepostcourier.com

thechurchosconference.com

buyhouses.biz

5pineridge.com

digitalgaminguk.com

ladepi.com

ildfirefarm.com

gatheredbhm.com

yesontape.com

tnlf.net

meetwithcjg.com

datematerelate.com

allnationscbus.com

vencam.online

servicios-royale.com

tenlog008.xyz

guiadesfralde.club

megacrypto.xyz

xn--h1adhok0c.com

Targets

    • Target

      68b6beb98136f26d1a4ff3fcbb7f2ee5_JaffaCakes118

    • Size

      507KB

    • MD5

      68b6beb98136f26d1a4ff3fcbb7f2ee5

    • SHA1

      f6662a481570f1cbfaf0b7e3d798d4cc78e14ea2

    • SHA256

      de2d33fe728754190016e5ed66fe93fc6212884da68f52ace01205fea357ec22

    • SHA512

      363734d8087111f99d4cab82855a9a054eae3823f11f6e7b97c689b834782683fc23784cc19666cb2607b40747bfb9b68b06740df3fc5396570314d0976b79a7

    • SSDEEP

      12288:z3bQGf4GH3cn+brPQuxDUNov+VrRzUtwa8c2ixN:zr7MnkPQuRaRzwMc

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks