Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Purchase Order For Consumables Eltra 888363725_9645364782_1197653623_836652746_22994644.exe

  • Size

    1.0MB

  • Sample

    240429-mr8wdsha4t

  • MD5

    0de4eb1758f5ef209ed50d5728cbb729

  • SHA1

    dc50323b58a5f7a71f9c51c135e09f522aba1d26

  • SHA256

    f6723f25605e46b8bdd2a8a875ee319c40108491934b2f8fbcdd58d649cbc651

  • SHA512

    616bac0fdbf0ae628b8c6fb1cc2608a966703dce4005ea0812b9e7102e7db2e064c2e5512b725a10b052bf0f41d91888b9dcac7d63da22e6d844488dba366286

  • SSDEEP

    24576:FAHnh+eWsN3skA4RV1Hom2KXMmHakjr3rmhkjknnL5:0h+ZkldoPK8YakvqhkjkN

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

se63

Decoy

socratesandhisclouds.com

versioncolor.com

ytcp011.com

908511.vip

egysrvs.com

ky5682011.cc

kkuu14.icu

wavebsb.com

klikadelivery.com

jnbxbpq.com

5o8oh.us

hemule.net

techinf.xyz

bevage.club

we37h.com

tipsde.shop

48136.vip

bestcampertrailerbrands.com

fairmedics.in

quixonic.tech

Targets

    • Target

      Purchase Order For Consumables Eltra 888363725_9645364782_1197653623_836652746_22994644.exe

    • Size

      1.0MB

    • MD5

      0de4eb1758f5ef209ed50d5728cbb729

    • SHA1

      dc50323b58a5f7a71f9c51c135e09f522aba1d26

    • SHA256

      f6723f25605e46b8bdd2a8a875ee319c40108491934b2f8fbcdd58d649cbc651

    • SHA512

      616bac0fdbf0ae628b8c6fb1cc2608a966703dce4005ea0812b9e7102e7db2e064c2e5512b725a10b052bf0f41d91888b9dcac7d63da22e6d844488dba366286

    • SSDEEP

      24576:FAHnh+eWsN3skA4RV1Hom2KXMmHakjr3rmhkjknnL5:0h+ZkldoPK8YakvqhkjkN

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks