General

  • Target

    99ad43415d3fce1de4b15b26893f60e126645f028602a7a0fff9432b99403433.exe

  • Size

    1.1MB

  • Sample

    240504-bykxcscg67

  • MD5

    943efcacb9b6e31fd1fb06603641f259

  • SHA1

    0556c77bab07dd97230df5ebff60b38298e79f25

  • SHA256

    99ad43415d3fce1de4b15b26893f60e126645f028602a7a0fff9432b99403433

  • SHA512

    70760f8bb6076ac3d338ee5c786600f0b55fb7300c3ba8ee7496ad669046507a67afb97f76c1a1a6ef529dcf8346a8690c822d5d0f54de59f57b75076b155620

  • SSDEEP

    24576:DqDEvCTbMWu7rQYlBQcBiT6rprG8arAcTMFku9In:DTvC/MTQYxsWR7arA2M+

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

se63

Decoy

socratesandhisclouds.com

versioncolor.com

ytcp011.com

908511.vip

egysrvs.com

ky5682011.cc

kkuu14.icu

wavebsb.com

klikadelivery.com

jnbxbpq.com

5o8oh.us

hemule.net

techinf.xyz

bevage.club

we37h.com

tipsde.shop

48136.vip

bestcampertrailerbrands.com

fairmedics.in

quixonic.tech

Targets

    • Target

      99ad43415d3fce1de4b15b26893f60e126645f028602a7a0fff9432b99403433.exe

    • Size

      1.1MB

    • MD5

      943efcacb9b6e31fd1fb06603641f259

    • SHA1

      0556c77bab07dd97230df5ebff60b38298e79f25

    • SHA256

      99ad43415d3fce1de4b15b26893f60e126645f028602a7a0fff9432b99403433

    • SHA512

      70760f8bb6076ac3d338ee5c786600f0b55fb7300c3ba8ee7496ad669046507a67afb97f76c1a1a6ef529dcf8346a8690c822d5d0f54de59f57b75076b155620

    • SSDEEP

      24576:DqDEvCTbMWu7rQYlBQcBiT6rprG8arAcTMFku9In:DTvC/MTQYxsWR7arA2M+

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks