General

  • Target

    29c87cc9791289ada6dd99bea234651b38ce32f2099760a85d1b84819ea85f63

  • Size

    1.3MB

  • Sample

    240510-mg764scf79

  • MD5

    3cf399ac1e7a741fa3942a907f29573a

  • SHA1

    5e33b0e06d0a0527c18367376c31ad85ed15993c

  • SHA256

    29c87cc9791289ada6dd99bea234651b38ce32f2099760a85d1b84819ea85f63

  • SHA512

    f5ada832edf1c251f1d314a31251cae5b8c9e9fa3f406ea4ecc377588cffa4be88d470f0a8ffa6c50daf5cc90b742e106f64e52f01b832911d1b5a4b233264d6

  • SSDEEP

    24576:MAHnh+eWsN3skA4RV1Hom2KXMmHa6it5oGkezi5:rh+ZkldoPK8Ya6it+3

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

se62

Decoy

wkb41961shv.com

bdsxm.com

renovationslandscaping.info

qhsmgysm.com

fetbody.com

injured444.live

teensfeel.us

zi59wp1h.com

dfrtrucking.com

16milevet.com

patternzi.com

homeinsectcontrolpros.com

alcosa-peru.com

rmicompletesolutions.co.za

nnhealthhk.com

fitversus.com

hgxaf155.com

hizlitakibin.com

kjhwbk.top

gokarpemed.com

Targets

    • Target

      29c87cc9791289ada6dd99bea234651b38ce32f2099760a85d1b84819ea85f63

    • Size

      1.3MB

    • MD5

      3cf399ac1e7a741fa3942a907f29573a

    • SHA1

      5e33b0e06d0a0527c18367376c31ad85ed15993c

    • SHA256

      29c87cc9791289ada6dd99bea234651b38ce32f2099760a85d1b84819ea85f63

    • SHA512

      f5ada832edf1c251f1d314a31251cae5b8c9e9fa3f406ea4ecc377588cffa4be88d470f0a8ffa6c50daf5cc90b742e106f64e52f01b832911d1b5a4b233264d6

    • SSDEEP

      24576:MAHnh+eWsN3skA4RV1Hom2KXMmHa6it5oGkezi5:rh+ZkldoPK8Ya6it+3

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks