General

  • Target

    608b3c7d4092ba03e8393c5b6102cc34_JaffaCakes118

  • Size

    688KB

  • Sample

    240520-w2ppyacg6s

  • MD5

    608b3c7d4092ba03e8393c5b6102cc34

  • SHA1

    5f81869f67b5376317e496447431cc0e1924f2f9

  • SHA256

    75126a9e47774b66c23d7bee87c4b1fdb2be6abc37b28d65eb842324956cd8f5

  • SHA512

    ebc34a35436ca07ac3687d1841946a7ffc4e3556cfe498f5d9ef6ac410cfab82e49c77ba94d03f364934f136660b6db0a5788563da8c0ebf1170c853800f3725

  • SSDEEP

    12288:SIfeAaArx2xis71SNHHF9VDc7/PXJ93zsWmNSZk:H93Gi1FjsXJ934dNSZ

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

l5

Decoy

riverchaseapts.net

0430pe.com

nbgift.net

ehkhwn.win

immatthall.com

fkslc.info

breakthroughmediadon.com

eatorganic.life

okcitytowing.com

egaodomain.com

krenbc.com

lavi.ltd

sport-score.com

romskicentar.com

junkyard.design

xn--55q83b758aihq.com

phonerepairlocal.com

5656868.com

1s7onework.men

elizabethreidinteriordesign.com

Targets

    • Target

      608b3c7d4092ba03e8393c5b6102cc34_JaffaCakes118

    • Size

      688KB

    • MD5

      608b3c7d4092ba03e8393c5b6102cc34

    • SHA1

      5f81869f67b5376317e496447431cc0e1924f2f9

    • SHA256

      75126a9e47774b66c23d7bee87c4b1fdb2be6abc37b28d65eb842324956cd8f5

    • SHA512

      ebc34a35436ca07ac3687d1841946a7ffc4e3556cfe498f5d9ef6ac410cfab82e49c77ba94d03f364934f136660b6db0a5788563da8c0ebf1170c853800f3725

    • SSDEEP

      12288:SIfeAaArx2xis71SNHHF9VDc7/PXJ93zsWmNSZk:H93Gi1FjsXJ934dNSZ

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks