Overview

overview

10

Static

static

3

6718b469b6...18.exe

windows7-x64

10

6718b469b6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6718b469b6916b6d72a29ed23e6eda52_JaffaCakes118

  • Size

    396KB

  • Sample

    240522-nkffyach57

  • MD5

    6718b469b6916b6d72a29ed23e6eda52

  • SHA1

    ff778f57acdaa1ec9e467e562028e84d66e4fa3f

  • SHA256

    3400e42731d3737a64af32e4ce085979807a70aaa7e7a9137de73f2b738daa1c

  • SHA512

    66d8a389becf11c7cf76757b9fc0b11b44a9922eb2947997e5ec7935fd57f83032311c8a831f471f497aa70c616a24a1a8fcc2a7497adcfc7c075a48c5e73189

  • SSDEEP

    6144:4VL0nt7DmqFVXJ/sRw5bdKeHrlfxvpszSbSRKDA2bPhleIq:OuxXJ/sRw5dKeLfCzSBThle

Score
10/10
formbookh362ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

h362

Decoy

optimisticit.com

vuoto-visual.com

therealestatecenter.info

buckluvinpearlgirl2018.com

thecutfactoryso.com

healthyminde.com

remitandswitch.com

oregonawaits.info

sidesteem.com

dopper2018.net

villacoquito.com

theartofrecieving.com

fake-kevin-domain-fake123.com

adlibexeclodge.com

web-chops.com

darkflamearchives.com

mobileappsdirectnow.com

krismartinpr.com

visorsports.com

gisaeng.net

Targets

    • Target

      6718b469b6916b6d72a29ed23e6eda52_JaffaCakes118

    • Size

      396KB

    • MD5

      6718b469b6916b6d72a29ed23e6eda52

    • SHA1

      ff778f57acdaa1ec9e467e562028e84d66e4fa3f

    • SHA256

      3400e42731d3737a64af32e4ce085979807a70aaa7e7a9137de73f2b738daa1c

    • SHA512

      66d8a389becf11c7cf76757b9fc0b11b44a9922eb2947997e5ec7935fd57f83032311c8a831f471f497aa70c616a24a1a8fcc2a7497adcfc7c075a48c5e73189

    • SSDEEP

      6144:4VL0nt7DmqFVXJ/sRw5bdKeHrlfxvpszSbSRKDA2bPhleIq:OuxXJ/sRw5dKeLfCzSBThle

    Score
    10/10
    formbookh362ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks