Overview

overview

10

Static

static

3

735e84ac12...18.exe

windows7-x64

10

735e84ac12...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    735e84ac1205e9dd7816c85f7706afb4_JaffaCakes118

  • Size

    733KB

  • Sample

    240525-1rymbacc86

  • MD5

    735e84ac1205e9dd7816c85f7706afb4

  • SHA1

    2894b5d49235df4845f15477d835c9b78ec08e72

  • SHA256

    dd97d41dbcea146c66d6a62f152d2b86bd60122b920d17eb11c8d639d338c779

  • SHA512

    f3b14d69d62ca59693f72369126c5419188a5f7f33f4d188f439021aff5b8f095593d9ab8a8867b17dfda0ef7eac80287451fee33882ffd460535642fdc46d99

  • SSDEEP

    12288:lF8UUt63DaFFRTImFKqQg7O1W/5N6NspDeaYUEuE5:lTUt63DaFFYqOMRN6IDf7e

Score
10/10
formbookmaratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

3.0

Campaign

ma

Decoy

painmedos.com

sp5ce.com

woldtv.com

zpc.ink

makrobet829.com

ar868.com

hakuneko.com

8-lab.info

test-gopalsep14.store

latiendaimportados.com

bakerysweetcheeks.com

nwklb9ze2p0.biz

startosizmir.com

sterilizedknqwp.download

rriivernyile.com

managementcover.site

beach.expert

huamzw.com

emojis3d.com

pissonagrave.com

Targets

    • Target

      735e84ac1205e9dd7816c85f7706afb4_JaffaCakes118

    • Size

      733KB

    • MD5

      735e84ac1205e9dd7816c85f7706afb4

    • SHA1

      2894b5d49235df4845f15477d835c9b78ec08e72

    • SHA256

      dd97d41dbcea146c66d6a62f152d2b86bd60122b920d17eb11c8d639d338c779

    • SHA512

      f3b14d69d62ca59693f72369126c5419188a5f7f33f4d188f439021aff5b8f095593d9ab8a8867b17dfda0ef7eac80287451fee33882ffd460535642fdc46d99

    • SSDEEP

      12288:lF8UUt63DaFFRTImFKqQg7O1W/5N6NspDeaYUEuE5:lTUt63DaFFYqOMRN6IDf7e

    Score
    10/10
    formbookmaratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks