General

  • Target

    a704517a86211b98704065b621b0d9edd4ef353ff6cbe1abc387e80e58af8313.exe

  • Size

    1.0MB

  • Sample

    240710-wvdzvssdkp

  • MD5

    28c67d5a3ab5e3a2692a1bbae82dca30

  • SHA1

    48e89864694d416b368e479373155f41b66c2b03

  • SHA256

    a704517a86211b98704065b621b0d9edd4ef353ff6cbe1abc387e80e58af8313

  • SHA512

    6f9183704440219444490eeb25f4be82728103b73b11edf2ec1144a96582c86881bbb8ff000211070b9ae8bf54a89a3d2bb7be24486ba45f1b4d4c3da95f1029

  • SSDEEP

    24576:UAHnh+eWsN3skA4RV1Hom2KXMmHafT0RUPxcB2DjgBZ5:jh+ZkldoPK8YafYRMWBQg5

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ge34

Decoy

aporyb.com

mwquas.xyz

apps-83842.bond

enebrium-peptide.com

sevenslot777-al.xyz

rdt999.com

fgaxercq.xyz

hooksandline.com

nadiiadrinkscoffee.com

bt365131.com

vinfast-hanam.com

smooease.com

stcpharmasolution.lat

rent-to-own-us-006.space

baka88rtp.xyz

iloveher.net

72428.club

smkjfw.com

tactprograms.com

nhasachdoanhnhan.click

Targets

    • Target

      a704517a86211b98704065b621b0d9edd4ef353ff6cbe1abc387e80e58af8313.exe

    • Size

      1.0MB

    • MD5

      28c67d5a3ab5e3a2692a1bbae82dca30

    • SHA1

      48e89864694d416b368e479373155f41b66c2b03

    • SHA256

      a704517a86211b98704065b621b0d9edd4ef353ff6cbe1abc387e80e58af8313

    • SHA512

      6f9183704440219444490eeb25f4be82728103b73b11edf2ec1144a96582c86881bbb8ff000211070b9ae8bf54a89a3d2bb7be24486ba45f1b4d4c3da95f1029

    • SSDEEP

      24576:UAHnh+eWsN3skA4RV1Hom2KXMmHafT0RUPxcB2DjgBZ5:jh+ZkldoPK8YafYRMWBQg5

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks