formbook | 8489bd56a9600404fd96c0a11290af3a56f5a3cdd77274446d41d678248b4d44

General

Target

74767ea7dd7c4fc21cf131e0160ed270N.exe
Size

188KB
Sample

240806-htznaaseql
MD5

74767ea7dd7c4fc21cf131e0160ed270
SHA1

892725995e452f28cdfe7f2778da76244d62c8bb
SHA256

8489bd56a9600404fd96c0a11290af3a56f5a3cdd77274446d41d678248b4d44
SHA512

6e7a27ae6b95ac1922e2336ed63064813380d7d86fb8cea4a075f22e86d87a0b1642f2f3e8b02ba3f99e5625afeaf0660e7f0bc29b2ca23cb0dc599472ee1f5a
SSDEEP

3072:9XqcEZpJXbWbBA+xfdpKKa3s9UcqmtaMqE7bNxop0yRJAnfH8d:umyufdla3s9Uhe7Xo6yR6fc

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

de94

Decoy

gx899.top

whoistommy.info

vabex.shop

vduwum.rest

betbox2351.com

ch3kat0.online

kaduexpress.com

sibonline.shop

bt365918.com

betterlabs.app

denversandandgravel.net

webzlp.xyz

tdodtn263q.xyz

zamaninvest.com

vcxwpo.xyz

myastrolyfe.com

lsm8v87jnkrqcnr.buzz

ilregnodellecozze.com

auroraskynholistics.com

sewassist.com

Targets

- Target
  
  74767ea7dd7c4fc21cf131e0160ed270N.exe
- Size
  
  188KB
- MD5
  
  74767ea7dd7c4fc21cf131e0160ed270
- SHA1
  
  892725995e452f28cdfe7f2778da76244d62c8bb
- SHA256
  
  8489bd56a9600404fd96c0a11290af3a56f5a3cdd77274446d41d678248b4d44
- SHA512
  
  6e7a27ae6b95ac1922e2336ed63064813380d7d86fb8cea4a075f22e86d87a0b1642f2f3e8b02ba3f99e5625afeaf0660e7f0bc29b2ca23cb0dc599472ee1f5a
- SSDEEP
  
  3072:9XqcEZpJXbWbBA+xfdpKKa3s9UcqmtaMqE7bNxop0yRJAnfH8d:umyufdla3s9Uhe7Xo6yR6fc
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2