Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb3a413a0c429934a855be955e984dc0N.exe

  • Size

    1024KB

  • Sample

    240813-q5vsgaxblh

  • MD5

    eb3a413a0c429934a855be955e984dc0

  • SHA1

    f3e72d00c9cdfeb200eeb1216fa05000e809a462

  • SHA256

    da5e0937154966ad0f773e1c91e0116099c51fe15a745a7f2ed3857cd1aa9101

  • SHA512

    80b4e899656e8dbc961034a5f01cc0a78e01534b699b6768a81132b53302514ad07e41e76d1faf43cfc5086e685f1cc5e60fa6f59a7ae4e46415db31f32ba14c

  • SSDEEP

    24576:bVexEpFDcLc1N6/1hZ+1YhXODdwq4JEWCbtyLdw6cEcK:btN6N2jELdw6

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

mr8

Decoy

art-burger34.com

childcareos.com

bernardo.gallery

sadocdecoracionsl.com

xn--jh1as32a9kco1c.com

foodidelivery.com

chicagolandhomeswitharacely.com

eastbayprep.com

fohcoflooring.com

bororedsfootballacademy.com

xrip.ltd

free-boyband-tickets.win

hongxinmuju.com

kkkk030.com

camilaigor.com

graveber.com

botuoi88.com

aerostarmc.com

vapewerx.com

e-daftar.com

Targets

    • Target

      eb3a413a0c429934a855be955e984dc0N.exe

    • Size

      1024KB

    • MD5

      eb3a413a0c429934a855be955e984dc0

    • SHA1

      f3e72d00c9cdfeb200eeb1216fa05000e809a462

    • SHA256

      da5e0937154966ad0f773e1c91e0116099c51fe15a745a7f2ed3857cd1aa9101

    • SHA512

      80b4e899656e8dbc961034a5f01cc0a78e01534b699b6768a81132b53302514ad07e41e76d1faf43cfc5086e685f1cc5e60fa6f59a7ae4e46415db31f32ba14c

    • SSDEEP

      24576:bVexEpFDcLc1N6/1hZ+1YhXODdwq4JEWCbtyLdw6cEcK:btN6N2jELdw6

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks