Overview

overview

10

Static

static

5

Shipping N...df.exe

windows7-x64

10

Shipping N...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36183838178a2eeab47bde1097a7c4274b142212051c55f92e4c6adcd0589334

  • Size

    720KB

  • Sample

    240830-c9k7yatbrh

  • MD5

    304143ad38cf64f769c2f1cfa66b12a8

  • SHA1

    8e763f85b7b77f577cd4db207509c44f5a0b0e5a

  • SHA256

    36183838178a2eeab47bde1097a7c4274b142212051c55f92e4c6adcd0589334

  • SHA512

    ad2af3b5672606c5eb8b41283d0e051248b29b31d6869b9f3db363cfb97f0501af9250809e13cc274d3fcf88a0852a903afb3a4b29676843d48fdb58c0441150

  • SSDEEP

    12288:BXaHf/EP1shbaGA9hRXI+QHuCFpv5/PsydSp3SJYLYrXF6N4r0r:BXaH0P1Y9A9haYcsydSRSJY4XUyr0r

Score
10/10
formbookph01discoveryratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ph01

Decoy

23888.sbs

zvcj.sbs

raitpourtrait.net

ibraryfarmclub.online

omputercourses123.live

j88.doctor

atsue-color.click

epitalrentgrup.online

rvvpn.lol

i-signals.tech

cr-phoenix.best

frican-safari.online

c-games.zone

oardetest.online

f4md.shop

uke-saaac.buzz

arze.dev

nvestment-services-49610.bond

izatrip.sbs

ameron-paaaa.buzz

Targets

    • Target

      Shipping Notice_pdf.exe

    • Size

      1.1MB

    • MD5

      397680610e1594890cecbb39b80975f7

    • SHA1

      8c3c1947056f25e064ff53da967888b2f4775123

    • SHA256

      fd41013cab1a59a03989694f44428c54f7531e526448c3cd9eea90d7d53847d5

    • SHA512

      e6a2e8650f144af8fcf6f92525140aca324a7b706a006e02488f675ee5a25678ff1721e35bf8902d3d897e99df123c19bc53240932fdf812ec1948b90a88346e

    • SSDEEP

      24576:TqDEvCTbMWu7rQYlBQcBiT6rprG8a4uy7SXcJO6XEeLc:TTvC/MTQYxsWR7a4tRJDT

    Score
    10/10
    formbookph01discoveryratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks