General

  • Target

    Wrong Bank Details.exe

  • Size

    521KB

  • Sample

    240906-h6dlkstdph

  • MD5

    717451feb14c98b89bf070951f904329

  • SHA1

    c3d8ebb50c519a06195706aaa7e6370f30582088

  • SHA256

    a95b0c1b827bdd6ee8bd88cf53606903570c96bca33fe9215ab64b09d1641533

  • SHA512

    5b250fbcae3a7092a1d2920a90afdbb910f86052e6bd1736905cc1ed4a34236535d6d83b597babcad01e99b14069c5fae66f467cd7cf5b663534c536fd7ccf52

  • SSDEEP

    12288:t7JYXh0JJro3lFqXjumztJRavD7R5GAYG2ucIw:Rih0JJrovcTGaGV

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

na10

Decoy

tetheus.com

ventlikeyoumeanit.com

tintbliss.com

rinabet357.com

sapphireboutiqueusa.com

abc8bet6.com

xzcn3i7jb13cqei.buzz

pinktravelsnagpur.com

bt365038.com

rtpbossujang303.shop

osthirmaker.com

thelonelyteacup.com

rlc2019.com

couverture-charpente.com

productivagc.com

defendercarcare.com

abcentixdigital.com

petco.ltd

oypivh.top

micro.guru

Targets

    • Target

      Wrong Bank Details.exe

    • Size

      521KB

    • MD5

      717451feb14c98b89bf070951f904329

    • SHA1

      c3d8ebb50c519a06195706aaa7e6370f30582088

    • SHA256

      a95b0c1b827bdd6ee8bd88cf53606903570c96bca33fe9215ab64b09d1641533

    • SHA512

      5b250fbcae3a7092a1d2920a90afdbb910f86052e6bd1736905cc1ed4a34236535d6d83b597babcad01e99b14069c5fae66f467cd7cf5b663534c536fd7ccf52

    • SSDEEP

      12288:t7JYXh0JJro3lFqXjumztJRavD7R5GAYG2ucIw:Rih0JJrovcTGaGV

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.