General

  • Target

    6b63d12cd8c631508f940d4be057480a74b5361c2cf0d82e501df1ca1b0e13a6.zip

  • Size

    657KB

  • Sample

    240911-b8xznsxfle

  • MD5

    30c91277c427cdda8242fb9056b8dbb1

  • SHA1

    ecaa5746ada41aac9b452edaad0dcdb1628f6c09

  • SHA256

    6b63d12cd8c631508f940d4be057480a74b5361c2cf0d82e501df1ca1b0e13a6

  • SHA512

    9974f8adf9441023ed7f7dfec7566b2b7b8e6f572ed9df75b7e0db5f0e475e65852591b658de8183088644c8631fbecacd186b448c5601f1515356a2211ed987

  • SSDEEP

    12288:sj4DAcvIep5DJU1fn2Tqu3kkYFuHW1VrmRATVrrzwJstj47YIfpLY34D:sU8HSDqn63kkxWTmRcrQ/s38

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

bi05

Decoy

ollow-the-bit.online

aopho.autos

14ra567dp.autos

48651301.top

ussian-dating-54714.bond

sychology-degree-80838.bond

lytracker.xyz

strology-forest.sbs

swjbcl3.top

ridgenexttechnologies.partners

lroy.sbs

kyscreen.vip

anhit.live

uckyheart.xyz

orddserials.online

hetune.shop

nherited-traits-ant.bond

stanaslot-1.xyz

sychologist-therapy-36914.bond

iandramonami.net

Targets

    • Target

      SOA.exe

    • Size

      1.1MB

    • MD5

      997638b13b3e24a155d45cb73bee1624

    • SHA1

      9e97cfec83e40a8f847c953aff08309c06cccf6a

    • SHA256

      4fe0627df409d563c49daaace6f559559c940ccf1d19e73dc3480a33f86ed9a3

    • SHA512

      11c37787e1c340d0674103b9b8c3e64b9a324a14f1f20cf045e03c766f9220065b81cf99793ab45c0a40c7fea019f0e57263fc70160fb3291d5544db03c54970

    • SSDEEP

      24576:7AHnh+eWsN3skA4RV1Hom2KXMmHaisMQtytsGy5:Wh+ZkldoPK8YaisMQt9H

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.