Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

Purchase order.exe

windows7-x64

10

Purchase order.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    adbf038071e02cda0a9e66fda683ab1d385a2eeb6af9a79cbeba0f9d69e25856

  • Size

    833KB

  • Sample

    240917-h4fyxs1blf

  • MD5

    49961cb6cf1b8205395d5ce18c543aa1

  • SHA1

    16c7133f4fe39c5427b6a83ae52a86d8e453f0b0

  • SHA256

    adbf038071e02cda0a9e66fda683ab1d385a2eeb6af9a79cbeba0f9d69e25856

  • SHA512

    4999a52f41137cde8e70dc6b20f450740aeda87de09ba275e02fbe8eca07adfb1f9801de6b468fc08998670afd6fbf3671830b86b9a09e99a26eeb00ac6bee2b

  • SSDEEP

    24576:+zFh6Ax5KkdYBlZ0hM1NyUkZdLN350Dkwh6:+Fh6MKkWp0hAtknh86

Score
10/10
formbookc24tdiscoveryratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

c24t

Decoy

ealthbridgeccs.online

ngelicais.art

uktuksu1.sbs

fapoker.asia

hecreature.tech

orenzoplaybest14.xyz

op-smartphones-deal.today

delark.click

7395.asia

otnews.cfd

j16e.xyz

oko.events

fscxb.top

roudtxliberals.vote

asas-br.bond

ourhealthyourlife.shop

fbpd.top

j9u9.xyz

uijiuw.top

aming-chair-37588.bond

Targets

    • Target

      Purchase order.exe

    • Size

      1.1MB

    • MD5

      5edb0f8e0ef6dd1e0d402f644c874e0f

    • SHA1

      46e50727606336dbe5257ba0c9e77006b7b710e0

    • SHA256

      5282b57b495bb6cca55225f7de91b203403b8ce35e41e62703e803f4aa134eb8

    • SHA512

      8129e3a284ed8514ed71367d03e8afd537d6636a78dce7995d2f48f32857a67a87dcdca102a45b33ab56e5e6486c45205d552b51b6907eda801def655288e6a8

    • SSDEEP

      24576:uRmJkcoQricOIQxiZY1iaC6WzN6M6ZdLNX50DEMhc:7JZoQrbTFZY1iaC6sb6TnAc

    Score
    10/10
    formbookc24tdiscoveryratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks