formbook | 35a8f3b132a46e950ecc58d26cf3fe539fb9ed67b51d4951266a966e8c4ae852

General

Target

fb7a792849608760862f5827a2e0e46c_JaffaCakes118
Size

165KB
Sample

240928-esn9dayfpb
MD5

fb7a792849608760862f5827a2e0e46c
SHA1

6188d827ef6bf99542ef945332d17cf967848a55
SHA256

35a8f3b132a46e950ecc58d26cf3fe539fb9ed67b51d4951266a966e8c4ae852
SHA512

58d53498edb2c35792ce0a38d6f4b16bfff371a36a3531df6bf6ab7abfc972d15912eabdabf7989b923c3c44c33d27f587cb0df5a91d48fa831d68706b7e8c20
SSDEEP

3072:LIRBqaHNjfQcus8mSojUzVRSfh9la5yK+o6B1EkimqgBVvnuNzNCyJr3m:LWZHuxmSo8zSfh9g41o6BXieRCUyW

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.6

Campaign

ch19

Decoy

tqceyp.info

tubbaday.com

cricketdoto.win

frs-za.com

rac01.com

tilitalsi.com

leave-behind.com

mamamackmakes.com

lifullness.com

clarksvillepanthers.com

sexhikayeni.com

tengoldacres.com

helpme123.online

yg082.com

www477234.com

blushwoodberry.co.uk

farm-video.com

769hqi.info

paulnatzke.com

fourpointslending.com

Targets

- Target
  
  fb7a792849608760862f5827a2e0e46c_JaffaCakes118
- Size
  
  165KB
- MD5
  
  fb7a792849608760862f5827a2e0e46c
- SHA1
  
  6188d827ef6bf99542ef945332d17cf967848a55
- SHA256
  
  35a8f3b132a46e950ecc58d26cf3fe539fb9ed67b51d4951266a966e8c4ae852
- SHA512
  
  58d53498edb2c35792ce0a38d6f4b16bfff371a36a3531df6bf6ab7abfc972d15912eabdabf7989b923c3c44c33d27f587cb0df5a91d48fa831d68706b7e8c20
- SSDEEP
  
  3072:LIRBqaHNjfQcus8mSojUzVRSfh9la5yK+o6B1EkimqgBVvnuNzNCyJr3m:LWZHuxmSo8zSfh9g41o6BXieRCUyW
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2