Overview

overview

10

Static

static

5

PAGO BANOR...df.exe

windows7-x64

10

PAGO BANOR...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03102024_0301_02102024_PAGO BANORTE 102024pdf.zip

  • Size

    648KB

  • Sample

    241003-dh1c8a1eqj

  • MD5

    23ee4c60af824e0dcc882bffb922e2e8

  • SHA1

    944c4342c48745a627567abcf99247176cef4d11

  • SHA256

    800af8a4b00cdafeda56a33c1b6ef9fa947808c3123fb6bfea77d85d7521f599

  • SHA512

    aa2b751c5c88903d284ca54ec466d88ef1d5bffb988f6bcace9c162465f5700addeb68445b76353e0531738af873ff231ae242e5b13ae140de1fe93ff10be349

  • SSDEEP

    12288:N/psOHDqTBTRur2TRhc8mQytTJ4z5vzjcFdaaeMfI1aZqwV7bRQH:NRseQBTRBw8mQyNJC9oaadI1IbBmH

Score
10/10
formbooke23ydiscoveryratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

e23y

Decoy

stiloeconforto.shop

79nn470gl.autos

ffg.autos

elix-saaac.buzz

tlasbet88win.sbs

inoliga.app

777.fun

avada-ga-3.press

avandakitchen.online

61ep864tr.autos

igitalonlineseva.online

ar-deals-15908.bond

sqqpkv.pro

368i8rnoy.xyz

lxspinsenin.lol

9y204r7eo.sbs

toptalkingaboutit.net

eeplab.xyz

filmyhit.vip

athroom-remodeling-59089.bond

Targets

    • Target

      PAGO BANORTE 102024pdf.exe

    • Size

      1.0MB

    • MD5

      4ec59c489b7d163befca6d22dfeff7a7

    • SHA1

      df623ce4e0feb7627e48f6dba3a9698d15fbc7b9

    • SHA256

      df570404d94edaa7ff2945eb4cba6034a77509036cc61fae5ba532b848212453

    • SHA512

      c496d08a91579f4918f23a70b3528aa46198d8758e2dc42e97f65ce6be962192d114b64791efdd882f5ccfe9b6714ae279bedd7aa3d28d4eff890d023d1e62ca

    • SSDEEP

      24576:AAHnh+eWsN3skA4RV1Hom2KXMmHa3MyapIT49CJ5:3h+ZkldoPK8Ya3MdpIP

    Score
    10/10
    formbooke23ydiscoveryratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.