General

  • Target

    SHIPPINGDOCINVOICENO.HCAB2324.exe

  • Size

    1.0MB

  • Sample

    241028-qdb62szdpb

  • MD5

    d1c637d049eb33c643b42d3b2c31c95f

  • SHA1

    ffb84ed4e639b6654af0b0aeb9b488b6d7d6d83e

  • SHA256

    534e660f9cdcc1e76d0674657dd6b09cc2f5856e34f71369e06ccb2d58120fec

  • SHA512

    cf85b73c20e84a5d02a3ea6ac098413d500f8cd1d231a9ce91bf79507d9a615f59dc0a2aa7e40e0e2e6af7c489e07ecb96c39d88c27d5dfbea1e786d28a3f9c2

  • SSDEEP

    24576:ffmMv6Ckr7Mny5QLQm4lWq4F33OpK4Zmu:f3v+7/5QLQpWd3YK4z

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ge07

Decoy

amyard.shop

eloshost.xyz

g18q11a.top

orensic-vendor-735524320.click

ithin-ksvodn.xyz

xhyx.top

elonix-traceglow.pro

cillascrewedsedroth.cfd

wner-nyquh.xyz

reyhazeusa.shop

esmellretaperetotal.cfd

hqm-during.xyz

pipagtxcorrelo.xyz

lray-civil.xyz

apybarameme.xyz

rbuds.shop

hild-fcudh.xyz

rkgexg.top

estwestcottwines.shop

giyztm.xyz

Targets

    • Target

      SHIPPINGDOCINVOICENO.HCAB2324.exe

    • Size

      1.0MB

    • MD5

      d1c637d049eb33c643b42d3b2c31c95f

    • SHA1

      ffb84ed4e639b6654af0b0aeb9b488b6d7d6d83e

    • SHA256

      534e660f9cdcc1e76d0674657dd6b09cc2f5856e34f71369e06ccb2d58120fec

    • SHA512

      cf85b73c20e84a5d02a3ea6ac098413d500f8cd1d231a9ce91bf79507d9a615f59dc0a2aa7e40e0e2e6af7c489e07ecb96c39d88c27d5dfbea1e786d28a3f9c2

    • SSDEEP

      24576:ffmMv6Ckr7Mny5QLQm4lWq4F33OpK4Zmu:f3v+7/5QLQpWd3YK4z

MITRE ATT&CK Enterprise v15

Tasks