General

  • Target

    PURCHASE ORDER_xl.exe

  • Size

    1.3MB

  • Sample

    241030-q4nmrstkas

  • MD5

    dc43665b900f0f30bee8aca7505a4c08

  • SHA1

    3e45224d1f0e65c09f741a83591633011b3c0ee0

  • SHA256

    a6f25510b6ad94bc18be6ea38eca643236fc194050516df66cafc93859079f63

  • SHA512

    76045c4d51dfe7d8755eec14e96dbabf97575e4bcff57747b82abb9a740662c1bfb35a59a96a9e55483d89c61f537c6590b6f23c03de5ff162812ff8a6e19115

  • SSDEEP

    24576:cqDEvCTbMWu7rQYlBQcBiT6rprG8awE4lEyDH3gVyeqaGXtVVo:cTvC/MTQYxsWR7awoyDH3gselGXt/

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ge07

Decoy

amyard.shop

eloshost.xyz

g18q11a.top

orensic-vendor-735524320.click

ithin-ksvodn.xyz

xhyx.top

elonix-traceglow.pro

cillascrewedsedroth.cfd

wner-nyquh.xyz

reyhazeusa.shop

esmellretaperetotal.cfd

hqm-during.xyz

pipagtxcorrelo.xyz

lray-civil.xyz

apybarameme.xyz

rbuds.shop

hild-fcudh.xyz

rkgexg.top

estwestcottwines.shop

giyztm.xyz

Targets

    • Target

      PURCHASE ORDER_xl.exe

    • Size

      1.3MB

    • MD5

      dc43665b900f0f30bee8aca7505a4c08

    • SHA1

      3e45224d1f0e65c09f741a83591633011b3c0ee0

    • SHA256

      a6f25510b6ad94bc18be6ea38eca643236fc194050516df66cafc93859079f63

    • SHA512

      76045c4d51dfe7d8755eec14e96dbabf97575e4bcff57747b82abb9a740662c1bfb35a59a96a9e55483d89c61f537c6590b6f23c03de5ff162812ff8a6e19115

    • SSDEEP

      24576:cqDEvCTbMWu7rQYlBQcBiT6rprG8awE4lEyDH3gVyeqaGXtVVo:cTvC/MTQYxsWR7awoyDH3gselGXt/

MITRE ATT&CK Enterprise v15

Tasks