General

  • Target

    Urgent PO #8982.exe

  • Size

    1.1MB

  • Sample

    241118-rtvtrsyjcz

  • MD5

    aaeb8a3bf51484dcb85151996a73909e

  • SHA1

    ad2f12ff6fad53f3797eb2fcc95cad26cf4b2048

  • SHA256

    412b1b95c19cec39bff18aad7a381270169adc21e86b456cdf4896e8373b1bbc

  • SHA512

    9ac235635b2f990c5f18d0fe21c26ec66f2d794721abbda295aaac759c56a177c7fa00274cac0d45d3d0026ca6c16d3d0a15024bc5866d5b6817d3acf2fc0488

  • SSDEEP

    24576:ntb20pkaCqT5TBWgNQ7aIOnIVpvCPtsY8+N6A:kVg5tQ7aIOnj2Y8+5

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ge07

Decoy

amyard.shop

eloshost.xyz

g18q11a.top

orensic-vendor-735524320.click

ithin-ksvodn.xyz

xhyx.top

elonix-traceglow.pro

cillascrewedsedroth.cfd

wner-nyquh.xyz

reyhazeusa.shop

esmellretaperetotal.cfd

hqm-during.xyz

pipagtxcorrelo.xyz

lray-civil.xyz

apybarameme.xyz

rbuds.shop

hild-fcudh.xyz

rkgexg.top

estwestcottwines.shop

giyztm.xyz

Targets

    • Target

      Urgent PO #8982.exe

    • Size

      1.1MB

    • MD5

      aaeb8a3bf51484dcb85151996a73909e

    • SHA1

      ad2f12ff6fad53f3797eb2fcc95cad26cf4b2048

    • SHA256

      412b1b95c19cec39bff18aad7a381270169adc21e86b456cdf4896e8373b1bbc

    • SHA512

      9ac235635b2f990c5f18d0fe21c26ec66f2d794721abbda295aaac759c56a177c7fa00274cac0d45d3d0026ca6c16d3d0a15024bc5866d5b6817d3acf2fc0488

    • SSDEEP

      24576:ntb20pkaCqT5TBWgNQ7aIOnIVpvCPtsY8+N6A:kVg5tQ7aIOnj2Y8+5

MITRE ATT&CK Enterprise v15

Tasks