General

  • Target

    6c9f799ecf5106a1e8d1070dd09a44ef016bd94d3bda810a34cbb5b5def86bff

  • Size

    676KB

  • Sample

    241205-xtm2taxncy

  • MD5

    e496e4915e14c52ba7dfe9f712c464f5

  • SHA1

    1c454b060e45671cbf782b403b7b5f261121949b

  • SHA256

    6c9f799ecf5106a1e8d1070dd09a44ef016bd94d3bda810a34cbb5b5def86bff

  • SHA512

    3cc7499574aa623ffa19f4b6bd90ebdef7e68ac231e5e8b5e6457ee55edc522376a27712e392c2df3e21983a01a0ac4511c5d27e3045a9b4d5a6c3225d681771

  • SSDEEP

    12288:4W6RXxRcHjkaF8pSzw+MNU9Vfx9b5maqzfJ3XEd6Z4D9qG3ytOL:P9DkaFWP+0U9V59bTmCd9qG3Cq

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

at22

Decoy

etween-us.online

sphaleia.net

ental-implants-78350.bond

q4a.lat

commerce-97292.bond

linds-curtains-38811.bond

gyptevoyages.net

landofigueroa-abogados.net

cuitis.xyz

hantom.city

yzk.online

afikabmedan.store

ome-remodeling-67289.bond

ebpage-klzdxrhnazi.shop

eject.lol

rismart.xyz

nfluencer-marketing-72407.bond

ksolotl.xyz

ebsbayrntilrmizin93.xyz

pps-75399.bond

Targets

    • Target

      Orden #TC108365.pdf.exe

    • Size

      1.1MB

    • MD5

      8fe3e4d69f8a455d879aa93adc7bb178

    • SHA1

      3229dc414ce5368eae31411045bf8c6a87ca42da

    • SHA256

      e152043da9783ff881930937645b7775847de130e9a2868e19b05a46b76ce963

    • SHA512

      035fd90771c1e0d8ba7cb3aea80164bb0c736a108419a4a84e5562364df419bde3e70fa8d69514ebae0217485d1ec9ef60e1434142e0a90dd09ffb5a2d6c7012

    • SSDEEP

      24576:qu6J33O0c+JY5UZ+XC0kGso6FaLxmMdXqGGANWY:cu0c++OCvkGs9FaLAMw1Y

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.