General

  • Target

    PAYMENTADVICE_.exe

  • Size

    846KB

  • Sample

    241210-kc4a9awjhj

  • MD5

    4fe1630eecdab236326ed9a3026023b5

  • SHA1

    4dfbd5c9a98c07674cf5bc0f6a68ebcb96dad2c0

  • SHA256

    451cf8576e700b35cde2167d8bf0a714b1a2c670d70ae889fae13f3ed3cf269c

  • SHA512

    b74e6440a572d0309ab7f8823f16c3414e5e408793bda1b1e4a9fcdd25e1032146f8dcd74e6b44a21b60d2885738443e7531da9cb7f88cf800aa6368c61d89c5

  • SSDEEP

    12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLogY90ZbM0wDFw9gvf8SADVM:ffmMv6Ckr7Mny5QLRY9ihaFggn8SAW

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ge07

Decoy

amyard.shop

eloshost.xyz

g18q11a.top

orensic-vendor-735524320.click

ithin-ksvodn.xyz

xhyx.top

elonix-traceglow.pro

cillascrewedsedroth.cfd

wner-nyquh.xyz

reyhazeusa.shop

esmellretaperetotal.cfd

hqm-during.xyz

pipagtxcorrelo.xyz

lray-civil.xyz

apybarameme.xyz

rbuds.shop

hild-fcudh.xyz

rkgexg.top

estwestcottwines.shop

giyztm.xyz

Targets

    • Target

      PAYMENTADVICE_.exe

    • Size

      846KB

    • MD5

      4fe1630eecdab236326ed9a3026023b5

    • SHA1

      4dfbd5c9a98c07674cf5bc0f6a68ebcb96dad2c0

    • SHA256

      451cf8576e700b35cde2167d8bf0a714b1a2c670d70ae889fae13f3ed3cf269c

    • SHA512

      b74e6440a572d0309ab7f8823f16c3414e5e408793bda1b1e4a9fcdd25e1032146f8dcd74e6b44a21b60d2885738443e7531da9cb7f88cf800aa6368c61d89c5

    • SSDEEP

      12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLogY90ZbM0wDFw9gvf8SADVM:ffmMv6Ckr7Mny5QLRY9ihaFggn8SAW

MITRE ATT&CK Enterprise v15

Tasks