General

  • Target

    35a90dd87d6186efae4c0780cceee1f475bba1f506fdfac46bcc236e2b001f5d

  • Size

    658KB

  • Sample

    241216-sye5jsvlcj

  • MD5

    7115be8d626c390ffb0f5ddd2311c9ef

  • SHA1

    bd6c4c04b1e4bb280e518415b3a64bdf2976e1ce

  • SHA256

    35a90dd87d6186efae4c0780cceee1f475bba1f506fdfac46bcc236e2b001f5d

  • SHA512

    dd70da330a932cda3ce04b50864d4b22910ba7013bccb99da10f2efece03f59e411fd7cdd036ab744f493e1012fe3875bfae8c141bcdebf09176fdc253e569ca

  • SSDEEP

    12288:i5IPD7dTQ9OXF8GsyW+kzDlqIPknD0yHPAyRwYOblfpoUZ2yO0XnBD:ia7dTQMXFdw+kzDlzkTH7mYOppdOC1

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

at22

Decoy

etween-us.online

sphaleia.net

ental-implants-78350.bond

q4a.lat

commerce-97292.bond

linds-curtains-38811.bond

gyptevoyages.net

landofigueroa-abogados.net

cuitis.xyz

hantom.city

yzk.online

afikabmedan.store

ome-remodeling-67289.bond

ebpage-klzdxrhnazi.shop

eject.lol

rismart.xyz

nfluencer-marketing-72407.bond

ksolotl.xyz

ebsbayrntilrmizin93.xyz

pps-75399.bond

Targets

    • Target

      Statement Of Account Nov&Dec 2024.exe

    • Size

      1.0MB

    • MD5

      e1ab7034164aa7f4f83b58f360da7702

    • SHA1

      3a616e38164a6153c45c26a0b1e7da59672ebd99

    • SHA256

      0a094779097941effc2b8a1b78b2d6ea6684e47a1158689d8ed8f9eae0a3f361

    • SHA512

      6b58bdec422ca9c10e1efd60b26f1b0fc613fd51d798cc0a3ea9d8ac249ce1ce8437a01aa6bfef0a5fc90d75419a4d7e26a8b674338cb391bfd6b7cd44e2dc90

    • SSDEEP

      24576:pu6J33O0c+JY5UZ+XC0kGso6Fa2DTHZEGOppbWWY:Lu0c++OCvkGs9Fa2HFoY

MITRE ATT&CK Enterprise v15

Tasks