formbook | 9b3cb5bbb63e700359d2382658ce9b90cc93ea4024ee59bab888b406a7f59040

General

Target

JaffaCakes118_9b3cb5bbb63e700359d2382658ce9b90cc93ea4024ee59bab888b406a7f59040
Size

188KB
Sample

241221-3wsmzavmbl
MD5

f6abdce792c51319441f73423f52616d
SHA1

1620cc6536fb615f366f0fca43f8ff2f8aca72b1
SHA256

9b3cb5bbb63e700359d2382658ce9b90cc93ea4024ee59bab888b406a7f59040
SHA512

2c06e6d28e9d47e87089735e433f5a91b851b0807b95f70782320f87122d89da1ca7d5c0c3b1adef71c46118b7f561304cc87392a1c3621bcf5f8a70827df0c3
SSDEEP

3072:mD1tEiYlJIPv3k6SGr32mJK0cRiz1DFxZVaBVOpLgl8WI:09vkxqJK0cRcDFVuYLgl8

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mi08

Decoy

mytimebabes.com

ycpxb.com

abdkaplani.com

cloudingersoftech.com

fthfire.xyz

christyna.work

3d-add-on.com

knowyourtechdeals.com

kcl24.com

sepatubiker.com

sunnyboy.live

zrbsq.com

rinpari.com

lesac-berra.com

yes820.com

cnnorman.com

mystichousedv.com

sbobet888auto.com

gawiul.xyz

luispenas.com

Targets

- Target
  
  JaffaCakes118_9b3cb5bbb63e700359d2382658ce9b90cc93ea4024ee59bab888b406a7f59040
- Size
  
  188KB
- MD5
  
  f6abdce792c51319441f73423f52616d
- SHA1
  
  1620cc6536fb615f366f0fca43f8ff2f8aca72b1
- SHA256
  
  9b3cb5bbb63e700359d2382658ce9b90cc93ea4024ee59bab888b406a7f59040
- SHA512
  
  2c06e6d28e9d47e87089735e433f5a91b851b0807b95f70782320f87122d89da1ca7d5c0c3b1adef71c46118b7f561304cc87392a1c3621bcf5f8a70827df0c3
- SSDEEP
  
  3072:mD1tEiYlJIPv3k6SGr32mJK0cRiz1DFxZVaBVOpLgl8WI:09vkxqJK0cRcDFVuYLgl8
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2