Overview

overview

10

Static

static

10

856e6a9ee0...22.exe

windows7-x64

1

856e6a9ee0...22.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8fbdc5495451d5888ba07e8e2ca2103826a138df8492e71551d76477850ffed5

  • Size

    133KB

  • Sample

    241224-st63ga1jhj

  • MD5

    74bda359b67efc41797d75a0524f89dc

  • SHA1

    ee77b8fc655286afba12aab0de3064a8442e96d1

  • SHA256

    8fbdc5495451d5888ba07e8e2ca2103826a138df8492e71551d76477850ffed5

  • SHA512

    958e167c7f6cc950dbaf87d1d1937f8c0ac27a01ad35fc8a06bd51571b58cd01668461c3b09567e8ff74c3d7d371aea471b1dfbd9250195c57ab786044678d1a

  • SSDEEP

    3072:IQuCx7xGNEbHSLzxMfts0rFHCPVaUrLs8yTXSw13R1L7Ma3XWf+V:IdOVSnxM/pCfLs83wv10a8+V

Score
10/10
formbookv82discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

v82

Decoy

fasonplastikenjeksiyon.com

yallamama.com

konsico.net

rahalahrgypt.com

bamboopages.com

rossdailey.com

bqgjgj.space

libertystalehouse.com

ondiscoverybox.net

karinheeling.com

spankmouth.com

yehbro.com

constmotion.com

propertysrv.net

smart-aligner.com

ibuybeerhandles.com

vertelog.com

xn--299ayyg42f.com

lordogtelluride.com

teslaglobalservices.com

Targets

    • Target

      856e6a9ee0159e69b10042867d4ca7619927fe89431965afe999c50f8b21bc22.vir

    • Size

      180KB

    • MD5

      22ee22518653675d799d93db511c0218

    • SHA1

      8f354cd8f69c5103c0fc878392c23c98f91011b3

    • SHA256

      856e6a9ee0159e69b10042867d4ca7619927fe89431965afe999c50f8b21bc22

    • SHA512

      b56a8f90ee1388c767f6ca43aaf866ff61aed72455131829403a06d3beadbbe335dfe3b4f9a966be70a5b2ce3a718b631809271c8743d4cda2099d0598080e7e

    • SSDEEP

      3072:lURJbI1OB3TADZbv0OhH42k4vl6KXIP00f6gB1hE1jnlNCjhwan:buwZThH42kS6KXQAlzs

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks