formbook | ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991

General

Target

JaffaCakes118_ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991
Size

135KB
Sample

241224-xet7kstpdx
MD5

29217034fc648193f9de535e94fa3646
SHA1

ff02fc64d224dc0fc00c0379bc53357a48df662a
SHA256

ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991
SHA512

2848b24dbe48806350ddad7e98e854c16f914786fc48a066224767012e18974686a4981b4e101ec716b86522ac496a95abed1e438999dcce763e0e3f38dbd6d3
SSDEEP

3072:0C4dZgSGAmhhcQzrUVnCuHj/jNFuYAv/DCLWaxJ:0VdySNmhOQzr8nCk61+LWaxJ

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fdk

Decoy

winestock.net

volshebstvo-dar.site

ourwikipedia.com

grabzap.net

creditcardcow.com

cristinaandmore.com

coastaledgehomebuyer.com

2791235319.xyz

gnobag.com

mesdecals.com

mercadosdehuelva.com

tattoodolla.com

studioxx20.com

getseattlejustice.com

julianajames.com

oshyia.com

wegefinden.net

usahotelink.com

haqad.com

kelvin393norman.com

Targets

- Target
  
  1e1c0437239fb9e7f6f962a69a4b1652c11f3ca0f0e76d33ad42d20bf99f44c2
- Size
  
  181KB
- MD5
  
  4872d8ae03f4c84a7a83374f7d50f485
- SHA1
  
  bb703ae2e022595f1606e229685565a71820ba8f
- SHA256
  
  1e1c0437239fb9e7f6f962a69a4b1652c11f3ca0f0e76d33ad42d20bf99f44c2
- SHA512
  
  d3803188b237e576caf2bece56b3cde1fa07294bd587b27b8cdad1ae7ef8f62f706dd4deb483c50a2ca04741cd7d7a7dc4c2d8f3aef5c594153d3fdb28198b0b
- SSDEEP
  
  3072:9Y2K7pwBIAoW4Fl/wqOB1851e3l96opO2NYAv/DDztxh:9YmIrFZ1Q6mf6opl1Dt
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2