Overview

overview

10

Static

static

3

PO112233412.exe

windows7-x64

10

PO112233412.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_2964b725bf668d3b3d2be36129a7ca7a0ccac045bec7d5caedcc23ce0757c204

  • Size

    500KB

  • Sample

    241229-k2a11axqhz

  • MD5

    6940aac52a585088e244dbdfb73582fb

  • SHA1

    a6c7ced6d41ccb119eadd98376b9fec9ea1ffd9d

  • SHA256

    2964b725bf668d3b3d2be36129a7ca7a0ccac045bec7d5caedcc23ce0757c204

  • SHA512

    0d165fa26f9b97d6895799cb7ea3b36867f3c92e74e1f13013433e651a4dbecccc9d508353e7889c09acfd28b9382831f2315db6dc01ae6d0764e0cc103fb9eb

  • SSDEEP

    12288:TVZqEeiw5UwAMhjs2tKk6Ngj2DbuRRRvH6q8FFuYkvt8LW6f1v8:JZ5HA7h/Lx26LvHYCCXfF8

Score
10/10
formbookdiscoveryratspywarestealertrojan

Malware Config

Targets

    • Target

      PO112233412.exe

    • Size

      751KB

    • MD5

      815a25002b66d17e307df75375b417b0

    • SHA1

      8804e3818bd5a3653290e6cb9210968acfdfe5b8

    • SHA256

      8aade6fb268d4593e9ebafc70c4d316b28278fb365a31b20be871741bc458aa1

    • SHA512

      a63a1a437e6af3e33b3c0e179969e555a0428b6adf379f35316c98a5455397ba76a0d6c529c79df3689f2f5d7d49d18af8c702d7a190ed866fdac1fbed4b38f0

    • SSDEEP

      12288:AxOcXL6oM5j7DUVNNCDdq1fA2zTGyQnch3p9qUy+VFcQRoqnNPg9DogsHxL45sCs:0L6ZvRBqZR6cn

    Score
    10/10
    formbookdiscoveryratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook family

      formbook

    • Formbook payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks