General

  • Target

    JaffaCakes118_dce84f4744610752c2449333f89d780bbf02c8ce7324a5eacee9c098d8b88d0d

  • Size

    291KB

  • Sample

    241230-12mb2a1lgn

  • MD5

    a4b1d6e6ed0a993e7d0a6bfc143b74f0

  • SHA1

    d1a117b64d739afdf2341c108a16ab255c408694

  • SHA256

    dce84f4744610752c2449333f89d780bbf02c8ce7324a5eacee9c098d8b88d0d

  • SHA512

    4ee05155d02c26dad05111c027b398aa86a803c7b25aeecf231b034937b88a21a10f8b4781d768f79dea08062e4d9e2c1726d6a487268b59e617635977858251

  • SSDEEP

    6144:0/Q/Kgo4CK7lFjfGVxqi9WeA7MmHuvWw0Uc:0/MlF7lFjf6xZ/ABuvWw0N

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

w32e

Decoy

clubedamente.com

camcooksvegan.com

noesists.com

rajofy.xyz

hoiku-ict-01.com

15mmfilms.com

8dejunio.com

government-grants.xyz

maruflegalfirm.com

jsovip.com

gott7.biz

pearlmgt.com

taiwanryugaku.net

0088cq.xyz

sflministries.com

globaltarnz.com

mavungeni.com

lordantonio.com

beiqingcan.com

dvftfx1.cfd

Targets

    • Target

      eb6a3606545277e3af8270d85b4940be7a710dcaf11c7351755675d81ce82d02

    • Size

      303KB

    • MD5

      c961fcde5d17604cc66454d49df2cce4

    • SHA1

      2a36990e22318e6794597a47e8843fd65dd56ce1

    • SHA256

      eb6a3606545277e3af8270d85b4940be7a710dcaf11c7351755675d81ce82d02

    • SHA512

      0e9db8b031a10780e21707c3d06853e9eea3b2d96648a8f4d9711a5fe4ab090d11588cd3459d35eaf53b8ed670518a307358a46ac579b7f370fb6464bc756d75

    • SSDEEP

      6144:rGiko9Al1iqDsAkONYosCxEi9W8A7MmHuvVw0UY:rSl1idGJx/zABuvVw09

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook family

    • Formbook payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      oedei.exe

    • Size

      117KB

    • MD5

      2efd32c76b350a2f0ef015379b4e6079

    • SHA1

      fe94d4f744e9f38a19350dc7f49443d0b9c744a7

    • SHA256

      a498f803fd0cccb67d13228e97ca0d2dcb7cc149b080604efd3dd4f43fb4488c

    • SHA512

      9f98a8b54e19bd1ce4819e71bd6e944bc5a476bb2488d1f035de1fdfa59f22fc7c9ee8b5df6715eb5ace9013c4441e573e7a7cbd710e7b4c7d220cf5a3f5273d

    • SSDEEP

      1536:l5MMCnkgeOdoWzkEXu/1X9fkYL1DMlSj0MpB7J/tcnUchRDS8/37TcrnB16sWjcc:XMMuBeMR2/NdRJ10QRtcJ6B1lAb

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks