ThreatFox IOC Database

You are viewing the ThreatFox database entry for url http://www.breakaway.uk/gv6d/.

Database Entry


IOC ID:222003
IOC: http://www.breakaway.uk/gv6d/
IOC Type :url
Threat Type :botnet_cc
Malware: Formbook
Malware alias:win.xloader
Confidence Level : Confidence level is high (100%)
First seen:2021-09-15 04:18:21 UTC
Last seen:never
UUID:f61c8caf-15db-11ec-830d-42010aa4000a
Reporter @AndreGironda
Reward 5 credits from ThreatFox
Tags:Formbook
Reference: https://tria.ge/210915-c3bpxsgfa5

Twitter
@AndreGironda
MITRE T1566.001
Date: 14 Sep 2021 23:30-12:00 +0000
Received: from mail0.jaesconpany.com (137.184.104.183)
From: purchase@jaesconpany.com
Subject: Quotation request
Message-ID: <20210914233735.87BF3F3837457584@jaesconpany.com>
Attachment Name: RFQ356284678,pdf.iso
Attachment SHA256: fd0d5cfec2a1908e2e3d7466984399bb8a40d91f3dde90ab77e90fb29c52e466
Zipped Executable Name: RFQ356284678,pdf.exe
Executable SHA256: 5df88b107258b6f9b91512ca18b098fec01005b71eed470932f006103d5bb346
Unpacked SHA256: f49aad906bc5126280b2e51877be5cda784f4f23c38e3fb774bf8b2152576a13