General
-
Target
ab830be5e48f1db0f4ebf3a106473a32.exe
-
Size
685KB
-
Sample
210115-5zeldn2lsj
-
MD5
ab830be5e48f1db0f4ebf3a106473a32
-
SHA1
3a376a9ad849b778b4ef2235616068f221b2e61e
-
SHA256
814c8a7ae9ec48b7a455cdf15b8c520fc9d7695e24f31afd5ff72cbc25e08704
-
SHA512
45f5423da5942a549eabfa948c01adadcc2b8cd2d1971936b23d5d230af26986b7fb6e833d68f54ea967f902fec4eacb7a7e6efa37961910c62333ca6ffa17c6
Malware Config
Extracted
formbook
http://www.waverunner-fan.com/pp2/
meredithridenhour.com
foundationsseniormanagement.com
sallyta.com
msmonlinellc.com
entreprisesfr.com
neadclunlounge.com
lexuscarbonfiber.com
electroglas-probers.com
investedgefinancialinc.com
blm.healthcare
workoutmagazinemx.com
edmondsagent.com
rodrigzart.com
standardstripcurtains.com
carrier.email
hifan.info
fhcqtravel.com
legacycream.com
topfurnity.com
solids-development.net
Targets
-
-
Target
ab830be5e48f1db0f4ebf3a106473a32.exe
-
Size
685KB
-
MD5
ab830be5e48f1db0f4ebf3a106473a32
-
SHA1
3a376a9ad849b778b4ef2235616068f221b2e61e
-
SHA256
814c8a7ae9ec48b7a455cdf15b8c520fc9d7695e24f31afd5ff72cbc25e08704
-
SHA512
45f5423da5942a549eabfa948c01adadcc2b8cd2d1971936b23d5d230af26986b7fb6e833d68f54ea967f902fec4eacb7a7e6efa37961910c62333ca6ffa17c6
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook Payload
-
Suspicious use of SetThreadContext
-