General
-
Target
Invoice pdf.7z
-
Size
566KB
-
Sample
210420-2qdd3h3zej
-
MD5
eb8bef3bcdb0a68f7b8e5ed7d496b4a6
-
SHA1
1dc1a5acebc8e846ee100ca14817e4a6a18380a3
-
SHA256
39c3cb2bce96c98cde9bec9fff034acca99b592f0a4ebec39a6017f3554a56fa
-
SHA512
ca26c11efdf8623d3f36ef334551a854a30fa7da5940c96d3605e7224aa76719af9d71c93b3b10c0744919a95b25610f16cbf749401dcfba7027c25bae9ee6c5
Static task
static1
Behavioral task
behavioral1
Sample
Invoice pdf.exe
Resource
win7v20210410
Malware Config
Extracted
formbook
4.1
http://w����5 �@q[*��S=���m
Targets
-
-
Target
Invoice pdf.exe
-
Size
661KB
-
MD5
95ad0de0d121d51993dc0e546f82772c
-
SHA1
e2830744f6497321e7b4c2a49d8270ea91b923c8
-
SHA256
494b892495fb6f002fd36477446bfc59f686fe73710d55dc782de8512452e535
-
SHA512
07b83558bd2269cdafd56ca91ddbe396b1d76cc5466fe13f2fff102ce49afedcb446b734922cd4dd6f8f9d2ac80bdcd8f9287ac11415c3c1d3f6dceaef8fe5ae
-
Formbook Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-