General
-
Target
Ordine di acquisto 200421.doc
-
Size
635KB
-
Sample
210421-27fxnjtjp2
-
MD5
2d7a434b986c29f53e6b78b2c13c6589
-
SHA1
34d24e17b76c7092ea363c408870f6d075d5b70b
-
SHA256
c45b33aef7f1099da1d1bf669f1082b3cf4d3bbe9e79a98a254b861d264fb143
-
SHA512
ddc46d7a4d0376b32e30d9601ee91b9bf9a45bb8021d47015dafa4d4254a7d6565bfa505511510eca7d31c08740d24066ae5d6c6d66df0e23d5de1172f81a346
Static task
static1
Behavioral task
behavioral1
Sample
Ordine di acquisto 200421.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Ordine di acquisto 200421.doc
Resource
win10v20210408
Malware Config
Extracted
formbook
4.1
http://www.shoprodeovegas.com/xcl/
sewingtherose.com
thesmartshareholder.com
afasyah.com
marolamusic.com
lookupgeorgina.com
plataforyou.com
dijcan.com
pawtyparcels.com
interprediction.com
fairerfinancehackathon.net
thehmnshop.com
jocelynlopez.com
launcheffecthouston.com
joyeveryminute.com
spyforu.com
ronerasanjuan.com
gadgetsdesi.com
nmrconsultants.com
travellpod.com
ballparksportscards.com
milehighcitygames.com
sophieberiault.com
2020uselectionresult.com
instantpeindia.com
topgradetutors.net
esveb.com
rftjrsrv.net
raphacall.com
wangrenkai.com
programme-zeste.com
idtiam.com
cruzealmeidaarquitetura.com
hidbatteries.com
print12580.com
realmartagent.com
tpsmg.com
mamapacho.com
rednetmarketing.com
syuan.xyz
floryi.com
photograph-gallery.com
devarajantraders.com
amarak-uniform.com
20190606.com
retailhutbd.net
craftbrewllc.com
myfreezic.com
crystalwiththecrystalz.com
ghallagherstudent.com
britishretailawards.com
thegoldenwork.com
dineztheunique.com
singlelookin.com
siyuanshe.com
apgfinancing.com
slicktechgadgets.com
wellemade.com
samytango.com
centaurme.com
shuairui.net
styleket.com
wpcfences.com
opolclothing.com
localiser.site
Targets
-
-
Target
Ordine di acquisto 200421.doc
-
Size
635KB
-
MD5
2d7a434b986c29f53e6b78b2c13c6589
-
SHA1
34d24e17b76c7092ea363c408870f6d075d5b70b
-
SHA256
c45b33aef7f1099da1d1bf669f1082b3cf4d3bbe9e79a98a254b861d264fb143
-
SHA512
ddc46d7a4d0376b32e30d9601ee91b9bf9a45bb8021d47015dafa4d4254a7d6565bfa505511510eca7d31c08740d24066ae5d6c6d66df0e23d5de1172f81a346
-
Formbook Payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-