General
-
Target
Shipping Docs.exe
-
Size
944KB
-
Sample
210421-byymw5kea2
-
MD5
1c7c7a3b0cfb41627125bb609863675a
-
SHA1
83a9b9eec6dcc897b1406b7ca166e40c33f58d3d
-
SHA256
3f37e123258dcf5b2a18a1ba8299f21ddb6fa585db1dac3a957022d7c763a184
-
SHA512
d2b455fb31994cf79fe7d198917382822d772f95b00c913683ff539c351b36ae85c2545b163e934cca8282435650446d24e3614bc283486b9dfd49d7e636ec5b
Static task
static1
Behavioral task
behavioral1
Sample
Shipping Docs.exe
Resource
win7v20210410
Malware Config
Extracted
formbook
4.1
http://w����5 �@q[*��S=���m
Targets
-
-
Target
Shipping Docs.exe
-
Size
944KB
-
MD5
1c7c7a3b0cfb41627125bb609863675a
-
SHA1
83a9b9eec6dcc897b1406b7ca166e40c33f58d3d
-
SHA256
3f37e123258dcf5b2a18a1ba8299f21ddb6fa585db1dac3a957022d7c763a184
-
SHA512
d2b455fb31994cf79fe7d198917382822d772f95b00c913683ff539c351b36ae85c2545b163e934cca8282435650446d24e3614bc283486b9dfd49d7e636ec5b
-
Formbook Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-