General
-
Target
4.exe
-
Size
643KB
-
Sample
210423-gfbfrqlgaa
-
MD5
9c8c50b10343843f860fff79ac4511af
-
SHA1
c6f52f87914312e817655fc0492815b86d053e90
-
SHA256
ba06bef45227ff0ac912a66434014b848348f6be9780e8d86de0ffcc8c5c2c12
-
SHA512
9e6380d41e80a312f2f0e0b588381e57519b50203e436587ab936344787cb54aac7b85c739e048996d729ecc297d6e09ec4a72a7a7e948d554d131ef9647c350
Static task
static1
Behavioral task
behavioral1
Sample
4.exe
Resource
win7v20210410
Malware Config
Extracted
formbook
4.1
http://www.ostecosarcomamd.com/gmn/
phulieutockemnghiaanhtuyet.com
shortbarrelspirits.com
livestreamreport.com
shopthemuze.com
fmtourist.com
competitionlaw.info
saint-elmos.club
foxcar.net
automatedwoodworks.com
abenillc.net
sfccservices.com
vegeteur.com
bitinnovo.com
in-home-theater.com
yakinikugenki.com
zeednee.com
hospiceinpomona.com
techservicesreviews.com
silkandhoney.store
sport-stars.online
thebusinessmanagementclub.com
szhb.kim
bosschicstyle.com
sarahsvirtualofficeteam.com
resceposac.com
coffeecrimewave.com
byonf.com
xsekka.com
immer-schneller.com
spotfoundry.com
myvulva.com
dzn1.com
thechenk.com
maybex.net
targetedads.info
firedoom.com
ayaatri.com
barilochetravels.com
bbunnystudios.com
pinpongclub.com
wheelerwayinc.com
birdsockshop.com
artelierbyjackottanio.com
sexpharms.com
oakleticfitnesstraining.com
afforditconsulting.com
eudoraappliances.com
gidhhsne.com
npbuyhomes.com
developerpedia.com
villabluebayou.com
novatechxf.com
weirogin.com
shopqubi.com
erinssoliki.com
mnztsdlifsdserd-online.com
missionwellnesshealth.com
curso-ruralvia.com
fhll.net
shouthenny.com
myhairgr.com
blackllamarecords.com
keverettcrozier.com
rhinocustomdesigns.com
Targets
-
-
Target
4.exe
-
Size
643KB
-
MD5
9c8c50b10343843f860fff79ac4511af
-
SHA1
c6f52f87914312e817655fc0492815b86d053e90
-
SHA256
ba06bef45227ff0ac912a66434014b848348f6be9780e8d86de0ffcc8c5c2c12
-
SHA512
9e6380d41e80a312f2f0e0b588381e57519b50203e436587ab936344787cb54aac7b85c739e048996d729ecc297d6e09ec4a72a7a7e948d554d131ef9647c350
-
Formbook Payload
-
Suspicious use of SetThreadContext
-