General
-
Target
5a.zip
-
Size
532KB
-
Sample
210505-pmz94cfntn
-
MD5
d33fe8287df4e625a37dfa5d8729d8db
-
SHA1
7d35ae1531f796784efd84ba29867a66fee518fe
-
SHA256
619a462b761e8188e285d4122fe80ff0c3b2fca9cf491dcb5830a38f03d6610f
-
SHA512
a50841c9fee83858918449e38e386bc1c64bdf873176048de2a90385adbce7e5439eef2f19ca50c6d9309bb40a770fa1cfefa20b7700d8b56b25f29c3f6ec6d8
Malware Config
Extracted
formbook
4.1
http://www.glittergalsboutique.com/8buc/
affiliatetraining101.com
sun5new.com
localstuffunlimited.store
getmrn.com
nipandtucknurse.com
companycreater.com
painfullyperfect.com
3dmobilemammo.com
theredbeegroup.net
loochaan.com
alanoliveiramkt.com
lxwzsh.com
twobookramblers.com
cscardinalmalula.net
hanarzr.com
sabaicp.com
foodprocessmedia.com
tirongroup.com
dcentralizedcloud.com
xn--80abnkzb2a.xn--p1acf
Targets
-
-
Target
6f6aa9aea231c8d01eddd78fa14d447202bb71c77512265ce9cc195c62ca1c65.bin
-
Size
674KB
-
MD5
9fe12cde3aa06a540dd00ef6b182c5d0
-
SHA1
5b71e9d19292cbd95d455ce778db5d5c86270ab0
-
SHA256
6f6aa9aea231c8d01eddd78fa14d447202bb71c77512265ce9cc195c62ca1c65
-
SHA512
b223de4772986e3c95c233d49711e538d566527ab7f8b2f0bdbcd75643587ddd6140815c29ff168ea4ab1bd8914053ea697913be81f4d7f37e5e3450a31be465
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook Payload
-
Suspicious use of SetThreadContext
-