General
-
Target
SecuriteInfo.com.Variant.Zusy.394472.15672.20727
-
Size
193KB
-
Sample
210722-see98x48pe
-
MD5
89cfb542cda6a428cc5c02feaf3c55f8
-
SHA1
9a0606c633ffe5ae4b6dcb7dcfba57b7e22cb05d
-
SHA256
b663fea76aadbf574e5bb9f704ad689ec10f0d720b0b9641e70b27494fe4cc17
-
SHA512
22fd691c761ec2ac5be4b3a9b682daf53abb3de05787d07474bc0e41a8c7bf001a10783f3eea6d7d70528dae1da13506e4370b16f3c02b7d92db9e6ffb2ac79b
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Zusy.394472.15672.20727.exe
Resource
win7v20210410
Malware Config
Extracted
formbook
4.1
http://www.yjhlgg.com/grve/
jrvinganimalexterminator.com
smallsyalls.com
po1c3.com
mencg.com
aussieenjoyment.today
espace22.com
aanmelding-desk.info
gallopshoes.com
nftsexy.com
ricosdulcesmexicanos.com
riseswift.com
thechicthirty.com
matdcg.com
alternet.today
creativehuesdesigns.com
rjkcrafts.com
lowdosemortgage.com
adoptahamster.com
wellness-sense.com
jacardcapital.com
pastiindonesia.com
lindsaynathan2021.com
brisbanemagicians.com
tvglanz.com
388384.com
mitgrim.com
endonelatrading.com
political.singles
ganjegirls.com
democratscancelled.com
ytzhubao.com
roiskylands.com
zamlgroup.com
winstonsalemathleticclub.com
62qtz2.com
caddyys.com
ecorarte.com
coonier.com
cbgmanhattan-hub.com
givanon.com
tioniis11.com
variceselite.com
tasaciona.com
hiphopeconomicdevelopment.com
citrixfile.com
piebuilder.com
drmetalpublishing.com
themesthatyoulike.com
vinhomes-phamhung.info
ardecentro.com
gameshowsatwork.com
go-rillathebrand.com
virtualppo.com
nogodbeforeme.net
fabrezeairpurifiers.com
roorisor.com
elaraberentcar.com
rugpat.com
renewalbyheather.com
innocox.com
ztsj10086.com
channelarmor.info
thecarbonbox.store
edicionesvita.com
Targets
-
-
Target
SecuriteInfo.com.Variant.Zusy.394472.15672.20727
-
Size
193KB
-
MD5
89cfb542cda6a428cc5c02feaf3c55f8
-
SHA1
9a0606c633ffe5ae4b6dcb7dcfba57b7e22cb05d
-
SHA256
b663fea76aadbf574e5bb9f704ad689ec10f0d720b0b9641e70b27494fe4cc17
-
SHA512
22fd691c761ec2ac5be4b3a9b682daf53abb3de05787d07474bc0e41a8c7bf001a10783f3eea6d7d70528dae1da13506e4370b16f3c02b7d92db9e6ffb2ac79b
-
Formbook Payload
-
Suspicious use of SetThreadContext
-