General
-
Target
4743974023757824.zip
-
Size
432KB
-
Sample
210727-bxg37s5at2
-
MD5
ac297091520805a722b888b04eb297c0
-
SHA1
80a5c5165b2d2a5750ff9c5bc5ee94e35190b432
-
SHA256
147b79677b2a39e7e1b4691e4e8867444253e977813ecc4b49b56af43cfb3433
-
SHA512
326a8ddd3c38609d6a6df85d7b74d40bdde9b44eb92fc5327879489d84883f108118310c7ccead4bd3b54b49b69ccf23540c085dfb56fb82acb7e0d7e747a936
Static task
static1
Behavioral task
behavioral1
Sample
KNNBHBL43590303005084SOB07Dec20TXL15Feb21/KNNBHBL43590303005084SOB07Dec20TXL15Feb21.exe
Resource
win7v20210410
Malware Config
Extracted
formbook
4.1
http://www.sportsbooksil.com/css/
small-business-credit.com
waypsy.com
azerni.com
netzafe.com
crceg-eldjazair.com
minitruckwiki.com
lensdemy.com
cognitivecorridors.com
foxredart.com
m-groove.com
delevateagency.com
franklyspeakingtheword.com
iplleatheraccessories.com
print-and-ink.com
callpine.com
grydomarmy.com
washfoldndelivery.com
tarapharm.com
adairepalmer.com
jilbabsanaya.com
djmarieco.com
saitamacity-sports.com
ktobandboston.com
bandowtiam.com
rubycons.com
windowscreenshop.com
thedigitalhideout.net
maidalab.xyz
mariahelizabethmerch.com
theten.agency
6degreesofdelicious.com
sueclothingandaccessories.com
hyattregencywesthanoi.com
burgerorder.com
wowo-199.com
abudhabi-israel.com
nicaraguamatrimony.com
epicsocialite.com
tastethe.cloud
desimallhd.com
dwfhadbk.icu
carsandrigs.com
bigtreecloud.net
autotrafficbot.com
theranchmtk.art
niceperiodic.com
copypress-support.com
jamesjgaffney.com
otoviki.net
ajsuneasow.com
kohlercustom.com
bazaardomain.com
defectinjury.com
jsaplicativos.com
camin-vip.com
kalpanavincent.com
vianvifurnitures.com
abacada.net
findyourjobusa.com
2centsworthapp.com
jiazuyun.net
brightandfreshfaces.com
bnvirtual.com
elementaryteachingonline.com
Targets
-
-
Target
KNNBHBL43590303005084SOB07Dec20TXL15Feb21/KNNBHBL43590303005084SOB07Dec20TXL15Feb21.exe
-
Size
542KB
-
MD5
71b8954c01a98f7f9efcd86388cab318
-
SHA1
fac366fa3660e1db0dfa2473fc805444bbfbb1f5
-
SHA256
af4150ab77918813e1f16480bac0fae2c80f0d77e7c205da5dc7220c08095890
-
SHA512
e0a346cd1f643dfe4af6d004aea39c68cdcbfe692cb205352c8be00f1f95324386f43e420b36057eda9ee1f97e9d2cec0dfd2c20afde106e1260ad45adca551e
-
Formbook Payload
-
Suspicious use of SetThreadContext
-