General
-
Target
Statement of Acct..exe
-
Size
521KB
-
Sample
210915-kpvvmsddbn
-
MD5
850ef5cb4d3e3023ab26072a4cc6a25f
-
SHA1
0947a5b62ad244324971c7863977befaae3d71fd
-
SHA256
bb7d986712c63235f866f11ebc85ac60c360676e0576a075f16c16f679c31c7b
-
SHA512
58e8d6ecc2fbae3d85ff390c30bb5e7cff7f392ea2eae7bec8844e25b14b310e6af1a40da3e1d85516b881d1dcad2081a4d65e4da07ac6bbe45fa6a6d4e804a7
Static task
static1
Behavioral task
behavioral1
Sample
Statement of Acct..exe
Resource
win7-en
Malware Config
Extracted
xloader
2.4
tgnd
http://www.fhuosa.com/tgnd/
forever1887.com
zkz889.icu
futuresmanagers.com
salondebelle.biz
ziwomou.site
mobilestoreok.com
codexiveserver.xyz
cloudrail.net
pancakeandwaffle.net
ckbtmg.com
ralphboyer.net
carpenterglobal.solutions
mercoso.com
restoreyourpavers.com
tianyunpd.com
lan-sinoh.xyz
networlink.com
kazisworkshop.com
hempandcan.com
wd255.com
spectedsinues.com
winbigcompetitions.com
careconnectorsfl.com
customia.xyz
aestheticsbychill.com
sydneymortgagebroker.sydney
legallawgroup.com
posafrica.biz
rrstables.net
opexma.com
xxertyg.xyz
centermen.com
2272772.com
badplants.com
scrappyjonez.com
habesha-dream.com
doradoeventos.com
truegifty.website
markoonline.com
rockpresident.com
datasydney2022.com
tubbsbaitco.com
shopavix.com
ol9qz8i2sj3ic2f8.cfd
67161.xyz
tallulah.top
24-7homebiz.info
thesugarbuddy.com
instantcancelorder.xyz
bpost-international.com
infracreation.com
otomakyaj35.xyz
aboutforeverness.com
racheleaton.info
16ty6.com
davideli.com
financertr.xyz
matteogonfiantini.com
loudandclearcaraudio.com
spalp.xyz
apkversion.site
littlehappy.world
georgecuthbert.com
au-easyprofit-way.xyz
Targets
-
-
Target
Statement of Acct..exe
-
Size
521KB
-
MD5
850ef5cb4d3e3023ab26072a4cc6a25f
-
SHA1
0947a5b62ad244324971c7863977befaae3d71fd
-
SHA256
bb7d986712c63235f866f11ebc85ac60c360676e0576a075f16c16f679c31c7b
-
SHA512
58e8d6ecc2fbae3d85ff390c30bb5e7cff7f392ea2eae7bec8844e25b14b310e6af1a40da3e1d85516b881d1dcad2081a4d65e4da07ac6bbe45fa6a6d4e804a7
-
suricata: ET MALWARE FormBook CnC Checkin (GET)
suricata: ET MALWARE FormBook CnC Checkin (GET)
-
Xloader Payload
-
Suspicious use of SetThreadContext
-