General
-
Target
Lettera di restituzione per Siberia LLC.jpeg.exe
-
Size
893KB
-
Sample
211004-lbcbtagae7
-
MD5
6e2732d297f1666f6c9eed9de730c39e
-
SHA1
54df8b2dc7352b75dd09103f2a399fde314e4e53
-
SHA256
a93b39035f5ae1ace569c25759239f8c0361bf2462cb22f2a780c14de2821fe4
-
SHA512
0ea8f7a145129ba54132b4833952b66783ade6d28cf9f551800018de6b946e661f7c903405e22136acd037335f43ae8668fd27a3419985f3f932e50b8e6d86d8
Static task
static1
Behavioral task
behavioral1
Sample
Lettera di restituzione per Siberia LLC.jpeg.exe
Resource
win7-en-20210920
Malware Config
Extracted
formbook
4.1
n7ak
http://www.kmresults.com/n7ak/
modischoolcbse.com
theneverwinter.com
rszkjx-vps-hosting.website
fnihil.com
1pbet.com
nnowzscorrez.com
uaotgvjl.icu
starmapsqatar.com
ekisilani.com
extradeepsheets.com
jam-nins.com
buranly.com
orixentertainment.com
rawtech.energy
myol.guru
utex.club
jiapie.com
wowig.store
wweidlyyl.com
systaskautomation.com
citromudas3a.com
plasticstone.icu
pawchamamapet.com
beautybybby.com
mor-n-mor.com
getoffyourhighhorses.com
chieucaochoban9.xyz
grahamevansmp.com
amplaassessoria.net
nutricookindia.com
wazymbex.icu
joansironing.com
hallforless.com
mycourseprofits.com
precps.com
cookislandstourismpodcast.com
bestonlinedealslive.com
bug.chat
ptjbtoqonjtrwpvkfgmjvwp.com
tortniespodzianka.store
qxkbjgj.icu
aurashape.com
guinealive.com
mondialeresources.com
offthebreak.site
maxamproductivity.com
thebiztip.com
thelocalrea.com
laeducacionadistancia.com
inpakgroup.com
lvgang360.com
allvegangoods.com
tymudanzaramos.com
simpleframeswork.com
thehappycars.com
directfenetres.net
norskatferdsterapi.com
hostingcnx.com
ksmh5x.com
thespiritworldinvitational.com
jetsetwilly3.com
gameflexdev.com
tryhuge.com
vaporvspaper.com
Targets
-
-
Target
Lettera di restituzione per Siberia LLC.jpeg.exe
-
Size
893KB
-
MD5
6e2732d297f1666f6c9eed9de730c39e
-
SHA1
54df8b2dc7352b75dd09103f2a399fde314e4e53
-
SHA256
a93b39035f5ae1ace569c25759239f8c0361bf2462cb22f2a780c14de2821fe4
-
SHA512
0ea8f7a145129ba54132b4833952b66783ade6d28cf9f551800018de6b946e661f7c903405e22136acd037335f43ae8668fd27a3419985f3f932e50b8e6d86d8
-
Formbook Payload
-
Suspicious use of SetThreadContext
-