General
-
Target
b0fd06d3d98801c819d319e2238b4759
-
Size
298KB
-
Sample
220119-wys8ysccd8
-
MD5
b0fd06d3d98801c819d319e2238b4759
-
SHA1
f6b1491a483af1a0aad7dbdcec83580d6bb90023
-
SHA256
c6d0861ae7de13673ba678e5460d94433a6a873d461015070cc95fe174015991
-
SHA512
8546bbe82af1543de2b688838e728396821f2c989e0417aedae6d6fce5374c5df5b5c9a00e6a214e7d9bb40d7c8cb6c05b0d52e631e6d6535037bb8e5fad0395
Static task
static1
Behavioral task
behavioral1
Sample
b0fd06d3d98801c819d319e2238b4759.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b0fd06d3d98801c819d319e2238b4759.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
formbook
4.1
h4d0
onlinefinejewelry.com
samstringermusic.com
beam-lettings.info
optimumcoin.xyz
fasa.xyz
creativedime.com
eihncuz.online
griffin2008.top
europcarlive.com
jxhcar.com
museumsshop.international
bonolaboral-lnterbank.com
kelebandis.xyz
hiddenlakeranch.net
carelessyouth.com
jfkilfoil.store
potok-it-ua.site
magdulemediation.com
shakadal.xyz
coastconstructionfl.com
wilsonbrosvanlines.com
collagenroaster.com
thegetawayspace.com
grittybeetsproduction.com
ieemyanmar.com
gyozaviajera.com
familie-leben.info
finnbd.com
nomasrevolving.com
gtstudios.art
sergesur.com
hnljgame.com
lakemould.com
kandanmart.com
devinbutler.com
everythingisdetermined.com
justift96.com
crose.info
pb6111.com
thecollarcollective.com
jrc8899.com
studiocrypto.xyz
sadrarobotics.com
carpimuebles.com
chinaqcgg.com
ninjixiang.net
thewildexplorerabin.com
realestatenebraskanews.com
metaversenitro.com
com171ksw.xyz
fammilee.com
farmstoragesolution.com
some-things.net
kedaiwangi.one
aztrac.net
webzyn.xyz
cell-mex.com
argusprojects.com
jcaemporium.com
xfgyun.store
xdhgrl.com
creating-club.com
masterproperty34.com
joyemotion.com
voxelsoxx.xyz
Targets
-
-
Target
b0fd06d3d98801c819d319e2238b4759
-
Size
298KB
-
MD5
b0fd06d3d98801c819d319e2238b4759
-
SHA1
f6b1491a483af1a0aad7dbdcec83580d6bb90023
-
SHA256
c6d0861ae7de13673ba678e5460d94433a6a873d461015070cc95fe174015991
-
SHA512
8546bbe82af1543de2b688838e728396821f2c989e0417aedae6d6fce5374c5df5b5c9a00e6a214e7d9bb40d7c8cb6c05b0d52e631e6d6535037bb8e5fad0395
-
Formbook Payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-