General
-
Target
fe00496b835373cc1e2bedaa5cd44dba
-
Size
247KB
-
Sample
220126-xtr1rshagk
-
MD5
fe00496b835373cc1e2bedaa5cd44dba
-
SHA1
226e116819b8f70e7972aff8bb69126af3b88020
-
SHA256
f7d92bdb9870269bf1d06047d8dc41b287727612f0de238efbd59ef4767c7b03
-
SHA512
3acc02b0b6c73516d8964cf5023838ebc8502e10b89a655c30867bee8fed270a2845c459e2f89898ddefda51df9b92d2bd8b8522fc2dfea059f1e6180cf84b1e
Static task
static1
Behavioral task
behavioral1
Sample
fe00496b835373cc1e2bedaa5cd44dba.exe
Resource
win7-en-20211208
Malware Config
Extracted
formbook
4.1
s11y
thae.xyz
jeffreyoboite.com
waitforittshirts.com
rattledance.xyz
jq-pt.com
aolcomsignin.com
thekingschronicle.com
nftbrasil.tech
liruixiao.com
monkeyrollsltd.com
yhyh3456.com
ultrakid.tech
projectsbespoke.com
ticketsdao.com
himalayanspirit.com
hfurniture.xyz
dxalxbkl.com
pick-finder.com
pnmslinhyxsdf7.xyz
rensolv.xyz
resourcefellow.com
inov16ationinfo.xyz
washed-customer.com
naromass.com
addmax.plus
neroesbakery.com
norconser.com
madouygb.com
gamingprimepack.com
xaydungtunglam.com
piercelawoffices.net
abelmix.com
besthometips.xyz
w2saez9r.xyz
duneswestchurch.com
marketing-7inspiration.biz
warriors4right.com
iphoneblog.net
treatinpgain.com
readingthebookofourlove.com
bloggingspedia.com
qdxhchuguo.com
litactivwear.com
burnleybuyandsell.com
stanlestel.com
healthinsurancesinjap.com
goliveaction.com
jtfjnytv.com
computersolve.com
woiscwipmuepl.top
beproudcoaching.com
racapizza.online
jerricaruiz.com
chiefsgunworksllc.com
bwv45.xyz
advantagepowerplusproducts.com
ugu9.com
tinostationerybox.online
wounglour.xyz
wk6b83b657fz.xyz
arizakayitbirimi-istanbul.com
hardwaresalg.com
frenchbulldogbreedersnearme.com
wildeshauser-expressdienst.biz
elektroniksigaraistanbul3.xyz
Targets
-
-
Target
fe00496b835373cc1e2bedaa5cd44dba
-
Size
247KB
-
MD5
fe00496b835373cc1e2bedaa5cd44dba
-
SHA1
226e116819b8f70e7972aff8bb69126af3b88020
-
SHA256
f7d92bdb9870269bf1d06047d8dc41b287727612f0de238efbd59ef4767c7b03
-
SHA512
3acc02b0b6c73516d8964cf5023838ebc8502e10b89a655c30867bee8fed270a2845c459e2f89898ddefda51df9b92d2bd8b8522fc2dfea059f1e6180cf84b1e
-
Formbook Payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-