General
-
Target
f2b6d04e02cd293d0743c419211ce6b7
-
Size
58KB
-
Sample
220126-z42n3aaedm
-
MD5
f2b6d04e02cd293d0743c419211ce6b7
-
SHA1
6f0120d0f57162680a5951741c9befbe21ee7e6f
-
SHA256
d44f233d2ef931ed5471cf2be98fb8c2afd6754200f6a46585c2b3114b05e133
-
SHA512
bdbda94f442557de6752fe4806ec5ea9157e895006b6986817a6b1ca1c08d5c465290ee6eac90cb58c087afee973bf201ac4062fb22a13eaa8bdb15144b0f37c
Static task
static1
Behavioral task
behavioral1
Sample
f2b6d04e02cd293d0743c419211ce6b7.exe
Resource
win7-en-20211208
Malware Config
Extracted
formbook
4.1
wieh
rosevillepress.com
diegodeoviedo.com
karanganbungabandungcimahi.com
skeletonnation.net
tihudez.xyz
idaz2.xyz
highcaliberperformance.com
serfoe.com
envisioneyecare.net
bj-htjy360.com
turkiyeekonomiyikonusuyor.com
nationsassociation.online
matesmeltingpot.com
7haof.com
burkhardhomes.com
candyhunks.com
internationalafrican.school
harsors.com
themarketstore.xyz
yulmarket.com
nlowsw.com
cglvyoxu.com
yourdreamsoffers.com
tenniswired.com
bahrfuuss.com
faw-vw-dns.com
3855flad.com
turningvmkedr.online
geargiare.tech
dr-walther.com
weddingsbyiceberg.com
liberalref.com
offroadtogether.online
aonoti.com
clinscienceusa.com
y8dv.xyz
dm107.com
iwantcocke.com
daybreaklandscapers.com
oceanic-sauna.online
dsknit.com
xn--kzlarndkkan-zhb69deah.com
skillga.com
laxicarecrew.com
xn--p5q783a.com
tingaco.com
xmoda.online
findavetnearme.com
libertycointoken.com
mebajaft.com
giaohanggiaretetkiemhcm.com
go2payme.com
meltpointplastics.store
relativewifi.com
memg.xyz
drivenowapproved.com
liesandmisperceptions.com
pointsair.com
bymiwachan.com
tamirestanco.com
confessingamiracle.com
sparrowy.info
writebraincommunications.com
eastvastness.com
ovince.com
Targets
-
-
Target
f2b6d04e02cd293d0743c419211ce6b7
-
Size
58KB
-
MD5
f2b6d04e02cd293d0743c419211ce6b7
-
SHA1
6f0120d0f57162680a5951741c9befbe21ee7e6f
-
SHA256
d44f233d2ef931ed5471cf2be98fb8c2afd6754200f6a46585c2b3114b05e133
-
SHA512
bdbda94f442557de6752fe4806ec5ea9157e895006b6986817a6b1ca1c08d5c465290ee6eac90cb58c087afee973bf201ac4062fb22a13eaa8bdb15144b0f37c
-
Formbook Payload
-
Suspicious use of SetThreadContext
-