General
-
Target
eeec66084fc56b1e253dc3803ee3bf59a71e403a41f55fa6068428e15214ccaa
-
Size
513KB
-
Sample
220201-c74w9sgae5
-
MD5
b36954cc7b62465a1351c26539cf003c
-
SHA1
04b2e4c951b4dbf33ae78d0ca125696484d2d533
-
SHA256
eeec66084fc56b1e253dc3803ee3bf59a71e403a41f55fa6068428e15214ccaa
-
SHA512
a37ea1b141e537160606aa00dfc6a676cba061461531a0113783a8c4e8ea98c2914dc83da2aa5c84d6986edac97032885f202bc02c365c5a6bc911c10ee3e838
Malware Config
Extracted
formbook
3.9
rm
21031venturablvd.com
hakunaamatata.com
favoritetrafficupdates.review
supermetaldetector.com
emprendiendoconvalor.com
instantclearskincream.com
quality-ind.com
essarp.net
citywidelbanks.com
actoralbert.com
melendyou.com
yfmodelminiatures.com
sell4cashwylie.com
lycheetreecottage.com
shoppingforbeatsearbuds.com
dgfengkai.com
dottowels.com
thxhva.info
oneloveworship.com
springfordschooldistrict.com
Targets
-
-
Target
eeec66084fc56b1e253dc3803ee3bf59a71e403a41f55fa6068428e15214ccaa
-
Size
513KB
-
MD5
b36954cc7b62465a1351c26539cf003c
-
SHA1
04b2e4c951b4dbf33ae78d0ca125696484d2d533
-
SHA256
eeec66084fc56b1e253dc3803ee3bf59a71e403a41f55fa6068428e15214ccaa
-
SHA512
a37ea1b141e537160606aa00dfc6a676cba061461531a0113783a8c4e8ea98c2914dc83da2aa5c84d6986edac97032885f202bc02c365c5a6bc911c10ee3e838
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook Payload
-
Sets service image path in registry
-
Suspicious use of SetThreadContext
-