General
-
Target
3e3ccb3b130c86bb2d82a52f8a7e191efa9499577ba0a3d3f335d5a1e1597b76
-
Size
995KB
-
Sample
220323-pwrh1sebh9
-
MD5
17f33985f4763acfb314795dd000287a
-
SHA1
24e3a6d5037f18a306ea61f883323df0be119340
-
SHA256
3e3ccb3b130c86bb2d82a52f8a7e191efa9499577ba0a3d3f335d5a1e1597b76
-
SHA512
4fe53e131792dc5fa45354fad03301c929935bb711a69a3f7d8c937ef3027cbf261c4b1940aebde1df7ef556dd99227c525e2fc9e4d76437ab85f436105df420
Static task
static1
Behavioral task
behavioral1
Sample
3e3ccb3b130c86bb2d82a52f8a7e191efa9499577ba0a3d3f335d5a1e1597b76.exe
Resource
win7-20220310-en
Malware Config
Extracted
formbook
4.1
g2e7
onlinebankaccess.com
dekannabesetale.com
cevaszakszervezet.com
barok-music.com
civitanova.info
projectpeaks.tech
orderoaxacarestaurant.com
lazatee.com
mufduds.com
ivyfitfun.com
justtwotrade.com
dnvkcpe.com
ecomnabe.com
digitalcourse.biz
placemonthwaylife.biz
redfoxbet.info
realitysweetz.com
angyhouse.com
bapqnm.com
parsmicron.com
guangxinde.com
maotaijinxu.com
cryptoandnftsociety.net
teloserp.com
prizantmailna.com
shopamazeme.com
memewithfriends.com
knkzeiku.cfd
hausmeisterserviceibishi.com
haoronghui.com
bwrtforanxiety.com
metaverse-pharmacy.net
ides.club
das-va-team.com
rhesxs.com
62zmk.xyz
zhaigou18.store
polygcn-technology.space
thehappymuslim.com
dryers.biz
axieinflnlty.site
airtechbook.com
onegaitom.online
famigliaveronese.cloud
nieblafotografia.com
dubailoveyou.com
y58hf.com
diginavo.com
wellparko.com
eternusindustries.com
topgialai.com
punks.quest
qjncjs.xyz
casasima.com
shaolin.tech
wog-coaching.com
leonelmakers.com
hollywoodsbest.net
santhiamorales.com
tatiansheng.com
cecsemijoiasdeluxo.com
snsplast.xyz
cryptopunksplus.com
hyuaxis2021.com
kingsotero.com
Targets
-
-
Target
3e3ccb3b130c86bb2d82a52f8a7e191efa9499577ba0a3d3f335d5a1e1597b76
-
Size
995KB
-
MD5
17f33985f4763acfb314795dd000287a
-
SHA1
24e3a6d5037f18a306ea61f883323df0be119340
-
SHA256
3e3ccb3b130c86bb2d82a52f8a7e191efa9499577ba0a3d3f335d5a1e1597b76
-
SHA512
4fe53e131792dc5fa45354fad03301c929935bb711a69a3f7d8c937ef3027cbf261c4b1940aebde1df7ef556dd99227c525e2fc9e4d76437ab85f436105df420
-
Formbook Payload
-
Suspicious use of SetThreadContext
-