General
-
Target
jay.jpg
-
Size
264KB
-
Sample
220404-d3jafahhf4
-
MD5
38f7e0b6fe905626e34446af373a7a14
-
SHA1
0fb7d32aa3da0ce81bd47acf3f85571ad78a2821
-
SHA256
b45ff8555c636c41fcf21d1c755229682de05208da77ba4a6c3cc321fd342af8
-
SHA512
eb3de471218197032eadcf7c2f2cab3b785fe93eb881378a876536e393e1e93d2ee8aadac4168bfc606cbda0bc47880543c4905a186aad46f6111d924666a310
Malware Config
Extracted
formbook
4.1
jy0b
lamejorimagen.com
mykabukibrush.com
modgon.com
barefoottherapeutics.com
shimpeg.net
trade-sniper.com
chiangkhancityhotel.com
joblessmoni.club
stespritsubways.com
chico-group.com
nni8.xyz
searchtypically.online
jobsyork.com
bestsales-crypto.com
iqmarketing.info
bullcityphotobooths.com
fwssc.icu
1oc87s.icu
usdiesel.xyz
secrets2optimumnutrition.com
Targets
-
-
Target
jay.jpg
-
Size
264KB
-
MD5
38f7e0b6fe905626e34446af373a7a14
-
SHA1
0fb7d32aa3da0ce81bd47acf3f85571ad78a2821
-
SHA256
b45ff8555c636c41fcf21d1c755229682de05208da77ba4a6c3cc321fd342af8
-
SHA512
eb3de471218197032eadcf7c2f2cab3b785fe93eb881378a876536e393e1e93d2ee8aadac4168bfc606cbda0bc47880543c4905a186aad46f6111d924666a310
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook Payload
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-