General
-
Target
f0772fc90b67e9d3d2ff1ecbb58397a8bd954f9ea0f811b77e1d5da835b197ba
-
Size
538KB
-
Sample
220418-nzzhcsebgp
-
MD5
ea20d26564f8916c1d80b7e2ad7bc292
-
SHA1
644fa741f99f0ab8db5bfecd6913d56cf6b606cb
-
SHA256
f0772fc90b67e9d3d2ff1ecbb58397a8bd954f9ea0f811b77e1d5da835b197ba
-
SHA512
7cafe98d8f2c89e875377099288d1c98f1ad7a6d494c21a1a9eec21627eac780b16dfac9bc6cd04d2677265907d15ba34e49471676d9882b421d441b4acf71ed
Static task
static1
Behavioral task
behavioral1
Sample
f0772fc90b67e9d3d2ff1ecbb58397a8bd954f9ea0f811b77e1d5da835b197ba.exe
Resource
win7-20220414-en
Malware Config
Extracted
formbook
4.1
ngs
clickavisos.com
superbbeautysecrets.com
edxar.xyz
maximumpotentialfitness.net
exportsninports.com
ijwsm.com
kdawvam.icu
uere.website
pleasantviewgardennj.com
favorflavortexas.com
gilt.pro
nagahama63.com
fractalweed.com
acceptchaos.net
shopshop3.space
lunivers-de-flora.com
astrophiliabrand.com
thegloveexchange.com
bbrazesurgical.com
goswamipad.net
rsvpseniors.com
ragirls.com
silvermatemainecoon.com
access2pharma.com
mavenstyleshop.com
tuvanlephai.com
sampudetetegede.com
vipstilbg.com
thecraftybohemian.com
host360tours.com
constructoragreenhouse.com
manhattantradingcompany.com
in10sifiedapparel.net
ourfreegenerator.com
diskon80persen.xyz
yehudaaboudi.com
vitarit.com
chapicoship.com
modzbox.com
thetechdraw.com
qianmabo.com
coworkingfilms.com
armanconstruction.net
knt60345blog.com
zhangyun007.com
cdnwear.com
minnetonkaoutfitters.com
mahitech.net
calipetshop.com
yorkshireclassicmotorcycles.com
turismoplayas.com
rundancebrand.com
oursecretcreation.com
desco23.com
7f2wqq.com
earnmoneywiththomas.com
transportecargas.com
grupiq.com
3573wbuenavista.info
saudiconcerts.com
wellnessvibeco.com
bepopular.xyz
americansfirst1776.com
quickcovidkits.com
startuproadtrip.com
Targets
-
-
Target
f0772fc90b67e9d3d2ff1ecbb58397a8bd954f9ea0f811b77e1d5da835b197ba
-
Size
538KB
-
MD5
ea20d26564f8916c1d80b7e2ad7bc292
-
SHA1
644fa741f99f0ab8db5bfecd6913d56cf6b606cb
-
SHA256
f0772fc90b67e9d3d2ff1ecbb58397a8bd954f9ea0f811b77e1d5da835b197ba
-
SHA512
7cafe98d8f2c89e875377099288d1c98f1ad7a6d494c21a1a9eec21627eac780b16dfac9bc6cd04d2677265907d15ba34e49471676d9882b421d441b4acf71ed
-
Formbook Payload
-
Suspicious use of SetThreadContext
-