General
-
Target
9b08add787ee884a3e2a0953cc6447fe394a544971aa17746275d2aa5e13690f
-
Size
421KB
-
Sample
220520-2w2p7sgbc9
-
MD5
e9a020d57c46ccacf00d1c7537d5345b
-
SHA1
487a327510caed634937e8a18547418c5914dda3
-
SHA256
9b08add787ee884a3e2a0953cc6447fe394a544971aa17746275d2aa5e13690f
-
SHA512
0b1dfd911e0cbb0b584d879f3a17b42f5bb28f6df4c1444e6022057bea2afc3d28cf709b06bca68cc8badb870e82f0f9a2f2e857c82177b02a38a5591ffd06cc
Static task
static1
Behavioral task
behavioral1
Sample
Alpha 7763826639.exe
Resource
win7-20220414-en
Malware Config
Extracted
formbook
4.1
q5e
2177.ltd
thanxiety.com
max-width.com
fixti.net
mostmaj.com
mobilteknolojiuzmani.com
historyannals.com
wheelchairmotion.com
mossandmoonstonestudio.com
kastellifournis.com
axokey.net
peekl.com
metsteeshirt.com
abcfinancial-inc.com
btxrsp.com
amydh.com
ccoauthority.com
lumacorretora.com
kimfelixrealtor.com
iconext.biz
giftstgg.com
imonsanto.com
invoicefor.com
qfhxlw.com
wsykyy.com
gladius.network
peliculaslatino.online
timookflour.com
gxkuangjian.com
utvklj.men
rabota-v-avon.online
sheashealingway.com
thoitrangaoda.com
rytechweb.com
circuit69.com
crowd-design.biz
carosiandrhee.com
778d88.com
calvinkl.com
cjkit.com
jgkwhgxe.com
sanitascuadromedico.com
mellorangello.com
whiteinnocence.com
medtechdesignstudio.net
nurturingskin.com
guardyourweb.net
juw2017.com
jnheroes.com
damicosoftwaresystems.com
gesband.com
onwardsandupwards.info
gopropackaging.com
centerforaunts.com
sarrahshewdesign.com
intelligentcoach.net
iasisf.agency
products-news.com
calvinspring.com
100zan.site
9mahina.com
saleaustralianboots.com
floatinginfotech.com
calcinoneweek.com
yofdyk.com
Targets
-
-
Target
Alpha 7763826639.exe
-
Size
496KB
-
MD5
9e3db9c40093f7a159827ab2a9de640e
-
SHA1
e9a5ae757342e4ac6d21bc0e33f0e703104dcf03
-
SHA256
31f02d35e3e941b42298936bd026b39a5d682825bc4b4277945f9f0143617931
-
SHA512
6a57ac5b688e2bc8a0a24230bdf60a3146216e54a986ba0c6083b400582e5f94ba6dcd14b95458f8a1bef53076ba32d74d663222e7e82600d454c720134adda1
-
Formbook Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-