General
-
Target
ac23d509999ba6aeffbf49a41e104a7e876872740dbf24ccff54f5bc36ee3eb6
-
Size
14KB
-
Sample
220521-j2gywaecdm
-
MD5
9f031a71a8f4dedaff85f360942cd0b7
-
SHA1
337686652fc8aa067691eb88e00734b477ca86e5
-
SHA256
ac23d509999ba6aeffbf49a41e104a7e876872740dbf24ccff54f5bc36ee3eb6
-
SHA512
72ee3d4db1507147eeba417f0e69063a123139d9f1f2216927b006c2aa32f9aa0840ee45d74afb8b6c47b104949a9d7d05117e8a7b88bad478fb45521862b42d
Malware Config
Extracted
formbook
4.1
s4s9
qianyuandianshang.com
bernardklein.com
slhomeservices.com
findasaas.com
janellelancaster.xyz
umkpro.site
nr6949.online
mersquare.club
lanariproperties.com
3rdeyefocused.com
giftexpress8260.xyz
hilleleven.xyz
beajod.com
kosazs.online
ishare.team
mb314.com
xjjinxingda.com
ayekooprojectamazing.com
ballsybanter.com
todayshoppingbd.com
Targets
-
-
Target
ac23d509999ba6aeffbf49a41e104a7e876872740dbf24ccff54f5bc36ee3eb6
-
Size
14KB
-
MD5
9f031a71a8f4dedaff85f360942cd0b7
-
SHA1
337686652fc8aa067691eb88e00734b477ca86e5
-
SHA256
ac23d509999ba6aeffbf49a41e104a7e876872740dbf24ccff54f5bc36ee3eb6
-
SHA512
72ee3d4db1507147eeba417f0e69063a123139d9f1f2216927b006c2aa32f9aa0840ee45d74afb8b6c47b104949a9d7d05117e8a7b88bad478fb45521862b42d
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
suricata: ET MALWARE FormBook CnC Checkin (GET)
suricata: ET MALWARE FormBook CnC Checkin (GET)
-
Formbook Payload
-
Suspicious use of SetThreadContext
-