General
-
Target
8a84cbb31cdf069bfc816bf0183c6228bf0a3b8ca038e8f1d4152e334bea13e0
-
Size
234KB
-
Sample
220521-mmgw4scad4
-
MD5
835c889e69e6cbf13b93c14cc5187170
-
SHA1
0f23eedfd6533fa371de9038c166b85ef20a095a
-
SHA256
8a84cbb31cdf069bfc816bf0183c6228bf0a3b8ca038e8f1d4152e334bea13e0
-
SHA512
b0e18017008bf00ac7983b80bad73f2ef82161b19161d82e977667ae666a3434518ff2e1d897ac58802e706865baa899538788eb3932900112184bba0b8a647e
Static task
static1
Behavioral task
behavioral1
Sample
INQUIRY.exe
Resource
win7-20220414-en
Malware Config
Extracted
formbook
4.0
q5e
cryptoxc.world
lotto18coin.net
jinfuzeneiyo.com
ekljfd.info
fundme360.com
catfishingtrickssubscribers.com
account-applerestore-help.com
macys-giveaway.site
vtwomenswellness.net
naxagoras.com
beatumcosmetic.com
pitchperfect3full.com
entertheartoffrenchliving.com
maithecat.com
skooey.com
genenv.com
projectxstream.com
liladasgupta.com
whitecloverwedding.net
zchinahu.com
hotelmondialrimini.com
yourwestsidehome.com
marathonprocessservers.com
probulus.store
thaibibi.com
bestjerseystore.com
hamiltondentalcentre.com
oneafreekainc.com
8904s8m0u8y.biz
rowdyandthepiff.com
linderlegacygroup.com
day4pt.com
mylocalsolution.net
chairmen.us
industrialriggers.net
hawaiijawsurgery.com
shaayanmadan.com
esierlifestore.com
dqmco.com
tinaceramics.com
gunluk.site
unique-promotion.com
tong1020.com
yzyx66.com
kangbaite.com
khalifaproperties.com
simtex.tech
72-game.com
motorb2b.com
footballtvlivestream.com
988qpz.com
onex8.net
laiyuansu.com
thefangroup.com
jtsmedmassages.com
solidgoldbaby.com
cometoshop.net
sexyhotgirlslivechat.com
banden-company.com
mamavickygarden.com
firstweb.top
bzylz.net
affordablevisions.com
howtomuslim.com
yofdyk.com
Targets
-
-
Target
INQUIRY.exe
-
Size
309KB
-
MD5
0f32fb09814445efbb05bf85c84c799b
-
SHA1
ba9fa5e71bcedd957e8c4bbb7b477733e8761c0a
-
SHA256
00c47b353869bd10336878ab126ad47ba22f370c1adf89310a589d5a6c14bfe4
-
SHA512
9396260e43f21243883f35fa225d4346547d26ac5a87da500bd4913c9c477bfd92bffa718254f03361ca0381f50dbd3d6e4f6570850bcc5063e47bae12f51a43
-
Formbook Payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-