General
-
Target
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
-
Size
774KB
-
Sample
220521-nftsrsdfc7
-
MD5
9f83e1ff718e96c05214dc91360f7382
-
SHA1
f6c4ecb6022f284eaae4b8288f27cfaaf6faf05d
-
SHA256
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
-
SHA512
573ce2bf6639106dab284e721b3ec64a38609a41dc4e5fead468c47d6ddfefa74b57c0551049f37dc94f78d158f76cf99dc088e9b0ab7b64a97e54bcf027f3d8
Static task
static1
Behavioral task
behavioral1
Sample
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
formbook
4.1
ppy
107bifa.com
girlnamedgray.com
agnesagustina.com
dothedamndream.com
automovilesenmonterrey.com
areyouarealchamp.com
cristianosremodelacion.com
braincontrolinterphase.com
spieldoch-messe.com
cybererm.com
runwayspice.com
iapps.net
americasproducer.com
opigone.com
1northcoteavenuebalwyn.com
camgoing.com
rising-star-factory.com
kaiserundschmarrn.com
m5yo.info
aldosterone.biz
freepes2018.com
clashofclanshackz.com
water0772.com
bocio.net
digitalxcommerce.com
makingwaystherapy.com
warhistoryclub.com
jiaxianda.net
erste-hilfe-station.kaufen
hansibeikang.com
lettstalkpod.com
bktmontana.com
housesbypatti.com
demoooi.com
sensualhealing.info
allorisotto.com
energyrecovery.science
ifcghana.com
777772015.com
lugan40401.com
cannablissbouquets.com
americanslangdesign.com
importantmetrics.net
kitchendesigncolumbus.net
nhadatdongland.com
tmkjti.com
rumblytumblyveg.com
arrogantapes.com
gleanhealth.com
aavel.com
voltaire.paris
melissaacromwell.com
overcome.studio
chutjecuisine.com
evolixir.com
kalitheacoffee.com
coxcontourapp.com
ofcourse.online
yxr.ink
2muchsparkle.com
boomergirlfitness.com
takipcimerkezi.plus
redirectingsupp.com
buchbinderei-spinner.com
trancus.com
Targets
-
-
Target
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
-
Size
774KB
-
MD5
9f83e1ff718e96c05214dc91360f7382
-
SHA1
f6c4ecb6022f284eaae4b8288f27cfaaf6faf05d
-
SHA256
1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
-
SHA512
573ce2bf6639106dab284e721b3ec64a38609a41dc4e5fead468c47d6ddfefa74b57c0551049f37dc94f78d158f76cf99dc088e9b0ab7b64a97e54bcf027f3d8
-
Formbook Payload
-
Suspicious use of SetThreadContext
-