General
-
Target
b8cef7577e09d894f2136407634962aa9574f00c3c09651cafeffbed4e9b220a
-
Size
370KB
-
Sample
220621-haavtaecc2
-
MD5
1d93fbbb1895e55356b63fd37073ef62
-
SHA1
994616598f9657eac8c3ebf8ce013aa3dc457864
-
SHA256
b8cef7577e09d894f2136407634962aa9574f00c3c09651cafeffbed4e9b220a
-
SHA512
56af7465c21d7ef8a4bd75696b90a17c79acbddbdf0c04134e64ed5b767d3e9acdabd062ef5b41844e57defad23ce26e8073b53cd0d6efac6bad2fd8dd3594de
Static task
static1
Malware Config
Extracted
xloader
2.6
mt88
syzbf32.xyz
pertlines.com
vybaveniprocyklostezky.com
elianmsalas.tech
a-snag-tokei-kaitori.com
tuvistaing.com
whoyoucall.net
l8e9gr.xyz
sophrologuemontevrain77.com
ciclean.com
the-roel.com
campgreencove.com
foremostbookkeeping.com
zamanscorner.com
efeturozemniyet.com
penelope.team
murata.life
solfuls.com
tradefitinvesting.com
skinbid.pro
hongyanwulei.com
aifconference.com
happinesssangha.com
microw0rker.com
agcompanion.com
renovacg.com
sisterfuckers.info
bigrockhuntingpreserve.com
loudbodies.info
hcr.store
000006138.com
ganitvigyan.com
libmananforum.xyz
bastianrob.xyz
leafybooster.com
65ratubh3j5fi.xyz
8id9pl8944ktb.xyz
designerinfotech.com
prmainey.com
5092377.com
mayascleanservices.com
selectendeavor.com
qxu0l1pgl9jm1.xyz
yanpoake.com
constructiongst.com
wwwfreemovies2021.com
norsgaard.net
raytan5.com
electricsemiloans.com
modernworklabs.com
sodapins.com
scwsav.com
ihrorg.com
vvv223.com
sofanemphuyen.com
zaqv40.xyz
verdure720.com
mysitetutorial.com
tur-advocates.com
vistadocs.com
kosodate-tiger.com
micahlinacero.com
nusires.com
ardtalscase.com
mariafonsecafreitas.com
Targets
-
-
Target
b8cef7577e09d894f2136407634962aa9574f00c3c09651cafeffbed4e9b220a
-
Size
370KB
-
MD5
1d93fbbb1895e55356b63fd37073ef62
-
SHA1
994616598f9657eac8c3ebf8ce013aa3dc457864
-
SHA256
b8cef7577e09d894f2136407634962aa9574f00c3c09651cafeffbed4e9b220a
-
SHA512
56af7465c21d7ef8a4bd75696b90a17c79acbddbdf0c04134e64ed5b767d3e9acdabd062ef5b41844e57defad23ce26e8073b53cd0d6efac6bad2fd8dd3594de
-
suricata: ET MALWARE FormBook CnC Checkin (GET)
suricata: ET MALWARE FormBook CnC Checkin (GET)
-
Xloader Payload
-
Suspicious use of SetThreadContext
-