General
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.8038.13219
-
Size
46KB
-
Sample
220706-q5sywafdh7
-
MD5
8feba44e8cd040600d09043b3f00e035
-
SHA1
f924b4b27dc76cba38e68937e8aa8297b1656e0a
-
SHA256
359b9f18709357603b88a9597e7779bd36a116a4cccf73c682821ec40bfbeabd
-
SHA512
266d36e4d2d6936b95f20f83f76c095ae260c7f7577d5276cc827c869c392c3bb7d942cf65b5ac6525a4c70c609943e6ab57004e4f5f061307328a439697e2ff
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetectNet.01.8038.exe
Resource
win7-20220414-en
Malware Config
Extracted
formbook
4.1
d94e
123456yudang.com
t-eros.com
genesis-urban.com
gartersnake.xyz
freshinews24.com
molasendo.com
365889.xyz
multiverso-digital.com
nahlabalmsales.com
cashyoga.space
momtipsblog.com
uktbc.xyz
hu6aecfzts33zz.life
luxuryholic.com
wtsgdy.com
bathroomrenovationscenter.club
mouradhw7.xyz
sehoonp.com
danplace.com
zc006.xyz
blogata.xyz
de-vinted.website
photomax.xyz
piratesofthesound.com
slash-sa.com
cloud-computing-security.life
hertgoodusa.xyz
exoticgoldenretrievers-au.com
imagrecimento.xyz
moviechat.xyz
oldchiefs.com
oiuk.xyz
domguri.net
867818.xyz
pisurvice.xyz
realpluscorp.com
bbkicks.store
newsoutgwindow.com
baiakgo.com
healthymebc.com
jxd520.com
jifengys.xyz
dosmatest.store
luxuryhostel.tours
shiba-interstellar.com
ligastavok-mobile.site
lxpioneers.com
asyncbits.com
ahmadiyyamadagascar.com
intl-travel-to-dubai-net.fyi
monassweets.info
qiguz.xyz
suarenda-lucrativa.site
business-china-russia.com
sohufev.xyz
codemicro.site
bitget-signup.website
toonstablerock.com
virtualmarketingseminar.com
rocketbrotherscoffee.biz
wizapk.xyz
mousseinvestmentslimited.com
qqww019.cc
stunningmoon.com
closeones.store
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.8038.13219
-
Size
46KB
-
MD5
8feba44e8cd040600d09043b3f00e035
-
SHA1
f924b4b27dc76cba38e68937e8aa8297b1656e0a
-
SHA256
359b9f18709357603b88a9597e7779bd36a116a4cccf73c682821ec40bfbeabd
-
SHA512
266d36e4d2d6936b95f20f83f76c095ae260c7f7577d5276cc827c869c392c3bb7d942cf65b5ac6525a4c70c609943e6ab57004e4f5f061307328a439697e2ff
-
Formbook Payload
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-