General
-
Target
5358224760d07bf2eb476747acff327d03795dd3012b5f5600a66702df70abbf
-
Size
206KB
-
Sample
220717-af2lqagaa3
-
MD5
f2270110781aacd010fcbd439524948d
-
SHA1
f8c3d8785df15e904e5357f8aa85fcb3b3c9d2f8
-
SHA256
5358224760d07bf2eb476747acff327d03795dd3012b5f5600a66702df70abbf
-
SHA512
2b6e8a3e5594d28123fa5226e054bd1cbe42775d28d60d764a04b498da2361a71da057c45904a2c5b516c0fa487d77edd85d39d15e868579bd259ceec76802ed
Static task
static1
Behavioral task
behavioral1
Sample
5358224760d07bf2eb476747acff327d03795dd3012b5f5600a66702df70abbf.exe
Resource
win7-20220414-en
Malware Config
Extracted
formbook
3.8
wo
medites-kiko.com
most-city.com
twentyfivecopper.com
equifaxsecurity20117.com
fantastic-gymnastics.com
emocioj.com
jndoka.info
doyogawithgopa.com
associationtouscap.com
lanes.site
ziqa.ltd
dud00r.com
wwwkabam.com
search188.com
virtualrealitydotstore.com
orgachain.com
xsbgp.com
jennigsacademy.net
pbconsultingni.com
xn--fiqq6k45cwrx4j2awfft29b.com
move2pearland.com
advancedtechnologieslabs.com
jazosoft.com
pq-db.info
traiteurlusso.com
travelinggladly.com
detersivi-biologici.com
museumcamino.net
cnweikang.com
shazhi9.com
time-fordating.com
ipducks.com
ristobonus.com
mbiz-supprt.com
00style.com
eugenetherapist.net
womanofworthiness.info
peritaltd.com
employeevita.com
ggagp.com
why10news.com
crossfitstripped.com
xn--gtu51e.com
laidbackfrog.com
sqksn.info
yupeo.com
rapidoiptv.com
ghsica.com
withlovechristine.com
curvaevia.com
tarotmanodefatima.com
93punks.info
unit-tech.services
emilyandtorey.com
1002mp3.com
alexander-international.com
friendshipstory.com
wangluoid.com
burkedomus.com
6009977.com
huarenboss.com
huayingweinasi.com
bliontechgroup.com
imwholesale.com
plodameg.com
Targets
-
-
Target
5358224760d07bf2eb476747acff327d03795dd3012b5f5600a66702df70abbf
-
Size
206KB
-
MD5
f2270110781aacd010fcbd439524948d
-
SHA1
f8c3d8785df15e904e5357f8aa85fcb3b3c9d2f8
-
SHA256
5358224760d07bf2eb476747acff327d03795dd3012b5f5600a66702df70abbf
-
SHA512
2b6e8a3e5594d28123fa5226e054bd1cbe42775d28d60d764a04b498da2361a71da057c45904a2c5b516c0fa487d77edd85d39d15e868579bd259ceec76802ed
-
Formbook payload
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-