General
-
Target
0edf2a0a4fe852db8050d58c5698b71b14a8346022eccc5180f5acd0378a9966
-
Size
899KB
-
Sample
220901-se5absfcbn
-
MD5
c2724b5bece3913584ce76a11e2b6414
-
SHA1
dd65c490d2e5ea690a3522e680169e1c748ad605
-
SHA256
0edf2a0a4fe852db8050d58c5698b71b14a8346022eccc5180f5acd0378a9966
-
SHA512
cfe497fef745d9e2f59889cf95019187179e55ae89dcc44b0078b44229d95e1712b29d42facd7e1c9851e5a6a3257dc4756ac2b6e0dc1709f1c173429fb9d8cf
-
SSDEEP
12288:yHF75eSgPwqoXY+mzoRtbvRT75yzcv6Fe5pNtSuz6FbIo0fRw1hDs/7bDI:0Z5LXY+mzo3bv/H6epNguz6FiZSDyg
Malware Config
Extracted
formbook
4.1
cy30
viveksirclass.com
lotuscounselingsc.com
thompsonlaws.com
theinterviewworkout.biz
brofjoc.online
euheimr.net
dealresort.xyz
betforwar.com
tayogas.com
redhotcellopeppers.com
shoujigushi.com
jounan-lp.com
womensminitournaments.com
003523.com
fuyeku.com
powerenergyshop.com
99334633.xyz
army-construccion.com
superiorpipemaintenance.com
clientpods.com
Targets
-
-
Target
0edf2a0a4fe852db8050d58c5698b71b14a8346022eccc5180f5acd0378a9966
-
Size
899KB
-
MD5
c2724b5bece3913584ce76a11e2b6414
-
SHA1
dd65c490d2e5ea690a3522e680169e1c748ad605
-
SHA256
0edf2a0a4fe852db8050d58c5698b71b14a8346022eccc5180f5acd0378a9966
-
SHA512
cfe497fef745d9e2f59889cf95019187179e55ae89dcc44b0078b44229d95e1712b29d42facd7e1c9851e5a6a3257dc4756ac2b6e0dc1709f1c173429fb9d8cf
-
SSDEEP
12288:yHF75eSgPwqoXY+mzoRtbvRT75yzcv6Fe5pNtSuz6FbIo0fRw1hDs/7bDI:0Z5LXY+mzo3bv/H6epNguz6FiZSDyg
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-