General
-
Target
0a754c15f44f30d3d6828ff8cb6b26e9f0b579804c7fe5f783d7f766d1dea1bf
-
Size
983KB
-
Sample
220912-mhxrrsgghr
-
MD5
8206d7a8aa135ffedf71b72fe7d68f57
-
SHA1
0698465d597adc23561338118856d9a72856c7ac
-
SHA256
0a754c15f44f30d3d6828ff8cb6b26e9f0b579804c7fe5f783d7f766d1dea1bf
-
SHA512
d8ec49f2d58c6223d3605e108f3cda2a8c80826246904127e1ed521bff40cf00fcbdbbbac4f8c61e478ee968a6b0478563c6f2fff84d54bcd1d8dfdfac4f3bec
-
SSDEEP
12288:5LfezJnxvdMk+VsN2Hj5KYqpPTg0PcXXN2MIalUSFoMr1Xi1Q:5yFnd+VsN2HFqpPUacXNzIalUsrFkQ
Malware Config
Extracted
formbook
4.1
os56
australianhotwaterupgrades.com
vipidplus.online
kneescooterscanada.com
pesanterkini.com
madden24gameplay.com
linkbong88moinhat.net
awongtest41saletest.com
thetravellingcatcompany.com
vazxlip.xyz
bangdemcheeks.com
passengerassistance.website
cloud4global.com
prestopizzarennes.com
midlandchambertravel.com
nashwan-d.com
bellescraftkitchen.com
teamtisdale.com
allascooussaa.us
cryptobet365.xyz
cbij.education
Targets
-
-
Target
0a754c15f44f30d3d6828ff8cb6b26e9f0b579804c7fe5f783d7f766d1dea1bf
-
Size
983KB
-
MD5
8206d7a8aa135ffedf71b72fe7d68f57
-
SHA1
0698465d597adc23561338118856d9a72856c7ac
-
SHA256
0a754c15f44f30d3d6828ff8cb6b26e9f0b579804c7fe5f783d7f766d1dea1bf
-
SHA512
d8ec49f2d58c6223d3605e108f3cda2a8c80826246904127e1ed521bff40cf00fcbdbbbac4f8c61e478ee968a6b0478563c6f2fff84d54bcd1d8dfdfac4f3bec
-
SSDEEP
12288:5LfezJnxvdMk+VsN2Hj5KYqpPTg0PcXXN2MIalUSFoMr1Xi1Q:5yFnd+VsN2HFqpPUacXNzIalUsrFkQ
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-