General
-
Target
8033446144.zip
-
Size
677KB
-
Sample
220922-t4r7qsfffq
-
MD5
e18ae3115f38c91de7d89fbc0255ef46
-
SHA1
46f8c28ffcd93533ba6e262de059483f3e965320
-
SHA256
659e650188ad7c1d1580b878dd01b049dd6f403afef642ca7a62a488fc414bf8
-
SHA512
36a01ea5dc2e2d30bdb0602228742735fd1592f07f854ef6d52e55f32c52794f9ed0030ea5a72f1362aee7be58668353303c24785b299ceaa98a6ec765ea1765
-
SSDEEP
12288:K7D8QrKyXeW6LJYwXZKUDecglLTYA3/5WpySopvlcog4HjRrDTOV:EgQrKyXeW6NLKUDecgZYehsyfNgSdqV
Malware Config
Extracted
formbook
c1no
NOAZ1GtFnUx1bqjUWmD6
sUBk3CYAoWuQfq3UWmD6
5vwrVl0msDtpEkYt
VtL6sSoIchhMStcj5DxYbm3FBw==
BKjy1ZxyhhuJ2guPWUI=
eAgklPLAE7zgqOmwRqPNOQLXz1Y=
aApC9n9Zp0ZhObwjLLLUAg1cjsx6Lg==
OrLZYLeFBavC1cD5+A==
jJm87eu4hy/QMbYE/wzDRQLXz1Y=
s63OS5RsBKrY3FurpDZXbm3FBw==
hyxwKsePxJNCwwejbEg=
l5667e2vQOkM4hFPE5yA0Q==
wTtVQBT04YkyoNKoN53GFV9m2hpS
+pzWhBnS26FJqiRyZXQrqR1Ow/1B
d/VHx031x5W2
GjhhiKSDZ/1txQejbEg=
nDhRjp5e9JeQiKzm+gqI41hdV5nFhsI=
ws4wtUMZYA1pEkYt
GazXV6Fr6akfcvxEOcbpTTCmMEq7Jg==
2vAOHufF5MT6VdU=
Targets
-
-
Target
d2f322cb15f591ef314eda3cb164f8ab0ca0048f89c8694cf9bc6ca39a2785fb
-
Size
936KB
-
MD5
bfb9abb75108871639ab6341d97677b4
-
SHA1
f1dff2faef0a0e3e74ffcebb4b6aee8fb512c274
-
SHA256
d2f322cb15f591ef314eda3cb164f8ab0ca0048f89c8694cf9bc6ca39a2785fb
-
SHA512
a98430ba24fd3048422b99d1c8fc94f3094b7ec20aea571ad0ab5191f934cf8f6a93f50e3e65e2612204873078f63ce33ab6fd6b4d8bb8a661a1a6a08f4cc49f
-
SSDEEP
24576:Qlubg3rMXy/fzfEarna8MFeN2ZtZzi10:Q4s3Yi/fIaras4Zzi1
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-