General
-
Target
DOC2022092856789098765560890.exe
-
Size
463KB
-
Sample
220928-m3d56affe6
-
MD5
9fc5136c71809ca5116aa57f4ffc2f41
-
SHA1
ab592ed0edb886b9fb1cd2e8b90ef59b3f8d3d93
-
SHA256
5f3d522c2e8fb5fa25bee03bdd61f8b957935e4209849358d41f49c39fe82ddc
-
SHA512
2f4fc6cc58d14750e3220c2dfa49ac1587cc95e1386051e96b1b667f0b9715a90d581e85e33b8e99ecd8f7a8c0415844e1760d8ef592c2c00dee48d668c2f6ac
-
SSDEEP
6144:YbVNADxpXBOX/zDQbJlEwqgvw3kV1IPZIOPnjhda+:eNAvxOX/mJlzV1nOPnFd
Static task
static1
Behavioral task
behavioral1
Sample
DOC2022092856789098765560890.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
c1no
SKHcqi+am5xGsHiCoXnH
BObxRpdRlNT5GCo3Eg8azNIQ
GPkN2SZ9gJOYqn4iaNIH6d1MRlk=
ZrdQ6Q4zd05LBFWPDc8=
KYQZEtvg85sq1t9jd7kazNIQ
KWu2/CZdnIFgf0p8
YlJ9mWmf+XkCjxzXSw==
nPeaENkZPzjWSh5DJiBVhlrTSx9V
GfUN8rKft59DsH2CoXnH
5ThnVCgjBm96jxzXSw==
pfb0D48Mk38v
uK6V0h16ziJXZuQ3NR8asKzT2Q==
QaxeYCJXoHFvKesgBSozIyC6bkTR8rbF
QT12wt/a0nsdrbY/oSGKqcq2wQ==
vfuiENwZZrvruTm5lHDF
iNsQyVnb3NHbtXyCoXnH
9jjn4jP8RyrjBYwNPvtfPg==
Wz1uwtUpdbrpwZXZq5HpXV7TSx9V
e9+RDvTx9HSZej/7PvtfPg==
oAeNwswNS6QgtnOdmcc=
qPubLUVHnOVnrg==
5hJj3x7DBmd7jxzXSw==
UJPc9LGnoAkXANI6tm/Q
AEuW4O/a+50iqzbmTQ==
zBtaGow/nqJDqD8o99ARRpY=
lvVy19o2FG5RbnI=
C+Mjuwiv9D38YjFlKlDxbWjTSx9V
EGubVd1LTkbdRNVPEzrP
N50fT05CnOVnrg==
KwYs8G/W6/uqC1DKQQ==
GFmHQM49XbHM2bRgzkGXqcq2wQ==
6ccOQNIwJxy1N0aCoXnH
QwoOaEt9su8HvXiCoXnH
hON/kiKJdadvQRQ5vYqtBI/Sh1E=
JGudBVkGfnujw8zRpsc=
DHAN9KmqplIDRg7NHtfRAY/Sh1E=
ugtLD50RHi3ap2TdSA==
sv8ZdLAjTJCpYO/ZTNARRpY=
BVPqCaFmwbZLyJndw57aPiss/NU9Zg==
In8wuf5zZl1ailWPDc8=
MHO6dBG7C2WDl1WPDc8=
5T97jQThPgkR5H4=
txScCkbBqZg1rH2CoXnH
VqP4PVVedxRNo25u/M0=
kt1nfiHFBWmSlKCQSmlupPSTQzpf
Q6pfESIJFHV0ekl/8MU=
W6v5CQA/FW5RbnI=
qA/HpzO2t6JB1+xLGAAazNIQ
LhI5pgG1BU1iiFWPDc8=
l42eVNJBRDM3ENwC9woazNIQ
eV5oGYwMk38v
DGILBVIJd5VP29dfyjuEuqGtbjMGkYXQHA==
sRdbmrbhGtN3rC+pwRONbN/IxlnLswMRFA==
twSnE+Mjg3oUTiBl
NosU+T2QjZyXm1WPDc8=
1TBn3TWymYsceDt3aLs4EtKbDIn2AsnF
4x5ht83A0Fx3jxzXSw==
0bnTtIWxGSgUTiBl
Oxc26HoHPXh8jJmR9E2zpC8t/NU9Zg==
UJwXuNYZSX+CklWPDc8=
zy1cD5Nys5RApmS1vQ2Vqcq2wQ==
Bd/1wxjHHSgUTiBl
KIQZq6PLHaPT09biuNHG+I/Sh1E=
f9gJPU9ERcTWvpNEsTKTqcq2wQ==
frankrijk-stijlvol.online
Targets
-
-
Target
DOC2022092856789098765560890.exe
-
Size
463KB
-
MD5
9fc5136c71809ca5116aa57f4ffc2f41
-
SHA1
ab592ed0edb886b9fb1cd2e8b90ef59b3f8d3d93
-
SHA256
5f3d522c2e8fb5fa25bee03bdd61f8b957935e4209849358d41f49c39fe82ddc
-
SHA512
2f4fc6cc58d14750e3220c2dfa49ac1587cc95e1386051e96b1b667f0b9715a90d581e85e33b8e99ecd8f7a8c0415844e1760d8ef592c2c00dee48d668c2f6ac
-
SSDEEP
6144:YbVNADxpXBOX/zDQbJlEwqgvw3kV1IPZIOPnjhda+:eNAvxOX/mJlzV1nOPnFd
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-