General
-
Target
f76f5834e3f530f51170304bbfd84fbbafc93a063dd418c6c8d87e4c6669f482.exe
-
Size
822KB
-
Sample
221010-ndpq2abfa5
-
MD5
3584af4c7ff3061dc605bfc0de9d478d
-
SHA1
c503adf44637ac957da9cae59dd096253ab4b195
-
SHA256
f76f5834e3f530f51170304bbfd84fbbafc93a063dd418c6c8d87e4c6669f482
-
SHA512
2efa424e30bb3dd04149b214da74073403b5214c96259d0155819b1897bc3006ee3b1e58cbf1564e4a555e72f0cbf9aa3b54317cdcbd81079af18a434480eb14
-
SSDEEP
12288:LSC+LolWHgwDh75VhQKLpSiro7BvE1lhBLW+EcULD:yLolWAwDh75Yidro7hE7h2
Malware Config
Extracted
formbook
cqd8
9zPItsSBQPthH0B1
iyz2ugC7TUMEaZEDDTNIzw==
uVc25zCFO03zbYzHxXLElk5HHccFoes=
RYDZw1su7yszucXjwqtgrz1tSccFoes=
AiB+KfBdDLRFs8sOAsmAllKZeg==
w5T7/Y1lNGBeMdKkKNl8tUl3fTWjlURG
mcIHqPCaEavSyg==
YA7dyN6xKf1MKJa/RA==
Dt789IRVd/fO8FeQNOiV3g==
jYfu3dS4b/1OL59exnPPEo4=
SjyOSKD6lRhpWwUmMwE8ncB1KOg=
JIT782/TaO41DXw3hYJa1g==
uT4u7SwA+3yA/iCo0O7tHyeffA==
/gJzPfngDySzwndmyHPPEo4=
+Um8wD7b9bCQ8A9cK4Nl1oA=
RaikVqx5ozxW3vd6khgIHsDMgKrv
hyYEyRMIEJ8WdnFePeLgHyeffA==
bCov6raFJ30odm5fJQQ=
1rMMrXrTf7OZqyLVM708wZ0=
U4nspOC6sJ3et2I=
Targets
-
-
Target
f76f5834e3f530f51170304bbfd84fbbafc93a063dd418c6c8d87e4c6669f482.exe
-
Size
822KB
-
MD5
3584af4c7ff3061dc605bfc0de9d478d
-
SHA1
c503adf44637ac957da9cae59dd096253ab4b195
-
SHA256
f76f5834e3f530f51170304bbfd84fbbafc93a063dd418c6c8d87e4c6669f482
-
SHA512
2efa424e30bb3dd04149b214da74073403b5214c96259d0155819b1897bc3006ee3b1e58cbf1564e4a555e72f0cbf9aa3b54317cdcbd81079af18a434480eb14
-
SSDEEP
12288:LSC+LolWHgwDh75VhQKLpSiro7BvE1lhBLW+EcULD:yLolWAwDh75Yidro7hE7h2
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-