General
-
Target
8f8a4c7047cbd9f258d3eb0000d97a3d224511f5f988f29e2df851379d083f33
-
Size
927KB
-
Sample
221012-syqlaahed2
-
MD5
60e2e60e179a3c8dd04ec06e84130f5b
-
SHA1
19b330249d0c684e72cf7f49e1a02f0912f8415a
-
SHA256
8f8a4c7047cbd9f258d3eb0000d97a3d224511f5f988f29e2df851379d083f33
-
SHA512
ec938d73b7eccbe8d81ce875a4e2d6e310ed79a8df1de8174b0e9e2ad748fc775f34979b37d9891d5da1e542ab26157318e1cd13d1f88f0cffae5eb92aa862f1
-
SSDEEP
12288:z5xxFEjSJJ3XRnroNmh0Bm/eYlbmAhkgdRhz33zEm7lUctkJ68:YI3XRUstqhgZzbBUyO
Malware Config
Extracted
formbook
wias
CXXKHv6a96VrB0/Zxg==
o+4epQpE128PzREWa6HKPKQ=
xySzkeSGOEQUtj9p
SY0ZnYU2oysFVrQN8/w=
G3VNNJLAtq5ROxON8orShVpKnb6gcQ==
VcHOx94NdAOC
b7+BgeXj7OOpfA==
sA2ZVDTD9GUO7pp4X3Tp
GZXYlfcEHD0Utj9p
sgEKFfCDY4IV8dyPhJNIfZrJ5Q==
OYf4xx1ERFHTmW8M26HKPKQ=
JXYzDOR+TD0Utj9p
S5EZ7UxxaIU6MjvWYrpo0A==
IUWFBUb1P913X2nz19RXfZrJ5Q==
+W+5InJfIZdo+E8=
PIOR/2Qpdxatj5tAKVtSwm1b7RY=
e+W/onksJ0VPBvWHaqJUfZrJ5Q==
NZWlBmoxehX4pQHr2g==
DGN0gWspwMxraw==
Rah6SBTS2dBjHW9w0UNCKRx+0Qzt
Targets
-
-
Target
8f8a4c7047cbd9f258d3eb0000d97a3d224511f5f988f29e2df851379d083f33
-
Size
927KB
-
MD5
60e2e60e179a3c8dd04ec06e84130f5b
-
SHA1
19b330249d0c684e72cf7f49e1a02f0912f8415a
-
SHA256
8f8a4c7047cbd9f258d3eb0000d97a3d224511f5f988f29e2df851379d083f33
-
SHA512
ec938d73b7eccbe8d81ce875a4e2d6e310ed79a8df1de8174b0e9e2ad748fc775f34979b37d9891d5da1e542ab26157318e1cd13d1f88f0cffae5eb92aa862f1
-
SSDEEP
12288:z5xxFEjSJJ3XRnroNmh0Bm/eYlbmAhkgdRhz33zEm7lUctkJ68:YI3XRUstqhgZzbBUyO
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-