General
-
Target
53495ecf8b97a44f42431f7a069d6d993728788af54c20ce7ece289640c3e1c9
-
Size
334KB
-
Sample
221121-ycke2ahd5v
-
MD5
2c74b401820174296f5f421a431970d0
-
SHA1
4801a6235cfe2ad17fa7171d352e49185939afb4
-
SHA256
d24b7e7271c82af4f78b94743d6db6b3d224d0aaf7cb54038445356e229c8df0
-
SHA512
1c74f71b3caed10b7beb16676f3ab1249a0f513424fd924b22a9109d6614d215c05a065d5d0daff84eed321189cf18d735185d9c89274b1fa3fb97827bc75bf5
-
SSDEEP
6144:fQT6JTLWbYW5/UBrohXew3S4WKkmHMQIKXNa6OvtJee/Qa+JfdiJniGBE:ff16bY9wew3JWKhOvtJetdMn/E
Malware Config
Extracted
formbook
4.1
sk19
21diasdegratitud.com
kx1993.com
chasergt.com
837news.com
naturagent.co.uk
gatorinsurtech.com
iyaboolashilesblog.africa
jamtanganmurah.online
gguminsa.com
lilliesdrop.com
lenvera.com
link48.co.uk
azinos777.fun
lgcdct.cfd
bg-gobtc.com
livecarrer.uk
cbq4u.com
imalreadygone.com
wabeng.africa
jxmheiyouyuetot.tokyo
Targets
-
-
Target
53495ecf8b97a44f42431f7a069d6d993728788af54c20ce7ece289640c3e1c9
-
Size
357KB
-
MD5
8babf47c462b4c9dc2e4331d2cbbce2b
-
SHA1
9b3f3e7ab491450cfb595584d316a48cdf6c9138
-
SHA256
53495ecf8b97a44f42431f7a069d6d993728788af54c20ce7ece289640c3e1c9
-
SHA512
518c2fa8b1ec096079cbc54f49c0ce8df7a1e0c8c590c4e993e8013cc17f565cc125e9441c80c946bbfd4e7aa7e3741f7c9cc8c8a3d0eae171c8ea76e68c461a
-
SSDEEP
6144:HEa0eDyf/UBrohN9DYGWKkmHiQIKXNa6OltJae/Sa+tSV93niGBk:LdNGWKhcltJatSf3n/k
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-