General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.26326.25002.exe
-
Size
573KB
-
Sample
221130-pxb5qabc53
-
MD5
761d7c3beb6db8dba8db49fa54077d29
-
SHA1
2258d890134463dc7e950d49cb49d3980e01bc43
-
SHA256
2a08c4a174a0c90f8e3981182172493c1e729668fce404401a7e20be3d8d8beb
-
SHA512
58cf7fd319668a1fa3a3da64fd19aea95e539072839431e3698b6a6b35426e5862eb23fe1de0152dde3d546dc5ae6cba217c12cd3d077a4d5c3fa62ecddb3b75
-
SSDEEP
6144:1pqYmkA0GoPzz6qey+humMdxMDkKrIgnvom8Wop9tQ8WlYxhm874cygVpbeIn:DqVkkoPzz6s4MArI+1op9tQFYPUceIn
Malware Config
Extracted
formbook
89nz
f5/fq8w+OoW8
yfF5aDC+a77IU5uNwg==
fcP52Pw8btvvHGs=
xlWev+vyUYaayOhQz31CKw==
TXm6fqVrL1rld+2kYTs=
pzmKyuutwjpXaw==
nkGJnaRgZkxwDLEt
ZtcubEwMqwo0PC2bZLFVPZOmx48KaA==
zOYBjKhvKlfarqaZWDk=
XSfxjejZ1kdpcg==
Fw6bd6milZCJYv2rLnsaAeXntjpDRhwI
Neg+ja9ha1tCINW9hnlWy3tggj0=
Z+AgTYx/9gFyeKaZWDk=
R3MJITDvAQ8r+U3KgdvjIw==
uEuR4fu5BUX9inDuo5Vhy3tggj0=
tXuu7VjnO3iTU5uNwg==
X27n3e6r6yk+O2EaudIo8u0e4zU=
zVr1V2MPRYJA2uPaz31CKw==
xskKu/XzzBhzSRzlz31CKw==
YYC/T1wADpNmLG4=
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.26326.25002.exe
-
Size
573KB
-
MD5
761d7c3beb6db8dba8db49fa54077d29
-
SHA1
2258d890134463dc7e950d49cb49d3980e01bc43
-
SHA256
2a08c4a174a0c90f8e3981182172493c1e729668fce404401a7e20be3d8d8beb
-
SHA512
58cf7fd319668a1fa3a3da64fd19aea95e539072839431e3698b6a6b35426e5862eb23fe1de0152dde3d546dc5ae6cba217c12cd3d077a4d5c3fa62ecddb3b75
-
SSDEEP
6144:1pqYmkA0GoPzz6qey+humMdxMDkKrIgnvom8Wop9tQ8WlYxhm874cygVpbeIn:DqVkkoPzz6s4MArI+1op9tQFYPUceIn
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-