General
-
Target
jets66700.exe
-
Size
258KB
-
Sample
221205-j4exasbb22
-
MD5
c10e0b9756b38239fed5025e119db829
-
SHA1
b7a2ddbfd18fe7f0ea7683e73d84a595e966ebb9
-
SHA256
3603af319837f00dacace08ff3add606ccfd6faf64a53606575aae6f1a4ba782
-
SHA512
8d4d4edf987383774e8ccf54f5d06a8d08f1a52ee40592aacd5d512bc7c445f1d61b0333582b1c3f25cee14ee97aa4625941a9bd7425741c95736168f082f06c
-
SSDEEP
6144:QBn1/KUwq3q6YqZZ9f/EBqpObOiFzkiUF9FaP5qgJDa:gNslSEbOizk/9Foqg0
Static task
static1
Behavioral task
behavioral1
Sample
jets66700.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
4.1
je14
innervisionbuildings.com
theenergysocialite.com
565548.com
panghr.com
onlyonesolutions.com
stjohnzone6.com
cnotes.rest
helfeb.online
xixi-s-inc.club
easilyentered.com
theshopx.store
mrclean-ac.com
miamibeachwateradventures.com
jpearce.co.uk
seseragi-bunkou.com
minimaddie.com
commbank-help-849c3.com
segohandelsonderneming.com
namthanhreal.com
fototerapi.online
your-download.com
klindt.one
sellerscourt.com
francoislambert.store
smokedoutvapes.co.uk
rundacg.com
flavors-and-spices-lyon.com
qifengsuo.com
sunnyislesgardens.com
tunneldutransit.com
restorecodes.website
blast4me.com
bingser.space
co-gpco.com
emporioaliwen.com
mr5g.com
abcp666.com
consulvip.net
sagaming168.info
zjpbhsuz.top
socal-labworx.com
arethaglennevents.com
rafiqsiregar.com
esgh2.com
veirdmusic.com
abzcc.xyz
8065yp.com
dronebazar.com
duetpbr.com
apartamentoslaencantada.com
digigold.info
homedecorsuppliers.com
duenorthrm.com
xmmdsy.com
ddstennessee.com
marmeluz.com
ragnallhess.com
methinelli.com
randomlymetheseer.com
magicgrowthproducts.com
shreejistudio.com
mattress-37684.com
yellyfishfilms.com
www1111cpw.com
tigermedlagroup.com
Targets
-
-
Target
jets66700.exe
-
Size
258KB
-
MD5
c10e0b9756b38239fed5025e119db829
-
SHA1
b7a2ddbfd18fe7f0ea7683e73d84a595e966ebb9
-
SHA256
3603af319837f00dacace08ff3add606ccfd6faf64a53606575aae6f1a4ba782
-
SHA512
8d4d4edf987383774e8ccf54f5d06a8d08f1a52ee40592aacd5d512bc7c445f1d61b0333582b1c3f25cee14ee97aa4625941a9bd7425741c95736168f082f06c
-
SSDEEP
6144:QBn1/KUwq3q6YqZZ9f/EBqpObOiFzkiUF9FaP5qgJDa:gNslSEbOizk/9Foqg0
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-