General

  • Target

    f26fc4ea0c27824a013ffa528d0aee88dcaf5f4b5defd62b48ddf2facfaa5124.bin

  • Size

    184KB

  • MD5

    60d0fd39807c962e45c1ad7388fdee93

  • SHA1

    98dbb9f3c0c9e6ac3c5bf0fd987509f6f586423d

  • SHA256

    f26fc4ea0c27824a013ffa528d0aee88dcaf5f4b5defd62b48ddf2facfaa5124

  • SHA512

    f153f6ba16486985244dd24df96551357e182fa744eb4e69e5c43168fb05972e896d4cda363a0439d832a8e3dbd6351060a0dee70b9997c9ef6ccdedf8b93123

  • SSDEEP

    3072:92TYPU26FOQJ9sjqFeTiqGaXI9BOkaqfm7hxkga++wimuBtzV:XH63siUlGaXI9Baquh3a+Ymw

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g2fg

Decoy

snowcrash.website

pointman.us

newheartvalve.care

drandl.com

sandspringsramblers.com

programagubernamental.online

boja.us

mvrsnike.com

mentallyillmotherhood.com

facom.us

programagubernamental.store

izivente.com

roller-v.fr

amazonbioactives.com

metaverseapple.xyz

5gt-mobilevsverizon.com

gtwebsolutions.co

scottdunn.life

usdp.trade

pikmin.run

Signatures

  • Formbook family
  • Formbook payload 1 IoCs

Files

  • f26fc4ea0c27824a013ffa528d0aee88dcaf5f4b5defd62b48ddf2facfaa5124.bin
    .exe windows x86


    Headers

    Sections