General
-
Target
000003_20221206.doc
-
Size
3KB
-
Sample
221206-qt7mwscc89
-
MD5
feb31139c26b083f45bac3fedd811e2d
-
SHA1
8c2b7d9d9a953a9f944c141498724da53624a12c
-
SHA256
6b0f67636b41da6d6f69d57dd2b421c140ee5090c168eb09b08357c00eb1963d
-
SHA512
487bc1ff45089071a6cdfbe9c6637285d7549fc4c011e8ec8fc4827609c531219d3c53b5516e03a48d07b623e7f904fc3f43c48c59a941a31918c5229996eba7
Malware Config
Extracted
formbook
4.1
h3ha
ideas-dulces.store
store1995.store
swuhn.com
ninideal.com
musiqhaus.com
quranchart.com
kszq26.club
lightfx.online
thetickettruth.com
meritloancubk.com
lawnforcement.com
sogeanetwork.com
thedinoexotics.com
kojima-ah.net
gr-myab3z.xyz
platiniuminestor.net
reviewsiske.com
stessil-lifestyle.com
goodqjourney.biz
cirimpianti.com
Targets
-
-
Target
000003_20221206.doc
-
Size
3KB
-
MD5
feb31139c26b083f45bac3fedd811e2d
-
SHA1
8c2b7d9d9a953a9f944c141498724da53624a12c
-
SHA256
6b0f67636b41da6d6f69d57dd2b421c140ee5090c168eb09b08357c00eb1963d
-
SHA512
487bc1ff45089071a6cdfbe9c6637285d7549fc4c011e8ec8fc4827609c531219d3c53b5516e03a48d07b623e7f904fc3f43c48c59a941a31918c5229996eba7
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-