General
-
Target
ลิสต์รายการและสเปคของที่ต้องการ.doc
-
Size
31KB
-
Sample
221208-m19jaahg42
-
MD5
135ca6b75d76e54276865be252a7e8e7
-
SHA1
9acc0db1a185ed9db3db00149d39aeb124119508
-
SHA256
8ffb3b7f4303ac738f2fc186c3ee5f808fd4f27642af8402b0d7b60bae0ea364
-
SHA512
6a0235536b1a5530d7f1cef4f4fced328b6d3c3ac60875d671d8c58c2ac84a76641e4d3e9ec586a8bd70de2d0defba01003b278bdf7fdc6330ef5b9d25121bee
-
SSDEEP
768:WFx0XaIsnPRIa4fwJMdD0cfcFBmzRgHmQRZU:Wf0Xvx3EMFnyQDmU
Malware Config
Extracted
formbook
4.1
vr84
intouchenergy.co.uk
lalumalkaliram.com
hillgreenholidays.co.uk
fluentliteracy.com
buildingworkerpower.com
by23577.com
gate-ch375019.online
jayess-decor.com
larkslife.com
swsnacks.co.uk
bigturtletiny.com
egggge.xyz
olastore.africa
lightshowsnewengland.com
daily-lox.com
empireoba.com
91302events.com
lawrencecountyfirechiefs.com
abrahamslibrary.com
cleaner365.online
Targets
-
-
Target
ลิสต์รายการและสเปคของที่ต้องการ.doc
-
Size
31KB
-
MD5
135ca6b75d76e54276865be252a7e8e7
-
SHA1
9acc0db1a185ed9db3db00149d39aeb124119508
-
SHA256
8ffb3b7f4303ac738f2fc186c3ee5f808fd4f27642af8402b0d7b60bae0ea364
-
SHA512
6a0235536b1a5530d7f1cef4f4fced328b6d3c3ac60875d671d8c58c2ac84a76641e4d3e9ec586a8bd70de2d0defba01003b278bdf7fdc6330ef5b9d25121bee
-
SSDEEP
768:WFx0XaIsnPRIa4fwJMdD0cfcFBmzRgHmQRZU:Wf0Xvx3EMFnyQDmU
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-