General
-
Target
ff9cb8f0b77b8627aff748b0c47ff83e52fdcce328283191a0284a7abdd4c9c9.exe
-
Size
808KB
-
Sample
221208-pv75dada21
-
MD5
e5aec87031becb8f74adc6a244a4965c
-
SHA1
ca92401e68c6a65d863303235a018538b91e3422
-
SHA256
ff9cb8f0b77b8627aff748b0c47ff83e52fdcce328283191a0284a7abdd4c9c9
-
SHA512
fbd97279ae3b02bb039f09475bf6e68893a0ab7b370fae28091688d0201cc025b83ca581f507adc00251c4ec6bbb7dc3960a66ed9183ef412420ab61606b2d4b
-
SSDEEP
24576:Zr18+L74mBfNUstzouz7Wouu6YlLH03r8JN:ZrrTnUI
Malware Config
Extracted
formbook
c43g
TJbzc715oMJyvdR2QVKD7Vo0tQY7R7Ey8A==
s0SBKHqd+pu4ExyvcX8DH+EhBZk7og==
dIFcsOkaySIJIw==
nvCLvSBIvt/XA8toCA05klSmSCs=
eAuSnrNfn/zh//Q=
9gFqr+CHySIJIw==
UND1oatxstSL8/uia5b4L9sa
EE2Wu7NkmKhw6dWD/ZrV
pTc3sxUsdqBbV7mgf6U=
bOoXvKs7MlJ2sCC93H0u0w==
fYSulyhLySIJIw==
Ud0T4Sdau9HjE5WDHTLV
x1ogw5IzvNLn
a6Utc6622e7N7rKV7g3E
e8rnBl+SJgun5NdyTaaLWEbEySM=
sjRR7uGCkOl33+w=
FWLaFz7vG7RHTvemab6vBYM=
KKdNclzjyFxvW7mgf6U=
6lpaaOHCJSk=
RaGqPzng+SYHWbHDFmuS0Q==
Targets
-
-
Target
ff9cb8f0b77b8627aff748b0c47ff83e52fdcce328283191a0284a7abdd4c9c9.exe
-
Size
808KB
-
MD5
e5aec87031becb8f74adc6a244a4965c
-
SHA1
ca92401e68c6a65d863303235a018538b91e3422
-
SHA256
ff9cb8f0b77b8627aff748b0c47ff83e52fdcce328283191a0284a7abdd4c9c9
-
SHA512
fbd97279ae3b02bb039f09475bf6e68893a0ab7b370fae28091688d0201cc025b83ca581f507adc00251c4ec6bbb7dc3960a66ed9183ef412420ab61606b2d4b
-
SSDEEP
24576:Zr18+L74mBfNUstzouz7Wouu6YlLH03r8JN:ZrrTnUI
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-