General
-
Target
6c0b46a75222d73d7c3b383335b4445ecbf1e4559b132dc64a291929128c04ae.exe
-
Size
1014KB
-
Sample
221208-pvmhnsaa38
-
MD5
82d72b9f11196d6a4c1da56621aa747f
-
SHA1
0cb896439279030d2b3660751d110c909560290f
-
SHA256
6c0b46a75222d73d7c3b383335b4445ecbf1e4559b132dc64a291929128c04ae
-
SHA512
dfe2a38d0ef2bd50a8df77930362b35f02414243d72692cbbd3193cbb256dc790f8961b9109fd07fbf1f59d3417c253a18c3cb88b74b78fcdbaba07da7b603e3
-
SSDEEP
24576:DibznTknEBNx+te3lcvM2wv8Hbdf3yT+L74mBfNUstzo:DwngEBOte3qvTuMdf3
Malware Config
Extracted
formbook
u2t4
is0/Kr2pwzJzsQ==
Br+Y1UJXBRwi
3xyPgizUdKz09BsETkl8og==
ze1TAoMAaDPX/7U=
UVOHbw2GAq+PuIWSsQ==
OFq93KpeAiRsF44pjf8c
UjleSFYu2ROPbM8guwc/3jgL5FIc2g==
ow7s/hPgGLjvqwpJxQRltDRE
3OpfZ+axwzJzsQ==
pL9MWhCRBLWPkHMroyxnEnVM
EkLh+4L0Zn/kqj3SzhKGlog=
7WFAPUAKqMzaOaf3h/0jUEsP5FIc2g==
Npp5j75QZShZGHHS0xKGlog=
TzqeenZDdYzTtA==
YZgC6XhkQ/MxdomLwxKGlog=
gZsaHLeQT/1Yl4FYhfAKLV/kkbg=
6jTksbcyDbLMEbkU
RlKKaAnhnksyMwR/mB9umKUWjocoa24=
oDtW4wgWu8cPx93u0AqTK2A7QzRM
JyJyIEb6tH/4mdvroC9pDnIi5FIc2g==
Targets
-
-
Target
6c0b46a75222d73d7c3b383335b4445ecbf1e4559b132dc64a291929128c04ae.exe
-
Size
1014KB
-
MD5
82d72b9f11196d6a4c1da56621aa747f
-
SHA1
0cb896439279030d2b3660751d110c909560290f
-
SHA256
6c0b46a75222d73d7c3b383335b4445ecbf1e4559b132dc64a291929128c04ae
-
SHA512
dfe2a38d0ef2bd50a8df77930362b35f02414243d72692cbbd3193cbb256dc790f8961b9109fd07fbf1f59d3417c253a18c3cb88b74b78fcdbaba07da7b603e3
-
SSDEEP
24576:DibznTknEBNx+te3lcvM2wv8Hbdf3yT+L74mBfNUstzo:DwngEBOte3qvTuMdf3
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-