General
-
Target
6bd52c8274a35c39740da9b52b4c7ef0.exe
-
Size
321KB
-
Sample
221209-yspdxsha41
-
MD5
6bd52c8274a35c39740da9b52b4c7ef0
-
SHA1
0754724c922472de6048b5c5595f520f2b93e46e
-
SHA256
7a0e92402659c86d9da6faf33be3817996718051ea564e34aa43a41606df7be6
-
SHA512
24e3e05f7db606d1305fab3ab2cb8619cbec90afb81b1a2fafd528581fa04a04c9c3279f0cf6955f8a2e0114acfc70e29be1d10e426b1804c2b4bcb5123c52c7
-
SSDEEP
6144:9kwv4ysH1jEdoS3dMxsCfld0k1STCESE6pkOgyIuSqYXAHrHa2fI+CUO:jslEliffld0PUkOguSBAHu2W
Static task
static1
Behavioral task
behavioral1
Sample
6bd52c8274a35c39740da9b52b4c7ef0.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
4.1
lt63
fortrantelecom.africa
ffafa.buzz
bullybrain.com
ekeisolutions.com
lamiamira.com
noahsark.xyz
beautyby-eve.com
cloudfatory.com
12443.football
hataykultur.online
donqu3.sexy
breakthroughaustralia.com
havengpe.com
cpxlocatup.info
corefourpartners.com
amonefintech.com
thithombo.africa
bassmaty.store
fdshdsr.top
lifesoapsimple.com
divaproportugal.com
footwearbags.com
ivbusinessservices.com
93215.vip
livescorenona123.online
ablulu109.xyz
chuyunfang.com
fogofwar.quest
weimingpian.net
getmowico.com
hability.xyz
brightmachineary.com
precious-sawdaa.com
nochewing.net
fruihcon.xyz
hue-fame.com
egordizain.ru
tutastrading.africa
deansroofingandconstruction.com
arabianroadstech.com
family-doctor-41501.com
233969.com
9898svip1.com
yonggunkim.net
illminded.com
gemlikguventasevdeneve.com
fiberlazertamir.com
kimia.boo
skinnectar.uk
leve-tech.co.uk
just3pages.com
wristnoe.co.uk
e-suxiu.com
evri-deiivery.com
storageredbox.net
grdpy.com
darkblissclothing.com
functionful.com
bestinvestorcorporation.info
com-prostaclear.com
91yqm.com
districthvacs.com
floridasoftware.biz
cocredcaixaaqui.com
gooqoo.xyz
Targets
-
-
Target
6bd52c8274a35c39740da9b52b4c7ef0.exe
-
Size
321KB
-
MD5
6bd52c8274a35c39740da9b52b4c7ef0
-
SHA1
0754724c922472de6048b5c5595f520f2b93e46e
-
SHA256
7a0e92402659c86d9da6faf33be3817996718051ea564e34aa43a41606df7be6
-
SHA512
24e3e05f7db606d1305fab3ab2cb8619cbec90afb81b1a2fafd528581fa04a04c9c3279f0cf6955f8a2e0114acfc70e29be1d10e426b1804c2b4bcb5123c52c7
-
SSDEEP
6144:9kwv4ysH1jEdoS3dMxsCfld0k1STCESE6pkOgyIuSqYXAHrHa2fI+CUO:jslEliffld0PUkOguSBAHu2W
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-