General
-
Target
DHL Consignment Details_pdf.exe
-
Size
1.0MB
-
Sample
221210-ktj9psfc36
-
MD5
a3f9e308045c0becd406e09bc06acc08
-
SHA1
5d8df88d170f59ebe6ebbe3c816406cda30a64f7
-
SHA256
4167987df2a1b3583bc8cf5a97fb1cebf68ccbc9a627e8b5c156d30413ebb139
-
SHA512
375c7cf2c03841eb7bc9113da6294e9a05a4a65c88b77e0f9f1d5161e84814ed6302b0a42f3882c339e149fb4cc94803b39f114780fbbc8ec238d9130e09976f
-
SSDEEP
24576:rhfC0AD3BXx4qpgqNzB/eV6meR+K1VQljpDpF07:EnBXx4oJBWV6meAEQZpm
Static task
static1
Behavioral task
behavioral1
Sample
DHL Consignment Details_pdf.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
DHL Consignment Details_pdf.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
formbook
4.1
g28p
whhmgs.asia
wellmedcaredirect.net
beggarded.com
wtpjiv.site
todo-celulares.com
parkitny.net
43345.top
pro-genie.com
cwdxz.com
cbc-inc.xyz
healthspots.net
rulil.top
pyramidaudit.solutions
k8sb15.live
hempaware.report
usclink.life
stayefs.net
05262.top
shop-izakaya-jin.com
iccworldcupnews.com
lulamail.xyz
dubaistocks.club
royaleyeandearhospital.com
cash-date.biz
hbfcjgj.com
zcx625.fun
compra-venta-autos.online
waltherchen.xyz
asyimpo.xyz
gayxxxporn.info
xn--igvy44d.xn--55qx5d
teaktime.net
aydesign.xyz
hfamq.site
tunayreklam.net
rxof.rest
naturebody.love
elijahelijah.com
lojasiadis.com
amazrsxrszwna.com
realtranzex.com
elelfo3d.fun
fse.community
28369.xyz
minigolfauthority.net
venturebestdeals.click
robeholidayrentals.store
edarva.skin
xikixvtj.work
ecolabspeyua.store
infidelitytoolkit.com
crawfordbayoysterroast.net
adenongel.dentist
appliancegrey.site
ky7769.com
kshd.xyz
ausbonusbets.com
aks.capital
rv8288.xyz
retetelebunicii.com
younginheart.net
ps4controller.net
todotutoriales10.com
boletosdeavionbaratos.com
spartanburgwebdesign.com
Targets
-
-
Target
DHL Consignment Details_pdf.exe
-
Size
1.0MB
-
MD5
a3f9e308045c0becd406e09bc06acc08
-
SHA1
5d8df88d170f59ebe6ebbe3c816406cda30a64f7
-
SHA256
4167987df2a1b3583bc8cf5a97fb1cebf68ccbc9a627e8b5c156d30413ebb139
-
SHA512
375c7cf2c03841eb7bc9113da6294e9a05a4a65c88b77e0f9f1d5161e84814ed6302b0a42f3882c339e149fb4cc94803b39f114780fbbc8ec238d9130e09976f
-
SSDEEP
24576:rhfC0AD3BXx4qpgqNzB/eV6meR+K1VQljpDpF07:EnBXx4oJBWV6meAEQZpm
-
Formbook payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-