General
-
Target
f7b0405a91931c6c0d4bb544875a6ca6c4e1b867b5df82ebd4b9a9fddeeba71b
-
Size
715KB
-
Sample
221210-lad41sfc82
-
MD5
44c87d5aa51f340c3c336d4296809842
-
SHA1
97fb80351401a8d6e30760d5dd51d1576d51f8c1
-
SHA256
f7b0405a91931c6c0d4bb544875a6ca6c4e1b867b5df82ebd4b9a9fddeeba71b
-
SHA512
b317f719d382ee3e83aca2422516fc7323ec2765af2c1a4353753106875dc976d1b776154f9c8a8201a0fe0876b680b843b4eb57bdee7d5b1f2f0ac2bc27098d
-
SSDEEP
12288:YeE7/1BC1HKTkt3Z+hq1cgmGZi8aa2Vs75P86u04L4rcqW5r3lESyi/6HMo6:PO3xTktZ+kCG8Fa2O5PA0trtQbuBaIl6
Malware Config
Extracted
formbook
pgnt
0WG18LbM4lR9iqMRa4nlBzTb
jcfGYzPgZTqFZVO9FV2yIw==
laIfrdSC8/4CNg==
Q73ilev5GIWuOrAAFV2yIw==
Q2u/pMw7pv4sPA==
TbqvIUHwlQscPo0HFV2yIw==
8PNWfGPyE8n0IQ==
WtgROxXzvY2L
PryaRBNjm4eP
Y9Hdi06Cry1um9Sj68YAu1o=
3Gulyp7CMQtR78jvLkk=
JJ3GasTVTCRQT6Tfz6S6GlI=
RnS42bhb9tI0R6UpD6wOxriNxw==
he1mi2sOGfzTRGHnuA==
eaYjCtjxVjdU5XLRtBMBLKk9quA=
k9rTeEqYzzw8WaTfz6S6GlI=
5luVQwe2vJWKEAiMdF4=
MGW14L9OVk5Y5TaR6w/DqdhYxXVY
mAsYz6k6sQkDC0/DoHj9t1RPWLSgFQ==
y5klhuMbE8n0IQ==
Targets
-
-
Target
f7b0405a91931c6c0d4bb544875a6ca6c4e1b867b5df82ebd4b9a9fddeeba71b
-
Size
715KB
-
MD5
44c87d5aa51f340c3c336d4296809842
-
SHA1
97fb80351401a8d6e30760d5dd51d1576d51f8c1
-
SHA256
f7b0405a91931c6c0d4bb544875a6ca6c4e1b867b5df82ebd4b9a9fddeeba71b
-
SHA512
b317f719d382ee3e83aca2422516fc7323ec2765af2c1a4353753106875dc976d1b776154f9c8a8201a0fe0876b680b843b4eb57bdee7d5b1f2f0ac2bc27098d
-
SSDEEP
12288:YeE7/1BC1HKTkt3Z+hq1cgmGZi8aa2Vs75P86u04L4rcqW5r3lESyi/6HMo6:PO3xTktZ+kCG8Fa2O5PA0trtQbuBaIl6
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-