General
-
Target
bd344049eb9c425e6b20e2fc4db9d18015afe7360c870acbd8c2e1272f34f8f3
-
Size
933KB
-
Sample
221212-azgewscf91
-
MD5
04827cf5c5d80a31de15bed3401df62e
-
SHA1
31d2d38a7df9230715fcc9eccc493948842473ae
-
SHA256
bd344049eb9c425e6b20e2fc4db9d18015afe7360c870acbd8c2e1272f34f8f3
-
SHA512
ab2db82530437e77ba75ddf7e315f4111a5e1c109926711a5ee732f912c24c5612d018c8e1567b2d0766f66b1e719402ee755e1b6796f2c8cf6c28cf9de573a1
-
SSDEEP
12288:aGDTPcFk+gKlTnl/36K/1V+3bw0bz4+zm2BtJH+zSWKxXG2:aQgF3guTnB6bwtGJYKg2
Malware Config
Extracted
formbook
4.1
vr84
intouchenergy.co.uk
lalumalkaliram.com
hillgreenholidays.co.uk
fluentliteracy.com
buildingworkerpower.com
by23577.com
gate-ch375019.online
jayess-decor.com
larkslife.com
swsnacks.co.uk
bigturtletiny.com
egggge.xyz
olastore.africa
lightshowsnewengland.com
daily-lox.com
empireoba.com
91302events.com
lawrencecountyfirechiefs.com
abrahamslibrary.com
cleaner365.online
Targets
-
-
Target
bd344049eb9c425e6b20e2fc4db9d18015afe7360c870acbd8c2e1272f34f8f3
-
Size
933KB
-
MD5
04827cf5c5d80a31de15bed3401df62e
-
SHA1
31d2d38a7df9230715fcc9eccc493948842473ae
-
SHA256
bd344049eb9c425e6b20e2fc4db9d18015afe7360c870acbd8c2e1272f34f8f3
-
SHA512
ab2db82530437e77ba75ddf7e315f4111a5e1c109926711a5ee732f912c24c5612d018c8e1567b2d0766f66b1e719402ee755e1b6796f2c8cf6c28cf9de573a1
-
SSDEEP
12288:aGDTPcFk+gKlTnl/36K/1V+3bw0bz4+zm2BtJH+zSWKxXG2:aQgF3guTnB6bwtGJYKg2
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-