General
-
Target
6546a7ea064c3d9f64088e019d9886f58524c335
-
Size
836KB
-
Sample
230104-qwae6sbf4w
-
MD5
8ba209a4fa3662aa0bbe28789524a293
-
SHA1
6546a7ea064c3d9f64088e019d9886f58524c335
-
SHA256
34c78648a400263531a09c99c5979b2520b7705bede0b48773cd2ec5cb88cdd7
-
SHA512
18ce206118e2bf27469afbdf275b99fc611028cb01c468405e9362725896954b5417ae7e72869b50e5489663b44a4b0bbfdeb93eb66afcf2b7ca7e4e2f4d65f4
-
SSDEEP
12288:kF1ptxzc/f9C80BNM1o3t64Vhe7VulmSb9kLON9b5Wx:mnz2fE80BS1o3t5Vs7bqVN9k
Malware Config
Extracted
formbook
g44n
t60gB4YRvsDLttd9HG4=
xck8G7COQ+g7VIpX
BQQF3mmpLPskhQ==
eLWwmzNyK6ee+nF1jDvvkxuSGA==
3tlgNOzw8BBjpNOQMnc=
nOpNEJhoU0h+00S9E1YfgA==
xcvTpljkjIyEdvhp+VcGFtJC
bZxOHr5CtzY4
rOD304X0u1DN/m7cbA==
Knixl0HJyEOOiNckwk8GFtJC
S4JMDRNTUAol
Vp9wSwNZSfY7VIpX
0Nf/zlrpmpahnM+tpkYGFtJC
joXsuHiBcVp88DHEHMA7
yN8i9ppoZYHSSaqqk6NZnQ==
4UFEMfyKhSB4UovzjdabqolwhFtMH1M=
d3RiRcXCeR8wlgjEHMA7
eMUS8PSBPCe2rPg=
LCsR0X328UuSAmlf
/keifSXopayqjLt1EWQ=
Targets
-
-
Target
6546a7ea064c3d9f64088e019d9886f58524c335
-
Size
836KB
-
MD5
8ba209a4fa3662aa0bbe28789524a293
-
SHA1
6546a7ea064c3d9f64088e019d9886f58524c335
-
SHA256
34c78648a400263531a09c99c5979b2520b7705bede0b48773cd2ec5cb88cdd7
-
SHA512
18ce206118e2bf27469afbdf275b99fc611028cb01c468405e9362725896954b5417ae7e72869b50e5489663b44a4b0bbfdeb93eb66afcf2b7ca7e4e2f4d65f4
-
SSDEEP
12288:kF1ptxzc/f9C80BNM1o3t64Vhe7VulmSb9kLON9b5Wx:mnz2fE80BS1o3t5Vs7bqVN9k
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-