General
-
Target
0d6176e7f7745ff010f186e65cc89fefbd3ce331ca37a2b02e7a42ed4fc6c44f
-
Size
385KB
-
Sample
230105-agla5aab24
-
MD5
74dbba23f7a7f3498481a9b2625ff503
-
SHA1
e01bc7d9c2dda927b7a5ce9d7b191e1128d7d984
-
SHA256
0d6176e7f7745ff010f186e65cc89fefbd3ce331ca37a2b02e7a42ed4fc6c44f
-
SHA512
ae1ddc9796b7defe344b4643012f34a70299f81c7515fc83c9ca255f45925909e6b5239e5b9c523033da658d8c874576270aba3e4cd416cdf91a3e3e389b09fa
-
SSDEEP
6144:oYa6ttdn/9eV0dZv+bp6YBYun6bLMxpoUCvqsJHtzZMPX8+I3neISvcye:oYb9rmbp6uQLnUOqQz2PfmneISvcye
Malware Config
Extracted
formbook
4.1
vr84
intouchenergy.co.uk
lalumalkaliram.com
hillgreenholidays.co.uk
fluentliteracy.com
buildingworkerpower.com
by23577.com
gate-ch375019.online
jayess-decor.com
larkslife.com
swsnacks.co.uk
bigturtletiny.com
egggge.xyz
olastore.africa
lightshowsnewengland.com
daily-lox.com
empireoba.com
91302events.com
lawrencecountyfirechiefs.com
abrahamslibrary.com
cleaner365.online
Targets
-
-
Target
0d6176e7f7745ff010f186e65cc89fefbd3ce331ca37a2b02e7a42ed4fc6c44f
-
Size
385KB
-
MD5
74dbba23f7a7f3498481a9b2625ff503
-
SHA1
e01bc7d9c2dda927b7a5ce9d7b191e1128d7d984
-
SHA256
0d6176e7f7745ff010f186e65cc89fefbd3ce331ca37a2b02e7a42ed4fc6c44f
-
SHA512
ae1ddc9796b7defe344b4643012f34a70299f81c7515fc83c9ca255f45925909e6b5239e5b9c523033da658d8c874576270aba3e4cd416cdf91a3e3e389b09fa
-
SSDEEP
6144:oYa6ttdn/9eV0dZv+bp6YBYun6bLMxpoUCvqsJHtzZMPX8+I3neISvcye:oYb9rmbp6uQLnUOqQz2PfmneISvcye
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-