General
-
Target
62f75c04145584721209a0d160d0f6b374e6b9465a759aba8e3f6c89ae67938f
-
Size
306KB
-
Sample
230210-kntk7adh59
-
MD5
372a40e50a902c3d708ad7879289f3b1
-
SHA1
9a9de665d27033ff3846f209b19bd117852eed49
-
SHA256
62f75c04145584721209a0d160d0f6b374e6b9465a759aba8e3f6c89ae67938f
-
SHA512
893d3417b704ce328dcb7b62ae81c1bed674f6ec61fd4ff9499d4ecf1c328b5bb24f044d8ec1f6fe61ecfe6ce1862876917095fc61bdf37cd004930a6d4061bd
-
SSDEEP
6144:rGiubhtTcC3GuulMvV1FhOWGkdLwIhLQZCuxC/rep5TuSpFfN:AnYCjulMvzOYLfQdp5TuSPfN
Malware Config
Extracted
formbook
4.1
mg0t
3949842.com
webxdigital.net
dirums.online
metawiser.com
takefreepass.com
colphata.com
searchwebsafety.online
unrule.net
merch.ventures
tooreake.xyz
leonelaperu.com
qiangcai.xyz
cocco24.com
lovinganime.com
mbfad.com
historytodaygameshow.com
gadgetwellprotected.com
nutritoken-diet.com
liberty-lilies.com
singleofficial.com
Targets
-
-
Target
62f75c04145584721209a0d160d0f6b374e6b9465a759aba8e3f6c89ae67938f
-
Size
306KB
-
MD5
372a40e50a902c3d708ad7879289f3b1
-
SHA1
9a9de665d27033ff3846f209b19bd117852eed49
-
SHA256
62f75c04145584721209a0d160d0f6b374e6b9465a759aba8e3f6c89ae67938f
-
SHA512
893d3417b704ce328dcb7b62ae81c1bed674f6ec61fd4ff9499d4ecf1c328b5bb24f044d8ec1f6fe61ecfe6ce1862876917095fc61bdf37cd004930a6d4061bd
-
SSDEEP
6144:rGiubhtTcC3GuulMvV1FhOWGkdLwIhLQZCuxC/rep5TuSpFfN:AnYCjulMvzOYLfQdp5TuSPfN
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-