General
-
Target
Items Required.pdf
-
Size
3.1MB
-
Sample
230322-l2lceaab2y
-
MD5
7bce6abaafcc35245df3d74e76855558
-
SHA1
678f93c6d46c3194a4440e9e7856e21efd84c198
-
SHA256
752d06bd8ff5e075fb69e52626f9983bcfeb51e5eed191ebbf7ca453bc524d1d
-
SHA512
c6ebfa6f8a4e7aee8e74127bf714e7a6918d03daa52ea1abaa3e653baf91e6bf3ce42a7130460b98b0034c694e42705a6d4ccd3a269845640b7b5ccdfc513358
-
SSDEEP
98304:T4R97CScENc/i//clqkMRScE1416sXHWiLLVKG:/ScENc/i//clqkMRScE1413nnkG
Static task
static1
Behavioral task
behavioral1
Sample
Items Required.pdf
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Items Required.pdf
Resource
win10v2004-20230220-en
Malware Config
Extracted
formbook
4.1
bk08
chloie.net
fastingersecure.monster
foundersterrace.online
ytorly.xyz
kiralayolla.com
corporacionalpi.com
planfortheworld.com
disciplinecoaching.co.uk
rubi33.com
digitlabmedia.com
ky20033.com
h4q7.com
91ye260.xyz
coconceptevents.com
ukusizas.africa
utainnovative.africa
ted-clean.co.uk
haus-huelsche.com
ca-refund.website
football.salon
cloudprovident.com
donesgaiwork.com
lilycandles.com
fiedjapan.com
bioticawater.co.uk
adaptiveinvestmentsllc.com
coreypowers.com
kci.biz
everlegacycoldstorage.online
blackmatchgaming.com
alnour-avocats.com
hotelvillaverdehn.com
furniture-47390.com
bnekesoi.link
hitidigital.net
c66u.xyz
inc64.com
autoe.live
ttl7645.com
ergoconstructionservices.ltd
mythologynme.com
6n899.com
haveskeimany.com
ghhhrhbdfghapi02.xyz
cookiesseedzbank.com
diyet.app
denizatiplushotel.com
indiahalalexpo.com
evklvq.com
distrolution.app
accel.top
laniemade.com
n13ax.com
19luxu.com
funfact-infoworld.com
acnereset.com
jamestownohiochamber.com
leadgeneration.works
1wijjx.top
appsinclouds.site
biz4search.online
houseofperson.com
karencaseyphoto.net
76845.site
7701666.vip
Targets
-
-
Target
Items Required.pdf
-
Size
3.1MB
-
MD5
7bce6abaafcc35245df3d74e76855558
-
SHA1
678f93c6d46c3194a4440e9e7856e21efd84c198
-
SHA256
752d06bd8ff5e075fb69e52626f9983bcfeb51e5eed191ebbf7ca453bc524d1d
-
SHA512
c6ebfa6f8a4e7aee8e74127bf714e7a6918d03daa52ea1abaa3e653baf91e6bf3ce42a7130460b98b0034c694e42705a6d4ccd3a269845640b7b5ccdfc513358
-
SSDEEP
98304:T4R97CScENc/i//clqkMRScE1416sXHWiLLVKG:/ScENc/i//clqkMRScE1413nnkG
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-