General
-
Target
Swift Copy.lzh
-
Size
446KB
-
Sample
230322-r7xkhsbc9y
-
MD5
d17a08ef35cec0ee724944473973ec13
-
SHA1
a78d317d7412ed3b26203f683f206c69d56a8d19
-
SHA256
2b748351494693d8b0328153c75395fe0bb1691419376d1b7fd75a828dc72cdd
-
SHA512
b8c0012384076c2eabee72b8103b471c2f0216414bd09000f35d9681c12ea9084a6b3444a3e0648ed0925d760fd215202f3cbe8ae15d52b84b926f0ecb813386
-
SSDEEP
12288:UCEs0ba+0Xd8gLIAwjXI/hKG6entE7I5Rrmu:fF7XuIIAwjXI5jhtE7SRrmu
Static task
static1
Behavioral task
behavioral1
Sample
Swift Copy.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Swift Copy.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
formbook
4.1
arn2
girlzongrass.com
starphotostudio.co.uk
bugsbunnyexpress.com
kimeepayne.com
gtcoplc.africa
generativeseller.com
chain-bnb.com
diamante24.com
fine-and-good.com
vexlotex.africa
legendary-royale.net
draandreaprimera.com
geteit.com
epremiuminsurancce.com
adn-care.com
kazakhstanfootball.com
bizinares.com
folug.club
fuda808.com
internationalkia.com
educlub.icu
friedlanda.online
mosaicmakes.co.uk
chereesione.com
yeitc.xyz
forgottendemocrats.net
spanishvillas.org.uk
diksis.net
foxlink.site
kautodetailing.com
7aceibt856mfru9.buzz
inmortal.ru
autoprintonline.co.uk
erinlawsonpsyd.com
500sz.com
home-citz03.live
78522.xyz
hippogross.com
bgkxj.com
bodybladestore.com
heycot.com
webonly.africa
klsweddingfilms.co.uk
e-vezir.com
fckfifa.com
krona-kzn.ru
starspace.uk
humblebabies.com
daysstoudesign.com
kimcredibletravel.com
fashion4compassioninc.com
gooluck.top
adventuregirlstuff.com
knockoutwash.com
adjustedatx.com
gretnaautosuperstore.com
c10hosts.net
hrtre.com
giorgiabini.com
cpld011.com
ecologistes-an.net
catholicwhitepages.com
jollytokens.com
bindyboutique.com
groupsfantechnology.com
Targets
-
-
Target
Swift Copy.exe
-
Size
477KB
-
MD5
a4aaddb2062a280e675fefce52951ec2
-
SHA1
c5ee44c93aeda42a644135a859e714618b81207e
-
SHA256
06781e8b2a7faff43c97cbcbe19a19b2085f66ac023747ac69c05866c96d855f
-
SHA512
21c01ad6f9d0d8ce7695876c2f2cf9b6147360afc2dcaaaa19260944a751bad46b567fcdefbc148818d196bc8f90b643b4c13df3ef7ca5cb05a0d55b55f96041
-
SSDEEP
12288:AdssEQWLUed3qIj/m/GD/i58FvZ6V8ffx1Ry85dDd:Aa3qK/coy8W8ffxzy8/
-
Formbook payload
-
Suspicious use of SetThreadContext
-