General
-
Target
4ff264c2efd8c0bba69030aa6a5fe31e.bin
-
Size
13KB
-
Sample
230323-bpbx4acf29
-
MD5
a7e9514de2b3584b05f6a663684a8914
-
SHA1
8437bada4a15a65322c97abd2ce844a07569d01e
-
SHA256
fe0ac76670b68438c8598c95f505ce31e6b889a6146dcd653afd8d12d901a223
-
SHA512
ca1c40f1b96175fe2a62f20994131d84e2f7cb67e721aadd92b52031b37b94f30fce86b59c60d31121291c47c80415d1828c457d9f2d1856d39a22358347e828
-
SSDEEP
192:8KIEmpZgaNoUidGbaOqreYUO8IciGgFD97A+mrq7bvNee8jAfLNxy5wVqagOL7qW:8pwpVtep0Dam7bYeVj/VqZEZx
Static task
static1
Behavioral task
behavioral1
Sample
5b2e65ed209acd3ee8ccb08afa456e4672aae7e3b61760cdf9540cf38ec13994.rtf
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
5b2e65ed209acd3ee8ccb08afa456e4672aae7e3b61760cdf9540cf38ec13994.rtf
Resource
win10v2004-20230220-en
Malware Config
Extracted
formbook
4.1
dr62
juanbrujo.com
toptasker.africa
g-labs.one
1redbuckpermonth.com
lasolutions.online
beginagainmen.com
iearn.site
leading-car.ru
codigosindiabetes.fun
6y8ud.bond
fptmarket.shop
ctjhxv3.vip
huluxia2.xyz
piggg08.uk
kms-pico-tools.com
westonandcate.com
giftrendz.com
kqwdhrendfywefdst.top
anchitchoudhary.com
sistemodasi.net
dotcomsolutions.co.uk
anastaciachetty.com
czh.ink
complete-energy-performance.com
kollanjurarna.se
anotherdaythelabel.com
fengkoo.com
sunsongproductions20.com
horhog.com
chq-1.com
cryptogame.rsvp
jjzb10a.xyz
raffletokens.com
djmikehall.com
baychocolates.online
ecoskiusa.com
myenergyusage.co.uk
lipcarehub.africa
isstrainingaz.com
engagementbuzz.com
jordanheritagita.online
cheaphockeysticks.com
rodeosonline.uk
access247connect.info
85putao.com
josefa.wien
pilcoh.online
apothakeehair.com
danadelseck.com
dslimme.com
alacatimacunu.com
caplesssociety.com
creativeirishgfts.com
blografie.com
hamfoods.com
ballonstunisie.com
jingduxueyue.site
goldoholic.com
millennialcore.net
tacairservice.com
betheme.shop
bathroadtraders.co.uk
jas757.com
crossovers-82617.com
573415.com
Targets
-
-
Target
5b2e65ed209acd3ee8ccb08afa456e4672aae7e3b61760cdf9540cf38ec13994.doc
-
Size
26KB
-
MD5
4ff264c2efd8c0bba69030aa6a5fe31e
-
SHA1
67d1da5490277818ee07faaa22c6e0314a80c2ef
-
SHA256
5b2e65ed209acd3ee8ccb08afa456e4672aae7e3b61760cdf9540cf38ec13994
-
SHA512
0f90fb22e1a78e3e7a73e220a275739b43d59df9b8f915f55a501e8f7df7b1eb1b84647c56d7df4d404701b5033a77177626f03f3c04713bf9b3f111d3aca41e
-
SSDEEP
768:pFx0XaIsnPRIa4fwJMR6/gj65uwo4CguXl:pf0Xvx3EMRV65Lo4G1
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-