General
-
Target
42f2f917ae48fc7239e19745dadfc47fa16537798f75b11a21ba9a604fbb4631
-
Size
643KB
-
Sample
230421-cklgeafe51
-
MD5
8910217e891a6b36e6ab487f3e506b9f
-
SHA1
a00a37b29cb3758b143eae154ae65180580e707e
-
SHA256
42f2f917ae48fc7239e19745dadfc47fa16537798f75b11a21ba9a604fbb4631
-
SHA512
bd3c77150f90f0269a43334e21967ca5758660c271bf68754af1910e1bdcd80a07aac8f3d3a31ff0f77ab484043aa275bdf468d28a31fae95912156a2cdefd1e
-
SSDEEP
12288:wFWlqjMgLYPZsi3Q+jCr/YQz5WXihS4iDqgH1HEt7uMWPL:w4lqdYPeiVur/YQlWXiWZVHEFurPL
Malware Config
Extracted
formbook
4.1
btrd
toulouse.gold
launchyouglobal.com
margarita-services.com
dasnail.club
casa-hilo.com
hardscapesofflorida.com
thepositivitypulse.com
kkmyanev.cfd
love6ace22.top
castorcruise.com
chch6.com
h59f07jy.cfd
saatvikteerthyatra.com
fxsecuretrading-option.com
mostbet-k1o.click
36-m.beauty
ko-or-a-news.com
eurekatextile.com
gynlkj.com
deepsouthcraftsman.com
Targets
-
-
Target
42f2f917ae48fc7239e19745dadfc47fa16537798f75b11a21ba9a604fbb4631
-
Size
643KB
-
MD5
8910217e891a6b36e6ab487f3e506b9f
-
SHA1
a00a37b29cb3758b143eae154ae65180580e707e
-
SHA256
42f2f917ae48fc7239e19745dadfc47fa16537798f75b11a21ba9a604fbb4631
-
SHA512
bd3c77150f90f0269a43334e21967ca5758660c271bf68754af1910e1bdcd80a07aac8f3d3a31ff0f77ab484043aa275bdf468d28a31fae95912156a2cdefd1e
-
SSDEEP
12288:wFWlqjMgLYPZsi3Q+jCr/YQz5WXihS4iDqgH1HEt7uMWPL:w4lqdYPeiVur/YQlWXiWZVHEFurPL
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-