General
-
Target
ORDER#KG23AG007_JUNE2023_SHYAM_GRSOUP_IND.exe
-
Size
318KB
-
Sample
230623-hfr2aacg94
-
MD5
7747a48635cb9f24aebd42ad05fcde93
-
SHA1
165a095cdb3c9b0591d04efb2ab8caecebbc667a
-
SHA256
c751b1369af3d6c58b101c6605dee97559f910f23c009cc41ddff70c0ab06a0f
-
SHA512
72942bebb56793385b73e22b3e870b1db40231792b5142d6b2098b6b5067b8e451e113b010b595a704d633f4cd246adf98f653529956db5ad18d0269bbc8610b
-
SSDEEP
6144:BYa6xMRpovPU7YD0MPQGndKuRFXro+r9LLR8uKB5Wgp2:BY7wKt0MBdlrt5nRHKB5R2
Static task
static1
Behavioral task
behavioral1
Sample
ORDER#KG23AG007_JUNE2023_SHYAM_GRSOUP_IND.exe
Resource
win7-20230621-en
Malware Config
Extracted
formbook
4.1
ng04
christinegnigler.com
shukydeco.com
yuncaibg.com
eikjjs.cloud
cautamhouri.xyz
furtkagrsets.xyz
zhaoshang0197.shop
maraduncan.autos
aircleanlimited.com
simplificandotdah.com
ggs-1126.cyou
6848us.com
g1fx2.xyz
earnmoneyhelper.com
mbh123.xyz
1803734.com
blur-x-proof.xyz
dfwbusinessconnection.com
clubbeyyresorthotel.com
iittzz.com
njshimiaodao.com
baifumama.com
fortheoutside.com
dryoliteso.com
shudev.app
wwwmyshopytefi.com
lightingnano.com
xnnx054y6id9j7.xyz
mynieart.com
drligekrlezu.xyz
contenidoerotico.net
haahztnzbvbekr.xyz
sanguoyule.com
theravennacolt.com
tarairpex.xyz
bna-nc-e-tr-glbl.net
ochguana.cfd
92227m4.com
viberant.studio
3kk3tt.online
piringmelaminw.buzz
haah3zec1ce8pw.xyz
06gf.top
levydamara.xyz
lgbtcre.com
pusatpengecatan.com
goodwillbuys.com
ypredict-live.com
volpinoverde.online
mdlcode.dev
251879.club
nationalboatcharging.com
34sandycreekway.com
azxteri.xyz
colemanmcallister.com
jessespropertydoctors.com
richcrowdonline.com
schmidt-partners.com
gl-advice.com
gabbypaws.com
skalindiacongress.com
xn--26qx5po2r.com
haahtfbrs3xhuc.xyz
paddyspavingandmasonrynj.com
w77797.com
Targets
-
-
Target
ORDER#KG23AG007_JUNE2023_SHYAM_GRSOUP_IND.exe
-
Size
318KB
-
MD5
7747a48635cb9f24aebd42ad05fcde93
-
SHA1
165a095cdb3c9b0591d04efb2ab8caecebbc667a
-
SHA256
c751b1369af3d6c58b101c6605dee97559f910f23c009cc41ddff70c0ab06a0f
-
SHA512
72942bebb56793385b73e22b3e870b1db40231792b5142d6b2098b6b5067b8e451e113b010b595a704d633f4cd246adf98f653529956db5ad18d0269bbc8610b
-
SSDEEP
6144:BYa6xMRpovPU7YD0MPQGndKuRFXro+r9LLR8uKB5Wgp2:BY7wKt0MBdlrt5nRHKB5R2
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-