General
-
Target
BNI Tanda terima transaksi Ref 20230807135601239809 IDR70110002,PDF.bz2
-
Size
534KB
-
Sample
230813-n5c7badf6t
-
MD5
018b35b6df85f1d177e341a4d310c50b
-
SHA1
16747ca55ac52326d52723872e8bd9398d61d829
-
SHA256
251af2abab547d98f6623f4be8cee42afbe325ea9c2c8e5e3ddbabe3f25b5ff3
-
SHA512
f3bcef38817c79cabd129fcf861272aa25c98960113209834848416f5781866e58419df10cd6b4ca6aeaa647ac65dc774dd046a24c804819e8b2bd52cde737b7
-
SSDEEP
12288:IBlw9ijQZ3wSSsjAx8Q01v6wlKM4gmuoJrDgTVmIZwcWX/:IzdjQZ3wSdEOl4gmjYJmI6/
Static task
static1
Malware Config
Extracted
formbook
4.1
jr22
941zhe.com
lunarportal.space
xn--osmaniyeiek-t9ab.online
trejoscar.com
nrnursery.com
quizcannot.cfd
seedstockersthailand.com
watsonwindow.com
wjfholdings.com
weziclondon.com
naruot.xyz
yeji.plus
classicmenstore.com
oharatravel.com
therapyplankits.com
keviegreshonpt.com
qdlyner.com
seithupaarungal.com
casinorates.online
8ug4as.icu
foamyfallscarwash.com
padelfaculty.com
theenergysavingcentre.com
dorpp.com
scoresendirect.online
yuqintw.com
erenortopedi.com
skymagickey.com
infinitepuremind.com
watchtamilmovie.com
southplainsinsurance.net
intentionaldating.app
certaproarkansas.com
blidai.com
thehoneybeeworks.com
followplace.com
sipsterbyananeke.com
37300.uk
bluebirdbuyers.com
composewithme.com
moneymundo.com
daftarakun.xyz
samsonm.com
nurse-jobs-in-us-35896.com
cancerbloodspecialistsga.net
feelfeminineagain.com
residentialcaretraining.com
allprocleanouts.com
englishsongs.online
bookkeepingdeerfield.com
bendcollegeadvisor.com
boaiqixian.com
vixensgolfcarts.com
igarrido.net
rsconstructiontrading.com
lakewayturf.com
carelesstees.com
silviaheni.xyz
iaqieqq.com
campingspiel.com
diacute.com
thaigeneratortg.com
autoreenter.com
meclishaber.xyz
airbnbtransfers.com
Targets
-
-
Target
BNI Tanda terima transaksi Ref 20230807135601239809 IDR70110002.exe
-
Size
573KB
-
MD5
5aa44e58f06c7cd2252a498032d1337c
-
SHA1
67b83d2b3c7d8b8b88ac6ad5ce0c862b5ca63b15
-
SHA256
e654b958d21819ddbad7d3e8f2cf03bfee47309b72a6ad8d57d898b0989805e1
-
SHA512
9a27b4c11a85cf4662b2ec7eb7610b5978437d91d19ccd5a4d483687cfd7c58bea910edded7d16b579c6b0d87d4ac15a708b447cbabd162c02f8df6f0221e8c4
-
SSDEEP
12288:3qc6LVhq8a2hOvMeVkreQ8orEZj6b9bne8Ql96:6c6Z9XHeVkrIqEZj6Jem
-
Formbook payload
-
Suspicious use of SetThreadContext
-