General
-
Target
2b33fca6ad1c4aeccf99eb4fd10ebdd20a00e2889769a1cf34f18d905504d082
-
Size
609KB
-
Sample
230816-vcxtkscb85
-
MD5
3c5e08f777d1cb9e0cc7a45f54e0304d
-
SHA1
1117d59028478db46e9a0efa72021eb9643f4748
-
SHA256
2b33fca6ad1c4aeccf99eb4fd10ebdd20a00e2889769a1cf34f18d905504d082
-
SHA512
389de7dba2ca1701e76500e103648a8e99e1850527e47e8513ec71caa4e8b2c06bd4e1f44c263661f8f76f52c7f71f905ca2d09b02086adbb161d18bba6bb21c
-
SSDEEP
12288:5f4scrL4e2xpDl+COwBdn0GpXm0YoTKqQEFOeFoQ7ILm7RnDY5U3oWuPjB:ZArL2leGJm0jFb17ILMnDYb
Malware Config
Extracted
formbook
4.1
sy22
vinteligencia.com
displayfridges.fun
completetip.com
giallozafferrano.com
jizihao1.com
mysticheightstrail.com
fourseasonslb.com
kjnala.shop
mosiacwall.com
vandistreet.com
gracefullytouchedartistry.com
hbiwhwr.shop
mfmz.net
hrmbrillianz.com
funwarsztat.com
polewithcandy.com
ourrajasthan.com
wilhouettteamerica.com
johnnystintshop.com
asgnelwin.com
Targets
-
-
Target
2b33fca6ad1c4aeccf99eb4fd10ebdd20a00e2889769a1cf34f18d905504d082
-
Size
609KB
-
MD5
3c5e08f777d1cb9e0cc7a45f54e0304d
-
SHA1
1117d59028478db46e9a0efa72021eb9643f4748
-
SHA256
2b33fca6ad1c4aeccf99eb4fd10ebdd20a00e2889769a1cf34f18d905504d082
-
SHA512
389de7dba2ca1701e76500e103648a8e99e1850527e47e8513ec71caa4e8b2c06bd4e1f44c263661f8f76f52c7f71f905ca2d09b02086adbb161d18bba6bb21c
-
SSDEEP
12288:5f4scrL4e2xpDl+COwBdn0GpXm0YoTKqQEFOeFoQ7ILm7RnDY5U3oWuPjB:ZArL2leGJm0jFb17ILMnDYb
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-