General
-
Target
Paid Invoices pdf.zip
-
Size
294KB
-
Sample
231011-pahc8aea8t
-
MD5
d93a41e0bb949cc347179ab09ee402a4
-
SHA1
d1bfc6f915e9c3bc2258d6a7b5ec7bd30dfdf6f8
-
SHA256
b117bc0cc338ead0a57db5dacbdf3ed2210b2e290a2b2428e3cead53e4802480
-
SHA512
7f01a826465603255fd5e14a46d560d235d38a029e54ad0253b4693424fe63077311c3d44284863c533593a34ba4654c8d30efcf726910dcae7cf41a009125be
-
SSDEEP
6144:jmdII4R485qqhjGSXmP+wN0rd+AOMctemboXrRChniJT1fnsqywEBAyip:jNHJhSSsNYjOvee4IVIT1/slFBAyip
Static task
static1
Behavioral task
behavioral1
Sample
Paid Invoices pdf.exe
Resource
win7-20230831-en
Malware Config
Extracted
formbook
4.1
sn26
resenha10.bet
gulshan-rajput.com
xbus.tech
z813my.cfd
wlxzjlny.cfd
auntengotiempo.com
canada-reservation.com
thegiftcompany.shop
esthersilveirapropiedades.com
1wapws.top
ymjblnvo.cfd
termokimik.net
kushiro-artist-school.com
bmmboo.com
caceresconstructionservices.com
kentuckywalkabout.com
bringyourcart.com
miamiwinetour.com
bobcatsocial.site
thirdmind.network
4tbbwa.com
rhinosecurellc.net
rdparadise.com
radpm.xyz
thewhiteorchidspa.com
clhynfco.cfd
ngohcvja.cfd
woodennickelcandles.com
gg18rb.cfd
qcdrxwr.cfd
974dp.com
lagardere-vivendi-corp.net
chestnutmaretraining.com
seosjekk.online
ahevrlh.xyz
uedam.xyz
natrada.love
yoywvfw.top
unifiedtradingjapan.com
chinakaldi.com
agenciacolmeiadigital.com
wdlzzfkc.cfd
097850.com
xingcansy.com
uahrbqtj.cfd
charliehaywood.com
witheres.shop
sqiyvdrx.cfd
biopfizer.com
tiktokviewer.com
prftwgmw.cfd
sfsdnwpf.cfd
linkboladewahub.xyz
orvados.com
goodshepherdopcesva.com
christianlovewv.com
cdicontrols.com
hawskio26.click
ownlegalhelp.com
tiydmdzp.cfd
ppirr.biz
stonyatrick.com
itsamazingbarley.com
msjbaddf.cfd
zachmahl.com
Targets
-
-
Target
Paid Invoices pdf.exe
-
Size
308KB
-
MD5
316a7b13ad3a427cfff4398ea219e0a1
-
SHA1
d40d5af3e7e6a32196a99afc104d5d3b1ce19cce
-
SHA256
dc5eb730f1df702be89804ca234b60fec5fed7b6ed8d6c719f7006f40775f888
-
SHA512
101c059f79ab51d438ac71867846a2748d4a99382230fb020d7ab37fa9d48e33d8b121ef0d9b0348d72c6793f25cffdc52c52196651efae8b5edafa628aa75e2
-
SSDEEP
6144:LnPdudwDN8L2nP5qqhj0SXmP+wN0r9+AOSctemboVrRChniJTpfnsqwwEZAyiX:LnPdB8L2nthISsNOjO5eeoIVITp/s9FC
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-