General
-
Target
SWIFT_BJ23004300IU2398385.pdf.arj
-
Size
399KB
-
Sample
231023-e7ba3afh59
-
MD5
4e6d768c6de5cbba0efcc8b58511b75c
-
SHA1
91642b34c1ca4537fb68f95451ee4cd3a77b3b1f
-
SHA256
01e2299e4f97e6d9e8ab10d0dd8ceae140087f96adf700e33a5092fe3ed613b7
-
SHA512
2dce786df508ee0a44da30dfa4df3fef610e0cd1310f62c8e1da06814a259d748a04fb96a8ece754cb5a3fc1b14e1e1864bbcacbd7f3e45d1d68affb5a598656
-
SSDEEP
6144:cWZP8vfplmpASL5mMjKmzxWVO/AT5CNlgjHhSr3eQ3z4/OtCnKV/DlO+0bzr3oZD:cT3plmNIU0O4AMBSbHRCGxO+q3Mr
Static task
static1
Behavioral task
behavioral1
Sample
SWIFT_BJ23004300IU2398385.pdf.exe
Resource
win7-20231020-en
Malware Config
Extracted
formbook
4.1
sy22
vinteligencia.com
displayfridges.fun
completetip.com
giallozafferrano.com
jizihao1.com
mysticheightstrail.com
fourseasonslb.com
kjnala.shop
mosiacwall.com
vandistreet.com
gracefullytouchedartistry.com
hbiwhwr.shop
mfmz.net
hrmbrillianz.com
funwarsztat.com
polewithcandy.com
ourrajasthan.com
wilhouettteamerica.com
johnnystintshop.com
asgnelwin.com
alcmcyu.com
thwmlohr.click
gypseascuba.com
mysonisgaythemovie.com
sunriseautostorellc.com
fuhouse.link
motorcycleglassesshop.com
vaskaworldairways.com
qixservice.online
b2b-scaling.com
03ss.vip
trishpintar.com
gk84.com
omclaval.com
emeeycarwash.com
wb7mnp.com
kimgj.com
278809.com
summitstracecolumbus.com
dryadai.com
vistcreative.com
weoliveorder.com
kwamitikki.com
cjk66.online
travisline.pro
mercardosupltda.shop
sunspotplumbing.com
podplugca.com
leontellez.com
fzturf.com
docomo-mobileconsulting.com
apneabirmingham.info
rollesgraciejiujitsu.com
sx15k.com
kebobcapital.com
91967.net
claudiaduverglas.com
zhperviepixie.com
oliwas.xyz
flowersinspace.tech
uadmxqby.click
greatbaitusa.com
drpenawaraircondhargarahmah.com
sofbks.top
sarthaksrishticreation.com
Targets
-
-
Target
SWIFT_BJ23004300IU2398385.pdf.exe
-
Size
426KB
-
MD5
32da6e72c3efd2d3242c8e49ba196303
-
SHA1
921978e022ace201a67e3bd29ce5efda33f3c391
-
SHA256
fff1dacdf63f9d7d618c930f304a119d24fd3592eab317e988b208ad8819517f
-
SHA512
5a27b0eb40f2681eb26c781433c36ce50d81dce1fe8c549944aa49985b01bf5a637f503bfd02936e0991525882a03a36b5f238aa5758477cae62f5d8c2705687
-
SSDEEP
12288:zfLCxmUNqIg3XFhiR44O7lEJLbGQCVjxdrCcn:zfLC8U0IsF14O7+ZGJd2cn
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-