General
-
Target
REF_03351.doc
-
Size
107KB
-
Sample
231024-ghe9tsah9x
-
MD5
a88cdb8b15c191da58017f1cecb2bb6c
-
SHA1
ee981d84fdc3c48aa36895f9678f3436f6a36187
-
SHA256
164f2714126814149fbed4dc3ae5b82fdf8ba50ff6e01011b110103147bd3b38
-
SHA512
282f86b377dfda48b7adc2c7d2e06a525e72c2dc419915766e9e15105ac66529ea081f16f5881f240f3ed9b39d1d51f32df05abae3b8fe2604c569666eeb634b
-
SSDEEP
768:lwAbZSibMX9gRWjmBbnuTgoOC92TkvjDQDUuXngQmjsB5FAj:lwAlRPlyzZ2TkvjDQIuw2B5i
Static task
static1
Behavioral task
behavioral1
Sample
REF_03351.rtf
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
REF_03351.rtf
Resource
win10v2004-20231020-en
Malware Config
Extracted
formbook
4.1
o5pf
readyupgraphics.com
linkduren77.xyz
aeronoms.com
dingyaping.com
813tv.net
emerge-marketing.com
janvori.online
sublimardr.com
jaggerglass.autos
mp3juices.work
alexandrasfinejewelery.com
tepatoken.com
snugglewash.com
hmoney.net
whatpowerplug.com
baassource.online
piscogastrolounge.com
shower-installation-15244.bond
zxhzgroup.com
vcxz800.website
kuraiminwa.com
yinxia.net
corporatelawcompliance.com
2wwwfacebook.com
vaetshine.xyz
n8tg.com
bblackpass.biz
wanshun.vip
dunamistrainingco.com
playworks.club
shopwali.com
lostexpectations.com
ssongg10718.cfd
caretrusthealth.info
passiveprofitsathome.com
akedonline.link
anonymouscoin.live
elearnhubspot.online
recharge.host
btgconsultinggroup.com
koyydemo.info
lucky8shoping.com
verglastrading.com
dongjijun.com
alexyxcfgh.online
theroutineadvantagepodcast.com
softshelljacketstore.com
saladamista.store
tonysucksapparel.com
euvexofficial.com
pfqp1fz67vo2l2b.xyz
timesnoble.com
fetc.ink
zshzg.com
xstreamsmetrics.online
cassavatree.com
megpt.chat
judega.net
technoimpex.net
titocart.com
religiousbazaar.com
lucknowinteriordesigner.com
pwant.net
postissue.site
vnd547.com
Targets
-
-
Target
REF_03351.doc
-
Size
107KB
-
MD5
a88cdb8b15c191da58017f1cecb2bb6c
-
SHA1
ee981d84fdc3c48aa36895f9678f3436f6a36187
-
SHA256
164f2714126814149fbed4dc3ae5b82fdf8ba50ff6e01011b110103147bd3b38
-
SHA512
282f86b377dfda48b7adc2c7d2e06a525e72c2dc419915766e9e15105ac66529ea081f16f5881f240f3ed9b39d1d51f32df05abae3b8fe2604c569666eeb634b
-
SSDEEP
768:lwAbZSibMX9gRWjmBbnuTgoOC92TkvjDQDUuXngQmjsB5FAj:lwAlRPlyzZ2TkvjDQIuw2B5i
-
Formbook payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-