General
-
Target
88558ffe27726373b0cb9ce9a5d612ab009a1693487e366a32c55ec16e5b8ab8
-
Size
744KB
-
Sample
231101-fxqhnsah2z
-
MD5
5c09000c1e5da74778d77be881f87810
-
SHA1
dcf203cbe2ad9ed6e588c708a5819a3c9c98b660
-
SHA256
88558ffe27726373b0cb9ce9a5d612ab009a1693487e366a32c55ec16e5b8ab8
-
SHA512
30ee1863ee28ab4a638cf5fd09466edeb2a62047e7d51b5b841a1b41f0209bcf40fd5231dd13ac6526bf0c14b1c72585a5cb67a6c273b9209c7ecbc2488b21fc
-
SSDEEP
12288:sboaxr4plPNelaqHFsQe2WzKr/BnGzsIQTLsjT7zkTcAoPFOA0TOdYqWOEnOEuVe:WMl8laAFsQ7r/BSsIQTCT7zkT6qadFW7
Malware Config
Extracted
formbook
4.1
4hc5
amandaastburyillustration.com
7141999.com
showshoe.info
sagemarlin.com
lithuaniandreamtime.com
therenixgroupllc.com
avalialooks.shop
vurporn.com
lemmy.systems
2816goldfinch.com
pacersun.com
checktrace.com
loadtransfer.site
matsuri-jujutsukaisen.com
iontrapper.science
5108010.com
beidixi.com
21305599.com
peakvitality.fitness
osisfeelingfee.com
Targets
-
-
Target
88558ffe27726373b0cb9ce9a5d612ab009a1693487e366a32c55ec16e5b8ab8
-
Size
744KB
-
MD5
5c09000c1e5da74778d77be881f87810
-
SHA1
dcf203cbe2ad9ed6e588c708a5819a3c9c98b660
-
SHA256
88558ffe27726373b0cb9ce9a5d612ab009a1693487e366a32c55ec16e5b8ab8
-
SHA512
30ee1863ee28ab4a638cf5fd09466edeb2a62047e7d51b5b841a1b41f0209bcf40fd5231dd13ac6526bf0c14b1c72585a5cb67a6c273b9209c7ecbc2488b21fc
-
SSDEEP
12288:sboaxr4plPNelaqHFsQe2WzKr/BnGzsIQTLsjT7zkTcAoPFOA0TOdYqWOEnOEuVe:WMl8laAFsQ7r/BSsIQTCT7zkT6qadFW7
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-