General
-
Target
9a565700a3d3c7a802780c0e4ba717b082175fd33b5afc7dcfeb95905b6db784.exe
-
Size
590KB
-
Sample
240326-c6kf8seh2x
-
MD5
2f9e1385a9c419ad70bb121e4250ae0a
-
SHA1
ee2018b7427e3eccd78683018864043a72d841a9
-
SHA256
9a565700a3d3c7a802780c0e4ba717b082175fd33b5afc7dcfeb95905b6db784
-
SHA512
9c7a9d86a29729b1189a027e11c40175928c2c76355678ebaa06a08b42a8b0d6c0e6ba6237d61aa81a8a80e8b9d52b22c877f45dd74a233c720fee10e6419917
-
SSDEEP
12288:IS4CMwNNFJyvdgH7RPTwerlTuzRjynjSGqaJt2m8:IMFggH7RbweRTuzJsjSGqaJsm8
Malware Config
Extracted
formbook
4.1
o22d
stillsfengservices.com
protectagainstcrime.com
winiboya.com
mindbeforemusic.com
giyelz1i5.sbs
coin8899.com
coolgirls.club
ssdcf1416aasx.world
heir.solutions
soulmatchup.xyz
ingenetpy.com
knkvdqt5g.sbs
vireoremedy.com
leopolis.rent
apartment-for-rent-314.space
theenlightenedmotherhood.com
zidao.cloud
oi7982jbacdbfssagroup.monster
anandasnacks.com
start.beer
Targets
-
-
Target
9a565700a3d3c7a802780c0e4ba717b082175fd33b5afc7dcfeb95905b6db784.exe
-
Size
590KB
-
MD5
2f9e1385a9c419ad70bb121e4250ae0a
-
SHA1
ee2018b7427e3eccd78683018864043a72d841a9
-
SHA256
9a565700a3d3c7a802780c0e4ba717b082175fd33b5afc7dcfeb95905b6db784
-
SHA512
9c7a9d86a29729b1189a027e11c40175928c2c76355678ebaa06a08b42a8b0d6c0e6ba6237d61aa81a8a80e8b9d52b22c877f45dd74a233c720fee10e6419917
-
SSDEEP
12288:IS4CMwNNFJyvdgH7RPTwerlTuzRjynjSGqaJt2m8:IMFggH7RbweRTuzJsjSGqaJsm8
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Detects executables packed with SmartAssembly
-
Formbook payload
-
Suspicious use of SetThreadContext
-