General
-
Target
4498a75f6f27e3e03a0b14ba933c0a06.bin
-
Size
418KB
-
Sample
240428-blhlgacf76
-
MD5
2588f2a8d48512eccc13acddbba932a0
-
SHA1
ec985491b618e1398456c64fa06873e58d9a935b
-
SHA256
c06a5403e056fc7ade2a51d93dce194268b65155f8a1202692302f4bca00539b
-
SHA512
fa935e23df4ba175eee73651352ff94463965dd671fea76ecfb07bdf9607744098fc766f42b333ac3df789036800394ce8b22b5b3649e09ed4473eb639057742
-
SSDEEP
12288:Zm429ItdD6bGczOezfw6x7Kbb5+SHcJBryWSCSkfds1:ZloIbD6lfK/5+3yWSCSEs1
Malware Config
Extracted
formbook
4.1
ij84
resetter.xyz
simonbelanger.me
kwip.xyz
7dbb9.baby
notion-everyday.com
saftiwall.com
pulse-gaming.com
fafafa1.shop
ihaveahole.com
sxtzzj.com
996688x.xyz
komalili.monster
haberdashere.store
nurselifegng.com
kidtryz.com
ghvx.xyz
1minvideopro.com
hidef.group
stylishbeststyler.space
spx21.com
Targets
-
-
Target
270da7ba03177d793879ddc0272e94a0003e9327298879463693f7b78f199e28.exe
-
Size
791KB
-
MD5
4498a75f6f27e3e03a0b14ba933c0a06
-
SHA1
259d54f92d825925cf87c9057d5d0c47a0c50bfb
-
SHA256
270da7ba03177d793879ddc0272e94a0003e9327298879463693f7b78f199e28
-
SHA512
16270ddb916f438bac3c54112ee908ac0ce2c0acf7dc0533f02e6dc49c33a8fb33272aed3e39ce11dbe420fec9ecf577752ed4bd6a203a33630f013ff912fbbf
-
SSDEEP
12288:PXc87X+bXPXST4Fof1XUhRtK+CVIN2X9yKBg7vj3pz17:PXcH/X4ypoig9yKe/5z17
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-