General
-
Target
mail.eml
-
Size
877KB
-
Sample
240502-gvqlbsah91
-
MD5
a0ec1fae38648b4bea8060a9ca187018
-
SHA1
0272fe9bbc49f8b369a418ee1a2cedf799ceade7
-
SHA256
0ed1f530b680339424c7d1e8287a1ff382a0bf370230dd7099efed2faf39f1e3
-
SHA512
e740181fd440f566dab0c991b30b7ac5ffdba475816b7d24c8ad661f6c4a89ecf26fb0fd2436b6c7ca3a6e0bee43c81e58301fcbcd51be1d6105e44abc9e64a4
-
SSDEEP
24576:XYQfkRVf6x7wfWAGY3y7doKcWFRy2mI5w1R:XYWUWfxKR
Static task
static1
Behavioral task
behavioral1
Sample
shipping doc.exe
Resource
win7-20240419-en
Malware Config
Extracted
formbook
4.1
ba94
dxtra.shop
upfromhere-eventsdecor.com
blacksevenkoeln.shop
pcboards2024.xyz
posteo.lol
naservus.com
pivotance.com
90ans.com
ebenezer-remodeling.com
reddragondao.com
gspotshop.com
thesiamesebetta.biz
rrdhq.com
greenislandservices.info
prismotrov.com
elaqbh.shop
sosenfantscovidlong.com
elmsolarsavings.com
sol-casino-2023.club
sharecroipper.top
yqwija.info
eat-smile.com
idj257.com
popenza.com
bingpueng.website
odty744.net
ooqowerh.com
primetechinnovationllc.com
themvpcatalyst.us
spesandosupermercato.com
arwile.com
pachecoarquitectos.com
csrhzs.com
citylinechimneythorntonpa.us
apocalypticsigil.us
shareebrooksphotography.com
hjgd.xyz
vertexoffice.com
xn--vf4b25j89a162a.com
fijula.com
odvip666.bet
sekutvk5ks.top
creditscorewizards.com
happyjon.com
18plusmovies.com
xn--vr-jc9iv7k9yrlb465i.net
saga-launchs.app
liyinghao.cc
binpc6.club
schatzaviation.com
employeefeedback.link
whatpixels.com
humidityflash.site
seraph.live
6lsamr.vip
hmi29.top
galaxyprofituk.com
educationman.me
heelfixkit.com
jacobmcfarland.dev
kso032.com
fdue.store
yourreicapital.com
ac6a2qa.cc
steam.help
Targets
-
-
Target
shipping doc.exe
-
Size
1.1MB
-
MD5
47707710ceef8190cd4cd7e4fd28591b
-
SHA1
a3e81115d9e6f3927de11aefe377fc5d1ee85854
-
SHA256
8c41a444478b203f5df1d1f74609057c499e885fe6050a8bd1cf5f0743ab6cee
-
SHA512
3b2a2a7401219a9fb817a41ee3077d6caa01a4d9de2cbb0af1cd49059d974c4a4f6f5c93f4142b1c035fc31eeb60f8470664679c5f66770d6a314315596e16c6
-
SSDEEP
24576:7qDEvCTbMWu7rQYlBQcBiT6rprG8aHTZAwh3bYn:7TvC/MTQYxsWR7aHtAg
-
Formbook payload
-
Suspicious use of SetThreadContext
-