General
-
Target
Details of Your Etisalat Summary Bill for the Month of May 2024.exe
-
Size
1.0MB
-
Sample
240528-qcmldsee61
-
MD5
aa15c6bc55041b534268e0a07c5f0abc
-
SHA1
0b73953d2ea38ba9e4a996f96eb4426da818b854
-
SHA256
87f7f23776e3b70ce5a9f4095028edf855402cee27433be2b7d65c513cf25235
-
SHA512
8de557cfd9cb756fedb7dbe3880dcbd397405b6c3f7802f25010cb9d1bf775309ebd6165253ba7028b7c192a90d741555ac4b55814db4ad25cb054ae97a4f9bf
-
SSDEEP
24576:rAHnh+eWsN3skA4RV1Hom2KXMmHaWSLwh47/N5:Gh+ZkldoPK8YaWSV/
Static task
static1
Behavioral task
behavioral1
Sample
Details of Your Etisalat Summary Bill for the Month of May 2024.exe
Resource
win7-20240220-en
Malware Config
Extracted
formbook
4.1
da29
kas-travel.com
hy1618.net
biosrch.com
sharvellestudio.com
56416.ooo
953700958.com
500051.com
clic.coach
veriosg.xyz
aptsafety.com
cucinaconestilo.com
sercettopper.com
diycoldplungetub.com
hostingopinion.com
mediatechnologysolutions.com
nodogwifnohat.com
ethpiee.com
tragaperrasbares.com
bbbcf.top
jtxu6.top
sorgulama95.shop
myconc.pro
okb-ar.net
thanhdoanacademy.com
rlyadventures.com
maestrolipari.com
digitaluxsolution.com
zituahmed.com
h5yfdgtg.top
whalesnorkelingmirissa.online
indxriim-firsaxtllari.com
fopoliswhlvtjv.top
iransarafan.com
usedata.monster
mnasjdqw66775jqwe09qwjsqwx.vip
aphropay.com
myfreedomlyfe.com
vytennow.com
micheleditrana.com
babycarrot.fun
maltepede.site
618dfyy21.com
flickzbiz.fun
sshihi.top
xsports108.com
ideiastransformadoras.com
aerotyneholdings.com
expandyourbusinessdigital.com
crown777login.com
wheepexpress.com
openshiftstore.com
xzdkzsaczp.xyz
cycmedb.com
9sh3j02g8j.com
cemeku.sydney
functionalfossils.com
kenguru.ink
classicsty.com
directadz.com
scuffedwrapz.com
oxmoz.art
rusticstores.com
vietcadao.com
ai-infinite.net
1wxir.com
Targets
-
-
Target
Details of Your Etisalat Summary Bill for the Month of May 2024.exe
-
Size
1.0MB
-
MD5
aa15c6bc55041b534268e0a07c5f0abc
-
SHA1
0b73953d2ea38ba9e4a996f96eb4426da818b854
-
SHA256
87f7f23776e3b70ce5a9f4095028edf855402cee27433be2b7d65c513cf25235
-
SHA512
8de557cfd9cb756fedb7dbe3880dcbd397405b6c3f7802f25010cb9d1bf775309ebd6165253ba7028b7c192a90d741555ac4b55814db4ad25cb054ae97a4f9bf
-
SSDEEP
24576:rAHnh+eWsN3skA4RV1Hom2KXMmHaWSLwh47/N5:Gh+ZkldoPK8YaWSV/
-
Formbook payload
-
Suspicious use of SetThreadContext
-