General

  • Target

    e0979c477a9fb392736452c21d9c1ed3443b9377b3f8c325ee7cb33160284928

  • Size

    185KB

  • MD5

    f4df11727ef9683396006b5ee2e5d930

  • SHA1

    b362e7000df956f56bfd27bf8ec9df49a4cbe0f6

  • SHA256

    e0979c477a9fb392736452c21d9c1ed3443b9377b3f8c325ee7cb33160284928

  • SHA512

    f46547ebcf912245e54ef5ed47246bd62ee6d0ba9d080c3ef102aec0c5f31407d55b5d3952c0d2d6741182c20775a2d0e18a7c8f1db64e873f646b9866b38cbe

  • SSDEEP

    3072:/vduvFr3f8ETsN1Zmyjmy28z26IBO7MVydP6GcHRkbuYHEzqq:/89fIvzjmBx6iO7MId/cxkSY8

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ao65

Decoy

spins2023.pro

foodontario.com

jsnmz.com

canwealljustagree.com

shopthedivine.store

thelakahealth.com

kuis-raja-borong.website

hbqc2.com

optimusvisionlb.com

urdulatest.com

akhayarplus.com

info-antai-service.com

kermisbedrijfkramer.online

epansion.com

gxqingmeng.top

maltsky.net

ictwath.com

sharmafootcare.com

mycheese.net

portfoliotestkitchen.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e0979c477a9fb392736452c21d9c1ed3443b9377b3f8c325ee7cb33160284928
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections