General
-
Target
15072024_1333_12072024_Ticket Receipt and Fine.rar
-
Size
1.1MB
-
Sample
240715-qtpgbashpp
-
MD5
09fdcc813bd56d6a1c4c41030ad9f605
-
SHA1
9de5b60213074f74db1b60dda6c1ad83cf6792d5
-
SHA256
199b27fd2960477373f8866cfe909c639e8a7393390e01de536356ac28d7c2d3
-
SHA512
1510f7d378f881004447dd1da241dfdabd047f5fdff961be4e51934dabffd69af6c90fbb610d35a9540e38082327afd033542121e69a6818dfa6d3b3d0c609a9
-
SSDEEP
24576:cVDHF6UqsV+RcBFVY6AlqbyPuhB5VDHF6UqsV+RcBFVY6AlqbyPuhBQ:sDHF6UqYAlqbyPuhB3DHF6UqYAlqbyPn
Static task
static1
Behavioral task
behavioral1
Sample
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
Receipt-30927862-Ticket#0973726-Fines-19346383.exe
Resource
win7-20240705-en
Malware Config
Extracted
formbook
4.1
gb29
deecentshop.xyz
agcpros.com
bzbbkmmf.xyz
marketprofissional.com
891237.com
hwqcoiu.xyz
ultimabet.store
nirikide.shop
rsstationary.com
sareease.com
genaidefense.com
mbn254.shop
92fwq.com
buses.life
zbcgf.shop
cheickfatoumata.com
jkendricksmusic.com
dokalopsia.digital
wr70.top
horebconstructioncorp.com
pqjzr.xyz
mardigreen.com
softlogic.xyz
trustealeaf.com
xzyetyp.com
56moon.com
learndropshippingindia.com
bt365726.com
home-renovation.quest
japclub.com
tinyhandsbreakshearts.com
agstudio.website
combustivelagua.online
azdesertvibes.com
meteorfrocks.fun
emailsports.com
minscbyfvagwye.com
zzzloutre.com
oncharge.news
bl7gik.rest
lsnhp.com
n9p5h7.com
7598812.com
playnene.com
abc8v66.com
finamixinvestments.com
www25716.vip
cb257.pro
24hrsisenough.com
fieldasarite.monster
41859956.com
up72.top
jiwo.life
kjsdhklssk35.xyz
sultan88togel.com
eulernumber.com
awsbrkb.com
ryzune.tech
imagivilleart.com
theinternote.com
cloudcomputingbenefits.com
xn--zfv40q1g814j.net
trikpolatombak3.site
njwaterproof.com
yoursouthjerseylawyer.com
Targets
-
-
Target
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
-
Size
1.0MB
-
MD5
c64808bee3cbc24910d4a426d4123cce
-
SHA1
eeff1a128b756e5d4eaabbca3db35c765f7f03f8
-
SHA256
9039d85eec99722427577d83cfcf5464fa26d64ca5a40682ba3be7942a3e7155
-
SHA512
372e126b49c5a7c1081c92b73a010d84a89f6e7f3ac5c9b6dc0668ca6e6f8390c495f0ef28d31f8460145693d3cb342b81be40fa2fa920ef2ed17460944bad99
-
SSDEEP
24576:ntb20pkaCqT5TBWgNQ7a/zdBNeZXGraTPv6A:kVg5tQ7a/zdONGrab5
-
Formbook payload
-
Suspicious use of SetThreadContext
-
-
-
Target
Receipt-30927862-Ticket#0973726-Fines-19346383.exe
-
Size
1.0MB
-
MD5
c64808bee3cbc24910d4a426d4123cce
-
SHA1
eeff1a128b756e5d4eaabbca3db35c765f7f03f8
-
SHA256
9039d85eec99722427577d83cfcf5464fa26d64ca5a40682ba3be7942a3e7155
-
SHA512
372e126b49c5a7c1081c92b73a010d84a89f6e7f3ac5c9b6dc0668ca6e6f8390c495f0ef28d31f8460145693d3cb342b81be40fa2fa920ef2ed17460944bad99
-
SSDEEP
24576:ntb20pkaCqT5TBWgNQ7a/zdBNeZXGraTPv6A:kVg5tQ7a/zdONGrab5
-
Formbook payload
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-