General
-
Target
956c41761587ea08a6eb3fca5b047ec8a3145a2d3ced9d8d3967ab351891bad4.exe
-
Size
784KB
-
Sample
240724-xglyzs1gjl
-
MD5
fab057e49c317d42f565ef0efe766557
-
SHA1
ebdcbb656a7d0d9ca8c29239a190e1d0265573cd
-
SHA256
956c41761587ea08a6eb3fca5b047ec8a3145a2d3ced9d8d3967ab351891bad4
-
SHA512
61c4aac488e50417d01a5ae009c927941a45d8729c98baea372ff2a920da9f33fe4c6a222edf178a17b85e74403a1d8a1eac5ed7b262e7934f973b4552e8c737
-
SSDEEP
12288:xld0Nhc1y3GJO4HIZAsoBYHy8OQHTV0zTafJbtqemyjWIBJC:jy94HIZAsby7QzV0SRd
Malware Config
Extracted
formbook
4.1
ps15
57797.asia
jhpwt.net
basketballdrillsforkids.com
zgzf6.rest
casinomaxnodepositbonus.icu
uptocryptonews.com
gomenasorry.com
fortanix.space
stripscity.xyz
genbotdiy.xyz
mayson-wedding.com
neb-hub.net
seancollinsmusic.com
migraine-treatment-57211.bond
prosperawoman.info
tradefairleads.tech
xn--yeminlitercme-6ob.com
xwaveevent.com
fashiontrendshub.xyz
window-replacement-80823.bond
Targets
-
-
Target
956c41761587ea08a6eb3fca5b047ec8a3145a2d3ced9d8d3967ab351891bad4.exe
-
Size
784KB
-
MD5
fab057e49c317d42f565ef0efe766557
-
SHA1
ebdcbb656a7d0d9ca8c29239a190e1d0265573cd
-
SHA256
956c41761587ea08a6eb3fca5b047ec8a3145a2d3ced9d8d3967ab351891bad4
-
SHA512
61c4aac488e50417d01a5ae009c927941a45d8729c98baea372ff2a920da9f33fe4c6a222edf178a17b85e74403a1d8a1eac5ed7b262e7934f973b4552e8c737
-
SSDEEP
12288:xld0Nhc1y3GJO4HIZAsoBYHy8OQHTV0zTafJbtqemyjWIBJC:jy94HIZAsby7QzV0SRd
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-