General
-
Target
a073edb1dacc3f6cbb7b416c6196f7d56a8d6d195a337952524e1e8ee5921461.exe
-
Size
598KB
-
Sample
240724-xydnyasfnm
-
MD5
aa175e1bf43f1c940ffd2e23f853a070
-
SHA1
bf01a6051d30abac10ba726e7ef40a68c17799f6
-
SHA256
a073edb1dacc3f6cbb7b416c6196f7d56a8d6d195a337952524e1e8ee5921461
-
SHA512
65e1295e92dc6bd4bbf68c8769312cc024e84b1264e84b44d31cdec28f484dc9ac8026b42b83ff22848724e65ee57b0c9d777bce3896b84c497a668921e2487f
-
SSDEEP
12288:mYV6MorX7qzuC3QHO9FQVHPF51jgc/Ppf5/6KLrA5v5Jg:lBXu9HGaVH5hC6k5Bq
Malware Config
Extracted
formbook
4.1
hc58
reunioncoins.com
slot88win.today
diamondcarp.com
poke138.site
cratermaketing.com
mutokiva.website
thstocks5.online
openaquasurge.com
prodsdigital.com
exileescape.com
iqcjuetaudtj.com
bwexhaustprofl.com
indiglobalconnect.com
pushkeyclub.com
stephvin.top
lifebione.com
hannahmegery.com
brookchivell.com
bioskyline.com
nonprofitgrants.online
Targets
-
-
Target
a073edb1dacc3f6cbb7b416c6196f7d56a8d6d195a337952524e1e8ee5921461.exe
-
Size
598KB
-
MD5
aa175e1bf43f1c940ffd2e23f853a070
-
SHA1
bf01a6051d30abac10ba726e7ef40a68c17799f6
-
SHA256
a073edb1dacc3f6cbb7b416c6196f7d56a8d6d195a337952524e1e8ee5921461
-
SHA512
65e1295e92dc6bd4bbf68c8769312cc024e84b1264e84b44d31cdec28f484dc9ac8026b42b83ff22848724e65ee57b0c9d777bce3896b84c497a668921e2487f
-
SSDEEP
12288:mYV6MorX7qzuC3QHO9FQVHPF51jgc/Ppf5/6KLrA5v5Jg:lBXu9HGaVH5hC6k5Bq
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-