General
-
Target
c30b28bb996032492725ea9782724baa_JaffaCakes118
-
Size
268KB
-
Sample
240826-p6934svcpd
-
MD5
c30b28bb996032492725ea9782724baa
-
SHA1
dff6fc80b3d0a6862332a2c359d5a151746ae6c9
-
SHA256
3a51eb4e3b0be0fd50363c315034e76bfbdc34df9d5d5fdeefa54fe2d583b686
-
SHA512
adb82caf6e3e5e08118f7520a04f75555916f7a1198512a45b28dd0a03542400be18b6b0b2fd4e6fa1a7536c680b80b482755fddb5a0e0f213a08bbb37bc2cd3
-
SSDEEP
6144:dDCiPKgSAKxvKsYxCGwACPPUqL+/1+t62v5EoXwsRCn:YjyKxvKsYEoCPMy+/52E
Malware Config
Extracted
formbook
3.7
ch20
ddcmt.com
dog-and-co.com
samsmarketinglifesyle.com
restoremyceiling.net
ecole-populaire-eqilibre.com
180pe.com
epitomeabbbulldogs.com
kanatciaga.com
netgociosweb.com
zurisgo.com
those.ltd
kidshelp1.com
938009.com
tjjjfy.com
deverandercoach.com
melbourneai.net
northwesternbagco.com
naso360.com
capetownvodka.com
im-age.com
Targets
-
-
Target
c30b28bb996032492725ea9782724baa_JaffaCakes118
-
Size
268KB
-
MD5
c30b28bb996032492725ea9782724baa
-
SHA1
dff6fc80b3d0a6862332a2c359d5a151746ae6c9
-
SHA256
3a51eb4e3b0be0fd50363c315034e76bfbdc34df9d5d5fdeefa54fe2d583b686
-
SHA512
adb82caf6e3e5e08118f7520a04f75555916f7a1198512a45b28dd0a03542400be18b6b0b2fd4e6fa1a7536c680b80b482755fddb5a0e0f213a08bbb37bc2cd3
-
SSDEEP
6144:dDCiPKgSAKxvKsYxCGwACPPUqL+/1+t62v5EoXwsRCn:YjyKxvKsYEoCPMy+/52E
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-