General
-
Target
24092024_1119_23092024_MT-103 swift copy of $47,091.00.zip
-
Size
749KB
-
Sample
240924-nezmmawdmg
-
MD5
2776cd26228ed2ee676bcf943a17c5f0
-
SHA1
8dbf8ebc69c4a88dee2444ffd78b520dfbcfd6fc
-
SHA256
ba303951f4c8041a33191a52bd5641ebbe7cfb9cf6aa7b7a377f25be037fa428
-
SHA512
d02b033830dc99249467df9a7f5c2bb0d35a59edb48a456755a2fe45576dbf13ff33fbb8a06dc1bd94e74eb43325344c9bfaa389232cb9eb7adba130828932bb
-
SSDEEP
12288:Z/gBT51V14eECqni+OaFAVk++bVsd61zQO+h5SATMnvrXZe53/:VgBTS7nt4CRPQHpTMvrXkv
Malware Config
Extracted
formbook
4.1
c89p
ftersaleb.top
dcustomdesgins.net
ostbet2024.live
rhgtrdjdjytkyhretrdjfytd.buzz
atauniversity.tech
idoctor365.net
x-design-courses-29670.bond
ellowold-pc.top
ransportationmmsytpro.top
areerfest.xyz
artiresbah-in.today
ijie.pro
torehousestudio.info
69-11-luxury-watches.shop
earing-tests-44243.bond
hits.shop
hzl9.bond
lood-test-jp-1.bond
livialiving.online
usymomsmakingmoney.online
Targets
-
-
Target
MT-103 swift copy of $47,091.00.exe
-
Size
764KB
-
MD5
c29c35fdd0cb6fb2a67ebe5e66d031bf
-
SHA1
8069a08c89042bf1bff896e9d8a68f05db5af316
-
SHA256
7d99c8ec073617681fc7dca3714bce08da1e6a9920aa39b57af734238d5d685f
-
SHA512
f6dd09aae40a4aa6291d0d384f5b5d4fe94770df93585b235fed994f2dbbeb214550b0a3c55bb479f4c5b316520748d2ccec01b1b85e965fb0c51948d7a229b1
-
SSDEEP
12288:v6Wq4aaE6KwyF5L0Y2D1PqLXkK+rLst81zQw+h5GATMnNTXXe53V:tthEVaPqL059QhtTMNTXel
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-