General
-
Target
24092024_1247_23092024_Signed Contract.zip
-
Size
749KB
-
Sample
240924-pz878syeng
-
MD5
32dfad980ef52e9de8c75e5c86d05dcf
-
SHA1
52f8ac56a41e1437d9da3e64a12388f259d65e81
-
SHA256
0cfdb411366e6a45b0338fa218caffca2ae946a324fab7b009147ed53e0edebd
-
SHA512
443d7e324b25eb7d7c6d4fc77af93ebea4263d0532b383df2b3d4f35ca3c8d4f4ff61354e71a6be544c2ac15d1942b7971cc0223a8b52fd06d0523230c39394a
-
SSDEEP
12288:h/gBT51V14eECqni+OaFAVk++bVsd61zQO+h5SATMnvrXZe53n:NgBTS7nt4CRPQHpTMvrXk3
Malware Config
Extracted
formbook
4.1
c89p
ftersaleb.top
dcustomdesgins.net
ostbet2024.live
rhgtrdjdjytkyhretrdjfytd.buzz
atauniversity.tech
idoctor365.net
x-design-courses-29670.bond
ellowold-pc.top
ransportationmmsytpro.top
areerfest.xyz
artiresbah-in.today
ijie.pro
torehousestudio.info
69-11-luxury-watches.shop
earing-tests-44243.bond
hits.shop
hzl9.bond
lood-test-jp-1.bond
livialiving.online
usymomsmakingmoney.online
Targets
-
-
Target
Signed Contract.exe
-
Size
764KB
-
MD5
c29c35fdd0cb6fb2a67ebe5e66d031bf
-
SHA1
8069a08c89042bf1bff896e9d8a68f05db5af316
-
SHA256
7d99c8ec073617681fc7dca3714bce08da1e6a9920aa39b57af734238d5d685f
-
SHA512
f6dd09aae40a4aa6291d0d384f5b5d4fe94770df93585b235fed994f2dbbeb214550b0a3c55bb479f4c5b316520748d2ccec01b1b85e965fb0c51948d7a229b1
-
SSDEEP
12288:v6Wq4aaE6KwyF5L0Y2D1PqLXkK+rLst81zQw+h5GATMnNTXXe53V:tthEVaPqL059QhtTMNTXel
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-