General
-
Target
f632a2441686827d3de393b79f3722a3_JaffaCakes118
-
Size
303KB
-
Sample
240925-rmtywszdpl
-
MD5
f632a2441686827d3de393b79f3722a3
-
SHA1
0d910314d2fc5768c2546f0a0d409b8e8201c9d5
-
SHA256
44e4fb6e15fab6a1185c6687df614d6fdef232879ccb1f8be9c811ece57b2682
-
SHA512
deb37794426966229d990c22917fa98d92e2399bd0afe022c3acc6c99122391f3c4b9e83978f67a4a8074ea4f918bf7037b4d0e5a2537af52f0cd4f823d54a59
-
SSDEEP
6144:G5t0eBLvGV/fMutxOq11XEZzbWrwPabTq6RCjQL/qlhFY9QL5QQA:gaebq/Vf14nIPRv/qBYe25
Malware Config
Extracted
formbook
3.8
hx319
dcxinc.biz
synergiescorpsesprit.com
opvca.com
7907f.com
hunch.info
gxysdc.com
khu6.com
zimmer-ulm.com
bodyfacial.com
shanoski.net
hellcase.market
usdragonz.com
ecologisticperu.com
bitliga.net
iddaocc.com
houstoncarrelief.com
thetravelists.com
excellcium-promotion.com
brendenguthrie.com
cooperateget.com
Targets
-
-
Target
f632a2441686827d3de393b79f3722a3_JaffaCakes118
-
Size
303KB
-
MD5
f632a2441686827d3de393b79f3722a3
-
SHA1
0d910314d2fc5768c2546f0a0d409b8e8201c9d5
-
SHA256
44e4fb6e15fab6a1185c6687df614d6fdef232879ccb1f8be9c811ece57b2682
-
SHA512
deb37794426966229d990c22917fa98d92e2399bd0afe022c3acc6c99122391f3c4b9e83978f67a4a8074ea4f918bf7037b4d0e5a2537af52f0cd4f823d54a59
-
SSDEEP
6144:G5t0eBLvGV/fMutxOq11XEZzbWrwPabTq6RCjQL/qlhFY9QL5QQA:gaebq/Vf14nIPRv/qBYe25
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Suspicious use of SetThreadContext
-