General
-
Target
4a85bac71b81338df2e724c587995e231dfc0b32b004cfea253b8d94422cc4ba.exe
-
Size
1.1MB
-
Sample
241126-cw4gcsyrfw
-
MD5
b333b741b51e1fa861d44c2846939182
-
SHA1
1fe1597be441315cb76e8bfddf97c2344a5d206a
-
SHA256
4a85bac71b81338df2e724c587995e231dfc0b32b004cfea253b8d94422cc4ba
-
SHA512
c85f9f14342e6d49b9d43cf3475f91a5a54cfc4fb89397572027912f4c478b62e306ca0fa2a886e1c89e02c226583eb97eefc04fa45efa8f2d05086a12bf197c
-
SSDEEP
24576:ctb20pkaCqT5TBWgNQ7a6Vjaab/dPQVW0hFdc6A:FVg5tQ7a6VeGV0WWFC5
Static task
static1
Behavioral task
behavioral1
Sample
4a85bac71b81338df2e724c587995e231dfc0b32b004cfea253b8d94422cc4ba.exe
Resource
win7-20241010-en
Malware Config
Extracted
formbook
4.1
ud04
oum7.pro
ovonordisk.online
akrzus.pro
tendmtedcpsa.site
mm.foo
animevyhgsft29817.click
digdxxb.info
1130.vip
uy-now-pay-later-74776.bond
ybzert.online
edcn.link
rime-flow-bay.xyz
nd777id.beauty
otoyama.shop
lranchomx.xyz
unluoren.top
uglesang-troms.net
udulbet88.net
raquewear.shop
ijanarko.net
iuxy.host
itaxia.dev
hisewntbqg.makeup
talianfood.store
22gxx.app
tandkite.fun
rovideoeditor.shop
ires-86307.bond
elitjatarjoukset.click
rofilern.net
uycarpaylater-02-t1e-01.today
futurum.xyz
inance15.site
alance-ton-budget.net
tpuniplay.shop
dlpli.xyz
riteon.online
rippyshaker.shop
rn10.top
linko1win.icu
ugeniolopez.art
raphic-design-degree-68380.bond
narchists.info
uy-now-pay-later-25573.bond
gzvmt.info
df.clinic
onesome.store
imba-168.net
ayef.xyz
64axyozkgl.top
dult-diapers-53774.bond
ec.baby
el-radu-easy4y.one
asik-eye-surgery-63293.bond
p-inbox4.click
0417.one
ualitystore.shop
partments-for-rent-61932.bond
enobscotlobster.online
fhou.link
eo56a3oouu.top
cweb.cyou
hoe-organizer-za.today
p806.top
2creativedesign.online
Targets
-
-
Target
4a85bac71b81338df2e724c587995e231dfc0b32b004cfea253b8d94422cc4ba.exe
-
Size
1.1MB
-
MD5
b333b741b51e1fa861d44c2846939182
-
SHA1
1fe1597be441315cb76e8bfddf97c2344a5d206a
-
SHA256
4a85bac71b81338df2e724c587995e231dfc0b32b004cfea253b8d94422cc4ba
-
SHA512
c85f9f14342e6d49b9d43cf3475f91a5a54cfc4fb89397572027912f4c478b62e306ca0fa2a886e1c89e02c226583eb97eefc04fa45efa8f2d05086a12bf197c
-
SSDEEP
24576:ctb20pkaCqT5TBWgNQ7a6Vjaab/dPQVW0hFdc6A:FVg5tQ7a6VeGV0WWFC5
-
Formbook family
-
Formbook payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-