General
-
Target
Invoice & Packing.exe
-
Size
1.1MB
-
Sample
241126-rf4vhstrey
-
MD5
290979740e29c4b28b20979ca70ee62e
-
SHA1
56c8071abcc945b4dd950d2b3e17aa12dfb40292
-
SHA256
e9357223834b955c93bbd3e8f48563670a44161f92a15717774f4df9b825f0b6
-
SHA512
74736ad0df48f39b5d7cf3e6bc0862e0a22e73ef6fee85f4ce4a7fcc5ae0eb0e7e30111a302f806fd0227146c5e54d1cd48021f23cd4367df77e7924195deedd
-
SSDEEP
12288:+tb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaITu+DexWGESM26A:+tb20pkaCqT5TBWgNQ7aQxCHEP26A
Static task
static1
Behavioral task
behavioral1
Sample
Invoice & Packing.exe
Resource
win7-20240903-en
Malware Config
Extracted
formbook
4.1
cl21
0001.shop
earch-parttimejobs.today
are888.top
akanhaunthipped.shop
othing-heyu.xyz
cadvirsor.net
nclanalae.shop
lectric-cars-mexico.today
oxj-question.xyz
ersonalloanoffers.today
ersonalloans-fo54-fo37.click
verybody-ewfx.xyz
ercuremontauban.media
azilimdunyam.net
airs-clinicato.today
wiftsscend.click
ertainly-jbws.xyz
8xeng.app
damekadmitageable.cfd
ollapsedec.shop
mpldo.app
g18q29a.top
etaddiction.tech
lbatasalboinamoco.shop
eyyzj-medical.xyz
ote-lmeg.xyz
cellelukacs.shop
evinedesignz11.net
n217.vip
eimy.top
ellisimaa.shop
hjk-west.xyz
nline-dating-be-10.today
wocykmw.top
ytsxv.xyz
iding-lawn-mower.today
olarpergolasolutions.today
ainco.net
r86yd.top
ndrvb-stock.xyz
ing88vn.today
vez3.xyz
fg-am.pro
ultplanlz.click
ecurebet.click
fjng-court.xyz
rsenalatamanaxweed.shop
iaoyingtao16.vip
rime-kvsff.xyz
ufdd-interesting.xyz
qbdl-base.xyz
ushihq.xyz
400108pptddbo685.top
tself-gqemlq.xyz
uyher.shop
ffprintshoplv.shop
ushyniceneobaza.cfd
dmrroa.net
ar-deals-ca-8966160.live
ramx-jorv.top
ifw-less.xyz
hwisdom.net
xrjgq-prepare.xyz
rchertravel.click
ingledatings46.xyz
Targets
-
-
Target
Invoice & Packing.exe
-
Size
1.1MB
-
MD5
290979740e29c4b28b20979ca70ee62e
-
SHA1
56c8071abcc945b4dd950d2b3e17aa12dfb40292
-
SHA256
e9357223834b955c93bbd3e8f48563670a44161f92a15717774f4df9b825f0b6
-
SHA512
74736ad0df48f39b5d7cf3e6bc0862e0a22e73ef6fee85f4ce4a7fcc5ae0eb0e7e30111a302f806fd0227146c5e54d1cd48021f23cd4367df77e7924195deedd
-
SSDEEP
12288:+tb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaITu+DexWGESM26A:+tb20pkaCqT5TBWgNQ7aQxCHEP26A
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-