General
-
Target
UPDATEDSOA.exe
-
Size
852KB
-
Sample
241211-rhn7vawjgw
-
MD5
de72a5b4fa920058e63ed08e330c0e64
-
SHA1
9434f5c19f0275ce62bf11ac74315c3ab888f8da
-
SHA256
a6636485e4335ea809fa98c6cc905d19fd315914ea8ea15860e994da507cd7dd
-
SHA512
4816d64b47e8fa40613266bae75c87b97588d56ab0e1b1f9f3907aadb601854120919a5253a10dc515794c51dc39f2d91a95d5e56a5aa726070016b6f79e03b3
-
SSDEEP
12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLaT5O1/20MVefeBPhYjbxay:ffmMv6Ckr7Mny5QLCOTMVefKY3xn
Static task
static1
Behavioral task
behavioral1
Sample
UPDATEDSOA.exe
Resource
win7-20240729-en
Malware Config
Extracted
formbook
4.1
ge07
amyard.shop
eloshost.xyz
g18q11a.top
orensic-vendor-735524320.click
ithin-ksvodn.xyz
xhyx.top
elonix-traceglow.pro
cillascrewedsedroth.cfd
wner-nyquh.xyz
reyhazeusa.shop
esmellretaperetotal.cfd
hqm-during.xyz
pipagtxcorrelo.xyz
lray-civil.xyz
apybarameme.xyz
rbuds.shop
hild-fcudh.xyz
rkgexg.top
estwestcottwines.shop
giyztm.xyz
epehr.pics
lways-vhyrp.xyz
acifictechnologycctv.net
iscinddocenaemlynne.cfd
ridesmaidgiftsboutiqueki.shop
ubtleclothingco.fashion
hemicans.xyz
ebaoge318.top
zoc-marriage.xyz
ngeribe2.homes
oal-ahzgwo.xyz
eries-htii.xyz
ool-covers76.xyz
ecurityemployment.today
croom.net
f7y2i9fgm.xyz
earch-lawyer-consultation.today
066iwx2t.shop
ound-omagf.xyz
ivglass.xyz
fdyh-investment.xyz
yegle.net
eader-aaexvn.xyz
dvle-father.xyz
onsfskfsmpfssfpewqdsawqe.xyz
ffect-xedzl.xyz
ood-packaging-jobs-brasil.today
lasterdeals.shop
ehkd.top
pm-22-ns-2.click
ocockbowerlybrawer.cfd
ostcanadantpl.top
vrkof-point.xyz
lsader.app
nce-ystyx.xyz
azl.pro
ea-yogkkb.xyz
isit-txax.xyz
rowadservepros.net
6282.xyz
roduct-xgky.xyz
wner-nyquh.xyz
sfmoreservicesllc.lat
rasko.net
9net88.net
Targets
-
-
Target
UPDATEDSOA.exe
-
Size
852KB
-
MD5
de72a5b4fa920058e63ed08e330c0e64
-
SHA1
9434f5c19f0275ce62bf11ac74315c3ab888f8da
-
SHA256
a6636485e4335ea809fa98c6cc905d19fd315914ea8ea15860e994da507cd7dd
-
SHA512
4816d64b47e8fa40613266bae75c87b97588d56ab0e1b1f9f3907aadb601854120919a5253a10dc515794c51dc39f2d91a95d5e56a5aa726070016b6f79e03b3
-
SSDEEP
12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLaT5O1/20MVefeBPhYjbxay:ffmMv6Ckr7Mny5QLCOTMVefKY3xn
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-