General
-
Target
b54b6ef71478646451ca1905b93c380141b4df637d73cb796af0a391ba47f43e.exe
-
Size
742KB
-
Sample
241221-dg8cfa1ldy
-
MD5
25369cacd15fd28391f08b48ad5fdf4d
-
SHA1
f091fd2f772d7c566bcce4c046323ef02808f2da
-
SHA256
b54b6ef71478646451ca1905b93c380141b4df637d73cb796af0a391ba47f43e
-
SHA512
e13b6e32e1106f93f6a9fdf8a1871d4a60ca015d8c68a72ca557990dedb82da81c722a36a0a862f564b0809bd092da4bf2dfa9a809febc81b19413d534581598
-
SSDEEP
12288:ZjlIpHtMPku+l0CPPlzYUDbl3H7WZiga3jtuAEzY69hbnrF65FO28EYT/0:ZjlIhSPd+plzYu3+UuAEzY0h3FfxECs
Malware Config
Extracted
formbook
4.1
gd04
f5u8utd50.icu
ob-offer-33304.bond
aaf.zone
hoppersrack.store
nline-gaming-33476.bond
isionaryvault.online
ilitary-jobs-88516.bond
iyxym.info
eyes.xyz
refle.xyz
kinsmonlkey.shop
oruu.shop
est2x2.online
nline-advertising-77889.bond
hepresspoolai.xyz
anilaberg.online
reimutigleben.store
anguage-courses-22450.bond
zzt.xyz
kfn.lat
Targets
-
-
Target
b54b6ef71478646451ca1905b93c380141b4df637d73cb796af0a391ba47f43e.exe
-
Size
742KB
-
MD5
25369cacd15fd28391f08b48ad5fdf4d
-
SHA1
f091fd2f772d7c566bcce4c046323ef02808f2da
-
SHA256
b54b6ef71478646451ca1905b93c380141b4df637d73cb796af0a391ba47f43e
-
SHA512
e13b6e32e1106f93f6a9fdf8a1871d4a60ca015d8c68a72ca557990dedb82da81c722a36a0a862f564b0809bd092da4bf2dfa9a809febc81b19413d534581598
-
SSDEEP
12288:ZjlIpHtMPku+l0CPPlzYUDbl3H7WZiga3jtuAEzY69hbnrF65FO28EYT/0:ZjlIhSPd+plzYu3+UuAEzY0h3FfxECs
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-