General
-
Target
JaffaCakes118_cf0e116dee54548758f13c3149761d93a51e4d197ebc155bb2e91cb79b136497
-
Size
234KB
-
Sample
241229-c5hw1szme1
-
MD5
7b05931d98d97d2ceddcee1bfb31c7de
-
SHA1
01dfbc75c1ae3e9a04bcf8dd115e20fe6c358f12
-
SHA256
cf0e116dee54548758f13c3149761d93a51e4d197ebc155bb2e91cb79b136497
-
SHA512
eedb35c01a183689b1e7fad56aee6dd1555f8fc6482685b447f545984a2707cf53a1ffe623d6c4b91dd47f4f99f033404070ac16cdae740c989017a149f765a2
-
SSDEEP
6144:bMyIOhf17pAp8gswdlklZ5kkFFAILekrM4l:Vp1VAp8SdG5kPqf
Malware Config
Extracted
formbook
4.1
thl4
281155oo.com
ykszyx.com
carhiredurban.com
aualiaison.com
papuapod.com
indianapolisheatingair.com
astoriakrd.online
tiffanyandzach.com
thenextstepos.com
greenleaveshotels.com
opatijatourism.com
greenberg.realestate
coastallasercharleston.com
maximgroupbd.com
one1.agency
gzlckz.com
brittanyreevesmusic.com
login.bid
juliettebrederode.com
stranded.xyz
Targets
-
-
Target
2220944d9985a6843374f41b835a9825
-
Size
272KB
-
MD5
2220944d9985a6843374f41b835a9825
-
SHA1
1929c4c64ea4cc18608eaf6140d1b28fa98d7ed3
-
SHA256
3d5d3eb3853ff82697da75cf6da041f61f72e06d686010a02d52ebaa63ddca65
-
SHA512
f1ec6f41d5b9ed14885df6e090a77b06c10f2e61ed36525dfd4e953a61c948da8271c2ea5e29dd5fcdba62e2acc218e74b71312e3ef30c54a87b387534e2c816
-
SSDEEP
6144:5EtTqjFaFtV9KoA68Atd/Tdle0U0gCKTkn9om07/6s2eD5HG:5E9fN26ZtLlDGCos9ofis2gH
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook family
-
Formbook payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-