General
-
Target
bin 1.xls
-
Size
183KB
-
Sample
200731-kqa52nsg1j
-
MD5
ad085c2d0b11bd6268b5cf5e1f86c6d2
-
SHA1
20aa89a8d2cb83226065e4ecf97799409f9fd2ae
-
SHA256
8d9a34f51bcef521b4dad284038743c1cce9b9481d558225e33add85c4c9173b
-
SHA512
3ff47f33dc1fb6d9e9197c345153febe4388923ac7e27e87e3ea97d2bf7dde7dd62fcc02f2768fabd6ac4764bf48df0f0b6388719167b8b9ba1b350e16e44b12
Static task
static1
Behavioral task
behavioral1
Sample
bin 1.xls
Resource
win7v200722
Malware Config
Targets
-
-
Target
bin 1.xls
-
Size
183KB
-
MD5
ad085c2d0b11bd6268b5cf5e1f86c6d2
-
SHA1
20aa89a8d2cb83226065e4ecf97799409f9fd2ae
-
SHA256
8d9a34f51bcef521b4dad284038743c1cce9b9481d558225e33add85c4c9173b
-
SHA512
3ff47f33dc1fb6d9e9197c345153febe4388923ac7e27e87e3ea97d2bf7dde7dd62fcc02f2768fabd6ac4764bf48df0f0b6388719167b8b9ba1b350e16e44b12
-
Formbook Payload
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-