General
-
Target
Maersk Arrival Notice ready for Bill of Lading 238591458.exe
-
Size
1.1MB
-
Sample
240613-kr3y2awajp
-
MD5
7d8eba7ae0e5cb213b8b3c8d202d69eb
-
SHA1
2f4fdf21a78bf6128a3cffe55e916b7daad175c9
-
SHA256
d67c467e851c6f18a79386dbbae7049d07c9c6381a98d141638eef7d83106373
-
SHA512
38de5d3e64362d445e4d4469fded251d29a5502f980fe9a6fce710111f26f3efeb5e41ca8839ec391905cec46fc20cff16303412f84356f38456b5dac3193e43
-
SSDEEP
24576:bAHnh+eWsN3skA4RV1Hom2KXMmHaDeipba5:2h+ZkldoPK8YaDTU
Static task
static1
Behavioral task
behavioral1
Sample
Maersk Arrival Notice ready for Bill of Lading 238591458.exe
Resource
win7-20240220-en
Malware Config
Extracted
formbook
4.1
ss63
catpig.xyz
chatladyanzensei7.site
onewayonepaydroptaxi.com
bima188.lol
wealth-km.online
seepao27200.top
6c958u9.lol
fbyu57ytsd.shop
baranetentegre.com
webaichimie.com
h3k38q2.lol
abicomsrl.com
338kp.vip
rescuecube.com
bubatz-t.com
psgluxuryapartments.com
goodfellowlawfirm.com
bais141.com
imingchu.com
ekzeanjfolzaks.top
hanweixn.com
getwalkapp.com
pharm-resources.com
montessorigpt.com
novaprivatecare.com
3656444.com
h61u4oxx4sraqjm.buzz
vak888.life
q43n.top
sushiommen.com
wvinsiders.com
emran-tahhan.com
manipulatedalgorithms.com
presentiei.shop
juntospelors.com
j0a6doy1x8eyx.com
yexoiup.xyz
bricoarq.com
hnxymaritime.com
selllocaljet.com
h5left513.xyz
65yty.com
everymgs01.com
barbaraht.com
mx5cucs.xyz
checkscamsv.com
smpn1madangsuku2.store
mixefy.shop
gacordewa288.life
srisaiprintpack.com
gasdepo168.com
etancheite-ajaccio.com
slow-man.com
thewhitehorsepub.biz
bay6studio.com
djhtshrtshgrg.lol
xcxocez.shop
games.broker
nudkiss.com
ccconnectglobal.com
wifmilio.com
dpuntada.com
ads8562.shop
diferenciaes.com
fashionchc.com
Targets
-
-
Target
Maersk Arrival Notice ready for Bill of Lading 238591458.exe
-
Size
1.1MB
-
MD5
7d8eba7ae0e5cb213b8b3c8d202d69eb
-
SHA1
2f4fdf21a78bf6128a3cffe55e916b7daad175c9
-
SHA256
d67c467e851c6f18a79386dbbae7049d07c9c6381a98d141638eef7d83106373
-
SHA512
38de5d3e64362d445e4d4469fded251d29a5502f980fe9a6fce710111f26f3efeb5e41ca8839ec391905cec46fc20cff16303412f84356f38456b5dac3193e43
-
SSDEEP
24576:bAHnh+eWsN3skA4RV1Hom2KXMmHaDeipba5:2h+ZkldoPK8YaDTU
-
Formbook payload
-
Suspicious use of SetThreadContext
-