General
-
Target
TT-SWIFT-Schindler.exe
-
Size
2.4MB
-
Sample
240617-qwvfcatanf
-
MD5
c2105f208d13b645b762e3c592969bb8
-
SHA1
9d1ee2c7c7f9fdf744f0bca64e26693aceaeabe9
-
SHA256
2ee5255934af2f37c295770b441baf6f12e4483e7eb5281df70a4a0164521c70
-
SHA512
23a1427df886d8f5b84b7ae6012905a9e3215785b95f59e0535fa003b2eef79594bcd8653c1bf7056ec1ff92b9cfded8a44055807b3d63f34046d531dcd5b64f
-
SSDEEP
12288:C42m6rLTvbLZlRxTeOw7sR9yZRq+JtpHc0rC0V/77EfRGW6p0GCE9Kg:6m6rLzbtRTeF4crC0Vz7EfIW6p024g
Static task
static1
Behavioral task
behavioral1
Sample
TT-SWIFT-Schindler.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
4.1
m10e
yallanal3b.store
centrumturkiye.net
ibl303.com
cobuyseattle.com
verdictvaultlegal.com
qak8b.live
www63396aa.com
libertydiscountcleaners.com
65a3.com
korabli.site
midsouthinssolutions.com
polakampus.site
pinadaycare.com
bhuzsvjwjyowlqe.xyz
www9143685.com
cbhconsulting.online
jesusparticles.info
tryih.com
imevqszk.xyz
gdelmt597c.top
ayazdanismanlik.com
sweetgracebyag.com
find-jobs-sf-old-tt1.click
prosoftutoriales.com
dir-beck.com
pancing77xkeren.info
pesantrenquran.com
cuan138o.online
linksuhuslot.com
dewa77slot.website
vergarde.com
power-of-revival.com
qfnkhxt.life
muhammadzuhaili.com
www6591101.com
polishedcleanings.com
betbox2380.com
backcare.shop
hamster-kombat.games
17tk557t.com
canbijia.com
ad-stick.com
princesbet.com
whasopp.vip
uraise.xyz
l5xcf.com
pierrebrossierropital.com
tekhtera.com
hbvc.xyz
nz73.top
angelineagency.com
plantfactoryshop.com
fkjdfdyu.xyz
shoetreellc.com
flower-us-delivery.bond
rebel-radio.online
cookie3airdrop.com
linkjet.link
cherishedtimes.space
bocatilecleaning.com
nervocurelojaoficial.site
mrai-kaigi.tokyo
ibuyscrap.com
skzz.store
evripostgbcom.sbs
Targets
-
-
Target
TT-SWIFT-Schindler.exe
-
Size
2.4MB
-
MD5
c2105f208d13b645b762e3c592969bb8
-
SHA1
9d1ee2c7c7f9fdf744f0bca64e26693aceaeabe9
-
SHA256
2ee5255934af2f37c295770b441baf6f12e4483e7eb5281df70a4a0164521c70
-
SHA512
23a1427df886d8f5b84b7ae6012905a9e3215785b95f59e0535fa003b2eef79594bcd8653c1bf7056ec1ff92b9cfded8a44055807b3d63f34046d531dcd5b64f
-
SSDEEP
12288:C42m6rLTvbLZlRxTeOw7sR9yZRq+JtpHc0rC0V/77EfRGW6p0GCE9Kg:6m6rLzbtRTeF4crC0Vz7EfIW6p024g
-
Formbook payload
-
Suspicious use of SetThreadContext
-