General
-
Target
0abbf3b2ab85a653e249c8d9e84cb5d6a254f19f.iso.tar.gz
-
Size
600KB
-
Sample
240627-mee3jsyeqj
-
MD5
3998fe1949dc66a20ab6d152480f291b
-
SHA1
3afad53f51a8d4775a87a7fa5f9cf7662673ee00
-
SHA256
c704ff6e66d4cb482ffd311662801623feec535ab93efdc3a722f28ea61781c6
-
SHA512
87d0666c8137aef1c4a87d2e07cd03937d53dd7c3afa8b0e3f1d6b0a3750eafd0ce209611588e8611cd486688f1d9067fca393ed581fb4e5df3dca436e33ebec
-
SSDEEP
12288:1WzRSpeJlwoKqarUDZQqiQ8VXgZTbpFbTN/lXLbX:0zRPQlDUVQPNVETlFbTN/lXL7
Static task
static1
Behavioral task
behavioral1
Sample
Fisses242.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
4.1
ch25
alexandermartin.shop
nojku.xyz
vrbroadband.com
ahlinih.autos
lwkyg.com
clinicasantacruz.net
sdsuihe.com
salaryforex.com
educationvibrance.com
d49wy.rest
9vl6q6hi.asia
profabsystem.online
takleforcreators.com
alphaextract.xyz
glam55.com
78032.asia
wsmh66.com
dgcustomerfirst100.shop
13445.xyz
office-27.com
kubet11.center
pement.shop
googleov.com
12401.vip
e4c3e.xyz
8yu8xxzk.asia
rewritexrebirth.com
culturevista.com
ibizameltdown.com
pristina.xyz
tdyoul421z.xyz
jimvernon.life
642234.com
kayuikayuisayonara.com
zezefuture.com
gold-coin.pro
dahab-tech.com
frikicool.com
zenithlogisticsintl.com
cdncf.xyz
bintangplay.lol
asteknikservis.com
yiic.asia
qexrhqub.xyz
khalata.com
thebarflybook.com
weareonefilms.com
krgx2.rest
e11.online
7sjili09.com
179724.photos
sammichhousesd.com
gz-bau.com
hairbywendybarrios.shop
msefilo.com
radheyranidailyproduct.com
freathers.com
jarrydgoescaroling.com
cozyhavenfireplacedepot.com
758my.xyz
davidsfork.com
aigirls.studio
walterlewisfitsolutions.com
gayfuckpron.com
taimei-trql018.com
Targets
-
-
Target
Fisses242.bat
-
Size
851KB
-
MD5
96f5ba27b0197df599f8b3c6a7857649
-
SHA1
06d21d98d5ff65532104e073d0cb95444a091cf2
-
SHA256
3ad893089224a6d72a8050457a2d0a3053781e1527c869ce68ce11831f0c81e7
-
SHA512
36803717cc7546210e63ac78705faa6966370278729d34fb33a1dab171599b6c16b41735697919cfe3aa3c84aa8a19f3139866c53cfe165cf195d39d31a64d8d
-
SSDEEP
12288:XcIjd3nQIQsk3na+QiH64keTjXmCSXaIVrfllStkVymDqos1ySIpkAtiN:XcIjUna3iFTT+awllSyMCqNNMi
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-