General
-
Target
08072024_1335_08072024_Ticket Receipt and Fine.zip
-
Size
1.1MB
-
Sample
240708-qv6f8a1fjn
-
MD5
edb120c3c7ba10757b44febda89237f3
-
SHA1
58db4b1b48740c5ddbe85ff020232206880b62d0
-
SHA256
9c5d13dd9e0dcca87c672e7dfaa0691e8d0d274546bef8568d29b6d1f1a5adad
-
SHA512
26a10e1c4aeaa2c8336f139006cfe670963712075581f252e03e7d7ffa5e8fb4e8b76d3801f11e5f6a2d3b50b7e3c51d8d89aa6a57de489f685e50b745a76eb0
-
SSDEEP
12288:ShBhMEEYeYMzQeqRgtBaJpqyYy0QtQ5z5MEkOeYMBPeqZgt9aJpIeYyeAtd:uHEYwZqoaboyPtsRkOWWq4abGydtd
Static task
static1
Behavioral task
behavioral1
Sample
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
Receipt-30927862-Ticket#0973726-Fines-19346383.exe
Resource
win7-20240704-en
Malware Config
Extracted
formbook
4.1
gb29
deecentshop.xyz
agcpros.com
bzbbkmmf.xyz
marketprofissional.com
891237.com
hwqcoiu.xyz
ultimabet.store
nirikide.shop
rsstationary.com
sareease.com
genaidefense.com
mbn254.shop
92fwq.com
buses.life
zbcgf.shop
cheickfatoumata.com
jkendricksmusic.com
dokalopsia.digital
wr70.top
horebconstructioncorp.com
pqjzr.xyz
mardigreen.com
softlogic.xyz
trustealeaf.com
xzyetyp.com
56moon.com
learndropshippingindia.com
bt365726.com
home-renovation.quest
japclub.com
tinyhandsbreakshearts.com
agstudio.website
combustivelagua.online
azdesertvibes.com
meteorfrocks.fun
emailsports.com
minscbyfvagwye.com
zzzloutre.com
oncharge.news
bl7gik.rest
lsnhp.com
n9p5h7.com
7598812.com
playnene.com
abc8v66.com
finamixinvestments.com
www25716.vip
cb257.pro
24hrsisenough.com
fieldasarite.monster
41859956.com
up72.top
jiwo.life
kjsdhklssk35.xyz
sultan88togel.com
eulernumber.com
awsbrkb.com
ryzune.tech
imagivilleart.com
theinternote.com
cloudcomputingbenefits.com
xn--zfv40q1g814j.net
trikpolatombak3.site
njwaterproof.com
yoursouthjerseylawyer.com
Targets
-
-
Target
Abu Dhabi Police Offenders Publishing Images WSAbuDhabi.exe
-
Size
1.0MB
-
MD5
95a389d0063ee97edc061062e20ec9d9
-
SHA1
f19116d5ece54e04932772d9e795ecca91a04a26
-
SHA256
0a026d4c3ff7d6696cbc3203e0e36549d50e2d4aefdaf05dddbcb81ab2a711a8
-
SHA512
97588f755299139650dc76310ecb665782a3634c86523f11cadcb40f6ff05beb6fe2aa3fede3ab1a821f46e7b57fbba385a651049eaf033e90778fcfbf048162
-
SSDEEP
12288:6tb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgahTyGTydQgE7tkar4r+5:6tb20pkaCqT5TBWgNQ7a1eYtz4r+6A
-
Formbook payload
-
Suspicious use of SetThreadContext
-
-
-
Target
Receipt-30927862-Ticket#0973726-Fines-19346383.exe
-
Size
1.0MB
-
MD5
95a389d0063ee97edc061062e20ec9d9
-
SHA1
f19116d5ece54e04932772d9e795ecca91a04a26
-
SHA256
0a026d4c3ff7d6696cbc3203e0e36549d50e2d4aefdaf05dddbcb81ab2a711a8
-
SHA512
97588f755299139650dc76310ecb665782a3634c86523f11cadcb40f6ff05beb6fe2aa3fede3ab1a821f46e7b57fbba385a651049eaf033e90778fcfbf048162
-
SSDEEP
12288:6tb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgahTyGTydQgE7tkar4r+5:6tb20pkaCqT5TBWgNQ7a1eYtz4r+6A
-
Formbook payload
-
Suspicious use of SetThreadContext
-