Overview

overview

10

Static

static

10

1268-64-0x...ry.exe

windows7_x64

1

1268-64-0x...ry.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1268-64-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    220524-xqw6baaacq

  • MD5

    afca526baa3551d847835320444a4fdf

  • SHA1

    9e5bb70f6648f5956d80bfd2019c7a3f59e16d70

  • SHA256

    c694ac48d98534d80ff69273d6ee38f03a52b249e2320de730e9adc62ba1c1f1

  • SHA512

    073542a6045a607bdca85dfb92438ac2cbd9ac6dcb338d37268f7a7fb19f5909617fa15350e6ee6be46ff6c262a1dd2c7a88332da908076643eff2cbbb1fb005

Score
10/10
formbookpr28rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

pr28

Decoy

warehouseufohighbay.com

kingasia77.xyz

americanoutfittes.com

jemodaevangica.com

holigantv82.com

creamkidslife.com

skillzplanetoutreach.com

goldencityofficial.com

choiceaccessorise.com

kdgkzy.com

patra.tech

chicaglo.com

9491countyroad106.com

theultracleanser.com

lesmacarons.biz

kfaluminum.com

institutodiversidade.com

woodanqnmz.store

teslabuyerusa.com

cityofbastop.com

Targets

    • Target

      1268-64-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      afca526baa3551d847835320444a4fdf

    • SHA1

      9e5bb70f6648f5956d80bfd2019c7a3f59e16d70

    • SHA256

      c694ac48d98534d80ff69273d6ee38f03a52b249e2320de730e9adc62ba1c1f1

    • SHA512

      073542a6045a607bdca85dfb92438ac2cbd9ac6dcb338d37268f7a7fb19f5909617fa15350e6ee6be46ff6c262a1dd2c7a88332da908076643eff2cbbb1fb005

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks