Overview

overview

10

Static

static

10

1600-63-0x...ry.exe

windows7_x64

1

1600-63-0x...ry.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1600-63-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    220602-w41vzsaaa6

  • MD5

    8a4076bb02567c6dca42ef9338c41dc8

  • SHA1

    1a56b3184458619ef9a551b09469db89fa2aee11

  • SHA256

    203d5180094186f6c16a599e06388d6b5a09f922f17fc8346124db9ecf26ea80

  • SHA512

    62b0a212cb4855b3ff3f6e2137e725bd7e7cb9aa7f209dc1ac149baffde27e99b28cf745966b3150e56e44d03f53f9a3ef790b22997ceb19a5e163253a567ef0

Score
10/10
formbookg14srat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g14s

Decoy

highnessmagazine.com

mokeyshop.com

remotedesktop.xyz

bicielettrica.xyz

addoncarzspa.com

ironesteem.com

asset-management-int.com

newportnewsaccounting.com

seriesyonkis2.com

hhivac.com

shrmgattlnow.com

yangzhenyu1.xyz

prettylittlenail.com

phyform.com

fggloballlc.com

gamecentertx.com

apriltoken.com

agalign.com

jointventurecoop.club

pengqianyue.tech

Targets

    • Target

      1600-63-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      8a4076bb02567c6dca42ef9338c41dc8

    • SHA1

      1a56b3184458619ef9a551b09469db89fa2aee11

    • SHA256

      203d5180094186f6c16a599e06388d6b5a09f922f17fc8346124db9ecf26ea80

    • SHA512

      62b0a212cb4855b3ff3f6e2137e725bd7e7cb9aa7f209dc1ac149baffde27e99b28cf745966b3150e56e44d03f53f9a3ef790b22997ceb19a5e163253a567ef0

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks