Overview

overview

10

Static

static

10

1868-138-0...ry.exe

windows7-x64

1

1868-138-0...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1868-138-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    220725-ml5lsadecp

  • MD5

    89b76b886ad3016f3c8070d5dbde9baf

  • SHA1

    820d0dd15414fc9d6e6b5660c4b4baeed8f5d17b

  • SHA256

    6bd94f082512f57fcb947e166756639c2ae2f73cb8ebd4643586ad9f4d41c58a

  • SHA512

    47b3f8414ec76eb103bc5db575a5d90105280eef13e5bf677a33118de8b3f311bd82c4538665d4dadd8ca21977120619e788518ee251b1b3ec04d6c13101c61d

Score
10/10
formbookdf48rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

df48

Decoy

tinder.pw

flowersfoodsbrands.net

broadbandbangalore.com

wittyhealthy.com

mediking.online

pounchbowl.com

gridkart.com

mobrtho.com

starlinerecruitment.com

ernieswinesandliquors.com

dsbvgf.com

messiahbaptist.church

sumsandals.com

familieheineken.online

fikifika.com

beg.wtf

euroconsult.net

radiologist24.com

fuji-privatevilla.com

flemming.store

Targets

    • Target

      1868-138-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      89b76b886ad3016f3c8070d5dbde9baf

    • SHA1

      820d0dd15414fc9d6e6b5660c4b4baeed8f5d17b

    • SHA256

      6bd94f082512f57fcb947e166756639c2ae2f73cb8ebd4643586ad9f4d41c58a

    • SHA512

      47b3f8414ec76eb103bc5db575a5d90105280eef13e5bf677a33118de8b3f311bd82c4538665d4dadd8ca21977120619e788518ee251b1b3ec04d6c13101c61d

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks