Overview

overview

10

Static

static

10

1228-63-0x...ry.exe

windows7-x64

1

1228-63-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1228-63-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    220725-nmwkyadhbq

  • MD5

    3443251bf0ca4a82311c9b7059213fc5

  • SHA1

    501b7400fe4e103fb94dcbde07a0736feeb4bd45

  • SHA256

    d148803569f98a5ca1d00a15ec120e5fae409d0a47b301b67b4cc5772098cd8f

  • SHA512

    2720c87243cf4987cd9baa49637911e30b46be82c280cca8141295f0d852fbdc77d3324f5bb17d71762278d8199d1a3c4559d2aa63c8e537e20ee1445ec14670

Score
10/10
formbookbt62rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

bt62

Decoy

mmajesty.xyz

wildgoodnessgardens.com

luicodraft.xyz

tontobox.store

kericarr.com

taramayoros.com

sluesn.online

tamdavinhlong.com

powdermountain.tours

spydecelular.site

supportjamesbrown.com

lemonzest.store

kofekloud.com

you-got-a-sec.com

sunu-ocr.com

xn--nxw840bmnh.xn--czru2d

thepeninsulachicago.com

cers.online

ozmintmanagement.com

shopninib.com

Targets

    • Target

      1228-63-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      3443251bf0ca4a82311c9b7059213fc5

    • SHA1

      501b7400fe4e103fb94dcbde07a0736feeb4bd45

    • SHA256

      d148803569f98a5ca1d00a15ec120e5fae409d0a47b301b67b4cc5772098cd8f

    • SHA512

      2720c87243cf4987cd9baa49637911e30b46be82c280cca8141295f0d852fbdc77d3324f5bb17d71762278d8199d1a3c4559d2aa63c8e537e20ee1445ec14670

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks