Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    940-64-0x000000000041F100-mapping.dmp

  • Size

    369KB

  • MD5

    baf353b01bed929b4060346de43f2786

  • SHA1

    b24e998bd505796281f5fa45710e50ef66bf6bd3

  • SHA256

    2c20d78dd8b37121a5708e12f8487c1425af07cc4496177bdd2e6c941dc69823

  • SHA512

    0c3f523907424ffd736fb7c41fc78f3feecb64d1bc2b0f34dee9073081f756c7f261713c49333d9d94eab1a83854d6c1e772a4ca96e958425eae0ee544a0477c

  • SSDEEP

    6144:nKHdPqOUJqaAvafFiVGp0eDVgKHdPqOUJqaAvafFiVGp0eDVu:adPqOUoqfFnZfdPqOUoqfFnZu

Score
10/10
raten27formbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

en27

Decoy

plxfgj.com

lesmarines.online

vacationsme.us

275by.com

bigrodoc.online

xjvcwszbwzd.top

redplanetinc.com

vinyuup.xyz

newbrotherprove.top

219961.com

ompelimosormustin.info

againstaffiliatemarketing.com

beautyrealmm.com

goldentickethomes.com

topfunnel.today

peacsolutoins.com

sztzywygl.com

allfishingtips.com

rcgerlnterac.com

tasweeneloragahar.info

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat

Files

  • 940-64-0x000000000041F100-mapping.dmp