Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1996-68-0x000000000041F150-mapping.dmp

  • Size

    369KB

  • MD5

    76884b1369c5cfda1cdca0f74d6e63e2

  • SHA1

    d8146a6aad70f18ba9397c2f09f459ddbd55b2b8

  • SHA256

    a1ae363c820111a6f6a16ca07a65e32099460d88858ed2e09f0557dfc8542c78

  • SHA512

    7c086c5cd54180de2ea886b2ae1802538cb925ad3fe371f5b281f5d789284006a1420e71c57a778bba7d9294eca3c491da316590c9541abfe6c93ba1710679f0

  • SSDEEP

    6144:vSNCJZsqbSEvXc/G6TofkhPKNCJZsqbSEvXc/G6Tofkhn:JJZsoXc+xshxJZsoXc+xshn

Score
10/10
rats92nformbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

s92n

Decoy

granlogiasoberana.com

roblox-so.com

buycarsonline.fyi

thesaleworld.com

laterlifegroup.com

lov3stia.com

frdgg.cfd

businessllp.com

margaretsbeautifiedshop.com

123bet.store

sadalagran.com

psychedelicshippiez.com

bonitaspringskayakrentals.com

thorsbyinsurance.com

visionauto-int.com

k3cosmetic.skin

ilogtv.com

one-big-yes.com

houseofmorrow.com

pisigranjariogrande.online

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat

Files

  • 1996-68-0x000000000041F150-mapping.dmp