Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1648-75-0x000000000041F1C0-mapping.dmp

  • Size

    369KB

  • MD5

    abcc6c8272299dd44e13d0547dd86440

  • SHA1

    80e55fa100ffeb71bcc9106fa7fbeb0af2f37bd5

  • SHA256

    540a561cfcffefb640cdf447189cbf266f656019244951ce261807967f554b87

  • SHA512

    8f7884b7efefafff0c5ab401fc602b739fdd422bce41877862ff7f476467c699a174d9eb22d88934054b87258470c397aff06fe27aa69f83c2f05c455b75520d

  • SSDEEP

    6144:ypM5slSLlZwTKnhaRCDpM5slSLlZwTKnhaRCW:15slwlHwRB5slwlHwRx

Score
10/10
ratsg62formbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sg62

Decoy

postenr.com

hh11z.top

datasysperformance.site

cyber-xpert.com

cybearvisual.com

topgkeychins.com

koshdental.com

ag-bathrooms.com

fidgetninjaz.com

cistanbulc.net

synabilisim.com

cocotototutu.xyz

cyberressm.com

tournest.info

drymixsubstrate.com

imsooverthisshit.com

totaleliteme.com

orientalgemco.online

dwpohy-2wps.click

graceresurrection.com

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat

Files

  • 1648-75-0x000000000041F1C0-mapping.dmp