Overview

overview

10

Static

static

10

1960-146-0...ry.exe

windows7-x64

1

1960-146-0...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1960-146-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    221128-v1pg4sgb6s

  • MD5

    e1cd137e8155e6dbbb9a67fbb6c5fad8

  • SHA1

    3aaa830f8588f102e0da888f3431f91e92dc9381

  • SHA256

    b3c8101db7524bed27316a33d356ac893e5fb3ad3a4455d89f3611bfc66f1805

  • SHA512

    0cffad3a74e9a6a10a40f16c7ea770dfcb0b4eb9da7c36fbf2cafe4ee8de7dab8c5b32cb877fa26e491f33357deed62e843657c29bfb39b871ae864200ef93d2

  • SSDEEP

    3072:MWvTEdBa7XSq933Jjaw7a697LsuDFsz8W6F7WtsP86BD:5K8x3haca697LbDiz8W6F7W1I

Score
10/10
formbookdv22rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dv22

Decoy

ivk-muc.com

theplantgranny.net

efefefficient.buzz

car-deals-87506.com

yangcongzhibo.net

empiralventures.com

latexpillo.com

ferramentafivizzanese.shop

kx1553.com

timamollo.africa

paran6787.net

fabicilio.online

kreativnettchen.shop

manakamana.co.uk

andreapeverelli.shop

jianf.site

kmqan.xyz

aoshilang.com

dnsmctmu.com

pumpkinsmp.net

Targets

    • Target

      1960-146-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      e1cd137e8155e6dbbb9a67fbb6c5fad8

    • SHA1

      3aaa830f8588f102e0da888f3431f91e92dc9381

    • SHA256

      b3c8101db7524bed27316a33d356ac893e5fb3ad3a4455d89f3611bfc66f1805

    • SHA512

      0cffad3a74e9a6a10a40f16c7ea770dfcb0b4eb9da7c36fbf2cafe4ee8de7dab8c5b32cb877fa26e491f33357deed62e843657c29bfb39b871ae864200ef93d2

    • SSDEEP

      3072:MWvTEdBa7XSq933Jjaw7a697LsuDFsz8W6F7WtsP86BD:5K8x3haca697LbDiz8W6F7W1I

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks