General

  • Target

    1492-73-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • Sample

    221129-p8f8tabc45

  • MD5

    268c4abb6ff22531d36fec669692703c

  • SHA1

    4957db903667b7aee15bad4a8b571ab4845b6ca9

  • SHA256

    3d6db15b26da391c52752c8cad38b6d5d16ff60d9e41159399494b1d0152392b

  • SHA512

    1d6511284b448de4e6032bda87099bb155e0d7dd3d1c3064fabebc7df951d5307a6eb2e21d64054a183b4d43ef53e9733b886a6beccfed2fc0442406d18abcb5

  • SSDEEP

    3072:UW+b1hdhZl0KDMrT6sWqYYtbSmbBGLSE/fxLG1/aYvG7WXwMIyI:uHDy6IvNbELX/fxLG1/aYvG7U8y

Score
10/10

Malware Config

Extracted

Family

formbook

Campaign

k0ud

Decoy

KKDeo2UqDEnUCpVOQojSRXBi

2tZJH0HRrIOVDeTfmg==

MKSmj+CZhRhujjE=

s5bXm6Sadg2zBdu7hw==

8mGZiJJg7IwdLLs+pPMOfKhNGytf

ngJVQAUrwkHr

n91w0jH0iJFIpiaP

lWk89cFyI5pIpiaP

3r4L8XkqBgU3dCR30w4ZcMRga0A=

l53c8qJWOTJroVjOHBlgjJs=

y0It19ubd+FIpiaP

9Xqagljz0BeZp7ryuO4I

gxIH4giok36VxknyuO4I

tAZMOEL32FgOEBvnr8gQcg==

w0p+SzTMwKm8BcW1gw==

kxD3oaFJ6xlOeHqH

jp4I7QirduJ8slPyuO4I

LSxuX8BlRh0yWAWTEhlgjJs=

ZrTTvJ49FI8rZ09psvo=

LLSsX0XevItIpiaP

Targets

    • Target

      1492-73-0x0000000000400000-0x000000000042E000-memory.dmp

    • Size

      184KB

    • MD5

      268c4abb6ff22531d36fec669692703c

    • SHA1

      4957db903667b7aee15bad4a8b571ab4845b6ca9

    • SHA256

      3d6db15b26da391c52752c8cad38b6d5d16ff60d9e41159399494b1d0152392b

    • SHA512

      1d6511284b448de4e6032bda87099bb155e0d7dd3d1c3064fabebc7df951d5307a6eb2e21d64054a183b4d43ef53e9733b886a6beccfed2fc0442406d18abcb5

    • SSDEEP

      3072:UW+b1hdhZl0KDMrT6sWqYYtbSmbBGLSE/fxLG1/aYvG7WXwMIyI:uHDy6IvNbELX/fxLG1/aYvG7U8y

    Score
    5/10
    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Tasks