Overview

overview

10

Static

static

10

1484-64-0x...ry.exe

windows7-x64

1

1484-64-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1484-64-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    221209-jdkd4afe6v

  • MD5

    61870994e6c788ca3d3a84ee82a820e4

  • SHA1

    3323be34c8620ca97d385d37d2fbdb481fb7d252

  • SHA256

    e19af05eea974aee0be74f416413835c78d8dce57987ef403d6e3eaca01a40a8

  • SHA512

    0aa778d5429c1dd3e35d4672c3ab9e8d64ce85f31545d16f09bd032263527c0372c0f5eac2a2b254b3dd96e3f5f8d2636d27195f9b960124312065306974fea4

  • SSDEEP

    3072:EkawgkmBuqUEpo3kqQ1ntywCjKLB8VZUeNuG55PzqHOFjy35y3QwW/d:7sDmkX1n8TKLB8QzGPzqyj93C/d

Score
10/10
formbooktc10rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

tc10

Decoy

mwigyu.com

sepuluholx.com

nsdigitalagency.com

horrorkore.com

santaclaracoimbrakarate.com

myeternalsummer.com

laosmidnight-lotto.com

haremp.xyz

boyace.top

unusualwithdrawal.com

wildflowerkidsri.com

backlitvps.dev

topwellgas.com

k3nnsworld3.com

wanbang.xyz

cntvc.net

sjcamden.church

pussit24.com

claml.com

statisticsturkey.com

Targets

    • Target

      1484-64-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      61870994e6c788ca3d3a84ee82a820e4

    • SHA1

      3323be34c8620ca97d385d37d2fbdb481fb7d252

    • SHA256

      e19af05eea974aee0be74f416413835c78d8dce57987ef403d6e3eaca01a40a8

    • SHA512

      0aa778d5429c1dd3e35d4672c3ab9e8d64ce85f31545d16f09bd032263527c0372c0f5eac2a2b254b3dd96e3f5f8d2636d27195f9b960124312065306974fea4

    • SSDEEP

      3072:EkawgkmBuqUEpo3kqQ1ntywCjKLB8VZUeNuG55PzqHOFjy35y3QwW/d:7sDmkX1n8TKLB8QzGPzqyj93C/d

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks