Overview

overview

10

Static

static

10

1516-64-0x...ry.exe

windows7-x64

1

1516-64-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1516-64-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    221210-bh1mwahe7s

  • MD5

    b14074a2595c7bbe6517b52f333b8629

  • SHA1

    2358f0aa1012c5136dfac8442199e3fed2def02c

  • SHA256

    247be3f593956b8388b287ef0822006f399ffe9a331a3579ef77d5782d6f3214

  • SHA512

    8e8a3b089eaa1eb705f8b24670156b01b552ad753d4727bc7f990b1364f2ac460a6bd8ef57c289e723b3167ae635eba76f54f8bb778b0b37390d6826fe40f5b8

  • SSDEEP

    3072:EkawgkmBuqUEpo3kqQ1ntywCjKLB8VZUe4uG55PzqHOFjy35y3QwW/d:7sDmkX1n8TKLB8QkGPzqyj93C/d

Score
10/10
formbooktc10rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

tc10

Decoy

mwigyu.com

sepuluholx.com

nsdigitalagency.com

horrorkore.com

santaclaracoimbrakarate.com

myeternalsummer.com

laosmidnight-lotto.com

haremp.xyz

boyace.top

unusualwithdrawal.com

wildflowerkidsri.com

backlitvps.dev

topwellgas.com

k3nnsworld3.com

wanbang.xyz

cntvc.net

sjcamden.church

pussit24.com

claml.com

statisticsturkey.com

Targets

    • Target

      1516-64-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      b14074a2595c7bbe6517b52f333b8629

    • SHA1

      2358f0aa1012c5136dfac8442199e3fed2def02c

    • SHA256

      247be3f593956b8388b287ef0822006f399ffe9a331a3579ef77d5782d6f3214

    • SHA512

      8e8a3b089eaa1eb705f8b24670156b01b552ad753d4727bc7f990b1364f2ac460a6bd8ef57c289e723b3167ae635eba76f54f8bb778b0b37390d6826fe40f5b8

    • SSDEEP

      3072:EkawgkmBuqUEpo3kqQ1ntywCjKLB8VZUe4uG55PzqHOFjy35y3QwW/d:7sDmkX1n8TKLB8QkGPzqyj93C/d

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks