Overview

overview

10

Static

static

10

1296-64-0x...ry.exe

windows7-x64

1

1296-64-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1296-64-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    221210-c4xzjseg83

  • MD5

    539e287e2c404a08ac9ed0749ef9262d

  • SHA1

    dedee29e1f05b7bc9d6725ded917724132dc2a75

  • SHA256

    6ec4d5218f5fc900bca3f8c2364472e16f664e04633e636b11911c453c3dd92f

  • SHA512

    c693a91fbbe99a0b0a113664642951a656df896ee2ef16d3655937396e888e167cad2affe79e410be33f3c8947a1d40d3fa514553922668c12994a048806eb80

  • SSDEEP

    3072:crsoxzTkc1cMvYr3gdBlaqZYUIt1PuJOPgCWUyQNXh/eBTOe:ouDg/gqZYUItFPjWUy4xmBZ

Score
10/10
formbooksk19rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sk19

Decoy

21diasdegratitud.com

kx1993.com

chasergt.com

837news.com

naturagent.co.uk

gatorinsurtech.com

iyaboolashilesblog.africa

jamtanganmurah.online

gguminsa.com

lilliesdrop.com

lenvera.com

link48.co.uk

azinos777.fun

lgcdct.cfd

bg-gobtc.com

livecarrer.uk

cbq4u.com

imalreadygone.com

wabeng.africa

jxmheiyouyuetot.tokyo

Targets

    • Target

      1296-64-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      539e287e2c404a08ac9ed0749ef9262d

    • SHA1

      dedee29e1f05b7bc9d6725ded917724132dc2a75

    • SHA256

      6ec4d5218f5fc900bca3f8c2364472e16f664e04633e636b11911c453c3dd92f

    • SHA512

      c693a91fbbe99a0b0a113664642951a656df896ee2ef16d3655937396e888e167cad2affe79e410be33f3c8947a1d40d3fa514553922668c12994a048806eb80

    • SSDEEP

      3072:crsoxzTkc1cMvYr3gdBlaqZYUIt1PuJOPgCWUyQNXh/eBTOe:ouDg/gqZYUItFPjWUy4xmBZ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks