Overview

overview

10

Static

static

10

1176-66-0x...ry.exe

windows7-x64

1

1176-66-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1176-66-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    221219-l6x7rseg63

  • MD5

    bd6634706bfde8e40e055a7779b6a38f

  • SHA1

    c023cda02cc515755b6a8fbcf98143bff7d549a2

  • SHA256

    80a567f9baf4e8cb3b5fc455add9015a098002f5657e83dc0411c120c32adcee

  • SHA512

    ff986a51455d346b98c50fbceadfdb8a1cbce362528c0e23254b0005dbf41aa358132e728d61bc1563886f4927ab5a965e2ae9f4fe406c4deb683f943c5feb5f

  • SSDEEP

    3072:SFU5kFr/XFUkc1z7vSbc1pVassqbUn5GaMeNX2gLZaR3xwyRSjXeb/LC:LuXAHSbYpiqbUn5GaMu2Rwy46bjC

Score
10/10
formbook8rmtrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

8rmt

Decoy

3472cc.com

takecareyourhair.com

kontolajigasd21.xyz

daihaitrinh.net

syncmostlatestinfo-file.info

lovesolutionsastrologist.info

angelapryan.com

rio727casino.com

jjsgagets.com

devyatkina.online

thegoldenbeautyqatar.com

czytaj-unas24live.monster

timepoachers.com

gayxxxporn.site

72308.xyz

kristanolivo.com

hijrahfwd.com

bmfighters.com

alfamx.website

handfulofbabesbows.com

Targets

    • Target

      1176-66-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      bd6634706bfde8e40e055a7779b6a38f

    • SHA1

      c023cda02cc515755b6a8fbcf98143bff7d549a2

    • SHA256

      80a567f9baf4e8cb3b5fc455add9015a098002f5657e83dc0411c120c32adcee

    • SHA512

      ff986a51455d346b98c50fbceadfdb8a1cbce362528c0e23254b0005dbf41aa358132e728d61bc1563886f4927ab5a965e2ae9f4fe406c4deb683f943c5feb5f

    • SSDEEP

      3072:SFU5kFr/XFUkc1z7vSbc1pVassqbUn5GaMeNX2gLZaR3xwyRSjXeb/LC:LuXAHSbYpiqbUn5GaMu2Rwy46bjC

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks