General

  • Target

    2000-65-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • MD5

    8e17a09307ae5ab7b16a7f28f0dde698

  • SHA1

    ba09d039cdda7e54d64b26f94255b2e019446af2

  • SHA256

    8629ecc7583af52cfc3a2898c7c01c1b4344bf24bd60e7a8a2f1771f5d2f43b0

  • SHA512

    48b28c7daafc47805732790c051a0dd26a2aeabe06fcefc6baf42ec866faf6c49b2d58a8c8809909a58b18aea9797e048a1a52444116d38364bf66c81b5ad2d2

  • SSDEEP

    3072:lqXONkOlwpno75f3esylwb6y1KNHsLv6Z/mZjiLBGm:5jfe7G6y1KNPZ/KGL

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

k04s

Decoy

draanabellrojas.com

in03.one

kyraloves.co.uk

laluma.store

londoncell.com

kanurikibueadvocates.com

buyeasynow.net

escapefromtarkov-wiki.com

crewint.net

f-b.boats

beautyaidstudio.com

ashfieldconsultancy.uk

dlogsadood.com

ftgam.xyz

constantinopanama.com

yellowpocket.africa

konyil.com

easomobility.com

1135wickloecourt.com

indexb2b.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs

Files

  • 2000-65-0x0000000000400000-0x000000000042F000-memory.dmp
    .exe windows x86


    Headers

    Sections