Overview

overview

10

Static

static

10

296-64-0x0...ry.exe

windows7-x64

1

296-64-0x0...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    296-64-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    230523-hw73faeb58

  • MD5

    04c6627ce1c922b95bc05882e164662a

  • SHA1

    b9467dc78b2349418f3205e7cb5abd95d06f64b7

  • SHA256

    782e3b937debdc7ed8ded954d690b85b6484ce98b265f171acbd84318c55697f

  • SHA512

    40800176bac902667040153bbea41965b220dde42ef09427e86840b42111b5a7d250d6d28106fe9c4ef2d273d59b76b294234b207d43591f207691156ae9c408

  • SSDEEP

    3072:Gd/9V7QOk3mjum8z473AcCk5N6D3RjTsoow9wrLtWRhrbreId7cU2:M3jVTADkv6TRjTSptGn7E

Score
10/10
formbookcs94rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cs94

Decoy

dhaliwal3.com

iptvebay.shop

hsfgass33.top

cammali.com

dcleaningseevicesltd.co.uk

amzosecsn-jp.icu

builtmedia.co.uk

duoguang.top

forumken.net

cqivrh.cfd

lr-nexusark.com

carrirae.shop

jtownexclusive.africa

georoiddemo.online

lefinet.com

otc.rsvp

kitchenpharmacy.co.uk

bbywafz248xca4.com

digijockey.com

9-ji.com

Targets

    • Target

      296-64-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      04c6627ce1c922b95bc05882e164662a

    • SHA1

      b9467dc78b2349418f3205e7cb5abd95d06f64b7

    • SHA256

      782e3b937debdc7ed8ded954d690b85b6484ce98b265f171acbd84318c55697f

    • SHA512

      40800176bac902667040153bbea41965b220dde42ef09427e86840b42111b5a7d250d6d28106fe9c4ef2d273d59b76b294234b207d43591f207691156ae9c408

    • SSDEEP

      3072:Gd/9V7QOk3mjum8z473AcCk5N6D3RjTsoow9wrLtWRhrbreId7cU2:M3jVTADkv6TRjTSptGn7E

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks