Overview

overview

10

Static

static

10

1280-61-0x...ry.exe

windows7-x64

1

1280-61-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1280-61-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    230529-mk7dzsbg9y

  • MD5

    f0a903d289ca9ad2cdd44090ed48d5e5

  • SHA1

    4fb25379833e0ef116dbf739a535529a3ea74742

  • SHA256

    1643acff4fe2eb741feaf659736e820be88a71713262eceb7ec0d16b74ecfe9e

  • SHA512

    c7c9c850dbdc9263f04956f9387b6b85640d906cfb31b0e7eef0d6de1d9882441557b36edc991462c94934956b7ad97be448a074822c60bc13face0d860ddeb7

  • SSDEEP

    3072:pwz7E5Viz3bR3MJrMSGFT7CZSbEgpba64ZYIQ4RAOD+3R:9yNMtVGN7CZSb/w64ZXQIE3R

Score
10/10
formbookmr04rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mr04

Decoy

toursardegna.net

bewiseracademy.com

xianchengkeji.net

storyboardtools.com

sourcedwatches.co.uk

filmmu.com

elpayasocantarinpeluquin.com

dyogomotta.com

roguearborist.net

flycitytravel.com

lessstressmoreprogress.net

faircoins.xyz

greatfoodscorp.com

iqpari.click

369u-jp.com

fuvahmulahscubacafe.com

jaxsearch.com

iqpari.help

huodongdang.com

yetcox.online

Targets

    • Target

      1280-61-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      f0a903d289ca9ad2cdd44090ed48d5e5

    • SHA1

      4fb25379833e0ef116dbf739a535529a3ea74742

    • SHA256

      1643acff4fe2eb741feaf659736e820be88a71713262eceb7ec0d16b74ecfe9e

    • SHA512

      c7c9c850dbdc9263f04956f9387b6b85640d906cfb31b0e7eef0d6de1d9882441557b36edc991462c94934956b7ad97be448a074822c60bc13face0d860ddeb7

    • SSDEEP

      3072:pwz7E5Viz3bR3MJrMSGFT7CZSbEgpba64ZYIQ4RAOD+3R:9yNMtVGN7CZSb/w64ZXQIE3R

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks