Overview

overview

10

Static

static

10

2904-7-0x0...ry.exe

windows7-x64

1

2904-7-0x0...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2904-7-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    230824-ls824sdb2z

  • MD5

    6a54d792e46dab045d65a162c0885fab

  • SHA1

    344bf0824d5204eaa99c37401924ffc17151a077

  • SHA256

    eb849cef9ed778ab58e46f726d6729f2f4776d56732df8859c5413986e74158d

  • SHA512

    bde3939c0a4e7dae8a4dd616e172d7c432a049de099963f3b5f36df3177c175aa6755afecbed03a4ab8b897ca5bf793337b6e0b84e717a04187d11c6ab1ff255

  • SSDEEP

    3072:9q3v2kOwf8h3jD5iy3UHY8+M/wLKO4C4mA9PBy4h5gczn8xlg4:28hUkU48+uQKO4C4mQBT5PQxe4

Score
10/10
formbookr08crat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

r08c

Decoy

concretecontractornorfolk.com

itproaudit.com

thelandlorddoctor.com

albanywatercolorgroup.com

arppi.icu

mintkeysolutions.com

tjsjtx.site

ravendistributors.com

austrocan.com

realyogawear.store

theofficialtrumpcards.com

givingacare.com

chantaldesjardinsauthor.com

militraytimes.com

coworkerorai.com

etherprint.xyz

asia123.online

kbjbk.com

greenpeaceful.net

yyqqt4.xyz

Targets

    • Target

      2904-7-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      6a54d792e46dab045d65a162c0885fab

    • SHA1

      344bf0824d5204eaa99c37401924ffc17151a077

    • SHA256

      eb849cef9ed778ab58e46f726d6729f2f4776d56732df8859c5413986e74158d

    • SHA512

      bde3939c0a4e7dae8a4dd616e172d7c432a049de099963f3b5f36df3177c175aa6755afecbed03a4ab8b897ca5bf793337b6e0b84e717a04187d11c6ab1ff255

    • SSDEEP

      3072:9q3v2kOwf8h3jD5iy3UHY8+M/wLKO4C4mA9PBy4h5gczn8xlg4:28hUkU48+uQKO4C4mQBT5PQxe4

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks