Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1712-4-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • MD5

    147474dec7a5702328d4ce3977b6fa6f

  • SHA1

    0be17959a454e71775af10bfee698425ced9d11f

  • SHA256

    cb30d9786ea7f25eca91760469cddf70c75950163d0596110b6b8cc15a189559

  • SHA512

    84dd4d4ac541201c21b1442230fc266d81f4dde7758f13fccb05ce776f51b69bf9aa55d6507c9fb1db43697c46e08e7788715dad3a33c4875332a8721d46bb57

  • SSDEEP

    3072:E7ryVklfnl56/3FrfNQmsF6V2WKC2DwFo88l21+BVbRMJ:KO/F72J6V2WKCmZkgX9MJ

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gb84

Decoy

ingbd.link

extrakerr.online

ssongg2238.cfd

b0dfwnbfurpbvcd.top

thepawfecttreatbox.com

nrnge.com

detian56.com

bonnieslip.com

hirepaulfleming.com

connectopia.dev

kk295823g.com

notificcf.space

only-copters.com

hookedtoken.top

hpv-faq.com

milliondollarcreditline.com

digital9158.com

871rg.vip

www72382b.com

coachmarkgottfried.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1712-4-0x0000000000400000-0x000000000042F000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.