Overview

overview

10

Static

static

10

2532-12-0x...ry.exe

windows7-x64

2532-12-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2532-12-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    240328-e25byseb9w

  • MD5

    a706cc42a0239adf5d45461382f34773

  • SHA1

    46cff98407f17988b02f7331a62b8f17988e336d

  • SHA256

    ef25ca972778ecb0b7be6fa1553f24721852e4ec30cd27adb5e59023dd76b2cf

  • SHA512

    1c1418edf2586f0c335c38bd1a22fb1bf04f59001112197e368b4c0d2fde375067a5c51699ad8b4d8bd3d0dbb396f1b604045ec43b215f0d9403d88102dc3598

  • SSDEEP

    3072:PmUHkiWHJoLJi38/sfn6aJ6klxyCRJ31kWfmMVP9DG4o:u+U8EiaJ6klxBJN+MVP9q4

Score
10/10
formbookdz25rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dz25

Decoy

sdw123.com

theflower-jeju.com

bigbargins.shop

xn--grsdetetizao-dcb9c.site

visionprobiz.com

ebruunalsigorta.xyz

51tree.net

tommeynadier.com

spx21.com

researchupdatehub.com

rserveohio.com

schemaconsultant.com

ec-peleti.com

songkokgelhq.shop

sixfigureswithkarah.net

quickfinancebrokerage.com

alliance-couverture.com

heartlandinnovates.com

art-friday.online

curi-o-rama.com

Targets

    • Target

      2532-12-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      a706cc42a0239adf5d45461382f34773

    • SHA1

      46cff98407f17988b02f7331a62b8f17988e336d

    • SHA256

      ef25ca972778ecb0b7be6fa1553f24721852e4ec30cd27adb5e59023dd76b2cf

    • SHA512

      1c1418edf2586f0c335c38bd1a22fb1bf04f59001112197e368b4c0d2fde375067a5c51699ad8b4d8bd3d0dbb396f1b604045ec43b215f0d9403d88102dc3598

    • SSDEEP

      3072:PmUHkiWHJoLJi38/sfn6aJ6klxyCRJ31kWfmMVP9DG4o:u+U8EiaJ6klxBJN+MVP9q4

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks