Overview

overview

10

Static

static

10

2196-13-0x...ry.exe

windows7-x64

1

2196-13-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2196-13-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    240518-bqa27adc8x

  • MD5

    1798b3d43a4759f1600761166ffbace1

  • SHA1

    04a6bc264e910b055fbec38142040869a6701168

  • SHA256

    ce97b83a3cd52f6199f5011970980fef73d40abe11428f97f16a6a93abc58893

  • SHA512

    b27e8fc88f8eb3801d23a5712949b9c58ee1b54634cb33031e0970bd6f3ba93791151ecbc40f4c916ea4b70c14ef27a566c509bdbe7875ae2b4918e65370f18f

  • SSDEEP

    3072:JncbkDcxkrWi4c3EyeofZ8CHHKaJOC1/MU78EA9tU2nwhS0B9:zoizExCxKaJOCvRCt1wrB9

Score
10/10
formbookpz12rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

pz12

Decoy

paucanyes.com

autonwheels.com

cowboysandcaviarbar.com

fitnessengineeredworkouts.com

nuevobajonfavorito.com

dflx8.com

rothability.com

sxybet88.com

onesource.live

brenjitu1904.com

airdrop-zero1labs.com

guangdongqiangzhetc.com

apartments-for-rent-72254.bond

ombak99.lol

qqfoodsolutions.com

kyyzz.com

thepicklematch.com

ainth.com

missorris.com

gabbygomez.com

Targets

    • Target

      2196-13-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      1798b3d43a4759f1600761166ffbace1

    • SHA1

      04a6bc264e910b055fbec38142040869a6701168

    • SHA256

      ce97b83a3cd52f6199f5011970980fef73d40abe11428f97f16a6a93abc58893

    • SHA512

      b27e8fc88f8eb3801d23a5712949b9c58ee1b54634cb33031e0970bd6f3ba93791151ecbc40f4c916ea4b70c14ef27a566c509bdbe7875ae2b4918e65370f18f

    • SSDEEP

      3072:JncbkDcxkrWi4c3EyeofZ8CHHKaJOC1/MU78EA9tU2nwhS0B9:zoizExCxKaJOCvRCt1wrB9

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks