Overview

overview

10

Static

static

10

2960-11-0x...ry.exe

windows7-x64

1

2960-11-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2960-11-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    240530-vqsrsaef21

  • MD5

    37277e823446d7da4c630eb9be14ccd4

  • SHA1

    f464e470d515b6b4470281b9dc24ca37c957e017

  • SHA256

    da50105a269b5ecf223f7398cb1f9c57cc23efef88a14b3228d299b3ab0958cf

  • SHA512

    f6aca96d932b249801e60a4168060ea11b7238da9ab25f12be8ad9e2d62f6d642dff9707ff5f1e534bff287b5d6eda5c3853aed14b8f1558f8cc5f70d5cf40a5

  • SSDEEP

    3072:wNrvkNMUvwJS03CCStwYqh99mM5AGCc4KG7lAdiO4vD5T7PL3B:cEaCBlqh99j6NuiQYvD5L3B

Score
10/10
formbookas02rat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

as02

Decoy

qwin777.com

robinhoods.live

h3jh-dal.pics

braindeadcopywriting.com

kktcbet1000.com

mpo0463.cfd

raboteshoes.com

ab1718.com

lowcrusiers.com

gregcopelandmusic.com

dkfndch.store

firstclassuni.com

00ewu1ub.com

shunweichemical.com

sugarits.com

marqify.com

mistmajik.com

trezip.online

tinytables.xyz

suestergocoaching.com

Targets

    • Target

      2960-11-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      37277e823446d7da4c630eb9be14ccd4

    • SHA1

      f464e470d515b6b4470281b9dc24ca37c957e017

    • SHA256

      da50105a269b5ecf223f7398cb1f9c57cc23efef88a14b3228d299b3ab0958cf

    • SHA512

      f6aca96d932b249801e60a4168060ea11b7238da9ab25f12be8ad9e2d62f6d642dff9707ff5f1e534bff287b5d6eda5c3853aed14b8f1558f8cc5f70d5cf40a5

    • SSDEEP

      3072:wNrvkNMUvwJS03CCStwYqh99mM5AGCc4KG7lAdiO4vD5T7PL3B:cEaCBlqh99j6NuiQYvD5L3B

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks