Overview

overview

10

Static

static

10

352-21-0x0...ry.exe

windows7-x64

1

352-21-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    352-21-0x0000000000400000-0x000000000042A000-memory.dmp

  • Size

    168KB

  • Sample

    240725-dtwt6svgrp

  • MD5

    ea1f87d884f7e1725703253f44421685

  • SHA1

    149fc6aab754a3b0b9aaabc622b551f6535367e0

  • SHA256

    416d47cae8553f65b0a304ad2414f6d6dec0b9dd273ca56c84967b624c7b57e8

  • SHA512

    4f23fc415f33e6f1124494fe464f4031d3c749c1b84c1ed01c0b6c513e1068e22c3de93673067524623f90abf122afa0fab8bde789f49f25af4728d989c7d7b0

  • SSDEEP

    3072:uira2cYeBwABNWkLVU8CmXVgG+g4aLkOpK//u1eURptjvrZKrxUuB/tZyJ:utAeBthU8BXVgzg4aLU+7V6xbB/tZyJ

Score
10/10
formbookowdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

ow

Decoy

piavecaffe.com

jlxkqg.men

lifesavingfoundation.net

karadasama.net

michaeltraolach-macsweeney.com

thunderwatches.com

serviciocasawhirlpool.biz

c-cap.online

itparksolution.com

clarityhearingkw.com

wpgrosiri.date

colemarshalcambell.com

webperffest.com

adjusterforirma.info

buildersqq.com

spiritualwisdominindia.com

111222333.net

traditionalarabicdishes.com

hmlifi.com

receive-our-info-heredaily.info

Targets

    • Target

      352-21-0x0000000000400000-0x000000000042A000-memory.dmp

    • Size

      168KB

    • MD5

      ea1f87d884f7e1725703253f44421685

    • SHA1

      149fc6aab754a3b0b9aaabc622b551f6535367e0

    • SHA256

      416d47cae8553f65b0a304ad2414f6d6dec0b9dd273ca56c84967b624c7b57e8

    • SHA512

      4f23fc415f33e6f1124494fe464f4031d3c749c1b84c1ed01c0b6c513e1068e22c3de93673067524623f90abf122afa0fab8bde789f49f25af4728d989c7d7b0

    • SSDEEP

      3072:uira2cYeBwABNWkLVU8CmXVgG+g4aLkOpK//u1eURptjvrZKrxUuB/tZyJ:utAeBthU8BXVgzg4aLU+7V6xbB/tZyJ

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks