formbook | fcfda5a7a8b441103c5ba5e977fa23fded824901e5dfe0d47986af8c905dfdd3

General

Target

2232-24-0x0000000000400000-0x000000000042F000-memory.dmp
Size

188KB
Sample

240805-hpkcsszajn
MD5

d674420d04397759b874184370eb35c1
SHA1

aede4a3ef6839a2af0a096df44d081e6d89c7af6
SHA256

fcfda5a7a8b441103c5ba5e977fa23fded824901e5dfe0d47986af8c905dfdd3
SHA512

73bc5bdce21a8fa6ce134c6378c3d7d01fb90ebbdffca4b0d6608debf54276fe2d250ad8f968a9a5f31e82cecee8e3848a4880c7df16837eaacdcfab4d8d34a2
SSDEEP

3072:/SXXk7UgnuF9BEOo3PhtbLZt6o+34KI0sCINxTqML3voe:oAcmPrfH6o+34KIlNZqMD

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

md02

Decoy

onsen1508.com

partymaxclubmen36.click

texasshelvingwarehouse.com

tiantiying.com

taxcredits-pr.com

33mgbet.com

equipoleiremnacional.com

andrewghita.com

zbbnp.xyz

englandbreaking.com

a1b5v.xyz

vizamag.com

h0lg3.rest

ux-design-courses-17184.bond

of84.top

qqkartel88v1.com

avalynkate.com

cpuk-finance.com

yeslabs.xyz

webuyandsellpa.com

Targets

- Target
  
  2232-24-0x0000000000400000-0x000000000042F000-memory.dmp
- Size
  
  188KB
- MD5
  
  d674420d04397759b874184370eb35c1
- SHA1
  
  aede4a3ef6839a2af0a096df44d081e6d89c7af6
- SHA256
  
  fcfda5a7a8b441103c5ba5e977fa23fded824901e5dfe0d47986af8c905dfdd3
- SHA512
  
  73bc5bdce21a8fa6ce134c6378c3d7d01fb90ebbdffca4b0d6608debf54276fe2d250ad8f968a9a5f31e82cecee8e3848a4880c7df16837eaacdcfab4d8d34a2
- SSDEEP
  
  3072:/SXXk7UgnuF9BEOo3PhtbLZt6o+34KI0sCINxTqML3voe:oAcmPrfH6o+34KIlNZqMD
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2