formbook | feb4cce7449fbbd8a25352e81ed5886c7818598c1fa6f96ff70bbe8a071cbab9

General

Target

2172-11-0x0000000000400000-0x000000000042F000-memory.dmp
Size

188KB
Sample

240828-c5evcstcpm
MD5

7140c2bb93b2a810495c1df750057607
SHA1

d1f5f3c568652b5d91346cc42c64bc0db125b594
SHA256

feb4cce7449fbbd8a25352e81ed5886c7818598c1fa6f96ff70bbe8a071cbab9
SHA512

af9227cc34982e6c1d3e91933e85444cb91fb48d68b04aa22f074f0081e25e4a26ef816ef6fcb899e473c7783c765391184e4bef9f2a99187e33e24b15f1da4d
SSDEEP

3072:7hnn7kzMRq9Hnt3eS3Cr/q14eO35604+ImiGVijQjw48cyiXVo5DsuQ:7vEheQgq14es6FAGcym6m

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ph01

Decoy

23888.sbs

zvcj.sbs

raitpourtrait.net

ibraryfarmclub.online

omputercourses123.live

j88.doctor

atsue-color.click

epitalrentgrup.online

rvvpn.lol

i-signals.tech

cr-phoenix.best

frican-safari.online

c-games.zone

oardetest.online

f4md.shop

uke-saaac.buzz

arze.dev

nvestment-services-49610.bond

izatrip.sbs

ameron-paaaa.buzz

Targets

- Target
  
  2172-11-0x0000000000400000-0x000000000042F000-memory.dmp
- Size
  
  188KB
- MD5
  
  7140c2bb93b2a810495c1df750057607
- SHA1
  
  d1f5f3c568652b5d91346cc42c64bc0db125b594
- SHA256
  
  feb4cce7449fbbd8a25352e81ed5886c7818598c1fa6f96ff70bbe8a071cbab9
- SHA512
  
  af9227cc34982e6c1d3e91933e85444cb91fb48d68b04aa22f074f0081e25e4a26ef816ef6fcb899e473c7783c765391184e4bef9f2a99187e33e24b15f1da4d
- SSDEEP
  
  3072:7hnn7kzMRq9Hnt3eS3Cr/q14eO35604+ImiGVijQjw48cyiXVo5DsuQ:7vEheQgq14es6FAGcym6m
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2