formbook | b90ee01806b08aaad94e91f90a0c138bfed9be5e2b65ce01785fdbad058139cb

General

Target

2764-14-0x0000000000400000-0x000000000042F000-memory.dmp
Size

188KB
Sample

240916-jj8c4sweql
MD5

560da0a061e06fbc5538bef1cbb11b85
SHA1

bc5e6950fab007e09e19f869e8f08daa29d068b1
SHA256

b90ee01806b08aaad94e91f90a0c138bfed9be5e2b65ce01785fdbad058139cb
SHA512

3af9cff81b4fabd8caeb05031505e9a8c0c49f1ede526338dc5cd375375bfee5ab27fbe16fb36e0cf0cd119a89b652871d2d496d1544b2213c2a4ffbdef17af6
SSDEEP

3072:joIK4kTjmne0jw3UyBgeoacUqfOnUpe4S1rbGYtfRgcHABY4p:juw+U+6acVfOS6DU

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

rn10

Decoy

kedai168et.com

mental-olympics.com

pussybuildsstrongbones.net

857691.shop

hisellers.net

exposurecophotography.com

beaded-boutique.net

wednesdayholdings.com

plesacv.xyz

manonlineros.com

a0204.shop

333689g.com

dyprl716h.xyz

pulseirabet.com

fnet.work

bo-2024-001-v1-d1.xyz

ongaurdsecurity.com

giulianacristini.com

miladamani.com

magicalrealmshopkeeper.online

Targets

- Target
  
  2764-14-0x0000000000400000-0x000000000042F000-memory.dmp
- Size
  
  188KB
- MD5
  
  560da0a061e06fbc5538bef1cbb11b85
- SHA1
  
  bc5e6950fab007e09e19f869e8f08daa29d068b1
- SHA256
  
  b90ee01806b08aaad94e91f90a0c138bfed9be5e2b65ce01785fdbad058139cb
- SHA512
  
  3af9cff81b4fabd8caeb05031505e9a8c0c49f1ede526338dc5cd375375bfee5ab27fbe16fb36e0cf0cd119a89b652871d2d496d1544b2213c2a4ffbdef17af6
- SSDEEP
  
  3072:joIK4kTjmne0jw3UyBgeoacUqfOnUpe4S1rbGYtfRgcHABY4p:juw+U+6acVfOS6DU
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2