Overview

overview

10

Static

static

10

2492-3-0x0...ry.exe

windows7-x64

1

2492-3-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2492-3-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    240924-hwpwvsydqh

  • MD5

    3da80db0471219756d5318575012e956

  • SHA1

    f673a41577e99f7a5bdf8ddab759c1d3c9486623

  • SHA256

    ad2f783544d0b2d1b2d40b59bba7a58c2082200df38ef09eceecfd99c6259d73

  • SHA512

    d65f66ec6aa0b41d1e9e9c5dbb5f1a2eb2fff6915d0bba925a76c940dd7105b79e3b7738ac463cd2ce5a79137ee9d507cd54914bfa46191e9f9067fd2b69350d

  • SSDEEP

    3072:LeyvXFFJNDIcTyhk4I6RJpzfqaa53Ozpn7v5tUUU85yDb0Sde0huy1o:H3R4I6LSaa53ev5tfFSg0R1

Score
10/10
formbooke62sdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

e62s

Decoy

ellinksa.shop

uckyspinph.xyz

owdark.net

arriage-therapy-72241.bond

w7ijko4rv4p97b.top

heirbuzzwords.buzz

aspart.shop

ctivemail5-kagoya-com.info

shacertification9.shop

zitcd65k3.buzz

llkosoi.info

ru8.info

rhgtrdjdjykyetrdjftd.buzz

yschoollist.kiwi

oftfolio.online

rograma-de-almacen-2.online

oudoarms.top

mwquas.xyz

orjagaucha.website

nlinechat-mh.online

Targets

    • Target

      2492-3-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      3da80db0471219756d5318575012e956

    • SHA1

      f673a41577e99f7a5bdf8ddab759c1d3c9486623

    • SHA256

      ad2f783544d0b2d1b2d40b59bba7a58c2082200df38ef09eceecfd99c6259d73

    • SHA512

      d65f66ec6aa0b41d1e9e9c5dbb5f1a2eb2fff6915d0bba925a76c940dd7105b79e3b7738ac463cd2ce5a79137ee9d507cd54914bfa46191e9f9067fd2b69350d

    • SSDEEP

      3072:LeyvXFFJNDIcTyhk4I6RJpzfqaa53Ozpn7v5tUUU85yDb0Sde0huy1o:H3R4I6LSaa53ev5tfFSg0R1

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks