General

  • Target

    1680-3-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    240925-he3rdstdla

  • MD5

    3b565363da0e0f10621a665eb25f98ce

  • SHA1

    e0b13f554af393de7e29520b1711beb79801da06

  • SHA256

    dc0f022cc5e9ec9bfde0872d12657c831394e60c91c5dbdb5295a87bc277f7db

  • SHA512

    56a68af272d6e72f3939f5f0b35144e1fd581e48e82b07fa1f46d428b0812764323c6a41d27f5966eafecf647108f317c4f4bf6e4d8aff65490700788d95e58e

  • SSDEEP

    3072:xzfyD8FkMxx4otkfpfMi8IAr1L4uOHBNJAdwCbNuf8E9:yZKwpfLoZL4uOHBNJAdzbNXC

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jd21

Decoy

bankownedproperties-0.bond

slab-leak-repair-74697.bond

tvtwenty20sr.top

scw-iot.net

circusenergy.online

030002787.xyz

propertiesforrentus11.bond

defi-banksystem.online

gkbet168.net

joycasino-ed46.top

sctttc-or.top

borghardt.xyz

therealtorpeddler.info

macexpress.online

bobbyharvey.store

dating-dd-de.info

thetrue.one

alqahtani.site

mahlubini.africa

truck-driver-jobs-42274.bond

Targets

    • Target

      1680-3-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      3b565363da0e0f10621a665eb25f98ce

    • SHA1

      e0b13f554af393de7e29520b1711beb79801da06

    • SHA256

      dc0f022cc5e9ec9bfde0872d12657c831394e60c91c5dbdb5295a87bc277f7db

    • SHA512

      56a68af272d6e72f3939f5f0b35144e1fd581e48e82b07fa1f46d428b0812764323c6a41d27f5966eafecf647108f317c4f4bf6e4d8aff65490700788d95e58e

    • SSDEEP

      3072:xzfyD8FkMxx4otkfpfMi8IAr1L4uOHBNJAdwCbNuf8E9:yZKwpfLoZL4uOHBNJAdzbNXC

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks