formbook | bbb3bf1deaef06ebae9bf68b949c63002b3c9c8f1f4693d8950daaee842c8928

General

Target

1796-14-0x0000000000400000-0x000000000042F000-memory.dmp
Size

188KB
Sample

240927-k6cqdsveqn
MD5

b59c029ad2e1aeff94480fe91cfebee9
SHA1

e7fc158f3acc03ac1108be3caf15cd90654e002e
SHA256

bbb3bf1deaef06ebae9bf68b949c63002b3c9c8f1f4693d8950daaee842c8928
SHA512

638619dac5f4b4f788590ad6f4a6f792b1aa06e0ebc5a112b7a75c7201c5273e0aaaedaf63816c0ad3428b424e58db12089eee3afccb0ad75cee4e7b2597430f
SSDEEP

3072:o/9sQc1gHuINe4Uq5p+Fnnx4q4guKBdLCrAfmw/RBCteAQrh:IDHwmpinaq4tKBdLyomMDFN

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

btrd

Decoy

everslane.com

prairieviewelectric.online

dszvhgd.com

papamuch.com

8129k.vip

jeffreestar.gold

bestguestrentals.com

nvzhuang1.net

anangtoto.com

yxfgor.top

practicalpoppers.com

thebestanglephotography.online

koormm.top

criika.net

audioflow.online

380747.net

jiuguanwang.net

bloxequities.com

v321c.com

sugar.monster

Targets

- Target
  
  1796-14-0x0000000000400000-0x000000000042F000-memory.dmp
- Size
  
  188KB
- MD5
  
  b59c029ad2e1aeff94480fe91cfebee9
- SHA1
  
  e7fc158f3acc03ac1108be3caf15cd90654e002e
- SHA256
  
  bbb3bf1deaef06ebae9bf68b949c63002b3c9c8f1f4693d8950daaee842c8928
- SHA512
  
  638619dac5f4b4f788590ad6f4a6f792b1aa06e0ebc5a112b7a75c7201c5273e0aaaedaf63816c0ad3428b424e58db12089eee3afccb0ad75cee4e7b2597430f
- SSDEEP
  
  3072:o/9sQc1gHuINe4Uq5p+Fnnx4q4guKBdLCrAfmw/RBCteAQrh:IDHwmpinaq4tKBdLyomMDFN
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2