formbook | 5f9500dd5c0cdf34717510f7bd408401adb0df6daece9e112ce3d60500f9ad48

General

Target

2904-61-0x0000000000400000-0x000000000042F000-memory.dmp
Size

188KB
Sample

241025-v4zggstcpm
MD5

08c85f6c46fa379b5d384995aa620ae7
SHA1

4dbddd37af3a125724839757e0c789fbebe7a76b
SHA256

5f9500dd5c0cdf34717510f7bd408401adb0df6daece9e112ce3d60500f9ad48
SHA512

02a7056869a48b6811c05ada15b62482e70c13ac489e7a645ff8852d1705ec24d5572f87671f1d41014c5c7bafd08cc4652bb91a329a77df84cb711122894d51
SSDEEP

3072:dhGO6kjN4q3u1C31zYFPjaEsmi8pmYZZvbN/AYSXUoEzI:JX/c01UVjaEsmSIvbayI

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

k13s

Decoy

runbe.fun

factrip.com

zalenterprises.net

yoyufoods.com

soniakmahajan.com

jdfdht.site

provenimpact.net

hotelsmadridairport.com

avondalemclarenparts.com

champagnepelissot.com

dqnshtvn.click

barbarahensonrealestate.com

jrys117.top

amb168g.pro

zionsystem.live

highcaliberhusbands.com

dsc-marketing.com

outlemax.com

legalloanmaster.com

sky71.link

Targets

- Target
  
  2904-61-0x0000000000400000-0x000000000042F000-memory.dmp
- Size
  
  188KB
- MD5
  
  08c85f6c46fa379b5d384995aa620ae7
- SHA1
  
  4dbddd37af3a125724839757e0c789fbebe7a76b
- SHA256
  
  5f9500dd5c0cdf34717510f7bd408401adb0df6daece9e112ce3d60500f9ad48
- SHA512
  
  02a7056869a48b6811c05ada15b62482e70c13ac489e7a645ff8852d1705ec24d5572f87671f1d41014c5c7bafd08cc4652bb91a329a77df84cb711122894d51
- SSDEEP
  
  3072:dhGO6kjN4q3u1C31zYFPjaEsmi8pmYZZvbN/AYSXUoEzI:JX/c01UVjaEsmSIvbayI
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2