Overview

overview

10

Static

static

10

2156-13-0x...ry.exe

windows7-x64

1

2156-13-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2156-13-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    241102-pw7j8stpas

  • MD5

    40c65e5943b881a10f22e7002ce6dee8

  • SHA1

    5cb42994856ab0a3a3465707e76cc0e4c307bbb8

  • SHA256

    d3784505a531e0bfb67541fb892d420c578a53c3fe0dbecc76644f6aecdc1a73

  • SHA512

    2920d79d1f9770edb03ee61a34ccf61e192a59404195c0ca1c093b1723c5d23f2b59de912d550ac4a1aa8fca85fe8c2147592ddb6b2378423fe1977524cd9521

  • SSDEEP

    3072:wzwh7M4F0F8zlB+POghYjsYSBqu4Y4NWTdSI/3XiUcIWdBGd194XaNAwjvWt:qCMBig3hY4VqbY4NWP/3XudBGd1qXa

Score
10/10
formbookm49zdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

m49z

Decoy

ormswarm.xyz

awn-care-63587.bond

uymetanail5.online

mergencyloan007.xyz

545.top

eiliao596.pro

ackersandmoverschennai.net

ehdiahmadvandmusicbest.click

tlgxmb2024.cloud

ulfcoastharborhopper.pro

rohns-disease-early-signs.today

oldenhorizonsbgcl.click

weetindulgencepro.xyz

yexoiup.xyz

yself-solar.net

kfirsatimla.online

bropub3.online

ouljourney.online

usvf76f.shop

onnaberich.online

Targets

    • Target

      2156-13-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      40c65e5943b881a10f22e7002ce6dee8

    • SHA1

      5cb42994856ab0a3a3465707e76cc0e4c307bbb8

    • SHA256

      d3784505a531e0bfb67541fb892d420c578a53c3fe0dbecc76644f6aecdc1a73

    • SHA512

      2920d79d1f9770edb03ee61a34ccf61e192a59404195c0ca1c093b1723c5d23f2b59de912d550ac4a1aa8fca85fe8c2147592ddb6b2378423fe1977524cd9521

    • SSDEEP

      3072:wzwh7M4F0F8zlB+POghYjsYSBqu4Y4NWTdSI/3XiUcIWdBGd194XaNAwjvWt:qCMBig3hY4VqbY4NWP/3XudBGd1qXa

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks