formbook | 48617c36ea5d49d4c27b92dc12d19ec4810628ddf99ae94c8a1030d38a41102b

General

Target

2684-17-0x0000000000400000-0x000000000042E000-memory.dmp
Size

184KB
Sample

241102-s8stdsycjb
MD5

cb9d554d8c50c64c154dc15b4cd7bed6
SHA1

59c8eac75f0c3c3ea4435ee353c527fee6d4503f
SHA256

48617c36ea5d49d4c27b92dc12d19ec4810628ddf99ae94c8a1030d38a41102b
SHA512

75fe16348d315b2e7e8d69747c83612b23d3c6cde923f4c13f8250cfc1b3370cf3351c58ea7993cf4462b1b3f6440f15d8396b0b3470c74db617799b446dd760
SSDEEP

3072:iMPuOyxRhh1jiXi8fIssaJ2DHmHj1Q/884MvRALAo1lrwbP:B0XhiS8wPaJ2DGHj1HiRGAo/W

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

j7e

Decoy

cefuoficial.com

luxmusicclub.com

getridofmyed.xyz

sports-plaza.com

peteropsomer.com

kemendi.com

divinciresolve.com

readtogrowup.com

hidex-corp.com

aladininternational.com

snesait.art

ezzpick.net

saveashow.com

eazyprintsplus.com

usadatesclub.com

rafaelraf.com

themiamadison.com

regarta.com

aiocitys.net

ahorn-invest.com

Targets

- Target
  
  2684-17-0x0000000000400000-0x000000000042E000-memory.dmp
- Size
  
  184KB
- MD5
  
  cb9d554d8c50c64c154dc15b4cd7bed6
- SHA1
  
  59c8eac75f0c3c3ea4435ee353c527fee6d4503f
- SHA256
  
  48617c36ea5d49d4c27b92dc12d19ec4810628ddf99ae94c8a1030d38a41102b
- SHA512
  
  75fe16348d315b2e7e8d69747c83612b23d3c6cde923f4c13f8250cfc1b3370cf3351c58ea7993cf4462b1b3f6440f15d8396b0b3470c74db617799b446dd760
- SSDEEP
  
  3072:iMPuOyxRhh1jiXi8fIssaJ2DHmHj1Q/884MvRALAo1lrwbP:B0XhiS8wPaJ2DGHj1HiRGAo/W
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2