Overview

overview

10

Static

static

10

3008-15-0x...ry.exe

windows7-x64

1

3008-15-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3008-15-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    241102-teqmlsygjp

  • MD5

    a58fc493f638f3c32646abda764c6ac6

  • SHA1

    672a64ce259d4700ae40729e5889c6051fabce6a

  • SHA256

    48c60efae728aa0add07417516eeabdb76a81f07c81339b8b673be6f66b34e0d

  • SHA512

    a8e752872063a9b1c725f46264011fb8f6d3a289cb446aec13d49b960e9b142b5b34603771eed231c35749bcb88dd3d09a162cbb0118cce86960ec7ee592acc6

  • SSDEEP

    3072:wzwh7M4F0F8zlB+POghYjsYSBqu4Y4NWTdSD/3XiUcIWdBGd194XaNAwjvWt:qCMBig3hY4VqbY4NWc/3XudBGd1qXa

Score
10/10
formbookm49zdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

m49z

Decoy

ormswarm.xyz

awn-care-63587.bond

uymetanail5.online

mergencyloan007.xyz

545.top

eiliao596.pro

ackersandmoverschennai.net

ehdiahmadvandmusicbest.click

tlgxmb2024.cloud

ulfcoastharborhopper.pro

rohns-disease-early-signs.today

oldenhorizonsbgcl.click

weetindulgencepro.xyz

yexoiup.xyz

yself-solar.net

kfirsatimla.online

bropub3.online

ouljourney.online

usvf76f.shop

onnaberich.online

Targets

    • Target

      3008-15-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      a58fc493f638f3c32646abda764c6ac6

    • SHA1

      672a64ce259d4700ae40729e5889c6051fabce6a

    • SHA256

      48c60efae728aa0add07417516eeabdb76a81f07c81339b8b673be6f66b34e0d

    • SHA512

      a8e752872063a9b1c725f46264011fb8f6d3a289cb446aec13d49b960e9b142b5b34603771eed231c35749bcb88dd3d09a162cbb0118cce86960ec7ee592acc6

    • SSDEEP

      3072:wzwh7M4F0F8zlB+POghYjsYSBqu4Y4NWTdSD/3XiUcIWdBGd194XaNAwjvWt:qCMBig3hY4VqbY4NWc/3XudBGd1qXa

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks