Overview

overview

10

Static

static

10

2156-13-0x...ry.exe

windows7-x64

1

2156-13-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2156-13-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    241106-r6bxes1ncv

  • MD5

    18c116bb01bd58156b6db3be7914cca3

  • SHA1

    1af26fb344196d2b23b03b9296a45e441421285e

  • SHA256

    771d0f86f53d42a76f4059640786489ffb783b947c2de06ab6e33ef5f33c6e47

  • SHA512

    ab83e77597ed355bec6fe54b42ecf70c0f4a495c75f58949f1f9a323393b58c03bf443dd5122c13ab2a2f834e08e3104853c4b3d71c5bb9fca48e82797d4bbe4

  • SSDEEP

    3072:+AoYFtUdD5bU0+ML+vbE/n3ECKVAqkcNouqamhIHdFhXdOPzW2MBsluE7w3:PZjK+vA/3DKVAqki/qaPdFhtL2YXGw3

Score
10/10
formbookga06discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ga06

Decoy

y1rmgv9c.top

orlifebasma.online

ocxxcakkejka.online

ealthcaretrendstr.bond

quitemtudo.online

oeziad.net

afelajuzq.shop

andasia.net

4web.info

acingdreams.xyz

fcpc.sbs

pin238rtp.lol

olar-systems-panels-91358.bond

ovember222.vip

01639.xyz

xfundz.top

illsol.top

rerise.shop

eavenlavvi.net

rtificial-turf23.online

Targets

    • Target

      2156-13-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      18c116bb01bd58156b6db3be7914cca3

    • SHA1

      1af26fb344196d2b23b03b9296a45e441421285e

    • SHA256

      771d0f86f53d42a76f4059640786489ffb783b947c2de06ab6e33ef5f33c6e47

    • SHA512

      ab83e77597ed355bec6fe54b42ecf70c0f4a495c75f58949f1f9a323393b58c03bf443dd5122c13ab2a2f834e08e3104853c4b3d71c5bb9fca48e82797d4bbe4

    • SSDEEP

      3072:+AoYFtUdD5bU0+ML+vbE/n3ECKVAqkcNouqamhIHdFhXdOPzW2MBsluE7w3:PZjK+vA/3DKVAqki/qaPdFhtL2YXGw3

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks