Overview

overview

10

Static

static

10

2152-3-0x0...ry.exe

windows7-x64

1

2152-3-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2152-3-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    241107-n5tjassajg

  • MD5

    8a1702cede3ab67ad24a99ecd3e258fa

  • SHA1

    3d6f258dff9320c66f14dfc06648aa7011ba0eb9

  • SHA256

    e2cb242ac6a4f3ad510f9f4f0a0a2ae1b695e0b2717553dc5896f931c7f5e856

  • SHA512

    8321c3336f08abd01cdfeb2443e52d464f6e14104cdcd0256a3fe640058b18cbbcf6b13260a15e831db9b821e39e816af00303820774d146629cd0218f27bef2

  • SSDEEP

    3072:7D8fFrWEJBZPxs9Bz9CE88K59qx1YseY9RbTZ2x5pLMOLAiVRJdk9Skhz7UGtBs3:0cEvWz9z8zqx1Yseu4vl0iVRJdk9SkhE

Score
10/10
formbookms84discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ms84

Decoy

ecurity-ukgaxq.xyz

45ee.top

risiddivinayaka.net

tizip-skill.xyz

ostcanadantet.top

764.xyz

oco188rtp.xyz

lobalacessory.shop

qcq-serve.xyz

dameth.top

arge-eycert.xyz

yzwj-she.xyz

bgfrp-plant.xyz

emesiartwork.net

rcw-hotel.xyz

loor-dfqzpi.xyz

vidence-zvkkln.xyz

oisthuchoyarura.shop

959108ttltxfm842.top

apzcc-both.xyz

Targets

    • Target

      2152-3-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      8a1702cede3ab67ad24a99ecd3e258fa

    • SHA1

      3d6f258dff9320c66f14dfc06648aa7011ba0eb9

    • SHA256

      e2cb242ac6a4f3ad510f9f4f0a0a2ae1b695e0b2717553dc5896f931c7f5e856

    • SHA512

      8321c3336f08abd01cdfeb2443e52d464f6e14104cdcd0256a3fe640058b18cbbcf6b13260a15e831db9b821e39e816af00303820774d146629cd0218f27bef2

    • SSDEEP

      3072:7D8fFrWEJBZPxs9Bz9CE88K59qx1YseY9RbTZ2x5pLMOLAiVRJdk9Skhz7UGtBs3:0cEvWz9z8zqx1Yseu4vl0iVRJdk9SkhE

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks