formbook | b48cd5dd135f49fe8d9cdc519f4924ab040d59976635d4748fe4405bfa736af0

General

Target

2524-19-0x0000000000400000-0x0000000001462000-memory.dmp
Size

16.4MB
Sample

241112-jgsvmsxjb1
MD5

3966002fe03fe50c18c04ae70d1840f7
SHA1

50a3d6ea6ebc8f09ad7445b9af76e7e6f7cb87e8
SHA256

b48cd5dd135f49fe8d9cdc519f4924ab040d59976635d4748fe4405bfa736af0
SHA512

a62dcd347c5a1bb2f83b2b98c292661b64686a4c09ffcec93a492ea98209b2ee15d51ee69f6a4466c280ad15e7b4f7a79e1cb24fa1a70a893810085b1443563a
SSDEEP

3072:f8DUFr1+pQKau+wKcsqSGD1C+iJppE5e5nGofwnXujUaJc73:MA+EGsqBD0ppE5e5GofwnXujUX73

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

hy29

Decoy

obswell.online

etflix.luxury

ulunguwethu.store

ulbcenter.shop

nswering-service-mi-de-tt.click

upport-marketplace84.click

wepxbd163.lat

mplants-doctors.today

aofexf90yj.top

hermodynamic.space

dfg3n489.cyou

off.gay

alkak.cam

ijanarko.net

7tl.site

yaanincma.store

ires-47022.bond

elek4dalt77.xyz

foxsakepeople.online

ndefeatedqs.shop

Targets

- Target
  
  2524-19-0x0000000000400000-0x0000000001462000-memory.dmp
- Size
  
  16.4MB
- MD5
  
  3966002fe03fe50c18c04ae70d1840f7
- SHA1
  
  50a3d6ea6ebc8f09ad7445b9af76e7e6f7cb87e8
- SHA256
  
  b48cd5dd135f49fe8d9cdc519f4924ab040d59976635d4748fe4405bfa736af0
- SHA512
  
  a62dcd347c5a1bb2f83b2b98c292661b64686a4c09ffcec93a492ea98209b2ee15d51ee69f6a4466c280ad15e7b4f7a79e1cb24fa1a70a893810085b1443563a
- SSDEEP
  
  3072:f8DUFr1+pQKau+wKcsqSGD1C+iJppE5e5nGofwnXujUaJc73:MA+EGsqBD0ppE5e5GofwnXujUX73
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2