Overview

overview

10

Static

static

10

2408-7-0x0...ry.exe

windows7-x64

1

2408-7-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2408-7-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    250110-spsdhsxrhx

  • MD5

    8288402fa4e7c1affe84bd6933f6e1d4

  • SHA1

    eb197f3d1ea9cd41288e7b6fbabfcd6e7690f46a

  • SHA256

    5113d6a7862fefe928335a9d4d24c53d55c749ae8d15a16ef9221105d7b7654f

  • SHA512

    d35314a323696f09adf054380db2a6b6946753670e607cf40551e66dad285783e8e82d84aea9a97dce8dc36bd14aa419f0f07f763d255c8b4283cefd52dd654d

  • SSDEEP

    3072:6aA3meFcnBEycbh9cCqSI/vwUq68X2dJo0XBetlLeSCUvOtY/9:2kE4Cqn/pq/X2pCdktY/

Score
10/10
formbookat22discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

at22

Decoy

etween-us.online

sphaleia.net

ental-implants-78350.bond

q4a.lat

commerce-97292.bond

linds-curtains-38811.bond

gyptevoyages.net

landofigueroa-abogados.net

cuitis.xyz

hantom.city

yzk.online

afikabmedan.store

ome-remodeling-67289.bond

ebpage-klzdxrhnazi.shop

eject.lol

rismart.xyz

nfluencer-marketing-72407.bond

ksolotl.xyz

ebsbayrntilrmizin93.xyz

pps-75399.bond

Targets

    • Target

      2408-7-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      8288402fa4e7c1affe84bd6933f6e1d4

    • SHA1

      eb197f3d1ea9cd41288e7b6fbabfcd6e7690f46a

    • SHA256

      5113d6a7862fefe928335a9d4d24c53d55c749ae8d15a16ef9221105d7b7654f

    • SHA512

      d35314a323696f09adf054380db2a6b6946753670e607cf40551e66dad285783e8e82d84aea9a97dce8dc36bd14aa419f0f07f763d255c8b4283cefd52dd654d

    • SSDEEP

      3072:6aA3meFcnBEycbh9cCqSI/vwUq68X2dJo0XBetlLeSCUvOtY/9:2kE4Cqn/pq/X2pCdktY/

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks