formbook | 5f01cdd53a5f0991a42cc89bf0569ce7dba71c7d991b49b998daa0fad5648aa3

General

Target

2656-25-0x0000000000400000-0x000000000042F000-memory.exe
Size

188KB
Sample

250126-dzcy9a1rej
MD5

fa862a406b374fe1717a6833e2dac044
SHA1

3622470179894ccfab27aa9700d0e143c2f7b398
SHA256

5f01cdd53a5f0991a42cc89bf0569ce7dba71c7d991b49b998daa0fad5648aa3
SHA512

9fdcc4e564db0d8b7ff6fd250e8664fa64caf07b0411ba078d8ec1b556e44a1edbaa6d957e1154ee84fda2df1bf59e3f6c4d25766d68f6fd6426a81ceef34e35
SSDEEP

3072:fiUkOFr0NBN+6cMQnjhQvAUtZcHqq9q1ydC/JxMfStJjVedJL:UTNBlqhQvBtgqoq1ydC/4fStJjY

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a02d

Decoy

coplus.market

oofing-jobs-74429.bond

healchemists.xyz

oofcarpenternearme-jp.xyz

enewebsolutions.online

harepoint.legal

88977.club

omptables.xyz

eat-pumps-31610.bond

endown.graphics

amsexgirls.website

ovevibes.xyz

u-thiensu.online

yblinds.xyz

rumpchiefofstaff.store

erzog.fun

rrm.lat

agiclime.pro

agaviet59.shop

lbdoanhnhan.net

Targets

- Target
  
  2656-25-0x0000000000400000-0x000000000042F000-memory.exe
- Size
  
  188KB
- MD5
  
  fa862a406b374fe1717a6833e2dac044
- SHA1
  
  3622470179894ccfab27aa9700d0e143c2f7b398
- SHA256
  
  5f01cdd53a5f0991a42cc89bf0569ce7dba71c7d991b49b998daa0fad5648aa3
- SHA512
  
  9fdcc4e564db0d8b7ff6fd250e8664fa64caf07b0411ba078d8ec1b556e44a1edbaa6d957e1154ee84fda2df1bf59e3f6c4d25766d68f6fd6426a81ceef34e35
- SSDEEP
  
  3072:fiUkOFr0NBN+6cMQnjhQvAUtZcHqq9q1ydC/JxMfStJjVedJL:UTNBlqhQvBtgqoq1ydC/4fStJjY
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2