Overview

overview

10

Static

static

10

2456-19-0x...ry.exe

windows7-x64

1

2456-19-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2456-19-0x0000000000400000-0x000000000042F000-memory.dmp

  • Size

    188KB

  • Sample

    250206-m53xasvmap

  • MD5

    b84a83ace37231f97f986c0bcf5b4479

  • SHA1

    72db791a3e6524f3d8c6d8873783b86502490813

  • SHA256

    758ee4b005fe9638aada7bed8d04a6fceaaac84afcbd1feeb51bd2678eeef641

  • SHA512

    9e3c050c1c849b9392a74842c678123937b00c3c61237a0c1b4fc16a3d202ad7e4c5b9fa16303eadafac7aa2c2919090d1ed008c716fe54dde7aa1d22b2c7aac

  • SSDEEP

    3072:MKZAFdeEXEk2kSq2Lw+8x579YKoXt3jLd9ssvde9m0Idhcm6U1Y7oWWA:fxg2LDA5qKoXt3fdG6dm0dh0sYMA

Score
10/10
formbookkmgediscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kmge

Decoy

i54ly657ur.autos

stove-10000.bond

furkanenes.live

foziaclothing.shop

peron.app

landscaping-services-88568.bond

home-remodeling-96005.bond

offersnow-store.shop

apsida.tech

ux-design-courses-90368.bond

nb-event-b2b.online

2tdb3dk65m.skin

juniper.fit

eurosirel.info

web-cfe.one

a48268104.top

darkoxygen.info

beautysideup.shop

solar-battery-34557.bond

dib57.top

Targets

    • Target

      2456-19-0x0000000000400000-0x000000000042F000-memory.dmp

    • Size

      188KB

    • MD5

      b84a83ace37231f97f986c0bcf5b4479

    • SHA1

      72db791a3e6524f3d8c6d8873783b86502490813

    • SHA256

      758ee4b005fe9638aada7bed8d04a6fceaaac84afcbd1feeb51bd2678eeef641

    • SHA512

      9e3c050c1c849b9392a74842c678123937b00c3c61237a0c1b4fc16a3d202ad7e4c5b9fa16303eadafac7aa2c2919090d1ed008c716fe54dde7aa1d22b2c7aac

    • SSDEEP

      3072:MKZAFdeEXEk2kSq2Lw+8x579YKoXt3jLd9ssvde9m0Idhcm6U1Y7oWWA:fxg2LDA5qKoXt3fdG6dm0dh0sYMA

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks