Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Formbook, Formbo | FormBook contains a unique crypter RunPE that has unique behavioral patterns subject to detection. It was initially called "Babushka Crypter" by Insidemalware. |
|
|
AV Detection |
---|
Source: |
Malware Configuration Extractor: |
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
Source: |
Integrated Neural Analysis Model: |
Source: |
Joe Sandbox ML: |
Source: |
Static PE information: |
Source: |
File opened: |
Jump to behavior |
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
Source: |
Code function: |
0_2_012ADBBE | |
Source: |
Code function: |
0_2_0127C2A2 | |
Source: |
Code function: |
0_2_012B698F | |
Source: |
Code function: |
0_2_012B68EE | |
Source: |
Code function: |
0_2_012AD076 | |
Source: |
Code function: |
0_2_012AD3A9 | |
Source: |
Code function: |
0_2_012B979D | |
Source: |
Code function: |
0_2_012B9642 | |
Source: |
Code function: |
0_2_012B9B2B | |
Source: |
Code function: |
0_2_012B5C97 | |
Source: |
Code function: |
4_2_0035F0D3 |
Source: |
Code function: |
4_2_00355AD1 |
Networking |
---|
Source: |
Network Connect: |
Jump to behavior | ||
Source: |
Network Connect: |
Jump to behavior | ||
Source: |
Domain query: |
|||
Source: |
Network Connect: |
Jump to behavior | ||
Source: |
Domain query: |
|||
Source: |
Domain query: |
|||
Source: |
Domain query: |
|||
Source: |
Domain query: |
|||
Source: |
Network Connect: |
Jump to behavior | ||
Source: |
Network Connect: |
Jump to behavior | ||
Source: |
Domain query: |
Source: |
URLs: |
Source: |
DNS query: |
||
Source: |
DNS query: |
||
Source: |
DNS query: |
||
Source: |
DNS query: |
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
Source: |
IP Address: |
||
Source: |
IP Address: |
Source: |
ASN Name: |
||
Source: |
ASN Name: |
||
Source: |
ASN Name: |
||
Source: |
ASN Name: |
||
Source: |
ASN Name: |
Source: |
Code function: |
0_2_012BCF1A |
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
||
Source: |
DNS traffic detected: |
Source: |
HTTP traffic detected: |