Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92c90d735148f7fd056e2d53bf44239f3fdab6b029e78d3ed6077d9c7f40aef2

  • Size

    490KB

  • Sample

    210927-aak2safdg2

  • MD5

    3b2d25157b1d79ec200db1564b696bc8

  • SHA1

    4e188e851f36fe716494fc805039b4f30f0b3c96

  • SHA256

    92c90d735148f7fd056e2d53bf44239f3fdab6b029e78d3ed6077d9c7f40aef2

  • SHA512

    d9071b6d905382c6ab94675cd65c35ef7fd11ae0f9e2dd2dc4fcf8a921807f7ae271e0730efe98dd858e284f185edd57866fac818c2a9c712e96b5c7f9df48f2

Score
10/10
formbookbcktratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

bckt

C2

http://www.picnictablecompany.com/bckt/

Decoy

termoindustrias.com

vcjcfw.com

digitalmoutain.com

outtanowhereentertainment.com

kcreative.design

tea-mails.com

xn--ob0b23la.com

lanyard-for-keys.com

luoyuanqiong.com

goxhome.com

spryandhonner.com

sheltrd.com

aagamdahale.com

charlie-fendius.com

zekesky.com

bills360hub.com

byrsmith.com

emaxpk.com

waterproofselection.com

primelab.xyz

Targets

    • Target

      92c90d735148f7fd056e2d53bf44239f3fdab6b029e78d3ed6077d9c7f40aef2

    • Size

      490KB

    • MD5

      3b2d25157b1d79ec200db1564b696bc8

    • SHA1

      4e188e851f36fe716494fc805039b4f30f0b3c96

    • SHA256

      92c90d735148f7fd056e2d53bf44239f3fdab6b029e78d3ed6077d9c7f40aef2

    • SHA512

      d9071b6d905382c6ab94675cd65c35ef7fd11ae0f9e2dd2dc4fcf8a921807f7ae271e0730efe98dd858e284f185edd57866fac818c2a9c712e96b5c7f9df48f2

    Score
    10/10
    formbookbcktratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks