Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e647d064a55731e15f05904b636037d2339e84ca425f53cf752004cd8797468

  • Size

    495KB

  • Sample

    210927-aawhhsfdg3

  • MD5

    b60d7ba369775810d35a8f9fdbc57e83

  • SHA1

    91badba118714884ef1c4d51ec2e2680fb6078b9

  • SHA256

    7e647d064a55731e15f05904b636037d2339e84ca425f53cf752004cd8797468

  • SHA512

    3cb867066080ff4b168b4009260969c7c2093cf7ece6e786e2bbbf73b20f2b677829310b932f208e0c3d04bb3e77c9c081c54807bdbbb3931d3ac5865a0d5f76

Score
10/10
formbookfzsgratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fzsg

C2

http://www.grouplmc.com/fzsg/

Decoy

thewetpatch.wtf

oceanfrontrecords.com

ultimatemecha.com

domainnameshq.com

schieksrvservice.com

bedandbreakfastitalia.cloud

rfmlc.com

hightechvids.com

greenvilledermotolgy.com

psilocybinforu.com

xjkerwen.com

euro-d-rev.com

shans-online.com

masterofcrypto.com

gamodaitaliana.online

lavivabet217.com

femsol.online

qafyzey.site

kang17.xyz

kilimlove.com

Targets

    • Target

      7e647d064a55731e15f05904b636037d2339e84ca425f53cf752004cd8797468

    • Size

      495KB

    • MD5

      b60d7ba369775810d35a8f9fdbc57e83

    • SHA1

      91badba118714884ef1c4d51ec2e2680fb6078b9

    • SHA256

      7e647d064a55731e15f05904b636037d2339e84ca425f53cf752004cd8797468

    • SHA512

      3cb867066080ff4b168b4009260969c7c2093cf7ece6e786e2bbbf73b20f2b677829310b932f208e0c3d04bb3e77c9c081c54807bdbbb3931d3ac5865a0d5f76

    Score
    10/10
    formbookfzsgratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks