Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    043b45f9d94820186d7324c5f6e0fd7661de15ad29104fd43294e2f3839efa06

  • Size

    834KB

  • Sample

    210927-b5ghhsfec5

  • MD5

    026028926f83ef1d31d0f170210c14f8

  • SHA1

    426ff70d8bc93dfda31e849156e1c1e6c758d371

  • SHA256

    043b45f9d94820186d7324c5f6e0fd7661de15ad29104fd43294e2f3839efa06

  • SHA512

    9ffc26aeffbc0b4fb9fafd6fd884d9f0e4add9dda4c773361ce3296440091dc790719d41d8a641a6475bc072d0a5bd9c53b1ca0c20a9219378bc6ade1c82ec59

Score
10/10
formbookbcktratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

bckt

C2

http://www.picnictablecompany.com/bckt/

Decoy

termoindustrias.com

vcjcfw.com

digitalmoutain.com

outtanowhereentertainment.com

kcreative.design

tea-mails.com

xn--ob0b23la.com

lanyard-for-keys.com

luoyuanqiong.com

goxhome.com

spryandhonner.com

sheltrd.com

aagamdahale.com

charlie-fendius.com

zekesky.com

bills360hub.com

byrsmith.com

emaxpk.com

waterproofselection.com

primelab.xyz

Targets

    • Target

      043b45f9d94820186d7324c5f6e0fd7661de15ad29104fd43294e2f3839efa06

    • Size

      834KB

    • MD5

      026028926f83ef1d31d0f170210c14f8

    • SHA1

      426ff70d8bc93dfda31e849156e1c1e6c758d371

    • SHA256

      043b45f9d94820186d7324c5f6e0fd7661de15ad29104fd43294e2f3839efa06

    • SHA512

      9ffc26aeffbc0b4fb9fafd6fd884d9f0e4add9dda4c773361ce3296440091dc790719d41d8a641a6475bc072d0a5bd9c53b1ca0c20a9219378bc6ade1c82ec59

    Score
    10/10
    formbookbcktratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks