Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a028b7f272dd96c75716d2268b551576a01ebccaca97bb19da43ec21dbe8514

  • Size

    557KB

  • Sample

    211012-jej5qabgar

  • MD5

    40c9037d2d9cf0ccfd3e4761b732c173

  • SHA1

    5240cf37fb1799ae32d55ee681d53e9166199e56

  • SHA256

    4a028b7f272dd96c75716d2268b551576a01ebccaca97bb19da43ec21dbe8514

  • SHA512

    0ee8344e43aecfc056e6a37c0d84603c0eb3a81bb95770fcd01d28eb25f28c502594aec6e1e3c81a69da74921b52276f52f152c6041c6023312c823b1756ed22

Score
10/10
formbooked9sratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ed9s

C2

http://www.vaughnmethod.com/ed9s/

Decoy

pocketoptioniraq.com

merabestsolutions.com

atelectronics.site

fuxueshi.net

infinitystay.com

forensicconcept.site

txpmachine.com

masterwhs.xyz

dia-gnwsis.art

fulltiltnodes.com

bigbnbbsc.com

formation-figma.com

bonanacroin.net

medicalmarijuanasatx.com

bagnavy.com

aaegiscares.net

presentationpublicschool.com

bestyousite.site

prescriptionn.com

beyondthenormbouquets.com

Targets

    • Target

      4a028b7f272dd96c75716d2268b551576a01ebccaca97bb19da43ec21dbe8514

    • Size

      557KB

    • MD5

      40c9037d2d9cf0ccfd3e4761b732c173

    • SHA1

      5240cf37fb1799ae32d55ee681d53e9166199e56

    • SHA256

      4a028b7f272dd96c75716d2268b551576a01ebccaca97bb19da43ec21dbe8514

    • SHA512

      0ee8344e43aecfc056e6a37c0d84603c0eb3a81bb95770fcd01d28eb25f28c502594aec6e1e3c81a69da74921b52276f52f152c6041c6023312c823b1756ed22

    Score
    10/10
    formbooked9sratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks