Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c4aa39e200cb4303a3e5970bbedb5a1bb1baa656c3fc2286f82392a91e4a4ea

  • Size

    511KB

  • Sample

    211021-1aj3labfgj

  • MD5

    6923309c1cf759930f67710ac9dfd328

  • SHA1

    e74291e311e8466dd7222a2eb3779848385dd3fa

  • SHA256

    3c4aa39e200cb4303a3e5970bbedb5a1bb1baa656c3fc2286f82392a91e4a4ea

  • SHA512

    993dbcc6063f3a1b293fb3e2c794f1f817a4703d5b21154fc47e02998f72e334cca38b820c6f657a8345775690eed93f2a8f9202b453490735bc89cebf3ecbd5

Score
10/10
formbookkzk9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

    • Target

      3c4aa39e200cb4303a3e5970bbedb5a1bb1baa656c3fc2286f82392a91e4a4ea

    • Size

      511KB

    • MD5

      6923309c1cf759930f67710ac9dfd328

    • SHA1

      e74291e311e8466dd7222a2eb3779848385dd3fa

    • SHA256

      3c4aa39e200cb4303a3e5970bbedb5a1bb1baa656c3fc2286f82392a91e4a4ea

    • SHA512

      993dbcc6063f3a1b293fb3e2c794f1f817a4703d5b21154fc47e02998f72e334cca38b820c6f657a8345775690eed93f2a8f9202b453490735bc89cebf3ecbd5

    Score
    10/10
    formbookkzk9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks