Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f13197aff6f530d9883aa1787cd57f4580c4c92bcaa5100f2641924c3e6867a5

  • Size

    503KB

  • Sample

    211021-1alw7abfhm

  • MD5

    af594d3a1f091246b196ac370b8b4900

  • SHA1

    e4c5f155d67e41d87e84593d55f9ba45e0ed58ae

  • SHA256

    f13197aff6f530d9883aa1787cd57f4580c4c92bcaa5100f2641924c3e6867a5

  • SHA512

    6d74490cfd7ff7175a0fa19a4d1ea1c9f08291ae33152e69e82f35b56e0079fd00fdd182e895f48239e78ee3436304c6c590706543d934aa0b3da9c79f936a47

Score
10/10
formbooked9sratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ed9s

C2

http://www.vaughnmethod.com/ed9s/

Decoy

pocketoptioniraq.com

merabestsolutions.com

atelectronics.site

fuxueshi.net

infinitystay.com

forensicconcept.site

txpmachine.com

masterwhs.xyz

dia-gnwsis.art

fulltiltnodes.com

bigbnbbsc.com

formation-figma.com

bonanacroin.net

medicalmarijuanasatx.com

bagnavy.com

aaegiscares.net

presentationpublicschool.com

bestyousite.site

prescriptionn.com

beyondthenormbouquets.com

Targets

    • Target

      f13197aff6f530d9883aa1787cd57f4580c4c92bcaa5100f2641924c3e6867a5

    • Size

      503KB

    • MD5

      af594d3a1f091246b196ac370b8b4900

    • SHA1

      e4c5f155d67e41d87e84593d55f9ba45e0ed58ae

    • SHA256

      f13197aff6f530d9883aa1787cd57f4580c4c92bcaa5100f2641924c3e6867a5

    • SHA512

      6d74490cfd7ff7175a0fa19a4d1ea1c9f08291ae33152e69e82f35b56e0079fd00fdd182e895f48239e78ee3436304c6c590706543d934aa0b3da9c79f936a47

    Score
    10/10
    formbooked9sratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks