Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    418d0a404118bfad6b0a926c6f8f8fd587d1a8517e92729531139c6bbe0c0ebb

  • Size

    519KB

  • Sample

    211022-hjx2psbbh5

  • MD5

    2ec3d70225772498f80108a182cce96c

  • SHA1

    6da53a575bb0b6fb0bf43cb08a0d39bf7ba3f70c

  • SHA256

    418d0a404118bfad6b0a926c6f8f8fd587d1a8517e92729531139c6bbe0c0ebb

  • SHA512

    f8f4c39601fdf1fe6e115c9b423fb89d5225b91eb82b4e758945e7143caef6fae55b3df3cd19940e12160f9ea494c3b464be6c3833254a6a78e5765e429e2322

Score
10/10
formbooked9sratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ed9s

C2

http://www.vaughnmethod.com/ed9s/

Decoy

pocketoptioniraq.com

merabestsolutions.com

atelectronics.site

fuxueshi.net

infinitystay.com

forensicconcept.site

txpmachine.com

masterwhs.xyz

dia-gnwsis.art

fulltiltnodes.com

bigbnbbsc.com

formation-figma.com

bonanacroin.net

medicalmarijuanasatx.com

bagnavy.com

aaegiscares.net

presentationpublicschool.com

bestyousite.site

prescriptionn.com

beyondthenormbouquets.com

Targets

    • Target

      418d0a404118bfad6b0a926c6f8f8fd587d1a8517e92729531139c6bbe0c0ebb

    • Size

      519KB

    • MD5

      2ec3d70225772498f80108a182cce96c

    • SHA1

      6da53a575bb0b6fb0bf43cb08a0d39bf7ba3f70c

    • SHA256

      418d0a404118bfad6b0a926c6f8f8fd587d1a8517e92729531139c6bbe0c0ebb

    • SHA512

      f8f4c39601fdf1fe6e115c9b423fb89d5225b91eb82b4e758945e7143caef6fae55b3df3cd19940e12160f9ea494c3b464be6c3833254a6a78e5765e429e2322

    Score
    10/10
    formbooked9sratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks