Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9db7f117e5fc750e78b0178003bca82684a2a36f951fa0d3a59a58bd178a302

  • Size

    697KB

  • Sample

    211022-tdb3tscgap

  • MD5

    f94dd54fedbdf4f0f6992c781476e4a4

  • SHA1

    93fb57ab3c31b5fa13827670a003ea203ff904d5

  • SHA256

    d9db7f117e5fc750e78b0178003bca82684a2a36f951fa0d3a59a58bd178a302

  • SHA512

    fadf4a955ef4d3d0162c66ac896046177d86b2e9f401e5c02be2b181755827629e617584b853f5f4aa5393391834700ad103cc755e71482b0c3a4b40f7f65ace

Score
10/10
formbookkzk9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

    • Target

      d9db7f117e5fc750e78b0178003bca82684a2a36f951fa0d3a59a58bd178a302

    • Size

      697KB

    • MD5

      f94dd54fedbdf4f0f6992c781476e4a4

    • SHA1

      93fb57ab3c31b5fa13827670a003ea203ff904d5

    • SHA256

      d9db7f117e5fc750e78b0178003bca82684a2a36f951fa0d3a59a58bd178a302

    • SHA512

      fadf4a955ef4d3d0162c66ac896046177d86b2e9f401e5c02be2b181755827629e617584b853f5f4aa5393391834700ad103cc755e71482b0c3a4b40f7f65ace

    Score
    10/10
    formbookkzk9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks