Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1503a87935aa5f74d75a2ed9713fbde3faf397d99fc060155e1383b1b8e3f2f6

  • Size

    694KB

  • Sample

    211022-tm7wvscgbp

  • MD5

    bf2302cff715f9a1467dce502cad654d

  • SHA1

    52729ea0b5d8777f3f2939ce690067a82c8eb5de

  • SHA256

    1503a87935aa5f74d75a2ed9713fbde3faf397d99fc060155e1383b1b8e3f2f6

  • SHA512

    2320788a71271f5303fcd4a39268fd273ccbf428e89d72c60851ebad5f2b309031b398aed9c23d068aacf0b1cbd1db5cb550588d48e048f522676f8f754a0998

Score
10/10
formbookmxwfratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

C2

http://www.zahnimplantatangebotede.com/mxwf/

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

    • Target

      1503a87935aa5f74d75a2ed9713fbde3faf397d99fc060155e1383b1b8e3f2f6

    • Size

      694KB

    • MD5

      bf2302cff715f9a1467dce502cad654d

    • SHA1

      52729ea0b5d8777f3f2939ce690067a82c8eb5de

    • SHA256

      1503a87935aa5f74d75a2ed9713fbde3faf397d99fc060155e1383b1b8e3f2f6

    • SHA512

      2320788a71271f5303fcd4a39268fd273ccbf428e89d72c60851ebad5f2b309031b398aed9c23d068aacf0b1cbd1db5cb550588d48e048f522676f8f754a0998

    Score
    10/10
    formbookmxwfratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks