Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce04d9c3445331248d915104634f5d57dbce0a1f2d58d0a62f67c2c41e9df220

  • Size

    656KB

  • Sample

    211023-mjs5zaccd6

  • MD5

    d0611b9926adb5f09a557b9c8f1d010c

  • SHA1

    518b4a0eb7b11c0056be7393b5b618df025ad661

  • SHA256

    ce04d9c3445331248d915104634f5d57dbce0a1f2d58d0a62f67c2c41e9df220

  • SHA512

    55696413b7b1621f239cbd34955a2c90635380d9461c4e978c1ae859de669f92cbfbc780970e8bb7f77adf4c72b1476edb0b5748204bca45dc68ca66721c0a8f

Score
10/10
formbookkzk9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

    • Target

      ce04d9c3445331248d915104634f5d57dbce0a1f2d58d0a62f67c2c41e9df220

    • Size

      656KB

    • MD5

      d0611b9926adb5f09a557b9c8f1d010c

    • SHA1

      518b4a0eb7b11c0056be7393b5b618df025ad661

    • SHA256

      ce04d9c3445331248d915104634f5d57dbce0a1f2d58d0a62f67c2c41e9df220

    • SHA512

      55696413b7b1621f239cbd34955a2c90635380d9461c4e978c1ae859de669f92cbfbc780970e8bb7f77adf4c72b1476edb0b5748204bca45dc68ca66721c0a8f

    Score
    10/10
    formbookkzk9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks