Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    901acb89290700715ed5563a342acfd3f3644ced99a9013e6adcb1ed537a686f

  • Size

    524KB

  • Sample

    211027-t1w2hsffd6

  • MD5

    d26aae849a728c490b95db71c80b5a4a

  • SHA1

    5465db7a78e65a695d86ba0326042c85770e62cc

  • SHA256

    901acb89290700715ed5563a342acfd3f3644ced99a9013e6adcb1ed537a686f

  • SHA512

    ca0ff36d3a56a97d8e4e52e2f6158119cd08df53cc79cb63e4d0618d9556613533ea4e697ee8e6c5b1da02c3cca9b1bed2ea7f8631023ad5f863f352651a40ce

Score
10/10
formbookjy0bratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jy0b

C2

http://www.filecrev.com/jy0b/

Decoy

lamejorimagen.com

mykabukibrush.com

modgon.com

barefoottherapeutics.com

shimpeg.net

trade-sniper.com

chiangkhancityhotel.com

joblessmoni.club

stespritsubways.com

chico-group.com

nni8.xyz

searchtypically.online

jobsyork.com

bestsales-crypto.com

iqmarketing.info

bullcityphotobooths.com

fwssc.icu

1oc87s.icu

usdiesel.xyz

secrets2optimumnutrition.com

Targets

    • Target

      901acb89290700715ed5563a342acfd3f3644ced99a9013e6adcb1ed537a686f

    • Size

      524KB

    • MD5

      d26aae849a728c490b95db71c80b5a4a

    • SHA1

      5465db7a78e65a695d86ba0326042c85770e62cc

    • SHA256

      901acb89290700715ed5563a342acfd3f3644ced99a9013e6adcb1ed537a686f

    • SHA512

      ca0ff36d3a56a97d8e4e52e2f6158119cd08df53cc79cb63e4d0618d9556613533ea4e697ee8e6c5b1da02c3cca9b1bed2ea7f8631023ad5f863f352651a40ce

    Score
    10/10
    formbookjy0bratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks