Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f8d5d1f035d14a94abe8191fb35dd70961af3590ec61a0e90afdb322cd5e18b

  • Size

    393KB

  • Sample

    211028-m4rsmscbh4

  • MD5

    fdebcac35105439faeecb9658e617a8c

  • SHA1

    2ab30ddc845cf8664fbc96f82263f89fca255cec

  • SHA256

    3f8d5d1f035d14a94abe8191fb35dd70961af3590ec61a0e90afdb322cd5e18b

  • SHA512

    3e6ce3997aed664225be3fc363e4343fc8af70f610ef0502001beb9cd679efa09af94e637556b971f4b929c819e2fb5fb8352a6e7c9c1372034084368a3af123

Score
10/10
formbookkzk9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

    • Target

      3f8d5d1f035d14a94abe8191fb35dd70961af3590ec61a0e90afdb322cd5e18b

    • Size

      393KB

    • MD5

      fdebcac35105439faeecb9658e617a8c

    • SHA1

      2ab30ddc845cf8664fbc96f82263f89fca255cec

    • SHA256

      3f8d5d1f035d14a94abe8191fb35dd70961af3590ec61a0e90afdb322cd5e18b

    • SHA512

      3e6ce3997aed664225be3fc363e4343fc8af70f610ef0502001beb9cd679efa09af94e637556b971f4b929c819e2fb5fb8352a6e7c9c1372034084368a3af123

    Score
    10/10
    formbookkzk9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks