Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb1a7fdf49ef074c93385c99303fb92155f677f17c17dff1f1ad5967700d6410

  • Size

    808KB

  • Sample

    211103-dt1s5aabgk

  • MD5

    62b82b3f411287f6234158f5581a6514

  • SHA1

    5da452ae017604c6df4ed28f0032f66364356eb6

  • SHA256

    eb1a7fdf49ef074c93385c99303fb92155f677f17c17dff1f1ad5967700d6410

  • SHA512

    77c05201e5740811c3733941e00084e3a376162cf4a2229407b9ae96e19d1cf4bcf71de9861dab7afa0e310ca8401c1c1141c3aaba55a83add550bdc5b7d7d7b

Score
10/10
formbookmxwfratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

C2

http://www.zahnimplantatangebotede.com/mxwf/

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

    • Target

      eb1a7fdf49ef074c93385c99303fb92155f677f17c17dff1f1ad5967700d6410

    • Size

      808KB

    • MD5

      62b82b3f411287f6234158f5581a6514

    • SHA1

      5da452ae017604c6df4ed28f0032f66364356eb6

    • SHA256

      eb1a7fdf49ef074c93385c99303fb92155f677f17c17dff1f1ad5967700d6410

    • SHA512

      77c05201e5740811c3733941e00084e3a376162cf4a2229407b9ae96e19d1cf4bcf71de9861dab7afa0e310ca8401c1c1141c3aaba55a83add550bdc5b7d7d7b

    Score
    10/10
    formbookmxwfratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks