Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e1dd4b7b29ab0e8fd9b9b7236dc1d9620639e44a1c14a0853ce1d25dc1d6967

  • Size

    460KB

  • Sample

    211103-nmmyssdfd6

  • MD5

    fe106b61ef944f0109bf0b220a2f8325

  • SHA1

    626ca889135b8c91dd82c8598dfbd97fb1ad123d

  • SHA256

    2e1dd4b7b29ab0e8fd9b9b7236dc1d9620639e44a1c14a0853ce1d25dc1d6967

  • SHA512

    1d61daa266321cfdb2759e3ce24c108f2d79579303a7aa7392b335600eecad10b49a790607af897fa7a4008b86f2540b626db33cc4c47c68bcc9390bfdbe304f

Score
10/10
formbookjy0bratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jy0b

C2

http://www.filecrev.com/jy0b/

Decoy

lamejorimagen.com

mykabukibrush.com

modgon.com

barefoottherapeutics.com

shimpeg.net

trade-sniper.com

chiangkhancityhotel.com

joblessmoni.club

stespritsubways.com

chico-group.com

nni8.xyz

searchtypically.online

jobsyork.com

bestsales-crypto.com

iqmarketing.info

bullcityphotobooths.com

fwssc.icu

1oc87s.icu

usdiesel.xyz

secrets2optimumnutrition.com

Targets

    • Target

      2e1dd4b7b29ab0e8fd9b9b7236dc1d9620639e44a1c14a0853ce1d25dc1d6967

    • Size

      460KB

    • MD5

      fe106b61ef944f0109bf0b220a2f8325

    • SHA1

      626ca889135b8c91dd82c8598dfbd97fb1ad123d

    • SHA256

      2e1dd4b7b29ab0e8fd9b9b7236dc1d9620639e44a1c14a0853ce1d25dc1d6967

    • SHA512

      1d61daa266321cfdb2759e3ce24c108f2d79579303a7aa7392b335600eecad10b49a790607af897fa7a4008b86f2540b626db33cc4c47c68bcc9390bfdbe304f

    Score
    10/10
    formbookjy0bratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks