Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2cd05a280197535b97ed43fb3d55bdc7bb2efe223f7dd869e7595f0f61d23fe2

  • Size

    762KB

  • Sample

    211108-tddxescdd3

  • MD5

    4dfe1b1d893df419b7e6ae730db2c3d6

  • SHA1

    917b67693326bb1fa7029c02b49c3ee01a3709ef

  • SHA256

    2cd05a280197535b97ed43fb3d55bdc7bb2efe223f7dd869e7595f0f61d23fe2

  • SHA512

    c4de7d9ff458cd846cade7030e3cde2b633089c8ecda5c8de287859234cb0329f7ab885406d47226b2dbb1d88a691299f66af1309acba6552dbf5233075193bb

Score
10/10
formbooks18yratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

s18y

C2

http://www.agentpathleurre.space/s18y/

Decoy

jokes-online.com

dzzdjn.com

lizzieerhardtebnaryepptts.com

interfacehand.xyz

sale-m.site

block-facebook.com

dicasdamadrinha.com

maythewind.com

hasari.net

omnists.com

thevalley-eg.com

rdfj.xyz

szhfcy.com

alkalineage.club

fdf.xyz

absorplus.com

poldolongo.com

badassshirts.club

ferienwohnungenmv.com

bilboondokoak.com

Targets

    • Target

      2cd05a280197535b97ed43fb3d55bdc7bb2efe223f7dd869e7595f0f61d23fe2

    • Size

      762KB

    • MD5

      4dfe1b1d893df419b7e6ae730db2c3d6

    • SHA1

      917b67693326bb1fa7029c02b49c3ee01a3709ef

    • SHA256

      2cd05a280197535b97ed43fb3d55bdc7bb2efe223f7dd869e7595f0f61d23fe2

    • SHA512

      c4de7d9ff458cd846cade7030e3cde2b633089c8ecda5c8de287859234cb0329f7ab885406d47226b2dbb1d88a691299f66af1309acba6552dbf5233075193bb

    Score
    10/10
    formbooks18yratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks