Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b249a16ea50d01651cf9c1f01c97deea48293f1b28735450d62bd0413b93653

  • Size

    329KB

  • Sample

    211113-m2xk4sehg4

  • MD5

    1ad9efcddab819d24cca2f9323395f9e

  • SHA1

    1ffcdd188cb66666cdac14bb8d8b48902bd666e6

  • SHA256

    8b249a16ea50d01651cf9c1f01c97deea48293f1b28735450d62bd0413b93653

  • SHA512

    1afaa2924ef06a5cde9cc1778b892738c126a3311c59e407a931601f5459ec26b7348ed12832cc88399931540d5198407be1c28f4ec7c3d1b98f70ebf15a8046

Score
10/10
formbookkzk9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

    • Target

      8b249a16ea50d01651cf9c1f01c97deea48293f1b28735450d62bd0413b93653

    • Size

      329KB

    • MD5

      1ad9efcddab819d24cca2f9323395f9e

    • SHA1

      1ffcdd188cb66666cdac14bb8d8b48902bd666e6

    • SHA256

      8b249a16ea50d01651cf9c1f01c97deea48293f1b28735450d62bd0413b93653

    • SHA512

      1afaa2924ef06a5cde9cc1778b892738c126a3311c59e407a931601f5459ec26b7348ed12832cc88399931540d5198407be1c28f4ec7c3d1b98f70ebf15a8046

    Score
    10/10
    formbookkzk9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks