Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17b92c9487864557cb7c2d86942ebc55d2af5e348833415366c4dc9a72c69d8f

  • Size

    420KB

  • Sample

    211116-cydnqacag7

  • MD5

    5685ca788dab3b3a1ca6e7825c3b9c57

  • SHA1

    d03f1d15c053935c5209058acd836943e8d4eb15

  • SHA256

    17b92c9487864557cb7c2d86942ebc55d2af5e348833415366c4dc9a72c69d8f

  • SHA512

    dc6cf2edf9efa04bf650753a356b2ed166f06ff4a4094d084b0862bb7ecd132fbc2c6ae4910aa63f83a28ba593495fa77488d16de7232426da74e945c2aef291

Score
10/10
formbook9gr5ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

    • Target

      17b92c9487864557cb7c2d86942ebc55d2af5e348833415366c4dc9a72c69d8f

    • Size

      420KB

    • MD5

      5685ca788dab3b3a1ca6e7825c3b9c57

    • SHA1

      d03f1d15c053935c5209058acd836943e8d4eb15

    • SHA256

      17b92c9487864557cb7c2d86942ebc55d2af5e348833415366c4dc9a72c69d8f

    • SHA512

      dc6cf2edf9efa04bf650753a356b2ed166f06ff4a4094d084b0862bb7ecd132fbc2c6ae4910aa63f83a28ba593495fa77488d16de7232426da74e945c2aef291

    Score
    10/10
    formbook9gr5ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks