Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60ff626adc6a02e50f060f456b0b7f8a11577e923624b3fa8c009d758892439b

  • Size

    611KB

  • Sample

    211118-l3dzqafda7

  • MD5

    c89fd344d9384b955cc20fef4958e0bd

  • SHA1

    e7c13eb4c30a69d907957d8d2d1513dc64d0090d

  • SHA256

    60ff626adc6a02e50f060f456b0b7f8a11577e923624b3fa8c009d758892439b

  • SHA512

    d4148f9961abf20bebfc1ea0e15a3addb53230b4eb1a7da12d0d7617660286b679a6ee0056eb97f36f76f1346dfb4557b53d55d8647db2dbfc5a9763f21ede42

Score
10/10
formbook9gr5ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

    • Target

      60ff626adc6a02e50f060f456b0b7f8a11577e923624b3fa8c009d758892439b

    • Size

      611KB

    • MD5

      c89fd344d9384b955cc20fef4958e0bd

    • SHA1

      e7c13eb4c30a69d907957d8d2d1513dc64d0090d

    • SHA256

      60ff626adc6a02e50f060f456b0b7f8a11577e923624b3fa8c009d758892439b

    • SHA512

      d4148f9961abf20bebfc1ea0e15a3addb53230b4eb1a7da12d0d7617660286b679a6ee0056eb97f36f76f1346dfb4557b53d55d8647db2dbfc5a9763f21ede42

    Score
    10/10
    formbook9gr5ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks