Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd2a0d7069cb20517cf2fafcdc12a7d3bd253a3f15d3bd2a66794acdfa928ddf

  • Size

    407KB

  • Sample

    211119-bs432sbfe5

  • MD5

    7b205f9d9573800b94b1547e24f0dbef

  • SHA1

    a8fbc87c776ea5b64d4aa292fca488e785207fef

  • SHA256

    fd2a0d7069cb20517cf2fafcdc12a7d3bd253a3f15d3bd2a66794acdfa928ddf

  • SHA512

    4a80d192c3ea59640700efe20e36e4c90738d9ff181e7665a41d42be95e54c81d51f62779e3e297bb685c40f609c698c29f49b6c9e28e0319cda360cdde0ade3

Score
10/10
formbookob7yratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ob7y

C2

http://www.metanewsroom.net/ob7y/

Decoy

ipsdjf.com

mlphntec.com

restaurant-day.store

writeramylong.com

flokigamefi.com

usetianyi.xyz

punishstrikebreaker.quest

ericnfleming.com

dhhwtieen.xyz

milfhackers.com

fewefie.store

pithstsdiet.store

kirsten-hemmerich.com

casinolopoca.com

sigag.xyz

geilepoes.com

metawhatsapp.art

sarjin.xyz

toprabatte.net

lotofbrave.club

Targets

    • Target

      fd2a0d7069cb20517cf2fafcdc12a7d3bd253a3f15d3bd2a66794acdfa928ddf

    • Size

      407KB

    • MD5

      7b205f9d9573800b94b1547e24f0dbef

    • SHA1

      a8fbc87c776ea5b64d4aa292fca488e785207fef

    • SHA256

      fd2a0d7069cb20517cf2fafcdc12a7d3bd253a3f15d3bd2a66794acdfa928ddf

    • SHA512

      4a80d192c3ea59640700efe20e36e4c90738d9ff181e7665a41d42be95e54c81d51f62779e3e297bb685c40f609c698c29f49b6c9e28e0319cda360cdde0ade3

    Score
    10/10
    formbookob7yratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks