Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    259c36b591f16a680dcfdad4bb69e5546c21a1b4a591403578b1f079b236c510

  • Size

    508KB

  • Sample

    211122-pvr36aaeb2

  • MD5

    3c03f77db0179fbee221f073acf42ed5

  • SHA1

    ffa6be670aa6b7b3b4430176e1f4bd7cb27750dd

  • SHA256

    259c36b591f16a680dcfdad4bb69e5546c21a1b4a591403578b1f079b236c510

  • SHA512

    05ec3fac9a4a2cc6e704a98b7c82b8c2a7173d890692eee52b8a7e673b7b784244b7153f27415417aaed35638caa751f36cc2b127db5fd47ad3592085f2c1123

Score
10/10
formbook9gr5ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

    • Target

      259c36b591f16a680dcfdad4bb69e5546c21a1b4a591403578b1f079b236c510

    • Size

      508KB

    • MD5

      3c03f77db0179fbee221f073acf42ed5

    • SHA1

      ffa6be670aa6b7b3b4430176e1f4bd7cb27750dd

    • SHA256

      259c36b591f16a680dcfdad4bb69e5546c21a1b4a591403578b1f079b236c510

    • SHA512

      05ec3fac9a4a2cc6e704a98b7c82b8c2a7173d890692eee52b8a7e673b7b784244b7153f27415417aaed35638caa751f36cc2b127db5fd47ad3592085f2c1123

    Score
    10/10
    formbook9gr5ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks