Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30c4d8cc68cc16af698b521cf9e31a8540f0c5cce8e2d66e874fc62a87dae393

  • Size

    720KB

  • Sample

    211122-rr5aesfgak

  • MD5

    fef53bf27227284ba5324f1eb1cca516

  • SHA1

    759e18dc1467c5df07561185090ba816953f810f

  • SHA256

    30c4d8cc68cc16af698b521cf9e31a8540f0c5cce8e2d66e874fc62a87dae393

  • SHA512

    a58d1b717db73d30eb2c1f25aabe02535a2bd6d8ef538818320abab84c5e9dcfa2350821e789cdab43d4fce7d703906ac623f7479f83aba7f7a9c73a4cea65ac

Score
10/10
formbookvngbratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vngb

C2

http://www.gvlc0.club/vngb/

Decoy

omertalasvegas.com

payyep.com

modasportss.com

gestionestrategicadl.com

teamolemiss.club

geektranslate.com

versatileventure.com

athletic-hub.com

vitanovaretreats.com

padison8t.com

tutoeasy.com

ediblewholesale.com

kangrungao.com

satode.com

prohibitionfeeds.com

getmorevacations.com

blinkworldbeauty.com

kdlabsallr.com

almanasef.com

transportationservicellc.com

Targets

    • Target

      30c4d8cc68cc16af698b521cf9e31a8540f0c5cce8e2d66e874fc62a87dae393

    • Size

      720KB

    • MD5

      fef53bf27227284ba5324f1eb1cca516

    • SHA1

      759e18dc1467c5df07561185090ba816953f810f

    • SHA256

      30c4d8cc68cc16af698b521cf9e31a8540f0c5cce8e2d66e874fc62a87dae393

    • SHA512

      a58d1b717db73d30eb2c1f25aabe02535a2bd6d8ef538818320abab84c5e9dcfa2350821e789cdab43d4fce7d703906ac623f7479f83aba7f7a9c73a4cea65ac

    Score
    10/10
    formbookvngbratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks