Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b315a3b92c9e75691b3c5f8d015d4bb932d49e0944d247c379d214ea65dec333

  • Size

    557KB

  • Sample

    211124-mgbg5sfeg3

  • MD5

    2e50559b6e3b580d140dab74cadb3a03

  • SHA1

    08f65099f434abcce2870d5b2a4712448d3fb7e2

  • SHA256

    b315a3b92c9e75691b3c5f8d015d4bb932d49e0944d247c379d214ea65dec333

  • SHA512

    f1176c575ed52985b451c9d6f2cf2b602166e3e8b1c50934527a8de3b611dc7bc6f636cbed39978293d157286384bd1bf31c8f45b51410a522f25d0354e0c270

Score
10/10
formbookob7yratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ob7y

C2

http://www.metanewsroom.net/ob7y/

Decoy

ipsdjf.com

mlphntec.com

restaurant-day.store

writeramylong.com

flokigamefi.com

usetianyi.xyz

punishstrikebreaker.quest

ericnfleming.com

dhhwtieen.xyz

milfhackers.com

fewefie.store

pithstsdiet.store

kirsten-hemmerich.com

casinolopoca.com

sigag.xyz

geilepoes.com

metawhatsapp.art

sarjin.xyz

toprabatte.net

lotofbrave.club

Targets

    • Target

      b315a3b92c9e75691b3c5f8d015d4bb932d49e0944d247c379d214ea65dec333

    • Size

      557KB

    • MD5

      2e50559b6e3b580d140dab74cadb3a03

    • SHA1

      08f65099f434abcce2870d5b2a4712448d3fb7e2

    • SHA256

      b315a3b92c9e75691b3c5f8d015d4bb932d49e0944d247c379d214ea65dec333

    • SHA512

      f1176c575ed52985b451c9d6f2cf2b602166e3e8b1c50934527a8de3b611dc7bc6f636cbed39978293d157286384bd1bf31c8f45b51410a522f25d0354e0c270

    Score
    10/10
    formbookob7yratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks