Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94ba0bcb6b19c2d7cec1891c5b5c52d60d7de643321429991605b86e26f8b032

  • Size

    1.3MB

  • Sample

    211213-1rqxgaech2

  • MD5

    6c71189c5a7288a11777939182a68580

  • SHA1

    686cbd09f3c3bff6e5cab8c1eef99d102d0e4cfc

  • SHA256

    94ba0bcb6b19c2d7cec1891c5b5c52d60d7de643321429991605b86e26f8b032

  • SHA512

    694cdc1cb5c492f2f3a81a5370ba04a431ffa09604e83bc9be6ea65911903d878c2ac63fb86bd61bdd88579ed030f9928b47dd3dea2686d5cd29e584f3e59943

Score
10/10
formbookvngbratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vngb

C2

http://www.gvlc0.club/vngb/

Decoy

omertalasvegas.com

payyep.com

modasportss.com

gestionestrategicadl.com

teamolemiss.club

geektranslate.com

versatileventure.com

athletic-hub.com

vitanovaretreats.com

padison8t.com

tutoeasy.com

ediblewholesale.com

kangrungao.com

satode.com

prohibitionfeeds.com

getmorevacations.com

blinkworldbeauty.com

kdlabsallr.com

almanasef.com

transportationservicellc.com

Targets

    • Target

      94ba0bcb6b19c2d7cec1891c5b5c52d60d7de643321429991605b86e26f8b032

    • Size

      1.3MB

    • MD5

      6c71189c5a7288a11777939182a68580

    • SHA1

      686cbd09f3c3bff6e5cab8c1eef99d102d0e4cfc

    • SHA256

      94ba0bcb6b19c2d7cec1891c5b5c52d60d7de643321429991605b86e26f8b032

    • SHA512

      694cdc1cb5c492f2f3a81a5370ba04a431ffa09604e83bc9be6ea65911903d878c2ac63fb86bd61bdd88579ed030f9928b47dd3dea2686d5cd29e584f3e59943

    Score
    10/10
    formbookvngbratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks