Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc049a2dd0bd12408af44d221301cc85ed0f46cbe7dc0911e6f8be908f6fce38

  • Size

    478KB

  • Sample

    211220-sh7vmaahf4

  • MD5

    a6994db9af566c6bf180e5738ed966a1

  • SHA1

    db179124a5dc6891377d29a796adc8fc32893c20

  • SHA256

    bc049a2dd0bd12408af44d221301cc85ed0f46cbe7dc0911e6f8be908f6fce38

  • SHA512

    1d41face28500234db165ae4a87289c17dcdab5fd67a7345619dd5f3d8024ad03e2d02186e28bf7357ad0c1fb05425c879204ea8b9ec3b5b1ca4512ee981f2c6

Score
10/10
formbooka83rratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a83r

Decoy

comercializadoralonso.com

durhamschoolservces.com

onegreencapital.com

smartcities24.com

maquinas.store

brianlovesbonsai.com

xin41518s.com

moneyearnus.xyz

be-mix.com

fengyat.club

inspectdecided.xyz

paksafpakistan.com

orhidlnt.top

princesuraj.com

vietnamvodka.com

renewnow.site

imageservices.xyz

luxurytravelfranchise.com

kp112.red

royalyorkfirewood.com

Targets

    • Target

      bc049a2dd0bd12408af44d221301cc85ed0f46cbe7dc0911e6f8be908f6fce38

    • Size

      478KB

    • MD5

      a6994db9af566c6bf180e5738ed966a1

    • SHA1

      db179124a5dc6891377d29a796adc8fc32893c20

    • SHA256

      bc049a2dd0bd12408af44d221301cc85ed0f46cbe7dc0911e6f8be908f6fce38

    • SHA512

      1d41face28500234db165ae4a87289c17dcdab5fd67a7345619dd5f3d8024ad03e2d02186e28bf7357ad0c1fb05425c879204ea8b9ec3b5b1ca4512ee981f2c6

    Score
    10/10
    formbooka83rratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks