Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb75ee1b5895c0cc2882a850fab0f379ca09653d92a3a7ff8569593125622355

  • Size

    378KB

  • Sample

    211223-f566dshaf5

  • MD5

    a02d732e55ab8113b665d1023f12d242

  • SHA1

    5dadfcbcac22fe66ef5053e6a5468ecf554d3e54

  • SHA256

    eb75ee1b5895c0cc2882a850fab0f379ca09653d92a3a7ff8569593125622355

  • SHA512

    d9d06102430c4c90240ede2515ce4a05293a970a3397e322485b48a7969d17b49b40cb346ce0c0dc466ab8739a1dd6931c802e8115ac8b9d4a4496ecfa51a597

Score
10/10
formbooka83rratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a83r

Decoy

comercializadoralonso.com

durhamschoolservces.com

onegreencapital.com

smartcities24.com

maquinas.store

brianlovesbonsai.com

xin41518s.com

moneyearnus.xyz

be-mix.com

fengyat.club

inspectdecided.xyz

paksafpakistan.com

orhidlnt.top

princesuraj.com

vietnamvodka.com

renewnow.site

imageservices.xyz

luxurytravelfranchise.com

kp112.red

royalyorkfirewood.com

Targets

    • Target

      eb75ee1b5895c0cc2882a850fab0f379ca09653d92a3a7ff8569593125622355

    • Size

      378KB

    • MD5

      a02d732e55ab8113b665d1023f12d242

    • SHA1

      5dadfcbcac22fe66ef5053e6a5468ecf554d3e54

    • SHA256

      eb75ee1b5895c0cc2882a850fab0f379ca09653d92a3a7ff8569593125622355

    • SHA512

      d9d06102430c4c90240ede2515ce4a05293a970a3397e322485b48a7969d17b49b40cb346ce0c0dc466ab8739a1dd6931c802e8115ac8b9d4a4496ecfa51a597

    Score
    10/10
    formbooka83rratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks