Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57a68c7a430cad458e15cea14ecde4f27f4d2fc3384cc4440fbd5fe16d967e4f

  • Size

    383KB

  • Sample

    211223-pr8xhaaegq

  • MD5

    2f290f29a4f5415e8abb8c5a883fe4c4

  • SHA1

    9985bf3afa61a1ab2e13ea6df7ae2a109380dc7d

  • SHA256

    57a68c7a430cad458e15cea14ecde4f27f4d2fc3384cc4440fbd5fe16d967e4f

  • SHA512

    8880fa2462c2980e293e4f598685eb4fd4fb8610407e1844445e995c2a5a581ffbc8fc7ef30a705aeb4f689b9289af84af223515323f13af66d88b6ac0b6f07d

Score
10/10
formbooka83rratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a83r

Decoy

comercializadoralonso.com

durhamschoolservces.com

onegreencapital.com

smartcities24.com

maquinas.store

brianlovesbonsai.com

xin41518s.com

moneyearnus.xyz

be-mix.com

fengyat.club

inspectdecided.xyz

paksafpakistan.com

orhidlnt.top

princesuraj.com

vietnamvodka.com

renewnow.site

imageservices.xyz

luxurytravelfranchise.com

kp112.red

royalyorkfirewood.com

Targets

    • Target

      57a68c7a430cad458e15cea14ecde4f27f4d2fc3384cc4440fbd5fe16d967e4f

    • Size

      383KB

    • MD5

      2f290f29a4f5415e8abb8c5a883fe4c4

    • SHA1

      9985bf3afa61a1ab2e13ea6df7ae2a109380dc7d

    • SHA256

      57a68c7a430cad458e15cea14ecde4f27f4d2fc3384cc4440fbd5fe16d967e4f

    • SHA512

      8880fa2462c2980e293e4f598685eb4fd4fb8610407e1844445e995c2a5a581ffbc8fc7ef30a705aeb4f689b9289af84af223515323f13af66d88b6ac0b6f07d

    Score
    10/10
    formbooka83rratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks