Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e144fefc15a6a2643674f01b3324e29b5320d45a16a081e8aad8a969712cb9d

  • Size

    398KB

  • Sample

    220127-ajftescfdr

  • MD5

    f6eaacd1b39028130602ee0892e67663

  • SHA1

    12ba0b4e8c41ececa29814f9b64da351e5509fb0

  • SHA256

    1e144fefc15a6a2643674f01b3324e29b5320d45a16a081e8aad8a969712cb9d

  • SHA512

    a5705ae52ffde84bbd90d6335f23ffccaccbde9b2e75d2462216662a60cf6a178a6a7f2b318975fd77d05ffc1746c357fc85c717fa2aa20cb480e452e9c5463b

Score
10/10
formbooka83rratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a83r

Decoy

comercializadoralonso.com

durhamschoolservces.com

onegreencapital.com

smartcities24.com

maquinas.store

brianlovesbonsai.com

xin41518s.com

moneyearnus.xyz

be-mix.com

fengyat.club

inspectdecided.xyz

paksafpakistan.com

orhidlnt.top

princesuraj.com

vietnamvodka.com

renewnow.site

imageservices.xyz

luxurytravelfranchise.com

kp112.red

royalyorkfirewood.com

Targets

    • Target

      1e144fefc15a6a2643674f01b3324e29b5320d45a16a081e8aad8a969712cb9d

    • Size

      398KB

    • MD5

      f6eaacd1b39028130602ee0892e67663

    • SHA1

      12ba0b4e8c41ececa29814f9b64da351e5509fb0

    • SHA256

      1e144fefc15a6a2643674f01b3324e29b5320d45a16a081e8aad8a969712cb9d

    • SHA512

      a5705ae52ffde84bbd90d6335f23ffccaccbde9b2e75d2462216662a60cf6a178a6a7f2b318975fd77d05ffc1746c357fc85c717fa2aa20cb480e452e9c5463b

    Score
    10/10
    formbooka83rratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks