Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0be852dc052384c403f96e94c0f681c8d4b2429dbb413f9abe896e39f5cb7285

  • Size

    408KB

  • Sample

    220127-qs3ybaddfr

  • MD5

    6e7eb23ed6f49f777c799e851872e00a

  • SHA1

    f1a1b891df9ad7850160459493f467534065e150

  • SHA256

    0be852dc052384c403f96e94c0f681c8d4b2429dbb413f9abe896e39f5cb7285

  • SHA512

    fcf32c873bfd8a32b985b671fb94f582dc2562cb59cc7bd20ce6523924958e8e191dbc53fb2c61af36c7f211e0df6c4dcdda04fd0e8a3ea33dc14f263df14b5b

Score
10/10
formbookfezuratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fezu

Decoy

palisadeshiking.com

lusteror.com

blogmisaficiones.com

firstprinciplesteam.com

theindoorfarmer.info

sddn55.xyz

womensclothingonlineshop.com

amourneim.com

getlumichargeserver.com

mynegociodev.com

xn--riq159j.com

the-social-hub.com

buypremiumvpn.xyz

brightnes.info

catmanshopper.com

michellepalacdesigns.com

moveventurecapital.com

nzhzygba.com

papahungry.com

electric-classic-bike.com

Targets

    • Target

      0be852dc052384c403f96e94c0f681c8d4b2429dbb413f9abe896e39f5cb7285

    • Size

      408KB

    • MD5

      6e7eb23ed6f49f777c799e851872e00a

    • SHA1

      f1a1b891df9ad7850160459493f467534065e150

    • SHA256

      0be852dc052384c403f96e94c0f681c8d4b2429dbb413f9abe896e39f5cb7285

    • SHA512

      fcf32c873bfd8a32b985b671fb94f582dc2562cb59cc7bd20ce6523924958e8e191dbc53fb2c61af36c7f211e0df6c4dcdda04fd0e8a3ea33dc14f263df14b5b

    Score
    10/10
    formbookfezuratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks