Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd176d2e421040c6961295c15a390defd89bc98238e342df8dd4c4f6b5c9635e

  • Size

    412KB

  • Sample

    220127-wq7flshdf7

  • MD5

    37db3a0bdae598c7c9c7637f661dcb29

  • SHA1

    48bcac796a480135d0917dc819d81713fe87aa8c

  • SHA256

    bd176d2e421040c6961295c15a390defd89bc98238e342df8dd4c4f6b5c9635e

  • SHA512

    b693546b108de4a3e76a0c51ec3d0b7a5bc85d37989c02dc4b4c4144b496c8255fbb50263c9e81c2dcc06c30cd0f01d75dbfc06e8419bd7d054cc83dca8bfa6d

Score
10/10
formbookcw22ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cw22

Decoy

betvoy206.com

nftstoners.com

tirupatibuilder.com

gulldesigns.com

shemhq.com

boricosmetic.com

bitcoinbillionaireboy.com

theflypaperplanes.com

retrocartours.com

yangzhie326.com

cheepchain.com

sentryr.com

luckirentalhomes.com

pointssquashers.com

dianasarabiantreasures.com

calendarsilo.com

sublike21.xyz

gajubg0up.xyz

lousfoodreviews.com

fades.site

Targets

    • Target

      bd176d2e421040c6961295c15a390defd89bc98238e342df8dd4c4f6b5c9635e

    • Size

      412KB

    • MD5

      37db3a0bdae598c7c9c7637f661dcb29

    • SHA1

      48bcac796a480135d0917dc819d81713fe87aa8c

    • SHA256

      bd176d2e421040c6961295c15a390defd89bc98238e342df8dd4c4f6b5c9635e

    • SHA512

      b693546b108de4a3e76a0c51ec3d0b7a5bc85d37989c02dc4b4c4144b496c8255fbb50263c9e81c2dcc06c30cd0f01d75dbfc06e8419bd7d054cc83dca8bfa6d

    Score
    10/10
    formbookcw22ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks