Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ddb29ddbdec50f59762b9243d0f90a445c028bd5be7f50ef73568327726267e

  • Size

    414KB

  • Sample

    220127-wr9mcshdg2

  • MD5

    276109eb825a01faba4a0d31887aee14

  • SHA1

    7df5ee401b09f94a4de0efe96bc8a14dd01f9ec3

  • SHA256

    6ddb29ddbdec50f59762b9243d0f90a445c028bd5be7f50ef73568327726267e

  • SHA512

    e0a3f0c3ad1f424c4c551475b04cdfd9e3118d0bd479273cb6db79d8c30f9a2d0e8e5c386dc676ae56239b7453572e103d0d97634b50e3b7014857064a2fdddd

Score
10/10
formbookfezuratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fezu

Decoy

palisadeshiking.com

lusteror.com

blogmisaficiones.com

firstprinciplesteam.com

theindoorfarmer.info

sddn55.xyz

womensclothingonlineshop.com

amourneim.com

getlumichargeserver.com

mynegociodev.com

xn--riq159j.com

the-social-hub.com

buypremiumvpn.xyz

brightnes.info

catmanshopper.com

michellepalacdesigns.com

moveventurecapital.com

nzhzygba.com

papahungry.com

electric-classic-bike.com

Targets

    • Target

      6ddb29ddbdec50f59762b9243d0f90a445c028bd5be7f50ef73568327726267e

    • Size

      414KB

    • MD5

      276109eb825a01faba4a0d31887aee14

    • SHA1

      7df5ee401b09f94a4de0efe96bc8a14dd01f9ec3

    • SHA256

      6ddb29ddbdec50f59762b9243d0f90a445c028bd5be7f50ef73568327726267e

    • SHA512

      e0a3f0c3ad1f424c4c551475b04cdfd9e3118d0bd479273cb6db79d8c30f9a2d0e8e5c386dc676ae56239b7453572e103d0d97634b50e3b7014857064a2fdddd

    Score
    10/10
    formbookfezuratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks