Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8323bfa811d207521f4e833af08813c6a4431f9c28f6d07279b656a6a60e57ae

  • Size

    778KB

  • Sample

    220128-b479vaeagr

  • MD5

    09106fd4669886c1de4e049bb57e1228

  • SHA1

    21af8e129c05e0cbbf33f4e155d4ebbfcaaa2155

  • SHA256

    8323bfa811d207521f4e833af08813c6a4431f9c28f6d07279b656a6a60e57ae

  • SHA512

    1ca4f90efac305a0bce470263e2e6cff45e28029540123db54f9e5461ec4ae099f95384deade9c4160f9eea18c31d4b156513ee4ef628a99380af831d6383505

Score
10/10
formbookjy93ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jy93

Decoy

alexito.space

shitsthebalm.com

margaritavillemelbourne.com

vonahk.xyz

1960lawn.com

augustacrim.com

bancopec.com

batrainingstudio.com

kokofleks.store

w4-form-irs.com

putnamob.com

mickeysmotors.com

8181yd.com

wedmecreation.com

mischianti.com

gskpop.com

douvip303.com

unlimitedlyfestylez.com

originophthalmics.com

oandazx86.xyz

Targets

    • Target

      8323bfa811d207521f4e833af08813c6a4431f9c28f6d07279b656a6a60e57ae

    • Size

      778KB

    • MD5

      09106fd4669886c1de4e049bb57e1228

    • SHA1

      21af8e129c05e0cbbf33f4e155d4ebbfcaaa2155

    • SHA256

      8323bfa811d207521f4e833af08813c6a4431f9c28f6d07279b656a6a60e57ae

    • SHA512

      1ca4f90efac305a0bce470263e2e6cff45e28029540123db54f9e5461ec4ae099f95384deade9c4160f9eea18c31d4b156513ee4ef628a99380af831d6383505

    Score
    10/10
    formbookjy93ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks