Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9ee744d7181c80db0ffbabf36933b815cf8b731ad6fb920393fb325cdfce9cc

  • Size

    537KB

  • Sample

    220131-cgq8gsebg6

  • MD5

    9afab2ef4657edb330c16533e7829faa

  • SHA1

    6bd646737538682c96b300e491a78f5f3744e1dc

  • SHA256

    a9ee744d7181c80db0ffbabf36933b815cf8b731ad6fb920393fb325cdfce9cc

  • SHA512

    1053273e2563fa452a57c939dba887215900c858407d637b8c11f1fd8595c5c479f2f6245a2052d2e0def575d87972070870578f07d83f1de53481d8e0fb861c

Score
10/10
formbookd7lnratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

d7ln

Decoy

bulut-imza.com

gotastebuds.com

shutupmags.com

clocksport.com

toweryachtcounsel.com

kingcopier.com

pluspersona.com

inchallahe.com

unclonedconsulting.com

ccdt168.com

tonyzheng.xyz

voiceoftheepeople.com

cicapital.xyz

offxpro.com

loyatiproductions.com

makemebuystuff.com

incuba8labs.com

remparka.com

newstft.com

bgame.pro

Targets

    • Target

      a9ee744d7181c80db0ffbabf36933b815cf8b731ad6fb920393fb325cdfce9cc

    • Size

      537KB

    • MD5

      9afab2ef4657edb330c16533e7829faa

    • SHA1

      6bd646737538682c96b300e491a78f5f3744e1dc

    • SHA256

      a9ee744d7181c80db0ffbabf36933b815cf8b731ad6fb920393fb325cdfce9cc

    • SHA512

      1053273e2563fa452a57c939dba887215900c858407d637b8c11f1fd8595c5c479f2f6245a2052d2e0def575d87972070870578f07d83f1de53481d8e0fb861c

    Score
    10/10
    formbookd7lnratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks