Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff3f7736a06e89ae300270369d83b922423c8a840903b30a8a21365c4b0b0628

  • Size

    801KB

  • Sample

    220208-a23e5sbch4

  • MD5

    bca1ff010da42916a06b6dc524124863

  • SHA1

    5f1f5c065b47b178780b352e29ccac23f88b1459

  • SHA256

    ff3f7736a06e89ae300270369d83b922423c8a840903b30a8a21365c4b0b0628

  • SHA512

    270598e156b951d63e11b22bcd43d32220c321241159b89264a45f0cc290c0511e7f6584086465664050c8336c06d06ad2e32c70922de7c964ae4d8e0f30478b

Score
10/10
xloaders9neloaderrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

s9ne

Decoy

digital-performance-award.com

fioratti.xyz

designluxre.com

cngangdun.com

restaurantperladelmare.com

davinci65.info

glossmans.com

firstsmileimaging.com

indevmobility.biz

mvptcodesupport.com

crustenc.net

raleighsportsacademy.com

boytoyporn.com

rojaspass.com

acmepaysage.fr

shopatdean.xyz

leonergsteve18870.com

elnahuel.com

ils.network

canto-libero.com

Targets

    • Target

      ff3f7736a06e89ae300270369d83b922423c8a840903b30a8a21365c4b0b0628

    • Size

      801KB

    • MD5

      bca1ff010da42916a06b6dc524124863

    • SHA1

      5f1f5c065b47b178780b352e29ccac23f88b1459

    • SHA256

      ff3f7736a06e89ae300270369d83b922423c8a840903b30a8a21365c4b0b0628

    • SHA512

      270598e156b951d63e11b22bcd43d32220c321241159b89264a45f0cc290c0511e7f6584086465664050c8336c06d06ad2e32c70922de7c964ae4d8e0f30478b

    Score
    10/10
    xloaders9neloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks