Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4df9647b28defe7c3fc9f88602a582bcccb5005edd7b2784c76abb6383925353

  • Size

    688KB

  • Sample

    220609-l26ncaegej

  • MD5

    99912794ef989327c3a99a7afd6439ad

  • SHA1

    aaee4dbefc9ce54cf45e16b8a921ef16681ee5b5

  • SHA256

    4df9647b28defe7c3fc9f88602a582bcccb5005edd7b2784c76abb6383925353

  • SHA512

    64c9a72beeff481f5ac0656e7b7f64a1e514a224eb236ff9c9dee03696af0f5f043dc0ef8236d6493ca91d91ae2643c4ac45e0fd9aaf854bd290f43bac244188

Score
10/10
formbookfw02ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fw02

Decoy

payer-breakers.com

thesiscoper.com

rental-villa.com

scovikinnovations.com

hydh33.com

allmyshit.rest

lovejaclyn.com

vanessaruizwriting.com

dufonddelaclasse.com

kiddee168.com

monumentalmarketsllc.com

musclegainfatloss.com

avida.info

cosmo-wellness.net

dandelionfusedigital.com

oversizeloadbanners.com

konstelle.store

sdjnsbd.com

czoqg.xyz

5p6xljjse1lq.xyz

Targets

    • Target

      4df9647b28defe7c3fc9f88602a582bcccb5005edd7b2784c76abb6383925353

    • Size

      688KB

    • MD5

      99912794ef989327c3a99a7afd6439ad

    • SHA1

      aaee4dbefc9ce54cf45e16b8a921ef16681ee5b5

    • SHA256

      4df9647b28defe7c3fc9f88602a582bcccb5005edd7b2784c76abb6383925353

    • SHA512

      64c9a72beeff481f5ac0656e7b7f64a1e514a224eb236ff9c9dee03696af0f5f043dc0ef8236d6493ca91d91ae2643c4ac45e0fd9aaf854bd290f43bac244188

    Score
    10/10
    formbookfw02ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks