Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba

  • Size

    320KB

  • Sample

    220806-hfcllabfdq

  • MD5

    f6c8a8e5346a698e0733248a0ec6e323

  • SHA1

    6e0be3bcd53afae69635fdecb1b7f350f9306563

  • SHA256

    fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba

  • SHA512

    076578e7d60d26215fb7f43b58873abda5ee83bf31d8969b0a0ca9a8bdf91774487ece9d6ffb6a32c57154269d84f9ac2c3926bc76e944b87c59fc9f2d5dfd84

Score
10/10
formbookeni9ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

eni9

Decoy

serenatutino.com

oshuncleaningservices.com

themodernring.com

elhoodurbano.com

borntobeabrand.com

wingene168.com

raising.cloud

kumen.store

azdistribution.store

myrecordingapp.com

minshu.info

zhongxiangxinge.com

linentemptation.com

corealestatevideo.com

carpection.com

mompreneur.services

ent34.com

udicoin.net

trulyclassical.com

paraalemdatela.com

Targets

    • Target

      fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba

    • Size

      320KB

    • MD5

      f6c8a8e5346a698e0733248a0ec6e323

    • SHA1

      6e0be3bcd53afae69635fdecb1b7f350f9306563

    • SHA256

      fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba

    • SHA512

      076578e7d60d26215fb7f43b58873abda5ee83bf31d8969b0a0ca9a8bdf91774487ece9d6ffb6a32c57154269d84f9ac2c3926bc76e944b87c59fc9f2d5dfd84

    Score
    10/10
    formbookeni9ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks