Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    87a7b708cf5f194568ce728a77c5778078720d6ff6346ea269f0a5427398ad60

  • Size

    448KB

  • Sample

    221109-te5rjabfgn

  • MD5

    0157a88e62b7651bf765bd4fbf73264c

  • SHA1

    fba492f92871cbf674563578d3e91ccb4a412c71

  • SHA256

    87a7b708cf5f194568ce728a77c5778078720d6ff6346ea269f0a5427398ad60

  • SHA512

    821184beaa4e49af6e05583992ea98800a1494fcfe4c0d534dbb048dc2960208545432bb1c59c7f5cb69573bb2e7cb33d90904415c6563873ead802c4e4279c7

  • SSDEEP

    12288:w1bVCfn7om/rE7KdHJaKZODGZ5N1Um4ObM1Mjc:w1ofn7X/9dJaSODGZ5f5hoajc

Score
10/10
formbookdwdpratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Campaign

dwdp

Decoy

4DlAaMhdJtwJ15R2TZiMx6GwCg==

oilWdXwEy3OHItOqfLCNx6GwCg==

Ak8/PHhAG8EabtQ6

6M2Ej6pHE8pIcmJHMnpaZmZN50HzwA==

TbfoWsWBhyisR1OC/WI=

c9L5DAKvlT90Emj/mejR

Q52SsCG4oEvuFmMtB3U=

OpXGZzbo03aPI4RLsRqSjCi+4btteRj9

HXOuQvq3ok8Cm/9OCg==

NR7FUuGQbFKbPFOC/WI=

vCVkAKp/MCYvTA==

EIB9dcNoJczrDx1+2FMCpUWh

AelRyJUy6pU3TPPyep9VeiM=

pxM6rxHct23r9lOC/WI=

Jo+EpynW0bkd8EQ=

c93g9H4q6pCGbWGE6jGTmys=

KxeWJh3IeirmwBLvQ6xa5He4

Y18bQIZHI87qwl3/mejR

UDOSCrReNObV5g8I/0swTl5K50HzwA==

6Wum4j786IYvBgz/fu7G

Targets

    • Target

      87a7b708cf5f194568ce728a77c5778078720d6ff6346ea269f0a5427398ad60

    • Size

      448KB

    • MD5

      0157a88e62b7651bf765bd4fbf73264c

    • SHA1

      fba492f92871cbf674563578d3e91ccb4a412c71

    • SHA256

      87a7b708cf5f194568ce728a77c5778078720d6ff6346ea269f0a5427398ad60

    • SHA512

      821184beaa4e49af6e05583992ea98800a1494fcfe4c0d534dbb048dc2960208545432bb1c59c7f5cb69573bb2e7cb33d90904415c6563873ead802c4e4279c7

    • SSDEEP

      12288:w1bVCfn7om/rE7KdHJaKZODGZ5N1Um4ObM1Mjc:w1ofn7X/9dJaSODGZ5f5hoajc

    Score
    10/10
    formbookdwdpratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks