Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44b473195e8f495f9e53899badaabf0e164b52ec3cc3d73be3c59cc5c570ccd1

  • Size

    442KB

  • Sample

    221123-mz5tpsfe35

  • MD5

    ac9f7c1ebdf2d688c3f9b7ff82bf4c0a

  • SHA1

    b5a0a41c6b3059a93effa972c8f2641192419445

  • SHA256

    44b473195e8f495f9e53899badaabf0e164b52ec3cc3d73be3c59cc5c570ccd1

  • SHA512

    2b47a0ef4cd5fbc5996dc77a773396146509f7b321ba327190fb16581c33cb0dcaf73b15986b8ff69e0f1b43da97cef84f397d076fd6ba9b35e0b7285485800a

  • SSDEEP

    6144:iyEa0sZPLivhZvzkUIRkPQD97qEIb+Qz5W45y/fIXoQGFGtcSsYYL:is4T7wk4VqvKQpEYG5SsLL

Score
10/10
formbooklt63ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

lt63

Decoy

fortrantelecom.africa

ffafa.buzz

bullybrain.com

ekeisolutions.com

lamiamira.com

noahsark.xyz

beautyby-eve.com

cloudfatory.com

12443.football

hataykultur.online

donqu3.sexy

breakthroughaustralia.com

havengpe.com

cpxlocatup.info

corefourpartners.com

amonefintech.com

thithombo.africa

bassmaty.store

fdshdsr.top

lifesoapsimple.com

Targets

    • Target

      44b473195e8f495f9e53899badaabf0e164b52ec3cc3d73be3c59cc5c570ccd1

    • Size

      442KB

    • MD5

      ac9f7c1ebdf2d688c3f9b7ff82bf4c0a

    • SHA1

      b5a0a41c6b3059a93effa972c8f2641192419445

    • SHA256

      44b473195e8f495f9e53899badaabf0e164b52ec3cc3d73be3c59cc5c570ccd1

    • SHA512

      2b47a0ef4cd5fbc5996dc77a773396146509f7b321ba327190fb16581c33cb0dcaf73b15986b8ff69e0f1b43da97cef84f397d076fd6ba9b35e0b7285485800a

    • SSDEEP

      6144:iyEa0sZPLivhZvzkUIRkPQD97qEIb+Qz5W45y/fIXoQGFGtcSsYYL:is4T7wk4VqvKQpEYG5SsLL

    Score
    10/10
    formbooklt63ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks