Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3375a85f28c1c6c7da5ae9684bb5538230e0a186c83dae7377b2a04083de9b93

  • Size

    936KB

  • Sample

    221208-edgkzsbh6x

  • MD5

    45de11e238928df8cf415f31abb63e4a

  • SHA1

    a123fee9e91c4b2c5eeefc3493ec22b91961d95e

  • SHA256

    3375a85f28c1c6c7da5ae9684bb5538230e0a186c83dae7377b2a04083de9b93

  • SHA512

    42b9ab2c2dd4710abfb7f88a01fd3630834004881f5ff28e7cdd44e79ebdd3d77fde66fc1a92b4afed840801c7228472e173b345b07ac46212565d79e6a7fa6c

  • SSDEEP

    24576:dr1DtT3FOy+b4lROUhwSz80jcIwqR+LBI:drvLFOS/hc0QIwqRuB

Score
10/10
formbookvr84ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vr84

Decoy

intouchenergy.co.uk

lalumalkaliram.com

hillgreenholidays.co.uk

fluentliteracy.com

buildingworkerpower.com

by23577.com

gate-ch375019.online

jayess-decor.com

larkslife.com

swsnacks.co.uk

bigturtletiny.com

egggge.xyz

olastore.africa

lightshowsnewengland.com

daily-lox.com

empireoba.com

91302events.com

lawrencecountyfirechiefs.com

abrahamslibrary.com

cleaner365.online

Targets

    • Target

      3375a85f28c1c6c7da5ae9684bb5538230e0a186c83dae7377b2a04083de9b93

    • Size

      936KB

    • MD5

      45de11e238928df8cf415f31abb63e4a

    • SHA1

      a123fee9e91c4b2c5eeefc3493ec22b91961d95e

    • SHA256

      3375a85f28c1c6c7da5ae9684bb5538230e0a186c83dae7377b2a04083de9b93

    • SHA512

      42b9ab2c2dd4710abfb7f88a01fd3630834004881f5ff28e7cdd44e79ebdd3d77fde66fc1a92b4afed840801c7228472e173b345b07ac46212565d79e6a7fa6c

    • SSDEEP

      24576:dr1DtT3FOy+b4lROUhwSz80jcIwqR+LBI:drvLFOS/hc0QIwqRuB

    Score
    10/10
    formbookvr84ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks