Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af428f81bcbd48b4d608939239f56501fa59ba2acea62ae7597cb9d39c1f0a8a

  • Size

    1.1MB

  • Sample

    221210-fq4rqafa26

  • MD5

    36885002551fe0067f6e166269b4c12b

  • SHA1

    74b5b7a9e798f3d95bfd17db586d33620e407047

  • SHA256

    af428f81bcbd48b4d608939239f56501fa59ba2acea62ae7597cb9d39c1f0a8a

  • SHA512

    bcb4a33fc1b70e7f2e791f39a18b5b19498a1d53421f32e84f322c1b621b40527a091ae3a50babb9627e3215974af04534e96d81398a668aa8c67ce51a8c5f0c

  • SSDEEP

    24576:razg5wkQO78tScQHbpR/IRqVY2ecN66pF2f:r6kQkMS9bCKI

Score
10/10
formbookvr84ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vr84

Decoy

intouchenergy.co.uk

lalumalkaliram.com

hillgreenholidays.co.uk

fluentliteracy.com

buildingworkerpower.com

by23577.com

gate-ch375019.online

jayess-decor.com

larkslife.com

swsnacks.co.uk

bigturtletiny.com

egggge.xyz

olastore.africa

lightshowsnewengland.com

daily-lox.com

empireoba.com

91302events.com

lawrencecountyfirechiefs.com

abrahamslibrary.com

cleaner365.online

Targets

    • Target

      af428f81bcbd48b4d608939239f56501fa59ba2acea62ae7597cb9d39c1f0a8a

    • Size

      1.1MB

    • MD5

      36885002551fe0067f6e166269b4c12b

    • SHA1

      74b5b7a9e798f3d95bfd17db586d33620e407047

    • SHA256

      af428f81bcbd48b4d608939239f56501fa59ba2acea62ae7597cb9d39c1f0a8a

    • SHA512

      bcb4a33fc1b70e7f2e791f39a18b5b19498a1d53421f32e84f322c1b621b40527a091ae3a50babb9627e3215974af04534e96d81398a668aa8c67ce51a8c5f0c

    • SSDEEP

      24576:razg5wkQO78tScQHbpR/IRqVY2ecN66pF2f:r6kQkMS9bCKI

    Score
    10/10
    formbookvr84ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks