Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11b7ed15ae6b1bb53ad3eeff567acb939f794bfdf067b6c3c07c19a15a02fb8f

  • Size

    755KB

  • Sample

    230110-xz6fcahc43

  • MD5

    32c97647b3b5602a7cdf5cae7aa3f289

  • SHA1

    23a7ee141819cb81d92d4dc4de53ff704f2908fd

  • SHA256

    11b7ed15ae6b1bb53ad3eeff567acb939f794bfdf067b6c3c07c19a15a02fb8f

  • SHA512

    fa81b95cf2825bc869aeaddb85c90744cd29a172f7e6b86a73727caea4f230fddc222d4a9aee7903cc05cee6ffbdb7974e59ec905a0e4a191d7c6ff77c47f412

  • SSDEEP

    12288:C6IOEw4qE4iVV/r7VWCsBvTDoJ+JlQcNoOXRHWBWDUNV26M+KJxHOWAi9bLLX69/:vIOMqEZV/NWC8noYlQukBWDS2PJMWA6Q

Score
10/10
formbookg2fgratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g2fg

Decoy

snowcrash.website

pointman.us

newheartvalve.care

drandl.com

sandspringsramblers.com

programagubernamental.online

boja.us

mvrsnike.com

mentallyillmotherhood.com

facom.us

programagubernamental.store

izivente.com

roller-v.fr

amazonbioactives.com

metaverseapple.xyz

5gt-mobilevsverizon.com

gtwebsolutions.co

scottdunn.life

usdp.trade

pikmin.run

Targets

    • Target

      11b7ed15ae6b1bb53ad3eeff567acb939f794bfdf067b6c3c07c19a15a02fb8f

    • Size

      755KB

    • MD5

      32c97647b3b5602a7cdf5cae7aa3f289

    • SHA1

      23a7ee141819cb81d92d4dc4de53ff704f2908fd

    • SHA256

      11b7ed15ae6b1bb53ad3eeff567acb939f794bfdf067b6c3c07c19a15a02fb8f

    • SHA512

      fa81b95cf2825bc869aeaddb85c90744cd29a172f7e6b86a73727caea4f230fddc222d4a9aee7903cc05cee6ffbdb7974e59ec905a0e4a191d7c6ff77c47f412

    • SSDEEP

      12288:C6IOEw4qE4iVV/r7VWCsBvTDoJ+JlQcNoOXRHWBWDUNV26M+KJxHOWAi9bLLX69/:vIOMqEZV/NWC8noYlQukBWDS2PJMWA6Q

    Score
    10/10
    formbookg2fgratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks