Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11f78a6f1d2cc4587778143bdc8b011ca509978c26ba60bd41fe74bd6773444d

  • Size

    731KB

  • Sample

    230328-wgfljacd33

  • MD5

    7c4e7dc9b73afae121b7f83004013971

  • SHA1

    f9690031e5fec4f0379598f03bd395b6714206c0

  • SHA256

    11f78a6f1d2cc4587778143bdc8b011ca509978c26ba60bd41fe74bd6773444d

  • SHA512

    b10cd46dc62a7bf864ea7c036d7ed4c61cfc29c57d8f480b03f58415a5c1e293d68bc9a9748b4c325c6f142d93c5e86084a01079b6542de43fff7f7408672d2b

  • SSDEEP

    12288:IcCtsy64aJfjXdCkkJ0sNSLXLnEvZWL8tpIgRmus0F:3RyuNjXdM0pLXLEvZWLEpIgRmus0

Score
10/10
formbookar73ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ar73

Decoy

classgorilla.com

b6817.com

1wwuwa.top

dgslimited.africa

deepwaterships.com

hkshshoptw.shop

hurricanevalleyatvjamboree.com

ckpconsulting.com

laojiangmath.com

authenticityhacking.com

family-doctor-53205.com

investinstgeorgeut.com

lithoearthsolution.africa

quickhealcareltd.co.uk

delightkgrillw.top

freezeclosettoilet.com

coo1star.com

gemgamut.com

enrichednetworksolutions.com

betterbeeclean.com

Targets

    • Target

      11f78a6f1d2cc4587778143bdc8b011ca509978c26ba60bd41fe74bd6773444d

    • Size

      731KB

    • MD5

      7c4e7dc9b73afae121b7f83004013971

    • SHA1

      f9690031e5fec4f0379598f03bd395b6714206c0

    • SHA256

      11f78a6f1d2cc4587778143bdc8b011ca509978c26ba60bd41fe74bd6773444d

    • SHA512

      b10cd46dc62a7bf864ea7c036d7ed4c61cfc29c57d8f480b03f58415a5c1e293d68bc9a9748b4c325c6f142d93c5e86084a01079b6542de43fff7f7408672d2b

    • SSDEEP

      12288:IcCtsy64aJfjXdCkkJ0sNSLXLnEvZWL8tpIgRmus0F:3RyuNjXdM0pLXLEvZWLEpIgRmus0

    Score
    10/10
    formbookar73ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks