General
-
Target
sample20201021-01.xlsm
-
Size
43KB
-
Sample
201021-s4mt87qfga
-
MD5
0ec3a0613d2fc39417eaccebaedfcdf0
-
SHA1
0195cdd1579f6be5f143e36c942075ae811c0595
-
SHA256
857b5c1209e2bec7dda0c80b92123f4ceb15f8c560f23551804e4bd09b94e901
-
SHA512
2f77e01859e5a54f7002b3ea13a17167589e4aa2b48b71a17d9d86f515af81b95acbbbfadcbd94818eb9a9ece47d2b7205dff8253329d9165ad9914b6f2af3f3
Static task
static1
Behavioral task
behavioral1
Sample
sample20201021-01.xlsm
Resource
win7
Malware Config
Extracted
dridex
10444
79.137.29.86:443
87.106.191.77:3889
44.48.26.99:4664
178.254.22.25:33443
Targets
-
-
Target
sample20201021-01.xlsm
-
Size
43KB
-
MD5
0ec3a0613d2fc39417eaccebaedfcdf0
-
SHA1
0195cdd1579f6be5f143e36c942075ae811c0595
-
SHA256
857b5c1209e2bec7dda0c80b92123f4ceb15f8c560f23551804e4bd09b94e901
-
SHA512
2f77e01859e5a54f7002b3ea13a17167589e4aa2b48b71a17d9d86f515af81b95acbbbfadcbd94818eb9a9ece47d2b7205dff8253329d9165ad9914b6f2af3f3
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-