General
-
Target
4801b61a1dc7a14b4c2efc9840a933b7dbfc595cca11bca2632f7e59a0624c65.zip
-
Size
424KB
-
Sample
201105-p18vz5a4ej
-
MD5
50a955a414379fb1e6f3b5689ffcb41d
-
SHA1
b5a76af12ad125bcc019fd68b754230ad896e65a
-
SHA256
0be38e2beca10be18da5711dd49430fd3f427c857fc4b9d05c42de9d95801cad
-
SHA512
394e8f06c3065c6f89ef8331a1280e4e0cc1f4efdcdc99b55e9db562fa4d16186ec38349e701e33bdb020fd1599b29fb2cf8fe1ded8b7781b410c6dcb4f20f9f
Static task
static1
Behavioral task
behavioral1
Sample
4801b61a1dc7a14b4c2efc9840a933b7dbfc595cca11bca2632f7e59a0624c65.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
195.154.237.245:443
46.105.131.73:8172
91.238.160.158:18443
213.183.128.99:3786
Targets
-
-
Target
4801b61a1dc7a14b4c2efc9840a933b7dbfc595cca11bca2632f7e59a0624c65.dll
-
Size
572KB
-
MD5
f6e9f6de099449b84d37f8c9c959c0a3
-
SHA1
407a7e9d982caea11ebb525d1bd51e2617febe74
-
SHA256
4801b61a1dc7a14b4c2efc9840a933b7dbfc595cca11bca2632f7e59a0624c65
-
SHA512
8027bd6e4f7ea23d435fa3654c793b34c715bc2b4a2915df78e4f227d9a3f782de5e7bea86c9dcd8cefd612ac5a8ff4d28f1d3d6c6a3a1d6b89863ef94575fc9
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-