General
-
Target
stage2.dll
-
Size
752KB
-
Sample
201106-9jp2cqxd7x
-
MD5
fd3da0ce820ee753901011f520ecd2b1
-
SHA1
31c739f637c7588cd430c60566c2aea402f70a45
-
SHA256
1f4d7b9217afd5254350c56788693bee5ecaa46b7f7c07354045826910dacb3c
-
SHA512
267124d68055413495344847f8c068e9f90635407a17370f93ec1afae7b6a65c3f987e5acc84838b4a8b79c62c281341bd466027f377bc25e7cb52c6ded0a354
Static task
static1
Behavioral task
behavioral1
Sample
stage2.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
195.154.237.245:443
46.105.131.73:8172
91.238.160.158:18443
213.183.128.99:3786
Targets
-
-
Target
stage2.dll
-
Size
752KB
-
MD5
fd3da0ce820ee753901011f520ecd2b1
-
SHA1
31c739f637c7588cd430c60566c2aea402f70a45
-
SHA256
1f4d7b9217afd5254350c56788693bee5ecaa46b7f7c07354045826910dacb3c
-
SHA512
267124d68055413495344847f8c068e9f90635407a17370f93ec1afae7b6a65c3f987e5acc84838b4a8b79c62c281341bd466027f377bc25e7cb52c6ded0a354
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-