General
-
Target
11046515.dll
-
Size
632KB
-
Sample
201109-226zbskye6
-
MD5
8b0192345666026191be01ec52a47f64
-
SHA1
b7770117dd745c464a40bd3d3eda0ca832ec34a5
-
SHA256
ab44ef41e492f3df1be566ddde081d666b3e9f55ee6f0f195fe0acd4d9701912
-
SHA512
f47fd1012fdbed1950d9933b2be31f9829188a0008b6710eafe8901df78c06333374522d222f3ae70ce114f5ef38c6961498f5ff9e405cc3b4987df64f3f0ec7
Static task
static1
Behavioral task
behavioral1
Sample
11046515.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
178.128.83.136:443
138.122.143.41:8443
85.25.106.204:691
159.203.136.67:3308
Targets
-
-
Target
11046515.dll
-
Size
632KB
-
MD5
8b0192345666026191be01ec52a47f64
-
SHA1
b7770117dd745c464a40bd3d3eda0ca832ec34a5
-
SHA256
ab44ef41e492f3df1be566ddde081d666b3e9f55ee6f0f195fe0acd4d9701912
-
SHA512
f47fd1012fdbed1950d9933b2be31f9829188a0008b6710eafe8901df78c06333374522d222f3ae70ce114f5ef38c6961498f5ff9e405cc3b4987df64f3f0ec7
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-