General
-
Target
96a307cc2ba191e4872d1ef65697753cb13641a0
-
Size
632KB
-
Sample
201109-qblhkr8l2n
-
MD5
bef6feb31ccd3364d883b306642cfaed
-
SHA1
96a307cc2ba191e4872d1ef65697753cb13641a0
-
SHA256
d77234374d79b24022c26ecdd16a684ae7e94efba502422d74852b0eddd4f1b4
-
SHA512
96900c685053e7251e673a22b3882e0d1b05f48e5e8c515a8d7b000c169db118b7d89a866fe363e44a60f57888899b32d1e6325b09a7bb3a519ce090b51dc943
Static task
static1
Behavioral task
behavioral1
Sample
96a307cc2ba191e4872d1ef65697753cb13641a0.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
178.128.83.136:443
138.122.143.41:8443
85.25.106.204:691
159.203.136.67:3308
Targets
-
-
Target
96a307cc2ba191e4872d1ef65697753cb13641a0
-
Size
632KB
-
MD5
bef6feb31ccd3364d883b306642cfaed
-
SHA1
96a307cc2ba191e4872d1ef65697753cb13641a0
-
SHA256
d77234374d79b24022c26ecdd16a684ae7e94efba502422d74852b0eddd4f1b4
-
SHA512
96900c685053e7251e673a22b3882e0d1b05f48e5e8c515a8d7b000c169db118b7d89a866fe363e44a60f57888899b32d1e6325b09a7bb3a519ce090b51dc943
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-