General
-
Target
gmt6s0o.zip.dll
-
Size
551KB
-
Sample
201112-4c2rgmjjn6
-
MD5
2eb6f6ca25507f8f9fce5b724d80800d
-
SHA1
3528c55c3bb19b279de9c4ee847953d50b8918ff
-
SHA256
f72bbba2814630af977b32b71152e7b499a9d154ad2aba5f4b8837081af9ac80
-
SHA512
dc4989915fd2c3b25211762a9ddd340c52d9cd4396c2084276bb9b91a1aabff892708342fe3d64d8b17032074b26a2ba51eb63717bcbb06df728f8c956f3eb76
Static task
static1
Behavioral task
behavioral1
Sample
gmt6s0o.zip.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
77.220.64.39:443
69.164.207.140:3388
78.47.139.43:4443
103.244.206.74:33443
Targets
-
-
Target
gmt6s0o.zip.dll
-
Size
551KB
-
MD5
2eb6f6ca25507f8f9fce5b724d80800d
-
SHA1
3528c55c3bb19b279de9c4ee847953d50b8918ff
-
SHA256
f72bbba2814630af977b32b71152e7b499a9d154ad2aba5f4b8837081af9ac80
-
SHA512
dc4989915fd2c3b25211762a9ddd340c52d9cd4396c2084276bb9b91a1aabff892708342fe3d64d8b17032074b26a2ba51eb63717bcbb06df728f8c956f3eb76
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-