General
-
Target
k58o06ac.gif
-
Size
599KB
-
Sample
201116-qrzwa77nkx
-
MD5
8ca3a31bb6de0d149346791288a216e9
-
SHA1
828d199b68cdb33d136768249c98d985b0771151
-
SHA256
4bbf766e8ac0148b77e659e3a3cfd110c6f219468c240987874c03107b4f8826
-
SHA512
39f0d5311e5f68fb3e751a9835cdb45e0a62ad44fb85d9da13ed6fc369d948898586c60ca8ba3c67299ec80763229bad88151291077d8add23b024d531a53cfb
Behavioral task
behavioral1
Sample
k58o06ac.gif.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.53:443
172.96.190.154:4664
209.126.111.137:33443
167.99.158.82:33443
Targets
-
-
Target
k58o06ac.gif
-
Size
599KB
-
MD5
8ca3a31bb6de0d149346791288a216e9
-
SHA1
828d199b68cdb33d136768249c98d985b0771151
-
SHA256
4bbf766e8ac0148b77e659e3a3cfd110c6f219468c240987874c03107b4f8826
-
SHA512
39f0d5311e5f68fb3e751a9835cdb45e0a62ad44fb85d9da13ed6fc369d948898586c60ca8ba3c67299ec80763229bad88151291077d8add23b024d531a53cfb
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-