General
-
Target
cb19fe63b301713587e7bdddec6a50f7
-
Size
528KB
-
Sample
201117-4jx6j354za
-
MD5
d05f75fe7219a64d04871dbf1d9f5b00
-
SHA1
b17e5249c3e10b51e6baab674389e85808083437
-
SHA256
cdc5efe20effa5b76eb7374caf88734f1566dc44084d0fe9e166c6853adc0474
-
SHA512
c6965e3b40c4345f6efa2bd0c063c4f4aae291736d6c987e0a33a53331fe350aac9b2de6ae01001ccc14726bf79f22bb7fccb675639d5473ca67ca7432a58653
Static task
static1
Behavioral task
behavioral1
Sample
cb19fe63b301713587e7bdddec6a50f7.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.39:443
69.164.207.140:3388
78.47.139.43:4443
103.244.206.74:33443
Targets
-
-
Target
cb19fe63b301713587e7bdddec6a50f7
-
Size
528KB
-
MD5
d05f75fe7219a64d04871dbf1d9f5b00
-
SHA1
b17e5249c3e10b51e6baab674389e85808083437
-
SHA256
cdc5efe20effa5b76eb7374caf88734f1566dc44084d0fe9e166c6853adc0474
-
SHA512
c6965e3b40c4345f6efa2bd0c063c4f4aae291736d6c987e0a33a53331fe350aac9b2de6ae01001ccc14726bf79f22bb7fccb675639d5473ca67ca7432a58653
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-