General
-
Target
cm5xssc78.dll
-
Size
539KB
-
Sample
201118-hltxfk8sdn
-
MD5
cf9c14ef002b286cc5b6f40e24430857
-
SHA1
8ab38ccaf47cdfaf5bd48b05d7c094f28aa17b0d
-
SHA256
f4e65ecea469214769a863058823613437eb066a0baf40b5f9342958fce1e7a7
-
SHA512
1c3f18cf81ddc5fc7729e184e9021202bc395b11fc3273be25961de7713307a9d5eeb62c2870481410bafa0d68972050dd659882b2fc610dd465e4151d8b207a
Behavioral task
behavioral1
Sample
cm5xssc78.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
162.241.44.26:9443
192.232.229.53:4443
77.220.64.34:443
193.90.12.121:3098
Targets
-
-
Target
cm5xssc78.dll
-
Size
539KB
-
MD5
cf9c14ef002b286cc5b6f40e24430857
-
SHA1
8ab38ccaf47cdfaf5bd48b05d7c094f28aa17b0d
-
SHA256
f4e65ecea469214769a863058823613437eb066a0baf40b5f9342958fce1e7a7
-
SHA512
1c3f18cf81ddc5fc7729e184e9021202bc395b11fc3273be25961de7713307a9d5eeb62c2870481410bafa0d68972050dd659882b2fc610dd465e4151d8b207a
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-