General
-
Target
Amazon_eGift-Card_579366314.scr
-
Size
905KB
-
Sample
201126-r8q2v9e7s6
-
MD5
e3c73316a5a270a82f24e56ec0f62e0e
-
SHA1
a8adc02637c62262e02f0097222cda0cd2aef013
-
SHA256
ee492eda053d19e082cd88acef8825e8dfd4616d51689e2e9667f5ed9035b1df
-
SHA512
b5079ed75843810c30d8c9e947917f9968f3930a7a7ca9b70f0ca22804aa2b29dbeb57c0eee18b94376817949b793ba74a64813fcd52a9e8f30660e4833ea6c5
Static task
static1
Behavioral task
behavioral1
Sample
Amazon_eGift-Card_579366314.scr
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
194.225.58.216:443
178.254.40.132:691
216.172.165.70:3889
198.57.200.100:3786
Targets
-
-
Target
Amazon_eGift-Card_579366314.scr
-
Size
905KB
-
MD5
e3c73316a5a270a82f24e56ec0f62e0e
-
SHA1
a8adc02637c62262e02f0097222cda0cd2aef013
-
SHA256
ee492eda053d19e082cd88acef8825e8dfd4616d51689e2e9667f5ed9035b1df
-
SHA512
b5079ed75843810c30d8c9e947917f9968f3930a7a7ca9b70f0ca22804aa2b29dbeb57c0eee18b94376817949b793ba74a64813fcd52a9e8f30660e4833ea6c5
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-