General
-
Target
f4ff765ab41db56376ba8ff3a9104140.dll
-
Size
413KB
-
Sample
201208-wqd58tgjtn
-
MD5
f4ff765ab41db56376ba8ff3a9104140
-
SHA1
e6436254ef5fec9db4208d772f07c5f2153f5d4d
-
SHA256
8035b530d4c16bc534232b4d2843251fef2ef0d1d68bde32965088d1cdc5b031
-
SHA512
47dbfd3028daf8e93824ba868bb3e962e4be5b19a47ee16c07138b4d2b15fa9629cdb70527c22bdc53ba84f2c40acd045438794002e75b78ea06f63514303996
Static task
static1
Behavioral task
behavioral1
Sample
f4ff765ab41db56376ba8ff3a9104140.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
104.131.164.93:443
46.101.90.205:4643
27.254.174.84:4443
92.94.251.127:3786
Targets
-
-
Target
f4ff765ab41db56376ba8ff3a9104140.dll
-
Size
413KB
-
MD5
f4ff765ab41db56376ba8ff3a9104140
-
SHA1
e6436254ef5fec9db4208d772f07c5f2153f5d4d
-
SHA256
8035b530d4c16bc534232b4d2843251fef2ef0d1d68bde32965088d1cdc5b031
-
SHA512
47dbfd3028daf8e93824ba868bb3e962e4be5b19a47ee16c07138b4d2b15fa9629cdb70527c22bdc53ba84f2c40acd045438794002e75b78ea06f63514303996
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-