General
-
Target
a804ed88ea8ab0b0136488a6302626ba.exe
-
Size
637KB
-
Sample
210112-x1nbyftdpn
-
MD5
a804ed88ea8ab0b0136488a6302626ba
-
SHA1
27e4371f7c0892be905d63661ead63ea9683b95b
-
SHA256
e64e3395c17e8de856a49a6c16eec63b95d876b957b8e2ff12946f8a93a6faad
-
SHA512
a887836f6d277eba77f47e716b571c754dc33b19d237b2c182fc702bada6003801b55288953755ed766157a321bc64e14cc5ade9e9358068bcf5530b61cdaeb7
Static task
static1
Behavioral task
behavioral1
Sample
a804ed88ea8ab0b0136488a6302626ba.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
a804ed88ea8ab0b0136488a6302626ba.exe
Resource
win10v20201028
Malware Config
Extracted
dridex
10555
77.220.64.37:443
80.86.91.27:3308
5.100.228.233:3389
46.105.131.65:1512
Targets
-
-
Target
a804ed88ea8ab0b0136488a6302626ba.exe
-
Size
637KB
-
MD5
a804ed88ea8ab0b0136488a6302626ba
-
SHA1
27e4371f7c0892be905d63661ead63ea9683b95b
-
SHA256
e64e3395c17e8de856a49a6c16eec63b95d876b957b8e2ff12946f8a93a6faad
-
SHA512
a887836f6d277eba77f47e716b571c754dc33b19d237b2c182fc702bada6003801b55288953755ed766157a321bc64e14cc5ade9e9358068bcf5530b61cdaeb7
Score10/10-
Loads dropped DLL
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-