General
-
Target
printouts of outstanding_as_of_01_20_2021.xlsm
-
Size
33KB
-
Sample
210120-lwckkz6fvn
-
MD5
acd2eac5bbcece32cac93280892829cd
-
SHA1
95c4411d37764f5a3817cfd80167d312b7de19e7
-
SHA256
f840af54c53ff3e231e7da48ecace780f92c2c66c291a96d25e74737d7a2a99e
-
SHA512
011621ecf7a9bea8f28e61df04d904e4b267fccdd87e05aa70bd6a3bd38711bff5e71eb1236b154d0652a0a905c682ca96413afa9dc0f0fee674c4a3ad06ee88
Behavioral task
behavioral1
Sample
printouts of outstanding_as_of_01_20_2021.xlsm
Resource
win7v20201028
Malware Config
Extracted
Extracted
dridex
10444
194.225.58.214:443
211.110.44.63:5353
69.164.207.140:3388
198.57.200.100:3786
Targets
-
-
Target
printouts of outstanding_as_of_01_20_2021.xlsm
-
Size
33KB
-
MD5
acd2eac5bbcece32cac93280892829cd
-
SHA1
95c4411d37764f5a3817cfd80167d312b7de19e7
-
SHA256
f840af54c53ff3e231e7da48ecace780f92c2c66c291a96d25e74737d7a2a99e
-
SHA512
011621ecf7a9bea8f28e61df04d904e4b267fccdd87e05aa70bd6a3bd38711bff5e71eb1236b154d0652a0a905c682ca96413afa9dc0f0fee674c4a3ad06ee88
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-