General
-
Target
1_Total New Invoices-Thursday January 21_2021.xlsm
-
Size
33KB
-
Sample
210121-cme91ln2hn
-
MD5
a52a88ae97dd408d38d98c9aa7f81142
-
SHA1
234b65bc42a077c98c61a8eb4870d41e0039013e
-
SHA256
c7e6848fd63681514d6dad3032e358a257dde3aa1cd3b349306283356bca2608
-
SHA512
5e613f1db0e10dbdb14bc3b0f8ef7816f27a5de9f8fbb63c698e18695d0f6c7872c1e958aa122342b0cdd8d0dea70f1b23dae85ef9ae6ef893b69d30d903feab
Behavioral task
behavioral1
Sample
1_Total New Invoices-Thursday January 21_2021.xlsm
Resource
win7v20201028
Malware Config
Extracted
Extracted
dridex
10444
194.225.58.214:443
211.110.44.63:5353
69.164.207.140:3388
198.57.200.100:3786
Targets
-
-
Target
1_Total New Invoices-Thursday January 21_2021.xlsm
-
Size
33KB
-
MD5
a52a88ae97dd408d38d98c9aa7f81142
-
SHA1
234b65bc42a077c98c61a8eb4870d41e0039013e
-
SHA256
c7e6848fd63681514d6dad3032e358a257dde3aa1cd3b349306283356bca2608
-
SHA512
5e613f1db0e10dbdb14bc3b0f8ef7816f27a5de9f8fbb63c698e18695d0f6c7872c1e958aa122342b0cdd8d0dea70f1b23dae85ef9ae6ef893b69d30d903feab
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-