General
-
Target
494ee6b5372686367d0ecbc7bc29f2d11e0dbb313ef8ebb1c368013800b1ae65
-
Size
188KB
-
Sample
210224-1tlqyp3yva
-
MD5
4e4a4e6e6d03094040d77ab7d246510a
-
SHA1
1d8ae244785307c7e03feb8d9e1bfc877f98f317
-
SHA256
494ee6b5372686367d0ecbc7bc29f2d11e0dbb313ef8ebb1c368013800b1ae65
-
SHA512
d049fa031338481ecdf21003dbf8a3caf59ee48814e1ecd1768e351440baf792af1d8eec04a9e2dd36657b08d26719a15021600bdbb3fd16bd7095e97c94d7b3
Static task
static1
Behavioral task
behavioral1
Sample
494ee6b5372686367d0ecbc7bc29f2d11e0dbb313ef8ebb1c368013800b1ae65.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
494ee6b5372686367d0ecbc7bc29f2d11e0dbb313ef8ebb1c368013800b1ae65
-
Size
188KB
-
MD5
4e4a4e6e6d03094040d77ab7d246510a
-
SHA1
1d8ae244785307c7e03feb8d9e1bfc877f98f317
-
SHA256
494ee6b5372686367d0ecbc7bc29f2d11e0dbb313ef8ebb1c368013800b1ae65
-
SHA512
d049fa031338481ecdf21003dbf8a3caf59ee48814e1ecd1768e351440baf792af1d8eec04a9e2dd36657b08d26719a15021600bdbb3fd16bd7095e97c94d7b3
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-