General
-
Target
6d2dd343fb6db9722e5bc9fe448c9d4a5b9b5eda9c257cde5a932dddd5d0a8f5
-
Size
188KB
-
Sample
210224-jdafeh4tbe
-
MD5
9bb8e2f44d582ca6134180c0b0f919f1
-
SHA1
e969909e0b2f0bfa1f7fd9534208b5044ffd0ee1
-
SHA256
6d2dd343fb6db9722e5bc9fe448c9d4a5b9b5eda9c257cde5a932dddd5d0a8f5
-
SHA512
68e8d2c448517b377188004045b33b4647b4b25d386c43e5cc5c27b77168fd3cb26bc7bd46caec280f19d879f3c255d2035fe7e230b6ece6ca635e19916105a1
Static task
static1
Behavioral task
behavioral1
Sample
6d2dd343fb6db9722e5bc9fe448c9d4a5b9b5eda9c257cde5a932dddd5d0a8f5.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
6d2dd343fb6db9722e5bc9fe448c9d4a5b9b5eda9c257cde5a932dddd5d0a8f5
-
Size
188KB
-
MD5
9bb8e2f44d582ca6134180c0b0f919f1
-
SHA1
e969909e0b2f0bfa1f7fd9534208b5044ffd0ee1
-
SHA256
6d2dd343fb6db9722e5bc9fe448c9d4a5b9b5eda9c257cde5a932dddd5d0a8f5
-
SHA512
68e8d2c448517b377188004045b33b4647b4b25d386c43e5cc5c27b77168fd3cb26bc7bd46caec280f19d879f3c255d2035fe7e230b6ece6ca635e19916105a1
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-