General
-
Target
5729bf7cc2a6566ba2a70c9324718cef806ee892914dfc422f9ff3dc2a420fcd
-
Size
188KB
-
Sample
210224-mtqrtydb6e
-
MD5
42c66afb604c668d5f3c7ab485a5dbc1
-
SHA1
b166a127a52355323cda18e0a685fa03ccf5373f
-
SHA256
5729bf7cc2a6566ba2a70c9324718cef806ee892914dfc422f9ff3dc2a420fcd
-
SHA512
4156a423ae929398b65db0bdf49e3cdfe3aa7ca1d6892f14b1f32022b8b31c11fa4a6a4ce7ed2c6dee315f5ce14c9eb890c2c06ff0c95bc97fb2a82d3ef5afdc
Static task
static1
Behavioral task
behavioral1
Sample
5729bf7cc2a6566ba2a70c9324718cef806ee892914dfc422f9ff3dc2a420fcd.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
5729bf7cc2a6566ba2a70c9324718cef806ee892914dfc422f9ff3dc2a420fcd
-
Size
188KB
-
MD5
42c66afb604c668d5f3c7ab485a5dbc1
-
SHA1
b166a127a52355323cda18e0a685fa03ccf5373f
-
SHA256
5729bf7cc2a6566ba2a70c9324718cef806ee892914dfc422f9ff3dc2a420fcd
-
SHA512
4156a423ae929398b65db0bdf49e3cdfe3aa7ca1d6892f14b1f32022b8b31c11fa4a6a4ce7ed2c6dee315f5ce14c9eb890c2c06ff0c95bc97fb2a82d3ef5afdc
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-