General
-
Target
aa68e997626373a297e4a8411d6574aa2cb5bb1f93b7e1d4a12739a998f0275c
-
Size
188KB
-
Sample
210224-ppdyjx2m2j
-
MD5
615d8f5e434db4542fa8acf87dcfa850
-
SHA1
6ac9470b452c5d082c61a02228d7eafc79175162
-
SHA256
aa68e997626373a297e4a8411d6574aa2cb5bb1f93b7e1d4a12739a998f0275c
-
SHA512
8237033399330bee8c51e4ff6a2633445353eed12f6c80462b32c56033968376c4626e508796210cc2b38c187d36d4b83758e72d416aca5ac0c831dae129beaa
Static task
static1
Behavioral task
behavioral1
Sample
aa68e997626373a297e4a8411d6574aa2cb5bb1f93b7e1d4a12739a998f0275c.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
aa68e997626373a297e4a8411d6574aa2cb5bb1f93b7e1d4a12739a998f0275c
-
Size
188KB
-
MD5
615d8f5e434db4542fa8acf87dcfa850
-
SHA1
6ac9470b452c5d082c61a02228d7eafc79175162
-
SHA256
aa68e997626373a297e4a8411d6574aa2cb5bb1f93b7e1d4a12739a998f0275c
-
SHA512
8237033399330bee8c51e4ff6a2633445353eed12f6c80462b32c56033968376c4626e508796210cc2b38c187d36d4b83758e72d416aca5ac0c831dae129beaa
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-