General
-
Target
e4cb2493ac68f9f2e723a5f11c2dbe338218dced8ee84ca95709dfa21777d3f6
-
Size
188KB
-
Sample
210224-qv1j7esy4n
-
MD5
6e26fe4e80b4e67de83bc5858bae41c6
-
SHA1
30aa5c5cf876e0bdeea38301a479644de6d4eb5c
-
SHA256
e4cb2493ac68f9f2e723a5f11c2dbe338218dced8ee84ca95709dfa21777d3f6
-
SHA512
96daea7d3e53e073f7115bbf3cbd2967dace2fd5887fb520139d3240d8836de94b5ebbe6367864c77f1197b9f43b37eab6563d22fc979adb83af5332a28c2c5c
Static task
static1
Behavioral task
behavioral1
Sample
e4cb2493ac68f9f2e723a5f11c2dbe338218dced8ee84ca95709dfa21777d3f6.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
e4cb2493ac68f9f2e723a5f11c2dbe338218dced8ee84ca95709dfa21777d3f6
-
Size
188KB
-
MD5
6e26fe4e80b4e67de83bc5858bae41c6
-
SHA1
30aa5c5cf876e0bdeea38301a479644de6d4eb5c
-
SHA256
e4cb2493ac68f9f2e723a5f11c2dbe338218dced8ee84ca95709dfa21777d3f6
-
SHA512
96daea7d3e53e073f7115bbf3cbd2967dace2fd5887fb520139d3240d8836de94b5ebbe6367864c77f1197b9f43b37eab6563d22fc979adb83af5332a28c2c5c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-