General
-
Target
0a1737cbeb9c18307b1c5f3948487c17c7f0e41b7cc70665f4947ba0fc459621
-
Size
188KB
-
Sample
210224-s8b9ftnkcx
-
MD5
14cd69099af5ec5f6a88e7c3f2daba3a
-
SHA1
5cbc14f91bcc3273aa2ac5ba4cd070b1bb4f239f
-
SHA256
0a1737cbeb9c18307b1c5f3948487c17c7f0e41b7cc70665f4947ba0fc459621
-
SHA512
18a1e9d1c376f7f808304a3de28c410ebbd7a2c5d1b7fd03838887085936284178eb218527527d6e6a20399cd3849f952f918b4fe0d0b864472abb0d8fddccd2
Static task
static1
Behavioral task
behavioral1
Sample
0a1737cbeb9c18307b1c5f3948487c17c7f0e41b7cc70665f4947ba0fc459621.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
0a1737cbeb9c18307b1c5f3948487c17c7f0e41b7cc70665f4947ba0fc459621
-
Size
188KB
-
MD5
14cd69099af5ec5f6a88e7c3f2daba3a
-
SHA1
5cbc14f91bcc3273aa2ac5ba4cd070b1bb4f239f
-
SHA256
0a1737cbeb9c18307b1c5f3948487c17c7f0e41b7cc70665f4947ba0fc459621
-
SHA512
18a1e9d1c376f7f808304a3de28c410ebbd7a2c5d1b7fd03838887085936284178eb218527527d6e6a20399cd3849f952f918b4fe0d0b864472abb0d8fddccd2
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-