General
-
Target
d08e991f888aa61b77e519e193cc4a3d602ab1e77ab18c4a8b2d34b9aa5360f6
-
Size
188KB
-
Sample
210224-vvh189lr8x
-
MD5
84d594e89364092135f90494aca47fdc
-
SHA1
46bbb7eebf29e4b1257ae7ed7b6d2a145800bf81
-
SHA256
d08e991f888aa61b77e519e193cc4a3d602ab1e77ab18c4a8b2d34b9aa5360f6
-
SHA512
a8a349ec2e028495e678cb03b8be3ec63f19762f899b418db796af5ee69c43f2a86359b2c09f7794cd27f996f5aeb7f012d98ce6f810db9e15b7405d43f13ccf
Static task
static1
Behavioral task
behavioral1
Sample
d08e991f888aa61b77e519e193cc4a3d602ab1e77ab18c4a8b2d34b9aa5360f6.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
d08e991f888aa61b77e519e193cc4a3d602ab1e77ab18c4a8b2d34b9aa5360f6
-
Size
188KB
-
MD5
84d594e89364092135f90494aca47fdc
-
SHA1
46bbb7eebf29e4b1257ae7ed7b6d2a145800bf81
-
SHA256
d08e991f888aa61b77e519e193cc4a3d602ab1e77ab18c4a8b2d34b9aa5360f6
-
SHA512
a8a349ec2e028495e678cb03b8be3ec63f19762f899b418db796af5ee69c43f2a86359b2c09f7794cd27f996f5aeb7f012d98ce6f810db9e15b7405d43f13ccf
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-