General
-
Target
b74c1049833a0a7f1314752cfc959a0bfd9138fdc6d58010c6b7db851b5f4017
-
Size
188KB
-
Sample
210225-qfwkw98h5j
-
MD5
94cd251f6c46eaad701e718d108dd87e
-
SHA1
d739ce9a88f08877ef700374eb69e0790888a913
-
SHA256
b74c1049833a0a7f1314752cfc959a0bfd9138fdc6d58010c6b7db851b5f4017
-
SHA512
6353b6a825bbb19cce104a324a887decdee555891dd5fdc917d177ca139e1902296442eee16f9dd3ba99bfa6eab78baa5e2d10f76b0a07e7fc7993171e8c7d8a
Static task
static1
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
b74c1049833a0a7f1314752cfc959a0bfd9138fdc6d58010c6b7db851b5f4017
-
Size
188KB
-
MD5
94cd251f6c46eaad701e718d108dd87e
-
SHA1
d739ce9a88f08877ef700374eb69e0790888a913
-
SHA256
b74c1049833a0a7f1314752cfc959a0bfd9138fdc6d58010c6b7db851b5f4017
-
SHA512
6353b6a825bbb19cce104a324a887decdee555891dd5fdc917d177ca139e1902296442eee16f9dd3ba99bfa6eab78baa5e2d10f76b0a07e7fc7993171e8c7d8a
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-