General
-
Target
e265bbda199d75b564b823038f80d49c1df46ccdb6953f72676df555847edd60
-
Size
188KB
-
Sample
210225-zjzwnctfvx
-
MD5
0a5c4f1b33c91de478499f3ee58dcabf
-
SHA1
3645ba3eb69558119354189a0c132d5cc781d749
-
SHA256
e265bbda199d75b564b823038f80d49c1df46ccdb6953f72676df555847edd60
-
SHA512
8659421da509b15c6dd2387b7ab8508ebf3acaa4f1148fed69ada454d7cd44b3eb61d87d34032fd887222294c53f1a1c26770afb33408540ba2c4877ce594fc0
Static task
static1
Malware Config
Extracted
dridex
111
209.151.236.42:443
91.121.94.86:8172
5.189.144.136:6516
Targets
-
-
Target
e265bbda199d75b564b823038f80d49c1df46ccdb6953f72676df555847edd60
-
Size
188KB
-
MD5
0a5c4f1b33c91de478499f3ee58dcabf
-
SHA1
3645ba3eb69558119354189a0c132d5cc781d749
-
SHA256
e265bbda199d75b564b823038f80d49c1df46ccdb6953f72676df555847edd60
-
SHA512
8659421da509b15c6dd2387b7ab8508ebf3acaa4f1148fed69ada454d7cd44b3eb61d87d34032fd887222294c53f1a1c26770afb33408540ba2c4877ce594fc0
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-