General
-
Target
6bf9cd30ab801aa6794ba8736e9665d259e4d837a8c599b83c325cdbd50be5b5
-
Size
184KB
-
Sample
210226-pv4wc5sccx
-
MD5
5380e4a025672b404d98f11da60d82d0
-
SHA1
78bdf1fad42d814bc97d8f95400a0944dd1a286c
-
SHA256
6bf9cd30ab801aa6794ba8736e9665d259e4d837a8c599b83c325cdbd50be5b5
-
SHA512
f6342409b44862171448559ade03c238225f73d2b3900abf832e58c5e8b048118b9408d4c9977f6853c11986455a2f69ecad4c10bab7c33a9bb9322350d30466
Static task
static1
Malware Config
Extracted
dridex
111
162.13.114.59:443
70.39.99.196:8172
37.187.115.122:6601
Targets
-
-
Target
6bf9cd30ab801aa6794ba8736e9665d259e4d837a8c599b83c325cdbd50be5b5
-
Size
184KB
-
MD5
5380e4a025672b404d98f11da60d82d0
-
SHA1
78bdf1fad42d814bc97d8f95400a0944dd1a286c
-
SHA256
6bf9cd30ab801aa6794ba8736e9665d259e4d837a8c599b83c325cdbd50be5b5
-
SHA512
f6342409b44862171448559ade03c238225f73d2b3900abf832e58c5e8b048118b9408d4c9977f6853c11986455a2f69ecad4c10bab7c33a9bb9322350d30466
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-