General
-
Target
ed4fe8fcd0bbc0a3def448a2e59b765136232a733d8d3b0d5388021a6e2cd117
-
Size
184KB
-
Sample
210226-sj6p4z76hs
-
MD5
569d67cfb6bc93ebae61aac42da5e058
-
SHA1
e36bc1c469b1e87c63406f81fa514efe9478d2bb
-
SHA256
ed4fe8fcd0bbc0a3def448a2e59b765136232a733d8d3b0d5388021a6e2cd117
-
SHA512
c79caf73a9dc8b0d4f805b7389973b6c23109f3c5069ac5e19191fb3a9149fd928a486f409f707e0da690779cb7ebd3daeda36d98eafad19a77a5ca90299cf85
Static task
static1
Behavioral task
behavioral1
Sample
ed4fe8fcd0bbc0a3def448a2e59b765136232a733d8d3b0d5388021a6e2cd117.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
162.13.114.59:443
70.39.99.196:8172
37.187.115.122:6601
Targets
-
-
Target
ed4fe8fcd0bbc0a3def448a2e59b765136232a733d8d3b0d5388021a6e2cd117
-
Size
184KB
-
MD5
569d67cfb6bc93ebae61aac42da5e058
-
SHA1
e36bc1c469b1e87c63406f81fa514efe9478d2bb
-
SHA256
ed4fe8fcd0bbc0a3def448a2e59b765136232a733d8d3b0d5388021a6e2cd117
-
SHA512
c79caf73a9dc8b0d4f805b7389973b6c23109f3c5069ac5e19191fb3a9149fd928a486f409f707e0da690779cb7ebd3daeda36d98eafad19a77a5ca90299cf85
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-