General
-
Target
2ed0821ec4e2dfa7c9b18bda8dbd1069d5f997aa9e96d7180ee5e6084097e2bd
-
Size
188KB
-
Sample
210303-28cfjxkvfs
-
MD5
cb48a09de8f980911b221d68deb73128
-
SHA1
e28e6d129eb38f73546a72832d4e0b3c65f4b55e
-
SHA256
2ed0821ec4e2dfa7c9b18bda8dbd1069d5f997aa9e96d7180ee5e6084097e2bd
-
SHA512
8e6ad9e0d64b2c12d950e43397c236d0e315ae92cfcab1190a97be0f5aec84c56ce98c7a899837e6a67688f0ec168a6e918d2e54d2d3a1a32a4106907e9532d6
Static task
static1
Behavioral task
behavioral1
Sample
2ed0821ec4e2dfa7c9b18bda8dbd1069d5f997aa9e96d7180ee5e6084097e2bd.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
2ed0821ec4e2dfa7c9b18bda8dbd1069d5f997aa9e96d7180ee5e6084097e2bd
-
Size
188KB
-
MD5
cb48a09de8f980911b221d68deb73128
-
SHA1
e28e6d129eb38f73546a72832d4e0b3c65f4b55e
-
SHA256
2ed0821ec4e2dfa7c9b18bda8dbd1069d5f997aa9e96d7180ee5e6084097e2bd
-
SHA512
8e6ad9e0d64b2c12d950e43397c236d0e315ae92cfcab1190a97be0f5aec84c56ce98c7a899837e6a67688f0ec168a6e918d2e54d2d3a1a32a4106907e9532d6
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-