General
-
Target
e6e7f768a92fe4804147edb7318fd4aae2c046caae26aaef6123153fdb6f06a7
-
Size
188KB
-
Sample
210303-417zrwbmva
-
MD5
a00c75fc6f8bddc967df2583c162a787
-
SHA1
c76425d50f2507f14f9eb1fc76bf1c5b889ecd5c
-
SHA256
e6e7f768a92fe4804147edb7318fd4aae2c046caae26aaef6123153fdb6f06a7
-
SHA512
b63dca79981fe6e66f1571d77e7aa1d5038045278559872c94d45bc325843bbdd124b48800f5e85aadb9c5bcc3cce2ea8a0bc5f3cb25e90a9cfa944751e55140
Static task
static1
Behavioral task
behavioral1
Sample
e6e7f768a92fe4804147edb7318fd4aae2c046caae26aaef6123153fdb6f06a7.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
e6e7f768a92fe4804147edb7318fd4aae2c046caae26aaef6123153fdb6f06a7
-
Size
188KB
-
MD5
a00c75fc6f8bddc967df2583c162a787
-
SHA1
c76425d50f2507f14f9eb1fc76bf1c5b889ecd5c
-
SHA256
e6e7f768a92fe4804147edb7318fd4aae2c046caae26aaef6123153fdb6f06a7
-
SHA512
b63dca79981fe6e66f1571d77e7aa1d5038045278559872c94d45bc325843bbdd124b48800f5e85aadb9c5bcc3cce2ea8a0bc5f3cb25e90a9cfa944751e55140
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-