General
-
Target
b2f48595ae38d3f3a3321078d96b2a752fa9cbcc12ff8e8fd516457e0d089ecb
-
Size
188KB
-
Sample
210303-5hk57x8qhs
-
MD5
57813dca98f40a2c9a1efb9c87b65d35
-
SHA1
264ad41abad04f7a4e2d4106a835df9c48d04a9e
-
SHA256
b2f48595ae38d3f3a3321078d96b2a752fa9cbcc12ff8e8fd516457e0d089ecb
-
SHA512
85fbe9084a4ecfbc129b0f643990cf462baee3ba096edbd86deddea4c57c348a7dc95d617c654650d44da4b759971f76876d6a3ab1bb935fcacdfb2c005285ac
Static task
static1
Behavioral task
behavioral1
Sample
b2f48595ae38d3f3a3321078d96b2a752fa9cbcc12ff8e8fd516457e0d089ecb.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
b2f48595ae38d3f3a3321078d96b2a752fa9cbcc12ff8e8fd516457e0d089ecb
-
Size
188KB
-
MD5
57813dca98f40a2c9a1efb9c87b65d35
-
SHA1
264ad41abad04f7a4e2d4106a835df9c48d04a9e
-
SHA256
b2f48595ae38d3f3a3321078d96b2a752fa9cbcc12ff8e8fd516457e0d089ecb
-
SHA512
85fbe9084a4ecfbc129b0f643990cf462baee3ba096edbd86deddea4c57c348a7dc95d617c654650d44da4b759971f76876d6a3ab1bb935fcacdfb2c005285ac
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-