General
-
Target
c4e1346297168742d8c6a925270a850318d314e27c266aa6fe0289e2d2767dc9
-
Size
188KB
-
Sample
210303-brwk64bgja
-
MD5
11547f6c61a67f95e7609da1e3ba0fe5
-
SHA1
415189923a70d976858287ee81e19bb135aea790
-
SHA256
c4e1346297168742d8c6a925270a850318d314e27c266aa6fe0289e2d2767dc9
-
SHA512
31745923c1253c69a1b0568a5d2025cd79393007ce4d95413609f1bb0d4e1c069a2b8ff9a3f2c3de3a5d5ad4e2b7592f38003e33842e7fc49c824621b6e4f6a5
Static task
static1
Behavioral task
behavioral1
Sample
c4e1346297168742d8c6a925270a850318d314e27c266aa6fe0289e2d2767dc9.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
c4e1346297168742d8c6a925270a850318d314e27c266aa6fe0289e2d2767dc9
-
Size
188KB
-
MD5
11547f6c61a67f95e7609da1e3ba0fe5
-
SHA1
415189923a70d976858287ee81e19bb135aea790
-
SHA256
c4e1346297168742d8c6a925270a850318d314e27c266aa6fe0289e2d2767dc9
-
SHA512
31745923c1253c69a1b0568a5d2025cd79393007ce4d95413609f1bb0d4e1c069a2b8ff9a3f2c3de3a5d5ad4e2b7592f38003e33842e7fc49c824621b6e4f6a5
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-