General
-
Target
9f9c35a30d49512e28ebea4e881d7978eba13fc582e405cdd62b9590c4a5b34c
-
Size
188KB
-
Sample
210303-eps2v3pljs
-
MD5
071c14886de1e91a5b1f09160524474b
-
SHA1
2cb29b4c21215d23e69da7a6e0cf64aa2416a2f5
-
SHA256
9f9c35a30d49512e28ebea4e881d7978eba13fc582e405cdd62b9590c4a5b34c
-
SHA512
5e4ed026cc8166df9d0fe46018c7bbdc7053dad8c71cd3a1ce3f6ba646245064f96263360fcb18398f81be1e8da2e49d15eaddc2f29acb730aaa1dbe4096de91
Static task
static1
Behavioral task
behavioral1
Sample
9f9c35a30d49512e28ebea4e881d7978eba13fc582e405cdd62b9590c4a5b34c.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
9f9c35a30d49512e28ebea4e881d7978eba13fc582e405cdd62b9590c4a5b34c
-
Size
188KB
-
MD5
071c14886de1e91a5b1f09160524474b
-
SHA1
2cb29b4c21215d23e69da7a6e0cf64aa2416a2f5
-
SHA256
9f9c35a30d49512e28ebea4e881d7978eba13fc582e405cdd62b9590c4a5b34c
-
SHA512
5e4ed026cc8166df9d0fe46018c7bbdc7053dad8c71cd3a1ce3f6ba646245064f96263360fcb18398f81be1e8da2e49d15eaddc2f29acb730aaa1dbe4096de91
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-