General
-
Target
da4018445ea4fca2c635f667a15941518dca43d1215dba425aec332a15b53325
-
Size
188KB
-
Sample
210303-etadl4ymxj
-
MD5
28aaeb63ac4c5a82d68c153ad60d95bf
-
SHA1
b5b8ec5e053a9cd75c00a0f97e3925ece881a5ca
-
SHA256
da4018445ea4fca2c635f667a15941518dca43d1215dba425aec332a15b53325
-
SHA512
45789b890deef9e0d1505c4c1760f35e590d0c8ab363014e21512b8c8f3fafd00adbcbb1a5f558b7f7b87df93f0e862e13b4cc7a4c21a96580438897c328d5d5
Static task
static1
Behavioral task
behavioral1
Sample
da4018445ea4fca2c635f667a15941518dca43d1215dba425aec332a15b53325.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
da4018445ea4fca2c635f667a15941518dca43d1215dba425aec332a15b53325
-
Size
188KB
-
MD5
28aaeb63ac4c5a82d68c153ad60d95bf
-
SHA1
b5b8ec5e053a9cd75c00a0f97e3925ece881a5ca
-
SHA256
da4018445ea4fca2c635f667a15941518dca43d1215dba425aec332a15b53325
-
SHA512
45789b890deef9e0d1505c4c1760f35e590d0c8ab363014e21512b8c8f3fafd00adbcbb1a5f558b7f7b87df93f0e862e13b4cc7a4c21a96580438897c328d5d5
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-