General
-
Target
d5291abf95712fc557498d75bdbdaca52a776598803735312d370f1f35a607bb
-
Size
188KB
-
Sample
210303-fkqryxsbmx
-
MD5
5de079439c55d3b349e8dbe1e98ed92f
-
SHA1
6907ab4adec4aaf2b83f5ef420145b59d5003a5d
-
SHA256
d5291abf95712fc557498d75bdbdaca52a776598803735312d370f1f35a607bb
-
SHA512
df731b5ebdb108db2998b74528ff21edceea566dc30422f12dc2360ecaec301e80836780b0f8bde0b0063e2adf6aab245e0338287c0db3cff90b10e061120e9a
Static task
static1
Behavioral task
behavioral1
Sample
d5291abf95712fc557498d75bdbdaca52a776598803735312d370f1f35a607bb.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
d5291abf95712fc557498d75bdbdaca52a776598803735312d370f1f35a607bb
-
Size
188KB
-
MD5
5de079439c55d3b349e8dbe1e98ed92f
-
SHA1
6907ab4adec4aaf2b83f5ef420145b59d5003a5d
-
SHA256
d5291abf95712fc557498d75bdbdaca52a776598803735312d370f1f35a607bb
-
SHA512
df731b5ebdb108db2998b74528ff21edceea566dc30422f12dc2360ecaec301e80836780b0f8bde0b0063e2adf6aab245e0338287c0db3cff90b10e061120e9a
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-