General
-
Target
4e8dff1283b2a4b1def208ba37e7cd1ff2b9392dc267eac8ae99e5277a9c73a2
-
Size
188KB
-
Sample
210303-gwcdwdzbyj
-
MD5
9a9fa28e95c756676c167a9003b7c83c
-
SHA1
d2d965c096c5644ac7e5f3d0f1b5a03f69e3b7c6
-
SHA256
4e8dff1283b2a4b1def208ba37e7cd1ff2b9392dc267eac8ae99e5277a9c73a2
-
SHA512
bde0c8b9df4aea86e58c9bc950963386826fd5b0329ab04e75a02b3b31e524a1d115600175adf3cdcf86c05691b2dfccec5faa3c8c6858c81db1e3bc001786e1
Static task
static1
Behavioral task
behavioral1
Sample
4e8dff1283b2a4b1def208ba37e7cd1ff2b9392dc267eac8ae99e5277a9c73a2.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
4e8dff1283b2a4b1def208ba37e7cd1ff2b9392dc267eac8ae99e5277a9c73a2
-
Size
188KB
-
MD5
9a9fa28e95c756676c167a9003b7c83c
-
SHA1
d2d965c096c5644ac7e5f3d0f1b5a03f69e3b7c6
-
SHA256
4e8dff1283b2a4b1def208ba37e7cd1ff2b9392dc267eac8ae99e5277a9c73a2
-
SHA512
bde0c8b9df4aea86e58c9bc950963386826fd5b0329ab04e75a02b3b31e524a1d115600175adf3cdcf86c05691b2dfccec5faa3c8c6858c81db1e3bc001786e1
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-