General
-
Target
9b097c813c08b96804356df0ea1f624a4f4a18573ba8dd92b45a1682336ea4ea
-
Size
188KB
-
Sample
210303-pzgcaz8qws
-
MD5
d2d09254b1bf695bffc415a0b00f61d2
-
SHA1
65e932c25ae75e704c76a7161bd051e7b02a9be5
-
SHA256
9b097c813c08b96804356df0ea1f624a4f4a18573ba8dd92b45a1682336ea4ea
-
SHA512
cbdbaae7e7e9afb777104873e3719b9c9ff6d1776e940f4b5aabc3b16f62939fb552f0af2e6dea13380b9749612e85f1642179baa87cbb745b296ea70c8d1c40
Static task
static1
Behavioral task
behavioral1
Sample
9b097c813c08b96804356df0ea1f624a4f4a18573ba8dd92b45a1682336ea4ea.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
9b097c813c08b96804356df0ea1f624a4f4a18573ba8dd92b45a1682336ea4ea
-
Size
188KB
-
MD5
d2d09254b1bf695bffc415a0b00f61d2
-
SHA1
65e932c25ae75e704c76a7161bd051e7b02a9be5
-
SHA256
9b097c813c08b96804356df0ea1f624a4f4a18573ba8dd92b45a1682336ea4ea
-
SHA512
cbdbaae7e7e9afb777104873e3719b9c9ff6d1776e940f4b5aabc3b16f62939fb552f0af2e6dea13380b9749612e85f1642179baa87cbb745b296ea70c8d1c40
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-