General
-
Target
a566aa2013c58fab547e4f5837291d4de97f8abf9edca713e5b6575d6fa2a8ab
-
Size
188KB
-
Sample
210303-tveyj21rdn
-
MD5
43c4a6a8310f6042ea7df4132c8e2218
-
SHA1
b762c48d2f2f7468498a1a9e53c8e63b908afe31
-
SHA256
a566aa2013c58fab547e4f5837291d4de97f8abf9edca713e5b6575d6fa2a8ab
-
SHA512
3fb36d79340d0b0b40c8588ee8daff7ec5e3ae1e0780d0f9ca49676cbd1236bc6ec10d9a44905133c1cc74e8e73ffc6a364987dff7b7324c6ec2fb3a837cc482
Static task
static1
Behavioral task
behavioral1
Sample
a566aa2013c58fab547e4f5837291d4de97f8abf9edca713e5b6575d6fa2a8ab.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
116.251.211.158:443
216.10.242.142:6601
37.247.35.137:6601
Targets
-
-
Target
a566aa2013c58fab547e4f5837291d4de97f8abf9edca713e5b6575d6fa2a8ab
-
Size
188KB
-
MD5
43c4a6a8310f6042ea7df4132c8e2218
-
SHA1
b762c48d2f2f7468498a1a9e53c8e63b908afe31
-
SHA256
a566aa2013c58fab547e4f5837291d4de97f8abf9edca713e5b6575d6fa2a8ab
-
SHA512
3fb36d79340d0b0b40c8588ee8daff7ec5e3ae1e0780d0f9ca49676cbd1236bc6ec10d9a44905133c1cc74e8e73ffc6a364987dff7b7324c6ec2fb3a837cc482
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-