General
-
Target
ef2f56a3315360c36595dde8c121e8c3fbcdab622c9015a14499b2dc1ac7883f
-
Size
196KB
-
Sample
210304-23wpetlk2a
-
MD5
f6d71e20487a04c6acf29f3545d961f7
-
SHA1
78887a52413e5922015d8557352df5a8117d8f3e
-
SHA256
ef2f56a3315360c36595dde8c121e8c3fbcdab622c9015a14499b2dc1ac7883f
-
SHA512
30845888fd6ff7d713ca70b134d0289546e4d4c639eab10d05e45d99a292ac58c91f8c6bffd7c3468fcd5ce8138250062388aad0a0b8ae52565833b54f67ffb6
Static task
static1
Behavioral task
behavioral1
Sample
ef2f56a3315360c36595dde8c121e8c3fbcdab622c9015a14499b2dc1ac7883f.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
37.247.35.132:443
50.243.30.51:6601
162.241.204.234:6516
Targets
-
-
Target
ef2f56a3315360c36595dde8c121e8c3fbcdab622c9015a14499b2dc1ac7883f
-
Size
196KB
-
MD5
f6d71e20487a04c6acf29f3545d961f7
-
SHA1
78887a52413e5922015d8557352df5a8117d8f3e
-
SHA256
ef2f56a3315360c36595dde8c121e8c3fbcdab622c9015a14499b2dc1ac7883f
-
SHA512
30845888fd6ff7d713ca70b134d0289546e4d4c639eab10d05e45d99a292ac58c91f8c6bffd7c3468fcd5ce8138250062388aad0a0b8ae52565833b54f67ffb6
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-