General
-
Target
8230fa8e285de94d91f14bd97c437262fea073866329c6324b29de276c040e8d
-
Size
196KB
-
Sample
210305-greyk9ldfx
-
MD5
0e2d51ae06f990cb927e7fa8bfb2e3f3
-
SHA1
fcb4c03c752d778ac1e09f6a1f55cc92a3d632a8
-
SHA256
8230fa8e285de94d91f14bd97c437262fea073866329c6324b29de276c040e8d
-
SHA512
f5c4ecc80211a402144222c7d582dd81dffd724478e6155019a3d03fbef7fc2c0bc266f059a6cbb8ad68ca56f4e46ead05e62b465169d2d07ccb8a52756d7a6b
Static task
static1
Behavioral task
behavioral1
Sample
8230fa8e285de94d91f14bd97c437262fea073866329c6324b29de276c040e8d.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
37.247.35.132:443
50.243.30.51:6601
162.241.204.234:6516
Targets
-
-
Target
8230fa8e285de94d91f14bd97c437262fea073866329c6324b29de276c040e8d
-
Size
196KB
-
MD5
0e2d51ae06f990cb927e7fa8bfb2e3f3
-
SHA1
fcb4c03c752d778ac1e09f6a1f55cc92a3d632a8
-
SHA256
8230fa8e285de94d91f14bd97c437262fea073866329c6324b29de276c040e8d
-
SHA512
f5c4ecc80211a402144222c7d582dd81dffd724478e6155019a3d03fbef7fc2c0bc266f059a6cbb8ad68ca56f4e46ead05e62b465169d2d07ccb8a52756d7a6b
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-