General
-
Target
dd546aeee1cf6cc361af3ff6e5168fe8ec5340ce4c649535b304ed68e0390dc2
-
Size
168KB
-
Sample
210306-vdxljn7yg6
-
MD5
2f2ccbd57ed187247b2f9bf3402cb695
-
SHA1
ba6c765f5db3475914856a9b04f888582a80e7c0
-
SHA256
dd546aeee1cf6cc361af3ff6e5168fe8ec5340ce4c649535b304ed68e0390dc2
-
SHA512
8c87c5aa7a89c4f90fdaba01d3f9c65fe1507752f6fdf9372a9ba859f69c812d6ecbe4b4dfcc8375669e5a147a4fc8f2a61bc3c06063a73c2a5238f79f53e958
Static task
static1
Malware Config
Extracted
dridex
111
173.203.78.138:443
217.160.107.189:6601
77.220.64.150:5037
Targets
-
-
Target
dd546aeee1cf6cc361af3ff6e5168fe8ec5340ce4c649535b304ed68e0390dc2
-
Size
168KB
-
MD5
2f2ccbd57ed187247b2f9bf3402cb695
-
SHA1
ba6c765f5db3475914856a9b04f888582a80e7c0
-
SHA256
dd546aeee1cf6cc361af3ff6e5168fe8ec5340ce4c649535b304ed68e0390dc2
-
SHA512
8c87c5aa7a89c4f90fdaba01d3f9c65fe1507752f6fdf9372a9ba859f69c812d6ecbe4b4dfcc8375669e5a147a4fc8f2a61bc3c06063a73c2a5238f79f53e958
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-