General
-
Target
0dd2c975f061212d8c7a143e0bcfd7b0cd1cb34c7be8640676ae0cc7fd768cbd
-
Size
196KB
-
Sample
210403-cyp7mm368e
-
MD5
876df732028658b5adcbade4543bd994
-
SHA1
b030fbc4b6ede0471e1ec27a086cf7edd0a379a6
-
SHA256
0dd2c975f061212d8c7a143e0bcfd7b0cd1cb34c7be8640676ae0cc7fd768cbd
-
SHA512
a4405d3c18b8607e4b60cd6c1d245ff30e7e26e96147fdc8c2967faf7dc9ae03693f595f043f484ffce137994a6a96794ae98c773b5d6860f10ca0e8f58e8b77
Static task
static1
Behavioral task
behavioral1
Sample
0dd2c975f061212d8c7a143e0bcfd7b0cd1cb34c7be8640676ae0cc7fd768cbd.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
37.247.35.132:443
50.243.30.51:6601
162.241.204.234:6516
Targets
-
-
Target
0dd2c975f061212d8c7a143e0bcfd7b0cd1cb34c7be8640676ae0cc7fd768cbd
-
Size
196KB
-
MD5
876df732028658b5adcbade4543bd994
-
SHA1
b030fbc4b6ede0471e1ec27a086cf7edd0a379a6
-
SHA256
0dd2c975f061212d8c7a143e0bcfd7b0cd1cb34c7be8640676ae0cc7fd768cbd
-
SHA512
a4405d3c18b8607e4b60cd6c1d245ff30e7e26e96147fdc8c2967faf7dc9ae03693f595f043f484ffce137994a6a96794ae98c773b5d6860f10ca0e8f58e8b77
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-