General
-
Target
1258a7005a89dcd206a1c34165d086e51b5c4d6b58dfd797be8633200e42a1c8
-
Size
785KB
-
Sample
210405-wy8npa3nkn
-
MD5
4b1d17defa1eecb27c3d0e667189ce8b
-
SHA1
11c504ef049fcc8e0a154f849fd29a050d7f5b51
-
SHA256
1258a7005a89dcd206a1c34165d086e51b5c4d6b58dfd797be8633200e42a1c8
-
SHA512
2b856135c134b9087f0d92b56f94531ff034cb686484448dc807d1587deb4ce894a9d5a0f66ee07fb85cd8ec8f843599b633f6b4ce6e00aab59002682727660e
Static task
static1
Malware Config
Extracted
dridex
10444
209.20.87.138:443
198.1.115.153:8172
151.236.29.248:6516
Targets
-
-
Target
1258a7005a89dcd206a1c34165d086e51b5c4d6b58dfd797be8633200e42a1c8
-
Size
785KB
-
MD5
4b1d17defa1eecb27c3d0e667189ce8b
-
SHA1
11c504ef049fcc8e0a154f849fd29a050d7f5b51
-
SHA256
1258a7005a89dcd206a1c34165d086e51b5c4d6b58dfd797be8633200e42a1c8
-
SHA512
2b856135c134b9087f0d92b56f94531ff034cb686484448dc807d1587deb4ce894a9d5a0f66ee07fb85cd8ec8f843599b633f6b4ce6e00aab59002682727660e
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-