General
-
Target
c442fbaaeb3aff3f17f92735014a2dc39cc82b207c9b8e86e0e4056c95c7d73b
-
Size
639KB
-
Sample
210419-fzxkcpqmzn
-
MD5
fefec51d20621c5d9451e6c797c91506
-
SHA1
0e85f2d0c11f23f59db400fcfc0a6778013ac7e7
-
SHA256
c442fbaaeb3aff3f17f92735014a2dc39cc82b207c9b8e86e0e4056c95c7d73b
-
SHA512
def533042e10c2b54b01d4b7b468e664be7866c8258b2182ddb1b7b5f830366420eed953cfd062ed8833e786045a6cde7bd14776157f2f9d8ff4ad126325834c
Static task
static1
Behavioral task
behavioral1
Sample
c442fbaaeb3aff3f17f92735014a2dc39cc82b207c9b8e86e0e4056c95c7d73b.dll
Resource
win7v20210410
Malware Config
Extracted
dridex
10444
146.185.170.249:443
62.75.251.60:6601
185.148.168.25:2303
Targets
-
-
Target
c442fbaaeb3aff3f17f92735014a2dc39cc82b207c9b8e86e0e4056c95c7d73b
-
Size
639KB
-
MD5
fefec51d20621c5d9451e6c797c91506
-
SHA1
0e85f2d0c11f23f59db400fcfc0a6778013ac7e7
-
SHA256
c442fbaaeb3aff3f17f92735014a2dc39cc82b207c9b8e86e0e4056c95c7d73b
-
SHA512
def533042e10c2b54b01d4b7b468e664be7866c8258b2182ddb1b7b5f830366420eed953cfd062ed8833e786045a6cde7bd14776157f2f9d8ff4ad126325834c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-