General
-
Target
79e5f3d4af791ef64386a5d1f325fd5d1a29f86bdd0936f7412202292a00d225
-
Size
639KB
-
Sample
210419-jwl2rl8bre
-
MD5
83075e8a8496c8f7b9efb267bbe11e8e
-
SHA1
7adca87c5fcc6998e23ed0ee0f2e11046af2e34c
-
SHA256
79e5f3d4af791ef64386a5d1f325fd5d1a29f86bdd0936f7412202292a00d225
-
SHA512
1c619b4339ad422e9ca220a7b49ee4e0dc30e377922927a768f62d1615c8e8960c6ad4819aea65ee5bf7d98962405682e405c9db0d7b69ac225ebe3ff8a68817
Static task
static1
Behavioral task
behavioral1
Sample
79e5f3d4af791ef64386a5d1f325fd5d1a29f86bdd0936f7412202292a00d225.dll
Resource
win7v20210408
Malware Config
Extracted
dridex
10444
146.185.170.249:443
62.75.251.60:6601
185.148.168.25:2303
Targets
-
-
Target
79e5f3d4af791ef64386a5d1f325fd5d1a29f86bdd0936f7412202292a00d225
-
Size
639KB
-
MD5
83075e8a8496c8f7b9efb267bbe11e8e
-
SHA1
7adca87c5fcc6998e23ed0ee0f2e11046af2e34c
-
SHA256
79e5f3d4af791ef64386a5d1f325fd5d1a29f86bdd0936f7412202292a00d225
-
SHA512
1c619b4339ad422e9ca220a7b49ee4e0dc30e377922927a768f62d1615c8e8960c6ad4819aea65ee5bf7d98962405682e405c9db0d7b69ac225ebe3ff8a68817
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-