General
-
Target
export of check 684585.xlsm
-
Size
330KB
-
Sample
210510-4dq8e23mm6
-
MD5
a0d01b4d7080dda1f11f0b41fad496b6
-
SHA1
eec9d62044e4bd3eac8bcc89583dda8263138fd4
-
SHA256
949fbda8d8c0ef40097fd53c9960ffebfa1e3c6f570ac7b01d076d50fba4bbcc
-
SHA512
57ff6df1299f8e45c6c05cdba763ae54bb9dd296e5e261cde615646012ced5de9ea642b770fd7ba44aa80a903a7025dca77c44620bee63d740933ad16e413835
Static task
static1
Behavioral task
behavioral1
Sample
export of check 684585.xlsm
Resource
win7v20210408
Malware Config
Extracted
dridex
22202
203.114.109.124:443
82.165.145.100:6601
94.177.255.18:8172
Targets
-
-
Target
export of check 684585.xlsm
-
Size
330KB
-
MD5
a0d01b4d7080dda1f11f0b41fad496b6
-
SHA1
eec9d62044e4bd3eac8bcc89583dda8263138fd4
-
SHA256
949fbda8d8c0ef40097fd53c9960ffebfa1e3c6f570ac7b01d076d50fba4bbcc
-
SHA512
57ff6df1299f8e45c6c05cdba763ae54bb9dd296e5e261cde615646012ced5de9ea642b770fd7ba44aa80a903a7025dca77c44620bee63d740933ad16e413835
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Downloads MZ/PE file
-
Loads dropped DLL
-