General
-
Target
0340ceae3de84b3968aee6c555fda030
-
Size
315KB
-
Sample
210721-6cd35kq542
-
MD5
0340ceae3de84b3968aee6c555fda030
-
SHA1
4949b8bcd99410bd26c3a2daef7284c39491fe66
-
SHA256
9f1ca49e69173b3b5df37bbb48f17ce6ad857f4acbb0261f3306c9b1d2232d19
-
SHA512
4d88991ec16e3189338e54a036ec2414578de709923b3f2eb9d1e8cb2f707dced87ffc71aaaca4ca103e5c84b1db2a72fac0dd3659e0f49c2432c87f3ddd53a7
Static task
static1
Behavioral task
behavioral1
Sample
0340ceae3de84b3968aee6c555fda030.xls
Resource
win7v20210408
Malware Config
Extracted
dridex
22201
178.238.236.59:443
104.245.52.73:5007
81.0.236.93:13786
Targets
-
-
Target
0340ceae3de84b3968aee6c555fda030
-
Size
315KB
-
MD5
0340ceae3de84b3968aee6c555fda030
-
SHA1
4949b8bcd99410bd26c3a2daef7284c39491fe66
-
SHA256
9f1ca49e69173b3b5df37bbb48f17ce6ad857f4acbb0261f3306c9b1d2232d19
-
SHA512
4d88991ec16e3189338e54a036ec2414578de709923b3f2eb9d1e8cb2f707dced87ffc71aaaca4ca103e5c84b1db2a72fac0dd3659e0f49c2432c87f3ddd53a7
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-