General
-
Target
3d67b0c7d220a241c6eb2ed5660ac458
-
Size
655KB
-
Sample
210721-6sbnq8hlyn
-
MD5
3d67b0c7d220a241c6eb2ed5660ac458
-
SHA1
fceed53a83a376274c92d26c870f7b4abd201f56
-
SHA256
4bf58623f91ff9a19c2893061a2a14660f61b2294f976a9d80ab6b3d023c9892
-
SHA512
b2bd38913d4c144cb6e01d6f5281d54fe864467a730839c063f54180be2bd86ea8541e5ca6b97ed3321e0caea711cec4883e56ca74bc9932d4a271866b833fe9
Static task
static1
Behavioral task
behavioral1
Sample
3d67b0c7d220a241c6eb2ed5660ac458.xls
Resource
win7v20210410
Malware Config
Extracted
dridex
22201
178.238.236.59:443
104.245.52.73:5007
81.0.236.93:13786
Targets
-
-
Target
3d67b0c7d220a241c6eb2ed5660ac458
-
Size
655KB
-
MD5
3d67b0c7d220a241c6eb2ed5660ac458
-
SHA1
fceed53a83a376274c92d26c870f7b4abd201f56
-
SHA256
4bf58623f91ff9a19c2893061a2a14660f61b2294f976a9d80ab6b3d023c9892
-
SHA512
b2bd38913d4c144cb6e01d6f5281d54fe864467a730839c063f54180be2bd86ea8541e5ca6b97ed3321e0caea711cec4883e56ca74bc9932d4a271866b833fe9
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-