General
-
Target
c2d2852e6521b53d220c38d2418fc982
-
Size
313KB
-
Sample
210721-ptfgan5y9e
-
MD5
c2d2852e6521b53d220c38d2418fc982
-
SHA1
4ea6c060741d7161cee11c3ccc085790c9378e6f
-
SHA256
278f1244b407f4cf155a7e63341681f7f5e61b003e1c2a3a70a9ccfd575006e0
-
SHA512
46c7c91d8a0e4579aa0d0e46a2f4a07d6a02e221947f1c4bbc8eb4b3aa0f4cc879870c26e171e8bfe34b612d19f7a7c583c3909d90fe8fc3496ec15fe8ac4b26
Static task
static1
Behavioral task
behavioral1
Sample
c2d2852e6521b53d220c38d2418fc982.xls
Resource
win7v20210410
Malware Config
Extracted
dridex
22201
178.238.236.59:443
104.245.52.73:5007
81.0.236.93:13786
Targets
-
-
Target
c2d2852e6521b53d220c38d2418fc982
-
Size
313KB
-
MD5
c2d2852e6521b53d220c38d2418fc982
-
SHA1
4ea6c060741d7161cee11c3ccc085790c9378e6f
-
SHA256
278f1244b407f4cf155a7e63341681f7f5e61b003e1c2a3a70a9ccfd575006e0
-
SHA512
46c7c91d8a0e4579aa0d0e46a2f4a07d6a02e221947f1c4bbc8eb4b3aa0f4cc879870c26e171e8bfe34b612d19f7a7c583c3909d90fe8fc3496ec15fe8ac4b26
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-