General
-
Target
SecuriteInfo.com.VB.Trojan.Valyria.5105.29893.19434
-
Size
334KB
-
Sample
210727-89yhy3p1ya
-
MD5
1f196d875fd7d89ac57831926bbb9563
-
SHA1
3ed1e676f334ab3f82d3a056dad079f85458bfb4
-
SHA256
081618f7d9c6c92271f8d6bc65c8e13f33dfe9e5022f06aaec95664ee31fead4
-
SHA512
299011aff7cf8e9d2c2b74f0ffa64ea733516fb22f4aeed0400c5e3da9f548199024ce7317d849c4af27c3c9de95bc947eaa3f3ffc0e211d94cf60ec4c71f7b2
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.VB.Trojan.Valyria.5105.29893.19434.xlsm
Resource
win7v20210410
Malware Config
Extracted
dridex
22201
45.79.33.48:443
139.162.202.74:5007
68.183.216.174:7443
Targets
-
-
Target
SecuriteInfo.com.VB.Trojan.Valyria.5105.29893.19434
-
Size
334KB
-
MD5
1f196d875fd7d89ac57831926bbb9563
-
SHA1
3ed1e676f334ab3f82d3a056dad079f85458bfb4
-
SHA256
081618f7d9c6c92271f8d6bc65c8e13f33dfe9e5022f06aaec95664ee31fead4
-
SHA512
299011aff7cf8e9d2c2b74f0ffa64ea733516fb22f4aeed0400c5e3da9f548199024ce7317d849c4af27c3c9de95bc947eaa3f3ffc0e211d94cf60ec4c71f7b2
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Loads dropped DLL
-