AddLookaside
CloseAppExecutionAlias
CreateAppExecutionAlias
CreateDesktopAppXActivationInfo
FreeAppExecutionAliasInfo
OpenAppExecutionAlias
RemoveLookaside
General
-
Target
74510000.qInconsistentFormula.dll
-
Size
117KB
-
MD5
d6eb22ed48708bbacbbf1a479024c4e8
-
SHA1
bd63c1735c2382a342320adde50f39f38a94dca7
-
SHA256
34614187ce317f6d035d659e9d0d1c103942dc668262e590a0ee695840a1d1ff
-
SHA512
1fc421a03c07be168dc0e0d6519775a4363898dfcfc1debb793db20647dd8bea13dda4bfc270568140ad78a736cfbf3fb0d886d9f9f95fa4615a9947ea3afd30
Score
10/10
Malware Config
Extracted
Family
dridex
Botnet
22202
C2
45.79.33.48:443
139.162.202.74:5007
68.183.216.174:7443
rc4.plain
rc4.plain
Signatures
-
Dridex Loader 1 IoCs
Detects Dridex both x86 and x64 loader in memory.
-
Dridex family
Files
-
74510000.qInconsistentFormula.dll
Exports