General
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.10600.6016
-
Size
750KB
-
Sample
211027-v7vbyahcer
-
MD5
53183e60ca148944faddcbda7efa2cde
-
SHA1
87bc5945e97e5e511bf789e98c56db003ef806de
-
SHA256
929393857e856711b2e77876162c826d99f717f7e2d3fc64a5c6e56549585fff
-
SHA512
4c20c523894c95844eab0440e0ef743a47a1aae2ee18cecaefcac8728a08d48730af6ba99657b03b082337bf2453599e76eb38647f841e6b63ad73c09dade47c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.10600.6016.dll
Resource
win7-en-20210920
Malware Config
Extracted
dridex
10555
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.10600.6016
-
Size
750KB
-
MD5
53183e60ca148944faddcbda7efa2cde
-
SHA1
87bc5945e97e5e511bf789e98c56db003ef806de
-
SHA256
929393857e856711b2e77876162c826d99f717f7e2d3fc64a5c6e56549585fff
-
SHA512
4c20c523894c95844eab0440e0ef743a47a1aae2ee18cecaefcac8728a08d48730af6ba99657b03b082337bf2453599e76eb38647f841e6b63ad73c09dade47c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-