General
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.25421.28590
-
Size
750KB
-
Sample
211027-v7ydlahcfk
-
MD5
03340886367d0e5773f91a2577891fa8
-
SHA1
d306ea676672f812ecdbe30f886abe03a74187ef
-
SHA256
703f50877817d1faf7627d020abc804d1280996759c7da81dbbdcc37d736472e
-
SHA512
f3cb8db600317c005fed0f9c07c4148e1a8ede29bb4eb007c5e47cfc496fa00507eef1ffeeafa12e7e0ca1bfb368e9ebeca564f0e0836275e4ab8aa4431a49ec
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.25421.28590.dll
Resource
win7-en-20210920
Malware Config
Extracted
dridex
10555
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.25421.28590
-
Size
750KB
-
MD5
03340886367d0e5773f91a2577891fa8
-
SHA1
d306ea676672f812ecdbe30f886abe03a74187ef
-
SHA256
703f50877817d1faf7627d020abc804d1280996759c7da81dbbdcc37d736472e
-
SHA512
f3cb8db600317c005fed0f9c07c4148e1a8ede29bb4eb007c5e47cfc496fa00507eef1ffeeafa12e7e0ca1bfb368e9ebeca564f0e0836275e4ab8aa4431a49ec
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-