General
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.26108.8141
-
Size
750KB
-
Sample
211027-vsktysfgf8
-
MD5
ac9aa8c47aae4daefa00bad3f81c9c70
-
SHA1
8a5573934c7ac5d85e9a02afd8bb97def3be928f
-
SHA256
5914e81e9de2cd35b8472ceab7345c56c8b2a307a8e2b71a5e71acfd06eb3705
-
SHA512
8572ed4815c2422d21e1cd5d27a8b2136c391fe339710dd0b75758dc76de0b33a3c0b5d514bcd68f8edea083480d45726d8eb5928ca122dc9c59b9c48340ca9f
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.26108.8141.dll
Resource
win7-en-20210920
Malware Config
Extracted
dridex
10555
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
SecuriteInfo.com.Trojan.Win32.Sabsik.FL.Bml.26108.8141
-
Size
750KB
-
MD5
ac9aa8c47aae4daefa00bad3f81c9c70
-
SHA1
8a5573934c7ac5d85e9a02afd8bb97def3be928f
-
SHA256
5914e81e9de2cd35b8472ceab7345c56c8b2a307a8e2b71a5e71acfd06eb3705
-
SHA512
8572ed4815c2422d21e1cd5d27a8b2136c391fe339710dd0b75758dc76de0b33a3c0b5d514bcd68f8edea083480d45726d8eb5928ca122dc9c59b9c48340ca9f
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-