General
-
Target
xs05ehhb9.tar
-
Size
504KB
-
Sample
220519-cxlmyaaad5
-
MD5
d47db68452d9fbd3e11f93f10355243e
-
SHA1
3f3268520315502224b9e09f47a65b7fecb8c8b8
-
SHA256
b03b501c074694ee05545263c92c18aba7f75b2a51221ff6fda744a73cf2af84
-
SHA512
7e0b44af8e01e5353ce0b714675bb1df22f1fd91bac4dc59a0485adae264720343c2490eb85a1ef5a8f6ba03b8b797b3641cfaa3bc512fa82ad74c3a9a1cb24c
Static task
static1
Behavioral task
behavioral1
Sample
xs05ehhb9.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
210.65.244.166:443
178.33.183.53:7443
157.7.139.198:6601
Targets
-
-
Target
xs05ehhb9.tar
-
Size
504KB
-
MD5
d47db68452d9fbd3e11f93f10355243e
-
SHA1
3f3268520315502224b9e09f47a65b7fecb8c8b8
-
SHA256
b03b501c074694ee05545263c92c18aba7f75b2a51221ff6fda744a73cf2af84
-
SHA512
7e0b44af8e01e5353ce0b714675bb1df22f1fd91bac4dc59a0485adae264720343c2490eb85a1ef5a8f6ba03b8b797b3641cfaa3bc512fa82ad74c3a9a1cb24c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-