General
-
Target
486595b3d4455bcc21a1a2192720f7cf122ecbc875d14fe73d070698ad52e89c
-
Size
470KB
-
Sample
220714-dpqglabaem
-
MD5
0cd6d104607ad5536914a88f1ca0ffbd
-
SHA1
352de3e3268f58ba2413bb70a837494ab3e645e9
-
SHA256
486595b3d4455bcc21a1a2192720f7cf122ecbc875d14fe73d070698ad52e89c
-
SHA512
8eb0614c7f77e83189f28e559bed747237de42b8073cfdd11e69eb58ced39553ef20489e98b45f93d6797db78b4ef4efd08dd56abf2bc268326e2a17cf0b43fd
Static task
static1
Behavioral task
behavioral1
Sample
ORC_632344671694231.vbs
Resource
win7-20220414-en
Malware Config
Extracted
dridex
162.213.37.188:443
178.128.20.11:3389
128.199.136.72:691
87.118.70.66:8443
Targets
-
-
Target
ORC_632344671694231.vbs
-
Size
3.6MB
-
MD5
b99d97ba3b2a9b7870cce7b44c417fe3
-
SHA1
5f60479c72aac2800ec0f795a3c0df39b25fc8bf
-
SHA256
d9f78770a3888d3e00bf9bbb38220a9efbf07f340e864f595b59f58467eba764
-
SHA512
f595cbad293453a093632665e189aab4d022ba3131390e2f8557f80b92c38cddf07fdaac6b584ad0f3b870c80eadcda0459c232763f77b154260a62cb2e2fe4b
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-