General
-
Target
dridex.xls
-
Size
305KB
-
Sample
230117-jy71wscf83
-
MD5
7ed094dda30751c3d59ac259b8d7d279
-
SHA1
bb455aea06905ff7465af9979662f14b186b1bdd
-
SHA256
59c8d87a450f0647bea930eba1aa692b75d82def1358f1601c4fe9a561b4707e
-
SHA512
15bc9ef22f5faddadfd627ceb6ed35d66fb35c012daf1ba348c6764056299785c2eacea191fbafecb825339d5766b75541ce8a179c1d45722c3771375fe87537
-
SSDEEP
6144:EcX97MFRbJQjuqbwNQrPKpQJaYBCn2JFKAveG2N9F15pRBbLTDE91lZJBx7rDz3N:3ARbOMNBQJVEn2WlaxiFY
Behavioral task
behavioral1
Sample
dridex.xlsb
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
dridex.xlsb
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
dridex.xls
-
Size
305KB
-
MD5
7ed094dda30751c3d59ac259b8d7d279
-
SHA1
bb455aea06905ff7465af9979662f14b186b1bdd
-
SHA256
59c8d87a450f0647bea930eba1aa692b75d82def1358f1601c4fe9a561b4707e
-
SHA512
15bc9ef22f5faddadfd627ceb6ed35d66fb35c012daf1ba348c6764056299785c2eacea191fbafecb825339d5766b75541ce8a179c1d45722c3771375fe87537
-
SSDEEP
6144:EcX97MFRbJQjuqbwNQrPKpQJaYBCn2JFKAveG2N9F15pRBbLTDE91lZJBx7rDz3N:3ARbOMNBQJVEn2WlaxiFY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-