General
-
Target
dridex.dll
-
Size
539KB
-
Sample
201119-l5k1j23zes
-
MD5
61954aadde68824dc4a7f709ef14c4d5
-
SHA1
9563a7393c02f5541c7b37af31304037a2c1fcb8
-
SHA256
2aed6c38a383b9c88add24ea8479d4ecabba5c7329046e2893ddb73947691174
-
SHA512
5d62cb2fa628c2f3ace929912aeb24e3260c5708bbbf79b5e3ba2df727a99283b440d90c15d80952cecd17bfc605a86c8c4dc3bb2fd4d0b248609472a40e1ce9
Static task
static1
Behavioral task
behavioral1
Sample
dridex.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
162.241.44.26:9443
192.232.229.53:4443
77.220.64.34:443
193.90.12.121:3098
Targets
-
-
Target
dridex.dll
-
Size
539KB
-
MD5
61954aadde68824dc4a7f709ef14c4d5
-
SHA1
9563a7393c02f5541c7b37af31304037a2c1fcb8
-
SHA256
2aed6c38a383b9c88add24ea8479d4ecabba5c7329046e2893ddb73947691174
-
SHA512
5d62cb2fa628c2f3ace929912aeb24e3260c5708bbbf79b5e3ba2df727a99283b440d90c15d80952cecd17bfc605a86c8c4dc3bb2fd4d0b248609472a40e1ce9
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-