General
-
Target
ojdtxpy.dll
-
Size
1.2MB
-
Sample
201109-jez7h793zn
-
MD5
9a821fc91c5053a2b52dbb0c16f89dc0
-
SHA1
d10adfc10ab68859e02d21a551d1f4ea6f0ff5c9
-
SHA256
d4621f06232d8942fbe8ec42a295028d89f277633354d900071f53179684f227
-
SHA512
db8ee3ac8168a7d83e93af78f81af97cdce9cfa52e6d4d1bf7027ee46ecf6e40e91982be4332167fd23d15ea937fe6b2c5c1c51e4d74c04e159c422b110219e3
Static task
static1
Behavioral task
behavioral1
Sample
ojdtxpy.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
94.126.8.2:443
37.187.161.206:33443
209.59.199.129:4443
157.245.130.146:3786
Targets
-
-
Target
ojdtxpy.dll
-
Size
1.2MB
-
MD5
9a821fc91c5053a2b52dbb0c16f89dc0
-
SHA1
d10adfc10ab68859e02d21a551d1f4ea6f0ff5c9
-
SHA256
d4621f06232d8942fbe8ec42a295028d89f277633354d900071f53179684f227
-
SHA512
db8ee3ac8168a7d83e93af78f81af97cdce9cfa52e6d4d1bf7027ee46ecf6e40e91982be4332167fd23d15ea937fe6b2c5c1c51e4d74c04e159c422b110219e3
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-