General
-
Target
bqn9nrj.png.dll
-
Size
1.2MB
-
Sample
201109-pvenen4e62
-
MD5
2e94ba2da1286e2b93005d46ee5fb6d7
-
SHA1
8710ce4951df08ab490669229a1b0416494fe147
-
SHA256
45b2e2756067823fa368a662b7b8fad6e5b99a558ce1694a534bd38e1ef4287d
-
SHA512
b081e3748fb92d1905ec4baf8b01b5d0841780a9afe6ba7d64e0bf2ae88049ef877a478f423b9ec828c71f66fb0e1ed2901644db7ac3480246145411a02328ed
Static task
static1
Behavioral task
behavioral1
Sample
bqn9nrj.png.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
94.126.8.2:443
37.187.161.206:33443
209.59.199.129:4443
157.245.130.146:3786
Targets
-
-
Target
bqn9nrj.png.dll
-
Size
1.2MB
-
MD5
2e94ba2da1286e2b93005d46ee5fb6d7
-
SHA1
8710ce4951df08ab490669229a1b0416494fe147
-
SHA256
45b2e2756067823fa368a662b7b8fad6e5b99a558ce1694a534bd38e1ef4287d
-
SHA512
b081e3748fb92d1905ec4baf8b01b5d0841780a9afe6ba7d64e0bf2ae88049ef877a478f423b9ec828c71f66fb0e1ed2901644db7ac3480246145411a02328ed
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-