General
-
Target
q7ad0mzkgif
-
Size
532KB
-
Sample
201111-3lyrdmk9dj
-
MD5
c151c22bf1425d8adfa4313ee1f2387c
-
SHA1
a18a5feb2495d5daeae01be7ae4a0ae58b233278
-
SHA256
b7416f6229dae7bc167f6f18c25b993c7c11a88a139a77178102bd7ca84c469c
-
SHA512
9748d5c307facc0a819816ec00fb60c975cbdaa534df5ab6871396f25a258930f45aaeac7d17e8d2e20012ac29cf678510c601914e11b4c965380154d668e170
Static task
static1
Behavioral task
behavioral1
Sample
q7ad0mzkgif.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.39:443
69.164.207.140:3388
78.47.139.43:4443
103.244.206.74:33443
Targets
-
-
Target
q7ad0mzkgif
-
Size
532KB
-
MD5
c151c22bf1425d8adfa4313ee1f2387c
-
SHA1
a18a5feb2495d5daeae01be7ae4a0ae58b233278
-
SHA256
b7416f6229dae7bc167f6f18c25b993c7c11a88a139a77178102bd7ca84c469c
-
SHA512
9748d5c307facc0a819816ec00fb60c975cbdaa534df5ab6871396f25a258930f45aaeac7d17e8d2e20012ac29cf678510c601914e11b4c965380154d668e170
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-