General
-
Target
unzn3pblrpdf
-
Size
599KB
-
Sample
201116-zqkrazxfh2
-
MD5
056b77549421d66b289f6cfed2d26561
-
SHA1
c0aa8602241f36bb466dae0bb0cd191e905e7e7e
-
SHA256
881c022032c6fb9bedfae76dd6c93863b2b7f48e282e0dbcbdcf702a6958ced2
-
SHA512
09fa02ad375bd108a05124cb8c8a50e9a3b877b3033c15f6c222d569166119fb583135b471a53d72108944e5e4f55a23e40cbb624272286880da9cf95a206419
Behavioral task
behavioral1
Sample
unzn3pblrpdf.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.53:443
172.96.190.154:4664
209.126.111.137:33443
167.99.158.82:33443
Targets
-
-
Target
unzn3pblrpdf
-
Size
599KB
-
MD5
056b77549421d66b289f6cfed2d26561
-
SHA1
c0aa8602241f36bb466dae0bb0cd191e905e7e7e
-
SHA256
881c022032c6fb9bedfae76dd6c93863b2b7f48e282e0dbcbdcf702a6958ced2
-
SHA512
09fa02ad375bd108a05124cb8c8a50e9a3b877b3033c15f6c222d569166119fb583135b471a53d72108944e5e4f55a23e40cbb624272286880da9cf95a206419
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-