General
-
Target
mdhnt.dll
-
Size
539KB
-
Sample
201118-8xqzwd9792
-
MD5
fc8998b5afaa9a1d1c6f1eaf8641a967
-
SHA1
db53da2690b86741ddd7837a974bd31cb063270e
-
SHA256
d49f5b9b3da2c5ae18f28c40d008544337ba6e5febd76a8c88619079d0c262ca
-
SHA512
89e3d4e2ba2054d737b118d4ad7772afeb26a407b5ec010a1cf1429e162a11eccfd8e6f2289c6efa9920932d49dee14f099966175138b3623b29e073bdb07081
Behavioral task
behavioral1
Sample
mdhnt.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
162.241.44.26:9443
192.232.229.53:4443
77.220.64.34:443
193.90.12.121:3098
Targets
-
-
Target
mdhnt.dll
-
Size
539KB
-
MD5
fc8998b5afaa9a1d1c6f1eaf8641a967
-
SHA1
db53da2690b86741ddd7837a974bd31cb063270e
-
SHA256
d49f5b9b3da2c5ae18f28c40d008544337ba6e5febd76a8c88619079d0c262ca
-
SHA512
89e3d4e2ba2054d737b118d4ad7772afeb26a407b5ec010a1cf1429e162a11eccfd8e6f2289c6efa9920932d49dee14f099966175138b3623b29e073bdb07081
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-