General
-
Target
Fhdtme10.bin
-
Size
590KB
-
Sample
201120-zsfp2tbnde
-
MD5
429d63af6c900c0c2f7c2b82dec86a7e
-
SHA1
6f3c788b9223c6d99d34235c86bcc00056a2c73f
-
SHA256
b6c782d71a48aaf6b23d0c9f2f6490c008d8f3f87d43b3c1a6f18343ddc63874
-
SHA512
0f1cc54093f788e6549cc0149f2d0d3c52e82b76222a4563c995c3bc8c207f4a2583f585b4f0ae522c85a5994a9953238c094e589cfcab3f4688ac9dd244ff4c
Behavioral task
behavioral1
Sample
Fhdtme10.bin.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
162.241.44.26:9443
192.232.229.53:4443
77.220.64.34:443
193.90.12.121:3098
Targets
-
-
Target
Fhdtme10.bin
-
Size
590KB
-
MD5
429d63af6c900c0c2f7c2b82dec86a7e
-
SHA1
6f3c788b9223c6d99d34235c86bcc00056a2c73f
-
SHA256
b6c782d71a48aaf6b23d0c9f2f6490c008d8f3f87d43b3c1a6f18343ddc63874
-
SHA512
0f1cc54093f788e6549cc0149f2d0d3c52e82b76222a4563c995c3bc8c207f4a2583f585b4f0ae522c85a5994a9953238c094e589cfcab3f4688ac9dd244ff4c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-