General
-
Target
uxtvys[1].rar.zip
-
Size
322KB
-
Sample
201202-s1ej5972ks
-
MD5
a131061549175af6c20e599941fe9b98
-
SHA1
af98f71a3c343d5f9441d207db4626c7eb7edb71
-
SHA256
5908a1e548ba0c94e9bac5712a2abaa26b334455362bcc418a503747659afea0
-
SHA512
de2a94e8516e3da655c36c2533b142bc18382a0b712ec5efea6b1e6bc420db4a4c06b438c4cdf914aa7c2d27c13e2774291f6124d1f51a054ca03166f46b863a
Static task
static1
Behavioral task
behavioral1
Sample
uxtvys[1].rar.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
185.59.223.86:443
123.231.252.10:4646
85.25.109.116:3889
91.83.93.89:4643
Targets
-
-
Target
uxtvys[1].rar
-
Size
416KB
-
MD5
05ca49dc6fed945867b3f87e9f64d897
-
SHA1
6b809cf4d9646f5a577ca961671c07a3baa66a6e
-
SHA256
28f101dfd0c96b7f4a6c57fb712476a46e036c961b37167944adaa1f136ddf38
-
SHA512
6eee9c1fd299ccc5ca905ea8c3e759ca1a62bd6e800b80cfaf18473082ad130a8e0353005f7d57af5b34be7c37a5f2b21d47f82c75f4a443662a672b6134b316
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-