General
-
Target
ny2tqvzip.dll
-
Size
412KB
-
Sample
201208-9g2xjfx8se
-
MD5
e231230db7f22a3977bbfa422d84724d
-
SHA1
72788c18e5677d4f6980bdc85da0b143b7068ef3
-
SHA256
0e05563f14300ca66f0bc35532feb92e6e0023e8bb124de7975cc1a5de97d714
-
SHA512
cd5b2f9d0d3b18ac123532d240d5b1811d66c39d127de6bd7738ce39223a2fc81a34cab1c20e1dcd781e443aa26f4a050a36bc74b8c6aea87b2e626a598df455
Static task
static1
Behavioral task
behavioral1
Sample
ny2tqvzip.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
104.131.164.93:443
46.101.90.205:4643
27.254.174.84:4443
92.94.251.127:3786
Targets
-
-
Target
ny2tqvzip.dll
-
Size
412KB
-
MD5
e231230db7f22a3977bbfa422d84724d
-
SHA1
72788c18e5677d4f6980bdc85da0b143b7068ef3
-
SHA256
0e05563f14300ca66f0bc35532feb92e6e0023e8bb124de7975cc1a5de97d714
-
SHA512
cd5b2f9d0d3b18ac123532d240d5b1811d66c39d127de6bd7738ce39223a2fc81a34cab1c20e1dcd781e443aa26f4a050a36bc74b8c6aea87b2e626a598df455
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-