General
-
Target
igjkrk3rar.dll
-
Size
412KB
-
Sample
201208-b4vkjgve4a
-
MD5
a413b165cbd657e4126a58bd6b682679
-
SHA1
5a368528e181e52f431eb185d36522e9f6bb4d98
-
SHA256
62cfd2cdd48db44396cccb21e1001ce58edfccbb0a9a8cc6730fa5f50ad20f4d
-
SHA512
f2c235d60c2367a8b3470e034741b20f36bab233bfd2994408a84ca5f79478d32bbb6277158477035eb93127839a4985f92783e161923f44ff8f7efe03f91c79
Static task
static1
Behavioral task
behavioral1
Sample
igjkrk3rar.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10555
104.131.164.93:443
46.101.90.205:4643
27.254.174.84:4443
92.94.251.127:3786
Targets
-
-
Target
igjkrk3rar.dll
-
Size
412KB
-
MD5
a413b165cbd657e4126a58bd6b682679
-
SHA1
5a368528e181e52f431eb185d36522e9f6bb4d98
-
SHA256
62cfd2cdd48db44396cccb21e1001ce58edfccbb0a9a8cc6730fa5f50ad20f4d
-
SHA512
f2c235d60c2367a8b3470e034741b20f36bab233bfd2994408a84ca5f79478d32bbb6277158477035eb93127839a4985f92783e161923f44ff8f7efe03f91c79
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-