General
-
Target
ymuyks.rar
-
Size
311KB
-
Sample
210113-5ywd7p2aqs
-
MD5
3932842c83bdae09d7beb3525d0bbd50
-
SHA1
4820ed71a8f66aaa01ef08c742258389a6c4f895
-
SHA256
57bfee1e4e0ab516bba59255c176e9d9f39de17458833b6c05f43b46c404175b
-
SHA512
1d3c8214d65c0206dd8fe150ac237ebf81b74181eb35c47733f5b890fecf3dd9d353e97627eeaf8d5e7c567835d0cee3cb0277a346b1a52fecbd3661eb9758aa
Static task
static1
Behavioral task
behavioral1
Sample
ymuyks.rar.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.37:443
80.86.91.27:3308
5.100.228.233:3389
46.105.131.65:1512
Targets
-
-
Target
ymuyks.rar
-
Size
311KB
-
MD5
3932842c83bdae09d7beb3525d0bbd50
-
SHA1
4820ed71a8f66aaa01ef08c742258389a6c4f895
-
SHA256
57bfee1e4e0ab516bba59255c176e9d9f39de17458833b6c05f43b46c404175b
-
SHA512
1d3c8214d65c0206dd8fe150ac237ebf81b74181eb35c47733f5b890fecf3dd9d353e97627eeaf8d5e7c567835d0cee3cb0277a346b1a52fecbd3661eb9758aa
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-