General
-
Target
4vkqo.dll
-
Size
236KB
-
Sample
210121-2mqyqnrgwa
-
MD5
67de209a26b0392ec68f1acadfcd3b8c
-
SHA1
1239384045ed93a2932c66bce075858584b171c1
-
SHA256
538dbb8edaeba882aaf0b8f624a043699dd7544784352352a3b2b28ab6bad8e1
-
SHA512
858270c2a9f4ceed448757e752249124095cbae51f93acf6b20409d7f4c3ccfa5f8e906a0a1ed348f7372dae871f2266a02e5dafb61ae414e4cbb31e6b2f495a
Static task
static1
Behavioral task
behavioral1
Sample
4vkqo.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
111
77.220.64.40:443
8.4.9.152:3786
185.246.87.202:3098
Targets
-
-
Target
4vkqo.dll
-
Size
236KB
-
MD5
67de209a26b0392ec68f1acadfcd3b8c
-
SHA1
1239384045ed93a2932c66bce075858584b171c1
-
SHA256
538dbb8edaeba882aaf0b8f624a043699dd7544784352352a3b2b28ab6bad8e1
-
SHA512
858270c2a9f4ceed448757e752249124095cbae51f93acf6b20409d7f4c3ccfa5f8e906a0a1ed348f7372dae871f2266a02e5dafb61ae414e4cbb31e6b2f495a
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-