Overview
overview
10Static
static
URLScan
urlscan
http://hillmag.xyz/
windows7_x64
1http://hillmag.xyz/
windows7_x64
6http://hillmag.xyz/
windows7_x64
1http://hillmag.xyz/
windows10_x64
10http://hillmag.xyz/
windows10_x64
10http://hillmag.xyz/
windows10_x64
10http://hillmag.xyz/
windows10_x64
10http://hillmag.xyz/
linux_amd64
General
Static task
static1
URLScan task
urlscan1
Sample
http://hillmag.xyz/
Behavioral task
behavioral1
Sample
http://hillmag.xyz/
Resource
win7-ja-20210920
Behavioral task
behavioral2
Sample
http://hillmag.xyz/
Resource
win7v20210408
Behavioral task
behavioral3
Sample
http://hillmag.xyz/
Resource
win7-de-20210920
Behavioral task
behavioral4
Sample
http://hillmag.xyz/
Resource
win10v20210408
Behavioral task
behavioral5
Sample
http://hillmag.xyz/
Resource
win10-ja-20210920
Behavioral task
behavioral6
Sample
http://hillmag.xyz/
Resource
win10-en-20210920
Behavioral task
behavioral7
Sample
http://hillmag.xyz/
Resource
win10-de-20210920
Behavioral task
behavioral8
Sample
http://hillmag.xyz/
Resource
ubuntu-amd64
Malware Config
Extracted
dridex
10111
185.168.130.138:443
79.172.255.198:9676
195.154.108.109:10172
Targets
-
-
Registers COM server for autorun
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Program crash