General
-
Target
tzvqteb.0.dr.dll
-
Size
750KB
-
Sample
211027-zf37zsgdg6
-
MD5
982920b38c5cd4405292b6574db8e91d
-
SHA1
da09a73c1c1be0ce1c0f0e058b8f32b7d188ca8c
-
SHA256
664a9ed7f0380b737fd75b3aa9c234eb15235b0097306e9a46bec74c5584ba6a
-
SHA512
ef2957e0107ce7454ff246a5b8868bc00ea9dfb78598aff9951ee605a7f4d43ca13f8015bc9370c77776d25465ed5e711aeb0790f7a30adfcb9505247521a9c3
Static task
static1
Behavioral task
behavioral1
Sample
tzvqteb.0.dr.dll
Resource
win7-en-20210920
Malware Config
Extracted
dridex
10555
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
tzvqteb.0.dr.dll
-
Size
750KB
-
MD5
982920b38c5cd4405292b6574db8e91d
-
SHA1
da09a73c1c1be0ce1c0f0e058b8f32b7d188ca8c
-
SHA256
664a9ed7f0380b737fd75b3aa9c234eb15235b0097306e9a46bec74c5584ba6a
-
SHA512
ef2957e0107ce7454ff246a5b8868bc00ea9dfb78598aff9951ee605a7f4d43ca13f8015bc9370c77776d25465ed5e711aeb0790f7a30adfcb9505247521a9c3
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-