General
-
Target
judpotp.rar
-
Size
311KB
-
Sample
220611-t8jfdsgcel
-
MD5
8e5596083fd4c3134204e905f7f66325
-
SHA1
6902210f93d3a940571cc860c4563cd4be14edb9
-
SHA256
8110e38afd33797465ab43841b1c54abff7a25acc30fa27c2623966750d34737
-
SHA512
e7084948b9f9bcb28f7c85a2812825d8012327bcfb5310f5759aebd585504624682187f9a6af86206295bfb4f1a9a178dc9322218b2e0a72e2cb3b8fcfb370e5
Static task
static1
Behavioral task
behavioral1
Sample
judpotp.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
77.220.64.37:443
80.86.91.27:3308
5.100.228.233:3389
46.105.131.65:1512
Targets
-
-
Target
judpotp.rar
-
Size
311KB
-
MD5
8e5596083fd4c3134204e905f7f66325
-
SHA1
6902210f93d3a940571cc860c4563cd4be14edb9
-
SHA256
8110e38afd33797465ab43841b1c54abff7a25acc30fa27c2623966750d34737
-
SHA512
e7084948b9f9bcb28f7c85a2812825d8012327bcfb5310f5759aebd585504624682187f9a6af86206295bfb4f1a9a178dc9322218b2e0a72e2cb3b8fcfb370e5
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-