General
-
Target
kotv5chb.tarcbuqtyul
-
Size
1.0MB
-
Sample
220611-t9bf6scfb6
-
MD5
731544128fa736287d64a569b9ba108a
-
SHA1
1fdd7e0f4eed7e8cf7856515dd7c487694aa963e
-
SHA256
e63095be2fa1b8110b1ff04df2403b6d98424ca39862f777b1998d2002fb640e
-
SHA512
db0138ca7263be7ed608cd4a3dc0da75d7e2f54ebf979bf9daa4ce990e4c7c468f25e3e61154becd3c09d05c5c166578106d871cd49e09913d46db8e2d0e35e3
Static task
static1
Behavioral task
behavioral1
Sample
kotv5chb.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
kotv5chb.tarcbuqtyul
-
Size
1.0MB
-
MD5
731544128fa736287d64a569b9ba108a
-
SHA1
1fdd7e0f4eed7e8cf7856515dd7c487694aa963e
-
SHA256
e63095be2fa1b8110b1ff04df2403b6d98424ca39862f777b1998d2002fb640e
-
SHA512
db0138ca7263be7ed608cd4a3dc0da75d7e2f54ebf979bf9daa4ce990e4c7c468f25e3e61154becd3c09d05c5c166578106d871cd49e09913d46db8e2d0e35e3
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-