General
-
Target
kznyhj.rar
-
Size
1.0MB
-
Sample
220611-t9lbdagchq
-
MD5
54406a46537707356be7ae715803089c
-
SHA1
81a90d9e6b412cf9a6c834927e8ebeb939bc12aa
-
SHA256
60e734bb4ac85f8a03cfa3147c7f887b2c043e66c64d6ebd1091771c07b779a4
-
SHA512
7bbd7efa002c17492712dd5d929957966c8ded8a5080f5dc53f71c3ec96282f919cb6e64d649d199aa38b6c0b982fc1017b379d7898b04093c7c297d6423addc
Static task
static1
Behavioral task
behavioral1
Sample
kznyhj.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
kznyhj.rar
-
Size
1.0MB
-
MD5
54406a46537707356be7ae715803089c
-
SHA1
81a90d9e6b412cf9a6c834927e8ebeb939bc12aa
-
SHA256
60e734bb4ac85f8a03cfa3147c7f887b2c043e66c64d6ebd1091771c07b779a4
-
SHA512
7bbd7efa002c17492712dd5d929957966c8ded8a5080f5dc53f71c3ec96282f919cb6e64d649d199aa38b6c0b982fc1017b379d7898b04093c7c297d6423addc
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-