General
-
Target
d9it9p.rar
-
Size
497KB
-
Sample
220611-tyez8acag7
-
MD5
4c40878a680989564d69aaaad6675b3d
-
SHA1
61ad964d616ed4a29fc0d3172840eced09ecc0ae
-
SHA256
3f7c187c9539e39d8556dfa534e260aa0255d682aee06e3afdcfe4c047bf6e77
-
SHA512
d997c6078564b628a8a45e3a2eb91b4dc177c892e9d3eff9026c7630bacad8344c4f63d5386e57d38381dc1002c53338001dbb4d6cd58b139b64ff2590165f17
Static task
static1
Behavioral task
behavioral1
Sample
d9it9p.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
178.128.83.165:443
128.199.59.13:8172
110.164.184.226:6516
Targets
-
-
Target
d9it9p.rar
-
Size
497KB
-
MD5
4c40878a680989564d69aaaad6675b3d
-
SHA1
61ad964d616ed4a29fc0d3172840eced09ecc0ae
-
SHA256
3f7c187c9539e39d8556dfa534e260aa0255d682aee06e3afdcfe4c047bf6e77
-
SHA512
d997c6078564b628a8a45e3a2eb91b4dc177c892e9d3eff9026c7630bacad8344c4f63d5386e57d38381dc1002c53338001dbb4d6cd58b139b64ff2590165f17
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-