General
-
Target
dyh3tb9j.zipxvtnonwk
-
Size
497KB
-
Sample
220611-tzze9afhej
-
MD5
ea17e483833d1d1b26babad280b6f7cd
-
SHA1
ffd61dddb0607a6a12e9f58b50185be7998f7e39
-
SHA256
db8945a793ea1bd94eb1aa3e3e14e84da66b3048f4a86e814e6d0f8dd5c8c276
-
SHA512
7d2add1d53aa7d84ef2e223d5ef8b27ff8f7d5847a27407fed5d0d9cffd3a64bc6ebc41b8b6000d92f077ab7908f940963bdbafe6bb817131dc9ce78d3b2f95e
Static task
static1
Behavioral task
behavioral1
Sample
dyh3tb9j.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
178.128.83.165:443
128.199.59.13:8172
110.164.184.226:6516
Targets
-
-
Target
dyh3tb9j.zipxvtnonwk
-
Size
497KB
-
MD5
ea17e483833d1d1b26babad280b6f7cd
-
SHA1
ffd61dddb0607a6a12e9f58b50185be7998f7e39
-
SHA256
db8945a793ea1bd94eb1aa3e3e14e84da66b3048f4a86e814e6d0f8dd5c8c276
-
SHA512
7d2add1d53aa7d84ef2e223d5ef8b27ff8f7d5847a27407fed5d0d9cffd3a64bc6ebc41b8b6000d92f077ab7908f940963bdbafe6bb817131dc9ce78d3b2f95e
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-