General
-
Target
nqdisf.zip
-
Size
1.0MB
-
Sample
220611-vclfjsgdhm
-
MD5
e9aaa1c9f461bac16edc3b886c9cc4fa
-
SHA1
1e5760c484f8a4c6797372bbd35059f4547f7dc9
-
SHA256
98d114f51b40442fb04c4a1d5d8f52baf7e8b2278ab75a5305fdbf6268bbe45e
-
SHA512
521e894f66d56d65cf57282d046641cf24b8651445d4b5470642b6ce8f0d82abc935fd8157e794dad578df618f9d686fdccaebd9f3f234c614428146d568f56c
Static task
static1
Behavioral task
behavioral1
Sample
nqdisf.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
nqdisf.zip
-
Size
1.0MB
-
MD5
e9aaa1c9f461bac16edc3b886c9cc4fa
-
SHA1
1e5760c484f8a4c6797372bbd35059f4547f7dc9
-
SHA256
98d114f51b40442fb04c4a1d5d8f52baf7e8b2278ab75a5305fdbf6268bbe45e
-
SHA512
521e894f66d56d65cf57282d046641cf24b8651445d4b5470642b6ce8f0d82abc935fd8157e794dad578df618f9d686fdccaebd9f3f234c614428146d568f56c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-