General
-
Target
xkmjs35.tarnaycfuvw
-
Size
1.0MB
-
Sample
220611-vqrjqahagr
-
MD5
e25df6542aee785f8c1d836895c31f12
-
SHA1
8ede993ca03d023514bdb83488a8a495ccc3524b
-
SHA256
2a6ab44c7c050efc9a9e8123e6865d6f7fefd6c9eb8f74c0815561faeaa51c6b
-
SHA512
0380c78eb09e421cc2d72c4b962d8376f1272a8d326340693c820dd814cea978c4bd4e8c50e4dea6d556c5f19af3279c38554dbd9813f96f391ac51a95d25b42
Static task
static1
Behavioral task
behavioral1
Sample
xkmjs35.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
xkmjs35.tarnaycfuvw
-
Size
1.0MB
-
MD5
e25df6542aee785f8c1d836895c31f12
-
SHA1
8ede993ca03d023514bdb83488a8a495ccc3524b
-
SHA256
2a6ab44c7c050efc9a9e8123e6865d6f7fefd6c9eb8f74c0815561faeaa51c6b
-
SHA512
0380c78eb09e421cc2d72c4b962d8376f1272a8d326340693c820dd814cea978c4bd4e8c50e4dea6d556c5f19af3279c38554dbd9813f96f391ac51a95d25b42
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-