General
-
Target
dfbaq8x5.rar
-
Size
525KB
-
Sample
220626-f54ehaggck
-
MD5
eb477791471e3b4379f816cbf7bc7a56
-
SHA1
5ec761e52521bda659646ca1bb5cad605b3a98d3
-
SHA256
81a509915d240010326dae2581c7e584304c5a4f0f02d9ed4d9270e4193e83b1
-
SHA512
ed5d38339d0344b664e894fba4d0321b81f472556194f00287b684aa025bcaae210efbfecaa342e83a88d0729f8219950d45f4ebb9096f98f21142b025a6209c
Static task
static1
Behavioral task
behavioral1
Sample
dfbaq8x5.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
169.255.216.36:443
138.201.138.91:3389
89.174.36.41:4643
87.106.89.36:3389
Targets
-
-
Target
dfbaq8x5.rar
-
Size
525KB
-
MD5
eb477791471e3b4379f816cbf7bc7a56
-
SHA1
5ec761e52521bda659646ca1bb5cad605b3a98d3
-
SHA256
81a509915d240010326dae2581c7e584304c5a4f0f02d9ed4d9270e4193e83b1
-
SHA512
ed5d38339d0344b664e894fba4d0321b81f472556194f00287b684aa025bcaae210efbfecaa342e83a88d0729f8219950d45f4ebb9096f98f21142b025a6209c
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-