General
-
Target
og27ksp6.tar
-
Size
1.0MB
-
Sample
220626-gjxv9shcfl
-
MD5
f6513fd9bb92c2eecb2bee88d7a221a3
-
SHA1
f2358c1c65a3d76fdd29018c76915971fe91ee5b
-
SHA256
4850bb885ea9c2266d592c33de4e326555cee54156978afbc846f75836b991ae
-
SHA512
204948b212553665e4b31169f5bafe500cc5735af1da05fa722d26b4ea76cf2c004b7a36488936b873c83bfd34c59e8acd623922306a4c851b5a306c8ef3766e
Static task
static1
Behavioral task
behavioral1
Sample
og27ksp6.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
og27ksp6.tar
-
Size
1.0MB
-
MD5
f6513fd9bb92c2eecb2bee88d7a221a3
-
SHA1
f2358c1c65a3d76fdd29018c76915971fe91ee5b
-
SHA256
4850bb885ea9c2266d592c33de4e326555cee54156978afbc846f75836b991ae
-
SHA512
204948b212553665e4b31169f5bafe500cc5735af1da05fa722d26b4ea76cf2c004b7a36488936b873c83bfd34c59e8acd623922306a4c851b5a306c8ef3766e
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-