General
-
Target
opvm4wary.zip
-
Size
1.3MB
-
Sample
220626-gkcxgsbbg8
-
MD5
c1068d0e90fbbe0f59598f56cf146e36
-
SHA1
aa36e5ae10b62aa07a7f922e6b29e4b630083885
-
SHA256
07b5df6b3760ee94b50709d38c25f8759522623d5e0ba4e56d819ad99bb59d92
-
SHA512
af95ed9f4d421f2f943324286a3643ca61a2b951bb4b7db7d3daa575d4a25c0e5aee5284a31659018a033cdb3987cf13d4245ab21f90adbee4b8012dedc2a91a
Static task
static1
Behavioral task
behavioral1
Sample
opvm4wary.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
192.46.210.220:443
143.244.140.214:808
45.77.0.96:6891
185.56.219.47:8116
Targets
-
-
Target
opvm4wary.zip
-
Size
1.3MB
-
MD5
c1068d0e90fbbe0f59598f56cf146e36
-
SHA1
aa36e5ae10b62aa07a7f922e6b29e4b630083885
-
SHA256
07b5df6b3760ee94b50709d38c25f8759522623d5e0ba4e56d819ad99bb59d92
-
SHA512
af95ed9f4d421f2f943324286a3643ca61a2b951bb4b7db7d3daa575d4a25c0e5aee5284a31659018a033cdb3987cf13d4245ab21f90adbee4b8012dedc2a91a
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-