General
-
Target
q9ypuhl3.rar
-
Size
576KB
-
Sample
220626-glxy2shdaq
-
MD5
029c4b7edb22ac490cb6579e01fc341b
-
SHA1
c8db490c03efd8de9d41d2bca72078a1bfa21e5d
-
SHA256
c65243e51ddff712ffe22c8251980cb60c6b4d067074abe23695d2aeb7bf99f9
-
SHA512
fc0bdab89e6f576a6bb0d1064a91c0094b35cb490c0d06a52032572d1e2bf00329fd74e86a46962432ce73dba46b52dfd60111ab3c564f99bc14a731826e1741
Static task
static1
Behavioral task
behavioral1
Sample
q9ypuhl3.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
77.220.64.131:443
5.196.204.251:5037
192.99.41.136:981
24.229.3.146:4664
Targets
-
-
Target
q9ypuhl3.rar
-
Size
576KB
-
MD5
029c4b7edb22ac490cb6579e01fc341b
-
SHA1
c8db490c03efd8de9d41d2bca72078a1bfa21e5d
-
SHA256
c65243e51ddff712ffe22c8251980cb60c6b4d067074abe23695d2aeb7bf99f9
-
SHA512
fc0bdab89e6f576a6bb0d1064a91c0094b35cb490c0d06a52032572d1e2bf00329fd74e86a46962432ce73dba46b52dfd60111ab3c564f99bc14a731826e1741
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-