General
-
Target
rkb86q.zip
-
Size
704KB
-
Sample
220626-gnlnsshdfr
-
MD5
58690c2e2bca2fcb6148a2c68de45d3b
-
SHA1
d64621c7570cb0d2fc03c81d70349b2b94688bb1
-
SHA256
4d8c2d2475582c8216e6292327b028868e3506ddb252b8184127f698a5920f91
-
SHA512
33c979a4b9227ff2e70017d7967797ced31d27585d58d80cc22ab3f1fc93626535b2c0ba3bc7990f1f0b6d92ad0d71b7fc8147ab7767bbc45e2f260db8c9d309
Static task
static1
Behavioral task
behavioral1
Sample
rkb86q.dll
Resource
win7-20220414-en
Malware Config
Extracted
dridex
10444
97.107.127.161:443
45.33.94.33:5037
159.89.91.92:5037
158.69.118.130:1443
Targets
-
-
Target
rkb86q.zip
-
Size
704KB
-
MD5
58690c2e2bca2fcb6148a2c68de45d3b
-
SHA1
d64621c7570cb0d2fc03c81d70349b2b94688bb1
-
SHA256
4d8c2d2475582c8216e6292327b028868e3506ddb252b8184127f698a5920f91
-
SHA512
33c979a4b9227ff2e70017d7967797ced31d27585d58d80cc22ab3f1fc93626535b2c0ba3bc7990f1f0b6d92ad0d71b7fc8147ab7767bbc45e2f260db8c9d309
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-