General
-
Target
ojh69yt.zip
-
Size
539KB
-
Sample
201123-8781tq461a
-
MD5
3dd08a111c25ec4fd73599b389f628b0
-
SHA1
3e5b5c0f3437af1c5c559d94da64d6e0d36dc56f
-
SHA256
aa1b00f53b9ee1ee1edeaeab7b7d272d1c8e84cd3140b32e9a15a89f90a7166a
-
SHA512
a4e01216ff2a304141c690cecebecdd2f20032ccda8f78e26aef392194a7fd1790754c9f1f38e61738d48b6f1c0468c5372cfa44161d4b959608e7c95a58d862
Static task
static1
Behavioral task
behavioral1
Sample
ojh69yt.zip.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
162.241.44.26:9443
192.232.229.53:4443
77.220.64.34:443
193.90.12.121:3098
Targets
-
-
Target
ojh69yt.zip
-
Size
539KB
-
MD5
3dd08a111c25ec4fd73599b389f628b0
-
SHA1
3e5b5c0f3437af1c5c559d94da64d6e0d36dc56f
-
SHA256
aa1b00f53b9ee1ee1edeaeab7b7d272d1c8e84cd3140b32e9a15a89f90a7166a
-
SHA512
a4e01216ff2a304141c690cecebecdd2f20032ccda8f78e26aef392194a7fd1790754c9f1f38e61738d48b6f1c0468c5372cfa44161d4b959608e7c95a58d862
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-