General
-
Target
w2hnimyl.jpg.malware
-
Size
664KB
-
Sample
240506-v2aekseh75
-
MD5
33b270a2834c709972d3760eb66b8456
-
SHA1
281692fc47d050de0efd9d319c3d1e9af77f6d28
-
SHA256
7985a7828577a100bc3060f2f70e59d660494476d0b30b74d9a2d82f18537cf2
-
SHA512
7e162847e1001e313bbe37197ea0c9104211ddce34adad689d31f2a3642ce8646003ef1851bdc069f9a5acbfedfe54520d6c1ab58ea133b2393ceccdf8836762
-
SSDEEP
12288:P/0Qzqf0esi48hM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uJoaEP:X0zhsGn6TFKywvCbEOxDMu9oyfaEP
Static task
static1
Behavioral task
behavioral1
Sample
w2hnimyl.jpg.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
w2hnimyl.jpg.malware
-
Size
664KB
-
MD5
33b270a2834c709972d3760eb66b8456
-
SHA1
281692fc47d050de0efd9d319c3d1e9af77f6d28
-
SHA256
7985a7828577a100bc3060f2f70e59d660494476d0b30b74d9a2d82f18537cf2
-
SHA512
7e162847e1001e313bbe37197ea0c9104211ddce34adad689d31f2a3642ce8646003ef1851bdc069f9a5acbfedfe54520d6c1ab58ea133b2393ceccdf8836762
-
SSDEEP
12288:P/0Qzqf0esi48hM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uJoaEP:X0zhsGn6TFKywvCbEOxDMu9oyfaEP
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-