General
-
Target
zpvym0qxg.rar.malware
-
Size
664KB
-
Sample
240506-v2j9saeh85
-
MD5
e52f2b2eba6f9de5bb58585c61c559dd
-
SHA1
edc72dfc76457d2c03bfa6fecebd6c33acb31374
-
SHA256
1d0bd1afd44aa2b4a91ffc0dbc014cc6f64a057d71e9c6682997f041e118fedc
-
SHA512
99cf420af46c4a250938b8b67672b7df838b055a15846161630cf4b26013ffccd0b0f22cc6de0925d102c93819081436c8faa8f0671b18533649650e1656276d
-
SSDEEP
12288:J/0Qzqf0eIi48nM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uLoaEP:Z0zhIUn6TFKywvCbEOxDMu9oypaEP
Static task
static1
Behavioral task
behavioral1
Sample
zpvym0qxg.rar.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
zpvym0qxg.rar.malware
-
Size
664KB
-
MD5
e52f2b2eba6f9de5bb58585c61c559dd
-
SHA1
edc72dfc76457d2c03bfa6fecebd6c33acb31374
-
SHA256
1d0bd1afd44aa2b4a91ffc0dbc014cc6f64a057d71e9c6682997f041e118fedc
-
SHA512
99cf420af46c4a250938b8b67672b7df838b055a15846161630cf4b26013ffccd0b0f22cc6de0925d102c93819081436c8faa8f0671b18533649650e1656276d
-
SSDEEP
12288:J/0Qzqf0eIi48nM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uLoaEP:Z0zhIUn6TFKywvCbEOxDMu9oypaEP
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-