=
We are hiring! Windows Kernel Developer (Remote), apply here!
flash

O7JFHuMXiX.dll

Status: finished
Submission Time: 2022-03-23 12:28:47 +01:00
Malicious
Trojan
Evader
Dridex

Comments

Tags

  • Dridex
  • exe

Details

  • Analysis ID:
    595304
  • API (Web) ID:
    962744
  • Analysis Started:
    2022-03-23 15:41:34 +01:00
  • Analysis Finished:
    2022-03-23 15:59:00 +01:00
  • MD5:
    ff8a5d46d17304b14dae74a2768eadf2
  • SHA1:
    6e1fbf9932042ae0b3da7f42eadd403c1c39f2a6
  • SHA256:
    7dc6fda471838428d026e3e98f9f6b113e711c837f45ffa332e61854842ced2a
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

malicious

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
100/100

malicious
21/35

malicious
36/42

malicious

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\9UWfSjs\SLC.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\BHN\DUI70.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\Fbc7IGHq\WTSAPI32.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
Click to see the 22 hidden entries
C:\Users\user\AppData\Local\JZ6mZjv9\MFC42u.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\dgZMvi\VERSION.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\gV1c\WINMM.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\rst\UxTheme.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\xX5v\XmlLite.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\9UWfSjs\msinfo32.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\BHN\WindowsActionDialog.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\Fbc7IGHq\rdpinit.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\JZ6mZjv9\eudcedit.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\JcsYK1BU\MFC42u.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\JcsYK1BU\eudcedit.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\VJp8aBwvL\SLC.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\VJp8aBwvL\slui.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\W33A\MFC42u.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\W33A\eudcedit.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\adrSKYW\RDVGHelper.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\adrSKYW\WTSAPI32.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\dgZMvi\wextract.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\gV1c\PresentationSettings.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\rst\PasswordOnWakeSettingFlyout.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Local\xX5v\ddodiag.exe
PE32+ executable (GUI) x86-64, for MS Windows
#
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\21c8026919fd094ab07ec3c180a9f210_d06ed635-68f6-4e9a-955c-4899f5f57b9a
data
#