mpXUd364Rz.dll

Status: finished

Submission Time: 2022-03-23 12:28:49 +01:00

Malicious

Trojan

Evader

Dridex

Comments

Details

Analysis ID:
595330
API (Web) ID:
962755
Analysis Started:

2022-03-23 16:11:09 +01:00
Analysis Finished:

2022-03-23 16:29:04 +01:00
MD5:
76a03b741a85be73b47b1a72cea1becb
SHA1:
f453704ee0177d5771766870bc871e7c048a6c61
SHA256:
7fb4c95a329b24e6ab6742747cf896ae5125599548d38388fcb887b3fb871339
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 43/67

Open Full Report

malicious

Score: 22/35

malicious

Score: 37/42

malicious

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\E4DREUfrP\VERSION.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\tivYqgA\newdev.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\SUX56B\UxTheme.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
Click to see the 19 hidden entries
C:\Users\user\AppData\Local\4gdyz\XmlLite.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\USNBng\WTSAPI32.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\lcdNfR\SYSDM.CPL	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\USNBng\MDMAppInstaller.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\bc49718863ee53e026d805ec372039e9_d06ed635-68f6-4e9a-955c-4899f5f57b9a	data	#
C:\Users\user\AppData\Local\xwE\wextract.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\xwE\VERSION.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\tivYqgA\InfDefaultInstall.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\pUTm\SystemPropertiesAdvanced.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\pUTm\SYSDM.CPL	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\lcdNfR\SystemPropertiesComputerName.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\SUX56B\FileHistory.exe	PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows	#
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\FileHistory.exe.log	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\KGg\iexpress.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\KGg\VERSION.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\JvUQhw\XmlLite.dll	PE32+ executable (DLL) (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\JvUQhw\MusNotificationUx.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\E4DREUfrP\iexpress.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\4gdyz\sppsvc.exe	PE32+ executable (GUI) x86-64, for MS Windows	#

mpXUd364Rz.dll

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

Dropped files

mpXUd364Rz.dll Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

Dropped files

Search started

mpXUd364Rz.dll