326d9bf458c589d7988886d111b6933db21efc950bfa1b44b1814c9dfdcb674b File Analysis Results | ThreatMiner.org

Metadata

File name:	dridex_326d9bf458c589d7988886d111b6933db21efc950bfa1b44b1814c9dfdcb674b
File type:	PE32 executable (console) Intel 80386, for MS Windows
File size:	100068 bytes
Analysis date:	Analyzed on January 27 2017 12:34:50
MD5:	3635ac6099baedae893b3991f730652c
SHA1:	cd08cc349459f99be7d00c046f6b9e5203c0f110
SHA256:	326d9bf458c589d7988886d111b6933db21efc950bfa1b44b1814c9dfdcb674b
SHA512:	c9352a85bb340d6f9300bfa2e56ce50a6998534120caeee1d45a4566207eb14abf85b44462aeadf57e3c642be5a0771b9bcd227a53af060375bd0dd1ab410b6f
SSDEEP:	3072:VPiGccJRTQmAYQ+zkf+2iH8fmtpFhtFhB:5i2JRMXGy9fmtp7
IMPHASH:	e4aca4e84e2c46208916a314cada9f43
Authentihash:	ad2042fc942677eff4923cc821ed9b5f0adcd320ae85bc55f70aa3d5d8d0635b
Related resources

APTNotes
Cyber threat intelligence reports associated with 326d9bf458c589d7988886d111b6933db21efc950bfa1b44b1814c9dfdcb674b.

Domains
Domains the malware sample communicates with.

Hosts
Hosts the malware sample communicates with.

HTTP Requests
HTTP requests the malware sample makes.

AV Detections
AV detection names associated with the malware sample.

Mutants
Mutants created by the malware sample.

"\Sessions\1\BaseNamedObjects\{e37e916e-3f9e-fd7b-2596-6dd73e0a3189}"

"\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"

"\Sessions\1\BaseNamedObjects\Local\c:!users!fgmnize!appdata!local!microsoft!windows!temporary internet files!content.ie5!"

"\Sessions\1\BaseNamedObjects\Local\c:!users!fgmnize!appdata!roaming!microsoft!windows!cookies!"

"\Sessions\1\BaseNamedObjects\Local\c:!users!fgmnize!appdata!local!microsoft!windows!history!history.ie5!"

"\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"

"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"

"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"

"\Sessions\1\BaseNamedObjects\RasPbFile"

"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"

"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"

"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"

"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"

"\Sessions\1\BaseNamedObjects\{df23b233-78cb-8104-c3d9-a762d0607228}"

Registry keys
Registry keys created by the malware sample.

Comments
User comments about 326d9bf458c589d7988886d111b6933db21efc950bfa1b44b1814c9dfdcb674b.

NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.