Description
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
qz0h69.pdf.dll
539KB
201119-c3627ca6ns
ba7ddbd663a50b149b22d810f4211207
06faf7fce11b89e4119c70c5a8cb56d97ab68bab
eb1a0c3677f4b416e43e2c4d88a30d1f5bd4d9b00b1e0c48efef31b034465e3c
cc26dd7686669b6af424cf6da3114e2fa2d5131a165f3711893ff4a9952c66918f080bf7593cf9010a8d63cfda2f447cb30fea321838cbf95c6415615307b403
Family | dridex |
Botnet | 10555 |
C2 |
162.241.44.26:9443 192.232.229.53:4443 77.220.64.34:443 193.90.12.121:3098 |
rc4.plain |
|
rc4.plain |
|
qz0h69.pdf.dll
ba7ddbd663a50b149b22d810f4211207
539KB
06faf7fce11b89e4119c70c5a8cb56d97ab68bab
eb1a0c3677f4b416e43e2c4d88a30d1f5bd4d9b00b1e0c48efef31b034465e3c
cc26dd7686669b6af424cf6da3114e2fa2d5131a165f3711893ff4a9952c66918f080bf7593cf9010a8d63cfda2f447cb30fea321838cbf95c6415615307b403
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
Detects Dridex both x86 and x64 loader in memory.
Looks up Uninstall key entries in the registry to enumerate software on the system.