Description
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
ef5ai1p.dll
539KB
201119-c4jtwtcr8x
1ba0b20a2d03d8af03a7faa42b06417f
4c528bb2afd93d8cb1199d05dc33d77e08f0ee88
f5951b345050e10fa0d3b70b42e6b56d5a720a7a67c381345e33c145e2ba2452
5447e2424e0beeace8c1d3de285fcd841b184e9ed1b3035334fd3005399aa0947b5688a22754b9114ff3f9444906481a519477fbd9cfdb17f23136ad14f6eef3
Family | dridex |
Botnet | 10444 |
C2 |
162.241.44.26:9443 192.232.229.53:4443 77.220.64.34:443 193.90.12.121:3098 |
rc4.plain |
|
rc4.plain |
|
ef5ai1p.dll
1ba0b20a2d03d8af03a7faa42b06417f
539KB
4c528bb2afd93d8cb1199d05dc33d77e08f0ee88
f5951b345050e10fa0d3b70b42e6b56d5a720a7a67c381345e33c145e2ba2452
5447e2424e0beeace8c1d3de285fcd841b184e9ed1b3035334fd3005399aa0947b5688a22754b9114ff3f9444906481a519477fbd9cfdb17f23136ad14f6eef3
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
Detects Dridex both x86 and x64 loader in memory.
Looks up Uninstall key entries in the registry to enumerate software on the system.