Description
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
Unrthppaf.bin
426KB
201126-nqtqj5q93a
2b47214db606e21fb5d58cc7c3a27242
8b71bd0a2618d26a16a85245e7a92aef6d3da967
b12b65a39a6261016b7473cfd08c316cee6958739e00bb746331bdfb52b4b0bb
908057911bc6458f608700814b65be5706825314181f54ca42bd3745dd856cdee85a7b39a5d6f7c57e3203951e4c86578ad4079bfd1d5189a876c714c984c8fe
Family | dridex |
Botnet | 10555 |
C2 |
194.225.58.216:443 178.254.40.132:691 216.172.165.70:3889 198.57.200.100:3786 |
rc4.plain |
|
rc4.plain |
|
Unrthppaf.bin
2b47214db606e21fb5d58cc7c3a27242
426KB
8b71bd0a2618d26a16a85245e7a92aef6d3da967
b12b65a39a6261016b7473cfd08c316cee6958739e00bb746331bdfb52b4b0bb
908057911bc6458f608700814b65be5706825314181f54ca42bd3745dd856cdee85a7b39a5d6f7c57e3203951e4c86578ad4079bfd1d5189a876c714c984c8fe
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
Detects Dridex both x86 and x64 loader in memory.
Looks up Uninstall key entries in the registry to enumerate software on the system.