WinNT/Cridex (alias Dridex, Drixed) - Page 2

Worm:Win32/Cridex.B

#11708 by hnpl2011
Tue Feb 21, 2012 2:59 am

looking for:
Md5: 31414ca41274262ba50e636c46a738f6
https://www.virustotal.com/file/93ace58 ... /analysis/

Username

hnpl2011

Posts

48

Joined

Mon Jan 24, 2011 8:53 am

Re: Malware Requests

#11709 by Xylitol
Tue Feb 21, 2012 3:13 am

hnpl2011 wrote:looking for:
Md5: 31414ca41274262ba50e636c46a738f6
https://www.virustotal.com/file/93ace58 ... /analysis/

Attachments

93ace58326e19d49ac0a84df9dc32818afd118cf3fd5b993727d0dbd56d29c2e.zip

infected
(75.36 KiB) Downloaded 86 times

Registration Problems and FAQ - Rules For Malware Requests

Username

Xylitol

Rank

Global Moderator

Posts

1706

Joined

Sat Apr 10, 2010 5:54 pm

Location

Seireitei, Soul Society

Contact

Re: Worm:Win32/Cridex.B

#11774 by rkhunter
Thu Feb 23, 2012 1:02 pm

MD5: c9d860b12fec7540b840d517e2965b4d
2/41

Attachments

C9D860B12FEC7540B840D517E2965B4D.zip

pass:infected
(40.92 KiB) Downloaded 83 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#11798 by rkhunter
Fri Feb 24, 2012 6:07 pm

Cridex dropper, BH payload.

MD5: 85dc077d5e50b7e133fef85e09dfe2fb
7/41

Attachments

85DC077D5E50B7E133FEF85E09DFE2FB.zip

pass:infected
(40.53 KiB) Downloaded 91 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#11809 by Evilcry
Sat Feb 25, 2012 6:21 pm

Hi,

The configuration of the above sample (85dc077d5e50b7e133fef85e09dfe2fb) targets several banks
from: USA, UK, France, Australia, United Arab Emirates, Saudi Arabia, Egypt, Netherlands, Germany.

WebInject code and URL Triggers like every Cridex (until this moment) are stored in clear in
[HKEY_CURRENT_USER\Software\Microsoft\Windows Media Center\RANDOM_STRING]

Regards.

Username

Evilcry

Posts

135

Joined

Tue Apr 20, 2010 6:10 pm

Re: Worm:Win32/Cridex.B

#11927 by rkhunter
Thu Mar 01, 2012 5:50 pm

Cridex research by M86 Labs: The Cridex Trojan Targets 137 Financial Organizations in One Go

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#11938 by rkhunter
Fri Mar 02, 2012 7:12 pm

One more dropper.

MD5: FE8880B69628AF77A9E40982CB15AEF1
10/43

Attachments

FE8880B69628AF77A9E40982CB15AEF1.zip

pass:infected
(40.44 KiB) Downloaded 97 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#11939 by rkhunter
Fri Mar 02, 2012 7:16 pm

MD5: E6E3F2DD452FAD8D88E8156A4FA7CA2F
4/41

Attachments

E6E3F2DD452FAD8D88E8156A4FA7CA2F.zip

pass:infected
(40.3 KiB) Downloaded 94 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#12109 by rkhunter
Wed Mar 14, 2012 8:00 am

MD5: 60de81d602b7488ad4bf315bf80e04fd
https://www.virustotal.com/file/60dcdd2 ... /analysis/

Attachments

60DE81D602B7488AD4BF315BF80E04FD.zip

pass:infected
(70.53 KiB) Downloaded 92 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Worm:Win32/Cridex.B

#12538 by rkhunter
Fri Apr 06, 2012 7:54 am

Worm:Win32/Cridex.B

MD5: 6D6FC19EE74E989B0D2D8E85A286E718
https://www.virustotal.com/file/4bda0cb ... /analysis/

Attachments

6D6FC19EE74E989B0D2D8E85A286E718.zip

pass:infected
(42.81 KiB) Downloaded 98 times

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact