TROJ64_DRIDEX.XCE
March 24, 2017
ALIASES:
Win64/Dridex.D (ESET-NOD32)
PLATFORM:
Windows
OVERALL RISK RATING:
REPORTED INFECTION:
![](/vinfo/imgFiles/legend.jpg)
Threat Type: Spyware
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
This Spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It retrieves specific information from the affected system.
TECHNICAL DETAILS
File Size:
286,720 bytes
File Type:
DLL
Memory Resident:
Yes
Initial Samples Received Date:
03 Mar 2017
Arrival Details
This Spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Information Theft
This Spyware gathers the following data:
- Log Keystrokes
- Steal information input on forms
- Gather information from cookies
- Inject codes on web browsers
- Take screenshots
It retrieves the following information from the affected system:
- Computer Name
- User Name
- Date Installed
- OS Version
Other Details
This Spyware connects to the following possibly malicious URL:
- {BLOCKED}.{BLOCKED}.11.114
It does the following:
- It targets the following web browsers:
- chrome
- firefox