Categories: Backdoor

Backdoor:Win32/Drixed.D information

The Backdoor:Win32/Drixed.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Drixed.D virus can do?

Executable code extraction
Compression (or decompression)
Creates RWX memory
A process attempted to delay the analysis task.
Attempts to repeatedly call a single API many times in order to delay analysis time
Exhibits behavior characteristic of Dridex malware
Collects information about installed applications
Attempts to identify installed AV products by registry key
Anomalous binary characteristics

How to determine Backdoor:Win32/Drixed.D?


File Info:
crc32: 7F41E1EAmd5: 62e4f7cfa529ef63439e88ff176cc6c8name: 45y4g.exesha1: 51066826e4201e526f6e9cac440f120f97ca0436sha256: 0c3631f4cb7c6c20d671500f4c3b769457486b5afa0c685920d64c3c7297fb0esha512: dc2e58da5576ab457db09f9daae9c386be1a02712c509a8fdad4c5ca6e6064d79c0617317130dba4d009bae032386462022f084373b9e472dfc27743baee1b70ssdeep: 1536:i9sFbpyg8Y9TwWkX4Cah8dbVJVkwfvZffMSTKgPdcJ:Ayq4wWkX0h2JCwf1fuydcJtype: PE32 executable (console) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).FileVersion: 4.7.2.0CompanyName: Nokia Corporation and/or its subsidiary(-ies)ProductName: Qt4FileDescription: C++ application development framework.OriginalFilename: QtCLucene4.dll

Backdoor:Win32/Drixed.D also known as:

DrWeb	Trojan.Dridex.192
MicroWorld-eScan	Trojan.Dridex.L
FireEye	Generic.mg.62e4f7cfa529ef63
CAT-QuickHeal	Backdoor.Drixed.A7
ALYac	Trojan.Dridex.L
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Yakes.4!c
Sangfor	Malware
K7AntiVirus	Trojan ( 004beaac1 )
BitDefender	Trojan.Dridex.L
K7GW	Trojan ( 004beaac1 )
Cybereason	malicious.fa529e
TrendMicro	BKDR_DRIDEX.XDB
BitDefenderTheta	Gen:NN.ZexaF.33558.lC0@a4Qehvei
F-Prot	W32/Dridex.DD
Symantec	Trojan.Cridex
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Dridex-124
GData	Win32.Trojan.Agent.XZKHHR
Kaspersky	Trojan.Win32.Yakes.lulq
Alibaba	Backdoor:Win32/Yakes.7e6a0efc
NANO-Antivirus	Trojan.Win32.Yakes.efgtud
ViRobot	Trojan.Win32.Agent.184320.DC
Rising	Trojan.Win32.Dridex.f (CLASSIC)
Ad-Aware	Trojan.Dridex.L
Sophos	Troj/Dridex-GN
Comodo	Malware@#28n91424xjesq
F-Secure	Trojan.TR/Crypt.XPACK.544
Zillya	Trojan.Dridex.Win32.239
Invincea	heuristic
McAfee-GW-Edition	Generic.xg
Emsisoft	Trojan.Dridex.L (B)
Ikarus	Trojan.Win32.Dridex
Cyren	W32/Dridex.BYMX-9385
Jiangmin	Trojan/Yakes.xvc
Webroot	W32.Trojan.Gen
Avira	TR/Crypt.XPACK.544
Antiy-AVL	Trojan/Win32.Yakes
Endgame	malicious (high confidence)
Arcabit	Trojan.Dridex.L
ZoneAlarm	Trojan.Win32.Yakes.lulq
Microsoft	Backdoor:Win32/Drixed.D
TACHYON	Trojan/W32.Yakes.184320.Q
AhnLab-V3	Trojan/Win32.Dridex.R163298
Acronis	suspicious
McAfee	Generic.xg
MAX	malware (ai score=100)
VBA32	Trojan.Yakes
Cylance	Unsafe
Panda	Trj/WLT.B
Zoner	Trojan.Win32.34936
ESET-NOD32	Win32/Dridex.P
TrendMicro-HouseCall	BKDR_DRIDEX.XDB
Yandex	Trojan.Yakes!zlvSTIyrHtA
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/DRIDEX.GN!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.e57