What Is It About The Dyreza Malware?

9- Dyreza Malware

Hello everybody,

Interested in looking into the technical aspects of Dyreza?

Upatre (malware downloader) and Dyreza (credential stealer) is a malicious duet used in spam campaigns. Dyreza is a complex piece of malware and various samples come with various techniques but, the main features remain common.

Dyreza is an eclectic malware, developed by professionals. It is clear that they are constantly working on quality – each new version carries some new ideas and improvements, making analysis harder.

Analyzed samples

ff3d706015b7b142ee0a8f0ad7ea2911 – Dyreza executable- a persistent botnet agent, carring DLLs with the core malicious activities

5a0e393031eb2accc914c1c832993d0b – Dyreza DLL (32bit)

91b62d1380b73baea53a50d02c88a5c6 – Dyreza DLL (64 bit)

This post presents a full technical description of the Behavioural analysis, Inside the code – Executables, Malicious DLL (core) and C&Cs of the abovementioned samples with screen shots and details.

Check it out: https://blog.malwarebytes.org/intelligence/2015/11/a-technical-look-at-dyreza/

0e5cfc5a3ed774c7e6b30f26a2500ebd28b08f132ecd69fa803c3f12066c2332


Source: Akati

Comments are closed.