2020-05-12 - PCAP AND MALWARE FOR AN ISC DIARY (DRIDEX)

NOTES:

 

ASSOCIATED FILES:

  • 2020-05-12-Dridex-from-link-based-malspam-IOCs.txt   (8,571 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-01.eml   (14,018 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-02.eml   (17,011 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-03.eml   (22,002 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-04.eml   (21,995 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-05.eml   (17,000 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-06.eml   (3,577 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-07.eml   (9,099 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-08.eml   (2,324 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-09.eml   (21,925 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-10.eml   (3,744 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-11.eml   (1,859 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-12.eml   (16,989 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-13.eml   (18,311 bytes)
  • 2020-05-12-link-based-Dridex-malspam-example-14.eml   (2,786 bytes)
  • 2020-05-12-Dridex-infection-traffic-from-link-in-malspam.pcap   (3,829,964 bytes)
  • Report_224726231283.zip   (571,519 bytes)
  • Report~224726231283.vbs   (1,260,284 bytes)
  • qEWTLCuYyH.dll   (714,240 bytes)
  • Persistence-through-registry/2020-05-12-Windows-registry-update-for-Dridex.txt   (668 bytes)
  • Persistence-through-registry/DyGykefYBHT/bdeunlock.exe   (700,416 bytes)
  • Persistence-through-registry/DyGykefYBHT/DUser.dll   (283,264 bytes)
  • Persistence-through-scheduled-task/2020-05-12-scheduled-task-for-Dridex.txt   (3,610 bytes)
  • Persistence-through-scheduled-task/Y3skYJ7F3B/bdeunlock.exe   (283,264 bytes)
  • Persistence-through-scheduled-task/Y3skYJ7F3B/DUI70.dll   (978,944 bytes)
  • Persistence-through-startup-menu-shortcut/2020-05-12-startup-menu-shortcut-for-Dridex.bin   (1,453 bytes)
  • Persistence-through-startup-menu-shortcut/Niby8ztx/iexpress.exe   (166,400 bytes)
  • Persistence-through-startup-menu-shortcut/Niby8ztx/VERSION.dll   (696,320 bytes)

 

Click here to return to the main page.