2018-01-25 - QUICK POST: DRIDEX

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• Zip archive of the pcaps:  2018-01-25-Dridex-infection-traffic-2-pcaps.zip   800.4 kB (800,443 bytes)

• 2018-01-25-Dridex-infection-traffic-1-of-2.pcap   (233,517 bytes)
• 2018-01-25-Dridex-infection-traffic-2-of-2.pcap   (725,501 bytes)

• Zip archive of the emails and malware:  2018-01-25-Dridex-emails-and-malware.zip   230.4 kB (230,396 bytes)

• 114755590.7z   (2041 bytes)
• 114755590.vbs   (4950 bytes)
• 2018-01-25-Dridex-malspam-with-attachment-1234-UTC.eml   (5,145 bytes)
• 2018-01-25-Dridex-malspam-with-link-1649-UTC.eml   (6,395 bytes)
• 2018-01-25-Dridex-sample-from-chimachinenow.com.exe   (143,360 bytes)
• 2018-01-25-Dridex-sample-from-revolutioncomponents.com.exe   (147,456 bytes)
• eFax_12128057747-20180126-025.js   (11,090 bytes)
• eFax_12128057747-20180126-025.zip   (7,825 bytes)

• Zip archive of the IOCs:  2018-01-25-Dridex-notes.txt.zip   1.3 kB (1,306 bytes)

• 2018-01-25-Dridex-notes.txt   (2,506 bytes)

 

Click here to return to the main page.