2020-04-27 - QUICK POST: DRIDEX MALSPAM AND INFECTION
ASSOCIATED FILES:
- 2020-04-27-Dridex-malspam-2-email-examples.zip 105 kB (105,276 bytes)
- 2020-04-27-Dridex-malspam-example-1-of-2.eml (118,490 bytes)
- 2020-04-27-Dridex-malspam-example-2-of-2.eml (116,664 bytes)
- 2020-04-27-Dridex-infection-traffic.pcap.zip 5.7 MB (5,665,498 bytes)
- 2020-04-27-Dridex-infection-traffic.pcap (5,999,208 bytes)
- 2020-04-27-Dridex-malware-and-artifacts.zip 2.7 MB (2,693,688 bytes)
- 2020-04-27-initial-Dridex-DLL-retreived-by-XLS-macros.bin (392,192 bytes)
- 2020-04-27-malspam-attachment-XLS-file-with-macro-for-Dridex.bin (73,216 bytes)
- 2020-04-27-registry-entry-for-Dridex.txt (720 bytes)
- 2020-04-27-scheduled-task-for-Dridex.txt (3,658 bytes)
- 2020-04-27-startup-menu-shortcut-for-Dridex.bin (1,878 bytes)
- MDal6VoM/SndVol.exe (264,152 bytes)
- MDal6VoM/UxTheme.dll (733,184 bytes)
- fhExRDaH/mmGK7xb/SYSDM.CPL (733,184 bytes)
- fhExRDaH/mmGK7xb/SystemPropertiesPerformance.exe (83,968 bytes)
- fhExRDaH/DUI70.dll (1,015,808 bytes)
- fhExRDaH/phoneactivate.exe (107,616 bytes)
- lL/WindowsActionDialog.exe (60,928 bytes)
- lL/DUI70.dll (1,015,808 bytes)
NOTES:
- Seems like everyone's been tweeting about this today, so here's a pcap, malspam, and malware samples.
- All zip archives on this site are password-protected with the standard password. If you don't know it, see the "about" page of this website.
Click here to return to the main page.