2020-05-12 - PCAP AND MALWARE FOR AN ISC DIARY (DRIDEX)
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
NOTES:
- The associated ISC diary is Malspam with links to zip archives pushes Dridex malware
ASSOCIATED FILES:
- 2020-05-12-Dridex-from-link-based-malspam-IOCs.txt.zip 3.7 kB (3,716 bytes)
- 2020-05-12-Dridex-from-link-based-malspam-IOCs.txt (8,571 bytes)
- 2020-05-12-link-based-Dridex-malspam-14-examples.zip 37.8 kB (37,756 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-01.eml (14,018 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-02.eml (17,011 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-03.eml (22,002 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-04.eml (21,995 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-05.eml (17,000 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-06.eml (3,577 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-07.eml (9,099 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-08.eml (2,324 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-09.eml (21,925 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-10.eml (3,744 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-11.eml (1,859 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-12.eml (16,989 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-13.eml (18,311 bytes)
- 2020-05-12-link-based-Dridex-malspam-example-14.eml (2,786 bytes)
- 2020-05-12-Dridex-infection-traffic-from-link-in-malspam.pcap.zip 3.5 MB (3,456,256 bytes)
- 2020-05-12-Dridex-infection-traffic-from-link-in-malspam.pcap (3,829,964 bytes)
- 2020-05-12-malware-from-Dridex-infection.zip 3.5 MB (3,556,000 bytes)
- Report_224726231283.zip (571,519 bytes)
- Report~224726231283.vbs (1,260,284 bytes)
- qEWTLCuYyH.dll (714,240 bytes)
- Persistence-through-registry/2020-05-12-Windows-registry-update-for-Dridex.txt (668 bytes)
- Persistence-through-registry/DyGykefYBHT/bdeunlock.exe (700,416 bytes)
- Persistence-through-registry/DyGykefYBHT/DUser.dll (283,264 bytes)
- Persistence-through-scheduled-task/2020-05-12-scheduled-task-for-Dridex.txt (3,610 bytes)
- Persistence-through-scheduled-task/Y3skYJ7F3B/bdeunlock.exe (283,264 bytes)
- Persistence-through-scheduled-task/Y3skYJ7F3B/DUI70.dll (978,944 bytes)
- Persistence-through-startup-menu-shortcut/2020-05-12-startup-menu-shortcut-for-Dridex.bin (1,453 bytes)
- Persistence-through-startup-menu-shortcut/Niby8ztx/iexpress.exe (166,400 bytes)
- Persistence-through-startup-menu-shortcut/Niby8ztx/VERSION.dll (696,320 bytes)
Click here to return to the main page.