Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-01IBMKevin Henson, Emmy Ebanks
@online{henson:20220901:raspberry:b5b5946, author = {Kevin Henson and Emmy Ebanks}, title = {{Raspberry Robin and Dridex: Two Birds of a Feather}}, date = {2022-09-01}, organization = {IBM}, url = {https://securityintelligence.com/posts/raspberry-robin-worm-dridex-malware/}, language = {English}, urldate = {2022-09-06} } Raspberry Robin and Dridex: Two Birds of a Feather
Dridex Raspberry Robin
2022-07-28McAfeeDexter Shin
@online{shin:20220728:new:950bc90, author = {Dexter Shin}, title = {{New HiddenAds malware affects 1M+ users and hides on the Google Play Store}}, date = {2022-07-28}, organization = {McAfee}, url = {https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-hiddenads-malware-that-runs-automatically-and-hides-on-google-play-1m-users-affected/}, language = {English}, urldate = {2022-08-02} } New HiddenAds malware affects 1M+ users and hides on the Google Play Store
HiddenAd
2022-07-09Artik BlueArtik Blue
@online{blue:20220709:malware:be9282b, author = {Artik Blue}, title = {{Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)}}, date = {2022-07-09}, organization = {Artik Blue}, url = {https://artik.blue/malware3}, language = {English}, urldate = {2022-07-15} } Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)
Dridex
2022-05-19Palo Alto Networks Unit 42Saqib Khanzada
@online{khanzada:20220519:weaponization:969a179, author = {Saqib Khanzada}, title = {{Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies}}, date = {2022-05-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/excel-add-ins-dridex-infection-chain}, language = {English}, urldate = {2022-05-23} } Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies
Dridex
2022-05-10RiskIQRiskIQ
@online{riskiq:20220510:riskiq:0de1fcf, author = {RiskIQ}, title = {{RiskIQ: Identifying Dridex C2 via SSL Certificate Patterns}}, date = {2022-05-10}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/e4fb7245}, language = {English}, urldate = {2022-05-17} } RiskIQ: Identifying Dridex C2 via SSL Certificate Patterns
Dridex
2022-03-13Malcatmalcat team
@online{team:20220313:cutting:f4878c8, author = {malcat team}, title = {{Cutting corners against a Dridex downloader}}, date = {2022-03-13}, organization = {Malcat}, url = {https://malcat.fr/blog/cutting-corners-against-a-dridex-downloader/}, language = {English}, urldate = {2022-03-14} } Cutting corners against a Dridex downloader
Dridex
2022-02-23Sentinel LABSAntonio Pirozzi, Antonis Terefos, Idan Weizman
@online{pirozzi:20220223:sanctions:aae1c98, author = {Antonio Pirozzi and Antonis Terefos and Idan Weizman}, title = {{Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp}}, date = {2022-02-23}, organization = {Sentinel LABS}, url = {https://www.sentinelone.com/labs/sanctions-be-damned-from-dridex-to-macaw-the-evolution-of-evil-corp/}, language = {English}, urldate = {2022-02-26} } Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp
Dridex WastedLocker
2022-02-23SophosAndrew Brandt, Anand Ajjan, Colin Cowie, Abhijit Gupta, Steven Lott, Rahil Shah, Vikas Singh, Felix Weyne, Syed Zaidi, Xiaochuan Zhang
@online{brandt:20220223:dridex:51a6f80, author = {Andrew Brandt and Anand Ajjan and Colin Cowie and Abhijit Gupta and Steven Lott and Rahil Shah and Vikas Singh and Felix Weyne and Syed Zaidi and Xiaochuan Zhang}, title = {{Dridex bots deliver Entropy ransomware in recent attacks}}, date = {2022-02-23}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/?cmp=30728}, language = {English}, urldate = {2022-03-01} } Dridex bots deliver Entropy ransomware in recent attacks
Entropy
2022-02-23SophosLabs UncutAndrew Brandt
@online{brandt:20220223:dridex:c1d4784, author = {Andrew Brandt}, title = {{Dridex bots deliver Entropy ransomware in recent attacks}}, date = {2022-02-23}, organization = {SophosLabs Uncut}, url = {https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/}, language = {English}, urldate = {2022-03-01} } Dridex bots deliver Entropy ransomware in recent attacks
Cobalt Strike Dridex Entropy
2022-02Sentinel LABSAntonio Pirozzi, Antonis Terefos, Idan Weizman
@techreport{pirozzi:202202:sanctions:2213742, author = {Antonio Pirozzi and Antonis Terefos and Idan Weizman}, title = {{Sanctions be Damned | From Dridex To Macaw, The Evolution of Evil Corp}}, date = {2022-02}, institution = {Sentinel LABS}, url = {https://www.sentinelone.com/wp-content/uploads/2022/02/S1_-SentinelLabs_SanctionsBeDamned_final_02.pdf}, language = {English}, urldate = {2022-05-17} } Sanctions be Damned | From Dridex To Macaw, The Evolution of Evil Corp
Dridex FriedEx Hades Phoenix Locker WastedLocker
2022-01-14Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220114:multidex:eaa6c6b, author = {Axelle Apvrille}, title = {{Multidex trick to unpack Android/BianLian}}, date = {2022-01-14}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56}, language = {English}, urldate = {2022-03-30} } Multidex trick to unpack Android/BianLian
BianLian
2022-01-14RiskIQJordan Herman
@online{herman:20220114:riskiq:f4f5b68, author = {Jordan Herman}, title = {{RiskIQ: Unique SSL Certificates and JARM Hash Connected to Emotet and Dridex C2 Servers}}, date = {2022-01-14}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/2cd1c003}, language = {English}, urldate = {2022-01-18} } RiskIQ: Unique SSL Certificates and JARM Hash Connected to Emotet and Dridex C2 Servers
Dridex Emotet
2022-01-11muha2xmadMuhammad Hasan Ali
@online{ali:20220111:unpacking:2fe091c, author = {Muhammad Hasan Ali}, title = {{Unpacking Dridex malware}}, date = {2022-01-11}, organization = {muha2xmad}, url = {https://muha2xmad.github.io/unpacking/dridex/}, language = {English}, urldate = {2022-01-25} } Unpacking Dridex malware
Dridex
2022-01-09Atomic Matryoshkaz3r0day_504
@online{z3r0day504:20220109:malware:81e38aa, author = {z3r0day_504}, title = {{Malware Headliners: Dridex}}, date = {2022-01-09}, organization = {Atomic Matryoshka}, url = {https://www.atomicmatryoshka.com/post/malware-headliners-dridex}, language = {English}, urldate = {2022-02-01} } Malware Headliners: Dridex
Dridex
2021-12-20InQuestNick Chalard
@online{chalard:20211220:dont:0aad3db, author = {Nick Chalard}, title = {{(Don't) Bring Dridex Home for the Holidays}}, date = {2021-12-20}, organization = {InQuest}, url = {https://inquest.net/blog/2021/12/20/dont-bring-dridex-home-holidays}, language = {English}, urldate = {2021-12-22} } (Don't) Bring Dridex Home for the Holidays
DoppelDridex Dridex
2021-12-20Bleeping ComputerLawrence Abrams
@online{abrams:20211220:log4j:1a80230, author = {Lawrence Abrams}, title = {{Log4j vulnerability now used to install Dridex banking malware}}, date = {2021-12-20}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/}, language = {English}, urldate = {2021-12-21} } Log4j vulnerability now used to install Dridex banking malware
DoppelDridex Meterpreter
2021-11-21Cyber-AnubisNidal Fikri
@online{fikri:20211121:dridex:b9218fa, author = {Nidal Fikri}, title = {{Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction}}, date = {2021-11-21}, organization = {Cyber-Anubis}, url = {https://cyber-anubis.github.io/malware%20analysis/dridex/}, language = {English}, urldate = {2021-12-01} } Dridex Trojan | Defeating Anti-Analysis | Strings Decryption | C&C Extraction
DoppelDridex Dridex
2021-10-28ProofpointAxel F, Selena Larson
@online{f:20211028:ta575:c1cfdd7, author = {Axel F and Selena Larson}, title = {{TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware}}, date = {2021-10-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/ta575-uses-squid-game-lures-distribute-dridex-malware}, language = {English}, urldate = {2021-11-03} } TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware
DoppelDridex
2021-10-260ffset BlogChuong Dong
@online{dong:20211026:dridex:e054dc4, author = {Chuong Dong}, title = {{DRIDEX: Analysing API Obfuscation Through VEH}}, date = {2021-10-26}, organization = {0ffset Blog}, url = {https://www.0ffset.net/reverse-engineering/malware-analysis/dridex-veh-api-obfuscation/}, language = {English}, urldate = {2021-11-03} } DRIDEX: Analysing API Obfuscation Through VEH
DoppelDridex
2021-09-27Security Soup BlogRyan Campbell
@online{campbell:20210927:doppeldridex:daa5f69, author = {Ryan Campbell}, title = {{DoppelDridex Delivered via Slack and Discord}}, date = {2021-09-27}, organization = {Security Soup Blog}, url = {https://security-soup.net/doppeldridex-delivered-via-slack-and-discord/}, language = {English}, urldate = {2021-09-29} } DoppelDridex Delivered via Slack and Discord
DoppelDridex