Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-18AppGateGustavo Palazolo, Felipe Duarte
@online{palazolo:20200918:reverse:689e4cb, author = {Gustavo Palazolo and Felipe Duarte}, title = {{Reverse Engineering Dridex and Automating IOC Extraction}}, date = {2020-09-18}, organization = {AppGate}, url = {https://www.appgate.com/blog/reverse-engineering-dridex-and-automating-ioc-extraction}, language = {English}, urldate = {2020-09-25} } Reverse Engineering Dridex and Automating IOC Extraction
Dridex
2020-09-10SANS ISC InfoSec ForumsBrad Duncan
@online{duncan:20200910:recent:f9e103f, author = {Brad Duncan}, title = {{Recent Dridex activity}}, date = {2020-09-10}, organization = {SANS ISC InfoSec Forums}, url = {https://isc.sans.edu/forums/diary/Recent+Dridex+activity/26550/}, language = {English}, urldate = {2020-09-15} } Recent Dridex activity
Dridex
2020-09-07Github (pan-unit42)Brad Duncan
@online{duncan:20200907:collection:09ab7be, author = {Brad Duncan}, title = {{Collection of recent Dridex IOCs}}, date = {2020-09-07}, organization = {Github (pan-unit42)}, url = {https://github.com/pan-unit42/tweets/blob/master/2020-09-07-Dridex-IOCs.txt}, language = {English}, urldate = {2020-09-15} } Collection of recent Dridex IOCs
Cutwail Dridex
2020-08-03The DFIR Report
@online{report:20200803:dridex:165cf39, author = {The DFIR Report}, title = {{Dridex – From Word to Domain Dominance}}, date = {2020-08-03}, url = {https://thedfirreport.com/2020/08/03/dridex-from-word-to-domain-dominance/}, language = {English}, urldate = {2020-08-05} } Dridex – From Word to Domain Dominance
Dridex
2020-07-17CERT-FRCERT-FR
@techreport{certfr:20200717:malware:5c58cdf, author = {CERT-FR}, title = {{The Malware Dridex: Origins and Uses}}, date = {2020-07-17}, institution = {CERT-FR}, url = {https://www.cert.ssi.gouv.fr/uploads/CERTFR-2020-CTI-008.pdf}, language = {English}, urldate = {2020-07-20} } The Malware Dridex: Origins and Uses
Andromeda CryptoLocker Cutwail DoppelPaymer Dridex Emotet FriedEx Gameover P2P Gandcrab ISFB Murofet Necurs Predator The Thief Zeus
2020-06-24MorphisecArnold Osipov
@online{osipov:20200624:obfuscated:74bfeed, author = {Arnold Osipov}, title = {{Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex}}, date = {2020-06-24}, organization = {Morphisec}, url = {https://blog.morphisec.com/obfuscated-vbscript-drops-zloader-ursnif-qakbot-dridex}, language = {English}, urldate = {2020-06-25} } Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Dridex ISFB QakBot Zloader
2020-06-19ReaqtaReaqta
@online{reaqta:20200619:dridex:54f4dd5, author = {Reaqta}, title = {{Dridex: the secret in a PostMessage()}}, date = {2020-06-19}, organization = {Reaqta}, url = {https://reaqta.com/2020/06/dridex-the-secret-in-a-postmessage/}, language = {English}, urldate = {2020-06-22} } Dridex: the secret in a PostMessage()
Dridex
2020-06-05VotiroVotiro’s Research Team
@online{team:20200605:anatomy:3047f6e, author = {Votiro’s Research Team}, title = {{Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19}}, date = {2020-06-05}, organization = {Votiro}, url = {https://votiro.com/blog/anatomy-of-a-well-crafted-ups-fedex-and-dhl-phishing-email-during-covid-19/}, language = {English}, urldate = {2020-06-10} } Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
Dridex
2020-05-27GAIS-CERTGAIS-CERT
@techreport{gaiscert:20200527:dridex:90bd3bd, author = {GAIS-CERT}, title = {{Dridex Banking Trojan Technical Analysis Report}}, date = {2020-05-27}, institution = {GAIS-CERT}, url = {https://gaissecurity.com/uploads/csirt/EN-Dridex-banking-trojan.pdf}, language = {English}, urldate = {2020-06-24} } Dridex Banking Trojan Technical Analysis Report
Dridex
2020-05-25CERT-FRCERT-FR
@online{certfr:20200525:indicateurs:642332f, author = {CERT-FR}, title = {{INDICATEURS DE COMPROMISSION DU CERT-FR - Objet: Le code malveillant Dridex}}, date = {2020-05-25}, organization = {CERT-FR}, url = {https://www.cert.ssi.gouv.fr/ioc/CERTFR-2020-IOC-003/}, language = {French}, urldate = {2020-06-03} } INDICATEURS DE COMPROMISSION DU CERT-FR - Objet: Le code malveillant Dridex
Dridex
2020-05-25CERT-FRCERT-FR
@techreport{certfr:20200525:le:ac94f72, author = {CERT-FR}, title = {{Le Code Malveillant Dridex: Origines et Usages}}, date = {2020-05-25}, institution = {CERT-FR}, url = {https://www.cert.ssi.gouv.fr/uploads/CERTFR-2020-CTI-005.pdf}, language = {French}, urldate = {2020-05-26} } Le Code Malveillant Dridex: Origines et Usages
Dridex
2020-05-20PTSecurityPT ESC Threat Intelligence
@online{intelligence:20200520:operation:7f6282e, author = {PT ESC Threat Intelligence}, title = {{Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet}}, date = {2020-05-20}, organization = {PTSecurity}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/operation-ta505/}, language = {English}, urldate = {2020-06-05} } Operation TA505: how we analyzed new tools from the creators of the Dridex trojan, Locky ransomware, and Neutrino botnet
FlawedAmmyy
2020-05-14Lab52Dex
@online{dex:20200514:energy:43e92b4, author = {Dex}, title = {{The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey}}, date = {2020-05-14}, organization = {Lab52}, url = {https://lab52.io/blog/the-energy-reserves-in-the-eastern-mediterranean-sea-and-a-malicious-campaign-of-apt10-against-turkey/}, language = {English}, urldate = {2020-06-10} } The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey
Cobalt Strike HTran MimiKatz PlugX Quasar RAT
2019-08-15Twitter (@just_windex)Windex
@online{windex:20190815:poslurpb:29adb6b, author = {Windex}, title = {{Tweet on PoSlurp.B}}, date = {2019-08-15}, organization = {Twitter (@just_windex)}, url = {https://twitter.com/just_windex/status/1162118585805758464}, language = {English}, urldate = {2020-01-09} } Tweet on PoSlurp.B
PoSlurp
2019-07-12CrowdStrikeBrett Stone-Gross, Sergei Frankoff, Bex Hartley
@online{stonegross:20190712:bitpaymer:113a037, author = {Brett Stone-Gross and Sergei Frankoff and Bex Hartley}, title = {{BitPaymer Source Code Fork: Meet DoppelPaymer Ransomware and Dridex 2.0}}, date = {2019-07-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/doppelpaymer-ransomware-and-dridex-2/}, language = {English}, urldate = {2020-04-25} } BitPaymer Source Code Fork: Meet DoppelPaymer Ransomware and Dridex 2.0
DoppelPaymer Dridex FriedEx
2019-05-14GovCERT.chGovCERT.ch
@online{govcertch:20190514:rise:8fd8ef4, author = {GovCERT.ch}, title = {{The Rise of Dridex and the Role of ESPs}}, date = {2019-05-14}, organization = {GovCERT.ch}, url = {https://www.govcert.admin.ch/blog/28/the-rise-of-dridex-and-the-role-of-esps}, language = {English}, urldate = {2020-01-09} } The Rise of Dridex and the Role of ESPs
Dridex
2018-12-18Trend MicroTrendmicro
@online{trendmicro:20181218:ursnif:cc5ce31, author = {Trendmicro}, title = {{URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader}}, date = {2018-12-18}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/ursnif-emotet-dridex-and-bitpaymer-gangs-linked-by-a-similar-loader/}, language = {English}, urldate = {2020-01-07} } URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
Dridex Emotet FriedEx ISFB
2018-11-14CrowdStrikeSergei Frankoff, Bex Hartley
@online{frankoff:20181114:big:723025d, author = {Sergei Frankoff and Bex Hartley}, title = {{Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware}}, date = {2018-11-14}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/big-game-hunting-the-evolution-of-indrik-spider-from-dridex-wire-fraud-to-bitpaymer-targeted-ransomware/}, language = {English}, urldate = {2019-12-20} } Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware
FriedEx INDRIK SPIDER
2018-02-09Bleeping ComputerLawrence Abrams
@online{abrams:20180209:dexcrypt:a7d1f62, author = {Lawrence Abrams}, title = {{DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer}}, date = {2018-02-09}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/dexcrypt-mbrlocker-demands-30-yuan-to-gain-access-to-computer/}, language = {English}, urldate = {2019-12-20} } DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer
MBRlock
2018-01-26ESET ResearchMichal Poslušný
@online{poslun:20180126:friedex:3c3f46b, author = {Michal Poslušný}, title = {{FriedEx: BitPaymer ransomware the work of Dridex authors}}, date = {2018-01-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2018/01/26/friedex-bitpaymer-ransomware-work-dridex-authors/}, language = {English}, urldate = {2019-11-14} } FriedEx: BitPaymer ransomware the work of Dridex authors
Dridex FriedEx