Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-10FortinetXiaopeng Zhang
@online{zhang:20210910:new:25d8475, author = {Xiaopeng Zhang}, title = {{New Dridex Variant Being Spread By Crafted Excel Document}}, date = {2021-09-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-dridex-variant-being-spread-by-crafted-excel-document?&web_view=true}, language = {English}, urldate = {2021-09-12} } New Dridex Variant Being Spread By Crafted Excel Document
DoppelDridex
2021-08-19BlackberryBlackBerry Research & Intelligence Team
@online{team:20210819:blackberry:2eec433, author = {BlackBerry Research & Intelligence Team}, title = {{BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware}}, date = {2021-08-19}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/08/blackberry-prevents-threat-actor-group-ta575-and-dridex-malware}, language = {English}, urldate = {2021-08-23} } BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware
Cobalt Strike Dridex
2021-08-05Red CanaryTony Lambert, Brian Donohue, Dan Cotton
@online{lambert:20210805:when:aeb7b10, author = {Tony Lambert and Brian Donohue and Dan Cotton}, title = {{When Dridex and Cobalt Strike give you Grief}}, date = {2021-08-05}, organization = {Red Canary}, url = {https://redcanary.com/blog/grief-ransomware/}, language = {English}, urldate = {2021-09-10} } When Dridex and Cobalt Strike give you Grief
Cobalt Strike DoppelDridex DoppelPaymer
2021-07-02MalwareBookReportsmuzi
@online{muzi:20210702:skip:09c3cd8, author = {muzi}, title = {{Skip the Middleman: Dridex Document to Cobalt Strike}}, date = {2021-07-02}, organization = {MalwareBookReports}, url = {https://malwarebookreports.com/cryptone-cobalt-strike/}, language = {English}, urldate = {2021-07-06} } Skip the Middleman: Dridex Document to Cobalt Strike
Cobalt Strike Dridex
2021-06-30GuardicoreLiad Mordekoviz, Ophir Harpaz
@online{mordekoviz:20210630:smb:93a9547, author = {Liad Mordekoviz and Ophir Harpaz}, title = {{SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks}}, date = {2021-06-30}, organization = {Guardicore}, url = {https://www.guardicore.com/labs/smb-worm-indexsinas/}, language = {English}, urldate = {2021-07-02} } SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks
2021-06-22Twitter (@Cryptolaemus1)Cryptolaemus, Kirk Sayre, dao ming si
@online{cryptolaemus:20210622:ta575:895ac37, author = {Cryptolaemus and Kirk Sayre and dao ming si}, title = {{Tweet on TA575, a Dridex affiliate delivering cobaltstrike (packed withe Cryptone) directly via the macro docs}}, date = {2021-06-22}, organization = {Twitter (@Cryptolaemus1)}, url = {https://twitter.com/Cryptolaemus1/status/1407135648528711680}, language = {English}, urldate = {2021-06-22} } Tweet on TA575, a Dridex affiliate delivering cobaltstrike (packed withe Cryptone) directly via the macro docs
Cobalt Strike Dridex
2021-06-03YouTube (FIRST)Felipe Domingues, Gustavo Palazolo
@online{domingues:20210603:breaking:69967e5, author = {Felipe Domingues and Gustavo Palazolo}, title = {{Breaking Dridex Malware}}, date = {2021-06-03}, organization = {YouTube (FIRST)}, url = {https://www.youtube.com/watch?v=1VB15_HgUkg}, language = {English}, urldate = {2021-06-16} } Breaking Dridex Malware
Dridex
2021-04-15Twitter (@felixw3000)Felix
@online{felix:20210415:dridexs:a39e123, author = {Felix}, title = {{Tweet on Dridex's evasion technique}}, date = {2021-04-15}, organization = {Twitter (@felixw3000)}, url = {https://twitter.com/felixw3000/status/1382614469713530883?s=20}, language = {English}, urldate = {2021-05-25} } Tweet on Dridex's evasion technique
Dridex
2021-04-06LexfoLexfo
@online{lexfo:20210406:dridex:a3b6f4f, author = {Lexfo}, title = {{Dridex Loader Analysis}}, date = {2021-04-06}, organization = {Lexfo}, url = {https://blog.lexfo.fr/dridex-malware.html}, language = {English}, urldate = {2021-04-09} } Dridex Loader Analysis
Dridex
2021-03-29VMWare Carbon BlackJason Zhang, Oleg Boyarchuk, Giovanni Vigna
@online{zhang:20210329:dridex:7692f65, author = {Jason Zhang and Oleg Boyarchuk and Giovanni Vigna}, title = {{Dridex Reloaded: Analysis of a New Dridex Campaign}}, date = {2021-03-29}, organization = {VMWare Carbon Black}, url = {https://blogs.vmware.com/networkvirtualization/2021/03/analysis-of-a-new-dridex-campaign.html/}, language = {English}, urldate = {2021-04-09} } Dridex Reloaded: Analysis of a New Dridex Campaign
Dridex
2021-03-11IBMDave McMillen, Limor Kessem
@online{mcmillen:20210311:dridex:1140b01, author = {Dave McMillen and Limor Kessem}, title = {{Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts}}, date = {2021-03-11}, organization = {IBM}, url = {https://securityintelligence.com/dridex-campaign-propelled-by-cutwail-botnet-and-powershell/}, language = {English}, urldate = {2021-03-12} } Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2021-03-02HispasecHispasec Sistemas
@techreport{sistemas:20210302:campaa:7faa602, author = {Hispasec Sistemas}, title = {{Campaña Fedex Banker}}, date = {2021-03-02}, institution = {Hispasec}, url = {https://hispasec.com/resources/FedexBanker.pdf}, language = {Spanish}, urldate = {2021-06-29} } Campaña Fedex Banker
FluBot
2021-02-24IBMIBM SECURITY X-FORCE
@online{xforce:20210224:xforce:ac9a90e, author = {IBM SECURITY X-FORCE}, title = {{X-Force Threat Intelligence Index 2021}}, date = {2021-02-24}, organization = {IBM}, url = {https://ibm.ent.box.com/s/hs5pcayhbbhjvj8di5sqdpbbd88tsh89}, language = {English}, urldate = {2021-03-02} } X-Force Threat Intelligence Index 2021
Emotet QakBot Ramnit REvil TrickBot
2021-02-11Twitter (@malwrhunterteam)MalwareHunterTeam
@online{malwarehunterteam:20210211:one:7cecd47, author = {MalwareHunterTeam}, title = {{Tweet on one of the first Fedex-themed lures for FluBot}}, date = {2021-02-11}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1359939300238983172}, language = {English}, urldate = {2021-06-29} } Tweet on one of the first Fedex-themed lures for FluBot
FluBot
2021-02-07Technical Blog of Ali AqeelAli Aqeel
@online{aqeel:20210207:dridex:871b7d0, author = {Ali Aqeel}, title = {{Dridex Malware Analysis}}, date = {2021-02-07}, organization = {Technical Blog of Ali Aqeel}, url = {https://aaqeel01.wordpress.com/2021/02/07/dridex-malware-analysis/}, language = {English}, urldate = {2021-02-09} } Dridex Malware Analysis
Dridex
2021-02-02Twitter (@TheDFIRReport)The DFIR Report
@online{report:20210202:recent:5272ed0, author = {The DFIR Report}, title = {{Tweet on recent dridex post infection activity}}, date = {2021-02-02}, organization = {Twitter (@TheDFIRReport)}, url = {https://twitter.com/TheDFIRReport/status/1356729371931860992}, language = {English}, urldate = {2021-02-04} } Tweet on recent dridex post infection activity
Cobalt Strike Dridex
2021-01-19HPPatrick Schläpfer
@online{schlpfer:20210119:dridex:a8b3da4, author = {Patrick Schläpfer}, title = {{Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs}}, date = {2021-01-19}, organization = {HP}, url = {https://threatresearch.ext.hp.com/dridex-malicious-document-analysis-automating-the-extraction-of-payload-urls/}, language = {English}, urldate = {2021-01-21} } Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex
2021-01-04Check PointCheck Point Research
@online{research:20210104:dridex:2741eba, author = {Check Point Research}, title = {{DRIDEX Stopping Serial Killer: Catching the Next Strike}}, date = {2021-01-04}, organization = {Check Point}, url = {https://research.checkpoint.com/2021/stopping-serial-killer-catching-the-next-strike/}, language = {English}, urldate = {2021-01-05} } DRIDEX Stopping Serial Killer: Catching the Next Strike
Dridex
2020-12-15Medium (Cryptax)Axelle Apvrille
@online{apvrille:20201215:unpacking:af6a6ee, author = {Axelle Apvrille}, title = {{Unpacking an Android malware with Dexcalibur and JEB}}, date = {2020-12-15}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/unpacking-an-android-malware-with-dexcalibur-and-jeb-59bdd905d4a7}, language = {English}, urldate = {2020-12-19} } Unpacking an Android malware with Dexcalibur and JEB
2020-09-18AppGateGustavo Palazolo, Felipe Duarte
@online{palazolo:20200918:reverse:689e4cb, author = {Gustavo Palazolo and Felipe Duarte}, title = {{Reverse Engineering Dridex and Automating IOC Extraction}}, date = {2020-09-18}, organization = {AppGate}, url = {https://www.appgate.com/blog/reverse-engineering-dridex-and-automating-ioc-extraction}, language = {English}, urldate = {2020-09-25} } Reverse Engineering Dridex and Automating IOC Extraction
Dridex