Dridex is also known as Bugat and Cridex is a form of malware that specializes in stealing bank credentials. Below are the latest indicators of compromise.
Credits : Research by ExecuteMalware
Indicators of Compromise (IOCs)
THREAT IDENTIFICATION: DRIDEX
SUBJECTS OBSERVED
New Invoice(s) for C379071418 are Available to be Viewed
SENDERS OBSERVED
customer_service@freightquote [.]com
DOCUMENT FILE HASHES
1 Total New Invoices_Wendesday March 10_2021 [.]xlsm
03fd6b515355bb513131951edf43ad5e
DRIDEX PAYLOAD URLS
https://maxassur [.]com/g7kqmf1 [.]rar
DRIDEX PAYLOAD FILE HASH
g7kqmf1 [.]rar
58d1d1119844c16122189ede908b825c
Suspicious DLL
pminajlr [.]dll
58d1d1119844c16122189ede908b825c
DRIDEX C2s
https://178 [.]33 [.]183 [.]53:7443
https://210 [.]65 [.]244 [.]166:443
SUPPORTING EVIDENCE
https://urlhaus [.]abuse [.]ch/url/1059144/
https://urlhaus [.]abuse [.]ch/browse [.]php?search=58d1d1119844c16122189ede908b825c