Threat Intelligence – Dridex Malware Latest IOCs

0

Dridex is also known as Bugat and Cridex is a form of malware that specializes in stealing bank credentials. Below are the latest indicators of compromise.

Credits : Research by ExecuteMalware

Indicators of Compromise (IOCs)

THREAT IDENTIFICATION: DRIDEX

SUBJECTS OBSERVED
New Invoice(s) for C379071418 are Available to be Viewed

SENDERS OBSERVED
customer_service@freightquote [.]com

DOCUMENT FILE HASHES
1 Total New Invoices_Wendesday March 10_2021 [.]xlsm
03fd6b515355bb513131951edf43ad5e

DRIDEX PAYLOAD URLS
https://maxassur [.]com/g7kqmf1 [.]rar

DRIDEX PAYLOAD FILE HASH
g7kqmf1 [.]rar
58d1d1119844c16122189ede908b825c

Suspicious DLL
pminajlr [.]dll
58d1d1119844c16122189ede908b825c

DRIDEX C2s
https://178 [.]33 [.]183 [.]53:7443
https://210 [.]65 [.]244 [.]166:443

SUPPORTING EVIDENCE
https://urlhaus [.]abuse [.]ch/url/1059144/
https://urlhaus [.]abuse [.]ch/browse [.]php?search=58d1d1119844c16122189ede908b825c

Previous articleThreat Intelligence – AGENT TESLA Malware Latest IOCs
Next articleThreat Intelligence – Cobalt Strike Stager Latest IOCs
BalaGanesh
Balaganesh is a Incident Responder. Certified Ethical Hacker, Penetration Tester, Security blogger, Founder & Author of Soc Investigation.

LEAVE A REPLY

Please enter your comment!
Please enter your name here