Tecnica analysis by the Malware Hunter JAMESWT

New Dridex campaign via sales receipts and purchase orders. Two different emails but with the same xls attachment, which contacts a random link from an internal list and downloads the dll, starting the malware infection

New global Dridex campaign via false sales receipts and purchase orders. In the past few hours two emails have arrived. They have different texts but the same xls attachment.

This randomly contacts a url from an internal list and downloads the dll, which starts the malware infection. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Malware C2s