skip to Main Content

Cybercrime, Dridex is back with an invoice-themed campaign

Technical analysis by the Malware Hunter JAMESWT

New invoice-themed Dridex campaign. The email contains an xlsm attachment. This, if opened, contacts a random url from an internal list and downloads the dll, which starts the malware infection

Dridex is once again striking in a new global malspam campaign with an invoice theme. The email contains an xls attachment which, if opened, contacts a random url from an internal list and downloads a dll, which starts the malware infection. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially on couriers and invoices. The targets are mainly companies, but not only.

The fake email

The internal url list, contacted randomly, to download the dll

Back To Top