skip to Main Content

Cybercrime, new Dridex campaign via invoice

Technical analysis by the Malware Hunter JAMESWT

New Dridex campaign via invoice. The xlsb attachment contacts a random url from an internal list and downloads the dll, which activates the malware infection chain

New invoice-themed global Dridex campaign.

The xlsb attachment, if opened, contacts a random url from an internal list, downloading the dll and activating the malware infection chain.

Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Malware C2

Back To Top