Email attachments, .xlsm documents, contact a link chosen randomly from an internal list. This download a DLL that starts the malware infection.
Cyber security expert JAMESWT discovers a new cybercrime malspam campaign to spread Dridex globally. The lure is a fake invoice by the courier. The XLS attachment dowloads a DLL that infects the computer with the malware
FedEx is the last lure used by cybercrime to spread Dridex in a wordlwide campaign. Cyber security expert JAMESWT discovered new malspam attacks that exploit a fake invoice by the courier with an XLS document attached. If the victims opens it, the file will contact many C2 servers and download a DLL. This wil infect the machine with the malware (aka Bugat and Cridex). It’s specialized in stealing bank credentials to launch fraudolent transactions.
The email with the fake FedEx invoice