Technical analysis by the Malware Hunter JAMESWT

Cybercrime, the Dridex campaign via Quickbooks back. The xls attachment of the mail, also arrived in Italy, randomly contacts a link from an internal list and downloads the dll, starting the malware infection

Dridex is once again hiding behind a fake Quickbooks email, which has also arrived in Italy.

The xls attachment randomly contacts a url from an internal list and downloads the dll, which starts the malware infection. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Malware C2