Technical analysis by the Malware Hunter JAMESWT

Walmart themed Dridex global campaign. The email xlsm attachment in the mail contacts a url from an internal list and downloads the dll, starting the malware infection

Walmart is the lure for a new Dridex global campaign.

The xlsm attachment in the mail, detected by malware_traffic, randomly contacts a url from an internal list and downloads the dll, starting the malware infection. Dridex is a very dangerous banking Trojan used by cybercrime, which has long been the protagonist of campaigns all over the world, especially with a courier theme. The targets are mainly companies, but not only.

Malware Behavior