Search
Keyword: dridex
This malware is related to the DRIDEX spam runs that used financial matters as its social engineering ploy. These spam emails have Word and Excel file documents which contain the macro that downloads DRIDEX. To get a one-glance comprehensive view of...
This malware is related to the DRIDEX spam runs that used financial matters as its social engineering ploy. These spam emails have Word and Excel file documents which contain the macro that downloads DRIDEX. To get a one-glance comprehensive view of...
We recently found a sample of a spam campaign that appears to use the mask of certain animal nutrtition companies. The email poses to be an invoice from Cargill and attempts to infe...
JavaScript downloaders, like JS_NEMUCOD variants, are making noise with its widespread distribution of malware such as ransomware and DRIDEX. These downloaders are usually found in spam as attachments.
In late April...
This spyware is one of the many DRIDEX variants that have been found in spam runs in November 2015. The said spam runs were observed after the takedown of a DRIDEX botnet.To get a one-glance comprehensive view of the behavior of this Trojan, refer to...
This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET. It then gathers information on the affected system and sen...
This malware is attached in spammed mail. It downloads other malware such as LOCKY ransomware and DRIDEX malware.This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users.It executes the downloaded f...
This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET. It then gathers information on the affected system and sen...
This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET. It then gathers information on the affected system and sen...
This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET. It then gathers information on the affected system and sen...
This ransomware arrives via spam with macro-embedded .DOC attachment, similar to the arrival of DRIDEX malware.It renames encrypted files to the format {unique ID per victim}{identifier}.locky. This Trojan may be unknowingly downloaded by a user whi...