Dridex is a Trojan malware, also known as Bugat or Cridex, which is capable of stealing sensitive information from infected machines and delivering and executing malicious modules (dll).
"FortiGuard Labs recently captured new phishing email campaigns in the wild that included a specially crafted Excel document attachment. I did a deep research on one of them and discovered that once the malicious Excel document is opened on a victim's machine, it downloads a new variant of Dridex.
In this analysis, I will elaborate how the Excel document downloads Dridex, how this version of Dridex runs on a victim's device, what sensitive information it collects, and how it delivers malicious modules (dll)..."
Read More ...