Tag: Dridex
Dridex: the secret in a PostMessage()
Published 1 year ago
Dridex is a well-known banking malware that evolves constantly. This time we analyze a new variant that uses an effective technique to bypass security solutions.
Dridex Downloader Tries New Sandbox-Evasion Techniques
Published 5 years ago
Dridex is currently one of the most active and widespread banking malware. Like Locky ransomware also Dridex is dispatched through a massive spam mail campaign that uses the Necurs botnet. Our sensors have long been tracking these spam campaigns and recent captured emails contain a Word document that drops Dridex. In our latest samples we have observed a delay on execution of the …
Continue reading “Dridex Downloader Tries New Sandbox-Evasion Techniques”
Analysis of an Undetected Dridex Sample
Published 6 years ago
On the 4th of August one of our customers reported an infection attempt on one of their machines. In their deployment ReaQta-core is used to augment the security of their signature-based enterprise endpoint protection system, so an infection attempt detected by our solution is a sign that the AV missed the threat. Usually this either …
