Talking to Dridex (part 0) – inside the dropper
Data publikacji: 17/11/2015, mak
Intro
Dridex mostly comes to us as spam which contains a .doc with some macros, responsible for downloading a dropper. One can quickly analyze it using oledump.py and looking through vbscript, or naturally, just try to run it in a sandbox and obtain the dropped files.
Czytaj więcej