Skip to main content

Locky served in the same way as Dridex

Locky served in the same way as Dridex

CryptoLocker (Locky) served in the same way as Dridex. Yesterday evening I realized that I have interesting e-mail (with attachment) in my personal mailbox.   File information: The attachment: invoice_J-30151039.doc (Md5: 1cd1703ed73d8ebfbf17e361768710c8) The mail content: ———————————————————————————-. Dear XXXXX, Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at […]

Read More

VBS.Dunihi

VBS.Dunihi

My first look at VBS.Dunihi Some weeks ago I’ve got two samples of VBS.Dunihi, so I decided to have a quick look. Obviously almost all AV vendors had no detection for it. I am pretty sure that there are plenty reviews of this malware on the web already … but every time I decide to […]

Read More

W97.DOWNLOADER – Dridex dropper

W97.DOWNLOADER – Dridex dropper

My Second look at W97.DOWNLOADER – Dridex dropper. I performed it very quickly during the time my two devils (wife and son) are not active anymore (late night) with blurred eyes [In my personal isolated home based AV lab ;-)]… sorry for any mistakes. The goal of my research was to get better understanding about […]

Read More