Skip to main content

Locky served in the same way as Dridex

Locky served in the same way as Dridex

CryptoLocker (Locky) served in the same way as Dridex. Yesterday evening I realized that I have interesting e-mail (with attachment) in my personal mailbox.   File information: The attachment: invoice_J-30151039.doc (Md5: 1cd1703ed73d8ebfbf17e361768710c8) The mail content: ———————————————————————————-. Dear XXXXX, Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at […]

Read More

Malware – Common LoadPoints

This document describes the most common load points that are used by malicious software. These files or registry locations allows running the malware automatically once you log on or start the machine etc.            ## Startup folders (including all users)- The file stored inside of these folders will be executed after user logs on. -#HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User […]

Read More