Thursday, 25 December 2014

Dridex Malware - "Christmas Offers Conatins Macro Malware"

Christmas Offers.Docx

Spammers have Christmas as a chance to send e-mails that seem to contain a Christmas special initially look, however truly unfold malware. The e-mails going around currently feature a Word document referred to as "Christmas Offerings" hooked up. Once opened, attempt the macros within the document to transfer a malicious executable file.

The authors have created several macros in fact

Because of the protection risks interference Microsoft office standard macros and users also get to check a security warning that the macros are disabled. within the same warning might opt for, however, users need to to show the content of the document. The user selects this, then the Dridex Trojan is downloaded to the pc. this can be a Trojan specifically designed to steal cash from on-line bank accounts, according to anti-virus company Malwarebytes.

VBA code

Virustotal Report:- Christmas Offers.Doc

Virustotal Analysis Report of Christmas Offers.Docx

MD5: 9d0b2db07a5c5a903e0d599c8fcc63ca

Virustotal Report of Downloaded Exe:

Virustotal Analysis Report of Dowloaded Exe

MD5: 09e21abb85829788cab67d112d1b7c95

Macro Example:

No comments:

Post a Comment