Excel Files Becoming More Sophisticated (Distribution of Dridex and Cobalt Strike)

The distribution method of Dridex through Excel files has been steadily discovered since last year and was introduced on this blog. Recently, the ASEC analysis team found that the Cobalt Strike tool along with Dridex is being distributed with a similar method as before. Yet unlike previous cases, recent Excel documents that are being distributed were found to perform malicious behaviors after a certain time using the task scheduler. It is assumed that the change in the operation method was … Continue reading Excel Files Becoming More Sophisticated (Distribution of Dridex and Cobalt Strike)