Dridex Distributed with “Merry Christmas!” Excel File Posted By jcleebobgatenet , December 28, 2021 The ASEC analysis team has discovered Excel files with Dridex downloader being distributed during the Christmas season. The team has continuously been uploading posts in the ASEC blog about the distribution of Dridex with the Excel file macro (see links below). Dridex is a banking malware that collects a user’s banking credentials and performs malicious behaviors by receiving commands from the attacker. It is usually distributed through spam emails and performs malicious behaviors after downloading the main module through a…
Dridex Distributed Through Excel 4.0 Macro Posted By jcleebobgatenet , September 8, 2021 The ASEC analysis team has recently discovered that the method of distributing Dridex via Excel files is changing more rapidly and frequently. The team has been introducing the distribution method of Dridex through the ASEC blog since last year, and the latest related post was uploaded last month to introduce Excel file that uses the task scheduler to distribute Dridex. The recently distributed Excel files use the Excel 4.0 macro instead of the VBA macro which was used in previous…
Excel Files Becoming More Sophisticated (Distribution of Dridex and Cobalt Strike) Posted By jcleebobgatenet , July 26, 2021 The distribution method of Dridex through Excel files has been steadily discovered since last year and was introduced on this blog. Recently, the ASEC analysis team found that the Cobalt Strike tool along with Dridex is being distributed with a similar method as before. Yet unlike previous cases, recent Excel documents that are being distributed were found to perform malicious behaviors after a certain time using the task scheduler. It is assumed that the change in the operation method was…
