2015-04-15 - DRIDEX MALSPAM ABOUT FAILED WIRE TRANSFERS

ASSOCIATED FILES:

 

NOTES:

 

EMAILS

SCREENSHOT EXAMPLE:

 

EXAMPLES OF THE SUBJECT LINES:

 

EXAMPLES OF MALWARE FROM THE LINKS IN THE EMAILS:

 

INFECTION TRAFFIC

FROM MONITORING AN INFECTED HOST:

 

NOTES:

 

SNORT EVENTS

The only Dridex-specific alert I got was the following:

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.