Tag Archives: Malware Sample Dridex Banking Trojan .DOC Macro Download .EXE & C2 PCAP Traffic Sample

Malware Sample Dridex Banking Trojan .DOC Macro Download .EXE & C2 PCAP Traffic Sample

Dridex PCAP Sample #2 : dridex2.pcap This is what happens when you open the .doc file – a Macro runs which downloads a malicious executable:     Checks in and downloads data from : https://119.160.223.115:1143 https://151.80.142.33:1743 https://202.69.40.173:243 https://216.117.130.191:1143 After checking in, these C2 sites were used : https://103.23.154.184:443 https://129.15.78.110:443 https://148.202.223.222:443 https://14.98.240.58:443 https://176.53.0.103:443 https://181.177.231.245:443 https://185.47.108.92:443 https://188.126.116.26:443… Read More »

Share Button