Dissecting a Dridex Dropper
Grabbing some Samples Since I wanted to make sure and grab some more recent samples, I headed over to Malware Bazaar to grab a few samples. Since the database is searchable, I can throw in keyword searches (like Dridex) in order to filter the malware samples that I get back.
Here I went ahead and search for signature:dridex and filter by the most recently submissions. Now, since I’m grabbing samples that have already been reporting, I know that I’m not going to be submitting the file hash that actually blocks it.
[Read More]