UnpackIt: Dridex

Unpacking Malware: Dridex Dridex is a malware which has long been targeting the financial sector in attempts to steal user credentials and compromise individuals. It targets individuals by sending phishing emails with Microsoft Office-based attachments embedding malicious macros which download additional payload and attain the authors' objectives. Since the first-stage malware is typically packed by Dridex, we’ll uncover how to unpack it and continue with analysis of subsequent stages. Acquiring the Malware Sample Here’s the hash of the malware sample we’ll be using for the unpacking:...

January 20, 2022 · 5 min · Syed Hasan