Dridex Botnet & A question
Thank you for the nice work and analysis. I have had to perform an analysis on a similar variant from the same campaign that have been going around the last several days. This appears to be a variant of the Dridex Botnet. I have a question, what technique did you use to decode the obfuscated strings to find out the URL and the createobject?