Anatomy of a VBA Malware Dropper

Dridex Botnet & A question

Thank you for the nice work and analysis. I have had to perform an analysis on a similar variant from the same campaign that have been going around the last several days. This appears to be a variant of the Dridex Botnet. I have a question, what technique did you use to decode the obfuscated strings to find out the URL and the createobject?

Show your support

Clapping shows how much you appreciated Jacob Goldberg’s story.