Amazon3

Amazon

Tuesday, 24 November 2015

Dridex Macro Malware Summary

Here's a quick summary so far of the last 24 hours of Dridex Macro Malware and how Sanesecurity ClamAV (badmacro.ndb) detected them...



Blue and Red lines are Dridex Macros being blocked.

Now compare the above samples submitted within 5 minutes of them arriving... to VirusTotal
(as a simple guide to detection rates obviously):

detection: 6/54
https://www.virustotal.com/file/eedcabef646f97e4195f4ab5b6d52286be283af9bc09533707916b5c09c36df1/analysis/
--
detection: 6/53
https://www.virustotal.com/file/a1a2faf81e94c610da043931dc3dfc37f82052e531559fbd13205cb20b880428/analysis/
--
detection: 6/53
https://www.virustotal.com/file/bf428c6d82fed22d5fd2ad3623ea10317572f69301ecb0d891e322557e52512b/analysis/
--
detection: 6/54
https://www.virustotal.com/file/96b8d9fe171f1bcfec4455c6616e6bfe117b5f838750585401d2a8b78827e7d4/analysis/
--
detection: 5/55
https://www.virustotal.com/file/ce237587231a119c6924b78da78fc6e79e35af37818c20dc9bba09bf07016629/analysis/
--
detection: 7/53
https://www.virustotal.com/file/2db0ae3ad5f38c6ff39be773811c123278fd12a9954bfa0074d8da2d91d793af/analysis/
--
detection: 6/54
https://www.virustotal.com/file/6c632bc22749fae9e4c22d3fb365111ac3d31b74dcbf2bec2de96fe9a9f2cc80/analysis/
--
detection: 6/55
https://www.virustotal.com/file/4b2166b3affb04bcbe4c743b5cb932ff4e368f01d5d0bcbae0ba8e025cc38b24/analysis/
--
detection: 4/55
https://www.virustotal.com/file/1e472a0437b2c7a0e8d13100e1b0d1bbfb6585a6b3eed40f1368d48d1ebba7cf/analysis/
--
detection: 5/55
https://www.virustotal.com/file/bc40a1245751bc5dce50ec0b8a153fd47d84a817a3bd206aa9711e79a4c08f51/analysis/
--
detection: 6/55
https://www.virustotal.com/file/c73476f6d3a076c8c330ec84b12ea4c6b2b6a526e968af940bbf2ace57a7bce3/analysis/
--
detection: 5/56
https://www.virustotal.com/file/450d4118062fbd9f7d21e6225d68418b2b142e11d2421ea352d31baeab1b94c5/analysis/
--
detection: 6/56
https://www.virustotal.com/file/8f2ad887047b224900e7cfe4527d907d47b50d64fe507c95a031c6ee3ee58d81/analysis/
--
detection: 3/55
https://www.virustotal.com/file/dd512875c5fc3a1040b7aaf7493274ee66573c118e536f0863ff3dc888a2eeb5/analysis/
--
detection: 3/55
https://www.virustotal.com/file/44496278c26f794a59178c0aa07c8f71e783861c6b53c2ee0a5fbbdf549163a0/analysis/
--
detection: 3/56
https://www.virustotal.com/file/d4e2ce1ad86ab80f4995ca4b204607f5b47a4aa3601f1c0dba94c1c1969a4462/analysis/


Cheers,

Steve
Sanesecurity.com

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)