Trusted Design

RockLoader – New Upatre-like Downloader Pushed by Dridex,

概要

On 4/6, the Phishing Intelligence team came across a wave of phishing emails that contained a .js file packaged inside of a zip file used to deliver malware. This is nothing new, and has been seen being pushed out by resources associated with the Dridex botnet and the Locky encryption ransomware. The interesting piece is that the attackers are using a new piece of malware called RockLoader to download and install the malware on remote systems. Downloaders are nothing new, as Upatre was used with Dyre and Gameover ZeuS in the past. RockLoader has several tricks up its sleeve. Source : http://phishme.com/rockloader-new-upatre-like-downloader-pushed-dridex-downloads-malwares/

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• RockLoader Malware (score: 0.73)
• Locky Ransomware Cybercriminals introduce New RockLoader Malware (score: 0.72)
• UPATRE/DYRE MALSPAM -SUBJ: SCANNED IMAGE FROM A XEROX WORKCENTRE (score: 0.66)
• From Locky with love – reading malicious attachments (score: 0.66)
• Malicious spam serve zip archives of javascript files (score: 0.63)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る