W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to Vawtrak and Dridex banking trojans. This malware campaign targets a wide array of users via their operating system and browser to deliver the appropriate payload.

W9M/Downloader Malware Campaign

W97M/Downloader is a specially-crafted Microsoft Word document that, when opened, silently executes a malicious macro that connects to multiple remote servers to download and display additional components.

Continue reading W97M/Downloader Malware Dropper Served from Compromised Websites at Sucuri Blog.

Via Sucuri.net

Tags: