I haven’t seen Dridex banking trojan hitting the UK in absolutely ages. In fact I can’t remember when I last saw one. This is detected as Dridex by some VirusTotal detections but online sandbox analysis aren’t showing typical Dridex SSl connections, so I am not sure exactly what this is. Update: I am informed reliably that it is Gozi/ Ursnif Banking trojan An email with the subject of “Are all above transactions recognisable to you” pretending to come from HSBC Protection Support but actually coming from mail@rockinghamdental.com with a link in the email body going to https://rockinghamdental.com/main.php?YHKeGpEamn4XDDA45X%2FX58xslDwVkwOIlhvoXlCIsjs1oacGQ6f7%2Ffq5ljqjDQvnt45QJjDuum5wJUNrVDOXq5rfskJnM3a6ZYlmYvi8zZevaVtFLU8q5y5Mb%2FFv4XrwoosR0%2BY%2BzdzN6fdoJC6Mr9eo4lDT0NfeTQbMd5oNiC0Wjpvlcm2c5HNvNMOufQ7dPcFrZf8I%2FeC4Sz%2BXQpnHLOZquT4FT9FyLQas1%2BbjXo8%3D where a file is downloaded. Transaction_Log.exe … Continue reading →