Dridex does this MD5 2eaf243bad4b1c22089e7654524f0e5a or this dropped by recent dridex bbbfba7d888b39a68aac3f34141995f4 (http://malware-traffic-analysis.net/2017/12/04/index2.html). Possibly could be updated to show process name as well as PID in message. For example below PID 2120 is actually explorer.exe so it is injecting into explorer
jbremer
commented
6 years ago
Dridex does this MD5 2eaf243bad4b1c22089e7654524f0e5a or this dropped by recent dridex bbbfba7d888b39a68aac3f34141995f4 (http://malware-traffic-analysis.net/2017/12/04/index2.html). Possibly could be updated to show process name as well as PID in message. For example below PID 2120 is actually explorer.exe so it is injecting into explorer