Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: DRIDEX
- SUBJECTS OBSERVED
- New Invoice(s) for C379071418 are Available to be Viewed
- SENDERS OBSERVED
- customer_service@freightquote.com
- DOCUMENT FILE HASHES
- 1 Total New Invoices_Wendesday March 10_2021.xlsm
- 03fd6b515355bb513131951edf43ad5e
- DRIDEX PAYLOAD URLS
- https://maxassur.com/g7kqmf1.rar
- DRIDEX PAYLOAD FILE HASH
- g7kqmf1.rar
- 58d1d1119844c16122189ede908b825c
- which is renamed to:
- pminajlr.dll
- 58d1d1119844c16122189ede908b825c
- DRIDEX C2s
- https://178.33.183.53:7443
- https://210.65.244.166:443
- SUPPORTING EVIDENCE
- https://urlhaus.abuse.ch/url/1059144/
- https://urlhaus.abuse.ch/browse.php?search=58d1d1119844c16122189ede908b825c
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement