Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: DRIDEX
- SUBJECTS OBSERVED
- Past Due Invoice No. #112422
- SENDERS OBSERVED
- thick@ereceivedstoptopus[.]xyz
- DOCUMENT FILE HASHES
- 966628[.]xlsm
- 5a38f35050eb33aaee345b8b945bd40b
- DRIDEX PAYLOAD DISTRIBUTION URLS FROM POWERSHELL/VB
- hxxp://mekund[.]com/mkcxskjd[.]exe
- DRIDEX PAYLOAD FILE HASHES
- mkcxskjd[.]exe
- 86e52277cce4aa49694729055c481e5a
- SUPPORTING EVIDENCE
- https://urlhaus.abuse.ch/url/400703/
- https://twitter.com/abuse_ch/status/1275417286984249344
Add Comment
Please, Sign In to add comment