Advertisement
ExecuteMalware

2021-03-01 Dridex IOCs

Mar 1st, 2021
5,711
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.74 KB | None | 0 0
  1. THREAT IDENTIFICATION: DRIDEX
  2.  
  3. SUBJECTS OBSERVED
  4. Ocean Freight overdue invoice Of 03_01_2021
  5.  
  6. SENDERS OBSERVED
  7. Jonathan.Stevens@msc.com
  8.  
  9. DOCUMENT FILE HASHES
  10. Statement_as_of_mar_01_2021.xlsm
  11. c974f73e438cdd56984019d3865ff90b
  12.  
  13. DRIDEX PAYLOAD URLS
  14. https://inovatechit.com/a8lkv5.zip
  15.  
  16. DRIDEX PAYLOAD FILE HASH
  17. a8lkv5.zip
  18. 2b64b8df419b95739f4ee8c19c9eebea
  19.  
  20. which is renamed to:
  21. akbjdwr.dll
  22. 2b64b8df419b95739f4ee8c19c9eebea
  23.  
  24. DRIDEX C2s
  25. https://77.220.64.146:443
  26. https://85.25.134.43:8172
  27. https://213.208.134.178:6516
  28.  
  29. SUPPORTING EVIDENCE
  30. https://urlhaus.abuse.ch/browse.php?search=https%3A%2F%2Finovatechit.com%2Fa8lkv5.zip
  31. https://www.virustotal.com/gui/url/61cb3cfe61d68502c02034b23c5de7703fb87e47349c5037ed1d9c7699e7f5bb/detection
  32.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement