Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: DRIDEX
- SUBJECTS OBSERVED
- Ocean Freight overdue invoice Of 03_01_2021
- SENDERS OBSERVED
- Jonathan.Stevens@msc.com
- DOCUMENT FILE HASHES
- Statement_as_of_mar_01_2021.xlsm
- c974f73e438cdd56984019d3865ff90b
- DRIDEX PAYLOAD URLS
- https://inovatechit.com/a8lkv5.zip
- DRIDEX PAYLOAD FILE HASH
- a8lkv5.zip
- 2b64b8df419b95739f4ee8c19c9eebea
- which is renamed to:
- akbjdwr.dll
- 2b64b8df419b95739f4ee8c19c9eebea
- DRIDEX C2s
- https://77.220.64.146:443
- https://85.25.134.43:8172
- https://213.208.134.178:6516
- SUPPORTING EVIDENCE
- https://urlhaus.abuse.ch/browse.php?search=https%3A%2F%2Finovatechit.com%2Fa8lkv5.zip
- https://www.virustotal.com/gui/url/61cb3cfe61d68502c02034b23c5de7703fb87e47349c5037ed1d9c7699e7f5bb/detection
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement