Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT ATTRIBUTION: DRIDEX
- SUBJECTS OBSERVED
- Updated Invoice(s) with Adjustment
- SENDERS OBSERVED
- CCollection_s@chrobinson.com
- DOCUMENT FILE HASHES
- INV3104508191.xlsm
- 087ab72bddf5ddc2b92322833a478dd7
- DRIDEX PAYLOAD URLS
- https://coachboom.mhtechnologies.us/cpwjurqt.zip
- DRIDEX PAYLOAD FILE HASH
- cpwjurqt.zip
- dc0034ec0c1c3c74e3396a8313ebde01
- It's really a .dll file not a .zip file
- cnxlsycx.dll
- dc0034ec0c1c3c74e3396a8313ebde01
- DRIDEX C2s
- 77.220.64.132:443
- 212.227.53.240:5037
- SUPPORTING EVIDENCE
- https://app.any.run/tasks/298327f5-1565-4d8b-b120-2fd792ad0ce0/
- https://urlhaus.abuse.ch/url/998960/
Add Comment
Please, Sign In to add comment
