2018-12-12: ISFB v215 -> Dridex "3101"

MD5 (2018-12-11.isfbv215.loader.unpacked.vk.exe) = 5414320c660404a63163d0994b30c299


Bot                     ['2.15']
Build                   ['165']
Botnet/Group ID         ['3152', '3153']
DGA TLDs                ['com', 'ru', 'org']
Server                  [’12’]
Encryption key          ['10291029JSJUYNHG']
DGA CRC                 ['0x4eb7d2ca']
DGA Base URL            ['constitution.org/usdeclar.txt']
Domains                 ['biesbetiop.com', 'kircherche.com', 'toforemedi.com']
Path:                   ['/images/']


Dridex "3101"
Dridex First-Layer
============================
174.34.253.11:443
141.255.166.182:443
192.48.88.177:443