General
Static task
static1
URLScan task
urlscan1
Sample
https://traffic.selfadtracker1.online/cryptopayself?cpm_id=428062182&cpm_cost=0.001
Malware Config
Extracted
Family
dridex
Botnet
10111
C2
103.70.29.165:443
202.28.80.101:7443
91.121.146.47:10443
175.126.176.79:9676
rc4.plain
rc4.plain
Targets
-
-
Target
https://traffic.selfadtracker1.online/cryptopayself?cpm_id=428062182&cpm_cost=0.001
-
Blocklisted process makes network request
-
Executes dropped EXE
-