From us-cert.gov
Indicators of Compromise
The following indicators are associated with the activity described in this report:
| Indicator Type | Indicator Value | Associated Activity |
|---|---|---|
| Email address | info[@]antonioscognamiglio[.]it | Dridex |
| Email address | info[@]golfprogroup[.]com | Dridex |
| Email address | cariola72[@]teletu[.]it | Dridex |
| Email address | faturamento[@]sudestecaminhoes[.]com.br | Dridex |
| Email address | info[@]melvale[.]co.uk | Dridex |
| Email address | fabianurquiza[@]correo.dalvear[.]com.ar | Dridex |
| Email address | web1587p16[@]mail.flw-buero[.]at | Dridex |
| Email address | bounce[@]bestvaluestore[.]org | Dridex |
| Email address | farid[@]abc-telecom[.]az | Dridex |
| Email address | bounce[@]bestvaluestore[.]org | Dridex |
| Email address | admin[@]sevpazarlama[.]com | Dridex |
| Email address | faturamento[@]sudestecaminhoes[.]com.br | Dridex |
| Email address | pranab[@]pdrassocs[.]com | Dridex |
| Email address | tom[@]blackburnpowerltd[.]co.uk | Dridex |
| Email address | yportocarrero[@]elevenca[.]com | Dridex |
| Email address | s.palani[@]itifsl.co[.]in | Dridex |
| Email address | faber[@]imaba[.]nl | Dridex |
| Email address | admin[@]belpay[.]by | Dridex |
| IP address | 62[.]149[.]158[.]252 | Dridex |
| IP address | 177[.]34[.]32[.]109 | Dridex |
| IP address | 2[.]138[.]111[.]86 | Dridex |
| IP address | 122[.]172[.]96[.]18 | Dridex |
| IP address | 69[.]93[.]243[.]5 | Dridex |
| IP address | 200[.]43[.]183[.]102 | Dridex |
| IP address | 79[.]124[.]76[.]30 | Dridex |
| IP address | 188[.]125[.]166[.]114 | Dridex |
| IP address | 37[.]59[.]52[.]64 | Dridex |
| IP address | 50[.]28[.]35[.]36 | Dridex |
| IP address | 154[.]70[.]39[.]158 | Dridex |
| IP address | 108[.]29[.]37[.]11 | Dridex |
| IP address | 65[.]112[.]218[.]2 | Dridex |