http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml

117.18.232.200
144.217.43.12

SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex

http://162.241.41.111:7080/zHsuIvLviSDOPRkO/

162.241.41.111
183.77.227.38
45.177.120.36

http://162.241.41.111:7080/9vM9Xkby/TJPNHoq22HNNc7Ec/l7fkbelA7L/qefIUbxnlbHE/yBUyRhMXZSADehNRcg/

162.241.41.111
183.77.227.38
45.177.120.36

http://192.81.38.31/2xlwoDLp/YXwabH/6a0Jme2xmJ/
http://riandutra.com/img/o9o/

191.6.196.95
192.81.38.31

ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET INFO EXE - Served Attached HTTP

http://67.10.155.92/29UQ28R/0sdTQXl/

67.10.155.92

http://162.241.41.111:7080/OGlb1UtQE8RRxYJnikY/avb7qsrzJF3/
http://183.77.227.38/SIBndzru/sLb6eADACqWGB/0wgNQnmIEqsX/
http://162.241.41.111:7080/OGlb1UtQE8RRxYJnikY/avb7qsrzJF3/

162.241.41.111
183.77.227.38
45.177.120.36

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml

117.18.232.200
194.180.224.87

ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

http://amyemitchell.com/themes/d3i/
http://riandutra.com/img/o9o/

191.6.196.95
35.209.84.178

ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET INFO EXE - Served Attached HTTP

http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml

117.18.232.200
194.180.224.87

ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex

http://amyemitchell.com/themes/d3i/
http://riandutra.com/img/o9o/

191.6.196.95
192.81.38.31
35.209.84.178

ET POLICY Terse Named Filename EXE Download - Possibly Hostile
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET INFO EXE - Served Attached HTTP

http://amyemitchell.com/themes/d3i/
http://192.81.38.31/PkvdpDve/iMB7n2HV7ytjDLQ/IXoeA6Gtbmsbd/P50e6kh/DCaFjM37GVh5Bj3LU/
http://riandutra.com/img/o9o/

191.6.196.95
192.81.38.31
35.209.84.178

ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET INFO EXE - Served Attached HTTP

http://183.77.227.38/ZOlxzzBlLDX/UYVzSXzFK0g/
http://162.241.41.111:7080/GGep3zuSzxXOgHTqDCR/ERdKpaDw93Sf/LgZenSK5DO1c7UlNI/fZJhFNjEBrhF/

162.241.41.111
183.77.227.38
45.177.120.36