CyberThreatIntel/offshore APT organization/Bitter/27-08-19/IOC_Bitter_31-08-19.json

<EFBFBD><EFBFBD>[
    {
        "Indicator":  "Urgent Action.docx",
        "Description":  "34b53cd683f60800ac4057d25b24d8f083f759d024d22b4e5f2a464bc85de65a"
    },
    {
        "Indicator":  "smss.exe",
        "Description":  "dcb8531b0879d46949dd63b1ac094f5588c26867805d0795e244f4f9b8077ed1"
    },
    {
        "Indicator":  "maq.com.pk",
        "Description":  "Domain requested"
    },
    {
        "Indicator":  "203.124.43.227",
        "Description":  "IP requested"
    },
    {
        "Indicator":  "http[:]//maq.com.pk/",
        "Description":  "HTTP/HTTPS requests"
    },
	{
        "Indicator":  "http[:]//maq.com.pk/wehsd",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//maq.com.pk/wehs",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//onlinejohnline99.org/kvs06v.php",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "onlinejohnline99.org",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "93.123.73.193",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "93.123.73.198",
        "Description":  "IP C2"
    }
]