135 lines
8.0 KiB
JSON
135 lines
8.0 KiB
JSON
|
<EFBFBD><EFBFBD>[
|
|||
|
{
|
|||
|
"Indicator": "IMG76329797.xls",
|
|||
|
"Description": "e66181155a9cd827def409135334ecf173459e001e79853e1b38f2b8e5d8cc59"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "Inj.dll",
|
|||
|
"Description": "84833991F1705A01A11149C9D037C8379A9C2D463DC30A2FEC27BFA52D218FA6"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "mse60dc.exe",
|
|||
|
"Description": "de314d038d9b0f8ff32cfe3391c4eec53a3e453297978e46c9b90df2542ed592"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "bitly.com",
|
|||
|
"Description": "domain requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "xaasxasxasx.blogspot.com",
|
|||
|
"Description": "domain requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "resources.blogblog.com",
|
|||
|
"Description": "domain requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "pastebin.com",
|
|||
|
"Description": "domain requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "67.199.248.14",
|
|||
|
"Description": "ip requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "67.199.248.15",
|
|||
|
"Description": "ip requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "104.20.208.21",
|
|||
|
"Description": "ip requested"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "176.57.215.22",
|
|||
|
"Description": "IP C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]bitly[.]com/aswoesx8sxwxxd",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "https[:]//pastebin[.]com/raw/rjfk3j9m",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "https[:]///pastebin[.]com/raw/tgP7S1Qe",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "https[:]//pastebin[.]com/raw/0rhAppFq",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "https[:]//pastebin[.]com/raw/c3V923PW",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "https[:]//pastebin[.]com/raw/VFUXDF7C",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]ichoubyou[.]net/ao/?3f9L=Lo3E2+YBaBWDL2bUvw2B2SYfQBwPkMAIH1i2HT9ocxT5reT2XuVh6G9ligbLGsBAAwhLuQ==&BbBX=LhTpETx8Zdn",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]grupomsi[.]com/ao/?3f9L=Kbq++Y0aAgDxGCx7fxZFucXlrMdtuSyVttVG37Ejsga78k8ZP/EpUCryDr6PmBWAbaydAw==&BbBX=LhTpETx8Zdn&sql=1",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]grupomsi[.]com/ao/",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]theaterloops[.]com/ao/?3f9L=M0MA2fUiqMbVb6H3GNVaAqJS8mhIciwdMXRISKDsKJcWUJLkZY1j+YIFBEd9s0Uz5tYaIQ==&BbBX=LhTpETx8Zdn&sql=1",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]theaterloops[.]com/ao/",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]sukfat[.]com/ao/",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "http[:]//www[.]sukfat[.]com/ao/?3f9L=i08SS1jJNzlL2PYEM5jjY78DODQHD8SSq/VJ1wVBwRJ7J5CmvaFz3C5neJ7p21NB5nPOdg==&BbBX=LhTpETx8Zdn",
|
|||
|
"Description": "HTTP/HTTPS requests"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "www[.]hongmenwenhua[.]com",
|
|||
|
"Description": "Domain C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "www[.]ichoubyou[.]net",
|
|||
|
"Description": "Domain C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "www[.]grupomsi[.]com",
|
|||
|
"Description": "Domain C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "www[.]sukfat[.]com",
|
|||
|
"Description": "Domain C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "www[.]theaterloops[.]com",
|
|||
|
"Description": "Domain C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "210.188.195.164",
|
|||
|
"Description": "IP C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "23.20.239.12",
|
|||
|
"Description": "IP C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "185.68.16.122",
|
|||
|
"Description": "IP C2"
|
|||
|
},
|
|||
|
{
|
|||
|
"Indicator": "199.192.23.220",
|
|||
|
"Description": "IP C2"
|
|||
|
}
|
|||
|
]
|
|||
|
|