From 015d52d020bf67c41382fb50813fd5bf33e639e9 Mon Sep 17 00:00:00 2001
From: StrangerealIntel <54320855+StrangerealIntel@users.noreply.github.com>
Date: Wed, 25 Sep 2019 02:10:32 +0200
Subject: [PATCH] Update Malware analysis.md

---
 Indian/APT/Donot/17-09-19/Malware analysis.md | 34 +++++++++----------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/Indian/APT/Donot/17-09-19/Malware analysis.md b/Indian/APT/Donot/17-09-19/Malware analysis.md
index 005195c..3f4a195 100644
--- a/Indian/APT/Donot/17-09-19/Malware analysis.md	
+++ b/Indian/APT/Donot/17-09-19/Malware analysis.md	
@@ -172,23 +172,23 @@
 |159.89.104.38|IP requested|
 |157.230.213.81|IP requested|
 |146.185.139.134|IP requested|	
-|http://en-content.com/SecurityM/EFILE|HTTP/HTTPS requests|
-|http://en-content.com/SecurityM/DFILE|HTTP/HTTPS requests|
-|http://en-content.com/SecurityM/DFILE-|HTTP/HTTPS requests|
-|http://en-content.com/SecurityM/EFILE-|HTTP/HTTPS requests|
-|http://en-content.com/SecurityM/LIN|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/DOCS|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/DOCSN|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/DOCSN-1|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/XLSS|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/XLSSN|HTTP/HTTPS requests|
-|http://bsodsupport.icu/ScanSecurity/XLSSN-1|HTTP/HTTPS requests|
-|http://cloud-storage-service.com/pub/officex32x64/kb8989476|HTTP/HTTPS requests|
-|http://noitfication-office-client.890m.com/fcfdae-9dfc335ca-bd10/NHSORE/jjhl|HTTP/HTTPS requests|
-|http://plug.msplugin.icu/MicrosoftSecurityScan/DOCSDOC|HTTP/HTTPS requests|
-|http://mscheck.icu/SecurityScan/XLSS|HTTP/HTTPS requests|
-|http://sdn.host/MicrosoftSecurityScan/11MVEM1X|HTTP/HTTPS requests|
-|http://sdn.host/MicrosoftSecurityScan/FRSI080222F|HTTP/HTTPS requests|
+|hxxp[:]//en-content.com/SecurityM/EFILE|HTTP/HTTPS requests|
+|hxxp[:]//en-content.com/SecurityM/DFILE|HTTP/HTTPS requests|
+|hxxp[:]//en-content.com/SecurityM/DFILE-|HTTP/HTTPS requests|
+|hxxp[:]//en-content.com/SecurityM/EFILE-|HTTP/HTTPS requests|
+|hxxp[:]//en-content.com/SecurityM/LIN|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCS|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCSN|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCSN-1|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSS|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSSN|HTTP/HTTPS requests|
+|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSSN-1|HTTP/HTTPS requests|
+|hxxp[:]//cloud-storage-service.com/pub/officex32x64/kb8989476|HTTP/HTTPS requests|
+|hxxp[:]//noitfication-office-client.890m.com/fcfdae-9dfc335ca-bd10/NHSORE/jjhl|HTTP/HTTPS requests|
+|hxxp[:]//plug.msplugin.icu/MicrosoftSecurityScan/DOCSDOC|HTTP/HTTPS requests|
+|hxxp[:]//mscheck.icu/SecurityScan/XLSS|HTTP/HTTPS requests|
+|hxxp[:]//sdn.host/MicrosoftSecurityScan/11MVEM1X|HTTP/HTTPS requests|
+|hxxp[:]//sdn.host/MicrosoftSecurityScan/FRSI080222F|HTTP/HTTPS requests|
 |support.worldupdate.live|Doamin C2|
 |account-support.site|Doamin C2|
 |skillsnew.top|Doamin C2|