ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Malware analysis.md

Browse Source
This commit is contained in:
StrangerealIntel 2019-09-25 02:10:32 +02:00 committed by GitHub
parent ef6ca3f573
commit 015d52d020
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
Indian/APT/Donot/17-09-19/Malware analysis.md
View File

@ -172,23 +172,23 @@
|159.89.104.38|IP requested|
|157.230.213.81|IP requested|
|146.185.139.134|IP requested|
|http://en-content.com/SecurityM/EFILE|HTTP/HTTPS requests|
|http://en-content.com/SecurityM/DFILE|HTTP/HTTPS requests|
|http://en-content.com/SecurityM/DFILE-|HTTP/HTTPS requests|
|http://en-content.com/SecurityM/EFILE-|HTTP/HTTPS requests|
|http://en-content.com/SecurityM/LIN|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/DOCS|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/DOCSN|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/DOCSN-1|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/XLSS|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/XLSSN|HTTP/HTTPS requests|
|http://bsodsupport.icu/ScanSecurity/XLSSN-1|HTTP/HTTPS requests|
|http://cloud-storage-service.com/pub/officex32x64/kb8989476|HTTP/HTTPS requests|
|http://noitfication-office-client.890m.com/fcfdae-9dfc335ca-bd10/NHSORE/jjhl|HTTP/HTTPS requests|
|http://plug.msplugin.icu/MicrosoftSecurityScan/DOCSDOC|HTTP/HTTPS requests|
|http://mscheck.icu/SecurityScan/XLSS|HTTP/HTTPS requests|
|http://sdn.host/MicrosoftSecurityScan/11MVEM1X|HTTP/HTTPS requests|
|http://sdn.host/MicrosoftSecurityScan/FRSI080222F|HTTP/HTTPS requests|
|hxxp[:]//en-content.com/SecurityM/EFILE|HTTP/HTTPS requests|
|hxxp[:]//en-content.com/SecurityM/DFILE|HTTP/HTTPS requests|
|hxxp[:]//en-content.com/SecurityM/DFILE-|HTTP/HTTPS requests|
|hxxp[:]//en-content.com/SecurityM/EFILE-|HTTP/HTTPS requests|
|hxxp[:]//en-content.com/SecurityM/LIN|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCS|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCSN|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/DOCSN-1|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSS|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSSN|HTTP/HTTPS requests|
|hxxp[:]//bsodsupport.icu/ScanSecurity/XLSSN-1|HTTP/HTTPS requests|
|hxxp[:]//cloud-storage-service.com/pub/officex32x64/kb8989476|HTTP/HTTPS requests|
|hxxp[:]//noitfication-office-client.890m.com/fcfdae-9dfc335ca-bd10/NHSORE/jjhl|HTTP/HTTPS requests|
|hxxp[:]//plug.msplugin.icu/MicrosoftSecurityScan/DOCSDOC|HTTP/HTTPS requests|
|hxxp[:]//mscheck.icu/SecurityScan/XLSS|HTTP/HTTPS requests|
|hxxp[:]//sdn.host/MicrosoftSecurityScan/11MVEM1X|HTTP/HTTPS requests|
|hxxp[:]//sdn.host/MicrosoftSecurityScan/FRSI080222F|HTTP/HTTPS requests|
|support.worldupdate.live|Doamin C2|
|account-support.site|Doamin C2|
|skillsnew.top|Doamin C2|