mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-07-01 03:11:38 +00:00
128 lines
1.9 KiB
Plaintext
128 lines
1.9 KiB
Plaintext
Credential Harvesting and Recon
|
|
|
|
noreply.user.subscripton@gmail[.]com
|
|
|
|
mirror.news.live@gmail[.]com
|
|
|
|
mail.noreplyportals@gmail[.]com
|
|
|
|
rnicrosoft-recovery-update@hotmail[.]com
|
|
|
|
noreply.subscribeuser.alert@gmail[.]com
|
|
|
|
noreply.users.validation@gmail[.]com
|
|
|
|
noreply.applc.id.service@gmail[.]com
|
|
|
|
noreply.user.subscripton@gmail[.]com
|
|
|
|
playbooy.magazine.update@outlook[.]com
|
|
|
|
noreply.goolgemail@gmail[.]com
|
|
|
|
dubaicalender.eventupdate@outlook[.]com
|
|
|
|
sputniknews@email[.]com
|
|
|
|
news_update@email[.]com
|
|
|
|
bbcnewsdailysubscribe@gmail[.]com
|
|
|
|
rnicrosoft-recovery-update@hotmail[.]com
|
|
|
|
noreply.goolgehangouts@gmail[.]com
|
|
|
|
|
|
|
|
squre39-cld[.]info
|
|
|
|
goolg-en[.]com
|
|
|
|
login-asmx[.]com
|
|
|
|
string2port[.]com
|
|
|
|
session-en[.]com
|
|
|
|
singin-go-olge[.]com
|
|
|
|
111.90.138[.]81
|
|
|
|
188.68.242[.]18
|
|
|
|
91.92.136[.]134
|
|
|
|
200.63.45[.]47
|
|
|
|
Android Agent
|
|
|
|
devotedtohumanity-fif[.]info
|
|
|
|
kashmir-weather-info[.]com
|
|
|
|
mxiplayer[.]com
|
|
|
|
6e5e7ecb929fdc29ba93058bf2f501842ac0f2c0 Khuai Translator (1.3)
|
|
|
|
0550dad8d55446e5b5dbae61783cfb7c78ee10d2 MXI Player (1.2)
|
|
|
|
00d000679baab456953b4302d8b2a1e65241ed12 Devoted to Humanity (1.0)
|
|
|
|
ddaf5e43da0b00884ef957c32d7b16ed692a057a Kashmir Weather (1.2)
|
|
|
|
Windows Agent
|
|
|
|
9850ac30c3357d3a412d0f6cec2716b63db6c21d
|
|
|
|
mxiplayer[.]com
|
|
|
|
Other Malware References
|
|
|
|
“Analysis Report on Kashmir.exe” 9e4596bfb4f58d8ecfe2bc3514c6c7b2170040d9acfb02f295ed1e9ab13ec560
|
|
|
|
“E-Challan.zip” 1518badcb2717e6b0fa9bdd883d5ff61fedddf7ddf22cc3dc04a38f4e137fc96)
|
|
|
|
|
|
|
|
mint-news-portal.hymnfork[.]com
|
|
|
|
online-tracking-status.hymnfork[.]com
|
|
|
|
Similar Infrastructure
|
|
|
|
insidecloud-aspx[.]com
|
|
|
|
data-covery[.]com
|
|
|
|
sa-google[.]com
|
|
|
|
rnail-aspx[.]com
|
|
|
|
session-service[.]com
|
|
|
|
session-owa[.]com
|
|
|
|
myinfocheck[.]com
|
|
|
|
host-auth[.]com
|
|
|
|
|
|
|
|
janko.kolar@bulletmail[.]org
|
|
|
|
jacbov.vjan@bulletmail[.]org
|
|
|
|
robert.warne@list[.]ru
|
|
|
|
viera.taafi@pobox[.]sk
|
|
|
|
aaron.drago@pobox[.]sk
|
|
|
|
marek.franko@pobox[.]sk
|
|
|
|
oliver.dagur@mail[.]ru
|
|
|
|
ralph.cramey@mail[.]ru
|
|
|
|
petru.negru@pobox[.]sk
|