Create Additional_IoC.txt
This commit is contained in:
parent
1922584537
commit
552544c369
|
@ -0,0 +1,41 @@
|
||||||
|
## WebDAV Server:
|
||||||
|
http://192.155.91.72:5000
|
||||||
|
http://38.105.232.166:8080
|
||||||
|
http://173.249.39.21:5000
|
||||||
|
|
||||||
|
## Used in Lures:
|
||||||
|
https://untiligetmarried.net/Invoice_898277.html
|
||||||
|
https://greenwoodparkanimalhospital.ca/Invoice6688.html
|
||||||
|
https://reasypay.sa.com/Invoice6688.html
|
||||||
|
https://jdvloghomes.com/Invoice_4532.html
|
||||||
|
https://coins-currency.com/Invoice_898277.html
|
||||||
|
|
||||||
|
## Sinkholed by Shadowserver:
|
||||||
|
sunwap878.ddns.net
|
||||||
|
rennelautos.zapto.org
|
||||||
|
halwachi50.mymediapc.net
|
||||||
|
|
||||||
|
|
||||||
|
## As per Microsoft Threat Intel the actor is connected to the following domains:
|
||||||
|
|
||||||
|
7zip-archiver.top
|
||||||
|
7zip-lab.top
|
||||||
|
archiver-7zip.top
|
||||||
|
cdn-download.top
|
||||||
|
download-pool.top
|
||||||
|
download-rufus.top
|
||||||
|
lightshoot.top
|
||||||
|
lightshot-screen.top
|
||||||
|
media-vlc.top
|
||||||
|
rar-archiver.top
|
||||||
|
rar-lab.top
|
||||||
|
rufus-download.top
|
||||||
|
soft-rufus.top
|
||||||
|
winrar-archiver.top
|
||||||
|
winrar-lab.to
|
||||||
|
vlc-mediaplayer.top
|
||||||
|
trading-terminal.top
|
||||||
|
vlc-media.top
|
||||||
|
winrar-lab.top
|
||||||
|
terminal-tradingview.top
|
||||||
|
tradingview-terminal.top
|
Loading…
Reference in New Issue