4,160 DGA/Khalesi/DGALIST-Khalesi.txt
View file

Large diffs are not rendered by default.

33,970 DGA/Mylobot/DGALIST-Mylobot.txt
View file

Large diffs are not rendered by default.

82 DGA/Phorpiex/DGALIST-Phorpiex.txt
View file
@@ -1,45 +1,45 @@
#name first_seen last_seen
aaeuauaueieiier.su 2021-01-25 2021-12-18
aeaunengieisiag.su 2021-01-25 2021-12-18
aeigeibfabidbgu.su 2021-01-25 2021-12-18
ahefihaehiuguus.su 2021-01-25 2021-12-18
ahoouhrghsudmfg.su 2021-01-25 2021-12-18
azbdezaeugnungg.su 2021-01-25 2021-12-18
babiuedunefbbgg.su 2021-01-25 2021-12-18
bidjcceaiidjieg.su 2021-01-25 2021-12-18
eaeunauenuangdg.su 2021-01-25 2021-12-18
eahaiuhuirsuhfg.su 2021-01-25 2021-12-18
eiugaidihehuhfs.su 2021-01-25 2021-12-18
eunuegnuaebuang.su 2021-01-25 2021-12-18
ezeiafzbgzabzdg.su 2021-01-25 2021-12-18
gaieufhaefuefhg.su 2021-01-25 2021-12-18
gaubaduebdubegu.su 2021-01-25 2021-12-18
giaigduaedhhush.su 2021-01-25 2021-12-18
hioeppaepgoaneg.su 2021-01-25 2021-12-18
hisrfsosrughudh.su 2021-01-25 2021-12-18
ibbgursuiuedeeg.su 2021-01-25 2021-12-18
ibieibfiubefudg.su 2021-01-25 2021-12-18
ieanubfiuagugng.su 2021-01-25 2021-12-18
iinnfuaeidaighg.su 2021-01-25 2021-12-18
isohgohrusurgdg.su 2021-01-25 2021-12-18
iuauebfeufuuasg.su 2021-01-25 2021-12-18
iuebfiueifuitog.su 2021-01-25 2021-12-18
iuehuhaethhtudg.su 2021-01-25 2021-12-18
iuhuefibuibgbsg.su 2021-01-25 2021-12-18
lpekfoaefhiehug.su 2021-01-25 2021-12-18
ngsiososusdiifi.su 2021-01-25 2021-12-18
niemfoefomsegig.su 2021-01-25 2021-12-18
nifaneieugunuug.su 2021-01-25 2021-12-18
nniaendiandiihg.su 2021-01-25 2021-12-18
oaoeuoouegandsg.su 2021-01-25 2021-12-18
pojoieaohauubfg.su 2021-01-25 2021-12-18
rutuneuenfuhusg.su 2021-01-25 2021-12-18
sogounfsungunrg.su 2021-01-25 2021-12-18
ubanedanigmimig.su 2021-01-25 2021-12-18
ueinaieugnusfig.su 2021-01-25 2021-12-18
uhiueaaubgbuadg.su 2021-01-25 2021-12-18
uniunieubfiubgg.su 2021-01-25 2021-12-18
uririneinigning.su 2021-01-25 2021-12-18
aaeuauaueieiier.su 2021-01-25 2021-12-19
aeaunengieisiag.su 2021-01-25 2021-12-19
aeigeibfabidbgu.su 2021-01-25 2021-12-19
ahefihaehiuguus.su 2021-01-25 2021-12-19
ahoouhrghsudmfg.su 2021-01-25 2021-12-19
azbdezaeugnungg.su 2021-01-25 2021-12-19
babiuedunefbbgg.su 2021-01-25 2021-12-19
bidjcceaiidjieg.su 2021-01-25 2021-12-19
eaeunauenuangdg.su 2021-01-25 2021-12-19
eahaiuhuirsuhfg.su 2021-01-25 2021-12-19
eiugaidihehuhfs.su 2021-01-25 2021-12-19
eunuegnuaebuang.su 2021-01-25 2021-12-19
ezeiafzbgzabzdg.su 2021-01-25 2021-12-19
gaieufhaefuefhg.su 2021-01-25 2021-12-19
gaubaduebdubegu.su 2021-01-25 2021-12-19
giaigduaedhhush.su 2021-01-25 2021-12-19
hioeppaepgoaneg.su 2021-01-25 2021-12-19
hisrfsosrughudh.su 2021-01-25 2021-12-19
ibbgursuiuedeeg.su 2021-01-25 2021-12-19
ibieibfiubefudg.su 2021-01-25 2021-12-19
ieanubfiuagugng.su 2021-01-25 2021-12-19
iinnfuaeidaighg.su 2021-01-25 2021-12-19
isohgohrusurgdg.su 2021-01-25 2021-12-19
iuauebfeufuuasg.su 2021-01-25 2021-12-19
iuebfiueifuitog.su 2021-01-25 2021-12-19
iuehuhaethhtudg.su 2021-01-25 2021-12-19
iuhuefibuibgbsg.su 2021-01-25 2021-12-19
lpekfoaefhiehug.su 2021-01-25 2021-12-19
ngsiososusdiifi.su 2021-01-25 2021-12-19
niemfoefomsegig.su 2021-01-25 2021-12-19
nifaneieugunuug.su 2021-01-25 2021-12-19
nniaendiandiihg.su 2021-01-25 2021-12-19
oaoeuoouegandsg.su 2021-01-25 2021-12-19
pojoieaohauubfg.su 2021-01-25 2021-12-19
rutuneuenfuhusg.su 2021-01-25 2021-12-19
sogounfsungunrg.su 2021-01-25 2021-12-19
ubanedanigmimig.su 2021-01-25 2021-12-19
ueinaieugnusfig.su 2021-01-25 2021-12-19
uhiueaaubgbuadg.su 2021-01-25 2021-12-19
uniunieubfiubgg.su 2021-01-25 2021-12-19
uririneinigning.su 2021-01-25 2021-12-19
geauhouefheuutiiiw.top 2021-10-11 2021-12-17
aegohaohuoruitiiee.to 2021-10-05 2021-12-17
aegohaohuoruitiiew.top 2021-10-05 2021-12-17
83 DGA/Tofsee/DGALIST-Tofsee.txt
View file
@@ -1,51 +1,50 @@
#name first_seen last_seen
dxsdxsh.ch 2021-12-19 2021-12-19
eaheahg.ch 2021-12-19 2021-12-19
eaheaha.biz 2021-12-18 2021-12-19
eaheaha.ch 2021-12-18 2021-12-19
eaheahb.biz 2021-12-18 2021-12-19
eaheahb.ch 2021-12-18 2021-12-19
eaheahc.biz 2021-12-18 2021-12-19
eaheahc.ch 2021-12-18 2021-12-19
eaheahd.biz 2021-12-18 2021-12-19
eaheahd.ch 2021-12-18 2021-12-19
eaheahe.biz 2021-12-18 2021-12-19
eaheahe.ch 2021-12-18 2021-12-19
eaheahf.biz 2021-12-18 2021-12-19
eaheahf.ch 2021-12-18 2021-12-19
eaheahg.biz 2021-12-18 2021-12-19
eaheahh.biz 2021-12-18 2021-12-19
eaheahh.ch 2021-12-18 2021-12-19
eaheahi.biz 2021-12-18 2021-12-19
eaheahi.ch 2021-12-18 2021-12-19
eaheahj.biz 2021-12-18 2021-12-19
eaheahj.ch 2021-12-18 2021-12-19
dwwdwwi.ch 2021-12-18 2021-12-18
dxzdxza.ch 2021-12-18 2021-12-18
dyudyuh.ch 2021-12-18 2021-12-18
eaheaha.biz 2021-12-18 2021-12-18
eaheaha.ch 2021-12-18 2021-12-18
eaheahb.biz 2021-12-18 2021-12-18
eaheahb.ch 2021-12-18 2021-12-18
eaheahc.biz 2021-12-18 2021-12-18
eaheahc.ch 2021-12-18 2021-12-18
eaheahd.biz 2021-12-18 2021-12-18
eaheahd.ch 2021-12-18 2021-12-18
eaheahe.biz 2021-12-18 2021-12-18
eaheahe.ch 2021-12-18 2021-12-18
eaheahf.biz 2021-12-18 2021-12-18
eaheahf.ch 2021-12-18 2021-12-18
eaheahg.biz 2021-12-18 2021-12-18
eaheahh.biz 2021-12-18 2021-12-18
eaheahh.ch 2021-12-18 2021-12-18
eaheahi.biz 2021-12-18 2021-12-18
eaheahi.ch 2021-12-18 2021-12-18
eaheahj.biz 2021-12-18 2021-12-18
eaheahj.ch 2021-12-18 2021-12-18
dwtdwti.biz 2021-12-17 2021-12-17
dxadxaf.biz 2021-12-17 2021-12-17
dyddydc.biz 2021-12-17 2021-12-17
eageaga.biz 2021-12-13 2021-12-15
eageaga.ch 2021-12-13 2021-12-15
eageagb.biz 2021-12-13 2021-12-15
eageagb.ch 2021-12-13 2021-12-15
eageagc.biz 2021-12-13 2021-12-15
eageagc.ch 2021-12-13 2021-12-15
eageagd.biz 2021-12-13 2021-12-15
eageagd.ch 2021-12-13 2021-12-15
eageage.biz 2021-12-13 2021-12-15
eageage.ch 2021-12-13 2021-12-15
eageagf.biz 2021-12-13 2021-12-15
eageagf.ch 2021-12-13 2021-12-15
eageagg.biz 2021-12-13 2021-12-15
eageagg.ch 2021-12-13 2021-12-15
eageagh.biz 2021-12-13 2021-12-15
eageagh.ch 2021-12-13 2021-12-15
eageagi.biz 2021-12-13 2021-12-15
eageagi.ch 2021-12-13 2021-12-15
eageagj.biz 2021-12-13 2021-12-15
eageagj.ch 2021-12-13 2021-12-15
eageaga.biz 2021-12-14 2021-12-15
eageaga.ch 2021-12-14 2021-12-15
eageagb.biz 2021-12-14 2021-12-15
eageagb.ch 2021-12-14 2021-12-15
eageagc.biz 2021-12-14 2021-12-15
eageagc.ch 2021-12-14 2021-12-15
eageagd.biz 2021-12-14 2021-12-15
eageagd.ch 2021-12-14 2021-12-15
eageage.biz 2021-12-14 2021-12-15
eageage.ch 2021-12-14 2021-12-15
eageagf.biz 2021-12-14 2021-12-15
eageagf.ch 2021-12-14 2021-12-15
eageagg.biz 2021-12-14 2021-12-15
eageagg.ch 2021-12-14 2021-12-15
eageagh.biz 2021-12-14 2021-12-15
eageagh.ch 2021-12-14 2021-12-15
eageagi.biz 2021-12-14 2021-12-15
eageagi.ch 2021-12-14 2021-12-15
eageagj.biz 2021-12-14 2021-12-15
eageagj.ch 2021-12-14 2021-12-15
dwtdwth.biz 2021-12-14 2021-12-14
dxgdxgi.ch 2021-12-14 2021-12-14
durdure.ch 2021-12-13 2021-12-13
dwxdwxe.biz 2021-12-13 2021-12-13
dywdywi.ch 2021-12-13 2021-12-13
81 DGA/unclassified/2021-12-19-DGALIST-AB5FD4D31A6B44B9338C7D2E5836F39E.txt
View file
@@ -0,0 +1,81 @@
011f42016f.xyz
02663d89f6.xyz
0493cdd7b6.xyz
04ce531dcf.xyz
088e9560c3.xyz
0c5a083ccd.xyz
0e8e9d1935.xyz
0eba592d80.xyz
127bba1d5c.xyz
182d512550.xyz
19ec0e8176.xyz
1e2f3bcba9.xyz
1ffd11b1af.xyz
215a14ef7f.xyz
2a0a316d0e.xyz
2e51cf74a4.xyz
2f83ef05e8.xyz
2fa38252b0.xyz
4020ca0543.xyz
42ddeb5a08.xyz
43568a78fb.xyz
4757f65c26.xyz
490cee2646.xyz
49f40c8a65.xyz
4b733e7915.xyz
4c0fabd082.xyz
4d551ed629.xyz
4d86be5c0a.xyz
5597231feb.xyz
6029dcf875.xyz
610d3ccd5c.xyz
61a0a37bad.xyz
62a9246c67.xyz
62e61f510b.xyz
69263fbab8.xyz
6feddde6ed.xyz
74cf5805dd.xyz
7615a334ab.xyz
76d2f55575.xyz
789f2f5653.xyz
79aa4de53e.xyz
7a2e6a0ad8.xyz
7d1b3f9adc.xyz
840e2e70dc.xyz
8558e2a373.xyz
8c801ffeb2.xyz
9008643497.xyz
90b8ed1f0f.xyz
93552f0038.xyz
9c48c4eab7.xyz
9d4b273558.xyz
9e318d32ee.xyz
9f2951631d.xyz
a724b3554b.xyz
a7750f4ef8.xyz
aa8358cfb1.xyz
abfa736e81.xyz
c45f9dd987.xyz
c4a8ce7f04.xyz
c55b3e55ca.xyz
c6553f65b7.xyz
c8b9c02ef0.xyz
cb25f85cb8.xyz
ce0828bc65.xyz
ce93326c40.xyz
d2312a7c95.xyz
d2446351f4.xyz
d440d899f4.xyz
d70892e287.xyz
d95e7f0a24.xyz
dfac675612.xyz
e2053d245f.xyz
e23261d46a.xyz
e294d347cd.xyz
e446d52b80.xyz
e4c38a51e4.xyz
e7bdf80721.xyz
ec4996acf9.xyz
ee307ec43f.xyz
f07ad43bb2.xyz
ffb89689bd.xyz
6 ioc_extender/ET_APT-C-23_MICROPSIA_Variant.json
View file
@@ -1506,6 +1506,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "73209463937f97c1ae8be060f4e1743e909b3a6d",
6 ioc_extender/ET_APT-C-48_Related.json
View file
@@ -1464,6 +1464,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "73209463937f97c1ae8be060f4e1743e909b3a6d",
6 ioc_extender/ET_APT32-OceanLotus.json
View file
@@ -828,6 +828,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
48 ioc_extender/ET_APT33.json
View file
@@ -180,6 +180,12 @@
"type": "certs",
"ln": 2
},
{
"host": "dev.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "dev.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -432,6 +438,12 @@
"type": "certs",
"ln": 2
},
{
"host": "hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -702,6 +714,12 @@
"type": "certs",
"ln": 2
},
{
"host": "mail.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "mail.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -954,6 +972,12 @@
"type": "certs",
"ln": 2
},
{
"host": "n3tc4t.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "n3tc4t.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -1200,6 +1224,12 @@
"type": "certs",
"ln": 2
},
{
"host": "proxymaterials.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "proxymaterials.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -1488,6 +1518,12 @@
"type": "certs",
"ln": 2
},
{
"host": "www.dev.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "www.dev.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -1728,6 +1764,12 @@
"type": "certs",
"ln": 2
},
{
"host": "www.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "www.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
@@ -1968,6 +2010,12 @@
"type": "certs",
"ln": 2
},
{
"host": "www.proxymaterials.hopto.com",
"links": "7b9384c51926010c13b8c8118802c08be3d73728",
"type": "certs",
"ln": 2
},
{
"host": "www.proxymaterials.hopto.com",
"links": "8a2ff5730f054020e94de28ed771625f4addb06a",
6 ioc_extender/ET_CASHY200.json
View file
@@ -810,6 +810,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_Candiru_Spyware.json
View file
@@ -1470,6 +1470,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "73209463937f97c1ae8be060f4e1743e909b3a6d",
6 ioc_extender/ET_Chafer.json
View file
@@ -966,6 +966,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_DNS_Query_for_DNSpionage.json
View file
@@ -810,6 +810,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_DarkHotel.json
View file
@@ -810,6 +810,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_Diezen-Sakabota.json
View file
@@ -816,6 +816,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_DonotGroup.json
View file
@@ -1476,6 +1476,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "73209463937f97c1ae8be060f4e1743e909b3a6d",
54 ioc_extender/ET_Gamaredon.json
View file
@@ -1326,6 +1326,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "blattodea.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "blattodea.ru",
"links": "89.108.77.204",
@@ -1848,6 +1854,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "clank.hazari.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "clank.hazari.ru",
"links": "89.108.77.204",
@@ -3738,6 +3750,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "hierodula.online",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "hierodula.online",
"links": "89.108.77.204",
@@ -3816,6 +3834,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "holotran.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "homoptera.online",
"links": "109.234.38.152",
@@ -5004,6 +5028,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "lovers.semara.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "lovers.semara.ru",
"links": "89.108.77.204",
@@ -5190,6 +5220,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "lump.semara.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "lump.semara.ru",
"links": "89.108.77.204",
@@ -7116,6 +7152,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tenosha.ru",
"links": "104.218.120.158",
@@ -7356,6 +7398,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "tomond.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "tomond.ru",
"links": "89.108.77.204",
@@ -7752,6 +7800,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "zeinar.ru",
"links": "89.108.115.234",
"type": "pdns",
"ln": 2
},
{
"host": "zeinare.ru",
"links": "195.140.146.128",
6 ioc_extender/ET_GravityRAT.json
View file
@@ -816,6 +816,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_LYCEUM.json
View file
@@ -1020,6 +1020,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
6 ioc_extender/ET_MSIL-GravityRAT.json
View file
@@ -810,6 +810,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
156 ioc_extender/ET_NOBELIUM_(TA421)_Cobalt_Strike.json
View file
@@ -18,12 +18,6 @@
}
],
"data": [
{
"host": "5213b4b6.cdn.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "ET Trojan: NOBELIUM (TA421) Cobalt Strike",
"links": "alifemap.com",
@@ -156,12 +150,6 @@
"type": "pdns",
"ln": 2
},
{
"host": "app.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "appsync-api.us-east-1.avsvmcloud.come8h2vel9711jjcpte3so6iore1ovoe0t.appsync-api.us-east-1.avsvmcloud.com-1.avsvmcloud.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -186,12 +174,6 @@
"type": "pdns",
"ln": 2
},
{
"host": "cdn.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "cdn.theyardservice.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -288,12 +270,6 @@
"type": "certs",
"ln": 2
},
{
"host": "dns.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "dns1.rchosts.com",
"links": "51.89.50.153",
@@ -306,12 +282,6 @@
"type": "pdns",
"ln": 2
},
{
"host": "exchange.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "freescanonline.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -324,12 +294,6 @@
"type": "pdns",
"ln": 2
},
{
"host": "gw.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "highdatabase.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -354,24 +318,6 @@
"type": "pdns",
"ln": 2
},
{
"host": "imap.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "imap1.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "imap2.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "incomeupdate.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -396,24 +342,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "jbhifi.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "lab.symantecsafe.org",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
"type": "certs",
"ln": 2
},
{
"host": "m.jbhifi.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mail.alifemap.com",
"links": "188.68.250.182",
@@ -486,48 +420,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "mail1.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mail8.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mailhost.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mailrelay.alifemap.com",
"links": "188.68.250.182",
"type": "pdns",
"ln": 2
},
{
"host": "mailsrv.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mx0.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "mx02.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "myexpertforum.com",
"links": "45.80.148.166",
@@ -606,18 +504,6 @@
"type": "certs",
"ln": 2
},
{
"host": "pop.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "pop3.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "rawfuns.com",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
@@ -630,60 +516,18 @@
"type": "pdns",
"ln": 2
},
{
"host": "root.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "sdfsd.cityloss.com",
"links": "51.38.85.225",
"type": "pdns",
"ln": 2
},
{
"host": "sdfsd.cityloss.com",
"links": "980a71d12946be6b4983207c9e7a45d164808486",
"type": "certs",
"ln": 2
},
{
"host": "server2.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "server45.xinix.in",
"links": "194.135.81.18",
"type": "pdns",
"ln": 2
},
{
"host": "smtp.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "smtp2.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "smtps.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "sniper.giftbox4u.com",
"links": "37.120.247.135",
"type": "pdns",
"ln": 2
},
{
"host": "soft.mssysinfo.xyz",
"links": "dc20e80738bc7a3c9af6d770fd3cc5fb7c8c4139",
940 ioc_extender/ET_Observed_DNS_Query_to_APT10_Related.json
View file

Large diffs are not rendered by default.

6 ioc_extender/ET_Observed_DNS_Query_to_Vicious_Panda.json
View file
@@ -1482,6 +1482,12 @@
"type": "certs",
"ln": 2
},
{
"host": "tencentchat.net",
"links": "da79848954d60beb853d12e34a0f445a919d698b",
"type": "certs",
"ln": 2
},
{
"host": "tim-jordan.info",
"links": "73209463937f97c1ae8be060f4e1743e909b3a6d",
54 ioc_extender/TF_Cobalt_Strike.json
View file
@@ -792,6 +792,12 @@
"type": "z",
"ln": 2
},
{
"host": "ThreatFox: Cobalt Strike",
"links": "survmeter.live",
"type": "z",
"ln": 2
},
{
"host": "ThreatFox: Cobalt Strike",
"links": "swiftsuite.net",
@@ -2124,6 +2130,12 @@
"type": "certs",
"ln": 2
},
{
"host": "kiz4dar-xqt.ru",
"links": "9314509d8d3201af207649a68c93115cf94e68fd",
"type": "certs",
"ln": 2
},
{
"host": "kogasiv.com",
"links": "23.108.57.3",
@@ -2856,6 +2868,30 @@
"type": "certs",
"ln": 2
},
{
"host": "primecentral.ikea-family.shop",
"links": "9c946a63c5d70e3de38c30dc0fee096b3b56bb0d",
"type": "certs",
"ln": 2
},
{
"host": "primecentral.ikea-family1.shop",
"links": "9c946a63c5d70e3de38c30dc0fee096b3b56bb0d",
"type": "certs",
"ln": 2
},
{
"host": "primecentral.ikea-family2.shop",
"links": "9c946a63c5d70e3de38c30dc0fee096b3b56bb0d",
"type": "certs",
"ln": 2
},
{
"host": "primecentral.ikea-family3.shop",
"links": "9c946a63c5d70e3de38c30dc0fee096b3b56bb0d",
"type": "certs",
"ln": 2
},
{
"host": "publicpestnetwork.com",
"links": "3.19.152.209",
@@ -3096,6 +3132,12 @@
"type": "certs",
"ln": 2
},
{
"host": "smolman.ru",
"links": "9314509d8d3201af207649a68c93115cf94e68fd",
"type": "certs",
"ln": 2
},
{
"host": "snn1.mhysl.org",
"links": "0dc95187933afbb5a002e7bde78be6821c02eb3e",
@@ -3204,6 +3246,12 @@
"type": "certs",
"ln": 2
},
{
"host": "survmeter.live",
"links": "9c946a63c5d70e3de38c30dc0fee096b3b56bb0d",
"type": "certs",
"ln": 2
},
{
"host": "swiftsuite.net",
"links": "159.89.43.33",
@@ -3708,6 +3756,12 @@
"type": "certs",
"ln": 2
},
{
"host": "xy2263.com",
"links": "9314509d8d3201af207649a68c93115cf94e68fd",
"type": "certs",
"ln": 2
},
{
"host": "yasea4.com",
"links": "216edef2f26a94071007aab8ec5e36c6b072c949",
48 ioc_extender/TF_ISFB.json
View file
@@ -342,6 +342,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "apr.intoolkom.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "arfcj3.xyz",
"links": "552b287c36d53f9d00c26151090ec6d9482ea341",
@@ -390,6 +396,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "art.microsoftsofymicrosoftsoft.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "autosblogs.com",
"links": "86.106.131.112",
@@ -552,6 +564,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "fgx.dangerboy.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "formarketings.com",
"links": "79.110.52.248",
@@ -810,6 +828,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "intooltak.com",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "intromons.com",
"links": "78.40.217.65",
@@ -1062,6 +1086,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "microsoftsofymicrosoftsoft.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "mindvantage.com",
"links": "161.129.64.100",
@@ -1146,6 +1176,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "poi.redhatbabby.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "polant.xyz",
"links": "199.192.24.38",
@@ -1194,6 +1230,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "pop.biopiof.at",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "posetac.online",
"links": "199.192.24.38",
@@ -1368,6 +1410,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "v10.avyanok.com",
"links": "92.38.188.112",
"type": "pdns",
"ln": 2
},
{
"host": "valonce.xyz",
"links": "199.192.24.38",
192 ioc_extender/TF_QakBot.json
View file

Large diffs are not rendered by default.

6 ioc_extender/TF_Remcos.json
View file
@@ -756,6 +756,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "vjjusmw.irgzrgmdwodr.hath.network",
"links": "104.254.90.251",
"type": "pdns",
"ln": 2
},
{
"host": "wealthgod456.ddns.net",
"links": "194.5.97.16",
350 ioc_extender/TF_SmokeLoader.json
View file

Large diffs are not rendered by default.

36 ioc_extender/TF_magecart.json
View file
@@ -1824,6 +1824,12 @@
"type": "certs",
"ln": 2
},
{
"host": "hoffwalldecor.com",
"links": "5b410f323f84cc0ea3f41697444153e11400c683",
"type": "certs",
"ln": 2
},
{
"host": "home-coins.ru",
"links": "2b3b934000b73d55403b7f96567d0cea2e2ab8bb",
@@ -2022,6 +2028,12 @@
"type": "certs",
"ln": 2
},
{
"host": "ketofrend.store",
"links": "2b3b934000b73d55403b7f96567d0cea2e2ab8bb",
"type": "certs",
"ln": 2
},
{
"host": "kitanausa.store",
"links": "2b3b934000b73d55403b7f96567d0cea2e2ab8bb",
@@ -2082,6 +2094,12 @@
"type": "certs",
"ln": 2
},
{
"host": "kurmanderto.ru",
"links": "5b410f323f84cc0ea3f41697444153e11400c683",
"type": "certs",
"ln": 2
},
{
"host": "l7fc3088.justinstalledpanel.com",
"links": "198.27.83.62",
@@ -2562,6 +2580,12 @@
"type": "certs",
"ln": 2
},
{
"host": "onlinespkwebportal.com",
"links": "5b410f323f84cc0ea3f41697444153e11400c683",
"type": "certs",
"ln": 2
},
{
"host": "ooprog.ru",
"links": "5b410f323f84cc0ea3f41697444153e11400c683",
@@ -2934,6 +2958,12 @@
"type": "pdns",
"ln": 2
},
{
"host": "smsokmkl.com",
"links": "5b410f323f84cc0ea3f41697444153e11400c683",
"type": "certs",
"ln": 2
},
{
"host": "solenjikd.ru",
"links": "2b3b934000b73d55403b7f96567d0cea2e2ab8bb",
@@ -2982,6 +3012,12 @@
"type": "certs",
"ln": 2
},
{
"host": "squalunipn.store",
"links": "2b3b934000b73d55403b7f96567d0cea2e2ab8bb",
"type": "certs",
"ln": 2
},
{
"host": "srv2.papillon-online.net",
"links": "176.9.51.172",
3 ioc_extender/et_list.json
View file
@@ -156,6 +156,9 @@
{
"name": "ET_Observed CobaltStrike-TEARDROP"
},
{
"name": "ET_Observed DNS Query to APT10 Related"
},
{
"name": "ET_Observed DNS Query to Vicious Panda"
},
350 mirai_ddos_victims/2021-11-18-mirai_ddos_victims.json
View file

This file was deleted.

2,310 mirai_ddos_victims/2021-12-19-mirai_ddos_victims.json
View file

Large diffs are not rendered by default.

10,961 mozi_tracker/2021-11-18-MOZI-IPLIST.txt
View file

This file was deleted.

12,461 mozi_tracker/2021-12-19-MOZI-IPLIST.txt
View file

Large diffs are not rendered by default.