mirror of
https://github.com/valitydev/APT_CyberCriminal_Campagin_Collections.git
synced 2024-11-06 16:55:28 +00:00
14 KiB
14 KiB
| 1 | Indicator Type | File Name | File Hash | IP | URL | Mutex | Description |
|---|---|---|---|---|---|---|---|
| 2 | IP Address | 212[.]129.13.110 | AutoIt script C2 | ||||
| 3 | IP Address | 212[.]129.7.146 | IP address used to connect to the cloud decoy with | ||||
| 4 | IP Address | 45[.]43.192.172 | IP address used in the powershell script | ||||
| 5 | IP Address | 178[.]162.210.242 | Suspected IOC | ||||
| 6 | IP Address | 178[.]162.210.243 | Suspected IOC | ||||
| 7 | IP Address | 178[.]162.210.244 | Suspected IOC | ||||
| 8 | IP Address | 178[.]162.210.245 | Suspected IOC | ||||
| 9 | IP Address | 178[.]162.210.246 | Suspected IOC | ||||
| 10 | IP Address | 178[.]162.210.247 | Suspected IOC | ||||
| 11 | IP Address | 178[.]162.210.248 | Suspected IOC | ||||
| 12 | IP Address | 178[.]162.236.40 | Suspected IOC | ||||
| 13 | IP Address | 37[.]48.77.214 | Suspected IOC | ||||
| 14 | IP Address | 37[.]48.77.215 | Suspected IOC | ||||
| 15 | IP Address | 37[.]58.60.195 | Suspected IOC | ||||
| 16 | IP Address | 43[.]249.37.173 | Suspected IOC | ||||
| 17 | IP Address | 46[.]165.225.66 | Suspected IOC | ||||
| 18 | IP Address | 46[.]165.229.7 | Suspected IOC | ||||
| 19 | IP Address | 46[.]165.229.8 | Suspected IOC | ||||
| 20 | IP Address | 46[.]165.229.9 | Suspected IOC | ||||
| 21 | IP Address | 46[.]165.248.236 | Suspected IOC | ||||
| 22 | IP Address | 46[.]165.248.237 | Suspected IOC | ||||
| 23 | IP Address | 46[.]165.248.238 | Suspected IOC | ||||
| 24 | IP Address | 46[.]165.248.239 | Suspected IOC | ||||
| 25 | IP Address | 46[.]165.248.240 | Suspected IOC | ||||
| 26 | IP Address | 46[.]165.248.241 | Suspected IOC | ||||
| 27 | IP Address | 46[.]165.248.243 | Suspected IOC | ||||
| 28 | IP Address | 46[.]166.163.243 | Suspected IOC | ||||
| 29 | IP Address | 46[.]166.163.244 | Suspected IOC | ||||
| 30 | IP Address | 46[.]166.163.246 | Suspected IOC | ||||
| 31 | IP Address | 91[.]229.79.181 | Suspected IOC | ||||
| 32 | IP Address | 91[.]229.79.182 | Suspected IOC | ||||
| 33 | IP Address | 91[.]229.79.183 | Suspected IOC | ||||
| 34 | IP Address | 91[.]229.79.184 | Suspected IOC | ||||
| 35 | IP Address | 91[.]229.79.185 | Suspected IOC | ||||
| 36 | IP Address | 91[.]229.79.186 | Suspected IOC | ||||
| 37 | IP Address | 91[.]229.79.187 | Suspected IOC | ||||
| 38 | IP Address | 91[.]229.79.188 | Suspected IOC | ||||
| 39 | IP Address | 91[.]229.79.189 | Suspected IOC | ||||
| 40 | IP Address | 91[.]229.79.190 | Suspected IOC | ||||
| 41 | IP Address | 93[.]115.95.132 | Suspected IOC | ||||
| 42 | IP Address | 94[.]242.219.203 | Suspected IOC | ||||
| 43 | IP Address | 94[.]242.223.19 | Suspected IOC | ||||
| 44 | IP Address | 94[.]242.223.20 | Suspected IOC | ||||
| 45 | IP Address | 94[.]242.223.24 | Suspected IOC | ||||
| 46 | IP Address | 94[.]242.223.28 | Suspected IOC | ||||
| 47 | IP Address | 94[.]242.231.244 | Suspected IOC | ||||
| 48 | IP Address | 95[.]141.34.242 | Suspected IOC | ||||
| 49 | IP Address | 95[.]141.34.245 | Suspected IOC | ||||
| 50 | IP Address | 95[.]141.34.246 | Suspected IOC | ||||
| 51 | IP Address | 95[.]211.205.142 | Suspected IOC | ||||
| 52 | IP Address | 95[.]211.205.161 | Suspected IOC | ||||
| 53 | IP Address | 95[.]211.205.163 | Suspected IOC | ||||
| 54 | IP Address | 95[.]211.205.164 | Suspected IOC | ||||
| 55 | IP Address | 95[.]211.205.165 | Suspected IOC | ||||
| 56 | IP Address | 95[.]211.205.166 | Suspected IOC | ||||
| 57 | IP Address | 95[.]211.3.135 | Suspected IOC | ||||
| 58 | File Hash | upsrv.exe | 076aa7f5f6a5bdd9acdee55c6e3de54e6e8d5fd6fe2a03c165a23861e315f3f5 | ||||
| 59 | File Hash | 7zip.exe | 9dae4a24095b9a3870579a63c94c73fe8de205c70d95dfdb0dc9c87709215953 | ||||
| 60 | File Hash | sysvolinfo.exe | f5e4d5d5fde978968dce4db4120ecbb68898d5fdf55860e61058d91db29b7d91 | ||||
| 61 | File Hash | uplv1032.exe | 1da99f69735d203a3d52ff1bb2ede75fe69601259efa6c5a080024ddf9276297 | ||||
| 62 | File Hash | sysvolinfo.exe variant | 13b0f3b63ce276f8d30ac4f95b03485a6fe532754494f9848e875c460b121b28 | ||||
| 63 | File Hash | UAC Bypasser | 607454369fa5d96fab6fec7a52a518eefed5136e4ebd4cfed238ccbb0f5b180f | ||||
| 64 | File Hash | 13_Five_Year_Plan_2016-20-1.pps | d44793b9584c9ca8a982a05bb6cfc06599e081c411f35f163fbd7eacad5eb584 | ||||
| 65 | File Hash | aeropower.pps | 7dd68cab710cd1e8f099f2d2d8b67d9c3f8cb113c9bb44ea4a08ee76d49ed19c | ||||
| 66 | File Hash | australia_fonops_1.pps | 04c7f88f284c2466b4814bb02eefb4a02ac118a2d584ba9baec9c7af1fa1de7b | ||||
| 67 | File Hash | australia_fonops_2.pps | 99a24d92f650faadc46c65bad65013cf3f1587a01f62f31aac20eb8864c21bee | ||||
| 68 | File Hash | aviation_1.pps | cdd540c01e25b3a7e122c9c01cfc1c7399ed65f3963ff20fa1685b4c504035ca | ||||
| 69 | File Hash | aviation_2.pps | 4d041a1bfd8dda989faa6a5a37ba49f988478dadaa110cdf9a98002f12a4b931 | ||||
| 70 | File Hash | beauty3.pps | 660b2d4baa7965acd7182bdbeaa8cdf66290968ecddc77d53517fe24882c95f9 | ||||
| 71 | File Hash | beauty6.pps | 0819f50d7a0c045188c4068b88c915f3a652c073e3081cb30a20aaf6298840bd | ||||
| 72 | File Hash | CHINA_FEAR_US_3.pps | 905fe9820538943a4ad32499f9dad3eae6ff7677882ff2a39ef98a0147ae3dd1 | ||||
| 73 | File Hash | CHINA_FEAR_US_6.pps | a335613dad36911f947fdfd3dda8897a71889513f9009385c84e48c2b7fe7236 | ||||
| 74 | File Hash | chinamilstrength.pps | 1f6108718ac9a29fe0e1e2d7fc2a7793ad4e20033921945c2ac0b5603e591298 | ||||
| 75 | File Hash | China_Response_NKorea_Nuclear_Test1.pps | c98caa28f5114e3c37efd59cb3c2471a4c64cca3ecd6188d5efe547f1cae0e9d | ||||
| 76 | File Hash | China_Response_NKorea_Nuclear_Test2.pps | bbe27671b94d040342312431a24ebb4f9685ee950efeb526b1ffd765f3e7c7dd | ||||
| 77 | File Hash | chinascyberarmy2015_1.pps | fdc6afccd5dc015c138c05ba7c325fc119dfd79e913ddab292575586f1657cae | ||||
| 78 | File Hash | chinascyberarmy2015_2.pps | 8770819471130b056822c334f8735453c3fd7d3495ae5ad98d372241872be7c5 | ||||
| 79 | File Hash | CHINA'S_PUZZLING_DEFENSE_AGREEMENT_WITH_AUSTRALIA_1.pps | 8cb2f737dd535f76e420fdcd747e5c943868c10b8f895722a298b83f331d728e | ||||
| 80 | File Hash | CHINA'S_PUZZLING_DEFENSE_AGREEMENT_WITH_AUSTRALIA_2.pps | 70d368e2a8bc7e5d0673dabe6d5897062dbc51103227a9e4efd38a09ee8a2042 | ||||
| 81 | File Hash | China_two_child_policy_will_underwhelm1.pps | 23d69451b4f7d9e3df5b92523e4574246bdfc786d48b20e9f0c45a25d985e191 | ||||
| 82 | File Hash | ChinaUS_1.pps | b9c24e26c90fd83ad8258a90b1c84022d180c0223f182f96c928333f2e9c5934 | ||||
| 83 | File Hash | ChinaUS_2.pps | 065321d0497565871bcfe5ee606636e9d0f2975558ee838122bbbe78ffd2d367 | ||||
| 84 | File Hash | chinesemilstrat_1.pps | 158919e9ca13db3747708b56397b63431ad864879abe1f5f3c4c178d8fae1149 | ||||
| 85 | File Hash | chinesemilstrat_2.pps | 6cb9b489f27517b21db61398cc103f863eb71e1034997e7f54b463be9c34568b | ||||
| 86 | File Hash | cppcc_1.pps | 5e4dd3e3d21a25a2680320ad79ef773f133312210adcd45b09bfb183c5797004 | ||||
| 87 | File Hash | cppcc_2.pps | 04317dd251b6eb22ce0941dda9821463fe53a51140d4ac639b9d0463dbf61372 | ||||
| 88 | File Hash | election.pps | 7ce893d1e08ef1ce62706eabe9aa0813e5e495d4f24955ca5020c3191968ec3a | ||||
| 89 | File Hash | enggmarvels_1.pps | 79af494cfb231c267d3149d4922a16ea0086c4ba63b584e6ff8dc463235eb999 | ||||
| 90 | File Hash | enggmarvels_2.pps | 0803956f7919f3ac71f345a59c3803b0ab5e32e8f9c408b0eff0716a013c020d | ||||
| 91 | File Hash | fengnew33.pps | caf046809672fa9b162ddb633f12f1c817c8aab42da994398135b0b2b5b2f01c | ||||
| 92 | File Hash | fengnew36.pps | e61a805907a44c61458baae92cb9a2bb901d76102fe94ae0a6ef287cf71fb4ae | ||||
| 93 | File Hash | fengnew63.pps | 3e282a1cdcc692415998633af2a15d79dcfb2ce90734bf90138e9bd3e3c32f7f | ||||
| 94 | File Hash | fengnew66.pps | 0edb3efd98de5d135f3326129a4d7a5546484570d9949e6103179a0e5e6b97dd | ||||
| 95 | File Hash | futuredrones_1.pps | 13f03f67d748ece55bcdd77373668e89d97c340f426aac5097817b6bb91c6844 | ||||
| 96 | File Hash | futuredrones_2.pps | 43c1bee83e6f814a4028192f9f52fb89fea986815da43654ce991f06bbd48b5e | ||||
| 97 | File Hash | gaokaonewschedule_1.pps | a725cf180706c6060f344ac8cecc1c23e90358a1170c61db7dd8a3be4d109e8b | ||||
| 98 | File Hash | gaokaonewschedule_2.pps | 12ffc8454be5a73a894eea89d1617d256f0e65fe403a2c19558b3f484c7cbe03 | ||||
| 99 | File Hash | harbin_1.pps | 2c1a70bf43bd622201321e902982153f13414e2f42f0a17fad0e9d35ba8613f4 | ||||
| 100 | File Hash | Implication_China_mil_reforms_1.pps | 97503d2302fc3b51f666f6d4ea067b499d185f807fb5a61cee49851d0417ade8 | ||||
| 101 | File Hash | japan_pivot_1.pps | 887cc8220cd9722d114cf575f1cb7758c2e10f3d8904121dc9fe0b749c6955bb | ||||
| 102 | File Hash | japan_pivot_2.pps | 18af865435967f803a2b2cf8ef0ec1a859d6d9612a59c01a59c77d31fda9c91d | ||||
| 103 | File Hash | jtopcentrecomn.pps | 7169ee156199b86e7149cb9c49a146b5d20afe02d90d315e00b3980419c41d14 | ||||
| 104 | File Hash | korea1.pps | 1ea09eb00f49a92505c22f2f4569e035894cb765a8be87adcbc94c01a8d9d5c0 | ||||
| 105 | File Hash | militarizationofsouthchinasea_1.pps | 53a30dfd90bd1208dcfe534ccd0b798d629aa989ccaeae952384cfe9ecb17369 | ||||
| 106 | File Hash | militarizationofsouthchinasea_2.pps | 9d0d420c696083023300545754f0428549bb62f33c6e492eb4ace8ce95ce8af0 | ||||
| 107 | File Hash | MilitaryReforms1.pps | ccbbf41f7e385f511ec25925cdc177bb23a3106974fa1c61fdfea4af70489b36 | ||||
| 108 | File Hash | MilitaryReforms2.pps | 09d7cd078a46a33750b002594eb7340af55a1cefe5f4451a8bdfcd6af97449bf | ||||
| 109 | File Hash | MilReforms_1.pps | c126471d35f0fcff4ebafd8fb331e328b67e07312fbaa60c8a131e318b41a839 | ||||
| 110 | File Hash | MilReforms_2.pps | c2d39a5ed25caf84d5ce68375e420b6445aff0c63a7f820ae6a3d0e24eb5e161 | ||||
| 111 | File Hash | my_lovely_pics_3.pps | 39cf8b7bbceac5d150cc9fafbf2d7492d353771ec40919d1777fba8d6d2da2b4 | ||||
| 112 | File Hash | my_lovely_pics_6.pps | cc810280206c3ee96f88840d6e23bd2c849bfb48f4e97c2ea1c8ef47ce06ba9b | ||||
| 113 | File Hash | my_photos_3.pps | b4487148d05bc4acc932b47c0a01371c459eea12fc7fd4f21af127dee2f619f4 | ||||
| 114 | File Hash | my_photos_6.pps | 1c60523b5c2cfc176549d4a8c14c2759c504cce23da86cf3dcb99c21ddf30f5a | ||||
| 115 | File Hash | nail_art_3.pps | 48219520a01ef9ec5f499cdb3f3ad8e9899b0c15800acb66cb0df5fe74f49cce | ||||
| 116 | File Hash | nail_art_6.pps | 77a43ddd5b90b25b189f970ec76224085f7b7210922e611ed38905d4190d7cc3 | ||||
| 117 | File Hash | netflix1.pps | 88e2e7df29450f673081161e105b561f67bba65ce00d12da90b26149c2960631 | ||||
| 118 | File Hash | netflix2.pps | 2f6ed134adf8d29dd9e25b8f8f863389742dd5ff6d9104329c2fecb66b9e1604 | ||||
| 119 | File Hash | Obama_Gift_China_1.pps | 77b1ea1a200a17f8e14a8b6471ee6c4921c8c6b59026ce799ecaf7edd54b15e8 | ||||
| 120 | File Hash | Obama_Gift_China_2.pps | 21b2f9c134a8fe2f021884852b41eed5739c791a19f0145a5a665015cede543b | ||||
| 121 | File Hash | pension_1.pps | 6b821ad306c9baa18b7d77a06bbbff032a55ba1bc4b7f93b747477facb8b8fa0 | ||||
| 122 | File Hash | stewardess1.pps | d4a9a07192ba6ddafe86ea8c72277650cc8996cd1ec487d3677d8a4e92e28983 | ||||
| 123 | File Hash | stewardess2.pps | 8869567e461c5fe15e4a2d66e28a04445eebf76a0fdc3fc98e3edca6f032e423 | ||||
| 124 | File Hash | syria_china.pps | 53dc1535397fe9bdefd4d69bf8b22751668dfc1054713aab71b6048fbd23423a | ||||
| 125 | File Hash | TaiwanDiplomaticAccess_1.pps | da06b7ee42a7d2f0cf7dd5f225373806cd054b2a3b8fdbba7a0873479c98dfba | ||||
| 126 | File Hash | TaiwanDiplomaticAccess_2.pps | eb31ffe6666d8307fa59da3d41a5bf0d9f936d909a5f955e0329ab24d64bce90 | ||||
| 127 | File Hash | tibetculture_1.pps | eed9c5e8ec7d25a5c9f15d30d80413edf65ec4f495c3d244c9d55d134e0cccef | ||||
| 128 | File Hash | tibetculture_2.pps | f9a9808927bccb8a08828b16cf288a89a1b0b67fe55055f5bbcd777fc312b4ce | ||||
| 129 | File Hash | underestimatingUS_1.pps | a358679e2474750c0ae064590e80085035cdec6028c9025cf4dc48dd610de88e | ||||
| 130 | File Hash | underestimatingUS_2.pps | 511111ebb818471c1402631494aade54f3d13b57eb9cc705392edb615153950d | ||||
| 131 | File Hash | UruguayJan-Jun_1o.pps | 637b305164ed634f4c20bcb89030417f9d41446e5c8517e671ef4c122195ccea | ||||
| 132 | File Hash | uruguayjan-jun_1.pps | fe3f4bd9810389e68ead6d29270050275440281de0b78532ea9c71d9b3db41f6 | ||||
| 133 | File Hash | UruguayJan-Jun_2o.pps | 5f203ea304b97727e6a607c54713da69925337ac1eff98c7761e184c33d37c4d | ||||
| 134 | File Hash | uruguayjan-jun_2.pps | b9f0e2b6ca667cbabcec0c2cd311eefb831776c33ab679a109345507030b259d | ||||
| 135 | File Hash | UruguayJul-Dec_1o.pps | 66c946d8915c367ec23fedecaa730493d9df292d8b13fbdd56ffcda49a065ac2 | ||||
| 136 | File Hash | uruguayjul-dec_1.pps | a870b9b7d84bbb95da6dcb633f74731b316f4bc77bd71edc779928b71c1e5a4f | ||||
| 137 | File Hash | UruguayJul-Dec_2o.pps | 0abd0d44d12993124ba3081990342ea7d5ab75d1e639b60a4d02960ed2f54b66 | ||||
| 138 | File Hash | uruguayjul-dec_2.pps | af826881bfead39e6319131359521502076a83d75f02ab2fd0754c5a82ab2f73 | ||||
| 139 | File Hash | us_srilanka_relations_1.pps | 665b6ffd8ada42e0a1e77a377970eec3b2b8a915d101c7888d1b28e86c80ebfa | ||||
| 140 | File Hash | us_srilanka_relations_2.pps | e01b1267f5c12291dbcbaa04fcd558b8f7415f11dfe0f2a4cdabe8e69277e52a | ||||
| 141 | File Hash | WILL_ISIS_INFECT_BANGLADESH.pps | 75f8073fa5f842a6ca78e27a703a6b0a30ecba3f9f51e23fcf810b2489db5fb5 | ||||
| 142 | File Hash | zodiac_1.pps | 53d6ae6e3f883f1e1ebc9e0b6bdbd8ec8dad344b0988fb4e28b17c19f7385e7e | ||||
| 143 | File Hash | zodiac_2.pps | 55a5d4f879250dbe57523c7caf7fd55b7324043780dd697e9a8b7061500c8c85 | ||||
| 144 | URL | http://212[.]129.13.110/update-request.php?profile= | Upload file link used in sysvolinfo.exe | ||||
| 145 | URL | http://212[.]129.13.110/dropper.php?profile= | C&C url used by sysvolinfo.exe | ||||
| 146 | URL | http://cnmilit[.]com | Spear phishing dropper | ||||
| 147 | URL | http://t.ymlp50[.]com/jmyafaejshbafahshaaambmus/click.php | Spear phishing dropper | ||||
| 148 | URL | mozarting[.]com | Suspected IOC | ||||
| 149 | URL | blingblingg[.]com | Suspected IOC | ||||
| 150 | URL | aaskmee[.]com | Suspected IOC | ||||
| 151 | URL | revoltmax[.]com | Suspected IOC | ||||
| 152 | URL | eyescreem[.]com | Suspected IOC | ||||
| 153 | URL | outlookkz[.]com | Suspected IOC | ||||
| 154 | URL | xmachinez[.]com | Suspected IOC | ||||
| 155 | URL | pizzahomez[.]com | Suspected IOC | ||||
| 156 | URL | newsnstat[.]com | Suspected IOC | ||||
| 157 | URL | 163-cn[.]org | Suspected IOC | ||||
| 158 | URL | cnmilit[.]com | Suspected IOC | ||||
| 159 | URL | 81-cn[.]net | Suspected IOC | ||||
| 160 | URL | climaxcn[.]com | Suspected IOC | ||||
| 161 | URL | expatchina[.]info | Suspected IOC | ||||
| 162 | URL | miltechweb[.]com | Suspected IOC | ||||
| 163 | URL | nduformation[.]com | Suspected IOC | ||||
| 164 | URL | securematrixx[.]com | Suspected IOC | ||||
| 165 | URL | xbladezz[.]com | Suspected IOC | ||||
| 166 | URL | asiandefnetwork[.]com | Suspected IOC | ||||
| 167 | URL | dailychina[.]news | Suspected IOC | ||||
| 168 | URL | sinodefprog[.]info | Suspected IOC | ||||
| 169 | URL | qqgroups[.]info | Suspected IOC | ||||
| 170 | URL | chinastrat[.]com | Suspected IOC | ||||
| 171 | URL | miltechcn[.]com | Suspected IOC | ||||
| 172 | URL | numeronez[.]com | Suspected IOC | ||||
| 173 | URL | telemediaz[.]com | Suspected IOC | ||||
| 174 | URL | majidalfuttaiim[.]com | Suspected IOC | ||||
| 175 | URL | webworldreq[.]com | Suspected IOC | ||||
| 176 | URL | nextraload[.]com | Suspected IOC | ||||
| 177 | URL | junshiyuehui[.]com | Suspected IOC | ||||
| 178 | URL | cndailynetwork[.]info | Suspected IOC | ||||
| 179 | URL | extrememachine[.]org | Suspected IOC | ||||
| 180 | URL | wikifedia[.]space | Suspected IOC | ||||
| 181 | URL | yue-lao[.]info | Suspected IOC | ||||
| 182 | URL | you-yisi[.]com | Suspected IOC | ||||
| 183 | URL | annchenn[.]com | Suspected IOC | ||||
| 184 | URL | office-rb-support[.]com | Suspected IOC | ||||
| 185 | URL | greatdexter[.]com | Suspected IOC | ||||
| 186 | URL | haiwaipengyou[.]com | Suspected IOC | ||||
| 187 | URL | extremerebolt[.]com | Suspected IOC | ||||
| 188 | URL | matrixrevolt[.]com | Suspected IOC | ||||
| 189 | URL | info81[.]com | Suspected IOC | ||||
| 190 | URL | chinastrats[.]com | Suspected IOC | ||||
| 191 | URL | epg-cn[.]com | Suspected IOC | ||||
| 192 | URL | nutcn[.]com | Suspected IOC | ||||
| 193 | URL | modgovcn[.]com | Suspected IOC | ||||
| 194 | URL | climaxcn[.]com | Suspected IOC | ||||
| 195 | URL | socialfreakzz[.]com | Suspected IOC | ||||
| 196 | URL | militaryworkerscn[.]com | Suspected IOC | ||||
| 197 | URL | extremebolt[.]com | Suspected IOC | ||||
| 198 | URL | lujunxinxi[.]com | Suspected IOC | ||||
| 199 | URL | letsgetclose[.]com | Suspected IOC | ||||
| 200 | URL | milresearchcn[.]com | Suspected IOC | ||||
| 201 | URL | alfred.ignorelist[.]com | Suspected IOC | ||||
| 202 | URL | symantecz[.]com | Suspected IOC | ||||
| 203 | URL | nudtcn[.]com | Suspected IOC | ||||
| 204 | Mutex | {9754893678976458374658764387563876} | Mutex used in 7zip.exe |