-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathblocklists-cyfirma.txt
191 lines (151 loc) · 6.43 KB
/
blocklists-cyfirma.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
## hosts-blocklists
## domains-ips-hashes
## blocklists-cyfirma
## https://www.cyfirma.com/research/
# https://www.cyfirma.com/research/samsstealer-unveiling-the-information-stealer-targeting-windows-systems/
02fe599ed41cc4bd54a1d6a3cc2d830a
1f913f8d71f0f4d65858b5ba0ea94a9c
7d63047a48fa8984f11544149c2f0e70
31c73ad35b23e4d98ed974e604b85e00
56acc1496d8e5bbc0e412c683971b809
83f94302ae92909bc3b2834a5342d4a5
631eacb4519fd49048491c9b5ec6bda5
824e149b9c2bdd5dbe37f472533230af
11751f8d847764936b7bf014302da87f
64410e06f80e75b6503e5525c323243b
cb95c77750732c0a4dd29c1d4feb6f69
da493648ca3b8fd9dbad7bbca659b796
# https://www.cyfirma.com/research/new-pakistan-based-cyber-espionage-groups-year-long-campaign-targeting-indian-defense-forces-with-android-malware/
38.92.47.116
6C9A7E15D666FD61F62F1802D79782753BA25AAA76ECC86401658807F5D41503
78625E72074EEE611866AB04AE1935F2152ED695D3ADCD68061D10386170668B
# https://www.cyfirma.com/research/obfuscated-batch-scripts-journey-to-monero-mining/
89.23.97.199
0c0195c48b6b8582fa6f6373032118da
0282de7d55c591fea67ecb0629bfc78d
7b7f17bbd599bfb44ea76430aeb6d6d4
53e94b9b26ea1c1692a718c31fba8c14
801d370ed441d0dc9dc1dd4d26f0a710
8799ef3b57d0e76211bfd01a55d29f01
59756d324c2d605d4cee59d5c4671ff7
84864dd9b923cd223aad9852c806b3cd
318686da42c473d1e1830ef038f80749
952138ef10f6d3814ed5888a4baa63cc
a4fe3e69c2f52e38a34722d28e6423d4
aed04cc22f8d4cc2bc6f0b07ee1d3c33
ddaaa8d00a819594a54946bd0be99eb5
ed3dc99329202fa901203b8100643357
f2a03b36a0699b186f2e4b2e613b5f86
3fd88848783c0715b19bcb9928f397340176e3d9
7e4f082320b8e9299d4fdb47d84e90282f75441e
89e2843362748e1206cc59946923e15c4450bc82
509b94234bf0c1e20e60770628a45e60aa6691ee
636b630682257397891b9b16d68346c689e47a9a
947bc0e75649c5dfe3822ba983fcb66f72f97325
782883a4d905930639fed43e65ebd68e165f41ba
1701478a9e499f0545188a84f1eb2d11c7fbd4e5
79525044e5a0d21fb453990981796e9af337a157
ad822713a862cb63a907473fdadab453be8a52be
af05b9ff6cd94a945dcd1646347c32f3c88bbc41
d25340ae8e92a6d29f599fef426a2bc1b5217299
da6a98df294b4d7c54f2af93d178b733d90c626e
e0d39d79e53a27c32a251b2f4b7476e24f95a80b
ee0c1f07fe2630a1871a7154961ecf3ab426dc1f
f71cb2f03385f80e8e42830ead296d2e503c5971
0b73a0a29425663deeecfcf7231ec57c827e2c00bee1cc854f100f544a520fcd
2db5b28fe6d694f6d064edd3713e701aa19725ae6de31c796d00dcb0c6e6ad1b
3fc0286c2fc31538344011001eaad44073b0440ad857b97b0a84c7dbb670f231
8eae2e431412e59daf4c20c05a6cfcdfbe84a6cb4739e2964ab8cfc74df6a92f
11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
37af3dd3964b98a4296a266ef4ca71febd61755c9e7a248bc05a5b5ce5be91dc
51df1afc471e8f4805293b251acfa72c41f9b1ca67459df419440a1c65156059
84c1f4a43af3837294039bd3cb86c7c93f2bdfd39b19bad6e6cd7ba1c458dc7a
84372edb46a92d3dac855bcc54e5fd002b62f3c785f06051710a63ff754d6ef5
af6577428fbd2e28ef95a7a3b3cf89f833d7e2ac457b999e1905e0d0c1477132
b5a008e84b04f2d8c4dfc0451d1473e7514eecf5c2d5bf3e0c0881b3141bf7f8
b531b2e06b0d3bafabad968f28a255eeb61132dc3eafd76680d16e280790a5fe
e3aafbb5792fe5ba59fd33eb696efa4f92937f99f231f0dbf68dcdeeeca0226f
e45b0d801c435ae25fe9596c97f45aeb096f70b9fd3f8244c9bb7d85ed094c11
e656be193c3170d1838e13bdce48e708a2b15076d536a0e9bfacf3f366c62a51
# https://www.cyfirma.com/research/fletchen-stealer-an-information-stealer-with-sophisticated-anti-analysis-measures/
metamask.toyosol.com
test.brosecure360.com
38.180.120.148
45.61.139.51
162.241.85.73
185.166.39.91
195.35.3.209
487bae97ec7b96bc020511af3a3b3954
568aea1ddacf0948fc623e6695796e04
fd9ee313b9b543a53cb8843df91e18de
0a970e1e07e550b2c5d725ea82d5ef3d5e2cbf53da9561a8815e39e55ae89ec3
a3d23713b6a1bc888eae41a2884dd94c72b1d749de3015689c4f86ee2ebd00dd
e6134f3dca8c2d281f1af92eaf2551a737a46d88ab6eec1c09ffd7d4719a4fff
# https://www.cyfirma.com/research/new-campaign-identified-targeting-individuals-in-south-asia/
176.56.237.126
0D808D30525CF9BF822E2F695D8E1F83
0F30778FB27E4F8ADB00906F163385FE
5c62c1c3856dc45060c50bf1f6bb6cd7
6CB2D35E9FE00765F83BCC771579D653
6eaab68919b851e402b5fb46b8b37b18
39bcff51ad0c4491bea74c100240c86c
97b1e5ba1857d12d9f5f6e845622961a
A225651AB45BC8ABEF10E1DC1C03E786
dc001bad7f38cdb3bfe2f5ac08c5f3f5
e0541d63ac8093f1e472e63b96227844
fd3c5ff86016fe626ad8a23befe38bec
# https://www.cyfirma.com/research/vulnerability-analysis-and-exploitation-understanding-cve-2024-27198-in-jetbrains-teamcity/
79.110.62.188
88.214.25.36
146.190.250.247
# https://www.cyfirma.com/research/sync-scheduler-a-dedicated-document-stealer/
syncscheduler.com
146.70.157.120
004101dc501b9de8965e6b45debd07b6
39122a2bcf6c360271e8edb503bc2761
c1ab783d60cf05636eb4f72d17c6cf1d
df6b768247a9cdb5607819c79f02099d
6e4a4d25c2e8f5bacc7e0f1c8b538b8ad61571266f271cfdfc14725b3be02613
203d60fe1ebbfafc835e082774ee56088273d9455fb12ac1de2c1be410cceeec
316e01b962bf844c3483fce26ff3b2d188338034b1dbd41f15767b06c6e56041
2027a5acbfea586f2d814fb57a97dcfce6c9d85c2a18a0df40811006d74aa7e3
# https://www.cyfirma.com/research/nikki-stealer-ex-defacer-turns-seller-of-discord-stealer/
0fa64d5ad4c84011bef6e838d0f70121a3af53df5dbc3b5f5f0c16a8fb495244
01ae1b2996a35fb5a3eb40c33763058b01b892253458fb6c9a8b0efc6b98d0a0
7a32c14d724c8904511ccb4eca27cf62aaa31d85a05a0e443d28ad95d35b363c
1792a2b01c8aa7d9f3e8e75553d49c5b70d513ec76fbb37f5438a084fbe11200
# https://www.cyfirma.com/outofband/a-ransomware-that-doesnt-extort-money-windestroyer-its-origin/
83c23480f87f08d645b62bbd2448c40f
# https://www.cyfirma.com/outofband/exploiting-document-templates-stego-campaign-deploying-remcos-rat-and-agent-tesla/
shut.be
uploaddeimagens.com.br
45.74.19.84
107.173.4.15
115.251.187.194
178.237.33.50
7E9AFFFCD5105A119308BC5E1289FDA4
65efdcbd4bc64e6e48d82bfa31f710fd
ce91eb459e4f6a9e2871088d855cd211
b1db2292ba6cdddc3237f97f0ee0324f
ddb09774c5a870c73cf0cf71e6d97d3e
853c04a0494a2256e063583a4aab465b
85CBF9B1A0E3D8FDA14A86535E0692D9
9696B0F6AB7EAA2C312EEEB67B0E5F70
E765E253ADA44CC90DF9E196DF0D1EF1
85259BC31DECE470AF6778BD27F30488
2672a881a5374e507c3ca3a152617c21
7ed7dfb7e823a6eb10591d86a2d25222
e85e113f938d9f64de952308c0ad8333
5f8d4be7bb31e0177d29df6f65abe6fc
# https://www.cyfirma.com/outofband/xeno-rat-a-new-remote-access-trojan-with-advance-capabilities/
internal-liveapps.online
45.61.139.51
0aa5930aa736636fd95907328d47ea45
6f9e84087cabbb9aaa7d8aba43a84dcf
13b1d354ac2649b309b0d9229def8091
7704241dd8770b11b50b1448647197a5
4d0d8c2696588ff74fe7d9f8c2097fddd665308fccf16ffea23b9741a261b1c0
96b091ce5d06afd11ee5ad911566645dbe32bfe1da2269a3d3ef8d3fa0014689
848020d2e8bacd35c71b78e1a81c669c9dc63c78dd3db5a97200fc87aeb44c3c
1762536a663879d5fb8a94c1d145331e1d001fb27f787d79691f9f8208fc68f2