blocklists-unit42.txt

## hosts-blocklists
## domains-ips-hashes

## blocklits-unit42
## https://unit42.paloaltonetworks.com/


# https://unit42.paloaltonetworks.com/cybersquatting-using-genai-keywords/

33115c.com
bardassai.com
chatgpt000.cn
chatgpt0002.cn
chatgpt005.cn
chatgpt006.cn
chatgpt008.cn
chatgpt009.cn
chatgpt138.cn
chatgpt178.cn
chatgpt188.cn
chatgptapp000.cn
chatgptapp888.cn
chatgptapp999.cn
chatgptios.cn
chatgptproapp.com
gemini-addons.com
gemini-agents.com
gemini-agi.com
gemini-super-intelligence.com
gemini-superintelligence.com
geminisuperintelligence.com
gpt-vision.com
gptsotre.com
internationaljobsite.com
janoub-hightech.com
ketlenpack.online
msftchatgpt.com
my-gpt-cpa.com
oha-chatbot.xyz

bad2294523c7abd42c3184d1e513bf851cb649a4acd9543cdf5d54d21f52c937

# https://unit42.paloaltonetworks.com/accelerating-malware-analysis/

assaultseekwoodywod.pw
cakecoldsplurgrewe.pw
chincenterblandwka.pw
dayfarrichjwclik.fun
diagramfiremonkeyowwa.fun
neighborhoodfeelsa.fun
opposesicknessopw.pw
pinkipinevazzey.pw
politefrightenpowoa.pw
ratefacilityframw.fun
reviveincapablewew.pw

5.42.64.67
77.105.132.70
82.147.85.205
104.21.32.12
128.140.69.37:80
142.132.232.235
172.67.182.33
177.105.132.70
177.105.132.124

04ec79fb6e3260c8db46aea8e5cc6a42ad6e2af1c7c0cf46866a06b4acb98bae
09df06e192569b671d8f4b7587a5ba184392e80195968d0e4f1ab0c21de65c5e
5b8e99a46d7c077152ef954e74a2ff1ad3de0adb34aa0b96f6f02fa60426d12f
101b9564ba11aa44372b37b1143eac0d5dd1e3f38c6a35517de843b9f23b3704
504a6b8ce51c3be7de7e74c98c6da3fe12b186f634c441b43fa21f3350b7f1a3
564d742044e5ac9f6279c01c5c29bb801606b63c6c2cbfc2af09d8f2a73b84a6
50351b1ff64cd2e8d799f5153ff853a650e8782c49f241a123c8779ff3fa2a3d
d69fe5cb1ded3aaa9a8b64824d820a72da0a1d43c9298cfcb5072f0060aefb8c
e8af36287e2270581fd5f2d28c6e0b83b337f58d430554d28dbf55d2ca09fcca
e20124da608445d9df1c71b1ad3530331a86b773b0b2f6a43ad32ec3d061a297

# https://unit42.paloaltonetworks.com/ra-world-ransomware-group-updates-tool-set/

0183edb40f7900272f63f0392d10c08a3d991af41723ecfd38abdfbfdf21de0a
2a4e83ff1c48baa3d526d51d09782933cec6790d5fa8ccea07633826f378b18a
2d22cbe3b1d13af824d10bb55b61f350cb958046adf5509768a010df53409aa8
7c14a3908e82a0f3c679402cf060a0bcae7791bdc25715a49ee7c1fc08215c93
8e4f9e4c2bb563c918fbe13595de9a32b307e2ce9f1f48c06b168dbbb75b5e89
25ba2412cf0b97353fa976f99fdd2d9ecbbe1c10c1b2a62a81d0777340ce0f0a
31ac190b45cc32c04c2415761c7f152153e16750516df0ce0761ca28300dd6a4
36ce5b2c97892f86fd0e66d9dd6c4fbd4a46e7f91ea55cc1f51dee3a03417a3a
74fb402bc2d7428a61f1ac03d2fb7c9ff8094129afd2ec0a65ef6a373fd31183
93aae0d740df62b5fd57ac69d7be75d18d16818e87b70ace5272932aa44f23e4
108a3966b001776c0cadac27dd9172e506069cb35d4233c140f2a3c467e043d0
817b7dab5beba22a608015310e918fc79fe72fa78b44b68dd13a487341929e81
826f05b19cf1773076a171ef0b05613f65b3cc39a5e98913a3c9401e141d5285
4392dcce97df199e00efb7a301e26013a44ee79d9b4175d4539fae9aed4f750b
9479a5dc61284ccc3f063ebb38da9f63400d8b25d8bca8d04b1832f02fac24de
31105fb81a54642024ef98921a524bf70dec655905ed9a2f5e24ad503188d8ae
57225f38b58564cf7ec1252fbf12475abee58bd6ea9500eb7570c49f8dc6a64c
330730d65548d621d46ed9db939c434bc54cada516472ebef0a00422a5ed5819
1066395126da32da052f39c9293069f9bcc1c8d28781eb9d44b35f05ce1fd614
af4a08bbe9f698a8a9666c76c6bdac9a29b7a9572e025f85f2a6f62c293c0f5e
b2b59f10e6bdbe4a1f8ff560dbfe0d9876cbb05c7c27540bd824b17ceb082d62
bb63887c03628a3f001d0e93ab60c9797d4ca3fb78a8d968b11fc19da815da2f
bc2caec044efe0890496c56f29d7c73e3915740bc5fda7085bb2bb89145621e5
d0c8dc7791e9462b6741553a411a5bfa5f4a9ad4ffcf91c0d2fc3269940e48a2
d311674e5e964e7a2408b0b8816b06587b2e669221f0e100d4e0d4a914c6202c
e31f5ebff2128decd36d24af7e155c3011a9afdc36fd14480026de151e1ecee2
f1c576ed08abbb21d546a42a0857a515d617db36d2e4a49bedd9c25034ccd1e2

# https://unit42.paloaltonetworks.com/apk-badpack-malware-tampered-headers/

0003445778b525bcb9d86b1651af6760da7a8f54a1d001c355a5d3ad915c94cb
015bd2e799049f5e474b80cbbdcd592ce4e2dfbfae183bada86a9b6ec103e25e
90c41e52f5ac57b8bd056313063acadc753d44fb97c45c2dc58d4972fe9f9f21
131135a7c911bd45db8801ca336fc051246280c90ae5dafc33e68499d8514761

# https://unit42.paloaltonetworks.com/darkgate-malware-uses-excel-files/

adfhjadfbjadbfjkhad44jka.com
diveupdown.com
nextroundst.com

02acf78048776cd52064a0adf3f7a061afb7418b3da21b793960de8a258faf29
08d606e87da9ec45d257fcfc1b5ea169b582d79376626672813b964574709cba
2e34908f60502ead6ad08af1554c305b88741d09e36b2c24d85fd9bac4a11d2f
4b45b01bedd0140ced78e879d1c9081cecc4dd124dcf10ffcd3e015454501503
9a2a855b4ce30678d06a97f7e9f4edbd607f286d2a6ea1dde0a1c55a4512bb29
9b2be97c2950391d9c16497d4362e0feb5e88bfe4994f6d31b4fda7769b1c780
44a54797ca1ee9c896ce95d78b24d6b710c2d4bcb6f0bcdc80cd79ab95f1f096
51ab25a9a403547ec6ac5c095d904d6bc91856557049b5739457367d17e831a7
51f1d5d41e5f5f17084d390e026551bc4e9a001aeb04995aff1c3a8dbf2d2ff3
96e22fa78d6f5124722fe20850c63e9d1c1f38c658146715b4fb071112c7db13
378b000edf3bfe114e1b7ba8045371080a256825f25faaea364cf57fa6d898d7
585e52757fe9d54a97ec67f4b2d82d81a547ec1bd402d609749ba10a24c9af53
897b0d0e64cf87ac7086241c86f757f3c94d6826f949a1f0fec9c40892c0cecb
2384abde79fae57568039ae33014184626a54409e38dee3cfb97c58c7f159e32
a01672db8b14a2018f760258cf3ba80cda6a19febbff8db29555f46592aedea6
b4156c2cd85285a2cb12dd208fcecb5d88820816b6371501e53cb47b4fe376fd
b28473a7e5281f63fd25b3cb75f4e3346112af6ae5de44e978d6cf2aac1538c1
ba8f84fdc1678e133ad265e357e99dba7031872371d444e84d6a47a022914de9
F9d8b85fac10f088ebbccb7fe49274a263ca120486bceab6e6009ea072cb99c0

# https://unit42.paloaltonetworks.com/javascript-malware-gootloader/

b939ec9447140804710f0ce2a7d33ec89f758ff8e7caab6ee38fe2446e3ac988
c853d91501111a873a027bd3b9b4dab9dd940e89fcfec51efbb6f0db0ba6687b

# https://unit42.paloaltonetworks.com/attackers-exploit-public-cobalt-strike-profiles/

consumershop.lenovo.com.cn.d4e97cc6.cdnhwcggk22.com
cupdater.bbtecno.com
gupdater.bbtecno.com
msdn1357.centralus.cloudapp.azure.com
msupdate.azurefd.net
msupdate.brazilsouth.cloudapp.azure.com
o365updater.azureedge.net
teamsupd.azurewebsites.net
update37.eastus.cloudapp.azure.com
update.westus.cloudapp.azure.com
 
146.235.52.69
159.112.177.137

38eeb82dbb5285ff6a2122a065cd1f820438b88a02057f4e31a1e1e5339feb2b
1980becd2152f4c29dffbb9dc113524a78f8246d3ba57384caf1738142bb3a07
B587e215ce8c0b3a1525f136fe38bfdc0232300e1a4f7e651e5dc6e86313e941

# https://unit42.paloaltonetworks.com/operation-diplomatic-specter/

api.microsoft-ns1.com
cloud.microsoft-ns1.com
govm.tk
home.microsoft-ns1.com
labour.govu.ml
static.microsoft-ns1.com
update.microsoft-ns1.com

103.108.67.153
103.108.192.238
103.149.90.235
192.225.226.217
194.14.217.34

0b980e7a5dd5df0d6f07aabd6e7e9fc2e3c9e156ef8c0a62a0e20cd23c333373
0e0b5c5c5d569e2ac8b70ace920c9f483f8d25aae7769583a721b202bcc0778f
0f72e9eb5201b984d8926887694111ed09f28c87261df7aab663f5dc493e215f
22d556db39bde212e6dbaa154e9bcf57527e7f51fa2f8f7a60f6d7109b94048e
62dec3fd2cdbc1374ec102d027f09423aa2affe1fb40ca05bf742f249ad7eb51
8198c8b5eaf43b726594df62127bcb1a4e0e46cf5cb9fa170b8d4ac2a4dad179
d5a44380e4f7c1096b1dddb6366713aa8ecb76ef36f19079087fc76567588977

# https://unit42.paloaltonetworks.com/three-dns-tunneling-campaigns/

3yfr6hh9dd3.com
4bs6hkaysxa.com
8egub9e7s6cz7n.com
8jtuazcr548ajj.com
8kk68biiitj.com
66tye9kcnxi.com
85hsyad6i2ngzp.com
93dhmp7ipsp.com
anrad9i7fb2twm.com
api536yepwj.com
aucxjd8rrzh7xf.com
b5ba24k6xhxn7b.com
bb62sbtk3yi.com
cgb488dixfxjw7.com
cytceitft8g.com
d6zeh4und3yjt9.com
dipgprjp8uu.com
edrefo.com
ege6wf76eyp.com
epyujbhfhbs35j.com
f6kf5inmfmj.com
f6ywh2ud89u.com
frotel.info
h82c3stb3k5.com
hhmk9ixaw9p3ec.com
hjmpfsamfkj5m5.com
hwa85y4icf5.com
ifjh5asi25f.com
iszedim8xredu2.com
m9y6dte7b9i.com
n98erejcf9t.com
npknraafbisrs7.com
patycyfswg33nh.com
pordasa.info
rhctiz9xijd4yc.com
rz53par3ux2.com
secdns.site
secshow.net
secshow.online
simitor.com
sn9jxsrp23x63a.com
swh9cpz2xntuge.com
szd4hw4xdaj.com
tp7djzjtcs6gm6.com
uxjxfg2ui8k5zk.com
vibnere.com
vitrfar.info
wj9ii6rx7yd.com
wk7ckgiuc6i.com
wzbhk2ccghtshr.com
y43dkbzwar7cdt.com
ydxpwzhidexgny.com
z54zspih9h5588.com

35.75.233.210
202.112.47.45

# https://unit42.paloaltonetworks.com/cve-2024-3400/

nhdata.s3-us-west-2.amazonaws.com

38.60.218.153
38.180.41.251
38.180.106.167
38.180.128.159
38.181.70.3
38.207.148.123
45.121.51.2
64.176.226.203
66.235.168.222
78.141.232.174
110.47.250.103
126.227.76.24
144.172.79.92
146.70.192.174
147.45.70.100
149.28.194.95
149.88.27.212
154.223.16.34
172.233.228.93
173.255.223.159
185.108.105.110
199.119.206.28
203.160.86.91

3de2a4392b8715bad070b2ae12243f166ead37830f7c6d24e778985927f9caac
5460b51da26c060727d128f3b3d6415d1a4c25af6a29fef4cc6b867ad3659078

# https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/

dnslog.store

45.66.230.32
45.130.22.219
85.208.139.73
87.120.88.13
95.214.27.244
103.95.196.149
103.110.33.164
103.131.57.59
103.212.81.116
103.228.126.17
137.220.130.2
145.40.126.81
146.19.191.85
146.19.191.108
176.97.210.211
185.112.83.15
193.31.28.13
193.47.61.75
217.114.43.149
 
23190d722ba3fe97d859bd9b086ff33a14ae9aecfc8a2c3427623f93de3d3b14

# https://unit42.paloaltonetworks.com/chinese-apts-target-asean-entities/

ai.nerdnooks.com
openservername.com
web.daydreamdew.net

65.20.103.231
103.27.109.157
123.253.32.71
139.59.46.88
146.70.149.36
192.153.57.98
193.149.129.93

02f4186b532b3e33a5cd6d9a39d9469b8d9c12df7cb45dba6dcab912b03e3cb8
5cd4003ccaa479734c7f5a01c8ff95891831a29d857757bbd7fe4294f3c5c126
316541143187acff1404b98659c6d9c8566107bd652310705214777f03ea10c8
a16a40d0182a87fc6219693ac664286738329222983bd9e70b455f198e124ba2
d393349a4ad00902e3d415b622cf27987a0170a786ca3a1f991a521bff645318

# https://unit42.paloaltonetworks.com/strelastealer-campaign/

193.109.85.231

0d2d0588a3a7cff3e69206be3d75401de6c69bcff30aa1db59d34ce58d5f799a
3189efaf2330177d2817cfb69a8bfa3b846c24ec534aa3e6b66c8a28f3b18d4b
544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45
aea9989e70ffa6b1d9ce50dd3af5b7a6a57b97b7401e9eb2404435a8777be054
b8e65479f8e790ba627d0deb29a3631d1b043160281fe362f111b0e080558680
e6991b12e86629b38e178fef129dfda1d454391ffbb236703f8c026d6d55b9a1
f95c6817086dc49b6485093bfd370c5e3fc3056a5378d519fd1f5619b30f3a2e

# https://unit42.paloaltonetworks.com/curious-serpens-falsefont-backdoor/

digitalcodecrafters.com

64.52.80.30

4145e792c9e9f3c4e80ca0e290bd7568ebcef678affd68d9b505f02c6acaab12
364275326bbfc4a3b89233dabdaf3230a3d149ab774678342a40644ad9f8d614

# https://unit42.paloaltonetworks.com/analysis-of-bunnyloader-malware/

37.139.129.145
134.122.197.80
172.105.124.34
185.241.208.83
185.241.208.104
195.10.205.23

0f425950ceaed6578b2ad22b7baea7d5fe4fd550a97af501bca87d9eb551b825
1a5ad9ae7b0dcdc2edb7e93556f2c59c84f113879df380d95835fb8ea3914ed8
2ab21d859f1c3c21a69216c176499c79591da63e1907b0d155f45bb9c6aed4eb
2d39bedba2a6fb48bf56633cc6943edc6fbc86aa15a06c03776f9971a9d2c550
2e9d6fb42990126155b8e781f4ba941d54bcc346bcf85b30e3348dde75fbeca1
3a64f44275b6ff41912654ae1a4af1d9c629f94b8062be441902aeff2d38af3e
5f09411395c8803f2a735b71822ad15aa454f47e96fd10acc98da4862524813a
52b7cdf5402f77f11ffebc2988fc8cdcd727f51a2f87ce3b88a41fd0fb06a124
62f041b12b8b4e0debd6e7e4556b4c6ae7066fa17e67900dcbc991dbd6a8443f
74c56662da67972bf4554ff9b23afc5bdab477ba8d4929e1d7dbc608bdc96994
82a3c2fd57ceab60f2944b6fea352c2aab62b79fb34e3ddc804ae2dbc2464eef
c006f2f58784671504a1f2e7df8da495759227e64f58657f23efee4f9eb58216
c80a63350ec791a16d84b759da72e043891b739a04c7c1709af83da00f7fdc3a
cc2acf344677e4742b22725ff310492919499e357a95b609e80eaddc2b155b4b
ebc17dbf5970acb38c35e08560ae7b38c7394f503f227575cd56ba1a4c87c8a4
fffdf51cdb54f707db617b29e2178bb54b67f527c866289887a7ada4d26b7563

# https://unit42.paloaltonetworks.com/muddled-libra/

35.175.153.217
45.32.221.250
45.156.85.140
64.227.30.114
79.137.196.160
92.99.114.231
104.247.82.11
105.101.56.49
105.158.12.236
134.209.48.68
137.220.61.53
138.68.27.0
146.190.44.66
149.28.125.96
157.245.4.113
159.223.208.47
159.223.238.0
162.19.135.215
164.92.234.104
165.22.201.77
167.99.221.10
172.96.11.245
185.56.80.28
188.166.92.55
193.149.129.177
207.148.0.54
213.226.123.104

# https://unit42.paloaltonetworks.com/using-wireshark-exporting-objects-from-a-pcap/

smart-fax.com

08eb941447078ef2c6ad8d91bb2f52256c09657ecd3d5344023edccf7291e9fc
4ebd58007ee933a0a8348aee2922904a7110b7fb6a316b1c7fb2c6677e613884
10ce4b79180a2ddd924fdc95951d968191af2ee3b7dfc96dd6a5714dbeae613a
32e1b3732cd779af1bf7730d0ec8a7a87a084319f6a0870dc7362a15ddbd3199
749e161661290e8a2d190b1a66469744127bc25bf46e5d0c6f2e835f4b92db18
59896ae5f3edcb999243c7bfdc0b17eb7fe28f3a66259d797386ea470c010040
ca34b0926cdc3242bbfad1c4a0b42cc2750d90db9a272d92cfb6cb7034d2a3bd
cf99990bee6c378cbf56239b3cc88276eec348d82740f84e9d5c343751f82560
f808229aa516ba134889f81cd699b8d246d46d796b55e13bee87435889a054fb

# https://unit42.paloaltonetworks.com/new-linux-variant-bifrost-malware/

download.vmfare.com

45.91.82.127

2aeb70f72e87a1957e3bc478e1982fe608429cad4580737abe58f6d78a626c05
8e85cb6f2215999dc6823ea3982ff4376c2cbea53286e95ed00250a4a2fe4729

# https://unit42.paloaltonetworks.com/i-soon-data-leaks/#post-132721-_wven14kmgum2

gmail.isooncloud.com
mailnotes.online
mailteso.online
s3amazonbucket.com

8.218.67.52
74.120.172.10
118.31.3.116
207.246.101.169

db4497090a94d0189aa3c3f4fcee30d5381453ec5aa38962e2ca971074b74e8b

# https://unit42.paloaltonetworks.com/dll-hijacking-techniques/

0d4a7b43b5dbe8b8492c51a3f7595c8e188d558390ee1ab0586d1315b98619c9
0f2f0458d2f1ac4233883e96fe1f4cc6db1551cdcfdd49c43311429af03a1cd5
011fe9974f07cb12ba30e69e7a84e5cb489ce14a81bced59a11031fc0c3681b7
0709e3958f343346406c5a26029748f5d15101d3b7d8b8c1119f7642754ae64e
0989a9be27bdc8827008f1837e62d88a077f8541a7b080e367b08facd9382962
2ea71c9cbb949e96da71716d8a431952632b954c7fc5ba87e6f84684957f07ef
2f043922d42fbef8d1a08395bf0928d6181863c44b53bccc8c3806796db1c50e
2f5cf595ac4d6a59be78a781c5ba126c2ff6d6e5956dc0a7602e6ba8e6665694
3a5e69786ac1c458e27d38a966425abb6fb493a41110393a4878c811557a3b5b
3a429b8457ad611b7c3528e4b41e8923dd2aee32ccd2cc5cf5ff83e69c1253c2
3f98a3e8ea69daf06e6da6e8d495bba42e575dbd0ba26f5e6035efb017545be1
3fc4d023d96f339945683f6dc7d9e19a9a62b901bef6dc26c5918ce9508be273
4a6ebd82b30063c73283b5364e34fc735ad05b5dd62bfa77f38617e9b2937444
5e50329c4bcb67a1220f157744e30203727f5a55e08081d1ae65c0db635ce59d
8a1c5858440a3eaa91f7442b7453127432f240637d22793dca6bfe5406776fbe
8e801d3a36decc5e4ce6fd3e8e45b098966aef8cbe7535ed0a789575775a68b6
10fec9bf8d695ab14b1329cc6ca6d303d87617ffa76e3e4cc46f8f542e062d70
12c584a685d9dffbee767d7ad867d5f3793518fb7d96ab11e3636edcc490e1bd
19d07dbc58b8e076cafd98c25cae5d7ac6f007db1c8ec0fae4ce6c7254b8f073
26fc0efa8458326086266aae32ec31b512adddd1405f4dd4e1deed3f55f7b30d
27b8bfe997400a956cd7ec9a3f68e198fe690562d909185b7d41b1e9ce31c53f
35a273df61f4506cdb286ecc40415efaa5797379b16d44c240e3ca44714f945b
46c6ee9195f3bd30f51eb6611623aad1ba17f5e0cde0b5523ab51e0c5b641dbf
52cd066f498a66823107aed7eaa4635eee6b7914acded926864f1aae59571991
54fc9f4699d8fb59ce1635df5aaa2994b5d924d7b4d7626e1b5d9a406bef899d
66b7983831cbb952ceeb1ffff608880f1805f1df0b062cef4c17b258b7f478ce
86a5ce23cf54d75d9c8d9402e233d00f8f84a31324ae8e52da6172e987d9a87b
98ebb3e797e19e0e6aeffc6d03e7ad5ce76f941a175c3cacc3a7f0056d224f95
345ef3fb73aa75538fdcf780d2136642755a9f20dbd22d93bee26e93fb6ab8fd
515fd058af3dfd2d33d49b7c89c11c6ef04c6251190536ca735a27e5388aa7e7
3661ff2a050ad47fdc451aed18b88444646bb3eb6387b07f4e47d0306aac6642
25085c4f707583052d7070ddb5473bb0684e588694279c7f85e4c17e36837074
69985edc2510803cfd862bdf87c59cc963be1bde5e08a0f10c0fd109c2134eab
83129ed45151a706dff8f4e7a3b0736557f7284769016c2fb00018d0d3932cfa
86140e6770fbd0cc6988f025d52bb4f59c0d78213c75451b42c9f812fe1a9354
95205b92d597489b33854e70d86f16d46201803a1a9cb5379c0d6b7c0784dbc7
9990388776daa57d2b06488f9e2209e35ef738fd0be1253be4c22a3ab7c3e1e2
a08e0d1839b86d0d56a52d07123719211a3c3d43a6aa05aa34531a72ed1207dc
a8b7aaede89c587525906fa24f392b1ce0b4a73c6193eb6db95b586ae378649c
af8baffceafeda320eab814847dee4df74020cc4b96a4907816335ad9b03c889
c3ec461e8f3d386a8c49228a21767ff785840bc9ae53377f07ff52d0ccba1ccf
c8e0aa3b859ac505c2811eaa7e2004d6e3b351d004739e2a00a7a96f3d12430c
dafa952aacf18beeb1ebf47620589639223a2e99fb2fa5ce2de1e7ef7a56caa0
dca39474220575004159ecff70054bcf6239803fcf8d30f4e2e3907b5b97129c
df4ba449f30f3ed31a344931dc77233b27e06623355ece23855ee4fe8a75c267
e00918a579ced5783cefc27b1e1f9f0bc5b0f93a32d4a7170c7466b34cc360df
e4fdc02f196cedb98d2098b6993f6e28976abe9b5c8e9f9752dea493b9d1dcb9
e41f58d82394853fc49f2cccae07c06504cc1d1f3d49ba6bfd8f8762948b7c16
eadd74bbb7df21e45abc07c065876ba831978185c9e0845f19e86c151439020a
f2a6a326fb8937bbc32868965f7475f4af0f42f3792e80156cc57108fc09c034
f58d3d376c8e26b4ae3c2bbaa4ae76ca183f32823276e6432a945bcbc63266d9
f101cc7885e44eee63713a71bba85baa7c135a9b1fe49480e05fc872f84993e7
fbc4421f8454139f4e2ebd808ebb224c0d773b0d62f69ef2270da386a4aab3e7


# https://unit42.paloaltonetworks.com/connectwise-threat-brief-cve-2024-1708-cve-2024-1709/

118.69.65.60
155.133.5.14
155.133.5.15

# https://unit42.paloaltonetworks.com/volt-typhoon-threat-brief/

3a9d8bb85fbcfe92bae79d5ab18e4bca9eaf36cea70086e8d1ab85336c83945f
3c2fe308c0a563e06263bbacf793bbe9b2259d795fcc36b953793a7e499e7f71
3e9fc13fab3f8d8120bd01604ee50ff65a40121955a4150a6d2c007d34807642
4b0c4170601d6e922cf23b1caf096bba2fade3dfcf92f0ab895a5f0b9a310349
8fa3e8fdbaa6ab5a9c44720de4514f19182adc0c9c6001c19cf159b79c0ae9c2
9dd101caee49c692e5df193b236f8d52a07a2030eed9bd858ed3aaccb406401a
41e5181b9553bbe33d91ee204fe1d2ca321ac123f9147bb475c0ed32f9488597
66a19f7d2547a8a85cee7a62d0b6114fd31afdee090bd43f36b89470238393d7
93ce3b6d2a18829c0212542751b309dacbdc8c1d950611efe2319aa715f3a066
389a497f27e1dd7484325e8e02bbdf656d53d5cf2601514e9b8d8974befddf61
472ccfb865c81704562ea95870f60c08ef00bcd2ca1d7f09352398c05be5d05d
7939f67375e6b14dfa45ec70356e91823d12f28bbd84278992b99e0d2c12ace5
17506c2246551d401c43726bdaec800f8d41595d01311cf38a19140ad32da2f4
450437d49a7e5530c6fb04df2e56c3ab1553ada3712fab02bd1eeb1f1adbc267
6036390a2c81301a23c9452288e39cb34e577483d121711b6ba6230b29a3c9ff
b4f7c5e3f14fb57be8b5f020377b993618b6e3532a4e1eb1eae9976d4130cc74
baeffeb5fdef2f42a752c65c2d2a52e84fb57efc906d981f89dd518c314e231c
c0fc29a52ec3202f71f6378d9f7f9a8a3a10eb19acb8765152d758aded98c76d
c4b185dbca490a7f93bc96eefb9a597684fdf532d5a04aa4d9b4d4b1552c283b
c7fee7a3ffaf0732f42d89c4399cbff219459ae04a81fc6eff7050d53bd69b99
cd69e8a25a07318b153e01bba74a1ae60f8fc28eb3d56078f448461400baa984
d6ab36cb58c6c8c3527e788fc9239d8dcc97468b6999cf9ccd8a815c8b4a80af
d6ebde42457fe4b2a927ce53fc36f465f0000da931cfab9b79a36083e914ceca
d17317e1d5716b09cee904b8463a203dc6900d78ee2053276cc948e4f41c8295
e453e6efc5a002709057d8648dbe9998a49b9a12291dee390bb61c98a58b6e95
ee8df354503a56c62719656fae71b3502acf9f87951c55ffd955feec90a11484
ef09b8ff86c276e9b475a6ae6b54f08ed77e09e169f7fc0872eb1d427ee27d31
f4dd44bc19c19056794d29151a5b1bb76afd502388622e24c863a8494af147dd
fe95a382b4f879830e2666473d662a24b34fccf34b6b3505ee1b62b32adafa15

# https://unit42.paloaltonetworks.com/glupteba-malware-uefi-bootkit/

criogetikfenbut.org
dpav.cc
humydrole.com
kggcp.com
kumbuyartyty.net
lightseinsteniki.org
liuliuoumumy.org
onualituyrs.org
snukerukeutit.org
stualialuyastrelia.net
sumagulituyo.org
weareelight.com

01e86a4dfe6e0de7857b3cf2fafd041c8b3a3241e00844cb6bfbd3bfae2d36bc
3a1cffaaa68dc4b5f0f94a1ec14b008444074a3faefa4beba20c857a21539bc1
8a62d01c1f321c4adb8428771af3eae1c83fec8a0e0a047b0bc17a51d19c7c96
8e380777da39ad7a588f4d9b703adc18b4ba935c21b17f215a3da5792672f205
9c6af24c519d02203bfbdf568f7beb144996af9676b290a96a728ba9314b1c66
9c44bf6c3538c93c95342f5c365de46b6494a5a5764870048df7478a9d0f8723
9fdb7c1359f3f2f7279f1df4bde648c080231ed21a22906e908ef3f91f0d00ee
17e4590eceb4fec1e08c29b206d424172753d8472395f37d0647249ceff25817
18c6e5a916eea979ea52495309e4e643232832bea614688df4cec0e3123b09d0
46eb8b98738df13a3a8c923228ca82006c7d403c7a1aac2d6bc752023b432915
61ab0e1ddaae4704999c4781deea56e1df5b05489bf4c0b892c47b36a63de9f4
75bb73decf9fd21643b834a0b3e21e8e0d33910e51efbe56a2162f1180d04802
5851e0b4a79208b995ab5a7e1f5247c159aac31c7c166a4bef77be14af64c1e8
6263a6ceb172eed7bae158d8066f70cabc42b352129547e1b5ad0c1096319d30
9691b5846e230e0ea87b3f8a7a6dc31daae701ca0bb83e6c7df0f683bdea01e6
84575070117b8896bafbd6f5dc364db09bea8e742f4af84884d15cab5e811060
a000684c9fcd2d5a528161a3513f726b2307fa6b50788a568fec0930b452d59e
aa3257efb3182a98f73ad413b34f68067f42c3c51b68d15abea5db01173afad8
b84adf0716facf50418f5f228cf095e5157b6be3f04a98f26ce833057e804a4f
b6604ae49298c59e148b1e741ef8821ffd60c775bfb9c3234783452c54cd3069
bb809863b3145ceef7fc12ae5bca3940f18c4a24f5b4652e7b4cea6847762887
c4f45bdfecb3d8cb4dcfdc8f323cf5d15321d161ac92802aa1e77dfa94fd91ed
c353fb081ae8e121c4dcea3ad1bc4061315728a6f0d0ac63885a4f074be5fef3
c867c3bda7b6f6bd228a4d7656c069bd6cf4f67ba4b075cf4113f5b109e7d9ee
cb347e06d97fde4c7f8dd77be59b8f57d47f6e3f998d708d21a5963bc1620835
cfc7111da7b09e7a93b93ce690f2a4d922cc1009fea8368300f06c6fa4f85472
d0d58229650ff9bf3bbf8edb55c7058a2f243e900473e0ff8849c517c2f165bd
df75b62e373e0b91f26384b21aaa8e4dc86c13078cec7e32ad595d0c86d3fedb
e4a2b53965b9d203d13dd4b5962b9f07270bb87e5738f44cf1126ce36019427d
fdd2fbe16f96f6d2b027347fd35c2e105a483a55b43f094754c2b3374ffb051a

# https://unit42.paloaltonetworks.com/mispadu-infostealer-variant/

moscovatech.com
plinqok.com
trilivok.com
xalticainvest.com
   
24.199.98.128

03bdae4d40d3eb2db3c12d27b76ee170c4813f616fec5257cf25a068c46ba15f
1b7dc569508387401f1c5d40eb448dc20d6fb794e97ae3d1da43b571ed0486a0
8e1d354dccc3c689899dc4e75fdbdd0ab076ac457de7fb83645fb735a46ad4ea
30b4ab9707347c6bdd9035d1562cab31c78a27f5ad410871cadffeb208cd85e8
46d20fa82c936c5784f86106838697ab79a1f6dc243ae6721b42f0da467eaf52
bc25f7836c273763827e1680856ec6d53bd73bbc4a03e9f743eddfc53cf68789
e136717630164116c2b68de31a439231dc468ddcbee9f74cca511df1036a22ea
fb3995289bac897e881141e281c18c606a772a53356cc81caf38e5c6296641d4

# https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign/

ad-blocking24.net
allureoutlayterrific.com
artificius.com
datingkoe2.site
experttrafficmonitor.com
featuresscanner.com
hightrafficcounter.com
hoanoola.net
instantgreenapp.com
jpadsnow.com
myqenad24.com
professionalswebcheck.com
proftrafficcounter.com
tracker-tds.info
undisman.com

173.233.137.36
173.233.137.44
173.233.137.52
173.233.137.60
173.233.139.164
192.243.59.12
192.243.59.13
192.243.59.20
192.243.61.225
192.243.61.227

bd62d3808ef29c557da64b412c4422935a641c22e2bdcfe5128c96f2ff5b5e99

# https://unit42.paloaltonetworks.com/bianlian-ransomware-group-threat-assessment/

3.236.161.7
13.59.168.154
13.215.228.73
23.163.0.168
23.163.0.228
44.212.9.14
45.56.165.17
45.66.249.118
45.86.230.64
52.87.206.242
54.193.91.232
66.85.156.83
85.239.52.96
96.44.135.76
96.44.157.203
103.20.235.122
104.200.72.6
144.208.127.119
146.59.102.74
146.70.87.197
149.154.158.154
149.154.158.214
172.86.122.183
172.96.137.159
172.96.137.249
172.245.128.35
173.254.204.78
185.56.137.117
185.99.133.112
192.161.48.43
198.252.98.186
204.152.203.90
208.123.119.123
216.146.25.60

0e4246409cdad59e57c159c7cc4d75319edf7d197bc010174c76fe1257c3a68e
06f10c935fae531e070c55bde15ee3b48b6bb289af237e96eec82124c19d1049
1cba58f73221b5bb7930bfeab0106ae5415e70f49a595727022dcf6fda1126e9
1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
1fd42d07b4be99e0e503c0ed5af2274312be1b03e01b54a6d89c0eef04257d6e
2ed448721f4e92c7970972f029290ee6269689c840a922982ac2f39c9a6a838f
3a2f6e614ff030804aa18cb03fcc3bc357f6226786efb4a734cbe2a3a1984b6f
4c008ac5c07d1573a98eb87bffe64e9c9e946de63b40df3f686881cf0698eef7
4ca84be5b6ab91694a0f81350cefe8379efcad692872a383671ce4209295edc7
4e92b73a17e0646876fb9be09c4ee6f015f00273932d2422b69339e22b78b385
4f4a2adc7ecc41f12defe864c78ad6bbf708355affac4115dcd5065b38198109
7ba40902dc495d8da28d0c0788bcfb1449818342df89f005af8ce09f2ee01798
7dabe5d40c13c7c342b7182eaf7c63fbb5e326300316f6f6518b527d57e79ac8
8b65c9437445e9bcb8164d8557ecb9e3585c8bebf37099a3ec1437884efbdd24
16b0f643670d1f94663179815bfac493f5f30a61d15c18c8b305b1016eece7ef
16cbfd155fb44c6fd0f9375376f62a90ac09f8b7689c1afb5b9b4d3e76e28bdf
29a14cb63a1900fe185fad1c1b2f2efb85a058ac3c185948b758f3ce4107e11e
46d340eaf6b78207e24b6011422f1a5b4a566e493d72365c6a1cace11c36b28b
56e63edb832fdf08d19ecfe2de1c7c6c6581cedd431215ded0c8e44ac9aed925
60b1394f3afee27701e2008f46d766ef466caa7711c45ddfd443a71efc39a407
73d095abf2f31358c8b1fb0d5a0dc9807e88d44282c896b5033c1b270d44111f
90f50d723bf38a267f5196e22ba22584a1c84d719b501237f43d10117d972843
91ffe0ee445b82bd3360156feeecf8112d27c9333f9796caffcfda986fd7e9b4
93fb7f0c2cf10fb5885e03c737ee8508816c1102e9e3d358160b78e91fa1ebdb
96e02ea8b1c508f1ee3c1535547f9b89396f557011e61478644ae5876cdaaca5
99fc3e13f3b4d8debf1f2328f56f3810480ee2eed9271ebf413c0015c0a54c23
188e95d6ed0810c216ab0043ecc2f54f514e624ca31ed1eec58cfc18cc9ac75e
195c11ee41f5a80d8e1b1881245545d6529671b926eb67bd3186e3ffecefe362
228ef7e0a080de70652e3e0d1eab44f92f6280494c6ba98455111053701d3759
264af7e7aa17422eb4299df640c1aa199b4778509697b6b296efa5ae7e957b40
487f0d748a13570a46b20b6687eb7b7fc70a1a55e676fb5ff2599096a1ca888c
3106e313f6df73b84acd8d848b467ac42c469ffabbad19e4fdcc963639cfff8c
5162fd73cbe8f313d2b0e4180bab4cbe47185f73a3ffc3d1dcccc36bc2865142
9413ba4a33ea77326b837ba538f92348e1909d5263ca67a86aa327daa8fbba30
23295c518f194dee7815728de15bafe07bf53b52d987c7ad2b2050f833f770f7
40126ae71b857dd22db39611c25d3d5dd0e60316b72830e930fba9baf23973ce
53095e2ad802072e97dbb8a7ccea03a36d1536fce921c80a7a2f160c83366999
93953eef3fe8405d563560dc332135bfe5874ddeb373d714862f72ee62bef518
ac1d42360c45e0e908d07e784ceb15faf8987e4ba1744d56313de6524d2687f7
ac14946fd31ca586368c774f3a3eed1620bf0f0b4f54544f5d25e87facf18d82
af46356eb70f0fbb0799f8a8d5c0f7513d2f6ade4f16d4869f2690029b511d4f
afb7f11da27439a2e223e6b651f96eb16a7e35b34918e501886d25439015bf78
ba3c4bc99b67038b42b75a206d7ef04f6d8abaf87a76c373d4dec85e73859ce2
bd41ac2686beadc1cb008433960317b648caae37c93d8c0d61ad40fe27b5b67e
bd57af28c94c3b7f156511c48f4b62cd1b4c29a1a693f4dc831e0a928691cc56
c5fa6a7a3b48a2a4bbcbbbb1ca50c730f3545e3fbb03fa17fb814ad7a400a21f
c57ca631b069745027d0b4f4d717821ca9bd095e28de2eafe4723eeaf4b062cf
c775e6d87a3bcc5e94cd055fee859bdb6350af033114fe8588d2d4d4f6d2a3ae
c592194cea0acf3d3e181d2ba3108f0f86d74bcd8e49457981423f5f902d054b
d0c1662ce239e4d288048c0e3324ec52962f6ddda77da0cb7af9c1d9c2f1e2eb
d3fc56b98af9748f7b6dd44e389d343781ff47db9ed3d92ae8fadc837f25f6ed
d3574cc69a5974a32a041d1dc460861fe1cef3c1f063171c5fc890ca0e8403c4
df51b7b031ecc7c7fa899e17cce98b005576a20a199be670569d5e408d21048c
e7e097723d00f58eab785baf30365c1495e99aa6ead6fe1b86109558838d294e
eaf5e26c5e73f3db82cd07ea45e4d244ccb3ec3397ab5263a1a74add7bbcb6e2
f3f3c692f728b9c8fd2e1c090b60223ac6c6e88bf186c98ed9842408b78b9f3c
f84edc07b23423f2c2cad47c0600133cab3cf2bd6072ad45649d6faf3b70ec30
f6669de3baa1bca649afa55a14e30279026e59a033522877b70b74bfc000e276

# https://unit42.paloaltonetworks.com/parrot-tds-javascript-evolution-analysis/

0a10157a920b190fb2fba6b6df34e12fd4532e52bc71700b9cefa73f95e60fe6
0cf4f33985dff5e1e7d37d8d5485b3561ffa42d0a31acec10321cdc28c31abdf
0f20659f7cea84ef3b1def6c54555454b1820fd8adf9866b2ea3ed18e341babb
0f334075e5379be32d176048287ea8b787d524e34630509a74ec4cd90fc1b0dd
00a23761ffe9a3cefb79be72155354305116d0f60f41b01b0d2f37cbce61d9a5
00be4cae7ccf629d22c6c9c1842341309eac1eb9e7e83ed1ab28997f3c3d4e96
00bf309f513ee8c46435433bf8f1ec19527d16b4f976da1403f8fb753506571a
00bffe2fabe6a57a21d912f4111bd9451e388adcebb1d023fa2c3fe079aad24d
00c11daf1c18160eba63de3b2d712cc8c0abe457f993cc2f81f8c746fc970c12
00c28bfec1fe8ecd139c06791293298430353e449115ef712fdcaae57e35f46f
00dabc4c7753c6b608a8889f9d1367edca1bc2c3b6e92744e0b50abca33b8a87
00ddbc6dc6b571681fae2c4a2d72cd9a7129ee800f326e33279cb337fafc93ce
00df68a21172ddb20bde5bce4606b814022e4bba5fdc5cac457b7f1643f625ff
00ec04f09b4c045e2b95f0ac4723a58457522e3c39fb6157e8d4213c12be0540
00ee956dd06c3a14962c1ea8c447cc2d3e63a28c486dc0bd50e535674ae63c56
00fb7abeb8464e01fe3043b2544bd71a82a9466c5c3ac6b954e62e87314d585a
0006060d1efe85b23f68f1b6fc086ab2fd5f2d80ca2e363cd0c000fd5a175ce2
0009fe8aa339fb489abcfd711d5c7b2a70b7d57ae55aae3922669f72cbf5964f
000954817a815dd64b6f061fbc28a8c7919616bb1708abb58754d680772a935c
001ab3bfd48219fa355adf76006118bfc50e9ea3abaf3ff331159c21bf0c3028
00163ddc2d61a97f58b06ba35cd8b6062a81b6e2b15a9f3917358efedd40a3c5
00278f1d3b38242b0c461b98f4ad77ee7d10c85204291c02c6c23a472613c4da
003bef5d2f093a8dad8cae8635d9986d023f515b799373dec008ba75490a9308
003d2f4ade543f7b35999c51d06f6b3cdb0c25dc18816358f76b59698a77aa5d
00399f6e2d64aa631f5e9fe60e2da4c189535ff79e5e557b9244662866285872
004be99a81506cc2ed4e94a667bb6771140c84a51f61902a24a55b2fd265af29
004d8253f02277ac50955aa0ef6c1a460ce798d94201959079ecdf35dc2f4c63
004dc3e4f73cef86a5476aeaa41de85a8bebea06a2e7f7f654b33640078ffb0a
0044d4afd6e12e6ede2f5fe59943de23b8a986df1e8e4b2f3445dcc5c3ab8208
0048c341751674cca947df44aa1319e58036ca9192415ed63ab8b5a2413e031c
0050e225e781ee415fae74108108de3200eb3010e2c77e8d265882d3e9c7399c
0054bc9d7a5fc4d630c79d3641ac32f65ab3e61c9c82ad2edca6dcab5a050c65
0059da8643270d09d5b60ea2bbd0d459d6ce54cd54e27facbd8a9b748643fa4b
006a7ae01c1b1939ada3639e59ce8513aa489cd9f59f80a20205e4474ecf0082
006154fbc565b387c800206323d80b61fd4a16525fbfc682ae1d7c458aceab58
007a56bddc9c2171771bcbb654b85b8039c3342ac83fdb060bc2f24d1c5d8814
0073932eece5b9817b80d1fe1c219a72f0b8d3764039e3313672d938b14f2d8e
00789e764859a749d79a1927e070e2959473f0cf6e0ca2be5b0f666a4e8926c1
0087f64098d10cce64219f8456702611e462ab755c4e5cc2e4d719add810e98c
01a482c79849908879a39eeacf77078b531f29e5d86c9e9f578a97b2313c98fe
01af830f79aad912bd8a3438bc9e914e159a112df657a1610f50527304657139
01b8b7cf7a93077119aa5062554bb662be230b2e2655a8e53b44b482f4c73a3a
01be768e7bc9ef499ec5b37e4dffecfaab9346489d27b1d6de3b9a67db584e2d
01dc27a4be3f69ebba64a71afde7a4158436b2a423174c6a2196efe9342a870c
01dd3fed62220c53eb9208ab00d0fcce62cf76841e532a9474da5ed47563b978
01de1c2f03c920ac64e73dfdbca363c1f8888534981c6215365b2514b9192f93
01eb0535321d4d1ef0d5f5b3dbb91c341b75e8dbd129c40801c26abcf650331f
01ec9cf7d9cba1294a8dd4803766c37bf20c4cd57d5ae26d990083076d170ea1
01eed0382a2938c7733fc823ee43b2414116237e5793789dafa274e451d1dd75
010fde6958e0107c2d543b2d6afbe492efbfa5fd44cd0a75185c779f31e16df9
010622ece3ec9199668bfd2d1637149ede9c242e9672a7531cdaab86da849f77
01124a700f6984062f26e34dff117b87b7d269557817a7241fa1d00ad5d780a0
011478985c03b81ed04d6d4ce598baf3f7d48aa6e3a58f24de0e74bfe0cadd3b
012b2cfe603de4ade7370ae7ba585e36c818c4193341b488872a4dbdd07bcc2d
01235cf8181552124cbd76232607f1a60e8f82c48e0f013765ad6bda59b34e01
0124566011742f850ed029a1aaa11a08ca00bd7f9775df45b0a9bc8740e89c04
0126c6520a793efe328e9820dcbc9d42732f4cfb4b6fd25919d07e7b6c23c781
0128a7881e686a5e291fcbd93644d8e670f98802412a5338701222dc5f9a28ca
012830c380ec979ab925b9bed84e6052e2ff5259409fc0bbc49b544e8030b19c
013f3f2248ad31ebd52e1cf5c139d13bab6690734248bc2a6c83f06fbe43260c
01366391de90229ac2b8a7269a4a42df9bd1709f51aece7164ffa4531f518811
0137d093587fb1f42985ca271c8d2d1d601da410168491b66b154d4d003d332c
0141c2fe63d36c43558b67f0b884389366b13da3e9f68897b147a445f3328442
01425b3c993e51d80f4e3b5a8f949b25e4fb30e9e9377507ac8b4fd3b7a69ff9
0143d1989d04d70fc035e7eba21ef46b27f2673fd3a7e9df78a802179c33105d
01585ae455c2bbe6471d718bcf845eca55f80e24963d562d847f81eafc672ec1
0159a56803cebaf1544a44e3cee01df30505afb390b83371fa8cbb1d46353800
01660ed180b9d0e4e19d7da313cd8ca818211ce36948eb31742e3da85a51580f
01663c903d345f4aa71e7141e4bffcc25f244c898bf4eda96d9514322ca6e13c
017ff4946dd00acc0da7ddc48e23c9736f735e2dcf0a83cb5613b433fca1960c
018f392c9cbf6640dae7d457b33be7d81a08612c911add177c7c5bb39876efc7
018087b1bac5e86f4b6dce4d8c5fdc77c53b96280fe37342a74585e89b9b9665
02b467d42c7d26cdc480ead7c678c2930dc315882caf5531a3e3d503b118d5ad
02b2312ce68bc4ac2c59ee905b23f8f9d2dfb3fd0f38b5ef896f59e6d74834f8
02c5ebe4418bad22a508f0d430ca1ec6b3d419011f94041b70ad636c89e98980
02d7c155eef3da89d00ecf3718084c361675f3ccd84162cc00f2d4124b9a2346
02e141ad62fc2f8514cdd8221be61f68a9d13de939fa850c4185154538d7c9fb
02f5e9ff5293fd5855d35337e8bb3e3a03b47afa7e71a06de2f8cfd557f4f0d6
02f7b2f58da74dde5a1f09b2492c8f6fa56bb009900378feaf057e6577de8a2f
02fbcc9f2971840c5381b1e0f5052b1067c82ea353e7d2ec6810d001ce25dfff
02fcddc3c5383b505fa9babc3fce93118abedcb7203b8921933f815eb7c7a879
020e6aa377b6ef4ef45efe0906b3b5dfdfe7381099a8fa080a58a457eaef934e
0203c29fe1c34417e158624fe4f352513f076302b1179a854a5351613b75b9bf
021a5e6f490622bbc79d0d42b444ccc856b4e8cfcb77df3d01bad9c8f1177a3b
021a60787a1d4acdfa44fd27510e6aaa6305807c48e8209c892458e43d360323
021cd5b198f6bbf78aacb3f716a7f3355cdac98d835d493b6cb85ee4b9adc8a0
0214510764fee618b8fe18aeb72f643218dde5252d1d568f0fad735ea861f1a8
021519c6b0c63ccadd416fddbabc28001f1b6e8c09cac93a076a013cb98d3afb
022feae2851e7993780e08ea328e36521e91c695f3a5304e0dd1df678d7f6c3b
02216dfca8323263933ff53130796d3a445e44251f02c241d95c6bc0f81721cc
022668b33b118e73d391aaf790bd06bb3bb03dc13b58a28a70dde3dc485ecf5b
023dcc38a7a55f941818aa307203216c6eaf50f8fed529a4c636a89f70119717
0234918db61115aaa0c3be708084dae30feee8d97a41a011e3fbb06d745c496c
0237268899c037aaee7bde29e28a08f89230e92bbef33dbf0f17ad58ee53af55
025cf7e1e1f39c001c627cf42be1be14ef52a42f760e03db922246a7b114aec1
0250e4baf4fbd9aba84b25968a7debd4ce83360e0ebef03d5ccbb24f9e17ecf8
0252b75589fe832eb103d64ed7f5e1dcb6417babd6e290c34c79093ff312092f
0255da103745a213d50a2d86770d5381add6bd84bea41edd93ac746c019565ca
026cb95e6b415355767655b9f706e1c1f9bf20b242e65aa47b8e1279068f718f
0270d194a2d4499468b8461796e1cb3d1af301df6b12c2b7193a8baef8c13ce3
027079961030e5af9bb7382acb2c6b19221b41255f801be540c07b484cded4d7
0279bd4320fb5025a9d740bbdd0cf2aafb477d684af4ea1ca0e83bab424527fa
028d5b2992d88d52ea9e80625e25c324b665fb784bfa9daec3ebba16d01a8348
02868c886de5090362c6d503e6549e65fbe975f1fa03ddfb18fb0432f5f6bfb4
029c44784556ca319015548c3dbeb92b025ed72f918d1d8245b6a6a321a64b7c
029415b96774d15e7e2acd2ed45907f67617217345a6aea1fdf65fdb4353e52b
05bcb1f5aa6284333985186f3329f9226d80225fcd25436575aff7735cd4f6e1
0641128e6dba0c69644810e8af88af80ad734af52fe734c655ce26f5a3641097
07f56d3fca2f26e41e9b5a9e3cc6d3bdc6edce18fa12276bc19bab5c3fb19b26
09c4ea62962848f48cfc68d905675bc466574a8011acb79b721b688ec7bfec12
09e06b3fa2194b76a1e73483614ec3f3ab076c55134c3d45e7ac9ea452e51176
1ab04ee02b5359662c26c4c1f10f711d707ac23293193cbcba3cc84d0d070000
1c8bbb02dd1fd46e442caad6fba174b966ea5bd9d27d6315991b904792693d54
1ca06df44cce9aa64294a8e55c41e654ab6b766ab76faa39a34363cce4e83e08
1e01bf738bc665f149b0793af461a43f4330ecf99dd068e2b7abd038c46ef417
1e5ca993bc0afee9eb23436ea2e0bfbede934ce2be850d3122cc429fd73d01c1
1e6d8d031bbb4a4e15f8c15941dc27944e62727116338957306db9610351911a
2c9eafa9914032112c170e3dc12d40c03ee1e873bade8bfed36b6a7759ff1dd5
2c961d64aeefe73c43a96739c52047fd1f39af5af86e388689531cdd83b00045
2dd1db4ff9da32d73ac876e513f20c1da6d83031969f645e3e014e96134a8aac
2f9e5ea05aa8cd81c1c1f0914220557c5dc4a8bc42ee822bd327e3cfc3328f45
2ff953a5d7e760ad4d4a06d2ad68d43c42f388a9c6fb6e9d0c6341dd05c33374
3ce09915fa674481076bac26a985c39a0252cc7452e0ff2ea4c9d62d38b49958
3d1aaafea2a4757f1ccdd4759ec42ca566220fab7717efa2face1998ccc6a8c7
3d99d924a59ef070c2f2df7de660b10704171fa74d68442bf80a076d1d4ae9de
3f8e3f9fb2f2d2c6f5257d7ffd597be6758ca48867bef3aa83a244fcfcc9647b
4f0d9b754402ac02b36b470e93cb712724a2c505c798d3cb8d23662c1303e4f2
5b0ecde609dc384857508b71851062b6dc158d37d26ad3e6baf4407877ada9de
5b481fc971f724141c54e4fb6eb992056256098cd2284b717912a75714864179
5ca0afa8d1665d8ad314543c5924fc4c8679ffa5360a3ec4bb2e3a79a865b730
5f9fa969df10a03d38c26050655645c0b8cd00c4ae35b62d9e355815ef722b21
5f87cdf1ccd448d8f90b79d80153fbae143ec9dfa1c79a5ba9193609975d0d35
5fd89dab9bcdcd783ae96c0b42f5761d2d24a6192d730040a50ffb4b5c95850a
6fed7c758e0484b53fd3efaa622b609052dcf5ad34768181d3ff8e22cb6e6e2f
7ab4fce62ebf632bca176894152a88e38965708bffdae4357a8b6c6defa1724d
7accd14f469d79c4539c5887faf79407e6a06111612d2b63eb9f34c5afe7c74f
7e9feda6e593b6d7e3c15032edb0cd3e2d1ec585d8f5691e951ac70059ce4240
8f896f3f0b5f33413217e9350dba6d4958cc9bdf568902a08d739b43db6f993b
9bbafb672ee8f9c8eec8ee111962db7aa49e6e91f2fc3a23b0d5f32152f5101b
9be661e3218290ebd4de59037d1360f4bec7e2f521d09a063da994d838160fce
20f9cd4ef8616afb8a62eabf6ca1c252c54021dc03ba621bab2e00db8fb6bbc1
25af4cd7c60671f1af9bbf17441b8951b8751ee1299dd7fa97ba4afd6021642c
25e4bc712d895d8bfce72fab30eef25da18591979c672d1fbd976bac2e0cf1ca
31a15a342e6d65ecf2987d83458f1ff5587662ea794a42b7f54393bd8531025d
34fdb99c3e895a66c814aedf6e29c075ee5fac7aa1190903759ec08766bee28c
36b4a9947b26ee3e86f495fce1a767a773b911b37bad2008215a5488314cf48d
41c4914a2cda7a9c3deb0a85a17c9f964c95dc1e0dbdfd8727d7d7ebaed3c66f
44ba1192916ccc51c0bda43aa9a40d3ebb7f8480ce2554092ec2198e99e2f9ea
53ca5aaf4786aa235795c9b4a2648bed523f38d115a5791bd26b3e22e9e6f109
53e703d262af2c91d8be81ca0e32c7f9b3dbc8b6d571ad3a480bff020a8cae04
56a1123d2c25a9ee7c674aa10ea8be720a23cabe74b68dca017c93944cee15e4
61c76044609b8f522546991b2683239bba734ca290981e5ed25099f46312fd04
63f48e94e38c7b5e441c3aeb0c74141bd6d7fc7ab03a345d09d67c8e8b871ca9
73e5dc70d286c24265f71de61016404934991d0b41c4962420c1490469111b4e
81d99d01f6909a2ae027e3a0d792b7c517b312fcf2cc03228c2a5348ad796582
86b84a35d28207783bd79e34f6f2e687e6e38fd9fb78df90b1cc7e6f302e0084
87fb8a757f5de0f4cb4f8b4f568068e8c12f376562b1f5d1df118b4dc3076564
98a230f8bed756447d8f8dcfb1485e395068eae511ca7b3a10049848427682af
137bb7784088669d1432243831896cfe5b5fc02d7f207de26d16220b38335c90
174fb6597444ff6d7d59d2981f6aad54c99e763a6123d52319bb2d0ba84bfd29
175a0bb57ec0e0a5728b7f8455a968861dc50c42a1ce8eb437d8b98fd394ea47
411f94f34ce1b603867f64689d91dfe7ffd92dd69a2ad5ef518fe3564401f69b
474a0fa3ecddd9a7eef503c10a6e09f34384c7a301e6ba92474c8b809aff841a
539ecf094f122790b157415933bb0122417015fff914a848ff5b83d1c3ce69eb
638fd2159534b7b180ef2ca0633f6ee5d09af8cddbac758e1cde1ca6aec1ca8c
738f775e1031402f228c1246d10d9c13af1d461596319bea87f8b20d085349cd
778f4a8f061efea0efca1669c4eb0f26c7d1cc02e003fc01f43ddba328ebfc92
817af2e8193d3a226dad46bef33e55a56b3a56ff035cc0e68067e2eb61975dc5
865cc44cf024bc083f5bfd3d5d3c9c1334e1c629de1698fcda26feeb26f73dc3
2707ac252eb0abce8dcb9b1eb35b4d306e111e59e09f6acb03180425ee81fd4f
3032a2affd7d9a3dd9418b3fab3c88af2bc0f71e3baaad8e478ec85af569c912
5666d18866973f608cccf95c7dbf56d56bb3027121af701bd779f9ab794c53b1
6168dc254c4c6dd6a5461c56fd1fdb65821f04d9ac23e4d70b62d447ce77971d
6385e6004a9d11485d076f2b9b79b2ddf468b629aef0f66c22c7bffa3d7ebc3a
9707f57ca55e1f0cc975488ab10188f885589db427beef7df9adc3bd4e95bd62
21114a66a1934b806a8b1b76f924fdb9876047316ba8d26c2ac94c1b0e908cb5
25786bcc47e97d9e55588b4e2962aeb9760cd546629bb5fd08799ba8c9e8d027
31562bdf22a927837f6fdb333e72bc3cf8da067143cb3d99663ce7224d0f8901
54774aef9a494e29a072bc729f8482fba6dc530a045d40e4453d61beac8d8355
56514cfce2dd75f2dafeebf385bc827bd1b7392f65bac98ec9791526f724fd66
87549ec7913d919dff9678b38b040ea9b77c84f29aa3dea487dc7a80e4a0950d
87768a7c92ebc8419e08209e55eb1f713d5ed7be411ed3b52555f8a29fe4a3f9
92322cc99cc5bd84bd1f06de8412b7f907e03a66489d147a1d3a77b2d3b0aacb
244221e80cbc510ea4e62f49fc1a377dcc5365899c2f92f7807b91cdeb20476d
801626f005b40b0ef889f93c64f991e53318393fb0efdd30bb30185a12cb7480
2726854efc42c00d7064abf99ef451d05975e7461c42e7897ba1b0c6336f153e
6323837b455a41f34cfd526c2c2ffb6fb3a826c4f482ccdf66801ece0ca6f1e7
732457475da8c47cf211f5eb3a6529c9aa8976ce26d50f2e90422278c2160d5e
a0b928edf0cf8efba7d2b2edcc43419ec7568d70717ba44ffc6c24fb9ebb9464
a1dab97450e66028c0f1e62620354cd9d71b99d1517f7cceef59c4c0a5de44f6
a6b8f4094bf162b6007006b51aad4f1fe4930e1bf458d6d47ebe7047f8895039
a226f8878b2c440932c5d9e215384733226d3942efecbb05f84cb34555c99e9f
a296db98c85c21b8f4c60a651a56aa745385d769f76c4f35e7f8cef6ee16c841
af84372409235ad5f716b758b24e384f3506d771bad4460676de9ea3c375e9d7
b07c3cbacb4d238e209aabc19754852c536ba708ee4b19fd8fbc32580a7e119a
b14ba04ffc4b680225cc76912317570c09f06e8c6cec1a4b2092cbbff0668bd4
b727b3fe958407787c9929fef59b6735861be12ebcf8c72aa6ed7b9cfa6829c6
bc1d29c3ac08b1a4f30b3f4930dc5e07bdeb0ba55cfe7ad684021a63bf72db71
bc88f6e79d49242e16cb30b64d1b8948c7d9333785476b4e8d24f82403290454
be8bf730a23766f917c1f90e79bbd23c76b7a12572eeda4bc38ff46ce17f9c9a

# https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2023-46805-cve-2024-21887/

1.65.216.83
5.188.34.119
5.188.230.159
8.210.101.116
8.220.24.104
20.0.28.174
23.224.195.27
27.199.34.232
37.19.207.89
38.47.103.245
39.144.158.6
45.14.244.52
45.76.92.144
45.130.22.219
45.133.238.41
45.147.51.78
45.152.66.151
50.114.59.3
50.114.59.5
51.255.62.4
51.255.62.12
52.172.236.151
54.38.214.131
64.176.194.7
74.48.82.246
84.32.131.51
84.32.248.20
85.106.119.0
88.151.32.164
89.185.30.166
91.203.134.122
93.95.228.81
94.131.105.192
95.164.22.41
97.106.38.138
101.71.37.222
103.119.174.37
103.189.234.200
103.215.77.51
103.233.11.5
103.235.16.57
104.223.91.19
104.238.130.6
106.52.127.12
111.85.176.202
111.90.143.184
111.253.200.166
112.96.226.103
113.128.81.59
113.137.148.49
113.225.152.7
114.236.225.219
116.204.211.132
118.74.90.191
118.74.246.29
118.74.246.133
118.167.12.237
122.155.209.123
124.156.132.142
137.175.19.209
137.220.130.2
138.68.61.82
139.162.21.6
139.227.33.78
141.98.7.6
149.104.23.171
159.203.33.199
161.35.44.205
161.35.172.122
167.114.113.160
167.172.250.222
170.64.149.53
171.241.43.110
172.59.193.252
172.232.146.231
174.135.110.233
178.17.169.245
182.239.92.100
183.128.182.227
185.132.125.11
185.152.67.168
185.156.72.51
185.212.61.84
185.217.125.210
185.243.41.201
185.244.208.65
185.248.185.93
192.252.183.116
194.233.93.67
195.85.115.80
202.55.67.195
203.160.86.236
210.182.85.3
212.71.232.212
220.246.88.207
221.15.158.245
221.216.117.171
222.180.198.54
223.70.179.234
223.104.151.181

# https://unit42.paloaltonetworks.com/malicious-apks-steal-pii-from-chinese-users/

log.tbs.qq.com
    
13.250.172.152
18.143.192.34
18.166.72.58
52.221.181.208

2cf117abf5ced6d37e98068d1961b85f400ecede4c11ebd69cc5cc9629aaaacd
6e43d2d4f14b26a75b9094eb1bd509b0f63e069a3c97867bfb0ac6c2a154dcd6
b0ad0de29f9c64e696212121e5e716b99668906d6531804fd6e5a55d95c9bd1f
bf4a214782d6a3ce14fb37af919b4803d3013cc5774b2782290e33985bebd01b
d342c40f126a150cd93da083c237cda7d9fc739a2050a819573b5fb4a3a67026

# https://unit42.paloaltonetworks.com/medusa-ransomware-escalation-new-leak-site/

4d4df87cf8d8551d836f67fbde4337863bac3ff6b5cb324675054ea023b12ab6
7d68da8aa78929bb467682ddb080e750ed07cd21b1ee7a9f38cf2810eeb9cb95
657c0cce98d6e73e53b4001eeea51ed91fdcf3d47a18712b6ba9c66d59677980
736de79e0a2d08156bae608b2a3e63336829d59d38d61907642149a566ebd270
9144a60ac86d4c91f7553768d9bef848acd3bd9fe3e599b7ea2024a8a3115669

# https://unit42.paloaltonetworks.com/malware-configuration-extraction-techniques-guloader-redline-stealer/

32ea41ff050f09d0b92967588a131e0a170cb46baf7ee58d03277d09336f89d9
a4cf69f849e9ea0ab4eba1cdc1ef2a973591bc7bb55901fdbceb412fb1147ef9