-
Notifications
You must be signed in to change notification settings - Fork 1
/
ML000084DM.feed
248 lines (248 loc) · 12.5 KB
/
ML000084DM.feed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
{
"feedinfo": {
"provider_url": "https://www.us-cert.gov/tlp",
"display_name": "ML000084DM",
"name": "ML000084DM",
"tech_data": "TLP:Green",
"summary": "IP ADDRESSES AND DOMAINS USED BY LIKELY IRAN-BASED CYBER ACTORS TO ATTACK VICTIMS WORLDWIDE",
"icon": "iVBORw0KGgoAAAANSUhEUgAAAF0AAAAeCAYAAABOvRIBAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QA/wD/AP+gvaeTAAAAB3RJTUUH4gQMCTUJ/DJIzAAADthJREFUaN7tmHlwXeV5xn/vd87dJVkbliUb25KXYCNhszlhC6FQSgAPY3dgmHaAtCGdEKDgQFlCsWOTBjqlKW5gkimlwxKGzbFJ2YaAISn7biMJCyzvsmVrl+5+trd/nHtl2Xgammlqt8Mj3ZHOt9zzvc+7f8Kh8Mf/AnsLNJzVEKmpMFVRm1pLtApVUSTtYw8F0crRYvVsx7gZPlvWxpf44rAnPiS//QsKoxEwg9FTzprRHIvKmSp6OuicoudNUt/H99y0CZytTi79hsn2/WbX7lw3UGDe38KmHx1uef5PQAAaHlISHU+yI2PJtJRTe9N5bYsXHF17Zc9w9oS04yWiUZvaRATX83n8/c1kc3m8fKF4xuypna3N0x5c/VLnU7/91zf3ycnTVa+7Ck6Vwy3XEQ0LoHnBCWQ1JVUmPeXWCxZce8lJs26rSsW/osaKxONR9uRcLl04k1gsyuahHDtGciyccZT9V2e2Nc6fWnfGiTPrJ402VHZ2rt82NsPfR935yxhe/8Dhlu2IhXXcHc8x2NOFg6m5dNHM7112ypzvN1Wnql/Y3Ec8YrOvGNA16jCYd/m3jT1k3QBjhGlVSapjEWpTsWjL5EkL6+JW9PWR4Q+2/8Ol2WlnbqDv1ccOt2xHLIx4Bfqtpshps+rOuXTRrO/OqKusSBc9/mT2ZE6eVkNzTYpBT/jV9lHG1KLfB4nGqK1IUpmMUV+VJJ0rRL189vJLFjRdxBUPxor5PG13PHu4ZTtiYSoyW6hPBFPaplZfMb+pdoqIIEDGU17elebVvXnsWBw7HicWixGLxchh2DSUxbYtnt+wlTc27SQWtSct+ercK5acMGXGpz++GDQ43LIdsTB7KhaZuoScOHVS4pSYbeH6AXtyDv+8oZcnto7ySdqjKBa2HcGyI9iWjVgWiXiUnOORcTw+3NbLh1t2U5uKHr/4uOlnSMstlgn8wy3bEQs7STpuS7DI16DmiQ3b6ct79DiwPafEEnEsI4gxKAoCIoIlhpG8y5RJKU6bNYX0gmYiliGfLyab61Kn1l204CmbYKx11Qt0LP/m4ZbxiINtqZsi8Gb3jmTExBPsHM5DLI5B0CAg8H1EQYMgfA4C0ICzWybTXFcBQGUiBpTqT89tOaY+WTHiBHGjhWNbV6x9F8h2rFwKQNuKdQAp4EygC9VB4ASETSh7ARQBYSaq04H3gVzHqqW0hnvjAicB+0A3o1hAC3A0gg2oAmGQxCjaq4F8LKJ0rFpK6/K1AEbga8CAwmciQvvKJRPPJ6raIEILkEJL0okK0KcqGxG0o7Tnvwsj6scl8Kvf6t6DrSGhhaJDUgLUdfEdB98p4jtFPNfF9VzwfZprkhgJ63EFgkCJRSPMbKqf1FQVjwpcCPxKkFsESZSEKa2mAeVeVM9G+ArIY6icXnIlJKR9qYg8KDC1XPWH43oUyv0oV+B6AFeCvIzI08BTIGtEZQ3KGmCtwPWIipTOKuHPiSCPA/8kSE14pHHCo6j+hSAvovJ8+D2yBmENsA64GVGb8qbfx9JBFN8PRjM5XmjfxjFHT6GlLkVfMaB7zCHvuliWhQYBnufhOUX8QoHhbP7Abyox43i+3z+WC0BSKJUINwKKcmfbinX58dVCRBUjYIAEpZ5h3KoUOxwXowe8RAWIK9gSiTQC16tqvyC3A/n9Jym5jMgONFCQMqlJVZYJ1IN8A+FS4Gf7jYKlID8BPgFuA+k/UErZDepPfM1EdDx7dSiDSA2QBrzWC+89kHS1IoXA9wfEUXr6hzl2aj1XLWrBDZTnuvt5pruPvmw+DDG+R+A4uIU8T733GZVGKeYLDAyPseS0NlLxGFt6+gY2bO/LHT21QYAB4C3guhKfdwnk9osgExVm/ECxBMsY2w/UNyVlHSSelH8pKatSRF7RwHsEsbRj1aFdvnXFuvKexSKcB/wd8PXS2dYDnxGGvSsRdqFcDnS7KF2rln5hKy7ZjBF0Ich7QOZzli6pmowO92zyi4UAY0xzdZKobREFLpnfyMyqGPe+1U3vWBbf8whcF69QZPNgjuXbdpIfS1NlKafOm8GMhjoG0oWukY096aObGgTII6wEvgXcIGCp6h0iaGiwWibeQvlrS+QiBBOoryjzSjIkEK5oW7GuERgC3imNi6r2iMjLKBeL2A1AoW3FOglnCYAtqD6qyOYS4U3ADcAHoD9FeReRJ4CrxcgyDYJ6kNnAL8XQrQpdK7844QASumUU4Xhg46HWmEjzwqLasXd8x9nr5nJs7tlHMYyVAJw0tYYfnTOfaxa10BQVipkMXi5LkMuRHU1TzGYZGRqhb3CUbMEd6c26b+q7dxQRQBBVRhW9DeFh4HrgByApBBUJ2StZh5aI8gG/HMARLKARmA5MpXxJp4ggDnArwl0I6fH9gl9a95cg9whaVVkjqHIlMAtYDVKFSA/wGspl6uuZpXcr4Ae/Z5tRkqUKaFFVS/Xzsd/2XntYTfXUj9300HrJ5y77zUef8sKsJhYvmodlDEaE6TUVJC3Ds+904qTT4Dr4hQJePo+TzTCtbhLTG+r4sHv3aw+/ufntJz/qATX78yIyBtwKiIgsQ2kBYlAydMVXWA36hEWUAAdEbgKuVyUD3NWxakk5Jk+nXJwogPa2r1z6k4lCta5YWyo0uB64GWhMDwWzBPkO8GSJ3GeABEoSqAJuROU7hGHmLAkVvLvt9l/SfseffnFLDz23GigIag61xtbaaUSmtAz6o30PesN7Tx4dHDxm9dpXaWmo4bjmJgACVV5t38JHXdvwHZfAdfCLRfxCHj+TpamlkaF0btfTH2x9oHOX09s6JzXR1UqnYQS4pfT0bcBS0HIsKNcWgbgTzP/gbKUHmJMIlqosbF2+Lkn5ewRUUYWICKej5EEshO+j6oLch+oYsKyUmD2QbxJWOReicj9wP/BzlAcQM9i6fB3lrIwwoMKmjvfO0s6rbgfg2At/ejCv1cA+hPghSceO4u7c5EcaZ70dFLL/6I8OrOzd3dvU0b2L45qbcFyP+59/gzWvbaQwkkZ9n8B1CIoOQbGA5nL09w8PPrx+wz2PfjL2ak1usweLkJDNIEyF0L5yCW0r1o2ULN4CrhAR50A2x82lPBaITqR+PPEGgK9QhXCfKPNBgvHp0AsMYai5W6FVlAsQ7lTL6hDPo33V0p0AbcvXAXwKnA5yHcLFqtwqcBPCI4Av43U6FvDMUDF2edf3fhD11Jyg8Fb7s9f4baUKRVURpBqhFyR2SNI33nY+bT96Hn/+N3IRt/iU+gHFwX03vv5B59w/On6uPPri2/zipbfJ5osIino+6rmoUyQoOiiy/ZPBwur3P808PLj6z8am3PUukt9DgLwksFthX/ll7YVTaI29ORxg3WwIXlGV1wWKwLXAewB9TpLGaAZPzYsCPcDeclgMVEAYRPVvQLZ7KjlbgjtLlqUHqc5H2eaq+TAiwfEKVxFYL6EBHROqEVcNMeP3e2quRXUBkO/smfvzedM2v2RU2whDT9k0DLBj94/P9zqfu6YNOF9UO4FhgPZnr0bAQjUBMkgphB6McRta8Pfr8ZvmEtn7WTK/pfNrVe7Yt849fs7ZL7+1oWFwZMwqd6Tq+6jvg2rGiifeSNUf9VDz5Mhrx+Y2pFMxXyO2wbaN1Fq5YIo9FvTajVZgRYlYglX6VNquzokPBj1BnfHFlvnJAX+HV2fSGjeWERURpsRyenQiE3Tl6y1HLYyEoSNqBcyrHPQH3aT0Oykzp3LQT0WdsAyaWIIKFN0Y27KTrJpoPpicyOjWdL2V86OfdyxgciITTE5mdPtYncl5EWlMZIKaREY5sGbVsWLS7MpMioGcTZgbNqtqNxAJY5BUCHoqSA/gahC0I5KgHP8Q/4CYecLPPsbkdmMdNcsa7dpQZw/1LrBzo1+1fOeY0dGxusAPBNW80SCTstlVH3G2TDZjI3UJx6+uEBJxIWoLdkg8tiXYlsG2w79l0i2zXwHGhM/GCMaAMWCJQQwYKY2JqhhBEBFTyk4SNpki7K/bx7vO8r+CiCKh0493pRPILjtReTWhM+nE+fG2W2R8fRRklyp7RViC0g+aRkQUIqGHapqwAWtQVU/AL82PHLKtOn2LckML3PpyWqJbtsZkqDcR5DNxUZBIxLEsu5AY6inWfLBWa5LKpNokhya9RHxJAdbEjzmYdLAMPDRwYjRmeb4tmOpY1u/LV9l73YqYQbU+ni0MFJNRMDI1ni56aoiZQJoqhv1sISmKkZTl6jlH9fiP75lt2/G8DmRq7MFiPNqUSBeqom4wM5HVzrEaa7AYj2T9iF1pO+682r7icK7CXNW8yYuYgMd6ZltbC0mzL1eRaKvuzw65Ufnz5i7v7o5FSUvUrJz/QaYqqn7a0RTwXUEeE9hbVpCivsBsYAEqHsJzZfc6IEUdbhy7/GkAMaLLgBFgD0oVYCvMEcggjCokgZgoHmGi3KWqaRFpBHYDu1DdocjFEq6fhTIFeFyEr2vYXDWiGBFOBPpV6UbI2+K/ggo+ZhFwOmAUnkc5T4SXFc4iLClfnJlIB3e1visK1aiOAkHb4vuA0lVAWNqeq8hOgV9PvAqwfzcd/zsouXQKaADOALoQWlDdIcIekAHgbFF9TZEEQiuQQnVIEFPa+xnwa5BhQReB2AJRoIiwELhAoBZII3QC24GZgs5T5TlfrTmEXfRcoAKoE1iMcBZQK7AT9KNoTILtuQpaL7xXKSXRg6UBHKBaoOvg2SOIdNCw4lorUAPUIjwXdneSJrT+nYjMFdXOsPJRAWYhuhOVGKKTCUndCjwCBEAzoimQYeAO0AaU6lLZ+R7IRkQKwBhKH2GZ2wWaAyqBfoS3UYmBTkeY6hZ1738pTBj4XYRaDnX3crjJLqM9vKjKEro/AMf+8GnGb8MIuNBewm+99f9RDopv/vAcgNfbVjx/QKBsX3U+QPl28MPyeOvyf9+vZC1fdSjtpRLyuBVPl6ff10Liffz9DWX73ed+cWHCs7iESsseevpL/I+i49lrIMw9twP3APuOyJj+/w6KD3SXwtQB+JL0Pwi0fFWxCaRw8OyXpP9BIFDqVgHv4Nn/BInez8SN/mbtAAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDE4LTA0LTEyVDA5OjUzOjA5LTA0OjAw+wK2PQAAACV0RVh0ZGF0ZTptb2RpZnkAMjAxOC0wNC0xMlQwOTo1MzowOS0wNDowMIpfDoEAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAAAAElFTkSuQmCC"
},
"reports": [
{
"title": "ML000084DM",
"timestamp": 1501787912,
"iocs": {
"ipv4": [
"104.200.128.126",
"104.200.128.161",
"104.200.128.173",
"104.200.128.183",
"104.200.128.184",
"104.200.128.185",
"104.200.128.187",
"104.200.128.195",
"104.200.128.196",
"104.200.128.198",
"104.200.128.205",
"104.200.128.206",
"104.200.128.208",
"104.200.128.209",
"104.200.128.48",
"104.200.128.58",
"104.200.128.64",
"104.200.128.71",
"107.181.160.138",
"107.181.160.178",
"107.181.160.179",
"107.181.160.194",
"107.181.160.195",
"107.181.161.141",
"107.181.174.21",
"107.181.174.232",
"107.181.174.241",
"141.105.70.235",
"141.105.70.236",
"141.105.70.237",
"141.105.70.238",
"141.105.70.239",
"141.105.70.240",
"141.105.70.241",
"141.105.70.242",
"141.105.70.243",
"141.105.70.244",
"141.105.70.245",
"141.105.70.246",
"141.105.70.247",
"141.105.70.248",
"141.105.70.249",
"141.105.70.250",
"144.168.45.126",
"146.0.73.107",
"146.0.73.108",
"146.0.73.109",
"146.0.73.110",
"146.0.73.111",
"146.0.73.112",
"146.0.73.113",
"146.0.73.114",
"173.244.173.10",
"173.244.173.11",
"173.244.173.12",
"173.244.173.13",
"173.244.173.14",
"206.221.181.253",
"209.51.199.112",
"209.51.199.113",
"209.51.199.114",
"209.51.199.115",
"209.51.199.116",
"209.51.199.117",
"209.51.199.118",
"31.192.105.15",
"31.192.105.16",
"31.192.105.17",
"38.130.75.20",
"66.55.152.164",
"68.232.180.122",
"91.218.247.157",
"91.218.247.158",
"91.218.247.160",
"91.218.247.161",
"91.218.247.162",
"91.218.247.165",
"91.218.247.166",
"91.218.247.167",
"91.218.247.168",
"91.218.247.169",
"91.218.247.170",
"91.218.247.173",
"91.218.247.180",
"91.218.247.181",
"91.218.247.182",
"91.218.247.183"
],
"dns": [
"cloud-analyzer.com",
"1e100.tech",
"1m100.tech",
"ads-youtube.net",
"ads-youtube.online",
"ads-youtube.tech",
"akamai.press",
"akamaitechnology.com",
"akamaitechnology.tech",
"alkamaihd.com",
"alkamaihd.net",
"azurewebsites.tech",
"banat48.org",
"big-windowss.com",
"britishnews.press",
"broadcast-microsoft.tech",
"cachevideo.com",
"cachevideo.online",
"cachevideo.xyz",
"chromeupdates.online",
"chromium.online",
"cissco.net",
"clalit.press",
"cloudflare.news",
"cloudflare.site",
"cloudflare-analyse.com",
"cloudflare-analyse.xyz",
"cloudflare-statics.com",
"cloudmicrosoft.net",
"cortana-search.com",
"digicert.online",
"digicert.space",
"digicert.xyz",
"dnsserv.host",
"elasticbeanstalk.tech",
"fbcdn.bid",
"fbexternal-a.press",
"fbexternal-a.pw",
"fb-nameserver.com",
"fbstatic-a.space",
"fbstatic-a.xyz",
"fbstatic-akamaihd.com",
"fb-statics.com",
"fb-statics.info",
"fdgdsg.xyz",
"f-tqn.com",
"githubapp.online",
"githubapp.tech",
"githubusecontent.tech",
"gmailtagmanager.com",
"google-api-analyse.com",
"google-api-update.com",
"hamedia.xyz",
"hotseller.info",
"intel-api.com",
"intelchip.org",
"ipresolver.org",
"javaupdator.com",
"jguery.net",
"jguery.online",
"js.jguery.online",
"kernel4windows.in",
"labs-cloudfront.com",
"mcafee-analyzer.com",
"mcafeemonitoring.com",
"mcafee-monitoring.com",
"microsoft-ds.com",
"microsoft-security.host",
"microsoftserver.org",
"microsoft-tool.com",
"micro-windows.in",
"mpmicrosoft.com",
"mssqlupdate.com",
"mswordupdate15.com",
"mswordupdate16.com",
"mswordupdate17.com",
"myservers.site",
"mywindows24.in",
"nameserver.win",
"nasr.xyz",
"newsfeeds-microsoft.press",
"nsserver.host",
"officeapps-live.com",
"officeapps-live.net",
"officeapps-live.org",
"onlinewebcam.press",
"outlook360.net",
"outlook360.org",
"owa-microsoft.online",
"patch7-windows.com",
"patch8-windows.com",
"patchthiswindows.com",
"qoldenlines.net",
"sdlc-esd-oracle.online",
"sharepoint-microsoft.co",
"sphotos-b.bid",
"sphotos-b.pw",
"ssl-gstatic.net",
"ssl-gstatic.online",
"static.news",
"symcd.site",
"symcd.xyz",
"tehila.co",
"tehila.global",
"tehila.info",
"tehila.press",
"trendmicro.tech",
"twiter-statics.com",
"twiter-statics.info",
"un-webmail.com",
"updatedrivers.org",
"walla.press",
"win-api.com",
"windefender.org",
"windowkernel.com",
"windowkernel14.com",
"windows-10patch.in",
"windows24-kernel.in",
"windows-api.com",
"windows-drive20.com",
"windows-india.in",
"windowskernel.com",
"windowskernel.in",
"windows-kernel.in",
"windowskernel.net",
"windowskernel14.com",
"windowslayer.in",
"windowssup.in",
"windowsupup.com",
"winfeedback.net",
"win-update.com",
"winupdate64.com",
"winupdate64.net",
"winupdate64.org",
"winupdate64.us",
"win-updates.com"
]
},
"score": 100,
"link": "https://intranet.ssnet.usss.dhs.gov",
"id": "218097a4a45a1f60ee10a695fd9cc7c4"
}
]
}