mellow-hype/NotPetya_indicators.txt

## NotPetya_indicators.txt
**IPs**
84.200.16.242
111.90.139.247
185.165.29.78
95.141.115.108

**filenames**
myguy.xls
myguy.exe
carved_0.xls
perfc.dat
Order-20062017.doc
BCA9D6.exe
%WINDIR%\perfc.dat

http://french-cooking.com/myguy.exe
http://185.165.29.78/~alex/svchost.exe

**email**
wowsmith123456@posteo.net

**hashes**
a809a63bc5e31670ff117d838522dec433f74bee
bec678164cedea578a7aff4589018fa41551c27f
d5bf3f100e7dbcc434d7c58ebf64052329a60fc2
aba7aa41057c8a6b184ba5776c20f7e8fc97c657
0ff07caedad54c9b65e5873ac2d81b3126754aac
51eafbb626103765d3aedfd098b94d0e77de1196
078de2dc59ce59f503c63bd61f1ef8353dc7cf5f
7ca37b86f4acc702f108449c391dd2485b5ca18c
2bc182f04b935c7e358ed9c9e6df09ae6af47168
1b83c00143a1bb2bf16b46c01f36d53fb66f82b5
82920a2ad0138a2a8efc744ae5849c6dde6b435d
101CC1CB56C407D5B9149F2C3B8523350D23BA84
736752744122A0B5EE4B95DDAD634DD225DC0F73
9288FB8E96D419586FC8C595DD95353D48E8A060
	IPs
	84.200.16.242
	111.90.139.247
	185.165.29.78
	95.141.115.108

	filenames
	myguy.xls
	myguy.exe
	carved_0.xls
	perfc.dat
	Order-20062017.doc
	BCA9D6.exe
	%WINDIR%\perfc.dat

	http://french-cooking.com/myguy.exe
	http://185.165.29.78/~alex/svchost.exe

	email
	wowsmith123456@posteo.net

	hashes
	a809a63bc5e31670ff117d838522dec433f74bee
	bec678164cedea578a7aff4589018fa41551c27f
	d5bf3f100e7dbcc434d7c58ebf64052329a60fc2
	aba7aa41057c8a6b184ba5776c20f7e8fc97c657
	0ff07caedad54c9b65e5873ac2d81b3126754aac
	51eafbb626103765d3aedfd098b94d0e77de1196
	078de2dc59ce59f503c63bd61f1ef8353dc7cf5f
	7ca37b86f4acc702f108449c391dd2485b5ca18c
	2bc182f04b935c7e358ed9c9e6df09ae6af47168
	1b83c00143a1bb2bf16b46c01f36d53fb66f82b5
	82920a2ad0138a2a8efc744ae5849c6dde6b435d
	101CC1CB56C407D5B9149F2C3B8523350D23BA84
	736752744122A0B5EE4B95DDAD634DD225DC0F73
	9288FB8E96D419586FC8C595DD95353D48E8A060