Skip to content

Instantly share code, notes, and snippets.

View rdp-attackers-7-days-20200601.txt
This file has been truncated, but you can view the full file.
# report generated Mon Jun 1 07:30:02 MDT 2020
# timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-25T13:30Z 172.107.162.74 ADMINISTRATOR
2020-05-25T13:30Z 185.202.1.131 CLAIR
2020-05-25T13:30Z 185.202.1.132 RIGOBERTO
2020-05-25T13:30Z 185.202.1.136 CHANG
2020-05-25T13:30Z 185.202.1.136 ZACHARIAH
2020-05-25T13:30Z 185.202.1.152 MSHCW
2020-05-25T13:30Z 185.202.1.152 MYSQL_ZKEYS
View rdp-attackers-7-days-20200525.txt
This file has been truncated, but you can view the full file.
2020-05-18T13:30 141.98.83.40 AA123456
2020-05-18T13:30 185.153.197.2 ADMINISTRATOR
2020-05-18T13:30 185.153.199.131 FOLDER
2020-05-18T13:30 185.153.199.131 FRONT
2020-05-18T13:30 185.202.1.119 EDITOR
2020-05-18T13:30 185.202.1.129 TERRANCE
2020-05-18T13:30 185.202.1.131 JAY
2020-05-18T13:30 185.202.1.131 JIM
2020-05-18T13:30 185.202.1.133 DERRICK
View rdpers-ms-only-18may2020.txt
2020-05-12T04:42:04.875Z 104.208.242.187 admin
2020-05-12T08:12:43.373Z 104.208.242.187 admin
2020-05-12T14:13:51.253Z 104.208.242.187 admin
2020-05-12T10:55:25.028Z 104.208.242.187 admin
2020-05-12T18:14:05.394Z 104.208.242.187 admin
2020-05-12T02:38:30.820Z 104.208.242.187 admin
2020-05-12T05:13:36.554Z 104.208.242.187 admin
2020-05-12T02:08:12.755Z 104.208.242.187 admin
2020-05-11T13:43:53.269Z 104.208.242.187 admin
2020-05-11T16:16:18.505Z 104.208.242.187 admin
View rdp-attackers-7-days-20200518.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 18 07:30:01 MDT 2020
#timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-11T13:30Z 137.117.13.132 admin
2020-05-11T13:30Z 168.63.203.102 admin
2020-05-11T13:30Z 176.113.115.46 IADMIN_18
2020-05-11T13:30Z 180.180.245.245 ADMINISTRATOR
2020-05-11T13:30Z 185.202.1.119 MASTER
2020-05-11T13:30Z 185.202.1.119 TURNOS
2020-05-11T13:30Z 185.202.1.132 ADMINISTRATOR
View rdp-attackers-7-days-20200511.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 11 07:30:01 MDT 2020
timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-11T00:30:45.744Z 213.202.233.217 orders
2020-05-11T00:30:23.041Z 213.202.233.217 michelle
2020-05-06T20:42:47.156Z 91.241.19.25 THIS
2020-05-11T00:30:34.351Z 213.202.233.217 operator
2020-05-11T00:30:33.598Z 185.202.0.7 MATCH
2020-05-06T12:42:30.939Z 45.141.87.10 ADMINISTRATOR
2020-05-11T00:27:47.904Z 185.202.1.150 STA
View rdp-attackers-7-days-20200504.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 4 07:30:01 MDT 2020
#timestamp IpAddress TargetUserName
2020-04-27T13:30Z 190.0.1.90 ADMINISTRATOR
2020-04-27T13:30Z 190.0.1.90 USER
2020-04-27T13:30Z 194.61.24.121 RECEPTION
2020-04-27T13:30Z 194.61.24.121 STEPHANIE
2020-04-27T13:30Z 212.92.105.227 IDAMEMBERSERVICES
2020-04-27T13:30Z 212.92.105.227 NEIGHBORS
2020-04-27T13:30Z 212.92.105.227 SEGURIDAD
View rdp-attackers-7-days-20200427.txt
This file has been truncated, but you can view the full file.
#report generated Mon Apr 27 07:30:01 MDT 2020
timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-04-21T08:15:06.474Z 45.141.84.89 administrador
2020-04-21T08:15:36.462Z 185.209.0.107 ADRAIN
2020-04-20T14:57:08.655Z 185.209.0.15 ADMINISTRATOR
2020-04-20T15:49:52.408Z 185.202.1.81 administrator
2020-04-21T08:15:12.438Z 185.202.1.128 TRACI
2020-04-20T15:49:54.587Z 185.202.1.128 LACEY
2020-04-20T14:57:17.255Z 185.209.0.85 ADMINISTRATOR
View rdp-attackers-7-days-20200420.txt
This file has been truncated, but you can view the full file.
#report generated Mon Apr 20 07:30:01 MDT 2020
2020-04-13T13Z 103.25.196.51 ADMINISTRATOR
2020-04-13T13Z 106.54.233.169 ADMINISTRATOR
2020-04-13T13Z 109.228.50.55 ADMINISTRATOR
2020-04-13T13Z 118.218.82.86 ADMINISTRATOR
2020-04-13T13Z 119.75.44.106 LFOWLER
2020-04-13T13Z 119.75.44.106 MCUDIAMAT
2020-04-13T13Z 12.49.43.181 ADMINISTRATOR
@techhelplist
techhelplist / googleapis-phishes-17apr2020.txt
Created Apr 17, 2020
googleapis-phishes-17apr2020.txt
View googleapis-phishes-17apr2020.txt
93 phishes, 1 adwind malware
https://firebasestorage.googleapis.com/v0/b/website-36d25.appspot.com/o/PO_RFQ_1407000525xlsx.jar?alt=media&token=bd527770-a983-4990-b45a-d690eef9f3ab
https://firebasestorage.googleapis.com/v0/b/aabb-d6079.appspot.com/o/dio.htm?alt=media&token=23968cac-8f9b-4150-a883-c8cbe30228b6
https://firebasestorage.googleapis.com/v0/b/aller-92d5b.appspot.com/o/ays.htm?alt=media&token=71382c31-ec6a-4f39-a99a-44cae586639b
https://firebasestorage.googleapis.com/v0/b/app-mic038930020sever.appspot.com/o/index.html?alt=media&token=0c73e36b-9e2c-4aac-95c9-d2c1b444c57a
https://firebasestorage.googleapis.com/v0/b/app00008589.appspot.com/o/index.html?alt=media&token=d330103f-d6bb-415b-a86b-cee8eed4802f
https://firebasestorage.googleapis.com/v0/b/app101-75709.appspot.com/o/en.htm?alt=media&token=d8e9c0ed-cc85-46e0-94e4-8b2e4fc5c14d
View iot-malware-2020-04-16-a.txt
http://37.49.226.127/Cipher.sh
http://37.49.226.127/mips
http://37.49.226.127/mipsel
http://37.49.226.127/sh4
http://37.49.226.127/x86
http://37.49.226.127/arm7
http://37.49.226.127/arm6
http://37.49.226.127/i686
http://37.49.226.127/i586
http://37.49.226.127/m68k