techhelplist
techhelplist
/ trickbot-inject-configs-2018mar23.txt
Created
March 23, 2018 18:38
trickbot inject configs 2018mar23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018mar23 | |
| from loader : | |
| https://www.virustotal.com/#/file/a1287bbd4299b1ddeedb86d6756f49b780a0d1a96c7dfee30919a9cfa28c2821/community | |
| <dpost> | |
| <handler>http://213.183.59.253:8082</handler> | |
| <handler>http://195.133.144.109:8082</handler> | |
| </dpost> | |
techhelplist
/ trickbot-inject-configs-2018apr19.txt
Created
April 19, 2018 14:31
trickbot inject configs 2018-04-19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018-04-19 | |
| from loader <ver>1000180</ver> <gtag>ser0419</gtag> | |
| https://www.virustotal.com/#/file/fecddb7f3fa478be4687ca542c0ecf232ec35a0c2418c8bfe4875686ec373c1e/community | |
| <dpost> | |
| <handler>http://70.182.4.158:8082</handler> | |
| <handler>http://96.57.194.216:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018may08.txt
Created
May 8, 2018 13:09
trickbot-inject-configs-2018may08.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 8 may 2018 | |
| https://www.virustotal.com/#/file/aff5fa4ec4cd78bcf5f1c712f361bbd7d428800bea08c23cae66f0947e66c2a3/community | |
| <dpost> | |
| <handler>http://70.182.4.158:8082</handler> | |
| <handler>http://96.57.194.216:8082</handler> | |
| <handler>http://91.122.37.162:8082</handler> | |
| <handler>http://103.238.231.58:8082</handler> | |
| <handler>http://197.248.74.182:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018may29.txt
Created
May 29, 2018 19:28
trickbot-inject-configs-2018may29.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018-05-29 | |
| loader : | |
| https://www.virustotal.com/#/file/7199fb2ed59ddd47792822fc3936224a04ce19ebe1eb79439e062fd22043566d/community | |
| <dpost> | |
| <handler>http://91.122.37.162:8082</handler> | |
| <handler>http://185.157.46.136:8082</handler> | |
| <handler>http://162.249.229.101:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018june04.txt
Created
June 4, 2018 21:15
trickbot-inject-configs-2018june04.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018-06-04 | |
| https://www.virustotal.com/#/file/c6baa54db42806216932280fcca4f07e8323792d38199a966931ee713d387893/community | |
| <dpost> | |
| <handler>http://84.217.20.108:8082</handler> | |
| <handler>http://162.249.229.101:8082</handler> | |
| <handler>http://176.121.213.31:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018june07.txt
Created
June 7, 2018 18:02
trickbot-inject-configs-2018june07.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018-06-07 | |
| https://www.virustotal.com/#/file/1976a7941e96e6156c2748c169f3bffd48540619829c78ed3345814dfd5f21b4/detection | |
| <dpost> | |
| <handler>http://188.124.167.132:8082</handler> | |
| <handler>http://84.217.20.108:8082</handler> | |
| <handler>http://162.249.229.101:8082</handler> | |
| <handler>http://176.121.213.31:8082</handler> | |
| <handler>http://200.46.129.90:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018june08.txt
Created
June 8, 2018 19:40
trickbot-inject-configs-2018june08.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trickbot inject configs 2018-06-08 | |
| https://www.virustotal.com/#/file/a95ce1288d1f507831a7c257d2ee148f8fffbe4690e2a8dc8d96ce4886e094a1/detection | |
| <dpost> | |
| <handler>http://188.124.167.132:8082</handler> | |
| <handler>http://84.217.20.108:8082</handler> | |
| <handler>http://162.249.229.101:8082</handler> | |
| <handler>http://176.121.213.31:8082</handler> | |
| <handler>http://200.46.129.90:8082</handler> |
techhelplist
/ trickbot-inject-configs-2018sep07.txt
Created
September 7, 2018 21:58
trickbot-inject-configs-2018sep07.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trick inject configs 2018-09-07 | |
| https://www.virustotal.com/#/file/05eeff98010b18e2000b7d5c48eeea68d43b8bec89e92b49369763c91b5ce6e5/detection | |
| <dpost> | |
| <handler>http://84.217.20.108:8082</handler> | |
| <handler>http://188.114.210.4:8082</handler> | |
| <handler>http://5.228.72.17:8082</handler> | |
| <handler>http://190.93.220.223:8082</handler> |
techhelplist
/ jroosen-emotet-IOC-2018-09-10.txt
Created
September 11, 2018 14:30
jroosen emotet IOC 2018-09-10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # emotet malware doc and exe download urls thx to jroosen et al | |
| 217.182.194.208/INVOICE/ | |
| 51.254.121.123/wp-content/payment/ | |
| acethrass.com/Documents/ | |
| addtomap.ru/INVOICES/ | |
| alaaksa.com/Corrections/ | |
| aliu-rdc.org/Invoice/ | |
| alumni.poltekba.ac.id/Invoice/ | |
| anketa.orenmis.ru/INVOICE/ |
techhelplist
/ rdp-attackers-june2019-c.txt
Created
June 17, 2019 14:19
RDP Attackers - June 2019 - C
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| date sourceIP username-attempted | |
| 2019-06-16 60.170.155.9 ADMIN | |
| 2019-06-16 185.156.177.200 POLLY | |
| 2019-06-11 212.92.122.16 SRODRIGUEZ | |
| 2019-06-11 212.92.122.16 SLOPEZ | |
| 2019-06-16 185.156.177.183 ADMINISTRATOR | |
| 2019-06-11 212.92.122.16 SBAILEY | |
| 2019-06-16 185.156.177.200 POOLE | |
| 2019-06-11 212.92.122.16 SPERRY | |
| 2019-06-16 185.53.4.10 Administrator |
OlderNewer