Skip to content

Instantly share code, notes, and snippets.

View iot-malware-2020-04-16-a.txt
http://37.49.226.127/Cipher.sh
http://37.49.226.127/mips
http://37.49.226.127/mipsel
http://37.49.226.127/sh4
http://37.49.226.127/x86
http://37.49.226.127/arm7
http://37.49.226.127/arm6
http://37.49.226.127/i686
http://37.49.226.127/i586
http://37.49.226.127/m68k
View rdp-attackers-7-days-20200601.txt
This file has been truncated, but you can view the full file.
# report generated Mon Jun 1 07:30:02 MDT 2020
# timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-25T13:30Z 172.107.162.74 ADMINISTRATOR
2020-05-25T13:30Z 185.202.1.131 CLAIR
2020-05-25T13:30Z 185.202.1.132 RIGOBERTO
2020-05-25T13:30Z 185.202.1.136 CHANG
2020-05-25T13:30Z 185.202.1.136 ZACHARIAH
2020-05-25T13:30Z 185.202.1.152 MSHCW
2020-05-25T13:30Z 185.202.1.152 MYSQL_ZKEYS
View rdp-attackers-7-days-20200525.txt
This file has been truncated, but you can view the full file.
2020-05-18T13:30 141.98.83.40 AA123456
2020-05-18T13:30 185.153.197.2 ADMINISTRATOR
2020-05-18T13:30 185.153.199.131 FOLDER
2020-05-18T13:30 185.153.199.131 FRONT
2020-05-18T13:30 185.202.1.119 EDITOR
2020-05-18T13:30 185.202.1.129 TERRANCE
2020-05-18T13:30 185.202.1.131 JAY
2020-05-18T13:30 185.202.1.131 JIM
2020-05-18T13:30 185.202.1.133 DERRICK
View rdpers-ms-only-18may2020.txt
2020-05-12T04:42:04.875Z 104.208.242.187 admin
2020-05-12T08:12:43.373Z 104.208.242.187 admin
2020-05-12T14:13:51.253Z 104.208.242.187 admin
2020-05-12T10:55:25.028Z 104.208.242.187 admin
2020-05-12T18:14:05.394Z 104.208.242.187 admin
2020-05-12T02:38:30.820Z 104.208.242.187 admin
2020-05-12T05:13:36.554Z 104.208.242.187 admin
2020-05-12T02:08:12.755Z 104.208.242.187 admin
2020-05-11T13:43:53.269Z 104.208.242.187 admin
2020-05-11T16:16:18.505Z 104.208.242.187 admin
View rdp-attackers-7-days-20200518.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 18 07:30:01 MDT 2020
#timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-11T13:30Z 137.117.13.132 admin
2020-05-11T13:30Z 168.63.203.102 admin
2020-05-11T13:30Z 176.113.115.46 IADMIN_18
2020-05-11T13:30Z 180.180.245.245 ADMINISTRATOR
2020-05-11T13:30Z 185.202.1.119 MASTER
2020-05-11T13:30Z 185.202.1.119 TURNOS
2020-05-11T13:30Z 185.202.1.132 ADMINISTRATOR
View rdp-attackers-7-days-20200511.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 11 07:30:01 MDT 2020
timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-05-11T00:30:45.744Z 213.202.233.217 orders
2020-05-11T00:30:23.041Z 213.202.233.217 michelle
2020-05-06T20:42:47.156Z 91.241.19.25 THIS
2020-05-11T00:30:34.351Z 213.202.233.217 operator
2020-05-11T00:30:33.598Z 185.202.0.7 MATCH
2020-05-06T12:42:30.939Z 45.141.87.10 ADMINISTRATOR
2020-05-11T00:27:47.904Z 185.202.1.150 STA
View rdp-attackers-7-days-20200330.txt
This file has been truncated, but you can view the full file.
#report generated Mon Mar 30 07:30:01 MDT 2020
timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-03-23T23:05:32.224Z 46.119.160.160 Administrator
2020-03-26T09:03:09.339Z 103.120.28.252 ADMINISTRATOR
2020-03-26T14:43:02.285Z 185.202.1.81 admin
2020-03-23T13:38:20.551Z 121.241.7.34 Scan
2020-03-26T09:03:11.619Z 5.183.93.57 YRJADMIN
2020-03-26T22:12:52.861Z 185.153.196.64 USER5
2020-03-23T23:05:40.231Z 209.45.61.241 ADMINISTRATOR
View rdp-attackers-7-days-20200217.txt
This file has been truncated, but you can view the full file.
#report generated Mon Feb 17 07:30:02 MST 2020
#timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-02-10T14:30Z 124.158.9.38 ADMINISTRATOR
2020-02-10T14:30Z 185.209.0.40 RESMAC
2020-02-10T14:30Z 185.209.0.57 MSWORDUSER
2020-02-10T14:30Z 185.209.0.57 WINDOWS
2020-02-10T14:30Z 185.209.0.85 NPS
2020-02-10T14:30Z 185.209.0.85 PESTAMACH
View rdp-attackers-7-days-20200504.txt
This file has been truncated, but you can view the full file.
#report generated Mon May 4 07:30:01 MDT 2020
#timestamp IpAddress TargetUserName
2020-04-27T13:30Z 190.0.1.90 ADMINISTRATOR
2020-04-27T13:30Z 190.0.1.90 USER
2020-04-27T13:30Z 194.61.24.121 RECEPTION
2020-04-27T13:30Z 194.61.24.121 STEPHANIE
2020-04-27T13:30Z 212.92.105.227 IDAMEMBERSERVICES
2020-04-27T13:30Z 212.92.105.227 NEIGHBORS
2020-04-27T13:30Z 212.92.105.227 SEGURIDAD
View rdp-attackers-7-days-20200427.txt
This file has been truncated, but you can view the full file.
#report generated Mon Apr 27 07:30:01 MDT 2020
timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName
2020-04-21T08:15:06.474Z 45.141.84.89 administrador
2020-04-21T08:15:36.462Z 185.209.0.107 ADRAIN
2020-04-20T14:57:08.655Z 185.209.0.15 ADMINISTRATOR
2020-04-20T15:49:52.408Z 185.202.1.81 administrator
2020-04-21T08:15:12.438Z 185.202.1.128 TRACI
2020-04-20T15:49:54.587Z 185.202.1.128 LACEY
2020-04-20T14:57:17.255Z 185.209.0.85 ADMINISTRATOR