Sample Gmail accounts known to have been involved in the campaign include:
jagdish.meshraam@gmail.com
drsnehapatil64@gmail.com
sinhamuskaan04@gmail.com
jennifergonzales789@gmail.com
payalshastri79@gmail.com
Sample malicious domains known to have been involved in the campaign:
researchplanet.zapto.org
socialstatistics.zapto.org
duniaenewsportal.ddns.net
Sample domain registrant email address accounts known to have been involved in the campaign include:
harpreet.singh1984@yahoo.com
marlenecharlton@outlook.com
abadaba@eml.cc
REUBEN123@RISEUP.NET
Related malicious domains known to have been involved in the campaign include:
hxxp://greenpeacesite.com
hxxp://new-agency.us
hxxp://chivalkarstone.com
hxxp://newmms.ru
hxxp://gayakwaad.com
hxxp://bbcworld-news.net
hxxp://newsinbbc.com
Sample responding IPs for known malicious domains known to have been involved in the campaign:
208.48.81.179
36.86.63.182
64.15.205.100
64.15.205.101
198.105.254.11
167.160.46.164
208.48.81.134
209.99.40.223
185.205.210.23
5.1.82.106
69.195.129.70
69.195.129.72
104.239.213.7
146.112.61.106
52.4.209.250
141.8.224.134
216.120.146.200
141.8.224.126
192.154.103.67
34.246.254.156
72.52.179.174
199.59.242.153
199.59.243.220
199.59.240.200
75.2.122.238
217.26.70.230
192.64.147.152
103.254.155.203
208.73.211.250
8.5.1.33
91.217.90.201
166.78.106.200
98.124.245.24
146.148.34.125
8.5.1.49
54.210.47.225
109.236.90.147
199.191.50.21
199.59.243.200
185.82.202.155
185.117.66.188
185.117.74.47
185.117.74.28
185.45.193.14
Sample malicious MD5s known to have been involved in the campaign include:
619c707672fc36279f7983f95387e5fdcaff56c58620b23e6dc47dd200add9b7
7533597d2ed0a0e2b981ae1b0d79a37d5343fe790bc3116e036b9b8f3d6b3fe8
22d72a14a1c9837d1c57b9393e88dee4cf21a98eb446008393ac04afa3edc712
5d28df67b12a990af0300120747c8606604c22c6959d31c8706ff8040175414a
18f9e34af21f5b5186e4c6367b86d268fcf0ec41e0879d06bbb9d0ef5c4dc3a2
4dbb14ff2836733b34594956c4234d2a54c04257710dd31a0884b1926d35d7bc
e179f03dd608b090bec933fa62d3714b6deda6c1629eec6bf82f2df55aa22307
e6da12f819a7f50608b1f6a16f1dd6c08c906cd060244cbb1e5b0eb9ab5e75b5
828de55ffbfb1c1b6ffcbb56b838486dbaecc9b41a0d111fcca290978ed05e95
76970287697bb7601970bcd5d5cfa60e1c6558b60046501b885d203eda9c9b44
99131b4fdedbf01721eed38ad685a305140feb73a6d0fb8cc48f1fad3143be92
221dde812ab1c734cd308da2ed8ead6033c6772864d383317fa2526a58e803ae
f6b4f5f05907caf6eaf58109500144d69a798f177f6ac3cb32648fadb304192c
5ede813e52c325fec54d1d8cb9e6b63118f64fce0585c1da4263cbf4a00e1651
4fbb41eefb0e8a99417c855038bd7c89cc3190c07e0d4b4106d8ddbcf2634774
94fa3ff2ef14ae0fcd461c89f90deae5ed6417a238ec5131ef6cb80400de0586
261f13f9e6d08869b41dca972016f177e1cefada9155d806a18f590c3f487a5f
ca2f1df3639a5b5896d98aa70eb68507abf1cea6aba8fe054671cdd0711faf9e
095ec879f323a0a3eceb97013125880d49ac701eef568e3b010fdddb1333941f
11cef331557eb693e718d27b6a7211a98d3982117a03ec1491db8098ea3cec00
16b5c74fb55f52ae0ae4328f65b2bf3bbe3e5ee34268c1d32a247a0a1dfa3186
21d24e08889f75461a7ce6f21fc612a701bca35da1a218cf3cdd6e23f613bb4d
31a3e3aba03b553d0f23f10b06ade30ae053cd667a8cc9660f310705ee471b68
5a4aca57541954195953066a4be96dfb19776ba099d72f8f1d3677581594606e
88b92d985b7d616c93c391731c1e4a6d3c8323fdcbf31cfc4d340e27253913a7
ac4d5d938009fd44b2f7587986862ab2278887a17d32f748278445b625b3efd9
b09ca9d48a0455ed5e02a56aabeb397c41fb63320244719749e0741da72e79c4
b1b6e133aa320669c772ec7e5fd6fbe4cb3edca13ad5351f14df3c1f13939d09
de302a61e5f07b0e65753355d44d22181a2742ac3a92aa058bdcd00cc4dab788
e3dea449bf74434ee1c9cdc04ca68b8f3c9bac357768e07df303433f257d3b9a
ea5f37e1feab670171963aa83b235c772202b2d4bb7289dd45302c3851dbd6f9
Stay tuned!
No comments:
Post a Comment