daily update Sat Aug 31 22:32:14 UTC 2024

drb-ra · Aug 31, 2024 · 45592cc · 45592cc
1 parent 0d8b7b4
commit 45592cc
Show file tree

Hide file tree

Showing 6 changed files with 652 additions and 623 deletions.
diff --git a/C2_configs/cobaltstrike-30day.json b/C2_configs/cobaltstrike-30day.json
diff --git a/C2_configs/cobaltstrike.csv b/C2_configs/cobaltstrike.csv
@@ -44194,7 +44194,7 @@ Host: vedio.microsoft.com
 sn",0,"","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36",0,"0.0.0.0",0
 "06/09/2021 17:42:58.541","47.101.147.201","CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd.",HTTP,"47.101.147.201,/__utm.gif",8080,60000,0,"Use IE settings","","www.chenritian.com
 chenritian.com",Cookie,"/submit.php","Content-Type: application/octet-stream
-id",0,"","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)",305419896,"0.0.0.0",0
+id",0, "","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)",305419896,"0.0.0.0",0
 "06/09/2021 19:16:41.750","106.54.169.71","KNET Techonlogy (BeiJing) Co.,Ltd.",HTTPS,"1.15.220.135,/en_US/all.js",8443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)",1359593325,"Not Found","Not Found"
 "06/09/2021 20:42:13.129","154.92.15.225","HKKFGL-AS-AP HK Kwaifong Group Limited",HTTP,"104.21.85.92,/cx,172.67.204.62,/pixel",80,60000,0,"Use IE settings","Host: dasfipjefasd.xyz
@@ -74789,7 +74789,7 @@ onlineIdTicket
 "",""pjaxDuration"":20833}]}",0,"","Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0;) like Gecko",305419896,"8.8.8.8",0
 "10/01/2021 23:32:18.910","176.10.119.157","AS-SOFTPLUS",HTTP,"176.10.119.157,/dpixel",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)",0,"Not Found","Not Found"
-"10/01/2021 23:32:50.578","96.45.180.37",IT7NET,HTTPS,"96.45.180.37,/updates.rss",4443,60000,0,"Use IE settings","",,Cookie,"/submit.php ","Content-Type: application/octet-stream
+"10/01/2021 23:32:50.578","96.45.180.37",IT7NET,HTTPS,"96.45.180.37,/updates.rss",4443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MAARJS)",305419896,"0.0.0.0",0
 "10/02/2021 08:00:29.627","193.200.134.67","Cloud Management LLC",HTTP,"193.200.134.67,/fwlink",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)",1234567890,"Not Found","Not Found"
@@ -77376,7 +77376,7 @@ id",0,"","Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko",
 "10/09/2021 23:37:48.983","47.98.250.156","CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd.",HTTP,"47.98.250.156,/jquery.min.js",50008,6001,0,"Use IE settings","",,"Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
 ver=1.2.4
 token=
-Cookie","/wp-admin","Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
+Cookie","/wp-admin ","Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
 Cookie: wordpress_test_cookie=WP+Cookie+check
 PHPSESSID=
 Cookie",0,"Not Found","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36",1359593325,"Not Found","Not Found"
@@ -98466,7 +98466,7 @@ id",0,"","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPa
 Connection: close
 made_write_conn=
 Cookie
-full=true ","/ki","Host: api.docs-github.workers.dev
+full=true","/ki","Host: api.docs-github.workers.dev
 Connection: close
 Accept-Encoding: gzip
 Content-Type: application/x-www-form-urlencoded
@@ -113985,7 +113985,7 @@ id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.
 ",,"Connection: close
 HSID=
 Cookie
-verify=false","/common","Connection: close
+verify=false","/common", "Connection: close
 Content-Type: application/x-www-form-urlencoded
 dl=
 __session__id=
@@ -123459,7 +123459,7 @@ id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident
 "03/30/2022 18:38:33.847","47.105.223.18","ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd.",HTTP,"t2.lten.cc,/en_US/all.js,t3.lten.cc,/ca,t4.lten.cc,/cx",8888,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",426352781,"Not Found","Not Found"
 "03/30/2022 18:38:33.925","5.39.221.26","HOSTKEY-AS",HTTP,"5.39.221.26,/en_US/all.js",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
-id", 0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)",0,"Not Found","Not Found"
+id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)",0,"Not Found","Not Found"
 "03/30/2022 18:38:33.987","47.94.38.147","ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd.",HTTP,"47.94.38.147,/j.ad",1234,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)",1234567890,"Not Found","Not Found"
 "03/30/2022 18:38:34.818","182.42.114.2","CHINATELECOM-CTCLOUD Cloud Computing Corporation",HTTP,"182.42.114.2,/match",8888,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
@@ -151435,7 +151435,7 @@ Host: update.twittermisc.com
 session-token=
 skin=noskin;
 csm-hit=s-ZKfVNrTuJP09EG9Fzz9I|2083152134315
-Cookie ","/N9185/adj/amzn.us.sr.aps","Accept: */*
+Cookie","/N9185/adj/amzn.us.sr.aps","Accept: */*
 Content-Type: text/xml
 Host: update.twittermisc.com
 sz=160x600
@@ -186844,7 +186844,7 @@ id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.
 "11/16/2022 18:36:46.603","156.240.105.4","HKCICL-AS-AP Hong Kong Communications International Co., Limited",HTTP,"156.240.105.13,/en_US/all.js",800,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)",1234567890,"Not Found","Not Found"
 "11/16/2022 18:37:40.003","202.182.109.125","AS-CHOOPA",HTTP,"202.182.109.125,/load",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
-id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)",1359593325,"Not Found","Not Found"
+id", 0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)",1359593325,"Not Found","Not Found"
 "11/16/2022 18:38:55.207","43.155.66.70","TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue",HTTPS,"43.155.66.70,/jquery-3.3.1.min.js",443,45000,37,"Use IE settings","",,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Referer: http://code.jquery.com/
 Accept-Encoding: gzip, deflate
@@ -192061,7 +192061,7 @@ Cookie","/Latest/k/Q1O1A61IE","Accept: text/html, application/xhtml+xml, image/*
 Accept-Language: ar-tn
 Accept-Encoding: gzip, identity
 _BTZGQEEZ","2025-11-11","Not Found","Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36",100000,"Not Found","Not Found"
-"12/07/2022 20:40:29.895","139.177.146.61","HVC-AS",HTTP,"new.hik.icu,/updates.rss,139.177.146.61,/ca",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
+"12/07/2022 20:40:29.895","139.177.146.61","HVC-AS" ,HTTP,"new.hik.icu,/updates.rss,139.177.146.61,/ca",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)",391144938,"Not Found","Not Found"
 "12/07/2022 20:42:36.791","157.245.50.113","DIGITALOCEAN-ASN",HTTPS,"157.245.50.113,/ptj",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; LBBROWSER)",100000,"Not Found","Not Found"
@@ -200149,7 +200149,7 @@ id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64
 "02/06/2023 13:49:18.005","195.189.99.65","CHERRYSERVERS2-AS",HTTPS,"195.189.99.65,/__utm.gif",999,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; BOIE8;ENUS)",1580103824,"Not Found","Not Found"
 "02/06/2023 13:49:54.399","138.124.180.171",MIRHOSTING,HTTPS,"138.124.180.171,/fwlink",8080,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
-id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; ASU2JS)",0, "Not Found","Not Found"
+id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; ASU2JS)",0,"Not Found","Not Found"
 "02/06/2023 13:51:04.593","198.211.9.165","MULTA-ASN1",HTTP,"198.211.9.165,/load",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALC)",305419896,"0.0.0.0",0
 "02/06/2023 13:51:21.517","156.232.11.5","YISUCLOUDLTD-HK YISU CLOUD LTD",HTTPS,"156.232.11.5,/pixel",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
@@ -202992,7 +202992,7 @@ JSESSION=
 Cookie",0,"Not Found","Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko",391144938,"Not Found","Not Found"
 "02/21/2023 16:12:15.606","45.89.199.128","DEDIPATH-LLC",HTTP,"45.89.199.128,/dpixel",8080,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333)",0,"Not Found","Not Found"
-"02/21/2023 16:12:39.706","38.60.39.41","TGL-AS-AP Turing Group Limited",HTTPS,"38.60.39.41,/fwlink",888,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
+"02/21/2023 16:12:39.706","38.60.39.41","TGL-AS-AP Turing Group Limited",HTTPS,"38.60.39.41,/fwlink",888,60000,0," Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)",1234567890,"Not Found","Not Found"
 "02/21/2023 16:12:52.601","47.93.97.210","ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd.",HTTP,"172.16.0.11,/load",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MAARJS)",100000,"Not Found","Not Found"
@@ -209771,7 +209771,7 @@ id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)",100000,"N
 "04/03/2023 16:14:13.115","107.148.131.30","PEGTECHINC-AP-01",HTTPS,"107.148.131.30,/activity",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; NP06)",1234567890,"Not Found","Not Found"
 "04/03/2023 16:19:34.014","58.120.8.214","SKB-AS SK Broadband Co Ltd",HTTP,"58.120.8.214,/load",82,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
-id ",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)",100000,"Not Found","Not Found"
+id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)",100000,"Not Found","Not Found"
 "04/04/2023 08:31:18.608","46.17.43.67","LLC BAXET",HTTPS,"bud02s43.office36o.online,/images/codeispoetry.jpg",443,3000,20,"Use IE settings","",,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*l;q=0.8
 https://bud02s43.office36o.online/?_s=
 Referer
@@ -231471,7 +231471,7 @@ id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.
 Referer: http://code.jquery.com/
 Accept-Encoding: gzip, deflate
 __cfduid=
-Cookie","/jquery-3.3.2.min.js","Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Cookie","/jquery-3.3.2.min.js" ,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Referer: http://code.jquery.com/
 Accept-Encoding: gzip, deflate
 __cfduid",0,"Not Found","Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko",100000000,"Not Found","Not Found"
@@ -232516,7 +232516,7 @@ _ORUVSAPX",0,"Not Found","Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/5
 "07/31/2023 18:48:46.072","114.132.234.149","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"114.132.234.149,/ca",8080,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)",987654321,"Not Found","Not Found"
 "07/31/2023 18:49:05.559","175.178.178.178","Tencent cloud computing (Beijing) Co., Ltd.",HTTP,"175.178.178.178,/List",8083,3000,0,"Use IE settings","",,"cf=
-Cookie ","/Login","password
+Cookie","/Login","password
 data=
 %%",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP02)",100000,"Not Found","Not Found"
 "07/31/2023 18:49:12.777","175.178.178.178","Tencent cloud computing (Beijing) Co., Ltd.",HTTP,"175.178.178.178,/List",80,3000,0,"Use IE settings","",,"cf=
@@ -257989,7 +257989,7 @@ id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Tri
 SESSIONID=
 Cookie","/api/y","Accept: */*
 JSESSION=
-Cookie ",0,"Not Found","Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)",987654321,"Not Found","Not Found"
+Cookie",0,"Not Found","Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)",987654321,"Not Found","Not Found"
 "06/05/2024 10:22:20.572","176.56.237.211","ASN-ROUTELABEL",HTTPS,"176.56.237.211,/ga.js",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)",987654321,"Not Found","Not Found"
 "06/05/2024 13:46:46.343","118.25.173.248","Tencent Cloud Computing (Beijing) Co., Ltd",HTTPS,"service-hcwhjzdb-1316933071.sh.tencentapigw.com,/api/x",443,3000,0,"Use IE settings","",,"Accept: */*
@@ -258272,7 +258272,7 @@ id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Tr
 id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)",987654321,"Not Found","Not Found"
 "06/08/2024 18:49:01.004","185.22.152.167","LLC Baxet",HTTP,"185.22.152.167,/cx",8868,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
 id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)",987654321,"Not Found","Not Found"
-"06/08/2024 18:49:21.542","165.3.87.196","Woolworths Holdings Limited",HTTPS,"sanhaozhifu.top,/jquery-3.3.1.min.js",8443,45000,37,"Use IE settings","",,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+"06/08/2024 18:49:21.542","165.3.87.196","Woolworths Holdings Limited",HTTPS,"sanhaozhifu.top,/jquery-3.3.1.min.js",8443,45000,37,"Use IE settings","",, "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Referer: http://code.jquery.com/
 Accept-Encoding: gzip, deflate
 __cfduid=