Skip to content

Commit

Permalink
daily update Sat Aug 31 14:32:07 UTC 2024
Browse files Browse the repository at this point in the history
  • Loading branch information
drb-ra committed Aug 31, 2024
1 parent fcb7e37 commit d5e6e1f
Show file tree
Hide file tree
Showing 26 changed files with 683 additions and 688 deletions.
1,101 changes: 551 additions & 550 deletions C2_configs/cobaltstrike-30day.json
View file

Large diffs are not rendered by default.

27 changes: 14 additions & 13 deletions C2_configs/cobaltstrike.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18197,7 +18197,7 @@ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*l;q=0.8
Referer: http://www.baidu.com
Pragma: no-cache
Cache-Control: no-cache
-.jpg", "/history/","Host: x.ziper.xyz
-.jpg","/history/","Host: x.ziper.xyz
Content-Type: application/octet-stream
Referer: http://www.google.com
Pragma: no-cache
Expand Down Expand Up @@ -30728,7 +30728,7 @@ id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;
"03/27/2021 11:09:16.456","180.215.111.249","BCPL-SG BGPNET Global ASN",HTTP,"180.215.104.226,/j.ad",80,60000,0,"Use IE settings","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)",1873433027,"0.0.0.0",0
"03/27/2021 11:09:32.248","180.215.105.230","BCPL-SG BGPNET Global ASN",HTTP,"180.215.104.226,/j.ad",80,60000,0,"Use IE settings","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
id", 0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)",1873433027,"0.0.0.0",0
id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)",1873433027,"0.0.0.0",0
"03/27/2021 11:09:34.171","180.215.106.229","BCPL-SG BGPNET Global ASN",HTTP,"180.215.104.226,/j.ad",80,60000,0,"Use IE settings","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)",1873433027,"0.0.0.0",0
"03/27/2021 11:09:36.058","180.215.109.227","BCPL-SG BGPNET Global ASN",HTTP,"180.215.104.226,/j.ad",80,60000,0,"Use IE settings","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
Expand Down Expand Up @@ -39102,7 +39102,7 @@ Accept-Encoding: gzip, deflate
__cfduid
Quantity=1
cartAction=add","2021-05-02","Not Found","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36",791229691,"Not Found","Not Found"
"05/12/2021 13:03:12.868","45.61.138.145",AS40676,HTTPS,"45.61.138.145,/visit.js",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
"05/12/2021 13:03:12.868","45.61.138.145",AS40676,HTTPS,"45.61.138.145,/visit.js",443 ,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch)",305419776,"Not Found","Not Found"
"05/12/2021 13:03:13.064","66.112.210.232",IT7NET,HTTP,"66.112.210.232,/j.ad",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)",1,"Not Found","Not Found"
Expand Down Expand Up @@ -90963,7 +90963,7 @@ __cfduid",0,"Not Found","Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)",1359593325,"Not Found","Not Found"
"11/12/2021 22:30:12.950","81.68.103.253","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"81.68.103.253,/j.ad",81,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)",1359593325,"Not Found","Not Found"
"11/12/2021 22:30:22.648","49.232.213.234","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP, "49.232.213.234,/g.pixel",8888,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
"11/12/2021 22:30:22.648","49.232.213.234","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"49.232.213.234,/g.pixel",8888,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Avant Browser)",0,"0.0.0.0",0
"11/12/2021 22:30:25.796","212.115.54.236","RAINBOWIDC-AS-AP rainbow network limited",HTTP,"212.115.54.236,/__utm.gif",446,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASB)",426352781,"Not Found","Not Found"
Expand Down Expand Up @@ -118572,7 +118572,7 @@ id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64
id",0,"","Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent",16777216,"0.0.0.0",0
"03/02/2022 18:19:07.830","188.166.241.190","DIGITALOCEAN-ASN",HTTPS,"188.166.241.190,/__utm.gif",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)",1103696286,"Not Found","Not Found"
"03/02/2022 18:47:32.892","101.35.44.224","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTPS,"whoami.ze.lu,/ki",443,60679,37,"Use IE settings","Host: whoami.ze.lu
"03/02/2022 18:47:32.892","101.35.44.224"," TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTPS,"whoami.ze.lu,/ki",443,60679,37,"Use IE settings","Host: whoami.ze.lu
",,"Host: whoami.ze.lu
Connection: close
Accept: */*
Expand Down Expand Up @@ -139416,7 +139416,7 @@ id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)",206546002
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)",426352781,"Not Found","Not Found"
"04/16/2022 22:58:40.490","203.96.179.140","SHOCK-1",HTTP,"cs.bc8.in,/activity",2082,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MASPJS)",426352781,"Not Found","Not Found"
"04/16/2022 22:58:40.558","107.174.254.190","AS-COLOCROSSING",HTTP,"107.174.254.190,/cm",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
"04/16/2022 22:58:40.558","107.174.254.190","AS-COLOCROSSING",HTTP,"107.174.254.190,/cm",80,60000,0,"Use IE settings","",,Cookie,"/submit.php"," Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; LBBROWSER)",1234567890,"Not Found","Not Found"
"04/16/2022 22:58:40.624","46.101.5.12","DIGITALOCEAN-ASN",HTTP,"46.101.5.12,/r/webdev/comments/95ltyr",500,30000,20,"Use IE settings","Host: www.reddit.com",,"Host: www.reddit.com
Accept: */*
Expand Down Expand Up @@ -159541,7 +159541,7 @@ id",0,"","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; DTS Agent",100000,"Not Found","Not Found"
"07/05/2022 13:15:42.020","106.52.197.95","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"106.52.197.95,/visit.js",6666,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1)",426352781,"Not Found","Not Found"
"07/05/2022 13:18:54.370", "173.82.206.220","MULTA-ASN1",HTTP,"cdn.xiaojingjingaihuifeng.top,/api/3",80,60000,0,"Use IE settings","Host: cdn.xiaojingjingaihuifeng.top
"07/05/2022 13:18:54.370","173.82.206.220","MULTA-ASN1",HTTP,"cdn.xiaojingjingaihuifeng.top,/api/3",80,60000,0,"Use IE settings","Host: cdn.xiaojingjingaihuifeng.top
",,"Host: cdn.xiaojingjingaihuifeng.top
Cookie","/api/4","Host: cdn.xiaojingjingaihuifeng.top",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAM2)",100000,"Not Found","Not Found"
"07/05/2022 13:19:01.861","106.52.144.148","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"106.52.144.148,/activity",8089,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
Expand Down Expand Up @@ -163779,7 +163779,7 @@ Cookie","/api/y","Accept: */*
JSESSION=
Cookie",0,"Not Found","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",426352781,"Not Found","Not Found"
"07/28/2022 20:16:11.271","43.138.9.56","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"43.138.9.56,/match",80,3000,20,"Use IE settings","Host: 360.net
",,"Accept: */*
", ,"Accept: */*
Accept-Language: en-us
Accept-Encoding: text/plain
Content-Type: application/x-www-form-urltrytryd
Expand Down Expand Up @@ -201399,7 +201399,7 @@ _QLJPBSKH",0,"Not Found","Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36
id",0,"","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)",305419896,"0.0.0.0",0
"02/14/2023 02:57:26.197","110.42.188.52","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTP,"110.42.188.52,/g.pixel",8199,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)",391144938,"Not Found","Not Found"
"02/14/2023 03:01:25.000","116.205.134.239","HWCSNET Huawei Cloud Service data center",HTTP,"116.205.134.239,/pixel.gif",10003,60000,0,"Use IE settings","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
"02/14/2023 03:01:25.000","116.205.134.239","HWCSNET Huawei Cloud Service data center",HTTP,"116.205.134.239,/pixel.gif",10003,60000,0,"Use IE settings ","Not Found",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; NP06)",1873433027,"0.0.0.0",0
"02/14/2023 03:03:00.400","119.3.12.54","HWCSNET Huawei Cloud Service data center",HTTP,"119.3.12.54,/cm",8081,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)",391144938,"Not Found","Not Found"
Expand Down Expand Up @@ -214541,7 +214541,7 @@ s=69420
dc_ref=http%3A%2F%2Fwww.aws.com",0,"Not Found","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36",1623148884,"Not Found","Not Found"
"04/26/2023 22:31:36.858","39.105.31.104","Aliyun Computing Co., LTD",HTTP,"39.105.31.104,/updates.rss",81,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)",1359593325,"Not Found","Not Found"
"04/26/2023 22:31:48.080","121.4.111.221","Tencent cloud computing (Beijing) Co., Ltd.",HTTPS,"www.jntm.cn.com,/api/3", 8443,60000,0,"Use IE settings","Host: www.jntm.cn.com",,"Host: www.jntm.cn.com
"04/26/2023 22:31:48.080","121.4.111.221","Tencent cloud computing (Beijing) Co., Ltd.",HTTPS,"www.jntm.cn.com,/api/3",8443,60000,0,"Use IE settings","Host: www.jntm.cn.com",,"Host: www.jntm.cn.com
Cookie","/api/4","Host: www.jntm.cn.com",0,"Not Found","Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; LBBROWSER)",100000,"Not Found","Not Found"
"04/26/2023 22:33:00.072","175.178.125.175","Tencent cloud computing (Beijing) Co., Ltd.",HTTP,"175.178.125.175,/s",9999,50000,43,"Use IE settings","",,"Accept: */*
BAIDUID=89BC9473E603D8;BIDUPSID=89BC94E22DD019;rsv_jmp_slow=
Expand Down Expand Up @@ -240804,7 +240804,7 @@ id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/5.
"10/17/2023 08:19:58.319","139.196.136.202","Aliyun Computing Co., LTD",HTTPS,"qaq.social,/api/3",8443,60000,0,"Use IE settings","Host: qaq.social
",,"Host: qaq.social
Cookie","/api/4","Host: qaq.social",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MANM; MANM)",2333,"Not Found","Not Found"
"10/17/2023 08:20:14.260","117.72.35.30","Beijing Jingdong 360 Degree E-commerce Co., Ltd.",HTTPS,"82.156.29.211,/ptj",443,60000,0,"Use IE settings ","",,Cookie,"/submit.php","Content-Type: application/octet-stream
"10/17/2023 08:20:14.260","117.72.35.30","Beijing Jingdong 360 Degree E-commerce Co., Ltd.",HTTPS,"82.156.29.211,/ptj",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)",305419896,"0.0.0.0",0
"10/17/2023 08:20:38.551","103.39.78.153","FLAT A5, 9F",HTTP,"103.39.78.153,/pixel",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM; MANM)",100000,"Not Found","Not Found"
Expand Down Expand Up @@ -245400,7 +245400,7 @@ _JOTZYRGL",0,"Not Found","Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2)
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)",100000,"Not Found","Not Found"
"12/28/2023 02:14:28.155","47.115.213.18","Aliyun Computing Co., LTD",HTTP,"47.115.213.18,/visit.js",8789,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",987654321,"Not Found","Not Found"
"12/28/2023 02:14:41.890","164.155.212.249","PEG TECH INC",HTTP,"165.3.113.96,/jquery-3.3.1.min.js",8098,45000,37,"Use IE settings","",,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
"12/28/2023 02:14:41.890","164.155.212.249","PEG TECH INC",HTTP,"165.3.113.96,/jquery-3.3.1.min.js",8098,45000,37,"Use IE settings","",, "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://news.qq.com/
Accept-Encoding: gzip, deflate
__cfduid=
Expand Down Expand Up @@ -258202,7 +258202,7 @@ __cfduid",0,"Not Found","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/5
"06/08/2024 08:42:51.942","185.186.146.25","Hostsymbol Pte. Ltd.",HTTPS,"185.186.146.25,/ca",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALC)",987654321,"Not Found","Not Found"
"06/08/2024 10:21:12.735","154.12.26.80","HFTCL-AS-AP High Family Technology Co., Limited",HTTPS,"cs.xfdaili.com,/g.pixel",443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id" ,0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)",100000,"Not Found","Not Found"
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)",100000,"Not Found","Not Found"
"06/08/2024 13:43:51.066","154.198.245.62","CenturyNetworks LTD",HTTP,"154.198.245.62,/visit.js",80,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MDDCJS)",987654321,"Not Found","Not Found"
"06/08/2024 18:46:45.128","110.42.249.222","Tencent cloud computing (Beijing) Co., Ltd.",HTTP,"110.42.249.222,/jquery-3.3.1.min.js",6666,45000,37,"Use IE settings","",,"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Expand Down Expand Up @@ -266151,4 +266151,5 @@ Cookie
input=",0,"Not Found","Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko",987654321,"Not Found","Not Found"
"08/31/2024 00:46:08.726","101.35.228.105","TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited",HTTPS,"101.35.228.105,/load",20443,60000,0,"Use IE settings","",,Cookie,"/submit.php","Content-Type: application/octet-stream
id",0,"Not Found","Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0; msn OptimizedIE8;ENUS)",987654321,"Not Found","Not Found"
"08/31/2024 13:31:05.140","70.34.196.238","Hangzhou Alibaba Advertising Co.,Ltd.","Hybrid HTTP DNS","update.mloadspring.com,/jquery-3.3.1.min.js,upgrade.mloadspring.com,/jquery-3.3.1.min.js",53,45000,37,"Use IE settings","",,,"Not Found",,0,"Not Found","Not Found",100000000,"208.118.236.244",0

Expand Down
3 changes: 2 additions & 1 deletion C2_configs/cobaltstrike.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55564,5 +55564,6 @@
{"preview":false,"offset":55563,"result":{"FirstSeen":"08/30/2024 19:45:07.276","ip":"192.252.183.228","ASN":"Integen, Inc","BeaconType":"HTTPS","C2Server":"www.votass.com,/api/3","Port":"2083","SleepTime":"60000","Jitter":"0","Proxy_Behavior":"Use IE settings","HostHeader":"Host: www.votass.com\r\n","HttpGet_Metadata":["Host: www.votass.com","Cookie"],"HttpPostUri":"/api/4","HttpPost_Metadata":"Host: www.votass.com","KillDate":"0","PipeName":"Not Found","UserAgent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENUS)","Watermark":"987654321","DNS_Idle":"Not Found","DNS_Sleep":"Not Found"}}
{"preview":false,"offset":55564,"result":{"FirstSeen":"08/30/2024 22:24:49.423","ip":"94.20.88.63","ASN":"HOSTART","BeaconType":"HTTP","C2Server":"94.20.88.63,/load","Port":"54322","SleepTime":"60000","Jitter":"0","Proxy_Behavior":"Use IE settings","HostHeader":"","HttpGet_Metadata":"Cookie","HttpPostUri":"/submit.php","HttpPost_Metadata":["Content-Type: application/octet-stream","id"],"KillDate":"0","PipeName":"Not Found","UserAgent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)","Watermark":"1580103824","DNS_Idle":"Not Found","DNS_Sleep":"Not Found"}}
{"preview":false,"offset":55565,"result":{"FirstSeen":"08/30/2024 22:24:57.689","ip":"39.108.142.219","ASN":"ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd.","BeaconType":"HTTP","C2Server":"39.108.142.219,/css3/index2.shtml","Port":"64412","SleepTime":"3000","Jitter":"37","Proxy_Behavior":"Use IE settings","HostHeader":"","HttpGet_Metadata":["Accept: text/html, application/xhtml+xml, image/jxr, */*","Accept-Encoding: gzip, deflate","Accept-Language: en-US; q=0.7, en; q=0.3","Connection: keep-alive","DNT: 1","accept"],"HttpPostUri":"/tools/family.html","HttpPost_Metadata":["Accept: text/html, application/xhtml+xml, */*","Accept-Encoding: gzip, deflate","DNT: 1","Content-Type: application/x-www-form-urlencoded","token=","Cookie","input="],"KillDate":"0","PipeName":"Not Found","UserAgent":"Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko","Watermark":"987654321","DNS_Idle":"Not Found","DNS_Sleep":"Not Found"}}
{"preview":false,"offset":55566,"lastrow":true,"result":{"FirstSeen":"08/31/2024 00:46:08.726","ip":"101.35.228.105","ASN":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited","BeaconType":"HTTPS","C2Server":"101.35.228.105,/load","Port":"20443","SleepTime":"60000","Jitter":"0","Proxy_Behavior":"Use IE settings","HostHeader":"","HttpGet_Metadata":"Cookie","HttpPostUri":"/submit.php","HttpPost_Metadata":["Content-Type: application/octet-stream","id"],"KillDate":"0","PipeName":"Not Found","UserAgent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0; msn OptimizedIE8;ENUS)","Watermark":"987654321","DNS_Idle":"Not Found","DNS_Sleep":"Not Found"}}
{"preview":false,"offset":55566,"result":{"FirstSeen":"08/31/2024 00:46:08.726","ip":"101.35.228.105","ASN":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited","BeaconType":"HTTPS","C2Server":"101.35.228.105,/load","Port":"20443","SleepTime":"60000","Jitter":"0","Proxy_Behavior":"Use IE settings","HostHeader":"","HttpGet_Metadata":"Cookie","HttpPostUri":"/submit.php","HttpPost_Metadata":["Content-Type: application/octet-stream","id"],"KillDate":"0","PipeName":"Not Found","UserAgent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0; msn OptimizedIE8;ENUS)","Watermark":"987654321","DNS_Idle":"Not Found","DNS_Sleep":"Not Found"}}
{"preview":false,"offset":55567,"lastrow":true,"result":{"FirstSeen":"08/31/2024 13:31:05.140","ip":"70.34.196.238","ASN":"Hangzhou Alibaba Advertising Co.,Ltd.","BeaconType":"Hybrid HTTP DNS","C2Server":"update.mloadspring.com,/jquery-3.3.1.min.js,upgrade.mloadspring.com,/jquery-3.3.1.min.js","Port":"53","SleepTime":"45000","Jitter":"37","Proxy_Behavior":"Use IE settings","HostHeader":"","HttpPostUri":"Not Found","KillDate":"0","PipeName":"Not Found","UserAgent":"Not Found","Watermark":"100000000","DNS_Idle":"208.118.236.244","DNS_Sleep":"0"}}

Loading

0 comments on commit d5e6e1f

Please sign in to comment.