Farseer_PreviouslyUnknownMalwareFamilybolsterstheChinesearmoury.pdf

Report name	Domains	Hosts	Samples
Farseer_PreviouslyUnknownMalwareFamilybolsterstheChinesearmoury.pdf (Click name to open as page)	netvovo.windowsnetwork.org honor2020.ga adminloader.com tcpdo.net www3.mefound.com cdncool.com app.newfacebk.com update.newfacebk.com csip6.biz dns.cdncool.com md.sony36.com newfacebk.com sony36.com adminsysteminfo.com 3w.tcpdo.net w3.changeip.org outhmail.com md5c.net windowsnetwork.org cyberthreatalliance.org update.tcpdo.net up.outhmail.com md.son36.com linkdatax.com www5.zyns.com	45.32.44.52 45.32.45.77 59.188.196.162 199.247.25.110 45.125.33.219 45.32.251.7 45.32.53.250 45.32.24.39 45.76.92.113 45.32.159.168 43.224.33.130 175.45.192.234 59.188.196.172	2085fca368af15a1bd54f7809dfee7cdd4d73df7af88fa53fe5341f0523ca7ea fd8bb808c7b16cffcb83d7e86d642b5cb6e913e22df69c8dd03ce4e7498f5fdc 8890a06d3233ecf661c040ca5c03393c3afd620ccce49fbe08477bbf6b7d9b04 b82caa5087c6fd8ac79019185c6f8884f5dd9d0266bb7ad635277f3c7ca5c615 d11d871b07520f43437183fa44bd118c01a3c4c86cffe0cc7343ae9038565cf1 4ab41a025624f342deb85d798c6d6264a9fb88b8b3d9037cf8d5248a9f730339 97c04702aaa0a9018cc46ea874e7e3644146ba4d6b3b30c78a6a6430172b13c7 75ca95ae317b1e848d54bbb01798d5b61ebcaf4328b3940b5d5f644a01f1943a f169b8d93ea27ab6ae24c26eaecc039a838bd7e74aef18c1e7a953283c418c30 542b2ca4fe2d7d13fa317c58f46942cdf6eb33771bb898d7be773f8ccb50b13c d44f388842d93807c0b56399c8b7eae5b3dd76871e4908ef3d7d8a559f014fe6 0c7e35ca1312204063319a3455ec14bc4b701de205503e63de584f28d99f0291 da02edf3f33d9801d066c1f93feef33cdedc1bc7b5605498404e8cad8015729f 7f091da89c4412d71ae583481f91a471751a3c0e8db0037cf31ffd00f4245b5b a999489d95e5a94f75de4695c9579ffc88bae02048838e3523f089d970a35abb 06c091bb0630539dec0d26eb6bfbf9108152e4c5af27ff649ce84238cd88f81e 7d5386253d403b74e86658699f9a6d683b7ac3065c4e2cdae192b32b9ac54edb b782b4c5f8fe2ee318e50ddf985c9132bff6d48b01ea36d6825967bf89e5d0c2 10bd4507eb12bebc17e216e16950bf77e56c2aad01be7033bf0d5c235f2ad6e5 5a461104a2b6e313d3d0ee08c26e90db965139b1bff4a785ec297047d570340c 2e84de3408283423ed58764139eed4dd7e343115b943b58a46e2dc25ca2ef3c8 0306585900f1b1bddc76149352f90962c365959e44a486ba3547c80d12d56e41 6e367e10f9c0fb818394e9517ab13c1da00b2545602c23bf6ab83e93063076b8 9e08efc73dc9145358898d2735c5f31d45a2571663c7f4963abd217ae979c7ca c8b2232360d5d6f56cd6b1076e5e21f0d501f5cb725e0a9b32a0ab661b4c38dd f46f162ef279cc6e9c022cffe3a6685d001524e312e7a5f23bd24d76fed1fa99 3d47b99d34e169a8283062937c373264829cf6fe1c7fa0bacee135c392ca24bb c1e80458ae652dbf40981dfe33bf109d1b4c85d0affbd16c8d1df6be9e233e05 1e62b7dcb503f47a6330c4dcfc49ea9d921b7d2f8c508769d27df04e61b9471d 24b52403ff652416c84afed7e12ece11dc59b07f7dba5f007e117a4cfc67c1ab 4552f70d94743206489da85da2e9eb9f1eb3ad017a42edb7a60edb69e5c15a32 8ff03c13d0a78003840b7a612e372242c7def123b4fbf5ea1780f2d70eb806a1 271e29fe8e23901184377ab5d0d12b40d485f8c404aef0bdcc4a4148ccbb1a1a 1e46c88420c657c685786bee88f606d494f3d50bcbc616b0f64d2886edd572f2

menuPassPlaybookandIOCs.pdf

Report name	Domains	Hosts	Samples
menuPassPlaybookandIOCs.pdf (Click name to open as page)	N/A	N/A	N/A

TheMuddyWatersofAPTAttacks-CheckPointResearch.pdf

Report name	Domains	Hosts	Samples
TheMuddyWatersofAPTAttacks-CheckPointResearch.pdf (Click name to open as page)	www.checkpoint.com research.checkpoint.com infosystema.kg googleads.hopto.org icanhazip.com orbe-fzc.com	1.5.1.1 185.117.75.116	08e256cd2fa027552be253ec3bf427b537977f9123adf1f36e7cd2843a057554 2f77ec3dd5a5c8146213fdf6ac2df4a25a542cbd809689a5642954f2097e037a 93b749082651d7fc0b3caa9df81bad7617b3bd4475de58acfe953dfafc7b3987

FINTEAM_TrojanizedTeamViewerAgainstGovernmentTargets-CheckPointResearch.pdf

Report name	Domains	Hosts	Samples
FINTEAM_TrojanizedTeamViewerAgainstGovernmentTargets-CheckPointResearch.pdf (Click name to open as page)	sdccu.com hitbtc.com doralbank.com bitfinex.com cathaybank.com db.com bankunited.com valleynationalbank.com synovus.com binance.com alipay.com flipkart.com bank.etrade.com fnfg.com usbank.com northwestsavingsbank.com bostonprivate.com pinnaclebancorp.net wilmingtontrust.com hdfcbank.com becu.org bithumb.com mynycb.com capitalone.com guarantygroup.com associatedbank.com citicorp.com okex.com 53.com poloniex.com capfed.com firstcitizens.com kucoin.com etherscan.io easternbank.com thesouthgroup.com firstcitizensonline.com centralpacificbank.com walmart.com bankofindia.co.in frostbank.com payeer.com xapo.com comerica.com cryptonator.com tinydeal.com everbank.com provbank.com bitkonan.com lightinthebox.com pnm.com fnbcorporation.com wbpr.com exchange.btcc.com icicibank.com target.com allcoin.com boi.com.sg upbit.com cbbank.com corusbank.com pacwestbancorp.com oldnational.com english.leumi.co.il ibc.com wish.com jd.com localbitcoins.net big.one bbt.com arvest.com commercebank.com fult.com centralbancompany.com intersys32.com washingtonfederal.com citibank.com firstinterstatebank.com amcore.com huobi.pro bitpay.com greenaddress.it rbs.com umb.com myetherwallet.com nbtbank.com theprivatebank.com bannerbank.com citizensonline.com navyfcu.org bancorpsouthonline.com ncsecu.org firstmerchants.com raymondjames.com websterbank.com korbit.co.kr fcfbank.com c-cex.com bitcoin.com dx.com mercatox.com regions.com bankofindia.uk.com schwab.com ssfcu.org aacreditunion.org pncbank.com research.checkpoint.com rbcbankusa.com huntington.com bitflyer.jp luno.com americafirst.com strongcoin.com ingdirect.com localbitcoins.com santander.com firstrepublic.com penfed.org alliantcreditunion.org mbfinancial.com nypbt.com wex.nz peoples.com firstbanks.com therocktrading.com coinbase.com bankofoklahoma.com suntrust.com bankofamerica.com mufg.jp astoriafederal.com bitstamp.net eastwestbank.com amtrust.com rbs.co.uk exmo.me bfcfinancial.com skrill.com mibank.com communitybankna.com capitolbancorp.com iberiabank.com firstfedca.com sterlingsavingsbank.com firsthorizon.com mfa.gov.kz newalliancebank.com bitcoinpay.com svb.com bittrex.com metlife.com firstbankpr.com wmtransfer.com bitgo.com susquehanna.net moneygram.com okcoin.com ntrs.com ubsi-wv.com flagstar.com payoneer.com umpquabank.com hncbank.com usa.bnpparibas.com zb.com oceanbank.com johnsonbank.com chase.com bestbuy.com jd.id axisbank.com etherdelta.com miniinthebox.co kraken.com golden1.com bankofinternet.com providentnj.com statestreet.com coinone.co.kr ottobremer.org suncoastfcu.org rakuten.com ally.com bnymellon.com parknationalbank.com hudsoncitysavingsbank.com bankamerica.com yobit.net schoolsfirstfcu.org wellsfargo.com hancockbank.com colonialbank.com cex.io lehman.com payza.com gearbest.com bleutrade.com wintrustfinancial.com electrum.org firstmidwest.com thirdfederal.com www.checkpoint.com www4.bmo.com ucbh.com 1c-ru.net banksterling.com unionbankonline.co.in livecoin.net us.hsbc.com westernunion.com pcbancorp.com prosperitybanktx.com fbopcorporation.com ucbi.com anxpro.com hsbc.com banggood.com cnb.com aibgroup.com keybank.com gate.io zionsbank.com boh.com whitneybank.com bancopopular.com natpennbank.com rabobank.com tcfbank.com unionbankofindia.co.in blockchain.info tdbank.com neteller.com exmo.com bbvabancomerusa.com trustmark.com efirstbank.com firstmerit.com	146.0.72.180 185.70.186.145	67d70754c13f4ae3832a5d655ff8ec2c0fb3caa3e50ac9e61ffb1557ef35d6ee 6cc0218d2b93a243721b088f177d8e8f 013e87b874477fcad54ada4fa0a274a2 c6ae889f3bee42cc19a728ba66fa3d99 799ab035023b655506c0d565996579b5 44038b936667f6ce2333af80086f877f 4acf624ad87609d476180ecc4c96c355 1675cdec4c0ff49993a1fcbdfad85e56 4dbe9dbfb53438d9ce410535355cd973 e1167cb7f3735d4edec5f7219cea64ef 1e741ebc08af09edc69f017e170b9852 aad0d93a570e6230f843dcdf20041e1e 72de32fa52cc2fab2b0584c26657820f

NewPython-BasedPayloadMechaFlounderUsedbyChafer.pdf

Report name	Domains	Hosts	Samples
NewPython-BasedPayloadMechaFlounderUsedbyChafer.pdf (Click name to open as page)	cyberthreatalliance.org update.com turkiyeburslari.gov.tr turkiyeburslari.tk eseses.tk ytb.services mgbfv9eh74d.com	134.119.217.87 185.177.59.70	0282b7705f13f9d9811b722f8d7ef8fef907bee2ef00bf8ec89df5e7d96d81ff 332fab21cb0f2f50774fccf94fc7ae905a21b37fe66010dcef6b71c140bb7fa1 1b2fee00d28782076178a63e669d2306c37ba0c417708d4dc1f751765c3f94e1

BabySharkMalwarePartTwo–AttacksContinueUsingKimJongRATandPCRat.pdf

Report name	Domains	Hosts	Samples
BabySharkMalwarePartTwo–AttacksContinueUsingKimJongRATandPCRat.pdf (Click name to open as page)	www.cyberthreatalliance.org	173.248.170.149	75917cc1bd9ecd7ef57b7ef428107778b19f46e8c38c00f1c70efc118cb8aab5 d742aa65c4880f85ae43feebb0781b67 bde663d08d4e2e17940d890ccf2e6e74 daab894b81cc375f0684ae66981b357d f86d05c1d7853c06fc5561f8df19b53506b724a83bb29c69b39f004a0f7f82d8

Fanningtheflames_ViceLeakerOperation_Securelist.pdf

Report name	Domains	Hosts	Samples
Fanningtheflames_ViceLeakerOperation_Securelist.pdf (Click name to open as page)	iliageram.ir	188.165.28.25 185.141.60.21 188.165.49.20	N/A

DarkHydrusdeliversnewTrojanthatcanuseGoogleDriveforC2communications.pdf

Report name	Domains	Hosts	Samples
DarkHydrusdeliversnewTrojanthatcanuseGoogleDriveforC2communications.pdf (Click name to open as page)	akamaiedge.services sharepoint.agency brit.ns.cloudfronts.services corewindows.agency phicdn.world microsoft.services britns.akadns.services ns2.akadns.services 0ffice365.agency 676f6f646c75636b.gogle.co nsatc.agency gogle.co 0ffice365.life 0nedrive.agency skydrive.services 0ffice365.services azureedge.today hotmai1l.com dns.cloudfronts.services tbs1.microsoftonline.services tbs2.microsoftonline.services onedrive.agency msedge.world microsoftonline.agency skydrive.agency live.services	216.58.192.174	4e40f80114e5bd44a762f6066a3e56ccdc0d01ab2a18397ea12e0bc5508215b8 eb33a96726a34dd60b053d3d1048137dffb1bba68a1ad6f56d33f5d6efb12b97 5cc62ad6baf572dbae925f701526310778f032bb4a54b205bada78b1eb8c479c 513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8 e068c6536bf353abe249ad0464c58fb85d7de25223442dd220d64116dbf1e022 f1b2bc0831445903c0d51b390b1987597009cc0fade009e07d792e8d455f6db0

GlobalDNSHijackingCampaign_DNSRecordManipulationatScale«GlobalDNSHijackingCampaign_DNSRecordManipulationatScale_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
GlobalDNSHijackingCampaign_DNSRecordManipulationatScale«GlobalDNSHijackingCampaign_DNSRecordManipulationatScale_FireEyeInc.pdf (Click name to open as page)	www.victim.com ns1.baddomain.com victim.com ns1.victim.com mail.victim.com reeye.com	N/A	N/A

APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation«APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation«APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

TrackingOceanLotus’newDownloader,KerrDown.pdf

Report name	Domains	Hosts	Samples
TrackingOceanLotus’newDownloader,KerrDown.pdf (Click name to open as page)	videos.dyndns.org mail.fptservice.net ce.com neho.com update.com copedia.com check.homeip.net syn.servebbs.com cortanazone.com browsersyn.com me.com cortanasyn.com check.webhop.org theme.blogsite.org word.webhop.info cortana.homelinux.com ces.net	N/A	7673f5468ba3cf01500f6bb6a19ce7208c8b6fc24f1a3a388eca491bc25cd9cd 9e6011d6380207e2bf5105cde3d48e412db565b92cdc1b3c6aa15bd7bd4b099f 4b431af677041dae3c988fcc901ac8ec6e74c6e1467787bf099c4abd658be5be 89759e56d5c23085e47d2be2ce4ad4484dfdd4204044a78671ed434cec19b693 df8210d20c5eb80d44ba8fa4c41c26c8421dcb20168e4f796e4955e01ebc9e13 5c18c3e6f7ac0d0ac2b5fa9a6435ee90d6bd77995f85bed9e948097891d42ca2 98a5f30699564e6d9f74e737a611246262907b9e91b90348f7de53eb4cf32665 860f165c2240f2a83eb30c412755e5a025e25961ce4633683f5bc22f6a24ddb6 68f77119eae5e9d2404376f2d87e71e4ab554c026e362c57313e5881005ae79e 4a0309d8043e8acd7cb5c7cfca95223afe9c15a1c34578643b49ded4b786506b f2a2f4fa2ed5b2a94720a4661937da97ab21aa198a5f8c83bb6895aa2c398d22 4e791f2511c9bd3c63c8e37aa6625d8b590054de9e1cca13a7be2630bc2af9ce d3ef6643ad529d43a7ec313b52c8396dc52c4daad688360eb207ee91a1caf7b2 7dbb7fab4782f5e3b0c416c05114f2a51f12643805d5f3d0cd80d32272f2731a ead0f3e6f0ca16b283f09526d09e8e8cba687dab642f0e102e5487cb565bf475 5da565080a52126e0e6a62869157dfe3 94fab926b73a6a5bc71d655c8d611b40e80464da9f1134bfce7b930e23e273ab 539e8a53db3f858914cfe0d2132f11de34a691391ba71673a8b1e61367a963c7 a106e0a6b7cc30b161e5ea0b1ec0f28ab89c2e1eb7ba2d5d409ddbabc3b037e6 868ed69533fac80354a101410d3dd0a66f444385c6611cc85c5b0be49db2d6fd 8bf22202e4fd4c005afde2266413cba9d1b749b1a2d75deac0c35728b5eb3af8 4bc00f7d638e042da764e8648c03c0db46700599dd4f08d117e3e9e8b538519b 8d6e31c95d649c08cdc2f82085298173d03c03afe02f0dacb66dd3560149184f 6245b74b1cc830ed95cb630192c704da66600b90a331d9e6db70210acb6c7dfa 6faa7deb1e1e0c3a7c62c2bb0ecdfa56b6e3ba4fe16971ec4572267ac70b9177 caabc45e59820a4349db13f337063eddede8a0847ae313d89a800f241d8556c8 f62f21ee7e642f272b881827b45ceb643c999a742e1d3eac13d1ba014d1e7f67 4e2f8f104e6cd07508c5b7d49737a1db5eeba910adfdb4c19442a7699dc78cfc a4a066341b4172d2cb752de4b938bf678ceb627ecb72594730b78bd05a2fad9d 73dcbcc47d6bd95dcf031ebbd34ac42301a20ee1143ac130b405e79b4ba40fc8 7ec77e643d8d7cc18cc67c123feceed91d10db1cc9fa0c49164cba35bb1da987 e3c818052237bb4bb061290ab5e2a55c3852c8a3fef16436b1197e8b17de2e18 77805a46f73e118ae2428f8c22ba28f79f7c60aeb6305d41c0bf3ebb9ce70f94 bb25f1a73d095d57b2c8c9ac6780e4d412ddf3d9eef84a54903cc8e4eaefc335 5f0db8216314da1f128b883b918e5ac722202a2ae0c4d0bf1c5da5914a66778e a2b905c26e2b92e63de85d83e280249258cb21f300d8c4a3a6bdb488676e9bcf 89e19df797481ae2d2c895bcf030fe19e581976d2aef90c89bd6b3408579bfc3 f9f0973dc74716b75291f5a9b2d59b08500882563011d1def2b8d0b1b9bbb8ae a4a86e96f95f395fcf0ceb6a74a2564f4ba7adbe1b40cc702b054427327a0399 6010d44cdca58cdec4559040e08798e7b28b9434bda940da0a670c93c84e33cd c30198e0b0e470d4ac8821bd14bb754466e7974f1c20be8b300961e9e89ed1ea f011a136996fa53fdbde944da0908da446b9532307a35c44ed08241b5e602cc9

ShiftingintheWind_WINDSHIFTAttacksTargetMiddleEasternGovernments.pdf

Report name	Domains	Hosts	Samples
ShiftingintheWind_WINDSHIFTAttacksTargetMiddleEasternGovernments.pdf (Click name to open as page)	string2me.com www.cyberthreatalliance.org domforworld.com ux2key.com	185.25.50.189	N/A

DNSTunnelingintheWild_OverviewofOilRig’sDNSTunneling.pdf

Report name	Domains	Hosts	Samples
DNSTunnelingintheWild_OverviewofOilRig’sDNSTunneling.pdf (Click name to open as page)	acrobatverify.com go0gie.com prosalar.com frog.club www.cyberthreatalliance.org withyourface.com ntpupdateserver.com	35.35.35.35 11.24.237.110 99.250.250.199 24.125.0.1 33.33.97.97 36.37.94.33 33.33.94.94	52366b9ab2eb1d77ca6719a40f4779eb302dca97a832bd447abf10512dc51ed9 d808f3109822c185f1d8e1bf7ef7781c219dc56f5906478651748f0ace489d34 e52b8b0e8225befec156b355b3022faf5617542b82aa54f9f42088aa05a4ec49 1b2fee00d28782076178a63e669d2306c37ba0c417708d4dc1f751765c3f94e1 a9f1375da973b229eb649dc3c07484ae7513032b79665efe78c0e55a6e716821 0ec288ac8c4aa045a45526c2939dbd843391c9c75fa4a3bcc0a6d7dc692fdcd1 662c53e69b66d62a4822e666031fd441bbdfa741e20d4511c6741ec3cb02475f 7cbad6b3f505a199d6766a86b41ed23786bbb99dab9cae6c18936afdc2512f00

CardinalRATSinsAgain,TargetsIsraeliFin-TechFirms.pdf

Report name	Domains	Hosts	Samples
CardinalRATSinsAgain,TargetsIsraeliFin-TechFirms.pdf (Click name to open as page)	www.codeplex.com secure.spotoption.pw wikipeldia.org secure.dropinbox.pw affiliatecollective.club gitlab.com dropinbox.host raw.githubusercontent.com www.digitalpoint.com	185.247.211.198 190.10.8.238 193.22.96.98 185.20.187.4 193.22.98.182 193.22.99.168 127.194.73.243 127.194.87.192	101af6fdb990e5e9584382a65f5cee7efd9e89c38e928beca18419bdf70ef076 ca8af85f7eed79a73984b2dccd3dd2148865dfed7a009842be7372e6ce18037f dfa041f6cbe9d83cdaaed90466693efca33729c99fa43b29ab8e44bb27eb0a6b 267b1df7bc64c1b93b604d964f52801733fdd43efaf7742810b9277f00ad17ff 778090182a10fde1b4c1571d1e853e123f6ab1682e17dabe2e83468b518c01df edc49bf7ec508becb088d5082c78d360f1a7cad520f6de6d8b93759b67aac305 e49e61da52430011f1a22084a601cc08005865fe9a76abf503a4a9d2e11a5450 1977cedcfb8726dea5e915b47e1479256674551bc0fe0b55ddd3fa3b15eb82b2 6ecd376cdc182bf157e59d500da6092891e6cd9a61305214e462d6e990e6e834 f027735c3db77e67cf7bada8862ddbb0d85a2caacbb4b2825e4acdfa863a14c9 9c47b2af8b8c5f3c25f237dcc375b41835904f7cd99221c7489fb3563c34c9ab 448c33094322b200c53ff016fec29469b3e52def359430113115cc70d7f28704 75ca794f265ebad84954f13480e0e31c17048d21c4b52e949864c951437d0c2c 440504899b7af6f352cfaad6cdef1642c66927ecce0cf2f7e65d563a78be1b29 7482f8c86b63ce53edcb62fc2ff2dd8e584e2164451ae0c6f2b1f4d6d0cb6d9c 96067fc9b137ceecab2ff29ac56ff6897a7c73657ace7c40d70b7c1ebaaccf39 f4f52c45ca3d4d4ce33981f660d23e8df4a9c0e345fdd6429d8b46f6c0528c38 d7996ac876fa0ece281e49e7955dfbbf4ef1239b1ee63a0e21d6c4ed4b7c6559 f75883ff35104a032dd047ca39d35ec98601c76aa02f58ad655df6deaadecb55 fd61a5cd1a83f68b75d47c8b6041f8640e47510925caee8176d5d81afac29134 0afec067628e901f7151861b0924ffb1909d21a707177b1e6cf2c8d491bb1a60 b742162197744a8caeb09f954213a3172ed699f8375f69c40b57b8c219c5e37c 137f9265cba1101ae5d63b94c6ad1b47c7d02f0ab4f54a1af3169422791790cf d562f01384b1d215758227fb2c165ed633fe9997096613fed8ce3bdf8963e4fd 82017e34c232e05094c2bbed2e62f6b55c1ed8f645803784cac791cc4690beaf 98200955db80cb5835158320ba94b2b55bc7028ea988b75f02adee3df40793f3 fdee357557a69d3dfa629d0cbd585d9c5dadc526dfb424af56c8edcc7a67d556 b4632dcf0b23467970ee7e0844e7c8a931dc3a0f549c0aa5e40e41c1b5b31fdc 4e953ea82b0406a5b95e31554628ad6821b1d91e9ada0d26179977f227cf01ad 08ce077e8d54db08ede1095d03286146d04e8cbce74ec91a9fc7b9d0a99ddb9f 943cef39e54457fcfa21f5a8ed0f04095c1d4b798453770be5dda5db7d5406ac 16aab89d74c1eaaf1e94028c8ccceef442eb2cd5b052cba3562d2b1b1a3a4ba6 a545288c4d491d510972d583b773f8a0c5dc355942e322cf767d33121c659c1c b01b7a5798f41a5fae54b4189db6f47c6110a0b53a4df32cb7d0f13503c5250c 3ec85a019a480114856d3022961d7a55c1ae7cfa81b0073b2c1abcf99e0e541f 97c97ad2baef37eea023549131c192f441aa7976747166cd31095e7dad17948c 9e6671a8af28e0ab6c37c044d85a2406b665a171ae3bef46f3e90d06e33027ae 0fabc65c316e8d84493d07cd39bfdd59481af9f9a7ebc9103693f1788438a438 1e8ed6e8d0b6fc47d8176c874ed40fb09644c058042f34d987878fa644f493cc a05805bcec72fb76b997c456e0fd6c4b219fdc51cad70d4a58c16b0b0e2d9ba1 8db0118d4bbc10efd0fd6733d987ddeee7afc6c3ebe4ee1157ae9243aba362d9 571b58ba655463705f45d2541f0fde049c83389a69552f98e41ece734a59f8d4 dab228c236d48fa1660bcec59e17e5004726741a85b0fbeef8300f29927c32d9 8bea55d2e35a2281ed71a59f1feb4c1cf6af1c053a94781c033a94d8e4c853e5 ebd4f45cbb272bcc4954cf1bd0a5b8802a6e501688f2a1abdb6143ba616aea82 057965e8b6638f0264d89872e80366b23255f1a0a30fd4efb7884c71b4104235 0304674e9876530dfbea5a9b4fec7b98 8d8ccaf5a241112d173147b6b08ad5b7953c940ff5928e3046781c1e58a9c73a 65b726aab53920c497f83eb1f3cbd6b7dbfc2074aab6761b7485aa98f2df139a 4045950ffa263b92774e92ab36b3ec52bf18f1c133b8d155819629d2ad4b3d1c 75996bbfcd2b343523ed79476f9516cc7d2b041c43841e5e735db4f22ae970c3 211b7b7a4c4a07b9c65fae361570dbb94666e26f0cc0fa0b32df4b09fcee6de2 508e25a0e729824f06f4960b635600acf3cab87ebb87854d1989ff0ba2f03e78 84f822d9cf575aeea867e9b73f88ad4d9244293e52208644e12ff2cf13b6b537 2247c528fc1b90b725d857cc5d45572e864c6c4948100458774f0ef6a8f11403 c2d944a939bdc810d603149c0685f0bcb55a84d1f3a6ea33e9debe893fd0a8dd a52ba498d304906d6c060e8c56ad7db50e1af0a781616c0aa35447c50c28bae9 ca2a01792873233693e17fe51c4c86c05d07e31f9b579ab0444dd89733633532 66f43e57648f01ea5f8d0d152db1df90c764eebeb701403936a15c47e2965353 192b204dbc702d3762c953544975b61db8347a7739c6d8884bb4594bd816bf91 dd8fe0e27bf798cace40ac0d58b833ba3bbf16d80175296601585ed1964465ec 78e2929e5dae8677f9db3aa7eaa96ad584c872343698e18f85349a027328b3ea 02e85f39adf8613fd1be610e4e76f4fac08949f2e0198e8cf89a7c3a17cdd6d9 bee6c5a506d6fb2cc129443c74b7676fbb9a79b53b92b2cac4c7fb8209592714 cbcb627ff2220ed269aaa58203e7e89f1988210073d35f5f4019f8ecfd012f81 6272ed2a9b69509ac16162158729762d30f9ca06146a1828ae17afedd5c243ef 5dcec8a061195bd4a2c3e96afecc48b1f0143b6ac4644c518ed8a923d2dcbe21 e5e172cd93e97480a9982f821c8f1bdf9756803a3fb8a1a7a39e262cda192cb6 a1d5b7d69d85b1be31d9e1cb0686094cc7b1213079b2a66ace01be4bfe3fb7c3 e017651dd9e9419a7f1714f8f2cdc3d8e75aebbe6d3cfbb2de3f042f39aec3bd 4fde64e9391d36aaff700ce0be3df9e7e6303b6de114332286de694af33dd7da 5dd162ab66f0c819ee73868c26ecd82408422e2b6366805631eab95ae32516f3 00f93492edb3274f71686fa469f6c9031a94292a2776c623a1596f710bf4eaa1 0716f3f9cb0dead0c1f156a07adfeb3e0d72e4ea4af7b67238fae3e1ae670f90 bae230d6a988723b33158bbeef4ab90b1bff7b521fed9cab0c5e1f5b69a01de5 5909b5999d3998f578a3acb4bf85e0b3fde102c417c40b6beed0dd3b8ceb51bf 7220e659d59491db50661c54762b49bf6976acbeb723b5d59abde48301c86228 2016766acaeb1b89415fb6ef03f6ee815b8fe76b8955a6a41d2bbb28dfa74c28 06151c14153e983ae7ab793c7cd0e5ac3faf8e200894955b02e1191429eff29a 0438becfd66d728778f47d734d2f0bc4d1462d945cf4b6dde9fbf627eb0bb02d 8fababb509ad8230e4d6fa1e6403602a97e60dc8ef517016f86195143cf50f4e 855cf3a6422b0bf680d505720fd07c396508f67518670b493dba902c3c2e5dfa 154e3a12404202fd25e29e754ff78703d4edd7da73cb4c283c9910fd526d47db 427b635915e0fe313ce58175faa1cc240ae26183fb88d05864bc20ef6d87aca3 5025aa0fc6d4ac6daa2d9a6452263dcc20d6906149fc0995d458ed38e7e57b61 ae1a6c4f917772100e3a5dc1fab7de4a277876a6e626da114baf8179b13b0031 d5d885734969641f43c64edf9788837df0d3452413a7ef835f8910d56c60c91c fb63acfda1730132dbfbf1d46834d771156aac3f7c8e97ea136ca6edbe811fad 0097dd7676b810bd0c1c70d8c86604c830e1e8e88f6a13c3869747faba381076 1181f97071d8f96f9cdfb0f39b697204413cc0a715aa4935fe8964209289b331 fc5f7a21d953c394968647df6a37e1f61db04968ad1aca65ad8f261b363fa842 10f53502922bf837900935892fb1da28fc712848471bf4afcdd08440d3bd037f ea581e8e625a3748da9663414182d1b99f9c5ddb0b9db2fbf1059a28c69cc10c 84e705341a48c8c6552a7d3dd97b7cd968d2a9bc281a70c287df70813f5dca52 a2dfe3a5a1e999af7f1920d28e05d8b0ce66c6e8b2947177878862ce1f870b17 9a2491d803407b8696d6b797f8b90d728a8db3583bf4c2977cbeef8be0eb7249 66f38591e8c80bb26623b0e6be5ab976fdf745c2afa020c7d98e2814960b5961 2167d393ec89ec0c6e2d7557a7ad22aa1953dd8082f599bee14977c25a128cce 43fb0b13f9872a54f91a7bf202b23a8a16de99d054a83ed08b9ea97f9e2675e8 28e9e0fcc6899db7a16315d3dca38b6166ba318f8ca07b422ebadaab209b589b 4b0203492a95257707a86992e84b5085ce9e11810a26920dbb085005081e32d3 06f1348c8a2ffab67627556075ddcad92998526d4d3802b9c2357d169531825f 0212334200668ac64cb63fc1a4f4ea17e956f6928a2211c945c2e07f1b25a3ef f9bccd349cf841d0f25e81d80a1b4bf73dd960a1f3aa71029a18e36480c80392 ae8fb2f138981f10092761768428fb312e3e49bc23d5b610e3127c1a387aede8 5e60f17396e2ddfce8e60c964056d63cc3b17646c31b4a4f934c2d1fb4f5ba71 6e2991e02d3cf17d77173d50cdaa766661a89721c3cc4050fba98bea0dbdb1a9 7f0c5e2850d10d4bf129e0d290010bedff44a0f506d92de79ef6d69fd78487e3 997de4372efd576cdb55188a06e4699660a29c37e285e23cdd8a1a9585e6e789 2fbd3d2362acd1c8f0963b48d01f94c7a07aeac52d23415d0498c8c9e23554db 5665527ce54ed1a79ddb8e3c10499ac0b7af5c79a8cf5a37448baccbf6dba09f 647e379517fed71682423b0192da453ec1d61a633c154fdd55bab762bcc404f3 64a9bdf4ff33e8f2e74dc16d7dce0f392aa130ff9b99458778fd25d9aadff381 20fec2d1824b585aa558b7cf9e9980acd665736ce9f7a124507cf46afb30c79f 985d893426373d4e71386d731e5bc44c1c2ac93e0920dddeb4380929af43dfcb 268c3c9a98f2a15aaab9b0488225b0ba4e3d35efa30f6fed9052ffd31042bd7b 4b4c6b36938c3de0623feb92c0e1cb399d2dc338d2095b8ba84e862ef6d11772 85f1053041ef7af8a1c3d941e18de21e7adc24537863063d127bab8a8d2dc64b

ProjectTajMahal–anewsophisticatedAPTframework_Securelist.pdf

Report name	Domains	Hosts	Samples
ProjectTajMahal–anewsophisticatedAPTframework_Securelist.pdf (Click name to open as page)	rahasn.homewealth.biz rahasn.webhop.org rahasn.akamake.net freeimage.sourceforge.net	50.56.240.153	9c115e9a81d25f9d88e7aaa4313d9a8f df91b86189adb0a11c47ce2405878fa1 0e9afd3a870906ebf34a0b66d8b07435 9003cfaac523e94d5479dc6a10575e60 92f8e3f0f1f7cc49fad797a62a169acd 81229c1e272218eeda14892fa8425883 7bfbd72441e1f2ed48fbc0f33be00f24 490a140093b5870a47edc29f33542fd2 36db24006e2b492cafb75f2663f241b2 a43d3b31575846fa4c3992b4143a06da 7bfba2c69bed6b160261bdbf2b826401 cacaa3bf3b2801956318251db5e90f3c e17bd40f5b5005f4a0c61f9e79a9d8c2 4e39620afca6f60bb30e031ddc5a4330 b9c208ea8115232bfd9ec2c62f32d6b8 2317d65da4639f4246de200650a70753 bfe3f6a79cad5b9c642bb56f8037c43b 16ab79fb2fd92db0b1f38bedb2f02ed8 533340c54bd25256873b3dca34d7f74e b4e67706103c3b8ee148394ebee3f268 320b2f1d9551b5d1df4fb19bd9ab253a fc53f2cd780cd3a01a4299b8445f8511 7c733607a0932b1b9a9e27cd6ab55fe0 3a771efb7ba2cd0df247ab570e1408b2 84730a6e426fbd3cf6b821c59674c8a0 80c37e062aa4c94697f287352acf2e9d 1aadf739782afcae6d1c3e4d1f315cbd 061089d8cb0ca58e660ce2e433a689b3 99828721ac1a0e32e4582c3f615d6e57 cdb303f61a47720c7a8c5086e6b2a743 8035a8a143765551ca7db4bc5efb5dfd f559c87b4a14a4be1bd84df6553aaf56 72dc98449b45a7f1ccdef27d51e31e91 d8f1356bebda9e77f480a6a60eab36bb 520ee02668a1c7b7c262708e12b1ba6b ce8ce92fb6565181572dce00d69c24f8 0969b2b399a8d4cd2d751824d0d842b4 51a7068640af42c3a7c1b94f1c11ab9d d5377dc1821c935302c065ad8432c0d2 6cfd131fef548fcd60fbcdb59317df8e 69a19abf5ba56ee07cdd3425b07cf8bf 77a745b07d9c453650dd7f683b02b3ed 3d75c72144d873b3c1c4977fbafe9184 684eca6b62d69ce899a3ec3bb04d0a5b 9ad6fa6fdedb2df8055b3d30bd6f64f1 04078ef95a70a04e95bda06cc7bec3fa 08e82dc7bae524884b7dc2134942aadb a571660c9cf1696a2f4689b2007a12c7 3dfebce4703f30eed713d795b90538b5 7d5265e814843b24fcb3787768129040 412956675fbc3f8c51f438c1abc100eb 815f1f8a7bc1e6f94cb5c416e381a110 c0e72eb4c9f897410c795c1b360090ef 27612cb03c89158225ca201721ea1aad c1e7850da5604e081b9647b58248d7e8 9793afcea43110610757bd3b800de517 d9e9f22988d43d73d79db6ee178d70a4 2a6f7ec77ab6bd4297e7b15ae06e2e61 21feb6aa15e02bb0cddbd544605aabad 7bcd736a2394fc49f3e27b3987cce640 b9cf4301b7b186a75e82a04e87b30fe4

NewBabySharkMalwareTargetsU.S.NationalSecurityThinkTanks.pdf

Report name	Domains	Hosts	Samples
NewBabySharkMalwareTargetsU.S.NationalSecurityThinkTanks.pdf (Click name to open as page)	tdalpacafarm.com cyberthreatalliance.org	N/A	6f76a8e16908ba2d576cf0e8cdb70114dcb70e0f7223be10aab3a728dc65c41c 2b6dc1a826a4d5d5de5a30b458e6ed995a4cfb9cad8114d1197541a86905d60e 1334c087390fb946c894c1863dfc9f0a659f594a3d6307fb48f24c30a23e0fc0 8ef4bc09a9534910617834457114b9217cac9cb33ae22b37889040cde4cabea6 94a09aff59c0c27d1049509032d5ba05e9285fd522eb20b033b8188e0fee4ff0 331d17dbe4ee61d8f2c91d7e4af17fb38102003663872223efaa4a15099554d7 7b77112ac7cbb7193bcd891ce48ab2acff35e4f8d523980dff834cb42eaffafa 9d842c9c269345cd3b2a9ce7d338a03ffbf3765661f1ee6d5e178f40d409c3f8 66439f0e377bbe8cda3e516e801a86c64688e7c3dde0287b1bfb298a5bdbc2a2 0c8f17b2130addebcb2ca75bd7a982e37ddcc49d dc425e93e83fe02da9c76b56f6fd286eace282eaad6d8d497e17b3ec4059020a

OperationShadowHammer_AHighProfileSupplyChainAttack_Securelist.pdf

Report name	Domains	Hosts	Samples
OperationShadowHammer_AHighProfileSupplyChainAttack_Securelist.pdf (Click name to open as page)	konkuk.ac.kr nw.infestexe.com	23.236.77.175 117.16.142.9 23.236.77.177 23.236.79.255	1b95ac1443eb486924ac4d399371397c a76a1fbfd45ad562e815668972267c70 e8db4206c2c12df7f61118173be22c89 88777aacd5f16599547926a4c9202862 95b6adbcef914a4df092f4294473252f 6ab5386b5ad294fc6ec4d5e47c9c2470 c778fc8e816061420c537db2617e0297 abbb53e1b60ab7044dd379cf80042660 a96226b8c5599e3391c7b111860dd654 86a4cac227078b9c95c560c8f0370bf0 4fb4c6da73a0a380c6797e9640d7fa00 a17cb9df43b31bd3dad620559d434e53 915086d90596eb5903bcd5b02fd97e3e 1e091d725b72aed432a03a505b8d617e b044cd0f6aae371acf2e349ef78ab39e 0e1cc8693478d84e0c5e9edb2dc8555c 05eacf843b716294ea759823d8f4ab23 98908ce6f80ecc48628c8d2bf5b2a50c b572925a7286355ac9ebb12a9fc0cc79 a283d5dea22e061c4ab721959e8f4a24 322cb39bc049aa69136925137906d855 f2f879989d967e03b9ea0938399464ab 4b8d5ae0ad5750233dc1589828da130b 0f49621b06f2cdaac8850c6e9581a594 cdb0a09067877f30189811c7aea3f253 8baa46d0e0faa2c6a3f20aeda2556b18 06c19cd73471f0db027ab9eb85edc607 f4edc757e9917243ce513f22d0ccacf2 5eed18254d797ccea62d5b74d96b6795 807d86da63f0db1fc746d1f0b05bc357 d07e6abebcf1f2119622c60ad0acf4fa eb37c75369046fb1076450b3c34fb8ab 092ae9ce61f6575344c424967bd79437 36dd195269979e01a29e37c488928497 a9c750b7a3bbf975e69ef78850af0163 55a7aa5f0e52ba4d78c145811c830107 128cecc59c91c0d0574bc1075fe7cb40 63f2fe96de336b6097806b22b5ab941a 6cf305a34a71b40c60722b2b47689220 63606c861a63a8c60edcd80923b18f96 aafe680feae55bb6226ece175282f068 5d40e86b09e6fe1dedbc87457a086d95 b042bc851cafd77e471fa0d90a082043 f0ba34be0486037913e005605301f3ce 1b8d2459d4441b8f4a691aec18d08751 ef43b55353a34be9e93160bb1768b1a6 ecf865c95a9bec46aa9b97060c0e317d e7dcfa8e75b0437975ce0b2cb123dc7b 7d9d29c1c03461608bcab930fef2f568 943db472b4fd0c43428bfc6542d11913 aa15eb28292321b586c27d8401703494 37e100dd8b2ad8b301b130c2bca3f1ea 02385ea5f8463a2845bfe362c6c659fa 5220c683de5b01a70487dac2440e0ecb de721e2f055f1b203ab561dda4377bab dd792f9185860e1464b4346254b2101b 1a0752f14f89891655d746c07da4de01 b96bd0bda90d3f28d3aa5a40816695ed fb1473e5423c8b82eb0e1a40a8baa118 5855ce7c4a3167f0e006310eb1c76313 5b6cd0a85996a7d47a8e9f8011d4ad3f dc15e578401ad9b8f72c4d60b79fdf0f abbd7c949985748c353da68de9448538 343ad9d459f4154d0d2de577519fb2d3 eac3e3ece94bc84e922ec077efb15edd fa96e56e7c26515875214eec743d2db5 8ef2d715f3a0a3d3ebc989b191682017 8505484efde6a1009f90fa02ca42f011 04fb0ccf3ef309b1cd587f609ab0e81e ea3b7770018a20fc7c4541c39ea271af d4c4813b21556dd478315734e1c7ae54 b257f366a9f5a065130d4dc99152ee10 87a8930e88e9564a30288572b54faa46 53886c6ebd47a251f11b44869f67163d dca86d2a9eb6dc53f549860f103486a9 1d05380f3425d54e4ddfc4bacc21d90e 3c0a0e95ccedaaafb4b3f6fd514fd087 aac57bac5f849585ba265a6cd35fde67 8578f0c7b0a14f129cc66ee236c58050 c0116d877d048b1ba87c0de6fd7c3fb2 849a2b0dc80aeca3d175c139efe5221c b4abe604916c04fe3dd8b9cb3d501d3f 6f8f43b6643fc36bae2e15025d533a1d53291b8a fcfab508663d9ce519b51f767e902806 d1ed421779c31df2a059fe0f91c24721 6186b317c8b6a9da3ca4c166e68883ea 8756bafa7f0a9764311d52bc792009f9 496c224d10e1b39a22967a331f7de0a2

menuPassPlaybookandIOCs.pdf

Report name	Domains	Hosts	Samples
menuPassPlaybookandIOCs.pdf (Click name to open as page)	N/A	N/A	N/A

Zebrocy’sMultilanguageMalwareSalad_Securelist.pdf

Report name	Domains	Hosts	Samples
Zebrocy’sMultilanguageMalwareSalad_Securelist.pdf (Click name to open as page)	raveston.com rammatica.com	N/A	N/A

TRITONActorTTPProfile,CustomAttackTools,Detections,andATT&CKMapping«TRITONActorTTPProfile,CustomAttackTools,Detections,andATT&CKMapping_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
TRITONActorTTPProfile,CustomAttackTools,Detections,andATT&CKMapping«TRITONActorTTPProfile,CustomAttackTools,Detections,andATT&CKMapping_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

China-BasedAPTMustangPandaTargetsMinorityGroups,PublicandPrivateSectorOrganizations.pdf

Report name	Domains	Hosts	Samples
China-BasedAPTMustangPandaTargetsMinorityGroups,PublicandPrivateSectorOrganizations.pdf (Click name to open as page)	adobephotostage.com olk4.com forum.anomali.com ui.threatstream.com www.britannica.com apple-net.com update.olk4.com www.globalsecurity.org www.china-zentrum.de www.latimes.com wbemsystem.com www.anomali.com infosecvn.com www.mmpeacemonitor.org www.cab-sec.com yahoorealtors.com ceproduces.com geocities.jp digitallibrary.un.org www.everyculture.com web.adobephotostage.com airdndvn.com www.wbemsystem.com www.uscc.gov www.un.org.vn	167.88.180.148 167.88.177.224 162.255.119.150 185.239.226.19 198.54.117.198 198.54.117.199 45.248.87.14 198.54.117.197 167.88.180.15 167.88.178.24 198.54.117.200 184.168.221.94 184.168.221.71 167.88.178.118 154.221.24.47 45.32.50.150 149.28.74.149 185.239.226.61 45.77.184.12 167.88.180.3 91.195.240.117 184.168.221.82 149.28.74.41 43.254.217.67	5f094cb3b92524fced2731c57d305e78 4fe276edc21ec5f2540c2babd81c8653 9b39e1f72cf4acffd45f45f08483abf0 748de2b2aa1fa23fa5996f287437af1b 01d74e6d9f77d5202e7218fa524226c4 aa115f20472e78a068c1bbf739c443bf 9a180107efb15a00e64db3ce6394328d ca775717d000888a7f71a5907b9c9208 165f8683681a4b136be1f9d6ea7f00ce 08f25a641e8361495a415c763fbb9b71 9ff1d3af1f39a37c0dc4ceeb18cc37dc cf56ee00be8ca49d150d85dcb6d2f336 6198d625ada7389aac276731cdebb500 43067f28dc5208d4a070cf3cc92e29fb 11adda734fc67b9cfdf61396de984559 f62dfc4999d624d01e94b89946ec1036 05cf906b750eb335125695da42f4eafc

TrackingOceanLotus’newDownloader,KerrDown.pdf

Report name	Domains	Hosts	Samples
TrackingOceanLotus’newDownloader,KerrDown.pdf (Click name to open as page)	videos.dyndns.org mail.fptservice.net ce.com neho.com update.com copedia.com check.homeip.net syn.servebbs.com cortanazone.com browsersyn.com me.com cortanasyn.com check.webhop.org theme.blogsite.org word.webhop.info cortana.homelinux.com ces.net	N/A	7673f5468ba3cf01500f6bb6a19ce7208c8b6fc24f1a3a388eca491bc25cd9cd 9e6011d6380207e2bf5105cde3d48e412db565b92cdc1b3c6aa15bd7bd4b099f 4b431af677041dae3c988fcc901ac8ec6e74c6e1467787bf099c4abd658be5be 89759e56d5c23085e47d2be2ce4ad4484dfdd4204044a78671ed434cec19b693 df8210d20c5eb80d44ba8fa4c41c26c8421dcb20168e4f796e4955e01ebc9e13 5c18c3e6f7ac0d0ac2b5fa9a6435ee90d6bd77995f85bed9e948097891d42ca2 98a5f30699564e6d9f74e737a611246262907b9e91b90348f7de53eb4cf32665 860f165c2240f2a83eb30c412755e5a025e25961ce4633683f5bc22f6a24ddb6 68f77119eae5e9d2404376f2d87e71e4ab554c026e362c57313e5881005ae79e 4a0309d8043e8acd7cb5c7cfca95223afe9c15a1c34578643b49ded4b786506b f2a2f4fa2ed5b2a94720a4661937da97ab21aa198a5f8c83bb6895aa2c398d22 4e791f2511c9bd3c63c8e37aa6625d8b590054de9e1cca13a7be2630bc2af9ce d3ef6643ad529d43a7ec313b52c8396dc52c4daad688360eb207ee91a1caf7b2 7dbb7fab4782f5e3b0c416c05114f2a51f12643805d5f3d0cd80d32272f2731a ead0f3e6f0ca16b283f09526d09e8e8cba687dab642f0e102e5487cb565bf475 5da565080a52126e0e6a62869157dfe3 94fab926b73a6a5bc71d655c8d611b40e80464da9f1134bfce7b930e23e273ab 539e8a53db3f858914cfe0d2132f11de34a691391ba71673a8b1e61367a963c7 a106e0a6b7cc30b161e5ea0b1ec0f28ab89c2e1eb7ba2d5d409ddbabc3b037e6 868ed69533fac80354a101410d3dd0a66f444385c6611cc85c5b0be49db2d6fd 8bf22202e4fd4c005afde2266413cba9d1b749b1a2d75deac0c35728b5eb3af8 4bc00f7d638e042da764e8648c03c0db46700599dd4f08d117e3e9e8b538519b 8d6e31c95d649c08cdc2f82085298173d03c03afe02f0dacb66dd3560149184f 6245b74b1cc830ed95cb630192c704da66600b90a331d9e6db70210acb6c7dfa 6faa7deb1e1e0c3a7c62c2bb0ecdfa56b6e3ba4fe16971ec4572267ac70b9177 caabc45e59820a4349db13f337063eddede8a0847ae313d89a800f241d8556c8 f62f21ee7e642f272b881827b45ceb643c999a742e1d3eac13d1ba014d1e7f67 4e2f8f104e6cd07508c5b7d49737a1db5eeba910adfdb4c19442a7699dc78cfc a4a066341b4172d2cb752de4b938bf678ceb627ecb72594730b78bd05a2fad9d 73dcbcc47d6bd95dcf031ebbd34ac42301a20ee1143ac130b405e79b4ba40fc8 7ec77e643d8d7cc18cc67c123feceed91d10db1cc9fa0c49164cba35bb1da987 e3c818052237bb4bb061290ab5e2a55c3852c8a3fef16436b1197e8b17de2e18 77805a46f73e118ae2428f8c22ba28f79f7c60aeb6305d41c0bf3ebb9ce70f94 bb25f1a73d095d57b2c8c9ac6780e4d412ddf3d9eef84a54903cc8e4eaefc335 5f0db8216314da1f128b883b918e5ac722202a2ae0c4d0bf1c5da5914a66778e a2b905c26e2b92e63de85d83e280249258cb21f300d8c4a3a6bdb488676e9bcf 89e19df797481ae2d2c895bcf030fe19e581976d2aef90c89bd6b3408579bfc3 f9f0973dc74716b75291f5a9b2d59b08500882563011d1def2b8d0b1b9bbb8ae a4a86e96f95f395fcf0ceb6a74a2564f4ba7adbe1b40cc702b054427327a0399 6010d44cdca58cdec4559040e08798e7b28b9434bda940da0a670c93c84e33cd c30198e0b0e470d4ac8821bd14bb754466e7974f1c20be8b300961e9e89ed1ea f011a136996fa53fdbde944da0908da446b9532307a35c44ed08241b5e602cc9

Pick-Six_InterceptingaFIN6Intrusion,anActorRecentlyTiedtoRyukandLockerGogaRansomware«Pick-Six_InterceptingaFIN6Intrusion,anActorRecentlyTiedtoRyukandLockerGogaRansomware_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
Pick-Six_InterceptingaFIN6Intrusion,anActorRecentlyTiedtoRyukandLockerGogaRansomware«Pick-Six_InterceptingaFIN6Intrusion,anActorRecentlyTiedtoRyukandLockerGogaRansomware_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinktoSo-CalledLuhanskPeople'sRepublic«SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinkto.pdf

Report name	Domains	Hosts	Samples
SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinktoSo-CalledLuhanskPeople'sRepublic«SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinkto.pdf (Click name to open as page)	reeye.com	N/A	N/A

'Twasthenightbefore_Securelist.pdf

Report name	Domains	Hosts	Samples
'Twasthenightbefore_Securelist.pdf (Click name to open as page)	www.taqa.com.sa maps-modon.club scsb.gov.sa modon.club ntg-sa.com 199099.gov.sa go-microstf.com maps.modon.gov.sa taqa.com.sa analytics-google.org mci.com-ho.me ntg.com.sa itworx.com-ho.me mol.com-ho.me moh.com-ho.me	69.87.223.26 45.76.32.252 139.59.46.154 45.32.186.33	d87663ce6a9fc0e8bc8180937b3566b9 3fb33a2747b39a9b1c5c1e41fade595e 623e05dd58d86da76fdfcf9b57032168 c2165155fcba5b737ee70354b5244be3 6946836f2feb98d6e8021af6259a02dd 444c93e736194a01bf3b319e3963d746 b8373f909fa228c2b6e7d69f065f30fb b34fd14105be23480c44cfdf6eb26807 83be35956e5d409306a81e88a1dc89fd ecfc0275c7a73a9c7775130ebca45b74 f4d18316e367a80e1005f38445421b1f fa72c068361c05da65bf2117db76aaa8 bcafe408567557289003c79f745f7713 f9adf73bf1cdd7cd278e5137d966ddd4 9b1a06590b091d300781d8fbee180e75 ce25f1597836c28cf415394fb350ae93 19cea065aa033f5bcfa94a583ae59c08 0ed61b6f1008000c6dfcd3d842b21971 1b5e33e5a244d2d67d7a09c4ccf16e56 638b74a712a7e45efc9bec126b0f2d87 edfc37461fa66716b53333fd7f841a8e 45b0e5a457222455384713905f886bd4 03ea9457bf71d51d8109e737158be888

SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinktoSo-CalledLuhanskPeoplesRepublic«SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinkto.pdf

Report name	Domains	Hosts	Samples
SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinktoSo-CalledLuhanskPeoplesRepublic«SpearPhishingCampaignTargetsUkraineGovernmentandMilitary;InfrastructureRevealsPotentialLinkto.pdf (Click name to open as page)	reeye.com	N/A	N/A

GovernmentSectorinCentralAsiaTargetedWithNewHAWKBALLBackdoorDeliveredviaMicrosoftOfficeVulnerabilities«GovernmentSectorinCentralAsiaTargetedWithNewHAWKBALLBackdoorDeliveredviaMicrosoftOfficeVulnerabilities_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
GovernmentSectorinCentralAsiaTargetedWithNewHAWKBALLBackdoorDeliveredviaMicrosoftOfficeVulnerabilities«GovernmentSectorinCentralAsiaTargetedWithNewHAWKBALLBackdoorDeliveredviaMicrosoftOfficeVulnerabilities_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

FIN7.5_theinfamouscybercrimerig“FIN7”continuesitsactivities_Securelist.pdf

Report name	Domains	Hosts	Samples
FIN7.5_theinfamouscybercrimerig“FIN7”continuesitsactivities_Securelist.pdf (Click name to open as page)	testing-cdn.com realtek-cdn.com cdn-yahooapi.com tw32-cdn.com www.perspectiverisk.com riscomponents.pw digicertweb.com no.org gmail-cdn3.com yahooservices-cdn.com cisco-cdn.com digi-cert.org warmaha.warzonedns.com logitech-cdn.com tain.warzonedns.com instagram-cdn.com digicert-cdn.com msdn-update.com hpservice-cdn.com globaltech-cdn.com geotrusts.com cdn-skype.com itaxkenya.com www.mainnerve.com noreply377.ddns.net booking-cdn.com appleservice-cdn.com trust.org toekie.ddns.net www.dksec.com fr.org www.datatics.com acquisition.org akamaiservice-cdn.com infotrak-research.com infosys-cdn.com servicebing-cdn.com cert.com businessdailyafrica.net www.okiok.com pci-cdn.com googl-analytic.com cdn-googleapi.com k-24tv.com somtelnetworks.com corporate.com reeye.com google-services-s5.com www.synack.com are.com vmware-cdn.com msdn-cdn.com exchange-cdn.com facebook77-cdn.com nlscdn.com sport-pesa.org server.mtcc.me live-cdn2.com mse-cdn.com re.dyndns.org bing-cdn.com secureclientupdate.com cdn.com are-cdn-r5.com	185.162.131.97 91.192.100.62 185.61.138.249 212.8.240.116 168.167.45.162	N/A

GazaCybergangGroup1operationSneakyPastes_Securelist.pdf

Report name	Domains	Hosts	Samples
GazaCybergangGroup1operationSneakyPastes_Securelist.pdf (Click name to open as page)	-loss.dns05.com mmh.ns02.us en.gameoolines.com wikaba.com bit-degree.com testhoward.mysecondarydns.com ramliktest.mynetav.org mailimg.com mooo.com careless-whisper.com time-loss.dns05.com microsoft10.compress.to wiknet.mooo.com dev-point.com dji-msi.2waky.com testmace.compress.to pomf.cat topgamse.com saso10.myftp.biz supports.mefound.com checktest.www1.biz myftp.biz fulltest.yourtrap.com pastebin.com point.co dev-point.co dw.downloadtesting.com upload.cat	185.117.72.190 45.63.97.44 192.169.7.250	f9bcc21fbb40247167c8c85ed6ef56e3 daace673b1f4dfe8a4d3d021c5190483 10dfa690662b9c6db805b95500fc753d cfd2178185c40c9e30aada7e3f667d4b c7f98f890b21c556d16bff55e33c33ab c9cae9026ee2034626e4a43cfdd8b192 cab62bb5f00fe15683c6af760c8e8f7e f330703c07ddd19226a48deba4e8aa08 192dd65864119017aa307be3363e31bb ee3ad5b06dbc6cca7fdc9096697a9b4a 28cacbf64141f50426830b385ab1be4c 8c5f8d1ab7baa9a0764cd5650ddecd8e 221eef8511169c0496bbc79f96e84a4a 342a4d93df060289b2d8362461875905 c90f9c600169cbedbeb23316ea61e214 c2ee081ec3adef4afacab1f326ee50ff bd83269da75741303a19b826c5f9627d e782610bf209e81ecc42ca94b9388580 2ad88ae20d8f4cb2c74cae890feb337a 6b5946e326488a8c8da3aaec2cb6e70f d153ff52ae717d8cf26bef57bdb7867d 98bde191ae6e2f7d8d4166c4b21a27d2 71e462260f45c5e621a5f5c9a5724844 df3f3ad279ca98f947214ffb3c91c514 2358dbb85a29167fa66ee6bf1a7271cd dae24e4d1dfcdd98f63f7de861d95182 d9dbb65a42ffe0575f0e99f7498a593e 1529ae427fe4eb2d9b4c3073b2aa9e10 4f34902c9f458008bae26bfa5c1c00da ccd324df0f606469fca3d1c6ffa951ad 33369afd3042326e964139caba1888d3 535f8ea65969a84a68ceaf88778c6176 ab98768d2440e72f42fcd274806f8d2a da486df0d8e03a220808c3bfa5b40d06 805ca34e94da9615c13d8af48307fb07 838696872f924d28b08aaaa67388202e e8a29c7a6f6c0140152ca8a01e336b37 5db18ab35d29d44dda109f49d1b99f38 e8be9843c372d280a506ac260567bf91 6240c31d9a82dc70a38f78d44a1ee239 62df4bc3738be5ad4892200a1dc6b59a ad1c91bf5e7d1f0aaf2e4efb8fb79ade 55929ff3e67d79f9e1e205ebd38bc494 55d33d9da371fdfe7871f2479621444a fafcc11af99acf1b70997bc4bf36cfc0 9e152a6adcb57d44284af3b6fd0c94c2 e686ffa90b2bfb567547f1c0dad1ae0b b3a472f81f800b32fe6595f44c9bf63b ce5aa4956d4d0d66bed361ddd7db1a3b f30c00e87c7ee27033dc0ac421f3b4f8 2a3aa1d207030d8c7dc3cfc9c2d9f9f1 51a59aec24b5046ec4615728a5b52802

RecentCloudAtlasactivity_Securelist.pdf

Report name	Domains	Hosts	Samples
RecentCloudAtlasactivity_Securelist.pdf (Click name to open as page)	infocentre.gov bk.ru asia.com politician.com mail.ru	176.31.59.232 144.217.174.57	N/A

Platinumisback_Securelist.pdf

Report name	Domains	Hosts	Samples
Platinumisback_Securelist.pdf (Click name to open as page)	N/A	N/A	9179a84643bd6d1c1b8e6fe0d2330dab d1a5801abb9f0dc0a44f19b2208e2b9a 8dfabe7db613bcfc6d9afef4941cd769 d95d939337d789046bbda2083f88a4a0 d1936dc97566625b2bfcab3103c048cb 0668df90c701cd75db2aa43a0481718d 5591704fd870919930e8ae1bd0447706 b22499568d51759cf13bf8c05322dba2 58b10ac25df04a318a19260110d43894 37c76973a55134925c733f4f50108555 c7fda2be17735eeaeb6c56d30fc86215

China-BasedAPTMustangPandaTargetsMinorityGroupsPublicandPrivateSectorOrganizations.pdf

Report name	Domains	Hosts	Samples
China-BasedAPTMustangPandaTargetsMinorityGroupsPublicandPrivateSectorOrganizations.pdf (Click name to open as page)	adobephotostage.com olk4.com forum.anomali.com ui.threatstream.com www.britannica.com apple-net.com update.olk4.com www.globalsecurity.org www.china-zentrum.de www.latimes.com wbemsystem.com www.anomali.com infosecvn.com www.mmpeacemonitor.org www.cab-sec.com yahoorealtors.com ceproduces.com geocities.jp digitallibrary.un.org www.everyculture.com web.adobephotostage.com airdndvn.com www.wbemsystem.com www.uscc.gov www.un.org.vn	167.88.180.148 167.88.177.224 162.255.119.150 185.239.226.19 198.54.117.198 198.54.117.199 45.248.87.14 198.54.117.197 167.88.180.15 167.88.178.24 198.54.117.200 184.168.221.94 184.168.221.71 167.88.178.118 154.221.24.47 45.32.50.150 149.28.74.149 185.239.226.61 45.77.184.12 167.88.180.3 91.195.240.117 184.168.221.82 149.28.74.41 43.254.217.67	5f094cb3b92524fced2731c57d305e78 4fe276edc21ec5f2540c2babd81c8653 9b39e1f72cf4acffd45f45f08483abf0 748de2b2aa1fa23fa5996f287437af1b 01d74e6d9f77d5202e7218fa524226c4 aa115f20472e78a068c1bbf739c443bf 9a180107efb15a00e64db3ce6394328d ca775717d000888a7f71a5907b9c9208 165f8683681a4b136be1f9d6ea7f00ce 08f25a641e8361495a415c763fbb9b71 9ff1d3af1f39a37c0dc4ceeb18cc37dc cf56ee00be8ca49d150d85dcb6d2f336 6198d625ada7389aac276731cdebb500 43067f28dc5208d4a070cf3cc92e29fb 11adda734fc67b9cfdf61396de984559 f62dfc4999d624d01e94b89946ec1036 05cf906b750eb335125695da42f4eafc

DarkHydrusdeliversnewTrojanthatcanuseGoogleDriveforC2communications.pdf

Report name	Domains	Hosts	Samples
DarkHydrusdeliversnewTrojanthatcanuseGoogleDriveforC2communications.pdf (Click name to open as page)	akamaiedge.services sharepoint.agency brit.ns.cloudfronts.services corewindows.agency phicdn.world microsoft.services britns.akadns.services ns2.akadns.services 0ffice365.agency 676f6f646c75636b.gogle.co nsatc.agency gogle.co 0ffice365.life 0nedrive.agency skydrive.services 0ffice365.services azureedge.today hotmai1l.com dns.cloudfronts.services tbs1.microsoftonline.services tbs2.microsoftonline.services onedrive.agency msedge.world microsoftonline.agency skydrive.agency live.services	216.58.192.174	4e40f80114e5bd44a762f6066a3e56ccdc0d01ab2a18397ea12e0bc5508215b8 eb33a96726a34dd60b053d3d1048137dffb1bba68a1ad6f56d33f5d6efb12b97 5cc62ad6baf572dbae925f701526310778f032bb4a54b205bada78b1eb8c479c 513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8 e068c6536bf353abe249ad0464c58fb85d7de25223442dd220d64116dbf1e022 f1b2bc0831445903c0d51b390b1987597009cc0fade009e07d792e8d455f6db0

MultipleChineseThreatGroupsExploitingCVE-2018-0798EquationEditorVulnerabilitySinceLate2018.pdf

Report name	Domains	Hosts	Samples
MultipleChineseThreatGroupsExploitingCVE-2018-0798EquationEditorVulnerabilitySinceLate2018.pdf (Click name to open as page)	dynamic-dns.net vvcxvsdvx.dynamic-dns.net www.anomali.com forum.anomali.com loge.otzo.com ui.threatstream.com rtf2latex2e.sourceforge.net	217.69.8.255 185.234.73.4 185.216.35.11 138.68.133.211	f0424ed16b435f0c7c802f3a17cbd9de 109d51899c832287d7ce1f70b5bd885d e137b95f6149a8639f6d18e286a0a55f 827c7048c269645ce36546c01c01f93f 1690766e844034b3c2ab4f853bd59df7 0764ecc46463fb10952d54515c73e6fc fc47442f175ff7e312a4aa4f5c8745b8 2ef069d0e3bb636d2d969d3e6a4d5039 595e30b0c794f47fd768b24ae9caf210 a37df9b230c9d05210613b3c2916328f 51c35cb62a0ad294979b0645e5aa4376 b82e0ac46f6b812c83a3954038814cce 7b9d386280da1b840f1b32b85ce74278 923d60f3e63c95021f9e99f943fcfbbc 36796fabb76eb946d211a2fcf5820929 f1824bd902251314a4fd5506caced48b e004daf8e09b56940d6ca6e51974498b f34514118eb4689560cd6c0c654f26d9 6bdc73a2fc8506d9e842fc7b7a4123db 29027a6d2a38a9a954c1e1315439baf9 4642e8712c8ada8d56bd36416abb4808 bb7aba40c6fc76291fd1cf2c4c558e9f 264cee1c1854698ef0eb3a141912db40 f333194c19730d6f82ab858210327051 5982ba16356ee8118e4cdbe54d182b11 b2bce665c9bcdf0d3d04dc7ce5e30f79 5271a5ddf476af87c6f833638375c72f 40cfeb699d239652dd4a79c18b1c7366 e228045ef57fb8cc1226b62ada7eee9b af7f59b2b197d454ab8c8a7b0bc371a2 ac0eac22ce12eac9ee15ca03646ed70c 019debaee6fdf9a9f872277563f0d9ee 47353a86ea58df3714870e5755056d97 2868447eebdf897bdd6b7ce2a18f4609 f1dcf1b2376360c9f0c23f1fb9f4355a 0e8d3ae263fae7775ccc744a5c0c4dc1 4e1a65d5877706415e923e076df13f91 84fca27bc75f40194c95534b07838d6c 67682e25939dce4406f55b6c0c741c0e 9ad1dba92734a53489180788a6b21856 853136f00e87a1ab3e2fc3acb309573e b72448af5f58e70c225ab6525126cf8b 6614a8776692c982ad766d23b2a5ea29 21d0f19abd15d65aa755e89e55157ae7 d648c374439cf5fe9df8dc59eb472067 a94db3001c0c3fa3cf40bc7fdf9d21b7 6930bd66a11e30dee1ef4f57287b1318 600e14e4b0035c6f0c6a344d87b6c27f a497426d0f65877947e92a14b8a086af c65b73dde66184bae6ead97afd1b4c4b bcbea5b25356d768fd826e0376268ff5 6d2e6a61eede06fa9d633ce151208831 4eb14eb23d50b4c7ee768038172f9794 a99efd6b4b69c55774a16ae157cd20b9 0827f48e883f5a59f1c4bf70c98dc42a 8408641cfbcdb53e1e6802f07ea32f11 a02712c6cefb532e7928a781fe8d8592 8621ff472360600ec2a6f7d61a66eeb8 8f1ab1f96b8322c9e02d87a431a98823 10348b56b0e3466f9f9fa62bda081c98 31283ad09bc7cf618c32a1c893163891 a5a4046989fa0f99c2076aec3ea0ab2a b3f8abe274cb6a5926bd5c3fc2168997

ChaferusedRemeximalwaretospyonIran-basedforeigndiplomaticentities_Securelist.pdf

Report name	Domains	Hosts	Samples
ChaferusedRemeximalwaretospyonIran-basedforeigndiplomaticentities_Securelist.pdf (Click name to open as page)	N/A	N/A	c981273c32b581de824e1fd66a19a281 7d1efce9c06a310627f47e7d70543aaf 9f313e8ef91ac899a27575bc5af64051 aa6246dc04e9089e366cc57a447fc3a4 12477223678e4a41020e66faebd3dd95 53e035273164f24c200262d61fa374ca 4bf178f778255b6e72a317c2eb8f4103 028515d12e9d59d272a2538045d1f636 b1fa803c19aa9f193b67232c9893ea57574a2055791b3de9f836411ce000ce31 1ff40e79d673461cd33bd8b68f8bb5b8 41b2339950d50cf678c0e5b34e68f537 dcb0ea3a540205ad11f32b67030c1e5a 03055149340b7a1fd218006c98b30482 c6721344af76403e9a7d816502dca1c8 ecae141bb068131108c1cd826c82d88b d3a2b41b1cd953d254c0fc88071e5027 a77f9e441415dbc8a20ad66d4d00ae606faab370

TurlarenewsitsarsenalwithTopinambour_Securelist.pdf

Report name	Domains	Hosts	Samples
TurlarenewsitsarsenalwithTopinambour_Securelist.pdf (Click name to open as page)	N/A	197.168.0.250 197.168.0.98 197.168.0.73 197.168.0.247 197.168.0.243 197.168.0.212	37dc2eb8ee56aeba4dbd4cf46f87ae9a 710f729ab26f058f2dbf08664edb3986 9573f452004b16eabd20fa65a6c2c1c4 3772a34d1b731697e2879bef54967332 2c1e73da56f4da619c4c53b521404874 6acf316fed472300fa50db54fa6f3cbc d967d96ea5d0962e08844d140c2874e0 a80bbd753c07512b31ab04bd5e3324c2 01a8cbd328df18fd49965d68e2879433

Titanium_thePlatinumgroupstrikesagain_Securelist.pdf

Report name	Domains	Hosts	Samples
Titanium_thePlatinumgroupstrikesagain_Securelist.pdf (Click name to open as page)	N/A	70.39.115.196	N/A

SuspectedNorthKoreanCyberEspionageCampaignTargetsMultipleForeignMinistriesandThinkTanks.pdf

Report name	Domains	Hosts	Samples
SuspectedNorthKoreanCyberEspionageCampaignTargetsMultipleForeignMinistriesandThinkTanks.pdf (Click name to open as page)	delegate.int.doc-view.work portalis.diplomatie.gouv.web-line.work mail.mofa.gov.doc-view.work alone-service.work mail.view.doc-view.work login.live.web-line.work onedrive.com.doc-view.work uit.stanford.edu 22doc-view.work mail.mofa.gov.web-line.work doc-view.work hostmaster.doc-view.work ubmail.dirco.gov.doc-view.work login.yahoo.app-support.work support.work forum.anomali.com minner.work login.yalnoo-sec.doc-view.work anomali.com ui.threatstream.com delegefrance.org rive.storage.com login.yahoo-sec.doc-view.work securemail.stanford.doc-view.work onu.delegfrance.org short-line.work accounts.yahoojp.minner.work login.ymail.com-main.work ubmail.dirco.gov.web-line.work drive.google.doc-view.work domainwat.ch fed.be check-up.work rm.work bigwnet.com mail.sec.doc-view.work portalis.diplomatie.gouv.fr login.outlook.short-line.work mail.mofa.go.kr.sub-state.work blog.alyac.co.kr login-history.doc-view.work member-service.work account.googlie.com com-main.work ccounts.outlooks.com login.yahoo.doc-view.work censys.io vip-sina.com.cn yahoo.co.jp brica.de drive.storage.com line.work accounts.lives.com www.anomali.com mail.doc-view.work sub-state.work drog-service.com david.gizmodo.com myaccount.google lh.yahoojp.check-up.work 1drv.ms.web-line.work login.ymail.doc-view.work mail.fed.be.web-line.work myaccounts.google view.work web-line.work www.str8-creative.com mail.preview.doc-view.work login.live.doc-view.work app-support.work accounts.yaoojp.minner.work rusi.org.doc-view.work login.live.com-main.work accounts.outlooks.com login-onedrive.doc-view.work mzv.sk.doc-view.work diplomatie.gouv.fr login.outlook.doc-view.work india.com urlscan.io edit-accounts.ntt drives.google.doc-view.work service.work state.work up.work	157.7.184.15	N/A

SuspectedBITTERAPTContinuesTargetingGovernmentofChinaandChineseOrganizations.pdf

Report name	Domains	Hosts	Samples
SuspectedBITTERAPTContinuesTargetingGovernmentofChinaandChineseOrganizations.pdf (Click name to open as page)	maill.sasac.gov.cn maill.ndrc.gov.cn maill.126.com.cn mail.mfa.gov.cn lidation.vj65rfy785ru76.co ns1.bitcoin-dns.com maill.163.com dns11.warez-host.com forum.anomali.com 7564.jdchjsdy.rthfgyerty33.wangluojiumingjingli.org maill.cnnc.com.cn ui.threatstream.com mailll.mfa.gov.cn rservice.net com.cdaxpropsvc.net umingjingli.org maill.polyauction.com maill.163.com.cn webmail.avic.com winmanagerservice.org host.com www.winmanagerservice.net 6uy687.com cert.360.cn 163.com maill.cgwic.com winmanagerservice.net 126.com webmail.mofcom.gov.cn v3solutions4all.org ngjingli.org maill.ceiec.cn 378rry.com dation.verifay765hgy87.co censys.io service.net ation.verifay768ht7u6h.co wangluojiumingjingli.org www.anomali.com iws.co 67tg6r.com btappclientsvc.net orangewebsite.com svc.net cdaxpropsvc.net www.gmailuserverifyservice.cdaxpropsvc.net ervice.org lidation.bh34567gh67.com validation567fg57f58g6.co maill.mfa.gov.cn ns4all.com mail.v3solutions4all.com maill.catic.cn anagerservice.org dns12.warez-host.com 378et6.com validation7h8k97hnku0j.co ion.verifay783g677hui.com ukhuj78.com mail.btappclientsvc.net urlscan.io tinyurl.com v3solutions4all.com ns2.bitcoin-dns.com h67kjg7it8.com maill.czec.com.cn	162.222.215.96 82.221.129.17 82.221.129.19 82.221.129.18 162.222.215.2 94.156.175.61	137867e159331b7a968aa45050502d13

Pick-Six_InterceptingaFIN6IntrusionanActorRecentlyTiedtoRyukandLockerGogaRansomware«Pick-Six_InterceptingaFIN6IntrusionanActorRecentlyTiedtoRyukandLockerGogaRansomware_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
Pick-Six_InterceptingaFIN6IntrusionanActorRecentlyTiedtoRyukandLockerGogaRansomware«Pick-Six_InterceptingaFIN6IntrusionanActorRecentlyTiedtoRyukandLockerGogaRansomware_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

TrackingOceanLotus’newDownloaderKerrDown.pdf

Report name	Domains	Hosts	Samples
TrackingOceanLotus’newDownloaderKerrDown.pdf (Click name to open as page)	videos.dyndns.org mail.fptservice.net ce.com neho.com update.com copedia.com check.homeip.net syn.servebbs.com cortanazone.com browsersyn.com me.com cortanasyn.com check.webhop.org theme.blogsite.org word.webhop.info cortana.homelinux.com ces.net	N/A	7673f5468ba3cf01500f6bb6a19ce7208c8b6fc24f1a3a388eca491bc25cd9cd 9e6011d6380207e2bf5105cde3d48e412db565b92cdc1b3c6aa15bd7bd4b099f 4b431af677041dae3c988fcc901ac8ec6e74c6e1467787bf099c4abd658be5be 89759e56d5c23085e47d2be2ce4ad4484dfdd4204044a78671ed434cec19b693 df8210d20c5eb80d44ba8fa4c41c26c8421dcb20168e4f796e4955e01ebc9e13 5c18c3e6f7ac0d0ac2b5fa9a6435ee90d6bd77995f85bed9e948097891d42ca2 98a5f30699564e6d9f74e737a611246262907b9e91b90348f7de53eb4cf32665 860f165c2240f2a83eb30c412755e5a025e25961ce4633683f5bc22f6a24ddb6 68f77119eae5e9d2404376f2d87e71e4ab554c026e362c57313e5881005ae79e 4a0309d8043e8acd7cb5c7cfca95223afe9c15a1c34578643b49ded4b786506b f2a2f4fa2ed5b2a94720a4661937da97ab21aa198a5f8c83bb6895aa2c398d22 4e791f2511c9bd3c63c8e37aa6625d8b590054de9e1cca13a7be2630bc2af9ce d3ef6643ad529d43a7ec313b52c8396dc52c4daad688360eb207ee91a1caf7b2 7dbb7fab4782f5e3b0c416c05114f2a51f12643805d5f3d0cd80d32272f2731a ead0f3e6f0ca16b283f09526d09e8e8cba687dab642f0e102e5487cb565bf475 5da565080a52126e0e6a62869157dfe3 94fab926b73a6a5bc71d655c8d611b40e80464da9f1134bfce7b930e23e273ab 539e8a53db3f858914cfe0d2132f11de34a691391ba71673a8b1e61367a963c7 a106e0a6b7cc30b161e5ea0b1ec0f28ab89c2e1eb7ba2d5d409ddbabc3b037e6 868ed69533fac80354a101410d3dd0a66f444385c6611cc85c5b0be49db2d6fd 8bf22202e4fd4c005afde2266413cba9d1b749b1a2d75deac0c35728b5eb3af8 4bc00f7d638e042da764e8648c03c0db46700599dd4f08d117e3e9e8b538519b 8d6e31c95d649c08cdc2f82085298173d03c03afe02f0dacb66dd3560149184f 6245b74b1cc830ed95cb630192c704da66600b90a331d9e6db70210acb6c7dfa 6faa7deb1e1e0c3a7c62c2bb0ecdfa56b6e3ba4fe16971ec4572267ac70b9177 caabc45e59820a4349db13f337063eddede8a0847ae313d89a800f241d8556c8 f62f21ee7e642f272b881827b45ceb643c999a742e1d3eac13d1ba014d1e7f67 4e2f8f104e6cd07508c5b7d49737a1db5eeba910adfdb4c19442a7699dc78cfc a4a066341b4172d2cb752de4b938bf678ceb627ecb72594730b78bd05a2fad9d 73dcbcc47d6bd95dcf031ebbd34ac42301a20ee1143ac130b405e79b4ba40fc8 7ec77e643d8d7cc18cc67c123feceed91d10db1cc9fa0c49164cba35bb1da987 e3c818052237bb4bb061290ab5e2a55c3852c8a3fef16436b1197e8b17de2e18 77805a46f73e118ae2428f8c22ba28f79f7c60aeb6305d41c0bf3ebb9ce70f94 bb25f1a73d095d57b2c8c9ac6780e4d412ddf3d9eef84a54903cc8e4eaefc335 5f0db8216314da1f128b883b918e5ac722202a2ae0c4d0bf1c5da5914a66778e a2b905c26e2b92e63de85d83e280249258cb21f300d8c4a3a6bdb488676e9bcf 89e19df797481ae2d2c895bcf030fe19e581976d2aef90c89bd6b3408579bfc3 f9f0973dc74716b75291f5a9b2d59b08500882563011d1def2b8d0b1b9bbb8ae a4a86e96f95f395fcf0ceb6a74a2564f4ba7adbe1b40cc702b054427327a0399 6010d44cdca58cdec4559040e08798e7b28b9434bda940da0a670c93c84e33cd c30198e0b0e470d4ac8821bd14bb754466e7974f1c20be8b300961e9e89ed1ea f011a136996fa53fdbde944da0908da446b9532307a35c44ed08241b5e602cc9

DNSTunnelingintheWild_OverviewofOilRig’sDNSTunneling.pdf

Report name	Domains	Hosts	Samples
DNSTunnelingintheWild_OverviewofOilRig’sDNSTunneling.pdf (Click name to open as page)	acrobatverify.com go0gie.com prosalar.com frog.club www.cyberthreatalliance.org withyourface.com ntpupdateserver.com	35.35.35.35 11.24.237.110 99.250.250.199 24.125.0.1 33.33.97.97 36.37.94.33 33.33.94.94	52366b9ab2eb1d77ca6719a40f4779eb302dca97a832bd447abf10512dc51ed9 d808f3109822c185f1d8e1bf7ef7781c219dc56f5906478651748f0ace489d34 e52b8b0e8225befec156b355b3022faf5617542b82aa54f9f42088aa05a4ec49 1b2fee00d28782076178a63e669d2306c37ba0c417708d4dc1f751765c3f94e1 a9f1375da973b229eb649dc3c07484ae7513032b79665efe78c0e55a6e716821 0ec288ac8c4aa045a45526c2939dbd843391c9c75fa4a3bcc0a6d7dc692fdcd1 662c53e69b66d62a4822e666031fd441bbdfa741e20d4511c6741ec3cb02475f 7cbad6b3f505a199d6766a86b41ed23786bbb99dab9cae6c18936afdc2512f00

PKPLUG_ChineseCyberEspionageGroupAttackingAsia.pdf

Report name	Domains	Hosts	Samples
PKPLUG_ChineseCyberEspionageGroupAttackingAsia.pdf (Click name to open as page)	yahoomesseges.com queryurl.com www.cyberthreatalliance.org defence.com bodologetee.com cdncool.com ppt.bodologetee.com update.queryurl.com outhmail.com uyghurapps.net logitechwkgame.com warer.com tcpdo.net	N/A	N/A

ShiftingintheWind_WINDSHIFTAttacksTargetMiddleEasternGovernments.pdf

Report name	Domains	Hosts	Samples
ShiftingintheWind_WINDSHIFTAttacksTargetMiddleEasternGovernments.pdf (Click name to open as page)	string2me.com www.cyberthreatalliance.org domforworld.com ux2key.com	185.25.50.189	N/A

COMpfunsuccessorReductorinfectsfilesontheflytocompromiseTLStraffic_Securelist.pdf

Report name	Domains	Hosts	Samples
COMpfunsuccessorReductorinfectsfilesontheflytocompromiseTLStraffic_Securelist.pdf (Click name to open as page)	compfun.net bill-tat.pw adstat.pw	N/A	959eb6c7f45b7c5c761d5b758e65d9ef7ea20cf3 27ce434ad1e240075c48a51722f8e87f 518ab503808e747c5d0dde6bfb54b95a 546f7a565920aeb0021a1d05525ff0b3df51d020 4e02b1b1d32e23975f496d1d1e0eb7a6 f6caa1bfcca872f0cbe2e7346b006ab4 7911f8d717dc9d7a78d99e687a12d7ad a0387665fe7e006b5233c66f6bd5bb9d 9c7e50e7ce36c1b7d8ca2af2082f4cd5 992bace0bc815e43626d59d790cef50907c6ea9b 119b2be9c17d8c7c5ab0fa1a17aaf69082bab21d

GlobalDNSHijackingCampaign_DNSRecordManipulationatScale«GlobalDNSHijackingCampaign_DNSRecordManipulationatScale_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
GlobalDNSHijackingCampaign_DNSRecordManipulationatScale«GlobalDNSHijackingCampaign_DNSRecordManipulationatScale_FireEyeInc.pdf (Click name to open as page)	www.victim.com ns1.baddomain.com victim.com ns1.victim.com mail.victim.com reeye.com	N/A	N/A

APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation«APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation«APT39_AnIranianCyberEspionageGroupFocusedonPersonalInformation_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

TRITONActorTTPProfileCustomAttackToolsDetectionsandATT&CKMapping«TRITONActorTTPProfileCustomAttackToolsDetectionsandATT&CKMapping_FireEyeInc.pdf

Report name	Domains	Hosts	Samples
TRITONActorTTPProfileCustomAttackToolsDetectionsandATT&CKMapping«TRITONActorTTPProfileCustomAttackToolsDetectionsandATT&CKMapping_FireEyeInc.pdf (Click name to open as page)	reeye.com	N/A	N/A

Twasthenightbefore_Securelist.pdf

Report name	Domains	Hosts	Samples
Twasthenightbefore_Securelist.pdf (Click name to open as page)	www.taqa.com.sa maps-modon.club scsb.gov.sa modon.club ntg-sa.com 199099.gov.sa go-microstf.com maps.modon.gov.sa taqa.com.sa analytics-google.org mci.com-ho.me ntg.com.sa itworx.com-ho.me mol.com-ho.me moh.com-ho.me	69.87.223.26 45.76.32.252 139.59.46.154 45.32.186.33	d87663ce6a9fc0e8bc8180937b3566b9 3fb33a2747b39a9b1c5c1e41fade595e 623e05dd58d86da76fdfcf9b57032168 c2165155fcba5b737ee70354b5244be3 6946836f2feb98d6e8021af6259a02dd 444c93e736194a01bf3b319e3963d746 b8373f909fa228c2b6e7d69f065f30fb b34fd14105be23480c44cfdf6eb26807 83be35956e5d409306a81e88a1dc89fd ecfc0275c7a73a9c7775130ebca45b74 f4d18316e367a80e1005f38445421b1f fa72c068361c05da65bf2117db76aaa8 bcafe408567557289003c79f745f7713 f9adf73bf1cdd7cd278e5137d966ddd4 9b1a06590b091d300781d8fbee180e75 ce25f1597836c28cf415394fb350ae93 19cea065aa033f5bcfa94a583ae59c08 0ed61b6f1008000c6dfcd3d842b21971 1b5e33e5a244d2d67d7a09c4ccf16e56 638b74a712a7e45efc9bec126b0f2d87 edfc37461fa66716b53333fd7f841a8e 45b0e5a457222455384713905f886bd4 03ea9457bf71d51d8109e737158be888

CardinalRATSinsAgainTargetsIsraeliFin-TechFirms.pdf

Report name	Domains	Hosts	Samples
CardinalRATSinsAgainTargetsIsraeliFin-TechFirms.pdf (Click name to open as page)	www.codeplex.com secure.spotoption.pw wikipeldia.org secure.dropinbox.pw affiliatecollective.club gitlab.com dropinbox.host raw.githubusercontent.com www.digitalpoint.com	185.247.211.198 190.10.8.238 193.22.96.98 185.20.187.4 193.22.98.182 193.22.99.168 127.194.73.243 127.194.87.192	101af6fdb990e5e9584382a65f5cee7efd9e89c38e928beca18419bdf70ef076 ca8af85f7eed79a73984b2dccd3dd2148865dfed7a009842be7372e6ce18037f dfa041f6cbe9d83cdaaed90466693efca33729c99fa43b29ab8e44bb27eb0a6b 267b1df7bc64c1b93b604d964f52801733fdd43efaf7742810b9277f00ad17ff 778090182a10fde1b4c1571d1e853e123f6ab1682e17dabe2e83468b518c01df edc49bf7ec508becb088d5082c78d360f1a7cad520f6de6d8b93759b67aac305 e49e61da52430011f1a22084a601cc08005865fe9a76abf503a4a9d2e11a5450 1977cedcfb8726dea5e915b47e1479256674551bc0fe0b55ddd3fa3b15eb82b2 6ecd376cdc182bf157e59d500da6092891e6cd9a61305214e462d6e990e6e834 f027735c3db77e67cf7bada8862ddbb0d85a2caacbb4b2825e4acdfa863a14c9 9c47b2af8b8c5f3c25f237dcc375b41835904f7cd99221c7489fb3563c34c9ab 448c33094322b200c53ff016fec29469b3e52def359430113115cc70d7f28704 75ca794f265ebad84954f13480e0e31c17048d21c4b52e949864c951437d0c2c 440504899b7af6f352cfaad6cdef1642c66927ecce0cf2f7e65d563a78be1b29 7482f8c86b63ce53edcb62fc2ff2dd8e584e2164451ae0c6f2b1f4d6d0cb6d9c 96067fc9b137ceecab2ff29ac56ff6897a7c73657ace7c40d70b7c1ebaaccf39 f4f52c45ca3d4d4ce33981f660d23e8df4a9c0e345fdd6429d8b46f6c0528c38 d7996ac876fa0ece281e49e7955dfbbf4ef1239b1ee63a0e21d6c4ed4b7c6559 f75883ff35104a032dd047ca39d35ec98601c76aa02f58ad655df6deaadecb55 fd61a5cd1a83f68b75d47c8b6041f8640e47510925caee8176d5d81afac29134 0afec067628e901f7151861b0924ffb1909d21a707177b1e6cf2c8d491bb1a60 b742162197744a8caeb09f954213a3172ed699f8375f69c40b57b8c219c5e37c 137f9265cba1101ae5d63b94c6ad1b47c7d02f0ab4f54a1af3169422791790cf d562f01384b1d215758227fb2c165ed633fe9997096613fed8ce3bdf8963e4fd 82017e34c232e05094c2bbed2e62f6b55c1ed8f645803784cac791cc4690beaf 98200955db80cb5835158320ba94b2b55bc7028ea988b75f02adee3df40793f3 fdee357557a69d3dfa629d0cbd585d9c5dadc526dfb424af56c8edcc7a67d556 b4632dcf0b23467970ee7e0844e7c8a931dc3a0f549c0aa5e40e41c1b5b31fdc 4e953ea82b0406a5b95e31554628ad6821b1d91e9ada0d26179977f227cf01ad 08ce077e8d54db08ede1095d03286146d04e8cbce74ec91a9fc7b9d0a99ddb9f 943cef39e54457fcfa21f5a8ed0f04095c1d4b798453770be5dda5db7d5406ac 16aab89d74c1eaaf1e94028c8ccceef442eb2cd5b052cba3562d2b1b1a3a4ba6 a545288c4d491d510972d583b773f8a0c5dc355942e322cf767d33121c659c1c b01b7a5798f41a5fae54b4189db6f47c6110a0b53a4df32cb7d0f13503c5250c 3ec85a019a480114856d3022961d7a55c1ae7cfa81b0073b2c1abcf99e0e541f 97c97ad2baef37eea023549131c192f441aa7976747166cd31095e7dad17948c 9e6671a8af28e0ab6c37c044d85a2406b665a171ae3bef46f3e90d06e33027ae 0fabc65c316e8d84493d07cd39bfdd59481af9f9a7ebc9103693f1788438a438 1e8ed6e8d0b6fc47d8176c874ed40fb09644c058042f34d987878fa644f493cc a05805bcec72fb76b997c456e0fd6c4b219fdc51cad70d4a58c16b0b0e2d9ba1 8db0118d4bbc10efd0fd6733d987ddeee7afc6c3ebe4ee1157ae9243aba362d9 571b58ba655463705f45d2541f0fde049c83389a69552f98e41ece734a59f8d4 dab228c236d48fa1660bcec59e17e5004726741a85b0fbeef8300f29927c32d9 8bea55d2e35a2281ed71a59f1feb4c1cf6af1c053a94781c033a94d8e4c853e5 ebd4f45cbb272bcc4954cf1bd0a5b8802a6e501688f2a1abdb6143ba616aea82 057965e8b6638f0264d89872e80366b23255f1a0a30fd4efb7884c71b4104235 0304674e9876530dfbea5a9b4fec7b98 8d8ccaf5a241112d173147b6b08ad5b7953c940ff5928e3046781c1e58a9c73a 65b726aab53920c497f83eb1f3cbd6b7dbfc2074aab6761b7485aa98f2df139a 4045950ffa263b92774e92ab36b3ec52bf18f1c133b8d155819629d2ad4b3d1c 75996bbfcd2b343523ed79476f9516cc7d2b041c43841e5e735db4f22ae970c3 211b7b7a4c4a07b9c65fae361570dbb94666e26f0cc0fa0b32df4b09fcee6de2 508e25a0e729824f06f4960b635600acf3cab87ebb87854d1989ff0ba2f03e78 84f822d9cf575aeea867e9b73f88ad4d9244293e52208644e12ff2cf13b6b537 2247c528fc1b90b725d857cc5d45572e864c6c4948100458774f0ef6a8f11403 c2d944a939bdc810d603149c0685f0bcb55a84d1f3a6ea33e9debe893fd0a8dd a52ba498d304906d6c060e8c56ad7db50e1af0a781616c0aa35447c50c28bae9 ca2a01792873233693e17fe51c4c86c05d07e31f9b579ab0444dd89733633532 66f43e57648f01ea5f8d0d152db1df90c764eebeb701403936a15c47e2965353 192b204dbc702d3762c953544975b61db8347a7739c6d8884bb4594bd816bf91 dd8fe0e27bf798cace40ac0d58b833ba3bbf16d80175296601585ed1964465ec 78e2929e5dae8677f9db3aa7eaa96ad584c872343698e18f85349a027328b3ea 02e85f39adf8613fd1be610e4e76f4fac08949f2e0198e8cf89a7c3a17cdd6d9 bee6c5a506d6fb2cc129443c74b7676fbb9a79b53b92b2cac4c7fb8209592714 cbcb627ff2220ed269aaa58203e7e89f1988210073d35f5f4019f8ecfd012f81 6272ed2a9b69509ac16162158729762d30f9ca06146a1828ae17afedd5c243ef 5dcec8a061195bd4a2c3e96afecc48b1f0143b6ac4644c518ed8a923d2dcbe21 e5e172cd93e97480a9982f821c8f1bdf9756803a3fb8a1a7a39e262cda192cb6 a1d5b7d69d85b1be31d9e1cb0686094cc7b1213079b2a66ace01be4bfe3fb7c3 e017651dd9e9419a7f1714f8f2cdc3d8e75aebbe6d3cfbb2de3f042f39aec3bd 4fde64e9391d36aaff700ce0be3df9e7e6303b6de114332286de694af33dd7da 5dd162ab66f0c819ee73868c26ecd82408422e2b6366805631eab95ae32516f3 00f93492edb3274f71686fa469f6c9031a94292a2776c623a1596f710bf4eaa1 0716f3f9cb0dead0c1f156a07adfeb3e0d72e4ea4af7b67238fae3e1ae670f90 bae230d6a988723b33158bbeef4ab90b1bff7b521fed9cab0c5e1f5b69a01de5 5909b5999d3998f578a3acb4bf85e0b3fde102c417c40b6beed0dd3b8ceb51bf 7220e659d59491db50661c54762b49bf6976acbeb723b5d59abde48301c86228 2016766acaeb1b89415fb6ef03f6ee815b8fe76b8955a6a41d2bbb28dfa74c28 06151c14153e983ae7ab793c7cd0e5ac3faf8e200894955b02e1191429eff29a 0438becfd66d728778f47d734d2f0bc4d1462d945cf4b6dde9fbf627eb0bb02d 8fababb509ad8230e4d6fa1e6403602a97e60dc8ef517016f86195143cf50f4e 855cf3a6422b0bf680d505720fd07c396508f67518670b493dba902c3c2e5dfa 154e3a12404202fd25e29e754ff78703d4edd7da73cb4c283c9910fd526d47db 427b635915e0fe313ce58175faa1cc240ae26183fb88d05864bc20ef6d87aca3 5025aa0fc6d4ac6daa2d9a6452263dcc20d6906149fc0995d458ed38e7e57b61 ae1a6c4f917772100e3a5dc1fab7de4a277876a6e626da114baf8179b13b0031 d5d885734969641f43c64edf9788837df0d3452413a7ef835f8910d56c60c91c fb63acfda1730132dbfbf1d46834d771156aac3f7c8e97ea136ca6edbe811fad 0097dd7676b810bd0c1c70d8c86604c830e1e8e88f6a13c3869747faba381076 1181f97071d8f96f9cdfb0f39b697204413cc0a715aa4935fe8964209289b331 fc5f7a21d953c394968647df6a37e1f61db04968ad1aca65ad8f261b363fa842 10f53502922bf837900935892fb1da28fc712848471bf4afcdd08440d3bd037f ea581e8e625a3748da9663414182d1b99f9c5ddb0b9db2fbf1059a28c69cc10c 84e705341a48c8c6552a7d3dd97b7cd968d2a9bc281a70c287df70813f5dca52 a2dfe3a5a1e999af7f1920d28e05d8b0ce66c6e8b2947177878862ce1f870b17 9a2491d803407b8696d6b797f8b90d728a8db3583bf4c2977cbeef8be0eb7249 66f38591e8c80bb26623b0e6be5ab976fdf745c2afa020c7d98e2814960b5961 2167d393ec89ec0c6e2d7557a7ad22aa1953dd8082f599bee14977c25a128cce 43fb0b13f9872a54f91a7bf202b23a8a16de99d054a83ed08b9ea97f9e2675e8 28e9e0fcc6899db7a16315d3dca38b6166ba318f8ca07b422ebadaab209b589b 4b0203492a95257707a86992e84b5085ce9e11810a26920dbb085005081e32d3 06f1348c8a2ffab67627556075ddcad92998526d4d3802b9c2357d169531825f 0212334200668ac64cb63fc1a4f4ea17e956f6928a2211c945c2e07f1b25a3ef f9bccd349cf841d0f25e81d80a1b4bf73dd960a1f3aa71029a18e36480c80392 ae8fb2f138981f10092761768428fb312e3e49bc23d5b610e3127c1a387aede8 5e60f17396e2ddfce8e60c964056d63cc3b17646c31b4a4f934c2d1fb4f5ba71 6e2991e02d3cf17d77173d50cdaa766661a89721c3cc4050fba98bea0dbdb1a9 7f0c5e2850d10d4bf129e0d290010bedff44a0f506d92de79ef6d69fd78487e3 997de4372efd576cdb55188a06e4699660a29c37e285e23cdd8a1a9585e6e789 2fbd3d2362acd1c8f0963b48d01f94c7a07aeac52d23415d0498c8c9e23554db 5665527ce54ed1a79ddb8e3c10499ac0b7af5c79a8cf5a37448baccbf6dba09f 647e379517fed71682423b0192da453ec1d61a633c154fdd55bab762bcc404f3 64a9bdf4ff33e8f2e74dc16d7dce0f392aa130ff9b99458778fd25d9aadff381 20fec2d1824b585aa558b7cf9e9980acd665736ce9f7a124507cf46afb30c79f 985d893426373d4e71386d731e5bc44c1c2ac93e0920dddeb4380929af43dfcb 268c3c9a98f2a15aaab9b0488225b0ba4e3d35efa30f6fed9052ffd31042bd7b 4b4c6b36938c3de0623feb92c0e1cb399d2dc338d2095b8ba84e862ef6d11772 85f1053041ef7af8a1c3d941e18de21e7adc24537863063d127bab8a8d2dc64b