-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathblocklists-dfir.txt
192 lines (166 loc) · 6.29 KB
/
blocklists-dfir.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
## hosts-blocklists
## domains-ips-hashes
## blocklists-dfir
## https://thedfirreport.com/
# https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/
ewacootili.com
fraktomaam.com
magiraptoy.com
moashraya.com
oopscokir.com
patricammote.com
restohalto.site
rpgmagglader.com
ultrascihictur.com
winupdate.us.to
23.159.160.88
45.15.161.97
51.89.133.3
87.251.67.168
143.110.245.38
151.236.9.166
151.236.9.176
159.89.124.188
159.223.95.82
188.114.97.7
194.58.68.187
0d8a41ec847391807acbd55cbd69338b
7e9ef45d19332c22f1f3a316035dcb1b
628685be0f42072d2b5150d4809e63fc
a144aa7a0b98de3974c547e3a09f4fb2
b3495023a3a664850e1e5e174c4b1b08
bff696bb76ea1db900c694a9b57a954b
4e0222fd381d878650c9ebeb1bcbbfdfc34cabc5
34c9702c66faadb4ce90980315b666be8ce35a13
38cd9f715584463b4fdecfbac421d24077e90243
437fe3b6fdc837b9ee47d74eb1956def2350ed7e
5066e67f22bc342971b8958113696e6c838f6c58
ca10c09416a16416e510406a323bb97b0b0703ef
9da84133ed36960523e3c332189eca71ca42d847e2e79b78d182da8da4546830
65edf9bc2c15ef125ff58ac597125b040c487640860d84eea93b9ef6b5bb8ca6
332afc80371187881ef9a6f80e5c244b44af746b20342b8722f7b56b61604953
839cf7905dc3337bebe7f8ba127961e6cd40c52ec3a1e09084c9c1ccd202418e
a0191a300263167506b9b5d99575c4049a778d1a8ded71dcb8072e87f5f0bbcf
f6e5dbff14ef272ce07743887a16decbee2607f512ff2a9045415c8e0c05dbb4
# https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/
aerilaponawki.com
alishaskainz.com
klindriverfor.com
mrassociattes.com
msc-mvc-updates.com
5.255.102.167
45.155.204.5
91.215.85.183
174.138.188.6
193.149.129.131
5f4d630ef00656726401b205ae4dc88f
76a1f94ed6499b99d2cc500998846875
8800e6f1501f69a0a04ce709e9fa251c
a59a7916156c52f732b4c2e321facfe1
b1f5e4774aa79f643350218df61e33f6
d1da347e78bf043e2dc61638e946c3da
f927cd4f40c7a6dad769a8f9af771a8c
0fdfef7c9cc4305df81b006e898e1592aa822437
8c949a7769d16c285347f650ef2eedac01dc1805
72a1c9ea93d18309769d8be5cdb3daedf1cddcf5
aa8f2d6d98aa535e05685076ca02f781c2aa6464
ca14d61bcf038cda45199f54c7c452ad262a7c88
d87a3c22771b1106a1a52d96df7b2944d93fa184
f1e7994c6568f0182a60f64557c7793df5e550ed
06bbb36baf63bc5cb14d7f097745955a4854a62fa3acef4d80c61b4fa002c542
1ab812f7d829444dc703eeb02ea0a955ec839d5e2a9b619d44ac09a91135cad1
3c9f4145e310f616bd5e36ca177a3f370edc13cf2d54bb87fe99972ecf3f09b4
9c337d27dab65fc3f4b88666338e13416f218ab75c4b5e37cc396241c225efe8
b378c2aa759625de2ad1be2c4045381d7474b82df7eb47842dc194bb9a134f76
d6127d614309acbf2a630fe3fb0fda8e4079dcf2045f91aa400d179751d425f7
eae2bce6341ff7059b9382bfa0e0daa337ea9948dd729c0c1e1ee9c11c1c0068
# https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues/
artmodel.com.ua
blog.lilianpraskova.cz
daraltanweer.com
hrclubphilippines.com
mediacratia.ru
montages.no
my-little-kitchen.com
pocketofpreschool.com
sitmeanssit.com
ukrainians.today
91.92.136.20
91.215.85.143
1b8b4f05058ac39091b99cc153ab00c0
4f4ee823a8c7e2511f05b3ea633c0d2c
9f9c7b2c8f245e62a08bf5f8a3eb3498
25b38e45df3cd215386077850c59be07
49145e436aa571021bb1c7b727f8b049
a617e6687ab5d747c530b930bb4a3209
deb24dfaf8178fda2d070aba9134a30c
e9fc0203d1dea15dff56a285d0f86b62
f769cb73317421c290832777c9e14f92
fb6e4f75763fad6d0e7fe85a563b0c24
3cf851eb09c934cafe9b98d4706f903dff804b0c
7e8543f2bc09bf320510fde5e34e32065339d9d2
72076af2ce8df6f8b1121c38f3c3db043c540369
877515fecc14ed193167e8a20c6b9a684a74564d
a88a28c73aa42956c9f9d12585a8de63d4a00e47
d53e550b54c08606e19965a9f74bbaa7063e10f1
e0b568a3e35257cd30b0c42727c3529cef13b081
ecc0b26106703e129fb1e2ec132c373870c2e7b6
f043898fc9db6985c4ad8bb84669c081cdaa8e6f
40c40495434bf987b04f0742c3e9201189675d87a042aa72abbd0084c3de66d8
49b75f4f00336967f4bd9cbccf49b7f04d466bf19be9a5dec40d0c753189ea16
68dd1a2da732d56b0618f8581502fcf209b1c828c97d05f239c98d55bb78b562
792a95234b01c256019b16a242b9487b99e98ed8a955eaecf1e44b0141aa12f4
873dd1dcdfcbe9826b274c5880f5be81a878ee93715fbb18a654d9dba61c5dfc
831955bd05186381a8f15539a41f48166873eab3feb55fb1104202e4152bd507
aad75498679aada9ee2179a8824291e3b4781d5683c2fa5b3ec92267ce4a4a33
be3222219f029b47120390b2b1ad46ae86287e64a1f7228d6b2ffd89345a889e
ecc7f13c3f0f8d4775e05715810b0164c52b7bd233e4a2e4f5a37769becb0092
f94048917ac75709452040754bb3d1a0aff919f7c2b4b42c5163c7bdb1fbf346
# https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/
77.83.36.6
193.106.31.98
0fd71d43c1f07d6a8fa73b0fa7beffa7
037d9a5307e32252a3556bbe038a0722
08aaa7f4e2c1278c0e9b06ce4e6c217d
09dcedb5a6ad0ef5bbea4496486ba4e5
3bce26176509adf3f9d8e2e274d92f9e
27f7186499bc8d10e51d17d3d6697bc5
76faaf2e85045fcd1a404b7cb921d7c1
718f68b24d1e331e60e1a10c92a81961
1852be15aa8dcf664291b3849bd348e4
44370f5c977e415981febf7dbb87a85c
b2bb4d49c38f06a42f15b39744d425d0
c5d7ce243c1d735d9ca419cc916b87ec
ca49787e7ea3b81fccca2ae45852a3d6
cf39e14df6c95285f23cd6d16a2a8a4e
eceaa5fe9d6440701c00ee92bdca2dc8
1b65d347bea374bb9915c445382ae696ba4064d4
2cb4b4fb1ec8305ef03e1802f56be22b12379a0c
2f5991e67615763865b7e4c4c9558eb447ed7c0d
21b7460aa5f7eb7a064d2a7a6837da57719f9c2e
52f7e3437d83e964cb2fcc1175fad0611a12e26c
97c05403150f9fe87a62c8ebc988ba7f2006ba6f
641b7cf77286bd86eb144147bbf073bbd2c9c261
723baea0983b283eebd8331025a52eb13d5daaa7
8003bcb91775386084dcedeca3e1ea68d50888c3
52332ce16ee0c393b8eea6e71863ad41e3caeafd
4484887c6857a26e40f4337d64ac0df7c391ba83
a73fbffe33ea82b20c4129e552fbc5b76891080e
ac0dce3b0f5b8d187a2e3f29efc358538fd4aa45
d5d686acb2ad66fa2e01bbfc4e166df80dc76d06
eea811d2a304101cc0b0edebe6590ea0f3da0a27
0596b08f0f4c6526b568fc7c9d55abd95230a48feb07b67482392d31c40f3aea
6afb934834b97221dee10cbf97741c5fe058730460bfdbcf1da206758a296178
7f7e61246445872aec37808a2c20f5f055fb5fba8bd3f5af5194762114700180
8b5fdb358b26c09a01c56de4de69841c67051f64ac8afcdd56dfddee06fdaa7b
8cf27e05e639fcc273d3cceadf68e69573b58e74b4bfce8460a418366a782fbd
12f838b54c6dac78f348828fe34f04ac355fa8cc24f8d7c7171d310767463c6c
18f0898d595ec054d13b02915fb7d3636f65b8e53c0c66b3c7ee3b6fc37d3566
35ff76d763714812486a2f6ad656d124f3fcdfc4d16d49df6221325c8ae8827a
40fe2564e34168bf5470bbe0247bc614117334753a107b2baeb113154b4de6a7
56b08aa03bd8c0ea094cfeb03d5954ffd857bac42df929dc835eea62f32b09e0
8834c84cfd7e086f74a2ffa5b14ced2c039d78feda4bad610aba1c6bb4a6ce7f
54586ffce0dcb658de916cc46539b5a1e564aaa72be2620fc4f9133ca54aba64
277550c9d5771a13b65e90f5655150e365516215a714ffd3f075b5b426e2ddc1
d6d8302d8db7f17aaa45059b60eb8de33166c95d1d833ca4d5061201e4737009
d743daa22fdf4313a10da027b034c603eda255be037cb45b28faea23114d3b8a