威胁动态
1.木马邮件
①*****-邀请参考demo.exe
C2: 43.138.117.114
②*****裁员协议.zip
C2 DNS:suning.blog
C2 IP:39.104.64.61
③*****点报备.rar
C2:101.43.190.181
2.木马C2
8.131.71.64
3.红队域名
y.alibaba-cert.xyz
update.apache.fit
update.360-cert.com
4.红队平台
DNSLOG:beredapple.com
NPS:124.222.103.14
6.疑似影子队据点(或者是跳板)
①IP地址:183.160.221.33
反查域名:19n1qr2.cachenode.cn
域名备案主体:长沙市摩根网络科技有限公司
②IP地址:223.87.252.110
7.红队IP
39.105.13.51(确认为红队)
101.200.56.206(确认为红队)
47.93.96.178(确认为红队)
123.56.13.1(确认为红队)
47.93.187.14(确认为红队)
101.200.85.56(确认为红队)
101.200.43.66(确认为红队)
59.110.153.184(确认为红队)
123.56.8.195(确认为红队)
60.205.189.115(确认为红队)
59.110.162.202(确认为红队)
60.205.176.89(确认为红队)
来源:https://www.cnsrc.org.cn/hw/1921.html
文章来源: http://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247491444&idx=1&sn=03ace2db2e6883a11d46c3ad209a9348&chksm=fc9805ebcbef8cfd7c5313d5db71693d2f4d8aae7b37e03716264ad7de7feda4203aba9a3823#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh