Malware IOC 20201105
flash伪造后门
HASH
06fb7b0e660f2b551d4b803190a5d8d88ba8165aab9361a0a2dd8f31d2692886
ec50240df30bcbc5ece80e6a6702b7230b81e68b712083f01a5780761693c5ae

C&C
34.92.61[.]61

URL
hxxp://flashdowns[.]com/flashplayerpp_install_cn.exe
hxxps://down.flash-plays[.]com/flashplay_install_zh.exe

RobbinHood勒索病毒
HASH
3ad2dfa916d473848df470bdd0b18968

QBot
HASH
1edfe375fafa1f941dc4ee30702f4af31ba636e4b639bcbb90a1d793b5d4b06c

C&C
142.129.227[.]86
95.77.144[.]238

Zeppelin勒索病毒
HASH
29584bef6e963b191cb0a900a75585db
d18bf81dbc8acce488abd633d8058cf5
42f9b29cb18cec22cf1f68375685ddc2
3163bba8a4861d47aafa1667d3082fee

AsyncRAT
HASH
b086a8ed459f06adf11cdadcba62c689c178975063659e6b5c153844d1f25ac3

C&C
pounds1990[.]duckdns[.]org:1990