2/8 13:30くらいまでにany.runにsubmitされた #Emotet のペイロードに含まれるドメインリストまとめた
見た分だけ
Hostname
- ta-behesht[.]ir
- tatcogroup[.]ir
- tcpartner[.]ru
- tepcian[.]utcc[.]ac[.]th
- ourproductreview[.]in
- kobo[.]nhanhwebvn[.]com
- khoshrougallery[.]com
- legal[.]dailynotebook[.]org
- gatelen-002-site1[.]htempurl[.]com
- blog[.]prodigallovers[.]com
- adalimmigrations[.]com
- www[.]cclrbbt[.]com
- parkweller[.]com
- dentistryattheten[.]com
- beech[.]org
- movin[.]cloud
- ribrart[.]com
- www[.]pureborn[.]com
- phuongphamngulao[.]gov[.]vn
- wwwzarawazircom[.]000webhostapp[.]com
- sportnal[.]azurewebsites[.]net
- teeo[.]highoninfo[.]com
- thebluebearyhillproject[.]com
- themefolks[.]com
- techotechsolution[.]com
- supcargo[.]com
- sunucuo[.]com
- sweetestshop[.]ca
- subhedarmarketing[.]com
- takharandshankertour[.]com
- 9jabliss[.]com
- nvl[.]netsmartz[.]net
- tbadl-ashtrakat[.]000webhostapp[.]com
- web23[.]s170[.]goserver[.]host
- steakhouse42[.]site
- www[.]vgxph[.]com
- khanhbuiads[.]com
- www[.]cclrbbt[.]com
- paginas[.]constructorajksalcedo[.]com
- masumalrefat[.]top
IP
- 71[.]126[.]247[.]90
- 172[.]221[.]229[.]86
- 70[.]184[.]112[.]55
- 5[.]34[.]158[.]102
- 24[.]249[.]63[.]138
- 98[.]239[.]119[.]52
- 80[.]86[.]91[.]91
- 104[.]236[.]28[.]47
- 71[.]126[.]247[.]90
- 103[.]38[.]12[.]139
感染後に接続するIP増えてね?
