3062 lines
114 KiB
JSON
3062 lines
114 KiB
JSON
|
{
|
||
|
"Event": {
|
||
|
"analysis": "2",
|
||
|
"date": "2022-12-19",
|
||
|
"extends_uuid": "",
|
||
|
"info": "OSINT - QNAP worm aka Raspberry Robin",
|
||
|
"publish_timestamp": "1671457942",
|
||
|
"published": true,
|
||
|
"threat_level_id": "4",
|
||
|
"timestamp": "1671443120",
|
||
|
"uuid": "0ebe51c2-31f1-4ba4-b7ab-1f5e62531e45",
|
||
|
"Orgc": {
|
||
|
"name": "CIRCL",
|
||
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
||
|
},
|
||
|
"Tag": [
|
||
|
{
|
||
|
"colour": "#0088cc",
|
||
|
"name": "misp-galaxy:malpedia=\"Raspberry Robin\""
|
||
|
},
|
||
|
{
|
||
|
"colour": "#004646",
|
||
|
"name": "type:OSINT"
|
||
|
},
|
||
|
{
|
||
|
"colour": "#0071c3",
|
||
|
"name": "osint:lifetime=\"perpetual\""
|
||
|
},
|
||
|
{
|
||
|
"colour": "#0087e8",
|
||
|
"name": "osint:certainty=\"50\""
|
||
|
},
|
||
|
{
|
||
|
"colour": "#ffffff",
|
||
|
"name": "tlp:white"
|
||
|
}
|
||
|
],
|
||
|
"Attribute": [
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441766",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "cb31d5aa-fe8e-4489-ae28-4310e5e0fc03",
|
||
|
"value": "03s30.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441766",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f9137b71-bfbf-48d8-a668-c0236e087f02",
|
||
|
"value": "0dz.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441766",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "13024c29-51b2-46dd-a921-7d8e1dc5775e",
|
||
|
"value": "0e.si"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441766",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "758d0298-85ed-4c67-87b1-bfb7a43d75ba",
|
||
|
"value": "0i.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "73c78cac-6af2-49f9-9a6c-420b379bcfdb",
|
||
|
"value": "0i.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3c8a2966-e151-47a7-a8d1-57b35d135faa",
|
||
|
"value": "0j.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "518c0382-d276-4439-92bd-24c83a4561b7",
|
||
|
"value": "0j.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b7f6702e-d5d0-489b-a580-b7b78790a380",
|
||
|
"value": "0p.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "aa3dcada-6c13-4564-9f73-a0335b43bafa",
|
||
|
"value": "0t.yt"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2fea340f-896b-493a-b97f-5fc88ec24785",
|
||
|
"value": "0v.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1342a252-3cdb-42ad-b296-404fefabda2c",
|
||
|
"value": "0w.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1800718f-4276-45d9-b227-c82e02191e54",
|
||
|
"value": "0x9.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7c876b16-533b-428e-9288-04e5da832706",
|
||
|
"value": "13j.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ad5d1222-ce53-4445-ae6b-22751380e8d8",
|
||
|
"value": "1h3.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3a1e9148-4ea5-42bb-aea1-549bfac00ad1",
|
||
|
"value": "1i.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c8fab75b-f3f8-471d-b4b8-e7da5aec0966",
|
||
|
"value": "1j.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1b0227bb-221a-4026-9252-dffff31ba131",
|
||
|
"value": "1j4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "335a647e-a90c-4db6-847f-b339333a96a0",
|
||
|
"value": "1k4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8be37180-6ff3-4977-a542-6f3e73ff0a50",
|
||
|
"value": "1n4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fa14609a-bcfb-4962-a110-8884a0fa398d",
|
||
|
"value": "1u.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b52486bc-7502-4017-98a6-f495ce47baab",
|
||
|
"value": "1u.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1a181051-a965-4677-b6d9-3e0f32346329",
|
||
|
"value": "21k.website"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "44d91ad2-8127-43e0-bb4a-7d280e2cb5dd",
|
||
|
"value": "27o.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ac62460a-d312-47b6-a2c4-9c38ab8d622b",
|
||
|
"value": "2i.nu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9852e885-6187-4f93-8db6-e266bc84c99e",
|
||
|
"value": "2i.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "082e17c6-0a51-4603-8c0a-49978bb007b7",
|
||
|
"value": "2i.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c681d300-444a-4d6e-9581-801edc074f19",
|
||
|
"value": "2j4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "df252477-5100-46f0-834d-56b11c879301",
|
||
|
"value": "2jks.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "13f2606a-5807-4cc2-bd19-b8a7c7a89323",
|
||
|
"value": "2kbq.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3d689955-65aa-46dd-bbb8-8d41618c1922",
|
||
|
"value": "2t.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ab32e42f-29be-4f6e-8e4f-7cbd91a65ece",
|
||
|
"value": "2t.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7a661fa4-c125-4d8a-98f1-f766762465c5",
|
||
|
"value": "2um.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9aa0d49b-348f-4c33-93d8-ecbc22792843",
|
||
|
"value": "2yd.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "50fd3b28-7f34-4e54-a6f2-265c29e40523",
|
||
|
"value": "3e.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "06b7404d-a331-40c1-a4eb-f3546e4bcae8",
|
||
|
"value": "3h.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c5e5aec1-52a2-4ab0-9fc4-c826075e703a",
|
||
|
"value": "3h1.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "4139a465-5894-49a3-996e-2bdac0aff36b",
|
||
|
"value": "3lzj.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a6353d14-77ee-44cb-b4e4-8f31db33eafe",
|
||
|
"value": "3p.ms"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3ac29d6e-9f5f-4c2e-b68b-5008d643c722",
|
||
|
"value": "3z.nu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3b208b0b-381e-4a4a-b017-3f1d0c79e979",
|
||
|
"value": "4aw.ro"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "70d262a3-c8f3-4a62-b8e4-9f701b3a47a0",
|
||
|
"value": "4c.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b02dcadf-019a-4a1e-bd5c-2257cba4d96f",
|
||
|
"value": "4j.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5cf61fa2-cf33-4592-92e1-2b01d845292f",
|
||
|
"value": "4j1.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1cdb15c5-7d1c-4c4b-8640-1cea926705a0",
|
||
|
"value": "4j5.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "73147215-3645-46b6-988f-caf7759359dc",
|
||
|
"value": "4k1.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6f7041eb-1d19-410f-825d-7e7e0bc2d806",
|
||
|
"value": "4kx.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "cfdc5b83-aa9a-45ee-af2d-b300c3649278",
|
||
|
"value": "4m.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1fe32bf3-70c5-4c67-8120-a87e775c667f",
|
||
|
"value": "4n.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e2fbe282-1aef-401f-988d-5732ecbc3658",
|
||
|
"value": "4q.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e39d7a10-e379-45b0-964c-b755b41a7394",
|
||
|
"value": "4s.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "426d0b10-64bc-46e2-8226-92f909ff53d1",
|
||
|
"value": "4s3.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "972ea084-a516-41e7-bdd6-ef1b49105d75",
|
||
|
"value": "4w.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "715ce51d-e3fe-4beb-85a9-5728dbcda2ef",
|
||
|
"value": "4w.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6c0ff296-037b-4b65-8380-31d80767e8d5",
|
||
|
"value": "4w.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7e7b2978-1410-4d24-9fe4-b890ba5ed5bc",
|
||
|
"value": "4xq.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7326c4a9-727f-4b61-b1be-403bffc49c90",
|
||
|
"value": "5ap.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0da10963-3c11-4c47-a832-682895907df4",
|
||
|
"value": "5g7.at"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3b771589-417b-4957-b713-95709bb147f5",
|
||
|
"value": "5j8.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "dfeb6e55-e066-4ff1-ad3a-097d63ef7d37",
|
||
|
"value": "5jb.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "36ede7ea-74ae-41b8-b23a-50d7552eea31",
|
||
|
"value": "5jk.club"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "276c754e-60ff-476b-a11d-d03dca0df8f5",
|
||
|
"value": "5kj.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c5212bd5-aa7c-489c-b899-e97e3f4c271e",
|
||
|
"value": "5kx.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "29ac9533-2f77-41ce-a7e2-af96c180abae",
|
||
|
"value": "5qe8.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1b674845-cbe1-4908-b0f2-241b5aa6951d",
|
||
|
"value": "5qw.pw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1b276564-8dc8-4eab-a5e4-06a8ef185dff",
|
||
|
"value": "5qy.ro"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7c9d843b-77c7-4ef6-9a51-3863866f5523",
|
||
|
"value": "5s.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e5b29a97-7196-47f8-ad21-4a4a9e2adc12",
|
||
|
"value": "5v0.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "62634849-6bc2-4fc4-ae22-267762c4e6a8",
|
||
|
"value": "5z.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f6762a31-3477-44f0-ab06-aed59ed0f562",
|
||
|
"value": "5z.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b21c5805-1e3d-4919-b8a6-edc8b2667d6e",
|
||
|
"value": "60i.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "eff3ec09-2d72-42b7-aa77-91d49a5c5509",
|
||
|
"value": "66j.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5035f976-6838-4f20-8e61-36ef99e26771",
|
||
|
"value": "6ax.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "154a7e94-8deb-45cf-b294-2539635484f2",
|
||
|
"value": "6gcr.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ecd60927-356f-414a-871a-2a1ecd3f567c",
|
||
|
"value": "6id.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c2228cbd-365a-4762-a6be-d6f3bf7ab4bf",
|
||
|
"value": "6j2.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "62023b08-2687-4a2d-a5f1-c405856c6c39",
|
||
|
"value": "6qo.at"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7140b55e-67d6-47b3-8450-09fa02a7d702",
|
||
|
"value": "6t.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b5b9b43d-c312-4dab-90ce-3cd36c5fc6f5",
|
||
|
"value": "6t.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c86cd3a7-5f0b-41b4-a723-a6e2bc965095",
|
||
|
"value": "6t4.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7e91e10a-2a87-4f90-b71b-37adc886ae9c",
|
||
|
"value": "6uy.at"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "68e364b9-0bd7-42fc-8736-e1f69ce28fa9",
|
||
|
"value": "6w.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e639c93a-6450-41e6-b5a3-8c8fd7277f68",
|
||
|
"value": "6wr9.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7f6b0ea3-c3dd-4950-bc47-827b221a1ed7",
|
||
|
"value": "6xj.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ebdfea59-e2dd-47cd-b6ba-2e552a48d815",
|
||
|
"value": "6y.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7e24d173-1ed5-4edb-ae1f-deb9dac1a6b8",
|
||
|
"value": "79r.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "cbdde65f-8a50-4c49-810d-77c306afd4c6",
|
||
|
"value": "7d.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "275e207a-ecd0-4f6d-b75f-f6643c343695",
|
||
|
"value": "7d.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fbf8c793-37f4-415e-b835-0dccd365f525",
|
||
|
"value": "7yfb.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c8b69cc0-64ce-40d8-b4a1-bcea42b7b73f",
|
||
|
"value": "8t.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d99fcf05-1782-4a76-97fc-11980400b5f1",
|
||
|
"value": "8t.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441767",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6a7345f8-8950-4874-94b7-a4a2076d053f",
|
||
|
"value": "9r.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a04003b9-e918-4305-80f3-8a93756bf065",
|
||
|
"value": "9r.sk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8b4025a8-3a6b-4397-ba28-7282159ea66f",
|
||
|
"value": "a0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "bdc6549a-d120-4f2f-b849-0aad16e696cd",
|
||
|
"value": "aij.hk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f9c4b5b1-dd7a-48fe-9de2-14c3ead2f3ce",
|
||
|
"value": "as3.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "157501d2-ed48-4319-8408-591d47992e10",
|
||
|
"value": "b3vv.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fcc8ca3c-ce57-4a20-b64c-a594eaef51e1",
|
||
|
"value": "b8x.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9bb37e82-5f95-4c38-af73-42f5ef774efb",
|
||
|
"value": "b9.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3aa2653f-45f0-4fd5-b9b9-481e16df488c",
|
||
|
"value": "bcomb.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0cf5b70f-ae08-4fe2-b17c-8a0ed780afea",
|
||
|
"value": "bo2sv.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "afe125d0-cac4-4dbb-86af-f0a8540ec197",
|
||
|
"value": "bpyo.in"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "86464d8d-457f-4407-9933-e1d97fce1e0b",
|
||
|
"value": "c0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "22a2ad94-1122-480d-ad65-1b25795058f0",
|
||
|
"value": "c4z.pl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "41083164-f714-4e7d-a0de-18d24e1a6746",
|
||
|
"value": "c7.lc"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7013ae3b-6908-417c-872f-9fae33f6a128",
|
||
|
"value": "cb3u.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "01c2726f-77a0-465b-b0fb-91b572bffec6",
|
||
|
"value": "d0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ca8f4268-2950-4ebe-b443-3118b973682a",
|
||
|
"value": "d4j.club"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5988cb26-a1f4-4a46-be3b-172e9fb1f445",
|
||
|
"value": "dj2.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "eab8228e-60ab-44e9-be88-e366a235e7e1",
|
||
|
"value": "doem.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8eda6b78-cf59-4d4c-b761-668729db4e3f",
|
||
|
"value": "dsi.mk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a3b96aab-8b3e-428b-9de8-9741f629ab36",
|
||
|
"value": "e0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "edb25eef-c613-43dd-a4e0-6da3e7c0a6e6",
|
||
|
"value": "e9.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7b226ee8-65de-444c-8da4-ee6cdf2ac29f",
|
||
|
"value": "egso.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e4e29065-ca30-4fee-9dad-c9e7c790ef0f",
|
||
|
"value": "ej3.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "966fa2fa-44f6-4423-a44a-71853f103e06",
|
||
|
"value": "ejk.bz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ab6e4045-d470-4216-bd6d-8d0276ebdb09",
|
||
|
"value": "ejk.li"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "dc5914a1-0315-4247-bb5d-758ec0e52737",
|
||
|
"value": "euya.cn"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "13689d8e-3ad0-4116-aad6-748f626b89a2",
|
||
|
"value": "eznb.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c4a7865b-9a11-4076-94fd-e6ae4321f48d",
|
||
|
"value": "f0.tel"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d9873050-4a42-482c-9661-93a9dc547d6d",
|
||
|
"value": "fgcz.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "bf561941-5a8c-41fb-b9cd-b719440ef1a9",
|
||
|
"value": "fnx.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d990861c-25b9-417c-95e9-33cfad3fbc52",
|
||
|
"value": "fxb.tw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "41bed45b-24e9-4544-92b3-c6698061fc7f",
|
||
|
"value": "fz.ms"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "71548cbb-0df4-45f8-a2bf-c380a2a23410",
|
||
|
"value": "g0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f7bf7cec-d28a-43f9-a122-ab59e1511f79",
|
||
|
"value": "g3.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "4d17873a-e80c-440d-8ec8-b450c4ca6ed1",
|
||
|
"value": "g4.nu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ea77ffa1-45f5-4c2f-ba1b-7d5b1e7aba87",
|
||
|
"value": "g4.tel"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8c987922-5569-4602-a655-e8ff1a6f475c",
|
||
|
"value": "g4.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "74f9449f-6b9b-4ded-97fd-b7fc5e2a01f7",
|
||
|
"value": "getmyfile.click"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0ba27902-1562-491f-a07b-16ea65628f24",
|
||
|
"value": "getmyfile.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9dbe222c-a5ca-4f70-96fa-f1b938968f53",
|
||
|
"value": "getmyfile.link"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7b855019-b2bf-46b5-8b05-e3ae92cf4df6",
|
||
|
"value": "glnj.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7002684d-5768-482c-94e0-536e43e36e89",
|
||
|
"value": "gloa.in"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "31513a41-ae4b-49ef-b55b-0417beb19720",
|
||
|
"value": "gz.qa"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "4cb5cb02-3498-4e43-b6dd-39a1e0f12dca",
|
||
|
"value": "gz3.nl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6f9aefc8-e628-4f3d-8083-91ade72ddb6f",
|
||
|
"value": "h0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "698d3bd0-be71-4ad4-9346-118b3e7138a0",
|
||
|
"value": "h0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d6ac5848-acd5-487f-a991-32d4594ce085",
|
||
|
"value": "h6.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f312e637-6d37-42e6-89db-33862cfc53f8",
|
||
|
"value": "i0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "68c1cce9-cb1a-4141-be31-abf1f5092eb4",
|
||
|
"value": "i0up.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "88561fb9-f9c3-4c35-a1aa-5622c9699f02",
|
||
|
"value": "i1.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "17cb1c6c-d01b-4541-b03e-b7f1f9ee5ab3",
|
||
|
"value": "i49.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d2eb1970-c337-4e7b-80df-a40bc0973f6a",
|
||
|
"value": "i4x.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3ad00795-589d-4cac-8ebc-148cfec832ac",
|
||
|
"value": "i6n.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "092c2afe-15ce-4976-bfe6-af512860d11c",
|
||
|
"value": "iyw5.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d8d986da-886b-4370-97db-dcf740e59b62",
|
||
|
"value": "iz.gy"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "90643393-a341-41e1-92f3-aa735fc848b8",
|
||
|
"value": "j1n.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "18b44377-7389-4a74-8a43-1019da17fd7e",
|
||
|
"value": "j2.gy"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2fbaf3f7-bc52-4b7a-99bc-35aef9177b59",
|
||
|
"value": "j3n.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fec38676-707c-40b5-964d-0af571004fbc",
|
||
|
"value": "j4r.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "44f9a258-23c5-4b6f-9610-8447a7c0d716",
|
||
|
"value": "j4z.co"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e4b2026c-6684-4da5-bccf-dadfc6439386",
|
||
|
"value": "j4z.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3acda878-9a09-4485-97a1-b0d7d7e69627",
|
||
|
"value": "j5m.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "eb18dfe4-76a6-4f4b-bf37-f063946fd232",
|
||
|
"value": "j5n.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "82585293-3047-4f49-b519-3cef85fc214f",
|
||
|
"value": "j68.info"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8e8596ca-dd98-4dd3-9b53-6b59b85e6437",
|
||
|
"value": "j8.si"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "33288511-ea3b-4d9e-b47e-1f7f0f7917e3",
|
||
|
"value": "jjl.one"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "91020589-5ba7-41db-b3f8-6f3ae570aa39",
|
||
|
"value": "jrtz.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6d6cbd04-a68c-41db-b29d-e4e4c64f025c",
|
||
|
"value": "jrx.fr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "347c0396-d7cf-48be-8974-691522d49720",
|
||
|
"value": "jrx.tw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c019e48a-8811-4121-8107-7b9febb9cd28",
|
||
|
"value": "jzm.pw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c356bdf7-1d08-4e24-8e34-f75ba2e9333b",
|
||
|
"value": "k0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e2165d59-90bd-4d3f-a6c8-34a3938ce8cb",
|
||
|
"value": "k1n.club"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c161810c-c301-4c0d-a601-4007a153f238",
|
||
|
"value": "k5j.one"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "92fef36c-3a97-44ab-9534-0c5b217316dc",
|
||
|
"value": "k5m.co"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "be59de04-fdb1-49cc-8033-f052d8057c61",
|
||
|
"value": "k5x.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f96671c9-33a6-4e87-8974-e92530f70e83",
|
||
|
"value": "k6c.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8bd24384-5c85-43cb-9a7a-57fdf4e910c4",
|
||
|
"value": "k6j.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2515959a-b108-4a29-a58f-edcb66a71001",
|
||
|
"value": "k6j.pw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "dde463c0-e60b-4013-b0e1-724dafddf38d",
|
||
|
"value": "kglo.link"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441768",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "cc983cd9-ccaa-41fe-a65b-d2aee1e28a8a",
|
||
|
"value": "kj1.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "84e3be7b-3f0c-41ec-bb68-5e144543bd37",
|
||
|
"value": "kjaj.top"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "96d55b85-0caa-401b-9780-e9edfdc04e51",
|
||
|
"value": "kr4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5cef6e17-187f-43a5-9414-586e346ad226",
|
||
|
"value": "krrz.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d7ad8277-d2fe-4e0b-9fd2-324341934cb0",
|
||
|
"value": "l0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "808aba47-263b-4721-93ce-c108184afa01",
|
||
|
"value": "l5k.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b5ec6afc-72e6-484b-94cf-4accecf28b56",
|
||
|
"value": "l6nk.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "510d376b-3a57-4eef-8104-9a7eef131935",
|
||
|
"value": "l9b.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "25d02cc3-d18b-430d-8e01-9c795d538cbd",
|
||
|
"value": "ldnr.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "042ba6de-8e69-4316-9979-3037eeb66d9f",
|
||
|
"value": "lgf.pw"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9e6b4eed-d73a-4bab-89f0-56a256315189",
|
||
|
"value": "li1iv.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "87c572a8-4e7c-469a-87a9-fa4e8782dbb2",
|
||
|
"value": "lwip.re"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5fc48a95-d409-45e1-a2d1-38da607694dc",
|
||
|
"value": "lwxa.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7517a6f3-05e6-4720-96bf-17582a017634",
|
||
|
"value": "m0.nu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2b0a6440-193a-447b-8036-3f14f8d6537b",
|
||
|
"value": "m0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8dc59744-8247-4ef6-8a1b-c4d0e319e2f8",
|
||
|
"value": "m0.yt"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1f16d835-7679-4672-a54b-e4084253cb65",
|
||
|
"value": "m5n.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c05caab4-18bf-4665-b0e4-1117634d7b16",
|
||
|
"value": "mirw.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "edb5b0e6-002d-42dd-8658-68f97a2f7105",
|
||
|
"value": "mn1.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "86ccd18f-dedd-4276-be87-b093f6e05aab",
|
||
|
"value": "mnem.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a71e0ee5-8416-4672-ad45-bc93d2ad8dc8",
|
||
|
"value": "msix.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "03204596-9a53-4726-93e0-360fdd593825",
|
||
|
"value": "mwgq.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fc96f8be-951b-4839-a8b8-25ded7e2fc18",
|
||
|
"value": "mz3.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57c4b12e-c87e-444c-a399-3f610427e4f6",
|
||
|
"value": "mzjc.is"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "22e7ee7f-2fe8-471c-bd52-410bcc21a2eb",
|
||
|
"value": "n3.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c930f2d6-0395-484b-9753-dab954b5c7e6",
|
||
|
"value": "n5.ms"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "34ab9aac-fe9b-45a3-a7ba-252e61fb0cb4",
|
||
|
"value": "n51.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "09b741da-1eee-4e36-8b9b-60d045d5aa49",
|
||
|
"value": "n54.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "68a79251-7658-4ab2-a8c7-e2589744fef5",
|
||
|
"value": "n5k.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "7720e7aa-e600-4596-98fa-74de77a4e11a",
|
||
|
"value": "n9fz.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9499e299-3f16-4872-9165-04e513d8a4b2",
|
||
|
"value": "nk0.club"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c0acafa2-3a27-4600-a33f-393adc7c152f",
|
||
|
"value": "nt3.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6f44f21b-22cd-4b61-9801-d842a76635b5",
|
||
|
"value": "nwz.li"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "171aee96-4194-44ea-a89f-b790523d3b8f",
|
||
|
"value": "nz4.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a6a506a9-010d-4f14-8cbe-c49beaf3a2d0",
|
||
|
"value": "nzm.one"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "9d436d9a-7c83-44b2-800b-0cfc6a7889e2",
|
||
|
"value": "o7car.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6dad13b0-bf92-4c59-ab3f-6d0ea79d7afe",
|
||
|
"value": "oj8.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0ad3845b-67eb-4846-b217-8574e814ffdc",
|
||
|
"value": "omzk.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "31caf8fa-2ad9-461f-815a-067097fac9b8",
|
||
|
"value": "p0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "32909740-173d-4581-96d7-635809613bdc",
|
||
|
"value": "p3.ms"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "63a10464-b79d-481f-93c2-d975f515cd7e",
|
||
|
"value": "p9.tel"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1d2ce439-c305-48f4-bd66-db737e29c2c1",
|
||
|
"value": "pjz.one"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c6c5d4d8-8dcb-4ab5-b267-fe4dd7d6c1dd",
|
||
|
"value": "q0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "011d2ca7-c6b9-4b68-a74e-afb6b4292c14",
|
||
|
"value": "q0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "666605e0-8195-4e35-b822-b724f48fdb82",
|
||
|
"value": "q2.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "ab930a69-5cf3-4b73-a894-c194c3e222ca",
|
||
|
"value": "qji6.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d88ac7d5-7f96-47ff-b0dc-7af6b8305b8c",
|
||
|
"value": "qmpo.art"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "85af1a0f-79a4-4005-87c6-a98730cbff56",
|
||
|
"value": "r0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2b672d12-ee76-4922-80a4-395d054ba4ce",
|
||
|
"value": "r0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f9925fb3-0eb4-4a3b-8e46-50b7eb6c2841",
|
||
|
"value": "r4e.pl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d25ab28e-76be-49d7-816a-ee061fcd1e4e",
|
||
|
"value": "r6.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "29b9bb04-d050-4bcc-a98f-fd6b02291f89",
|
||
|
"value": "ri7.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "2bc52b9c-e726-45f3-b0e3-f1fb80e5b4e3",
|
||
|
"value": "rn9v.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a956c9ba-972c-497a-be29-d12caa8d913b",
|
||
|
"value": "rx3.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a941fb2a-8350-440a-bb7d-3aa6a30ae815",
|
||
|
"value": "s0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a8c53e6f-226b-4821-a8a1-633d4c105ce2",
|
||
|
"value": "s8.cx"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "b1aefcbe-5027-4e6c-a054-9475eca7563e",
|
||
|
"value": "skqv.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "90049ad6-387e-4bba-8e57-341ba2b245e3",
|
||
|
"value": "t0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3316bfd2-d0f8-4986-bb2f-352cd7a0d40b",
|
||
|
"value": "t7.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a02a87b3-5512-467f-a924-8a32444319be",
|
||
|
"value": "tiua.uk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1db68a30-fd23-41e8-9586-17780a722d7f",
|
||
|
"value": "trzx.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "6410d437-dd10-431a-a623-7ad1aa73618a",
|
||
|
"value": "tz6.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "4dac994f-9876-4af0-a018-37c55201af23",
|
||
|
"value": "u0.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f041b0b9-e3db-4bd3-b3c3-4143635ba598",
|
||
|
"value": "u0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "35675372-9e38-4d54-bced-9ecd8da2edd5",
|
||
|
"value": "u0.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "bcccd3c7-0229-4bbf-80f1-601af2d9cc3e",
|
||
|
"value": "u7u.ro"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "61d5b4ab-befd-42d6-9075-c33f0ffd95ed",
|
||
|
"value": "u8wp.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "5dc8d521-78f7-4d83-97c8-09dfe1643d24",
|
||
|
"value": "ubv5.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0514722f-8bbd-4011-95f8-a1037cb35586",
|
||
|
"value": "ue2.eu"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "74882ad9-585a-4b42-a321-8bf90ed620cd",
|
||
|
"value": "uoej.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "50dec3dd-a589-486d-b6cb-12e786a912e2",
|
||
|
"value": "uqw.futbol"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "973467b3-ea0b-4d56-9524-0c9b832e0d20",
|
||
|
"value": "uz3.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "daf73e02-df2d-4ec3-a748-7d6912876b70",
|
||
|
"value": "v0.cx"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "189a0034-94e7-4191-8b1b-cfb632de62e0",
|
||
|
"value": "vn6.co"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "fc61082b-adbd-4300-a75b-29b91fd44acb",
|
||
|
"value": "vqdn.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "c9fbdb0e-e0a8-4735-9a29-16868ca92d3d",
|
||
|
"value": "vs.gy"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8322355d-cb9b-4be6-97bd-6e84b725bb5a",
|
||
|
"value": "w0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "63a90297-d7a6-46a7-81f2-c5da074ddec1",
|
||
|
"value": "w0iq.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "19c50e52-6313-4ec6-9806-347086ddcef0",
|
||
|
"value": "w4.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "93e774f3-c40a-484b-b373-b745ab88b71f",
|
||
|
"value": "w4.rs"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "8999fc5f-41a9-425a-a5a0-e6f526982b8d",
|
||
|
"value": "w4.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441769",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e9b84ead-97c5-48fd-92f8-f91ea1c75f93",
|
||
|
"value": "w6.nz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "e9bf9c36-9553-4e38-876d-c623c7530c6e",
|
||
|
"value": "wak.rocks"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "dfc8564c-0c28-4cd7-8421-cdde39edc91f",
|
||
|
"value": "xjam.hk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "70ab60c9-d7bd-4081-9bd9-afb64536d330",
|
||
|
"value": "xtabr.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "d098a898-40f9-4c8a-80b7-79e9ebfe1bdf",
|
||
|
"value": "xz4.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "795c92f0-5474-4bb1-b4fc-4d89b85cf003",
|
||
|
"value": "y0.pm"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "22ad1e21-a348-4ed4-b224-6d866a1ab682",
|
||
|
"value": "y0.wf"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "f5a3c0c3-5763-4119-a016-5e370eda1f1c",
|
||
|
"value": "y3x.biz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "1f85f78c-a812-4756-9843-2a805c45ff18",
|
||
|
"value": "ynns.uk"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "960dccfc-5180-46a6-a36f-8089eb9d3825",
|
||
|
"value": "yuiw.xyz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "aa046f62-44ca-460d-86e7-7b5a16732a80",
|
||
|
"value": "z7s.org"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a8aa69bd-063c-414d-9edf-b21e3fd68692",
|
||
|
"value": "zbs.is"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "3d69e18b-5341-4c4c-9cb7-73af223c1704",
|
||
|
"value": "zi9f.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "a68fb465-f713-4c3c-a658-368f30c0ca5c",
|
||
|
"value": "zie5.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "bd99e9ed-e0e1-4ffa-a93e-2b3e9d47ac89",
|
||
|
"value": "zjc.bz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "15d682aa-5c0e-41f2-a9a4-f67dc643e183",
|
||
|
"value": "zk.qa"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "21d6b907-0d2a-4167-967f-6c58a42fc304",
|
||
|
"value": "zk4.me"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "996b832c-4b83-4b20-ae83-2ae5a138e058",
|
||
|
"value": "zk5.co"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "From https://raw.githubusercontent.com/SEKOIA-IO/Community/main/IOCs/qnapworm/20220704_QNAP_Worm_Infrastructure",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1671441770",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "0ff9b6e9-a2be-40db-b8a1-266e0df2f33a",
|
||
|
"value": "zxn.fyi"
|
||
|
}
|
||
|
],
|
||
|
"Object": [
|
||
|
{
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"description": "Metadata used to generate an executive level report",
|
||
|
"meta-category": "misc",
|
||
|
"name": "report",
|
||
|
"template_uuid": "70a68471-df22-4e3f-aa1a-5a3be19f82df",
|
||
|
"template_version": "7",
|
||
|
"timestamp": "1671442083",
|
||
|
"uuid": "aaf09192-2cff-4665-aae1-05a6e8cae7ba",
|
||
|
"Attribute": [
|
||
|
{
|
||
|
"category": "External analysis",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"object_relation": "link",
|
||
|
"timestamp": "1671442083",
|
||
|
"to_ids": false,
|
||
|
"type": "link",
|
||
|
"uuid": "39dc2fbe-f68c-414e-94ec-5867c8bd095c",
|
||
|
"value": "https://redcanary.com/blog/raspberry-robin/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Other",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"object_relation": "summary",
|
||
|
"timestamp": "1671442083",
|
||
|
"to_ids": false,
|
||
|
"type": "text",
|
||
|
"uuid": "e2350615-9e5d-4e34-8dbb-0cda7b2d70f3",
|
||
|
"value": "Raspberry Robin gets the worm early\r\n\r\nRed Canary is tracking a worm spread by external drives that leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL."
|
||
|
},
|
||
|
{
|
||
|
"category": "Other",
|
||
|
"comment": "",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": true,
|
||
|
"object_relation": "type",
|
||
|
"timestamp": "1671442083",
|
||
|
"to_ids": false,
|
||
|
"type": "text",
|
||
|
"uuid": "bc877e77-decb-4913-aecf-8f62a917a257",
|
||
|
"value": "Blog"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
}
|