forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapt_calypso.txt
60 lines (52 loc) · 1.64 KB
/
apt_calypso.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Reference: https://www.ptsecurity.com/ww-en/analytics/calypso-apt-2019/
# Reference: https://www.virustotal.com/gui/ip-address/46.105.227.110/relations
# Reference: https://www.virustotal.com/gui/file/a32b3e0f9b0daaaea6ddda9875f463ff100a28005eb66a03c0308a1820787fce/detection
# Reference: https://www.virustotal.com/gui/file/aea4d3d01ab9a564ca12af0d1a8b5eecb381a409b30b3ac8fee13f85f8e8db24/detection
http://23.227.207.137
http://36.44.74.47
http://45.63.114.127
http://45.63.96.120
http://46.166.129.241
103.224.82.47:321
103.224.82.47:445
46.105.227.110:7003
dealsgle.com
etheraval.com
streleases.com
sultris.com
teldcomtv.com
krgod.qqm8.com
r01.etheraval.com
tc.streleases.com
tv.teldcomtv.com
# Reference: https://twitter.com/TI_ESC/status/1264843775232421888
# Reference: https://www.ptsecurity.com/upload/corporate/ww-en/analytics/calypso-apt-2019-eng.pdf
usergetacss.com
uv.usergetacss.com
# Reference: https://www.recordedfuture.com/chinese-group-calypso-exploiting-microsoft-exchange/
# Reference: https://otx.alienvault.com/pulse/60638f7aff63f9956797e899
aztecoo.com
draconess.com
membrig.com
prowesoo.com
rawfuns.com
rosyfund.com
sultris.com
waxgon.com
yolkish.com
# Reference: https://st.drweb.com/static/new-www/news/2022/march/telecom_research_en.pdf
# Reference: https://otx.alienvault.com/pulse/6267dbe17cdc91a784b256d6
globnewsline.com
surfanny.com
sultris.com
youtubemail.club
wordmoss.com
blog.globnewsline.com
clark.l8t.net
mail.globnewsline.com
mail.sultris.com
pop3.wordmoss.com
webmail.surfanny.com
zmail.wordmoss.com