Signatures of the notorious Emotet malware, declared by the Department of Homeland Security as one of the most costly and destructive malware, were found in the clickbait links posted in UNESCO’s E-team webpage – used for sharing knowledge by fellow Policy Practitioners.
Recently, during the on-going monitoring of surface web, our researchers came across the E-teams webpage on UNESCO’s official website. Multiple click-bait links were posted to lure the visitors into spying onto other accounts. Clicking on these links/posts, the visitor was redirected to a malicious website that requests the visitor for a username or emails to hack and after collecting the information it asks for payment from the visitor to show fake results; It is only to collect bank account details of the visitor.
After further analyzing, the malicious URLs were identified to be spreading Emotet banking malware also known as Geodo and Mealybug. First detected in the year 2014, Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Additionally, Emotet is a polymorphic banking Trojan that can evade typical signature-based detection. Primarily spread through the malicious script, macro-enabled document files, or malicious links.
Below is the snapshot of the graphical analysis of its Indicators of Compromise (IOC’s)-:
List of Incidents of Compromise (IOC’s) gathered by our researchers(weblinks, IP addresses, and malware hashes)- :
instagramhackonline.com,
www.instagramhackonline.com,
198.54.120.43,
162.255.119.251,
198.143.106.201,
www.netflix.freewards.xyz,
spotify.freewards.xyz,
freewards.xyz,
com-hack.online,
autocarcombine.com,
blog.ozywebit.com.au,
www.blog.ozywebit.com.au,
estetiplan.diegosebastian.xyz,
www.estetiplan.diegosebastian.xyz,
codi.diegosebastian.xyz,
www.codi.diegosebastian.xyz,
tanavastone.com,
www.tanavastone.com,
www.menscort.in,
menscort.in,
studio-coffee.ru,
www.bigintro.co,
bigintro.co,
www.fnvbucks.me,
fnvbucks.me,
test.test.ashfaqur.com,
www.test.test.ashfaqur.com,
www.test.ashfaqur.com,
test.ashfaqur.com,
ssafoto.com,
https://apkmaza.net/malwarebytes-anti-malware/,
https://gamesgenertaor.club/snapchat-hack/,
http://vacuumcleanerreviewszone.com/,
http://scrubsuniforms.com/,
http://bioexpedia.com/,
http://thedearlab.com/,
http://compareappliances.biz/,
https://apple.authorize-giveaway.com/,
http://fashionabledude.online/wp-content/Update.html,
http://www.apple.authorize-giveaway.com/,
https://thedearlab.com/best-back-scratchers/,
http://swordsstore.biz/cibc/,
http://verrulon.com/,
http://futuretrolly.com/wp-admin/ttt/email.php,
http://healthymomrevolution.com/wp-content/themes/ashe/assets/fonts,
https://thedearlab.com/automatic-toilet-bowl-cleaners/,
http://mail.globalcoronavirusnews.com/,
http://bavafoods.com/,
https://futuretrolly.com/,
69fb7b96d2da05f2aef88efc9e788ede343c9112ae164fe026e504449d56464e,
86749d3e3233d7a75a618c98eac9f31f508aed4492849f65b907787b0bd1d047,
e0c372242715c1ff0e827c1fa561f8fcd75244265a6dee2a9c4eb6f01aba32a2,
http://software161updates.xyz/,
http://software119updates.xyz/,
http://finest108downloads.com/,
http://brucefrench.net/,
http://securium9maximum.com/,
http://xamasoft.com/,
http://funkupdates113.com/,
http://bitcoinlibre.xyz/,
http://securium7maximum.com/,
http://securium17maximum.com/,
http://software124updates.xyz/,
http://topnotchsoftwaredownload12.com/,
http://software163updates.xyz/,
http://gooogleappupdate.xyz/lp/,
http://software111updates.xyz/,
http://bbredir-ply-101.com/,
http://asgroupship.com/mail-upgrade/yahoo.html/,
http://fundownloads110.com/,
http://software121updates.xyz/,
http://securium2maximum.com/,
nomadlifestyle.net,
justsav.com,
ra9f.info,
2temptu.uk,
llsops.com,
sponsorstudents.org,
maxcamacho.com,
nathanbordeau.com,
lcl.space,
mindfulnessyogacambodia.com,
organicfinance.co,
roptix.com,
scribl.co,
mail.utbsolutions.com,
2temptu.co.uk,
juarezfamily.com,
dawnco.studio,
alessandradzuba.com,
shebiz.ca,
shebiz.org,
60f99355aef326c4dcc0d14b93ff29f9021b4bdda3a58777e54bd92dc3970926,
9d11b4107a739f641ffed08eae4088e0a05068f84058efd2a401e7825bb664b5,
04171180f11e0fd67ab02a3115da852094a6ed2ec1c357f90d1f33ba753d3a5f,
725281cd3dbcc14c74da3371cb84b0ef7bff8af9fb1ca72122f16ad813d217c5,
9a96f5981c0716c5f52f4ca394e7dd84db64a039ba4fc6ca6815d9f5d055df5d,
40ef40c135f18426f084ba1191401f4d550ab8135065c4e88032476a7968c44f,
2db4e4b4af8bbd6a58d2f2eabc59211d39bb7748996a9db9e791ed04965ed645,
ffbe9563818530b374429b8eb54eb1ea337b38a3fa1920aa61609ff34c55b2c0,
4b34c4e183a02cfa979601d51dcfe27f980f2c9b18add04e44f2eaad1fef6574,
94c4c16758dba615b7716adf03f25bbb717c15139aa9f145e4b215b86b1f5ee3,
32eec9f3ad0cf5849e7dc09f3a70aa107163c2e6d1a1a541f65df3dc6da3a4f6,
131a68628cded80a6d0ee6c85704e021351088e52fea4f401469ad17bfe44934,
0e1084d716f3fb21f35faec8aec6a7ed6453fe7836446ec70ec06acaeb1dd81f,
71d62930f3d49bac2cd8b7092795b390635191aedfbc50a5e2428f2d59a81b08,
1934c0c33dff4320e40c4bed4e5c33b143ef4571aee7497eb858839abc5757b6,
aad871e34e3da3ce43a3594449ffd3bd8ba841fd72a96c4fa6b259a308301f44,
d88df1d3bf90ed162cf7f01d74b469efddb005e95629804eb0d3f4c66d107d9d,
3c38cb1ac24c6848e67bff6b7384bd5f7fd5810154a65eb4aef7dfc229909510,
ae71808ce2d56f3c0ea564dc1c6c447ca50543c035da868c5a3f5d39ac1c1ce5,
d47a57cc748a94e5a5d9ae76b33835d1c58c2a3f545d2a6c4bd0400c76cd980c,
8e3dbf97c47ebe430a5b5a0e0ae0afb9efda3d7ba80b25357b53afdfb4aa629e,
a0a378298d7d1753bf4f03cbfc044751e9b2e5be3b8a6dd8bf59acec85223d8b,
4194bf1b878eaee3a21359a2db9c2db8c82958c9588bf7e92e2b2f5325bb3a6e,
d65ba29aaed1fc9aca6bc4661df0c8d8dc8fae59951f23bfda85da4e2b60ea73,
886f6f1b0d42989065a2e70a0e967c6cc710c55a41e5ea010575f8a228a1934e,
ec37e555a95fce7d8a8f2dc7718345836cd58909894fcf379f12412357e8d3e0,
d55c97c2fd371a08e26b92c40b2b2980bfccad12764e3a154d3ee4d25bf34970,
d1cd38bcca7462acab66406dad34b379388d9709b0d4de1c16c0ad5b08140926,
38f53c92b8e1d866bf140937ee60f07017d4b037950b1346fdab93584c814050,
d0653836566a9eb89e01138d58d8a2585d291a28559713d5dc64767e682fbec3,
6be5fe1004ad515e70bce4f6518484ec9fbebf7ede109ec05c89c5cfe399c8cd,
dfba47961b4458302895b0e32fece10f23fa17462f6619b575a77e000af57633,
ac01b5de6633c1ef0a2c15467d06cbc495c7bb70da5aa56b999ff8b351f5da81,
88407490669a555c927e6bc231d072d39b148c54c96db112f1c8c419445b45f1,
95d92dab433d7fe236246d8bc764200332fbf8c510edae1025eb30b1eba62407,
ffde74daf4b95043a554e1ed2a1d988c3aa05803748ba9ea1345d90c4ce20c7e,
47df8ae424986bed848922eac65ee7f4387832ddf7cf1a393e14deeb0ed78bc5,
a0c50b557920c533e5a1a4986749368c71acb1e7e9133940866c88c515c8179e,
6c7cb6332cb597361d985d4112e771e4ad004241721a493bfef6b997e9169b7c,
f88de90305d015e8b93e4cc1b9ef99b179de225b050c3407f0d2a784eb3c5012,
9247755114c5fc27af7f76e440bd879fc37f48a09991c06bbf3b3205f24effe0,
b3b70d105a65a2ade5c99afb079c14046693ebd35b3022f2381f14b60923bb2d,
78a79391b40c403bb4e418173c36f2e0dde23f303ae3ff0b4761d90e47e2240b,
85d911b565428f6a18c85fab1b95b2ff84f012b08ae933ca16ff28d6e235216e,
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24,
e5b8444f497aa3084e6f42ece1d3d29e16987dd2efdfd194d5a477abb348fb5a,
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3,
185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969,
4bce352eed116a0e8bb6edcf4ffbbbac8bdc89d8a2d1bd08c3db806bf7e54a71,
5b80b1566219a6c3321b14127ebae23f73a18fd50a0751d2179e42d461e9ad39,
b629b5e9cb2683be2129e67282df2e01f63a91ec08ca981b07b5b42adaae1c3c,
18c1c0631c0a092b7412793ad1524ae9287205d541ff0b24ff8dc711237cd705,
dfd4e20632ac85c32a913f6dc4d233ac41a12d025b0d52379f488dad58b6073d,
d25eb436f584562f7c291c66772de30b819d99dbd8319648797e3fb85e09bed2,
c1ac08f3693fd43d9ee1dad035e8ce5960aad4cc7809ed40ad82f6b4cff33e4b,
23926e9185d8d43c02807a838ffb373cc1977726094a4e46807c66ada9dd7660,
5fff42af590c56fc88a5ebe511b44eb477a017aae49a4dddaa32a2f1aec4c3ba,
8c91fd7834abd4cfd5fc8bbc08c4d62fc9301411f47827a72c6522b0e0900cd9,
a0096f0b578c78a6b4da5797c8f109c6ac7c746112abd67519ffc8a3a1f45d51,
16f8132f97b8b748caf55cf1f81463382aac01b54ff5148322448b75824a3f14,
471a4c6ac6b3c8d280f6cfd7a4d4cf279dde3bb33eee0743008fc75609777c20,
4a0c5b7c8979198e83181c6688239c76e0a5389f86b6409a6a9d5642c64fa391,
37f758810d59a57e262ce52ff77ea7dc955d4857549b86dab927a4eaac9ad10e,
7a7fa90cf5f38e994860ea94da947f8a727eb8c76cdae3594c9691cbc55b943f,
a6b8c33c5403a9b5414c2589bc763e94ffc00e6d2145d73d063e4c1fb3d3907b,
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f,
bd47931ece3aa1295fc9f4c0c72ddab2b42215e9773bba4398cffa5685bbf030,
0f565d968f392e341cdac7110d58a53604155a28d0992ec35dbdee98878c050e,
260e409200e14b0fd96775b6c54b7c0617095c71a0ee3ee35550a9de50669ce0,
82f1e5a1dd11f2f31543dc6b0a18bb255323623a853a510a85207787db466cfa,
73ba0e3f8b48c9df1309ce1a29693abcee8efa808a8f02334a04c025d4953766,
f097b5f4f46cda2da21b954c9ff4097e1e14ae7064ecdee2c2cec2d3c1f08e6b,
0ff0b7fcb090c65d0bdcb2af4bbd2c30f33356b3ce9b117186fa20391ef840a3,
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9,
0d52cecf045d3600764c62575c0ef86c6a80f63b14ca2acae593ecad03dafa1a,
fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf,
3e34d134641cc8061a19e931526bf71a71942848c9c81872947e508ad87f162f,
dad77b4e03da0b316a68760e47d7fa73d38b6aee78c004fbf5cb41b5a5d83ebf,
bf0460d3dd3e1d3a3d4c5beb90059ce94069b91e4f59d7c501b778c53b0b0b57,
b825edbb55450e309fe823143f985893b399da08d9166f4523cdffbfb7f48310,
23.238.16.221,
www.freewards.xyz,
castleclash.com-hack.online,
monsterlegends.com-hack.online,
township.com-hack.online,
wsop.com-hack.online,
hayday.com-hack.online,
extest.com-hack.online,
slotomania.com-hack.online,
gunshipbattle.com-hack.online,
http://freewards.xyz/,
https://freewards.xyz/,
http://freewards.xyz/_autoindex/icons/up.png,
http://freewards.xyz/testing/trustpass.html/,
http://freewards.xyz/_autoindex/icons/folder.png,
http://freewards.xyz/chaturbate,
http://freewards.xyz/testing/trustpass.html,
http://freewards.xyz/_autoindex/icons/blank.png,
198.54.117.200,
198.54.117.7,
198.54.117.212,
7059a89b6918dff2505630c45ff3cd0478d65d2e81a158a2a1725e943c838f84,
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83,
736f2ee0dcd66dbaba96cb963ea81c82af802426591c06c361fe3276bc1a96c1,
e1ab90d38dded5da677722581fb12da854c3cd5993aba717ffe067de1bb4b928,
6dcf20d0b0007b68f6663da1c10c0b2374da7bf41b103f73664a6e8392788db5,
15da31b6938211b2a90714609e1fbc658c3b1974f2c9e36631b1723b2835f9bc,
http://tops102downloads.com/,
http://loan4all.xyz/,
http://securium19maximum.com/,
http://roptix.com/,
http://shebiz.ca/,
http://proposedregs.com/,
http://itunes-cancel-payments.xyz/apple/confirm.identity/cancel.form/index.php,
http://nerdworldproblem.com/,
http://funkupdates119.com/,
http://galenbremer.com/,
http://maxcamacho.com/,
http://saferdownloadsrus128.com/,
http://betme88.org/,
http://fugdownload158.com/,
http://asgroupship.com/mail-upgrade/yahoo.html,
http://fugdownload103.xyz/,
http://johnandlisagiveback.com/,
http://safedownloadsrus198.com/,
http://tops100downloads.com/,
http://abc-kemeja.fr/img/banner.gif?16314=90900,
kathylea.com,
galenbremer.com,
amberwalkerflute.com,
betme88.org,
rinayoon.com,
proposedregs.com,
brucefrench.net,
laleatherco.com,
danielgrinberg.com,
edefede.com,
familymonteiro.com,
nucase.org,
lyrasistechnology.org,
entify.net,
pokermi.site,
themodernlesbian.com,
roptix.info,
vidit.xyz,
deliciousfantastic.com,
bulgarianbodyblast.com,
9a0c0205bd881fda70b1488854036d73566e5e973002500baf3ec18b76b75f0e,
2d9347c11fd24d224ac7c531892f6c3bd3bc59677b8ff1f1b9a72572661ea6d2,
359ed5c9bbb6aced9cd826e2607686272e7b3b09dddf1eff8f3b2b1a3bf5b924,
4a8dd45237cc3201e15d21e93bfef2632c6ec4ebd4d11b4eaff893aa0e79a6ee,
623309e1654da6444ad499e870c870989e99590d3a100263e8c74e5ebfe719a8,
79f3f6e759c20f18de90d2bdbd03755edbefca6192152cac48548fc17324e49b,
e41220c03267be776f99548c02246266bd7d6628eefc696bb6e4eafcc46604fa,
68ff7e281547778803e745132aa98cf8cef45f4c6f90e35d706523173b41e432,
ca10145bb73b5cd1b5f18063bcb8e0819dd59cba15337c20bfb895705a44729d,
57bffd67a17c6f2434e5997f989512e70a506ba15869ffaa2f5be7bb936cad09,
68790bc17b56d7453a40fd1a0b1aca3bf863ad72b9cb260ad580492d3fee6d4b,
e3d0614b4933f0a63a203a44ee288aa40ae9e61c525b264a7cc679588f64d679,
dcd803a787b3ab15cccdaff360a94ac6828977089a7eb56abe8776d79932d4ce,
85cb4cce9c47245f81d53d6851f36b966a988fa964e6575bf9d4906d5b3065d5,
5244f123bed17fa8fcb827733e04fe281864ae440d66d9c1fccb09fba93c978a,
81f58e588a9f1b756c17982fbb274111a1ff3631c9b653143d5544cfb8036884,
4a4fb49616e036ed6396cf297ad3e6562383ee4b5ddb34c179c476ce76654a85,
8f52329dfd96485f98752e572e0e88768d304e1f59e13644ebd5061b3f78d773,
d914845949fce9a5bd60ccfd339c1ef8a6c22803200acd92aac2098a1fe3e125,
3f451c0d38b31c6c44d81d81f490aef3d97d17c74fccccaaee224b852ab1a415,
830ccfda8e14bcfa22868e415da594d4d272ffa9d083792a1a038ea5e9ee8630,
6f9c67b8cf9928f36c1ea5ac64cf7f9d4223fd771898f79c158d59fbe572afd7,
2e7ce2830e0f6f3317a51548c68ab13659f4dab18a91501c9b548d3fb5352ecb,
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2,
e2be88fd3dc7349ec9c3cd296b5f4241061ee5462e7d04d5425359a27b2122d2,
8e7ad9ecdd72105d42b6ea1ac54e157d81f86ea710ad085a10e06563481f6ab3,
e75fb19a6e167b6bf5b614e9ca4df333f9b3bd06edb5ea0a7cb60d19cb789065,
e862a3e7b6fc2a41146469f6ef8518eb1484cc5600ed1bd6502b9849575b0ebf,
daaf01f233b282c282c5aeb554d2435a06d85742a7d630e10222d68b1e45ecc4,
2492879d786a7f9c11d1296b5a31f42a12a89020f627d6fb6042ea5768d85871,
9606e4830157befecaa30092e1a098c18e4f1e29b6f59267376a58111d810597,
7da15bb6457dbb866a293c12b681441c8a4a02817ac3fccdcb0cd357660cca9b,
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70,
3b70193ade24bfa953575e91f61c3bf867bac9e7b8caad49cae5813e3135c74f,
a90b4a4380ef09016b7c0fe1cc6e98231b297fd1b4ea2ca311614434b38290c1,
b82690ce1ef68285418482232c51b369cf4bd63ffa3bdcd92e94df344af80a47,
d69848fab4f6c7459913733ede31ea81b0e92126b7ddbb08300c5a802a879b18,
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98,
432cef679930a1585b78e27b6227d264055c43d27c138a4fb1085b3fe16a9d6e,
bfd55b9c9142617183e98198212e393807a12824acee521e4740f1ca601a2cba,
http://software107updates.xyz/,
http://securium10maximum.com/,
http://asgroupship.com/mailing/index1.html,
http://saferdownloadsrus117.com/,
http://safestdownloadsrus125.com/,
http://directdownloader.com/download.php,
http://fugdownload499.xyz/3062/lp3/50430/550/53/,
http://securium27maximum.com/68907/sr3/,
http://software125updates.xyz/,
http://finest113downloads.com/,
http://videoyou.xyz/,
http://rinayoon.com/,
http://themodernlesbian.com/,
http://safedownloadsrus191.com/,
http://software146updates.xyz/,
http://imglist.net/,
http://asgroupship.com/mymail/index1.html,
http://securium28maximum.com/,
http://finest110downloads.com/,
http://securium20maximum.com/,
lowendguide.net,
paradigmteas.com,
plcmch.com,
sunseasnow.com,
pierfy.net,
goroshkova.com,
noconceptstore.xyz,
haleycmcdaniel.com,
meredithsanto.com,
nerdworldproblem.com,
pokermi.website,
hyattnet.org,
ratamaque.ca,
nakoda-outdoors.com,
6river.tech,
loan4all.xyz,
mprs.me,
scarletinc.in,
gtechglobal.net,
kbelearning.com,
6f0ef193bb20ad4411de29eeb4af361bf65e86158914c9d3f424c8b5c6ebef82,
e45c850f7e6646539e1217455e0547031e70c58f133880416d3854d973877137,
4bcd27e3b04427874bff7ac1a8e37fac29f7f2ff4cd72a989b8ea92cd0d6da03,
e45d0f58e94d9fd16768f35b0a749de3823d8effc1053526d306c23a7868af2a,
fcb3c5675b7ae74478fc423dff99489fc0a18310eaa2ca58440229c6586651f4,
a5c04597325116c45c6067b94b6e6dad90943caac85fb74dc9ee8c6a4bd8dfb4,
abe1e73aedc6be4c99be525aea3a61a83712700f9fb152d24d78dcc9e08bb256,
3a243048ac84f06bccc4bcdc057dd32574b0ccc9ac2454f88f3d0f4fae9bfcb0,
d7aa50deb4817c623188ec5941db1822673914c7f15fc7813f86c211c56e7f5a,
a4c0b5674b398258fb193461fc9631b0b88bba10ccbfab3d946303f045fec424,
585b2845d7e5fc8580021561b73e08bd5c5cd33532dead83e9e2fc0bd1e04d39,
7a377c7d909403b28c3963d8d20e08f37dd4e942d5dde5aa07d7dee53d40df11,
315fc7a4f999419583e67f4eeef36ef5e55f86149e9d9b6ee5e9e8c15791b288,
455a0820af459c2f9704862f52ff589c745cad26d30eaeb5968ffa47825e6907,
7cbe744e5649c72da0d66c144fc674fad97704a570c6b3d2735e158dced314ea,
ed467766ddc835baf34102c335f7c6447a72e08b86a4bf315b1ba8d17e71d472,
a9b1418297c281ae19fdef4db0ad3f0e32791f1ad75008b82e3351b7d1d23346,
8567cb5bdffea766aa28ca4885b042dc3bc7ea46ceaa182c15c6551d033c05e0,
5a13041b23fc318ee94dd14237e001d726577089611e9e3db339acd40db50c9e,
11b0488c08b3cb37a6fea8a6d735dcdb607a5f0610cc95ca7d638337092b94fe,
1bb5746292f623e2a79b58df3c0f605d6c469eeb9c0ae7cf36f4fd35374f59ba,
025ff6930b19e8dc4c29f22f5e734a6321bab9294e9edc591aa5162352736a11,
4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8,
218102bec6b72a18ce7d55f2b434163b85caf4134fa83697a0d66297c58ffc07,
8ca9bc131f24e07be686dc8ba68d19fc7fb5113826e12451aa92d95b0d382b47,
adf094cf2ae80f541b386480aff70c9dadbdbbfd718ee5c8829d1e2710744527,
1ecc8f7390a8e92014513a95325c2276264961b4d93004e3a5dbdb5d91c87656,
252f5e6b6add0f215a267a86d6fa3a52e783ad79b05dc6923c114784f835091b,
68950b57b6d7cd967ab2b2f21f26a38dcce9fb4a940e36bd3c1570116b348ddd,
b323be1d256e435fb11db5f80cab8cf2f6f7876390b266d860512d0cfcb793ac,
126cb96ad61deaa7a90089900a026ee0049e2c2be00c661d7850ae4336649cd7,
e8b3c0cbbb934da452ef6ff3f3b0891f5d06212d076c8cbd00e8797492d4469a,
b5318ac100f7dc6756f712e319e37178338d0a63a4c1eff3ed41ef5c3c599138,
7c1ce96e863c28449bd902e15d911402c31244ed6accf50a9d6c5e95d053c9f0,
3060dc40dbb847846546d35ffea16cbd5cbdd168b6bc7156a5726c8d4887acfc,
a7d4474f3cd984c4def496228c1c3aa4e386e05596d817e144a63f15b907af2c,
664bcf73009961286ea3dad739f88b80823fb39f817496c447b1ef52cda6ef4c,
5f5b6598e0aae1fbf7a020530aa41117429db56b95aad2dfc61a23e5fba54b2c,
05e922245d334d3973a3e6124ce6cf38cb5d8f52cc817c41086d79f463f9b2e6,
83955c8204a85c2752959c5c95b673e182b14440bc24bdd4e64f36e5e791469c,
http://consortiumtc.com/xmlrpc.php,
http://winkoolfilm.com/xmlrpc.php,
http://kuhlmanauction.com/xmlrpc.php,
http://kohtaoapt.com/xmlrpc.php,
http://louisemcdonnell.com/xmlrpc.php,
http://fromprairiestopeaks.com/xmlrpc.php,
https://4movierulz.cx/xmlrpc.php,
https://wyndhamgardenbarranquilla.com/xmlrpc.php,
https://suesannguyen.com/xmlrpc.php,
http://potenciateconfuned.com/xmlrpc.php,
http://agalot.tk/xmlrpc.php,
http://topratedshavers.com/xmlrpc.php,
http://myindustrybrand.com/active-clients/swallowstudy/xmlrpc.php,
http://developer.wordpress.com/xmlrpc.php,
https://www.cyanogenmods.org/xmlrpc.php,
http://geilelangepornofilms.nl/xmlrpc.php,
http://www.sanjeev.sabhlokcity.com/xmlrpc.php,
http://mavipaket.com/xmlrpc.php,
http://ooskajoos.com/xmlrpc.php,
https://byochange.org/xmlrpc.php,
consortiumtc.com,
winkoolfilm.com,
kuhlmanauction.com,
kohtaoapt.com,
louisemcdonnell.com,
fromprairiestopeaks.com,
4movierulz.cx,
wyndhamgardenbarranquilla.com,
suesannguyen.com,
potenciateconfuned.com,
agalot.tk,
topratedshavers.com,
myindustrybrand.com,
developer.wordpress.com,
www.cyanogenmods.org,
geilelangepornofilms.nl,
www.sanjeev.sabhlokcity.com,
mavipaket.com,
ooskajoos.com,
byochange.org,
26825c26ec7dbc25873d7b222b4e531ecce0f1d5dd36944a49464da28685c045,
d96f3f98c22ce6ca8f07b03b76a71da0e7da23a989df7f1073d5235318afc1c1,
e9f063906bdf9630e0e3122e7756615c464e9b69c156141b885f2366a45bf3a1,
76613f6351e7014b850565548150451d517519be14afdd08268ea6c3f6770fc9,
d8d2f327fa29e66f3dbdbc578988b6724469e741aae2420086accecd5084f46d,
1ebe7b22a00e689337a2d5370a89280024e965a9482d33129b4d53290b59a90e,
00c8a901eb155268eaf803816ec1623c2fd8c81c6b9a3b6b09513786ffceebaf,
5f0c59d8f073ddaa31da734ef576844cd167671e611ce0fc8125828c1c589269,
dc501cd5d302af2b2d59dad29e8f467b443102e3152371ce166e180bd39574f5,
714b59dc2ef60e8276f72127f5152ac54fcd8a09c0b399b3c013d0e8587b5321,
db83f7d2f8319550111772221ed416d778b44628dbfcdb179ed3a9fa41e81021,
c123a08f177a306a7e0fde5c88b2583496c35b82fe1577c641d11c296a56d927,
6a347ba1be95a0c5233dd0f7b0adb5599610e4deb9b98c990528c9c569dfd982,
16aa76ed853a2f05151c5b239480d4a4b409b0af324cc8bd757a4c672c864920,
47051c0ce3d7e20873a77f3332043a50fabf7f2681d6586f946cb32b925c0396,
aecc8b425684183ca347c71b87c3d6b25eb96ee4dbeb31a217b34fa73372043b,
a401a7ee6a00e7635bcfd1d9b72f012b11ae7d7510b0f83f1f4aaf0bbf2a1bee,
df84da0290f0219eb5b53178f904201f629905a24f15f78a63dd22d82835d15d,
e14b437c190e130db5e4c37167475b8fbd0883e88954c503218a7dc227315a5b,
9063811f0a4ab2a341312bfcb66aaea2c5a8b3d0738333566e38d78362714294,
apkmaza.net,
369662bf363168452e41e0dd33554863e581a267fee7cf31291708cb5d7a9e5a,
gamesgenertaor.club,
a426a4c23a77b7402be4a4bbece5534e8b0c8d9a92d3a90b424bc47cd0825414,
b36f82e8dcaa44659e69759c6cd7ef6afaae5852fdc3d132ad26d60ff05202d3,
721e72aa0dea053c92ee29682d4dec1b1244cdd5f6031b337e40790c4b4baf9a,
357947641e668477ef61eefb622fd9a5742d1824fc0777c496dbd14a834fe764,
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034,
bac85a75c0d9e5d17a7070b87f500894d931a226697e446cb215d0c16e5ced45,
34730ede925be9821a0a820d82d06ab21368142dd13657ab30c9784c32ccd587,
53e6c40f167734b435a08fcff2ef8bcad429aa9d26805f1cf0c207fdf53dbaca,
05a5b1469a2dde0732c24e3a60be832c9e2065975be389a78b87ac8f92d5bd1e,
41a454388b9a0f040ce41682ef2b81205237f8b1566de2fe9b27b7a761f67b74,
3560e423d772aab6f8bae7e5d41ad804cee9cbf47698fb84935a16bda6f81869,
8776fe6d6c47c86c437bc10aa729e5b279b92ce515c3be39661d02d04c83a898,
4a235709f399716d56536e4b895add238c3f73b9c5179e8bdeb8761a1af57f4a,
4853ef0b7c2058b76e548ed550a76b1e2da86daff59d6b72c356b98d12cb6225,
724d0b98db4013056384b10ff0aadfebd27c986e63692b7694574a33d3695de6,
4c2d30837067d8628e062867d58bbaf965e0e60e8343c2eaedfb9bc16854f2b6,
58d3e3de7e1b112f1741204441e118beb62e975ef6418e2f2eab3aa969427c1e,
79df1de2e65d28499a7a8aa1f2181a88f8f0aa9153c926af63023d488a9dd02e,
1c1339111b7de77562f9168077a68bddb0172b673b734a14494d691d28189fb3,
0dc29ab98e401af6e426c5c67653525e3599d823daf29d5f30ef8472ae84353a,
e7d61fd5e62505b4518fa5bb4f879d6d2c7ff73e81f8a3985e68f92fb2a7f2a8,
d72edb1fa303fdf6b299b557bcb4992b28741e6c13dfd68d1b297932f1edfc2d,
c664ec3d2cd4d21844b42c244f8b44162dbde5bbfd5cbb3beed2d65ccdf61c12,
8756a1e6f269b82b22a92e3ae10699fdf3d302ab5c060e982b9d7cf1c6064fc0,
447ae6c1918b3be5a6c0ba63dc3c901d805f351f4e45a137cd08479198b88449,
http://ginnypotter.com/phpnuke,
http://futuretrolly.com/wp-admin/ttt,
https://gamesgenertaor.club/,
http://futuretrolly.com/cxxx/Billing.php,
http://www.momplus.org/,
http://genesis-mining.cc/,
http://www.swordsstore.biz/cibc/,
How to Air Fry Catfish: Make Catfish the Healthy Way!
https://gamesgenertaor.club/onlyfans/,
http://apkmaza.net/livelounge/,
http://futuretrolly.com/cxxx/signin.php?cmd=_chase-signin=&ab800200771adba2962a9b67d48696bf&dispatch=4350da514afc4f7691a2228aeee44d65a7ea2c83,
http://7171.biz/,
https://futuretrolly.com/wp-admin/TTT/email.php,
http://flipkart.shoutedu.com/,
https://www.ukfootballpools.com/,
https://saborbrasil.cl/,
http://bhagavathienterprises.website/,
http://kutogel.com/,
https://sportize.com.au/,
http://bitcoinpool.online/,
198.54.117.199,
bitcoinpool.online,
vacuumcleanerreviewszone.com,
scrubsuniforms.com,
24f0bd044f021f1b4de23c42316d9049d49a2eda39918c125b9e5c45f8eadb6b,
8edef2490b2ecb2c4d277dbfe12c870120a7106325292aaa35630184579f2e00,
fe878dbcaf2508a6701c0c4dca82f3a805436903409b91528b1bfcd383002edc,
b790156be08b8b147f8e63fcc24dc440cf1688c9d9457cf489fc637b5d313eee,
7104c0fbf69a53b238488801701aedba75d125c18833d00ac3a1a23d27e41623,
f88a6fc6b78c751fb4bc4f608d2d18b8d496842a7d9d539f4571d2b33dc7dbad,
36b8c653376a4eea9ee5a3b4498b2f1b67bc2f2f03739e96f1037bd5ff3fd23c,
1c3469a298e2dd83c71740f71a7f77e7fac3d0adda15aa14cc7b1b3f650ca9cd,
c12b6273f6c8a22299d5e4ad930d78f559571a97f9ac3257563fb1746791fb47,
804fd0235c0225bd049444150ae062caf2337f3f3da0eb141d52f773cfe64e61,
f834c54f1a5f4118791360c3a36138eb4c06a2b81bf43f9bd41af6b3031922c6,
4c485b58371dc004f11856c6f284bde86b28b094fba8df6ebfc0cc6751d182fc,
042c3ff73a0309a4b2a2aa0ad67f4b33a75b17ec97582139c23a58feb8fe5af5,
cf231fdae7ab7af7ce52f060dd0c4fd7661ffd1210c0f5fc3a4f17c3977dd59f,
9547e3230bf1d8453fc6dbc218717c64bda650baeedb2aac4345d863a295a34c,
c5f12105fb0ea611a2e8c943290dd45d368aeeb0530c70661564442f356eca93,
e4b7339c0269d10e848e293e46f212798cec99d519282a4d50405e0c78a49955,
2ad81fa65ba908eaf7f603f5a080ab77706ce9a89588bbfd46ac90b2166e1bb7,
a664803f58f2ada9b08e09792adc1100c70d4c50ca2a0cda079a46e7a0af904d,
5d0409a0632fe427736109f7a7b22b6b2466d4dfcb12cc24ae438227681f67e4,
http://www.google.com/ncr,
http://api.pr-cy.ru:35000/,
http://ifconfig.co/ip,
http://www.google.com/,
bioexpedia.com,
http://lovefortherapeuticriding.org/104w/rjf/,
http://www.lovefortherapeuticriding.org/104w/rjf/,
http://superzeug.com/wp-content/hd/,
24424a880b169e38f469c8960623a330d711e66feface65f3a9809e7f815461c,
e1eec98b152369fa192dd75b4d63bc709426edf28387788cc9553cdd9ca9de7e,
185.32.57.162,
202.129.16.68,
178.32.138.212,
93.171.223.56,
186.202.153.14,
184.168.221.95,
50.63.202.32,
95.85.46.136,
175.29.6.27,
90.156.144.159,
31.11.34.46,
64.71.35.11,
160.153.137.99,
210.196.232.211,
193.106.106.118,
194.173.175.16,
185.158.165.13,
173.201.253.230,
67.23.226.139,
192.95.11.250
At present, UNESCO is taking all the necessary steps to mitigate the risks involved and have taken “E-teams” offline for maintenance –
Recommendations
- Ensure anti-virus software and associated files are up to date.
- Search for existing signs of the indicated IoCs in your environment.
- Ensure that all security updates and patches are installed
- Consider blocking and or setting up detection for all URL and IP based IoCs.
- Keep applications and operating systems running at the current released patch level.
About Cyble
Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence.
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020.
