Signatures of the notorious Emotet malware, declared by the Department of Homeland Security as one of the most costly and destructive malware, were found in the clickbait links posted in UNESCO’s E-team webpage – used for sharing knowledge by fellow Policy Practitioners.

Recently, during the on-going monitoring of surface web, our researchers came across the E-teams webpage on UNESCO’s official website. Multiple click-bait links were posted to lure the visitors into spying onto other accounts. Clicking on these links/posts, the visitor was redirected to a malicious website that requests the visitor for a username or emails to hack and after collecting the information it asks for payment from the visitor to show fake results; It is only to collect bank account details of the visitor.  

After further analyzing, the malicious URLs were identified to be spreading Emotet banking malware also known as Geodo and Mealybug. First detected in the year 2014, Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Additionally, Emotet is a polymorphic banking Trojan that can evade typical signature-based detection. Primarily spread through the malicious script, macro-enabled document files, or malicious links.  

Below is the snapshot of the graphical analysis of its Indicators of Compromise (IOC’s)-: 

List of Incidents of Compromise (IOC’s) gathered by our researchers(weblinks, IP addresses, and malware hashes)- : 

instagramhackonline.com,

www.instagramhackonline.com,

198.54.120.43,

162.255.119.251,

198.143.106.201,

www.netflix.freewards.xyz,

spotify.freewards.xyz,

freewards.xyz,

com-hack.online,

autocarcombine.com,

blog.ozywebit.com.au,

www.blog.ozywebit.com.au,

estetiplan.diegosebastian.xyz,

www.estetiplan.diegosebastian.xyz,

codi.diegosebastian.xyz,

www.codi.diegosebastian.xyz,

tanavastone.com,

www.tanavastone.com,

www.menscort.in,

menscort.in,

studio-coffee.ru,

www.bigintro.co,

bigintro.co,

www.fnvbucks.me,

fnvbucks.me,

test.test.ashfaqur.com,

www.test.test.ashfaqur.com,

www.test.ashfaqur.com,

test.ashfaqur.com,

ssafoto.com,

https://apkmaza.net/malwarebytes-anti-malware/,

https://gamesgenertaor.club/snapchat-hack/,

http://vacuumcleanerreviewszone.com/,

http://scrubsuniforms.com/,

http://bioexpedia.com/,

http://thedearlab.com/,

http://compareappliances.biz/,

https://apple.authorize-giveaway.com/,

http://fashionabledude.online/wp-content/Update.html,

http://www.apple.authorize-giveaway.com/,

https://thedearlab.com/best-back-scratchers/,

http://swordsstore.biz/cibc/,

http://verrulon.com/,

http://futuretrolly.com/wp-admin/ttt/email.php,

http://healthymomrevolution.com/wp-content/themes/ashe/assets/fonts,

https://thedearlab.com/automatic-toilet-bowl-cleaners/,

http://mail.globalcoronavirusnews.com/,

http://bavafoods.com/,

https://futuretrolly.com/,

69fb7b96d2da05f2aef88efc9e788ede343c9112ae164fe026e504449d56464e,

86749d3e3233d7a75a618c98eac9f31f508aed4492849f65b907787b0bd1d047,

e0c372242715c1ff0e827c1fa561f8fcd75244265a6dee2a9c4eb6f01aba32a2,

http://software161updates.xyz/,

http://software119updates.xyz/,

http://finest108downloads.com/,

http://brucefrench.net/,

http://securium9maximum.com/,

http://xamasoft.com/,

http://funkupdates113.com/,

http://bitcoinlibre.xyz/,

http://securium7maximum.com/,

http://securium17maximum.com/,

http://software124updates.xyz/,

http://topnotchsoftwaredownload12.com/,

http://software163updates.xyz/,

http://gooogleappupdate.xyz/lp/,

http://software111updates.xyz/,

http://bbredir-ply-101.com/,

http://asgroupship.com/mail-upgrade/yahoo.html/,

http://fundownloads110.com/,

http://software121updates.xyz/,

http://securium2maximum.com/,

nomadlifestyle.net,

justsav.com,

ra9f.info,

2temptu.uk,

llsops.com,

sponsorstudents.org,

maxcamacho.com,

nathanbordeau.com,

lcl.space,

mindfulnessyogacambodia.com,

organicfinance.co,

roptix.com,

scribl.co,

mail.utbsolutions.com,

2temptu.co.uk,

juarezfamily.com,

dawnco.studio,

alessandradzuba.com,

shebiz.ca,

shebiz.org,

60f99355aef326c4dcc0d14b93ff29f9021b4bdda3a58777e54bd92dc3970926,

9d11b4107a739f641ffed08eae4088e0a05068f84058efd2a401e7825bb664b5,

04171180f11e0fd67ab02a3115da852094a6ed2ec1c357f90d1f33ba753d3a5f,

725281cd3dbcc14c74da3371cb84b0ef7bff8af9fb1ca72122f16ad813d217c5,

9a96f5981c0716c5f52f4ca394e7dd84db64a039ba4fc6ca6815d9f5d055df5d,

40ef40c135f18426f084ba1191401f4d550ab8135065c4e88032476a7968c44f,

2db4e4b4af8bbd6a58d2f2eabc59211d39bb7748996a9db9e791ed04965ed645,

ffbe9563818530b374429b8eb54eb1ea337b38a3fa1920aa61609ff34c55b2c0,

4b34c4e183a02cfa979601d51dcfe27f980f2c9b18add04e44f2eaad1fef6574,

94c4c16758dba615b7716adf03f25bbb717c15139aa9f145e4b215b86b1f5ee3,

32eec9f3ad0cf5849e7dc09f3a70aa107163c2e6d1a1a541f65df3dc6da3a4f6,

131a68628cded80a6d0ee6c85704e021351088e52fea4f401469ad17bfe44934,

0e1084d716f3fb21f35faec8aec6a7ed6453fe7836446ec70ec06acaeb1dd81f,

71d62930f3d49bac2cd8b7092795b390635191aedfbc50a5e2428f2d59a81b08,

1934c0c33dff4320e40c4bed4e5c33b143ef4571aee7497eb858839abc5757b6,

aad871e34e3da3ce43a3594449ffd3bd8ba841fd72a96c4fa6b259a308301f44,

d88df1d3bf90ed162cf7f01d74b469efddb005e95629804eb0d3f4c66d107d9d,

3c38cb1ac24c6848e67bff6b7384bd5f7fd5810154a65eb4aef7dfc229909510,

ae71808ce2d56f3c0ea564dc1c6c447ca50543c035da868c5a3f5d39ac1c1ce5,

d47a57cc748a94e5a5d9ae76b33835d1c58c2a3f545d2a6c4bd0400c76cd980c,

8e3dbf97c47ebe430a5b5a0e0ae0afb9efda3d7ba80b25357b53afdfb4aa629e,

a0a378298d7d1753bf4f03cbfc044751e9b2e5be3b8a6dd8bf59acec85223d8b,

4194bf1b878eaee3a21359a2db9c2db8c82958c9588bf7e92e2b2f5325bb3a6e,

d65ba29aaed1fc9aca6bc4661df0c8d8dc8fae59951f23bfda85da4e2b60ea73,

886f6f1b0d42989065a2e70a0e967c6cc710c55a41e5ea010575f8a228a1934e,

ec37e555a95fce7d8a8f2dc7718345836cd58909894fcf379f12412357e8d3e0,

d55c97c2fd371a08e26b92c40b2b2980bfccad12764e3a154d3ee4d25bf34970,

d1cd38bcca7462acab66406dad34b379388d9709b0d4de1c16c0ad5b08140926,

38f53c92b8e1d866bf140937ee60f07017d4b037950b1346fdab93584c814050,

d0653836566a9eb89e01138d58d8a2585d291a28559713d5dc64767e682fbec3,

6be5fe1004ad515e70bce4f6518484ec9fbebf7ede109ec05c89c5cfe399c8cd,

dfba47961b4458302895b0e32fece10f23fa17462f6619b575a77e000af57633,

ac01b5de6633c1ef0a2c15467d06cbc495c7bb70da5aa56b999ff8b351f5da81,

88407490669a555c927e6bc231d072d39b148c54c96db112f1c8c419445b45f1,

95d92dab433d7fe236246d8bc764200332fbf8c510edae1025eb30b1eba62407,

ffde74daf4b95043a554e1ed2a1d988c3aa05803748ba9ea1345d90c4ce20c7e,

47df8ae424986bed848922eac65ee7f4387832ddf7cf1a393e14deeb0ed78bc5,

a0c50b557920c533e5a1a4986749368c71acb1e7e9133940866c88c515c8179e,

6c7cb6332cb597361d985d4112e771e4ad004241721a493bfef6b997e9169b7c,

f88de90305d015e8b93e4cc1b9ef99b179de225b050c3407f0d2a784eb3c5012,

9247755114c5fc27af7f76e440bd879fc37f48a09991c06bbf3b3205f24effe0,

b3b70d105a65a2ade5c99afb079c14046693ebd35b3022f2381f14b60923bb2d,

78a79391b40c403bb4e418173c36f2e0dde23f303ae3ff0b4761d90e47e2240b,

85d911b565428f6a18c85fab1b95b2ff84f012b08ae933ca16ff28d6e235216e,

9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24,

e5b8444f497aa3084e6f42ece1d3d29e16987dd2efdfd194d5a477abb348fb5a,

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3,

185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969,

4bce352eed116a0e8bb6edcf4ffbbbac8bdc89d8a2d1bd08c3db806bf7e54a71,

5b80b1566219a6c3321b14127ebae23f73a18fd50a0751d2179e42d461e9ad39,

b629b5e9cb2683be2129e67282df2e01f63a91ec08ca981b07b5b42adaae1c3c,

18c1c0631c0a092b7412793ad1524ae9287205d541ff0b24ff8dc711237cd705,

dfd4e20632ac85c32a913f6dc4d233ac41a12d025b0d52379f488dad58b6073d,

d25eb436f584562f7c291c66772de30b819d99dbd8319648797e3fb85e09bed2,

c1ac08f3693fd43d9ee1dad035e8ce5960aad4cc7809ed40ad82f6b4cff33e4b,

23926e9185d8d43c02807a838ffb373cc1977726094a4e46807c66ada9dd7660,

5fff42af590c56fc88a5ebe511b44eb477a017aae49a4dddaa32a2f1aec4c3ba,

8c91fd7834abd4cfd5fc8bbc08c4d62fc9301411f47827a72c6522b0e0900cd9,

a0096f0b578c78a6b4da5797c8f109c6ac7c746112abd67519ffc8a3a1f45d51,

16f8132f97b8b748caf55cf1f81463382aac01b54ff5148322448b75824a3f14,

471a4c6ac6b3c8d280f6cfd7a4d4cf279dde3bb33eee0743008fc75609777c20,

4a0c5b7c8979198e83181c6688239c76e0a5389f86b6409a6a9d5642c64fa391,

37f758810d59a57e262ce52ff77ea7dc955d4857549b86dab927a4eaac9ad10e,

7a7fa90cf5f38e994860ea94da947f8a727eb8c76cdae3594c9691cbc55b943f,

a6b8c33c5403a9b5414c2589bc763e94ffc00e6d2145d73d063e4c1fb3d3907b,

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f,

bd47931ece3aa1295fc9f4c0c72ddab2b42215e9773bba4398cffa5685bbf030,

0f565d968f392e341cdac7110d58a53604155a28d0992ec35dbdee98878c050e,

260e409200e14b0fd96775b6c54b7c0617095c71a0ee3ee35550a9de50669ce0,

82f1e5a1dd11f2f31543dc6b0a18bb255323623a853a510a85207787db466cfa,

73ba0e3f8b48c9df1309ce1a29693abcee8efa808a8f02334a04c025d4953766,

f097b5f4f46cda2da21b954c9ff4097e1e14ae7064ecdee2c2cec2d3c1f08e6b,

0ff0b7fcb090c65d0bdcb2af4bbd2c30f33356b3ce9b117186fa20391ef840a3,

907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9,

0d52cecf045d3600764c62575c0ef86c6a80f63b14ca2acae593ecad03dafa1a,

fb2d9f058c2010c57f86a05ae33d282f33e3825290c66b8b120cd177416c6bdf,

3e34d134641cc8061a19e931526bf71a71942848c9c81872947e508ad87f162f,

dad77b4e03da0b316a68760e47d7fa73d38b6aee78c004fbf5cb41b5a5d83ebf,

bf0460d3dd3e1d3a3d4c5beb90059ce94069b91e4f59d7c501b778c53b0b0b57,

b825edbb55450e309fe823143f985893b399da08d9166f4523cdffbfb7f48310,

23.238.16.221,

www.freewards.xyz,

castleclash.com-hack.online,

monsterlegends.com-hack.online,

township.com-hack.online,

wsop.com-hack.online,

hayday.com-hack.online,

extest.com-hack.online,

slotomania.com-hack.online,

gunshipbattle.com-hack.online,

http://freewards.xyz/,

https://freewards.xyz/,

http://freewards.xyz/_autoindex/icons/up.png,

http://freewards.xyz/testing/trustpass.html/,

http://freewards.xyz/_autoindex/icons/folder.png,

http://freewards.xyz/chaturbate,

http://freewards.xyz/testing/trustpass.html,

http://freewards.xyz/_autoindex/icons/blank.png,

198.54.117.200,

198.54.117.7,

198.54.117.212,

7059a89b6918dff2505630c45ff3cd0478d65d2e81a158a2a1725e943c838f84,

70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83,

736f2ee0dcd66dbaba96cb963ea81c82af802426591c06c361fe3276bc1a96c1,

e1ab90d38dded5da677722581fb12da854c3cd5993aba717ffe067de1bb4b928,

6dcf20d0b0007b68f6663da1c10c0b2374da7bf41b103f73664a6e8392788db5,

15da31b6938211b2a90714609e1fbc658c3b1974f2c9e36631b1723b2835f9bc,

http://tops102downloads.com/,

http://loan4all.xyz/,

http://securium19maximum.com/,

http://roptix.com/,

http://shebiz.ca/,

http://proposedregs.com/,

http://itunes-cancel-payments.xyz/apple/confirm.identity/cancel.form/index.php,

http://nerdworldproblem.com/,

http://funkupdates119.com/,

http://galenbremer.com/,

http://maxcamacho.com/,

http://saferdownloadsrus128.com/,

http://betme88.org/,

http://fugdownload158.com/,

http://asgroupship.com/mail-upgrade/yahoo.html,

http://fugdownload103.xyz/,

http://johnandlisagiveback.com/,

http://safedownloadsrus198.com/,

http://tops100downloads.com/,

http://abc-kemeja.fr/img/banner.gif?16314=90900,

kathylea.com,

galenbremer.com,

amberwalkerflute.com,

betme88.org,

rinayoon.com,

proposedregs.com,

brucefrench.net,

laleatherco.com,

danielgrinberg.com,

edefede.com,

familymonteiro.com,

nucase.org,

lyrasistechnology.org,

entify.net,

pokermi.site,

themodernlesbian.com,

roptix.info,

vidit.xyz,

deliciousfantastic.com,

bulgarianbodyblast.com,

9a0c0205bd881fda70b1488854036d73566e5e973002500baf3ec18b76b75f0e,

2d9347c11fd24d224ac7c531892f6c3bd3bc59677b8ff1f1b9a72572661ea6d2,

359ed5c9bbb6aced9cd826e2607686272e7b3b09dddf1eff8f3b2b1a3bf5b924,

4a8dd45237cc3201e15d21e93bfef2632c6ec4ebd4d11b4eaff893aa0e79a6ee,

623309e1654da6444ad499e870c870989e99590d3a100263e8c74e5ebfe719a8,

79f3f6e759c20f18de90d2bdbd03755edbefca6192152cac48548fc17324e49b,

e41220c03267be776f99548c02246266bd7d6628eefc696bb6e4eafcc46604fa,

68ff7e281547778803e745132aa98cf8cef45f4c6f90e35d706523173b41e432,

ca10145bb73b5cd1b5f18063bcb8e0819dd59cba15337c20bfb895705a44729d,

57bffd67a17c6f2434e5997f989512e70a506ba15869ffaa2f5be7bb936cad09,

68790bc17b56d7453a40fd1a0b1aca3bf863ad72b9cb260ad580492d3fee6d4b,

e3d0614b4933f0a63a203a44ee288aa40ae9e61c525b264a7cc679588f64d679,

dcd803a787b3ab15cccdaff360a94ac6828977089a7eb56abe8776d79932d4ce,

85cb4cce9c47245f81d53d6851f36b966a988fa964e6575bf9d4906d5b3065d5,

5244f123bed17fa8fcb827733e04fe281864ae440d66d9c1fccb09fba93c978a,

81f58e588a9f1b756c17982fbb274111a1ff3631c9b653143d5544cfb8036884,

4a4fb49616e036ed6396cf297ad3e6562383ee4b5ddb34c179c476ce76654a85,

8f52329dfd96485f98752e572e0e88768d304e1f59e13644ebd5061b3f78d773,

d914845949fce9a5bd60ccfd339c1ef8a6c22803200acd92aac2098a1fe3e125,

3f451c0d38b31c6c44d81d81f490aef3d97d17c74fccccaaee224b852ab1a415,

830ccfda8e14bcfa22868e415da594d4d272ffa9d083792a1a038ea5e9ee8630,

6f9c67b8cf9928f36c1ea5ac64cf7f9d4223fd771898f79c158d59fbe572afd7,

2e7ce2830e0f6f3317a51548c68ab13659f4dab18a91501c9b548d3fb5352ecb,

0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2,

e2be88fd3dc7349ec9c3cd296b5f4241061ee5462e7d04d5425359a27b2122d2,

8e7ad9ecdd72105d42b6ea1ac54e157d81f86ea710ad085a10e06563481f6ab3,

e75fb19a6e167b6bf5b614e9ca4df333f9b3bd06edb5ea0a7cb60d19cb789065,

e862a3e7b6fc2a41146469f6ef8518eb1484cc5600ed1bd6502b9849575b0ebf,

daaf01f233b282c282c5aeb554d2435a06d85742a7d630e10222d68b1e45ecc4,

2492879d786a7f9c11d1296b5a31f42a12a89020f627d6fb6042ea5768d85871,

9606e4830157befecaa30092e1a098c18e4f1e29b6f59267376a58111d810597,

7da15bb6457dbb866a293c12b681441c8a4a02817ac3fccdcb0cd357660cca9b,

7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70,

3b70193ade24bfa953575e91f61c3bf867bac9e7b8caad49cae5813e3135c74f,

a90b4a4380ef09016b7c0fe1cc6e98231b297fd1b4ea2ca311614434b38290c1,

b82690ce1ef68285418482232c51b369cf4bd63ffa3bdcd92e94df344af80a47,

d69848fab4f6c7459913733ede31ea81b0e92126b7ddbb08300c5a802a879b18,

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98,

432cef679930a1585b78e27b6227d264055c43d27c138a4fb1085b3fe16a9d6e,

bfd55b9c9142617183e98198212e393807a12824acee521e4740f1ca601a2cba,

http://software107updates.xyz/,

http://securium10maximum.com/,

http://asgroupship.com/mailing/index1.html,

http://saferdownloadsrus117.com/,

http://safestdownloadsrus125.com/,

http://directdownloader.com/download.php,

http://fugdownload499.xyz/3062/lp3/50430/550/53/,

http://securium27maximum.com/68907/sr3/,

http://software125updates.xyz/,

http://finest113downloads.com/,

http://videoyou.xyz/,

http://rinayoon.com/,

http://themodernlesbian.com/,

http://safedownloadsrus191.com/,

http://software146updates.xyz/,

http://imglist.net/,

http://asgroupship.com/mymail/index1.html,

http://securium28maximum.com/,

http://finest110downloads.com/,

http://securium20maximum.com/,

lowendguide.net,

paradigmteas.com,

plcmch.com,

sunseasnow.com,

pierfy.net,

goroshkova.com,

noconceptstore.xyz,

haleycmcdaniel.com,

meredithsanto.com,

nerdworldproblem.com,

pokermi.website,

hyattnet.org,

ratamaque.ca,

nakoda-outdoors.com,

6river.tech,

loan4all.xyz,

mprs.me,

scarletinc.in,

gtechglobal.net,

kbelearning.com,

6f0ef193bb20ad4411de29eeb4af361bf65e86158914c9d3f424c8b5c6ebef82,

e45c850f7e6646539e1217455e0547031e70c58f133880416d3854d973877137,

4bcd27e3b04427874bff7ac1a8e37fac29f7f2ff4cd72a989b8ea92cd0d6da03,

e45d0f58e94d9fd16768f35b0a749de3823d8effc1053526d306c23a7868af2a,

fcb3c5675b7ae74478fc423dff99489fc0a18310eaa2ca58440229c6586651f4,

a5c04597325116c45c6067b94b6e6dad90943caac85fb74dc9ee8c6a4bd8dfb4,

abe1e73aedc6be4c99be525aea3a61a83712700f9fb152d24d78dcc9e08bb256,

3a243048ac84f06bccc4bcdc057dd32574b0ccc9ac2454f88f3d0f4fae9bfcb0,

d7aa50deb4817c623188ec5941db1822673914c7f15fc7813f86c211c56e7f5a,

a4c0b5674b398258fb193461fc9631b0b88bba10ccbfab3d946303f045fec424,

585b2845d7e5fc8580021561b73e08bd5c5cd33532dead83e9e2fc0bd1e04d39,

7a377c7d909403b28c3963d8d20e08f37dd4e942d5dde5aa07d7dee53d40df11,

315fc7a4f999419583e67f4eeef36ef5e55f86149e9d9b6ee5e9e8c15791b288,

455a0820af459c2f9704862f52ff589c745cad26d30eaeb5968ffa47825e6907,

7cbe744e5649c72da0d66c144fc674fad97704a570c6b3d2735e158dced314ea,

ed467766ddc835baf34102c335f7c6447a72e08b86a4bf315b1ba8d17e71d472,

a9b1418297c281ae19fdef4db0ad3f0e32791f1ad75008b82e3351b7d1d23346,

8567cb5bdffea766aa28ca4885b042dc3bc7ea46ceaa182c15c6551d033c05e0,

5a13041b23fc318ee94dd14237e001d726577089611e9e3db339acd40db50c9e,

11b0488c08b3cb37a6fea8a6d735dcdb607a5f0610cc95ca7d638337092b94fe,

1bb5746292f623e2a79b58df3c0f605d6c469eeb9c0ae7cf36f4fd35374f59ba,

025ff6930b19e8dc4c29f22f5e734a6321bab9294e9edc591aa5162352736a11,

4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8,

218102bec6b72a18ce7d55f2b434163b85caf4134fa83697a0d66297c58ffc07,

8ca9bc131f24e07be686dc8ba68d19fc7fb5113826e12451aa92d95b0d382b47,

adf094cf2ae80f541b386480aff70c9dadbdbbfd718ee5c8829d1e2710744527,

1ecc8f7390a8e92014513a95325c2276264961b4d93004e3a5dbdb5d91c87656,

252f5e6b6add0f215a267a86d6fa3a52e783ad79b05dc6923c114784f835091b,

68950b57b6d7cd967ab2b2f21f26a38dcce9fb4a940e36bd3c1570116b348ddd,

b323be1d256e435fb11db5f80cab8cf2f6f7876390b266d860512d0cfcb793ac,

126cb96ad61deaa7a90089900a026ee0049e2c2be00c661d7850ae4336649cd7,

e8b3c0cbbb934da452ef6ff3f3b0891f5d06212d076c8cbd00e8797492d4469a,

b5318ac100f7dc6756f712e319e37178338d0a63a4c1eff3ed41ef5c3c599138,

7c1ce96e863c28449bd902e15d911402c31244ed6accf50a9d6c5e95d053c9f0,

3060dc40dbb847846546d35ffea16cbd5cbdd168b6bc7156a5726c8d4887acfc,

a7d4474f3cd984c4def496228c1c3aa4e386e05596d817e144a63f15b907af2c,

664bcf73009961286ea3dad739f88b80823fb39f817496c447b1ef52cda6ef4c,

5f5b6598e0aae1fbf7a020530aa41117429db56b95aad2dfc61a23e5fba54b2c,

05e922245d334d3973a3e6124ce6cf38cb5d8f52cc817c41086d79f463f9b2e6,

83955c8204a85c2752959c5c95b673e182b14440bc24bdd4e64f36e5e791469c,

http://consortiumtc.com/xmlrpc.php,

http://winkoolfilm.com/xmlrpc.php,

http://kuhlmanauction.com/xmlrpc.php,

http://kohtaoapt.com/xmlrpc.php,

http://louisemcdonnell.com/xmlrpc.php,

http://fromprairiestopeaks.com/xmlrpc.php,

https://4movierulz.cx/xmlrpc.php,

https://wyndhamgardenbarranquilla.com/xmlrpc.php,

https://suesannguyen.com/xmlrpc.php,

http://potenciateconfuned.com/xmlrpc.php,

http://agalot.tk/xmlrpc.php,

http://topratedshavers.com/xmlrpc.php,

http://myindustrybrand.com/active-clients/swallowstudy/xmlrpc.php,

http://developer.wordpress.com/xmlrpc.php,

https://www.cyanogenmods.org/xmlrpc.php,

http://geilelangepornofilms.nl/xmlrpc.php,

http://www.sanjeev.sabhlokcity.com/xmlrpc.php,

http://mavipaket.com/xmlrpc.php,

http://ooskajoos.com/xmlrpc.php,

https://byochange.org/xmlrpc.php,

consortiumtc.com,

winkoolfilm.com,

kuhlmanauction.com,

kohtaoapt.com,

louisemcdonnell.com,

fromprairiestopeaks.com,

4movierulz.cx,

wyndhamgardenbarranquilla.com,

suesannguyen.com,

potenciateconfuned.com,

agalot.tk,

topratedshavers.com,

myindustrybrand.com,

developer.wordpress.com,

www.cyanogenmods.org,

geilelangepornofilms.nl,

www.sanjeev.sabhlokcity.com,

mavipaket.com,

ooskajoos.com,

byochange.org,

26825c26ec7dbc25873d7b222b4e531ecce0f1d5dd36944a49464da28685c045,

d96f3f98c22ce6ca8f07b03b76a71da0e7da23a989df7f1073d5235318afc1c1,

e9f063906bdf9630e0e3122e7756615c464e9b69c156141b885f2366a45bf3a1,

76613f6351e7014b850565548150451d517519be14afdd08268ea6c3f6770fc9,

d8d2f327fa29e66f3dbdbc578988b6724469e741aae2420086accecd5084f46d,

1ebe7b22a00e689337a2d5370a89280024e965a9482d33129b4d53290b59a90e,

00c8a901eb155268eaf803816ec1623c2fd8c81c6b9a3b6b09513786ffceebaf,

5f0c59d8f073ddaa31da734ef576844cd167671e611ce0fc8125828c1c589269,

dc501cd5d302af2b2d59dad29e8f467b443102e3152371ce166e180bd39574f5,

714b59dc2ef60e8276f72127f5152ac54fcd8a09c0b399b3c013d0e8587b5321,

db83f7d2f8319550111772221ed416d778b44628dbfcdb179ed3a9fa41e81021,

c123a08f177a306a7e0fde5c88b2583496c35b82fe1577c641d11c296a56d927,

6a347ba1be95a0c5233dd0f7b0adb5599610e4deb9b98c990528c9c569dfd982,

16aa76ed853a2f05151c5b239480d4a4b409b0af324cc8bd757a4c672c864920,

47051c0ce3d7e20873a77f3332043a50fabf7f2681d6586f946cb32b925c0396,

aecc8b425684183ca347c71b87c3d6b25eb96ee4dbeb31a217b34fa73372043b,

a401a7ee6a00e7635bcfd1d9b72f012b11ae7d7510b0f83f1f4aaf0bbf2a1bee,

df84da0290f0219eb5b53178f904201f629905a24f15f78a63dd22d82835d15d,

e14b437c190e130db5e4c37167475b8fbd0883e88954c503218a7dc227315a5b,

9063811f0a4ab2a341312bfcb66aaea2c5a8b3d0738333566e38d78362714294,

apkmaza.net,

369662bf363168452e41e0dd33554863e581a267fee7cf31291708cb5d7a9e5a,

gamesgenertaor.club,

a426a4c23a77b7402be4a4bbece5534e8b0c8d9a92d3a90b424bc47cd0825414,

b36f82e8dcaa44659e69759c6cd7ef6afaae5852fdc3d132ad26d60ff05202d3,

721e72aa0dea053c92ee29682d4dec1b1244cdd5f6031b337e40790c4b4baf9a,

357947641e668477ef61eefb622fd9a5742d1824fc0777c496dbd14a834fe764,

ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034,

bac85a75c0d9e5d17a7070b87f500894d931a226697e446cb215d0c16e5ced45,

34730ede925be9821a0a820d82d06ab21368142dd13657ab30c9784c32ccd587,

53e6c40f167734b435a08fcff2ef8bcad429aa9d26805f1cf0c207fdf53dbaca,

05a5b1469a2dde0732c24e3a60be832c9e2065975be389a78b87ac8f92d5bd1e,

41a454388b9a0f040ce41682ef2b81205237f8b1566de2fe9b27b7a761f67b74,

3560e423d772aab6f8bae7e5d41ad804cee9cbf47698fb84935a16bda6f81869,

8776fe6d6c47c86c437bc10aa729e5b279b92ce515c3be39661d02d04c83a898,

4a235709f399716d56536e4b895add238c3f73b9c5179e8bdeb8761a1af57f4a,

4853ef0b7c2058b76e548ed550a76b1e2da86daff59d6b72c356b98d12cb6225,

724d0b98db4013056384b10ff0aadfebd27c986e63692b7694574a33d3695de6,

4c2d30837067d8628e062867d58bbaf965e0e60e8343c2eaedfb9bc16854f2b6,

58d3e3de7e1b112f1741204441e118beb62e975ef6418e2f2eab3aa969427c1e,

79df1de2e65d28499a7a8aa1f2181a88f8f0aa9153c926af63023d488a9dd02e,

1c1339111b7de77562f9168077a68bddb0172b673b734a14494d691d28189fb3,

0dc29ab98e401af6e426c5c67653525e3599d823daf29d5f30ef8472ae84353a,

e7d61fd5e62505b4518fa5bb4f879d6d2c7ff73e81f8a3985e68f92fb2a7f2a8,

d72edb1fa303fdf6b299b557bcb4992b28741e6c13dfd68d1b297932f1edfc2d,

c664ec3d2cd4d21844b42c244f8b44162dbde5bbfd5cbb3beed2d65ccdf61c12,

8756a1e6f269b82b22a92e3ae10699fdf3d302ab5c060e982b9d7cf1c6064fc0,

447ae6c1918b3be5a6c0ba63dc3c901d805f351f4e45a137cd08479198b88449,

http://ginnypotter.com/phpnuke,

http://futuretrolly.com/wp-admin/ttt,

https://gamesgenertaor.club/,

http://futuretrolly.com/cxxx/Billing.php,

http://www.momplus.org/,

http://genesis-mining.cc/,

http://www.swordsstore.biz/cibc/,

How to Air Fry Catfish: Make Catfish the Healthy Way!

https://gamesgenertaor.club/onlyfans/,

http://apkmaza.net/livelounge/,

http://futuretrolly.com/cxxx/signin.php?cmd=_chase-signin=&ab800200771adba2962a9b67d48696bf&dispatch=4350da514afc4f7691a2228aeee44d65a7ea2c83,

http://7171.biz/,

https://futuretrolly.com/wp-admin/TTT/email.php,

http://flipkart.shoutedu.com/,

https://www.ukfootballpools.com/,

https://saborbrasil.cl/,

http://bhagavathienterprises.website/,

http://kutogel.com/,

https://sportize.com.au/,

http://bitcoinpool.online/,

198.54.117.199,

bitcoinpool.online,

vacuumcleanerreviewszone.com,

scrubsuniforms.com,

24f0bd044f021f1b4de23c42316d9049d49a2eda39918c125b9e5c45f8eadb6b,

8edef2490b2ecb2c4d277dbfe12c870120a7106325292aaa35630184579f2e00,

fe878dbcaf2508a6701c0c4dca82f3a805436903409b91528b1bfcd383002edc,

b790156be08b8b147f8e63fcc24dc440cf1688c9d9457cf489fc637b5d313eee,

7104c0fbf69a53b238488801701aedba75d125c18833d00ac3a1a23d27e41623,

f88a6fc6b78c751fb4bc4f608d2d18b8d496842a7d9d539f4571d2b33dc7dbad,

36b8c653376a4eea9ee5a3b4498b2f1b67bc2f2f03739e96f1037bd5ff3fd23c,

1c3469a298e2dd83c71740f71a7f77e7fac3d0adda15aa14cc7b1b3f650ca9cd,

c12b6273f6c8a22299d5e4ad930d78f559571a97f9ac3257563fb1746791fb47,

804fd0235c0225bd049444150ae062caf2337f3f3da0eb141d52f773cfe64e61,

f834c54f1a5f4118791360c3a36138eb4c06a2b81bf43f9bd41af6b3031922c6,

4c485b58371dc004f11856c6f284bde86b28b094fba8df6ebfc0cc6751d182fc,

042c3ff73a0309a4b2a2aa0ad67f4b33a75b17ec97582139c23a58feb8fe5af5,

cf231fdae7ab7af7ce52f060dd0c4fd7661ffd1210c0f5fc3a4f17c3977dd59f,

9547e3230bf1d8453fc6dbc218717c64bda650baeedb2aac4345d863a295a34c,

c5f12105fb0ea611a2e8c943290dd45d368aeeb0530c70661564442f356eca93,

e4b7339c0269d10e848e293e46f212798cec99d519282a4d50405e0c78a49955,

2ad81fa65ba908eaf7f603f5a080ab77706ce9a89588bbfd46ac90b2166e1bb7,

a664803f58f2ada9b08e09792adc1100c70d4c50ca2a0cda079a46e7a0af904d,

5d0409a0632fe427736109f7a7b22b6b2466d4dfcb12cc24ae438227681f67e4,

http://www.google.com/ncr,

http://api.pr-cy.ru:35000/,

http://ifconfig.co/ip,

http://www.google.com/,

bioexpedia.com,

http://lovefortherapeuticriding.org/104w/rjf/,

http://www.lovefortherapeuticriding.org/104w/rjf/,

http://superzeug.com/wp-content/hd/,

24424a880b169e38f469c8960623a330d711e66feface65f3a9809e7f815461c,

e1eec98b152369fa192dd75b4d63bc709426edf28387788cc9553cdd9ca9de7e,

185.32.57.162,

202.129.16.68,

178.32.138.212,

93.171.223.56,

186.202.153.14,

184.168.221.95,

50.63.202.32,

95.85.46.136,

175.29.6.27,

90.156.144.159,

31.11.34.46,

64.71.35.11,

160.153.137.99,

210.196.232.211,

193.106.106.118,

194.173.175.16,

185.158.165.13,

173.201.253.230,

67.23.226.139,

192.95.11.250

At present, UNESCO is taking all the necessary steps to mitigate the risks involved and have taken “E-teams” offline for maintenance – 

Recommendations

• Ensure anti-virus software and associated files are up to date.
• Search for existing signs of the indicated IoCs in your environment.
• Ensure that all security updates and patches are installed
• Consider blocking and or setting up detection for all URL and IP based IoCs.
• Keep applications and operating systems running at the current released patch level.

About Cyble

Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence. 

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020.