[
    {
        "Indicator":  "IMG76329797.xls",
        "Description":  "e66181155a9cd827def409135334ecf173459e001e79853e1b38f2b8e5d8cc59"
    },
    {
        "Indicator":  "Inj.dll",
        "Description":  "84833991F1705A01A11149C9D037C8379A9C2D463DC30A2FEC27BFA52D218FA6"
    },
    {
        "Indicator":  "mse60dc.exe",
        "Description":  "de314d038d9b0f8ff32cfe3391c4eec53a3e453297978e46c9b90df2542ed592"
    },
    {
        "Indicator":  "bitly.com",
        "Description":  "domain requested"
    },
    {
        "Indicator":  "xaasxasxasx.blogspot.com",
        "Description":  "domain requested"
    },
    {
        "Indicator":  "resources.blogblog.com",
        "Description":  "domain requested"
    },
    {
        "Indicator":  "pastebin.com",
        "Description":  "domain requested"
    },
    {
        "Indicator":  "67.199.248.14",
        "Description":  "ip requested"
    },
    {
        "Indicator":  "67.199.248.15",
        "Description":  "ip requested"
    },
    {
        "Indicator":  "104.20.208.21",
        "Description":  "ip requested"
    },
    {
        "Indicator":  "176.57.215.22",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "http[:]//www[.]bitly[.]com/aswoesx8sxwxxd",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "https[:]//pastebin[.]com/raw/rjfk3j9m",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "https[:]///pastebin[.]com/raw/tgP7S1Qe",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "https[:]//pastebin[.]com/raw/0rhAppFq",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "https[:]//pastebin[.]com/raw/c3V923PW",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "https[:]//pastebin[.]com/raw/VFUXDF7C",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]ichoubyou[.]net/ao/?3f9L=Lo3E2+YBaBWDL2bUvw2B2SYfQBwPkMAIH1i2HT9ocxT5reT2XuVh6G9ligbLGsBAAwhLuQ==&BbBX=LhTpETx8Zdn",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]grupomsi[.]com/ao/?3f9L=Kbq++Y0aAgDxGCx7fxZFucXlrMdtuSyVttVG37Ejsga78k8ZP/EpUCryDr6PmBWAbaydAw==&BbBX=LhTpETx8Zdn&sql=1",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]grupomsi[.]com/ao/",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]theaterloops[.]com/ao/?3f9L=M0MA2fUiqMbVb6H3GNVaAqJS8mhIciwdMXRISKDsKJcWUJLkZY1j+YIFBEd9s0Uz5tYaIQ==&BbBX=LhTpETx8Zdn&sql=1",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]theaterloops[.]com/ao/",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]sukfat[.]com/ao/",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "http[:]//www[.]sukfat[.]com/ao/?3f9L=i08SS1jJNzlL2PYEM5jjY78DODQHD8SSq/VJ1wVBwRJ7J5CmvaFz3C5neJ7p21NB5nPOdg==&BbBX=LhTpETx8Zdn",
        "Description":  "HTTP/HTTPS requests"
    },
    {
        "Indicator":  "www[.]hongmenwenhua[.]com",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "www[.]ichoubyou[.]net",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "www[.]grupomsi[.]com",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "www[.]sukfat[.]com",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "www[.]theaterloops[.]com",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "210.188.195.164",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "23.20.239.12",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "185.68.16.122",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "199.192.23.220",
        "Description":  "IP C2"
    }	
]