## hosts-blocklists
## domains-ips-hashes

## blocklists-checkpoint
## https://research.checkpoint.com/
## https://research.checkpoint.com/latest-publications/


# https://research.checkpoint.com/2024/29676/

3d93b8954ed1441516302681674f4989bd0f20232ac2b211f4b601af0fcfc13b
bf830191215e0c8db207ea320d8e795990cf6b3e6698932e6e0c9c0588fc9eff
15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45
98b5b4f96d4e1a9a6e170a4b2740ce1a1dfc411ada238e42a5954e66559a5541
a2c3073fa5587f8a70d7def7fd8355e1f6d20eb906c3cd4df8c744826cb81d91
ebdf3d3e0867b29e66d8b7570be4e6619c64fae7e1fbd052be387f736c980c8e
6302acdfce30cec5e9167ff7905800a6220c7dda495c0aae1f4594c7263a29b2

# https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/

allsecurehosting.com
biondocenere.com
cloudflareaddons.com
dev-clientservice.com
fernandestechnical.com
miltonhouse.nl
oncloud-analytics.com
proreceive.com
textsmsonline.com
theroots.in

45.9.149.215
45.153.240.73
91.92.240.113
94.156.71.115
172.86.66.165

027d03679f7279a2c505f0677568972d30bc27daf43033a463fafeee0d7234f6
7b1d1e639d1994c6235d16a7ac583e583687660d7054a2a245dd18f24d10b675
8fe1ed1e34e8758a92c8d024d73c434665a03e94e5eb972c68dd661c5e252469
9cb6dc863e56316364c7c1e51f74ca991d734dacef9029337ddec5ca684c1106
9d11c3cf10b20ff5b3e541147f9a965a4e66ed863803c54d93ba8a07c4aa7e50
9ff0dcce930bb690c897260a0c5aaa928955f4ffba080c580c13a32a48037cf7
99fd61ba93497214ac56d8a0e65203647a2bc383a2ca2716015b3014a7e0f84d
894ab5d563172787b052f3fea17bf7d51ca8e015b0f873a893af17f47b358efe
926aeb3fda8142a6de8bc6c26bc00e32abc603c21acd0f9b572ec0484115bb89
1079e1b6e016b070ebf3e1357fa23313dcb805d3a6805088dbc3ab6d39330548
3367a4c8bd2bcd0973f3cb22aa2cb3f90ce2125107f9df2935831419444d5276
7967def86776f36ab6a663850120c5c70f397dd3834f11ba7a077205d37b117f
9895286973617a79e2b19f2919190a6ec9afc07a9e87af3557f3d76b252292df
b35f11d4f54b8941d4f1c5b49101b67b563511a55351e10ad4ede17403529c16
bd9edc3bf3d45e3cdf5236e8f8cd57a95ca3b41f61e4cd5c6c0404a83519058e
d3fbae7eb3d38159913c7e9f4c627149df1882b57998c8acaac5904710be2236
df91410df516e2bddfd3f6815b3b4039bf67a76f20aecabccffb152e5d6975ef
e134e053a80303d1fde769e50c2557ade0852fa827bed9199e52f67bac0d9efc
f1e7c1fc06bf0ea40986aa20e774d6b85c526c59046c452d98e48fe1e331ee4c
f23307f1c286143b974843da20c257901cf4be372ea21d1bb5dea523a7e2785d
fa317b071da64e3ee18d82d3a6a216596f2b4bca5f4d3277a091a137d6a21c45

# https://research.checkpoint.com/2024/maldocs-of-word-and-excel-vigor-of-the-ages/

107.172.73.137
192.210.160.112

0fd5e881a9ed54f69c35f9db17c4ea12fc7c10500b339a7fa11a695b4019954c
5cd806c0a528ca7ea6b3e2139c4c4165992d22610c50b0fecd47e08720835b4a
34b82dfffb003d39b09dc4c071432c17145165ece3a0ae193c564c7d0a2ab550
66a9b9955fa7240b45137d09dc265306ae751541de510cd9f4288f1a9972b02c
59943c6c6f823b9fed47873c27db84710fd7b639698eca736af1b901c0f002b1
aac88dbc105d5dcc83b431181c093c752ab9189dcc47576f8e0d961eb3c0c044
b5296c6e715e656b052ad5fbf0687610519916aa96ea4005be3f3cd2117273a7
f28cb523ca32452c2efdb1cbe1c921ab0388a158b80661e65b08c9951c674c1f
f211a5b6b757111a8094e290bf015ead9ebe8d79646a44684e9d9b88b0f68e52

# https://research.checkpoint.com/2024/raspberry-robin-keeps-riding-the-wave-of-endless-1-days/

07e5004a0a3a9129560237ab22d73f44d263204c5b6e15bbb7f17cd6171c87e1
1d5ae3117e171eab5919175c9fc677e872f1ef9f52e0c3c7ee4c3d858cd48a48
7e8315426befbcf3a2fca9a3ad4d0f072d9a184467ae7939920389b4a89f5116
189f22d5372806c1faaec4d89aaf8bc6837ce653281248d4fc90126d8a6755d0
537cb91a737213adaec1290188dd4ec6300166595dee034cf24f9080326a3b3b
571e6b37c9acea3add612769d2615f3ad1d2e151b08f8c6eace0cbce0461428a
697c15125b83c58c29d4235fd7b37c3f48c10630046be4952c220a4631acf05b
1235a8b1f7484da4a7efbae115f56b521dd3028b752786656498ec07e156f853
c0c92c3c7925965e6b1131e36d76c97f6719bb37c0cedbeab3e906bf600fcef0
c5d765b773684e851a180152516c45802098a6cd259b81ee4bd98b04607bd0ef
c6074b63c0ad279ae67a54677a8f037775c6dfbcf9085a0ff0c2a63245b60093
ca629b499a3a5cb52457f8f908bff3e5429f8574ba776499739490ff78e69094
eb12a5b640ef9bc07af0b59720e005cba41e7b3171ee3bdd9ecbc85b197586bb
eee7dac3cb9d776843bac9f2bbf633b72dd366adc66b78d34a6071d47f1bf007
f856db3dc69a1b816804a021e6e458ba4b3bf9a93e7fe2e0b57725ebdff1819d
fd0a3ec3b1564210e261892d8ceb51637380d0326387605bdccaef44a25221bf
fe8d7cb87345ad74b512ee0dd0bd597413d8f937b476e6d563a59125adc13158

# https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/

01609701a3ea751dc2323bec8018e11742714dc1b1c2dcb39282f3c4a4537c7d
2b6faa98a7617db2bd9e70c0ce050588c8b856484d97d46b50ed3bb94bdd62f7
3d010e3fce1b2c9ab5b8cc125be812e63b661ddcbde40509a49118c2330ef9d0
4fd469d08c051d6997f0471d91ccf96c173d27c8cff5bd70c3f2c5008faa786f
6ed3ac428961b350d4c8094a10d7685578ce02c6cd41cc7f98d8eeb361f0ee38
22a67f510dfb7ca822b5720b89cd81abfa5e63fefa1cdc7e266fbcbb0698db33
50b1f29ccdf727805a793a9dac61371981334c4a99f8fae85613b3ee57b186d2
633b0fe4f3d2bfb18d4ad648ff223fe6763397daa033e9c5d79f2cae89a6c3b2
5890b47df83b992e2bd8617d0ae4d492663ca870ed63ce47bb82f00fa3b82cf9
a905226a2486ccc158d44cf4c1728e103472825fb189e05c17d998b9f5534d63
a87032195e38892b351641e08c81b92a1ea888c3c74a0c7464160e86613c4476
bb8bbcc948e8dca2e5a0270c41c062a29994a2d9b51e820ed74d9b6e2a01ddcf
ecab35dfa6b03fed96bb69ffcecd11a29113278f53c6a84adced1167b66abe62
ed713454c20844522304c49cfe25fe1490418c300e5ab0c9fca431ede1e91d7b
ee4a487e78f23f5dffc35e73aeb9602514ebd885eb97460dd26635f67847bd16
f1f33618bbb8551b183304ddb18e0a8b8200642ec52d5b72d3c75a00cdb99fd4
f82ec2246dde81ca9edb69fb9c7ce3f7101f5ffcdc3bdb86fea2a5373fb026fb
fcb00beaa88f7827999856ba12302086cadbc1252261d64379172f2927a6760e

# https://research.checkpoint.com/2023/israel-hamas-war-spotlight-shaking-the-rust-off-sysjoker/

audiosound-visual.com
filestorage-short.org
sharing-u-file.com

62.108.40.129
85.31.231.49

0ff6ff167c71b86c511c36cba8f75d1d5209710907a807667f97ce323df9c4ba
6c8471e8c37e0a3d608184147f89d81d62f9442541a04d15d9ead0b3e0862d95
67ddd2af9a8ca3f92bda17bd990e0f3c4ab1d9bea47333fe31205eede8ecc706
96dc31cf0f9e7e59b4e00627f9c7f7a8cac3b8f4338b27d713b0aaf6abacfe6f
d4095f8b2fd0e6deb605baa1530c32336298afd026afc0f41030fa43371e3e72
e076e9893adb0c6d0c70cd7019a266d5fd02b429c01cfe51329b2318e9239836

# https://research.checkpoint.com/2023/the-platform-matters-a-comparative-study-on-linux-and-windows-ransomware-attacks/

09d6dab9b70a74f61c41eaa485b37de9a40c86b6d2eae7413db11b4e6a8256ef
11b1b2375d9d840912cfd1f0d0d04d93ed0cddb0ae4ddb550a5b62cd044d6b66
754f2022b72da704eb8636610c6d2ffcbdae9e8740555030a07c8c147387a537
7594bf1d87d35b489545e283ef1785bb2e04637cc1ff1aca9b666dde70528e2b
472836ed669d3927d50055e801048696375b37fce03b2f046e3e1039fb88e048
b57e5f0c857e807a03770feb4d3aa254d2c4c8c8d9e08687796be30e2093286c
b711579e33b0df2143c7cb61246233c7f9b4d53db6a048427a58c0295d8daf1c
d1ba6260e2c6bf82be1d6815e19a1128aa0880f162a0691f667061c8fe8f1b2c
e2dcd1eaf59e7e10b9dfeedc6f2b0678efac7907f17ee8b4e8791c39c1fbaa58
e9cc7fdfa3cf40ff9c3db0248a79f4817b170f2660aa2b2ed6c551eae1c38e0b
edfe81babf50c2506853fd8375f1be0b7bebbefb2e5e9a33eff95ec23e867de1

# https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/

absorbeni.ru
acaenaso.ru
aethionemaso.ru
ahmozpi.ru
andamanos.ru
arabianos.ru
atonpi.ru
aychobanpo.ru
ayzakpo.ru
badrupi.ru
barakapi.ru
boskatrem.ru
brudimar.ru
credomched.ru
crisiumbi.ru
dakareypa.ru
decorous.ru
dumerilipi.ru
gayado.ru
geminiso.ru
heartbreaking.ru
hoanzo.ru
judicious.ru
karoanpa.ru
lamentable.ru
lestemps.ru
nahtizi.ru
nebtoizi.ru
nubiumbi.ru
ozaharso.ru
procellarumbi.ru
quyenzo.ru
ragibpo.ru
raidla.ru
ramizla.ru
sabirpo.ru
samiseto.ru
squeamish.ru
suizibel.ru
superficial.ru
talehgi.ru
triticumos.ru
undesirable.ru
urdevont.ru
valefgo.ru
vasifgo.ru
vilaverde.ru
vloperang.ru
zerodems.ru

1c49d04fc0eb8c9de9f2f6d661826d24
1da0bf901ae15a9a8aef89243516c818
4c2431e5f868228c1f286fca1033d221
9d9851d672293dfd8354081fd0263c13
42bc36d5debc21dff3559870ff300c4e
49d1f9ce1d0f6dfa94ad9b0548384b3a
86d28664fc7332eafb788a44ac82a5ed
88aba3f2d526b0ba3db9bc3dfee7db39
96db6240acb1a3fca8add7c4f9472aa5
495b118d11ceae029d186ffdbb157614
579f1883cdfd8534167e773341e27990
1536ec56d69cc7e9aebb8fbd0d3277c4
2996a70d09fff69f209051ce75a9b4f8
6349dd85d9549f333117a84946972d06
8096dfaa954113242011e0d7aaaebffd
2239800bfc8fdfddf78229f2eb8a7b95
83500309a878370722bc40c7b83e83e3
bbb464b327ad259ad5de7ce3e85a4081
cbeaedfa84b02a2bd41a70fa92a46c36
cdae1c55ec154cd6cef4954519564c01

# https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/

4f6351b8fb3f49ff0061ee6f338cd1af88893ed20e71e211e8adb6b90e50a3b8
6f0a38c9eb9171cd323b0f599b74ee571620bc3f34aa07435e7c5822663de605
1146b1f38e420936b7c5f6b22212f3aa93515f3738c861f499ed1047865549cb
1485c0ed3e875cbdfc6786a5bd26d18ea9d31727deb8df290a1c00c780419a4e
3875ed58c0d42e05c83843b32ed33d6ba5e94e18ffe8fb1bf34fd7dedf3f82a7
7495c1ea421063845eb8f4599a1c17c105f700ca0671ca874c5aa5aef3764c1c
8578bff36e3b02cc71495b647db88c67c3c5ca710b5a2bd539148550595d0330
9117bd328e37be121fb497596a2d0619a0eaca44752a1854523b8af46a5b0ceb
67560e05383e38b2fcc30df84f0792ad095d5594838087076b214d849cde9542
2097320e71990865f04b9484858d279875cf5c66a5f6d12c819a34e2385da838
a2598161e1efff623de6128ad8aafba9da0300b6f86e8c951e616bd19f0a572b
b71aa5f27611a2089a5bbe34fd1aafb45bd71824b4f8c2465cf4754db746aa79
c5b4542d61af74cf7454d7f1c8d96218d709de38f94ccfa7c16b15f726dc08c0
da450c639c9a50377233c0f195c3f6162beb253f320ed57d5c9bb9c7f0e83999
daa362f070ba121b9a2fa3567abc345edcde33c54cabefa71dd2faad78c10c33
e1ad173e49eee1194f2a55afa681cef7c3b8f6c26572f474dec7a42e9f0cdc9d
f6c316e2385f2694d47e936b0ac4bc9b55e279d530dd5e805f0d963cb47c3c0d
f4639c63fb01875946a4272c3515f005d558823311d0ee4c34896c2b66122596

# https://research.checkpoint.com/2023/stayin-alive-targeted-attacks-against-telecoms-and-government-ministries-in-asia/

ad.fopingu.com
admit.pkigoscorp.com
backend.rtmcsync.com
cdn.pkigoscorp.com
cert.qform3d.in
cyberguard.certexvpn.com
eaq.machineaccountquota.com
gist.gitbusercontent.com
git.gitbusercontent.com
idp.pkigoscorp.com
imap.774b884034c450b.com
ns01.nayatel.orinafz.com
pic.rtmcsync.com
proxy.rtmcsync.com
qaq2.machineaccountquota.com
raw.gitbusercontent.com
sslvpn.pkigoscorp.com
update.certexvpn.com

45.77.171.170
45.159.250.179
65.20.68.126
70.34.201.229
77.91.75.232
136.244.111.25
139.180.145.121
167.179.91.150
178.23.190.206
185.136.163.129
185.242.85.124
185.243.112.223
207.148.69.74

2ab1121c603b925548a823fa18193896cd24d186e08957393e6a34d697aed782
2dfba1cbc0ac1793ffd591c88024fab598a3f6a91756a2ea79f84f1601a0f1ed
4baa4071a5eedbe0a8afa1059f7732e5cde0433dd0425e075721dd2cdec9d70d
4d52d40bc7599b784a86a000ff436527babc46c5de737e19ded265416b4977c6
6eaa33812365865512044020bc4b95079a1cc2ddc26cdadf24a9ff76c81b1746
6f3de35c531993aa307729e2046ff7aa672f5058b7e0fc6557bbd4c500fb46e7
12a7b9fa57719109b7f5d081cbe032320a59a7d57eef2dcd2cd4fe2b909162dc
36b4a846d6ed3461e36ed9f4c03fb4548397659ef0a46219695666266eba1652
47de9bf5f60504c229fe9f727aa59ba5c34d173a23af70822541a9e485abe391
78faceaf9a911d966086071ff085f2d5c2713b58446d48e0db1ad40974bb15cd
93e9237afaff14c6b9a24cf7275e9d66bc95af8a0cc93db2a68b47cbbca4c347
295b99219d8529d2cd17b71a7947d370809f4e1a3094a74a31da6e30aa39e719
437cde10797b75ea92b1b68eb887972fe43b434db3ed67b756e01698cce69b4a
451f87134438fa7e5735a865989072e7bab4858ca0b1e921224ed27dea0226b0
462c85f6972da64af08f52a4c2f3a03bcd40fdf29b29b01631bff643cd9d906a
482d41c4a2e14ddc072087a1b96f6e34ffda2bfc85819e21f15c97220825e651
778b2526965dc1c4bcc401d0ae92037122e7e7f2c41f042f95b59a7f0fe6f30e
1934ac9067871a61958e3e96ea5daa227900b7683fce67a1bf1c24beff77d75a
7418c4d96cb0fe41fc95c0a27d2364ac45eb749d7edbe0ab339ea954f86abf9e
60030b970491bced72a56c9dde09a1d2260becfbf80a2b0d217a0b913e781c3a
409948cbbeaf051a41385d2e2bc32fc1e59789986852e608124b201d079e5c3c
732621aa53683c16edf3959dfe9d93de5359c431c130784b31d4a598fbbd80a9
1428698cc8b31a2c0150065af7b615ef2374ea3438b0a82f2efcff306b43cee6
877579185a72fbaf1afa78d3c50dbab187780d545d5375ba4c29147083176697
a8a026d9bda80cc9bdd778a6ea8c88edcb2d657dc481952913bbdb5f2bfc11c9
a54e0352653146371efd727ca00110577f8e750e92101462e246f99d435b6172
b3fc497f94ac04abc4c9a6f23ab142fdc2387c520ce5c6fdae1b511793bc6ba2
c4f9bc7624509190e9e2a690daeff5ac9e944f094b51781734b83a364ae038d0
c5d1ee44ec75fc31e1c11fbf7a70ed7ca8c782099abfde15ecaa1b1edaf180ac
caa9fdda2776f681ec294ffeded04723107cf754a2889c3fbb5bc7c743d897c1
d4bd89ff56b75fc617f83eb858b6dbce7b36376889b07fa0c2417322ca361c30
d33cbdbd6181deb0e8da9c9e6fb8795e98478d9608ab187e5b8809bed6b2e5c4
d94ed414dbfb9bbcba42e3bf2db3b76eb8172b03133d1745d6abcde6f9edbaa7
da2d9ed632576eca68a0c6d8d5afd383a1d811c369012f0d7fb52cd06da8c9b9

# https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components/

danfe.is-certified.com
rendinfo.shop
sodkvsodkv.supplier.serveftp.net

147.124.213.152
173.249.196.195
176.31.159.196
216.250.251.196

07028ec2a727330a3710dba8940aa97809f47e75e1fd9485d8fc52a3c018a128
095b793d60ce5b15fac035e03d41f1ddd2e462ec4fa00ccf20553af3c09656f6
3b43de8555d8f413a797e19c414a55578882ad7bbcb6ad7604bb1818dd3eedcd
5ad42b39f368a25a00d9fe15fa5326101c43bf4c296b64c1556bc49beeee9ae1
5c59cd977890ed32eb60caca8dc2c9a667cff4edc2b12011854310474d5f405d
8e65383a91716b87651d3fa60bc39967927ab01b230086e3c5a2f9a096fc6c57
9d91437a3bfd37f68cc3e2e2acfbbbbfffa3a73d8f3f466bc3751f48c6e1b40e
808e0ddccd5ae4b8cbc4747a5ee044356b7aa67354724519d1e54efb2fc4f6ec
825a5c221cb8247831745d44b424954c99e9023843c96def6baf84ccb62e9e5f
b198da893972df5b0f2cbcec859c0b6c88bb3cf285477b672b4f40c104bcbd36
be35b48dfec1cc2fc046423036fa76fc9096123efadac065c80361c45f401d3c
be36c832a1186fd752dd975d31284bdd2ac3342bd3d32980c6c52271d0d2c84c
cd22e14f4fa6716cfc9964fdead813d2ffb80d6dd716e2114f987ff36cc5e872
d9b2450e4b91739c39981ab34ec7a3aeb33fb3b75deb45020b9c16596a97a219
dbeb4960cdb04999c1a5a3360c9112e3bc1de79534d7ac9027b7fdb7798968a6
e5e89824f52816d786aaac4ebdb07a898a827004a94bee558800e4a0e29b083a
f83b33acfd9390309eefb4a17b42e89dcdbe759757844a3d9b474d570ddbab86
fb7a958b99275caa0c04be2a821b2a821bb797c4be6bd049fa09144de349ea41

# https://research.checkpoint.com/2023/unveiling-the-shadows-the-dark-alliance-between-guloader-and-remcos/

alienzouks.com
mazzancollttyde.business
ryandeby.com
securitycode.eu
vrezvrez.com

38.242.193.23
84.21.172.49
173.212.217.108
176.113.115.81
185.126.237.209
185.217.1.137
194.180.48.211

40b9ca22013d02303d49d8f922ac2739
abf39daaa33505f26959db465116f21f
d621b39ec6294c998580cc21f33b2f46

0db693472b4ca6f3ec1effc03d47c288f15ed06b7d4e172f8192047d3e800db1
4c85469c2d3a8871a767df084db3216988b213e4c1928a1b8133aca3874765de
7b2d1dc5fecb9e8821545af477721b45b4b4817adced81c78479e53c2e3028f5
7bd663ea34e358050986bde528612039f476f3b315ee169c79359177a8d01e03
9a02ea9ef7ffe6d1372bd099336ea414386d5041c78151f3b71ff33b0d307f74
25c45221a9475246e20845430bdd63b513a9a9a73ed447bd7935ff9ecee5a61e
36d0c2e7f20f3ff81c4e7f25b66551f1dd2d736775e0994d39aca4c73cb658bb
42b9f3c3b5cf44db9e371093e400fc087a9b7324b4875f4eef5efbde3b984157
83df18f8e28f779b19170d2ca707aa3dbcee231736c26f8ba4fbd8768cd26ba6
84b3c700ebdb8da0dde2ee19c88e957389051d484386d2859d27dc56b6c30157
618bf81ba49b99210ea91fe359daf420596b58f37636d8dea1bf012ce081d1ae
723ac2c81529c534e97cfd73d89b2479dfc34909c4814324b71147b391896979
63559daa72c778e9657ca53e2a72deb541cdec3e0d36ecf04d15ddbf3786aea8
496924a13efee60c314947f296d6095b07a1ef6920fcc502d06ffa6c4a9a32e1
791845e2c97b9a70f35075be963a88f0410201145953179303a4c689ccd8ac4a
9294279b158b48a5ac498070d4687e37f6efdac460684fc6cc30eee875cd1257
ab9ecfc10f1e537e2c4a31da2b9ffd7fd0d696b59eb72da48ae2d11df639d120
aeb95fd2613e369ee8a885124dc4f717d21a337216f75101f5066ed48bc48ca3
b93821edca20bd777e3f4a17aac0f9e5d4ddb351bdf2ba7ce1b0eecc7e3890f2
c914dab00f2b1d63c50eb217eeb29bcd5fe20b4e61538b0d9d052ff1b746fd73
d2523a35267c9417969a880aa822b9d6af85e46e83b143979a177a292f347fb6
d844221b683b4308b60fe80e23e6e3e618e07d36381b03da746e580e805d1814
de11c14925357a978c48c54b3b294d5ab59cffc6efabdae0acd1a17033fe6483
f9edc031e26e9d37e740acfd3739cc3f0a442bb14ec34d9b2ddbf79db56e073f

# https://research.checkpoint.com/2023/guarding-against-the-unseen-investigating-a-stealthy-remcos-malware-attack-on-colombian-firms/

192.161.184.21

0eb80eca7ce0ce7eb2247e5bc4f1fca0050c6c9a
0f0e747e23c98467bf825f8ef0dd1ab2eacb1169
06c4ae8f298943340466a5dd1a6d44491349dc89
07106f6c27f3f9111f6772be99c13a6d4c9086f9
091a54d15376e86860ed52f3dcb5d3ded457e669
1af2877ea0f103c0eb7a022616274b06dff387b1
1b9d6935421026676f2e39332894e61406768100
1d50d5066bb37491b56c05b196a569740b1dfae0
1e7535f915f5feaa3efa9454595143287620d2dd
1f617be60cf587d9b4148b99330fe41ec13f9a0f
2cc559b88c1417bb706c1bdf2da899c4a906b96f
2e03467eb027b820d6414377c4cde1faed41f53d
2f82901f0467e2c1ca4c876f0718ab0054ee8665
2facc6928c6e6e1d934c342f8d0ecdb590227f6e
3b1d15c94f8a444cdeded4cb1fdc67835a3eb22f
3de22926115f4232b1fed26a4ea45dc9c8ad551f
3f92880d212006e2812dd11b945893616305bd65
4a76ba6b31fb4afded84a31aac37961333221d4e
4ad0661ce27ad4e738fac9df6399dade735aab75
4d83ca1c2133425e1f87ea4729f40f17beeac8e2
5d41cad361e530512a4bc8f394f5447fdcd19c1b
5eb95c21bc3171b7e7a72d015d632d7cd92eeff5
6b6b98ce05a28d2089f40f814bd488f9d044b2ac
6bd967409c612466686e60dd409183a014171bf4
6d59089e1bd588e5dff8ddc22a7b5d489bb23099
6fa5b9e94f0ad29807fdf54fe686407988d22675
7a982b71d4f3c9c280922b3a7446d5b37aea9ea5
7f034c654586f36718b0d8e2cf20898a2434b9be
7f3c4ea235a975d7373263b9122bc5f1b4014dc7
8a8b6182bf00f584446d8f5251fc10bc3e634e41
8f92c596c39bb90ede4434984e20ce9910b15161
9aaf87c7bd580bcde421bd45149534e1e94e5052
9ec5ece2add690e3bca1a7ef84a73e10e326f39f
10b4b1042cecb095b4290b585f3813d962363b80
21f1c5fec49abbe72669d0b24332c1dc19655afc
30c4ede9a6f31c88b2ae1c0934a6be2dd85c4fcb
33b3128ec42305c9df027a1b27ec776f87549178
52ec5ca7ebfed9fd46e6995f295da9b58f8d0db7
56b41bfebfefe17fdb3f983c88b6ba1e509f4673
56fa7cece82be67830de5fda699fb4e8fb8c8ab8
66e261009a745aeb0ed753cc920fca12880d5153
70a82522c0ff3d0ff1034cb75eb4c655fee8f16d
72db30e960256be5723cf497671af031b99da702
78fc5666b1599fb45a8de9ead18c0c88762b3fb0
85fda5b03b10c5ca740d8b402623e74bf47a1459
90a7c84ca422b2a03d5be16b90805bb298f31ddb
90b44246a15df7ce331475cecdb32b907958c017
95aa52f8d8c9e2cc3f7e408a12c9b547efabef5f
114fdf1d2bb70d0701c3843a1ef6b85c312cb293
273aad18bc2b709926857dfeb2004a6023e3801f
289da12f6a23df7ceec631db4222138934973f17
432dc5cf8b64c591b8d5d80c6c94879b41fbcb25
476f4ebc66a430e5211a45d3fd987e06adbb87e1
631ce6b5704cba5087d8bb1f7ec294f1838f875a
747c2466b4f4b5024f321a07fca597824d2483f8
796b5b5f2a9bffb777b46066e7167813dc53d344
841e5093c48ff58949956a76638928f3a70dea09
879b86cdf85c67b99c2f45afbaba8e4967a36065
3903cd20c6e72582f0ce3457a8964c6d9bc7496d
4094f97258442bc1df5047fbd08b2e4cdf707788
5183b062a48926e20deef57a4d1819be62985803
8136a49c3688c2205936dd87bb9fb0713969e74c
9417bb08836439b05e950bc397a7fcc1b6d65c3e
32923f96042f5288a47bf44e6a70a2ad1a88e40e
84668e4bb3b9366a8fd0856a6dc2a76a341589db
2990974b141cbd7f93331dc7ae99c8ce00768829
3030026cf11a87685b53b4339de628012a4ebb8c
59358571cc8679f945477d4616b853081e90f128
137424047b1b536d84fa67b57af530c2d0f7e103
446343828f9ea0c3da92e88401b06dcad2564efc
a0e0dd39ea5af2fc05fa0381d7f690840f726237
a3e4b4f0f6572b50ed72683ebef08d4f3ae9b28e
a4f5c257bbc2d231b62c54dbf1948475eeeae01d
a7a22b1637710ee68fe966c72a1efbef4b04f94f
a738e73eb43b2b13d571bbec921364ef7c0fe89b
afcc5ffd986c8a3097644db452f478318df175e3
b37b50f13fe9c7e749b3ccdc5cb27a5c75f563e8
b95f28e3e371c4e3bcfaf5d125b108ce0882492e
c7fdc4e9085dd5c9277fae611a5346e1ed822e05
c184116dc08189023ca32d80a5f683c5230aa2d5
c464353ea1206bf98d74294846d44dcc77abd266
cc136bc74eaa921fb852140b9d9fda9ea9bc9d57
ce7acbe0e521474fdcc337e6b6e93bd45e1f0e01
cf175cf4550280e43c6b094561fbe2925808a86e
d01aeb3b10ed5f39623eaa2be7a5d45b4eb9daf3
d2cace3f1a8f7399b56df20af8c6cc73721c7437
d5d6ca1af6f85497a600dec6068a179999f53ebe
d8d1840820cb74e3a40d09e6123aba21735fc0c4
d8e9eb2b5db47efd11066826c21e0300610d1871
d31f0105aaf6a63c9e74474c25a58fd876efa7a0
d67ebf4f01fc1c6cb1089402cd4a75b4afae2907
d833ec0f14bfc04ba0739387844e6971d879fd73
db936d1615f6bb43c70af75b48f9a188ddd616b4
dbc8cd0d565c9fa45a0f0ce030f609cfbc8dcc49
dc5898884939ac85426c75c053b4248fbc157d59
de47ac28807ef5ddf0baac89b833d629365b69fa
de89d77a580333433dad82418e94277288eeac3c
e08d2d4008b7aef450428400516c6642ddac7ccd
e2dfed7211a9277b4e43259cededb73b2bed90ce
e95f2c4cd4bc70c8571c951ac7bc0578d22847aa
e543fd34e50bba41b422095dae1582d3e90718a3
e8162589c2594823a9847495389d6d3edeaea679
ee25058728ee4b1fcbe45c39d06d8b577f5d3cd2
ef1cc1750f5f580aa9338b8c5c5125cfd8406f7b
f0225203ef06dd74c5619e787bcb842bfee21715
f3b5d39e69712947dcdc71d5738518caf53a8d98
f4a1652c439b0a46218f08a11c913cab04895d84
f185ce72e88cafcf94ad96f5f71278daa2a5c1e6
f637469861d7933ca1e0b5940cd65008fe852ae6
fb52f09ca044e707dc435417c8fdd3a9e9949bee

# https://research.checkpoint.com/2023/from-hidden-bee-to-rhadamanthys-the-evolution-of-custom-executable-formats/

0c0753affec66ea02d4e93ced63f95e6c535dc7d7afb7fcd7e75a49764fbef0d
0ca1f5e81c35de6af3e93df7b743f47de9f2791af25020d6a9fafab406edebb2
0f0760eb43d1a3ed16b4842b25674e4d6d1239766243bac1d4c19341bb37d5b8
1eb7e20cc13f622bd6834ef333b8c44d22068263b68519a54adc99af5b1e6d34
2a8b2eca9c5f604478ffc9103136c4720131b0766be041d47898afc80984fd78
3aa34d44946b4405cd6fc85c735ae2b405d597a5ab018a6c46177f4e1b86d11a
3ecb1f99328a188d1369eb491338788b9ddeba6c038f0c14de275ee7ab96694b
5af4507b1ae510b21d8c64e1e6fb518bf8d63ff03156eb0406b1193e10308302
7de67b4ae3475e1243c80ba446a8502ce25fec327288d81a28be69706b4d9d81
7f96fcddf5bfb361943ef491634ef007800a151c0fcbff46bde81441383f759e
9ab214c4e8b022dbc5038ab32c5c00f8b351aecb39b8f63114a8d02b50c0b59b
9d69149b6b2dd202870ff5ce49b1ef166b628e44da22d63151bd155e52aadee8
31d89c4bba78cab67a791ebc2a829ad1f81d342ad96b47228f2c96038a1ff707
39e60dbcfa3401c2568f8ef27cf97a83d16fdbd43ecf61c3be565ee4e7b9092e
40ab8104b734d5666b52a550ed30f69b8a3d554d7ed86d4f658defca80b220fb
50ebe2ac91a2f832bab7afce93cf2fc252a3694ee4e3829a6ccb2786554a3830
85d104c4584ca1466a816ca3e34b7b555181aa0e8840202e43c2ee2c61b6cb84
158b1f46777461ac9e13216ee136a0c8065c2d3e7cb1f00e6b0ca699f6815498
301cafc22505f558744bb9ed11d17e2b0ebd07baa3a0f59d1650d119ede4ceeb
648cf25ac347e4a37f8e8f837a7866f591da863ce40ce360c243b116dbb0f2b5
90290bed8745f9e2ca37538f5f47bf71b5beb53b29027390e18e8b285b764f55
a1fce39c4db5f1315d5024b406c0b0fb554e19ff9b6555e46efba1986d6eff2e
a4fe1633586f7482b655c02c1b7470608a98d8159b7248c05b6d557109aef8d9
a717bafa929893e64dbd2fc6b38dbeed2efc7308f1bc3e1eaf52dfc8114091ad
a462783e32dceef3224488d39a67d1a9177e65bd38bc9c534039b10ffab7e7ba
a13376875d3b492eb818c5629afd3f97883be2a5154fa861e7879d5f770e21d4
ae30e2f276a49aa4f61066f0eac0b6d35a92a199e164a68a186cba4291798716
b87c03183b84e3c7ec319d7be7c38862f33d011ff160cb1385aea70046f5a67b
b542b29e51e01cec685110991acf28937ad894ba30dc8e044ef66bb8acbed210
b828072d354f510e2030ef9cad6f00546b4e06f08230960a103aab0128f20fc3
bd694e981db5fba281c306dc622a1c5ee0dd02efc29ef792a2100989042f0158
c95bb09de000ba72a45ec63a9b5e46c22b9f1e2c10cc58b4f4d3980c30286c91
e69f284430cd491d97b017f7132ad46fef3d814694b29bd15aaa07d206fa4001
e65973cfa8ae7fb4305c085c30348aef702fb5fc4118f83c8cdc498ae01e81f7
eca3b3fa9fc6158eae8c978ab888966ab561f39c905a316ef31d5613f1018124
f0f70c6ba7dcb338794ee0034250f5f98fc6bddea0922495af863421baf4735f
f336cd910b9cfbe13a5d94fcdbac1be9c901a2dfd7ac0da82fbb9e8a096ac212
fcb00beaa88f7827999856ba12302086cadbc1252261d64379172f2927a6760e

# https://research.checkpoint.com/2023/tunnel-warfare-exposing-dns-tunneling-campaigns-using-generative-models-coinloader-case-study/

candatamsna.info
candatamsnb.info
candatamsnc.info
candatamsnd.info
candatamsnsdn.info
mapdatamsna.info
mapdatamsnb.info
mapdatamsnc.info
mapdatamsnd.info
mapdatamsnsdn.info
rqmetrixa.info
rqmetrixb.info
rqmetrixc.info
rqmetrixd.info
rqmetrixsdn.info

84548cf16e26979ff9a3fa2b3f854f34
a05144d7254b419d3a09787e280b4be3

# https://research.checkpoint.com/2023/the-rhysida-ransomware-activity-analysis-and-ties-to-vice-society/

5.226.141.196
5.255.103.7

# https://research.checkpoint.com/2023/byos-bundle-your-own-stealer/

cp.bemilcoin.io
googlebardai.wiki
marketingaigg.com

51.79.180.158
85.239.242.27
139.99.38.193
139.99.80.193

0ba224ecc2546d0a5ccc13bc8f929ec0035ca884fce44c8aebcfec185550169c
0c5ef531c2d5be15ef2a031c381a9531db22e030b14a1c2de311c68da23fef48
0e2bb46c9cb2baa0263824f4a6725a2e4db2541eafd392f25bd9a4921a2e04f3
1c27a31830946ca806be10d07dc67b185d3f1e2bbc76cd5365719055966600fb
2e0492507ed4127b25e523444b205c58312902fa0bf2f5697c184049af5e4e18
4b4f69b01edd2c96db6374a9d0d980f5023383d440914831301f19d1d29ae4d9
4c39df6e78b110e4912f3cb543130297b9b3cc3d33daa2d613999a1b991ba763
5ac212ca8a5516e376e0af83788e2197690ba73c6b6bda3b646a22f0af94bf59
5beb1ce875166ec47ee7fbcd9e48c891fe0b27ccec04edf3da82bf8b3b2ea04b
7a0cd3cc214b312cda20a54f7e0e93509fbcf5f6e6d9f41fd95d6dfa3bb5bcdc
8d1aa8ca616afc7fdf3cd6552e94fb486196d67e062adf5c97ada05b7b176985
9b0a6fdc188de6d80117f9f0894c456e9f541f19ba5b4ed8cfd03e86d8fb8af9
9b4c6dcee2848e2c23cffe1b8925ebc37d4d98a441fe6b0ff82dc788595a68be
9e6175a02a129fe559f108f6dced7fb6bf66c468cfb3ca276f3621ab8c312e91
20b833c028322139b81e220cc165513ec2d4a490cfbd84e88e985a84d3173025
22bb60b0ea0d5bb57e105287843867880f336ddafa1545332e2de16d412cde12
25c0f65acb3ecfe435a39bed3f5013eadd85eca1e78a0dc754cb4b82389ee4bb
26d0853adcec8b273346924e97170226abd7b800b5ee51f6768c58ac45f59d20
37a06e2e28d16096c45bfd3ef2679fe8dc722810b6f6119b7dc5f1483e66ec01
41c884718ce264195d75695252b22021680c6d5470a303f999f3f333a5eef9c9
50b7447d83715b8b7b36a15d0e7c7b8ae881a56dc0f39eb1aa22604e00f97d17
67f24b507fe2f6dc06a294b85486cfa1dba6af188e59c51a74adc3b3f9ed29d8
90b37f26d7574a23437a2f0ad75d3cce5ecf3928efb58beacedde289fd3568bf
97f777abfeada170c1caa625ffbf12b8d097ae5331f3f4c5b57dad4fc0c4f8c1
230e5844ac0c767baf4d5d660f9ebcd0a9dd7f5a5ec5869387f53fa3eb902aa3
303c6d0cea77ae6343dda76ceabaefdd03cc80bd6e041d2b931e7f6d59ca3ef6
601f888abbb545b003ed37e3835237de7915874893f22ee5bb6ebc9f5db618b5
953e1b59b2163ddafaafe7872033ae6351a46500b575a717c853b6393d2c7ef6
2038aa28b4e23806030f945aadcf5dbbfa2e3f7ae2b924bd987fda62f87773fc
3198a613574a8ab84637bf80ebe5f6a56c851aa292973515c5de856f1e958d6d
4856cdb407d67ee82d44e1cd606e382cde7b6bcaf9127dd7924e2d604c1cad38
6552a05a4ea87494e80d0654f872f980cf19e46b4a99d5084f9ec3938a20db91
6632c655875279ed1c19937805416a716d9994db71c8e30d2c8b4a3a3c3f9620
6834be1cbde6718d153a729f2e68e3f3b21bcbcb51a9f381e98f78b7a414969f
84319f401994ca83d2659aef8fa5810224f4a0fef2d3ed6883a5a265d3a8c291
386189e521d431428157cf37b4653444f8c2116ee0a5229313012c43e5839edd
a47d68411f64887300800cbe471f3cb24047e2e352bff74b810ad1940cfff85c
a99dbc0cb0a051ec68bd89c468fd589b201380f47330bdedbb69f9b076099711
a1389d02c0b7892ffeae60b7869f3a761c2326629bd1c304839a1e8b7400744e
af92d0545ce01e5dcbe228a43babe6281a1631836e5631286908c7f0aa225f3d
b47ac379cc23a059e1aaaba351f528c5a955fd56da35928c0bc0043c4ab8b38a
bc1fceb2d6c5dc7bedfdf1790ac0f06ccf0a9777c79d831d037dff10ae4ace8f
bfa7b12cc68b9cd26022a4c611ceaa473c84ffe36bb8008c67c1692b968b88d8
cd1c00427973b7ff7bac1803d35c071ff0fdeb975c4eb5a54829bedf12c4d136
d0146a3bbed91d5680c9b44c0f0e69deabe4d6c0f114e50d9fdee9cd202242fc
dfa9f39ab29405475e3d110d9ac0cc21885760d07716595104db5e9e055c92a6
fca477e3e0fe31dfc14a4bade9828da267b6f234c343f9fb654e6921ba71bd08

# https://research.checkpoint.com/2023/chinese-threat-actors-targeting-europe-in-smugx-campaign/

jcswcd.com
newsmailnet.com

45.90.58.69
62.233.57.136
152.152.12.12
217.12.207.164

0bdfb922a39103658195d1d37ff584d24f7bd88464e7a119e86d6e3579958cc1
0d13a503d86a6450f71408eb82a196718324465744bf6b8c4e0a780fd5be40c0
0e4b81e04ca77762be2afb8bd451abb2ff46d2831028cde1c5d0ec45199f01a1
0032d5430f1b5fcfb6a380b4f1d226b6b919f2677340503f04df04235409b2d0
04b99518502774deb4a9d9cf6b54d43ff8f333d8ec5b4b230c0e995542bb2c61
08661f40f40371fc8a49380ad3d57521f9d0c2aa322ae4b0a684b27e637aed12
1acb061ce63ee8ee172fbdf518bd261ef2c46d818ffd4b1614db6ce3daa5a885
2bc30ced135acd6a506cfb557734407f21b70fecd2f645c5b938e14199b24f1e
3c6ace055527877778d989f469a5a70eb5ef7700375b850f0b1b8414151105ee
5f751fb287db51f79bb6df2e330a53b6d80ef3d2af93f09bb786b62e613514db
8a6ef9aa3f0762b03f983a1e53e8c731247273aafa410ed884ecd4c4e02c7db8
8cac6dfb2a894ff3f530c29e79dcd37810b4628279b9570a34f7e22bd4d416b3
8ea34b85dd4fb64f7e6591e4f1c24763fc3421caa7c0f0d8350c67b9bafa4d32
9ce5abd02d397689d99f62dfbd2a6a396876c6629cb5db453f1dcbbc3465ac9a
10cad59ea2a566597d933b1e8ba929af0b4c7af85481eacaab708ef4ddf6e0ee
27a61653ce4e503334413cf80809647ce5dca02ff4aea63fb3a39bc62c9c258c
62c2e246855d589eb1ec37a9f3bcc0b6f3ba9946532aff8a39a4dc9d3a93f42c
324bfb2f414be221e24aaa9fb22cb49e4d4c0904bd7c203afdff158ba63fe35b
460c459db77c5625ed1c029b2dd6c6eae5e631b81a169494fb0182d550769f76
720a70ca6ee1fbaf06c7cb60d14e27391130407e34e13a092d19f1df2c9c6d05
989ede1df02e4d9620f6caf75a88a11791d156f62fdea4258e12d972df76bc05
277390cc50e00f52e76a6562e6e699b0345497bd1df26c7c41bd56da5b6d1347
736451c2593bc1601c52b45c16ad8fd1aec56f868eb3bba333183723dea805af
3489955d23e66d6f34b3ada70b4d228547dbb3ccb0f6c7282553cbbdeaf168cb
4547914e17c127d9b53bbc9d44de0e5b867f1a86d2e5ede828cd3188ed7fe838
a0879dd439c7f1ed520aad0c309fe1dbf1a2fc41e2468f4174489a0ec56c47c7
b00c252a60171f33e32e64891ffe826b8a45f8816acf778838d788897213a405
ba55542c6fa12865633d6d24f4a81bffd512791a6e0a9b77f6b17a53e2216659
baca1159acc715545a787d522950117eae5b7dc65efacfe86383f62e6b9b59d3
bd3881964e351a7691bfc7e997e8a2c8ce4a8e26b79e3712d0cbdc484a5646b6
bddbc529f23ab6b865bc750508403ef57c8cf77284d613d030949bd37078d880
bf4f8a5f75e9e5ecd752baa73abddd37b014728722ac3d74b82bffa625bf09b5
bf8e512921522e49d16c638dc8d01bd0a2803a4ef019afbfc2f0941875019ea1
c96723a68fc939c835578ff746f7d4c5371cb82a9c0dffe360bb656acea4d6e1
ce308b538ff3a0be0dbcee753db7e556a54b4aeddbddd0c03db7126b08911fe2
ea5825fa1f39587a88882e87064caae9dd3b79f02438dc3a229c5b775b530c7d
ea2869424df2ffbb113017d95ae48ae8ed9897280fd21b26e046c75b3e43b25a
ec3e491a831b4057fc0e2ebe9f43c32f1f07959b6430b323d35d6d409d2b31e4
edb5d4b454b6c7d3abecd6de7099e05575b8f28bb09dfc364e45ce8c16a34fcd
f7d35cb95256513c07c262d4b03603e073e58eb4cd5fa9aac1e04ecc6e870d42
fd0711a50c8af1dbc5c7ba42b894b2af8a2b03dd7544d20f5a887c93b9834429

# https://research.checkpoint.com/2023/beyond-the-horizon-traveling-the-world-on-camaro-dragons-usb-flash-drives/

0279a0a3effc688097eb14d4bd6f1ab8be86f880d01952af7e2b55c51cf107b1
5c878a05fb54c6d06ca4f66d28906d17a423b1305b6aa9bde19df8e8b3e91c5c
6c4226aa2f8bb646f753ffd282cf4624f6bc8e5ca8a2cb2373f640a2a29cdd95
7d8b568746a643aa0470b14f271f681dd3b09dbc08c893b191d1d6607b86c501
68eb5590d8ad952215cf54741b0ed6204c19bba4dcb8d704883e007f16de5028
491d9f6f4e754a430a29ac6842ee12c43615e33b0e720c61e3f06636559813f7
3738e414f43d3b213cf7475a8bb616a3379c09e90c0ba5c6ac0e398d2967ca95
7752fc0c747149d45deeec1023fef8ca73f83a154643531ae9db9cb89b6ce1dc
464888b81e4d67aad73b245efa6442fecf8221abe3ec74d4cd180e4beedaddc6
aeacc2d47a88eb68d503f9e30b189641572eb35423df931845f90a4c447ed1be
ce1615ec67296edd05d9dc9a6a075a4724553fca5398c425372b85170aec2106
fc598a686a5a77436684cbd0f72f39033cb70a41d4dbcf5dbab47a7c2522fdda

# https://research.checkpoint.com/2023/stealth-soldier-backdoor-used-in-targeted-espionage-attacks-in-north-africa/

2096.website
customjvupdate.live
filecloud.store
filestoragehub.live
loglivemail.com
webmailogemail.com

94.156.33.228
94.156.33.229
185.125.230.116
185.125.230.216
185.125.230.220
185.125.230.224

05db5e180281338a95e43a211f9791bd53235fca1d07c00eda0be7fdc3f6a9bc
2cad816abfe4d816cf5ecd81fb23773b6cfa1e85b466d5e5a48112862ceb3efb
7bfe2a03393184d9239c90d018ca2fdccc1d4636dfb399b3a71ea6d5682c92bd
8c09a804f408f7f9edd021d078260a47cf513c3ce339c75ebf42be6e9af24946
a43ababe103fdce14c8aa75a00663643bf5658b7199a30a8c5236b0c31f08974
b9e9b93e99d1a8fe172d70419181a74376af8188dcb03249037d4daea27f110e
b94257b4c1fac163184b2d6047b3d997100dadf98841800ec9219ba75bfd5723
c0b75fd1118dbb86492a3fc845b0739d900fbbd8e6c979b903267d422878dbc6
cb90a9e5d8b8eb2f81ecdbc6e11fba27a3dde0d5ac3d711b43a3370e24b8c90a
d57fc4e8c14da6404bdcb4e0e6ac79104386ffbd469351c2a720a53a52a677db
d6655e106c5d85ffdce0404b764d81b51de54447b3bb6352c5a0038d2ce19885
df6a44551c7117bc2bed2158829f2d0472358503e15d58d21b0b43c4c65ff0b4
e546d48065ff8d7e9fef1d184f48c1fd5e90eb0333c165f217b0fb574416354f
e7794facf887a20e08ed9855ac963573549809d373dfe4a287d1dae03bffc59f

# https://research.checkpoint.com/2023/malware-spotlight-camaro-dragons-tinynote-backdoor/

5.188.33.190
23.106.123.59
103.159.132.91
103.169.90.132

6a2204b32a60aed0a3403c63ad2a529c
f0b081ca58b6c253aa0014847c62dbad

# https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/

aa19839b1b6a846a847c5f4f2a2e8e634caeebeeff7af59865aecca1d7d9f43c

# https://research.checkpoint.com/2023/cloud-based-malware-delivery-the-evolution-of-guloader/

34.138.169.8
45.88.66.147

40b9ca22013d02303d49d8f922ac2739
141da1d174041a32cc6a234d80d0b850
9623c946671c6ec7a30b7c45125d5d48
66274853e6f35e3fef0645a6587cb892
bcea24378a2134429ca82164827f1c25
c6e068ce04fb4959e2e6daaebac8d893
d5335a1ec161a8430e564bc66c16f894

5fcfdf0e241a0347f9ff9caa897649e7fe8f25757b39c61afddbe288202696d5

# https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/

m.cremessage.com

91.245.253.72

8a2e9f6c2b0c898090fdce021b3813313e73a256a5de39c100bf9868abc09dbb
66cc81a7d865941cb32ed7b1b84b20270d7d667b523cab28b856cd4e85f135b6
7985f992dcc6fcce76ee2892700c8538af075bd991625156bf2482dbfebd5a5a
998788472cb1502c03675a15a9f09b12f3877a5aeb687f891458a414b8e0d66c
da046a1fe6f3b94e48c24ffd341f8d97bfc06252ddf4d332e8e2478262ad1964
ed3d667a4fa92d78a0a54f696f4e8ff254def8d6f3208e6fe426dbe7fb3f3dd0

# https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/

api.fetc-net.com
api.fetctw.xyz
api.usadmin-3.top
api.vpbankem.com
h5.spusp.xyz
h5.yelove.xyz
info1.yelove.xyz
jp.yelove.xyz
pcdstl.com

0a577ee60ca676e49add6f266a1ee8ba5434290fa8954cc35f87546046008388
2e18c919ad53a66622e404a96cbde15f237a7bfafed1c0896b6b7e289bc230d6
8b591b5488dab8adb485ea55197148d6b39715da562537c7d8b1a79cd3639510
416e22d6b85d6633d1da000058efb3cd597b8b7df5d77a6c3456464d65a775b3
659f69d660179d0e8a5f4c2850c51a05529e0ef06ac739ca6f61fe470917ee96
2811f0426f23a7a3b6a8d8bb7e1bcd79e495026f4dcdc1c2fd218097c98de684
910707dd041c13f3379115bdf93bb4984ac20b9ecafd59f93e5089ab3a141e67
74008170fc5de4d40bcc97b8e2c6fbdb01889805c6ca456fd08134881cad0d2c
9220752302e2bca0002ea701c772b2f2306831711b1c323157ef2573f176821a
d8a777b050ba27eeb41c0035f3477882d7eafc56edfcbe1e8cef05a7e85c8b9e
d78fa2c475ea08f90ef6b189d2a3fddc9ead86ae43df272e9083f92f7a47aabe
de86b0fbbd343f3fc5bb6c19a067a6f063b423132e19c6004c7b696ea1fe0c7d
e54a2581545477882a1b7c1f9cbb74fb2aa97fcf1ee8b097c8085302ed6fbf36

# https://research.checkpoint.com/2023/chain-reaction-rokrats-missing-link/

1erluw.bl.files.1drv.com
daum-store.com
docx1.b4a.app
link.b4a.app
nate-download.com
naver-file.com
naver-storage.com
qb3oaq.bl.files.1drv.com
u9izog.dm.files.1drv.com

0e926d8b6fbf6f14a2a19d4d4af843253f9f5f6de337956a12dde279f3321d78
00d88009fa50bfab849593291cce20f8b2f2e2cf2428d9728e06c69fced55ed5
050c65d45e5f21018aa940f0188c4aa1318ac3df865d901f8643ed7ce4a4b52c
06431a5d8f6262cc3db39d911a920f793fa6c648be94daf789c11cc5514d0c3d
1c5b9409243bfb81a5924881cc05f63a301a3a7ce214830c7a83aeb2485cc5c3
1e0b5d6b85fca648061fdaf2830c5a90248519e81e78122467c29beeb78daa1e
5a3f1d14b9cc4890db64fbc41818d7039f25b0120574dcdec4e20d13e6b2740c
9a4c61cdf0e291dc364c568aa161f744f59065efeafc72a3f892e12cbf88fc5b
12ecabf01508c40cfea1ebc3958214751acfb1cd79a5bf2a4b42ebf172d7381b
70f9216f0c5badb24120f74270dbbc5100b07c4fc6eb45f6652b00882290a73c
240e7bd805bd7f2d17217dd4cebc03ac37ee60b7fb1264655cfd087749db647a
732fca9be66ba2c40c5d05845540207b9e1480e609d767aff63895bf49d33a81
6234ef67435dfcb65bd661b5f3bb0b77b82fe6cdd2109b6dfb9dea1b65a17d5d
479894be4c5dec0992ad3c5b21fb1423643996d80d59dcca76386bb325dc811e
3252345b2640efc44cdd98667dbd25806ee2316d1e01eec488fd678e885aa960
6753933cd54e4eba497c48d63c7418a8946b4b6c44170105d489d29f1fe11494
c5c05f9df89fc803884fed2bd20a3824eae95eeb34a1827bf5210e4ac17beadd
c4029a2f1d0c07ae2b388b5a4076fba41e57af0dd0d2d0f86844464f22d63861
cb4c7037c7620e4ce3f8f43161b0ec67018c09e71ae4cea3018104153fbed286
eb03f8b8e41b3ad27ccdecb092111e2c3c010436ad59add42755e2af04762b67
f92297c4efabba98befeb992a009462d1aba6f3c3a11210a7c054ff5377f0753

# https://research.checkpoint.com/2023/educated-manticore-iran-aligned-threat-actor-targeting-israel-via-improved-arsenal-of-tools/

blackturtle.hopto.org
deersharpfork.info
subinfralab.info

0f4d309f0145324a6867108bb04a8d5d292e7939223d6d63f44e21a1ce45ce4e
3e1ed006e120a1afaa49f93b4156a992f8d799b1888ca6202c1098862323c308
4fcde8ec5983cf1465ff7dbcd7d90fcd47d666b0b8352db1dcd311084ed1b3e8
5d216f5625caf92d224200647147d27bb79e1cff6c8a9fbcac63f321f6bbf02b
6e842691116c188b823b7692181a428e9255af3516857b9f2eebdeca4638e96e
7cc9d887d47f99ca37d2fee6171067df70b4417e96fdb661b9fef697124444cc
13bab4e32cd6365dba40424d20525cb84b4c6d71d3c5088fe94a6cfe07573e8e
59a4b11b9fb93e3de7c27c25258cec43de38f86f37d88615687ab8402e4ae51e
62d0b8b5d4281ce107c43d36f222680b0cc85844b8973b645095ccdfb128454d
97a615e69c38db9dffda6be7c11dd27547ce4036a4998a1469fa81b548c6f0b0
737cb075ba0b5ed6d8901dcd798eecff0bc8585091bc232c54f92df7f9e9e817
1672a14a3e54a127493a2b8257599c5582204846a78521b139b074155003cba4
5704bc31061c7ca675bb9d56b9b56a175bf949accf6542999b3a7305af485906
29318f46476dc0cfd7b928a2861fea1b761496eb5d6a26040e481c3bd655051a
706510916cfc7624ec5d9f9598c95570d48fa8601eecbbae307e0af7618d1460
bc8f075c1b3fa54f1d9f4ac622258f3e8a484714521d89aa170246ce04701441
bdb2a12f2f84c3742240b8b9e1d6638a73c6b8752aff476051fe33a0bb408010
c0de9b90a0ac591147d62864264bf00b6ec17c55f7095fdf58923085fe502400
cd813d56cf9f2201a2fa69e77fb9acaaa37e64183c708de64cb5cb7c3035a184
e5ba06943abb666f69f757fcd591dd1cceb66cad698fb894d9bc8911282198c4
e5016dfeae584de20a90f1bef073c862028f410d5b0ae4c074a696b8f8528037