Created
September 10, 2019 14:29
-
-
Save jipegit/3da9fa7e47eeee44450a9bb0958d377e to your computer and use it in GitHub Desktop.
IoC extracted from volexity.com blog post Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Date | |
2019-09-02 | |
References | |
https://www.volexity.com/blog/2019/09/02/digital-crackdown-large-scale-surveillance-and-exploitation-of-uyghurs/ | |
Artifacts | |
Filesystem | |
/data/data/com.android.browser/loader | |
/data/data/com.android.browser/loader.log | |
Network | |
Host|IP | |
getip.name|150.109.120.186 | |
ajax.cloudflarestatic.tk | |
app.msap.services|144.202.59.23 | |
arkinixik.ezua.com|149.248.57.231 | |
emailgroup.uyghurmedia.top|45.32.190.160 | |
d.scanvpn.com|142.4.50.213 | |
182.61.184.33 | |
182.61.171.167 | |
182.61.173.209 | |
182.61.176.128 | |
45.76.209.90 | |
45.77.64.23 | |
HTTP | |
GET | |
http://103.43.18.243:5634/WU95IhiPIMsg.html | |
http://182.61.171.167:9321/8fmtCI2j2Xk0.html | |
http://182.61.173.209:8372/uxwrR64eZz0Y.html | |
http://45.76.209.90:8352/reA4iy3gl2.html | |
http://45.77.64.23/2 | |
https://www.google-analysis.info/UxiZIwIcsta2.html | |
https://www.google-analysis.info/NsyXHDkBR2yK.html | |
https://turkistantlmes.com/aNQBEaMX2Bc4.html | |
https://turkistantlmes.com/7GbMYn8ldTRK.html | |
https://stats.uyghurmedia.top:443/i/? | |
https://akademlye.org/t5UPArzQAjd2.html | |
https://akademlye.org/ztTXvf | |
http?://149.28.207.244:8080/dev/loader | |
POST | |
https://stats.uyghurmedia.top:443/i/recv.php | |
http?://149.28.207.244:1998/link/detail | |
Headers | |
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101Firefox/65.0 | |
Accept-Language: zh-CN |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment