├── AgentTeslaISOCampaign ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Almaq ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── BluStealer ├── README.md ├── extras │ └── ida-decrypt.py ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Bobik ├── README.md ├── XML_configs │ ├── 22-06-08-16.32.xml │ ├── 22-07-24-11.45.xml │ ├── 22-08-09-10.11.xml │ └── 22-09-01-09.13.xml ├── decryptor.py ├── samples.md5 ├── samples.sha1 ├── samples.sha256 ├── targets.txt └── targets.xlsx ├── CacheFlow ├── README.md ├── extras │ ├── decryptor_strrevsstr.py │ └── developer_extensions.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Caligula ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Candiru └── README.md ├── Certishell ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Chaes ├── README.md ├── extras │ └── DGA.js ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Clipsa ├── README.md ├── appendix_files │ ├── btc_addresses_2000.txt │ ├── btc_addresses_complete.txt │ ├── btc_addresses_sorted.txt │ ├── cnc_servers_all.txt │ ├── password_list.txt │ └── word_list.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── CoViper ├── README.md ├── extras │ ├── 7ae5e2be872510a0e2c01bcf61c2e2fb1e680cd9e54891d3751d41f53ac24f84 │ └── df1f9777fe6bede9871e331c76286bab82da361b59e44d07c6d977319522ba91 ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── CobaltStrike ├── README.md ├── api_hashes │ ├── README.md │ ├── generate_hash.py │ └── win10_api_hashes.txt ├── checksum8 │ ├── README.md │ ├── checksum8.py │ └── checksum8_request_query_strings.txt ├── ida_scripts │ ├── README.md │ └── cs_payload_ida_helper.py ├── payload_tools │ ├── README.md │ ├── cs_payload_extractor.py │ └── cs_payload_parser.py └── yara_rules │ ├── README.md │ └── cs_rules.yar ├── CoinHelper ├── README.md ├── mutexes.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Crackonosh ├── README.md ├── filenames.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Diamorphine ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── F-Scrack-mimikatz ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── FakeMBAM ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── FakeUpdate └── ClearFake_11_2023.txt ├── Fleeceware ├── Fleeceware Subscription Apps on AppStore as of 23-03-2021.csv ├── Fleeceware Subscription Apps on AppStore as of 23-03-2021.pdf ├── Fleeceware Subscription Apps on PlayStore as of 23-03-2021.csv ├── Fleeceware Subscription Apps on PlayStore as of 23-03-2021.pdf └── README.md ├── FudModule └── README.md ├── GloveStealer ├── README.md ├── extras │ ├── app_list.txt │ └── extensions_list.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── GuptiMiner ├── README.md ├── extras │ ├── PCAP │ │ ├── dns_txt_png_download.pcap │ │ └── smb_backdoor_networking.pcap │ ├── mutexes.csv │ ├── png_loader.txt │ ├── puppeteer.txt │ └── xmrig.txt ├── network.txt ├── samples.csv ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── HackBoss ├── README.md ├── appendix_files │ ├── Bitcoin_addresses.txt │ ├── Dogecoin_addresses.txt │ ├── Ethereum_addresses.txt │ ├── Litecoin_addresses.txt │ └── Monero_addresses.txt ├── file_names.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── HelloTDS ├── README.md ├── extras │ ├── fakecaptcha-landing-pages.txt │ ├── fakecaptcha-redirectors.txt │ ├── fakecaptcha-unicode-math.md5 │ ├── fakecaptcha-unicode-math.sha1 │ ├── fakecaptcha-unicode-math.sha256 │ └── suspicious-fileshare-websites.txt ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── HomuWitch ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── LoveGPT ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── LuckyMouse ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Lumma └── Lumma_08_2024.txt ├── MafiaWare666 ├── README.md ├── samples.md5 ├── samples.sha └── samples.sha256 ├── Magnitude ├── README.md ├── cncs.txt ├── decoys.txt ├── excluded_folders.txt ├── extensions.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Manjusaka ├── Manjusaka.yar ├── README.md ├── network.txt ├── rip.py ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── MassLogger ├── README.md ├── config.txt ├── extras │ ├── CustomBinaryReader.cs │ ├── DictionaryConstructor.cs │ ├── SetField.cs │ └── StringDecrypter.cs ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Meh-part-2 ├── README.md ├── extras │ └── decrypt_strings_IDAPython.py ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Meh ├── README.md ├── extras │ └── decryptor_pe_bin.py ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Microcin ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── MpIncident ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── MyKings-clipboard-stealer ├── README.md ├── cnc.txt ├── extras │ ├── README.md │ └── wallet_gain.py ├── mutexes.txt ├── samples.md5 ├── samples.sha1 ├── samples.sha256 ├── steam_links.txt ├── wallets.txt └── yadisk_links.txt ├── NationalGamesOfChina ├── README.md ├── admin2.php ├── conf.lua ├── miss1.php ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── NeedleDropper ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── OnionCrypter ├── README.md ├── event_names.txt ├── extras │ ├── README.md │ └── extract_event_names.py └── samples.sha256 ├── OperationDragonCastling ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── ParrotTDS ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Philippine-Navy-Certificate ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── README.md ├── Rackoko ├── README.md └── Rackoko.csv ├── RaspberryRobin ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── Retadup ├── README.md ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── SMSFactory ├── README.md ├── SMSFactory IOC.csv └── SMSFactory IOC.pdf ├── SmarterCoffee ├── 1eff6702b158b1554284f3ef6eb9d05748f43ba353d60954f21c6f20fd71e6ce ├── 650a7bc7a55162988c77df34235c8e87eda9c8e2fcecd72b74c5f69e3edd088c ├── README.md ├── commands.txt ├── extras │ ├── bin │ │ ├── config.py │ │ └── easy_smarter.py │ ├── cfg │ │ └── config.yaml │ ├── data │ │ └── firmware.bin │ ├── readme.md │ ├── requirements.txt │ └── run.py └── ida │ ├── binaryfile_coffee.bin │ └── binaryfile_coffee.bin.i64 ├── SyslogkRootkit ├── README.md ├── Research Tools │ ├── cert.pem │ ├── magic_packet_kill_rekoobe.py │ ├── magic_packet_start_rekoobe.py │ ├── rekoobe_backdoor_client.py │ ├── remove_syslogk_from_memory.sh │ └── unhide_rootkit.c ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── TechSupportScam ├── ioc_tss_winXfiles_7-2022.txt └── ioc_tss_winprot-8-2022.txt ├── Twizt ├── README.md └── smb-passwords.txt ├── UltimaSMS ├── README.md ├── UltimaSMS_IOC_19-10-2021.csv └── UltimaSMS_IOC_19-10-2021.pdf ├── VB-Research ├── README.md ├── ReadMe.txt ├── binary_ConstPoolEntry1 │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ └── psc.vcproj ├── binary_ConstPoolEntry2 │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ └── psc.vcproj ├── complex_globals │ ├── README.md │ ├── main.cpp │ ├── pcode.h │ ├── psc.sln │ ├── psc.vcproj │ ├── sample │ │ ├── Module1.bas │ │ ├── Project1.vbp │ │ └── Project1.vbw │ └── vb.h ├── decrypt_benchmark │ ├── README.md │ ├── c_rc4 │ │ ├── c_rc4.sln │ │ ├── c_rc4.vcproj │ │ └── main.cpp │ ├── lorem_ipsum.txt │ ├── main.cpp │ ├── pcode.h │ ├── psc.sln │ ├── psc.vcproj │ ├── sample │ │ ├── Module1.bas │ │ ├── Project1.vbp │ │ └── Project1.vbw │ └── vb.h ├── decrypt_test │ ├── README.md │ ├── main.cpp │ ├── pcode.h │ ├── psc.sln │ ├── psc.vcproj │ ├── sample │ │ ├── Module1.bas │ │ ├── Project1.vbp │ │ └── Project1.vbw │ └── vb.h ├── earlyBinding │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ ├── psc.suo │ └── psc.vcproj ├── firstTest │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ ├── psc.suo │ └── psc.vcproj ├── getVarData │ ├── README.md │ ├── main.cpp │ ├── pcode.h │ ├── psc.sln │ ├── psc.vcproj │ ├── sample │ │ ├── Module1.bas │ │ ├── Project1.vbp │ │ └── Project1.vbw │ └── vb.h ├── globalVar │ ├── README.md │ ├── main.cpp │ ├── pcode.h │ ├── psc.sln │ ├── psc.vcproj │ ├── sample │ │ ├── Module1.bas │ │ ├── Project1.vbp │ │ └── Project1.vbw │ └── vb.h ├── lateBinding │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ ├── psc.suo │ └── psc.vcproj ├── structs │ ├── Module1.bas │ ├── Project1.vbp │ ├── Project1.vbw │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ └── psc.vcproj ├── two_funcs │ ├── README.md │ ├── main.cpp │ ├── psc.sln │ └── psc.vcproj └── vbOpenScript │ ├── MSVBVM60.DLL │ ├── dll │ ├── NtHookEngine.cpp │ ├── NtHookEngine.h │ ├── diStorm3.3 │ │ ├── config.h │ │ ├── decoder.c │ │ ├── decoder.h │ │ ├── distorm.c │ │ ├── distorm.h │ │ ├── instructions.c │ │ ├── instructions.h │ │ ├── insts.c │ │ ├── insts.h │ │ ├── mnemonics.c │ │ ├── mnemonics.h │ │ ├── operands.c │ │ ├── operands.h │ │ ├── prefix.c │ │ ├── prefix.h │ │ ├── textdefs.c │ │ ├── textdefs.h │ │ ├── wstring.c │ │ ├── wstring.h │ │ └── x86defs.h │ ├── dll.cpp │ ├── dll.opt │ ├── dll.sln │ ├── dll.suo │ ├── dll.vcproj │ ├── dll.vcproj.DESKTOP-F9V9H70.dzzie.user │ ├── exports.def │ ├── main.h │ └── vb_structs.h │ ├── injector.exe │ ├── injector │ ├── CFileSystem2.cls │ ├── CSubClass2.cls │ ├── CWindow.cls │ ├── Project1.vbp │ ├── Project1.vbw │ ├── clsCmnDlg.cls │ ├── frmMain.frm │ └── modSubclass.bas │ ├── msvbvm60.dbg │ ├── openScript.dll │ ├── test.js │ ├── test.py │ ├── test.vbs │ ├── testApp.exe │ ├── testApp │ ├── Class1.cls │ ├── Class2.cls │ ├── Form1.frm │ ├── Project1.vbp │ └── Project1.vbw │ └── vbdec │ ├── injector.exe │ └── FileReport.txt │ └── testApp.exe │ └── FileReport.txt ├── VibeScams ├── README.md ├── extras │ ├── 10web.cloud.txt │ ├── 10web.site.txt │ ├── b12sites.com.txt │ ├── backendless.app.txt │ ├── bolt.host.txt │ ├── bookipi.com.txt │ ├── builder-preview.com.txt │ ├── codedesign.app.txt │ ├── dcms.site.txt │ ├── durablesites.com.txt │ ├── elementor.cloud.txt │ ├── flazio.com.txt │ ├── flutterflow.app.txt │ ├── framer.app.txt │ ├── glide.page.txt │ ├── hostingersite.com.txt │ ├── lovable.app.txt │ ├── mobirisesite.com.txt │ ├── multiscreensite.com.txt │ ├── namehero.net.txt │ ├── nameherosites.com.txt │ ├── notion.site.txt │ ├── odoo.com.txt │ ├── renderforestsites.com.txt │ ├── replit.app.txt │ ├── softr.app.txt │ ├── squarespace.com.txt │ ├── teleporthq.app.txt │ ├── temporary-demo.site.txt │ ├── tilda.ws.txt │ ├── typedream.app.txt │ ├── vercel.app.txt │ ├── webflow.io.txt │ ├── webwave.dev.txt │ ├── wegic.app.txt │ ├── wixsite.com.txt │ └── wixstudio.com.txt └── network.txt ├── ViperSoftX ├── README.md ├── extras │ ├── VenomSoftX_address_book.txt │ ├── extraction_script │ │ ├── extract_files.py │ │ ├── mainfest.proto │ │ ├── mainfest_pb2.py │ │ └── requirements.txt │ ├── list_of_api_calls.txt │ ├── list_of_keywords.txt │ ├── list_of_locations.txt │ └── wallets.csv ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── WiryJMPer ├── README.md ├── network.txt ├── samples.md5 ├── samples.sha1 └── samples.sha256 ├── phishing └── OZON_08_2022.txt └── usgov-backdoor ├── README.md ├── rce_example ├── run_calculator_on_infected.py └── source │ ├── main.cpp │ └── main.h ├── samples.md5 ├── samples.sha └── samples.sha256 /AgentTeslaISOCampaign/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/AgentTeslaISOCampaign/README.md -------------------------------------------------------------------------------- /AgentTeslaISOCampaign/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/AgentTeslaISOCampaign/network.txt -------------------------------------------------------------------------------- /AgentTeslaISOCampaign/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/AgentTeslaISOCampaign/samples.md5 -------------------------------------------------------------------------------- /AgentTeslaISOCampaign/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/AgentTeslaISOCampaign/samples.sha1 -------------------------------------------------------------------------------- /AgentTeslaISOCampaign/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/AgentTeslaISOCampaign/samples.sha256 -------------------------------------------------------------------------------- /Almaq/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Almaq/README.md -------------------------------------------------------------------------------- /Almaq/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Almaq/network.txt -------------------------------------------------------------------------------- /Almaq/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Almaq/samples.md5 -------------------------------------------------------------------------------- /Almaq/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Almaq/samples.sha1 -------------------------------------------------------------------------------- /Almaq/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Almaq/samples.sha256 -------------------------------------------------------------------------------- /BluStealer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/README.md -------------------------------------------------------------------------------- /BluStealer/extras/ida-decrypt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/extras/ida-decrypt.py -------------------------------------------------------------------------------- /BluStealer/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/network.txt -------------------------------------------------------------------------------- /BluStealer/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/samples.md5 -------------------------------------------------------------------------------- /BluStealer/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/samples.sha1 -------------------------------------------------------------------------------- /BluStealer/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/BluStealer/samples.sha256 -------------------------------------------------------------------------------- /Bobik/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/README.md -------------------------------------------------------------------------------- /Bobik/XML_configs/22-06-08-16.32.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/XML_configs/22-06-08-16.32.xml -------------------------------------------------------------------------------- /Bobik/XML_configs/22-07-24-11.45.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/XML_configs/22-07-24-11.45.xml -------------------------------------------------------------------------------- /Bobik/XML_configs/22-08-09-10.11.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/XML_configs/22-08-09-10.11.xml -------------------------------------------------------------------------------- /Bobik/XML_configs/22-09-01-09.13.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/XML_configs/22-09-01-09.13.xml -------------------------------------------------------------------------------- /Bobik/decryptor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/decryptor.py -------------------------------------------------------------------------------- /Bobik/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/samples.md5 -------------------------------------------------------------------------------- /Bobik/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/samples.sha1 -------------------------------------------------------------------------------- /Bobik/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/samples.sha256 -------------------------------------------------------------------------------- /Bobik/targets.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/targets.txt -------------------------------------------------------------------------------- /Bobik/targets.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Bobik/targets.xlsx -------------------------------------------------------------------------------- /CacheFlow/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/README.md -------------------------------------------------------------------------------- /CacheFlow/extras/decryptor_strrevsstr.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/extras/decryptor_strrevsstr.py -------------------------------------------------------------------------------- /CacheFlow/extras/developer_extensions.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/extras/developer_extensions.txt -------------------------------------------------------------------------------- /CacheFlow/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/network.txt -------------------------------------------------------------------------------- /CacheFlow/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/samples.md5 -------------------------------------------------------------------------------- /CacheFlow/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/samples.sha1 -------------------------------------------------------------------------------- /CacheFlow/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CacheFlow/samples.sha256 -------------------------------------------------------------------------------- /Caligula/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Caligula/README.md -------------------------------------------------------------------------------- /Caligula/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Caligula/samples.md5 -------------------------------------------------------------------------------- /Caligula/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Caligula/samples.sha1 -------------------------------------------------------------------------------- /Caligula/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Caligula/samples.sha256 -------------------------------------------------------------------------------- /Candiru/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Candiru/README.md -------------------------------------------------------------------------------- /Certishell/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Certishell/README.md -------------------------------------------------------------------------------- /Certishell/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Certishell/network.txt -------------------------------------------------------------------------------- /Certishell/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Certishell/samples.md5 -------------------------------------------------------------------------------- /Certishell/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Certishell/samples.sha1 -------------------------------------------------------------------------------- /Certishell/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Certishell/samples.sha256 -------------------------------------------------------------------------------- /Chaes/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/README.md -------------------------------------------------------------------------------- /Chaes/extras/DGA.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/extras/DGA.js -------------------------------------------------------------------------------- /Chaes/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/network.txt -------------------------------------------------------------------------------- /Chaes/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/samples.md5 -------------------------------------------------------------------------------- /Chaes/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/samples.sha1 -------------------------------------------------------------------------------- /Chaes/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Chaes/samples.sha256 -------------------------------------------------------------------------------- /Clipsa/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/README.md -------------------------------------------------------------------------------- /Clipsa/appendix_files/btc_addresses_2000.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/btc_addresses_2000.txt -------------------------------------------------------------------------------- /Clipsa/appendix_files/btc_addresses_complete.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/btc_addresses_complete.txt -------------------------------------------------------------------------------- /Clipsa/appendix_files/btc_addresses_sorted.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/btc_addresses_sorted.txt -------------------------------------------------------------------------------- /Clipsa/appendix_files/cnc_servers_all.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/cnc_servers_all.txt -------------------------------------------------------------------------------- /Clipsa/appendix_files/password_list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/password_list.txt -------------------------------------------------------------------------------- /Clipsa/appendix_files/word_list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/appendix_files/word_list.txt -------------------------------------------------------------------------------- /Clipsa/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/network.txt -------------------------------------------------------------------------------- /Clipsa/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/samples.md5 -------------------------------------------------------------------------------- /Clipsa/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/samples.sha1 -------------------------------------------------------------------------------- /Clipsa/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Clipsa/samples.sha256 -------------------------------------------------------------------------------- /CoViper/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/README.md -------------------------------------------------------------------------------- /CoViper/extras/7ae5e2be872510a0e2c01bcf61c2e2fb1e680cd9e54891d3751d41f53ac24f84: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/extras/7ae5e2be872510a0e2c01bcf61c2e2fb1e680cd9e54891d3751d41f53ac24f84 -------------------------------------------------------------------------------- /CoViper/extras/df1f9777fe6bede9871e331c76286bab82da361b59e44d07c6d977319522ba91: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/extras/df1f9777fe6bede9871e331c76286bab82da361b59e44d07c6d977319522ba91 -------------------------------------------------------------------------------- /CoViper/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/samples.md5 -------------------------------------------------------------------------------- /CoViper/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/samples.sha1 -------------------------------------------------------------------------------- /CoViper/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoViper/samples.sha256 -------------------------------------------------------------------------------- /CobaltStrike/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/README.md -------------------------------------------------------------------------------- /CobaltStrike/api_hashes/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/api_hashes/README.md -------------------------------------------------------------------------------- /CobaltStrike/api_hashes/generate_hash.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/api_hashes/generate_hash.py -------------------------------------------------------------------------------- /CobaltStrike/api_hashes/win10_api_hashes.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/api_hashes/win10_api_hashes.txt -------------------------------------------------------------------------------- /CobaltStrike/checksum8/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/checksum8/README.md -------------------------------------------------------------------------------- /CobaltStrike/checksum8/checksum8.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/checksum8/checksum8.py -------------------------------------------------------------------------------- /CobaltStrike/checksum8/checksum8_request_query_strings.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/checksum8/checksum8_request_query_strings.txt -------------------------------------------------------------------------------- /CobaltStrike/ida_scripts/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/ida_scripts/README.md -------------------------------------------------------------------------------- /CobaltStrike/ida_scripts/cs_payload_ida_helper.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/ida_scripts/cs_payload_ida_helper.py -------------------------------------------------------------------------------- /CobaltStrike/payload_tools/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/payload_tools/README.md -------------------------------------------------------------------------------- /CobaltStrike/payload_tools/cs_payload_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/payload_tools/cs_payload_extractor.py -------------------------------------------------------------------------------- /CobaltStrike/payload_tools/cs_payload_parser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/payload_tools/cs_payload_parser.py -------------------------------------------------------------------------------- /CobaltStrike/yara_rules/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/yara_rules/README.md -------------------------------------------------------------------------------- /CobaltStrike/yara_rules/cs_rules.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CobaltStrike/yara_rules/cs_rules.yar -------------------------------------------------------------------------------- /CoinHelper/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/README.md -------------------------------------------------------------------------------- /CoinHelper/mutexes.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/mutexes.txt -------------------------------------------------------------------------------- /CoinHelper/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/network.txt -------------------------------------------------------------------------------- /CoinHelper/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/samples.md5 -------------------------------------------------------------------------------- /CoinHelper/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/samples.sha1 -------------------------------------------------------------------------------- /CoinHelper/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/CoinHelper/samples.sha256 -------------------------------------------------------------------------------- /Crackonosh/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/README.md -------------------------------------------------------------------------------- /Crackonosh/filenames.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/filenames.txt -------------------------------------------------------------------------------- /Crackonosh/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/network.txt -------------------------------------------------------------------------------- /Crackonosh/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/samples.md5 -------------------------------------------------------------------------------- /Crackonosh/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/samples.sha1 -------------------------------------------------------------------------------- /Crackonosh/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Crackonosh/samples.sha256 -------------------------------------------------------------------------------- /Diamorphine/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Diamorphine/README.md -------------------------------------------------------------------------------- /Diamorphine/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Diamorphine/samples.md5 -------------------------------------------------------------------------------- /Diamorphine/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Diamorphine/samples.sha1 -------------------------------------------------------------------------------- /Diamorphine/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Diamorphine/samples.sha256 -------------------------------------------------------------------------------- /F-Scrack-mimikatz/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/F-Scrack-mimikatz/README.md -------------------------------------------------------------------------------- /F-Scrack-mimikatz/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/F-Scrack-mimikatz/network.txt -------------------------------------------------------------------------------- /F-Scrack-mimikatz/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/F-Scrack-mimikatz/samples.md5 -------------------------------------------------------------------------------- /F-Scrack-mimikatz/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/F-Scrack-mimikatz/samples.sha1 -------------------------------------------------------------------------------- /F-Scrack-mimikatz/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/F-Scrack-mimikatz/samples.sha256 -------------------------------------------------------------------------------- /FakeMBAM/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeMBAM/README.md -------------------------------------------------------------------------------- /FakeMBAM/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeMBAM/network.txt -------------------------------------------------------------------------------- /FakeMBAM/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeMBAM/samples.md5 -------------------------------------------------------------------------------- /FakeMBAM/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeMBAM/samples.sha1 -------------------------------------------------------------------------------- /FakeMBAM/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeMBAM/samples.sha256 -------------------------------------------------------------------------------- /FakeUpdate/ClearFake_11_2023.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FakeUpdate/ClearFake_11_2023.txt -------------------------------------------------------------------------------- /Fleeceware/Fleeceware Subscription Apps on AppStore as of 23-03-2021.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Fleeceware/Fleeceware Subscription Apps on AppStore as of 23-03-2021.csv -------------------------------------------------------------------------------- /Fleeceware/Fleeceware Subscription Apps on AppStore as of 23-03-2021.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Fleeceware/Fleeceware Subscription Apps on AppStore as of 23-03-2021.pdf -------------------------------------------------------------------------------- /Fleeceware/Fleeceware Subscription Apps on PlayStore as of 23-03-2021.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Fleeceware/Fleeceware Subscription Apps on PlayStore as of 23-03-2021.csv -------------------------------------------------------------------------------- /Fleeceware/Fleeceware Subscription Apps on PlayStore as of 23-03-2021.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Fleeceware/Fleeceware Subscription Apps on PlayStore as of 23-03-2021.pdf -------------------------------------------------------------------------------- /Fleeceware/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Fleeceware/README.md -------------------------------------------------------------------------------- /FudModule/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/FudModule/README.md -------------------------------------------------------------------------------- /GloveStealer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/README.md -------------------------------------------------------------------------------- /GloveStealer/extras/app_list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/extras/app_list.txt -------------------------------------------------------------------------------- /GloveStealer/extras/extensions_list.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/extras/extensions_list.txt -------------------------------------------------------------------------------- /GloveStealer/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/network.txt -------------------------------------------------------------------------------- /GloveStealer/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/samples.md5 -------------------------------------------------------------------------------- /GloveStealer/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/samples.sha1 -------------------------------------------------------------------------------- /GloveStealer/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GloveStealer/samples.sha256 -------------------------------------------------------------------------------- /GuptiMiner/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/README.md -------------------------------------------------------------------------------- /GuptiMiner/extras/PCAP/dns_txt_png_download.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/PCAP/dns_txt_png_download.pcap -------------------------------------------------------------------------------- /GuptiMiner/extras/PCAP/smb_backdoor_networking.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/PCAP/smb_backdoor_networking.pcap -------------------------------------------------------------------------------- /GuptiMiner/extras/mutexes.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/mutexes.csv -------------------------------------------------------------------------------- /GuptiMiner/extras/png_loader.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/png_loader.txt -------------------------------------------------------------------------------- /GuptiMiner/extras/puppeteer.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/puppeteer.txt -------------------------------------------------------------------------------- /GuptiMiner/extras/xmrig.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/extras/xmrig.txt -------------------------------------------------------------------------------- /GuptiMiner/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/network.txt -------------------------------------------------------------------------------- /GuptiMiner/samples.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/samples.csv -------------------------------------------------------------------------------- /GuptiMiner/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/samples.md5 -------------------------------------------------------------------------------- /GuptiMiner/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/samples.sha1 -------------------------------------------------------------------------------- /GuptiMiner/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/GuptiMiner/samples.sha256 -------------------------------------------------------------------------------- /HackBoss/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/README.md -------------------------------------------------------------------------------- /HackBoss/appendix_files/Bitcoin_addresses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/appendix_files/Bitcoin_addresses.txt -------------------------------------------------------------------------------- /HackBoss/appendix_files/Dogecoin_addresses.txt: -------------------------------------------------------------------------------- 1 | D59GxUDGA8pRt73eU6mipZVRbpCWUvC5p2 2 | D6aGTZPxBcuYsuRHDfquf5G3xhGM5qrAvq 3 | DK94zfgcAe5AsFVL4g7mdRmAzMyrKNAPHu -------------------------------------------------------------------------------- /HackBoss/appendix_files/Ethereum_addresses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/appendix_files/Ethereum_addresses.txt -------------------------------------------------------------------------------- /HackBoss/appendix_files/Litecoin_addresses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/appendix_files/Litecoin_addresses.txt -------------------------------------------------------------------------------- /HackBoss/appendix_files/Monero_addresses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/appendix_files/Monero_addresses.txt -------------------------------------------------------------------------------- /HackBoss/file_names.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/file_names.txt -------------------------------------------------------------------------------- /HackBoss/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/network.txt -------------------------------------------------------------------------------- /HackBoss/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/samples.md5 -------------------------------------------------------------------------------- /HackBoss/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/samples.sha1 -------------------------------------------------------------------------------- /HackBoss/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HackBoss/samples.sha256 -------------------------------------------------------------------------------- /HelloTDS/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/README.md -------------------------------------------------------------------------------- /HelloTDS/extras/fakecaptcha-landing-pages.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/fakecaptcha-landing-pages.txt -------------------------------------------------------------------------------- /HelloTDS/extras/fakecaptcha-redirectors.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/fakecaptcha-redirectors.txt -------------------------------------------------------------------------------- /HelloTDS/extras/fakecaptcha-unicode-math.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/fakecaptcha-unicode-math.md5 -------------------------------------------------------------------------------- /HelloTDS/extras/fakecaptcha-unicode-math.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/fakecaptcha-unicode-math.sha1 -------------------------------------------------------------------------------- /HelloTDS/extras/fakecaptcha-unicode-math.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/fakecaptcha-unicode-math.sha256 -------------------------------------------------------------------------------- /HelloTDS/extras/suspicious-fileshare-websites.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/extras/suspicious-fileshare-websites.txt -------------------------------------------------------------------------------- /HelloTDS/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/network.txt -------------------------------------------------------------------------------- /HelloTDS/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/samples.md5 -------------------------------------------------------------------------------- /HelloTDS/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/samples.sha1 -------------------------------------------------------------------------------- /HelloTDS/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HelloTDS/samples.sha256 -------------------------------------------------------------------------------- /HomuWitch/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HomuWitch/README.md -------------------------------------------------------------------------------- /HomuWitch/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HomuWitch/network.txt -------------------------------------------------------------------------------- /HomuWitch/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HomuWitch/samples.md5 -------------------------------------------------------------------------------- /HomuWitch/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HomuWitch/samples.sha1 -------------------------------------------------------------------------------- /HomuWitch/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/HomuWitch/samples.sha256 -------------------------------------------------------------------------------- /LoveGPT/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LoveGPT/README.md -------------------------------------------------------------------------------- /LoveGPT/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LoveGPT/samples.md5 -------------------------------------------------------------------------------- /LoveGPT/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LoveGPT/samples.sha1 -------------------------------------------------------------------------------- /LoveGPT/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LoveGPT/samples.sha256 -------------------------------------------------------------------------------- /LuckyMouse/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LuckyMouse/README.md -------------------------------------------------------------------------------- /LuckyMouse/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LuckyMouse/samples.md5 -------------------------------------------------------------------------------- /LuckyMouse/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LuckyMouse/samples.sha1 -------------------------------------------------------------------------------- /LuckyMouse/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/LuckyMouse/samples.sha256 -------------------------------------------------------------------------------- /Lumma/Lumma_08_2024.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Lumma/Lumma_08_2024.txt -------------------------------------------------------------------------------- /MafiaWare666/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MafiaWare666/README.md -------------------------------------------------------------------------------- /MafiaWare666/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MafiaWare666/samples.md5 -------------------------------------------------------------------------------- /MafiaWare666/samples.sha: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MafiaWare666/samples.sha -------------------------------------------------------------------------------- /MafiaWare666/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MafiaWare666/samples.sha256 -------------------------------------------------------------------------------- /Magnitude/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/README.md -------------------------------------------------------------------------------- /Magnitude/cncs.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/cncs.txt -------------------------------------------------------------------------------- /Magnitude/decoys.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/decoys.txt -------------------------------------------------------------------------------- /Magnitude/excluded_folders.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/excluded_folders.txt -------------------------------------------------------------------------------- /Magnitude/extensions.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/extensions.txt -------------------------------------------------------------------------------- /Magnitude/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/samples.md5 -------------------------------------------------------------------------------- /Magnitude/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/samples.sha1 -------------------------------------------------------------------------------- /Magnitude/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Magnitude/samples.sha256 -------------------------------------------------------------------------------- /Manjusaka/Manjusaka.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/Manjusaka.yar -------------------------------------------------------------------------------- /Manjusaka/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/README.md -------------------------------------------------------------------------------- /Manjusaka/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/network.txt -------------------------------------------------------------------------------- /Manjusaka/rip.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/rip.py -------------------------------------------------------------------------------- /Manjusaka/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/samples.md5 -------------------------------------------------------------------------------- /Manjusaka/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/samples.sha1 -------------------------------------------------------------------------------- /Manjusaka/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Manjusaka/samples.sha256 -------------------------------------------------------------------------------- /MassLogger/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/README.md -------------------------------------------------------------------------------- /MassLogger/config.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/config.txt -------------------------------------------------------------------------------- /MassLogger/extras/CustomBinaryReader.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/extras/CustomBinaryReader.cs -------------------------------------------------------------------------------- /MassLogger/extras/DictionaryConstructor.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/extras/DictionaryConstructor.cs -------------------------------------------------------------------------------- /MassLogger/extras/SetField.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/extras/SetField.cs -------------------------------------------------------------------------------- /MassLogger/extras/StringDecrypter.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/extras/StringDecrypter.cs -------------------------------------------------------------------------------- /MassLogger/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/network.txt -------------------------------------------------------------------------------- /MassLogger/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/samples.md5 -------------------------------------------------------------------------------- /MassLogger/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/samples.sha1 -------------------------------------------------------------------------------- /MassLogger/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MassLogger/samples.sha256 -------------------------------------------------------------------------------- /Meh-part-2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/README.md -------------------------------------------------------------------------------- /Meh-part-2/extras/decrypt_strings_IDAPython.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/extras/decrypt_strings_IDAPython.py -------------------------------------------------------------------------------- /Meh-part-2/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/network.txt -------------------------------------------------------------------------------- /Meh-part-2/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/samples.md5 -------------------------------------------------------------------------------- /Meh-part-2/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/samples.sha1 -------------------------------------------------------------------------------- /Meh-part-2/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh-part-2/samples.sha256 -------------------------------------------------------------------------------- /Meh/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/README.md -------------------------------------------------------------------------------- /Meh/extras/decryptor_pe_bin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/extras/decryptor_pe_bin.py -------------------------------------------------------------------------------- /Meh/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/network.txt -------------------------------------------------------------------------------- /Meh/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/samples.md5 -------------------------------------------------------------------------------- /Meh/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/samples.sha1 -------------------------------------------------------------------------------- /Meh/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Meh/samples.sha256 -------------------------------------------------------------------------------- /Microcin/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Microcin/README.md -------------------------------------------------------------------------------- /Microcin/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Microcin/network.txt -------------------------------------------------------------------------------- /Microcin/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Microcin/samples.md5 -------------------------------------------------------------------------------- /Microcin/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Microcin/samples.sha1 -------------------------------------------------------------------------------- /Microcin/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Microcin/samples.sha256 -------------------------------------------------------------------------------- /MpIncident/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MpIncident/README.md -------------------------------------------------------------------------------- /MpIncident/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MpIncident/samples.md5 -------------------------------------------------------------------------------- /MpIncident/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MpIncident/samples.sha1 -------------------------------------------------------------------------------- /MpIncident/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MpIncident/samples.sha256 -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/README.md -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/cnc.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/cnc.txt -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/extras/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/extras/README.md -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/extras/wallet_gain.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/extras/wallet_gain.py -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/mutexes.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/mutexes.txt -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/samples.md5 -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/samples.sha1 -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/samples.sha256 -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/steam_links.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/steam_links.txt -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/wallets.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/wallets.txt -------------------------------------------------------------------------------- /MyKings-clipboard-stealer/yadisk_links.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/MyKings-clipboard-stealer/yadisk_links.txt -------------------------------------------------------------------------------- /NationalGamesOfChina/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/README.md -------------------------------------------------------------------------------- /NationalGamesOfChina/admin2.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/admin2.php -------------------------------------------------------------------------------- /NationalGamesOfChina/conf.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/conf.lua -------------------------------------------------------------------------------- /NationalGamesOfChina/miss1.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/miss1.php -------------------------------------------------------------------------------- /NationalGamesOfChina/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/samples.md5 -------------------------------------------------------------------------------- /NationalGamesOfChina/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/samples.sha1 -------------------------------------------------------------------------------- /NationalGamesOfChina/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NationalGamesOfChina/samples.sha256 -------------------------------------------------------------------------------- /NeedleDropper/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NeedleDropper/README.md -------------------------------------------------------------------------------- /NeedleDropper/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NeedleDropper/samples.md5 -------------------------------------------------------------------------------- /NeedleDropper/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NeedleDropper/samples.sha1 -------------------------------------------------------------------------------- /NeedleDropper/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/NeedleDropper/samples.sha256 -------------------------------------------------------------------------------- /OnionCrypter/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OnionCrypter/README.md -------------------------------------------------------------------------------- /OnionCrypter/event_names.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OnionCrypter/event_names.txt -------------------------------------------------------------------------------- /OnionCrypter/extras/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OnionCrypter/extras/README.md -------------------------------------------------------------------------------- /OnionCrypter/extras/extract_event_names.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OnionCrypter/extras/extract_event_names.py -------------------------------------------------------------------------------- /OnionCrypter/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OnionCrypter/samples.sha256 -------------------------------------------------------------------------------- /OperationDragonCastling/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OperationDragonCastling/README.md -------------------------------------------------------------------------------- /OperationDragonCastling/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OperationDragonCastling/samples.md5 -------------------------------------------------------------------------------- /OperationDragonCastling/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OperationDragonCastling/samples.sha1 -------------------------------------------------------------------------------- /OperationDragonCastling/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/OperationDragonCastling/samples.sha256 -------------------------------------------------------------------------------- /ParrotTDS/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ParrotTDS/README.md -------------------------------------------------------------------------------- /ParrotTDS/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ParrotTDS/network.txt -------------------------------------------------------------------------------- /ParrotTDS/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ParrotTDS/samples.md5 -------------------------------------------------------------------------------- /ParrotTDS/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ParrotTDS/samples.sha1 -------------------------------------------------------------------------------- /ParrotTDS/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ParrotTDS/samples.sha256 -------------------------------------------------------------------------------- /Philippine-Navy-Certificate/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Philippine-Navy-Certificate/README.md -------------------------------------------------------------------------------- /Philippine-Navy-Certificate/network.txt: -------------------------------------------------------------------------------- 1 | dost[.]igov-service[.]net:8443 -------------------------------------------------------------------------------- /Philippine-Navy-Certificate/samples.md5: -------------------------------------------------------------------------------- 1 | 49e8853801554d9de4dd281828094c8a -------------------------------------------------------------------------------- /Philippine-Navy-Certificate/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Philippine-Navy-Certificate/samples.sha1 -------------------------------------------------------------------------------- /Philippine-Navy-Certificate/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Philippine-Navy-Certificate/samples.sha256 -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/README.md -------------------------------------------------------------------------------- /Rackoko/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Rackoko/README.md -------------------------------------------------------------------------------- /Rackoko/Rackoko.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Rackoko/Rackoko.csv -------------------------------------------------------------------------------- /RaspberryRobin/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/RaspberryRobin/README.md -------------------------------------------------------------------------------- /RaspberryRobin/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/RaspberryRobin/samples.md5 -------------------------------------------------------------------------------- /RaspberryRobin/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/RaspberryRobin/samples.sha1 -------------------------------------------------------------------------------- /RaspberryRobin/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/RaspberryRobin/samples.sha256 -------------------------------------------------------------------------------- /Retadup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Retadup/README.md -------------------------------------------------------------------------------- /Retadup/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Retadup/samples.md5 -------------------------------------------------------------------------------- /Retadup/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Retadup/samples.sha1 -------------------------------------------------------------------------------- /Retadup/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Retadup/samples.sha256 -------------------------------------------------------------------------------- /SMSFactory/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SMSFactory/README.md -------------------------------------------------------------------------------- /SMSFactory/SMSFactory IOC.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SMSFactory/SMSFactory IOC.csv -------------------------------------------------------------------------------- /SMSFactory/SMSFactory IOC.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SMSFactory/SMSFactory IOC.pdf -------------------------------------------------------------------------------- /SmarterCoffee/1eff6702b158b1554284f3ef6eb9d05748f43ba353d60954f21c6f20fd71e6ce: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/1eff6702b158b1554284f3ef6eb9d05748f43ba353d60954f21c6f20fd71e6ce -------------------------------------------------------------------------------- /SmarterCoffee/650a7bc7a55162988c77df34235c8e87eda9c8e2fcecd72b74c5f69e3edd088c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/650a7bc7a55162988c77df34235c8e87eda9c8e2fcecd72b74c5f69e3edd088c -------------------------------------------------------------------------------- /SmarterCoffee/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/README.md -------------------------------------------------------------------------------- /SmarterCoffee/commands.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/commands.txt -------------------------------------------------------------------------------- /SmarterCoffee/extras/bin/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/extras/bin/config.py -------------------------------------------------------------------------------- /SmarterCoffee/extras/bin/easy_smarter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/extras/bin/easy_smarter.py -------------------------------------------------------------------------------- /SmarterCoffee/extras/cfg/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/extras/cfg/config.yaml -------------------------------------------------------------------------------- /SmarterCoffee/extras/data/firmware.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/extras/data/firmware.bin -------------------------------------------------------------------------------- /SmarterCoffee/extras/readme.md: -------------------------------------------------------------------------------- 1 | ### Tool to write firmware into the coffee maker -------------------------------------------------------------------------------- /SmarterCoffee/extras/requirements.txt: -------------------------------------------------------------------------------- 1 | progressbar2 2 | console-menu 3 | pyaml 4 | -------------------------------------------------------------------------------- /SmarterCoffee/extras/run.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/extras/run.py -------------------------------------------------------------------------------- /SmarterCoffee/ida/binaryfile_coffee.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/ida/binaryfile_coffee.bin -------------------------------------------------------------------------------- /SmarterCoffee/ida/binaryfile_coffee.bin.i64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SmarterCoffee/ida/binaryfile_coffee.bin.i64 -------------------------------------------------------------------------------- /SyslogkRootkit/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/README.md -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/cert.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/cert.pem -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/magic_packet_kill_rekoobe.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/magic_packet_kill_rekoobe.py -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/magic_packet_start_rekoobe.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/magic_packet_start_rekoobe.py -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/rekoobe_backdoor_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/rekoobe_backdoor_client.py -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/remove_syslogk_from_memory.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/remove_syslogk_from_memory.sh -------------------------------------------------------------------------------- /SyslogkRootkit/Research Tools/unhide_rootkit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/Research Tools/unhide_rootkit.c -------------------------------------------------------------------------------- /SyslogkRootkit/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/samples.md5 -------------------------------------------------------------------------------- /SyslogkRootkit/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/samples.sha1 -------------------------------------------------------------------------------- /SyslogkRootkit/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/SyslogkRootkit/samples.sha256 -------------------------------------------------------------------------------- /TechSupportScam/ioc_tss_winXfiles_7-2022.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/TechSupportScam/ioc_tss_winXfiles_7-2022.txt -------------------------------------------------------------------------------- /TechSupportScam/ioc_tss_winprot-8-2022.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/TechSupportScam/ioc_tss_winprot-8-2022.txt -------------------------------------------------------------------------------- /Twizt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Twizt/README.md -------------------------------------------------------------------------------- /Twizt/smb-passwords.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/Twizt/smb-passwords.txt -------------------------------------------------------------------------------- /UltimaSMS/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/UltimaSMS/README.md -------------------------------------------------------------------------------- /UltimaSMS/UltimaSMS_IOC_19-10-2021.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/UltimaSMS/UltimaSMS_IOC_19-10-2021.csv -------------------------------------------------------------------------------- /UltimaSMS/UltimaSMS_IOC_19-10-2021.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/UltimaSMS/UltimaSMS_IOC_19-10-2021.pdf -------------------------------------------------------------------------------- /VB-Research/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/README.md -------------------------------------------------------------------------------- /VB-Research/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/ReadMe.txt -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/Module1.bas -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/README.md: -------------------------------------------------------------------------------- 1 | Test decoding a binary const pool entry. 2 | -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/main.cpp -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/psc.sln -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry1/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry1/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/Module1.bas -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/README.md -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/main.cpp -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/psc.sln -------------------------------------------------------------------------------- /VB-Research/binary_ConstPoolEntry2/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/binary_ConstPoolEntry2/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/complex_globals/README.md: -------------------------------------------------------------------------------- 1 | Sets complex global variables from C. -------------------------------------------------------------------------------- /VB-Research/complex_globals/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/main.cpp -------------------------------------------------------------------------------- /VB-Research/complex_globals/pcode.h: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /VB-Research/complex_globals/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/psc.sln -------------------------------------------------------------------------------- /VB-Research/complex_globals/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/complex_globals/sample/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/sample/Module1.bas -------------------------------------------------------------------------------- /VB-Research/complex_globals/sample/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/sample/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/complex_globals/sample/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/sample/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/complex_globals/vb.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/complex_globals/vb.h -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/README.md: -------------------------------------------------------------------------------- 1 | RC4 benchmarking apps in c/pcode and straight C. -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/c_rc4/c_rc4.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/c_rc4/c_rc4.sln -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/c_rc4/c_rc4.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/c_rc4/c_rc4.vcproj -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/c_rc4/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/c_rc4/main.cpp -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/lorem_ipsum.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/lorem_ipsum.txt -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/main.cpp -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/pcode.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/pcode.h -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/psc.sln -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/sample/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/sample/Module1.bas -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/sample/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/sample/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/sample/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/sample/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/decrypt_benchmark/vb.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_benchmark/vb.h -------------------------------------------------------------------------------- /VB-Research/decrypt_test/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/README.md -------------------------------------------------------------------------------- /VB-Research/decrypt_test/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/main.cpp -------------------------------------------------------------------------------- /VB-Research/decrypt_test/pcode.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/pcode.h -------------------------------------------------------------------------------- /VB-Research/decrypt_test/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/psc.sln -------------------------------------------------------------------------------- /VB-Research/decrypt_test/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/decrypt_test/sample/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/sample/Module1.bas -------------------------------------------------------------------------------- /VB-Research/decrypt_test/sample/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/sample/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/decrypt_test/sample/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/sample/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/decrypt_test/vb.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/decrypt_test/vb.h -------------------------------------------------------------------------------- /VB-Research/earlyBinding/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/Module1.bas -------------------------------------------------------------------------------- /VB-Research/earlyBinding/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/earlyBinding/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/earlyBinding/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/README.md -------------------------------------------------------------------------------- /VB-Research/earlyBinding/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/main.cpp -------------------------------------------------------------------------------- /VB-Research/earlyBinding/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/psc.sln -------------------------------------------------------------------------------- /VB-Research/earlyBinding/psc.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/psc.suo -------------------------------------------------------------------------------- /VB-Research/earlyBinding/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/earlyBinding/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/firstTest/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/Module1.bas -------------------------------------------------------------------------------- /VB-Research/firstTest/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/firstTest/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/firstTest/README.md: -------------------------------------------------------------------------------- 1 | Simple return value from pcode. -------------------------------------------------------------------------------- /VB-Research/firstTest/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/main.cpp -------------------------------------------------------------------------------- /VB-Research/firstTest/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/psc.sln -------------------------------------------------------------------------------- /VB-Research/firstTest/psc.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/psc.suo -------------------------------------------------------------------------------- /VB-Research/firstTest/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/firstTest/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/getVarData/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/README.md -------------------------------------------------------------------------------- /VB-Research/getVarData/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/main.cpp -------------------------------------------------------------------------------- /VB-Research/getVarData/pcode.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/pcode.h -------------------------------------------------------------------------------- /VB-Research/getVarData/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/psc.sln -------------------------------------------------------------------------------- /VB-Research/getVarData/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/getVarData/sample/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/sample/Module1.bas -------------------------------------------------------------------------------- /VB-Research/getVarData/sample/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/sample/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/getVarData/sample/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/sample/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/getVarData/vb.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/getVarData/vb.h -------------------------------------------------------------------------------- /VB-Research/globalVar/README.md: -------------------------------------------------------------------------------- 1 | Setup / test mem to handle global variables. -------------------------------------------------------------------------------- /VB-Research/globalVar/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/main.cpp -------------------------------------------------------------------------------- /VB-Research/globalVar/pcode.h: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /VB-Research/globalVar/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/psc.sln -------------------------------------------------------------------------------- /VB-Research/globalVar/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/globalVar/sample/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/sample/Module1.bas -------------------------------------------------------------------------------- /VB-Research/globalVar/sample/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/sample/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/globalVar/sample/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/sample/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/globalVar/vb.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/globalVar/vb.h -------------------------------------------------------------------------------- /VB-Research/lateBinding/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/Module1.bas -------------------------------------------------------------------------------- /VB-Research/lateBinding/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/lateBinding/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/lateBinding/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/README.md -------------------------------------------------------------------------------- /VB-Research/lateBinding/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/main.cpp -------------------------------------------------------------------------------- /VB-Research/lateBinding/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/psc.sln -------------------------------------------------------------------------------- /VB-Research/lateBinding/psc.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/psc.suo -------------------------------------------------------------------------------- /VB-Research/lateBinding/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/lateBinding/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/structs/Module1.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/Module1.bas -------------------------------------------------------------------------------- /VB-Research/structs/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/structs/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/structs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/README.md -------------------------------------------------------------------------------- /VB-Research/structs/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/main.cpp -------------------------------------------------------------------------------- /VB-Research/structs/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/psc.sln -------------------------------------------------------------------------------- /VB-Research/structs/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/structs/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/two_funcs/README.md: -------------------------------------------------------------------------------- 1 | How to interlink two pcode functions. -------------------------------------------------------------------------------- /VB-Research/two_funcs/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/two_funcs/main.cpp -------------------------------------------------------------------------------- /VB-Research/two_funcs/psc.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/two_funcs/psc.sln -------------------------------------------------------------------------------- /VB-Research/two_funcs/psc.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/two_funcs/psc.vcproj -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/MSVBVM60.DLL: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/MSVBVM60.DLL -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/NtHookEngine.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/NtHookEngine.cpp -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/NtHookEngine.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/NtHookEngine.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/config.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/config.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/decoder.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/decoder.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/decoder.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/decoder.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/distorm.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/distorm.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/distorm.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/distorm.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/instructions.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/instructions.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/instructions.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/instructions.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/insts.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/insts.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/insts.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/insts.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/mnemonics.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/mnemonics.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/mnemonics.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/mnemonics.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/operands.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/operands.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/operands.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/operands.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/prefix.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/prefix.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/prefix.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/prefix.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/textdefs.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/textdefs.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/textdefs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/textdefs.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/wstring.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/wstring.c -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/wstring.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/wstring.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/diStorm3.3/x86defs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/diStorm3.3/x86defs.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.cpp -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.opt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.opt -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.sln -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.suo -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.vcproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.vcproj -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/dll.vcproj.DESKTOP-F9V9H70.dzzie.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/dll.vcproj.DESKTOP-F9V9H70.dzzie.user -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/exports.def: -------------------------------------------------------------------------------- 1 | EXPORT 2 | NullSub -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/main.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/main.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/dll/vb_structs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/dll/vb_structs.h -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector.exe -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/CFileSystem2.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/CFileSystem2.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/CSubClass2.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/CSubClass2.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/CWindow.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/CWindow.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/clsCmnDlg.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/clsCmnDlg.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/frmMain.frm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/frmMain.frm -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/injector/modSubclass.bas: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/injector/modSubclass.bas -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/msvbvm60.dbg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/msvbvm60.dbg -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/openScript.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/openScript.dll -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/test.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/test.js -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/test.py -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/test.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/test.vbs -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp.exe -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp/Class1.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp/Class1.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp/Class2.cls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp/Class2.cls -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp/Form1.frm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp/Form1.frm -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp/Project1.vbp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp/Project1.vbp -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/testApp/Project1.vbw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/testApp/Project1.vbw -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/vbdec/injector.exe/FileReport.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/vbdec/injector.exe/FileReport.txt -------------------------------------------------------------------------------- /VB-Research/vbOpenScript/vbdec/testApp.exe/FileReport.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VB-Research/vbOpenScript/vbdec/testApp.exe/FileReport.txt -------------------------------------------------------------------------------- /VibeScams/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/README.md -------------------------------------------------------------------------------- /VibeScams/extras/10web.cloud.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/10web.cloud.txt -------------------------------------------------------------------------------- /VibeScams/extras/10web.site.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/10web.site.txt -------------------------------------------------------------------------------- /VibeScams/extras/b12sites.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/b12sites.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/backendless.app.txt: -------------------------------------------------------------------------------- 1 | wholesteam-us.backendless.app 2 | -------------------------------------------------------------------------------- /VibeScams/extras/bolt.host.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/bolt.host.txt -------------------------------------------------------------------------------- /VibeScams/extras/bookipi.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/bookipi.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/builder-preview.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/builder-preview.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/codedesign.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/codedesign.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/dcms.site.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/dcms.site.txt -------------------------------------------------------------------------------- /VibeScams/extras/durablesites.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/durablesites.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/elementor.cloud.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/elementor.cloud.txt -------------------------------------------------------------------------------- /VibeScams/extras/flazio.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/flazio.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/flutterflow.app.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /VibeScams/extras/framer.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/framer.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/glide.page.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/glide.page.txt -------------------------------------------------------------------------------- /VibeScams/extras/hostingersite.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/hostingersite.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/lovable.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/lovable.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/mobirisesite.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/mobirisesite.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/multiscreensite.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/multiscreensite.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/namehero.net.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/namehero.net.txt -------------------------------------------------------------------------------- /VibeScams/extras/nameherosites.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/nameherosites.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/notion.site.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/notion.site.txt -------------------------------------------------------------------------------- /VibeScams/extras/odoo.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/odoo.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/renderforestsites.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/renderforestsites.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/replit.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/replit.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/softr.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/softr.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/squarespace.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/squarespace.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/teleporthq.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/teleporthq.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/temporary-demo.site.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/temporary-demo.site.txt -------------------------------------------------------------------------------- /VibeScams/extras/tilda.ws.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/tilda.ws.txt -------------------------------------------------------------------------------- /VibeScams/extras/typedream.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/typedream.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/vercel.app.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/vercel.app.txt -------------------------------------------------------------------------------- /VibeScams/extras/webflow.io.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/webflow.io.txt -------------------------------------------------------------------------------- /VibeScams/extras/webwave.dev.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/webwave.dev.txt -------------------------------------------------------------------------------- /VibeScams/extras/wegic.app.txt: -------------------------------------------------------------------------------- 1 | proportfolio-e41f9db0.wegic.app 2 | -------------------------------------------------------------------------------- /VibeScams/extras/wixsite.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/wixsite.com.txt -------------------------------------------------------------------------------- /VibeScams/extras/wixstudio.com.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/extras/wixstudio.com.txt -------------------------------------------------------------------------------- /VibeScams/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/VibeScams/network.txt -------------------------------------------------------------------------------- /ViperSoftX/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/README.md -------------------------------------------------------------------------------- /ViperSoftX/extras/VenomSoftX_address_book.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/VenomSoftX_address_book.txt -------------------------------------------------------------------------------- /ViperSoftX/extras/extraction_script/extract_files.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/extraction_script/extract_files.py -------------------------------------------------------------------------------- /ViperSoftX/extras/extraction_script/mainfest.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/extraction_script/mainfest.proto -------------------------------------------------------------------------------- /ViperSoftX/extras/extraction_script/mainfest_pb2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/extraction_script/mainfest_pb2.py -------------------------------------------------------------------------------- /ViperSoftX/extras/extraction_script/requirements.txt: -------------------------------------------------------------------------------- 1 | malduck 2 | protobuf>=4.0.0 3 | -------------------------------------------------------------------------------- /ViperSoftX/extras/list_of_api_calls.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/list_of_api_calls.txt -------------------------------------------------------------------------------- /ViperSoftX/extras/list_of_keywords.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/list_of_keywords.txt -------------------------------------------------------------------------------- /ViperSoftX/extras/list_of_locations.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/list_of_locations.txt -------------------------------------------------------------------------------- /ViperSoftX/extras/wallets.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/extras/wallets.csv -------------------------------------------------------------------------------- /ViperSoftX/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/network.txt -------------------------------------------------------------------------------- /ViperSoftX/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/samples.md5 -------------------------------------------------------------------------------- /ViperSoftX/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/samples.sha1 -------------------------------------------------------------------------------- /ViperSoftX/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/ViperSoftX/samples.sha256 -------------------------------------------------------------------------------- /WiryJMPer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/WiryJMPer/README.md -------------------------------------------------------------------------------- /WiryJMPer/network.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/WiryJMPer/network.txt -------------------------------------------------------------------------------- /WiryJMPer/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/WiryJMPer/samples.md5 -------------------------------------------------------------------------------- /WiryJMPer/samples.sha1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/WiryJMPer/samples.sha1 -------------------------------------------------------------------------------- /WiryJMPer/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/WiryJMPer/samples.sha256 -------------------------------------------------------------------------------- /phishing/OZON_08_2022.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/phishing/OZON_08_2022.txt -------------------------------------------------------------------------------- /usgov-backdoor/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/README.md -------------------------------------------------------------------------------- /usgov-backdoor/rce_example/run_calculator_on_infected.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/rce_example/run_calculator_on_infected.py -------------------------------------------------------------------------------- /usgov-backdoor/rce_example/source/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/rce_example/source/main.cpp -------------------------------------------------------------------------------- /usgov-backdoor/rce_example/source/main.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/rce_example/source/main.h -------------------------------------------------------------------------------- /usgov-backdoor/samples.md5: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/samples.md5 -------------------------------------------------------------------------------- /usgov-backdoor/samples.sha: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/samples.sha -------------------------------------------------------------------------------- /usgov-backdoor/samples.sha256: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avast/ioc/HEAD/usgov-backdoor/samples.sha256 --------------------------------------------------------------------------------