Since the last two updates I have collected a few more indicators, and I have decided to make an indicator page. I didn't want to create a tracking page, as there is a much better resource, rather I wanted to create a list of indicators that I have found. Below are a few new additions that I will be adding to the new Geodo indicator list; there are no new C2 servers or use-agent strings.
Link to the Geodo indicator page.
Threat Name: Geodo
File Download Locations:
These are live malware files, download with caution.
hXXp://obchod.vianatura.cz:80/YRgXCNup2zn8/9049.exe
hXXp://f3x.pl:80/modules/mod_aratipas/ex_mss3.exe
hXXp://zonaliberabraila.ro/ud3yRXLgSw2
hXXp://marjav.cl/g3aTdqlJI8
hXXp://intellinum.com/7UPYmxe150K
hXXp://blog.northpointindia.com/gKBwOvxeq
Further Reading:
rebus snippets
No comments:
Post a Comment
Please feel free to leave a comment that is relevant to the post.