Add additional medium confidence Operation Triangulation domains according to JARM fingerprint #10

TinySecShell · 2023-10-08T03:32:00Z

Add additional medium confidence Operation Triangulation domains
Identify Operation Triangulation Malicious Servers with JARM fingerprint

Identify Operation Triangulation Malicious Servers with JARM

Te-k · 2023-10-08T16:49:25Z

Do you have a reference of a publication mentioning these domains? Or is it coming from your own work?

TinySecShell · 2023-10-10T03:49:43Z

Yes, this is my own work. I have been interested in this matter since kaspersky released related domains
You can refer to the following rules:
"HTTP/1.1 404 Not Found" && cert="Organizational Unit: CloudFlare Origin SSL Certificate Authority" && jarm="2ad2ad20d2ad2ad22c2ad2ad2ad2adfb5de881cc847e53e47fc6dd40b422b0" && "Content-Length: 162"

Update-domains.txt

10c332b

Identify Operation Triangulation Malicious Servers with JARM

TinySecShell changed the title ~~domains.txt~~ Add additional medium confidence Operation Triangulation domains according to JARM fingerprint Oct 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add additional medium confidence Operation Triangulation domains according to JARM fingerprint #10

Add additional medium confidence Operation Triangulation domains according to JARM fingerprint #10

TinySecShell commented Oct 8, 2023

Te-k commented Oct 8, 2023

TinySecShell commented Oct 10, 2023

Add additional medium confidence Operation Triangulation domains according to JARM fingerprint #10

Are you sure you want to change the base?

Add additional medium confidence Operation Triangulation domains according to JARM fingerprint #10

Conversation

TinySecShell commented Oct 8, 2023

Te-k commented Oct 8, 2023

TinySecShell commented Oct 10, 2023