Moon_Faceless_IOCs.txt

Malware Hosting IPs:
188.92.79[.]115
188.92.72[.]129
188.92.79[.]116
 
Command and Control Servers:
185.246.128[.]181
195.3.144[.]185
91.215.158[.]118
65.108.96[.]201
188.92.79[.]110
31.43.185[.]85
92.63.197[.]133
195.3.147[.]73
185.156.73[.]110
 
Intermediary Proxies:
185.165.190[.]171
45.11.59[.]209
104.200.72[.]120
135.181.47[.]22
49.13.126[.]124
159.69.126[.]211
128.140.115[.]231

Malicious FTP Server:
45.143.201[.]87:32123

Files uploaded to Virus Total:
abee3860601d8a8f10fa2d0ef9e058c8c9b0b977a87e8c95fb66d3f630281c23  ./.moon
d4fa6a239895a94f83740db0319601a14896a2b06fff912364f214b0832ee230  ./.nttpd
84b45dad03eeb5be10b8313b25de1426b108064b12e2848eaa94cddd58bca297  ./.scn
701531793ecd583e05cdbd853bec8c0ece4c106fc9a6658af2d1b2f6becb70ad  ./.scz
7724caac245c1e5af1662fc3a1261e02fe097a7a98c129986e6dad41606d0df1  ./.sox10
f9ac395dbab71d37b0a22cbacba2613540b51a4be501632320e523531716a057  ./.sox20
9e10aadba51daa66b72ea442a97b31b12b4f718866328109d21d1c03b0e76780  ./.sox30
ab3d693470e7cf8ff2a21338c0a20302465ca7e18c33fc8fe488b0abb8f201f0  ./.sox40
29f809f7f128dba027e88df323fb717368086389f46adad44ee3fb0cc174accb  ./.sox50
33813ebf161b64e3e0ccdc47eb43d1683d00c23b3abd01a11e0e794aa3e69c16  ./.sox60
42f5df48a6fc614c871e58bb7dd13852b59eae553cad64f913789b382f2bbf8f  ./.soxP
aaf994941e7230bbdf306d6deb2ac40bc4c04ff5a329d67acc6c816c419269fa  ./.soxT