Open dnmTX opened 3 years ago
Hi @dnmTX , thanks for reporting this, new checks were introduced for the exports, entries are gone.
If in the future, it happens again, there is not need to open a new issue, just comment here and we follow-up in this same space.
@raw-data false-positive,to your attention:
"2021-09-02","2021-09-02","time.google.com","downloader","pegui,peexe32,assembly"
👍
P.S. Would suggest to reopen this issue so we know it's the one to deal with all feature invalid/false-positive entries.
@dnmTX thank you, entry whitelisted
@raw-data found one 😉 :
"2021-09-26","2021-09-26","addons.mozilla.org","adware","pegui,peexe32"
Thanks as allways 👍
@dnmTX nice catch! entry removed only from dns, and domain exports, ioc still remains for url (in general) and in the master-feed.json (for hunting / historical data)
@raw-data invalid for removal:
"2021-10-07","2021-10-07","0.0.0.0:10471","unknown","assembly,pegui,peexe32"
👍
@dnmTX thx! "funny" it was a sort of edge case, not falling under the ipv4 flow, but domain part .. now it's fixed (as usual, it stays in the master-feed, as it should)
@raw-data to your attention:
"2022-06-30","2022-06-30","37.0.11.164:8080","downloader","peexe32,assembly,pegui"
👍
Hi again @raw-data. I've been keeping my eye so far on the domain_list and as of today there are few more invalid entries that needs to be removed and would advise you to go over your scripts,do some adjustments as well so to be filtered better:
"2021-07-22","2021-07-24","oziyjajmgohla.oziyjajmgohla","riskware","peexe32,pegui"
"2021-07-25","2021-07-25","abbjvbdopiz.abbjvbdopiz","clipbanker","peexe32,pegui"
"2021-08-18","2021-08-18","nnpwxhwvuw.nnpwxhwvuw","azorult","peexe32,pegui"
Thanks as allways 👍