# Malware - Win32. Collection of multiple win32.-families with few domains & hosts per feed. # Command and Control domains for malware known as Win32.Shiz.ufj. These domains are extracted from malware sandbox reports using a Machine Learning model trained on a corpus of good and bad domains. # Source: https://otx.alienvault.com/browse/global?section=All&q=Win32&include_inactive=0&sort=-modified&page=1&indicatorsSearch=modified:%22%22%20Win32 # # INFO: https://www.f-secure.com/v-descs/win32_virus.shtml # # UPDATED 02-04-2021 # # Every link reported should be considered harmefull and could result in an unwanted malware download. Use this file carrefully. # # **** Therefor my advice is **** # **** If you experience sites that are being blocked **** # **** please double check your input in search field and **** # **** see if it's correct and verify that it is the correct page you **** # **** are going too! If it is correct then whitelist that site **** # # USE THIS LIST WITH CAUTION! # # # *****The list is released without any warranty to the end users.***** # # *** This list contains domains and hosts *** # ******************************************************************************************************************************************************************* #--------------------------------------------- # W32.Blackmoon - Malware Domain Feed V2 # Source: https://otx.alienvault.com/pulse/5cc6b94df225b0045a904d5b # Domains fffffh.site luoyefeihua.site syncc.xyz # Hosts 0.0.0.0 0408sq2u.58guyu.com 0.0.0.0 91w2l6dt.58guyu.com 0.0.0.0 833u3k3i.58guyu.com 0.0.0.0 down01.58guyu.com 0.0.0.0 exe.58guyu.com 0.0.0.0 fpnt5n9r.58guyu.com 0.0.0.0 ftp271303.host553.zhujiwu.cn 0.0.0.0 ftp543845.host566.zhujiwu.me 0.0.0.0 gj.wxb2568.cn 0.0.0.0 ip.666888pya.xyz 0.0.0.0 k7vvazyq.58guyu.com 0.0.0.0 mprrpt.hjkl45678.xyz 0.0.0.0 nmprrpt.hjkl45678.xyz 0.0.0.0 p1hgivju.gdicoou.com 0.0.0.0 q9o7y27m.58guyu.com 0.0.0.0 qcyl.cyynet.com 0.0.0.0 sfqlbmxt.58guyu.com 0.0.0.0 tongji.58guyu.com 0.0.0.0 v216976v.58guyu.com 0.0.0.0 wkapi.kenfu1.com 0.0.0.0 www.362com.com 0.0.0.0 www.awen666.icu 0.0.0.0 www.dfafsd.cloud 0.0.0.0 www.joinbee.cn 0.0.0.0 www.panbaogui.com 0.0.0.0 www.yxlt.us 0.0.0.0 xxx.xxx.com 0.0.0.0 ys46waeu.adkuai8.com 0.0.0.0 yy4010.gotoip1.com #--------------------------------------------- # Win32.Shiz.ufj - Malware Domain Feed V2 # Source: https://otx.alienvault.com/pulse/5ccb67aaa5bfa10ff6ffe535 # Domains cihunemyror.eu cilavocofer.eu ciliqikytec.eu cinepycusaw.eu dikuvizigiz.eu diselahidaf.eu divesosisor.eu dixesywyruc.eu fodakyhijyv.eu fokyxazolar.eu foxivusozuc.eu gacezobeqon.eu gacok.eu gacyryw.com gacyzuz.com gadufiwabim.eu gadyniw.com gahyqah.com galykes.com ganypih.com gaqycos.com jefapexytar.eu jenokirifux.eu jewuqyjywyv.eu kefuwidijyp.eu kejogydideq.eu kemocujufys.eu lygymoj.com lygynud.com lykyjad.com lymyxid.com lyruxyxaxaw.eu lyryvex.com lysul.eu lysuxinebyg.eu lysyfyj.com lyvyxor.com lyxylux.com lyxywer.com mamixikusah.eu marytymenok.eu nojejecebuw.eu pufet.eu pujuduvaxim.eu pumed.eu pupex.eu pupod.eu pupybul.com purol.eu purycap.com puvem.eu puvopalywet.eu puvyxil.com puzib.eu puzutuqeqij.eu qedyfyq.com qedynul.com qegyqaq.com qekykev.com qekyqop.com qeqinuqypoq.eu qeqyxov.com qetyfuv.com qexylup.com qexyryl.com rynazuqihoj.eu ryqecolijet.eu tulyboputal.eu tunujolavez.eu tupudyqusuj.eu vocebufazap.eu vocumucokaj.eu vocyruk.com vofez.eu vofozymufok.eu vojacikigep.eu vojyjof.com vojyqem.com volec.eu volyqat.com vonodecidid.eu vopep.eu vopibycywow.eu vopogakakud.eu vowycac.com vowydef.com xukovoruput.eu xuqohyxeqak.eu xuxusujenes.eu # Hosts 0.0.0.0 ww1.lysyfyj.com 0.0.0.0 ww11.lysyfyj.com 0.0.0.0 www.gadyniw.com 0.0.0.0 www.gahyqah.com 0.0.0.0 www.pupybul.com 0.0.0.0 www.vowycac.com 0.0.0.0 www.vowygem.com #--------------------------------------------- # Win32.Floxif.A - Malware Domain Feed V2 # Source: https://otx.alienvault.com/pulse/5cc9aa3bcf78e0d4834b11ce # Domains 8bb11f3597.pw citygame.xyz hostas4.cf hostas8.ml hostpp2.cf xjpakmdcfuqe.biz zcop.ru # Hosts 0.0.0.0 ddl.serveftp.com 0.0.0.0 devid.drp.su 0.0.0.0 googlegmail.servehttp.com 0.0.0.0 latestapps.wen.ru 0.0.0.0 microsoft.mypicture.info 0.0.0.0 mzo.dyndns.org 0.0.0.0 nexter.x0rg.com 0.0.0.0 u.f321y.com 0.0.0.0 updatertestww.mkcl.org 0.0.0.0 www.balu001.0catch.com 0.0.0.0 www.balu002.0catch.com 0.0.0.0 www.balu003.0catch.com 0.0.0.0 www.balu004.0catch.com 0.0.0.0 www.balu007.0catch.com 0.0.0.0 www.balu008.0catch.com 0.0.0.0 www.balu010.0catch.com 0.0.0.0 www.balu013.0catch.com 0.0.0.0 www.blm35.net 0.0.0.0 www.gfkgeeoqgz.wen.ru 0.0.0.0 www.gugeeoqgz.wen.ru 0.0.0.0 www.gxgeeoqgz.wen.ru 0.0.0.0 www.hostpp2.cf 0.0.0.0 www.oqzoqbeoqgz.wen.ru #--------------------------------------------- # Win32.Wacapew - Malware Domain Feed V2 # Source: https://otx.alienvault.com/pulse/5efe0e2e6887c757d99eaa2b # Domains 08ba21b31b07e8b2.xyz 0856c981fac71ad2.xyz 1abb7c50a8e82d40.xyz 3afc5ff1c881b281.xyz 3cf900ecf0895e4a.xyz 5c98ff7eb35a6899.xyz 5df09f09188cb28e.xyz 6c2d8999fc5c1708.xyz 6d8b0272c433fd35.xyz 6ec8c1bc55203805.xyz 7fbaa5576a683a01.xyz 8a4997225ef680c2.xyz 8c365b78d1a7e8f8.xyz 8d96c6c8686c52e7.xyz 32ae7e2916cf4953.xyz 71ce0c9703a486f1.xyz 84cfba021a5a6662.xyz 628cbea9eb2bdecc.xyz 847c29d3e827a16e.xyz 5723edfc5207ff2d.xyz 29272a6bc0ef8ac8.xyz 54893f9638f5f23b.xyz 658537bb4cb52d28.xyz 750940a116beb395.xyz 7819552a3888d197.xyz 66124112b4188769.xyz a5559c25c7aba201.xyz bea0e4a218a01f2a.xyz c8dd8ae6dc4dc644.xyz c9b19ecacba2ea44.xyz d0b9282d68078592.xyz d048129eb1be65d5.xyz e1bca370f5f49fe7.xyz e5ee35320e7c970b.xyz ef6df4af06ba6896.xyz fa1e6f7334d84c84.xyz fe0432d95d40b8a2.xyz freekzvideo.cloud post-back-url.com trackpressure.website zombiemaniya.ru # Hosts 0.0.0.0 gfehi7.2ihsfa.com 0.0.0.0 uhgag43.2ihsfa.com 0.0.0.0 uhgargr.2ihsfa.com 0.0.0.0 www.infokscents.com #--------------------------------------------- # Win32.BlackNET - Malware Domain Feed V2 # Source: https://otx.alienvault.com/pulse/5dfc6b8957112ec80405a93f # Domains alexknives.com crackedworld.xyz groupy.pro informavoce.com jonhost45.com manchestergardensllc.com meublesinde.in otchaos.tk raders.ru ranonlinedominationep7.site redbulllogistics.online sitespy.club svcupdate.com testnexus1123.tk tv-diaspora.eu # Hosts 0.0.0.0 a.nvuty.ru 0.0.0.0 blackguy.power-plast.in 0.0.0.0 blacknet.all-hacks.org 0.0.0.0 blacknet.spy24.biz 0.0.0.0 blacknethost.000webhostapp.com 0.0.0.0 d3c0d3dd0cx.000webhostapp.com 0.0.0.0 dadacode2020.ddns.net 0.0.0.0 do.kemem.ga 0.0.0.0 f0374712.xsph.ru 0.0.0.0 f0386817.xsph.ru 0.0.0.0 f0401489.xsph.ru 0.0.0.0 fskakjgg.beget.tech 0.0.0.0 i9789238.beget.tech 0.0.0.0 mailstealer.zzz.com.ua 0.0.0.0 mosav5vz.beget.tech 0.0.0.0 perc30.beget.tech 0.0.0.0 sepasarg.beget.tech 0.0.0.0 test.darkstrom.com 0.0.0.0 tulsipada1.000webhostapp.com 0.0.0.0 updatesmanager.ddns.net 0.0.0.0 vovagaka.myjino.ru 0.0.0.0 wwe23pro.myjino.ru 0.0.0.0 xexob6ct.beget.tech