# Loader C2 Tier 2
103.172.92[.]148

# Loader C2s
79.141.162[.]154
154.7.253[.]113
77.83.199[.]142
216.107.139[.]52
144.172.76[.]24 
144.172.86[.]16
144.172.122[.]12
207.189.164[.]106
173.211.70[.]205
45.61.141[.]192 
167.88.166[.]112
167.88.168[.]2 
172.86.96[.]114
95.169.180[.]227
107.175.229[.]142
144.172.111[.]24
192.3.179[.]139
185.45.195[.]140

# Active DGA C2s
prekudinish[.]com
recepatission[.]info
ultradomafy[.]net
inoluvary[.]com
disimunous[.]com
interocakate[.]com
exagenafy[.]com
promexucate[.]com
misukumotist[.]info
subonuker[.]name
emelenalike[.]com
remalexation[.]name
antihicipate[.]com
antigutation[.]info 
minixetepate[.]biz
overedaxive-nonameraness[.]net
underuvukent[.]com
inofokable[.]net
overuvezor[.]com

# Bot C2s to find victim DNS server
dnslookips[.]com
ipscoredns[.]com
nslookups[.]com

# Active DGA C2s IPs
46.249.35[.]171
46.246.96[.]40
213.252.244[.]213
185.25.50[.]100
77.83.198[.]174
193.42.36[.]208
103.244.227[.]46
45.227.252[.]245
185.117.75[.]18
46.249.38[.]69
141.98.82[.]229
91.227.77[.]217
37.122.148[.]5
5.181.86[.]231
85.206.172[.]132
179.60.147[.]86

# Backconnect C2s
212.83.143[.]49
162.210.192[.]171
67.213.212[.]55
212.83.137[.]165
161.129.66[.]141
212.83.165[.]136
37.59.213[.]49
38.91.107[.]224
51.83.116[.]4
38.91.106[.]252
5.9.43[.]90
51.83.116[.]3
67.213.212[.]39
162.19.7[.]46
198.7.56[.]74
67.213.210[.]60
198.7.61[.]67
212.83.143[.]151
67.213.212[.]54
162.0.220[.]218
173.244.208[.]78
162.245.185[.]35
51.83.116[.]7
66.29.129[.]54
174.138.176[.]78
162.245.185[.]38
174.138.176[.]74
212.83.142[.]149
23.105.170[.]32
212.83.137[.]30
23.105.170[.]30
162.0.220[.]219
162.210.192[.]135
5.9.43[.]88
108.181.132[.]117
212.83.138[.]60
66.29.128[.]241
162.19.7[.]58
67.213.212[.]49
174.138.176[.]77
5.9.43[.]92
67.213.212[.]48
212.83.138[.]192
212.83.138[.]132
67.213.210[.]118
108.181.132[.]115
212.83.143[.]103
212.83.143[.]97
173.244.208[.]72
67.213.212[.]47
162.19.7[.]56
162.19.7[.]47
51.254.149[.]59
23.105.170[.]35
209.159.153[.]21
212.83.143[.]204
67.213.210[.]61
38.91.107[.]229
173.244.208[.]73
67.211.211[.]115
212.83.138[.]245
108.181.132[.]118
162.245.185[.]37
66.29.128[.]245
161.129.66[.]139
144.76.167[.]25
67.213.212[.]51
212.83.165[.]102
162.0.220[.]220
38.91.107[.]2
162.245.185[.]36
51.83.116[.]6
198.7.56[.]71
162.210.197[.]69
209.159.153[.]19
212.83.143[.]223
162.19.7[.]49
67.213.210[.]62
195.154.43[.]86
67.211.211[.]117
67.213.210[.]167
67.213.210[.]168
162.0.220[.]216
212.83.143[.]118
173.244.208[.]84
212.83.143[.]191
144.76.167[.]34
198.7.56[.]72
138.201.21[.]218
212.83.138[.]186
173.244.208[.]81
67.213.212[.]53
162.19.7[.]61
162.19.7[.]60
162.19.7[.]59
195.154.43[.]182
162.0.220[.]214
38.91.106[.]214
108.181.132[.]116
212.83.142[.]100
212.83.137[.]142
23.105.170[.]33
212.83.137[.]150
198.7.56[.]73
144.76.167[.]23
67.213.212[.]52
162.210.192[.]136
51.254.167[.]45
212.83.143[.]211
162.0.220[.]161
66.29.129[.]56
67.213.212[.]36
67.211.211[.]116
195.154.43[.]184
212.83.142[.]131
66.29.128[.]243
46.105.44[.]29
138.201.21[.]233
51.83.116[.]2
174.138.176[.]75
173.244.208[.]80
67.213.212[.]38
173.244.208[.]76
161.129.66[.]138
67.213.212[.]57
138.201.21[.]227
141.94.238[.]246
212.83.143[.]60
162.0.220[.]215
108.181.133[.]58
212.83.143[.]159
212.83.165[.]43
212.83.138[.]172
66.23.233[.]210
198.7.61[.]72
138.201.21[.]228
162.0.220[.]217
67.213.212[.]56
66.29.129[.]52
5.9.43[.]105
173.244.208[.]83
87.98.130[.]137
162.210.197[.]91
51.68.244[.]19
209.159.153[.]20
144.76.167[.]37
212.83.137[.]94
162.19.7[.]53
162.19.7[.]57
5.9.43[.]93
162.19.7[.]50
67.213.212[.]40
138.201.21[.]238
212.83.143[.]147
138.201.21[.]232
212.83.165[.]109
195.154.43[.]221
67.213.212[.]58
66.29.129[.]53
67.213.210[.]115
23.105.170[.]34
38.91.107[.]220
174.138.176[.]76
67.211.211[.]114
212.83.137[.]239
66.29.128[.]246
162.19.7[.]48
212.83.165[.]199
212.83.142[.]158
209.159.153[.]22
5.9.43[.]85
144.76.167[.]18
66.29.128[.]244
51.83.116[.]5
67.213.212[.]50
161.129.66[.]140
212.83.142[.]145
144.76.167[.]26
212.83.142[.]114
67.213.210[.]175
195.154.43[.]198
195.154.43[.]189
66.29.128[.]242
108.181.133[.]59