## hosts-blocklists
## domains-ips-hashes

## blocklists-kaspersky
## https://securelist.com/


# https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/

dbdb.addea.workers.dev
google.kt9.site

00aa9900205771b8c9e7927153b77cf2
0318b7b906e9a34427bf6bbcf64b6fc8
b456430b4ed0879271e6164a7c0e4f6e
fa8b1592c9cda268d8affb6bceb7a120

# https://securelist.com/xz-backdoor-story-part-1/112354/

4f0cf1d2a2d44b75079b3ea5ed28fe54
53d82bb511b71a5d4794cf2d8a2072c1
153df9727a2729879a26c1995007ffbc
212ffa0b24bb7d749532425a46764433
540c665dfcd4e5cfba5b72b4787fec4f
35028f4b5c6673d6f2e1a80f02944fb2
b4dd2661a7c69e85f19216a6dbbb1664
d302c6cb2fa1c03c710fa5285651530f

8a75968834fc11ba774d7bbdc566d272ff45476c
72e8163734d586b6360b24167a3aff2a3c961efb

319feb5a9cddd81955d915b5632b4a5f8f9080281fb46e2f6d69d53f693c23ae
605861f833fc181c7cdcabd5577ddb8989bea332648a8f498b4eef89b8f85ad4

# https://securelist.com/dinodasrat-linux-implant/112284/

update.centos-yum.com

99.231.211.19

8138f1af1dc51cde924aa2360f12d650
decd6b94792a22119e1b5a1ed99e8961

# https://securelist.com/crimeware-report-android-malware/112121/

042f041108a79ac07d7b3165531faa9a
043020302ea8d134afbd5bd37c05d2a8
04807757a54ce0fbc8326ea8b11f8169
06148a2e5828e6844c2a1a74030d22b6
0677a090eb28837b1bbf3e6ab1822fdd
0960de9d425b5157720f59c2901d4e3b
098dac0668497d9707045bc1e10ced93
274b8d86042d94a6ca6823841fec6d2c
1796e678498bf9a067c43769f4096488

# https://securelist.com/trojanized-text-editor-apps/112167/

dns.transferusee.com
update.transferusee.com
vnote-1321786806.cos.ap-hongkong.myqcloud.com
vnote.fuwenkeji.cn
vnote.info
vnotepad.com

00fb77b83b8ab13461ea9dd27073f54f
5ece6281d57f16d6ae773a16f83568db
6ace1e014863eee67ab1d2d17a33d146
47c9fec1a949e160937dd9f9457ec689
43447f4c2499b1ad258371adff4f503f

# https://securelist.com/coyote-multi-stage-banking-trojan/111846/

atendesolucao.com
centralsolucao.com
diadaacaodegraca.com
dowfinanceiro.com
segurancasys.com
servicoasso.com
traktinves.com

03eacccb664d517772a33255dff96020
071b6efd6d3ace1ad23ee0d6d3eead76
276f14d432601003b6bf0caa8cd82fec
5134e6925ff1397fdda0f3b48afec87b
bf9c9cc94056bcdae6e579e724e8dbbd

# https://securelist.com/new-macos-backdoor-crypto-stealer/111778/

22.imohub.workers.dev
apple-analyser.com
apple-health.org
imohub.net

005fb6dee90eeefa89d6400f7a06d058
09ab22fcf21385cc5702ec52ac4eca02
2ebfe93a39ce3fcecca883b5f182029e
2ed32d3df8b4a2ef891b44a6397cf6ea
3a89719527d51e7c60854704e9f49a32
3af3d6ba3c80b7bf5d67deddb2971c61
3b357b8d65537d40e87599c5329d2a3d
3f89644dfc394e888a741f6c09638d98
4c2ec35d13c5f44000caf658e40e444c
5abe156cb33b18a46c7279d9c52b1c64
5bab5ba8c509a9baa5db246d932a099f
7fd9a401fd0d7901cf4494333d1896cb
9c0e8d45cbf5cae428bef90b5824e5b1
18c564a5cc4b7414df8345a8bdce7418
29a35e0e65bba727a97747acdf921c09
29b1ba90407a93400e062fb65dc9b667
38e4ef0d9221b25510cc50bcc8f4b4e8
67e1f194c37968bb2edaf469bf40b837
71eefe83f836ebceadc9f68ff0e37d3b
95c86de53ad9ca116f8c6eb2e6a152f5
352f0d288e612e4f66c50aaf9214a81d
948a90b43ade9dbc559fd27be404f9f0
948c1bdc9edf3e57758b677a0a449f34
3422f0cefa0c4612d18643bbf07a4a98
4886a687ada61fc7f53b41f6020e76cc
609596d15e684f4a8ea80b7ee4b8c6a8
9124843fdbf27e7b31d2f883042021a9
a33b6c5905cefced329fa89f5eebb481
a5924fff42d60a732853da167a743182
a386380e03097055c24b0f35263d5492
a9231044dd45a85a0bf45e01584bf213
adede572ad9599e331592103f9eea2a2
b2d519d13125c29832b132e927fd141b
ba41c9f6d89671b729eafbe6d5f1c85e
bbe4c19f3b675705073ba3e8a560b768
be7e6e625d15d30ff47e34ebb1ee4511
c88c28149387ccf52ca3869442533fd9
c7178d08c13f3e49a6ebefe23d1fedff
cad3081fc6174ca4a4c18b8f73b3fe59
d1177ed07dddb09415c175a205143eb6
e5f12e92b1fa956d02d35d6224abdbc8
e12566cd9d72a9b56d5e53f00b7d2d53
e64773b03ad1eae52180c2b58907f1f6
f4282d7e32c7e8ab4e075c572ac43803
fb050f4c29a166480ff2f5a1fa8b9800
ff608ab027db4d1e076c1d8098e8dc8a

# https://securelist.com/unveiling-nkabuse/111512/

11e2d7a8d678cd72e6e5286ccfb4c833

# https://securelist.com/crimeware-report-fakesg-akira-amos/111483/

C60AC6A6E6E582AB0ECB1FDBD607705B

00141f86063092192baf046fd998a2d1
0885b3153e61caa56117770247be0444
2cda932f5a9dafb0a328d0f9788bd89c

3d13fae5e5febfa2833ce89ea1446607e8282a2699aafd3c8416ed085266e06f
9bf7692f8da52c3707447deb345b5645050de16acf917ae3ba325ea4e5913b37

# https://securelist.com/trojan-proxy-for-macos/111325/

register.akamaized.ca

0c369d305e101381dfbd2f277417ca69
0e59a269fa6a34cc6fab8873e79e8011
00cbaee9a21dd0ca13ecbeca30ef9b26
0003a4d2207462e24fbc711fa1b84533
0049c3960ab98e11db3872a98078b7a6
01675deeb459c0cec6eb6b409698c42a
063d956b55da0d18f3f732c2bbd4bc28
2a4fff0b167654edc7f62a747ea13067
6f58024bfe61351035711f33a2133c40
7b4b44bf6c3d8eb31f14206c0d76c321
7f2d204f197e1205f74de603cba40010
9b83fc25080d542a9fd71bbe0678e593
11fc6ec7cdb93f23c9756a788a4204bc
19d3fcff714d7ffa1e325d46f6ddb8b2
98c185a785f2ac075849336001bc5b9c
206ff97436f3c229502040128bd39bbe
311b665dad3d6ea77225b5a6529a8f0c
338f882d4fc0c2cc96eca6edb1d6a6f0
704f2606b0a12e42046c95e530bf5f38
1920e42d286080cc1ed6272db859e7b5
3432f1cb6be21938be87ad0b12202423
3627fa05f7fb975a4be8392a14474757
7934bede64f6473576e400aefafae2b3
9297a3753ddff6dae048a2a75a42e529
59033b56c99c49a392ed7e653d296375
63086d31bb186abb294a5a737f235098
128068daf917c2df36bccdec97c3b66a
a0fe67385390bab476d9b716f4097907
a2d5f2c28b2b79cf29942f8bdd847a72
a408e30bbd449367291366d337d54f82
af7b3ac1adc4f4d563c75e8583c0f239
b056054c992a386144304f1f3470234c
b5a334d92906f8a85cc86c582d3232bf
b35db7dd042ca92ad7180f6a1e2bdad8
d9e4e16ec9206ba427d280a955248829
d605b5673ca89a767662a4a83662eaa0
d933d00c01d1e0fd2df960e166a1e4b5
d874167ece5528e9e997b60906940afa
e06b0fef08b711f8ba307d1c13cc1b97
ec1698e7900210c642a2772e8d040f8c
ed7fd28bc482d9a822d78f515d18e93c
f5cceb3eea65d0f7ae5a6b62d07cb869
f6d1aa43d40727104f0517c91b117f72
f40affab8ee804a49893fd1df3710622
fb3c42ca1ff0ba96ac146c1672357994

# https://securelist.com/bluenoroff-new-macos-malware/111290/

on-global.xyz

1fddf14984c6b57358401a4587e7b950
3b3b3b9f7c71fcd7239abe90c97751c0
80c1256f8bb2a9572e20dd480ac68759
90385d612877e9d360196770d73d22d6
b1e01ae0006f449781a05f4704546b34
d8011dcca570689d72064b156647fa82

# https://securelist.com/hrserv-apt-web-shell/111119/

b9b7f16ed28140c5fcfab026078f4e2e
418657bf50ee32acc633b95bac4943c6
d0fe27865ab271963e27973e81b77bae
890fe3f9c7009c23329f9a284ec2a61b

# https://securelist.com/ducktail-fashion-week/111017/

cavoisatthu2023asd.com
dauhetdau.com
motdanvoi20232023.com
voiconprivatesv2083.com

04dd228d0b088c4116b503c31de22c1746054226a533286bec3a3d0606d73119
06afd110d91419ece0114a7fdeaeba4e79fbc9f2a0450da8b4f264e4ae073a26
2b3decf08bf9223fb3e3057b5a477d35e62c0b5795a883ceaa9555ca7c28252f
7da7ca7fcbc6e8bc22b420f82ae5756ecd3ad094b8ebcbd5a78a2362eb87b226
64f6cbe9adf91bc4ed457c79643d764a130b0d25364817c8b6da17b03ff91aa7
89f016d32707f096cc8daf674e5a9fc2ba6cf731d610f5303d997fc848645788
655a8ea3bc1baff01639dcdc43a294f8a5dc622e543d8f51e9d51c6eaaae6f6e
1117a93b4b4b78e4d5d6bd79f5f0e04926759558218df30e868464f05bf1bd3d
554353cda0989c3a141c2ab0d0db06393e4f3fd201727e8cf2ed8d136f87d144
69257876e2ec5bdbe7114d6ce209f13afbfddb2af0006a6d17e6e91578966870
ab95f377bf7ae66d26ae7d0d56b71dec096b026b8090f4c5a19ac677a9ffe047
b9a984383a5825868c23bc3afdc70e3af2a56d26d002431940d2429c8e88ace9
ba8eb1a7f18e4cfca7dd178de1546d42ffb50028c8f3f7ba6551f88c11be75db
bde696a0ae901864716320e3111d5aa49cba3b1d9375dce2903f7433a287b2f2
bdf8dea28f91adcba7780a26951abc9c32a4a8c205f3207fd4f349f6db290da7
c6ae36e28668c6132da4d08bca7ceb13adf576fa1dbdb0a708d9b3b0f140dd03
c82b959d43789d3dbf5115629c3c01fa8dd599fbec36df0f4bc5d0371296545a
d03e1a0fce0b112bba4d56380c8d1be671845dd3ed90ec847635ba6015bad84d
d4f10bd162ee77f4778ecc156921f5949cd2d64aab45b31d6050f446e59aed5a
da13db80b0f3c25b512a1692494f303eff1ff1778a837208f79e2f3c81f8192e
f59e2672f43f327c9c84c057ad3840300a2cd1db1c536834f9e2531c74e5fd1c

# https://securelist.com/spyware-whatsapp-mod/110984/


3ssem.com
android-soft-store.com
application-marketing.com
goldnwhats.app
omarwhats.app
watsabplusgold.com
whats-mate.com
whats-mate.net
whats-media.com
whats-mydns.com
whats-mydns.net
whats-vpn.com
whats-vpn.net
whatsagold.app
whatsgold.app
whatsupdates.com

1db5c057a441b10b915dbb14bba99e72
fe46bad0cf5329aea52f8817fa49168c
80d7f95b7231cc857b331a993184499d
cbb11b28d2f79ad28abdc077026fc8f2
19c489bcd11d7eb84e0ade091889c913
3fda123f66fa86958597018e409e42c0

# https://securelist.com/unveiling-lazarus-new-campaign/110888/

admin.esangedu.kr
api.shw.kr
blastedlevels.com
droof.kr
friendmc.com
hankooktop.com
hanlasangjo.com
happinesscc.com
healthpro.or.kr
hicar.kalo.kr
hspje.com
ictm.or.kr
khmcpharm.com
kscmfs.or.kr
kstr.radiology.or.kr
little-pet.com
mainbiz.or.kr
medric.or.kr
muijae.com
new-q-cells.com
nonstopexpress.com
pediatrics.or.kr
pms.nninc.co.kr
safemotors.co.kr
samwoosystem.co.kr
seoulanesthesia.or.kr
seouldementia.or.kr
siriuskorea.co.kr
swt-keystonevalve.com
theorigin.co.kr
ucware.net
vietjetairkorea.com
vnfmal2022.com
warevalley.com
yoohannet.kr

3a77b5054c36e6812f07366fb70b007d
9b62352851c9f82157d1d7fcafeb49d3
9cd90dff2d9d56654dbecdcd409e1ef3
31af3e7fff79bc48a99b8679ea74b589
54df2984e833ba2854de670cce43b823
88a96f8730b35c7406d57f23bbba734d
Ae00b0f490b122ebab614d98bb2361f7
e6fa116ef2705ecf9677021e5e2f691e

# https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

mine.aeon-pool.com
pool.minexmr.com

5.255.86.125
45.9.148.21
45.9.148.36
45.9.148.132

00c9fd9371791e9160a3adaade0b4aa2
04df1280798594965d6fdfeb4c257f6c
090059c1786075591dec7ddc6f9ee3eb
2cdc600185901cf045af027289c4429c
2e2ef6e074bd683b477a2a2e581386f0
6ace7d5115a1c63b674b736ae760423b
18f5ccdd9efb9c41aa63efbe0c65d3db
35fadceca0bae2cdcfdaac0f188ba7e0
41b326df0d21d0a8fad6ed01fec1389f
54dd5c70f67df5dc8d750f19ececd797
120f62e78b97cd748170b2779d8c0c67
506599fe3aecdfb1acc846ea52adc09f
a5d3abe7feb56f49fa33dc49fea11f85
abe845285510079229d83bb117ab8ed6
b28c6d00855be3b60e220c32bfad2535
c04868dabd6b9ce132a790fdc02acc14
c7e3df6455738fb080d741dcbb620b89
d32fa257cd6fb1b0c6df80f673865581
d684de2c5cfb38917c5d99c04c21769a
d64361802515cf32bd34f98312dfd40d

# https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/

0c8e88877383ccd23a755f429006b437
5fc82bd3590eae30c26f1a42f4e711f4
6BA5539762A71E542ECAC7CF59BDDF79
36d142294f1ca4c4768dbe15b6553975
46b892398cfb1a1c59683fc8abfcc5fc
274be1fac3bab38af7483a476a2dea90
333A34BD2A7C6AAF298888F3EF02C186
EB0B4E35A2BA442821E28D617DD2DAA2

# https://securelist.com/triangulation-validators-modules/110847/

527bb38d4716c019b65da64d0f851a70
ac2444e7f7b0a4b084ad8c9ae8ac26c8
adb9e4b7a75eccc37f6941a5cbc7685b
da5d3c0d3ad8df77ff6f331066636e42

6e9cd17fcc8b14cc860ce980c5e919494a10eec9
10509067ba5d9d985e932ea77f089491dee1611d
a5a93e8d48fdef8c02066b9020445b50ebc81a8f
a468613d31c90ac94bbd313bc70c5c6638c91603

7e779a019f250d8cec9761d1230296236a8b714743df42c49ce8daf818d542e7
64f36b0b8ef62634a3ec15b4a21700d32b3d950a846daef5661b8bbca01789dc
c2393fceab76776e19848c2ca3c84bea0ed224ac53206c48f1c5fd525ef66306
ff2f223542bbc243c1e7c6807e4c80ddad45005bcd78a77f8ec91de29deb2f6e

# https://securelist.com/miner-keylogger-backdoor-attack-b2b/110761/

0A50081A6CD37AEA0945C91DE91C5D97
0BEFB96279DA248F6D49169E047EE7AB
1DA8E7C92C86FC8DBAB5287BDCA91CA1
2ac1d8e16e47e97db3c60d728270ad5a
3b2a270b90b3e24a25cc991df40da3ca
3C47D45F09948B8E6FDB5F96523BC60B
4cdbcfa0d6fd2e7de6ec0030cfb2322d
5D3E2B2EE668B2BC071B8D4027C6B8F1
7d0f67343f128d29a50ccd3639b72884
7e09279dcd3655ab1b2e2684746e4bc2
8dcd1e4e37838b49214f10c50ef5a5f0
11ca68ea3500cb03db1f4008d18cb6b2
22f9682e543b94532d46541c63512f2d
51ad216fcb4afe42b9ef01ab472a2914
61d5944634d735c3e6efc3b1349de740
227FA5D690A943114FF3CCFE7977192A
474f517eb23bdfa4c320c091c3eb2dba
769BC25454799805E83612F0F896E03F
830debd1f6d39c726c2d3208e3314f44
1225f4f50154dd49d4853e4efc3ddf77
5919e4e3e06b617d967dc6e8fecb701b
99634dcaca690066187e30c36182bf19
752940da17469330c38ab98d04f3d6b8
a6d4706baeb9ab97490d745f7a2bb11e
A7CDE18F991E97037A7899B7669E2548
a38dece5bcb9f6d1c027d86e0318a60e
A531FE822618B6A917D50BEE001C95A1
AC27DE51896A5BA2FD0DDA9B7955A201
af9327d353b97fd50a777145bc0e8e1e
b2e250b9e3b9d5e6b2080cb782f9698e
b558fa064d0d3f94f5e4c975375cbad1
B747AEDF0F3E4457C6D02BC5AF7C0980
DDAB66730A84583B98D3415F9181D092
DDD12566B99343B96609AFA2524ECEC3
df6f39d30dc5e9f4155514cdefb54620
f0881b3c3d1535685d6190df4083f515