# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://app.validin.com/detail?type=raw&find=SMS+Handler # Reference: https://www.zoomeye.hk/searchResult?q=%22server%3A+hypercorn-h11%22+%2B%22cache-control%3A+public%22+%2B%22window.global+%3D+window%22&page=1&pageSize=50 # Reference: https://www.virustotal.com/gui/ip-address/185.76.66.206/relations # Reference: https://www.virustotal.com/gui/file/425002fd581fdd4330154e0c006fb160f2f49af2a7dd38f7d3d8f9eda25bb6b9/detection http://147.45.42.85 http://185.76.66.206 http://45.82.13.95 http://46.226.167.24 http://5.42.77.147 http://77.221.136.21 http://79.137.202.32 http://81.19.137.10 147.45.42.85:8080 185.76.66.206:8080 46.226.167.24:8080 5.42.77.147:8080 5.42.78.0:8080 77.221.136.21:8080 79.137.202.32:8080 77.221.136.21.sslip.io sms-app.devserver.labbmiljo.se sms-app-dev.devserver.labbmiljo.se sms-app-development.devserver.labbmiljo.se sms-app-production.devserver.labbmiljo.se # Reference: https://www.group-ib.com/blog/ajina-malware/ # Reference: https://app.validin.com/detail?type=hash&find=1a9c98808a547d4b50cc31d46e19045bcd2cfc1b#tab=host_pairs_v2 # Reference: https://app.validin.com/detail?type=raw&find=WIN-PDDC81NCU8C#tab=host_pairs_v2 http://109.107.181.127 http://109.120.135.42 http://109.120.178.192 http://147.45.41.47 http://147.45.78.153 http://178.236.247.255 http://185.106.93.204 http://193.233.133.14 http://45.15.157.38 http://45.15.158.101 http://46.226.160.19 http://46.226.161.11 http://46.226.161.17 http://46.226.161.47 http://46.226.166.220 http://46.226.166.68 http://5.42.73.127 http://5.42.73.196 http://5.42.75.233 http://5.42.87.96 http://5.42.95.185 http://77.105.146.170 http://77.105.146.28 http://77.105.146.65 http://77.105.166.215 http://77.221.137.252 http://77.221.140.16 http://77.221.157.211 http://77.221.157.31 http://77.221.157.8 http://77.232.143.164 http://79.137.197.65 http://79.137.202.72 http://79.137.204.18 http://79.137.205.212 http://79.137.206.180 http://79.137.207.243 http://81.19.137.162 http://81.19.137.94 http://89.169.55.99 http://89.22.239.237 http://92.246.138.79 http://94.228.162.159 5.42.75.233.sslip.io bazaar.top ge.bazaar.top test.bazaar.top # Reference: https://search.censys.io/hosts/45.82.13.95 # Reference: https://app.validin.com/detail?type=raw&find=WIN-BS656MOF35Q#tab=host_pairs_v2 http://103.35.189.44 http://103.35.190.65 http://138.124.184.231 http://138.124.184.241 http://138.124.184.254 http://141.98.168.4 http://141.98.168.82 http://141.98.168.98 http://141.98.168.99 http://141.98.233.14 http://185.234.216.73 http://185.250.151.208 http://185.250.151.214 http://188.127.224.47 http://188.127.227.17 http://188.127.230.189 http://188.127.231.141 http://188.127.237.245 http://188.127.240.2 http://188.127.249.236 http://193.178.210.82 http://194.116.173.208 http://194.165.59.47 http://194.4.48.49 http://194.87.209.208 http://195.123.233.4 http://195.54.33.133 http://217.196.101.145 http://45.137.155.182 http://45.150.65.139 http://45.150.65.61 http://45.150.65.96 http://45.67.229.92 http://45.8.146.146 http://45.8.146.77 http://45.88.77.247 http://46.8.19.146 http://5.34.178.58 http://82.117.252.64 http://89.187.189.205 http://89.187.189.213 http://91.219.150.132 http://94.131.101.138 http://94.131.101.194 http://94.131.102.107 http://94.131.120.122 http://94.232.247.232 http://95.164.34.25 http://95.164.4.234 http://95.164.62.221 188-127-237-245.cprapid.com anastasia.pro appfingercheck.net clickcp.net cllckcp.com mail.cryptohamster.net mail.happyhamster.io mail.happyhunter.io mail.incomehunter.pro mail.netzando.site mail.otrada-a.ru netzando.site pvpbox.delton.ovh