# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: MetaDroid, Hook, Hookbot # Reference: https://www.threatfabric.com/blogs/ermac-another-cerberus-reborn.html 178.132.6.150:3000 185.215.113.42:3000 185.215.113.81:3000 185.215.113.94:3000 # Reference: https://twitter.com/malwrhunterteam/status/1447613589456621569 # Reference: https://twitter.com/malwrhunterteam/status/1506698319992655875 # Reference: https://twitter.com/a1exeremin/status/1447679196042604544 # Reference: https://twitter.com/ViriBack/status/1475455704571985921 # Reference: https://www.virustotal.com/gui/ip-address/185.215.113.100/relations # Reference: https://www.virustotal.com/gui/file/1261e271402ea43f0a51294c7037b6d9da627500ea7e6644f5b9f608f7368928/detection # Reference: https://www.virustotal.com/gui/file/0911af4b050e632cba517adcf27e2550cb5685e8c88cea2ff164ecb0bdc42904/detection # Reference: https://www.virustotal.com/gui/file/81249654f8bdea0a179afe97e7abf7d455f2ef821ea1c24521cecdcc8b7d3bdf/detection # Reference: https://www.virustotal.com/gui/file/f42e34e3f19589895467eb15a73605df302cafd0ed0dedc571308e3ce55f8a78/detection # Reference: https://www.virustotal.com/gui/file/c509ce7942ec45ba33eee473aacc158c5750957a56929bce07f2f31c59b395e0/detection 185.215.113.81:3000 185.215.113.100:3000 185.215.113.100:3434 185.215.113.59:3434 193.106.191.148:3434 ermac.icu fghjngjkjgy.ga /2iq5gqb84krcezxjhl.php /2lsqn0nw5n.php /3nl3.php /5kvoe.php /5yk3j1gowg5c.php /a357na0rnxbw9illf.php /cc3t9t7rdfz8.php /kch7j27y5welfhkzqt.php /lf7xbkvzloig.php /p5ndowme.php /wzv3g0jmiwua.php /x9v8e.php /xxovkl45054m1rmu.php # Reference: https://twitter.com/malwrhunterteam/status/1514928660675014656 # Reference: https://www.virustotal.com/gui/file/fc09f1e1b7fcf70770b0d52c5f203472c10dc98b6717b2f0bc343b5d1947056f/detection # Reference: https://www.virustotal.com/gui/file/c7e7489531d3fa243cd775cfafacefd473f2ae71a3e9cdd5331db60a11198896/detection 194.26.29.28:3434 /0kkl5nd7i2956678a9l.php /1qk5jb1m6l2fka.php /48tznctyvhev920.php /4g1o0.php /5eqr7narx7uarp.php /9b5786npucessoc.php /drg23mwx9.php /edwypp9a1.php /goljim4v58rk782.php /h4ry5wb03lys5.php /i9924d17g.php /kpak1iq09.php /mi0sr3c1qc1qir.php /q9sf5kefkvxt94.php /v6gbc9rsq3q1dt.php /vfcakqx84rt6gwj.php /xirbarg7dz.php /yk1j2r7.php /zfww.php # Reference: https://twitter.com/pmmkowalczyk/status/1516779700953174017 # Reference: https://www.virustotal.com/gui/file/4b4712848697ba87a74eadca39afd93fc22b436647c4186879a19b12fc8ecc88/detection # Reference: https://www.virustotal.com/gui/file/b35a51dd3d07f023f2235772857c8d04ec420e5f8fcf1ef3a416af4400cdb4fb/detection 193.106.191.116:3434 /4ugv0rt87ey1prjrx.php /7919kocnto1lxhulud8.php /8cepqi41rstpl4uv.php /8p2yidc2m8atj8lb.php /cmgiusaew29n0qyd3i1m.php /cq05tmqtkaxft5qv769g.php /f06osvq.php /g89k5v1v.php /gh1ieakq3.php /qfinq.php /qlwgp1d813.php /s56680kc36e1ruhyb.php /tc5gm7omu7en6.php /u5xujynybl.php /utv23m.php /wmzjb4ijh.php # Reference: https://twitter.com/ESETresearch/status/1526897310231322630 # Reference: https://blog.cyble.com/2022/05/25/ermac-back-in-action/ # Reference: https://otx.alienvault.com/pulse/628e4b375bc6bbd74c7b920e # Reference: https://www.virustotal.com/gui/file/2cc727c4249235f36bbc5024d5a5cb708c0f6d3659151afc5ae5d42d55212cb5/detection http://185.215.113.100 http://193.106.191.116 http://193.106.191.118 http://193.106.191.121 http://193.106.191.148 185.215.113.100:3434 193.106.191.116:3434 193.106.191.118:3434 193.106.191.121:3434 193.106.191.148:3434 bolt-food.site boltfood.site /wfxgi.php /gehwonr1ja.php /5xeer7yia3fb0h.php /bjcwnlxnqjq.php /0xdflkzbi.php /15s9gps5jkj0tuzp.php /p2ocy7hfx30vz.php # Reference: https://twitter.com/malwrhunterteam/status/1527732575401304066 # Reference: https://www.virustotal.com/gui/file/59e83ad07fc5944c90d06f8528d32c8cf3bd85da28cd4c4a6161d3413393c60a/detection a2zgstcenter.com design.a2zgstcenter.com files.a2zgstcenter.com fu.a2zgstcenter.com kinkyapp.a2zgstcenter.com onflyfansleaks.a2zgstcenter.com porno.a2zgstcenter.com track.a2zgstcenter.com ys.a2zgstcenter.com /damxvy2x006.php /rrg748vxuxk.php # Reference: https://twitter.com/malwrhunterteam/status/1527985074825732099 # Reference: https://www.virustotal.com/gui/file/f4d18662c927380a2d30eba367fafd3746fa137df499cb50d49e591a420aa95d/detection http://45.141.85.25 45.141.85.25:3434 apkphoto.co.nz /4nep90ruob0vphc.php /78nyseehouzeh05xv98.php /adbo5is6.php /cyl392t.php /f0j0aden00d2n.php /gc3juqpqdcl.php /i9hna3hczxbyqx.php /jlsh5yrqgwxo.php /njz0de7jwqjmeqx.php /sy34cndqt.php /u63suuv3728n8.php /xnp7uhisi.php /zw1zlr4oip6zt53rsbr.php # Reference: https://tria.ge/220713-l3xrtscgdn/behavioral2 45.141.85.29:3434 # Reference: https://www.virustotal.com/gui/file/e75f008435339b5eedf30d49e93a164010c8fce9dc790535cf4fdab23d1bdc79/detection 45.141.85.30:3434 /2cuql1007.php /3strcfz6fzvvdkk86.php /69g567pf.php /gw6zjp39mq9aov42w.php /p42nthjhtt7tv.php # Reference: https://www.virustotal.com/gui/file/042fd9bfb520cfd143d17d0b17982fe8fa598f0877a4d4e2d5b93d68d3280f75/detection 62.204.41.182:3434 /1a7g3gvdsp7zgj9ye9.php /46fjsc5d77c7.php /6d6rfa.php /6w1lw42jwg3jcpycz38d.php /713840vf2wh2p.php /dkt6fwsob9g0afi116.php /do9phtic6b1p.php /fm9kx9zdpybqb7du.php /jcvq6way.php /uol23q.php /uxh4xo.php /vdfy6u9eqabv8qo50y.php /xkwdo.php /zd9je6271tn1jod0spe.php # Reference: https://www.virustotal.com/gui/file/937fde61a2239182fcf4f2d3429e3d691ccea1bab75a1f01d04e7b849f14446f/detection 45.141.85.31:3434 # Reference: https://www.virustotal.com/gui/file/119847544d8d823c2bf7a541f446eb05eec0ca22cb0222583fdca173ace25074/detection 45.141.84.92:3434 /19m9op5.php /hbqr3kez6gcd87.php /j7nr3wg6slk7ed9ab41.php /k00fejs2rbvxmv.php /nnfuf72mfwfp4u3hga62.php /pbzcd4xy09a.php /su6hftlfphhc.php # Reference: https://twitter.com/0xrb/status/1564222855830597632 # Reference: https://www.virustotal.com/gui/file/4ee64040dca285932d0533ef2f5715445347783dc941ad93465d632a8e25f00a/detection http://62.204.41.98 62.204.41.98:3434 # Reference: https://twitter.com/r3dbU7z/status/1564501672340197376 http://108.61.166.245 http://194.26.29.28 http://20.249.63.72 http://213.226.123.8 http://216.238.71.179 http://45.141.84.92 http://45.141.85.29 http://45.141.85.30 http://45.141.85.31 http://62.204.41.182 108.61.166.245:3434 194.26.29.28:3434 20.249.63.72:3434 213.226.123.8:3434 216.238.71.179:3434 45.141.84.92:3434 45.141.85.29:3434 45.141.85.30:3434 45.141.85.31:3434 62.204.41.182:3434 # Reference: https://twitter.com/0xrb/status/1564546929110835200 http://51.15.150.5 51.15.150.5:3434 # Reference: https://twitter.com/AuCyble/status/1580552579452313600 # Reference: https://www.virustotal.com/gui/ip-address/103.109.101.137/relations apk-combos.com app-vidmate.com app-vidmates.com app-vidmates.link m-apkpure.com m-apkpures.com paltpal-apk.com snacpchat-apk.com tlktok-apk.link vidmate-apps.com vidmates-app.com vidmates-apps.com vidmatesapp.com # Reference: https://twitter.com/malwrhunterteam/status/1595130983061553152 # Reference: https://www.virustotal.com/gui/file/387c41679ac3de139fd175e22ba4f8019eb82d5125a2c9ac26e3f2b3ee4519e1/detection wifi-autorisation1.com # Reference: https://twitter.com/malwrhunterteam/status/1603105701278240769 # Reference: https://www.virustotal.com/gui/file/8c89fa9a0d6656b60ac91018a1feff58945b07e560b549a8f56440a2d00377d7/detection 176.113.115.66:3434 # Reference: https://www.threatfabric.com/blogs/hook-a-new-ermac-fork-with-rat-capabilities.html # Reference: https://www.virustotal.com/gui/file/768b561d0a9fa3c6078b3199b1ef42272cac6a47ba01999c1f67c9b548a0bc15/detection # Reference: https://www.virustotal.com/gui/file/8d1aabfb6329bf6c03c97f86c690e95723748be9d03ec2ed117376dd9e13faf0/detection 193.233.196.2:3434 5.42.199.22:3434 # Reference: https://www.virustotal.com/gui/ip-address/63.250.60.42/relations # Reference: https://www.virustotal.com/gui/file/23536a2a04baf0f2432e38faf71d8480c308429c4c9ba6d03157b35672df7ed5/detection # Reference: https://www.virustotal.com/gui/file/99397c9a53400130039479da2e8064daf0afcca71ef237d0d2c1f029d445f16f/detection evjvrrxkgrohvbmogcjl.net mcoxxpqxysmvsmbiqxjx.net # Reference: https://twitter.com/malwrhunterteam/status/1631638354088407040 # Reference: https://www.virustotal.com/gui/file/0756fbd9ecb958b7a3615ea9e6b78c0e2a66d33bd13c8af565bc5358f69fa0ee/detection 176.100.42.11:3434 directlink.info # Reference: https://twitter.com/0x6rsk/status/1634185009798971397 # Reference: https://www.virustotal.com/gui/file/a86e95eb058725eeaa326655208e1fe4e70140303be07fc3bc92f01bca7aa1d6/detection 35.91.53.224:3434 # Reference: https://twitter.com/Gi7w0rm/status/1641570957352488961 # Reference: https://twitter.com/Gi7w0rm/status/1641603152607694848 # Reference: https://twitter.com/Gi7w0rm/status/1641604541677223936 http://176.100.42.11 http://91.215.85.23 canamacan.sc.ug # Reference: https://twitter.com/0xrb/status/1641700350372478976 http://185.186.246.69 http://5.42.199.22 # Reference: https://twitter.com/jstrosch/status/1645874394684858368 # Reference: https://www.virustotal.com/gui/file/45a3846d33e39937fc3211675bc9a2a3b2634af80edec629b89f3ea27a5c0b93/detection # Reference: https://www.virustotal.com/gui/file/0399d5868f1c7ace8585daba2b93d794a19dd354f95a2c5ae0bc870237c9eb37/detection http://91.215.85.37 91.215.85.37:3434 # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ http://45.93.201.92 http://91.215.85.223 45.93.201.92:3434 91.215.85.223:3434 91.215.85.23:3434 # Reference: https://twitter.com/TLP_R3D/status/1646228697156812821 http://141.8.199.8 http://46.173.218.30 # Reference: https://twitter.com/0xrb/status/1679746515969929216 http://91.228.10.228 # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ http://176.113.115.66 http://176.113.115.67 http://5.42.199.3 http://5.42.199.91 http://92.243.88.25 # Reference: https://twitter.com/ReBensk/status/1695321207766127094 # Reference: https://www.virustotal.com/gui/file/5fa1399f06c9670d9b84b9539bfb9fb0d5a6b770c620e080a3676cef94132476/detection http://185.225.75.134 185.225.75.134:3434 # Reference: https://threatfox.abuse.ch/ioc/1152268/ 94.156.253.67:3434 # Reference: https://twitter.com/ReBensk/status/1696561384325107792 # Reference: https://www.virustotal.com/gui/file/75839d42036039ce7f2569ea73a6e3ee32bf2b4a54b5e08c6a467a3412c6592a/detection http://176.111.174.191 176.111.174.191:3434 # Reference: https://twitter.com/karol_paciorek/status/1696786262831628510 http://195.3.223.232 http://81.161.229.188 # Reference: https://www.virustotal.com/gui/file/f642d2c6a70828028e0f3f7e9b9a87537c6556870cdf4602ee992091040a1850/detection http://84.32.214.56 84.32.214.56:3434 # Reference: https://research.nccgroup.com/2023/09/11/from-ermac-to-hook-investigating-the-technical-differences-between-two-android-malware-variants/ http://165.232.78.246 http://176.113.115.150 http://193.56.146.176 http://20.108.0.165 http://20.210.252.118 http://31.41.244.187 http://35.90.154.240 http://35.91.53.224 http://45.159.248.25 http://45.81.39.149 http://62.204.41.94 http://68.178.206.43 http://91.213.50.62 165.232.78.246:3434 176.113.115.150:3434 176.113.115.67:3434 185.186.246.69:3434 193.56.146.176:3434 20.108.0.165:3434 20.210.252.118:3434 31.41.244.187:3434 35.90.154.240:3434 45.159.248.25:3434 45.81.39.149:3434 5.42.199.3:3434 5.42.199.91:3434 62.204.41.94:3434 68.178.206.43:3434 91.213.50.62:3434 91.215.85.22:3434 92.243.88.25:3434 # Reference: https://twitter.com/FalconFeedsio/status/1709547350132207851 http://45.12.253.5 http://45.12.253.58 # Reference: https://twitter.com/ReBensk/status/1712854745545674788 # Reference: https://www.virustotal.com/gui/file/d1050b5efcab3f70e633683313c363dfcb51afc126f448bc1729da8ab533a0b5/detection http://185.216.71.89 185.216.71.89:3434 # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2023-11-01) http://109.107.189.6 http://82.147.85.136 http://94.131.111.119 82.147.85.136:3434 94.131.111.119:3434 whereisyours-toporder.com whereisyoursnewtoporder.com # Reference: https://twitter.com/g0njxa/status/1720397731389124632 http://161.35.235.125 http://176.124.223.83 http://176.57.212.219 http://178.23.190.21 http://185.216.71.23 http://185.216.71.59 http://185.254.37.233 http://185.254.37.235 http://193.46.56.124 http://194.180.48.154 http://195.123.217.94 http://195.201.199.60 http://195.201.85.41 http://199.101.135.49 http://20.39.184.218 http://34.29.18.72 http://45.66.230.72 http://82.147.85.73 http://87.98.185.14 http://91.215.85.153 http://91.222.236.50 http://91.242.229.247 http://91.92.245.80 http://91.92.249.18 http://93.123.118.226 http://94.156.253.67 http://94.156.6.199 http://94.156.64.181 http://94.156.67.47 bravevikingser.xyz connctect-apge.top domian-page.top servace-porduct.top # Reference: https://www.kruse.industries/l/lad-os-analysere-android-hookbot/ # Reference: https://www.virustotal.com/gui/file/fec316401667b5076a93fd4c1357711390cd79eeb581e644e3b8b9e7a465504a/detection 9ucnuacw9lfmfx39ucnuacw9lfmfx3.cpd.capital app-unsivap.com.kz pari-usdt-hediye.xyz uodkboueawujb8euodkboueawujb8e.canawrx.com # Reference: https://threatfox.abuse.ch/ioc/1198904/ 91.92.240.173:8082 # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2023-11-25) http://193.233.255.253 http://79.137.207.52 http://89.116.227.245 http://91.92.246.222 # Reference: https://twitter.com/noexceptcpp/status/1730216419286008224 http://101.99.93.156:81 http://103.241.66.221 http://104.248.168.233 http://109.107.189.97 http://129.159.153.218 http://13.215.161.69 http://134.255.233.83 http://137.184.166.159 http://137.184.197.138 http://141.98.233.124 http://143.110.185.89 http://143.198.10.18 http://144.76.254.11 http://152.89.198.96 http://154.194.53.21 http://154.204.60.134 http://154.204.60.34 http://154.82.81.80 http://157.7.114.81 http://158.220.105.223 http://158.220.117.52 http://158.220.117.53 http://158.220.117.55 http://159.100.6.50 http://159.69.146.11 http://160.20.108.242 http://163.5.169.19 http://163.5.169.41 http://163.5.64.17 http://163.5.64.19 http://163.5.64.20 http://163.5.64.24 http://163.5.64.31 http://163.5.64.32 http://163.5.64.46 http://163.5.64.47 http://163.5.64.9 http://164.92.103.220 http://164.90.149.96 http://167.235.66.122 http://172.201.108.245 http://178.130.132.106 http://18.141.3.52 http://18.142.44.78 http://185.221.67.10 http://185.229.224.110 http://185.243.181.12 http://188.120.239.67 http://188.120.240.217 http://192.129.227.114 http://192.129.227.115 http://192.129.227.116 http://192.129.227.117 http://192.129.227.118 http://192.236.160.70 http://193.164.4.109 http://193.164.4.15 http://193.164.4.60 http://193.233.254.19 http://193.233.254.49 http://193.233.254.5 http://194.146.38.53 http://194.26.192.208 http://194.33.191.111 http://194.33.191.166 http://194.33.191.229 http://194.33.191.230 http://194.33.191.250 http://194.33.191.251 http://194.33.191.6 http://194.49.94.115 http://2.57.149.227 http://20.121.46.232 http://20.163.83.232 http://20.195.201.245 http://20.84.147.169 http://202.79.172.225 http://202.79.172.236 http://205.234.244.2 http://207.148.29.161 http://207.32.217.248 http://212.118.38.66 http://217.197.107.103 http://23.101.206.34 http://34.105.53.125 http://37.247.108.171 http://37.27.22.85 http://38.242.145.226 http://40.67.240.145 http://43.153.104.62 http://43.207.241.87 http://45.11.181.156 http://45.131.2.163 http://45.138.16.58 http://45.139.199.175 http://45.67.229.93 http://45.77.254.142 http://46.243.182.63 http://5.161.193.194 http://5.178.111.176 http://5.199.162.52 http://5.42.92.177 http://51.161.10.33 http://51.79.235.44 http://64.176.214.26 http://67.205.180.81 http://74.234.241.205 http://74.235.136.117 http://77.91.68.160 http://77.91.97.191 http://8.222.253.218 http://80.66.85.141 http://80.66.87.245 http://82.115.223.175 http://85.209.176.188 http://85.209.176.197 http://85.209.176.200 http://85.209.176.206 http://85.209.176.208 http://85.209.176.210 http://85.209.176.23 http://85.209.176.38 http://85.209.176.40 http://85.209.176.47 http://85.209.176.49 http://85.209.176.54 http://85.209.176.63 http://87.120.8.73 http://87.248.157.219 http://87.98.147.251 http://89.111.140.161 http://91.107.122.180 http://91.215.85.139 http://91.215.85.177 http://91.92.240.22 http://91.92.241.131 http://91.92.241.135 http://91.92.242.104 http://91.92.242.233 http://91.92.246.144 http://91.92.248.224 http://91.92.250.39 http://91.92.254.28 http://94.131.106.86 http://94.156.68.201 abisasgagsre.com akjsdhkjashkjahd.online akjshdkajshdajksh.xyz akoskdoaksodaksokadk.pro aksjdcbkjahskjaskj.store ayrsydtrasytdrayst.shop bc1q0j2ytw8wx5rqszcfenx58lhhx69rz6.com bc1q9pzt5xa0pq3tujr7qv4x0pwqs23tev.com bc1qf2gsq2t2juuwjwyq9j74kk8wcqspx8.com bc1qm34lsc65zpw79lxes69zkqmk3ewgg2.com cascscascdcascascdsd.info crytobullfreesg.com dasdasafasdcsacas.xyz fdgdgdfgdfgfg.top gozneajans.com jsdnkajsndksan.com kalkankaplangel.com karamallekaratta.com kmaksmdkasmdkams.top offers25942.xyz qweqweqweqweqwq.info rvrfvfvrfvfvrfvrrfv.life tafstdatfsdtafsdtfa.life vsdcvsdvdvdsvddvs.xyz web-rak.online xsqaeddmckcncjdkmoqncjdl.store yagysgyagsyagsygas.top # Reference: https://twitter.com/ValidinLLC/status/1730713363557069166 # Reference: https://app.validin.com/axon?source=DNS&type=ip&find=185.216.71.94 # Reference: https://app.validin.com/axon?&type=ip&find=194.33.191.55 # Reference: https://app.validin.com/axon?&type=ip&find=45.12.253.37 # Reference: https://www.virustotal.com/gui/ip-address/185.216.71.94/relations # Reference: https://www.virustotal.com/gui/ip-address/194.33.191.46/relations # Reference: https://www.virustotal.com/gui/ip-address/194.33.191.55/relations # Reference: https://www.virustotal.com/gui/ip-address/45.12.253.37/relations # Reference: https://www.virustotal.com/gui/ip-address/79.110.48.33/relations ahsdahksjdhak.hk aisdhasjhdakshj.online aiusaiuasihauszxczx.com aiusdausidhiasuhdia.com aksjdhaksjhkdajhksjhdkajdhs.hk aksjdhaskjdasjkhdsa.online aksjdhsakdhakjshd.online alskdjalskjdalsjkd.pw alskjdlkasjlkjadljs.hk aosdjaosidjoaisjdisoa.store asdaasdasjknasknxja.online asdasdasdasdasacsca.online asdasdasdasdasad.pw asdasdsdasdasdsxax.online asdaxasxascaszc.life asddassasdasdas.hk asdhkasjhdkajhs.co.uk asdkjshdakjshdkajs.hk asdsadasdasadsa.online ashiasodjasoidjaso.top askjdajksdhas.site askjhksajhkajhskajhsa.hk askodkasoaskdas.hk asqasqwsqasqwdqwd.hk asuydtuyastduayst.space asydgauysgdausygas.tech audhsiuhuisahdsu.pics auystduayuayst.site aysgduyasgduyas.store basdbjabsjdbas.pw cascacascascascascas.hk cascascascascasca.fun cascascsacascascasca.shop cascazxaxasxasxas.top cascsasacsacascasca.pics cxzcxcqsczazcazca.hk daisjdaosjdoasijdaosidja.hk dcwdcsdcsdcsdcdscsdcs.hk ecaascsacsacascascas.top ewfefwefwefwefw.biz fvfvfvfvfsdvsdvsdvsd.hk hanabero12873612.hk hanabero18726g.hk hanabero901892.hk hausdhuashdauhs.biz iausgdiasdugas.pw iohaihsodihasoihdao.hk iuhiuhiuhiuhuihiuiuh.hk jadisjdiasjdias.lol jahsdhaskdjaskjh.hk jutebostis.hk kagsdkjasbaj.online kmokmoknonounoun.store kmsadoasdkasodkma.lol kokmokmokokmokmok.hk lglglglglgllglglgl.hk lkansldkaslkndaslkna.site majsmasmdanasdas.hk makmkamakmak.hk maksmkamkmask.top mjakajjsgasyvbiab.life mjamjamjijsns.life mkalsdkasndlaskas.space mkamakmkamakm.pro mkaosdmaosmad.shop mkmakmakamka.online mksdasdoasdkma.tech mnbanbsdmnabs.info mokasmdoskada.hk nijuanijanai.hk oiuqwqdasdasdas.life projuthinjitsu.hk qwdasdaqwdas.hk qweqwdqwdqdwdq.store qweqwdqwdqwdqwdqw.pro qweqweqwdqwrrqwrqd.tech qweqweqweqweqweq.tech qweqweqweqweqwewww.hk qwsqwsqwswssswww.hk raarsrsassrasrsarsa.hk rfrfrfewrwrfrwrfwrwe.pics ryertyetretretre.shop swwwwwwwwwwwws.hk tasjhkasjnsajas.top tfutfutfuutfuf.pics theiuaiusiuaiumlmlm.com toabmauagvakshla.life tujingudujnji.hk tujrnysinajsjs.online tyabahasoba.info tyastdyaaoskdaosk.hk tyuytauytsuyatu.shop uahhuahauhuah.info uiaydiausydiuasyd.store utaisuabmnabsask.live utasuoidasuiadusipa.pro wdawdawdawdawd.pro xasxasxasxasxasx.shop xasxasxasxazxasxaz.pw xasxxxxxasxas.xyz xmxmxmxmxmx.hk xsxasxasxasxasxas.site yahajhjaskhjhasdas.site yanasohasdgasdnaosi.com zcasscasszcasz.site # Reference: https://twitter.com/ValidinLLC/status/1730713363557069166 account-bendigo.com alvarezconstructionri.com connexion-anytime.com davi-vienda.com dextools.ws ewszsw.art home-bendigo.com konta-nest.com pinxin6686.site precisionrenovationri.com ramp-web.com us-brave.com us-paymetech.com us-synchrony.com vp4.xyz web--sabadell.com web-1horizon.com web-allianz.com web-asb.com web-bankinter.group web-block-chain.com web-blockchain.net web-desjardins.com web-fnb.com web-inetesapaolo.com web-intesapaolo.com web-kbcportal.com web-nbg.net web-populaire.com web-postbank.group web-sabadell.com web-sofiopen.com web-targo.de web-uniswap.org web-verstapay.online web-viewer.team web-wells.com web-wisse.com # Reference: https://www.virustotal.com/gui/ip-address/81.161.229.174/relations aksjdhaksjhdakj.fun asdasdasaxsasxasxas.com axjdhaxjhdakj.com kmaskoasmaicmsocmas.site mansmansmnasmnas.hk mkasmockasocaksmoka.in.net qweqweqweqweqw.site raeaedadadedae.pw tftftftftfaffaftatfatf.hk uaitsdytasydas.pw vrrvsvsrsrvsrvs.fun # Reference: https://app.validin.com/axon?source=DNS&type=ip&find=185.252.179.12 adonisnode.com asceaecacscea.top asdbkjabsdabkjb.site asdiugsauidhassda.net asdygasyudtgasgy.site asjdhkasjhda.xyz askjdaskjgdaskjas.org askjhdasjasl.net autsgduaysgdasgu.shop aysvduaysbasjxksnxoasnxoa.cloud bavtsudaysgiuhdaosij.site browserve.net carebuster.net corpbold.com deckplaces.com erqytuwioqewuqw.bond erqytuwioqewuqw.digital erqytuwioqewuqw.top ewmkalomcasc.club fulneruajnclo.com iqgqnaaksnlaksa.space juanjjaknclm.club juliudinjutyruncj.xyz kalamankija.pw klaunsgasjnah.buzz krasnajadiraska.site ksmkldaksmaosdmaoskmad.pics kulijanovatovadownload.net maksmdkamskdmaskm.life mkamksmakmsk.top mkaosdkasdbasidbas.life mkasdlaskmdaskadlask.life mnamsndasnka.life muqthanusjnaiqnq.net myytasdtfasydtfaysfdast.net nuvuvtabke.info oasdoasjoa.top oiuaoisudoiasassa.top ojmaakjkjanasjj.fun pacificabsin.com placeoneworld.com qnktnascoadcs.info rytauyisuoipoasibhdgv.online silizibidinim.com souptopic.com splashaplus.net stintumikaslas.online tanjunjusnajja.com taskbaskdasjbka.top tuhncjamujanams.com tuhncjamujanams.info tujinlos.club turjinnakjaks.online turkeymaljorka.tech turnhyjanjajhsnn.club turnhyjanjajhsnn.info turnuajnxkaktaua.top tuyuijnsijajjjsnm.net tyasydtauystiauds.info uasyasiudasjjodaasa.monster ygasdsyugiasdgiuasiu.org ynajuananmqyaa.info yndjtrahnasjjsh.life # Reference: https://www.virustotal.com/gui/ip-address/193.42.33.132/relations asdasjhdgasjhdgas.hk asdhaskhjdksjahdkasjdhaksj.hk asdsasdascccc.pro mkamkmakmsmmm.lol qssxsqxaqxqazxaq.hk qwodhqowidhoqiwdh.tech shdiuvhisudvhuishvdiud.hk # Reference: https://twitter.com/banthisguy9349/status/1730895048621887682 http://178.16.129.88 http://195.35.11.135 http://89.116.227.245 # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2023-12-07) http://194.33.191.18 http://207.244.246.192 http://45.81.224.129 http://54.238.196.57 http://78.153.130.36 http://91.206.178.182 http://91.242.229.199 138.201.128.124:81 tableaupubsecday.com tehavi.com gallery.tableaupubsecday.com # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2023-12-08) http://103.12.148.35 http://104.233.210.167 http://107.173.140.104 http://163.5.64.73 http://172.174.214.137 http://173.254.235.53 http://193.149.189.240 http://195.85.207.218 http://212.224.88.253 http://4.236.181.235 http://43.243.73.167 http://45.77.170.174 http://62.197.49.1 http://64.227.149.69 http://66.29.133.55 http://91.92.252.193 http://95.214.177.39 ifisoundyou.gq shadow.schatten.ir # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2023-12-12) http://163.5.210.89 http://178.236.246.181 http://82.137.209.200 http://85.209.176.150 104.233.210.167:8082 104.247.166.167:8082 154.91.82.107:8082 18.141.3.52:81 194.33.191.18:8082 20.55.110.193:8082 212.224.88.253:8082 217.197.107.103:8082 38.242.145.226:8081 47.245.115.42:8082 5.8.41.35:8082 64.227.149.69:8082 91.242.229.199:8082 91.92.250.212:8082 95.214.177.35:8082 # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2023-12-24) http://143.198.138.49 http://194.163.175.12 http://194.87.31.216 http://213.159.209.194 http://217.28.221.80 http://23.27.120.116 http://51.116.104.192 http://87.121.87.60 http://87.121.87.61 http://91.109.188.11 bahrain-fine.org film-studio.info ger01.vpnbite.com livraison-douane.com loyaltyben.com m-sendungsverfolgung.org mein-kontoauszug.net rb-n-clk.online serpost-track.com track-parcels.org vf2gkzq1lw9.c.updraftclone.com vmi1543279.contaboserver.net webmail.agdetails.com # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-03) http://139.162.33.94 http://149.28.73.166 http://165.232.153.139 http://173.249.46.253 http://185.250.210.93 http://46.190.144.131 http://69.197.142.85 http://91.107.127.226 91.92.244.42:9087 conspiracynomad.fvds.ru movil-bancsabadell.com rb-an-clk.org s-paketverfolgung.com undiny.ru x-paketverfolgung.com # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-05) http://118.107.43.36 http://118.107.43.66 http://118.107.43.86 http://135.148.144.188 http://152.89.198.187 http://158.160.76.97 http://159.65.52.64 http://178.236.246.210 http://181.215.49.104 http://181.215.49.105 http://184.94.212.153 http://193.201.9.62 http://193.233.254.183 http://194.33.191.188 http://194.33.191.202 http://194.33.191.54 http://199.247.21.128 http://34.203.226.105 http://37.230.112.206 http://38.242.209.185 http://43.129.215.239 http://45.76.87.78 http://45.77.68.120 http://64.227.41.169 http://77.91.68.183 http://80.108.50.31 http://80.87.197.162 http://88.99.210.25 http://89.111.137.14 http://91.107.124.12 http://91.107.127.88 http://91.92.245.159 http://91.92.249.240 http://91.92.250.211 http://91.92.251.71 http://91.92.255.30 http://92.63.106.153 4-72-seguimiento.com avtokuba.ru ceifador.benzetacil.com eurolub.ec4you.at flintton.ru info-ibercaja.com invadersec.com ladyrai.site my-package-tracking.net openbank-dispositivo.com rb-an-clk.online reksiaeksinov.fvds.ru # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-06) http://13.213.38.230 http://178.130.132.247 http://198.186.130.12 http://207.148.29.229 http://51.103.216.212 http://91.92.251.140 http://94.250.252.21 13.213.38.230:82 88.99.210.25:8082 app.to-kgb.ru server289.mukhost.uk # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-09) http://104.233.210.104 http://119.160.235.239 http://119.160.235.251 http://13.213.38.230:81 http://149.154.70.118 http://173.249.59.190 http://176.123.168.117 http://176.123.168.211 http://185.211.170.96 http://54.211.212.149 http://79.174.13.18 http://91.224.92.176 http://91.92.240.134 http://91.92.249.143 http://91.92.255.80 api-encar.nibiru.pro bitrix.avtokuba.ru mebadboy.fvds.ru o-paketverfolgung.com reksiaeksinov1.fvds.ru znwfb3.buzz # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-11) http://193.233.132.35 http://20.55.233.193 http://79.137.203.29 http://91.107.124.135 http://91.92.241.235 http://92.118.113.12 18.141.3.52:83 79.133.180.197:8082 foxee5.cfd hilfe-konto.com jino57.fvds.ru karasergkaravaev4.fvds.ru mqrmtohl90.za.com nanafb3.sbs nowseacoin.top vasvasniks5.fvds.ru yiyidh21.sbs yiyifb4.cfd # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-16) http://154.204.60.236 http://176.123.169.240 http://185.146.157.121 http://193.222.96.25 http://23.224.102.158 http://38.207.178.212 http://38.60.205.80 http://45.88.79.168 http://5.182.87.142 http://54.151.255.201 http://81.19.137.68 http://82.115.223.84 http://82.146.35.250 http://91.107.127.141 http://91.108.240.144 http://91.224.92.195 http://91.224.92.201 http://91.224.92.211 http://91.92.255.110 http://95.181.151.119 104.243.248.73:8088 54.151.255.201:81 54.151.255.201:82 91.224.92.211:8082 animegalaxys.com foxee4.cfd htmljys.morebit.top jadu.vip morebit.top muoujiejump2.sbs rb-c-clk.online sc.zhanshizhan.top spacestar.su suivre-mon-colis.com track-my-parcel.org vasvasniks6.fvds.ru vpv.xj6.top zhanshizhan.top # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-01-23) http://104.131.162.146 http://143.244.191.193 http://149.154.69.190 http://159.100.22.120 http://185.172.128.82 http://185.186.25.92 http://185.250.243.209 http://2.59.119.102 http://20.75.90.103 http://212.98.224.58 http://45.141.85.181 http://45.141.85.216 http://45.87.80.164 http://46.29.239.26 http://78.111.89.2 http://86.110.194.125 http://91.107.125.148 http://91.224.92.194 http://91.92.244.124 http://91.92.244.195 http://91.92.246.195 http://91.92.255.52 http://93.123.39.107 http://93.123.39.169 http://93.123.39.4 http://93.123.39.77 http://93.123.39.85 http://93.123.39.86 http://94.228.162.140 http://94.250.253.1 http://94.250.254.234 5.189.132.250:3000 54.255.57.58:82 africankido.design artre3.fvds.ru beta.to-kgb.ru emileewang.autos ff.africankido.design ipmotinov.fvds.ru jakobtaylor.autos karasergkaravaev2.fvds.ru karasergkaravaev5.fvds.ru karasergkaravaev6.fvds.ru kasenmeyer.autos mail.spacestar.su matthiasellison.autos nickbaseev.fvds.ru nickbaseev5.fvds.ru polina.to-kgb.ru reksiaeksinov2.fvds.ru reksiaeksinov5.fvds.ru # Reference: https://www.virustotal.com/gui/ip-address/185.225.73.88/relations ararararararararssarar.hk asdadassadsdas.xyz maksmkamkmask.buzz papakppakpkakpa.hk uyuyasyaguysauyas.co # Reference: https://www.virustotal.com/gui/ip-address/94.156.6.213/relations azmlakpqkmc.life liutexhutujuva.us tujinlos.info tujinlos.xyz turjnvycewsgth.com # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2024-01-24) http://149.100.138.254 http://185.221.198.98 http://185.224.81.252 http://185.98.61.220 http://193.233.254.64 http://20.199.14.181 http://49.13.130.129 http://5.42.92.98 http://77.105.146.199 http://79.143.182.133 http://87.229.6.192 http://87.98.185.175 http://89.23.100.205 http://89.23.101.149 http://91.92.250.190 http://91.92.251.172 http://91.92.255.136 http://93.123.39.140 http://93.123.39.87 http://93.123.39.88 193.233.255.253:8080 # Reference: https://twitter.com/malwrhunterteam/status/1753507959693266994 # Reference: https://twitter.com/noexceptcpp/status/1753511093543055767 # Reference: https://www.virustotal.com/gui/file/a1bd86e9e73975336fbeb9d1681145ffc6760b9d7756d0f84a07f88e92971e93/detection http://185.172.128.82 185.172.128.82:3434 1080-prono.com # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2024-02-03) http://114.29.236.137 http://154.53.166.167 http://163.5.210.87 http://164.68.119.38 http://18.139.243.205 http://18.159.210.80 http://185.117.152.159 http://185.237.14.236 http://185.78.76.159 http://193.149.187.48 http://193.233.254.10 http://193.233.254.138 http://194.36.88.211 http://195.85.114.206 http://37.60.235.110 http://38.180.94.161 http://45.128.96.110 http://45.128.96.121 http://45.128.96.170 http://69.87.216.87 http://81.28.6.17 http://82.115.19.151 http://89.23.102.60 http://91.92.244.23 http://93.123.39.170 http://93.123.39.235 http://94.156.144.48 http://94.156.67.102 http://94.156.67.103 http://95.111.238.79 http://95.181.151.118 93.123.39.235:8080 # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-02-04) http://149.154.65.14 http://154.12.30.64 http://154.223.21.23 http://172.205.202.156 http://178.236.247.158 http://185.172.128.131 http://185.172.128.4 http://185.172.128.60 http://185.172.128.85 http://185.172.128.91 http://185.209.29.72 http://185.93.69.149 http://188.119.112.49 http://193.106.175.43 http://193.233.254.106 http://193.233.255.105 http://20.0.100.134 http://20.236.74.148 http://20.77.15.101 http://212.109.195.164 http://3.72.85.14 http://37.46.130.210 http://42.96.11.30 http://45.133.36.153 http://45.134.26.33 http://45.55.70.10 http://45.87.153.107 http://5.42.67.88 http://5.42.67.89 http://62.109.30.102 http://64.23.149.139 http://86.38.204.153 http://88.218.60.150 http://91.92.244.215 http://92.246.136.53 http://94.156.66.187 http://94.156.66.227 http://94.156.67.156 154.198.245.50:8082 172.94.4.158:8088 194.195.245.97:8082 195.10.205.18:8082 195.85.207.219:8082 20.90.160.195:8082 207.180.224.118:8082 3.1.206.216:8001 3.72.85.14:8001 3.76.253.201:81 31.210.50.162:8082 31.42.190.137:8082 45.87.153.107:443 45.87.153.107:81 54.255.57.58:81 91.92.249.240:8082 94.131.113.192:8082 95.164.2.178:50555 356142.fun asp.keyshape.net evgenytchurakin.fvds.ru karasergkaravaev1.fvds.ru karasergkaravaev3.fvds.ru nextpg.cfd nickbaseev1.fvds.ru nickbaseev4.fvds.ru nl1.nextpg.cfd omgs.asia ramzanlee.fvds.ru servertgbotvds.fvds.ru sleepyawn2.fvds.ru taobao7737.com tsola256.com # Reference: https://www.virustotal.com/gui/ip-address/185.216.70.224/relations http://185.216.70.224 # Reference: https://www.virustotal.com/gui/ip-address/185.216.70.225/relations http://185.216.70.225 # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2024-02-12) http://113.30.191.40 http://164.215.103.171 http://176.113.115.243 http://185.172.128.88 http://185.194.216.22 http://185.221.198.84 http://185.250.45.130 http://193.222.96.48 http://194.48.251.184 http://20.151.153.84 http://20.241.69.111 http://4.178.96.222 http://5.42.92.165 http://77.232.130.4 http://83.97.73.229 http://89.23.97.83 http://94.156.68.253 http://94.156.68.254 http://98.66.153.174 108.62.49.215:88 20.241.69.111:8080 # Reference: https://threatfox.abuse.ch/browse/malware/apk.hook/ (# 2024-02-12) http://104.234.240.231 http://144.76.203.197 http://149.28.148.246 http://150.107.201.68 http://154.91.83.247 http://185.172.128.148 http://185.216.70.117 http://185.216.70.118 http://185.216.70.119 http://185.216.70.224 http://185.216.70.225 http://191.7.32.19 http://194.26.192.66 http://194.48.251.140 http://20.6.81.237 http://206.189.130.11 http://31.44.2.39 http://34.107.114.24 http://34.141.15.123 http://35.246.175.130 http://35.246.183.49 http://45.61.166.149 http://62.109.15.32 http://62.109.6.164 http://62.210.130.233 http://62.72.32.226 http://77.73.129.77 http://85.202.160.192 http://89.23.103.187 http://91.92.254.225 http://92.63.104.174 http://93.123.39.215 http://93.123.39.249 http://94.156.69.93 http://94.177.106.44 http://95.181.173.164 http://95.216.123.85 13.212.79.65:443 185.216.70.224:8082 185.216.70.225:8082 185.78.76.85:443 193.233.254.64:50555 3.79.194.172:443 77.73.131.54:50555 79.137.207.154:50555 93.123.39.152:50555 93.123.39.192:50555 93.123.39.225:50555 056hg568786.f4r5t5y8hh8.click 883217.cc android.l3harris.pro d.kfaaa.top dev.racun.app dgaf.catboy.me erp.topixtechnology.com evgenytchurakin2.fvds.ru evgenytchurakin4.fvds.ru f4r5t5y8hh8.click grinevitchnicolas.fvds.ru hookqd.tttseo.com karasergkaravaev.fvds.ru kfaaa.top l3harris.pro nickbaseev6.fvds.ru ok.chicecon.com pegasus.chicecon.com photopoiskvk.pro reksiaeksinov4.fvds.ru taojszxz.com tsaojzhn885.com tsaojzuv225.com tsaojzuv455.com tttseo.com webmail.jettresponse.com # Reference: https://twitter.com/banthisguy9349/status/1757464973867917424 # Reference: https://pastebin.com/R6v4TUX1 http://185.216.70.107 http://185.216.70.198 # Reference: app.validin.com/axon?source=DNS&type=raw&find=HOOKBOT+PANEL 883216.cc avion-web3.com azurbala.online beicheng.icu exostar.online generaltiles.xyz joneswhitelaundo.top nv567.net nyan.claims payandhay.com polerd-aerse.monster taobao5203.com taobao9977.com tsaojzph499.com tsaojzsx694.com tsxla541.com vv8888.club # Reference: https://www.virustotal.com/gui/file/21d58e0371b5c3b76148075eeb2d8abc0915655be6c515869333e3e6ef789789/detection http://158.220.98.78 158.220.98.78:3434 # Reference: https://www.virustotal.com/gui/file/86412dc50565e0ff12bbc5e3808e39e6f94c6d35db0ceec44d737290846fea72/detection http://103.189.88.164 103.189.88.164:3434 # Reference: https://www.virustotal.com/gui/file/72b6abeeae59972ad2cc131c1c14982c67762ac4f5bf9d349714a9745fd8ebb4/detection # Reference: https://www.virustotal.com/gui/file/278611dbc972b397f7fa0d90dd8a2a5d1e3dee572333c30f7b3821657af88cc0/detection # Reference: https://www.virustotal.com/gui/file/5a269da5d36534794222ad4d0d55431cc6f1fd9e552844c0f878ff1069823996/detection http://98.71.9.211 98.71.9.211:3434 # Reference: https://www.virustotal.com/gui/ip-address/142.132.236.35/relations http://142.132.236.35 # Reference: https://www.virustotal.com/gui/ip-address/185.174.136.186/relations http://185.174.136.186 # Reference: https://twitter.com/0x6rss/status/1758478353521078504 193.222.96.25:8080 194.33.191.202:8080 91.92.252.193:8080 # Reference: https://www.virustotal.com/gui/ip-address/193.149.129.7/relations http://193.149.129.7 193.149.129.7:3434 # Reference: https://www.virustotal.com/gui/file/1d8e17c649fba3c585dfd7d64fd647c7084d9c0abb0cd84182827743f6f7dcb5/detection http://82.147.85.84 82.147.85.84:3434 # Reference: https://twitter.com/karol_paciorek/status/1760966982621405540 http://77.105.132.58 77.105.132.58:8080 # Reference: https://twitter.com/0x6rss/status/1758478353521078504 http://185.216.70.79 http://74.234.3.141 185.216.70.79:8080 74.234.3.141:8080 # Reference: https://twitter.com/ShanHolo/status/1760975043121786985 5.42.67.10:8080 5.42.67.89:8080 # Reference: https://threatfox.abuse.ch/browse/tag/Hookbot%20Pegasus/ http://103.61.225.212 http://104.194.157.55 http://104.233.192.16 http://142.171.226.188 http://142.171.8.138 http://147.45.47.41 http://147.45.68.159 http://157.245.16.54 http://163.197.242.202 http://178.128.122.145 http://178.250.156.165 http://185.246.64.139 http://186.195.175.239 http://188.120.225.37 http://188.120.254.185 http://193.176.79.54 http://193.57.41.76 http://198.44.178.84 http://198.46.226.223 http://20.84.67.57 http://45.84.226.86 http://46.250.238.168 http://5.35.99.203 http://51.250.20.138 http://62.109.15.31 http://62.109.6.72 http://62.217.179.132 http://80.253.246.232 http://80.87.192.43 http://81.19.140.77 http://84.201.143.26 http://84.201.167.175 http://87.120.84.190 http://89.23.103.75 http://91.202.233.190 http://91.240.84.52 104.194.157.55:8082 46.226.164.18:50555 46.226.164.60:50555 92.246.139.121:50555 photopoiskvk.pro payments.photopoiskvk.pro # Reference: https://twitter.com/noexceptcpp/status/1766836849945817464 # Reference: https://www.virustotal.com/gui/ip-address/193.143.1.59/relations # Reference: https://www.virustotal.com/gui/ip-address/91.215.85.245/relations 185.216.70.193:3434 aauahbahujaka.top aauahbahujakaa.top aauahbahujakab.top aauahbahujakac.top aauahbahujakad.top aauahbahujakb.top aauahbahujakba.top aauahbahujakbb.top aauahbahujakbc.top aauahbahujakbd.top aauahbahujakc.top aauahbahujakca.top aauahbahujakcb.top aauahbahujakcc.top aauahbahujakcd.top aauahbahujakd.top aauahbahujakda.top aauahbahujakdb.top aauahbahujakdc.top aauahbahujakdd.top aauahbahujake.top aauahbahujakea.top aauahbahujakeb.top aauahbahujakec.top aauahbahujaked.top aauahbahujakf.top aauahbahujakfa.top aauahbahujakfb.top aauahbahujakfc.top aauahbahujakfd.top aauahbahujakg.top aauahbahujakga.top aauahbahujakgb.top aauahbahujakgc.top aauahbahujakgd.top aauahbahujakh.top aauahbahujakha.top aauahbahujakhb.top aauahbahujakhc.top aauahbahujakhd.top aauahbahujakj.top aauahbahujakja.top aauahbahujakjb.top aauahbahujakjc.top aauahbahujakjd.top aauahbahujakk.top aauahbahujakka.top aauahbahujakkb.top aauahbahujakkc.top aauahbahujakkd.top aauahbahujakl.top aauahbahujakla.top aauahbahujaklb.top aauahbahujaklc.top aauahbahujakld.top aauahbahujakm.top aauahbahujakma.top aauahbahujakmb.top aauahbahujakmc.top aauahbahujakmd.top aauahbahujakn.top aauahbahujakna.top aauahbahujaknb.top aauahbahujaknc.top aauahbahujaknd.top aauahbahujako.top aauahbahujakoa.top aauahbahujakob.top aauahbahujakoc.top aauahbahujakod.top aauahbahujakp.top aauahbahujakpa.top aauahbahujakpb.top aauahbahujakpc.top aauahbahujakpd.top aauahbahujakq.top aauahbahujakqa.top aauahbahujakqb.top aauahbahujakqc.top aauahbahujakqd.top aauahbahujakr.top aauahbahujakra.top aauahbahujakrb.top aauahbahujakrc.top aauahbahujakrd.top aauahbahujaks.top aauahbahujaksa.top aauahbahujaksb.top aauahbahujaksc.top aauahbahujaksd.top aauahbahujakt.top aauahbahujakta.top aauahbahujaktb.top aauahbahujaktc.top aauahbahujaktd.top aauahbahujakv.top aauahbahujakva.top aauahbahujakvb.top aauahbahujakvc.top aauahbahujakvd.top aauwuwauhdaua.top aauwuwauhdaub.top aauwuwauhdauc.top aauwuwauhdaud.top aauwuwauhdaue.top aauwuwauhdauf.top aauwuwauhdaug.top aauwuwauhdauh.top aauwuwauhdaui.top aauwuwauhdauj.top aauwuwauhdauk.top aauwuwauhdaul.top aauwuwauhdaum.top aauwuwauhdaun.top aauwuwauhdauo.top aauwuwauhdaup.top aauwuwauhdauq.top aauwuwauhdaur.top aauwuwauhdaus.top aauwuwauhdaut.top aauwuwauhdauv.top aauwuwauhdauw.top aauwuwauhdaux.top aauwuwauhdauy.top aauwuwauhdauz.top ahsanavahsana.com ahuhuwjauwana.top ahuhuwjauwanb.top ahuhuwjauwanc.top ahuhuwjauwand.top ahuhuwjauwane.top ahuhuwjauwanf.top ahuhuwjauwang.top ahuhuwjauwanh.top ahuhuwjauwani.top ahuhuwjauwanj.top ahuhuwjauwank.top ahuhuwjauwanl.top ahuhuwjauwanm.top ahuhuwjauwann.top ahuhuwjauwano.top ahuhuwjauwanp.top ahuhuwjauwanq.top ahuhuwjauwanr.top ahuhuwjauwans.top ahuhuwjauwant.top ahuhuwjauwanu.top ahuhuwjauwanv.top ahuhuwjauwanw.top ahuhuwjauwanx.top ahuhuwjauwany.top athaudsazwzauizm.top athaudsazwzauizn.top athaudsazwzauizo.top athaudsazwzauizp.top athaudsazwzauizq.top athaudsazwzauizr.top athaudsazwzauizs.top athaudsazwzauizt.top athaudsazwzauizv.top athaudsazwzauizw.top athaudsazwzauizx.top athaudsazwzauizy.top athaudsazwzauizz.top atrzavazwbauja.top atrzavazwbaujb.top atrzavazwbaujc.top atrzavazwbaujd.top atrzavazwbauje.top atrzavazwbaujf.top atrzavazwbaujg.top atrzavazwbaujh.top atrzavazwbauji.top atrzavazwbaujj.top atrzavazwbaujk.top atrzavazwbaujl.top atrzavazwbaujm.top atrzavazwbaujn.top atrzavazwbaujo.top atrzavazwbaujp.top atrzavazwbaujq.top atrzavazwbaujr.top atrzavazwbaujs.top atrzavazwbaujt.top atrzavazwbauju.top atrzavazwbaujv.top atrzavazwbaujw.top atrzavazwbaujx.top atrzavazwbaujy.top atrzavazwbaujz.top bbuwuwauhdaua.top bbuwuwauhdaub.top bbuwuwauhdauc.top bbuwuwauhdaud.top bbuwuwauhdaue.top bbuwuwauhdauf.top bbuwuwauhdaug.top bbuwuwauhdauh.top bbuwuwauhdaui.top bbuwuwauhdauj.top bbuwuwauhdauk.top bbuwuwauhdaul.top bbuwuwauhdaum.top bbuwuwauhdaun.top bbuwuwauhdauo.top bbuwuwauhdaup.top bbuwuwauhdauq.top bbuwuwauhdaur.top bbuwuwauhdaus.top bbuwuwauhdaut.top bbuwuwauhdauv.top bbuwuwauhdauw.top bbuwuwauhdaux.top bbuwuwauhdauy.top bbuwuwauhdauz.top bhdahsvuwbgsazb.top bhdahsvuwbgsazz.top bhuhuwjauwana.top bhuhuwjauwanb.top bhuhuwjauwanc.top bhuhuwjauwand.top bhuhuwjauwane.top bhuhuwjauwanf.top bhuhuwjauwang.top bhuhuwjauwanh.top bhuhuwjauwani.top bhuhuwjauwanj.top bhuhuwjauwank.top bhuhuwjauwanl.top bhuhuwjauwanm.top bhuhuwjauwann.top bhuhuwjauwano.top bhuhuwjauwanp.top bhuhuwjauwanq.top bhuhuwjauwanr.top bhuhuwjauwans.top bhuhuwjauwant.top bhuhuwjauwanu.top bhuhuwjauwanv.top bhuhuwjauwanw.top bhuhuwjauwanx.top bhuhuwjauwany.top bhuhuwjauwanz.top bthaudsazwzauiza.top bthaudsazwzauizb.top bthaudsazwzauizf.top bthaudsazwzauizi.top bthaudsazwzauizj.top bthaudsazwzauizk.top bthaudsazwzauizl.top bthaudsazwzauizm.top bthaudsazwzauizn.top bthaudsazwzauizo.top bthaudsazwzauizp.top bthaudsazwzauizq.top bthaudsazwzauizs.top ccuwuwauhdaua.top ccuwuwauhdaub.top ccuwuwauhdauc.top ccuwuwauhdaud.top ccuwuwauhdaue.top ccuwuwauhdauf.top ccuwuwauhdaug.top ccuwuwauhdauh.top ccuwuwauhdaui.top ccuwuwauhdauj.top ccuwuwauhdauk.top ccuwuwauhdaul.top ccuwuwauhdaum.top ccuwuwauhdaun.top ccuwuwauhdauo.top ccuwuwauhdaup.top ccuwuwauhdauq.top ccuwuwauhdaur.top ccuwuwauhdaus.top ccuwuwauhdaut.top ccuwuwauhdauv.top ccuwuwauhdauw.top ccuwuwauhdaux.top ccuwuwauhdauy.top ccuwuwauhdauz.top chdahsvuwbgsazv.top chdahsvuwbgsazz.top chuhuwjauwana.top chuhuwjauwanb.top chuhuwjauwanc.top chuhuwjauwand.top chuhuwjauwane.top chuhuwjauwanf.top chuhuwjauwang.top chuhuwjauwanh.top chuhuwjauwani.top chuhuwjauwanj.top chuhuwjauwank.top chuhuwjauwanl.top chuhuwjauwanm.top chuhuwjauwann.top chuhuwjauwano.top chuhuwjauwanp.top chuhuwjauwanq.top chuhuwjauwanr.top chuhuwjauwans.top chuhuwjauwant.top chuhuwjauwanu.top chuhuwjauwanv.top chuhuwjauwanw.top chuhuwjauwanx.top chuhuwjauwany.top chuhuwjauwanz.top dduwuwauhdaua.top dduwuwauhdaub.top dduwuwauhdauc.top dduwuwauhdaud.top dduwuwauhdaue.top dduwuwauhdauf.top dduwuwauhdaug.top dduwuwauhdauh.top dduwuwauhdaui.top dduwuwauhdauj.top dduwuwauhdauk.top dduwuwauhdaul.top dduwuwauhdaum.top dduwuwauhdaun.top dduwuwauhdauo.top dduwuwauhdaup.top dduwuwauhdauq.top dduwuwauhdaur.top dduwuwauhdaus.top dduwuwauhdaut.top dduwuwauhdauv.top dduwuwauhdauw.top dduwuwauhdaux.top dduwuwauhdauy.top dduwuwauhdauz.top dhdahsvuwbgsazd.top dhdahsvuwbgsazz.top ghdahsvuwbgsazg.top ghdahsvuwbgsazz.top hdahsuwbgaza.top hdahsuwbgazb.top hdahsuwbgazc.top hdahsuwbgazd.top hdahsuwbgaze.top hdahsuwbgazf.top hdahsuwbgazg.top hdahsuwbgazh.top hdahsuwbgazi.top hdahsuwbgazj.top hdahsuwbgazk.top hdahsuwbgazl.top hdahsuwbgazm.top hdahsuwbgazn.top hdahsuwbgazo.top hdahsuwbgazp.top hdahsuwbgazq.top hdahsuwbgazr.top hdahsuwbgazs.top hdahsuwbgazt.top hdahsuwbgazv.top hdahsuwbgazw.top hdahsuwbgazz.top hhdahsvuwbgsazh.top ifjhbjfiaza.top ifjhbjfiazaa.top ifjhbjfiazab.top ifjhbjfiazac.top ifjhbjfiazad.top ifjhbjfiazae.top ifjhbjfiazb.top ifjhbjfiazba.top ifjhbjfiazbb.top ifjhbjfiazbc.top ifjhbjfiazbd.top ifjhbjfiazbe.top ifjhbjfiazc.top ifjhbjfiazd.top ifjhbjfiaze.top ifjhbjfiazf.top ifjhbjfiazg.top ifjhbjfiazh.top ifjhbjfiazi.top ifjhbjfiazj.top ifjhbjfiazk.top ifjhbjfiazl.top ifjhbjfiazm.top ifjhbjfiazn.top ifjhbjfiazo.top ifjhbjfiazp.top ifjhbjfiazq.top ifjhbjfiazr.top ifjhbjfiazs.top ifjhbjfiazt.top ifjhbubaza.top ifjhbubazb.top ifjhbubazc.online ifjhbubazc.top ifjhbubazd.online ifjhbubazd.top ifjhbubaze.online ifjhbubaze.top ifjhbubazf.online ifjhbubazf.top ifjhbubazg.online ifjhbubazg.top ifjhbubazh.top ifjhbubazi.top ifjhbubazj.top ifjhbubazk.online ifjhbubazk.top ifjhbubazl.online ifjhbubazl.top ifjhbubazm.online ifjhbubazm.top ifjhbubazn.online ifjhbubazn.top ifjhbubazo.top ihdahsvuwbgsazi.top jfuwbabuwha.top jfuwbabuwhb.top jfuwbabuwhc.top jfuwbabuwhd.top jfuwbabuwhe.top jfuwbabuwhf.top jfuwbabuwhg.top jfuwbabuwhh.top jfuwbabuwhi.top jfuwbabuwhj.top jfuwbabuwhk.top jhdahsvuwbgsazj.top khdahsvuwbgsazk.top lhdahsvuwbgsazl.top thuahbahujaka.top thuahbahujakaa.top thuahbahujakab.top thuahbahujakac.top thuahbahujakad.top thuahbahujakb.top thuahbahujakba.top thuahbahujakbb.top thuahbahujakbc.top thuahbahujakbd.top thuahbahujakc.top thuahbahujakca.top thuahbahujakcb.top thuahbahujakcc.top thuahbahujakcd.top thuahbahujakd.top thuahbahujakda.top thuahbahujakdb.top thuahbahujakdc.top thuahbahujakdd.top thuahbahujake.top thuahbahujakea.top thuahbahujakeb.top thuahbahujakec.top thuahbahujaked.top thuahbahujakf.top thuahbahujakfa.top thuahbahujakfb.top thuahbahujakfc.top thuahbahujakfd.top thuahbahujakg.top thuahbahujakga.top thuahbahujakgb.top thuahbahujakgc.top thuahbahujakgd.top thuahbahujakh.top thuahbahujakha.top thuahbahujakhb.top thuahbahujakhc.top thuahbahujakhd.top thuahbahujakj.top thuahbahujakja.top thuahbahujakjb.top thuahbahujakjc.top thuahbahujakjd.top thuahbahujakk.top thuahbahujakka.top thuahbahujakkb.top thuahbahujakkc.top thuahbahujakkd.top thuahbahujakl.top thuahbahujakla.top thuahbahujaklb.top thuahbahujaklc.top thuahbahujakld.top thuahbahujakm.top thuahbahujakma.top thuahbahujakmb.top thuahbahujakmc.top thuahbahujakmd.top thuahbahujakn.top thuahbahujakna.top thuahbahujaknb.top thuahbahujaknc.top thuahbahujaknd.top thuahbahujako.top thuahbahujakoa.top thuahbahujakob.top thuahbahujakoc.top thuahbahujakod.top thuahbahujakp.top thuahbahujakpa.top thuahbahujakpb.top thuahbahujakpc.top thuahbahujakpd.top thuahbahujakq.top thuahbahujakqa.top thuahbahujakqb.top thuahbahujakqc.top thuahbahujakqd.top thuahbahujakr.top thuahbahujakra.top thuahbahujakrb.top thuahbahujakrc.top thuahbahujakrd.top thuahbahujaks.top thuahbahujaksa.top thuahbahujaksb.top thuahbahujaksc.top thuahbahujaksd.top thuahbahujakt.top thuahbahujakta.top thuahbahujaktb.top thuahbahujaktc.top thuahbahujaktd.top thuahbahujakv.top thuahbahujakva.top thuahbahujakvb.top thuahbahujakvc.top thuahbahujakvd.top uhuhuwjauwana.top uhuhuwjauwanb.top uhuhuwjauwanc.top uhuhuwjauwand.top uhuhuwjauwane.top uhuhuwjauwanf.top uhuhuwjauwang.top uhuhuwjauwanh.top uhuhuwjauwani.top uhuhuwjauwanj.top uhuhuwjauwank.top uhuhuwjauwanl.top uhuhuwjauwanm.top uhuhuwjauwany.top uhuhuwjauwanz.top uthaudsazwzauiza.top uthaudsazwzauizb.top uthaudsazwzauizc.top uthaudsazwzauizd.top uthaudsazwzauize.top uthaudsazwzauizf.top uthaudsazwzauizg.top uthaudsazwzauizh.top uthaudsazwzauizi.top uthaudsazwzauizj.top uthaudsazwzauizk.top uthaudsazwzauizl.top uthaudsazwzauizm.top uthaudsazwzauizn.top uthaudsazwzauizo.top uthaudsazwzauizp.top uthaudsazwzauizq.top uthaudsazwzauizr.top uthaudsazwzauizs.top uthaudsazwzauizt.top uthaudsazwzauizv.top uthaudsazwzauizw.top uthaudsazwzauizx.top uthaudsazwzauizy.top utrzavazwbauja.top utrzavazwbaujb.top utrzavazwbaujc.top utrzavazwbaujd.top utrzavazwbauje.top utrzavazwbaujf.top utrzavazwbaujg.top utrzavazwbaujh.top utrzavazwbauji.top utrzavazwbaujj.top utrzavazwbaujk.top utrzavazwbaujl.top utrzavazwbaujm.top utrzavazwbaujn.top utrzavazwbaujo.top utrzavazwbaujp.top utrzavazwbaujq.top utrzavazwbaujr.top utrzavazwbaujs.top utrzavazwbaujt.top utrzavazwbauju.top utrzavazwbaujv.top utrzavazwbaujw.top utrzavazwbaujx.top utrzavazwbaujy.top yjajawuabaub.com yjajawuabauc.com yjajawuabaud.com yjajawuabaue.com yjajawuabauf.com yjajawuabaug.com yjajawuabaug.top yjajawuabauh.com yjajawuabauh.top yjajawuabaui.com yjajawuabaui.top yjajawuabauj.com yjajawuabauj.top yjajawuabauk.com yjajawuabauk.top yjajawuasbaua.top yjajawuasbaub.top yjajawuasbauc.top yjajawuasbaud.top yjajawuasbaue.top yjajawuasbauf.top yjajawuasbaug.top yjajawuasbauh.top yjajawuasbaui.top yjajawuasbauj.top aws.aauahbahujakaa.top aws.aauahbahujakac.top aws.aauahbahujakc.top aws.aauahbahujakf.top aws.aauahbahujakg.top aws.aauahbahujakgb.top aws.aauahbahujakl.top aws.aauahbahujakn.top aws.aauahbahujakna.top aws.aauahbahujakrb.top aws.aauahbahujakva.top aws.aauwuwauhdaua.top aws.aauwuwauhdaud.top aws.aauwuwauhdaun.top aws.aauwuwauhdauq.top aws.aauwuwauhdaus.top aws.aauwuwauhdaut.top aws.aauwuwauhdauv.top aws.aauwuwauhdauz.top aws.ahuhuwjauwang.top aws.ahuhuwjauwanh.top aws.ahuhuwjauwanm.top aws.ahuhuwjauwano.top aws.bbuwuwauhdauc.top aws.bbuwuwauhdaus.top aws.bhuhuwjauwanc.top aws.bhuhuwjauwane.top aws.ccuwuwauhdauc.top aws.ccuwuwauhdauh.top aws.ccuwuwauhdauq.top aws.chuhuwjauwane.top aws.chuhuwjauwanx.top aws.dduwuwauhdaue.top aws.dduwuwauhdaux.top aws.hdahsuwbgazc.top aws.hdahsuwbgazh.top aws.hdahsuwbgazo.top aws.hdahsuwbgazs.top aws.hdahsuwbgazt.top aws.hdahsuwbgazv.top aws.hdahsuwbgazz.top aws.ifjhbjfiaza.top aws.ifjhbjfiazh.top aws.ifjhbjfiazn.top aws.ifjhbjfiazs.top aws.ifjhbubazi.top aws.jfuwbabuwhh.top aws.uhuhuwjauwanh.top aws.uhuhuwjauwanl.top aws.uhuhuwjauwanm.top aws.yjajawuabauh.top aws.yjajawuasbaue.top aws.yjajawuasbauf.top aws.yjajawuasbauh.top # Reference: https://threatfox.abuse.ch/browse/tag/Hookbot%20Pegasus/ (# 2024-03-17) http://114.130.36.120 http://137.184.177.175 http://142.171.8.253 http://143.110.180.125 http://147.78.103.233 http://185.196.11.210 http://185.80.128.10 http://188.120.231.211 http://188.120.250.67 http://194.87.74.14 http://206.238.113.242 http://206.238.42.236 http://62.109.20.47 http://64.23.194.166 http://64.23.228.21 http://66.103.202.31 http://66.103.202.47 http://82.146.59.110 http://82.197.93.210 http://83.220.169.98 http://94.250.255.6 194.33.191.105:50555 # Reference: https://twitter.com/h_krobot/status/1769337884316697025 http://94.156.66.12 12.lan-vg1-1.static.rozabg.com # Reference: https://urlscan.io/search/#filename:%22login_sd.mp4%22 http://103.114.163.214 http://103.216.51.35 http://107.148.37.67 http://14.239.3.253 http://154.91.83.163 http://159.100.14.197 http://160.20.109.76 http://167.71.182.102 http://172.188.29.138 http://176.123.168.157 http://185.209.30.141 http://188.166.194.125 http://193.233.254.32 http://194.233.79.198 http://20.106.172.90 http://212.70.149.199 http://34.125.32.157 http://4.233.217.146 http://45.138.16.161 http://45.14.247.89 http://45.145.42.229 http://45.83.31.204 http://46.149.77.191 http://64.226.76.253 http://64.23.186.161 http://85.209.11.82 http://89.23.103.208 http://89.23.97.34 http://89.23.98.34 http://91.142.74.218 http://91.92.243.141 http://91.92.249.161 http://91.92.249.213 http://91.92.250.128 http://91.92.250.168 http://94.156.67.40 147.45.40.66:50555 centinelhost.com es-bancofar-app.com ethgiftclaim.com inlliniea.org rewardlido.com vvalliet-coin.top # Reference: https://threatfox.abuse.ch/browse/malware/apk.ermac/ (# 2024-03-24) http://103.215.124.119 http://103.215.124.60 http://104.43.89.110 http://110.173.54.194 http://110.173.54.195 http://110.173.54.196 http://110.173.54.197 http://110.173.54.198 http://111.90.145.26 http://124.156.162.114 http://166.88.61.219 http://172.208.54.18 http://172.208.59.226 http://172.214.139.124 http://185.249.227.27 http://185.78.76.40 http://188.119.112.64 http://193.222.96.238 http://193.222.96.33 http://20.0.153.70 http://20.121.42.245 http://20.166.248.109 http://20.251.169.136 http://20.65.178.69 http://20.77.71.31 http://207.180.202.241 http://213.166.68.24 http://31.129.99.52 http://34.16.134.132 http://37.140.242.93 http://40.119.24.133 http://45.128.96.74 http://45.136.6.149 http://45.15.159.44 http://5.199.162.93 http://5.199.169.206 http://52.160.82.19 http://77.105.132.32 http://87.120.84.22 http://93.123.85.74 http://94.156.10.254 http://94.156.69.44 http://94.156.8.224 20.0.153.70:8080 20.82.182.10:8080 94.156.69.44:8080 # Reference: https://threatfox.abuse.ch/browse/tag/Hookbot%20Pegasus/ (# 2024-03-24) http://104.131.185.229 http://107.189.24.173 http://108.61.202.34 http://137.184.41.246 http://144.126.198.15 http://147.45.71.249 http://170.64.183.64 http://185.203.117.32 http://193.124.205.6 http://20.234.62.151 http://206.233.132.104 http://206.233.132.162 http://206.233.132.215 http://212.109.194.186 http://212.57.118.90 http://222.186.21.204 http://31.129.98.219 http://43.128.5.46 http://45.128.96.101 http://45.128.96.103 http://45.128.96.167 http://45.128.96.99 http://45.32.62.242 http://51.75.74.92 http://62.109.21.73 http://77.238.251.130 http://84.32.214.66 http://87.120.84.73 http://89.23.101.233 http://91.107.121.52 109.120.184.203:50555 77.105.167.115:50555 # Reference: https://twitter.com/malpulse/status/1773720262933987825 http://104.129.182.25 http://109.107.182.168 http://159.203.158.196 http://161.35.109.123 http://165.22.44.147 http://167.86.117.43 http://185.216.70.67 http://194.146.13.49 http://20.199.42.249 http://209.141.36.46 http://213.142.157.146 http://3.68.135.109 http://37.247.108.194 http://37.49.230.236 http://45.11.181.30 http://80.209.238.116 http://83.222.8.13 http://87.248.157.149 http://91.200.151.233 http://91.92.247.135 http://91.92.249.104 http://93.123.39.254 http://94.156.8.183 104.129.182.25:3434 109.107.182.168:3434 159.203.158.196:3434 161.35.109.123:3434 165.22.44.147:3434 167.86.117.43:3434 185.216.70.11:3434 185.216.70.67:3434 194.146.13.49:3434 209.141.36.46:3434 213.142.157.146:3434 37.247.108.194:3434 37.49.230.236:3434 45.11.181.30:3434 80.209.238.116:3434 83.222.8.13:3434 87.248.157.149:3434 91.200.151.233:3434 91.92.247.135:3434 91.92.249.104:3434 93.123.39.254:3434 94.156.8.183:3434 157.32.125.34.bc.googleusercontent.com dndnote.com guodu01.icu hifym.cz jinrizhuan003.icu officialvit.com revolutions.cz serialbook.revolutions.cz # Reference: https://threatfox.abuse.ch/browse/tag/Hookbot%20Pegasus/ (# 2024-03-31) http://139.180.218.26 http://142.11.236.34 http://143.198.54.223 http://147.182.199.146 http://147.78.103.54 http://176.123.169.32 http://185.216.70.210 http://185.216.70.211 http://188.120.248.175 http://195.133.88.120 http://20.115.56.254 http://200.234.232.196 http://45.138.16.150 http://45.151.44.159 http://45.67.230.75 http://64.176.81.234 http://77.238.249.17 http://79.133.51.234 http://86.38.247.37 http://91.240.85.51 http://92.63.192.108 http://93.123.39.201 http://94.228.169.68 193.233.255.105:50555 77.221.154.236:50555 77.221.156.22:50555 93.123.39.57:50555 # Reference: https://threatfox.abuse.ch/browse/tag/Hookbot%20Pegasus/ (# 2024-04-11) http://103.145.191.100 http://106.54.222.22 http://137.184.228.202 http://147.78.103.240 http://154.40.47.121 http://154.9.255.11 http://159.203.174.80 http://185.173.38.38 http://185.43.4.238 http://188.120.240.143 http://192.236.146.112 http://193.124.113.33 http://193.143.1.161 http://193.57.41.184 http://193.57.41.185 http://194.32.149.189 http://194.87.236.115 http://206.189.246.137 http://212.109.220.144 http://212.109.221.128 http://212.224.88.151 http://38.180.45.153 http://42.96.5.32 http://45.32.156.218 http://45.63.121.237 http://45.77.40.77 http://45.82.152.138 http://45.88.90.80 http://45.94.4.36 http://46.101.4.16 http://5.42.106.136 http://57.151.90.74 http://62.109.2.162 http://62.109.5.21 http://77.221.154.28 http://77.91.123.52 http://78.24.217.201 http://82.147.85.159 http://83.136.232.33 http://91.202.233.174 http://91.215.85.131 http://91.92.240.202 http://91.92.243.79 http://91.92.247.112 http://91.92.248.125 http://91.92.250.167 http://91.92.253.115 http://92.63.96.171 http://94.154.34.137 http://94.156.8.227 http://94.250.249.104 104.194.157.55:8082 13.214.93.225:443 45.63.121.237:8082 79.137.207.33:50555 89.208.103.64:50555 93.123.39.127:50555 94.156.8.125:50555 # Reference: https://twitter.com/banthisguy9349/status/1780197850707574816 # Reference: https://www.virustotal.com/gui/file/5d794e937ca1530895f464d0a59eebc89e44cef3228064457907fe38fc25f113/detection http://87.120.84.22 87.120.84.22:3434 94.156.10.33:8080 # Reference: https://twitter.com/banthisguy9349/status/1780970174323085361 http://134.122.109.15 http://154.61.80.57 http://194.48.251.136 147.78.103.174:8082 185.216.70.210:50555 193.233.254.16:8082 77.105.146.185:50555 # Reference: https://www.virustotal.com/gui/file/820e9e9c1f7f6148c94e647a175ede95e41efdd882fd4b0177ad443ce8b95e04/detection 163.5.169.19:3434 # Reference: https://app.validin.com/detail?type=raw&find=HOOKBOT+PANEL#tab=host_pairs (2024-04-29) http://139.99.64.79 http://2.58.56.99 http://3.34.122.177 http://31.129.98.188 http://54.36.113.159 http://64.227.140.244 http://87.120.84.167 http://91.151.95.157 http://91.92.247.254 http://93.127.202.69 http://94.156.64.149 http://95.70.159.193 149.lan-za1-1.static.rozabg.com 2-58-56-99.hosted-by-worldstream.net 49.183.246.35.bc.googleusercontent.com foundjhostmk.com gestione-subito.info naughty-elion.107-173-140-104.plesk.page old.standfin.ru pegasusabs.link planetclient.xyz sudodot.asuscomm.com walletservice.top y1ge.shop # Reference: https://pastebin.com/pvfQbnRB http://14.178.208.233 http://167.71.169.160 http://185.125.50.198 http://185.241.208.213 http://45.91.8.8 http://5.253.40.118 http://77.238.235.75 http://91.92.247.95 http://93.177.102.47 http://94.131.107.85 http://94.156.64.148 http://94.156.79.114 http://94.156.79.186 http://94.156.79.50 http://95.164.117.2 103.216.51.35:50555 181.214.147.25:50555 185.216.70.189:50555 185.216.70.211:50555 91.188.254.6:50555 # Reference: https://twitter.com/banthisguy9349/status/1785736032387793082 http://147.45.47.44 http://147.45.47.46 http://147.78.103.222 http://45.144.29.47 http://46.105.124.55 http://93.123.39.29 http://94.156.8.125 http://94.156.8.245 147.45.47.44:8080 147.45.47.46:8080 147.78.103.222:8080 45.144.29.47:8080 46.105.124.55:8080 93.123.39.29:8080 94.156.8.125:8080 94.156.8.245:8080 # Reference: https://twitter.com/ReBensk/status/1786086630324838721 37.60.238.252:8085 # Reference: https://twitter.com/banthisguy9349/status/1787228895462219952 # Reference: https://app.validin.com/detail?type=raw&find=aXedroid+Console#tab=host_pairs # Reference: https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=aXedroid+Console # Reference: https://www.virustotal.com/gui/file/039c79780123d3a766255749b32800a8082a1fc389455ed9ae9c5d82c0e9f37c/detection # Reference: https://www.virustotal.com/gui/file/e330fcc07b1bc5616beb0905e26420fd58ed4ca8d1f6cbf9960a7137fe827697/detection # Reference: https://www.virustotal.com/gui/file/20c8a5e3a600644317a513d28d1eaebb7c8ae16375208335099ca2452c0a0353/detection http://194.26.135.189 http://85.209.11.108 http://85.209.11.65 194.26.135.189:3306 194.26.135.189:3434 194.26.135.189:8081 31.41.244.187:3306 31.41.244.187:3434 31.41.244.187:8081 85.209.11.108:3306 85.209.11.108:3434 85.209.11.108:8081 85.209.11.65:3306 85.209.11.65:3434 85.209.11.65:8081 clou-flare-n-s.com proffiduguard.site ns1.clou-flare-n-s.com ns2.clou-flare-n-s.com ns1.proffiduguard.site ns2.proffiduguard.site # Reference: https://www.virustotal.com/gui/ip-address/194.26.135.189/relations balikovna.cell60.online balikovna.cell73.online balikovna.cell8.online balikovna.sell123.online balikovna.sell167.online balikovna.sell179.online balikovna.sell3413.online balikovna.sell40.online bazoscz.cell17.online bazoscz.forum2311.online bazoscz.sell176.online cell10.online cell100.online cell101.online cell102.online cell103.online cell104.online cell105.online cell106.online cell107.online cell108.online cell109.online cell110.online cell111.online cell115.online cell116.online cell117.online cell118.online cell119.online cell12.online cell120.online cell121.online cell122.online cell123.online cell124.online cell125.online cell13.online cell14.online cell15.online cell16.online cell17.online cell18.online cell19.online cell20.online cell21.online cell22.online cell24.online cell27.online cell28.online cell29.online cell30.online cell31.online cell32.online cell33.online cell38.online cell39.online cell4.online cell40.online cell42.online cell43.online cell44.online cell45.online cell46.online cell47.online cell48.online cell49.online cell5.online cell50.online cell51.online cell54.online cell55.online cell56.online cell57.online cell58.online cell59.online cell6.online cell60.online cell61.online cell63.online cell64.online cell65.online cell66.online cell67.online cell68.online cell69.online cell7.online cell70.online cell71.online cell72.online cell73.online cell74.online cell75.online cell76.online cell77.online cell78.online cell8.online cell81.online cell82.online cell83.online cell9.online cell93.online cell94.online cell95.online cell96.online cell97.online cell98.online cell99.online dpd-cz.orderss93.online dpd-cz.sell80.online dpd-etmh.sell98.online dpd-polska.cell100.online dpd-polska.cell103.online dpd-polska.cell77.online dpd-polska.sell459.online dpd-skwra.sell202.online dpdczech.cell102.online dpdczech.cell103.online dpdczech.cell124.online dpdczech.cell13.online dpdczech.cell18.online dpdczech.cell38.online dpdczech.cell42.online dpdczech.sell170.online dpdczech.sell173.online dpdczech.sell183.online dpdczech.sell321.online dpdczech.sell945.online dpdsk.sell105.online forum2311.online forum2346.online forum2349.online forum342.online forum493.online forum921.online forun2378.online foxpost-hu.sell100.online foxpost-hu.sell56.online foxpost-hu.sell59.online gls-group.forum2346.online gls-group.sell135.online gls-group.sell46.online gls-group.sell48.online in-post-polska.cell105.online in-post-polska.cell15.online in-post-polska.cell20.online in-post-polska.cell44.online in-post-polska.cell47.online in-post-polska.cell63.online in-post-polska.cell71.online in-post-polska.cell73.online in-post-polska.cell75.online in-post-polska.cell83.online inpost-ccgx.sell63.online inpost-etiwy.orders61.online inpost-hthd.sell102.online inpost-uwga.sell88.online odrers61.online olxpl-ncln.sell106.online order2434.online order2438.online order8921.online order8923.online orders33.online orders34.online orders56.online orders61.online orders85.online orderss34.online orderss64.online orderss69.online orderss843.online orderss93.online packeta.cell15.online packeta.sell130.online plpost-pl.cell67.online polskapoczta-bsyt.orders61.online polskapoczta-hfrr.orders61.online ppl.orderss69.online ppl.sell40.online sell0297.online sell100.online sell102.online sell103.online sell104.online sell105.online sell106.online sell107.online sell109.online sell110.online sell111.online sell119.online sell121.online sell122.online sell123.online sell124.online sell125.online sell126.online sell129.online sell130.online sell131.online sell132.online sell133.online sell134.online sell135.online sell136.online sell137.online sell138.online sell141.online sell142.online sell154.online sell156.online sell159.online sell161.online sell162.online sell164.online sell167.online sell168.online sell169.online sell170.online sell171.online sell172.online sell173.online sell174.online sell176.online sell177.online sell178.online sell179.online sell18.online sell180.online sell183.online sell184.online sell186.online sell191.online sell192.online sell193.online sell196.online sell197.online sell201.online sell202.online sell2022.online sell203.online sell204.online sell205.online sell206.online sell321.online sell3413.online sell37.online sell38.online sell39.online sell40.online sell42.online sell423.online sell4235.online sell43.online sell44.online sell45.online sell456.online sell459.online sell46.online sell48.online sell49.online sell50.online sell52.online sell56.online sell59.online sell60.online sell61.online sell62.online sell63.online sell64.online sell65.online sell66.online sell666.online sell67.online sell68.online sell69.online sell74.online sell78.online sell79.online sell80.online sell83.online sell84.online sell86.online sell87.online sell88.online sell89.online sell91.online sell9241.online sell9262.online sell93.online sell944.online sell945.online sell95.online sell98.online sell99.online sells1.online sells21.online sells4.online vintedcz.cell120.online vintedcz.cell75.online vintedcz.cell83.online vintedcz.sell104.online vintedcz.sell122.online vintedcz.sell135.online vintedcz.sell459.online vintedcz.sell87.online vintedpolska.cell66.online vintedsk.cell96.online yoursells595.site zasilkovna.cell102.online zasilkovna.cell107.online zasilkovna.cell32.online zasilkovna.sell68.online # Reference: https://app.validin.com/detail?type=raw&find=HOOKBOT+PANEL#tab=host_pairs (# 2024-05-07) http://141.8.199.126 http://154.88.23.34 http://198.46.143.196 http://23.224.233.76 http://23.254.144.29 http://66.42.49.63 http://79.137.162.53 104-236-199-233.ipv4.staticdns2.io candaweb.com cdn.citas.lol citas.lol dcg592.vip goooo.citas.lol hf9885.com infben.com kolecko.ru long930701.top nuan0zz.xyz nuan11a.xyz nuan1aa.xyz nuan44f.xyz nuan4fff.xyz nuan5gg.xyz nuan5ggg.xyz nuan6hh.xyz nuan7jj.xyz nuan8kk.xyz nuan8kkk.xyz nuan9ll.xyz nuani88.xyz nuanq11.xyz nuanr44.xyz nuant55.xyz nuanu77.xyz pay.citas.lol redirect-r1.pay.citas.lol rraaa1.xyz rraaaa2.xyz rraaaa4.xyz rraaaa5.xyz wisenom.com yccvvb9.xyz yeeddd3.xyz yjjkka7.xyz yqqaab1.xyz yssdd10.xyz ywwssc2.xyz yybbt2.xyz yyeea1.xyz yyffr5.xyz yygghd6.xyz yyhhy7.xyz yyjjq8.xyz yykkw9.xyz yyooa1.xyz yyood4.xyz yyoot7.xyz yyoou9.xyz yyooy8.xyz yyrre10.xyz yyy10wee.xyz yyy1ahh.xyz yyy2bee.xyz yyy5fyy.xyz yyy7uww.xyz yyy8ioo.xyz yyy9aee.xyz yyyffr3.xyz # Reference: https://twitter.com/banthisguy9349/status/1787224704811463154 http://103.207.68.85 http://138.197.84.169 http://142.171.227.67 http://146.103.45.72 http://146.190.56.109 http://193.222.96.186 http://216.173.119.170 http://23.254.128.104 http://27.124.32.187 http://5.35.91.177 http://80.76.49.6 http://85.209.133.240 http://87.121.105.67 103.207.68.85:47001 103.207.68.85:8089 138.197.84.169:8000 138.197.84.169:8080 138.197.84.169:8089 142.171.227.67:8000 142.171.227.67:8080 142.171.227.67:8089 146.103.45.72:8000 146.103.45.72:8089 146.190.56.109:8000 146.190.56.109:8089 147.45.47.44:8000 147.45.47.44:8089 193.222.96.186:8081 207.180.202.241:8081 216.173.119.170:8000 216.173.119.170:8080 216.173.119.170:8089 23.254.128.104:8000 23.254.128.104:8089 23.254.144.29:3434 23.254.144.29:8000 23.254.144.29:8089 27.124.32.187:8089 5.35.91.177:8000 5.35.91.177:8089 80.76.49.6:8081 85.209.133.240:8081 # Reference: https://twitter.com/banthisguy9349/status/1787221321941758148 # Reference: https://urlscan.io/search/#filename:%22pathseg.js%22 http://13.49.251.65 http://144.126.128.29 http://149.50.96.98 http://172.214.98.73 http://173.212.219.194 http://185.102.172.72 http://185.234.216.104 http://193.233.254.27 http://20.55.63.136 http://211.22.182.201 http://213.199.56.38 http://37.60.245.93 http://45.128.96.169 http://45.128.96.34 http://45.88.90.29 http://5.178.111.179 http://5.199.168.141 http://62.122.184.196 http://79.110.48.224 http://84.32.231.182 http://91.92.246.236 http://91.92.255.150 http://94.156.79.100 http://95.214.24.141 118.107.43.36:8088 118.107.43.66:8088 118.107.43.86:8088 # Reference: https://www.virustotal.com/gui/file/8df476be832a1204480d301c7579597bcdafc690b77d1f5c64dc6fb80c0d90d2/detection 23.224.233.76:3434 # Reference: https://www.virustotal.com/gui/ip-address/23.224.233.76/detection jmex.live jmorex.live jpmex.live nuane33.xyz nuano99.xyz nuanp00.xyz nuanw22.xyz nuany66.xyz rraaaa3.xyz uu386.xyz uu479.xyz uucbeh2.xyz uucveh4.xyz uusakf1.xyz uuvehe5.xyz uuvev3.xyz uuvmne3.xyz uuvvd2.xyz ynnqqc8.xyz yrrffv4.xyz yttbbb5.xyz yya10h10.xyz yya1bb2.xyz yya2qq2.xyz yya3tt3.xyz yya4yy4.xyz yya5uu5.xyz yya6ii6.xyz yya7oo7.xyz yya8aa8.xyz yyaar2.xyz yycct3.xyz yyccu3.xyz yyccy10.xyz yydde4.xyz yyddu6.xyz yyggt6.xyz yyoob2.xyz yyooc3.xyz yyooe5.xyz yyooi10.xyz yyoor6.xyz yyppq8.xyz yyqqr1.xyz yysst5.xyz yyvvd4.xyz yyyccu1.xyz yyydde2.xyz yyyggt4.xyz yyyhhd5.xyz yyzzn7.xyz # Reference: https://www.virustotal.com/gui/ip-address/143.92.49.173/relations # Reference: https://www.virustotal.com/gui/ip-address/23.224.233.75/relations # Reference: https://www.virustotal.com/gui/ip-address/27.124.12.88/relations http://91.92.245.22 asmrbb.xyz asmrkc.xyz asmryy.xyz baomm.xyz bb11efe.xyz bb11uu.xyz bb12uu.xyz bb13uu.xyz bb14uu.xyz bb15uu.xyz bb22fue.xyz bb33ife.xyz bb44ogr.xyz bb55lfk.xyz bb6666.xyz bbceue3.xyz bbdawh1.xyz bbdwpf5.xyz bbefhu3.xyz bbegok33.xyz bbeokk5.xyz bbewkm2.xyz bbfe11.xyz bbfefju10.xyz bbfeik2.xyz bbfeok4.xyz bbfeuj07.xyz bbfeuu01.xyz bbffej05.xyz bbfiei3.xyz bbfiwi06.xyz bbfiwj4.xyz bbfk14.xyz bbfoej66.xyz bbfoku22.xyz bbfwir7.xyz bbfwjh6.xyz bbfwji2.xyz bbfwoh8.xyz bbfwoj9.xyz bbfwok5.xyz bbfwop1.xyz bbgrukl09.xyz bbijkk1.xyz bbjfeu02.xyz bbkc15.xyz bbkei1.xyz bbkfe2.xyz bblow4.xyz bboefj44.xyz bboejp77.xyz bbofk3.xyz bbojwf11.xyz bbok13.xyz bbpfek55.xyz bbpfeo4.xyz bbqqwe08.xyz bbuek5.xyz bbwq12.xyz ccdgdgy1.xyz ccertjj66.xyz ccjeffe22.xyz ccjfjfj4.xyz ccjghgh5.xyz cckfhio11.xyz ccle33.xyz cclee3.xyz ccli88.xyz cclii8.xyz cclo99.xyz ccloo9.xyz cclp00.xyz cclpp0.xyz cclq11.xyz cclqq1.xyz cclr44.xyz cclrr4.xyz cclt55.xyz ccltt5.xyz cclu77.xyz ccluu7.xyz cclw22.xyz cclww2.xyz ccly66.xyz cclyy6.xyz ccorjig33.xyz ccorktk77.xyz ccuefje55.xyz ccweeee2.xyz ccweyee3.xyz ccwjfjr44.xyz fawf2.xyz fwau1.xyz h158.xyz hfhjhj.icu jfsports.xyz nuan1aaa.xyz nuan2ss.xyz nuan3ddd.xyz nuan4ff.xyz oktpol.xyz ovbn5.xyz rrbhf5.xyz rrfhh2.xyz rrghty1.xyz rrhfg3.xyz rrhrfn2.xyz rrhtyu5.xyz rrjgd1.xyz rrmhji4.xyz rrnbh4.xyz rrsgeg3.xyz sadd.xyz ssdrr4.xyz ssdsds3.xyz ssdwd5.xyz sseeej1.xyz ssrdee2.xyz uu1hfwc.xyz uu2ndbw.xyz uu386.xyz uu3fefhf.xyz uu479.xyz uu4kefjn.xyz uu559.xyz uu5opgtj.xyz uu775.xyz uuby102.xyz uucbeh2.xyz uucf103.xyz uucm8.xyz uucveh4.xyz uudw105.xyz uufb106.xyz uufefejk11.xyz uufefjht33.xyz uufefjj55.xyz uufefyw99.xyz uufeh66.xyz uufehfu44.xyz uufehuk22.xyz uufey3.xyz uufh108.xyz uufjo2.xyz uufkefk00.xyz uufne1.xyz uufoe5.xyz uufw101.xyz uugvn4.xyz uukjk1.xyz uulk107.xyz uunv104.xyz uuoekfj88.xyz uusakf1.xyz uuvb109.xyz uuvehe5.xyz uuvekk77.xyz uuvev3.xyz uuvmne3.xyz uuvvd2.xyz veij4.xyz veue3.xyz y10eer.xyz y10sfisk.xyz y1qquio.xyz y1wrrqr.xyz y2aaert.xyz y2wrwhr.xyz y3nsdsn.xyz y3zzsdf.xyz y4eeuio.xyz y4fsiff.xyz y5sdif.xyz y5ttqwe.xyz y6ddasd.xyz y6sifnn.xyz y7cccom.xyz y7sfsff.xyz y8fsfso.xyz y8vvbnm.xyz y9iiopg.xyz y9sfisf.xyz yasdd3.xyz ybnmm10.xyz yfghh6.xyz yiopp1.xyz yjknn9.xyz yqerr2.xyz yrtyy7.xyz yuioo8.xyz yvbnn5.xyz yy10rrty.xyz yy1asdt.xyz yy2erty.xyz yy3fghj.xyz yy4bnm.xyz yy5jkpp.xyz yy6qwee.xyz yy7asdf.xyz yy8zxcv.xyz yy9qwer.xyz yya10h10.xyz yya1bb2.xyz yya2qq2.xyz yya3tt3.xyz yya4yy4.xyz yya5uu5.xyz yya6ii6.xyz yya7oo7.xyz yya8aa8.xyz yya9dd9.xyz yyaar2.xyz yycct3.xyz yyccy10.xyz yyddu6.xyz yykkp9.xyz yyppq8.xyz yyqqr1.xyz yysst5.xyz yyvvd4.xyz yyy10nm.xyz yyy1uio.xyz yyy2qwe.xyz yyy3asd.xyz yyy4zxc.xyz yyy5rty.xyz yyy6fgh.xyz yyy6gqq.xyz yyy7vbn.xyz yyy8iop.xyz yyy9jkm.xyz yyzzn7.xyz yzxcc4.xyz # Reference: https://twitter.com/banthisguy9349/status/1788816213767754107 # Reference: https://app.validin.com/detail?type=raw&find=Universe+0.5#tab=host_pairs # Reference: https://www.virustotal.com/gui/file/dd979ddb9f1b198f36cf8714208ec7d1c73f8183e5fe26b926810d9ebd8be2bc/detection # Reference: https://www.virustotal.com/gui/file/04edf1a70653ac19af894c256137784bc73c8a128e81a5ac26de8d039ef23c60/detection http://178.215.236.29 http://193.222.96.215 http://193.26.115.240 http://91.219.63.21 http://93.123.39.63 178.215.236.29:3434 193.222.96.215:3434 193.26.115.240:3434 93.123.39.63:3434 # Reference: https://app.validin.com/detail?type=raw&find=HOOKBOT+PANEL#tab=host_pairs (# 2024-05-11) http://193.26.115.113 http://5.253.40.168 http://80.253.246.96 edlmrfdndi.site iefomeedl.org ir-dowenerioe.site irmaeshtyi.shop # Reference: https://app.validin.com/detail?type=raw&find=HOOKBOT+PANEL#tab=host_pairs (# 2024-05-20) http://14.247.219.179 http://147.78.103.134 http://172.105.15.137 http://185.208.158.109 http://185.208.158.47 http://185.216.70.82 http://2.58.56.246 http://34.27.202.94 http://35.226.17.12 http://5.180.155.190 http://91.151.89.38 goonclown.com heusaxa1.net.tr maishtiye.org pepsace.com # Reference: https://www.virustotal.com/gui/ip-address/91.151.89.217/detection http://91.151.89.217 # Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s.csv http://114.130.36.119 http://159.100.20.48 http://165.22.69.151 http://176.111.174.221 http://185.121.169.124 http://185.216.70.62 http://185.218.0.101 http://194.163.144.18 http://194.55.186.200 http://195.114.193.38 http://213.219.199.52 http://34.122.213.13 http://34.44.55.114 http://45.77.146.136 http://45.94.31.179 http://5.42.92.29 http://81.177.140.77 http://91.202.233.138 http://91.92.251.201 http://91.92.255.83 http://93.127.186.6 http://94.156.79.148 http://94.156.79.168 http://94.156.79.169 http://94.156.79.26 http://94.156.8.137 http://94.156.8.158 118.107.244.100:50555 118.107.244.99:50555 34.92.138.93:50555 91.92.240.70:50555 93.123.39.249:50555 94.156.8.106:50555 94.156.8.171:50555 94.156.8.81:50555 # Reference: https://app.validin.com/detail?type=raw&find=HOOKBOT+PANEL#tab=host_pairs_v2 (# 2024-07-14) # Reference: https://www.virustotal.com/gui/file/0968f706d92da8fa371cf88aeb4ba60e44733035e3311c60f9d36addb1c9d5b3/detection http://103.244.226.171 http://103.67.163.33 http://104.236.199.233 http://114.130.36.119 http://114.130.36.121 http://134.209.106.197 http://141.8.198.131 http://142.171.67.205 http://147.45.47.40 http://15.228.248.19 http://159.69.86.27 http://167.71.85.87 http://172.214.254.115 http://176.111.174.221 http://185.196.10.211 http://185.208.158.112 http://185.216.70.62 http://185.250.207.234 http://185.80.128.162 http://190.123.44.254 http://191.96.79.89 http://193.164.5.111 http://193.233.161.220 http://194.163.144.18 http://194.33.191.252 http://20.201.118.111 http://202.79.172.198 http://206.189.140.103 http://3.15.150.119 http://31.220.17.227 http://34.122.213.13 http://34.41.177.91 http://35.184.180.199 http://45.156.25.186 http://45.132.181.5 http://45.94.31.179 http://5.42.92.29 http://64.227.156.18 http://74.48.84.151 http://85.209.153.135 http://86.38.247.6 http://91.202.233.138 http://91.215.85.145 http://91.92.251.201 http://91.92.251.207 http://91.92.252.242 http://91.92.255.83 http://93.123.39.241 http://94.156.64.184 http://94.156.65.2 http://94.156.65.236 http://94.156.79.168 http://94.156.79.169 http://94.156.79.248 http://94.156.79.68 http://94.156.8.158 103.67.163.33:3434 2343243258234.com 236462572337423.online 736526437472.com 783247237256214.com 82-147-85-159.networktube.net admin.chainlistr.com aerodiomc.com aerodirome.com aerodiromr.com aerodomc.com aerodomr.com aerodrome.finance.aerodirome.com aerodromr.com altopremio.us api.botnetcontrol.org app.chainlirst.com babychildrens.store babychildrensshop.shop botnetcontrol.org bsb-transport.com.au chaimlistr.com chaimlstr.com chainlirst.com chainlirstr.com chainlistr.com chairnlirst.com chairnlist.com cingapore.com co.kr.nightciows.com com.nightciows.com correos.pa-ock.click cra-unclaimedfunds.info dediust.com dedlust.com dedrust.com dedusit.com dedusit.io dedust.io.dedusit.io ere.yesis-store.com expressvpnservices.online finance.aerodirome.com frpsot.com invoice-traffic.com io.dedusit.io jitco.network jitot.network jitou.network jitoz.network kr.nightciows.com ltdoffs.online m.chainlirst.com m.chainlistr.com m16718.contaboserver.net modeu.network modew.network modne.network modoe.network network.polyhedrao.com nightciows.com nightcirows.com nightcrows.com.nightciows.com ns1.yurtekmek.com ns2.yurtekmek.com pa-ock.click plus-telstra.shop plus-telstras-au.online poliyhedira.network polyhedra.network.polyhedrao.com polyhedrao.com polyhedrao.network polyhiadira.network psitaliana.shop psotiit.com psotite.site psotnords.shop raydima.com raydiue.com raydiui.com raydiul.com raydiur.com raydiuu.com raydiuv.com raydiux.com raydiuz.com rrr.yesis-store.com seeditfyc.com seeditfyi.com seeditfym.com seeditfyn.com seeditfyr.com seeditfyu.com seeditfyv.com singaporebooking.com singaporedui.com singaporeentertainment.com sitemap.chainlistr.com sitemaps.chainlistr.com specialdrilling38.ru stream.pascalsoftware.com swiftcrypto.pro synflntues.com synfntueis.com synfntuies.com taliskerwhiskyatlanticchalleng.com telstra-au.online telstra-plus.shop telstra.fun telstraplus.shop telstras.fun telstras.online telstras.store telstras.tech telstrat.shop terpsbag.com test.yesis-store.com ticket-singapore.com tonflux.com ttt.yesis-store.com wahelp.website ww12.chainlistr.com yesis-store.com yurtekmek.com # Reference: https://x.com/drb_ra/status/1812741250954543449 http://185.18.222.93 # Reference: https://x.com/ValidinLLC/status/1816891876697337910 # Reference: https://app.validin.com/detail?find=5d17fbecdbd631b16214c7d7d0d71ff9&type=hash&ref_id=6fa7e2533df#tab=host_pairs_v2 customer20portal24.info direitoeletronico.org worlds-securitys.com wtffckbeachpro2.com palenko.customer20portal24.info # APK /inatboxx.apk