# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: harly, joker # Reference: https://medium.com/csis-techblog/analysis-of-joker-a-spy-premium-subscription-bot-on-googleplay-9ad24f044451 joker2.dolphinsclean.com beatleslover.com tb-eu-jet.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1184054662003134464 # Reference: https://www.virustotal.com/gui/ip-address/52.77.93.217/relations 23w5338-z.com beatleslover.com hyy-2d2.com kaaryah.com nichfyy.com prick-6ey.com sw7p5-629.com # Reference: https://twitter.com/ReBensk/status/1217065291320045568 andu-eu.oss-eu-central-1.aliyuncs.com # Reference: https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ # Reference: https://www.virustotal.com/gui/ip-address/3.123.204.12/relations http://3.123.204.12 # Reference: https://twitter.com/ReBensk/status/1232297093802233856 happyyear.top # Reference: https://twitter.com/ReBensk/status/1246451065970712576 wsbb.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1249765927677243393 gplay.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274316961510498306 yehua-online.oss-cn-hangzhou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274334502224044032 facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1275443534070296576 wdfoz.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1275713835090001922 rockmanpc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1276806753959763968 http://34.206.171.237 woea.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1278016062378987520 etut.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1279451409189146624 39200628.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1278711799001632769 separatesuppliers.live # Reference: https://www.virustotal.com/gui/file/275dbae90dc9d84782297858b90579a106d4752e0b6e8a7553b86d1d4d8f7f62/detection http://47.241.2.108 # Reference: https://www.virustotal.com/gui/file/4a9504de927266b9101417e2dc2acf66e2c9e5b3565f64894a6467b0ebeac58f/detection http://161.117.229.58 # Reference: https://twitter.com/bl4ckh0l3z/status/1280090346840567809 # Reference: https://www.virustotal.com/gui/file/76faf61e374b271d7a818338a4857c2400ff0a2e5864ce1a70e6df04cf8da3a0/detection # Reference: https://www.virustotal.com/gui/file/901020b4b768fd4382f9d305cce7906b33dd0ce876e28151d760b0311b5e8769/detection http://161.117.44.212 http://161.117.46.64 http://161.117.48.94 33333333333-1301476296.cos.eu-moscow.myqcloud.com facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/ gd-1301476296.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1281909972683677696 http://161.117.83.26 hardsay.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1283788323178373120 http://47.74.179.177 # Reference: https://twitter.com/ReBensk/status/1286642164152311810 # Reference: https://www.virustotal.com/gui/file/198d887f450053630fa40ae0221c794a1ce6733385e6559dae3b9777308803b2/detection allstars.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287414754496196610 waitalone.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287662297465454592 # Reference: https://www.virustotal.com/gui/file/4bc4beccd01a014354c27e2388e87e67ff1d37e5c7a220650d6931ac4fc28b89/detection hardwarestandards.shop mobiledevices.icu # Reference: https://twitter.com/ReBensk/status/1288333955570302976 aisunani.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/aazim_here/status/1288440507396493313 narta.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1288701923974156288 99042.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790256649674752 fbgufra07.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790529308864512 larkbucket.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289412525197467648 bullse.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289831992108789761 reff2355-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290214936900063232 fdsr234-1301476296.cos.eu-frankfurt.myqcloud.com gfd3424-1301476296.cos.ap-mumbai.myqcloud.com hkkg34fd-1301476296.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290603888991776771 dg1042.oss-eu-central-1.aliyuncs.com mg420.oss-us-west-1.aliyuncs.com ydnxy042.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1290612822582468613 http://161.117.226.98 # Reference: https://twitter.com/ReBensk/status/1290618344853221376 http://161.117.62.127 http://47.91.99.122 http://47.91.99.17 # Reference: https://twitter.com/bl4ckh0l3z/status/1290655447645663234 gseven.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1291985135936602112 purchasingmanagers.club # Reference: https://twitter.com/bl4ckh0l3z/status/1292425701925281793 http://54.251.231.73 # Reference: https://twitter.com/bl4ckh0l3z/status/1292908632217210884 forgotten.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297528634127851533 ruik.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297909430663684098 http://54.254.62.156 # Reference: https://twitter.com/ReBensk/status/1298846513070829568 jk8681oy.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1298891762744909824 were4o5.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300691596556603392 blackdragon.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300652965854883840 n47n.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301027283734585344 blackdragon02.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301494248550866944 2j1i9uqw.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1301963377435181057 http://18.141.129.153 # Reference: https://twitter.com/ReBensk/status/1303917434831876097 proxy48.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1309475351572045825 # Reference: https://www.zscaler.com/blogs/security-research/joker-playing-hide-and-seek-google-play # Reference: https://otx.alienvault.com/pulse/5f6e0a6e075485dddd57a37b 2j1i9uqw.oss-eu-central-1.aliyuncs.com blackdragon.oss-ap-southeast-5.aliyuncs.com blackdragon03.oss-ap-southeast-5.aliyuncs.com fgcxweasqw.oss-eu-central-1.aliyuncs.com jk8681oy.oss-eu-central-1.aliyuncs.com laodaoo.oss-ap-southeast-5.aliyuncs.com n47n.oss-ap-southeast-5.aliyuncs.com nineth03.oss-ap-southeast-5.aliyuncs.com proxy48.oss-eu-central-1.aliyuncs.com rinimae.oss-ap-southeast-5.aliyuncs.com sahar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1310417869184946176 successfully.link # Reference: https://twitter.com/ReBensk/status/1318048542037082114 becomplete.online # Reference: https://twitter.com/ReBensk/status/1318400566628765696 http://161.117.178.233 # Reference: https://twitter.com/ReBensk/status/1318608437056466944 http://161.117.250.158 # Reference: https://twitter.com/ReBensk/status/1318757468995018752 http://161.117.230.57 # Reference: https://twitter.com/ReBensk/status/1320593911090421760 brickmortar.life # Reference: https://twitter.com/ReBensk/status/1322789280083808263 idnyss-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1327249045513879556 watermile.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1329328104720932865 nqgvyv.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1332623673484689408 firelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336482195230380032 icelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336651462395490305 satellites.life # Reference: https://twitter.com/Cuser07/status/1341937502685261826 perper.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1342708478737936384 likeafish.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1343389745372491777 indo-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1344988057074683904 # Reference: https://www.virustotal.com/gui/file/781ca10557344f191f53515b2c085a1a5d8331056fa3bf47d622c41c534a13b2/detection at7kyxx4.net last2020.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345268756470145024 http://47.241.106.26 lasomiso.oss-ap-southeast-5.aliyuncs.com znyym.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345607922038886400 rainday.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1346343034208747521 http://54.251.231.67 # Reference: https://twitter.com/sh1shk0va/status/1347258704115200002 feeli.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349959814814724097 jordi.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349772427685859329 longdistance.live # Reference: https://twitter.com/ReBensk/status/1352114382151405568 # Reference: https://www.virustotal.com/gui/file/b6058b96e2acb5a3b0bcf699c5f4c4dc740f6bf65b1ceeff07c71c978327a83e/detection pandaksp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1352232075189907460 dinners.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1353601014847348736 comforty.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1356623475075547140 dingz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357608935914565633 rooftop.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357630155917729794 sunset.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358702595057983490 founde.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358706711473790977 # Reference: https://www.virustotal.com/gui/file/aeb60925fd4a8525f76bfce9e39d577c394d0e541bffdbce9707c78818d82f76/detection fy-2021.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359045679377575937 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359073731079852032 aliyuncls.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359070082635231233 lovingu.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359077052050141185 plantgrowthtracker.oss-cn-zhangjiakou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1361001345663176704 sungoddess.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1363373817553293315 andyla.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1364081572584906753 warriorss.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365176741103247367 uiytjjuytr.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365177983149826048 runwa.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365182302523777032 tool-pdf.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366311466769420292 fronta.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366343257014165507 breezea.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368862009710755841 chenllx-buc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368901182358364167 linchen-bucket.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1370277229700124673 biggerone.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1373874229037342721 hwayt.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376073798768713729 dagmar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376072244493873152 giantchameleon.com # Reference: https://twitter.com/ReBensk/status/1376465936299909120 banca.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376827979423047681 scanlucky.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378587175575453703 selct.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378996591567151107 lwildlifetrust.com # Reference: https://twitter.com/ReBensk/status/1379809108312788993 wansgo.oss-ap-southeast-5.aliyuncs.com # Reference: https://github.com/DoctorWebLtd/malware-iocs/blob/master/Android.Joker/README.adoc ad.mobnv.com api.lemonmanga.com gp.fortunnecat.com router.cutebubblegame.com welcome.baltergames.com allinonemessenger.oss-cn-shenzhen.aliyuncs.com beautypluscamera.oss-ap-northeast-1.aliyuncs.com cameramx-photovideocamera.oss-cn-wulanchabu.aliyuncs.com colorrollingicon.oss-cn-huhehaote.aliyuncs.com deepkeyboardpro.oss-cn-hongkong.aliyuncs.com funcolortoucheffects.oss-ap-southeast-2.aliyuncs.com funneymemeemoji.oss-ap-southeast-5.aliyuncs.com happycolor.oss-ap-northeast-1.aliyuncs.com happytapping.oss-cn-qingdao.aliyuncs.com new2021keyboard.oss-ap-south-1.aliyuncs.com novasdk.oss-cn-beijing.aliyuncs.com superkeyboard.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1381533326570229762 # Reference: https://www.virustotal.com/gui/file/3dfd9c6825c816fe0c995942c3c2885c5113084f199de5c1c107cf58c9f2d01b/detection dsfdbhfg-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1381531919356100609 # Reference: https://www.virustotal.com/gui/file/7f5a3921bcaf383ae8812814b1e29dad4f1baddfa0b723cc6e3bdd6c6e6a358a/detection 0402-ppd-dsb.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1382594399712911360 # Reference: https://www.virustotal.com/gui/file/c55a1f0344582b1a4f06199bf2abc2e6cb11c22b18e1c86bbef433ab4b782ef4/detection languages-mmp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/m0br3v/status/1224286533487820800 coronavirus.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1384373907940016131 dgsxc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385224629396987908 cvnz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385282363484033027 vfew.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1340647716930560000 ewr1.vultrobjects.com # Reference: https://twitter.com/ReBensk/status/1386225948001914883 cjck-image.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1386384566978371585 vbnm.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1386897035484274689 mul4.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1389887507702050817 yutey.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1389883215477809153 ww44kk-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1392735146235760640 512-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1394902634641780736 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393133564523257858 dododododo.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1393455501514477571 321145512a513-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393598051697131521 piapia.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395351832654794759 vvtts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983592652623875 haiyawa.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983811637252096 suanleba.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983726660644872 gapp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396334176639459330 misia.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1396568030398746627 buckts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396718261807435781 sycg.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1398668479167823874 kullali.oss-us-east-1.aliyuncs.com wter.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399041124682006529 new-sk.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399210588429946888 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1399207089256296454 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399969639413686273 syracuse-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1400131768833822720 tos-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1400758703603683328 61toolll.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1401057812604588037 automan-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401432186096537601 z7f5b2g-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401521422770458626 20210419-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1403280211093835784 tttlll-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/dvjmane19/status/1404322779554476037 aiyama.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1405421937753432065 # Reference: https://www.virustotal.com/gui/domain/spotifly.world/detection spotifly.world # Reference: https://twitter.com/ReBensk/status/1405754983547502603 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406241798431797249 tpfl.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406651189312180225 voicesp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406653301978853380 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1407936663662125056 614tls-1305586011.cos.eu-frankfurt.myqcloud.com dejunior.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1409417735889735680 tnd.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1409427649118621699 02aa-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1410479298381639682 intherain.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411901306248253448 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411916504476504066 0701baibao-1305586011.cos.ap-nanjing.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1412726140645494785 willyou.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1413071498948923399 kadmg.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1412716959754600456 http://143.198.150.254 /ob1x/8j84e/xnxo # Reference: https://twitter.com/ReBensk/status/1414446496406065156 corejj.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/magnumsnip/status/1414589863106519040 hd-background.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1415182687787094023 dkqonfacebook-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1414900521802948613 caonimasbsa-1305586011.cos.ap-singapore.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1416400454389428228 denni.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1416438873761091588 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1417079288197570560 mffsgfb-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418535089277870080 # Reference: https://www.virustotal.com/gui/file/52af3165b2a222d0336a26ff7a9302b2df973d995177eeff3094bfd36e0e9d1c/detection samg.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1418533495471702019 # Reference: https://www.virustotal.com/gui/file/d31c3b1a0887e5923b65e5157318e1a8ea366881eabd02233f1037ebdcb5e7eb/detection 716ocean-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418099141591269379 # Reference: https://www.virustotal.com/gui/file/96a8edb1080f49cd384f2bc7f2a5ab65de08893fe7abd45bbfd3fe8f8945159c/detection usefully.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1419521390445617156 # Reference: https://www.virustotal.com/gui/file/73d09c62df86d24e19f94b6a4d00dd4f4ae6d1af978888d6955936cacbbbdfae/detection jiefx.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1419683128277405699 pointer.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1421875674839621636 # Reference: https://www.virustotal.com/gui/file/652412b8441a5c7b46a6106e8c40f7fac3fa1cc9009316ae270f9c8fbadee98f/detection ds-3006.oss-acc-allline.aliyuncs.com.gds.alibabadns.com wg9.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1422040841124683779 # Reference: https://www.virustotal.com/gui/file/5cc2dbd3fa346bca124faeee24e1072b02df993fd70a1d2973ab4da973e13759/detection weathercycl.club # Reference: https://twitter.com/ReBensk/status/1423249047360393218 # Reference: https://www.virustotal.com/gui/file/f050606805f23465d30b9b2c61c9c912b1c5006e7683d1a039af08a02a5865ef/detection covidis.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1423266441277497355 84ppsd-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1423560450101243905 # Reference: https://www.virustotal.com/gui/file/9cb527cab9f836d6716507be12076f34e7a3260400a641c12554fd2ce5052c5a/detection bjylhf.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1424391509508431878 http://161.117.226.99 # Reference: https://twitter.com/ReBensk/status/1429116330284781574 # Reference: https://www.virustotal.com/gui/file/bb3e0a955f7eb43b04e03449b4aeb87a15935891b48ea015f738a4153cf92486/detection heartrateandmealtracker.com # Reference: https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/ # Reference: https://www.virustotal.com/gui/file/214135bb602b3d833d51a3a4ddcbd3aea3124caf67ad2aa0467d8b3073a24b1e/detection 1mg1816-1305586011.cos.na-ashburn.myqcloud.com fenglintechnology-app01.oss-me-east-1.aliyuncs.com grouplearn.shop implemente.life paramera.shop puerassist.club seemslologo.club vip.paramera.shop # Reference: https://twitter.com/ni_fi_70/status/1450001755065012224 diyaa.oss-ap-southeast-2.aliyuncs.com wo0.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1451079105470820358 jiaomei.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458795768022720520 banmama.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458803683517468678 fibvdk77pp.s3.us-east-1.amazonaws.com opyv7s6tju.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1459941307279831046 howmuch.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460225316941672448 aa1026.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460274914397720584 uyetpvn545.s3.eu-west-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1461376398078013440 ykzzldx.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1466078385818505226 8egbu57cwe.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1468891475887157250 # Reference: https://twitter.com/midnight_comms/status/1468969195220062214 # Reference: https://www.virustotal.com/gui/file/988293d69199e6905e29256b489c9f73c0939e520f19fb23a7bd6d222f708359/detection # Reference: https://www.virustotal.com/gui/file/ef03a39a0a845b54f2a4be42d533ee92d5b309c9f81bb985ed3cce1e3733ece3/detection http://193.123.103.55 fortunnecat.com aff.fortunnecat.com v7s3q3zisk.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/midnight_comms/status/1468971453630410763 knowu.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/midnight_comms/status/1468971551324131349 # Reference: https://www.virustotal.com/gui/file/8ee3c8007da49ace4c6070081766e8a5f91ed5c9c966dc5f65287b7c312f797f/detection http://8.214.6.79 applicanic.com keyboardstyle-181d4.firebaseio.com keyboardstyleapps.blogspot.com azh913.oss-us-east-1.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com ds-2048.oss-acc-allline.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com.gds.alibabadns.com ds-2048.oss-acc-allline.aliyuncs.com.gds.alibabadns.com yon.oss-ap-southeast-1.aliyuncs.com /svhyqj/mjcxzy /svhyqj /mjcxzy # Reference: https://twitter.com/midnight_comms/status/1468972508426620937 multi-languagekeyboard.blogspot.com # Reference: https://twitter.com/sh1shk0va/status/1470367449669423110 # Reference: https://twitter.com/midnight_comms/status/1470379168575541250 jao9.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1470359946705395720 # Reference: https://twitter.com/midnight_comms/status/1470377864985923586 xzh5gswh3z.s3.us-east-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1471127777785098242 # Reference: https://twitter.com/midnight_comms/status/1471157786750832641 # Reference: https://twitter.com/midnight_comms/status/1471158825377939461 # Reference: https://twitter.com/midnight_comms/status/1471160285230624769 # Reference: https://twitter.com/midnight_comms/status/1471161366568259586 http://8.214.56.11 40wia6je1e.s3.eu-north-1.amazonaws.com mjhla.oss-ap-southeast-3.aliyuncs.com mqjuikvjn-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1471459460602159107 nv2.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1472124389282181121 # Reference: https://twitter.com/midnight_comms/status/1472232347139559429 mygoodidea.xyz mygoodidea.oss-me-east-1.aliyuncs.com puerassist.club # Reference: https://twitter.com/ReBensk/status/1475362049257402370 maybee.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1475456020004671489 # Reference: https://twitter.com/midnight_comms/status/1475481954506137601 qyhtofiqg9.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1434533331408809985 ladders.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482421958461759488 # Reference: https://www.virustotal.com/gui/file/a9045ba7536e77151fed86ef78efd2fc66cc4298e9b3017df091273c5152b1d8/detection lettera.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482423059374313472 # Reference: https://www.virustotal.com/gui/file/16bbf489bae2c9146d63b715a5f9ff0b24ea3b9bfe8cc93169bd59eadd3a4154/detection blissful.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1487829215001350144 # Reference: https://www.virustotal.com/gui/file/26d4754677efd689f4c5c381af8376aeb21116e70cc9c080113d720a9fcb01d2/detection # Reference: https://www.virustotal.com/gui/file/b628774940789d9fc0146acc6e2cec44a27e368917576e9924e468ef5b10c402/detection http://13.212.73.209 # Reference: https://twitter.com/ReBensk/status/1488087946767249411 a63vfd6e57.s3.ap-northeast-1.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1489869350861344771 # Reference: https://www.virustotal.com/gui/file/d863c91841dd320f1cae467773dbe8c6e9406f7220e0a8e3ceb13ea32180bb35 na7qvkzun9.s3.us-west-2.amazonaws.com fortunnecat.com aff.fortunnecat.com # Reference: https://www.virustotal.com/gui/file/f9f4d7a3197aaeb38d9cdffb000dceb2d5276bc24b166c282c9f9b39eb747f4b/detection bus1etkj8x.s3.eu-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/eb749ee48f6017cfe2a68b15e4a48946f9a1d186af3621b29674f6475c654884/detection uulfdjv7xv.s3.sa-east-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/e9dc5a33255ffc917bf6419fe5e45308c4c8470f0946f7b076508f7a3cd4c083/detection 25y4v8ei8i.s3.us-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/d863c91841dd320f1cae467773dbe8c6e9406f7220e0a8e3ceb13ea32180bb35/detection na7qvkzun9.s3.us-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/c4e19db3b08fcc0786f0358df52d57280851da111038572683a5b7406ff1a68c/detection pdko2zc02t.s3.ap-south-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/b880fd0a0041b929031869fc5a41f5cbead9eec373dd10071a0dd81ae748d833/detection bur95kuixl.s3.ca-central-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/a0bee30d45534437e9b7774dea5d2c183562037a0b4d681a89171bce25edbfbd/detection 83rez940qo.s3.eu-west-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/9a818238ccfad64a393f8cbb29141075147ab855a583d047218f23dd8aa14275/detection gp.fortunnecat.com # Reference: https://www.virustotal.com/gui/file/82af315ea310726110cf7bfd7a033b3f80e756115468135c8c3d1454d9f66ff6/detection http://52.91.167.192 2i2i4w68dz.s3.ca-central-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/6111f5e552d82af9b58fa1c5387fad0669afa3b2f4ea54cf0ae0303db0597515/detection 1mcousuhu6.s3.ap-northeast-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/362c01bb6cc35788f3304443431a3fc86ebb6c51a6223e9c489b92204017a90b/detection j6oup8bkwi.s3.us-east-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/231a525beb57d7d46f938f938c0b2d81d32fd663b575162972818e863b25beec/detection 5el3tv6osl.s3.us-east-1.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1490222916054622209 # Reference: https://twitter.com/LukasStefanko/status/1490355878901522443 # Reference: https://www.virustotal.com/gui/file/f2647509afb2eb23d7e369e02b47293b167c8e1fbacf2a35ed90b5f15e56023f/detection # Reference: https://www.virustotal.com/gui/file/f60d42d016b83c53d9421d635917867ba46dc50ed8f0e12766642f2c226712d7/detection utansy.com ace0104.oss-me-east-1.aliyuncs.com xn3o.oss-accelerate.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/53676ae8637f18f92daf80a7c7732a6e6cd20427f1e3581a50262e858f65f9cd/detection ferryc.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f068a2b7590cbdbfd4eeb4921e555eb192b90f343e7165f6f7843fbade4638fe/detection wuyuz.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/db1285dc4ada3c9918851bebc15745a8789458d18be9a51e09fbfee983c358a9/detection d25tv1xepz39hi.cloudfront.net # Reference: https://www.virustotal.com/gui/file/9ab65ffc7f877e6e06f8512147c766f503a72e754a5ad9fe37cf5595c2a497c7/detection yew.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/636d093efbb6162110b7aac9ed00dd242756495378e30c913e2d9e35752b11a9/detection flumes.oss-us-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/0894c5a2244870cb33257ab13d3edb840db4e40a3a715fc815956650c86fa3af/detection year22.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/4ee832c3d6ccdd3d304d33ae53e76aded8cb2b71aaed50239bb087c8ab710742/detection compan.oss-cn-hongkong.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1493449786732646402 jiaao.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1493518607577456640 # Reference: https://www.virustotal.com/gui/file/0e15b02e99c0153f5c416dfad024386c9d34401cf6e09c96980eaeacfebb6eb0/detection central-1-ds-2077.oss-acc.aliyuncs.com praises.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/43593c8b035f854ac70615f3ce9a0cfa532ebb52cb6cbb5fd257180aea552c59/detection tomorrowday.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1493902980705185792 jab.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/95705697a546eb30e2b75e2bace549766d4d9a2744dc67cc54c3a8cf458012f1/detection avfmproject.xyz mloss.xyz s-0215-1.mloss.xyz sa-0216-2.mloss.xyz x-0215-1.mloss.xyz # Reference: https://twitter.com/ReBensk/status/1495426524068995073 # Reference: https://www.virustotal.com/gui/file/9734af7e513364aa63c6bd471f534afdc7bfa87cad5ffc6398d5895ca471fef6/detection blurs.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496055251446734853 # Reference: https://www.virustotal.com/gui/file/a1a2c3cbc90172493471ddc234a8909ddb6e6a7639c5c74005269bdaf13d442b/detection kaqiusha.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/fc3a246cff0375b6bc1a4adfbbe3a45afb6a40557428bbc896f93c0808443ef3/detection loc-translation.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f694dd55f69791f3305f434b310cd22c54caad7a53546ab7c331d870599fcbe1/detection res-values.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/e9b61c9b1441badb2a1e897417b99941ed1b945877b6c638ecc18a9f63056a8c/detection tumar.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/dae702107db0129a213ff2a5863bcc4cd5694dec305e0720750ecb53b5d6c192/detection pcman.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/ca6ef976bdc1d22a1cec86cbe93f7b38466bcd1a8270cee267e29cf79942ad16/detection opiu.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/acc5db0a58da1e647a2c3e1fda43b39b7de46e3e16727af957be7b03a4d7647a/detection g-imgs.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/8587a06ff15dc8094c43243d4cc917820d88417b1fd4e4564590d21ef06ef46e/detection myfonts.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/82ca0078402d4ad6e40ee2cbd69d2a8979bfeea9112a1385d446cf835f976259/detection hd-resource.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/7fb9e64819e9e5156b65021ff12b36c54230994e8f94f50ed80f1bcff66888e7/detection aa-1019.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/7f154459582e711d236a80018c7b6014312562559f8937984b6fb63d4d7e8499/detection ikux.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/749a458929fa22008648662b30818c467596335f0e69394c3121692d70e7c7a6/detection # Reference: https://www.virustotal.com/gui/file/6d0d488045ce947bd339476aa86f5877036d9c5b205dcd5421609d227ed0f34c/detection uja.happyyear.top uja.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/6f5be4dcfe3cd25683bc9547446238816c7fbf3342cdbce6aedc4036aa53d671/detection pluczld.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/5b84723d474be2747fe91ffb094ad3ed715269407514be831f43a6ca53d13fba/detection picla.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/504e0b9be33f2c5b8a8ba2b8b381bd60ba9f71a99d1155ab1c49af45771f116d/detection http://157.230.192.87 http://167.99.164.28 http://47.241.3.87 capn.oss-eu-central-1.aliyuncs.com /api/ckwkc2?icc= # Reference: https://www.virustotal.com/gui/file/390b29e2722eb8eebcd0b031ae904bc288900b5a5a8c1b1036130a0e964ed5d0/detection ironma.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/19d6e015a7797fa2610452494ce8aec802b9ff25d515863969494b7a4521f4b4/detection 1-1-0.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/136a9b01597f95bba82993f625cb541a34e26cc9ffbd1544aa3fa51dafa64838/detection aaca.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/0a8ed4a574298e3266cdb1ae1cbbf252994626284af89bf304a453f56db9704e/detection pluzz.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496777134047567872 flew.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1496897708254109727 rator.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1497585987773296640 sharedby.blomp.com # Reference: https://twitter.com/ReBensk/status/1498890294804172803 # Reference: https://www.virustotal.com/gui/file/fa58783395698ba8717514ecf9661ff278d9be1cc13ac95b1c87bee2661a754e/detection 183.36.108.26:8081 canbye.oss-accelerate.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/837e5a044ffb2721ab07430380c4089e3a6995c9f0663c5192ae76d3a92e4ac0/detection rememb.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1500001802095190017 # Reference: https://www.virustotal.com/gui/file/eb1acafcd068747295beee5df8460f063f23a5c10ef795414408029ed2642941/detection hypno.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/5613c51caf6bece9356f238f2906c54eaff08f9ce57979b48e8a113096064a46/detection xni.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/8cd27abdeaf021e73b1c3428c4b378286875061a7429de3e9c7560882e0bf290/detection docread.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/c26f5a65d820f636c514a4b6eefc2daed98fe4e26c65f88762e099490b6aacec/detection 119.147.6.84:8081 # Reference: https://tria.ge/220316-reeh8scgdj/behavioral1 joyjo.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1505063971660857346 # Reference: https://twitter.com/ReBensk/status/1505396821316673539 # Reference: https://twitter.com/magnumsnip/status/1505814807198732293 # Reference: https://twitter.com/magnumsnip/status/1505810655538184192 # Reference: https://www.virustotal.com/gui/file/1ad01131d1c18e2d5afc81d9392e200ee19f02e4367048b10f440704962f2f0e/detection # Reference: https://www.virustotal.com/gui/file/b3d4bbba8aa5451f23f636367db4d16e00c5cc5416770fd5bde80a7fc61fe96e/detection dancing.oss-me-east-1.aliyuncs.com xjuys.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1507223904808763393 # Reference: https://www.virustotal.com/gui/file/8aa2abea2a4b0d23c8b69123860c1b35da3410bef737b50f54f59b3b9f745a07/detection machin.oss-ap-southeast-6.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1509500212540321795 # Reference: https://www.virustotal.com/gui/file/150d62510b362ce110df0324e19b6d832fc6f8129fb2b5390d3cee8d94a3d12c/detection reality.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1513927583141822465 # Reference: https://www.virustotal.com/gui/file/78b2822a2357e78f199050495de490c140c260b830332437530cae780531461c/detection newapril.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1515958514123911174 # Reference: https://twitter.com/ni_fi_70/status/1516334982549192710 whisperu.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1514994019860086784 # Reference: https://twitter.com/ni_fi_70/status/1516337687724179456 0xiaoxiao-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1516699643404378119 # Reference: https://twitter.com/ni_fi_70/status/1516704581350305798 depths.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1519192928899551233 # Reference: https://www.virustotal.com/gui/file/ca9c1483ef75da118a2fed1243d01cb6febd9d0d9e710465bbd57db7724ff439/detection lantansuancai.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1519190384672493568 # Reference: https://www.virustotal.com/gui/file/9e225ff9f87938e872e71074eda9986ce3a776f8d62774a8874e26e86fa21698/detection rk2rop9ourkay-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ni_fi_70/status/1519667023105646592 nexto.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/dde98b8434d2dd5d19250c125372f0151b9b477bac49423bba494b803c82b614/detection neighbors.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1523942878686310400 # Reference: https://twitter.com/ni_fi_70/status/1523953881381810176 yhnvdsfexznbjha-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ni_fi_70/status/1524630481916116992 appevent.xyz re.appevent.xyz # Reference: https://twitter.com/ni_fi_70/status/1526100159754543106 gbnjbrjbfdsds-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://www.virustotal.com/gui/file/f310d6679f17eda84e5c59e6feecd5d7204d560890372cfe1eec69877896b8cc/detection ipots.oss-us-east-1.aliyuncs.com # Reference: https://tria.ge/220526-g4w5gacggl/behavioral1 laughter.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1531171340564283392 luminous.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/d4a28d852d60ac0f180a5dfcc95a544a4fa400403eb318162f69d87bd3749100/detection logapi.xyz api.logapi.xyz # Reference: https://twitter.com/ReBensk/status/1533061589942693889 # Reference: https://twitter.com/midnight_comms/status/1533064197491216384 beside.oss-eu-west-1.aliyuncs.com operatebrill-1301476296.cos.ap-mumbai.myqcloud.com sfatyzbjqkjs-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/midnight_comms/status/1533632041375305730 # Reference: https://twitter.com/midnight_comms/status/1533632548936396800 maytheday.oss-ap-southeast-2.aliyuncs.com /may19adab.nchl # Reference: https://twitter.com/sh1shk0va/status/1535267889313370112 # Reference: https://twitter.com/midnight_comms/status/1535273575342559234 givehotdog.com trustcats.com whatmypl.com dx-ads.se.us-east-2.amazonaws.com # Reference: https://www.virustotal.com/gui/file/422d3be1c543777281c9a97154afdf523230259855daf7837387e0a7db69c600/detection overhead.oss-ap-southeast-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/f24e395fe73779882f9f0a07e7ca86613bfa91493aa1e9eb6a6edd41c710bd5b/detection univer.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1537576927833346049 juneeoumaos.oss-ap-northeast-2.aliyuncs.com nojio.oss-eu-west-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/c5aac53c3206f75d0fe85e569e42a9387d7f0ff61b731f57d6b8b62a4a28ed15/detection xjuys.com /xjuys/v1 /xjuys/v2 # Reference: https://twitter.com/midnight_comms/status/1537803912844959745 # Reference: https://www.virustotal.com/gui/file/11b82c0a3a2543600c636e31290d3c724c431b4c448dd8fda2d874aea517e7d2/detection play-google-com-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/sh1shk0va/status/1537862037501509632 nnmmaacc-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1538513506999250945 # Reference: https://twitter.com/midnight_comms/status/1538552893556465664 # Reference: https://www.virustotal.com/gui/file/afeb6efad25ed7bf1bc183c19ab5b59ccf799d46e620a5d1257d32669bedff6f/detection look4.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1539863046591352832 # Reference: https://twitter.com/midnight_comms/status/1539946083412873217 # Reference: https://tria.ge/220623-hfrqhscafm base-1304593971.cos.eu-frankfurt.myqcloud.com use-1304593971.cos.na-ashburn.myqcloud.com zxporter.com /canbye/v1 /canbye/v2 # Reference: https://twitter.com/ReBensk/status/1542116060052148224 # Reference: https://twitter.com/midnight_comms/status/1542139092586094595 # Reference: https://bazaar.abuse.ch/sample/4970e21df47bfdfc6e72d35f5e5e6de03770718a1240c180a75a8a0ba14e2197/ 5qx32p3cm9.execute-api.us-west-2.amazonaws.com oilopix0v9.execute-api.us-west-2.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1542383654168453280 # Reference: https://twitter.com/ni_fi_70/status/1542389718968573952 # Reference: https://www.virustotal.com/gui/file/abfd34a999b72353d4a1042efa46a22d86daea25fc20100a2ef7e2155622602f/detection amazingufish.com birdinhous.com healthcheckerout.com cdn.healthcheckerout.com dx-ads.s3.us-east-2.amazonaws.com dx-ads.s3-website.us-east-2.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1545458409364803584 # Reference: https://twitter.com/midnight_comms/status/1545526821940183040 http://139.177.180.78 julyhcdszstsxqll.oss-ap-southeast-3.aliyuncs.com /july01bldxx.yxzrh # Reference: https://www.virustotal.com/gui/file/0f102acca99f15412465290dc395b6e61f13c46cf40f04b1b966ec4923e44e68/detection atmost.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1556554890259795969 # Reference: https://twitter.com/midnight_comms/status/1556622380742606848 # Reference: https://www.virustotal.com/gui/file/6feb6b9cd679f4aa6a1e1549b6cd302f653038beaa903ddf8b20e3e44221f4e6/detection randkey-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1556886499995422720 # Reference: https://twitter.com/ni_fi_70/status/1556905334735790080 # Reference: https://www.virustotal.com/gui/file/ee9ba77cfd3b0ba464dec5a80b42c21e25aef1bdf05791c833e8eca823af760a/detection/ cxjus.oss-accelerate.aliyuncs.com mmds.oss-us-west-1.aliyuncs.com weither.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1557627957442650117 # Reference: https://www.virustotal.com/gui/file/e5a584d21ca765521d049416e3bf226e6b4fe927eb3bbb22882b6387e19a470a/detection traverse.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1564148841816985601 # Reference: https://www.virustotal.com/gui/file/41b7dddcf43a9ab357b776c2eef9d8d3b7f44b0781d213d1e1d9ecf73ccd695e/detection # Reference: https://www.virustotal.com/gui/file/0e537c2b99cc6171b2cb0f315c75d38be8c5e1faebf999a5090bf6d1fb856401/detection # Reference: https://www.virustotal.com/gui/file/eff632c600c511ae99a78eb18e48328cfe661e9593b173cc7e74a2d6a53f064d/detection cxjus.com corners.oss-ap-southeast-1.aliyuncs.com designate.oss-eu-west-1.aliyuncs.com interested.oss-us-east-1.aliyuncs.com mffsgfb-1301476296.cos.ap-mumbai.myqcloud.com pn22i2eqrj.execute-api.us-east-2.amazonaws.com # Reference: https://twitter.com/ni_fi_70/status/1569943828835999745 # Reference: https://twitter.com/sh1shk0va/status/1570021844203507712 # Reference: https://twitter.com/sh1shk0va/status/1570708744073531392 # Reference: https://www.virustotal.com/gui/file/f7eff6d7006cc4cc19d7fe574e50fc371e98ce8bdca09f74401ea27718f39142/detection # Reference: https://www.virustotal.com/gui/file/686a6f55f1f25610253710bb154cfa1f08e84319fb8cbe12c46e5d3f93358ece/detection armblood.site twback.store ct.twback.store home.armblood.site # Reference: https://twitter.com/ni_fi_70/status/1569982924920848390 # Reference: https://www.virustotal.com/gui/file/98fc1874772bc1a4eac483b4f50b7d36900c29ca3d5711cb6a3b8462854d8f05/detection metlight.xyz cat.metlight.xyz /fp5/ds2qe # Reference: https://twitter.com/sh1shk0va/status/1575155357529346048 # Reference: https://www.virustotal.com/gui/file/56ca20b7b5a94ac723306a76714ed88fbe97fff93cc9d9e015fb41d6516c7178/detection # Reference: https://www.virustotal.com/gui/file/d93def97d593c453ec9065294b985b6ccb0e49535daa82dec415503094f277e6/detection topsavor.site sep.topsavor.site # Reference: https://twitter.com/sh1shk0va/status/1575741560959995904 # Reference: https://www.virustotal.com/gui/file/279cdccd8d1b1729628cd021d332f2a1b26abce1fb40a8a5a46b9528274411e2/detection biscuitsweb.online g.biscuitsweb.online # Reference: https://twitter.com/ReBensk/status/1577518663535427587 # Reference: https://www.virustotal.com/gui/ip-address/101.32.92.198/relations # Reference: https://www.virustotal.com/gui/file/a100248f8b0342b63639dfcb0b7761056c082968320b412d95b73a2502afa9af/detection breadhis.online cardsimple.online cheapcoffee.online fanauctions.online fanlog.online fmzcompute.online nameyourfans.online # Reference: https://www.virustotal.com/gui/file/306771642e931d8d1ea06a4caaf95514cb6e1b0dfc4a167376a744c43b4a84e9/detection blockmerge.art cdn.blockmerge.art # Reference: https://twitter.com/ni_fi_70/status/1580529676010725377 # Reference: https://www.virustotal.com/gui/file/c7a24fdf454add796a868691b99f1a4916f15a0bd0bc4bad54062dbbd3eebae9/detection oneslife.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1580821762228424705 homecontrol.lol static.homecontrol.lol # Reference: https://www.virustotal.com/gui/file/e74a7c5149c29ffd1bfe84d180627707a059e427e8d98bd09a9ddbd88e83d3e3/detection inneractive-assets.s3-eu-west-1.amazonaws.com # Reference: https://www.virustotal.com/gui/file/ec1688500c94d59afa764dcfd1690a4b2e4f4a4520bb04e5e147f8ce05158d7b/detection keyseotyn.online admin.keyseotyn.online # Reference: https://twitter.com/ni_fi_70/status/1584523910099664897 exuberant.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1584521690591399938 # Reference: https://www.virustotal.com/gui/file/1f265d8cfe52b9b746c1c7185481a95f9415f82904e7f1e510f8bb2a379d2eff/detection caoii.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1585903448872157186 # Reference: https://www.virustotal.com/gui/file/48f2d1896101de4fe55cccdd9bbb16e2cb5e58072e1a7f64202f3b8b40c9c68e/detection # Reference: https://www.virustotal.com/gui/file/7276c4dce081017423e0f1a1ff8843616f45544c8037cd634de32ace0614c2a2/detection septcieern.online app.septcieern.online # Reference: https://twitter.com/ReBensk/status/1585964132347437057 beginning.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1587815427358457859 # Reference: https://www.virustotal.com/gui/file/fdb825a739303c4d47cbd691a9481beebb41f9ca549620a000b90f33e959c32d/detection subdao.shop # Reference: https://twitter.com/sh1shk0va/status/1588471415766159360 # Reference: https://www.virustotal.com/gui/file/3e7408fdf7766f701757548c5c3b09a7b87af31a726b297577d117a1756ba1b7/detection chaneonmge.store doc.chaneonmge.store # Reference: https://twitter.com/ReBensk/status/1589292006177918976 qgpo.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1589290329949491203 muyaj.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1589534305742884864 nov2.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1589920085086347268 cashmarket.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1590643621367545859 somany.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1590636564136148992 # Reference: https://www.virustotal.com/gui/file/ff6e4ef67013f91605f1caee71120d1467a9a5069ae2b6c5fb2e825bb8ae59c5/detection ele-new.live a.ele-new.live # Reference: https://twitter.com/sh1shk0va/status/1593276944535142400 # Reference: https://www.virustotal.com/gui/file/2573f9f10be18e56e9185f6b4060cb478e95f1adfc11ad4f35fbf3d486fc62cc/detection aidclean.com app.aidclean.com # Reference: https://www.virustotal.com/gui/file/dcc0fe34445144a376dc04227221e69bf2ca75162231d7ac6c0a4aad4fc56b2b/detection prosperity.oss-ap-northeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1596020744160710658 # Reference: https://www.virustotal.com/gui/file/7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2/detection richus.top cxjus.oss-ap-southeast-1.aliyuncs.com limited.oss-ap-southeast-5.aliyuncs.com /cxjus/c1 /cxjus # Reference: https://www.virustotal.com/gui/file/d02ec5a615b75cd21011aad1eda208df42ad654c5c3e4b5f3a9fdf3de9efd1cc/detection complicated.oss-ap-southeast-7.aliyuncs.com # Reference: https://www.virustotal.com/gui/file/edc96507180679f13a470d605929c73f0dcd9690c374f258806f53753406772b/detection tba_sync.gte666.com # Reference: https://www.virustotal.com/gui/file/b3e4b3aa06db36a8f6b09fced82ee2091873d1b79a44bbc724a194c7b86992ef/detection maxuu.oss-eu-central-1.aliyuncs.com weco.oss-eu-central-1.aliyuncs.com # Reference: https://www.virustotal.com/gui/ip-address/43.154.2.131/relations # Reference: https://www.virustotal.com/gui/file/7d517ea9bc152220fba74df5da9eddacb06184d38c79eaac2539c2f07d40f4e2/detection # Reference: https://www.virustotal.com/gui/file/7385e0e3d811b317ed67eefb54274b232c1f167de14c593688453b7431034a02/detection cannca.shop fbcode.co fburl.fun hkhi.nowurl homec.live hurb.fun nowurl.fun pplink.club urlfb.co urlvf.fun welco.live vjnghjg.homec.live wejued.welco.live # Refere # APK /000166ssshH5.apk