# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: slrat, spymax # Reference: https://twitter.com/LukasStefanko/status/1239494265618694147 assdsiwi.ddns.net # Reference: https://www.virustotal.com/gui/file/eb5db64f88a09cf8b5c72d2b3a0a45439c678bb513fb7adb59b335f0354cd095/detection 41.253.52.89:1515 41.253.23.12:1515 41.253.23.12:28028 216.38.7.245:6666 41.252.167.210:1515 41.252.167.210:28028 82.205.176.250:1515 41.252.139.115:1515 41.252.139.115:28028 165.16.67.82:1515 165.16.67.82:28028 41.253.168.216:1515 41.253.168.216:28028 assdsiwi.duckdns.org # Reference: https://www.virustotal.com/gui/file/988ba9665b44a2791f4ea3d6b95b885287212e0fecac8bb517784a6a69c0c6ff/detection shakermohammd19999.ddns.net # Reference: https://www.virustotal.com/gui/file/07ae6fa0f804e16f24ed052ef25349780195bfa95b557e9be52f29f9abbf39db/detection 187.122.224.72:5214 # Reference: https://www.virustotal.com/gui/file/4d5e47d30b62dcb134f3c2964f70e18efd73df1e6c8da5cc1e6582ec62fe366d/detection 177.64.155.133:5214 # Reference: https://twitter.com/malwrhunterteam/status/1248661416791465984 anti-corona.app # Reference: https://www.virustotal.com/gui/ip-address/144.76.30.213/relations 144.76.30.213:443 # Reference: https://twitter.com/LukasStefanko/status/1250451829877587968 # Reference: https://www.virustotal.com/gui/domain/pataraha.com/relations pataraha.com/apps/downloads/ # Reference: https://twitter.com/malwrhunterteam/status/1251514856114737154 # Reference: https://www.virustotal.com/gui/file/234fab850c14c91c9e0cd0b2a003c5ce9d17aeba5e88b24abd29c7cab89181ba/detection frewasss.myq-see.com # Reference: https://www.virustotal.com/gui/file/74cea86b03f5a3f31a8b5f262f3ff8349eb406f3ea0221d34ea85cde46717f4c/detection # Reference: https://www.virustotal.com/gui/file/9a436bf2e60a9682d5cd5c4c74fa87c56e094ebaec03b8818d84298af1fd8b05/detection # Reference: https://www.virustotal.com/gui/file/043c30441bde4a1f839bbbb06aa0651fb80f043510848c7a22cea33ddc966136/detection # Reference: https://www.virustotal.com/gui/file/3aff643f9121af2881b7995c7cfc7fe456e87bf189765576c96a0a6e4273dead/detection 141.255.147.237:2492 91.192.6.212:2392 91.192.6.212:2492 q1q1q1.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1252909522605277184 # Reference: https://www.virustotal.com/gui/file/ccb7c588115211956598f8af7ac66c0feabf6ba7b6b6832a7f66ad2edf2492d3/detection 39.53.94.143:4444 tandertx.ddns.net # Reference: https://twitter.com/ReBensk/status/1254691066298511360 # Reference: https://www.virustotal.com/gui/file/253262aa1b7eb99796acbcccdedb3cf627e32042ab35a75544c23af9e25a76b3/detection # Reference: https://www.virustotal.com/gui/file/bdffec168572196309fd356c26e0db5180d083297f76264945f463635fc5ed98/detection 197.206.139.184:71 41.105.255.65:71 steemit.hopto.org # Reference: https://www.virustotal.com/gui/file/f733ded73d4f498327480d232e415465c0f5654a69b431da081f83998b49ead2/detection 193.161.193.99:45467 gwennie.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1256471836457684992 # Reference: https://www.virustotal.com/gui/file/c140c29382aae632858fdb39f0fd9fe0737b7d758c818b582cea89354524937a/detection 185.166.27.9:5555 whoami769.hopto.org # Reference: https://twitter.com/malwrhunterteam/status/1258671300777783297 # Reference: https://www.virustotal.com/gui/file/638f7ae0adb26c5f57243c098a5f47781a981318c2461f9a3a2759ba9ef33cae/detection 111.94.75.182:2219 202.162.210.172:2219 mikymouse.ddns.net # Reference: https://www.virustotal.com/gui/file/15ad81a58df7a8fdf5f1f0d4fe6917989ae51d0fa0b3584b3ab7aebbe19af8f9/detection 105.105.215.75:3210 141.255.159.128:3210 # Reference: https://www.virustotal.com/gui/domain/hammoud777.ddns.net/relations # Reference: https://www.virustotal.com/gui/file/e701dfabda46e950db66fca6823198765f7226c9cda0f9bdb301d0af4045243b/detection 141.255.147.63:1177 141.255.155.10:1177 # Reference: https://twitter.com/malwrhunterteam/status/1260890636737273858 # Reference: https://www.virustotal.com/gui/file/3f69bc4b7fc50db582b13835206d2480acc66919db9123b37cf97f7f3da3b443/detection 193.161.193.99:37916 johnnj2-37916.portmap.io # Reference: https://www.virustotal.com/gui/file/97a286e006d2233f0a2b9d2d0b680dcf9a163b3d2646d0b9fd5f12aec5a61cbf/detection 193.161.193.99:48572 wajikhan.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1260892816307367937 # Reference: https://www.virustotal.com/gui/file/885d07d1532dcce08ae8e0751793ec30ed0152eee3c1321e2d051b2f0e3fa3d7/detection 204.48.26.131:29491 prettysavantwholesale.com # Reference: https://twitter.com/ReBensk/status/1261155044059222016 contactsocialmedia.tk # Reference: https://twitter.com/Sh1ttyKids/status/1261022463002947584 spynote.us # Reference: https://twitter.com/ReBensk/status/1261647350579097601 microsoftupdating.online # Reference: https://www.virustotal.com/gui/file/af50e1ae653109062254c5fadc030cc7d61db21272e56d5754572f21faf903c6/detection thecreator2020.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1262430537714728960 aragerot.com # Reference: https://twitter.com/malwrhunterteam/status/1262454926074093569 156.220.5.128:1337 spynotesooker17.ddns.net # Reference: https://www.virustotal.com/gui/file/efb8414f3d653685de5c0cc421d64fb36f757f462d51ac41f8fd6b5a76f1772a/detection 193.161.193.99:39546 farhad5010-39546.portmap.io # Reference: https://twitter.com/ReBensk/status/1268742575537549316 m8dmkw.dynu.net # Reference: https://twitter.com/malwrhunterteam/status/1269300424693239809 # Reference: https://www.virustotal.com/gui/file/ab079c5e6189c241000ce4da51f9e18b9f68d408d524bc88ea695f3280c42349/detection 105.155.228.6:3210 imsgms.myvnc.com # Reference: https://www.virustotal.com/gui/file/36ff6698d50a85504bc876f4878de1b911082effa6d3c445ebf9924184fd17a2/detection 193.161.193.99:62364 antorkhan-62364.portmap.io # Reference: https://www.virustotal.com/gui/file/9aa01a909ccd2300d0c196fa2b408fe63c9b2aae0abe5acd1e2c2d03ec1ebdc4/detection 217.54.133.82:4444 # Reference: https://www.virustotal.com/gui/file/0cb7e42bd7f9bfbd6e048f59cce4a0e3f1e963981b7f0c5970a86a70583d2b68/detection 62.114.186.254:9999 # Reference: https://www.virustotal.com/gui/file/d710bd370bac3ea7cfd737ad243d107ba870e03886ca7fa945b838e66fe867c4/detection 217.54.88.221:9999 # Reference: https://www.virustotal.com/gui/file/6f129c7805b6997974bf1a1939f0e473708711cfb896460ea02a52ae6818259f/detection 62.114.215.21:4000 # Reference: https://www.virustotal.com/gui/file/cc5b7eb74dd0f51ed76a061350fec6b1b61b8262ddb6288ee981ac080c31a5c4/detection 62.114.207.156:9999 # Reference: https://twitter.com/malwrhunterteam/status/1271855227411587072 # Reference: https://www.virustotal.com/gui/file/ccf588a728abb3f9a1f1b1d0d8f02b1a3a0ff4198589b25575969d0428a8a66b/detection 82.137.218.185:215 # Reference: https://www.virustotal.com/gui/file/aa9133d68ebbb8f777b685ec15a358e0fb2d572bd30ce962d3d1b0c53b785523/detection 185.255.46.114:5551 # Reference: https://www.virustotal.com/gui/file/40836373cb307d6472e20f2c65916ee2ab291fdb27864d456fc5fbe2ec927d21/detection 192.169.69.25:24306 # Reference: https://www.virustotal.com/gui/file/5fc0d6fe1d249ed433dba8f9ad03307748434ca08a6ae729858c2382861c4d04/detection 190.74.113.35:8000 enrike653.ddns.net # Reference: https://www.virustotal.com/gui/file/45ef21cca5c70be1f607252c89ebf4873795fe53fa214ed627b24f9000d1852f/detection 190.73.153.239:8000 # Reference: https://www.virustotal.com/gui/file/592bdfea96900f38525b6afe0b353cca422923052360c771b3fd1d3729824494/detection 141.255.146.170:3210 mlh123.ddns.net # Reference: https://www.virustotal.com/gui/file/6f046db5bbd119d9d383a46ead8c1369ac597c37ea567144c341ea5e9ebed3e9/detection 141.255.145.115:3210 # Reference: https://www.virustotal.com/gui/file/c6954678b39e121c60fd691275238267f97f5ce4264255458c06e155a232423c/detection 141.255.153.22:5214 # Reference: https://www.virustotal.com/gui/file/ce4db4c837defde7461daa1a8a77a0232629b881a21a5741cdb072cf4d897552/detection 141.255.157.158:5214 # Reference: https://www.virustotal.com/gui/file/90d5a6b010901ed67c861d0c3bfdd21f894c13c094a06b78cccc16625c6147de/detection 37.8.24.221:5214 # Reference: https://twitter.com/SecuriTears/status/1276907531231727616 # Reference: https://www.virustotal.com/gui/file/41b2e5473836a59bbba209b9a0d346b22f7e9bb9d1b4c90ca9b5f1626112ee31/detection http://49.233.182.150 49.233.182.150:3210 # Reference: https://twitter.com/bl4ckh0l3z/status/1281591279122550784 193.161.193.99:53976 reddesk-53976.portmap.io # Reference: https://www.virustotal.com/gui/file/d716ba34cad70fb14dfe490252a655630e14ffb6aeb221e4d839e9cc63589df9/detection 193.161.193.99:59671 Eathenjacobe-59671.portmap.host # Reference: https://www.virustotal.com/gui/file/23f3b76890b7a41efca6288e00689425ffabe8113b8f0ec71b6ab113dd434029/detection njfdu84hc83nb8-46899.portmap.io # Reference: https://twitter.com/ReBensk/status/1283666334295838721 monprofil.online # Reference: https://twitter.com/ReBensk/status/1290158109395050497 # Reference: https://www.virustotal.com/gui/file/f6ec2dbd9d6bff73d626321a6e889e64db3a7c2a3dbdc6f7eae6bcf3be09167f/detection arduinofreaks.ml # Reference: https://www.virustotal.com/gui/file/e5c415b3d79694a5e89d5d813a88200b3516648a6808911dbb365c61a4efd578/detection 41.108.251.174:3210 # Reference: https://www.virustotal.com/gui/file/d9d82adc58d5950c7c91a9c484ba1d1142132acd23b6a42a56b3d807a05e0918/detection 86.4.221.98:4040 apexspoofer.duckdns.org # Reference: https://www.virustotal.com/gui/file/0e7e14a743c7d5d589d7c617bc2ac1094b9bcf5f0c8d99657f1c392568ce477f/detection 154.236.146.219:4444 154.236.90.116:4444 41.199.197.93:4444 217.55.49.9:4444 body.bounceme.net # Reference: https://www.virustotal.com/gui/file/32cdfdb08716efc720deb34fed85cff65523d66e26022571ba96c65c6fddaf4d/detection bnbn.ddns.net # Reference: https://www.virustotal.com/gui/file/7b0984af6b49c12cb0e8322aad0611fd497f3ee9d801515b5eaf9591b327726f/detection deepnest.duckdns.org # Reference: https://www.virustotal.com/gui/file/47d0fd4eca95d85e9d00fb3e14b295f5023f7ad6bf34fde63393f373baf545bb/detection 187.40.132.99:3473 # Reference: https://www.virustotal.com/gui/file/79c51704b4565ee42ad05e482db9f471d847858fdebb5793df49f8a9867eb591/detection 197.59.102.90:1177 mr32123.ddns.net # Reference: https://www.virustotal.com/gui/file/c5153499bfabb6ddcefba591b6fba081ff8851ca1910793e66cf9e810857eb9b/detection 194.176.99.68:4444 idkjustgo.ddns.net # Reference: https://www.virustotal.com/gui/file/3446f499aa768e5afc5cc19b02d430ceaffefd17872d1bccf2467b2b54f848c0/detection 193.161.193.99:62207 hm1234-62207.portmap.host # Reference: https://www.virustotal.com/gui/file/37f8afdc1117de292a29f9449824ad40d76b67d96ff0b5feef773bb1c7ae1b29/detection 193.161.193.99:42421 kr1pt0n-46860.portmap.host # Reference: https://www.virustotal.com/gui/file/9e5aa550fa4bcf3d2d48269d19efca3e708ed6a9572e61d4613ee2f754e7b7c4/detection 193.161.193.99:38300 yozoraxph-38300.portmap.host # Reference: https://www.virustotal.com/gui/file/11714a034d9bc0b9c617b898963342727ac140e8106fc1d3cd92a30fd3edfccb/detection 193.161.193.99:23892 mascarpone-35171.portmap.host # Reference: https://www.virustotal.com/gui/file/a18c9ce516b4494c65475b85c283e32b4f5777ea3fb055a4a0f702b640a8a7b4/detection 193.161.193.99:58574 dhruwr9-58574.portmap.host # Reference: https://www.virustotal.com/gui/file/13a7415335abc943cb5dfe17d994b1f81f4b21703e9a7695a9522bbfb355c720/detection 193.161.193.99:36201 hackimti-36201.portmap.host # Reference: https://www.virustotal.com/gui/file/7784822e37f4d3f5ca7b1d65bf1104e9ab28495a629a4105af90ddeb47258bbf/detection 193.161.193.99:28869 assa-28869.portmap.host # Reference: https://www.virustotal.com/gui/file/88123fd9567f112872ab373685ff30267f291a18d6f892c22d5d59d26af29d49/detection 193.161.193.99:44144 kichae-42764.portmap.host # Reference: https://www.virustotal.com/gui/file/1163c5e75d8a149dd342220f04aeb5b4924c59dd6b3a854bc5d0ebfe58fc8cfb/detection 193.161.193.99:35767 wolfx-35767.portmap.host # Reference: https://www.virustotal.com/gui/file/640d7352ade1e47a264a868363c528f926fd41e30b151b42623b748bd1085a4c/detection 193.161.193.99:29042 toth-27008.portmap.host # Reference: https://www.virustotal.com/gui/file/c9ad77b616fb56b34da6da9a15232b1f421003c728c127b95e87a8e527adb8f3/detection 193.161.193.99:22354 anon6863-48284.portmap.host # Reference: https://www.virustotal.com/gui/file/d935ccd35e3979204f2c8f48173121f88bc82ef4fa96abc64348bc8992cc9092/detection 193.161.193.99:4242 193.161.193.99:64775 vishal99099-64775.portmap.host # Reference: https://www.virustotal.com/gui/file/01ea9c2c06882c5555cbba14ee84153167cd46db0ea4ecb9c19dacb5123f24e9/detection 193.161.193.99:38353 hunterhmd-38353.portmap.host # Reference: https://www.virustotal.com/gui/file/7d544e33d95b33935ab3f288ceb1ad15bc44be72936ae8bea66a2a65391577fe/detection 193.161.193.99:38508 black9654-38508.portmap.host # Reference: https://www.virustotal.com/gui/file/a8cefcfcce3d79812f11e614102acce8bdf4253df405604ac01ca7c2e746c300/detection 193.161.193.99:31722 siraxeb658-62133.portmap.host # Reference: https://www.virustotal.com/gui/file/4edeaa23afece052dccd3d2ca9cdeb32b4962058abf6e297c5e6f020256fe37f/detection 193.161.193.99:27460 ddindia-33351.portmap.host # Reference: https://www.virustotal.com/gui/file/b04d6535e696e8378d36f93e575fd37dc9cffd2cb1ce36b5276df80e4eb7729e/detection 178.32.12.103:2222 94.47.17.91:2222 # Reference: https://www.virustotal.com/gui/file/e907b35f7afd7b96c8e08cd1043622926a205411606a807210a9eb2ab260b562/detection 193.161.193.99:25263 apaya-25263.portmap.io # Reference: https://www.virustotal.com/gui/file/de779ec44f5c458621b104c44d88f7e268d8798b67597b7861ca94f9595bd43a/detection 199.66.93.68:5552 # Reference: https://www.virustotal.com/gui/file/2f0fc0f90e3abbf3017dfbe562a5341610206788e0f1671d110acecb149cc6d4/detection 41.105.44.177:3210 # Reference: https://www.virustotal.com/gui/file/9b50d732354e7aa8bcef6603b575584871797c6e2171364f6a144d3804483293/detection # Reference: https://www.virustotal.com/gui/file/9b50d732354e7aa8bcef6603b575584871797c6e2171364f6a144d3804483293/detection 102.69.5.159:2222 192.169.69.25:2222 # Reference: https://www.virustotal.com/gui/file/3aca04e3a574bccad8086323516abaf90f05cbb36a37053b88fe562131612cbf/detection 45.74.46.195:8181 # Reference: https://www.virustotal.com/gui/file/0d69ea9679b293299234b44004670fa3eb667734709af83edf0914fcb6508a90/detection 45.74.46.199:5214 # Reference: https://www.virustotal.com/gui/file/6140caeb42927993ee127c1976dc8bafc6f6456c60f120d94c7ef919d3dea14d/detection 196.75.140.215:2020 snowypix.hopto.org # Reference: https://www.virustotal.com/gui/file/f5cd7798179e2d713e31812b15ca0189dfe97f7e25ac796e6f36d181a96efcd0/detection 41.142.85.225:3333 simoxsimox.ddns.net # Reference: https://www.virustotal.com/gui/file/403e620134abfde92d5611b7949cde966b0fedaea58213d635a9105b48fe0c85/detection 105.156.80.242:3333 191.101.124.175:3333 mrxtnt.ddns.net # Reference: https://www.virustotal.com/gui/file/ffaa313fb3aba56b439c8e6c40bd03d6627158a2a4c6a23a74ec8cad318af452/detection 41.142.230.203:3333 # Reference: https://www.virustotal.com/gui/file/df88a0c05a3a53d2ea33703d4ecd3705d30940bc79c09e9b8e86ced707514b28/detection 41.140.184.191:3333 41.142.224.183:3333 # Reference: https://www.virustotal.com/gui/file/a024ef4ecc1a497e97f34a0ab6c117205621754f4bee5cb7855c6af775ba369e/detection 105.156.90.254:3333 # Reference: https://www.virustotal.com/gui/file/8abd566ed52e4ed9c76d49afd85a20d6988be321118dbea5151435cda98cefbf/detection 182.180.49.15:7777 needforrat.hopto.org # Reference: https://www.virustotal.com/gui/file/361a6c8d74b59a5669ca425bed423bf45b23adab8f07625bcdb37a98e8696807/detection 67.227.226.240:1337 ahmadremawi.system-ns.net # Reference: https://www.virustotal.com/gui/file/3a4510584d53ff1233fca61fafb0f86ec1b62f0a04e82970d7d917e5f09293fd/detection 197.59.115.31:5214 # Reference: https://www.virustotal.com/gui/file/5f499b804d3d37060ee3f0ee0f329bccdf59e3ee4f9f7ff610c253389a275bb5/detection 89.39.107.197:2222 1234noba.ddns.net # Reference: https://www.virustotal.com/gui/file/e35bad73e6bdf7afff5e967399daa0e16cbf4cb4413148460596d0ea79b47e1d/detection 62.201.255.38:5214 79.134.225.124:5214 adam9.ddns.net # Reference: https://www.virustotal.com/gui/file/bda8637d0bbeec23ba68f328fbd3a84db20b9d734b7a0c20d04bd7dbbd2a2c2a/detection 79.134.225.124:3210 # Reference: https://www.virustotal.com/gui/file/c657c331a6e73443bb89f0d98925771e92489e699e0c185667902c20e293e63c/detection 62.201.254.218:4000 # Reference: https://www.virustotal.com/gui/file/22b035d4c497bd9bb520e49e3a1355bfb248369a49391824af7d54157619ce5a/detection 79.134.225.124:8181 # Reference: https://www.virustotal.com/gui/file/4bbfef5f36feb663e564721352ff3cdea466a6372306c9c7aa66524e97f01bb6/detection 62.201.255.6:5214 # Reference: https://www.virustotal.com/gui/file/bc0c55efffe32ba0d2bdc23d5aa9d60200b50c5a373bce9822af6316cdd4f2fb/detection 79.134.225.124:4000 # Reference: https://www.virustotal.com/gui/file/f64e25a5aac68cc011e6578f4f3832767f81c26a9652b43afd8d9d156d774912/detection 62.201.242.88:4000 # Reference: https://www.virustotal.com/gui/file/698b68cfaceb3b7b63646cbcca394838057ba84944b248beaf1ae145a180e719/detection 62.201.240.193:5214 # Reference: https://www.virustotal.com/gui/file/ac3fa09ffee643790e1e208a758c20b6cecf8f1737dd9f47cef1407471256a79/detection 888rat.hopto.org # Reference: https://twitter.com/malwrhunterteam/status/1315743478593343489 # Reference: https://www.virustotal.com/gui/file/43eb81706caed170357244a8d4ff16316368b239c2a132f18f3a1b8e634cd7f2/detection toutapc.myftp.biz # Reference: https://www.virustotal.com/gui/file/c70d4b3c056d8dfa69eda66180b817d028acd979b16de519fcf30525bdd1487c/detection 41.230.96.3:3210 # Reference: https://www.virustotal.com/gui/file/a2451b0dcaec6eea3566abd8b19bb36ea2c41d321301e1c9a0f077c21fa90c6a/detection 46.43.82.146:2255 # Reference: https://twitter.com/malwrhunterteam/status/1317469278132703235 hediyekarti.22web.org # Reference: https://www.virustotal.com/gui/file/0ee6f6a2626f92d0fc2a738825de8e087bfc1b5c9455517ee73dfb68aa68ea71/detection 41.239.87.219:5552 mesho13568.ddns.net # Reference: https://www.virustotal.com/gui/file/eef6a9f76e671d56eb7f55284d8686ecc014f29decb713c6d6716c30bb3e2393/detection 141.255.147.20:5010 rofixman.myq-see.com # Reference: https://www.virustotal.com/gui/file/cec9b39be8831de276e364cfe75f9967f94602fac924917babcd903781f47181/detection 6ix10en.ddns.net # Reference: https://www.virustotal.com/gui/file/086caa69a22c90ec4884410cea99eec579bc872c9354a66a8822ceb59aab4d71/detection 89.189.84.169:8080 8ddjdgugs99.ddns.net # Reference: https://www.virustotal.com/gui/file/c77a066c9774e12d6a49589196463c1c96244225dde6b3a6f5af1b7dac34f46c/detection 41.104.49.27:1988 # Reference: https://www.virustotal.com/gui/file/4f5e43c27f8e38d37983771e3b9dc61a9bb253cea8412238bc4feef17f7568ef/detection 197.207.184.71:1988 # Reference: https://www.virustotal.com/gui/file/6a05848f403d2f60ab798488f5176a79be7ca51e56dd551aa0fac8bbc8a5a46e/detection 197.207.173.110:1916 41.104.53.81:1916 41.105.45.5:1916 # Reference: https://www.virustotal.com/gui/file/c7243be00dc84c2ff83bd9fd4581e6b8ecab9ad8056076ae84c88556de0a761b/detection 181.51.127.244:3210 201.232.179.81:3210 # Reference: https://www.virustotal.com/gui/file/d4b6c1ecad98bc4c694afe943e1f3e7d559105ebeaf337311bf2ebaff26ae332/detection # Reference: https://www.virustotal.com/gui/file/201d4a3b2d550d5cc8e0fc213abc5565f3b771919ad3a7087886440fe9e96d0e/detection 197.38.31.75:1337 197.38.50.73:1337 197.39.98.118:1337 41.43.23.72:1337 41.43.239.241:1337 abcabc2002692.ddns.net # Reference: https://www.virustotal.com/gui/file/7bd4c48af2085cc085d53f503b727945a93db709307085120ab887e6dd588637/detection 189.6.120.28:1000 dlrodvox.ddns.net # Reference: https://www.virustotal.com/gui/file/44aa8ee46dda6d043704c34046d404e020fd57c2e546a0ef476914ad9ab16e71/detection 118.24.85.85:3210 # Reference: https://www.virustotal.com/gui/file/7574f21911d0dc9c7240da975e2c00ab26cdbc632b1e226c534a5c8a13bd2cc8/detection 3.129.187.220:18202 # Reference: https://www.virustotal.com/gui/file/120146134587fe32a320303e440ac2c3c5cb5ae2b650021a3b2653b3c6c2a396/detection 141.255.153.144:1177 191.184.244.32:1177 eaegurizada.duckdns.org # Reference: https://twitter.com/ReBensk/status/1337233675377930242 # Reference: https://www.virustotal.com/gui/file/ec661366a3767e20f839ebfe8c9baef3e65aaef90407d6cb61468d440716f76e/detection 34.92.173.92:7771 covid19.servehttp.com tello122j.onthewifi.com # Reference: https://www.virustotal.com/gui/file/5f4df9d6bda84ef496301a0388da6c34e7467ba628b78078a76a059a0da08e17/detection # Reference: https://www.virustotal.com/gui/file/fde3ef90993481e9a413164fae13c6e2140639749a0ab4964a5241cc63563a49/detection 134.35.81.176:1177 5.255.27.5:1177 fackyouman123456789.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1308439809594191872 # Reference: https://twitter.com/bl4ckh0l3z/status/1308450629027860481 # Reference: https://www.virustotal.com/gui/file/caaed52688bac628268ff3482d0e5f60e47d8f317bef3fecacf93b434c7692d7/detection 13.59.15.185:11721 3.128.107.74:11721 3.130.209.29:11721 3.131.123.134:11721 3.131.147.49:11721 3.131.207.170:11721 3.138.45.170:11721 3.17.202.129:11721 3.18.75.105:11721 3.19.6.32:11721 3.20.96.224:11721 3.21.60.148:11721 3.22.15.135:11721 3.22.53.161:11721 3.23.201.37:11721 52.14.18.129:11721 # Reference: https://twitter.com/malwrhunterteam/status/1283484998432182273 # Reference: https://twitter.com/bl4ckh0l3z/status/1283513238336999425 # Reference: https://www.virustotal.com/gui/file/6dae1d095fe28cf717ab250580b77daeae27c59a93a8a6ee899829083203eab0/detection 41.254.43.46:4444 karama216.ddns.net # Reference: https://www.virustotal.com/gui/file/7d381ae3d4554e799807b42fffa4e1207c28377d0a66fb77f14965619488f991/detection 85.86.181.192:1337 anunankis.dynu.net # Reference: https://www.virustotal.com/gui/file/3c011c904270c96377ffe02a28d84c3b709d16da44c594a2bb5920f94f71e7e8/detection # Reference: https://www.virustotal.com/gui/file/e97886f69fe3f06c67c5ac7e7686e2544192cd00eb53e3e73cb2f797aaace601/detection 120.78.194.220:7000 cxaqhq.xyz # Reference: https://www.virustotal.com/gui/file/c7f8f2c7002a7c0dffb7a24dcde6918b05ae14d182158ed33ae00ceb5ad231df/detection 47.112.127.168:3210 47.112.127.168:8000 61.142.176.23:32749 84.39.185.173:3210 3t254q3120.wicp.vip # Reference: https://www.virustotal.com/gui/file/faa5b4d29090d513d635c18032e622b670c97d8fb8d292bc9ab4ad50074745c7/detection 44.241.184.194:5888 91.228.122.30:1337 marinka777.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1352193225994481664 # Reference: https://www.virustotal.com/gui/file/31cc5441271acc3435d8e15f53256e4f9be6e868422d0d3b63e40b9ada360279/detection 52.33.135.89:5578 f16thander.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1352716574147436550 # Reference: https://twitter.com/malwrhunterteam/status/1356678502574133253 # Reference: https://www.virustotal.com/gui/file/875bba3050789344eba7698f251c37be2f27cc25050f8c13b98e0aeaac52dc5a/detection # Reference: https://www.virustotal.com/gui/file/30d9bbc5d8765e7312cd2d3b6b2747acb598cb6cd47d8024bd547317a61fcf74/detection 51.178.229.162:4339 shutter.myq-see.com # Reference: https://www.virustotal.com/gui/file/4e068020a628221cee702b56e610394a3b9023e483ef1145f3112489237eb687/detection 105.103.124.103:1985 # Reference: https://www.virustotal.com/gui/file/2ec275c14b38767124204fdd22de0afe9ea82302242bb7f1daabbe4ada373586/detection 3.22.53.161:15393 52.14.18.129:15393 # Reference: https://www.virustotal.com/gui/file/e86dd72ebe363080b69e11532f07e4d7c442f9ca41326936cb187d36ccc6763d/detection 52.14.18.129:15448 # Reference: https://www.virustotal.com/gui/file/638045e6d585c58c4677bd670a7c7be2f4b019526660323a84a13679566d927f/detection 52.14.18.129:10932 # Reference: https://www.virustotal.com/gui/file/b3976595585136db3a0371718cf83000569f1ed8be37a05b20f9592793574bfc/detection 3.131.123.134:17233 52.14.18.129:17233 # Reference: https://www.virustotal.com/gui/file/d6432d4f733951f174c7619334742df2d61ed2f04be928737dc4200b27882df6/detection 52.14.18.129:14843 # Reference: https://www.virustotal.com/gui/file/c7f1026abc05b5eed1afcb71ae16b5d4bf32934b2d8225cadbb75db2f92d635e/detection 52.14.18.129:16049 # Reference: https://www.virustotal.com/gui/file/0759a3a1089c4ee88ec79c1994a9646982c4446b58cfa97adb0a6c0a2465a2b2/detection 52.14.18.129:17536 # Reference: https://www.virustotal.com/gui/file/4b5f86a7b4b5b173ac9934c8b1cbdd17edf757b0a3ed5ba117816ca5edd30dfb/detection 52.14.18.129:45778 # Reference: https://www.virustotal.com/gui/file/a61c16bf6d1f014d1a8c3217de5016d1433c90c644f321c8e71385fe0965aa16/detection 52.14.18.129:16333 # Reference: https://www.virustotal.com/gui/file/0051246b714ad80ed0ba41b59e9dc1b67a5c790a52bd43fe1616bed5c36beba9/detection 52.14.18.129:17678 # Reference: https://twitter.com/malwrhunterteam/status/1356341294864457731 # Reference: https://www.virustotal.com/gui/file/6cb10f0799614560df57544043958064b6916e375736159c25d002aeda9d1901/detection 82.9.173.249:4444 encroapp.co.uk # Reference: https://www.virustotal.com/gui/file/17aa8c580c201567a98a721e3b21d0ac45a15dd513e7c58638b7ca7862fd7b7a/detection 168.235.111.253:4339 majomodelagency.duckdns.org # Reference: https://www.virustotal.com/gui/file/765c1d08934ae96adaa5dac95899f65e3475e44623006a2fbfa417efdfdbb9da/detection 85.25.159.253:3131 # Reference: https://www.virustotal.com/gui/file/ed1aa33fc154745f2700cde86f8b6e56edd33aa5f8632f77a3db53f234a3b75a/detection 41.107.26.72:4442 x2x2dz33.ddns.net # Reference: https://www.virustotal.com/gui/file/a969606ab7ddc15cad6856cca21d8273e360b4ae98684230c27c7de2f8fb8442/detection 199.66.93.218:5425 malokmmc.ddns.net # Reference: https://www.virustotal.com/gui/file/2b2d03a643250b7ed6c2deca3b96e19de0311d2fffb5510f3ff49ba84ae5e463/detection 209.99.40.220:7500 ttfu.system-ns.net # Reference: https://www.virustotal.com/gui/file/7280decadf394bb54e2cd965a9b4094892f31342bc134ab9de91ee8dedb84d7e/detection 209.99.40.220:3210 try.system-ns.net # Reference: https://www.virustotal.com/gui/file/393fb2124abfe31e276fa2559b3a734c880d51f6ebd88d72922040e590fca1cd/detection 91.109.178.3:6061 # Reference: https://www.virustotal.com/gui/file/68c531f03f803710c14a2aeb9fa8d1bfdb3743c2db98c2cef3b72f730b509316/detection 43.248.201.209:20712 scn66223.e2.luyouxia.net # Reference: https://www.virustotal.com/gui/file/f82e3fd31dcd4bca2169f746c854b70f3e40f55107f6e3b12ae30d0a39656cf3/detection 87.76.59.53:5555 # Reference: https://www.virustotal.com/gui/file/e25ff46b2f9c3f15b6fe8adbd41fabec76b1b419a703e35b3294601eb10d368f/detection 222.186.170.37:27125 mengmo2016.e2.luyouxia.net # Reference: https://www.virustotal.com/gui/file/c22b54adbccca59f439e144a848bba055ce705a947acbf7a30189f0e5535f3c5/detection 43.248.201.209:21864 bhl0826.e2.luyouxia.net # Reference: https://www.virustotal.com/gui/file/246ff00d10aec498d9106176f5123cadee421d44752c26121bafa85b5d1d9c4c/detection 43.248.201.133:25418 baixiuxiu.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/b09674fe1f615bd641a719d8f96d93931f2ae3cfe8b59ea4a0a9b0124256a24c/detection 43.248.201.133:23672 manbu3.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/d8d9560303d1d2b0c6ba337d86efd4e2d12d0716a41a7c60664084376b755847/detection 43.248.201.133:30149 a2628988.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/92dc586117f1ccd4321193e85b728d04294b8bb52a162faab84c6b1e5c53c514/detection 43.248.201.133:24671 yangzhen.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/f7ad5869f04ad03003fbcb0d82209edccaa9920f524d1c6828b9a34a650dac8a/detection 43.248.201.133:21202 qq2552992935.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/a61b923e153bf8cebfd8ea5801eac45ba8c5e159d628b5deb8d399d6e9ba14c9/detection # Reference: https://www.virustotal.com/gui/file/4267e5e2c6400a68284893f67b28e827f226a00db579b9087144899005364dcb/detection 43.248.201.133:20664 43.248.201.133:27784 y1541083499y.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/246ff00d10aec498d9106176f5123cadee421d44752c26121bafa85b5d1d9c4c/detection 43.248.201.133:25418 baixiuxiu.e1.luyouxia.net # Reference: https://twitter.com/malwrhunterteam/status/1363250839293480969 # Reference: https://www.virustotal.com/gui/file/013fef37e26b5c9615f3ce7a22d8ed6add750f033a82f09c99eb70c36970484c/detection 193.161.193.99:54531 hiiiejrntjr-54531.portmap.io # Reference: https://www.virustotal.com/gui/file/013d0235731b978ad3788651057b37791f56b9824a4ac564dc41306dfd57b2bf/detection 222.186.170.0:40272 43.248.201.133:29035 43.248.201.133:2222 orange1233.e1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/ab69c71ce63e050797fc57cbaf7611d511983ee784e6330b50fea96a34d4d550/detection 222.186.170.0:54741 123sdx.u1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/04f71ca202b10ad7210a9b3276a006701d0aa4f51972c4edf4583b750c894a7f/detection 222.186.170.0:53044 huangzhiwei.u1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/e59b7da9362d6047427fa36a6e040624769a36fd75904af9d9b09acfefcf581e/detection 222.186.170.0:54007 shallsoul.u1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/51d28320e36a35a9b24d3f659031555049a6e4801893e030f0f293e569fae8a4/detection 222.186.170.0:55180 swwssw.u1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/9a7bda762369ab9ba938d1edabb83db2a481a2a4917196e18f7ef9a5aa2c32f7/detection 222.186.170.0:40470 m4hx.b1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/98bb37c5908e67968f915b388ab458cf4a8fba4c5d89f83ea883b7b4d631f927/detection 222.186.170.0:50033 chengke.u1.luyouxia.net # Reference: https://www.virustotal.com/gui/file/384489996e461f490c33e36af486544d3ec704d4fbdf4a8cd98156f35c7d5c98/detection 185.81.157.11:5555 enigmas.hopto.org # Reference: https://www.virustotal.com/gui/file/1291927aed6043010fd838b9788c02db88c7e4910090a791782d1d86c51f7afa/detection 89.94.254.116:1772 aazzeeoo.ddns.net # Reference: https://www.stratosphereips.org/blog/2021/2/26/dissecting-a-rat-analysis-of-the-spymax 147.32.83.181:8000 # Reference: https://www.virustotal.com/gui/file/8feb8ab7e9d59883cf4865ec4c5efff4b56da728e49f722d3b87436765982b24/detection 156.219.203.122:5555 34.199.8.144:5555 testo.ddns.net # Reference: https://www.virustotal.com/gui/file/7fa6d33ecccaa47737dc773c22be37315dc3ac68721cbbb4a9ad5bf59deed995/detection 34.199.8.144:1080 dexterwave1.ddns.net # Reference: https://www.virustotal.com/gui/file/e59acd55fff757b1c989d32d208f5c655fa71aae40f50cf7189caefb4427ada7/detection 176.234.193.34:1121 176.234.199.112:1121 91.109.188.4:1121 mustafa2121212121.ddns.net # Reference: https://www.virustotal.com/gui/file/b9c8b0e940d30c6fd0e5ead01ec3923c1a3ccde7d0bd034be06098a48e69a208/detection 201.150.158.86:5214 hoope.duckdns.org # Reference: https://www.virustotal.com/gui/file/19c057c86155a1b9249420170ebcb6cb978eafe7c010ce151a745d7a7671af85/detection 91.109.180.2:1331 91.109.182.8:1331 theshadow.publicvm.com # Reference: https://www.virustotal.com/gui/file/3f63c963503513847e0deddc0cd222183bc475567fd7b85e16101581d1652eb3/detection 197.38.213.141:5888 zzus.linkpc.net # Reference: https://www.virustotal.com/gui/file/6be8c1e5c9e5263881e8fd75be3ac2c0d8b5e37956f60c64a46497e4ec9ee82f/detection 197.38.135.65:5888 197.38.201.26:5888 andr.casacam.net # Reference: https://www.virustotal.com/gui/file/9e91d6622bc3a28554189f8d3ddf465c29ba894a42b317ebd302ec5811bf513b/detection 185.13.106.125:1990 # Reference: https://www.virustotal.com/gui/file/6113aa3b2a468d50e5ea9c8057fc9d42a298a6c66d0914391aa5446a1f4600d0/detection 91.109.182.4:5214 atameemy.ddns.net # Reference: https://www.virustotal.com/gui/file/0ad36cf04aa253d71c7fc9f5c500894b15581801b612267304cfe5d8643fd7b4/detection 91.109.188.4:2222 zzaazz.ddns.net # Reference: https://www.virustotal.com/gui/file/970f5de827f0364122876364655c823e1f16e6bcfbf2ea989aa0d1c21863c3fb/detection 91.109.176.4:1177 googlegroup.myftp.biz # Reference: https://www.virustotal.com/gui/file/5062a7617cbaf594b9a510392bf8a94b8579c583c8308e5c53fa43833493678d/detection # Reference: https://www.virustotal.com/gui/file/e88910e63c395fda0ffaa98d6cdc06e70cc89b56e2f84cd60003d7c0f1ac500d/detection # Reference: https://www.virustotal.com/gui/file/503da291adead3a33ab63b7c30b8613673d2ecfb62163171e1812fc2cddbd3bd/detection 105.104.188.216:8806 91.109.182.3:5214 91.109.182.4:5556 91.109.186.2:5556 12345xxx12345.ddns.net 262626.ddns.net # Reference: https://www.virustotal.com/gui/file/eee525344b99d8db1c7727d67c4144ac8d3878035416c2d38159d492a808a719/detection # Reference: https://www.virustotal.com/gui/file/e088ed0cee11331771d44e2ddbbf320ce1735783d73a7647be769fc94ce076dd/detection # Reference: https://www.virustotal.com/gui/file/94c4532d9817ba0d2753ab475f57cb92d4df2169220aa6c3599a177d34d2d454/detection # Reference: https://www.virustotal.com/gui/file/108c8a109c96fbf93c41c581875035b88ed59e7158725049415db7176904c88d/detection # Reference: https://www.virustotal.com/gui/file/afe714fbccc1ebd0480286f3537b1a9a0988e5d62c2b335381f56aadbdabed67/detection 105.154.207.253:4142 196.89.158.214:7771 41.141.245.186:5214 41.248.67.41:4000 41.248.67.41:4444 peteramix1.duckdns.org # Reference: https://www.virustotal.com/gui/file/747c4545a23b80082ab37d0e040ee0f7bf8a374f95616db63dcb8e38c86a1b63/detection hideapk.ddns.net # Reference: https://www.virustotal.com/gui/file/cf880b7ea217f0cceb8473c279a95d0c026b980e027a695d1f6cec3ade0d1f13/detection 185.244.25.201:4000 adam9.ddns.net # Reference: https://www.virustotal.com/gui/file/160353d08c48c138554772210c729a32fff3f8492cbb7076e5140fb80e5532c7/detection 102.47.47.89:4444 anonymousegyptsh8.ddns.net # Reference: https://www.virustotal.com/gui/file/fc2646fcd3a1970a2e00007239291c2a50106c2c9f6b4611e209c6f4e36f792d/detection 31.180.195.71:1334 31.180.212.143:1334 # Reference: https://www.virustotal.com/gui/file/a5ece222f16baa72cbaef51fe8f27475b99ffea08269fc7aa7f4708df2ed2459/detection 141.255.154.193:2222 cobraacar1986.hopto.org # Reference: https://www.virustotal.com/gui/file/132736294fbb51d15a246f6b6d45af22f6c2810de2ac4deb9326514828af593b/detection # Reference: https://www.virustotal.com/gui/file/57b50f095f14b1f03a3e2697dc94c1bc10973b73b008749744070c99327d1fa1/detection 200.0.43.162:3210 45.235.205.148:3221 nemesis2018.ddns.net # Reference: https://twitter.com/bl4ckh0l3z/status/1382081535608823810 # Reference: https://www.virustotal.com/gui/file/c567df0469bd0e2989b11ba4c0715cea0958c71504c4e8718c9afd041510d4e1/detection 45.77.9.151:4444 # Reference: https://twitter.com/malwrhunterteam/status/1384924059046137857 # Reference: https://www.virustotal.com/gui/file/7b422948561f2131b488828a7848b49d99c149b71534376595e069ee503ef88a/detection 82.137.236.130:1177 goodnet28.ddns.net # Reference: https://www.virustotal.com/gui/file/5f20ff6a832886ee5320ce62109c8f7b8bca66ba9c2181a65b9bfccbbcbea11b/detection # Reference: https://www.virustotal.com/gui/file/cc02cca9fa329cc9e0e93772b37ff5499c96bb1e03754152db5026296329d4a1/detection 141.255.157.111:4444 185.200.36.228:4444 alknsole3133.ddns.net # Reference: https://www.virustotal.com/gui/file/02021fd92f2920c4251fb4e8a6f36ed99b8ecc9cb400570a6ce79083b4d635d9/detection # Reference: https://www.virustotal.com/gui/file/1630b39ccd1abd67f5e97448a65d758324e8cb72bbb88bcb8e4092dc5959eef3/detection 199.249.230.42:36111 67.214.175.69:36111 note0000328947234sdvfsv23424dfsgvsdf234.publicvm.com # Reference: https://www.virustotal.com/gui/domain/teme.casa/relations # Reference: https://www.virustotal.com/gui/file/44ccafb69e61139d9107a87f58133c43b8586931faf620c38c1824057d66d614/detection # Reference: https://www.virustotal.com/gui/file/310b619c2e2b637fa6a9e8f128e9858cc2b15518fca199871adbc4cf2364255f/detection # Reference: https://www.virustotal.com/gui/file/bda7d4fb79b3b3df69e66890b280e698454a698d61d7442bfb435cbab799a6a4/detection # Reference: https://www.virustotal.com/gui/file/27bbbab5fb141fde4d43e99db282382c7c42b34d6af908b9a881bfa1c23dd0a2/detection # Reference: https://www.virustotal.com/gui/file/d5dfde157d1ee271caec58f427af66bf66b4c090e78b1be7e3bca317fe616143/detection # Reference: https://www.virustotal.com/gui/file/9f86312843990900d3f22f7dd1fc57e1fe627a068a731a613247fb547b7e7920/detection # Reference: https://www.virustotal.com/gui/file/45f8fa87f54756da1d03255bb4e0418b0aa9168e884a496d46db454d92ec3b6b/detection 141.255.145.146:5214 141.255.150.247:5214 141.255.154.16:5214 141.255.159.191:5214 213.6.10.227:5214 80.76.42.148:5533 lion20810397.ddns.net spy.upbitc.co.kr teme.casa # Reference: https://www.virustotal.com/gui/file/cc09b33d95f457586debde42059d12e2aa96dc732ac1eb8d9e07c5953420dc9b/detection 41.199.25.35:2222 tarekmohamed2222.ddns.net # Reference: https://www.virustotal.com/gui/file/c2abf2e0de7c311701f722be08af9bf49ee8a08d5f93fe82c260f297b442fdd0/detection 110.93.239.9:2762 2762.ddns.net # Reference: https://www.virustotal.com/gui/file/097221664e04b33cd57d9ed88f5b02368a2fccc9d11b1998c777312fc35a477b/detection 105.106.23.197:1177 hohodando.ddns.net # Reference: https://www.virustotal.com/gui/file/3edf623d8b4ef72e59627856bde246a1faa93d687204e4dd6ceaf7f98bdd2ff8/detection # Reference: https://www.virustotal.com/gui/file/f4c7400486c21fb4eaa6bb1aab6c929f17909e97b6de089f94f6855520067ce3/detection # Reference: https://www.virustotal.com/gui/file/4863b9ca79e1b2c6ad94ddf3d359f79c705bb07531bf334684990ddaaa4e0c94/detection 141.255.145.147:5552 141.255.147.136:5552 141.255.152.161:5552 ahmed000.ddns.net # Reference: https://www.virustotal.com/gui/file/6fe62ec7f36f12f3172962bd3a65c8ed6ca74b3b8ee4b977491901e5543d9685/detection 41.36.49.170:7772 checkra1n.hopto.org # Reference: https://www.virustotal.com/gui/file/4279a8002d7871959e71d80a32991e9780de7c479cbef6e4af7a389d678e47c2/detection 141.255.146.176:5214 # Reference: https://www.virustotal.com/gui/file/186e988ff05f586d720566b11a383127cfbc18a4a378f34501022fa6612ec708/detection # Reference: https://www.virustotal.com/gui/file/be39c490f976ee814b0c4e1beb39108104ca939b3d003d9888b82e2d69f4e59d/detection # Reference: https://www.virustotal.com/gui/file/98b8dd942cc4b9a697a9bc0822f981c5fdd4ede32ed61450e881729dc2706742/detection 45.247.135.52:5555 45.247.141.13:9999 bakkkfdg.servepics.com # Reference: https://www.virustotal.com/gui/file/2a6df444cf74052cc5b1bbb6853e0f7f6bdb13fc269d640aa3682cb0a043221d/detection # Reference: https://www.virustotal.com/gui/file/8bdb2f2327c4c832f1d51f80101cb33ed5bdc9c3aad22cfb50d4671af062ab07/detection anasmr.ddns.net # Reference: https://www.virustotal.com/gui/file/8eb95cbc168e3ed75a9c179509d18c9d00093568ef74bb702d1df1613455c1fc/detection 37.239.14.28:5214 alinono2021.hopto.org # Reference: https://www.virustotal.com/gui/file/9ca3172b69dc54da7999d95aa5e140ad4563d89ef26e7f0b7eec74c58d6c3a5c/detection 41.100.249.22:2020 system3211.ddns.net # Reference: https://www.virustotal.com/gui/file/ec4e6a66ddd797783d74ffa0757ab28b9c28994a027d4e7fb53416940e571d44/detection 141.255.144.58:5214 arshad991.ddns.net # Reference: https://twitter.com/illegalFawn/status/1404816060445085696 # Reference: https://twitter.com/bl4ckh0l3z/status/1407260723244322816 certificato-ssl-isp.cam identificazione-spid-europa.cam # Reference: https://www.virustotal.com/gui/file/14d4d57cb16137a87a3f52f8f83738b78379daad22d30bad7de76e27b4c467c4/detection 197.54.221.171:1337 usamaelshazly.ddns.net # Reference: https://twitter.com/pmmkowalczyk/status/1409813009023766528 # Reference: https://www.virustotal.com/gui/file/acb02089d29a38ce9a40b19d43895e66356eef5d85e2835ab09ebbe66bba640b/detection 91.109.184.2:5214 # Reference: https://www.virustotal.com/gui/file/846a5e00f2e22f1628ccb8921a1622f5a3390f660995864e10545bbdf65aca17/detection # Reference: https://www.virustotal.com/gui/file/7a8ed37d7569e95c18a72ffbd6c2ce0ee4aa5414c7db85fd90cb05cd0d8a8c89/detection 194.29.101.219:2882 pchat.duckdns.org portmone.duckdns.org # Reference: https://www.virustotal.com/gui/file/da3a80317ddca9ea9062e62f47b9f95a5429d52051e6a1a96adc3c62721b6464/detection 212.114.52.129:4444 # Reference: https://www.virustotal.com/gui/file/ed50f40fdd285803f86771f89f80c368e53b0b63e7d60d8ff47a451796d458db/detection 212.114.52.129:5214 # Reference: https://www.virustotal.com/gui/file/e66e0fc3249f802826880e70aaa87d1c7b020ac32c3916c4dced12c2a647abee/detection 194.29.101.219:1617 import.systems # Reference: https://www.virustotal.com/gui/file/7fbdda83fd1e9955b3c3f7c5bb4011e82b025ca7205a536cc4c2854e81f63e2b/detection 35.185.177.54:4125 # Reference: https://www.virustotal.com/gui/file/ce5cb5daa3d55b93d6912c30140d0a2539ff8540e4c575114bab4fc295ef8ae3/detection # Reference: https://www.virustotal.com/gui/file/96cacf8f16f8f152040ec67628398db4ad64e2f9e8489a8c01bd2245cddcea0c/detection 137.101.113.149:9091 46.8.220.81:5533 5.224.97.199:9091 87.125.7.132:9091 nolose12345.hopto.org # Reference: https://www.virustotal.com/gui/file/8439ddcc9e49ecea568695c85db4ac07aa4bbdeb7c098ff707a07fc19f0e6272/detection 188.86.111.141:9091 nolose1234.hopto.org # Reference: https://www.virustotal.com/gui/file/c326eff05daf7c73cb3ffb1a6bb08ad346ea97584904d245996f686815d15c32/detection 185.127.25.40:7744 # Reference: https://www.virustotal.com/gui/file/c13879deb6f9d8ccb81f9df63dc1458248e643ec691b4d8bf7f4608f05d7ce51/detection shabaroj11.ddns.net # Reference: https://www.virustotal.com/gui/file/cf5f708134eb3b3374c3ad1806f840a9ddc130bfd96e92d9c61bbdfcc3d6b237/detection 23.237.25.231:1604 # Reference: https://www.virustotal.com/gui/file/f952fdfa9d8b77caa227e3fc1862c0640ae3bbe2b3793a7fbfe970ea54046888/detection # Reference: https://www.virustotal.com/gui/file/a6d3a65d35b68c0053ee196b1d8ca635711d28f5d17e71d10701c7d3ea9b3d38/detection 188.218.6.79:5214 revnetphone.ddns.net # Reference: https://www.virustotal.com/gui/file/fefab3eed6c3203b28c1e54317d724f422f6ac6e08e1dfb49a4a985661ba1a91/detection 47.52.141.116:8756 80.76.42.148:5533 hack.xiaot.top # Reference: https://www.virustotal.com/gui/file/7c1ede7edd8b74b87a7915b8e33da1011ca37c67f3faa6bfe9fe7d9127b50b85/detection xiaot.top # Reference: https://www.virustotal.com/gui/file/73371591c38a87b7bc6a1f7fd6075525217c59f81fc35434c68ae59fdb8c6f44/detection unk9own420.duckdns.org # Reference: https://www.virustotal.com/gui/file/bff1f4d8144e8154839024940cf14483511129b71004a9bbebb0b5ffea455182/detection futuerhacker.ddns.net # Reference: https://www.virustotal.com/gui/file/f245a27bf9e0f8e70b5e166cda43fcc514514318c196a7792447974782836abf/detection 172.245.162.145:1085 # Reference: https://www.virustotal.com/gui/file/64f4c612542807016c702dbc6a09fae4e3f610811460e4627da49decce1c329f/detection 94.103.83.182:5050 94.103.83.182:7744 # Reference: https://www.virustotal.com/gui/file/fe847b64b112ab46fef90fb01e47583c7f83a41de9bf9a571ba2a445cae066fe/detection 159.89.214.31:9815 94.103.91.138:5533 # Reference: https://www.virustotal.com/gui/file/bda7d4fb79b3b3df69e66890b280e698454a698d61d7442bfb435cbab799a6a4/detection spy.upbitc.co.kr # Reference: https://www.virustotal.com/gui/file/d99757662fdd1450c2b1a759df17f164d47f4c4c7eaab7e42ff466ab836a3429/detection bithvmb.hopto.org # Reference: https://www.virustotal.com/gui/file/5114846c45f2a845e1dd413d73048966ae308ffc153ab56af0f8ddf50f02eb9e/detection fedeca.duckdns.org # Reference: https://www.virustotal.com/gui/file/6c58d884d3b3fab1124c4d9b6f5d0c62608a19297a08d060c49f05cb656bc534/detection 94.103.83.182:5533 # Reference: https://www.virustotal.com/gui/file/8ed45196b52b75ccfdf59a2d045a263170eee33ad8489a8d226a9e3468759f08/detection frotan0014.hopto.org # Reference: https://www.virustotal.com/gui/file/5ce902d4a4e8a17138444f466c6dd7600a6077cf30d679e05ae347e3e877c371/detection 198.72.111.139:1177 # Reference: https://www.virustotal.com/gui/file/de49802617353140795eaa80e98ba246b5acbcf5c341dbe65466bd1ac99d4d66/detection lucasnord.hopto.org # Reference: https://www.virustotal.com/gui/file/a6020081a3116cc187241fcb7ecdbba1630a5fed66ca69b454099940b7c36e56/detection 45.139.186.249:5214 45.139.186.249:7744 # Reference: https://www.virustotal.com/gui/file/75e7268c062c166119c423191de9a146400756135f1d7e5c7427d4f3b17e0b78/detection 91.109.176.3:5214 alexshdu.ddns.net # Reference: https://www.virustotal.com/gui/file/9498cda7546fc8f7cbc0fbba814e52a9a833c51120844ed9be11301c0461e9c0/detection 20.195.186.249:7777 imagem.laplatabrasil.com # Reference: https://www.virustotal.com/gui/file/e880e71645211f96a0ffab0cdb1529823ccf8b47d84a8834f24ae45d358c7873/detection 185.238.126.176:9091 185.238.126.184:9091 # Reference: https://www.virustotal.com/gui/file/aaf8eaf73704ad42729eb42b69d8049b70c2ff8761a681377f65772c1d24edd1/detection 46.246.12.15:2798 mrzues.duckdns.org # Reference: https://www.virustotal.com/gui/file/ad5de6e1a7f393ef127a65e7b5f52da1d8708a03f5f6fbb1e7076eb8ff223a82/detection 66.42.43.177:3210 # Reference: https://twitter.com/FewAtoms/status/1417886430467170305 # Reference: https://twitter.com/ReBensk/status/1417718897793404928 # Reference: https://www.virustotal.com/gui/file/d6cf06cd34f50317131591268d23ef266c01bf3f758893568f10204825cc3369/detection androidmedallo.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1417579802291314690 # Reference: https://www.virustotal.com/gui/file/cf209e403e5041386a7f66a051f77fad33ac045c701c977f80cde1ba6b2d99c6/detection 194.5.98.239:6318 services-nsw.com # Reference: https://www.virustotal.com/gui/file/b49f5f4eecfa4e4a202a28997fca244ef4295d66ec487db2d7e06f8d3db31034/detection 100.100.100.100:5214 # Reference: https://www.virustotal.com/gui/file/118e0c77e2c7c70bc362e63c6901c6b46ec0fea2c292738d8cad14370ddb60e5/detection needforat.hopto.org # Reference: https://www.virustotal.com/gui/file/f0f788a319c3442631662f420db4ef991cea9d47a0a599e0a0f166b2727d476f/detection 102.187.117.127:666 # Reference: https://www.virustotal.com/gui/file/f2746683b0b13f75242878b60ce93ccbee82d9f7ce8d299283a2527e709c6504/detection 156.207.30.2:2020 w404.ddns.net we404.ddns.net # Reference: https://www.virustotal.com/gui/file/ee5b7dab2148b921890468d7f09bc2f4c48be3fd5d9bb2a6f05e5367a2eed3ed/detection 37.221.115.62:4457 # Reference: https://www.virustotal.com/gui/file/3a3d77de19aa0280cbb3a082b6d24bb548dd400aa97759d4754eaf7f1ded81ff/detection 37.221.115.62:4545 # Reference: https://www.virustotal.com/gui/file/cb657f124dfd8960485b689f4fe9de94d68407b8b7f3324597b674cace35fe5a/detection 37.221.115.62:7744 # Reference: https://www.virustotal.com/gui/file/2f4868b2690b06c27a52c7242612176642fb41493c8492c37755d8f8cec5db90/detection 91.109.176.3:7771 # Reference: https://www.virustotal.com/gui/file/db83a432f7c78e67e30b7fb2ce2960d0056c8389ff8dc82f396ab897585db37f/detection 91.109.190.2:1994 khalil31.ddns.net # Reference: https://www.virustotal.com/gui/file/9db2fab6f9481fd32d42056a7afda444f826a24165a614f4021999f34803ddef/detection 91.109.182.4:1177 # Reference: https://www.virustotal.com/gui/file/148f243a4efc2d4cbedd51e5bbc9f6d654e2f2fbd18caa387f42ce10b1e500d0/detection 91.109.176.3:1988 aliialiii1988.zapto.org # Reference: https://www.virustotal.com/gui/file/8e8a9385a5d424830647c628bc7855e748500481a2d93d479644cfceea94c5d8/detection 91.109.176.3:4444 # Reference: https://www.virustotal.com/gui/file/e7bcde984fa2691aa75ef1ef5be382bfd805ed6ba3ef054bcd393039d97f54a3/detection # Reference: https://www.virustotal.com/gui/file/4a05f175c586d55226725bf6ee70c5ea1410f3538dc74136286e597f5bd63949/detection 91.109.188.9:4444 shahed1211.ddns.net # Reference: https://www.virustotal.com/gui/file/7fceeb4d1fa1865e1e260763170796068b32e1a45c07e485415e25270c361a25/detection 91.109.186.4:5552 # Reference: https://www.virustotal.com/gui/file/65ca0bf34fcfc9fa86dc17a18960f01e072284eaf3aa4edf0a82cc9545a32ae5/detection 91.109.184.3:3210 91.109.190.5:3210 46.213.204.48:3210 geoib.myftp.org # Reference: https://www.virustotal.com/gui/file/206a0b638aac509a97db9739ce748ef03b1ca018d7af1a391fd5e5f885c5b094/detection 91.109.186.7:5214 samyuo2.publicvm.com # Reference: https://www.virustotal.com/gui/file/3285bd0dbc2d4c6269040fba91a76e0fcd5fb774be339ee8396c3107316a62ed/detection 3.141.142.211:15993 # Reference: https://twitter.com/ReBensk/status/1465940949649944579 # Reference: https://www.virustotal.com/gui/file/8cce54b541f8b47f56d3e799a7281b7c285904fe4dcee8ca9212722cc59ee3ac/detection stackapk.com # Reference: https://twitter.com/malwrhunterteam/status/1467940308927266823 # Reference: https://twitter.com/midnight_comms/status/1467961901489528836 # Reference: https://www.virustotal.com/gui/file/12bec1cf1e825eee6cb44de7b48b66f9f4481230ab53d32b08eb2d5af3245fee/detection pof.one ssop.one # Reference: https://www.virustotal.com/gui/file/e1b0237a11241f21171bb1d06506aea53e07d02da21f6a76d3b8423d0f43d974/detection 45.247.100.199:3333 # Reference: https://www.virustotal.com/gui/file/d146b3cb76147faea034e943d9ce68ba655e16f3252c8219747fdbadcef5ced6/detection 37.239.13.12:5555 # Reference: https://www.virustotal.com/gui/file/3ca453289111b655744c203f40368705481efa10ae10ac7aff8ee55450733004/detection 193.161.193.99:37422 orineorine7-37422.portmap.io # Reference: https://www.virustotal.com/gui/file/5ce2bf5e34fe0fcdea5d026363fdc828bfd847455381d707de210206bed58a1f/detection 213.244.123.150:1302 kh.njrat.info # Reference: https://www.virustotal.com/gui/file/d949c115700bede0119ce35a5fdaa74860dc4cf01fd35f046b64e888dabf924d/detection 213.244.123.150:4444 take123.hopto.org # Reference: https://www.virustotal.com/gui/file/f8991a2d5d523aeaf5f193dc4c89bc0cfa9622b7375b6d8b32e5d2f0e4c1d581/detection # Reference: https://www.virustotal.com/gui/file/cd1b1ed66e254b7fa02201719e0cb470c8fbc560632121ba4c06f03ede0d9c61/detection 213.244.123.150:2222 82.163.110.91:2222 hacked-2018.ddns.net hacker-anaaa.ddns.net # Reference: https://www.virustotal.com/gui/file/1440e1be9901b49145211e3dd978dca7c77fb4261b81340556169d914621a84e/detection http://198.54.116.33 46.18.23.234:1196 firas2019.ddns.net # Reference: https://www.virustotal.com/gui/file/74c9dd80f002a8043094525983b96345ed37e301ede81fa98438f980740fdd23/detection # Reference: https://www.virustotal.com/gui/file/03da8c03fd291b79f52982e42b3c9b04ef29db6b63c0ec8ea91b329106445a86/detection # Reference: https://www.virustotal.com/gui/file/264acf88117f2cb31c64f61679e1f3d7ee625ab6f6b70c9decb035cced488a30/detection 213.244.123.150:1337 213.6.103.122:1337 mobihok.ddns.net netbot.no-ip.info # Reference: https://www.virustotal.com/gui/file/93a9819dc990c3cf127ff2d3eede65da3336b37f67a77264023cc06f0f84063f/detection # Reference: https://www.virustotal.com/gui/file/b27146c8740dd548286cd9b30809e0374cdeec42979963346336442e07b6d227/detection # Reference: https://www.virustotal.com/gui/file/705b2c35bdff3946f8fb1ee728943a47cf2547c921bd0a56d4f62a9a4ec3cc4a/detection # Reference: https://www.virustotal.com/gui/file/d0798cd7078a56209c5678323f6f37b6ad2e8ed238cdd014d398d6925fc2af5a/detection # Reference: https://www.virustotal.com/gui/file/e858f470dfc188587fb23717950906694d623430b432288adb3e7b0001e96bf8/detection 141.255.151.2:1196 213.244.123.150:1196 213.6.103.122:1196 5.43.196.185:1196 82.163.111.175:1196 82.163.231.17:1196 agent47.dvrcam.info firas2020.ddns.net states.mysecuritycamera.com # Reference: https://www.virustotal.com/gui/file/0efb4c8d958b80ad6d96a3629b8de6dd47feecf70a492d9247760c88f9ab705d/detection # Reference: https://www.virustotal.com/gui/file/991967f410b2300ac364aa54b25e78c22d8c97cd166ff9bda07152a390d4f8b5/detection 213.244.123.150:1188 ffaabb.ddns.net is54sa.ddns.net # Reference: https://www.virustotal.com/gui/file/41eacbed7d469e1df722a1a3b2aad15a178284a3e7a7dde173612b2daeba4332/detection 213.244.123.150:1338 213.6.103.122:1338 spynote6.ddns.net # Reference: https://www.virustotal.com/gui/file/62ee13c80860b4cfbf9fe356cf49f457e0881decb51ec4e5e2b99f31a28c12ff/detection # Reference: https://www.virustotal.com/gui/file/d14ce18cb5bd17c1dd2e07c440a5390b96af2df9cd45ed29e38e5861ccac6dd3/detection # Reference: https://www.virustotal.com/gui/file/73b5c06544e4b3b5ebdac80ae41fd5be6fa26f548d731e97136452f12a6d5d93/detection 213.244.123.150:1150 31.186.182.55:1150 aldaet.ddns.net cy.alhaneny.com # Reference: https://www.virustotal.com/gui/file/6e8ff4896de89695a4e88551d33020d8723cd34d04961ef0d61326989ddb1551/detection 213.244.123.150:1177 alaahamayil96.ddns.net # Reference: https://www.virustotal.com/gui/file/bcb249f40bbac14786fa9e7baf38aa72696e5a1277f6fcccc6381069543ac2d6/detection aldaet.myq-see.com # Reference: https://www.virustotal.com/gui/file/fd35b4848c4fe803709672e555479c13e45eb9963c91973d8282ab894e32ffde/detection 213.244.123.150:1197 firas20199.ddns.net # Reference: https://www.virustotal.com/gui/file/0b0c597cdda4f468cfc8afc8a70578cb1cb4104037b0960baa9f22d4a5aeded3/detection 141.255.151.2:1199 213.244.123.150:1199 213.6.103.122:1199 5.43.196.185:1199 82.163.111.175:1199 82.163.231.17:1199 aqw4.no-ip.info quds20212020pal.ddns.net # Reference: https://www.virustotal.com/gui/file/15c7b21a24478b63987a23f376d4d0ea98e36bc293d3993b340ebdd56cb78ff3/detection 141.255.151.2:1192 213.244.123.150:1192 213.6.103.122:1192 5.43.196.185:1192 82.163.111.175:1192 82.163.231.17:1192 agent47.dvrcam.info # Reference: https://www.virustotal.com/gui/file/755f827ec84f1a0ee5b3542625c463098dfa10e750454a27311233ffe674b4a4/detection 141.255.151.2:1145 213.244.123.150:1145 213.6.103.122:1145 5.43.196.185:1145 82.163.111.175:1145 82.163.231.17:1145 abood123.ddns.net # Reference: https://www.virustotal.com/gui/file/6e162c2878dd978aa190ce718c7161eeffc7113c9771a241c982cffc20caa994/detection 141.255.151.2:1123 213.244.123.150:1123 213.6.103.122:1123 5.43.196.185:1123 82.163.111.175:1123 82.163.231.17:1123 hadra5.ddns.net # Reference: https://www.virustotal.com/gui/file/499834feed196e6704034ad224bddd418e78653f0b565cf496c7d00fc03a9cbc/detection # Reference: https://www.virustotal.com/gui/file/b32aa32365f3eb1a328ca15a8018cda9645b58e99c31c21570582d54b6b2191e/detection 141.255.151.2:1142 213.244.123.150:1142 213.6.103.122:1142 5.43.196.185:1142 82.163.111.175:1142 82.163.231.17:1142 4536.ddns.net maftrk362.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1476267248981532674 # Reference: https://twitter.com/bl4ckh0l3z/status/1476296123161657347 # Reference: https://www.virustotal.com/gui/file/f2f9a84273bbd5ca1663d90260ce672badf5e0ae8d592bcbae37a8d17b9bcbc3/detection 216.250.97.121:2882 anyax.duckdns.org # Reference: https://www.virustotal.com/gui/file/9f9bd59d324c3e93190509d0bd65daa979986555ccc04650c2e32d28d47cb656/detection # Reference: https://www.virustotal.com/gui/file/8befe2b46d467be031764ab2f0791c24fab1b4cde714cf4006f622aae0ddea25/detection http://216.58.214.4 216.250.97.121:2001 # Reference: https://www.virustotal.com/gui/file/653c7f0092f98728fb6c2ece503ada141b8b54e905bc09920e07ba7b267a7820/detection # Reference: https://www.virustotal.com/gui/file/4ce9d6b567d7612aeaf3d04a46d438a08028cfea8969f6ef5c2cecf998153e7a/detection 79.69.56.209:6622 79.66.73.81:6622 92.22.220.243:6622 nipodipo.duckdns.org # Reference: https://www.virustotal.com/gui/file/f61bfd89c93d7ed7d146b79559ff62bdfb2f23238fa7c0ed79578a2870c12064/detection 141.255.159.138:5214 pskdhall.hopto.org # Reference: https://bulldogjob.pl/articles/1200-an-in-depth-analysis-of-spynote-remote-access-trojan # Reference: https://www.virustotal.com/gui/file/d96f9eafdc3c44611004ac151ae51cdff7a7fa41555389fd36479de442b400a0/detection # Reference: https://www.virustotal.com/gui/file/ad8fb56daf02c5885d5a4c46b07bf9c68ce6d7e838b41aee62736465567c173e/detection # Reference: https://www.virustotal.com/gui/file/ad0531ce4f0556f806e8cabc7be15f618e8fae94472da3413c5968ea78195e09/detection # Reference: https://www.virustotal.com/gui/file/0f0f86e025dd5ad4426d7324e589a0fa6bcb5eace56c17f7c54c0cfdecff276a/detection # Reference: https://www.virustotal.com/gui/file/584c7cef403cec10c4d1dd5da028463dec07dbd52786a7077498145d69b60a4a/detection # Reference: https://www.virustotal.com/gui/file/e1d053588e752b0ca26a49ca2521e0fa99b9b8b1cd6e558888b7c57ae390ee6a/detection 82.137.218.185:1920 82.137.218.185:1940 82.137.218.185:215 82.137.218.185:2610 82.137.218.185:3128 82.137.218.185:666 # Reference: https://twitter.com/malwrhunterteam/status/1483183239829377027 deepchat.org # Reference: https://twitter.com/malwrhunterteam/status/1485693190695002113 # Reference: https://www.virustotal.com/gui/file/aca091bbd49d2072c0d35b8875309e002163603f912bd48cbe21f3daf76d51d8/detection 213.6.103.122:1192 trojan3.securitytactics.com # APK /Encro_Chat.apk /FUCK__U_.apk /HediyeKart%C4%B1n%C4%B1Kullan.apk /HediyeKartınıKullan.apk /karma.apk /KUPRJQ.apk /modelwork.apk /Synhron.apk /Threemaa%20Messenger.apk /up4net-pubg-mobile.apk /Youtube22.apk /YouTubeStats.apk