# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: slrat, spymax # Reference: https://twitter.com/LukasStefanko/status/1239494265618694147 assdsiwi.ddns.net # Reference: https://www.virustotal.com/gui/file/eb5db64f88a09cf8b5c72d2b3a0a45439c678bb513fb7adb59b335f0354cd095/detection 41.253.52.89:1515 41.253.23.12:1515 41.253.23.12:28028 216.38.7.245:6666 41.252.167.210:1515 41.252.167.210:28028 172.217.194.188:443 172.217.194.188:5228 172.217.194.139:443 82.205.176.250:1515 41.252.139.115:1515 41.252.139.115:28028 165.16.67.82:1515 165.16.67.82:28028 41.253.168.216:1515 41.253.168.216:28028 assdsiwi.duckdns.org # Reference: https://www.virustotal.com/gui/file/988ba9665b44a2791f4ea3d6b95b885287212e0fecac8bb517784a6a69c0c6ff/detection shakermohammd19999.ddns.net # Reference: https://www.virustotal.com/gui/file/07ae6fa0f804e16f24ed052ef25349780195bfa95b557e9be52f29f9abbf39db/detection 187.122.224.72:5214 # Reference: https://www.virustotal.com/gui/file/4d5e47d30b62dcb134f3c2964f70e18efd73df1e6c8da5cc1e6582ec62fe366d/detection 177.64.155.133:5214 # Reference: https://twitter.com/malwrhunterteam/status/1248661416791465984 anti-corona.app # Reference: https://www.virustotal.com/gui/ip-address/144.76.30.213/relations 144.76.30.213:443 # Reference: https://twitter.com/LukasStefanko/status/1250451829877587968 # Reference: https://www.virustotal.com/gui/domain/pataraha.com/relations pataraha.com/apps/downloads/ # Reference: https://twitter.com/malwrhunterteam/status/1251514856114737154 # Reference: https://www.virustotal.com/gui/file/234fab850c14c91c9e0cd0b2a003c5ce9d17aeba5e88b24abd29c7cab89181ba/detection frewasss.myq-see.com # Reference: https://www.virustotal.com/gui/file/74cea86b03f5a3f31a8b5f262f3ff8349eb406f3ea0221d34ea85cde46717f4c/detection # Reference: https://www.virustotal.com/gui/file/9a436bf2e60a9682d5cd5c4c74fa87c56e094ebaec03b8818d84298af1fd8b05/detection # Reference: https://www.virustotal.com/gui/file/043c30441bde4a1f839bbbb06aa0651fb80f043510848c7a22cea33ddc966136/detection # Reference: https://www.virustotal.com/gui/file/3aff643f9121af2881b7995c7cfc7fe456e87bf189765576c96a0a6e4273dead/detection 141.255.147.237:2492 91.192.6.212:2392 91.192.6.212:2492 q1q1q1.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1252909522605277184 # Reference: https://www.virustotal.com/gui/file/ccb7c588115211956598f8af7ac66c0feabf6ba7b6b6832a7f66ad2edf2492d3/detection 39.53.94.143:4444 tandertx.ddns.net # Reference: https://twitter.com/ReBensk/status/1254691066298511360 # Reference: https://www.virustotal.com/gui/file/253262aa1b7eb99796acbcccdedb3cf627e32042ab35a75544c23af9e25a76b3/detection # Reference: https://www.virustotal.com/gui/file/bdffec168572196309fd356c26e0db5180d083297f76264945f463635fc5ed98/detection 197.206.139.184:71 41.105.255.65:71 steemit.hopto.org # Reference: https://www.virustotal.com/gui/file/f733ded73d4f498327480d232e415465c0f5654a69b431da081f83998b49ead2/detection 193.161.193.99:45467 gwennie.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1256471836457684992 # Reference: https://www.virustotal.com/gui/file/c140c29382aae632858fdb39f0fd9fe0737b7d758c818b582cea89354524937a/detection 185.166.27.9:5555 whoami769.hopto.org # Reference: https://twitter.com/malwrhunterteam/status/1258671300777783297 # Reference: https://www.virustotal.com/gui/file/638f7ae0adb26c5f57243c098a5f47781a981318c2461f9a3a2759ba9ef33cae/detection 111.94.75.182:2219 202.162.210.172:2219 mikymouse.ddns.net # Reference: https://www.virustotal.com/gui/file/15ad81a58df7a8fdf5f1f0d4fe6917989ae51d0fa0b3584b3ab7aebbe19af8f9/detection 105.105.215.75:3210 141.255.159.128:3210 # Reference: https://www.virustotal.com/gui/domain/hammoud777.ddns.net/relations # Reference: https://www.virustotal.com/gui/file/e701dfabda46e950db66fca6823198765f7226c9cda0f9bdb301d0af4045243b/detection 141.255.147.63:1177 141.255.155.10:1177 # Reference: https://twitter.com/malwrhunterteam/status/1260890636737273858 # Reference: https://www.virustotal.com/gui/file/3f69bc4b7fc50db582b13835206d2480acc66919db9123b37cf97f7f3da3b443/detection 193.161.193.99:37916 johnnj2-37916.portmap.io # Reference: https://www.virustotal.com/gui/file/97a286e006d2233f0a2b9d2d0b680dcf9a163b3d2646d0b9fd5f12aec5a61cbf/detection 193.161.193.99:48572 wajikhan.duckdns.org # Reference: https://twitter.com/malwrhunterteam/status/1260892816307367937 # Reference: https://www.virustotal.com/gui/file/885d07d1532dcce08ae8e0751793ec30ed0152eee3c1321e2d051b2f0e3fa3d7/detection 204.48.26.131:29491 prettysavantwholesale.com # Reference: https://twitter.com/ReBensk/status/1261155044059222016 contactsocialmedia.tk # Reference: https://twitter.com/Sh1ttyKids/status/1261022463002947584 spynote.us # Reference: https://twitter.com/ReBensk/status/1261647350579097601 microsoftupdating.online # Reference: https://www.virustotal.com/gui/file/af50e1ae653109062254c5fadc030cc7d61db21272e56d5754572f21faf903c6/detection thecreator2020.ddns.net # Reference: https://twitter.com/malwrhunterteam/status/1262430537714728960 aragerot.com # Reference: https://twitter.com/malwrhunterteam/status/1262454926074093569 156.220.5.128:1337 spynotesooker17.ddns.net # Reference: https://www.virustotal.com/gui/file/efb8414f3d653685de5c0cc421d64fb36f757f462d51ac41f8fd6b5a76f1772a/detection 193.161.193.99:39546 farhad5010-39546.portmap.io # Reference: https://twitter.com/ReBensk/status/1268742575537549316 m8dmkw.dynu.net # Reference: https://twitter.com/malwrhunterteam/status/1269300424693239809 # Reference: https://www.virustotal.com/gui/file/ab079c5e6189c241000ce4da51f9e18b9f68d408d524bc88ea695f3280c42349/detection 105.155.228.6:3210 imsgms.myvnc.com # Reference: https://www.virustotal.com/gui/file/36ff6698d50a85504bc876f4878de1b911082effa6d3c445ebf9924184fd17a2/detection 193.161.193.99:62364 antorkhan-62364.portmap.io # Reference: https://www.virustotal.com/gui/file/9aa01a909ccd2300d0c196fa2b408fe63c9b2aae0abe5acd1e2c2d03ec1ebdc4/detection 217.54.133.82:4444 # Reference: https://www.virustotal.com/gui/file/0cb7e42bd7f9bfbd6e048f59cce4a0e3f1e963981b7f0c5970a86a70583d2b68/detection 62.114.186.254:9999 # Reference: https://www.virustotal.com/gui/file/d710bd370bac3ea7cfd737ad243d107ba870e03886ca7fa945b838e66fe867c4/detection 217.54.88.221:9999 # Reference: https://www.virustotal.com/gui/file/6f129c7805b6997974bf1a1939f0e473708711cfb896460ea02a52ae6818259f/detection 62.114.215.21:4000 # Reference: https://www.virustotal.com/gui/file/cc5b7eb74dd0f51ed76a061350fec6b1b61b8262ddb6288ee981ac080c31a5c4/detection 62.114.207.156:9999 # Reference: https://twitter.com/malwrhunterteam/status/1271855227411587072 # Reference: https://www.virustotal.com/gui/file/ccf588a728abb3f9a1f1b1d0d8f02b1a3a0ff4198589b25575969d0428a8a66b/detection 82.137.218.185:215 # Reference: https://www.virustotal.com/gui/file/aa9133d68ebbb8f777b685ec15a358e0fb2d572bd30ce962d3d1b0c53b785523/detection 185.255.46.114:5551 # Reference: https://www.virustotal.com/gui/file/40836373cb307d6472e20f2c65916ee2ab291fdb27864d456fc5fbe2ec927d21/detection 192.169.69.25:24306 # Reference: https://www.virustotal.com/gui/file/5fc0d6fe1d249ed433dba8f9ad03307748434ca08a6ae729858c2382861c4d04/detection 190.74.113.35:8000 enrike653.ddns.net # Reference: https://www.virustotal.com/gui/file/45ef21cca5c70be1f607252c89ebf4873795fe53fa214ed627b24f9000d1852f/detection 190.73.153.239:8000 # Reference: https://www.virustotal.com/gui/file/592bdfea96900f38525b6afe0b353cca422923052360c771b3fd1d3729824494/detection 141.255.146.170:3210 mlh123.ddns.net # Reference: https://www.virustotal.com/gui/file/6f046db5bbd119d9d383a46ead8c1369ac597c37ea567144c341ea5e9ebed3e9/detection 141.255.145.115:3210 # Reference: https://www.virustotal.com/gui/file/c6954678b39e121c60fd691275238267f97f5ce4264255458c06e155a232423c/detection 141.255.153.22:5214 # Reference: https://www.virustotal.com/gui/file/ce4db4c837defde7461daa1a8a77a0232629b881a21a5741cdb072cf4d897552/detection 141.255.157.158:5214 # Reference: https://www.virustotal.com/gui/file/90d5a6b010901ed67c861d0c3bfdd21f894c13c094a06b78cccc16625c6147de/detection 37.8.24.221:5214 # Reference: https://twitter.com/SecuriTears/status/1276907531231727616 # Reference: https://www.virustotal.com/gui/file/41b2e5473836a59bbba209b9a0d346b22f7e9bb9d1b4c90ca9b5f1626112ee31/detection http://49.233.182.150 49.233.182.150:3210 # Reference: https://twitter.com/bl4ckh0l3z/status/1281591279122550784 193.161.193.99:53976 reddesk-53976.portmap.io # Reference: https://www.virustotal.com/gui/file/d716ba34cad70fb14dfe490252a655630e14ffb6aeb221e4d839e9cc63589df9/detection 193.161.193.99:59671 Eathenjacobe-59671.portmap.host # Reference: https://www.virustotal.com/gui/file/23f3b76890b7a41efca6288e00689425ffabe8113b8f0ec71b6ab113dd434029/detection njfdu84hc83nb8-46899.portmap.io # Reference: https://twitter.com/ReBensk/status/1283666334295838721 monprofil.online # Reference: https://twitter.com/ReBensk/status/1290158109395050497 # Reference: https://www.virustotal.com/gui/file/f6ec2dbd9d6bff73d626321a6e889e64db3a7c2a3dbdc6f7eae6bcf3be09167f/detection arduinofreaks.ml # Reference: https://www.virustotal.com/gui/file/e5c415b3d79694a5e89d5d813a88200b3516648a6808911dbb365c61a4efd578/detection 41.108.251.174:3210 # Reference: https://www.virustotal.com/gui/file/d9d82adc58d5950c7c91a9c484ba1d1142132acd23b6a42a56b3d807a05e0918/detection 86.4.221.98:4040 apexspoofer.duckdns.org # Reference: https://www.virustotal.com/gui/file/0e7e14a743c7d5d589d7c617bc2ac1094b9bcf5f0c8d99657f1c392568ce477f/detection 154.236.146.219:4444 154.236.90.116:4444 41.199.197.93:4444 217.55.49.9:4444 body.bounceme.net # Reference: https://www.virustotal.com/gui/file/32cdfdb08716efc720deb34fed85cff65523d66e26022571ba96c65c6fddaf4d/detection bnbn.ddns.net # Reference: https://www.virustotal.com/gui/file/7b0984af6b49c12cb0e8322aad0611fd497f3ee9d801515b5eaf9591b327726f/detection deepnest.duckdns.org # Reference: https://www.virustotal.com/gui/file/47d0fd4eca95d85e9d00fb3e14b295f5023f7ad6bf34fde63393f373baf545bb/detection 187.40.132.99:3473 # Reference: https://www.virustotal.com/gui/file/79c51704b4565ee42ad05e482db9f471d847858fdebb5793df49f8a9867eb591/detection 197.59.102.90:1177 mr32123.ddns.net # Reference: https://www.virustotal.com/gui/file/c5153499bfabb6ddcefba591b6fba081ff8851ca1910793e66cf9e810857eb9b/detection 194.176.99.68:4444 idkjustgo.ddns.net # Reference: https://www.virustotal.com/gui/file/3446f499aa768e5afc5cc19b02d430ceaffefd17872d1bccf2467b2b54f848c0/detection 193.161.193.99:62207 hm1234-62207.portmap.host # Reference: https://www.virustotal.com/gui/file/37f8afdc1117de292a29f9449824ad40d76b67d96ff0b5feef773bb1c7ae1b29/detection 193.161.193.99:42421 kr1pt0n-46860.portmap.host # Reference: https://www.virustotal.com/gui/file/9e5aa550fa4bcf3d2d48269d19efca3e708ed6a9572e61d4613ee2f754e7b7c4/detection 193.161.193.99:38300 yozoraxph-38300.portmap.host # Reference: https://www.virustotal.com/gui/file/11714a034d9bc0b9c617b898963342727ac140e8106fc1d3cd92a30fd3edfccb/detection 193.161.193.99:23892 mascarpone-35171.portmap.host # Reference: https://www.virustotal.com/gui/file/a18c9ce516b4494c65475b85c283e32b4f5777ea3fb055a4a0f702b640a8a7b4/detection 193.161.193.99:58574 dhruwr9-58574.portmap.host # Reference: https://www.virustotal.com/gui/file/13a7415335abc943cb5dfe17d994b1f81f4b21703e9a7695a9522bbfb355c720/detection 193.161.193.99:36201 hackimti-36201.portmap.host # Reference: https://www.virustotal.com/gui/file/7784822e37f4d3f5ca7b1d65bf1104e9ab28495a629a4105af90ddeb47258bbf/detection 193.161.193.99:28869 assa-28869.portmap.host # Reference: https://www.virustotal.com/gui/file/88123fd9567f112872ab373685ff30267f291a18d6f892c22d5d59d26af29d49/detection 193.161.193.99:44144 kichae-42764.portmap.host # Reference: https://www.virustotal.com/gui/file/1163c5e75d8a149dd342220f04aeb5b4924c59dd6b3a854bc5d0ebfe58fc8cfb/detection 193.161.193.99:35767 wolfx-35767.portmap.host # Reference: https://www.virustotal.com/gui/file/640d7352ade1e47a264a868363c528f926fd41e30b151b42623b748bd1085a4c/detection 193.161.193.99:29042 toth-27008.portmap.host # Reference: https://www.virustotal.com/gui/file/c9ad77b616fb56b34da6da9a15232b1f421003c728c127b95e87a8e527adb8f3/detection 193.161.193.99:22354 anon6863-48284.portmap.host # Reference: https://www.virustotal.com/gui/file/d935ccd35e3979204f2c8f48173121f88bc82ef4fa96abc64348bc8992cc9092/detection 193.161.193.99:4242 193.161.193.99:64775 vishal99099-64775.portmap.host # Reference: https://www.virustotal.com/gui/file/01ea9c2c06882c5555cbba14ee84153167cd46db0ea4ecb9c19dacb5123f24e9/detection 193.161.193.99:38353 hunterhmd-38353.portmap.host # Reference: https://www.virustotal.com/gui/file/7d544e33d95b33935ab3f288ceb1ad15bc44be72936ae8bea66a2a65391577fe/detection 193.161.193.99:38508 black9654-38508.portmap.host # Reference: https://www.virustotal.com/gui/file/a8cefcfcce3d79812f11e614102acce8bdf4253df405604ac01ca7c2e746c300/detection 193.161.193.99:31722 siraxeb658-62133.portmap.host # Reference: https://www.virustotal.com/gui/file/4edeaa23afece052dccd3d2ca9cdeb32b4962058abf6e297c5e6f020256fe37f/detection 193.161.193.99:27460 ddindia-33351.portmap.host # Reference: https://www.virustotal.com/gui/file/b04d6535e696e8378d36f93e575fd37dc9cffd2cb1ce36b5276df80e4eb7729e/detection 178.32.12.103:2222 94.47.17.91:2222 # Reference: https://www.virustotal.com/gui/file/e907b35f7afd7b96c8e08cd1043622926a205411606a807210a9eb2ab260b562/detection 193.161.193.99:25263 apaya-25263.portmap.io # Reference: https://www.virustotal.com/gui/file/de779ec44f5c458621b104c44d88f7e268d8798b67597b7861ca94f9595bd43a/detection 199.66.93.68:5552 # Reference: https://www.virustotal.com/gui/file/2f0fc0f90e3abbf3017dfbe562a5341610206788e0f1671d110acecb149cc6d4/detection 41.105.44.177:3210 # Reference: https://www.virustotal.com/gui/file/9b50d732354e7aa8bcef6603b575584871797c6e2171364f6a144d3804483293/detection # Reference: https://www.virustotal.com/gui/file/9b50d732354e7aa8bcef6603b575584871797c6e2171364f6a144d3804483293/detection 102.69.5.159:2222 192.169.69.25:2222 # Reference: https://www.virustotal.com/gui/file/3aca04e3a574bccad8086323516abaf90f05cbb36a37053b88fe562131612cbf/detection 45.74.46.195:8181 # Reference: https://www.virustotal.com/gui/file/0d69ea9679b293299234b44004670fa3eb667734709af83edf0914fcb6508a90/detection 45.74.46.199:5214 # Reference: https://www.virustotal.com/gui/file/6140caeb42927993ee127c1976dc8bafc6f6456c60f120d94c7ef919d3dea14d/detection 196.75.140.215:2020 snowypix.hopto.org # Reference: https://www.virustotal.com/gui/file/f5cd7798179e2d713e31812b15ca0189dfe97f7e25ac796e6f36d181a96efcd0/detection 41.142.85.225:3333 simoxsimox.ddns.net # Reference: https://www.virustotal.com/gui/file/403e620134abfde92d5611b7949cde966b0fedaea58213d635a9105b48fe0c85/detection 105.156.80.242:3333 191.101.124.175:3333 mrxtnt.ddns.net # Reference: https://www.virustotal.com/gui/file/ffaa313fb3aba56b439c8e6c40bd03d6627158a2a4c6a23a74ec8cad318af452/detection 41.142.230.203:3333 # Reference: https://www.virustotal.com/gui/file/df88a0c05a3a53d2ea33703d4ecd3705d30940bc79c09e9b8e86ced707514b28/detection 41.140.184.191:3333 41.142.224.183:3333 # Reference: https://www.virustotal.com/gui/file/a024ef4ecc1a497e97f34a0ab6c117205621754f4bee5cb7855c6af775ba369e/detection 105.156.90.254:3333 # APK /FUCK__U_.apk /karma.apk /KUPRJQ.apk /Youtube22.apk