# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: bobik, ddosia, killnet # Reference: https://decoded.avast.io/martinchlumecky/bobik/ # Reference: https://www.virustotal.com/gui/ip-address/2.57.122.243/relations # Reference: https://www.virustotal.com/gui/ip-address/2.57.122.82/relations # Reference: https://github.com/avast/ioc/tree/master/Bobik q7zemy6zc7ptaeks.servehttp.com v9agm8uwtjmz.sytes.net # Reference: https://decoded.avast.io/martinchlumecky/ddosia-project/ 109.107.181.130:4200 109.107.181.130:5001 # Reference: https://www.sentinelone.com/labs/noname05716-the-pro-russian-hacktivist-group-targeting-nato/ # Reference: https://www.virustotal.com/gui/ip-address/31.13.195.87/relations tom56gaz6poh13f28.myftp.org zig35m48zur14nel40.myftp.org # Reference: https://www.team-cymru.com/post/a-blog-with-noname http://31.13.195.87 109.107.184.11:27017 185.173.37.220:5672 185.173.37.220:6379 31.13.195.87:9100 91.142.79.201:5051 91.142.79.201:9100 87.121.52.9:5001 # Reference: https://twitter.com/teamcymru_S2/status/1620019172712550401 http://212.73.134.208 # Generic /27bff71b-42c0-4a47-ba39-04c83f2f40bb/update?id= /bcaa8752-51ff-4e35-8ef9-4aefbf42b482/update?id= /d380f816-7412-400a-9b64-78e35dd51f6e/update?id= /fb82275d-6255-4463-8261-ef65d439b83b/update?id= /fb82275d-6255-4463-8261-ef65d439b83b/AdminService.exe /fb82275d-6255-4463-8261-ef65d439b83b/afVAcUJTvDvM.exe /fb82275d-6255-4463-8261-ef65d439b83b/BAebY2lBT7ee.exe /fb82275d-6255-4463-8261-ef65d439b83b/Q7yheyG7.exe /fb82275d-6255-4463-8261-ef65d439b83b/xLZ6auza.exe /fb82275d-6255-4463-8261-ef65d439b83b/XuS1qxZa.exe