# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: crysan # Reference: https://twitter.com/suyog41/status/1130804704152305664 mikus192091.ddns.net # Reference: https://twitter.com/luc4m/status/1106618159522635776 queda212.duckdns.org # Reference: https://twitter.com/CERT_Polska/status/1072793091856392192 # Reference: https://www.cert.pl/news/single/trojan-oraz-ransomware-w-kampanii-podszywajacej-sie-pod-inpost/ 213.152.161.99:47390 213.152.161.100:47390 213.152.161.101:47390 213.152.161.102:47390 213.152.161.103:47390 213.152.161.232:47390 213.152.161.233:47390 213.152.161.234:47390 213.152.161.235:47390 213.152.161.99:47392 213.152.161.100:47392 213.152.161.101:47392 213.152.161.102:47392 213.152.161.103:47392 213.152.161.232:47392 213.152.161.233:47392 213.152.161.234:47392 213.152.161.235:47392 # Reference: https://twitter.com/Threat_hunts/status/1135810121227882499 # Reference: https://app.any.run/tasks/5ad34df1-b5a8-415f-9496-334d9bfdd7b1/ 95.167.151.253:7707 # Reference: https://twitter.com/James_inthe_box/status/1141072205771448320 kizzoyi.duckdns.org # Reference: https://twitter.com/powershellcode/status/1148234398703030273 internetexploter.duckdns.org systenfailued.ddns.com.br # Reference: https://twitter.com/DynamicAnalysis/status/1165901579536539649 79.134.225.90:4782 # Reference: https://twitter.com/James_inthe_box/status/1167217092245872640 # Reference: https://app.any.run/tasks/8eb2d184-08ec-40ab-8742-32f6988c5638/ 23.105.131.169:6606 193.56.28.173:7707 193.56.28.173:8808 rownip.3utilities.com rownip.mooo.com rownip.theworkpc.com rownip.dyndnss.net rowanyne.ooo # Reference: https://twitter.com/JAMESWT_MHT/status/1169142417754337281 # Reference: https://app.any.run/tasks/308651b4-37c0-4c66-87ba-5bf05d1ff411/ 79.134.225.115:4404 eg-east.com # Reference: https://twitter.com/dcTavvy/status/1188352813937463298 # Reference: https://app.any.run/tasks/6aedb064-1078-4304-b1e8-a8205a5ba698/ 193.161.193.99:43158 Lolikot-43158.portmap.host # Reference: https://twitter.com/JayTHL/status/1197240502699073537 5.62.41.111:5320 91.193.75.151:5320 netty.myftp.biz ify.insidedns.com # Reference: https://www.virustotal.com/gui/file/598ba7562062467fbf05d47bfadf27578a8ed4d5d5abdf17a5a4820ad71651bf/detection 3.19.3.150:6606 # Reference: https://twitter.com/w3ndige/status/1214596648644620288 # Reference: https://app.any.run/tasks/509acd2f-9474-44d4-aac2-d186a4716bef/ g.top4top.io # Reference: https://twitter.com/killamjr/status/1217630017116499968 # Reference: https://app.any.run/tasks/2517942c-3364-4d56-93ab-cfa47fd14299/ 101.86.170.36:1199 45.11.19.240:7707 xred.mooo.com # Reference: https://www.virustotal.com/gui/file/cc7a634047451f72a51766d1b6e33ce8a154579d80f6abcf9a109ff64c22f3a6/detection 177.98.43.164:7707 skypeprocesshost.ddns.com.br # Reference: https://www.virustotal.com/gui/file/0c8a1d1eb4a0ee3ca2cf22cb4ede61f85e5170885549769984110edb6b64a236/detection 179.95.221.147:6606 179.95.221.147:7707 179.95.221.147:8808 workwinrarhost.ddns.com.br # Reference: https://www.virustotal.com/gui/file/b1a7fda679c569e51e4b1239d044bb6e6e1f3557ccd2060c32a11b0978919b2d/detection 177.206.102.68:7707 177.206.102.68:9830 # Reference: https://www.virustotal.com/gui/file/366c8707d33501338e524e4c70f8b10ac993341134aa28b32a550f06911ba646/detection 191.32.227.90:7707 # Reference: https://www.virustotal.com/gui/file/d60372f5bbed48ea826b894402e4412a478979b590bed2b9b0d1d84017549bd0/detection 177.133.237.246:9830 179.180.17.194:7707 # Reference: https://www.virustotal.com/gui/file/9fbc310b2579816b488dbc44485acd418b20a72ef8dceb558f645a735fe10f05/detection 177.98.43.164:6606 # Reference: https://www.virustotal.com/gui/file/4913ae8055d7c6f225c0bd63ffceb28138483b39d9887de8ebcc8773e9d0d46f/detection 177.98.43.164:9830 workwinrarhost.ddns.com.br # Reference: https://www.virustotal.com/gui/file/9a3e8a5bd3bfae58180089d27f1e23ba5f8118272b903a4ce99047969874a989/detection 177.133.246.134:9830 # Reference: https://www.virustotal.com/gui/file/ef332bc4cca2207ceb999f77d3e8a02b9d3b2c475d39310d2f1b09ae8f335de9/detection 177.133.246.134:7707 # Reference: https://www.virustotal.com/gui/file/6ede0a69b6d4d7b9cddc97ed35f58a284427fa92923d7a3e9e1442a5a0ad1b46/detection 177.98.127.109:7707 177.98.127.109:8808 # Reference: https://www.virustotal.com/gui/file/87571c558c0c211cd407d87217a3a64240736fb6645919e970dadef3680975ef/detection 177.133.235.48:6606 177.133.235.48:8808 177.133.235.48:9830 # Reference: https://www.virustotal.com/gui/file/d0ca0770e89e27b72703029c7900853a655be67c65fb1bcbd0c652eceb3b384f/detection 177.75.41.182:6606 # Reference: https://app.any.run/tasks/5e7bb6ce-39e9-4243-8802-968c8fb28753/ cloudclout.duckdns.org 79.134.225.38:7707 # Reference: https://app.any.run/tasks/823454cc-ac69-47d8-821a-262f4226ca10/ sbmsbm20.duckdns.org 64.225.20.238:2030 # Reference: https://www.virustotal.com/gui/file/712bc10802ec06baeb0774fa92d2816c477d6a5dceb0ac9960120344fcf7e1f7/detection 141.255.159.75:6606 141.255.159.75:7707 141.255.159.75:8808 # Reference: https://www.virustotal.com/gui/file/55618c029549b2e2f8919902d09c19658e98390cc3e3faeb05743f091e22818d/detection 79.135.146.203:6606 79.135.146.203:7707 79.135.146.203:8808 # Reference: https://app.any.run/tasks/5bbbc0e9-1c84-413d-be8e-371aa483f11b/ 141.255.146.30:6606 141.255.146.30:7707 141.255.146.30:8808 # Reference: https://app.any.run/tasks/f44c32ed-727b-437b-9249-743b5ae74ed4/ 185.140.53.12:21000 # Reference: https://twitter.com/wwp96/status/1236015091029590017 # Reference: https://app.any.run/tasks/7a110950-e58a-4f0a-80ab-fc17c39d38cd/ 185.140.53.154:6606 185.140.53.154:7707 185.140.53.154:8808 # Reference: https://twitter.com/JayTHL/status/1240390421467074561 216.38.8.179:5505 216.38.8.179:6606 216.38.8.179:7707 216.38.8.179:8808 peacelist.ignorelist.com # Reference: https://app.any.run/tasks/96716bfb-5070-40e4-bda5-d6573d7e1e55/ # Reference: https://app.any.run/tasks/d292b50e-71d7-46c2-9c75-3c053b7c36cd/ 46.183.223.29:6606 46.183.223.29:7707 46.183.223.29:8808 # Reference: https://twitter.com/James_inthe_box/status/1243161779212935168 # Reference: https://app.any.run/tasks/393f52ea-8176-4081-9f69-2e4706e7f27a/ 51.75.154.242:1515 # Reference: https://www.virustotal.com/gui/file/77e5748478eb6c6064e118bd35ef28f90bfd0eb908eee0291b994c9a6d5b11f5/detection # Reference: https://www.virustotal.com/gui/file/b892431179d2ed7f4b5c68eff968491b7716a067b6ab16caa5e204c9766d5bcf/detection 41.104.11.200:7707 41.104.122.164:7707 41.104.221.163:7707 41.105.197.112:7707 41.109.189.104:7707 41.109.193.177:7707 41.109.228.158:7707 41.109.242.126:7707 91.109.176.6:7707 91.109.178.2:7707 91.109.178.6:7707 91.109.182.2:7707 91.109.182.3:7707 91.109.182.5:7707 91.109.186.5:7707 91.109.188.10:7707 91.109.190.2:7707 91.109.190.7:7707 # Reference: https://twitter.com/James_inthe_box/status/1248964446505947136 # Reference: https://app.any.run/tasks/4cc95d8b-f2c7-457d-97d2-991d0115c1b4/ 77.247.127.128:8855 88futur.xyz # Reference: https://twitter.com/James_inthe_box/status/1250441655452237825 # Reference: https://app.any.run/tasks/a8c80640-e0bc-499c-bd8b-de1c9166d4dc/ 45.32.167.239:6606 45.32.167.239:7707 45.32.167.239:8808 hdkshnfk.ddns.net # Reference: https://www.virustotal.com/gui/file/51482d0164957eec01b4916354b5a992e6705655bcb44ca4b0b2a520e3b64e6c/detection 192.169.69.25:6606 192.169.69.25:7707 192.169.69.25:8808 soucdtevoceumcuzao.duckdns.org # Reference: https://www.virustotal.com/gui/file/626879e64f571e21902bdc2f249ce247e03420e8656990d54f3ab4ceb99b4fb4/detection 105.111.80.222:4000 azure34.mywire.org # Reference: https://twitter.com/ScumBots/status/1250963567366545408 # Reference: https://www.virustotal.com/gui/file/b465ae7940f04cb8b6f6baf9a288eecb5e405290bf48b18fe70ba41e9cc97389/detection 192.169.69.25:4000 amazon34.duckdns.org # Reference: https://www.virustotal.com/gui/file/5abfea336ec1f8f078499dd4713d65b5e75c59243b6137af1f5297706413dc63/detection 105.103.214.89:4000 amazon3407.mooo.com # Reference: https://www.virustotal.com/gui/file/6f5567af58976eb61af59c7edf1e5cdad7e3cd2fc60c16b123dfa53cd44e8f6d/detection 85.229.141.17:1337 92.34.156.156:1337 bob1337.chickenkiller.com getconnected.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/762a570980637077dbf431c691c38de20e50474d0c67003b4483c6f20a16e533/detection 129.56.25.121:6743 asyncrat6743.ddns.net # Reference: https://www.virustotal.com/gui/file/5e6bd1b03148962cff91b0f6a1d4e915bafd1049931d5d4ff2bda151bd761e28/detection unknownamehost.ddns.net # Reference: https://www.virustotal.com/gui/file/f17981f481d0e31ac51cbf66b5c94d3f73d5a2647a158370ab9e6b3357a00f9f/detection unknowhostname.ddns.net # Reference: https://twitter.com/ScumBots/status/1250960155900104705 # Reference: https://www.virustotal.com/gui/file/5a4958af2c13c0a9a6eff86bb5f4fd339a85a66249a22278cc5b50cecd89188a/detection 88.208.245.177:1443 # Reference: https://www.virustotal.com/gui/file/8c344acd0dfc01ac093b4a4407cd2f126f74bae0ca5b66f92912d522160ac639/detection 103.82.249.19:8808 # Reference: https://twitter.com/mahnyan1/status/1251321072865042435 babyboyhammer2.duckdns.org # Reference: https://www.virustotal.com/gui/file/e9c607f263a990db1bf0465c8688ed7ce7e5f294845041fb56af313df34f45df/detection 176.31.26.213:6606 176.31.26.213:7707 # Reference: https://www.virustotal.com/gui/file/7bebcd498c41f74199691dd8c0d9144f562b4c71dc9c96607260689397ba2285/detection 178.209.46.144:20108 73ch91ch13f.100chickens.me # Reference: https://www.virustotal.com/gui/file/a0e26b77db21ef8899c3b18fa562a53f51b37a3cb8677034bbd8c2c5b37cf78b/detection 193.161.193.99:61436 karakan123-50010.portmap.io # Reference: https://www.virustotal.com/gui/file/dd8069de43a40341482301c95b3a05d0201a9386a5c586b17451ca37447dd1ac/detection 152.246.228.24:6606 152.246.63.32:6606 # Reference: https://www.virustotal.com/gui/file/1c7dccd9e95acff427990af9670ad69d54fcc056aa0eb7744ec8f22d35088c45/detection 193.161.193.99:56282 # Reference: https://twitter.com/ScumBots/status/1250963480783527938 # Reference: https://www.virustotal.com/gui/file/31345f8b3aefaaa13a783f4febe071bb8da7ae27f5f5c06024f9f29db0116321/detection 192.169.69.30:6606 192.169.69.30:7707 192.169.69.30:8808 # Reference: https://twitter.com/ScumBots/status/1250963998922739712 # Reference: https://www.virustotal.com/gui/file/91ecc56db47e5fe085075ff0d7fa76d2911e787734b95b81a4570a15a45444b9/detection 192.254.74.210:6606 192.254.74.210:7707 192.254.74.210:8808 # Reference: https://twitter.com/ScumBots/status/1250964170302009344 cmradelucifer.ddns.net # Reference: https://www.virustotal.com/gui/file/9ee035f65117dd6ead3f1da5a952df99efbaa39c7345fc11f8ccbbb6ecf86037/detection 168.197.229.117:6606 168.197.229.117:7707 168.197.229.117:8808 79.134.225.20:6606 79.134.225.20:7707 79.134.225.20:8808 # Reference: https://www.virustotal.com/gui/file/4a5cea334cdd0c4042498850f591717d0677fb606331d11210f7b5d2b3a27ff2/detection 213.213.206.18:3306 # Reference: https://www.virustotal.com/gui/file/d09e5b5fabdfa8578b377d46b44fcddc0772a92750e4ead921e2e56e97cdda35/detection 185.165.153.95:8989 # Reference: https://www.virustotal.com/gui/file/a3f870eeaf9cb8e486363b1ff8e1fb79937ed85bab6237ee6123125ad3a43290/detection 186.53.186.235:4132 yugdab.duckdns.org # Reference: https://www.virustotal.com/gui/file/1b5e3eb733257954a9dd28f6a3e081d941deaa73418d4b22beaa3200a8f96285/detection 41.140.208.184:6606 asco.dynu.net # Reference: https://www.virustotal.com/gui/file/0e0bf4239bf7472066cb37ab517d74b1102c69af9e0feca64d567dff879ae1eb/detection 69.171.248.112:5557 8701.viewdns.net # Reference: https://twitter.com/ScumBots/status/1251156576615849985 # Reference: https://www.virustotal.com/gui/file/419fa3facde23e4b18afe0c7f7198844f3ee9e28da6e39f2e2e9e60c41e83570/detection 193.161.193.99:63374 # Reference: https://www.virustotal.com/gui/file/9b471c2935fdd01c7e9d57e78f91d213e6d1b5a44ac1719048d92d02d1976422/detection 192.169.69.25:6606 192.169.69.25:7707 192.169.69.25:8808 number2.duckdns.org # Reference: https://www.virustotal.com/gui/file/aff7d626d09099f6aaf329f1b2e0623a378b45fdf4536ad83e63efc87e7e0865/detection 124.50.195.153:5050 kkk1046.kro.kr # Reference: https://twitter.com/ScumBots/status/1251180572711550983 103.18.14.217:1337 dedsee2c.accesscam.org # Reference: https://www.virustotal.com/gui/file/923092b6cec8aaa0cd11fefa625ed17f98702edac91c3a52beaf7e54f6e5f784/detection 13.235.76.244:1337 # Reference: https://www.virustotal.com/gui/file/582fb62f0d92afaee2dc79108622667cc62d298cafbde3d1e2ec1738c977f4a6/detection nohostname.ddns.net # Reference: https://twitter.com/ScumBots/status/1251180991995088900 103.244.74.228:46839 # Reference: https://www.virustotal.com/gui/file/36b272fbada18f510fa34a479fa391131797f13218f6756c52825d9e7711be6e/detection 41.103.199.216:1337 # Reference: https://www.virustotal.com/gui/file/850bcc510ee39c6d6dde91f041bcb276b74a8101c84279a35c0a3570a4e6440d/detection poiuytrewq3341.ddns.net # Reference: https://twitter.com/ScumBots/status/1251181425933647877 dqrkodz34.ddns.net # Reference: https://twitter.com/ScumBots/status/1251181595635126274 jess19991102.ddns.net # Reference: https://www.virustotal.com/gui/file/d4a629944bf1e03d43a04b530f9606d8315b84e847c83042427224011f3067ba/detection 193.161.193.99:36811 hussaryn-36811.portmap.host # Reference: https://www.virustotal.com/gui/file/c338d425a1293b82ac13c856c43d588ce0053b27349620b7353273a42a04d845/detection jess19991102ddns.com jess19991102.ddns.com # Reference: https://www.virustotal.com/gui/file/0a276fdaf3367ca3fd4cf90eb338dd3d0575ba3979f1bd609ce58e13e2aa0a8e/detection 204.14.73.154:8080 bomi.duckdns.org # Reference: https://twitter.com/ScumBots/status/1251182632517410817 salsamania.ddns.net # Reference: https://twitter.com/ScumBots/status/1251183213747277826 googledrive.dynu.net googledrive.linkpc.net # Reference: https://www.virustotal.com/gui/file/f71eaaf23ecba6aafc314f3d42badafb4430b1be62a1ba325c592b258b8f1319/detection 213.152.162.84:9040 # Reference: https://www.virustotal.com/gui/file/ee1e5a4ee19c1b613aaa82b48e313c6e3eeb5874d7593809c2207037254a57cc/detection fertun-29801.portmap.host # Reference: https://www.virustotal.com/gui/file/2b70dd97d36efbbadd5f63afc22e28dc53d26302bae846b4f4e49e27cf95a70f/detection 176.232.239.198:5060 denemeiso1.duckdns.org # Reference: https://www.virustotal.com/gui/file/a86751d7ee905499b6e324dc5175e287a20d34cde78cbe35a290523dea9d1cd0/detection 13.235.23.234:1337 # Reference: https://www.virustotal.com/gui/file/e20e1fd207ef943af95774fc0fc0e38da70c808b78a3dfb141e4852036a8dc12/detection noregisterdomain.zapto.org # Reference: https://twitter.com/ScumBots/status/1251185289055350784 87.14.96.105:1303 emmek.crabdance.com # Reference: https://www.virustotal.com/gui/file/b76b157a8d6ccfd5cc7ea8eed54af4d0aab9e97f8d641f886617252d9acc48bc/detection 41.100.199.86:5555 clayroot2016.duckdns.org # Reference: https://twitter.com/ScumBots/status/1251185716111069184 am164.kro.kr # Reference: https://www.virustotal.com/gui/file/f25f43f5cea51647e82413accd831b93fe8c2b7f072fc1468cd1d13bf08224ec/detection 136.243.31.186:1608 # Reference: https://www.virustotal.com/gui/file/1298f1fd280d2768e2a5e3f1089ec3ad18e17cade3fbeb78be864d9c3caff337/detection 173.238.140.238:6606 173.238.140.238:7707 173.238.140.238:8808 bshades.ddns.net dark-comet.ddns.net # Reference: https://www.virustotal.com/gui/file/47979eca9030c7f8de4c86c048e17efa02f66c6aed8a52c24dbd4bd7b0692b88/detection 75.80.221.198:1604 # Reference: https://www.virustotal.com/gui/file/5515739bd8752264b7ee2a2c9b957d36af9fb16b19d7dd1aef4139f2fe74af47/detection sam144169-56334.portmap.io webforma.chickenkiller.com webdata.ddns.net # Reference: https://www.virustotal.com/gui/file/610a58f5e46ffe61093dad4ef8528df34894d29347a1eec0224a87bba7864b8f/detection 46.237.79.53:8080 rat24695.ddns.net # Reference: https://www.virustotal.com/gui/file/5b18ab7442af71b0ba9293b200fa26961e6de7b98d51456644aa58d307dc0e1f/detection 154.16.248.14:3230 # Reference: https://twitter.com/ScumBots/status/1251187877255528448 112.149.90.49:5050 hyungwoo.kro.kr # Reference: https://www.virustotal.com/gui/file/03a58d54e04d346d4d06637a40834795431147472e07c815a0fee27475bcc970/detection a24369093123.ddns.net # Reference: https://twitter.com/ScumBots/status/1251188552500723712 40.114.49.176:4040 # Reference: https://www.virustotal.com/gui/file/b796ac10d1f3133ca6b77141e50e414f1fc704299884d0b0fb676ab0db7fed89/detection yesweekend12.ddns.net # Reference: https://twitter.com/ScumBots/status/1251189068190318593 213.152.162.84:9040 # Reference: https://twitter.com/ScumBots/status/1251189153976516610 unregisteredhost.dynu.net # Reference: https://www.virustotal.com/gui/file/516c73d324fa23f5aaf50bf9306c2d5aa3d55b0b8c9be60e273ac3c1895f15f3/detection 23.249.168.43:9090 ccmorgan.duckdns.org # Reference: https://www.virustotal.com/gui/file/f0eb9cb0a88f2e88881e06ce961c2da388475c1b595f2669c57e0cf1b5eb7677/detection 41.143.216.51:1738 asco.dynu.net # Reference: https://www.virustotal.com/gui/file/44e550a4dbdc40e1cacca65b7e516618558c0d2114b3641cda6ddd69190ed8b9/detection 141.255.155.90:9023 nonamehost1.zapto.org # Reference: https://twitter.com/ScumBots/status/1251189930300227584 anonauth.ddns.net # Reference: https://twitter.com/ScumBots/status/1251191403851505665 216.246.49.165:6606 216.246.49.165:7707 216.246.49.165:8808 # Reference: https://twitter.com/ScumBots/status/1251191570986082305 82.84.85.59:1608 # Reference: https://twitter.com/ScumBots/status/1251191655589445635 62.108.37.42:6606 62.108.37.42:7707 62.108.37.42:8808 # Reference: https://twitter.com/ScumBots/status/1251192193597014016 84.51.52.166:6606 84.51.52.166:7707 84.51.52.166:8808 kingspy.duia.eu kingspy.noip.pl # Reference: https://twitter.com/ScumBots/status/1251858682108956672 61.69.131.134:1604 yilmazkocakau.ddns.net # Reference: https://twitter.com/ScumBots/status/1251915307536580608 141.255.146.238:6606 141.255.146.238:7707 141.255.146.238:8808 alltricks.hopto.org # Reference: https://www.virustotal.com/gui/file/cd61eefce1bda8e8fd7d6f38bb9e6d70b4f1d90efb039a1346d890eeedbd63ef/detection # Reference: https://www.virustotal.com/gui/file/ae089f74371ab598c6cf00e6debbb9d70c091d90641c406b4aa4c88e3fa81c25/detection 41.42.6.83:6606 41.42.6.83:7707 41.42.6.83:8808 81031.ddns.net # Reference: https://www.virustotal.com/gui/file/5185c0e1245a6ef3f2e38459095098a085e1b3f0fb75c7aa657df068be3334dc/detection 41.35.15.87:6606 41.35.15.87:7707 41.35.15.87:8808 # Reference: https://www.virustotal.com/gui/file/31846d250a4f71ff4d5348ba0417584e560f6a93a949bba415a9efd261a41e17/detection 77.78.103.70:222 qwerty123123123.hopto.org # Reference: https://twitter.com/Racco42/status/1255493982420942856 # Reference: https://app.any.run/tasks/9e6d5087-6d1d-44b5-9ac4-349e14df5eb9/ 62.102.148.158:62727 panda45.duckdns.org # Reference: https://bazaar.abuse.ch/sample/5be39967ba90f3766fa81f354a61102a7ddf6bc19ec282e56727abb6dafb973c/ 185.244.29.175:7071 # Reference: https://www.virustotal.com/gui/file/3e9fc29f4f0edfaebea7d78f2de99dc5dfdcd440fc8afc2fc8be0d9a6e10466e/detection 188.52.75.171:5558 # Reference: https://www.virustotal.com/gui/file/646bd5449aa3c3d5d029daeb30efbb49c68209ec434f4216593952d1310343ab/detection 80.200.143.32:5353 # Reference: https://www.virustotal.com/gui/file/f6270d604a6e859c46733c14315da1dc07d7c50eea5cefd427e915c7c726cd24/detection 191.250.107.152:6606 191.250.107.152:7707 191.250.107.152:8808 pointblankbrasil.duckdns.org # Reference: https://www.virustotal.com/gui/file/ffb897728bb3cdaf183b6346255551615e9de81c4178a74cfdf92c8a03dc11c1/detection 91.109.188.2:1010 # Reference: https://www.virustotal.com/gui/file/9a512140b526841ae759063ba36e46b1812c105d9cc94f8dfe11ff69f3cbb336/detection 51.39.198.26:6606 51.39.198.26:7707 51.39.198.26:8808 # Reference: https://twitter.com/ScumBots/status/1257439484339277831 141.255.158.227:6606 141.255.158.227:7707 141.255.158.227:8808 jnhacker.con-ip.com # Reference: https://www.virustotal.com/gui/file/8e0bde81c9e355be99d2fd2a8cd0a1ff088ccb9e4d846323a07c20948e385497/detection 42.116.41.65:3979 kingspy.ddns.net # Reference: https://twitter.com/ScumBots/status/1257437270765953025 191.250.107.152:6606 191.250.107.152:7707 191.250.107.152:8808 mydnshome.ddns.net # Reference: https://www.virustotal.com/gui/file/78f70e9f02eb5434bb36715f107a092a695b060a3e4dba41e6d6213813d6f6e3/detection 86.7.195.44:7777 nfrurqcjthnjznd.ddns.net # Reference: https://twitter.com/ScumBots/status/1257468146027503618 93.22.123.135:6606 93.22.123.135:7707 93.22.123.135:8808 backdoor.mcrage.me # Reference: https://twitter.com/ScumBots/status/1257751258787700743 # Reference: https://www.virustotal.com/gui/file/046b3e5c4418660a9eed9ffc4e9769df9e133eb96b40e2585eec87cf202d9b0b/detection 41.109.165.237:3000 cappa.myq-see.com # Reference: https://www.virustotal.com/gui/file/509607c23436a0d4ef33b21734a19aa129fbcd63bad4cb2965f06fc3f32c2554/detection 41.105.203.238:3000 # Reference: https://app.any.run/tasks/4c0659cd-b563-45a9-93ca-77b82e795fba/ 193.161.193.99:56769 unity123-56769.portmap.host # Reference: https://app.any.run/tasks/bca9407f-6879-4ca7-9dc9-c5c7d9472e38/ 193.161.193.99:7112 193.161.193.99:45885 reality-45885.portmap.host # Reference: https://twitter.com/ScumBots/status/1257955102553448451 # Reference: https://www.virustotal.com/gui/file/5d5d00143b5f578c0293a7cd806009ecd8da5b30d713ebdfb4fcfb83b85e31c1/detection 108.168.118.205:4782 havingfun.chickenkiller.com # Reference: https://twitter.com/ScumBots/status/1258452953662439429 103.74.18.65:8899 103.74.18.65:9090 webdata.ddns.net poda.duckdns.org poda.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/e2dd6989c2d9bd1038f5c6e741f4cdfa9b4584739fabf98db244f7763607178f/detection asyncrat.ddns.net # Reference: https://bazaar.abuse.ch/sample/43264fd31d2b8ce6104a5daf7cf933d315e21e2a968998591361c13fbc365baf/ 194.5.97.223:6204 # Reference: https://www.virustotal.com/gui/file/b611859ca933afe409d9c00d3c75fb42a4049ccee735afd2123e566bbf066c29/detection 185.140.53.43:4444 lagba10.ddns.net # Reference: https://www.virustotal.com/gui/file/34e20c34bb369fb81054fe19e90916e62251720cca8b961942f9ebbcb669919a/detection 193.161.193.99:25270 hiddensick-25270.portmap.io # Reference: https://app.any.run/tasks/88548d77-fbc2-421d-be4b-2da16bd0b5f3/ 193.161.193.99:34785 Slxthy23rf-34785.portmap.io # Reference: https://twitter.com/ScumBots/status/1261669580067549186 5.9.221.55:6606 5.9.221.55:7707 5.9.221.55:8808 # Reference: https://www.virustotal.com/gui/file/32501c0b743c1a550d9f4a24c73a6e58cb7e7a24919cdea9e85bd7d417273806/detection 220.120.90.123:6060 am164.kro.kr # Reference: https://twitter.com/ScumBots/status/1262284883466096640 115.23.99.222:2256 dokdo2256.p-e.kr # Reference: https://twitter.com/ScumBots/status/1262417002142085121 79.134.225.101:5552 # Reference: https://twitter.com/ScumBots/status/1262647276843028480 59.26.17.108:1212 obidori.kro.kr # Reference: https://www.virustotal.com/gui/file/31f8ef6bce5d3c220c3fb531b699dc5026b343bd0e76f3dd9fc9359dc86936d0/detection 115.23.99.222:2256 dokdo2256.p-e.kr # Reference: https://twitter.com/ScumBots/status/1263461921547747329 128.199.41.159:2001 # Reference: https://twitter.com/ScumBots/status/1263674037227659264 61.81.92.38:1212 test9909.p-e.kr # Reference: https://twitter.com/JayTHL/status/1263709348422967296 123.240.25.197:1604 asdf3341.ddns.net # Reference: https://twitter.com/ScumBots/status/1266652411889926146 # Reference: https://www.virustotal.com/gui/file/298587d8c8a376568ed09d332f329f3a4282e96e905f4569fbf24223ed10e491/detection 77.162.55.86:6606 77.162.55.86:7707 77.162.55.86:8808 monsternetwork01.ddns.net # Reference: https://twitter.com/ScumBots/status/1268143488413118464 193.218.39.43:8686 # Reference: https://twitter.com/ScumBots/status/1268532368790491137 188.250.211.240:3715 diass.duckdns.org # Reference: https://twitter.com/ScumBots/status/1269007937349058560 193.161.193.99:21292 allan4053883-60334.portmap.io # Reference: https://twitter.com/ScumBots/status/1269358998307983361 64.225.66.117:1331 64.225.66.117:1332 kr142.duckdns.org # Reference: https://www.virustotal.com/gui/file/86636201a899e360ad6fae1b71304c625ed6395ddf99e6b09906617da53ee93b/detection 91.193.75.208:3000 # Reference: https://www.virustotal.com/gui/file/8228d1299256a23377e57d575160dbd58f9ac46598c5c90b321743e366f3d09a/detection 173.225.115.144:6606 173.225.115.144:7707 173.225.115.144:8808 # Reference: https://twitter.com/ScumBots/status/1269910131933921281 42.119.15.63:3189 kingspy1301.ddns.net # Reference: https://www.virustotal.com/gui/file/d2d1030a5a122043c7a99b3f2c1b1d456be205033ed1327a0b4780f723a5e362/detection 42.117.191.69:8386 # Reference: https://twitter.com/ScumBots/status/1270064901101432840 100.64.15.50:5431 # Reference: https://app.any.run/tasks/5b5cba25-c74c-4c2c-80c5-c2f2c9156e6c/ 128.74.42.86:6606 128.74.42.86:7707 128.74.42.86:8808 logan1h.ddns.net # Reference: https://www.virustotal.com/gui/file/b8ff21e26e0da11d7146dd250b71206c698275e312bff612b38380e38385a4c7/detection 193.161.193.99:42300 193.161.193.99:6606 193.161.193.99:7707 193.161.193.99:8808 xaz19og-42300.portmap.io # Reference: https://www.virustotal.com/gui/file/e235e749a792841f78e1fcc8ddfea4d9c31471aaaa3df6928a43a96a8235698e/detection 102.42.76.37:2001 al3bkri13456.ddns.net # Reference: https://www.virustotal.com/gui/file/b891b61de4a7c50a50bffa4fb1394c696c25f80717ed57363f4e1a4a216973bb/detection 94.60.172.123:4500 # Reference: https://app.any.run/tasks/01c6c449-cfe1-4e4a-b34c-3536b67599af/ 193.161.193.99:48736 WindowsDefenderNet-48736.portmap.io # Reference: https://app.any.run/tasks/38f351cc-2e3e-4980-9a6d-4ceb645e4cbb/ 195.2.93.77:8808 servesvpn.duckdns.org # Reference: https://twitter.com/ScumBots/status/1270744376042553345 # Reference: https://www.virustotal.com/gui/file/4e8ca2787e65b0edaa21180883b642d7b3b7f85140ab7fc03d09c30da124dc5b/detection 193.161.193.99:1337 193.161.193.99:52390 sdsd33-43977.portmap.host # Reference: https://www.virustotal.com/gui/file/ae84c5af88241d3bb2e75160c53c6cdaee23555e0a83f0b9b5f218fe525c67b0/detection 82.205.2.127:6606 82.205.2.127:7707 82.205.2.127:8808 googlexfx.ddns.net # Reference: https://twitter.com/ScumBots/status/1271484250349547521 109.247.81.119:23818 # Reference: https://twitter.com/ScumBots/status/1271514445739634689 105.108.81.5:333 b34.duckdns.org # Reference: https://www.virustotal.com/gui/file/b1421de897b9903d393051f42730ac0fc7c19a3115f7b2fb019f2f7edd28e2af/detection 185.140.53.247:4723 sukasa.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/3af55f9bb1a968506ea79b9f24d4a61f99d07e652af05bc5c557f13c19343a03/detection 18.197.239.5:10611 18.197.239.5:25565 # Reference: https://www.virustotal.com/gui/file/3f240073edad176ed8dc359ec2420361d67368ed7859bece7b94180c9deba172/detection 18.197.239.5:11328 # Reference: https://twitter.com/ScumBots/status/1272224126346964993 89.182.127.205:9955 fifa2020-ps4.ddns.net # Reference: https://www.virustotal.com/gui/file/6313e287489f083c691693a5582888ea7ab7e3d03c81612012dec332d27c66e2/detection 185.140.53.11:2079 185.140.53.11:6606 185.140.53.11:7707 185.140.53.11:8808 212.225.226.30:6606 212.225.226.30:7707 212.225.226.30:8808 bazilspain.dynu.net # Reference: https://www.virustotal.com/gui/file/67cd0179d490d478ba231ee4719aa7e1427045de0067a24a0adc91f33fdcac3d/detection 212.225.226.30:2079 # Reference: https://www.virustotal.com/gui/file/621b16461f4c6844bb3438e8cc872ae6d81414bd2e60cc097e2af348697fd088/detection 39.108.140.215:60006 39.108.140.215:9999 2ee51a1ab0951a62.natapp.cc # Reference: https://app.any.run/tasks/fa7cb330-07b2-4366-a9a1-03984fe05c1d/ 84.38.134.21:6606 84.38.134.21:7707 84.38.134.21:8808 # Reference: https://twitter.com/ScumBots/status/1273960570220404739 193.161.193.99:62895 # Reference: https://twitter.com/ScumBots/status/1274107785345712132 45.74.26.57:5326 # Reference: https://twitter.com/ScumBots/status/1274213483081596929 43.251.103.150:8848 # Reference: https://twitter.com/ScumBots/status/1274349378992582657 193.218.118.190:6666 # Reference: https://twitter.com/ScumBots/status/1274432429110034432 45.138.157.147:1111 # Reference: https://www.virustotal.com/gui/file/f83df0f45665f9f5d7d1e888cf778bb4440850503e24821bb0d976e86a5e87e8/detection 77.30.137.105:6606 77.30.137.105:7707 77.30.137.105:8808 # Reference: https://www.virustotal.com/gui/file/7528e56efe65fa4b61c7f7156e8d178473051f88d1dc1174378867bdef381f05/detection 202.79.168.134:3399 # Reference: https://twitter.com/ScumBots/status/1274753289091874818 95.70.134.40:8565 # Reference: https://twitter.com/ScumBots/status/1275421447985430529 14.249.183.252:5555 1593572468.ddns.net # Reference: https://twitter.com/ScumBots/status/1276036748053745669 8.210.144.63:6688 # Reference: https://twitter.com/ScumBots/status/1277490072456171520 117.3.216.38:3589 spy9999.ddns.net # Reference: https://app.any.run/tasks/ca2adff9-796b-45c0-b901-6542eb02857f/ xSkewber-24412.portmap.host # Reference: https://app.any.run/tasks/86f951e0-a325-4f4d-9d00-dcc9f1a58754/ steamguard1337.myddns.me # Reference: https://twitter.com/ScumBots/status/1278645187594551296 67.211.213.207:8080 67.211.213.207:9090 # Reference: https://www.virustotal.com/gui/file/1f6ea95aa6e7d84c2db2f180e6964449d9fe0b8112b9661889b5b200120b5cb9/detection 213.152.161.239:9980 bien.airdns.org # Reference: https://twitter.com/ScumBots/status/1278879232505110529 # Reference: https://www.virustotal.com/gui/file/ab5f8fc012927d2a8f6f9e45891da8111e1de9adddd57969540ce7a39697a5e3/detection 105.154.111.193:1596 105.154.111.193:2695 105.154.111.193:4562 dellpower.theworkpc.com # Reference: https://twitter.com/ScumBots/status/1278301761690894337 45.61.136.48:6606 45.61.136.48:7707 45.61.136.48:8808 # Reference: https://twitter.com/ScumBots/status/1279766327733952512 154.209.74.134:3399 # Reference: https://www.virustotal.com/gui/file/dbb7d9edbc04874b351fe0277d7ec7ccb41023f17e87e18da28dc267b2878ebb/detection 114.129.198.91:6606 114.129.198.91:7707 114.129.198.91:8808 # Reference: https://www.virustotal.com/gui/file/afede1c861d5026ace0d1864ab10214cbbe9e46f2299f401ac2589f924fd4a28/detection vksaodyd.kro.kr # Reference: https://twitter.com/ScumBots/status/1281038456521740289 23.105.171.85:35247 # Reference: https://twitter.com/ScumBots/status/1281283822118723585 # Reference: https://www.virustotal.com/gui/file/6e8ae7b434f014a40003c7b24984bdb3751515c7ab4edd36af33b02881d9d82d/detection 186.233.178.201:6606 186.233.178.201:7707 186.233.178.201:8808 duckjigsaw.duckdns.org # Reference: https://twitter.com/hexfati/status/1281490222618939392 julian.linkpc.net # Reference: https://twitter.com/ScumBots/status/1281570951919013888 193.161.193.99:1437 # Reference: https://twitter.com/ScumBots/status/1281570862492274691 193.161.193.99:28472 Pomm2paingg-28472.portmap.host # Reference: https://twitter.com/abuse_ch/status/1281641153524375553 # Reference: https://bazaar.abuse.ch/sample/3f28fd2c56f0bb9501f62fa64c71f6475d7cca2ee1908e097febdfc5516358ed/ 194.5.98.8:8824 # Reference: https://www.virustotal.com/gui/file/b3a4d10421309deb064c7c31d143b704471d2dc60a6b15a14402d2d069daa3e8/detection 193.161.193.99:24207 portababy-24207.portmap.host # Reference: https://www.virustotal.com/gui/file/cf302c3f21b10392c776e72d3b13e5065b1b6f503a3b63ffb343d13c1d83a6dd/detection 84.210.40.80:5552 krypticon9332.duckdns.org # Reference: https://app.any.run/tasks/eec7d68b-fa8f-4654-9544-2b59b27dc6be/ 206.123.129.103:5456 # Reference: https://twitter.com/ScumBots/status/1283031589962878980 193.161.193.99:38891 193.161.193.99:4443 # Reference: https://www.virustotal.com/gui/file/2de91b424589709529fb7f6dd861ee8fe089e2ac0927971d2242362e09c29502/detection 176.205.153.139:9476 # Reference: https://www.virustotal.com/gui/file/ba42409b340eba51a84a63ef57b8944d952ca927a4889948e069f8fc2352b727/detection 118.68.139.26:3189 # Reference: https://twitter.com/ScumBots/status/1283424178268405760 185.140.53.68:1515 mavennezeliora.ddns.net # Reference: https://twitter.com/ScumBots/status/1284137629882159104 174.0.47.124:8574 lowkeyjust.ddns.net # Reference: https://twitter.com/ScumBots/status/1284303722840035330 193.161.193.99:4040 193.161.193.99:41801 Crowlinqs-41801.portmap.io # Reference: https://www.virustotal.com/gui/file/9fae837fb9b2e3389ac912a88518a953bfd2e78b39daf89191187ae9b520dea8/detection 110.141.6.190:6606 110.141.6.190:7707 110.141.6.190:8808 110.141.6.190:3389 server1738.ddns.net # Reference: https://www.virustotal.com/gui/file/8b003d7f7d72eba439d095c2321003840b05e80099fabdd29fce757db0f57043/detection 185.140.53.76:1604 blanco.linkpc.net # Reference: https://www.virustotal.com/gui/file/0948d7d120fa3bfd8eb53b747e9ea08c6703f231663671441edec451b6d72586/detection 27.70.237.210:6606 27.70.237.210:7707 27.70.237.210:8808 27.70.237.210:8888 nohop1998.ddns.net # Reference: https://www.virustotal.com/gui/file/fdc7c7b4a95ee6a1df9b61e24097e0e0d9b5fb967e0430ddfc092aeeaadc1f3c/detection 193.161.193.99:29353 vuadaubepz15-29353.portmap.host # Reference: 118.217.154.223:6606 118.217.154.223:7707 118.217.154.223:8808 mact194.kro.kr # Reference: https://twitter.com/ScumBots/status/1284798238680387585 161.35.56.21:7001 # Reference: https://twitter.com/ScumBots/status/1284892597912313857 206.189.76.209:5252 # Reference: https://twitter.com/ScumBots/status/1284896544760762368 24.254.43.171:6606 24.254.43.171:7707 24.254.43.171:8808 # Reference: https://twitter.com/ScumBots/status/1285047538941394944 14.5.119.153:6606 14.5.119.153:7707 14.5.119.153:8808 # Reference: https://www.virustotal.com/gui/file/955bd3f4c3f39ae1e20ef7bb1b83adf6dd4ac55110cffc79a5843e7c06641a6b/detection 156.206.124.24:1025 erksene.dynu.net # Reference: https://www.virustotal.com/gui/file/b724abcdfe906318472e2c9dcc1e8bd211b10e881c689a600782d0462916701d/detection 216.170.126.139:4660 # Reference: https://www.virustotal.com/gui/file/2622f9874b537293700a77646a386b3c708e257f00e218cd72baf10aed32456a/detection 193.161.193.99:5556 anonissou.duckdns.org # Reference: https://www.virustotal.com/gui/file/f0634bf7e0d376d34450c4752cdd0945aba11ba2b316e64d3bc9d57c6980f189/detection 220.122.40.142:8080 criticalvip.kro.kr # Reference: https://www.virustotal.com/gui/file/bfdfe76cd0b61105c6bbea1952de0380012c3decbfc51ad263e00564cdea1983/detection 182.221.160.164:8080 zcx.kro.kr # Reference: https://www.virustotal.com/gui/file/e14d03068fdc83cd2a6b16bf40553f78d39e0a6478af3f329e69f6cca0df919b/detection 185.222.57.150:3450 # Reference: https://www.virustotal.com/gui/file/b724d53c26514502a8dc138a9a9b5c48b2f699e43a29060ff68bdfd857ce3caf/detection 121.137.39.53:8080 # Reference: https://www.virustotal.com/gui/file/99e489abde6b13f45c6cfababe1b9e46cf8692b12134b015096a323402c71259/detection 121.137.39.53:6606 121.137.39.53:7707 121.137.39.53:8808 # Reference: https://www.virustotal.com/gui/file/7b5dd184f138daf820509d1240dc7b00938d555ba1e9eebe5000d0e8ff2d3889/detection 121.137.39.53:5050 # Reference: https://www.virustotal.com/gui/file/2e04efdd2de2a1be9a27be389987fed425a3ee6826f69180db9093c5383e4833/detection 209.200.39.2:4040 209.200.39.2:7070 209.200.39.2:8080 # Reference: https://www.virustotal.com/gui/file/34b6843018283be543557947fea752642b68d5e72c412a0ab3bdd28ea1c498f9/detection 193.161.193.99:45680 youcefmadskull-45680.portmap.host # Reference: https://www.virustotal.com/gui/file/3377c9208f9f7427e2d5134f7009a5427637432c49797fbd7d83925a5ea954cd/detection 193.161.193.99:1236 193.161.193.99:61574 hackthisishack-61574.portmap.host # Reference: https://www.virustotal.com/gui/file/0427b7e094b0ced7de6ecc37aa5d5ff6de9b13785b068e8480bf62ed2fdac0e3/detection 95.120.211.220:4665 holocmsv2.zapto.org # Reference: https://www.virustotal.com/gui/file/4abdc1b37c11f32707551f7a3479462a68c043e08a84f93b36ad308bfc8e4624/detection 54.95.64.241:1521 # Reference: https://app.any.run/tasks/5092ca08-de2c-4fea-a24c-98a224b251e7/ 185.140.53.11:9845 # Reference: https://app.any.run/tasks/7e29c9db-d891-425e-a793-badabc8fe75c/ 79.134.225.83:4783 superkicka.org # Reference: https://www.virustotal.com/gui/file/2faf5255c368288325aac011cd2066c6942ea0b755718490363fdb6606dec40f/detection 188.151.38.115:1717 schost.duckdns.org # Reference: https://app.any.run/tasks/01eae1cf-71f1-4732-86d6-321117b8382c/ 64.20.43.83:3123 advisorgoetia-dns.xyz # Reference: https://twitter.com/JAMESWT_MHT/status/1288860715143573505 # Reference: https://bazaar.abuse.ch/sample/54d46ffbefae7f6025765c0c274f7f87714e5467da8926967efb01025693bb8e/ 177.255.91.168:49737 177.255.91.168:8057 gfsgvbxcv.duckdns.org # Reference: https://www.virustotal.com/gui/file/30232515c14a00a60978fc801bff8ec6db9c540f88cf6ec8851512e892917719/detection 84.210.40.80:5555 # Reference: https://www.virustotal.com/gui/file/cda5b8bf4e397c606b20ebf098253dc1456f28cc3aeec5ec7a1332afb33bc5b4/detection 185.122.168.250:6606 185.122.168.250:7707 185.122.168.250:8808 # Reference: https://www.virustotal.com/gui/file/97bf01ea73fc39e6dc829aa7a0c45762526c86b7d348ec19f6e3b2897775a6e9/detection holocms.duckdns.org # Reference: https://www.virustotal.com/gui/file/5d6500005736439ccf00e8136c00a351bd7c69fb33fb9485a1be9908187a66da/detection holocmsv2.zapto.org # Reference: https://www.virustotal.com/gui/file/c1877080b35ea82105c4a242cc49c832cc2f7207e672712cc8d364d2b005cf81/detection 193.161.193.99:34540 # Reference: https://www.virustotal.com/gui/file/b174722176293ad63a56287567655d408293addcbd6e248fbd058816667d3cde/detection 176.168.187.199:6606 176.168.187.199:7707 176.168.187.199:8808 lolo0909.ddns.net # Reference: https://www.virustotal.com/gui/file/d7ec327d2a382d2035818a0376fd27bf68dab2d89a7f4e04b04babaef977b16a/detection 120.78.86.213:5917 120.78.86.213:5925 120.78.86.213:5936 120.78.86.213:5944 120.78.86.213:5951 # Reference: https://www.virustotal.com/gui/file/8ca05cad682799f231e0a0fb670a2a04fb6f361f801c884f62a607b26ccc25f4/detection 192.227.158.120:4770 # Reference: https://www.virustotal.com/gui/file/2485169398a574f4b8c68b612c29715f43ecd5a00d61a42def399034ed389517/detection 193.161.193.99:39075 zufair.duckdns.org # Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection 185.244.30.27:3381 # Reference: https://www.virustotal.com/gui/file/d7ec3ec2ac8cb6d1f2898f2d7eb02850e34fc088f71e3ef82e966d10dbfc203b/detection pensive-pond-55232.pktriot.net # Reference: https://www.virustotal.com/gui/file/bb1223e5556adf3f9cb6976fefe3c51af74baacb5c159fe34a03e49ffd43aa39/detection 161.97.82.232:4141 # Reference: https://twitter.com/ScumBots/status/1291947998524706816 # Reference: https://www.virustotal.com/gui/file/3a81c9e1bfe70ae9506eef64194e9b6b8a49a7c2f64fa427ed31d0a9444a785e/detection 121.214.208.2:1111 121.214.208.2:2222 121.214.208.2:30 121.214.208.2:6606 121.214.208.2:7707 121.214.208.2:8808 sirenhead.ddns.net # Reference: https://www.virustotal.com/gui/file/4df01904a9abf7085fc4aafc372c7614cb7077c7350446188ceafc98001fb5b1/detection # Reference: https://www.virustotal.com/gui/file/90e9abb1b28a06edc6ae7a174b6468cfdfc91dcc29cd27be8fcd10d3c746f26e/detection # Reference: https://www.virustotal.com/gui/file/a71149ae63fc78968c81e659eb4dba652ffd3ea8d2a1c58bb631b7fbbaae8e43/detection # Reference: https://www.virustotal.com/gui/file/4e022a47ae07545c1a28418a9beb0f6d360144ec8087bc0bd2ac0f086bea9ddd/detection # Reference: https://www.virustotal.com/gui/file/71922e073726160d1bec9230d8b87eace72792499ddf4c731047a446b6876ee6/detection 185.140.53.54:4923 185.165.153.186:4923 77.74.194.214:4923 79.134.225.96:4923 79.134.225.103:4923 91.193.75.69:4923 bambooo.dynu.net # Reference: https://www.virustotal.com/gui/file/f4cecaa360ee6ab479cbf9b99c15b45ba7e9f548b7e368063a0c9f686fbc2630/detection 212.251.116.161:1604 212.251.116.161:6606 212.251.116.161:7707 212.251.116.161:8808 62.1.59.224:1604 62.1.59.224:6606 62.1.59.224:7707 62.1.59.224:8808 # Reference: https://www.virustotal.com/gui/file/889e35bc6ff36524dd0df82fbcf8a8015fd3c95d94b00c0875e9bb239eb12e28/detection 91.193.75.146:4780 # Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection 185.244.30.27:3381 # Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection 193.161.193.99:54030 Zmining-54030.portmap.host # Reference: https://www.virustotal.com/gui/file/43f97c03faf5199c8ebc7c49c076e45ed95fdf3edc26b4859fdbd705be21dd1e/detection 172.94.42.34:1043 dnsnuev009.duckdns.org # Reference: https://www.virustotal.com/gui/file/8f40ea9560e30c37b6ab4a3d6501b7cbf3898c20d1ecc31e2b7fe360449c0b33/detection 8.210.158.0:6606 8.210.158.0:7707 8.210.158.0:8808 # Reference: https://www.virustotal.com/gui/file/1dfb088dd661a1ab2025603696ced23a04e00c837590ad881a49a24768e09de4/detection 172.94.28.17:2021 tusnalguitas.duckdns.org # Reference: https://www.virustotal.com/gui/file/28dc802c58e106829fa716e2b4b0a1834967709075076bdbf0aec64f5e124f62/detection 172.94.42.34:5623 nikiko.duckdns.org # Reference: https://www.virustotal.com/gui/file/3183e83479da8d8ef421e91538fb85085229673f4bd2f13d3de7c8be2fc96c1e/detection 5.152.206.196:6600 # Reference: https://www.virustotal.com/gui/file/ad8b72167b5dd6b0bcba0a0685ec2addf744bc6da79c70476dd7d138cec764a4/detection 34.73.5.116:4444 # Reference: https://www.virustotal.com/gui/file/565054fa53c89061f7a81e18737a2140457316a526b616349e1ae614db363814/detection 109.247.81.119:20000 # Reference: https://www.virustotal.com/gui/file/d78ddc2b6e359f4d23f06437a5ff498c5afde61d925889129a8da056817bef70/detection 177.98.227.24:6606 177.98.227.24:7707 177.98.227.24:8808 # Reference: https://www.virustotal.com/gui/file/8e3c7cd8bb4826e4919aa56481167a1fcf9cb2d0e2c4a9c74ec155523f5d180c/detection # Reference: https://www.virustotal.com/gui/file/9660ae0cf1fe3b7745287ab05d242247334cbf51ba64b900998fb5073bedf890/detection # Reference: https://www.virustotal.com/gui/file/75feac230513a5d543e2f9559068259554200ed7440c44749e7678feb19b470c/detection # Reference: https://www.virustotal.com/gui/file/6c24f8caa4f1f21a9dd8b714066bdfa5e2d8c84ab068d50672ef12b048c4518c/detection # Reference: https://www.virustotal.com/gui/file/02b62fd53cf9ed3c98a70aa7c4ead2b9c8851079517747d8e106873654098651/detection # Reference: https://www.virustotal.com/gui/file/cf234f8fcdab2a576d303c8b0821b7754ec13e1319be9d24d335b351f774b1f3/detection 179.178.236.31:2080 179.183.119.159:2080 179.183.119.159:6606 179.183.119.159:7707 179.183.119.159:8808 187.114.175.149:2080 187.114.178.10:2080 187.114.178.10:6606 187.114.178.10:7707 187.114.178.10:8808 191.250.65.147:2080 191.250.65.147:6606 191.250.65.147:7707 191.250.65.147:8808 191.33.110.91:6606 191.33.110.91:7707 191.33.110.91:8808 # Reference: https://www.virustotal.com/gui/file/2154f0eae29106cd24148ff7a4486eb7467c0d590f7979c6ffb517f4d99d4c37/detection 211.108.200.7:4872 211.108.200.7:4873 0743.hopto.org # Reference: https://www.virustotal.com/gui/file/557ea13e8175753fff89bdfb1ede7e27779f6a55b5ba69ff2ecd7d6e9255ab8a/detection 177.255.91.168:8057 fsdgfd.duckdns.org # Reference: https://www.virustotal.com/gui/file/bdd504540ae6cbfcef701abb424def21007a55d3df5ce5bd03034c4cc66464d6/detection 78.63.71.91:6606 78.63.71.91:7707 78.63.71.91:8808 youtude.ddns.net # Reference: https://www.virustotal.com/gui/file/c8c3c2b6c66710984751b0ec262a618829be47e3c926c3c0c706365d5d0aacd5/detection 103.207.39.83:1024 # Reference: https://www.virustotal.com/gui/file/a93b12c36e78db3c5e27c9a35a23d7f87a3d788adf60f811485890a33c726c7c/detection 90.46.146.196:5552 shadowstest.ddns.net # Reference: https://www.virustotal.com/gui/file/d0ba64c92f0512db66ff99cc87ffced9bebeb3bf15470865c81858f02e3302a6/detection 193.161.193.99:24255 193.161.193.99:42219 iskyze-24255.portmap.host # Reference: https://www.virustotal.com/gui/file/74d10507f05b48357e55b0349a24144874a509980c1e0aabf43f781fdac10fff/detection asdxcvxdfgdnbvrwe.ru marcristosc.ac.ug 194.5.98.95:6970 # Reference: https://www.virustotal.com/gui/file/d288f6645d0f90ddff285c41b2512a1496a8b5b7c34df8bcecda8070314939b6/detection 51.178.240.250:6606 51.178.240.250:7707 51.178.240.250:8808 # Reference: https://www.virustotal.com/gui/file/459fe6ce78839307fd87c192fca2545ed25e89fe63f602356022fd32c8db8aba/detection 179.124.220.225:6606 179.124.220.225:7707 179.124.220.225:8808 # Reference: https://www.virustotal.com/gui/file/65232e1c7aedfd29788abfdf468587c2858822e65cb2fb15169b4261e4be1ed1/detection 123.110.29.249:1604 andy1688.ddns.net # Reference: https://www.virustotal.com/gui/file/305aacda61fb9f14aa1bb5124841ac25b7f23ff254a886a56a3d40bdf5a1a5e4/detection 107.172.221.181:333 107.172.221.181:6606 107.172.221.181:7707 107.172.221.181:8808 # Reference: https://www.virustotal.com/gui/file/310a6b915908dbc78e3d9dd56d06bf0fb3fd11e1c4db826a18611f5e80f9bed3/detection 82.205.33.194:6606 82.205.33.194:7707 82.205.33.194:8808 # Reference: https://www.virustotal.com/gui/file/304663149c45d54a23e0cf65b9775538009a76db474912fff395bedd3e789a01/detection 193.161.193.99:48637 boneless-48637.portmap.host # Reference: https://www.virustotal.com/gui/file/90aaeb0077277b5e45a7cdcbe365ead4781b5a0a5fd755f99ed8a2ec79e5e58c/detection 193.161.193.99:58562 newcosmo-58562.portmap.host # Reference: https://www.virustotal.com/gui/file/de3db6f0d0d8dd22a21731e739dbbacf86b2bc8bc21ea2a0ade9a16581a1ac14/detection 193.161.193.99:31239 ioplololo-31239.portmap.host # Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection 193.161.193.99:54030 zmining-54030.portmap.host # Reference: https://www.virustotal.com/gui/file/9a95c0829cd7766087de65e50b32a3689a91e3ad05a7cc94365ef94d4f685cde/detection 193.161.193.99:37930 pritom-37930.portmap.host # Reference: https://www.virustotal.com/gui/file/441a169e51070282b35537e90edab11e0064e3a0e6c4eab8759773d79cf00ae1/detection 193.161.193.99:2510 193.161.193.99:25360 vasco-25360.portmap.host # Reference: https://www.virustotal.com/gui/file/5c05897f869e9c72390065f8bbeaab7b7fb3f9089f56a68eb7b358a5d12cf968/detection 193.161.193.99:25987 prem131bn-25987.portmap.host # Reference: https://www.virustotal.com/gui/file/4415b9d3c5fc2ceaa6f935864c1d9a573447802f30ec30efd212a8be4fd2a82d/detection 193.161.193.99:54729 ismailbourji-54729.portmap.host # Reference: https://www.virustotal.com/gui/file/b5a85b868ec6932c4577c11ce91e0bfce9ea5ae81b788133fefc640015c3b0bc/detection 193.161.193.99:20760 f2had-20760.portmap.host # Reference: https://www.virustotal.com/gui/file/c381f88012efb8742927995e6f91525c4a1f9b4f3b3a4f25d431e8269842836b/detection 193.161.193.99:25125 hmz04-25125.portmap.host # Reference: https://www.virustotal.com/gui/file/ab10554a3e0ce5270d2c02e884a097e271dae6cbe2e51a70703da7d4e89919bb/detection 193.161.193.99:36161 prodharani-36161.portmap.host # Reference: https://www.virustotal.com/gui/file/af37a83779f91b64f3b03bf0daa2d79bd531a3968141e0dcc2bcee677f4b701e/detection 193.161.193.99:58345 keyman-58345.portmap.host # Reference: https://www.virustotal.com/gui/file/1ee13968473a9b9733efdca8caf07f22d39730a2b2ebf9c2c8d467e6f385d826/detection 193.161.193.99:37695 anonjayy-37695.portmap.host # Reference: https://www.virustotal.com/gui/file/8b4592b2bb2a904be55ab95ff2cb69808b15d819498cccb6ec05b2f5b7b3d63f/detection 193.161.193.99:37692 madman-37692.portmap.host # Reference: https://www.virustotal.com/gui/file/e9db2ade37b84b00334f829395b6af092dda2ae1f559cfbdb772ec15c7a54d94/detection 42.119.90.242:3189 kubeodz92.ddns.net # Reference: https://www.virustotal.com/gui/file/a5d78beef4d80eb7def57f7fd7647d09ec76a16eeedb2a5a3fc6f445526c8f4a/detection 193.161.193.99:20050 pawianek2-20050.portmap.host # Reference: https://www.virustotal.com/gui/file/e28f8760f889ff458aec8aedd2139e44735cb9468d34d175aec42643b90291b5/detection 46.60.22.192:6606 46.60.22.192:7707 46.60.22.192:8808 82.205.33.194:6606 82.205.33.194:7707 82.205.33.194:8808 googledrive.myftp.org # Reference: https://www.virustotal.com/gui/file/08b15d045255c81dcb3e29b70ffcd1a8d614bf99549f079085bfbc54a994d109/detection 42.119.90.242:3189 kubeodz2019.ddns.net # Reference: https://www.virustotal.com/gui/file/5f8ff6fd7b8bbcb8efd6e69b2300be59a059061ed3bd2a2fd63ab6e98cd7cd2c/detection 192.169.69.25:1044 192.169.69.25:20485 193.161.193.99:20485 franktembo-20485.portmap.io samarakandi.duckdns.org # Reference: https://www.virustotal.com/gui/file/f198e0cfa503100d64d15ed39b2516587582587f42afea74ace075b28f663fb4/detection 193.56.29.251:6606 193.56.29.251:7707 193.56.29.251:8808 bogdanxx90900.servemp3.com # Reference: https://www.virustotal.com/gui/file/33d1d991a9bda6bdec91b6be82e7ddc684a8f7400ac8402917ffefa0a5dfd631/detection 121.214.208.2:3000 # Reference: https://www.virustotal.com/gui/file/fc9ee822f9872fd4ca4531d5a91e29adfdc3a4a9e2e8f6e668305fe3bfa9fada/detection 193.161.193.99:41892 oksosokak-41892.portmap.io # Reference: https://www.virustotal.com/gui/file/e021d822f3a44473cd7d12518402469b38d200a27065c7aa757d13a15ae607ee/detection 197.206.218.240:5555 clayroot2016.linkpc.net # Reference: https://www.virustotal.com/gui/file/54d53186682c7277d99c86cea69d45960d2867041477a0d9edae6f08c8e8b52d/detection 186.52.202.235:3040 cortanahost.ddns.net # Reference: https://www.virustotal.com/gui/file/910c9c2a61c8748fe9bd3417eeb284535db3bbc30c6405f102002ecef3d6304b/detection 81.61.77.92:6606 81.61.77.92:7707 81.61.77.92:8808 campestre.hopto.org # Reference: https://www.virustotal.com/gui/file/4f41374a921e33b06bb11f64e72bc02c2f928704ebea63682ec66b85b1349f44/detection 175.37.36.152:6606 175.37.36.152:7707 175.37.36.152:8808 kakejake.ddns.net # Reference: https://www.virustotal.com/gui/file/15753a223aa59f5e2265569080d31e8351d546e6b7316c6660757a39bda94887/detection 121.137.39.232:5050 # Reference: https://www.virustotal.com/gui/file/fa2cbc10aa98e5cfe362065b2c19556c67dc8b7d48871008404f4778e8537f3a/detection 34.66.124.165:5555 # Reference: https://www.virustotal.com/gui/file/851d536bdf21ad02eab1ed632b7ef36fc5734e628c421c9f7c8dcb05d30f4d32/detection 198.251.64.252:6606 198.251.64.252:7707 198.251.64.252:8808 # Reference: https://www.virustotal.com/gui/file/b69e8a276d2c444b502238383ae3611714822c8605f074ef5a0a9a99c69b49a8/detection 79.173.65.159:19638 79.173.65.159:6606 79.173.65.159:7707 79.173.65.159:8808 rootaccountadmin.ddns.net # Reference: https://www.virustotal.com/gui/file/1c02bb46103de9bf189deaf1b8915afa62186f1b0e1b90742b70b58e44962bf9/detection 178.33.93.88:19678 # Reference: https://www.virustotal.com/gui/file/20ef74b6ca8718706ca786c9cd8c9de916df7daf77c81f436ab23b6c50db0487/detection 49.175.99.35:1234 leepipi.kro.kr # Reference: https://www.virustotal.com/gui/file/c811c161d9d0be1c09173a50af290a718729fd9509b63ff953ad4b07e2501657/detection # Reference: https://www.virustotal.com/gui/file/f48d69fb64fe7ae544769ce22a0500e07ac2f945b12bc717b78ca77a7b5a6924/detection 91.168.196.175:6606 91.168.196.175:7707 91.168.196.175:8808 likatn.zapto.org # Reference: https://www.virustotal.com/gui/file/ca17a69a46caf3e05a1cd8bf2f1d6679b55aa6ecf46ee63bf323ee892f88f80e/detection 105.107.4.125:6606 105.107.4.125:7707 105.107.4.125:8808 # Reference: https://www.virustotal.com/gui/file/c7cb970a67b5c370741e139dda48d47433477ab400e51a62a99b7a379a6c0dbc/detection 138.197.189.80:6606 138.197.189.80:7707 138.197.189.80:8808 blackid-35823.portmap.host # Reference: https://app.any.run/tasks/b31c0049-b5de-40a8-9069-8c14e27b738f/ 193.161.193.99:32260 Kupcia-53901.portmap.io # Reference: https://www.virustotal.com/gui/file/81e96984130042d0ee70ae09a7bc9375974d513938e80877720d251330e4b37e/detection 39.122.189.147:1 fsft.p-e.kr # Reference: https://www.virustotal.com/gui/file/1f48d54ad69726c01a7ae1e7ceff7ae6093005be1e100a75968476d72d75cf06/detection 101.179.85.220:1111 101.179.85.220:6606 101.179.85.220:7707 101.179.85.220:8808 # Reference: https://www.virustotal.com/gui/file/dcaf6810871062a1a5a292c8e46667a8b7de908d292513ef1c443929ce8897c5/detection 18.157.68.73:15558 18.157.68.73:16155 18.157.68.73:4444 18.192.93.86:15558 18.192.93.86:16155 18.192.93.86:4444 # Reference: https://www.virustotal.com/gui/file/bbae735df39c1301901ca97c6993f2b6fd7233a0360761eab8b65f2556df4517/detection 145.239.201.157:8443 # Reference: https://www.virustotal.com/gui/file/ee5dbfca30be494b6ad8ac1c18255b6054339de4aba768180a1f32e9921a30ce/detection 193.239.147.16:6606 193.239.147.16:7707 193.239.147.16:8808 # Reference: https://www.virustotal.com/gui/file/ff081035cd38c28b8093f8f0887450407e27a89ee1ff254dd627849bd6334fb5/detection 193.161.193.99:53485 hack567832-53485.portmap.io # Reference: https://www.virustotal.com/gui/file/126a37d9189d9ef7872b74fb13f562bc8601622b6455e01fefd646b463966fa6/detection 193.161.193.99:39400 kepada9494-39400.portmap.io # Reference: https://www.virustotal.com/gui/file/32e6114d2ce3e3c8f778769261cb06eb874b5f38271436d88053c41930f1ce47/detection 202.182.121.93:5050 kny777.kro.kr # Reference: https://www.virustotal.com/gui/file/49510b87db400c9570b85eba6271642d0a157d0c8cd5457171a6564aa73e7795/detection avantgrajgrup.com.tr /ilksan_sorgu.php?tck= # Reference: https://www.virustotal.com/gui/file/7c3eeba909d90095b3ac593ccc111251212ebe3304d5f9725325d81b2e6acd14/detection 13.82.134.169:48166 13.82.134.169:5555 13.82.134.169:6606 13.82.134.169:7707 13.82.134.169:8808 ROCK19870-48166.portmap.io # Reference: https://www.virustotal.com/gui/file/292a0b69dfc9ff8aa030fdbe13e0bc047606177ea3250c597e06dfeec1c92304/detection 194.5.98.100:1337 blackhair.ddnsfree.com # Reference: https://twitter.com/ScumBots/status/1315367256235311105 # Reference: https://www.virustotal.com/gui/file/b07c2fbb1e0470cdbffd9c1147de5cf1763edcc4c5a918ddc63ad49d1ecbc563/detection 45.95.168.116:1333 45.95.168.116:1334 45.95.168.116:1335 45.95.168.116:1337 45.95.168.116:1338 45.95.168.116:1339 # Reference: https://www.virustotal.com/gui/file/a3074419485db4ee08451afe2693184a89c031b3237e0a51b7627eb33eddc342/detection 222.114.199.209:5050 pyeonno.kro.kr # Reference: https://app.any.run/tasks/5bc8c7e8-e45e-4fff-9fc6-7a380e82e03f/ 193.161.193.99:54987 papachullan-54987.portmap.host # Reference: https://www.virustotal.com/gui/file/7e3e36dfb02909a470035b63d7db577f62431689e631fc7e1f21198745ce339d/detection 185.165.153.140:6606 185.165.153.140:7707 185.165.153.140:8808 # Reference: https://www.virustotal.com/gui/file/39eb27e6d13e6a373bb1da0becb487e808ff2d3849d481eb0bd4aa3b6d398cc1/detection 79.145.12.52:1335 79.145.12.52:6606 79.145.12.52:7707 79.145.12.52:8808 # Reference: https://www.virustotal.com/gui/file/913033893ab065b61e551399c91cdd877c134dc7dadacacbc87c3dfd798653a1/detection 91.109.176.2:6606 91.109.176.2:7707 91.109.176.2:8808 mika201.duckdns.org # Reference: https://app.any.run/tasks/407ac320-c34a-4b59-966e-1f8403fe92e5/ 193.161.193.99:28793 saudis-28793.portmap.host # Reference: https://www.virustotal.com/gui/file/708ba499db884070420f378523658870927c31654d03d24cdac303b5d60b0ac4/detection 2.56.62.44:4444 2.56.62.44:6821 2.56.62.44:6606 2.56.62.44:7707 2.56.62.44:8808 fuckmyass.duckdns.org # Reference: https://www.virustotal.com/gui/file/0cd8a5e9deb573fb2fda25cca06453abcd0a42ee7b0de44420973aeff3e0fcbc/detection 185.161.209.16:6606 185.161.209.16:7707 185.161.209.16:8808 bitcoins.giize.com # Reference: https://app.any.run/tasks/ddf3cca3-adcc-4110-976a-b724a6aab722/ ectoraid.ddns.net # Reference: https://www.virustotal.com/gui/file/fcdc5a453e07582d39d35234b39a67bbf958832ac88f0a82d413961482bdbcc0/detection 175.203.53.37:5050 nsr0209.kro.kr # Reference: https://app.any.run/tasks/107f53fe-e988-40c3-9659-bb47c7283615/ 193.161.193.99:60167 elechine-60167.portmap.host # Reference: https://www.virustotal.com/gui/file/5979eee66faff5910c181a7b1af0111d68a0feda3dd974306f8e5c5624af7cdf/detection 51.75.169.41:6606 51.75.169.41:7707 51.75.169.41:8808 # Reference: https://app.any.run/tasks/7468050a-b7fe-4748-b667-6933722a010a/ 193.161.193.99:33504 Scambaiter123ASAS-33504.portmap.host # Reference: https://www.virustotal.com/gui/file/a95000dca55523f7c8a1293563a03693f973fc12f91618deb86ec5aeee353728/detection 151.240.194.206:7777 nethalpop.sytes.net # Reference: https://www.virustotal.com/gui/file/9b9f13a8e3663e2b05e3af0b00abec4bc662b823a7fde9447164b9031bc59fe7/detection 52.156.134.11:4892 jah0seh.duckdns.org # Reference: https://gist.github.com/silence-is-best/0aa844b003c62c6ce491e91e168ac662 # Reference: https://www.virustotal.com/gui/file/49f9c9e79441d891f84d5a457fed44897f95f8f691b387fcab2e63ec9a505667/detection 194.5.97.76:2121 # Reference: https://www.virustotal.com/gui/file/0c323c02db0a52d9a1764a74e3cb5a7bcc8e7b9839160179a772de3a6bc8cf26/detection pounds1990.duckdns.org # Reference: https://www.virustotal.com/gui/file/ff734df4d09afad52e931fce898a5497b78081fbca44f091e55a3da4b47c1350/detection 185.140.53.141:2256 freshg.ddns.net # Reference: https://www.virustotal.com/gui/file/0840d78515e4bdaa61b7d285b710361e19d10c31e34a0cfc58e5fae89e118bbb/detection 193.161.193.99:4332 193.161.193.99:57654 # Reference: https://www.virustotal.com/gui/file/4124fa166c07644eb29d7b813889a90795f9f1448f7cae2040a1375006748617/detection 91.109.180.6:6606 91.109.180.6:7707 91.109.180.6:8808 # Reference: https://www.virustotal.com/gui/file/3ba05ff4ea1e849ad3ce6780aadb44af45e48442f058510fcc096e115c853d80/detection 91.109.188.7:6606 91.109.188.7:7707 91.109.188.7:8808 mika202.duckdns.org # Reference: https://www.virustotal.com/gui/file/9cca37bc8df3f2d7d439db0ffb0ed8d4a1c2f88c5c43754bc78b674009b35b05/detection 109.202.107.147:7113 # Reference: https://www.virustotal.com/gui/file/e1a9c9a66a236487973368591a6735b9e14dd6a8c7be77106f63ec5835cebd2c/detection 203.115.24.234:8282 # Reference: https://app.any.run/tasks/0a2ba392-8c95-48d9-b4e6-b192643675c9/ 193.161.193.99:26660 carminebongo-26660.portmap.host # Reference: https://www.virustotal.com/gui/file/6e5fdf8624b69aa1cbda80d760e5a77143aafcf2b54617485023d2c520e7c431/detection 103.207.39.131:6606 103.207.39.131:7707 103.207.39.131:8808 # Reference: https://www.virustotal.com/gui/file/4467e78c9356062cd52d9d9da5dee3329558749d764ef8c72c14977ae65d139e/detection 82.65.39.148:6606 82.65.39.148:7707 82.65.39.148:8808 # Reference: https://app.any.run/tasks/c5ef1463-1168-4ef0-8536-d42d953c919e/ 85.224.37.213:6606 85.224.37.213:7707 85.224.37.213:8808 # Reference: https://www.virustotal.com/gui/file/971226ecd2869473e61804629f46507232584393f74bf7f8cc11c6592e916ffc/detection 128.134.139.235:5050 # Reference: https://www.virustotal.com/gui/file/5052cc68d40a843a8500983cc7e8c84601e5221149f88f1aa135f328e9e1a9b7/detection 93.190.51.64:1234 # Reference: https://twitter.com/wwp96/status/1328325861456699394 # Reference: https://app.any.run/tasks/85c6b9fa-195f-43c2-b480-8dea0a699fb7/ # Reference: https://app.any.run/tasks/d6fa28e7-0425-49c1-a12f-0185af0ed4ab/ 185.239.242.76:6606 185.239.242.76:7707 185.239.242.76:8808 5.230.22.165:6606 5.230.22.165:7707 5.230.22.165:8808 # Reference: https://www.virustotal.com/gui/file/815e7085a1cf084e05f86a972b0d91b4e5555577f8d47528d79d85dcbb45bc4a/detection 79.134.225.99:6606 79.134.225.99:7707 79.134.225.99:8808 # Reference: https://www.virustotal.com/gui/file/17433a45b35d1eab013795ac90856a2349ed97974c05653030279c52a367774d/detection 137.135.73.55:18 137.135.73.55:6606 137.135.73.55:7707 137.135.73.55:8808 cemnasq.duckdns.org # Reference: https://app.any.run/tasks/e7870287-b274-4f3b-9246-e7104d7f9cc3/ 45.144.30.41:6606 45.144.30.41:7707 45.144.30.41:8808 # Reference: https://www.virustotal.com/gui/file/f3fcbb0fedb1e3b732185aebbf845ca185c950ca3635026d8a754312220577c9/detection 212.239.144.144:1177 212.239.144.144:6606 212.239.144.144:7707 212.239.144.144:8808 liligharba5.ddns.net # Reference: https://www.virustotal.com/gui/file/1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831/detection 78.161.81.149:1604 78.161.81.149:222 78.161.81.149:6606 78.161.81.149:7707 78.161.81.149:8808 ipmdegismismalcry.duckdns.org # Reference: https://www.virustotal.com/gui/file/d0f7a30d75237013c95ab544faf873ba165f252321c49e2ccc5e5b43126a4c3d/detection 84.117.241.36:1604 84.117.241.36:6606 84.117.241.36:7707 84.117.241.36:8808 sexpulapistol.ddns.net # Reference: https://www.virustotal.com/gui/file/c6565e82f8873c8064caf5e73f1fe276b103c131e6df769dfd5bce2da760dca0/detection 91.105.195.23:5679 # Reference: https://www.virustotal.com/gui/file/7017de5d73a4f3bb86c343d87148c3af0087191fd401632b2643368ad38d0929/detection 90.37.128.28:1111 90.37.128.28:6606 90.37.128.28:7707 90.37.128.28:8808 osinte555555.gotdns.ch # Reference: https://www.virustotal.com/gui/file/cf69b63b9cb0ecae224f272bbf7d02fefa14e31ea1e2dab90d2f7fad8b742edb/detection 45.153.243.96:8888 # Reference: https://app.any.run/tasks/57ef4913-3bdd-47c9-bbca-1d16df9b9c1f/ 193.161.193.99:24383 nullbytes.duckdns.org # Reference: https://www.virustotal.com/gui/file/32ac22ae67128eee2d9771d0d579ca2fd222dc5937480391df2b1f50af84bd1e/detection 23.95.13.157:5356 # Reference: https://www.virustotal.com/gui/file/99c1bb646297307dad07a81cc77cd283f6eb854ab9b33a322725add022528bec/detection 185.20.185.96:9091 giness.giize.com # Reference: https://www.virustotal.com/gui/file/a8e0a5a7a055e7d431c3e28f77d81c9d7a4a6f3449382c7a88ae52a52091cdd7/detection 185.20.185.96:6606 185.20.185.96:7707 185.20.185.96:8808 genlast.giize.com # Reference: https://www.virustotal.com/gui/file/67d0d003a313f542a40efad51c91a6b81f13a9d7da5059edc39c9d7ad5b1c166/detection 105.108.31.15:2020 frefiredll.servehttp.com # Reference: https://app.any.run/tasks/8be5fee5-16e7-46d2-8b79-186227574f25/ 201.219.204.73:1881 dfdfcdc1.duckdns.org # Reference: https://www.virustotal.com/gui/file/ee3e0599c68bd9454f2e9175faa65c9a474160bc41acb07532158b6309ba991c/detection # Reference: https://www.virustotal.com/gui/file/edab64dac1dee32fef52a0871d0323e1b5bf246d70aa0617d83dcc7975bef283/detection 14.231.186.175:5555 # Reference: https://app.any.run/tasks/6a264419-9242-4e6f-9974-abc8cc7c194d/ 14.231.186.175:8888 getcookies.ddns.net # Reference: https://www.virustotal.com/gui/file/fa26846e38ca581bcfeb41da686153970b4d29ed706e76352dd2771c12267cde/detection anunankis10.duckdns.org # Reference: https://www.virustotal.com/gui/file/c92433dcc69cb79b43a176f68820d85c4c8d7ef0a6b31881de5e9cfb70464d14/detection 85.214.37.238:9192 # Reference: https://www.virustotal.com/gui/file/4082d61ef1a193655d3d50eb923fb95e4d0026de3104f2d5f4e162597e6d37b6/detection 88.232.12.125:150 nonick55400.duckdns.org # Reference: https://www.virustotal.com/gui/file/d2000f86d47cc1a1ab87f3080c90b4b61aaa317aac5c2d4cd8609286ebacee8b/detection # Reference: https://www.virustotal.com/gui/file/cf4ddce71aba43a35beb19ec82d3e90b0008c09b3e6018d286ba321616ced13b/detection 46.114.109.193:59999 83.135.171.146:59999 drei.ddns.net # Reference: https://www.virustotal.com/gui/file/c3c634e5d4ee8aa6eeb7896e14bc39c6ab8b4ceb39dc26bc09418e4bfa9b0820/detection 193.161.193.99:28070 lufeteme08-28070.portmap.host # Reference: https://www.virustotal.com/gui/file/9160bff6b2976faebb45e316ae521f76fc25893a85818c02317b3435163545c8/detection # Reference: https://www.virustotal.com/gui/file/7940abde1678d42fc39c4cc0c69a17d2903c462747d9f8115b2b68f4a0f3d768/detection 206.166.251.78:6606 206.166.251.78:7707 206.166.251.78:8808 # Reference: https://twitter.com/jorgemieres/status/1336699712796299264 # Reference: https://www.virustotal.com/gui/file/558af040bcfa1aaf774e953cca682eaaf38ec8c4f3ca4f3e24e0ea8a783ca1df/detection # Reference: https://www.virustotal.com/gui/file/1f89b0e486eb986a03b0a5cbbacc8f4e7552f5b9ed74c408ae9febd2e424dbdb/detection 23.105.131.244:1881 maraddiego763.duckdns.org # Reference: https://twitter.com/JAMESWT_MHT/status/1342046396048932865 # Reference: https://bazaar.abuse.ch/sample/c397eb85439a20b9185e001ec8cd286281d27d6be336d32e93558e451e6aeeeb/ # Reference: https://app.any.run/tasks/74f1a309-b81d-447c-80c9-fc94ed5a0d41/ 3.22.15.135:14345 # Reference: https://www.virustotal.com/gui/file/ab62e63b551e5f354ec3fe9fd7142d9a07311af48a898ab02faa8a9067fa9894/detection 47.93.12.104:6000 # Reference: https://www.virustotal.com/gui/file/258d5d44809036c29e621367b7aec4338278950edf3766277e3a891bcb8200d6/detection 78.163.1.80:1608 78.163.1.80:6606 78.163.1.80:7707 78.163.1.80:8808 kurbanlar12.freedynamicdns.org # Reference: https://app.any.run/tasks/816acf79-0c72-436c-b229-3cae510f1308/ 118.91.123.84:6606 118.91.123.84:7707 118.91.123.84:8808 # Reference: https://www.virustotal.com/gui/file/82e765d576749be75f8eec64ab5cb4c934b494e30a74fc9a4f70b1c8d3cb25ef/detection 212.125.28.114:4096 # Reference: https://app.any.run/tasks/b1409386-ce03-4eea-8a2e-32434ba38ee5/ 37.120.208.40:49746 chongmei33.publicvm.com # Reference: https://app.any.run/tasks/c1f8c77d-4c72-4419-a381-8d166413e5e9/ 193.161.193.99:23074 # Reference: https://app.any.run/tasks/cf031967-ce6c-4a6e-8b9f-a718560ee709/ 68.235.43.126:56927 # Reference: https://app.any.run/tasks/005ff4be-a1df-4e61-9390-b61d968ed4c0/ 125.209.137.105:6606 # Reference: https://www.virustotal.com/gui/file/a6264de41b4d2ad578a3ec5e082b621dcbf3b716e9bbe86f66682d785c7fc476/detection 45.140.146.29:7979 45.84.1.78:7779 # Reference: https://app.any.run/tasks/4585a843-0924-4dfa-9714-322eb3a61d12/ 193.161.193.99:48622 crazynigga123-48622.portmap.host # Reference: https://app.any.run/tasks/fea4d4d7-cc76-4655-8e00-400d40f683ab/ 79.42.176.16:8080 backdoor.sopix.it # Reference: https://app.any.run/tasks/afd0acb5-ce1d-4a29-b525-cd198d6d69fd/ 3.13.191.225:12246 # Reference: https://app.any.run/tasks/85ac5faf-d2bd-4e6c-84f4-276c16c8c260/ 20.50.121.62:1604 arda3369.duckdns.org # Reference: https://app.any.run/tasks/fbf0f2b7-868b-4aad-b0b1-8028f3303b73/ 193.161.193.99:25740 skeetware-25740.portmap.host # Reference: https://twitter.com/Glacius_/status/1354914904004820992 # Reference: https://www.virustotal.com/gui/file/baec9d73487e85c2bdd78b6ae43abaa6a7fec4b969d92b14427e8aca0510a24b/detection 172.241.27.124:6666 fat7e0recovery.ddns.net # Reference: https://www.virustotal.com/gui/file/ca15972126b044ee0306f30aea6ee94ac41c3696c6c4789649a8554c8011acd2/detection 193.109.78.123:5454 193.109.78.123:6606 193.109.78.123:7707 193.109.78.123:8808 # Reference: https://www.virustotal.com/gui/file/1ee5494e35b15b468334a05ab0b8b233cf09d3fdaf6b2fbfa997f30bb7e95534/detection 179.124.220.225:6606 179.124.220.225:7707 179.124.220.225:8808 supertop2.duckdns.org # Reference: https://twitter.com/ScumBots/status/1355991497095700491 # Reference: https://www.virustotal.com/gui/file/a9c4777eaa8ebd606b60f1a40c3789fe3cc0fa874610fed377cf1aea7093d638/detection 118.91.99.226:6606 118.91.99.226:7707 118.91.99.226:8808 # Reference: https://www.virustotal.com/gui/file/6d46e1bb744cc57d651c3812520e5efa06f760631df2740987ade7b1340262dd/detection 3.138.45.170:14232 52.14.18.129:14232 # Reference: https://www.virustotal.com/gui/file/fc96f417ac8229c6b5bb9303f3256d0ed54e416ae2328360b31c72b8b77bd027/detection 3.14.182.203:15821 3.14.182.203:25565 3.138.45.170:6606 3.138.45.170:7707 3.138.45.170:8808 3.138.45.170:28856 # Reference: https://www.virustotal.com/gui/file/3f82201b874febc1f265408f7574966eedd494c87ab21e20099c0463341c4ec5/detection 51.83.21.214:1177 # Reference: https://app.any.run/tasks/0713ac99-9dc7-4ea8-b408-dfc72f582df0/ 62.228.99.44:25565 swiftyboiiiii.ddns.net # Reference: https://www.virustotal.com/gui/file/cf0ac94c2958739cad12578e671278f78e9a36ca8dfa060e7cb99beacf5443f1/detection 77.149.2.122:5552 hookshome.ddns.net # Reference: https://www.virustotal.com/gui/file/4864f1d1db04b797fd2e43e2a842afe736f7a8a69d985d20c0a506b2cd1e6710/detection 201.219.204.73:1881 ortegadani4521.duckdns.org # Reference: https://www.virustotal.com/gui/file/3794538f0e3b4c499c8f5edf04fa2ee3bbf61cf51c9185ee60184d1473db6c58/detection 91.109.190.8:6606 91.109.190.8:7707 91.109.190.8:8808 mrtx.duckdns.org # Reference: https://app.any.run/tasks/99dabdb4-e15c-4a04-a587-01ebe4a1ecb0/ 193.161.193.99:47970 Lollypopman34-47970.portmap.host # Reference: https://www.virustotal.com/gui/file/4fb8606551676da10e81801a00d3fc7899c064b4ceec54939b41e8cdd7f81159/detection 209.99.40.220:1000 updatersvc.duckdns.org windowsupdater.system-ns.net # Reference: https://www.virustotal.com/gui/file/292f5a19fadef7188670b8bc2e69bcd9d1f54c7e23928427392dc135dcdc8a0d/detection # Reference: https://tria.ge/210214-whb5qfxctj 23.102.129.234:6606 23.102.129.234:7707 23.102.129.234:8808 # Reference: https://www.virustotal.com/gui/file/c4c4c3ddd9cf42d0352a5135a9250a0cc64a40a8ed49ca860cf31061cfca5304/detection 40.75.8.74:6606 40.75.8.74:7707 40.75.8.74:8808 # Reference: https://app.any.run/tasks/9528fcbf-be7a-42a4-b363-808a22a624fd/ 52.14.18.129:11677 # Reference: https://twitter.com/reecdeep/status/1361585509387149315 # Reference: https://app.any.run/tasks/4c21b945-025a-4fe9-9296-eadb5f04cf50/ 103.151.123.132:6204 severdops.ddns.net # Reference: https://app.any.run/tasks/d343dc45-6f76-4c18-aeee-4f1cf7e1764e/ 193.161.193.99:55575 gzzzjc-55575.portmap.io # Reference: https://twitter.com/someinfosecguy/status/1362440625619144708 # Reference: https://tria.ge/210218-jmjxwxbpqx/behavioral2 193.161.193.99:26187 193.161.193.99:64861 malkalanok357-26187.portmap.io # Reference: https://app.any.run/tasks/654e69f2-b60d-4dd5-8cf4-895123bbbe08/ 95.252.85.20:8080 unbelratcomesideve.ddns.net # Reference: https://www.virustotal.com/gui/file/c75f28cdb21bec49700a7579d3b630074e3fb6de4cda70c5937dcd8424bbebbf/detection 121.137.39.135:5050 # Reference: https://www.virustotal.com/gui/file/fad55e42bde0dce163f94a0ac272418b17100a67e439574fdc49ab7e2b12bc3e/detection 220.78.222.190:5050 yohan002.kro.kr # Reference: https://app.any.run/tasks/5f595a39-7203-4809-8d78-e3431e057227/ 193.164.7.176:6606 193.164.7.176:7707 193.164.7.176:8808 # Reference: https://app.any.run/tasks/7cc3c6d0-fe7e-4491-8d55-9f1644649546/ 193.161.193.99:36606 sizetmp-36606.portmap.host # Reference: https://app.any.run/tasks/a542e55d-6ff8-4aaa-9f49-13ea77bdbfd5/ 69.136.25.93:54115 azxsdc.duckdns.org # Reference: https://www.virustotal.com/gui/file/2399e5acd8e6fec2e83de445cf83b598676f57fdfedd1f67a7872a5009866591/detection 154.16.67.107:1177 newss.myq-see.com # Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365774874870972416 # Reference: https://app.any.run/tasks/119bfa2f-93ed-46e1-8ade-2eb69c0165d2/ 194.5.97.132:35714 # Reference: https://twitter.com/wwp96/status/1366429485080457221 # Reference: https://app.any.run/tasks/d93648e9-999f-4a82-b7ee-3d318546c9c6/ 152.89.247.27:1210 3324546.duckdns.org owncablestdywirecord.dns.army # Reference: https://www.virustotal.com/gui/file/1b3d41d44659ff038cf8aafdc5ff021646771106d957783aecdff725158c216c/detection # Reference: https://tria.ge/210305-v3pe2f2w5s/behavioral2 177.124.77.43:4000 micomico.ddns.net # Reference: https://www.virustotal.com/gui/file/7b5ac1f2b4852a2c27afd5c5529660f71f0e7ad0f890208ed3f5e248d6e7b84a/detection # Reference: https://www.virustotal.com/gui/file/3decf98948eb4ae09dec3ff5955f33bd9c4ce38cdccae4107f3fa9bfffb7b050/detection 85.170.227.97:4000 85.170.227.97:5000 rat94522.ddnsking.com # Reference: https://www.virustotal.com/gui/file/b04d9a311d595e1d0a44992ecd4ea00528270378d0e52da5dc75b8ccc1ce5599/detection 31.220.4.216:1738 # Reference: https://www.virustotal.com/gui/file/b77906648505d304d711b3021f19104a70f7725f6021e4cee0d492fa96597028/detection potrq.ddns.net # Reference: https://www.virustotal.com/gui/file/fdbb642769e8cc0eec1e09d29c9635d76d5885abb07deca4d2ef5c84bbba5c67/detection 136.175.8.57:1177 100k1.ddns.net 100k2.ddns.net # Reference: https://www.virustotal.com/gui/file/bc796e4f7602321306d3762eca6dc809ee2c043caf03386deb17b1422209a1ec/detection 45.32.200.152:1177 fat7e07.ddns.net # Reference: https://www.virustotal.com/gui/file/67d8ec4d7cde7188fc49f8268a10855abe89cffffc13c6f6111ba904caebe6f7/detection 93.93.193.189:9341 corporation.warzonedns.com # Reference: https://www.virustotal.com/gui/file/78430db636f5d5be5dd3959a3f74b14792897b8fdea1de1c441eba120164cfb6/detection liverpoolsupporters9.com # Reference: https://www.virustotal.com/gui/file/3c7d9801bed9dc95108527bc38cbc100260c5bd76331adffb9b21620c91b5049/detection # Reference: https://www.virustotal.com/gui/file/c4b9e67adddddb84ad88135affcf47881c6ff4a560557e760da2990aaca02510/detection 186.4.232.55:6606 186.4.232.55:7707 186.4.232.55:8808 rcvasconez.ddns.net # Reference: https://www.virustotal.com/gui/file/2f9e71f1807b0e909226f4fced8c62fb38c787b2ae56ec8646ade0a6a54ec725/detection 193.161.193.99:43299 gammadoppler123-43299.portmap.host # Reference: https://www.virustotal.com/gui/file/0100972f01df9b75c0958a7198170d2d37a51f1d500501bcdbf122bb43253bcc/detection 102.36.149.155:30300 79.134.225.11:30300 rbltd.ddns.net # Reference: https://www.group-ib.com/blog/rats_nigeria # Reference: https://www.virustotal.com/gui/file/8613c29feb93ea1eb6a48e037da61e0643ca06234d51462814e0b314e2aa9b50/detection http://68.235.38.157 east-ge.com kingtexs-tvv.com mariotkitchens.com sommernph.com