# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: allcomeclipper, clipbanker, snojan # Reference: https://www.virustotal.com/gui/file/0f419357649d1a57ba5e12792b289029a08b64767dc31e26c8aecf97cd03e0db/detection a0567226.xsph.ru /cisCheckerstroke.php # Reference: https://www.virustotal.com/gui/file/67d8e4f765313db72ae56b971dd875d20156bc4effb974641b1562b8a40d41da/detection a0443179.xsph.ru # Reference: https://www.virustotal.com/gui/file/430294a75c0360ae893f412d8d82451aa5c9c073761e53bbf2a2a924772c5e4d/detection exapiserver.xyz # Reference: https://www.virustotal.com/gui/file/5561234eeb067923c32d20eaea6c9adc83703274259ad0f5b0fca8e17283aafc/detection 64.235.39.32:4343 # Reference: https://twitter.com/3xp0rtblog/status/1486368999919300611 # Reference: https://www.virustotal.com/gui/file/f234b6d1801e1d4105de18a74ecd99f64cbdd7c47d6079bb2994d38ed7b0de44/detection dba692117be7b6d3480fe5220fdd58b38bf.xyz # Reference: https://www.virustotal.com/gui/file/de0a87ad4f4214942257a4fc18403cd007ea52340dc5654f4d077552a9853f10/detection 185.92.74.28:2332 debiazzela.xyz # Reference: https://www.virustotal.com/gui/file/ef008f47745e26566fcfd8d5343ea57e3760bf3499dfa0678630c5bdd99bab84/detection 45.150.67.128:34060 # Reference: https://www.virustotal.com/gui/file/eefb300d8edb258afaeb3fbc1915f152d7be7f2731cda229809d2ebee589a875/detection 91.243.59.37:61742 # Reference: https://www.virustotal.com/gui/file/ce1b83d495067a604d8bb5a1ba99e92bd06a1e767b7aeb73e3d165717a3b921d/detection 91.243.32.178:34437 # Reference: https://www.virustotal.com/gui/file/b24523cc458721146099476b2590d92110ed1c497719d939c957e1f26566287f/detection 144.76.173.68:16125 # Reference: https://www.virustotal.com/gui/file/8412c378ea1256412376b420584f3a25d9007d6afc7801fd829440f5a8e2ca53/detection 92.255.85.47:41320 # Reference: https://www.virustotal.com/gui/file/70abc52440a072755c6fbbc11d7c2a626108226bac1fe5b675fde6508d2d394f/detection lomaebiepe.xyz marketshares43.com # Reference: https://www.virustotal.com/gui/file/50d40f979eb73bcf88ee3606a01032afbbeaae9926a1f2d16e1b31e7b8aefdfa/detection 91.243.32.178:34437 # Reference: https://www.virustotal.com/gui/file/f6a9881708b06e638873f9a2645a7fac541c8de37c306e6879419e49fc993c90/detection 185.242.160.248:3 # Reference: https://www.virustotal.com/gui/file/e7a6836bcd5f3ccfe5b57f7229f3429d126f1f99e1d7ed35e12f953ee7834cdc/detection serverclient.sytes.net # Reference: https://www.virustotal.com/gui/file/e513873f71583d53d5c29adfdcb4b324f41b199a1df29872b54dc6305d46f847/detection 3.124.67.191:11266 3.125.188.168:11266 3.126.224.214:11266 3.68.56.232:11266 # Reference: https://www.virustotal.com/gui/file/87c4223f28edac6244def04e951ceaef3ee3a18cbfa47bebf3f9977e60bf709a/detection 3.124.67.191:11266 3.126.224.214:11266 3.67.15.169:11266 # Reference: https://www.virustotal.com/gui/file/dde4ddc714c3d7b6bbd1dd2465db6a45fdbb2bf98a6a3d3a8f2baa122eb6298f/detection 194.132.123.81:9801 # Reference: https://www.virustotal.com/gui/file/caef23da4023b21af80547141a751c046893ddb92e6795e6a2ecf37030b4588a/detection 193.161.193.99:1761 betrun.portmap.host # Reference: https://www.virustotal.com/gui/file/b9b641896a8f25737d366a42b5e4e42a60f38b7243dac0e3bdb9a6caabc5f2ce/detection 172.111.244.124:1511 # Reference: https://www.virustotal.com/gui/file/b2dd1306be7536a8ddb8ff062222c868acd046489255962fdd6e3fab139c56e8/detection 167.224.168.66:8692 # Reference: https://www.virustotal.com/gui/file/ab6cc0f1632e42a38e3e6d130ab8d49f8d788f097a38731ab04b51237d19005f/detection 89.40.7.145:1338 wealthychrist.duckdns.org # Reference: https://www.virustotal.com/gui/file/aac638376068f5a72dd70ba2e3024c80707c345608cb99c7ed7465752b9a5509/detection 217.12.220.2:51838 # Reference: https://www.virustotal.com/gui/file/a8a03cf17c4cbd53fe7de8f9e2422581f2f9c6bb84e385f0f6448ab99a5c6442/detection 51.250.26.110:1338 # Reference: https://www.virustotal.com/gui/file/a84be7c1822d0b93910311a015318f4e49aa54082b37db8f001edc9fd661453c/detection 45.141.57.108:1337 # Reference: https://www.virustotal.com/gui/file/a30a2292b24e248f4caf88e7acd424a9b98ca9249d7b2c8593400ffb52bd374c/detection 79.134.225.71:7465 yeet.ezpz.work # Reference: https://www.virustotal.com/gui/file/a164b2961939b97e18ad74cc6b80c382c62569903be7ecb379b04ed753efc517/detection # Reference: https://www.virustotal.com/gui/file/349ab5f312ec1058c031bc0712ade0045500d58102ab02d05b6d38c672161961/detection 136.144.41.158:1338 136.144.41.158:2154 randomhost11.ddns.net # Reference: https://www.virustotal.com/gui/file/a02b682eff1f90b91f4689829e9e34da5e0653cd45095bb122857c19c4844c22/detection 59.24.3.174:4443 lxrdstr.ddns.net # Reference: https://www.virustotal.com/gui/file/9d02b4336cba93bf0516ffe3faebcc9fba9d5aafe68f77336773d9dbc969a0f1/detection 3.141.210.37:13561 # Reference: https://www.virustotal.com/gui/file/9cf883208111f24bf5b432b62959ff50860abe9e7dfc1ba07d5086d08cebb059/detection 51.79.237.105:7070 # Reference: https://www.virustotal.com/gui/file/8f3d185d7ad51983f2d727f795e8d3e86be580e04ffd236289d79adb73a17834/detection 193.56.29.237:1338 # Reference: https://www.virustotal.com/gui/file/8a3d555c8d1019b6d42721a2eea770d2101458fd70b208f6767db2eeb1cd44bc/detection 212.192.246.239:1338 # Reference: https://www.virustotal.com/gui/file/8a21c6035dc119765ac1df93ce7a798400d74f4f34589fddf7bcbe36e8224753/detection 193.23.127.27:5000 # Reference: https://www.virustotal.com/gui/file/89fcb09c981fdfe5be197c11c22ad1a6203caeac82d5f248b6d97c1d7b5c6a9b/detection 91.134.187.25:1335 # Reference: https://www.virustotal.com/gui/file/898f02755d50f36d0c99f76aeab267ca1a764bd9e789a6b09ead41405a721cab/detection 164.68.118.176:1335 # Reference: https://www.virustotal.com/gui/file/87c89cf86cd2f9339fb283319b5e4a49c0626943b4bc0d17112d675e4e377570/detection 195.133.18.193:45354 # Reference: https://www.virustotal.com/gui/file/87afe305e8fa3ad057b720d284f7aa46202bb2d1f16285d1ab2afbf7b86de688/detection 23.105.131.186:1338 # Reference: https://www.virustotal.com/gui/file/87a056d5211058f7b2dd8102c63eba032d07b00b0f47d462f72bc8eb96135db0/detection 91.243.32.50:63948 # Reference: https://www.virustotal.com/gui/file/8641093e34e0c22b1ebeb8e651cbb0d5b6032e7923b7dac82fe67cf5780fffb3/detection 77.78.22.216:7000 # Reference: https://www.virustotal.com/gui/file/84f9b7d30124ed8cacac720cc0746ebe144d567a4d6f3e6beb2ccddf9215e4fa/detection 3.132.159.158:13561 # Reference: https://www.virustotal.com/gui/file/7e79422db04ac0b81104d82915cb47dd777c9205a333f87fee6a026b7c7e9338/detection 155.138.175.10:1338 # Reference: https://www.virustotal.com/gui/file/7438ea5e9da45849d301169ec20435fe7b139b29a887288ec35c319ee5428038/detection 45.137.22.140:1336 # Reference: https://www.virustotal.com/gui/file/729ccaa00807cf86d2c2ecb295ddc8199c1e0a68fc3fb13023bd54e96533af97/detection 107.172.191.117:1338 # Reference: https://www.virustotal.com/gui/file/60f895ab7c455ac5f9966aea178156385d6833452a758a61b75e42a31235f0d3/detection 88.198.102.13:1338 johnnysimz.ddnsgeek.com # Reference: https://www.virustotal.com/gui/file/5e2549c9d46f7cc2c2f0fe01b3ed869da698ad8a88024c6109f84f3d8f0a9647/detection 109.234.38.45:1338 # Reference: https://www.virustotal.com/gui/file/5d7ed1047933a676503ee36dd1d02d876d6f6790cf8577621a876498b03f28f4/detection 51.161.107.21:1338 # Reference: https://www.virustotal.com/gui/file/57d86674268579b10536888dc0501e0691aa9c03b888fb677fea2d21da57dae2/detection 199.195.253.181:30030 # Reference: https://www.virustotal.com/gui/file/542299f813eb26b1549b55cbed71a5e790ec348fb8cdf5aabef8a9d84751b08c/detection 80.80.130.104:1338 black.mentalitysoftware.com # Reference: https://www.virustotal.com/gui/file/52de4929c559132649504b20cd412ddd3a801c6b3fe654880eb13c42b8a92400/detection 212.192.241.135:1338 # Reference: https://www.virustotal.com/gui/file/4d3593279be7b6a8a709953a88943b778d2067c557538d43be70ae6cd115a82c/detection 35.87.27.20:5050 # Reference: https://www.virustotal.com/gui/file/44f12b15a04e9d8a065f98ed59ed3c004595033869a2de004e39b44169a2b971/detection 107.172.191.117:1338 # Reference: https://www.virustotal.com/gui/file/42b990666d317f9c42a116fd388a06158ec91002581d3bda22dca2355ee2a779/detection 193.56.29.242:4444 # Reference: https://www.virustotal.com/gui/file/40d818db797142e55d72dee7d50c9be8686cab4a073ffc8bcbfecf786c10bbcf/detection 89.80.22.57:1025 # Reference: https://www.virustotal.com/gui/file/3dbd1065734c9b3e603bc2a81dbadb77beeb54c6a918a6a4ae0687659ac3c0fb/detection 51.178.165.162:1338 # Reference: https://www.virustotal.com/gui/file/3db16b64339313e26414df7549660f87e3b297a8c5e49fa582f37149baaeb347/detection 164.68.118.176:1335 # Reference: https://www.virustotal.com/gui/file/3c00e268ab53c1de58514fbe0258a734143b2699ba09dc7311ab756c2e414ed6/detection 217.64.31.3:7495 # Reference: https://www.virustotal.com/gui/file/3300b6806f96eae376939e611c3c2d71e6ae297500bf49618e6e64c24818bd61/detection 178.238.8.108:1338 # Reference: https://www.virustotal.com/gui/file/2c0bbf6f21d348eb1a19db565b751be23255cda929018b4890e60c4bcc3c220e/detection supoeted.publicvm.com # Reference: https://www.virustotal.com/gui/file/28711e8b02fcbb5b75f421fdbca40c693661d25333dbb5280a3d40dad741a963/detection 207.148.87.129:7771 # Reference: https://www.virustotal.com/gui/file/24c2e2db0cc9c3e42c687d64b3112c1d150c3972207b42099bac70ce6c29c5df/detection 212.193.30.230:5302 # Reference: https://www.virustotal.com/gui/file/198d9632e054d4b4f1f11b75c7f47c1cd5ed738d8a47fd26d536ed30ee768a6b/detection 205.185.118.52:30030 # Reference: https://www.virustotal.com/gui/file/164070780814fa7291f8e867e02ad585f45075df07f24f58e1dc4ffa44145c3e/detection 164.68.118.176:9919 # Reference: https://www.virustotal.com/gui/file/151b7ed47e2c8fee25d725824775d15e4662eace24e5c6410bcb4ec145078d79/detection 108.61.183.89:5203 # Reference: https://www.virustotal.com/gui/file/0d22f7eb95d9904fdc98b7c09e13814ff8ef316a9eff5caf4390fa6a926e9d28/detection 46.197.96.207:9702 # Reference: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/covid-19-phishing-lure-to-steal-and-mine-cryptocurrency/ # Reference: https://otx.alienvault.com/pulse/61c5a0f6b228644655962c31 coronavirus-notice.com # Reference: https://www.virustotal.com/gui/file/d74fd3b348cda03bfec1f94e675c40a6cf32b9f9b0e6cc7c628813df9f449eb9/detection 65.108.68.54:1338 vncgoga.duckdns.org # Reference: https://www.virustotal.com/gui/file/259110b6055e9d6b3a0147d77303e210290688b94890b28ba8f493c96c1a5c77/detection brershrowal.xyz # Reference: https://asec.ahnlab.com/en/35981/ # Reference: https://otx.alienvault.com/pulse/62bc06911930b02bf65a51fb both-those.xyz brain-lover.xyz broke-bridge.xyz cool-story.xyz cover-you.site fall-hire.site fall2sleep.xyz feel-quite.xyz fill-empty.xyz heal-brain.xyz interactive-soft.xyz just-trust.xyz load-brain.xyz love-light.xyz main-soft.site polar-gift.xyz really-software.xyz retro-rave.xyz side-soft.site soft-viper.site software-load.xyz tech-lover.xyz use-freedom.xyz violance-heck.site violance-rave.site viper-air.xyz # Reference: https://twitter.com/siri_urz/status/1546500374357594114 # Reference: https://www.virustotal.com/gui/file/1df21947a75dba51b4838ffbe986ac9cf38d2f5fada7949722da34ba0522d204/detection # Reference: https://www.virustotal.com/gui/file/4df448d36e3409ecd712702ef66dba779d81961ae364243ccc0e2e5a6cb39334/detection # Reference: https://www.virustotal.com/gui/file/99de9973a24c418fb48e9f284db005bed71419a25b70f38ee8571a86d275a13a/detection paradies.cc /paradies_api_v.php # Reference: https://www.virustotal.com/gui/file/aed78a81adbe0c35c0c97266c660e9d0015969eb4ca19b74621a88efc168a0a4/detection hennything.ddns.net # Reference: https://www.virustotal.com/gui/file/036d758ed9f0f567994db666cea3800b73c3e5974da1cf2e649e6c73725ab453/detection codiumsecurity.com phayrostudios.com # Reference: https://www.virustotal.com/gui/file/006874994a6c5edb1e50d769b778bc618a1ed8f471581b7e981a371d28113eb4/detection 193.106.191.123:34450 # Reference: https://twitter.com/ShilpeshTrivedi/status/1619066789228584960 # Reference: https://www.virustotal.com/gui/file/03d88f842b7e45b93ac6c8cceaf79ce38d4c8dd4b59a88e1d8fb04af53465cac/detection ducklogs.com ducklogs.net funny-monkey.rs # Reference: https://twitter.com/ShilpeshTrivedi/status/1607696841277321216 # Reference: https://twitter.com/rcwht_/status/1617925851919835138 # Reference: https://www.virustotal.com/gui/ip-address/185.247.224.98/relations # Reference: https://www.virustotal.com/gui/file/42fb80f07ef1aa7ff32d61837fb19994a86b85b747cb75a86d7597fca2c4dabc/detection http://185.247.224.98 updst-svcr.art admin92923.updst-svcr.art api93140.updst-svcr.art stlaip578223.ddnsgeek.com stlaip694531.ddns.net stlaip742915.ddnsgeek.com # Reference: https://twitter.com/0xToxin/status/1618613104350474243 # Reference: https://www.virustotal.com/gui/file/01bb2cca90e32e21a64fa4fb6caf584cd9e74eadd6d94fa25bb3daf230cb0e7c/detection # Reference: https://www.virustotal.com/gui/file/c7cbb1b4915f9cbce71dbe9df6027e73166fef1fce95976685640845e5f79685/detection http://179.43.187.84 sharkstealer.ru sharkstealer.su # Reference: https://twitter.com/r3dbU7z/status/1627205584108896256 # Reference: https://www.virustotal.com/gui/file/453db524120c3b0efa7cfdceace95c389df69f7d9bdf579635d3ebc57b3eb798/detection 154.38.161.223:3000 hwid.allcenter.online /cgtfggfdg/ # Reference: https://www.virustotal.com/gui/file/a52aae084cdb8f88ed74d5143964c9c16e2b4d0161dffab35820e75e37743a3b/detection 167.114.141.68:3500 # Reference: https://www.virustotal.com/gui/file/62b9f41c1e6eaf8ccf9cff87ed07e38b1945e58a43ba71556022c110c9eecd7f/detection http://193.169.255.78 # Reference: https://www.virustotal.com/gui/file/19538128e87dacacec8c3f68dd823738140b678de875dd2b6eae43a20872f4ff/detection 196.75.144.179:1177 servernbd.hopto.org # Reference: https://www.virustotal.com/gui/file/0165397bbe422119636c1590061faeccc97a250fbadf6702280a7146c74aa298/detection 212.87.204.83:2000 updateccdata.duckdns.org # Reference: https://www.virustotal.com/gui/file/15c900dc2ff9453f92b025567e89bdb716ae304c2cd561ae65fcee45dd7b0922/detection # Reference: https://www.virustotal.com/gui/file/000e5cefeb611d72332acd698462d8bf905caca5f7fc8df6fba36580da526ae9/detection htagzdownload.pw wmbi4jr7hvonline.xyz didiserver.herokuapp.com paybiz.herokuapp.com /SaveData/SaveData.php?ezzabour= # Reference: https://www.virustotal.com/gui/file/f9eca4398793e4d15298cba1953fe3434b88a2630e8ca04bac8334bf533c6c79/detection gricenko.club