# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://github.com/eset/malware-ioc/tree/master/sshdoor http://198.23.187.46 http://94.75.207.3 176.9.47.34:28739 # Reference: https://twitter.com/ESETresearch/status/1410864752948043778 # Reference: https://twitter.com/ESETresearch/status/1410864779229548546 # Reference: https://www.virustotal.com/gui/file/0bff46518b35ddfe37f4a7820286aab829d81f1480d9eeca5aaedc9ceda6724f/detection # Reference: https://www.virustotal.com/gui/file/be97d7ae3b2d876f027d99d8d61dbca92513f4975336c2ebc26cf8a0839b67b6/detection 45.67.230.53:443 # Reference: https://twitter.com/r3dbU7z/status/1584713099806126080 # Reference: https://www.virustotal.com/gui/file/3eac3dce42c59c37a826537f4f3b9c580db2d18d09df1fc23cd45d4f8309ac63/detection http://181.115.207.243 181.115.207.243:443 3.133.207.110:17715 3.136.65.236:17715 3.138.180.119:17715 /hS7PV4gUa-XphOiGisRung-yxu84TF5wsYDHEtrIBL # Reference: https://twitter.com/1ZRR4H/status/1774355839165280493 # Reference: https://twitter.com/1ZRR4H/status/1774356908897419376 # Reference: https://www.virustotal.com/gui/file/910077fa834a5a156c40c9dba7637611522c248b1b32d32fef23b42dfab11896/detection # Reference: https://www.virustotal.com/gui/file/7c636f1c9e4d9032d66a58f263b3006788047488e00fc26997b915e9d1f174bf/detection http://45.133.74.48 147.45.40.125:9999 45.133.74.48:22 77.221.137.93:4444 shield.surf aeza.shield.surf tratata.shield.surf # Reference: https://threatfox.abuse.ch/browse/tag/SSH-C2/ (# 2024-04-16) 103.174.73.85:9900 134.255.218.111:1337 134.255.218.111:8081 141.98.7.218:1337 141.98.7.237:1337 147.135.119.43:1337 147.135.119.43:8081 15.204.12.150:1337 15.235.149.123:9999 162.214.103.215:2052 162.214.103.216:2052 172.65.152.34:22 185.196.8.230:1337 185.254.198.211:9900 193.34.69.249:1337 209.141.50.91:1337 209.141.59.146:1337 209.141.62.176:1337 45.128.232.185:1337 45.128.232.219:1337 45.133.74.121:1337 5.181.80.35:999 51.38.67.91:888 51.81.0.240:666 51.89.30.114:9999 64.95.13.160:10000 89.187.28.15:2222 94.156.66.16:1337 94.156.66.184:1337 94.156.66.225:1337 94.156.67.43:1337 94.156.67.74:1337 94.228.168.28:1337 pickthecotton.xyz royalparac2.xyz royalparadisec2.xyz zopz-api.com # Reference: https://urlhaus.abuse.ch/browse.php?search=6f1bbcaa6efc41ee257919a85acc9ea5b1f82c8def103e39629e0b5161800ccc http://14.165.172.148 http://14.245.204.22 # Reference: https://pastebin.com/JGcvfvAJ http://188.92.72.129 http://188.92.79.110 http://188.92.79.115 http://188.92.79.116 http://92.118.39.81