# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:Win32/Farfli.I w.qq-uc.cn baoge.9966.org mmd178.cn oiuyt.net # Reference: https://www.virustotal.com/gui/file/4a9c646136c527e9669fcada5319678c77bd98218f77d8cce79c04ff475d3194/behavior/Tencent%20HABO cccd02.codns.com # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:Win32/Farfli.AV&threatId=-2147286376 hackxiaoben.3322.org # Reference: https://www.virustotal.com/gui/file/5418c6786bc04eb939a9febc8cfa0411f463fbf2a957189b2dc46ba3d5885652/behavior/VirusTotal%20Cuckoofork 4263604.meibu.net # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:Win32/Farfli.DA&threatId=-2147261103 binbinkam.cn # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:Win32/Farfli.K!bit&threatId=-2147249070 cdn_server_word9500.xxus.us # Reference: https://www.virustotal.com/gui/file/24ecf8d68c313a9cff7c801eb8108b61f9bd5a6bfcb17434f71ab74d3d6b444a/behavior/VirusTotal%20Cuckoofork a2.qwsazx.com # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:Win32/Farfli.C&threatId=-2147258877 b1a23.meibu.net # Reference: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:Win32/Farfli.E&threatId=-2147258594 m1.yea.im # Reference: https://twitter.com/K_N1kolenko/status/1281163539223363584 # Reference: https://www.virustotal.com/gui/file/ec65dff6c8c64535d441d9d3c1a2a7c6c2a0a42ca304041bde9cdd8f7d5b1628/detection qch1jjlb7.bkt.clouddn.com # Reference: https://www.virustotal.com/gui/file/b9c5b00ecbfe17abc48ee5df3f4a4725f90218c5ef596d16ffd7a1e59864fa98/detection linenews.mypicture.info # Reference: https://www.virustotal.com/gui/file/893859a6cee37a556d2368c1ca39b7c9e100983a0822c14b59f59224c5e41639/detection nutqauytva[0-9]{1,3}azxd\.com # Reference: https://twitter.com/Jirehlov/status/1385068574889234439 # Reference: https://www.virustotal.com/gui/ip-address/43.128.26.244/relations # Reference: https://www.virustotal.com/gui/file/7b1bd6931e3e0d9592205a4945661f053d7f696dbf57ced2d6467e4775135290/detection # Reference: https://www.virustotal.com/gui/file/bea0dfb403684642d6612a653bf18dbbff35574ff7166b6ea5e433258df3a7b2/detection # Reference: https://www.virustotal.com/gui/file/52589fbf2352bb762bd1b2a18bf20d60ceaeb0b829034edf77ea4e73d4711e8a/detection http://43.128.26.244 43.128.26.244:99 /2021/0???????????.db /2021/03usdt????????.db /2021/04??????.db /2021/042021????.db /2021/062021Excel.db /2021/20218036/kb.jpg /2021/20218036/TY.png # Reference: https://www.virustotal.com/gui/file/3ee01bd64bb58a4d892fa0994fec5c32faa089346e0bc3d4fe00a08b6890be18/detection rat.microsoftups.com # Reference: https://www.virustotal.com/gui/file/bae1270981c0a2d595677a7a1fefe8087b07ffea061571d97b5cd4c0e3edb6e0/detection 193.164.223.77:7456 # Reference: https://www.virustotal.com/gui/file/385c92e3d2b1dc253eac89889157258df64586cad653dccfd3f3d6b240b9efba/detection 144.48.243.79:1002 202.8.123.81:6547 # Reference: https://www.virustotal.com/gui/file/9a5cae26a14962475b1d9e3011aa16cf7fbd421f2f3f9caa4299c98e3cf018f7/detection 193.164.222.131:4567 # Reference: https://www.virustotal.com/gui/file/e3c418133e17bd7ddd99ef252fb220852a0ab1d827e28c57fcb2645d89899c43/detection 107.151.94.66:4397 # Reference: https://www.virustotal.com/gui/file/2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc/detection 107.151.64.99:4398 # Reference: https://www.virustotal.com/gui/file/00f89613a5add3497b0da5c69bf7e39d88f312f2251f1f7cd3eb678584795931/detection 58.56.66.45:1111 kk321.f3322.net # Reference: https://www.virustotal.com/gui/file/d7a35dac1206d1b11cc5d7f27cd5c41831a71b9384de993bd22997686782d8c9/detection updatedns.serveuser.com # Reference: https://www.virustotal.com/gui/file/669c73d43ee10805a49260331dc5c2f278a84191b96c32ffe0ffc46365722b70/detection 27.124.3.138:5002 # Reference: https://www.virustotal.com/gui/file/1665b6af7f0f2be925ffccde88aa85d442c22dd95617ef79195cfb3ceca73b97/detection 113.90.168.19:8000 # Reference: https://www.virustotal.com/gui/file/9c8275d340bd29999a4d8f21e846225fdbb3fd67e82df6da810ec6913786cdc1/detection 180.215.203.34:36060 # Reference: https://www.virustotal.com/gui/file/880ee211e61938ce2b52c191b52a670be2cd83385fe573ef1ab5ac3fcb6d3eea/detection 180.215.203.34:24690 180.215.203.34:443 # Reference: https://www.virustotal.com/gui/file/7dbb6b9b81c564c8843000cfa156512057f783abb7b1b036362b36a3a23c1ef8/detection 43.139.138.38:2002 # Reference: https://www.virustotal.com/gui/file/f810b7e70b092c28f444de6782676e2d6c2d754340359be3278ce8957d2a3486/detection 124.220.35.63:7777 # Reference: https://www.virustotal.com/gui/file/a261d2dd247ae794de54eeb729b5336d945e7d5406d96cc8b41d6546e912705b/detection 124.220.35.63:8000 # Reference: https://www.virustotal.com/gui/file/9a2112fa4bb5f16b6e7a61b50fe0abb25aade5d0b50930699db1f195891d50bd/detection 124.220.35.63:4088 # Reference: https://www.virustotal.com/gui/file/83534b5f34717ef561cb855f2611710bad259e0ca42cae2252d00d986b73d7be/detection 154.91.230.44:8225 # Reference: https://www.virustotal.com/gui/file/614c1ce944cd52468289e806685ab58ce6bccb33b87d991bf376eb144dd03c1e/detection 104.233.151.40:8225 # Reference: https://www.virustotal.com/gui/file/e759df6f0df75856657945fc8bfcc0abc3def918e847956ad7c361fc72d0e19c/detection 40.83.115.43:8001 81.69.6.161:992 bot.nodefunction.vip # Reference: https://app.any.run/tasks/51ac8482-d809-4a2b-a601-89be388f3f13/ 27.124.43.55:8000 # Reference: https://twitter.com/obfusor/status/1685588560760709120 # Reference: https://www.virustotal.com/gui/file/1e3c8d40ac25f58439cd1eeb3e69066bfb7f7554d79b125b4c2213152496eeb8/detection # Reference: https://www.virustotal.com/gui/file/363f2bc3f3f5da3147689f5d66f7fcad1199e1c654326e40767df6fd9fbd6233/detection # Reference: https://www.virustotal.com/gui/file/da387187f3ae143bc874f27acb5bb04a5e208ca0f4d0200917eee0c6ccd33781/detection # Reference: https://www.virustotal.com/gui/file/5f4c86793dc182bbdbca017a15a26213cf07bcc7d5a3038db3b728fcd421c581/detection # Reference: https://www.virustotal.com/gui/file/d4cfd0cf4f253c6cb6d6b1aa8475d6a2a58de7b87e51cbb5affd9e65eb47224b/detection 103.229.126.5:7700 122.10.24.216:7700 154.38.114.192:7700 164.155.255.38:7700 43.129.71.79:7700 8.218.190.138:7700 # Reference: https://www.virustotal.com/gui/file/4027995b0a77793ccb5b415d66ba3b6ea1dfdbdc70249ab2f7f66a35f97a80d3/detection # Reference: https://www.virustotal.com/gui/file/43ecc26f16080ee7c67b9ed6fd75b45b3aae99862733a0824b03d8e53904778c/detection 106.55.160.12:2012 192.252.182.100:2012 216.83.40.189:2012 8.134.97.32:2012 # Reference: https://twitter.com/ThreatBookLabs/status/1691451361014272000 # Reference: https://www.virustotal.com/gui/file/27ae3c21f27cf73b34ef7f2fecf9ed1bf319a7acb155d9b36341ac821ec35216/detection 59.42.71.178:876 wanyaqing.3322.org # Reference: https://blog.cyble.com/2023/06/16/new-malware-campaign-targets-letsvpn-users/ # Reference: https://otx.alienvault.com/pulse/64906a888558bdb91b9f4495 latavpn.world lestvpn.com letevpn.world letsvpn.club letsvpn.cyou letsvpnaa.com # Reference: https://www.virustotal.com/gui/file/0b4eb7fdae7e90c0bd0dbfc7552865ba6d7dcd03e77efd91b5e246c71f9f2f7c/detection # Reference: https://www.virustotal.com/gui/file/7ec0d3e3dc4222f34c482926ce1f971b51929e95b9d097140bc1f4b1c84dafd9/detection 182.42.105.12:2022 182.42.105.12:9000 lqwljs.cn lqwljs.top # Reference: https://www.virustotal.com/gui/file/075f5138060a476a449b2134c53abfa13ddd233d2151fa6576c5c7c6c5badcf2/detection 222.186.160.169:40869 sjlwql.cn # Reference: https://www.virustotal.com/gui/file/0383b4607310f8e98a2d2ee93cbea1a9e5d66dfaf8755e6b3e1e4398ae42ca71/detection 43.248.191.125:7999 sjlwql.top # Reference: https://www.virustotal.com/gui/file/b6bc28566acdd68792cf2393993f01e992e23be2ba275d74bf697300cb1b250e/detection 103.142.146.92:8000 103.143.29.28:3325 # Reference: https://www.virustotal.com/gui/file/490e63ba4abec4b9935c8edf0df01e34c9f9d00e326f084bc52b3ca9853a5623/detection 222.211.72.102:8018 hackerinvasion.f3322.net # Reference: https://www.virustotal.com/gui/file/4cf0f2fd200e4c941e940044c23784061390936caf5b15d666766e0ae6086d92/detection 222.211.72.102:8068 # Reference: https://twitter.com/naumovax/status/1706663843571904622 # Reference: https://tria.ge/230925-dhhheadb52/behavioral2 # Reference: https://tria.ge/230925-dhd5zsdb49/behavioral2 222.211.72.102:7029 222.211.72.102:7088 # Reference: https://www.virustotal.com/gui/file/3084e166be386ff331ebb3321d9fc55239b909264b5b7f0ddeb1cf3690ad8656/detection 20.187.77.247:53762 one188.one gd.one188.one # Reference: https://www.virustotal.com/gui/file/06ca956b3574a6514803b2682f8dd6cda6e81111ae6e7ebc8d71de68964dbe03/detection 141.255.146.160:7077 # Reference: https://www.virustotal.com/gui/file/44773329fdd390d4321f01dd301736de74606062a8e6b8ce79f302a316d9e598/detection 42.51.37.132:8000 # Reference: https://www.virustotal.com/gui/file/6e6c6c7dd4b27ec3ba17135aa99d5166405a3e0512c9ca092c4b14718fa39045/detection 43.248.117.189:37558 s4.v100.vip # Reference: https://www.malwarebytes.com/blog/threat-intelligence/2024/01/malicious-ads-for-restricted-messaging-applications-target-chinese-users # Reference: https://www.virustotal.com/gui/file/a366710645856803e6d4cd0babd1b11d6eaef7ce0bca7254d499164d4b26abfb/detection # Reference: https://www.virustotal.com/gui/file/acf6c75533ef9ed95f76bf10a48d56c75ce5bbb4d4d9262be9631c51f949c084/detection # Reference: https://www.virustotal.com/gui/file/e3edfb7d2c5b95a0eba0070f0f735a78ea3dffc73a7d5f97bf9b886931bcf047/detection # Reference: https://www.virustotal.com/gui/file/fb7b9f25adc2a0f6fb6a80666072783e34cb2fa2cb7412b14f4ff12ab36961a3/detection 216.83.56.247:36061 45.195.148.73:15628 47.75.116.234:19858 5443654.site 5443654.world telagsmn.com teleglarm.com teleglren.com # Reference: https://www.virustotal.com/gui/file/287a4430ea2c76838bf97bae597209017f62a7bbacdfd472508afcea2f184524/detection 91.204.226.63:8000 # Reference: https://x.com/K_N1kolenko/status/1796542852681596972 # Reference: https://www.virustotal.com/gui/file/4403fcd4791990c2a228398f6282c5cc419f23970f67ede03d7004e07c953076/detection 110.6.28.25:88 123.129.229.68:5656 154.222.224.99:7000 4.233.222.144:8848 0qsf.com dnf60.online a.0qsf.com dnf.dnf60.online # Reference: https://x.com/DonPasci/status/1792981948631007391 # Reference: https://www.virustotal.com/gui/ip-address/103.192.209.60/relations # Reference: https://www.virustotal.com/gui/file/0150b8a808a9ba4dc2e5093839a75ceba632e3668fe3f2977e604257f02757fc/detection # Reference: https://www.virustotal.com/gui/file/2bdd6c549e4314db5c888ef891cf869d018af003a614bb9f43d26e23a758bfe3/detection # Reference: https://www.virustotal.com/gui/file/65594cd00b59b33c7d31f57048e329a24b3e1c2c29b2fda682ea01e157d447d3/detection # Reference: https://www.virustotal.com/gui/file/857ebb67b4be23b01e2feacaee45d0650b39c3f6306416ac19b319d14cd68e69/detection # Reference: https://www.virustotal.com/gui/file/db969801fdf2511b44c442e0b7a762f35a2dab99abfe089672535362654d8198/detection http://103.84.110.94 103.192.209.60:7474 103.192.209.60:7575 103.192.209.60:7778 154.39.251.77:13799 996cq.com aadij.top aaojg.top aclhl.top acole.top adbck.top ahdpb.top aheoe.top ajhei.top banol.top beapn.top bfjdn.top blhlc.top bmhhk.top bobmg.top bohon.top cacnj.top caehc.top caied.top cbnco.top cfbkb.top cjpka.top ckkib.top cniac.top cofim.top dbacn.top dboka.top ddchg.top dghbb.top dgknd.top dhiin.top dhjcp.top digjf.top djhna.top dljol.top ebnih.top edgip.top edmap.top eeilh.top efogb.top ehoca.top ekgie.top emhob.top emomg.top enhjb.top facbc.top fbfnc.top fjojf.top flaio.top fmjfc.top fpiff.top gchfp.top gcnij.top gdaog.top geohh.top gkeco.top gpnjf.top hcfpo.top hdmnh.top hejhp.top hfidd.top hhjdn.top hiccf.top hknki.top hlifk.top hlilm.top hlmlh.top hmamb.top hmoan.top hpfpn.top ienjd.top ihomi.top iicmk.top ikgbl.top iomca.top ipebj.top jaaja.top jbbpe.top jbffm.top jdllm.top jfbnb.top jffop.top jiigm.top jjmjj.top jkfkh.top jmimn.top jnael.top kelka.top kgtejsaf.com khhbo.top kidbe.top kjaga.top knhgk.top kpgia.top lajca.top lbnfl.top ldbom.top lffkl.top liapp.top ligkl.top lmfga.top lnbgj.top lnlgh.top loicg.top macfh.top mdkol.top meion.top mpifi.top najom.top nakbm.top nbjme.top ncnih.top nfjge.top ngfca.top nhmln.top ninid.top nkkan.top nlinn.top nnepl.top nocda.top oagij.top oaibo.top obafe.top odjkl.top ogagp.top ohnag.top ohppf.top oikpk.top oipoi.top ojlob.top okcdg.top okmib.top olekf.top oljee.top ommpg.top omopp.top onhid.top onldm.top oople.top oplda.top paegj.top pcjmk.top pejof.top pgoac.top pijon.top pkdhe.top pldnc.top plgbd.top pmeca.top pojlg.top ppifh.top bba.odjkl.top cdc.ogagp.top lip.cjpka.top lip.jkfkh.top ning.meion.top ning.oople.top sss.cjpka.top sss.onldm.top tieb.kjaga.top xxhh.acole.top xxhh.gcnij.top xxhh.hiccf.top xxhh.liapp.top xxhh.pejof.top zscm.996cq.com zzz.emomg.top zzz.hiccf.top zzz.liapp.top zzz.pejof.top https.bba.odjkl.top https.lip.cjpka.top # Reference: https://www.virustotal.com/gui/file/07edde3f52e5adfc2f689ebe8ff5701ada4be0daac06a98bc865aa369aa98e14/detection 110.8.29.195:2014 q7481.codns.com # Reference: https://www.virustotal.com/gui/file/1793cdd631cd51f5e6551e1db4032b50df4c7708a67ea3a0f01e70f02d6ddbcd/detection 34.124.242.160:8898 34.126.127.177:7333 34.87.157.1:7333 # Reference: https://x.com/malwrhunterteam/status/1859321495358464251 # Reference: https://app.validin.com/detail?type=dom&find=down.app.tw.cn (# 2024-11-20) 10dhwp.potvpn.com 5670.potvpn.com 5vn5op.potvpn.com 6241.potvpn.com 6qd5fe.potvpn.com 7htrnj.potvpn.com 879.potvpn.com 93kjzt.potvpn.com admin.ehatsapp.com admin.evevpn.com admin.shadowsock.net admin.totvpn.com adminuser.telegrame.cn ams.maovpn.com api.ehatsapp.com api.kakavpn.com api.whactsapp.com ar.potvpn.com assets.shadowsock.net bot.kakavpn.com cld.telegratm.org clients.evevpn.com com.evevpn.com core.tilegram.org core.tulegram.org cpanel.totvpn.com cpcalendars.totvpn.com cpcontacts.totvpn.com cryptomus.kakavpn.com da.jxvpn.com de.jxvpn.com de.potvpn.com desktop.tilegram.org ec2jxv.potvpn.com ehatsapp.com en.potvpn.com es.potvpn.com evevpn.com execvpn.net execvpn.org expvpn.com fa.jxvpn.com fi.jxvpn.com finalshell.cn gdn.maovpn.com grs2rl.potvpn.com h5.letsvpns.com hi.jxvpn.com hi.potvpn.com hostmaster.chat.whntsapp.com hostmaster.webvpn.org hr.jxvpn.com hy.jxvpn.com i.potvpn.com id.potvpn.com io.telegratm.org is.jxvpn.com it.jxvpn.com it.potvpn.com j.potvpn.com jiami.telegramf.org jixqvk.potvpn.com jk.whstsasap.com jk.whstssaap.com jxvpn.com kakavpn.com kc24yd.potvpn.com kha.maovpn.com ko.jxvpn.com kuailian.tv kuailianvpn.org lax.maovpn.com lersvpn.com letesvpn.com letssvpn.com letsvnp.com letsvpn.cn letsvpn.icu letsvpns.com letsvspn.com letsvvpn.com leysvpn.com libyavpn.net litsvpn.com lohzqm.potvpn.com lv.jxvpn.com lvm6en.potvpn.com m.potvpn.com mail.totvpn.com maovpn.com mk.jxvpn.com moguvpn.com mtelegram.org muhurte.evevpn.com my-test.evevpn.com my.evevpn.com my.jxvpn.com my.mtelegram.org my.potvpn.com ne.jxvpn.com nl.jxvpn.com nl.potvpn.com no.jxvpn.com noodlevpn.com ns1.telegg.com ns2.telegg.com p.potvpn.com panel.kakavpn.com pipevpn.com pl.jxvpn.com potvpn.com prg.maovpn.com pt.potvpn.com r092xd.potvpn.com random.libyavpn.net rix.maovpn.com ro.jxvpn.com rq8hod.potvpn.com ru.jxvpn.com ru.potvpn.com shadowsock.net sitemaps.libyavpn.net sk.jxvpn.com sl.jxvpn.com sof.maovpn.com sr.jxvpn.com ssrsvpn.com sv.jxvpn.com szkexin.potvpn.com teiegram.cc telegfam.com telegfram.org telegg.com telegm.org telegnam.com telegqram.org telegram5.cn telegrame.cn telegramf.org telegrammn.org telegramt.com telegratm.org telegrgm.com telegzam.org th.jxvpn.com tilegram.org totvpn.com tr.jxvpn.com tr.potvpn.com tulegram.org u.potvpn.com ubsjto.potvpn.com ucgpqo.potvpn.com uh8mue.potvpn.com uox9ue.potvpn.com ur.jxvpn.com uz.jxvpn.com vc1aek.potvpn.com vi.potvpn.com web.tilegram.org web.tulegram.org web.whactsapp.com webdisk.totvpn.com webmail.totvpn.com webvpn.org whactsapp.com whatsasp.com whntsapp.com whstsaap.com whstsasap.com whstssaap.com world.potvpn.com wshtapp.com wshtsapp.org ww01.ehatsapp.com ww1.shadowsock.net ww1.webvpn.org ww12.kakavpn.com ww16.whntsapp.com ww25.0jj9ez.potvpn.com ww25.10dhwp.potvpn.com ww25.5670.potvpn.com ww25.5vn5op.potvpn.com ww25.6241.potvpn.com ww25.63elxw.potvpn.com ww25.6lvfoj.potvpn.com ww25.7htrnj.potvpn.com ww25.879.potvpn.com ww25.9h6pjy.potvpn.com ww25.ar.potvpn.com ww25.ckupmu.potvpn.com ww25.de.potvpn.com ww25.e.potvpn.com ww25.en.potvpn.com ww25.es.potvpn.com ww25.fr.potvpn.com ww25.hi.potvpn.com ww25.i.potvpn.com ww25.it.potvpn.com ww25.jixqvk.potvpn.com ww25.lohzqm.potvpn.com ww25.lvm6en.potvpn.com ww25.m.potvpn.com ww25.mtelegram.org ww25.my.mtelegram.org ww25.my.potvpn.com ww25.nl.potvpn.com ww25.p.potvpn.com ww25.p0r8dm.potvpn.com ww25.potvpn.com ww25.r092xd.potvpn.com ww25.ru.potvpn.com ww25.ss.potvpn.com ww25.szkexin.potvpn.com ww25.ubsjto.potvpn.com ww25.ucgpqo.potvpn.com ww25.uh8mue.potvpn.com ww25.uox9ue.potvpn.com ww25.vc1aek.potvpn.com ww25.vi.potvpn.com ww25.webvpn.org ww25.world.potvpn.com ww25.y0mdik.potvpn.com ww25.ykneri.potvpn.com ww25.z9m3hw.potvpn.com ww3.webvpn.org ww38.hi.potvpn.com ww38.mtelegram.org ww38.my.potvpn.com ww38.potvpn.com ww38.telegm.org ww38.whntsapp.com ww6.ehatsapp.com www-origin.evevpn.com y0mdik.potvpn.com ykneri.potvpn.com zh-tw.jxvpn.com # Reference: https://x.com/malwrhunterteam/status/1903092941637226892 # Reference: https://www.virustotal.com/gui/file/a01b64857d8716556f33093f8cc4e65200d9706d480991c09225e2e7dbd2193a/detection # Reference: https://www.virustotal.com/gui/file/3a4fcfc2d47067d7acf25e2a0808d9282a4c574a530b7154aba38ea8dd981789/detection 18.162.59.168:8081 18.163.117.227:8083 27.124.38.6:3306 27.124.38.6:443 27.124.38.6:8081 global.apple-cdn.com halo.apple-cdn.com hello.apple-cdn.com jp.aws-oss.com # Reference: https://www.virustotal.com/gui/file/462b343d3df890ef30c498721ff083a19fde871c03c4f55e579b6feaeb69bf9f/detection # Reference: https://www.virustotal.com/gui/file/9bec6fd3b4fca14c515a855db7c5badd222c6c60fb5406098e4cbdf1af733967/detection # Reference: https://www.virustotal.com/gui/file/1e1b0d9ea5d263d3e425f9896f0d2cf78189be31ac983721922e824a1e8140ed/detection 38.45.126.218:8787 cao.asselst.com # Reference: https://x.com/malwrhunterteam/status/1928940652353450382 # Reference: https://www.virustotal.com/gui/file/01ee97b0eaeda9aed6c5dd9e861e0dd55e8ea5e4a2ce5ed5c2a82ee9c1790f0d/detection 38.45.126.218:7845 # Reference: https://x.com/BlinkzSec/status/1941486999946526791 # Reference: https://app.validin.com/detail?find=bf7e8eee8a97af5ae4d7ccebad091e74&type=hash&ref_id=8af4f8207c7#tab=host_pairs (# 2025-07-05) # Reference: https://www.virustotal.com/gui/file/09829d5968836b5dbbcafb563aa84d0644dbbd3da3d5b10dd3fe1e1f3914bd7e/detection # Reference: https://www.virustotal.com/gui/file/ece24a9619cbf4209093f3e6219b1ba9ca165ed176f171fd05b46fa0a6d91c69/detection 144.202.74.176:87 46.8.120.153:42534 46.8.120.153:5123 46.8.120.153::8080 823.s.3322.net 882.8866.org alimcma.3322.org bbdu.3322.org fengzi000.3322.org fugu.2288.org linuxzh.3322.org nanshen.f3322.org pingan3.3322.org pt930.9966.org rrr80.3322.org sswlzyy.f3322.org vfegt342.3322.org weini501.f3322.org yldaj.2288.org # Reference: https://x.com/K_N1kolenko/status/2005604259031925042 103.119.15.173:3322 124.117.210.186:10101 154.91.84.19:7788 192.229.116.171:520 206.119.191.107:1688 206.238.115.86:7777 206.238.42.177:5050 27.124.53.43:447 38.148.244.12:6666 45.204.214.138:8080 47.237.185.140:2580 47.84.13.17:1688 # Reference: https://x.com/K_N1kolenko/status/2004077600076153198 103.241.72.240:5050 108.187.7.148:447 122.10.119.114:443 156.247.40.81:6666 156.254.20.94:5050 206.238.42.178:5050 207.148.45.54:5050 27.124.53.62:447 38.181.23.21:443 43.248.172.161:5050 8.219.51.115:5868 # Reference: https://x.com/K_N1kolenko/status/2007049894306230304 116.204.171.70:69 134.122.128.134:8899 192.163.162.152:447 43.248.172.165:9194 # Reference: https://www.virustotal.com/gui/file/17e2717194e414f1acbe397946cc208980e043c972b89cd85509cebb5569a875/detection 103.181.134.186:5556 # Reference: https://x.com/K_N1kolenko/status/2010325878035927514 103.45.66.27:1688 104.233.184.215:1234 108.187.43.3:8088 108.187.7.152:447 108.187.7.226:448 116.204.171.123:69 118.107.3.231:8000 118.107.3.249:2114 125.208.23.7:2883 129.226.167.253:1433 148.66.11.10:7777 156.247.41.125:6666 156.247.41.49:1746 192.163.162.146:447 192.229.116.171:447 192.229.116.31:447 202.95.11.199:1688 223.26.62.228:6666 38.162.117.58:3322 45.194.37.221:18809 47.236.24.137:2233 47.236.29.250:6004 47.237.82.191:9522 47.84.63.88:6002 47.84.74.149:1688 8.210.134.138:5858 8.219.160.144:1688 8.219.185.117:6002 8.219.82.235:18888 8.219.90.60:3495 8.219.93.253:124 # Reference: https://x.com/K_N1kolenko/status/2014636649502613816 1.94.135.115:6666 101.43.156.141:2324 106.54.34.252:6787 116.204.169.9:8089 118.107.9.19:10802 134.122.163.165:6667 137.220.152.136:5050 137.220.155.75:6788 143.92.32.194:19190 143.92.32.25:8443 143.92.60.28:3333 156.247.40.169:6666 156.247.40.89:8888 192.229.116.155:447 192.229.116.167:447 202.61.160.201:10086 206.238.220.231:11206 207.56.13.76:5666 223.26.62.188:23456 27.124.20.229:5050 43.106.25.77:5005 45.207.199.73:10801 47.237.105.38:11223 47.237.107.28:7181 47.237.108.120:1000 47.237.95.113:6524 47.238.104.19:6666 47.83.130.138:6666 47.83.230.53:5858 47.84.82.1:6666 8.210.255.100:8443 8.222.204.62:2002 81.69.43.28:6767 # Reference: https://x.com/netresec/status/2020830231863689549 # Reference: https://www.virustotal.com/gui/file/6bfa7e3fd18e9993efcde5f3a06687b75d7737ac41e21516e692bef15b90a144/detection # Reference: https://www.virustotal.com/gui/file/41490b1bb038ba5f84ad4200323c859889d9e2f751d580853134236c0fb42076/detection # Reference: https://www.virustotal.com/gui/file/9e6fe04db8a6fc99d6b4ff79fea7df78ce5d7e16d1933d991b182b71e62a0104/detection # Reference: https://www.virustotal.com/gui/file/c0ac6d5c5779923f66a8eb49c7683bf6d6fa30c428aac13c94c51fac90855553/detection 47.83.173.19:5050 47.84.203.73:5050 xuanwcai.com wkaiuahaaxx.icu # Reference: https://x.com/K_N1kolenko/status/2018634157371654453 103.39.210.36:8087 115.190.205.255:6666 121.127.253.202:8086 137.220.171.139:3001 156.225.19.99:8848 39.109.116.99:4431 45.125.12.193:7777 47.236.232.206:8006 47.236.25.25:8002 47.236.30.178:9999 47.236.36.201:6666 47.84.192.58:6666 82.156.3.214:6666 # Generic /newfiz7/tasks.php