# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://twitter.com/James_inthe_box/status/1039605676404760576 bproduction.zapto.org # Reference: https://twitter.com/ScumBots/status/1045052146067165184 # Reference: https://www.virustotal.com/gui/file/660633aaa4222a3577a7d2c63983e7b0f88e09e2de77a6d2eaec52fea5ca97c7/detection 80.193.191.142:1604 hyper-servers.ddns.net # Reference: https://twitter.com/ScumBots/status/1044912611089948672 corralesking.hopto.org # Reference: https://twitter.com/ScumBots/status/1046354478268592128 abjbwtf.myftp.biz # Reference: https://twitter.com/ScumBots/status/1045931693167833088 131454.ddns.net # Reference: https://twitter.com/ScumBots/status/1045776922171576320 kurviood.ddns.net samostrelqsh.ddns.net # Reference: https://twitter.com/ScumBots/status/1045746857408892928 staling79.mooo.com # Reference: https://twitter.com/ScumBots/status/1043738462233485312 pauldenero.ddns.net # Reference: https://twitter.com/ScumBots/status/1042779678367473665 clientswin.ddns.net # Reference: https://twitter.com/ScumBots/status/1042704306795888640 haku004.hopto.org # Reference: https://twitter.com/ScumBots/status/1042515566584586242 win.ddnsking.com # Reference: https://twitter.com/ScumBots/status/1037861013255860224 scammer0304.ddns.net # Reference: https://twitter.com/ScumBots/status/1037098491472998405 popopooo3847343dfer.publicvm.com xcvx2343242sdfsdfsdfsxcv.publicvm.com # Reference: https://twitter.com/ScumBots/status/1036487098189205504 aylmao1337.tk # Reference: https://twitter.com/ScumBots/status/1034248460223037441 adeldu122.ddns.net # Reference: https://twitter.com/ScumBots/status/1041050784081883136 hbk4.ddns.net # Reference: https://twitter.com/ScumBots/status/1051065520328458240 needpull.ddns.net # Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~NanoCor-DM/detailed-analysis.aspx obiank.ddns.net # Reference: https://twitter.com/ScumBots/status/1052360306788327424 exotic-40931.portmap.io # Reference: https://twitter.com/ScumBots/status/1052552825228673024 cuberwar.myvnc.com cyber786.myvnc.com # Reference: https://twitter.com/Racco42/status/1046873169070645248 chukwd.duckdns.org # Reference: https://twitter.com/ScumBots/status/1053824958399500288 fgcvhjbk.bounceme.net # Reference: https://twitter.com/ScumBots/status/1054761124745412608 icheatedonyourcrush.ddns.net # Reference: https://twitter.com/ScumBots/status/1055210337266491392 myhostsaddddd.hopto.org # Reference: https://twitter.com/ScumBots/status/1056965649929510914 zenzen15.ddns.net # Reference: https://twitter.com/ScumBots/status/1058154734417260544 Pirmary.dynu.net # Reference: https://twitter.com/ScumBots/status/1058241556451254272 mohamedsaeed.ddns.net # Reference: https://twitter.com/ScumBots/status/1058932359117107201 zentune.sytes.net # Reference: https://twitter.com/ScumBots/status/1059509916707311617 avo4.ddns.net # Reference: https://twitter.com/ScumBots/status/1061253904103600128 skynipit.ddns.net # Reference: https://twitter.com/ScumBots/status/1061269005296693248 office365update.duckdns.org systen32.ddns.net # Reference: https://twitter.com/ScumBots/status/1061510597278425089 ogkush.ddns.net # Reference: https://twitter.com/ScumBots/status/1061710662940942338 jake1234.ddns.net # Reference: https://twitter.com/ScumBots/status/1062224311430365185 onixoino.ddns.net # Reference: https://twitter.com/ScumBots/status/1063892541253345281 daddyup.ddns.net # Reference: https://twitter.com/ScumBots/status/1064575794121445376 weekskypp.hopto.org # Reference: https://twitter.com/ScumBots/status/1065002353307324418 mcnana.theworkpc.com # Reference: https://twitter.com/ScumBots/status/1067214563651796992 masterzion.ddns.net # Reference: https://twitter.com/ScumBots/status/1067237079376191488 yeetyeeter.ddns.net # Reference: https://twitter.com/ScumBots/status/1067829739107352577 sicknessdk.duckdns.org # Reference: https://twitter.com/ScumBots/status/1068244972011487232 intercambiotestg99.duckdns.org # Reference: https://twitter.com/ScumBots/status/1069162266279510016 insta.webhop.me # Reference: https://twitter.com/ScumBots/status/1069502003116679168 wadlalafala2344.myftp.biz # Reference: https://twitter.com/ScumBots/status/1070743939089612800 y013s.ddns.net # Reference: https://twitter.com/ScumBots/status/1070868509763215360 moms.myftp.biz # Reference: updates up to https://twitter.com/ScumBots/status/1079871582284247041 amerkad19.ddns.net blubjkh.ddns.net chromeservice.serveirc.com kurwa.ddns.net nanithecorelol.ddns.net ncore.ddns.net sambosaxzx.ddns.net svchostest.ddns.net vpnchjuy.ddns.net # Reference: https://www.symantec.com/blogs/threat-intelligence/african-financial-attacks nemesis225.ddns.net # Reference: https://twitter.com/ScumBots/status/1086998543217426432 madarahost.ddns.net # Reference: https://twitter.com/ScumBots/status/1088781872510001152 axuas.ddns.net # Reference: https://twitter.com/ScumBots/status/1088908631930736640 minimalprojectscm.ddns.net # Reference: https://twitter.com/ScumBots/status/1089191742681817094 nanoocore.ddns.net Listener.chickenkiller.com ukurbap.duckdns.org 5.59.91.86:5552 # Reference: https://twitter.com/ScumBots/status/1096141287328280576 karutohack.ddns.net # Reference: https://twitter.com/ScumBots/status/1099342379386134529 185.56.90.79:1799 # Reference: https://twitter.com/ScumBots/status/1097262422912614401 194.5.99.9:36460 # Reference: https://twitter.com/ScumBots/status/1099474498317889536 109.181.151.155:1263 # Reference: https://twitter.com/ScumBots/status/1101973465895264257 lp0766.ddns.net # Reference: https://twitter.com/ScumBots/status/1102094396542144513 fucka.ddns.net fuckyoua.ddns.net # Reference: https://twitter.com/ScumBots/status/1102422807672246274 windowuser.ddns.net # Reference: https://twitter.com/ScumBots/status/1102547247231840258 141.255.152.199:54979 # Reference: https://twitter.com/ScumBots/status/1102573669455462400 demisoda2.kro.kr # Reference: https://twitter.com/ScumBots/status/1102973809316032512 nanotestit.ddns.net # Reference: https://twitter.com/ScumBots/status/1103321099440398343 csgo45bj.ddns.net # Reference: https://twitter.com/ScumBots/status/1104808531184812037 31.49.241.6:1604 # Reference: https://twitter.com/ScumBots/status/1105793638041354240 141.255.151.202:5552 # Reference: https://twitter.com/ScumBots/status/1105797415901253633 141.255.158.98:53896 # Reference: https://twitter.com/James_inthe_box/status/1102914959556538368 185.84.181.88:4050 # Reference: https://twitter.com/ScumBots/status/1108326582664527872 10.9.36.186:6969 # Reference: https://twitter.com/ScumBots/status/1108311482247335936 213.89.206.15:1337 # Reference: https://twitter.com/Racco42/status/1102848826556276736 top1.apexgamingjo.waw.pl # Reference: https://twitter.com/casual_malware/status/1107441450415992832 nanocore2019.bounceme.net # Reference: https://twitter.com/James_inthe_box/status/1100793529595383809 ninodns.duckdns.org # Reference: https://twitter.com/ViriBack/status/1093994913249853440 # Reference: https://pastebin.com/rQ0Cnkh0 lightchibuike.ddns.net pixls.ddns.net # Reference: https://twitter.com/ViriBack/status/1065597117937434625 bosmanchi.ddns.net # Reference: https://twitter.com/killamjr/status/1093553362174242816 tntsure.ddns.net # Reference: https://twitter.com/pollo290987/status/1092796516555808770 megida.hopto.org # Reference: https://twitter.com/Racco42/status/1059945882274197504 194.5.99.243:2019 # Reference: https://twitter.com/HerbieZimmerman/status/1057692658104262657 194.5.98.182:7020 # Reference: https://twitter.com/luc4m/status/1044855395615997953 datalogsbackups.hopto.org # Reference: https://twitter.com/matte_lodi/status/1049203238963167233 # Reference: https://app.any.run/tasks/bb524301-c794-4813-8e72-a03ae7d5b8cc ambition.ddns.net # Reference: https://twitter.com/Ring0x0/status/1006200464772419585 delawizzy.ddns.net # Reference: https://twitter.com/Antelox/status/859092998818344961 herackles.moneyhome.biz # Reference: https://twitter.com/JAMESWT_MHT/status/751375987028484096 businessdb4.duckdns.org businessdb5.duckdns.org # Reference: https://twitter.com/JayTHL/status/729724613907783680 212.7.208.81:51010 # Reference: https://twitter.com/JayTHL/status/705429671303774208 greenbacks.no-ip.biz # Reference: https://twitter.com/MalwareConfig/status/694596719426826240 admindarkcomet.no-ip.biz # Reference: https://twitter.com/MalwareConfig/status/694296245679099904 QuantumDevv.chickenkiller.com # Reference: https://twitter.com/MalwareConfig/status/651147773257977856 paychuby.no-ip.biz # Reference: https://twitter.com/MalwareConfig/status/650097923196342272 aeht.no-ip.biz # Reference: https://twitter.com/MalwareConfig/status/650097877851746304 freedarren.no-ip.biz # Reference: https://twitter.com/MalwareConfig/status/650097559160156160 purevid.no-ip.org # Reference: https://twitter.com/MalwareConfig/status/650097117315395584 ik4ito.ddns.net # Reference: https://twitter.com/MalwareConfig/status/650096982590156800 mlgsnip3r.no-ip.biz # Reference: https://twitter.com/ScumBots/status/1109640234864701441 67.253.236.155:5553 # Reference: https://twitter.com/ScumBots/status/1110266084760920064 gangbanghangchang.myftp.biz # Reference: https://twitter.com/James_inthe_box/status/1110579161884577792 172.81.132.137:54984 # Reference: https://twitter.com/x42x5a/status/1113414801705844738 kgentle77.duckdns.org # Reference: https://twitter.com/ScumBots/status/1114521149034123265 185.101.94.172:36460 rmcos.sparcos-es.com # Reference: https://twitter.com/HerbieZimmerman/status/1115325369371045889 185.165.153.114:2525 # Reference: https://twitter.com/x42x5a/status/1115556640026177537 184.75.209.169:5787 # Reference: https://twitter.com/malwrhunterteam/status/1115942079711129602 ebaystube.hopto.org # Reference: https://twitter.com/Racco42/status/1116793128319459329 moran101.duckdns.org # Reference: https://pastebin.com/S3cZw7CA 154.16.63.122:1919 184.75.209.169:5787 185.56.90.91:1989 185.84.181.83:5302 194.5.98.26:1012 194.5.99.229:5050 213.208.152.197:9737 33393.ddns.net arab1.myq-see.com frazodee.hopto.org gefide5.ddns.net hhhssa.chickenkiller.com lacoban.ddns.net office365.duckdns.org onielnfo.ddns.net repoyochar2u.ddns.net repoyochar2u.hopto.org skynetcdt.dyndns.org webaccess.hopto.org wilfred123.ddns.net # Reference: https://pastebin.com/ZCVB1pww 103.200.6.3:5490 181.214.55.23:9989 181.215.247.55:9780 185.148.241.40:3413 185.208.211.13:1943 185.244.30.106:1985 185.244.30.116:1985 185.244.30.98:8030 194.5.99.176:54984 194.5.99.181:4488 194.5.99.84:1604 194.68.59.45:32101 86.144.241.171:1608 95.140.125.77:52097 95.140.125.79:10203 ADMIN.ndplc.gq anunankis3.duckdns.org burdun.dynu.net cjbo12.ddns.net ibrak.ddns.net jacksmithcarter.ddns.net jasoiuuydealaa.sytes.net kenzog.no-ip.biz kroger.ddns.net lordblessme.duckdns.org lordblessme.hopto.org MARKET.ndplc.gq microsoftware.hopto.org netframework.serveminecraft.net okaforchukwuma247.ddns.net parcel.duckdns.org rattool0.ddns.net rogersbvrly0123.ddns.net shahan1337.ddns.net shootingstar.ddns.net talknahealga1974.myq-see.com vpnserver.ddns.me xxxnpornlegitnoscam.ddns.net # Reference: https://ghostbin.com/paste/qyhf6 107.173.58.71:30117 109.247.80.150:20000 154.16.201.167:3114 154.16.220.215:7177 173.46.85.23:1996 178.209.51.235:4156 181.215.247.13:19983 181.215.247.189:4199 181.215.247.194:1002 181.215.247.70:7000 185.121.166.5:1012 185.244.30.121:5129 185.244.30.127:1985 185.244.30.94:8030 185.244.30.98:9645 185.84.181.65:8128 189davidcameron.ddns.net 191.101.22.231:7200 194.5.99.179:4040 194.5.99.197:54984 194.5.99.22:3940 194.5.99.5:2017 194.68.59.31:1756 198.23.210.211:5890 2018bless.duckdns.org 212.7.208.100:17084 212.7.208.155:10001 212.7.208.94:3413 213.184.126.145:2001 31.220.7.204:1626 37.49.225.19:4335 41.231.120.13:9176 45.35.105.149:30198 46.36.39.22:2212 62.109.11.164:54984 78.47.149.66:7331 79.172.242.29:36378 88.208.246.117:7000 89.35.228.239:57356 89.46.222.206:9998 91.192.100.23:7012 91.192.100.4:3535 91.192.100.5:8181 91.92.136.158:1608 95.140.125.52:2018 95.140.125.85:6020 95.213.251.165:2547 a.tomx.xyz anonymouss21.ddns.net babazam.xyz baseman45.pdns.cz bennicholas.hopto.org bitcoinonemmusd.hopto.org bnow.duckdns.org brytonwilliams.ddns.net chykn.hopto.org comboplug.duckdns.org darkrig1.ddns.net dayung.duckdns.org dickson78.duckdns.org ehispride1.ddns.net frankfurt1.perfect-privacy.com frankfurt2.perfect-privacy.com frankwill12.ddns.net godsblessing.dotdns.ch heinrichschroth.hopto.org ijomsdavis1.ddns.net irofuuzo.ddns.net isaacjekwu123.ddns.net kotsiros.ddns.net lappenfick.hopto.org lascoyaya.sytes.net maxwellclassic.ddns.net mercadoliinio.duckdns.org mikkymouse.duckdns.org mybackups.duckdns.org nano.xblbyesma.com nanoip2.ddns.net newera.serveftp.com officewkgrace.ddns.net osynewvps.duckdns.org paychenco.ddns.net paymeaji.ddns.net snooper112.ddns.net suncraft.duckdns.org sydneyjames101.ddns.net timmy44.ddns.net timmy55.ddns.net tonymaris.ddns.net TUIYR.chickenkiller.com wackysite.duckdns.org xblbyesma.com yannythefanny.ddns.net z.whorecord.xyz # Reference: https://twitter.com/James_inthe_box/status/1029752092473217025 185.82.220.137:33691 # Reference: https://twitter.com/pancak3lullz/status/1115982919628148736 194.5.99.30:4488 # Reference: https://twitter.com/pancak3lullz/status/1083411311160102912 185.125.205.71:6789 omada20.ddns.net # Reference: https://twitter.com/pancak3lullz/status/1082284798708723713 185.125.205.68:3190 jasoncarlosscot.hopto.org # Reference: https://twitter.com/pancak3lullz/status/1080543756456214528 173.46.85.96:2222 chibuike.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1120752034829856768 91.192.100.50:7030 # Reference: https://twitter.com/dvk01uk/status/1121633456323088387 # Reference: https://app.any.run/tasks/44328111-a0d3-48b5-bc50-2e7e45118261 adobemoney.linkpc.net 31.220.43.113:7788 # Reference: https://twitter.com/luc4m/status/1121805940632817664 77.48.28.247:5378 # Reference: https://twitter.com/MalwareConfig/status/775345497422831616 nipples.chickenkiller.com # Reference: https://twitter.com/MalwareConfig/status/772909731287564288 # Reference: https://malwareconfig.com/config/0c0e3b6d38c265acb8a2b57cdf15803e/ 109.169.61.7:6565 # Reference: https://twitter.com/Racco42/status/1122972672001019906 185.101.94.172:3018 # Reference: https://twitter.com/r0ny_123/status/1017730367149760518 # Reference: https://app.any.run/tasks/c4fb59da-cded-4fa9-9a1f-9409a52b7ed3 191.96.249.27:3360 # Reference: https://twitter.com/x42x5a/status/1123179932404846593 wazaa.mywire.org # Reference: https://twitter.com/dvk01uk/status/1123176385252614145 # Reference: https://app.any.run/tasks/bbe15eb1-1bbe-437f-bdda-5b83fc47b8b5 185.247.228.142:3196 # Reference: https://twitter.com/Racco42/status/1124289220653142016 # Reference: https://app.any.run/tasks/385b66d9-8455-4501-9828-ce8e3ff255b7 wiz2019.ddns.net 185.165.153.110:9124 # Reference: https://twitter.com/Racco42/status/1125377644814581760 # Reference: https://app.any.run/tasks/4edc7722-c6a6-480a-a5ce-dc8ec2c6ee14 nonox.duckdns.org 185.247.228.171:2741 # Reference: https://twitter.com/P3pperP0tts/status/1125807083700539392 bio4kobs.geekgalaxy.com # Reference: https://twitter.com/dvk01uk/status/1126018535094931456 rajahclassic.chickenkiller.com # Reference: https://twitter.com/dvk01uk/status/1126332447321411584 # Reference: https://app.any.run/tasks/5e801075-d3af-48b2-9c69-2d838b4ba7b9 91.193.75.239:5494 # Reference: https://twitter.com/58_158_177_102/status/1126774468053889031 # Reference: https://app.any.run/tasks/5f4957cb-3478-4184-a6af-ca0d82fc0415 # Reference: https://app.any.run/tasks/84c87a15-34c7-4434-93ae-6f02b524aad6 kartelicemoney.duckdns.org 105.112.112.160:1707 # Reference: https://twitter.com/x42x5a/status/1128982111711584256 frankwill12m.ddns.net # Reference: https://twitter.com/ScumBots/status/1132417823760896000 24e26s2854.wicp.vip # Reference: https://twitter.com/James_inthe_box/status/1133059402800386051 wazy1010.ddns.net # Reference: https://twitter.com/ScumBots/status/1133331342572236801 120.24.231.105:7334 # Reference: https://twitter.com/JAMESWT_MHT/status/1134365902173102080 # Reference: https://app.any.run/tasks/94641e32-9b9d-4da3-8345-f07e8922b7c6/ 194.5.98.5:1680 # Reference: https://twitter.com/JAMESWT_MHT/status/1134478806473986049 # Reference: https://app.any.run/tasks/62f68bae-1b8f-40b6-883d-a48178c0e277/ 79.134.225.51:3030 # Reference: https://twitter.com/Racco42/status/1136593634650927105 80.85.153.187:30301 # Reference: https://twitter.com/James_inthe_box/status/1136778097615724548 185.217.1.133:50317 # Reference: https://app.any.run/tasks/12b3ea80-4345-4f3b-b628-a10c0195854a/ 91.193.75.239:5494 # Reference: https://twitter.com/luc4m/status/1138064069284573184 bukis228.ddns.net # Reference: https://twitter.com/Zerophage1337/status/1138099090556932097 91.193.75.21:5626 atiku.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1138478169755754496 ganif.ddns.net shedyshedy.ddns.net # Reference: https://app.any.run/tasks/cb0e97af-6122-4181-87e5-842dedde0d77/ 178.239.21.116:1186 # Reference: https://blog.yoroi.company/research/dissecting-nanocore-crimeware-attack-chain/ 185.244.31.50:1540 79.134.225.41:2031 # Reference: https://twitter.com/P3pperP0tts/status/1139942794590601216 # Reference: https://pastebin.com/bpabKNNZ 185.244.31.25:3575 185.244.31.31:8181 91.193.75.239:5494 ambit19.ddns.net ip2locate.ddns.net ochaforward.hopto.org templerun.ddns.net # Reference: https://twitter.com/dvk01uk/status/1141317977167605765 # Reference: https://app.any.run/tasks/0a32df75-7fa1-4ac4-b093-9422785aa904/ 69.65.7.135:8484 # Reference: https://myonlinesecurity.co.uk/nanocore-rat-via-fake-dhl-failed-delivery-in-chinese/ # Reference: https://app.any.run/tasks/bae68d93-a378-436a-b809-362b00fd84d5/ 185.244.29.22:6699 microsoft.btc-crypto-rewards.cash # Reference: https://twitter.com/Racco42/status/1141106627229212673 # Reference: https://twitter.com/HerbieZimmerman/status/1141408019571458049 justgo.linkpc.net 104.206.98.246:30301 # Reference: https://twitter.com/reecdeep/status/1143821025748164608 # Reference: https://app.any.run/tasks/6ad55b12-af6b-419d-b375-b87c25c82056/ 79.134.225.12:5000 # Reference: https://twitter.com/ffforward/status/1144531131326504961 feshng.hopto.org 134.3.20.151:7789 185.165.153.171:7789 # Reference: https://twitter.com/luc4m/status/1145603655413981185 southmoney.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1145680737971998720 pay1.duckdns.org # Reference: https://twitter.com/killamjr/status/1145758143395373056 103.133.109.109:2040 # Reference: https://pastebin.com/S4ggik78 dxbdoc.ddns.net jodeal.casacam.net nemesis225.duckdns.org popsudtsucks.duckdns.org # Reference: https://twitter.com/JayTHL/status/1146482606185308160 23.249.168.10:1982 ogodoswar.ddns.net # Reference: https://twitter.com/killamjr/status/1146498532716793856 # Reference: https://app.any.run/tasks/5db94abe-1315-4b95-9d49-704db75df4c0/ 5.196.203.64:42093 thefrench.duckdns.org # Reference: https://twitter.com/reecdeep/status/1146669422448435201 # Reference: https://app.any.run/tasks/70b936c4-e4eb-44f3-a15e-e2663fb19562/ 79.134.225.51:3030 # Reference: https://twitter.com/ScumBots/status/1147928776216653825 141.255.145.32:1604 # Reference: https://twitter.com/reecdeep/status/1148901391001407494 79.134.225.12:5000 # Reference: https://twitter.com/James_inthe_box/status/1149026394472472576 185.244.31.81:3487 # Reference: https://twitter.com/D3LabIT/status/1149659498350407680 # Reference: https://app.any.run/tasks/70dfba07-7b8a-4bff-a71e-c520f977f3d2/ 185.247.228.191:1540 # Reference: https://twitter.com/P3pperP0tts/status/1150326099416686592 benders.zapto.org debase45.ddns.net # Reference: https://www.virustotal.com/gui/file/af0fbb1773a61cc3cd40cb559ecea7fec657769c5179bfcdfae0d63803b48497/behavior/Dr.Web%20vxCube # Reference: https://app.any.run/tasks/611b13bd-4c3b-48f9-a86f-b1eb99eee413 updated01.ddns.net # Reference: https://twitter.com/JAMESWT_MHT/status/1151385321587838978 # Reference: https://twitter.com/reecdeep/status/1151756075407945729 # Reference: https://app.any.run/tasks/457db32a-37d5-4661-8343-66acae38c8d2/ nacoreloaded12.ddns.net 160.202.163.244:3126 # Reference: https://twitter.com/B1naryG/status/1151424533032816641 # Reference: https://app.any.run/tasks/40a6bc66-e98b-4cd7-a077-bc773d0ed954/ 185.247.228.17:47581 etoiilefiiilante.duckdns.org # Reference: https://twitter.com/coderippers/status/1152188547253846016 moneybag042.warzonedns.com # Reference: https://twitter.com/reecdeep/status/1145943064961269760 mardinmagic.ddns.net # Reference: https://twitter.com/coderippers/status/1153267389632602114 185.125.205.75:54984 blackhill.ddns.net # Reference: https://twitter.com/dvk01uk/status/1153283443133964290 avt.duckdns.org # Reference: https://twitter.com/James_inthe_box/status/1153672360265781249 localdesk.ddns.net # Reference: https://twitter.com/dvk01uk/status/1154367978152124418 onpcsetup.duckdns.org # Reference: https://twitter.com/ScumBots/status/1154636731074908160 5.188.9.57:7575 # Reference: https://twitter.com/James_inthe_box/status/1154762726494765056 newmicke2019.ddns.net # Reference: https://twitter.com/Racco42/status/1155776895394439168 # Reference: https://app.any.run/tasks/f1d56790-6fee-481e-b40f-85453d3d52ca/ moneybag042.warzonedns.com 36.255.97.73:2040 # Reference: https://twitter.com/Paladin3161/status/1157070115038478338 79.134.225.96:5556 # Reference: https://twitter.com/Paladin3161/status/1156903664302215169 185.217.1.156:5200 warzoneburky.ddns.net # Reference: https://twitter.com/wwp96/status/1158427926750212096 eguchinomso.duckdns.org # Reference: https://twitter.com/wwp96/status/1158390337372655617 primaryjet.duckdns.org 142.44.161.51:5232 # Reference: https://twitter.com/killamjr/status/1159132424544149504 # Reference: https://app.any.run/tasks/a227900f-9fd8-4e82-84b7-7d93357517ea/ 160.116.15.132:2382 kalakuta.ddns.net # Reference: https://twitter.com/ScumBots/status/1162416745317052417 178.117.59.19:25565 # Reference: https://twitter.com/ScumBots/status/1163001849731063810 184.57.168.28:1705 # Reference: https://twitter.com/wwp96/status/1163472330565332992 # Reference: https://app.any.run/tasks/0cbd5edf-c36a-48d8-b9ae-67ad0b83d759/ 23.105.131.129:7080 patgini.duckdns.org # Reference: https://twitter.com/killamjr/status/1164172558700204032 attilabanks.ddns.net # Reference: https://twitter.com/reecdeep/status/1164422876017115136 79.134.225.52:1991 # Reference: https://twitter.com/reecdeep/status/1164432216010702848 # Reference: https://app.any.run/tasks/2e09254a-c57f-4d6d-8186-de18a9eb75fe/ 79.134.225.108:1135 systempc1.ddns.net # Reference: https://twitter.com/reecdeep/status/1164466004480745472 # Reference: https://app.any.run/tasks/0fa8bc38-52f8-4e4e-af68-65b737625372/ 79.134.225.55:7030 pacotdc2020.duckdns.org # Reference: https://twitter.com/reecdeep/status/1163354232113831936 # Reference: https://app.any.run/tasks/76c3a5e1-5a04-489f-a59b-2408524d14ce/ 66.133.76.69:8631 cjchijioke.zapto.org # Reference: https://twitter.com/killamjr/status/1164514185243430914 # Reference: https://app.any.run/tasks/0da0b775-3f5c-4277-99af-1681833f4a05/ 194.5.98.24:4564 recoverypw.duckdns.org # Reference: https://twitter.com/reecdeep/status/1164792320396365829 194.5.98.137:7895 engineer.hopto.org # Reference: https://twitter.com/DynamicAnalysis/status/1166030024635498496 91.189.180.211:4740 bsbs.duckdns.org # Reference: https://twitter.com/reecdeep/status/1166238086084345857 # Reference: https://app.any.run/tasks/ff57ad8c-a66c-47f8-b42b-d6026d94ad5f/ 185.19.85.171:59 agahwon.duckdns.org # Reference: https://twitter.com/reecdeep/status/1166605833343553536 # Reference: https://app.any.run/tasks/28a1f567-1857-4bd1-a4d2-edb1db79c66a/ 194.5.98.225:54984 apapurevpn.ddns.net # Reference: https://twitter.com/Jouliok/status/1166616872474894337 # Reference: https://app.any.run/tasks/2bfd1d45-eec2-443b-bf71-e18df582f076/ 185.105.236.176:2179 calitus.hopto.org # Reference: https://twitter.com/Paladin3161/status/1167027534828978177 ariascopetrading.hopto.org # Reference: https://twitter.com/de_aviation/status/1097547526763433985 bnow.duckdns.org ciao2.hopto.org dwxi.duckdns.org dxbdoc.ddns.net fillup.duckdns.org hardrickkonsult.duckdns.org jodeal.casacam.net kendomoney2.duckdns.org moneymen2019.ddns.net mrstan.duckdns.org nemesis225.duckdns.org popsudtsucks.duckdns.org roblox.webredirect.org wackysite.duckdns.org winsec.dynu.net # Reference: https://twitter.com/p5yb34m/status/1167130345965117440 manblues.sytes.net # Reference: https://twitter.com/wwp96/status/1167837052097970176 sandshoe.duckdns.org smartcoonect.duckdns.org # Reference: https://twitter.com/wwp96/status/1167830992587034624 saintjames.publicvm.com # Reference: https://twitter.com/wwp96/status/1167834053590097921 # Reference: https://app.any.run/tasks/5260bec5-bff2-44f4-983f-9dc2adde3113/ 142.44.161.51:5089 nnjhjhjj.duckdns.org # Reference: https://twitter.com/Racco42/status/1168622419256459266 # Reference: https://app.any.run/tasks/8f34b304-4350-4ca9-87f1-00fd92b88454/ 154.68.5.169:49153 chance2019.ddns.net # Reference: https://twitter.com/reecdeep/status/1168795298715639808 # Reference: https://app.any.run/tasks/c23caa1a-41f5-43d2-8c63-4e8e4d45a98f/ 185.105.236.134:9412 fredwil.ddns.net # Reference: https://twitter.com/ps66uk/status/1169181097604915200 79.134.225.108:5592 98.143.144.232:58566 mstanley.ufcfan.org worklogin2019.duckdns.org # Reference: https://twitter.com/James_inthe_box/status/1169339642115588096 eventuary.ddns.net # Reference: https://twitter.com/DynamicAnalysis/status/1169336301818130432 105.112.98.206:1144 173.254.223.125:1144 meeti.ddns.net # Reference: https://twitter.com/wwp96/status/1170310504029536256 blackhill.ddns.net # Reference: https://twitter.com/wwp96/status/1170336591635783680 # Reference: https://app.any.run/tasks/79afa5de-1f01-4b27-ab24-4239512844ff/ 185.105.236.176:5721 weiby.hopto.org # Reference: https://twitter.com/Paladin3161/status/1170706804864536576 bloc2020.ddns.net # Reference: https://app.any.run/tasks/38a77fc4-420f-493d-985b-b3a0577ff256/ 185.165.153.35:30089 # Reference: https://twitter.com/wwp96/status/1171063529929105412 # Reference: https://app.any.run/tasks/4a93b3f3-2876-45c5-9501-410830ee0d5b/ 185.165.153.56:4040 eizzymoney.ddns.net # Reference: https://twitter.com/wwp96/status/1171065447967580162 # Reference: https://app.any.run/tasks/c3334463-7291-42b6-bcdf-e9b850b8192b/ 51.89.142.95:5454 abc.hopto.me # Reference: https://app.any.run/tasks/c9c03c22-e430-408d-b971-c6e4f9effca9/ moran101.duckdns.org moran007.duckdns.org # Reference: https://twitter.com/wwp96/status/1171407790449012736 # Reference: https://app.any.run/tasks/64497ded-42f5-4689-8ea3-c23864707166/ # Reference: https://app.any.run/tasks/9b106ed5-ddbf-405b-986f-dc48525b0d51/ 103.200.6.79:2277 103.200.6.79:7722 renaj.duckdns.org # Reference: https://twitter.com/Paladin3161/status/1171762981673172992 1gstemos.duckdns.org danishcent.duckdns.org jaden222.kozow.com # Reference: https://twitter.com/JayTHL/status/1171792541240442880 91.189.180.218:4435 btchtu.duckdns.org # Reference: https://twitter.com/Paladin3161/status/1171952485625262080 officeofgrace14.ddns.net # Reference: https://twitter.com/reecdeep/status/1172525114036039680 # Reference: https://app.any.run/tasks/237d0b43-2489-4854-bbc2-4c459598e3c8/ 185.19.85.159:3000 # Reference: https://twitter.com/dvk01uk/status/1172755193206845444 # Reference: https://app.any.run/tasks/e0c2b41e-0b42-4c96-b0bc-72fd6be85284/ 185.165.153.121:76 deburg.duckdns.org # Reference: https://twitter.com/killamjr/status/1173262255611269120 # Reference: https://app.any.run/tasks/28aa0199-0428-4812-b9fa-687a69c5bd7b/ 79.134.225.104:4050 # Reference: https://twitter.com/coderippers/status/1156857536026484736 103.200.6.3:2016 # Reference: https://app.any.run/tasks/bc5b715c-7bfa-4025-9a42-58de61855990/ saintjames.publicvm.com # Reference: https://www.virustotal.com/gui/file/3f5bce47783e3a859fbb467b72f659ba95ccbcacc5f0906a9615fa44dfbb3bb4/detection 79.134.225.106:9124 shekinahwiz.ddns.net # Reference: https://twitter.com/killamjr/status/1178663514900238336 # Reference: https://app.any.run/tasks/177c7ec2-fb0a-4302-b871-8bdb359624df/ 194.5.98.123:33733 # Reference: http://vxcube.com/recent-threats-ioc/5d3781b3a39bb560702e4a13/detail nanocore511.ddns.net avt.duckdns.org jimmycharles2468.ddns.net kennethpeters.ddns.net king8950.duckdns.org ilepilub.myhostpoint.ch sammorrisok55.duckdns.org abundantgrace1.ddns.net warzoneburky.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1179774489514496000 59108.duckdns.org # Reference: https://app.any.run/tasks/cdef8e3a-c2e1-4363-8f85-219925f5e5ad/ odogwu222.duckdns.org # Reference: https://twitter.com/ScumBots/status/1180811705280012288 94.107.59.249:54984 connectings.ddns.net # Reference: https://twitter.com/Paladin3161/status/1181188506980208640 kartelicemoney.duckdns.org # Reference: https://twitter.com/Racco42/status/1181330436162818054 # Reference: https://app.any.run/tasks/1fc0964a-4d9e-45bd-a982-8bb6e6251b48/ 194.5.98.127:5882 ify.duckdns.org # Reference: https://twitter.com/Racco42/status/1181670662194257936 # Reference: https://app.any.run/tasks/77b8af9e-239e-42c6-8670-69984eb22afa/ 79.134.225.42:1985 # Reference: https://twitter.com/ffforward/status/1181853927156920321 # Reference: https://app.any.run/tasks/d78e78a4-824c-44d9-a0f8-a25be2a038af/ 79.134.225.46:9020 mulla.hopto.org # Reference: https://twitter.com/Racco42/status/1182064994516643841 79.134.225.119:55112 # Reference: https://app.any.run/tasks/c14fcbdc-edc1-427b-9f15-bd047abb1e8c/ 194.5.98.251:5540 # Reference: https://twitter.com/w3ndige/status/1176905272549400579 # Reference: https://app.any.run/tasks/b4fdda7d-737a-4493-913c-e1cff8987d4a/ 185.217.1.173:9834 antihunger.dynu.net # Reference: https://twitter.com/w3ndige/status/1165906300754104322 103.200.5.128:8776 gregvictor.hopto.org # Reference: https://twitter.com/P3pperP0tts/status/1186665154513195013 79.134.225.70:3940 danishcent.duckdns.org # Reference: https://twitter.com/w3ndige/status/1188840789016764416 # Reference: https://app.any.run/tasks/7e37ef77-7127-4213-b8e5-ee24f8658e8d/ 185.165.153.239:9834 newone11.mywire.org # Reference: https://twitter.com/wwp96/status/1188887309091033089 # Reference: https://app.any.run/tasks/95daf9a7-d985-4928-8220-c12bf45b3334/ 185.165.153.16:6939 morgan22.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/79.134.225.125/relations # Reference: https://www.virustotal.com/gui/file/603d6fc8c41c2a18139857e27a7dc3e050f3c9ddfac7cccc92c4e454408fb896/detection tijanml.duckdns.org # Reference: https://www.virustotal.com/gui/ip-address/79.134.225.125/relations # Reference: https://www.virustotal.com/gui/file/98be89b13355f98a1e7faf259312b0054159aeffa9d222101c2227854d5089e8/detection 79.134.225.125:1985 # Reference: https://www.virustotal.com/gui/ip-address/79.134.225.125/relations # Reference: https://www.virustotal.com/gui/file/97f32d9e89e510d6e9c26d0a91d3e08692932d0d2a2264a7369b5a133fade0b5/detection 79.134.225.125:5001 teryts1802.sytes.net # Reference: https://www.virustotal.com/gui/file/fc6a0c7a5758bf1dd04e30c58680fc842316b2078635df3449f51e12322c176a/detection # Reference: https://www.virustotal.com/gui/ip-address/37.235.1.174/relations 37.235.1.174:53 # Reference: https://www.virustotal.com/gui/file/4928fdede6439ab72afc175ef367440d665c876d7c3a1bff09ffd6c53752ce56/detection 185.217.1.135:137 37.235.1.177:53 alaincrestel1900.ddns.net larbivps.freemyip.com # Reference: https://www.virustotal.com/gui/file/9c70295e9fedc283b112db777ccb3cd35b8177ce258d773f6d1df26692d0fedc/detection beast999.ddns.net # Reference: https://www.virustotal.com/gui/file/70fe32a3ed8a6d0faf3ac6d460b3b1c4dcb8819fe7ca86069a7ff6479282562e/detection SchoolServer405.mooo.com # Reference: https://www.virustotal.com/gui/file/5068c69231bfd86ed423021ce32a189b3d7f92391917b9b62251a545bb98834b/detection 88.235.181.40:8282 victoryinkings.ddns.net # Reference: https://www.virustotal.com/gui/file/dc23e79acb4676f260b0c5a29c1315395b0099c11a954d1d85180161225d25e7/detection # Reference: https://www.virustotal.com/gui/file/c4eab66d81ba8fab271e01d6080978ffad715c77734b43ce8ee0d6906f2c8186/detection 154.118.70.199:6060 41.217.61.245:6060 79.134.225.74:6060 obu.duckdns.org # Reference: https://www.virustotal.com/gui/file/b174b1345931d9f22e75bdfe7ec10241c047c6cc82ca223224d3bdb0ca470234/detection 79.134.225.7:8282 conana666.ddns.net # Reference: https://www.virustotal.com/gui/file/100b4b69c75870f8134238b0b26e7c666a57c2e0ed46729297cb527ec67d1d5b/detection xsrt7dtftvf.ddns.net # Reference: https://www.virustotal.com/gui/file/5d6decfa7304de309e330fcb8483261e4b1b3ad6515cebba33a23ab3db050d4d/detection 79.134.225.116:1604 91.193.75.48:1604 staffordcranegroup1.ddns.net # Reference: https://www.virustotal.com/gui/file/143fa3aad33c18877ed9e435d140b9be6b92e20e8a767e6098b43caabf7734ac/detection 79.134.225.74:1111 lecamerenhaut.freemyip.com # Reference: https://www.virustotal.com/gui/file/6ce3f65a76bae40596eebd524b5389e409ddaa0e03d62dcbe314adead20ce2e2/detection 194.5.98.190:9098 norly.ddns.net # Reference: https://www.virustotal.com/gui/file/891152054d208fd7da085b63d53821e14ce6c6f128e1dda6d569fded36ee04b6/detection 41.203.78.246:8282 # Reference: https://www.virustotal.com/gui/file/773b78f8aef041ebf69887c0bd08d675591f28c5c1334ab078865303e17a6620/detection 185.247.228.15:4040 ellababy123.ddns.net # Reference: https://www.virustotal.com/gui/file/1c01644bf0467a11d1966af6f334d4c0c0eb1d432e794d3a077429feb2ad9fd7/detection clanige4.ddns.net # Reference: https://www.virustotal.com/gui/file/da32aadc61ccfd99fd0617f5f763d06db2d01c2fb604239c775a2ee40a3d8b5b/detection 41.203.78.34:8282 # Reference: https://www.virustotal.com/gui/file/492dbe76f0fc6405cccd22266e7c4a3f138e834d81689250da1e1c676bebeef0/detection 185.19.85.183:8809 odogwuchacha.ddns.net # Reference: https://www.virustotal.com/gui/file/3853bdd2d2062612f2db5244f330edf0b20dee4531e219b9a2040b21aecaa5c8/detection thierrydeffo4.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/58270868d40ff869a4d08d3e0f893da3c51e7261ba80b34bbee4510126533b6a/detection 79.134.225.77:8282 smart234.ddns.net # Reference: https://www.virustotal.com/gui/file/7110a71d6600a756d0aa9fadbcba104dba6ef22114974eee2a6676445298d4aa/detection 79.134.225.8:6453 alphaget.ddns.net xaoc6y6yy6.bounceme.net # Reference: https://www.virustotal.com/gui/file/b65848b6c2ae77863acf09d5f29bf6f1e1b2fbd98833a040e6f53bcbbc004cb4/detection 79.114.124.253:1608 homelaptop.ddns.net # Reference: https://www.virustotal.com/gui/file/8eb3451aa4b96c3dd16c0968f7c4f3261eeb1a550f3648aa21e19a56e46d22c0/detection 79.134.225.75:4040 # Reference: https://www.virustotal.com/gui/file/8af64061540bafe06aaf819eb09db32dcc6b2cceca569a2726375da1d8225f77/detection 185.165.153.11:9090 riotriot.ddns.net # Reference: https://www.virustotal.com/gui/file/7d9290ee70bef014939f22007f1de6ed33e0762bdc61e96e659bfe77456bfbdf/detection 41.203.78.158:9090 # Reference: https://www.virustotal.com/gui/file/1ff40475eb58edf037a554b8821935b2e6016f00ff18d51a822e98a0cc4cdeb1/detection 0.tcp.ngrok.io 18.188.14.65:19546 3.14.212.173:19546 3.17.202.129:19546 3.19.3.150:19546 3.19.114.185:19546 # Reference: https://www.virustotal.com/gui/file/0a53eae7a195a84a43bc19452b25e05c5a9cf3ba7533d02e742f610fa5e13d40/detection 18.223.41.243:15816 3.17.202.129:15816 # Reference: https://www.virustotal.com/gui/file/3b48e822297e8352840ddd91546caeb951af876c64653f7d8db7ec5d96087684/detection 68.198.117.153:4782 bfe0to1zem2ogior.serveminecraft.net # Reference: https://www.virustotal.com/gui/file/31b29c53a227bd0008c461d33538899db0673a37dc47e71ae42f0d6b32bfa511/detection 79.134.225.105:4040 # Reference: https://www.virustotal.com/gui/file/22b073c978eeadcfb751d12ceff7cf1b27b802b4329764553b998426bd05855d/detection 68.192.14.107:1605 # Reference: https://www.virustotal.com/gui/file/a40f890fbf60291ee34505f1dac3986cc249127f7edab134803cda5f17039c91/detection lasius.duckdns.org # Reference: https://www.virustotal.com/gui/file/a6457cfeab68e8c662c4d9d75b074f000a1103a0966d5819a49dc6b03f78b802/detection # Reference: https://www.virustotal.com/gui/file/0777ecb019654f0b8fc2961768f35dc4d41f3def47863b055c3118755bb0ad9a/detection 185.217.1.180:1604 197.210.64.86:1604 lucasdesmond31.ddns.net # Reference: https://www.virustotal.com/gui/file/69dcba1bd1cb70069101ae3e051d57a62eba2f7b9650f561be550e08663c83fd/detection procompany.ddns.net # Reference: https://www.virustotal.com/gui/file/f8397b1579dc91688b6c7994805e1efc5325ef22c0743d2009196fcd55d667f2/detection 173.254.223.68:8282 donsea1234.ddns.net # Reference: https://www.virustotal.com/gui/file/57b779b63c1444bd0e6d34ac75042fabc8aed7d8aa652793dd08bc54f378f566/detection 194.5.98.28:9090 # Reference: https://www.virustotal.com/gui/file/0e9025441bb5f7621694fd57ee55c63eb774464cb4c1b0d777bddb86871bcf68/detection 41.203.73.171:8282 # Reference: https://www.virustotal.com/gui/file/d899928e75e7109c964996cb6c8397b4e35cfb5561735578eb447545e7feb204/detection 41.203.78.159:8282 # Reference: https://www.virustotal.com/gui/file/03b3b1fb23a991b5bba7f886086caacafcef268b9bf5f178cbffc9735769eb5a/detection knsoverseaslimited.ddns.net # Reference: https://www.virustotal.com/gui/file/9ba1e7f53284d456d00db2eb8fb6406f5628666403a48456a8d7611c809c44e6/detection 197.210.62.44:8282 # Reference: https://www.virustotal.com/gui/file/7290e8234d47103dc7c3274b3c7e574970b97bdaa44ffbcc0201c69b0acb11cc/detection 197.210.62.32:8282 # Reference: https://www.virustotal.com/gui/file/fc6a0c7a5758bf1dd04e30c58680fc842316b2078635df3449f51e12322c176a/detection 79.134.225.69:8282 # Reference: https://www.virustotal.com/gui/file/290be52d7ca397be27d670ac37398b1ad5693b16dca6983c626db40e37247487/detection mprentignac.ddns.net # Reference: https://www.virustotal.com/gui/file/6f7753f614fb2c123a9fa55de0af097a4f92a7a350d88c55cf218ff5eac6a4f9/detection 41.203.78.182:9090 # Reference: https://www.virustotal.com/gui/file/5a79ba7f2bedbc8ccbfa3ea786be54334dbb76fef00f7b2173fe40c336b53372/detection beast1111.ddns.net # Reference: https://www.virustotal.com/gui/file/73102b5cd20c48cfd222d9ad0b618f069493a7ec566480c9b4871cbb2723a3ac/detection kene32145.ddns.net # Reference: https://www.virustotal.com/gui/file/82847914515e6c8d599e10547d1bdd834628539f4164ae6e07c0c92de3cf711b/detection 105.112.38.6:8282 # Reference: https://www.virustotal.com/gui/file/60778609ebb0625597a6c0b8021ef6c2155e937eb8bd70bd8043b60eada9b382/detection stevesteves001.warzonedns.com # Reference: https://www.virustotal.com/gui/file/505094e8b5ad5b7b536b08ef7e49d946bc7c4c66b7c22966dac0eaa98d29f6cf/detection 185.19.85.141:8282 # Reference: https://www.virustotal.com/gui/file/7e39c10423e4ef1e6fb07432a9af1ef7db0c3a85e874ada57d8aacdab8ad0975/detection 194.5.98.7:9098 # Reference: https://www.virustotal.com/gui/file/931f783ffeb0e5cd5b7e23fa484220f7ccd1d4739e72f440c20b63fb6a795736/detection 213.208.152.217:64816 # Reference: https://www.virustotal.com/gui/file/499843b56eab51e230b0234ab7db80ae3adbb80bdf81cfbfe85caf826e56e3a4/detection 213.208.152.217:9984 # Reference: https://any.run/malware-trends/nanocore (Note: as seen on 2019-12-04) alemaniaelmejor.duckdns.org anglekeys.duckdns.org bnow.duckdns.org codazzixtrem.duckdns.org dephantomz.duckdns.org duckdns4.duckdns.org gemalto.duckdns.org hicham9risa.duckdns.org info1.duckdns.org ipvhosted.duckdns.org jfcolombia001.duckdns.org kosovo.duckdns.org monlait-57586.portmap.host mrmarkangel.duckdns.org nickdns19.duckdns.org nickdns30.duckdns.org office365update.duckdns.org salesxpert.duckdns.org wackysite.duckdns.org wiskiriskis1982.duckdns.org # Reference: https://any.run/malware-trends/nanocore (Note: as seen on 2019-12-10) mv-s2s-dev.ngrok.io mynameisstaff.warzonedns.com okenwa.hopto.org 1990.duckdns.org xipp.duckdns.org 34112r.rapiddns.ru smartcoonect.duckdns.org duckdns4.duckdns.org salesxpert.duckdns.org ipvhosted.duckdns.org gemalto.duckdns.org jfcolombia001.duckdns.org office365update.duckdns.org kosovo.duckdns.org codazzixtrem.duckdns.org mrmarkangel.duckdns.org anglekeys.duckdns.org dephantomz.duckdns.org wiskiriskis1982.duckdns.org # Reference: https://twitter.com/JayTHL/status/1189592368879722497 201.76.93.201:53896 ruthless.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/185.217.1.137/relations 185.217.1.137:1604 blaert.jumpingcrab.com jobconnect.ddns.net makegoodpls.strangled.net royal69.ddns.net sharpinvader.duckdns.org # Reference: https://pastebin.com/29uSdMAk godwin.ddns.net # Reference: https://twitter.com/ViriBack/status/1187040674455130112 194.5.99.46:9090 # Reference: https://twitter.com/Paladin3161/status/1185424238611582977 197.210.52.28:3873 91.189.180.216:3873 dennisjose2v.zapto.org Maxiron2v2.hopto.org snooper113.duckdns.org # Reference: https://twitter.com/killamjr/status/1164514185243430914 # Reference: https://app.any.run/tasks/0da0b775-3f5c-4277-99af-1681833f4a05/ 194.5.98.24:4564 recoverypw.duckdns.org # Reference: https://twitter.com/coderippers/status/1156844258139299840 starlucky.warzonedns.com # Reference: https://twitter.com/JAMESWT_MHT/status/1145689873489301508 # Reference: https://app.any.run/tasks/4ee7d035-40d7-433c-9be8-44fd02bc7375/ 185.165.153.22:2040 giovan234.ddns.net # Reference: https://app.any.run/tasks/6eb2bffa-4f11-4aec-8b24-3695f22ae99d/ 185.165.153.114:2525 mrlogga19.duckdns.org # Reference: https://twitter.com/pollo290987/status/1115307260996202496 # Reference: https://www.virustotal.com/gui/file/d3cab59fb39c3312b93cbd10fc1f01bef963abdabe7acc30b8a9d101947e3143/detection # Reference: https://www.virustotal.com/gui/ip-address/181.52.252.80/details 181.52.252.80:1896 cee.duia.eu duck87.duckdns.org duckdns63.duckdns.org duckdns64.duckdns.org duckdns65.duckdns.org ja0269485.duckdns.org josesarmiento098765.duckdns.org josezulu898989.duckdns.org juanjosequitero.duckdns.org marketing.con-ip.com nick107.duckdns.org nick89.duckdns.org nick91.duckdns.org nick92.duckdns.org nickd93.duckdns.org nickddns103.duckdns.org nickddns90.duckdns.org nickdns101.duckdns.org nickdns102.duckdns.org nickdns104.duckdns.org nickdns106.duckdns.org nickdns107.duckdns.org nickdns44.duia.eu nickdns48.duckdns.org nickdns49.duckdns.org nickdns51.duckdns.org nickdns52.duckdns.org nickdns53.duckdns.org nickdns54.duckdns.org nickdns56.duckdns.org nickdns58.duckdns.org nickdns59.duckdns.org nickdns61.duckdns.org nickdns62.duckdns.org nickdns66.duckdns.org nickdns71.duckdns.org nickdns72.duckdns.org nickdns75.duckdns.org nickdns76.duckdns.org nickdns79.duckdns.org nickdns80.duckdns.org nickdns81.duckdns.org nickdns82.duckdns.org nickdns84.duckdns.org nickdns85.duckdns.org nickdns87.duckdns.org nickdns94.duckdns.org nickdns95.duckdns.org nickdns96.duckdns.org nickdns97.duckdns.org nickdns98.duckdns.org nickdns99.duckdns.org # Reference: https://app.any.run/tasks/ba903cda-43f6-47af-9721-f64028df4ce1/ http://evogenicpvt.net/expt/payreceipt.exe sain123.sytes.net 142.44.161.51:5219 # Reference: https://app.any.run/tasks/978d8b3f-f303-4b0f-bec9-9879bd144916/ clintonlog.hopto.org # Reference: https://app.any.run/tasks/811b9caf-71d9-4cdb-b707-a08f8c6a29b0/ harri2gud.duckdns.org # Reference: https://app.any.run/tasks/9ce5f594-1c1c-4ad2-822d-f904bc946ccf/ # Reference: https://twitter.com/peric0/status/1192862785711083520 # Reference: https://app.any.run/tasks/4b2c22dc-5abb-4c3d-a25f-97cba3f34902/ 79.134.225.76:9900 abokiisback.duckdns.org # Reference: https://app.any.run/tasks/9ddb7ab3-038e-4c49-b6c9-49523f2fd056/ cbswgc.duckdns.org # Reference: https://app.any.run/tasks/924d69ef-51fb-4e1a-b7a5-d14b7cbae7ac/ 194.5.99.6:6789 # Reference: https://app.any.run/tasks/85f5b765-b054-4fba-a50a-91bc39fe1c74/ papa.redirectme.net # Reference: https://twitter.com/MalwareConfig/status/1191909772376887296 # Reference: https://malwareconfig.com/config/29fb4a3586cfde6569e47c2bb746ec8f 213.208.152.214:5999 strongods.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/185.165.153.150/relations # Reference: https://www.virustotal.com/gui/file/a643eb192412836ec1053aac2e8e172c6c61d84df92f9340ef5e453e88cf0be1/detection # Reference: https://www.virustotal.com/gui/file/de7e6813575993eb770ab6bcfd740f57af36e43abba271a889cd57a82ae92d45/detection 185.165.153.150:4922 185.165.153.150:6703 crpa.noip.me masked101.duckdns.org rentals.insidedns.com ru2-pool-1194.nvpn.so tradcan.duckdns.org # Reference: https://twitter.com/MalwareConfig/status/1192436545632055297 # Reference: https://malwareconfig.com/config/78efefde393dca7373734ce7af734e9d novlachy.duckdns.org # Reference: https://twitter.com/Paladin3161/status/1192421564580429825 # Reference: https://pastebin.com/66DbarxY cjay55.duckdns.org deaphnote.ddns.net fresh22.duckdns.org indomie.zapto.org jeffserver.duckdns.org mgc001.duckdns.org wazzy111.duckdns.org # Reference: https://twitter.com/pancak3lullz/status/1192523361336877056 79.134.225.71:2222 loveday10.ddns.net # Reference: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/double-loaded-zip-file-delivers-nanocore/ # Reference: https://www.virustotal.com/gui/file/91d539af85599fda3fb2fb023866b72d64adc2bb95f6153e655cc844564de02e/detection 194.5.98.85:11903 allodeh2.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1191757187254644736 indomie.zapto.org # Reference: https://twitter.com/killamjr/status/1191561859901673472 79.134.225.61:83 # Reference: https://app.any.run/tasks/62411b4c-8823-4365-a062-0b9c7d6ba5e3/ 194.5.97.10:5626 novlachy.duckdns.org # Reference: https://twitter.com/coderippers/status/1192746152514469888 185.165.153.79:54984 # Reference: https://any.run/report/11b9f94f97662d112f95e7904ce6655265aedc73159a8add62255c11f4456164/46e7ac03-8641-418d-b993-ee8465161c7d 194.5.98.212:4050 # Reference: https://threatrecon.nshc.net/2019/09/19/sectorh01-continues-abusing-web-services/ haggapaggawagga.duckdns.org ontothenextone.duckdns.org yakka.duckdns.org # Reference: https://twitter.com/JAMESWT_MHT/status/1192802828592570369 # Reference: https://app.any.run/tasks/758eaaf7-d81f-402c-89c3-a7b50518607a/ 192.169.69.25:5626 meca.duckdns.org # Reference: https://www.virustotal.com/gui/file/a54d5a01f25dbe968b3aa91075bdbf37d9f6f3e708fbb9a25254166553ef94de/detection 104.206.99.52:2019 # Reference: https://www.virustotal.com/gui/ip-address/23.249.163.24/relations aysnicacid.duckdns.org ghorara.duckdns.org # Reference: https://isc.sans.edu/forums/diary/Malspam+delivers+NanoCore+RAT/21615/ 137.74.157.90:33338 # Reference: https://twitter.com/JayTHL/status/1193770501132431360 onetap1309.ddns.net # Reference: https://app.any.run/tasks/196bcf4c-0931-4c28-a75d-290c6cac7f53/ timnoip.ddns.net # Reference: https://app.any.run/tasks/53b59d13-1b84-4404-b1e0-8d2441b7ec6b/ duruawka.ddns.net # Reference: https://www.virustotal.com/gui/file/56a09b378be2c501e310eac94fd83c1921427e26836cf05e57f29667e7e43e83/detection 194.5.98.7:34681 # Reference: https://www.virustotal.com/gui/file/b3d596678e30221b6bfeecb8dbb14d5f3d1e59fa91cfbf5e868d3ec3389bd9e5/detection 88.229.215.159:34681 # Reference: https://twitter.com/MalwareConfig/status/1194363557623877632 # Reference: https://malwareconfig.com/config/435f91dc47a760874856972351300215 79.134.225.17:9583 timnoip.ddns.net # Reference: https://malwareconfig.com/config/033083d77f3c28bdc460b945500f4ae2 fred.no-ip.net # Reference: https://malwareconfig.com/config/64baf124e1c1aefb7004ffc957a18b52 fred.bounceme.net # Reference: https://malwareconfig.com/config/9126e8fb2c26f2aa84d357881d02b241 fedosh.no-ip.net # Reference: https://twitter.com/ScumBots/status/1195186420509532160 187.38.124.229:5552 # Reference: https://www.virustotal.com/gui/file/7a8ce81d5cecf363f5985e87f53230ca550e17a5997a853eff1408a8b3f5dc91/behavior/Dr.Web%20vxCube okenwa.hopto.org 79.134.225.115:1505 # Reference: http://wp.hybrid-analysis.com/sample/691bfd494ba62c2f00ee89828a7fe8bbc2272a87fa713b3aa44ab52fba482c45/5db29b37217d93849fe70f7b meca.duckdns.org 173.254.223.67:5626 # Reference: https://www.virustotal.com/gui/file/df991612aee9e34e5d50881a03d04657ab05be61f01bef964f4752f5a40ab0dd/detection # Reference: https://app.any.run/tasks/5321e32b-75d6-4d66-9ccc-f9ae9de3eca4/ # Reference: https://www.virustotal.com/gui/ip-address/23.249.165.218/relations 213.208.152.210:8181 aspsensewiretransfergoogle.duckdns.org christinailoveyousomuchyoumyheart.duckdns.org isoalibabadocumetfilegoodforspreadsystem.duckdns.org isolatedocumentwordfilegooodsdfsf.duckdns.org microsfotgooglegmailoutlook365mailallaregoodformailing.warzonedns.com projectwatchdognowinlinetoofargreat.duckdns.org promotionzynovawillzerodacontinuegood.duckdns.org propackgreatexploitexcelwork.duckdns.org qeeeeewwswsweerwwerwerwrwerwerwerwere.warzonedns.com serverstresstestgood.duckdns.org systemgooglegooglegooglegooglegooglegoole.warzonedns.com windefenderprotectedwindefendergooglegmail.warzonedns.com workbigfinetonychuckgoodallarefinezynovaexploitgood.warzonedns.com xyskyewhitedevilexploitgreat.duckdns.org xyxyxyxyxyxyxywkworkforworldwifewide.duckdns.org zerodayv3startedexploitpcwithexcelgreat.duckdns.org zerodaywwsxwissdfdsfssecccseersscsdfsdfs.duckdns.org zerosugaraddonexploit.duckdns.org zerozerozeronullexploit.duckdns.org zyncxxcciidiiudfisuifsiufusdfisdisifidfisuifisfisifisu.warzonedns.com zyrstststzzxccxccddfgdd.duckdns.org # Reference: https://www.virustotal.com/gui/file/48861372dd50d2c45d1b99b12a09ac83d1bfae565dbdf3069557dcb75ae8966a/detection 213.208.152.210:2065 # Reference: https://twitter.com/ActorExpose/status/1196107065338535936 # Reference: https://app.any.run/tasks/b897bf30-fdac-4b84-9f86-0b1a5e3d9551/ skyyy1337.ddns.net # Reference: https://twitter.com/ps66uk/status/1196766006674362374 # Reference: https://app.any.run/tasks/192dcefd-ff43-43c7-9655-5d9aab847e37/ 46.183.222.66:2580 # Reference: https://app.any.run/tasks/933c1a1e-135e-44b6-b7fe-b93bee77a68f/ 549351.duckdns.org # Reference: https://twitter.com/wwp96/status/1196867856195084288 # Reference: https://app.any.run/tasks/03844b86-68a6-49e8-886b-780ec6e96211/ 94.100.18.102:4040 # Reference: https://malwareconfig.com/config/417ef753319e86facbfdfe3ffbbe6277 admin777.noip.me # Reference: https://twitter.com/JayTHL/status/1197303503481397248 austinaccount.warzonedns.com # Reference: https://twitter.com/BarryShooshooga/status/1197754462657343489 # Reference: https://app.any.run/tasks/0ec81663-e1d9-41ce-85ab-1f3528172b1f/ 79.134.225.76:5680 bluefaceoriginal.ddns.net # Reference: https://www.virustotal.com/gui/file/609958f13635e159b3864fb80a99c2fb79e21a7cf5231068422076e930c44e4d/detection # Reference: https://app.any.run/tasks/392a3363-69d1-48e2-96f6-491e46a68d21/ 79.134.225.105:9213 yodastyle.duckdns.org # Reference: https://twitter.com/JayTHL/status/1197948846581649409 wrwr3wrw3wrwszz.ddns.net # Reference: https://www.virustotal.com/gui/file/b9ca0b463bb8cd7d44c8f7713f8e47352cc9cb9ec5d57b3cb59d1a89a85b3e51/detection 79.134.225.105:1980 ncoresnew.hopto.org # Reference: https://www.virustotal.com/gui/file/b4e75bf5b5d021e5f8fa81b2b5654c52856f460ef3d713652da84000b737bf71/detection manblues.sytes.net # Reference: https://www.virustotal.com/gui/file/63824abe9e2c4e0199f9b93a33841bdd01ca9757922bb14179927d6fe30fd28e/detection # Reference: https://www.virustotal.com/gui/file/aecf95be47027b85863b24cb566abbf712415b87cd8cd8055430252d3918b6a7/detection 79.134.225.105:11754 80.211.133.107:11754 hetro.ddns.net # Reference: https://www.virustotal.com/gui/file/31b29c53a227bd0008c461d33538899db0673a37dc47e71ae42f0d6b32bfa511/detection 79.134.225.105:4040 ellababy123.ddns.net # Reference: https://www.virustotal.com/gui/file/a1298e2a11381470214fc9954ac237b90f940972aafe456d3c5c25e14854a6f6/detection ogalu.duckdns.org # Reference: https://www.virustotal.com/gui/file/861f022147d6d5cd24c328275a331e20efdb132603b87bc2e609e2668e06e8ea/detection 79.134.225.105:5654 followmeup.duckdns.org zxzxzxzxzx.duckdns.org # Reference: https://www.virustotal.com/gui/file/4df6fbb979b2e11c724f51d9dad4a34aab0e6eb54e5b466980645a03c7fe999c/detection 192.169.69.25:1515 # Reference: https://www.virustotal.com/gui/file/ad89ce2bad7b926044a3501446950eb4688dc3b595c93b26c98ff204163b0b2c/detection 185.165.153.235:50710 suchwoni13.ddns.net # Reference: https://www.virustotal.com/gui/file/0f3b7d439b1954c2596dce936334d7176cfcc86a7188c5904befc7a519bd08e5/detection 79.134.225.108:2551 euroboss.duckdns.org # Reference: https://www.virustotal.com/gui/file/28a95d659e621ea85c126b8a3025db231304227d0d1976dea347924fec4a64d2/detection 129.205.112.169:3999 79.134.225.73:3999 79.134.225.92:3999 palaboraeurope.tk sugarboy.duckdns.org # Reference: https://www.virustotal.com/gui/file/77626dbd21e1b960bde8f37759b7f4c294d3e80d253ca5dbacc2350217c8c4ab/detection 194.5.97.34:8090 omocavite.duckdns.org # Reference: https://www.virustotal.com/gui/file/2a956f2356ab57d0ae9c98813ef3efa85ee323e0f5fcfbb6247170253ee3cb4c/detection # Reference: https://pastebin.com/vbujQzFf karmina113.sytes.net karmina117.sytes.net # Reference: https://pastebin.com/vbujQzFf (1ed84de406e22e35486a849089b6ee0d087bffc5) 216.38.8.178:1996 snup2019.ddns.net # Reference: https://pastebin.com/vbujQzFf (839f3f1491dba854710981125c52f9d180f94c92) 193.161.193.99:56539 labserver.duckdns.org # Reference: https://www.virustotal.com/gui/file/4d8d90c1c3a26adbf1291a5bf835836a347a1b58e37448bcbd62b3636c569d31/detection 76.72.161.76:2525 slipp.ddns.net # Reference: https://www.virustotal.com/gui/file/1d8dbd65bcf660963cf1ed85be9ee2fcee9aab3f95a666c7460633733f025fb7/detection 92.2.5.191:5353 joshuahdn.ddns.net # Reference: https://www.virustotal.com/gui/file/57c2264244db26b1ccf9b0a0dfd05a50b98f39cc6cb1544e6e912330d1c021d2/detection 85.237.234.153:54984 milosinka.ddns.net # Reference: https://www.virustotal.com/gui/file/62a108ce957b0fb58f20bc38c1b8a1315ffa235c1cffe3a4934ec46f183ea47c/detection 89.86.77.125:5554 nanpowered.ddns.net # Reference: https://www.virustotal.com/gui/file/c2a169d61913f7c05ea0d4377a74ec3de0b51449b5671cab8ecebd971e6159b2/detection 85.86.27.28:5555 # Reference: https://twitter.com/JayTHL/status/1199021518728179712 79.134.225.89:1200 # Reference: https://www.virustotal.com/gui/file/ce4c6cb6111a0f49caa3e0e49717c10b7dab36c550b45a61fdb260f1180167f3/detection 79.134.225.89:4488 sammorrisok55.duckdns.org # Reference: https://www.virustotal.com/gui/file/e5e55eda4187d87e2aef4a3e036f95a13bed19023b45202784bd55b606ebb4e0/detection jacky99.dynamic-dns.net # Reference: https://www.virustotal.com/gui/file/5da23838b9636509af8b067794bf6fed586a562d0e27d40b6b9cf02a25fde8bd/detection wt35712830.ovh.net # Reference: https://www.virustotal.com/gui/file/7ac083e0c31255bcc283d85e4094384d162f3a269f218d8f1c74d445f894435f/detection banksmedia.hopto.org serge231.ddns.net # Reference: https://www.virustotal.com/gui/file/2a20e4a98b11fa6ab98e828e091cd02093bee698ae0e19feedb18ff15b4cd3c3/detection 79.134.225.90:3690 # Reference: https://www.virustotal.com/gui/file/63758e38a282ef2a624147eb587618cb737bb44c9724de44490773af8d329ec1/detection 79.134.225.90:1985 # Reference: https://www.virustotal.com/gui/file/98da3c893dff87c923d3d717e52f4b452feedd6f41d4a17e969968635efcadb8/detection 79.134.225.90:62098 ashmwin.ddns.net # Reference: https://www.virustotal.com/gui/file/b49065e32765e0d4812b59e0bc76daa84a85d910a1eb2fe9b06d233cb5bd07f7/detection 75.40.27.225:443 dhoskfnkdgmfdgh.ddns.net # Reference: https://www.virustotal.com/gui/file/07d64c498247d5189af3089c8755a3cf83844eee7853fd36017a901b05bb7ddc/detection # Reference: https://www.virustotal.com/gui/ip-address/78.63.252.24/relations 78.63.252.24:1085 herakas.ddns.net heraklis.ddns.net narkaman.ddns.net zajibala.ddns.net # Reference: https://www.virustotal.com/gui/file/251498dfd4c3bb2d166ac08b340d508d501d8f782e9bb2a0cdb7fea2eac42e44/detection 154.16.248.142:54984 rataskidhost.ddns.net # Reference: https://www.virustotal.com/gui/file/6e02adb0cb3b676e9f5a01f1d9ed842abdf2c2b88e9cdeb920fa6962ee78a149/detection 185.165.153.28:8181 192.169.69.25:8181 indomieboy.duckdns.org # Reference: https://www.virustotal.com/gui/file/6eb787b5e8bab574fc18422fa16ff902ffedaa96db09f75b20d1cdd709bc8ccc/detection 87.202.139.214:1085 malakismeno.ddns.net # Reference: https://www.virustotal.com/gui/file/05c3d73f8e4e228a98053b9706f99dc7ba3221f6c793b4d4cd5d7fb4f64b44b9/detection 79.134.225.27:8404 swiz8404nvp.duckdns.org # Reference: https://pastebin.com/R9U6nSrV (# 20d7808b8520ac8941717934704c2dae7fc06fcf) bosser.duckdns.org # Reference: https://www.virustotal.com/gui/file/9df25a0680f2501832d131f5190a2fcbefd5acbce1391dfd2be39de382f786a6/detection waterboi.hopto.org # Reference: https://www.virustotal.com/gui/file/97874e0c9ee5f0404eff88fd36b84351f6448cf29260d06b450c9f0d58a7b517/detection 185.202.173.27:54914 54914.duckdns.org # Reference: https://www.virustotal.com/gui/file/fec4948c1766f6ec9e64de37f257be222bfebba5951dd2cb9f2acb0607e5ebc5/detection salam3amihamid.ddns.net # Reference: https://www.virustotal.com/gui/file/ec7cfc7d0e33e19222e3228b5e0f15a08b71ca998fc69aea29bd682bba3d4ffd/detection agent47.vip # Reference: https://www.virustotal.com/gui/file/d2d87cc451c345eb50cbc2231780e1685aa94f32cdf957922ef8c197d54dadcc/detection 107.170.231.171:5900 sys32admin.ddns.net # Reference: https://www.virustotal.com/gui/file/aa9053046e8f5981dd0e8767336d443177bff33e088abfa1f54e32f3aecf3b9a/detection griqy11.ddns.net # Reference: https://www.virustotal.com/gui/file/1274c8604ef9d2c5b1674e434367d029ec38c0b09da583091953bbc93d9ef9b8/detection smbrlm.hopto.org # Reference: https://www.virustotal.com/gui/file/fa78298b68952c09884eaadf3fb79ef22309f11c07595759bb23e859f5afe0b8/detection 66.55.156.251:443 quaserhost.zapto.org # Reference: https://www.virustotal.com/gui/file/f18738147fad6a8065a3eb11c6e5275cf9a2ec9cd4cfcbf1a6c925f0d308cf7a/detection 181.52.109.69:1881 tjtjtt.duckdns.org # Reference: https://www.virustotal.com/gui/file/6a904623cfecd7383df1e4a825f7918144103fb1268b17540b426b280f884fb4/detection 74.121.190.134:57201 57201.duckdns.org # Reference: https://www.virustotal.com/gui/file/0254011164ac22194856c7ec4e49825ce49b8d9a49162f03b0807cf9a04a9c5a/detection 79.134.225.6:7005 rimoy788.ddns.net # Reference: https://www.virustotal.com/gui/file/48f1ca1c0cdcbfbe5623996d806a5d321631f61ea4867aff026f09f833424dea/detection 212.100.79.97:60400 212.100.80.44:60400 # Reference: https://www.virustotal.com/gui/file/09b60e0478b099a43a9f9b7cb1c411817b2bc72b67d4f59e20d0a07cc676d630/detection 121.122.83.251:5476 192.69.169.25:5476 calitoway.duckdns.org # Reference: https://www.virustotal.com/gui/file/4f2bd7d1c7655bbef4fd0d802326b24c9c0535b949051bc3b76ec44449732d1c/detection 192.69.169.25:1996 nickdns17.duckdns.org # Reference: https://www.virustotal.com/gui/file/6d7f6350940be633a2bfbe1288f02d30004920f742591807e5162005cef9a121/detection 192.69.169.25:1994 194.5.98.186:1994 beretta.com.de donald3m.duckdns.org sandra.myddns.me # Reference: https://www.virustotal.com/gui/file/0828eef606d3304ee937f3b120e1e1307c8405fd60d88c43877bf969df4bcd68/detection donald7m.hopto.org # Reference: https://www.virustotal.com/gui/file/a47d2fc55701f2e88e2607d24033d145d328a6374dcccea2b6e482af9fa987f4/detection alien34.duckdns.org # Reference: https://www.virustotal.com/gui/file/1fa5b42f19a46c7ce789a9efb0b1309efad5311ac7314400ce57d7bb443ff7e4/detection 192.69.169.25:500 rat225.duckdns.org # Reference: https://www.virustotal.com/gui/file/0177d447df7c967a32bb0db374aaceafe7b5746f55df836aa1e61061a19eee84/detection 192.69.169.25:1888 # Reference: https://www.virustotal.com/gui/file/a84047d17c2de9048186e9a003842789b42c8144bf33cff4148d24a782981290/detection 192.69.169.25:10138 # Reference: https://www.virustotal.com/gui/file/8711947da95dc3ee51ec589ceb1b8a59ce816d99ed20e721de7344c9e689536d/detection 192.69.169.25:1896 nickdns18.duckdns.org # Reference: https://www.virustotal.com/gui/file/722474240a20dad3d351732b856733dcbca7340b43d74961907e526a7602570e/detection 192.69.169.25:5476 calitoway.duckdns.org # Reference: https://www.virustotal.com/gui/file/5783d35c5cfcab04344f714f8d0d2af11339e1057e436e48e14ef8251fd6c859/detection 192.69.169.25:1909 outofspace.duckdns.org # Reference: https://www.virustotal.com/gui/file/e9a4f82ac7549f3052a233f6684c3ed2e8bc545349711673ff51809051c6e9c1/detection 192.69.169.25:1759 papacapa.duckdns.org punditx.duckdns.org # Reference: https://www.virustotal.com/gui/file/31561a3b9942397289d64dfa474511b2e95ac8447e0796ad7808f8609d949ee3/detection 192.69.169.25:54984 95.70.237.198:54984 ethernet.theworkpc.com # Reference: https://www.virustotal.com/gui/file/5dd60a52f8b6391dd8d35af79b129d7acc570734f01683bc269e8065fe3bcd09/detection 46.234.76.75:5555 kokuz55.ddns.net # Reference: https://www.virustotal.com/gui/file/8363a76dd357211c19ac8e5db137bfae558b360c42bb07b968b39a905291ae57/detection 109.60.99.112:5555 # Reference: https://www.virustotal.com/gui/file/816e526a6663db59eea32f7e70cf9dc02b5dcd203e1c2a712e4ec137f24717ad/detection 46.234.79.190:5555 # Reference: https://www.virustotal.com/gui/file/15e70ff6c0dbf4c31310bcae19207f4faf7e511313ffa9bd559e9526ff5e04d0/detection 109.60.96.111:5555 # Reference: https://www.virustotal.com/gui/file/7021c8735e587ceb70cd8669a7347222dc23ac60df168e4bb1cc6eb3f4a26069/detection 46.234.76.75:220 # Reference: https://www.virustotal.com/gui/file/123c0d7a6836f2d4d97c6dd8b037df4d76a28abd6d1658525a912b8aab51329b/detection 109.60.99.210:220 # Reference: https://www.virustotal.com/gui/file/edbfe10569d57d34a49164acb52d0b0339a29360dccbbb2b715a65390a42fa7d/detection 46.234.76.75:4500 # Reference: https://www.virustotal.com/gui/file/2f54439717f7d1885d3cba453523993255fb53e75cab95d0fc96f4fc5cbcd44e/detection 109.60.96.144:220 # Reference: https://www.virustotal.com/gui/file/b9db088360693d4085eab59fbf805d11a63534b986a9e19318aa8e0b49bff3e3/detection 109.60.98.121:220 # Reference: https://www.virustotal.com/gui/file/036cc770e228ac94439d2f794c94a1aa0f6fc3f9949706fd59024295694b2a50/detection 109.60.97.56:220 46.234.77.242:220 # Reference: https://www.virustotal.com/gui/file/c460389a1d330a2a0a8a9ded11d539f898d87b8c649dc01717c9db8e80edb355/detection 109.60.99.83:5555 # Reference: https://www.virustotal.com/gui/file/3cc526c93917097f054fe01bd09843afbf7f961dd41a21aaed27bd63942f7391/detection 109.60.99.112:220 # Reference: https://www.virustotal.com/gui/file/2fad5b2c45ed6af3b4da7afa76e0f5129ef5f4fd2e91fe4f1e54a2cc84c0b265/detection 109.60.99.78:5555 # Reference: https://www.virustotal.com/gui/file/41a490e0f29fa958c7e9c8015db8de79cc34ef0b38f6f49d99f469b7d3db1729/detection 109.60.99.78:220 # Reference: https://www.virustotal.com/gui/file/3deced03ecfd55b8c2c5b64b8f6e71ecde2b1c7900ff798c2d105713c111c9ee/detection 46.234.79.89:220 # Reference: https://www.virustotal.com/gui/file/ba19d91251a9b50e4eb6404dd771e5024b12c90c9e260cded154c092d946429e/detection 46.234.79.89:5555 # Reference: https://www.virustotal.com/gui/file/50bdb55a1f2abc8b17960118383f490f6f27ebcce4fb3c3c7d573aa063e5e978/detection megafundz.duckdns.org # Reference: https://pastebin.com/0sWcZD0s 185.140.53.165:2017 87.104.146.247:1337 88.214.57.2:1220 aarmandobronca99.duckdns.org asshost.duckdns.org bigchungus6969.ddns.net chutr5.ddns.net haddadi23.hopto.org newlifenow.duckdns.org racikmordo.ddns.net sshsdgsfasfasfa.duckdns.org strkserver077.hopto.org teamtanic.ddns.net testesri.ddns.net upcheck.duckdns.org updateserv.fishdns.com wasder123.duckdns.org # Reference: https://pastebin.com/gN5E4UW4 indomieboy.duckdns.org # Reference: https://malwareconfig.com/config/a3076d09d7d8f104d4b7403c781f9f7e 79.134.225.28:6071 # Reference: https://malwareconfig.com/config/9ff5de50283209ba286bdba8285074a1 olodofries.ddns.net # Reference: https://www.virustotal.com/gui/file/a7f308beb88e305c09aa36b10a535f2f7a0bc9f9de96be8ea2cfd44e84f430d0/detection 46.183.222.55:10001 79.134.225.125:10001 # Reference: https://www.virustotal.com/gui/file/3cdb5f9d5ad2a024a3e0b62b253b87df784f901c6969c53dd04dee96abc8bfa5/detection 79.134.225.58:1985 # Reference: https://www.virustotal.com/gui/file/4c5f6119cf732f621e7f60d2b35536a2262eb06fa926ee5cd9570f049a06121b/detection 79.134.225.58:2016 malam.ddns.net # Reference: https://www.virustotal.com/gui/file/aba1e5f7a42a88d8a82b8e5e329da7395946048577aeac4603e1f312310485a1/detection 79.134.225.58:1222 rghfff.chickenkiller.com # Reference: https://any.run/malware-trends/nanocore (Note: as seen on 2019-12-04) jimmycharles2468.ddns.net randydidier2468.ddns.net ubananocore.ddns.net sandra.myddns.me prayersanswered.hopto.org gratefulheart.ddns.net 888rats.duckdns.org grafeulheart.ddns.net ijomsdavis1.ddns.net blessingfollowme.myddns.me volodymyr.gotdns.ch slimyuyo.duckdns.org vemvemserver.duckdns.org special2019world.mymediapc.net 3forall2019.servesarcasm.com jiddeshot.duckdns.org saintjames.publicvm.com joeiyke22.duckdns.org # Reference: https://malwareconfig.com/config/4ba2538a416bfa6290086867211afcb1 149.202.233.219:54984 # Reference: https://www.virustotal.com/gui/file/ad5c2223166859c196b192af7c5663cb0c38c6c9d1fe5369a131277876d7886e/detection 78.155.201.178:9080 officemicrosoft.net # Reference: https://www.virustotal.com/gui/file/f4bdc830a0f600e857b21a5727f1c4ace80986b2ccfe9f496173be5aee43e3ff/detection 91.193.75.181:19833 # Reference: https://www.virustotal.com/gui/file/aedb83be078fbbd78e896fb1a76bc031c3c9dbd630310d33b50f8ad3e2d4fbd2/detection 185.140.53.102:1906 91.193.75.181:1906 elumadns.eluma101.com joey.daniel2you.com oluwa103.hopto.org # Reference: https://pastebin.com/7Ak2nP2T chimurenga.duckdns.org khurramchalingang.ddns.net # Reference: https://www.virustotal.com/gui/file/c7166eed554c291bb360237fb9c16585b46e551cf2b2b84b5521dcbf195ff084/detection leaf360.ddns.net # Reference: https://www.virustotal.com/gui/file/2a31bb74f367ce969dd3c3633f3071fffcb2e16b962c254622280c96fd5c61cd/detection 79.134.225.123:3734 # Reference: https://www.virustotal.com/gui/file/82263488003298cf0594297805b1f031ad8f9ea0ccf611f199a9c40fdd3e1592/detection 185.92.239.16:3734 # Reference: https://www.virustotal.com/gui/file/c7591966e55642b02297423033873627e514d6be4ea5ee34032a63e98f3b7511/detection 178.239.21.22:9090 # Reference: https://www.virustotal.com/gui/file/cf4ee1a039523a78c3fbbae7df5c0e7c5259d357defc4a118531711036ac609f/detection 79.134.225.77:1218 # Reference: https://www.virustotal.com/gui/file/320881ea124021d0db542c890f69cce660b6b1c670831555dc25cc500da42ee4/detection 79.134.225.101:1994 # Reference: https://www.virustotal.com/gui/file/9c2c69a11771e0cbe4a62c0407243ca8aae4105f6dd863cb2df7fdda55bc00ab/detection 193.161.193.99:41435 rizelol-51335.portmap.host # Reference: https://twitter.com/James_inthe_box/status/1204111427708964864 216.38.8.179:7568 # Reference: https://www.virustotal.com/gui/file/0a2e00ef38f15a22a0d4d63206f7972735829b12f9ebd83218099686202cb1f7/detection 79.134.225.121:5291 saintjames.publicvm.com # Reference: https://www.virustotal.com/gui/file/930ec93a4c774ce014afa836249d130864cdd4f264410694fc66ccb3de86d08a/detection 79.134.225.121:1994 # Reference: https://www.virustotal.com/gui/file/465be0961c7e3157f94cc8dfce1f85770469ec0cc21cae667d51a1b411fd80e7/detection 192.169.69.25:3410 # Reference: https://www.virustotal.com/gui/file/87902a913a981c06a12d1acdca222cc1236ad4ae9d1d026c134d245dced0fd38/detection 79.134.225.121:4152 # Reference: https://www.virustotal.com/gui/file/7e2e315cfe1ffe1853acb095db5a9121bed39b5049cb1c6cca685a94c620a00e/detection jogodo.duckdns.org # Reference: https://www.virustotal.com/gui/file/77973c42e00481f2545a49bfb609e3f4308b1c568476b92e742c6615fa95980a/detection 79.134.225.121:9879 # Reference: https://www.virustotal.com/gui/file/beb357a8009c9e56d410f7d1ed570f99057fe72b8aeb790d9ff01b9a81319d6a/detection 79.134.225.7:5314 # Reference: https://www.virustotal.com/gui/file/a92d5ee40c9fb483a5ac0f97d3211db8e9ce4f1a0c292dcab001bcc988223eb1/detection 217.20.114.222:8282 # Reference: https://www.virustotal.com/gui/file/66e2e5c5b082dc05180525ee443c2dd8e2717de73c9f5d3eec36a3e19d75ac9e/detection 129.56.125.113:54984 217.20.114.222:54984 # Reference: https://www.virustotal.com/gui/file/0c539d4ad0f070b803ce8602ee06f2bafcf2062bbf13db6d1988780abb6c98e3/detection 79.134.225.71:54984 # Reference: https://www.virustotal.com/gui/file/225192e851bff4bf22d07250041dd92984d6e388a3e87a0d2c1241bd4a10edc2/detection 129.56.30.141:54984 # Reference: https://www.virustotal.com/gui/file/2a0c4bfbb072e3d4b6bd68aac56cca963fa8391103fcad0558afd93697b7397d/detection 91.193.75.78:1961 # Reference: https://research.checkpoint.com/2019/decypherit-all-eggs-in-one-basket/ # Reference: https://www.virustotal.com/gui/file/658cc303e2386e54b7175d09a6230326bbe62779ea87fb581696fa2a47b33ae9/detection 103.53.199.248:3166 185.165.153.148:3166 27.122.14.57:3166 troyfin.hopto.org # Reference: https://www.virustotal.com/gui/file/45b4460fa4d9d6c917b82d9075bc74e500eebe5c5ce0bea46d3160e2dafbed74/detection 79.134.225.104:4050 # Reference: https://www.virustotal.com/gui/file/c8ada32e94d7d51f2b4f67f8ddc2e810211516f8d3ca6f6f582252ca73db34a9/detection 103.200.6.62:1943 185.165.153.22:1943 # Reference: https://www.virustotal.com/gui/file/039c9de4afd2878fa4b8f7e23e71b66b7ae37ff1f69b60d2b5ccf069fa0bde2a/detection 185.165.153.22:9781 # Reference: https://www.virustotal.com/gui/file/83924c884223347900b272b5715af5e7e13de9e70bfeded995c878503339a00c/detection 185.165.153.22:1993 # Reference: https://www.virustotal.com/gui/file/1937e6fdb1684391d04d94297477a4005607904c4d744858429f41f81d1b853f/detection 185.244.29.20:2040 # Reference: https://www.virustotal.com/gui/file/ddd07fb3a7189389dd72284b268130f14366695c344b24d70fd07057874b009e/detection sammyxy.ddns.net # Reference: https://www.virustotal.com/gui/file/5e736d99dfb2e444d1f153b877c6f985efa5aa870458b462e1c9f8d6a2e558e1/detection cjax.ddns.net # Reference: https://www.virustotal.com/gui/file/5223df133728f2f2fc2e8beceacb516324bf841d6816fedff87e2e252e0ebc2b/detection adababy.ddns.net # Reference: https://www.virustotal.com/gui/file/b772bffaafb31edeefc30c53f7c8ccaaf0c4bf6fc7f0756e18282980ceea7716/detection 185.165.153.22:7080 calebnew.duckdns.org # Reference: https://blog.talosintelligence.com/2019/12/threat-roundup-1206-1213.html (# Win.Packed.Razy-7434602-0) # Reference: https://www.virustotal.com/gui/file/aff30bb8b3b1c243c716e904e91eb06f9494076fa053a91897d8a277f2caba0c/detection 107.172.83.151:8973 dec8973.duckdns.org # Reference: https://www.virustotal.com/gui/file/6a16217a4bf366e4c1de062cacd825aaaa6dae1b386173072065d72a33c0107a/detection 192.169.69.25:8973 # Reference: https://www.virustotal.com/gui/file/31708a93ff6a5d46899f93e048355fc187ad505ea0723b091bef15ca45f7cdfe/detection 94.73.32.235:3176 pns.no-ip.info # Reference: https://otx.alienvault.com/pulse/5cc9df384121a7e224ec5fe4 12345dick.duckdns.org 140nick.duckdns.org 24e26s2854.wicp.vip 419millions.chickenkiller.com 54911.duckdns.org 549351.duckdns.org aaa3.ddns.net abundantgrace1.ddns.net adobemoney.linkpc.net adslservisi.sytes.net africa147.hopto.org agosto26.duckdns.org agxagx.ddns.net alaazatewi.ddns.net alaincrestel1900.ddns.net alexbread.ddns.net alexthomas.ddns.net alexurch.ddns.net aliprince0422.duckdns.org allensmith.ddns.net alvb.duckdns.org anderchuka.duckdns.org anson1223006.duckdns.org apple11.ddns.net arabs.duckdns.org ariascopetrading.hopto.org arnoldgood12.hopto.org asbconstructionltd.chickenkiller.com aspens.publicvm.com athack.hopto.org avt.duckdns.org awaissoft-60523.portmap.host azertylol.ddns.net babafred.ddns.net backupdata.sytes.net backupson.duckdns.org bamerica101.hopto.org bankofamerikaa.ddns.net bara.ddns.net battys.duckdns.org bdonserver.warzonedns.com beast1111.ddns.net beast999.ddns.net benekopaccc-40921.portmap.host berekia29.ddns.net bhuyanplastic.duckdns.org bigcuck69.ddnsfree.com bio4kobs.geekgalaxy.com blackhill.ddns.net blazemark.hopto.org bliss123.ddns.net blowmm.duckdns.org bobbrother.duckdns.org bombingday.ddns.net boxoffice.camdvr.org bright1.awsmppl.com brockles.duckdns.org brockmax2v2.hopto.org bskd.zapto.org btchtu.duckdns.org bubun.duckdns.org bugnas.duckdns.org buike.duckdns.org bukis228.ddns.net burningtorchinc.gleeze.com businessjungle.dynu.net calebnew.duckdns.org calitus.hopto.org callistools.ddns.net cashflow.hopto.org cbswgc.duckdns.org cdy.ddns.net cdy22.duckdns.org century32.ddns.net ceo123.duckdns.org ceo223.ddns.net chiefphillip.dynu.net chimurenga.duckdns.org cj419.ddns.net cjay55.duckdns.org claire2019.ddns.net clerfgee2345.sytes.net clinton.hopto.org clintonlog.hopto.org cnvibe.duckdns.org connectings.ddns.net cornerx.duckdns.org cquestt.duckdns.org cracked1.ddns.net cracking123.ddns.net craftedfollowing.duckdns.org criscris.hopto.org crypted.duckdns.org cumtap.ddns.net daddyhandsome.ddns.net darkkerem2003.duckdns.org daronbk.ddns.net dataserverr.duckdns.org dbb.turbo-sy.com deaphnote.ddns.net defaultx.duckdns.org deluxehacks.ddns.net doc-pdf.ddns.net docsc.ddns.net doddyfire.dyndns.org donchisom.duckdns.org donp.duckdns.org dubelucky19.ddns.net eagles40to.mywire.org ebubu.duckdns.org ebukakings101.ddns.net eizzymoney.ddns.net elcoblast.ddns.net elizabeth221.ddns.net etoiilefiiilante.duckdns.org euroboss.duckdns.org eventuary.ddns.net ez.pusatiklan.net ezefab.warzonedns.com ezeugojnr.ddns.net ezexgm-39781.portmap.io fabulous.myftp.org faith.dns-cloud.net fbpa.duckdns.org firebot.ddns.net fortnitehacker.sytes.net frankwill12m.ddns.net fredwil.ddns.net freefortnite.ddns.net gatm.duckdns.org geebrastanley101.ddns.net geminterbiz.hopto.org geppasser.ddns.net get-fucked.chickenkiller.com ghgses.duckdns.org giovan234.ddns.net gloire25.ddns.net glorylinkgroup.duckdns.org glorylnter.hopto.org gochii.ddns.net gojust.publicvm.com goodluckwar.duckdns.org goodwork11.duckdns.org goodworkomo.duckdns.org google-service.camdvr.org gotchabitch.ddns.net graceofgod.myftp.biz gregvictor.hopto.org grene231.ddns.net gulenterprises.ddns.net hacksfree2019.ddns.net haddadi23.hopto.org hadkhadma.freeddns.org haul.duckdns.org hellomicrogreen.iptime.org hernapeksashdc.duckdns.org hondo.duckdns.org housk.giize.com housrk.theworkpc.com hurryg.chickenkiller.com ibidado-62758.portmap.io ibidado1.hopto.org icraxandhax.ddns.net ify.duckdns.org ilovepussynanjuice.ddns.net intechwraithh.ddns.net irc12.ddns.net irofuuzo.ddns.net itforwarding22.hopto.org itrysohard.myq-see.com itslabibmazafaka.ddns.net iykemann.duckdns.org jagnwses.duckdns.org jasoncarlosscot.dynu.net jasoncarlosscot.hopto.org jaybaba.ddns.net jbond.duckdns.org jeffd.warzonedns.com jinomoney.publicvm.com jmodz04.ddns.net jogodo.duckdns.org johndickson.ddns.net johnsylvo.duckdns.org josezulu898989.duckdns.org jsuf.duckdns.org julio26dns.duckdns.org julioskaod.duckdns.org justgo.linkpc.net kabilablaze.duckdns.org kalakuta.ddns.net kaykayblessed1.ddns.net kenw16570.ddns.net kf123.ddns.net king8950.duckdns.org kingdevil.ddns.net kurumaraji.hopto.org kuwaitware.duckdns.org kw9d0.duckdns.org lachy212.ddnsfree.com lambertofield.ddns.net larbivps.freemyip.com latestlatest.ddns.net legendklr.duckdns.org legionopeh.ddns.net letmethrough.ddns.net light.pusatiklan.net lightmusiclove.ddns.net liuo.duckdns.org lovemego.ddns.net lukeharley.duckdns.org lunovim957.duckdns.org macoop80.hopto.org madetosurviveman.ddns.net maineone.sytes.net mallorca.myftp.org mamacapa.duckdns.org manblues.sytes.net manofficial.ddns.net marinjack44.ddns.net masa1834.duckdns.org maxcoop.ddns.net mcmp.duckdns.org meeti.ddns.net megida.hopto.org merchanttgateeway.ooguy.com messiflow0.hopto.org mgc001.duckdns.org microsoftnet1.hopto.org microsoftnet2.hopto.org minecraftbeta.ddns.net mk14a.ddns.net moneybag042.warzonedns.com moneytimmy.duckdns.org moran101.duckdns.org motherpure.duckdns.org mpnano.duckdns.org mrlogga19.duckdns.org msgamers.ddns.net mwlhc.duckdns.org mypp.ddns.net myspyvirus.ddns.net nacoreloaded12.ddns.net nagoor.ddns.net nano.freemyip.com nano.speedfastmaking.com nanocore-rat.ddns.net nanocore511.ddns.net nanoman.ddns.net nanssss.ddns.net nawaooh.duckdns.org neshoitry.ddns.net newlifenow.duckdns.org newmicke2019.ddns.net news.banquealtantique.net nickdns101.duckdns.org niiarmah.dynu.com nikkycharles3.ddns.net njb.webhop.info nnjhjhjj.duckdns.org noface55.hopto.org noipme.ddns.net nonox.duckdns.org nuttara20003.ddns.net obinna.duckdns.org octocrypt.duckdns.org officeofgrace.ddns.net officeofgrace14.ddns.net ogbeni.duckdns.org oge.mywire.org ojoe.ddns.net okoyehenry93.duckdns.org omogost.duckdns.org onyeka.onmypc.org onyex.duckdns.org pacotdc20.duckdns.org paninindia.ddns.net papalove.ddns.net papaya.dynu.net pay1.duckdns.org phoneci.sytes.net playboi.hitlers.best ploplo29.ddns.net pointboilling.ddns.net ponnyhurb.duckdns.org praize19791.duckdns.org primaryjet.duckdns.org privatejet.duckdns.org projectcocainelol-44211.portmap.io punditx.duckdns.org qbasic.duckdns.org qintoo.duckdns.org quadki.duckdns.org queen101.ddns.net raaqtwo.duckdns.org randydidier2468.ddns.net ratterxzy.duckdns.org rattingkidbyluk1e.ddns.net rbenjamin9696.ddns.net recoverypw.duckdns.org reisshasbigp.ddns.net remitancegp.duckdns.org renaj2.ddns.net restartusa.hopto.org rhwrhwhnejtervvrh.ddns.net rmagent.duckdns.org roadkillz.ddns.net rownip.3utilities.com russell.ddnsking.com sain123.sytes.net saintjames.publicvm.com salesth009.ddns.net salestokyo.hopto.org sarce.ddns.net secondnano.duckdns.org setoff.ddns.net sgdjncbgbxf.duckdns.org shedyshedy.ddns.net shutdownnsa.ddns.net slimkudi3.ddns.net smartcoonect.duckdns.org socrate.hopto.org spyhostinc.hopto.org sqlkali.ddns.net sradanet.bounceme.net starlucky.dynu.net starlucky.warzonedns.com stawa.ddns.net stilla.hopto.org stumptowncoffee.publicvm.com sunnyslock.publicvm.com talentino.duckdns.org tecklink.publicvm.com testwork.kozow.com thecyberhunter.loginto.me thefrench.duckdns.org thompson62.ddns.net tiggs.ddns.net timnoip0123.ddns.net tristanatt.ddns.net troyfin.hopto.org trustkemi.duckdns.org unclepurple.ddns.net urbancinomm.ddns.net vanillatest.ddns.net vimlatedrock957.duckdns.org weiindoz.ddns.net whithart.myftp.biz willsdavo2243.ddns.net wilsondedavid.ddns.net windowsssl.theworkpc.com windowsupdaters.zapto.org windupet.ddns.net winnermessi147.ddns.net wm649.duckdns.org wood12.hopto.org workbox038.hopto.org worldwar.ddns.net xfelix.hopto.org xortox.ddns.net xred.site50.net ysl4lyfe.hopto.org zonepay.publicvm.com # Reference: https://www.virustotal.com/gui/file/4a9c6e59e33faa38977042afef734ffb9dc0a48c4e9b45b1e801073d6b46487b/detection 103.1.184.108:14246 scotindustrles.com # Reference: https://pastebin.com/DL88qggt eziokwu.zapto.org # Reference: https://www.virustotal.com/gui/file/093dc4ab67a1952c26364696ca6a050de10e89f4f5e607e9c990c3db168e16c7/detection 105.112.108.176:3940 # Reference: https://www.virustotal.com/gui/file/a103cf94e1c7a00e335468b3d1e6971a1d73b35a761309d701dca47124169f74/detection 192.169.69.25:3940 # Reference: https://www.virustotal.com/gui/file/b1cf48d0b8119e2199c035d3c30d30a9418a121face57fdf0a24b6f3b9917bba/detection 79.134.225.70:3940 # Reference: https://twitter.com/wwp96/status/1206662163869380608 # Reference: https://app.any.run/tasks/df03d2b9-7980-4d85-a45b-f9ccfabb8f67/ 105.112.104.52:1122 meeti.hopto.org # Reference: https://www.virustotal.com/gui/file/44128f896c81c987a3a1797fbb2189ed137a4e082bd75b54e210303f8309956e/detection 185.244.30.14:1515 # Reference: https://www.virustotal.com/gui/file/4cc11ea57e15249af8410af1e10c0341f23664374586fe49c99ff8ff6a3d7897/detection 185.244.30.92:2017 # Reference: https://www.virustotal.com/gui/file/f8e6208bbc555c355f1e5b53a075986e2fe48b96869eabfe05c4d5b64781853d/detection 216.38.8.178:1996 # Reference: https://www.virustotal.com/gui/file/fb84ec938980c586a0e3e09c2ee1b72470710410897c26fd0cb30e29f3e5c374/detection 105.112.113.16:1996 # Reference: https://www.virustotal.com/gui/file/6f78b7ee6b31f2abb8aae3dd7aa9607b6f06c8df17c413c96c4739220a591848/detection 105.112.114.213:1996 # Reference: https://www.virustotal.com/gui/file/6196d266c62c140ae09c3b34dc024e9ef4480c06a27ef196fa7039199357ef6d/detection 105.112.120.121:1996 # Reference: https://www.virustotal.com/gui/file/d4d2ad470439bd1db2fb5d8678e03e00cacaa6d833ef8fbd15f0741caede176f/detection 105.112.120.121:1012 # Reference: https://www.virustotal.com/gui/file/ba9e99d355b7843cfb2159a144635cce9fa0e8146f67cb87ac9b4bac2a5c5150/detection 79.134.225.7:1012 # Reference: https://twitter.com/cyber__sloth/status/1206888692373217280 departdec.duckdns.org sherimix.duckdns.org # Reference: https://www.virustotal.com/gui/file/f2815cb9d788bbfb7477592e6171ca38a3b9b4ec33748ae743cd32acda6bdda5/detection 185.244.30.8:5626 # Reference: https://www.virustotal.com/gui/file/8a7b705238a8098f26508bc366c7038da8e601d73e9b142950c2eabe64b04ab6/detection 185.244.31.18:3190 # Reference: https://www.virustotal.com/gui/file/4ef427c44993ba51d2e053d7db6008fa1c5cff6fc323371c9930eae423a9213a/detection 79.134.225.77:3190 # Reference: https://www.virustotal.com/gui/file/f20088ca692a320e19503848fff4d08f246e613d7f33c14288ca18531d2bf6be/detection 185.244.30.206:4050 kissmeifucan.ddns.net # Reference: https://www.virustotal.com/gui/file/ed2edc3e28859f2490579093573ec334c6730ba00118009c312c061355996a30/detection 197.211.58.57:4050 # Reference: https://www.virustotal.com/gui/file/98314f51bc3ffe17fc519463e8ae447f7c1af6eeddc6816aced730fee104d1c4/detection 79.134.225.74:2404 alalamai.ddns.net # Reference: https://www.virustotal.com/gui/file/eecc5a1053bb3fbb0489dc8bf7fc45a49f814d7242033e72d6385608292d2c47/detection 79.134.225.118:2404 # Reference: https://www.virustotal.com/gui/file/2cb5d5f17629c68c2f200a61ecb5c8943025f2eed41a5afeeca5af363f8088e0/detection 192.169.69.25:2404 79.134.225.97:2404 # Reference: https://www.virustotal.com/gui/file/e384ac881a15832f464abb0530e7e208b4762402078049c1f2a2ce5868d941d2/detection 79.134.225.95:2404 # Reference: https://www.virustotal.com/gui/file/fe2ccdb689004cc6ab3f7ba41820e7ca2992de461dc7e1340d24b6ba5e784742/detection 184.22.100.107:1975 184.22.100.107:5556 maxcoop80.hopto.org maxcoopa.ddns.net # Reference: https://www.virustotal.com/gui/file/772f34c944c7a9781bbf2b81c6a68c620740354aaecdf6af2dbbf874e00981f3/detection 79.134.225.71:1975 79.134.225.71:5556 # Reference: https://www.virustotal.com/gui/file/e1bdd60b5f91bcb4fe4b4405dc49680d4e2980e5e06ca221b3f6c8705f413923/detection 79.134.225.71:3535 # Reference: https://www.virustotal.com/gui/file/20f9064ff826bf18edf82534e93c3bf9273e480df957b65b8154ee59fb21d2f5/detection 79.134.225.71:1985 # Reference: https://www.virustotal.com/gui/file/48679e8c30ac4a08159ec57844961a2d005bab631fab062c69cf3b1cf6a2c3b0/detection maxcoop1.ddns.net # Reference: https://www.virustotal.com/gui/file/f26251b1dbd35a776863c86c7d0983f1d0b2621bd4004480c232904b89caa8a6/detection 79.134.225.100:9091 79.134.225.71:9091 bedlinezone.dynu.net tourismes2.ddns.net # Reference: https://www.virustotal.com/gui/file/a741707af0fcfc7694bdcf9e8c8e64a5693a316a49b708415ba14e2ceb2b7801/detection 79.134.225.71:4922 # Reference: https://www.virustotal.com/gui/file/d505fad83bd1cb861766f13000a8465774f8cd21e0bbcd6813c40a686aa2a7c6/detection 79.134.225.71:5314 # Reference: https://www.virustotal.com/gui/file/ec737127b8f837132f1349de3cbba49c5f22fdb8cc7baee72309eb122a9ab5a1/detection 79.134.225.71:1104 # Reference: https://www.virustotal.com/gui/file/fbe93093b3d244858e45f056adccaf045eec5b9dbfba3e7d46945895b38c2acf/detection amelia869.ddns.net # Reference: https://www.virustotal.com/gui/file/c04548d4218739cba4b320b75c8cc58f8cc1d18996226344b892e0140e273798/detection 79.134.225.71:9000 # Reference: https://www.virustotal.com/gui/file/38d3d278e68b84fa8f67058c38780710899c75cb185279f7967c1d3b861e1f0d/detection maxcoopar5.ddns.net # Reference: https://www.virustotal.com/gui/file/4cd61b4a631171e3ae9c9f1885c47211a8b2010be50af083b76de0b5bcf442ab/detection 79.134.225.92:3200 # Reference: https://www.virustotal.com/gui/file/394a026a1212e1d9c4ba5bf78f22cc1973bbc77937a18910557832fc87837ccb/detection 139.28.218.156:3200 # Reference: https://www.virustotal.com/gui/file/494d8064873d1794d6d571f54d8ce047b57d8ab621893ce9decea75017e7a880/detection 79.134.225.92:3001 # Reference: https://www.virustotal.com/gui/file/1659106dd4afb2d7e00d555274b175433649fbb3e99ab0a01cef6cbc6d64d7ec/detection 81.66.92.104:1188 mouche666.ddns.net # Reference: https://www.virustotal.com/gui/file/bad6508e55a52052df8225ee3da34768100708e2968ab4ba50dfab1cbf7dfaf7/detection 184.82.58.11:6521 mammozzz.ddns.net # Reference: https://www.virustotal.com/gui/file/cf9deb6200baf4ef9cefd4168701378c16ba502b6e1886aef9f322c2072e501e/detection 184.82.51.149:6521 # Reference: https://www.virustotal.com/gui/file/2362d63df84c0cc9dc7de087661e8841cea8719c4778ed8de9a3f68b5b8631c0/detection 181.58.155.117:8091 frankproxynue.duckdns.org # Reference: https://www.virustotal.com/gui/file/b266e96c304e00f0c3f15dda67fe91d4e71d923a18817c948226d2e477bf4e55/detection 18.188.14.65:14221 # Reference: https://www.virustotal.com/gui/file/eb553b15c0c741a471ad9f450c0ac7021c730dd5f2dfcd793c6b4a723749c8ea/detection 3.17.202.129:10290 # Reference: https://www.virustotal.com/gui/file/3c19e707a265ab2547bfbeb768ec993bcec6e8cb759d0ef625e235d91cdbc81b/detection 18.188.14.65:15968 18.223.41.243:15968 3.14.212.173:15968 3.17.202.129:15968 3.19.114.185:15968 3.19.3.150:15968 # Reference: https://www.virustotal.com/gui/file/40092d2d1b277932c662da54abf2485606340c236fae05fe5b0f92af1316c81e/detection 3.17.202.129:13347 # Reference: https://www.virustotal.com/gui/file/4453c7911af6ad9dc7304945a6e2903d2d1e91f4c0c29b579bcfc1158a12c317/detection 3.14.212.173:16669 3.17.202.129:16669 3.19.3.150:16669 # Reference: https://www.virustotal.com/gui/file/b29cbfea850709b62cafe6f85f2be2a5aaa9fba0264106bc53f968cdf36b05ae/detection 18.188.14.65:13085 3.14.212.173:13085 3.17.202.129:13085 # Reference: https://www.virustotal.com/gui/file/6ab5bf4fb0b007c362728696c783327dc86ba738249e0382077f1617f255ce2d/detection 18.188.14.65:17145 18.223.41.243:17145 3.14.212.173:17145 3.17.202.129:17145 # Reference: https://www.virustotal.com/gui/file/62b1fe85a6d2c0a76dd8209096cfb6017ac31c43e22b6a99448f7f694bd33046/detection 18.223.41.243:14768 3.17.202.129:14768 # Reference: https://www.virustotal.com/gui/file/46eb0f1d53416bfe8c0b7ee8ed0466f03633bbfdc4ee0e61c49e2817f7c45b6b/detection 3.14.212.173:16908 # Reference: https://www.virustotal.com/gui/file/38e48eb11029a3086955d6ab492e2206f1af12407cb168b3a89241c935dcb650/detection 18.223.41.243:16908 3.17.202.129:16908 # Reference: https://www.virustotal.com/gui/file/cb1e5ffac2e74da17d37cab6ae0b14e9e0ab522595f836919d5fc5bd33178699/detection 18.223.41.243:11928 3.19.3.150:11928 # Reference: https://www.virustotal.com/gui/file/43924dff1961d5bb62bd22686ffd3e4ddff4cc14a298f4329df2f1390f1e7d3d/detection 3.14.212.173:14915 3.17.202.129:14915 3.19.114.185:14915 3.19.3.150:14915 # Reference: https://www.virustotal.com/gui/file/a59791a43e661617ec6902a9c184ebdfc0717dfeef709910db37ebdfa98ac056/detection 3.14.212.173:15491 3.19.3.150:15491 # Reference: https://www.virustotal.com/gui/file/b914093514750b886e528e9fd140ce06b25bcd3df12df0a3b6dc2dac0a34d2f3/detection 18.188.14.65:17551 18.223.41.243:17551 3.14.212.173:17551 3.17.202.129:17551 3.19.3.150:17551 # Reference: https://www.virustotal.com/gui/file/617fd7610d64ac96a7d28d9defe1d679e82100d7c1596b54d346b8fe0f61515a/detection 18.188.14.65:17074 18.223.41.243:17074 3.14.212.173:17074 3.17.202.129:17074 3.19.114.185:17074 3.19.3.150:17074 # Reference: https://www.virustotal.com/gui/file/457c9854bd2c3411f6c9c6329f668401ca31267ad72551384c06a2f943cb9b28/detection 3.17.202.129:10759 3.19.3.150:10759 # Reference: https://www.virustotal.com/gui/file/8dab74c874a04fe65e10ccfe0b7a828b999af2a3a484083fbe5087aa4904ba28/detection 18.188.14.65:19346 18.223.41.243:19346 3.14.212.173:19346 3.17.202.129:19346 # Reference: https://www.virustotal.com/gui/file/2104dbad25a038809dd43cc4e3605dce20cb16ceef612df983553f60ca2d2be0/detection 18.188.14.65:14826 3.14.212.173:14826 # Reference: https://www.virustotal.com/gui/file/eca7f77ec653c3f94b3b6fa095fc665c2f81501e0bf3b3ac242dd9839747bbdd/detection 3.14.212.173:10361 3.19.3.150:10361 # Reference: https://www.virustotal.com/gui/file/17c826dc00cbc8cf90c5b5838cbbb8ab301b713ff3e3a0045715eaac827b0ed2/detection 3.17.202.129:14224 3.19.3.150:14224 # Reference: https://www.virustotal.com/gui/file/8e8b26b9d52ef35c72fc27770b79281093ed8c26740b257c8bfab66dd80eedf8/detection 18.188.14.65:13588 3.14.212.173:13588 3.17.202.129:13588 3.19.114.185:13588 3.19.3.150:13588 # Reference: https://www.virustotal.com/gui/file/c904d3eefe624fec4ed6506e5fe6ea0e66defdcf073642f687b124052e27e632/detection 18.188.14.65:16499 3.14.212.173:16499 3.19.114.185:16499 3.19.3.150:16499 # Reference: https://www.virustotal.com/gui/file/cdfc486618abedfc3be629585eb7b7cff96f7ae6c153366b6ce199165409a913/detection 3.17.202.129:16499 # Reference: https://www.virustotal.com/gui/file/38d1f625b48edbbd6004cec3fcd58ed83a99076f27dd1870add5d0770d8a6cfc/detection 3.14.212.173:12418 3.17.202.129:18965 3.19.114.185:12418 # Reference: https://www.virustotal.com/gui/file/b01c51c496438a588835a05a3a0406a65e3f21abd4e6f470b32fa2ed47c361b7/detection 193.161.193.99:32238 # Reference: https://www.virustotal.com/gui/file/9ea3870a5d3784c8bfcdea665cb1a084befd43c32d2f599f659b9f973e1309b7/detection 193.161.193.99:31928 ramram65-31928.portmap.host # Reference: https://www.virustotal.com/gui/file/ed45624508fffaf1a417e1d7b9648733d197303437740e438a6526becdc606ec/detection mifec-53733.portmap.host # Reference: https://www.virustotal.com/gui/file/32014861da3653cb533c4e75bc1b80d2aa871cc723263daba2872c6a1126b7e9/detection mf2199601-27273.portmap.host # Reference: https://www.virustotal.com/gui/file/0dab3ac345d292876a0b3a8b8c825c3c2b1415e9c0e5d8d0aef2804e28e6b0aa/detection 193.161.193.99:22201 # Reference: https://www.virustotal.com/gui/file/ab70e9b072898b3d24b6c926cb6b6dc3d003b04f40a0812c32b697878b259557/detection 193.161.193.99:25679 79.134.225.112:25679 ghfsquad.duckdns.org # Reference: https://www.virustotal.com/gui/file/078008691e9f2dadd795d39912b1e95274ddd18000b7242b604a571c338145b1/detection 6234786296875-60237.portmap.host # Reference: https://www.virustotal.com/gui/file/5e88faead8cd217f6d4ebb9a4358ae8bdf75b1e76539ac8b7cf1baa673652b0c/detection finera6504-54829.portmap.host # Reference: https://www.virustotal.com/gui/file/9491e950532e7146031c687c94a29b0124b3fa30aa4b71d001f09874a756f3d3/detection 193.161.193.99:63239 # Reference: https://www.virustotal.com/gui/file/e21ee37c0b0f68c8307f907c3925b73852884d4a50d5a59d35e4c80b2807656e/detection 185.19.85.159:5000 # Reference: https://www.virustotal.com/gui/file/5089ed799eb09f8e2aea7e6dc822fbe77579aef8ee83a7d597566c05d21ef86b/detection 18.188.14.65:14401 18.223.41.243:14401 3.14.212.173:14401 3.19.3.150:14401 # Reference: https://www.virustotal.com/gui/file/b266e96c304e00f0c3f15dda67fe91d4e71d923a18817c948226d2e477bf4e55/detection 18.188.14.65:14221 # Reference: https://www.virustotal.com/gui/file/3c19e707a265ab2547bfbeb768ec993bcec6e8cb759d0ef625e235d91cdbc81b/detection 18.188.14.65:15968 18.223.41.243:15968 3.14.212.173:15968 3.17.202.129:15968 3.19.114.185:15968 3.19.3.150:15968 # Reference: https://www.virustotal.com/gui/file/048f14b39831bdae24b03b5a791921f8005a3ac585fe9fa6a4f02a23f0b18d3e/detection ghfsquad.duckdns.org # Reference: https://www.virustotal.com/gui/file/22fff4018f58d7c3200493c6ce6d244384a4566af3eac6604d668c20fe3507d5/detection ludwigh.duckdns.org # Reference: https://www.virustotal.com/gui/file/ab70e9b072898b3d24b6c926cb6b6dc3d003b04f40a0812c32b697878b259557/detection 193.161.193.99:25679 79.134.225.112:25679 # Reference: https://www.virustotal.com/gui/file/cc559587825877b40a955baeea22039cbc35813ee00e139fa6a3c90b7355283a/detection 79.134.225.112:8192 # Reference: https://www.virustotal.com/gui/file/c7c4f46fdc24cdac5a4980740ca8a03d60b2c3d8291c61ca96d13941071c630c/detection 18.188.14.65:17619 18.223.41.243:17619 3.17.202.129:17619 # Reference: https://www.virustotal.com/gui/file/43924dff1961d5bb62bd22686ffd3e4ddff4cc14a298f4329df2f1390f1e7d3d/detection 3.14.212.173:14915 3.17.202.129:14915 3.19.114.185:14915 3.19.3.150:14915 # Reference: https://www.virustotal.com/gui/file/a59791a43e661617ec6902a9c184ebdfc0717dfeef709910db37ebdfa98ac056/detection 3.14.212.173:15491 3.19.3.150:15491 # Reference: https://www.virustotal.com/gui/file/b914093514750b886e528e9fd140ce06b25bcd3df12df0a3b6dc2dac0a34d2f3/detection 18.188.14.65:17551 18.223.41.243:17551 3.14.212.173:17551 3.17.202.129:17551 3.19.3.150:17551 # Reference: https://www.virustotal.com/gui/file/617fd7610d64ac96a7d28d9defe1d679e82100d7c1596b54d346b8fe0f61515a/detection 18.188.14.65:17074 18.223.41.243:17074 3.14.212.173:17074 3.17.202.129:17074 3.19.114.185:17074 3.19.3.150:17074 # Reference: https://www.virustotal.com/gui/file/3ebeb1f70b6579b6d6f7bb7a8303e954538980e450f345a7d634347e3d959821/detection 18.188.14.65:14542 18.223.41.243:14542 3.19.3.150:14542 # Reference: https://www.virustotal.com/gui/file/7e7577c914ecdbde12687cccda1eb7f0e6aa92bd8d506ac0e7a31b48a6cb9126/detection 18.223.41.243:4444 3.19.3.150:4444 # Reference: https://www.virustotal.com/gui/file/f41f1d81faeae84c1a9a88e58be89258fc479370f998cdde6f278bb2a8683935/detection 3.19.3.150:15185 # Reference: https://www.virustotal.com/gui/file/ed79b6da2d9aff76f722a1e66198a2747263e70bf13c1dcc13ef3fc0121fbd04/detection 18.223.41.243:13600 3.19.3.150:13600 # Reference: https://www.virustotal.com/gui/file/4ecd3fdbfd578b052b275bf320c638da4dae912693bbdb48f3f4d1c5f96c57b4/detection 18.188.14.65:14585 18.223.41.243:14585 3.19.3.150:14585 # Reference: https://www.virustotal.com/gui/file/8db2ade5d9158959f3fdaed2a556aa2d0a49b80cf6bb92fa3a4efcf4bcf9fa07/detection 178.124.140.136:1809 # Reference: https://www.virustotal.com/gui/file/f656b6cabbabc361a98fc10e70b80b00ba90dc3229ec979446f616f77b10d7bc/detection 178.124.140.136:2404 183.136.216.229:2404 nonnyd007.duckdns.org nonnyd111.ddns.net nonnyd111.bounceme.net # Reference: https://www.virustotal.com/gui/file/9e42f0e6689fe9531a094d09e6b32edcdebdd1505676c08cbd487bfce73c5182/detection 178.124.140.136:5499 brucenanocore.strangled.net # Reference: https://www.virustotal.com/gui/file/c9e92891eaf68aac8046da31cc2ad1e6c47c30d60bcbf38c1b94ec4e9b5e26fc/detection 2BruceNanocoreme.mywire.org # Reference: https://www.virustotal.com/gui/file/2fddfa966358c9ef994566abdafa11b9d35bf41bf78378764aa847f8b3936890/detection 178.124.140.136:9321 # Reference: https://www.virustotal.com/gui/file/1ede3ee78c97f7e85d142943402e2a6c7234832cc596597f65f8b30ff77925e1/detection 79.134.225.108:50956 mardinmagicc.ddns.net # Reference: https://www.virustotal.com/gui/file/bc7d574ae8a394ce71db6cb3330f23b9719fda0ab91e9d33129566f1a582f327/detection 178.124.140.136:50956 # Reference: https://www.virustotal.com/gui/file/dda5d221e9ac6b2a2e779a38022618d8e6a162c4dd751ae8b8dd03c796fabeb1/detection 181.58.154.33:8090 nuevoproxy.duckdns.org # Reference: https://www.virustotal.com/gui/file/47f399288dd6cf10c822c60c8d5a226bb1b653b96b1efdb5007ae2335ec24e5b/detection wilsooon.duckdns.org # Reference: https://www.virustotal.com/gui/file/1f84001e63b3ad164680854ef9fb924272f10aea0309edd955dc20044cb2069d/detection 181.58.154.33:8097 neuvoprxych.duckdns.org # Reference: https://www.virustotal.com/gui/file/3bef100ec761cf03c6fd1a14056ce6e0115b7c473f141df24e0c0d1280f200a7/detection elrompeculo.duckdns.org # Reference: https://www.virustotal.com/gui/file/3f418ee8b49c3b843753a191fb30aa33dfa20ef97f826d6d6b0ed25de0820599/detection 185.101.92.3:1543 uniformmm.ddns.net # Reference: https://www.virustotal.com/gui/file/a9134c332a0d161ee9911d92098ba878f1f8149ee30f868c1f31c513b67e2f23/detection 185.101.92.3:555 # Reference: https://www.virustotal.com/gui/file/214bf6420145504d496c988a2e003a134edc1e6d34d75a3b7fbb11fcdecddffa/detection 185.101.92.3:4567 hostnamehere3221.ddns.net # Reference: https://www.virustotal.com/gui/file/f6b0302c07863abca103f6351d1be9fe45c45e2264308f5e876dd2fc21438dbb/detection 185.101.92.3:8942 # Reference: https://www.virustotal.com/gui/file/df7ac7026a687e11e8a04843cdfc10826662612609a66b4143ba92f8935b0f8e/detection 154.233.206.57:3606 # Reference: https://www.virustotal.com/gui/file/a34cfef9623b451397ea588c5e147c24feb8632d6b93ab1f897e954b01cc8584/detection 196.183.170.62:50000 # Reference: https://www.virustotal.com/gui/file/5b1ba114696a36cca4877f2a78d3fce9ca508d8309fd79888a86ba4407ccea3a/detection 192.169.69.25:50000 # Reference: https://www.virustotal.com/gui/file/92076a0eaf867a24c275bd8c7ca67367727b17a8a7039dd9969baa9f91d13803/detection 91.193.75.130:5577 # Reference: https://www.virustotal.com/gui/file/f3b9ece03446aaf6812787af22c7aa1c64147afc89c015767320df1150e93df4/detection 91.193.75.95:6767 # Reference: https://www.virustotal.com/gui/file/cb2de7f5a09779a76272efd77c45c21ddb40c86e590bf93d1247fff91074f296/detection 104.244.75.220:5200 herold.warzonedns.com # Reference: https://www.virustotal.com/gui/file/cb2de7f5a09779a76272efd77c45c21ddb40c86e590bf93d1247fff91074f296/detection 104.244.75.220:7788 # Reference: https://www.virustotal.com/gui/file/9b625089db69dcd9a4bd37ac3e4c3fe01771aa8813792db9950608dc526c56e8/detection 104.244.75.220:9053 yeetustest.hopto.org # Reference: https://www.virustotal.com/gui/file/6291a9f4ac7dbb741f317c61b7f60bb5d9bc064abeb47e66292ededbfcb38966/detection 104.244.75.220:7172 104.244.75.220:4199 # Reference: https://www.virustotal.com/gui/file/0b05c6f6e71641668dc8ab8cd85c88fe056a9416b4e0ba6ca3e4494f03e73a71/detection 104.244.75.220:38199 awdawdwa.duckdns.org # Reference: https://www.virustotal.com/gui/file/e6ce3753cb68b162f63e9f7cddbce5f1f565121bc611c43123661f8dd7a18db7/detection 104.244.75.220:9301 # Reference: https://www.virustotal.com/gui/file/721ff56645d9b040ff0704303ea2ff404891b5b90cdb181d4849974993f60357/detection 104.244.75.220:4714 # Reference: https://www.virustotal.com/gui/file/2a868cbaa45f10a390c03eb533cbee459263758cc63e5fc19448ee1ba9b1272e/detection 109.41.194.231:4714 # Reference: https://www.virustotal.com/gui/file/8e7ee641d22f74c79c7836e8676e9820dd61093e59d6933609c418ec1dcb54a2/detection 104.244.75.220:5552 77.30.230.177:5552 anon.dynu.net # Reference: https://www.virustotal.com/gui/file/f8333b1937cc6a6b63fee46404b65be8d8962d8f387cfb9abdbeaf7160732bb3/detection 104.244.75.220:4492 # Reference: https://www.virustotal.com/gui/file/3d0fbfed00f92b9d215733b5bd042fc9812101e1bfea3690b54c3d6d8f557f4f/detection 79.134.225.112:8512 # Reference: https://www.virustotal.com/gui/file/2d710e99a83080c4ec8e6b4c34d8330ff4459ed211b142a0bb427a92942f22d0/detection 79.134.225.112:2018 # Reference: https://www.virustotal.com/gui/file/d959d357dac740b5eed96bc85b4b0016a8bb5e2fdf76d60e370978314d463f6a/detection ceo1212.gotdns.ch # Reference: https://www.virustotal.com/gui/file/dbcf96c272001efbcd4b9064ff07505e22d325a292cd837a6328a146ff61689d/detection 79.134.225.112:1985 emanichikli.duckdns.org # Reference: https://www.virustotal.com/gui/file/7cdcf238c4f72fb9bcd44aebf2b96eaed767451ffe255486160abaf5fbb25c92/detection 79.134.225.112:10001 blazeblaze.ddns.net # Reference: https://www.virustotal.com/gui/file/e3d56b5128b727addbd7d43de64174fc2e8a1bda132eb12e63a1f7714329fdfc/detection 91.193.75.49:3400 mansalorris.ddns.net # Reference: https://www.virustotal.com/gui/file/8585a8c535ccead00c76edeb3d922323565cddd6f1703ab2105365412e8ae3dc/detection 91.193.75.49:2444 # Reference: https://www.virustotal.com/gui/file/ac85f6bd887fda2a0d470e4fde35f2af1432a0dc1707a9a4746cb57c6e58892a/detection 91.193.75.49:3369 # Reference: https://www.virustotal.com/gui/file/4224da4c2ff5b00bf5a3cdb0240b45a41d68ed8e6c32264a4681d33f86ef77d5/detection ken419.chickenkiller.com kenosky.ddns.net # Reference: https://www.virustotal.com/gui/file/f9436595968d10a0b1b146e8e970e3bf1c9faf8f9ebdb2b583e31888c4189623/detection 79.134.225.97:6565 # Reference: https://www.virustotal.com/gui/file/fda4b6acd7c4277dc30ed516c360957a931043c6881de0eab69c77ab217a254e/detection 79.134.225.97:9737 # Reference: https://www.virustotal.com/gui/file/e916e056b9d5efb8a9c866f7819929e2fd40c59f42adba734baba08484c89cea/detection 79.134.225.114:3369 # Reference: https://www.virustotal.com/gui/file/c7b590eb0e8fad463d05ea8386a554dd39d02a9b052d4a658b6eb10d6e02901c/detection 79.134.225.122:3369 # Reference: https://www.virustotal.com/gui/file/3c9d86be0837c561a345c71e41387c04aac3b69f4cb533092926bf7dac1af342/detection 79.134.225.99:3369 # Reference: https://www.virustotal.com/gui/file/90a1ba4011f5df93fa18c72bff8f8c300a74cd50b5571b3946cc4a96e8ea2534/detection 185.140.53.95:2551 sebaseuro.duckdns.org # Reference: https://www.virustotal.com/gui/file/51b14de8aa45b3015b96ecd599fe43efbec8ab7fe4c1d2b88f6bcb010f8ba564/detection 176.9.122.21:3336 94.130.239.15:3336 185.244.129.107:5200 sifebui.warzonedns.com # Reference: https://www.virustotal.com/gui/file/6af387a64a8cc32b1045743bb0d484292cb4741d7c4fcbcbdd22d02c7f33474f/detection 185.244.129.107:54984 # Reference: https://www.virustotal.com/gui/file/8ce21f775dd62bbb983e5e38c6b7a0c353d8751e028409a3e6f5fa9bc7205f24/detection 185.244.129.107:1996 # Reference: https://www.virustotal.com/gui/file/2ce1bc3f8566eb8c67134ba50081853c8dd74dcf3b3cf15fde02b2330e3c1df4/detection 185.244.129.107:1111 # Reference: https://www.virustotal.com/gui/file/1626baf23e94a9d97660fc39a83293b306a94ba0bb7a9a12c9b5910f8bf55bb8/detection 185.244.129.107:6969 # Reference: https://www.virustotal.com/gui/file/69edcfc3ccdd3fc311bac8c7d30c1e9598838849ba4b88f2a086b8734771c913/detection 79.134.225.85:54984 79.134.225.118:54984 getlogs.hopto.org homyme.hopto.org # Reference: https://www.virustotal.com/gui/file/38e67216901a8f1b035fb53ef5cd0b90e074d35fd364e7500ed6442c723f75b7/detection 79.134.225.73:7149 blissmoney12.ddns.net # Reference: https://www.virustotal.com/gui/file/53b66b10fbb3d262266ca30a76ef3523cacffc249b624d68e17de932e076c5ea/detection 79.134.225.118:6987 diala11.duckdns.org # Reference: https://www.virustotal.com/gui/file/bcc20cc6fdde32260163db65096cd4c70e197f45d38d1e041807410794cbbc33/detection 79.134.225.118:54985 # Reference: https://www.virustotal.com/gui/file/18b578ba26202a2a2e7083bdcd5bd4dd093661ff0e4e316fbcea59397584f9b0/detection 79.134.225.118:3030 # Reference: https://www.virustotal.com/gui/file/1c1a804c8bc1fe9610fca25c8cbf16045b49766a79da5c9eb9ebea2cb6b7643d/detection zsdwe.ddns.net # Reference: https://www.virustotal.com/gui/file/8d9d0a5f190bb82dfe0005203c7f75acef0fd8047b80ce1b779e10fad0ac5931/detection 91.193.75.66:20188 zigf.ddns.net # Reference: https://www.virustotal.com/gui/file/b29d9d38be189a8b35dd223d2dc7c1f701b23cc7fa48d69edaefca5b1b251307/detection 91.189.180.199:2707 wixed.speedfastmaking.com # Reference: https://www.virustotal.com/gui/file/ad1339af6c284ed966c739401f4e5e97d55c13d1d1fb62f114780fe6aa97b94f/detection 181.52.103.29:1896 nickdns26.duckdns.org # Reference: https://www.virustotal.com/gui/file/b6d95e33ce0805589eadf7d6a27070a4154e1bfb6b4b998be0343043f6fea163/detection 192.169.69.25:1896 # Reference: https://www.virustotal.com/gui/file/597b4ca12cda81ad162829ef96071e66abd6a6de21bcb9f09c03a0c34b3d787c/detection noch419.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/3768cd12daf7eb339a56ed62a35a14f12a696c15731b8fc6704f2f3a46a3e49c/detection alexnurmela109.ddns.net # Reference: https://www.virustotal.com/gui/file/1c0f8bb31d034bd8841b61f46e280c8a3f648788d31fa9c1c6ad949bb12e829e/detection 91.233.116.105:5042 eliboy.ddns.net # Reference: https://www.virustotal.com/gui/file/85e80c6f19458024a810c599e997a8c3e54c1e22316d18c000221884c8dbd4ca/detection 91.233.116.105:10842 # Reference: https://www.virustotal.com/gui/file/580c58deca6b3117e03707c9e27f200a1c64d1a62d4c975c3805732333b686ec/detection 91.233.116.105:9868 # Reference: https://www.virustotal.com/gui/file/f731cb13ea188f26b510684bb74976fdc91b7b4c9eb49432fa1e981757d299a6/detection 42.115.19.255:9868 # Reference: https://www.virustotal.com/gui/file/d5dd0426bfc54c05559af8880d54beb7e4becfeea7a0f3e998957087300df362/detection 79.134.225.6:5712 91.233.116.105:7203 pierreeldaher.ddns.net # Reference: https://www.virustotal.com/gui/file/82602fe5311fb11e3db7dc4358441f229bd1ddbc7ea22cc5628ee2422ea0f300/detection 91.233.116.105:2008 # Reference: https://www.virustotal.com/gui/file/5394b645dc5e99216de82c4e9e42f5fd880b15463337b2d9b91028e3e9fd1a53/detection 78ifngbu.ddns.net # Reference: https://www.virustotal.com/gui/file/f9b0c1245e9e11983310629899824e323bf5dc657d97329f3c3e38c6ac5a48c8/detection 91.233.116.105:56982 # Reference: https://www.virustotal.com/gui/file/1bc87a52a0a57278ead8e1104902f58d0c7a5cf10febc758580fb81d4042ccd9/detection 193.161.193.99:40921 # Reference: https://www.virustotal.com/gui/file/d0ba2c003cb44a1b94a3accb7d30a4d05ea235b50aea72c91156286c1f2e8bd0/detection 193.161.193.99:1019 # Reference: https://www.virustotal.com/gui/file/0ef2355f705c31f9c510ed4deee0bc4a5ddcb5d5d26a9a94b35adedd2c9b2505/detection 197.210.55.13:2033 # Reference: https://www.virustotal.com/gui/file/a6a9bcff33099e92b9e8dd9195733983a7034d65d35f5d7b6242fca16436f4cc/detection 79.134.225.72:36380 # Reference: https://www.virustotal.com/gui/file/6e837bcb37f70c86a1d8aac5e42aa36336220e93d63b7ae451ca6c4f9dee096a/detection 79.134.225.72:5454 ewills.ufcfan.org # Reference: https://www.virustotal.com/gui/file/0db74f2fc1f161cdcccddaca7d825bfc91054ac39bdf3631849ab2df7d343e53/detection 79.172.242.29:36378 # Reference: https://www.virustotal.com/gui/file/14c67c40100dbc7684f4cb440742c58ac5abb73c14745c487c0bfe114432940c/detection 79.134.225.72:8153 # Reference: https://www.virustotal.com/gui/file/b9f211ca817ee3c892fbe38b31d8e9cf4951edd514b9533438cb5fcc433e4598/detection 105.112.52.198:6690 79.134.225.72:6690 # Reference: https://www.virustotal.com/gui/file/d505673bd7bc008592d71a2b7ff6660dc4352f120aabffbb47fdcd0c638d6d7f/detection 79.134.225.72:33933 # Reference: https://www.virustotal.com/gui/file/262e429b5551d414e9bdcb7a179bbdea962119cfd23fb33810e77ba56671d5cf/detection ambit10.duckdns.org # Reference: https://www.virustotal.com/gui/file/cd8b31328a688c29ec077b14648fdd55bd5afea4df93f52030ab0aabef79820a/detection 5.62.62.239:1503 # Reference: https://www.virustotal.com/gui/file/5ca2fd3e3b26a7bc590b1332b5976c5b24fdfbdc5747da48287a320679a78683/detection starlucky1.dynu.net # Reference: https://www.virustotal.com/gui/file/b88aee0b1e70baa4a740bcec88a741ebb3b61f7f8e3360fd58a0eb38a23899e3/detection 79.134.225.72:3535 # Reference: https://www.virustotal.com/gui/file/168493363a7b5aad9a6ace37d9c6d7ee2e853ab5b2d05baec3e87f40e3ea9659/detection 79.134.225.72:2033 # Reference: https://www.virustotal.com/gui/file/6227a06d987fb90e671dc998ce8dab78cde2b1c8747836bcdce46e9e98184bb5/detection 79.134.225.72:6011 microst324.giize.com # Reference: https://www.virustotal.com/gui/file/097b934995ccb05663cecefa0291267e72f0a64e10894ca42551c3c5d938eacb/detection 197.210.227.213:2033 # Reference: https://www.virustotal.com/gui/file/f6c435047c27951a7088d71dd6d5f6ab247bc367b2b27a891607a6cd26e97adb/detection abangwuemmanuel94.ovh.net # Reference: https://www.virustotal.com/gui/file/8fb6815d18b02a74c22cb16b5c5e6268453c980df8a7f76e97e82e27351f6167/detection 79.134.225.72:1999 # Reference: https://www.virustotal.com/gui/file/2f080673e2590f87e65dcbe9bf480e815cfb98ed625ddf6c881a54aaea8c888a/detection 79.134.225.74:34681 88.229.203.24:34681 # Reference: https://www.virustotal.com/gui/file/f6aa685beb9a092360bb8d8915e7b68a0a8e528f02e84ce82efdc57d32d711ad/detection 79.134.225.72:9110 # Reference: https://www.virustotal.com/gui/file/75812e37521129679dc11280d588f1efbf389f9d8a5cd81fde8a39caaaccd8c2/detection 79.134.225.73:3434 nowahalaewe.ddns.net # Reference: https://www.virustotal.com/gui/file/126f58bc8b4575c9ebe71f726ac25e1381acb67d7c6411182ec37e7334946792/detection 79.134.225.73:6393 # Reference: https://www.virustotal.com/gui/file/d3e8103bba7d8b2e4f52d575df077f899e0b5ccab8e54f3cd091be0a3a938a83/detection 79.134.225.73:8181 # Reference: https://www.virustotal.com/gui/file/51052fd0cd4e0f85018fbfdb736045d4561203e451a84cb48bc56199c4e9fc4a/detection 42.115.18.212:7656 79.134.225.73:7656 albert109045555.hopto.org # Reference: https://www.virustotal.com/gui/file/7a9befc421814f35d81aebc3d47341e1b29662131be56f5ac20bd867acf912bd/detection 197.211.58.127:8181 # Reference: https://www.virustotal.com/gui/file/e83ef3374d2d0b943ec6e59fa8da7dfd912c4393154f71d54f8e6e8897be30f7/detection 79.134.225.73:6003 # Reference: https://www.virustotal.com/gui/file/d421e135a7480a6dd92dc2bf22729542da11d2d1cbb7d8ab0675e3b5e62d12fd/detection 197.211.58.95:8181 # Reference: https://www.virustotal.com/gui/file/2c71a924d8c20cea3be22c0b403b577c7bba104a528dfe9736a724c28049a4d8/detection 213.208.152.196:8181 # Reference: https://www.virustotal.com/gui/file/905939ac2724217e860892088d3901bfed2a1d5208b77b7d83f84d73ddffd59c/detection 79.134.225.73:2001 adikaremix.hopto.org # Reference: https://www.virustotal.com/gui/file/01933cb24077a81c3580c1c066b0c48e9c588d95e31df2979193441e4e7dc62f/detection 82.102.17.122:2001 # Reference: https://www.virustotal.com/gui/file/65d1fb614241f771b59aa8bd4b0a5ab129b944e970b3c2a93503edeaa88e445a/detection xyzindustry.hopto.org # Reference: https://www.virustotal.com/gui/file/7973f4689aa8f60918dcf195ac6bcdb1aedfbe0f56574918145810232c3e73de/detection 197.211.58.135:8181 # Reference: https://www.virustotal.com/gui/file/bfdd986c06db7af18170f4958d0bf0f4d9bb92d00413b9ce9b10269a9544ca0b/detection 42.115.49.50:7656 # Reference: https://www.virustotal.com/gui/file/2243db2c7a14d0846222806fbe4f91a55b0f84649f454e9261f074a4756d2a07/detection 79.134.225.73:20118 # Reference: https://www.virustotal.com/gui/file/31caf27f777866cafa5ed619628e4c039ab6872ce4a288e3b1af8029525741f5/detection 79.134.225.73:8282 # Reference: https://www.virustotal.com/gui/file/c1f71d7547ce96052e057cf77c4c6af952973113adc1a25a80da10666e90a750/detection dalpzy.ddns.net # Reference: https://www.virustotal.com/gui/file/127b1d549cc114f02db9fc4fa2dc7a5adb77963827a379526fa0c16a39e2ddab/detection 108.211.192.169:1085 # Reference: https://www.virustotal.com/gui/file/c4a2d24a66c76f64124e7b856d46df4211366a8b2b030750a26532dd747f88e5/detection jrexy.ddns.net # Reference: https://twitter.com/cocaman/status/1214084915471495170 analyst.spamcannibal.xyz # Reference: https://www.virustotal.com/gui/file/b48934041e4bb3e55d3d5a30eb8a613695bc7f90a1d1e9b790ef7de91b2efcf3/detection 192.253.240.11:6774 # Reference: https://www.virustotal.com/gui/file/404fd3ac3ac87f9b115a7e22129909154af934057ff83e33eee88afc6944f067/detection 185.244.30.4:11011 # Reference: https://www.virustotal.com/gui/domain/nanocoreratd.ddns.net/details nanocoreratd.ddns.net # Reference: https://www.virustotal.com/gui/file/76252d2c26dde0bdf525711b11fbede81a5add73ae06e0e3ff3d316f21077095/detection 194.5.98.28:7203 # Reference: https://www.virustotal.com/gui/file/69a2f5f6f083f476574777392f3702e4c44f99ad9884740dfa020ea5b257194e/detection 154.120.88.80:7203 79.134.225.8:5712 # Reference: https://www.virustotal.com/gui/file/1210e64a487568b581de88c6669e54b28692a14cafd2c9803fbb4a7cbba2716f/detection 185.165.153.15:7203 79.134.225.8:5711 # Reference: https://www.virustotal.com/gui/file/d5dd0426bfc54c05559af8880d54beb7e4becfeea7a0f3e998957087300df362/detection 79.134.225.6:5712 91.233.116.105:7203 # Reference: https://any.run/report/438f92ef7a0650f72954b5636b40ec2112defe32541c0351ea62987a72d6500b/1f7b133e-d6da-4671-bab4-a20d26b80822 # Reference: https://any.run/report/62ac84ba831bce835274bc6e57db62066a93a219c328716891b19a1677667f7e/ef08220c-811a-453b-b8f9-dd20a62a5077 papacy.ddns.net kkssa.chickenkiller.com primedelivery.net # Reference: https://twitter.com/ScumBots/status/1214663352854540288 194.5.97.34:9090 omcavi.duckdns.org # Reference: https://app.any.run/tasks/20dc289f-ed01-4c63-8a05-12ccd9213ecb/ xeliteme.us tats2lou.ddns.net # Reference: https://www.virustotal.com/gui/file/86c8896067480a260f931692b6f2223d603415a0708e8d16cc5ead90f9b22ba3/detection 86.90.27.189:5678 spowpow12.hopto.org # Reference: https://twitter.com/ps66uk/status/1215035648899452929 185.103.96.151:3012 # Reference: https://twitter.com/James_inthe_box/status/1215290232355966977 185.165.153.129:5421 # Reference: https://twitter.com/w3ndige/status/1215366283404959747 # Reference: https://app.any.run/tasks/4dacd054-e58f-4d81-b9b5-4afe25a037bf/ 185.244.30.23:1001 192.169.69.25:1001 abokijob.hopto.org aboki0419.duckdns.org # Reference: https://app.validin.com/axon?find=200.83.148.79&type=ip boki0419.duckdns.org # Reference: https://www.virustotal.com/gui/file/76007a8f8bcaea779bbe998e8ce38b154c274fd9cd7b461bdd09b37a13ae460c/detection 185.19.85.139:9900 # Reference: https://www.virustotal.com/gui/file/48f52c87b38b91436943196dec0923f9412007a61ea31ac99ed2c10e3a5b7a23/detection 185.244.30.23:9900 192.169.69.25:9900 # Reference: https://www.virustotal.com/gui/file/d8c2b06570a0c86994d2ddf5b0e98d69365d9541ff262a03f4c1271d2def4cff/detection jemoederspow.ddns.net # Reference: https://app.any.run/tasks/7492c122-a646-468c-9531-50d40a2da425/ 185.165.153.165:49153 # Reference: https://app.any.run/tasks/fc78adae-45ff-4832-aa97-ee472f6629b8/ abokijob.hopto.org 185.244.30.23:1001 # Reference: https://www.virustotal.com/gui/file/864ab11cd4f2b167f86c3fa3a295dc5825ab961003afda2d7a827c97becb51f8/detection 66.183.41.207:5353 filip1.ddns.net # Reference: https://pastebin.com/pwvLeQ9S 75.157.67.9:8402 jacobip123.ddns.net # Reference: https://www.virustotal.com/gui/file/96c1348e80f4fe4fcd284d4b0b3cbb23098ff621ddf1d28fb740b05bb063da99/detection 185.222.202.61:5567 walkerstand.ddns.net # Reference: https://www.virustotal.com/gui/file/8a07a557b07f43ba223cda68c073a527f8487f53fb0313650c2405ae09633afa/detection 181.141.45.33:5020 pedaenaf.duckdns.org # Reference: https://www.virustotal.com/gui/file/d694a7c79797c8d59c0b5bc60e935bc9e5478735797ef6bee44a6e1e95d5d33a/detection 129.205.113.201:64346 chuks.hopto.org # Reference: https://www.virustotal.com/gui/file/95b7f419d6559f5c1f518d67b5600d1d544b8cfbdba6cec51f136dcc98d6c357/detection 105.112.96.122:53247 ratu22.ddns.net # Reference: https://www.virustotal.com/gui/file/13a8123b240dabbe55cf509c08cfc63ae3e50032edb8f2554ae1172ff5faa0d2/detection 141.255.154.84:25565 blazingpack.ddns.net # Reference: https://www.virustotal.com/gui/file/7800bd0af0d16183c1ea98c5931a4a4a58d9b590e3b2d7ba73848fcf4e32151e/detection 141.255.155.79:25565 # Reference: https://www.virustotal.com/gui/file/45c030a162184b42f5ca5670b7d78f9bde36b871cf6dadaba6dcecc820d2710b/detection 192.254.79.116:50968 50968.duckdns.org # Reference: https://www.virustotal.com/gui/file/40f9bd30b660332bd06515a390f0b1eb976996dcdfd02bdb765a8d70f3fd64fd/detection 128.90.108.69:4432 # Reference: https://www.virustotal.com/gui/file/967193d5fbb7164ec4d1ec698c015104c7a890774e3e0350629e1a84b14d8856/detection 192.169.69.25:5190 jans5190cwv.duckdns.org # Reference: https://www.virustotal.com/gui/file/090ddc16d1f8d192037d8bc070c296623ab950a18c5d864f63da34640b4b221f/detection 79.191.63.233:1604 eevkakopacz.ddns.net # Reference: https://twitter.com/wwp96/status/1216782313096384514 # Reference: https://app.any.run/tasks/cf1e122a-f304-467f-90a9-8d80b58befe0/ 91.189.180.211:56749 # Reference: https://twitter.com/ps66uk/status/1216849774407798785 # Reference: https://app.any.run/tasks/e76a9253-bf92-4af6-b6bb-4436afc5a130/ 45.125.239.168:46571 # Reference: https://twitter.com/ps66uk/status/1216849775787741185 # Reference: https://app.any.run/tasks/9b649c1b-6eac-4a2e-8fd3-6544801f5747/ 185.165.153.22:1943 # Reference: https://www.virustotal.com/gui/file/4cdc01d5d789c72f59dc40f11f4906da636bab6c5d6968f70f72d4503e93d983/detection 79.134.225.96:1313 nybenlord.duckdns.org # Reference: https://app.any.run/tasks/ae59fa2c-2619-4444-825a-fed7a40e1d0a/ alcaldia.duckdns.org 181.52.109.69:1881 # Reference: https://app.any.run/tasks/583d71f6-9261-46c8-9ae9-5103050e3a46/ tugatuga.duckdns.org tugatuga1.duckdns.org # Reference: https://www.virustotal.com/gui/file/ebc05d5a82e9ffab000a94bf6ee04cd0689e8988ecb2a899360e44472a3b4733/detection 177.75.41.182:1888 # Reference: https://app.any.run/tasks/584d898f-a187-4176-a23a-3cad11712034/ innocentbooii.hopto.org 79.134.225.113:55420 # Reference: https://app.any.run/tasks/54e108b5-af27-4310-8cbc-f94696ff6074/ manofficial.ddns.net 79.134.225.75:4473 # Reference: https://www.virustotal.com/gui/file/6c3bf812335763ffd48debe7d75ea51ac56cb8a4cd92ebeae849885e63ffbfad/detection 103.207.38.195:1590 myduck1590.duckdns.org # Reference: https://twitter.com/wwp96/status/1220367245966299137 # Reference: https://app.any.run/tasks/6f7d1a38-f5bf-49a3-8b38-b73724afd17d/ 185.244.30.112:1144 nass1144.ddns.net # Reference: https://www.virustotal.com/gui/file/b08dd3ea26b827f9052689fad296770adcd7db594fb73c98ce092d9bc485b97f/detection 41.190.12.45:1985 # Reference: https://www.virustotal.com/gui/file/54165ae0cb5971866642a731e4abee053c4752bd68a8178386278558a60f498c/detection 41.190.12.212:1985 41.190.14.58:1985 # Reference: https://www.virustotal.com/gui/file/03b4ef6a09b015a7c2addc82099c23c738117c2b5a9153ea1f70c54803563b29/detection 42.188.37.214:6318 # Reference: https://www.virustotal.com/gui/file/810535c9dad183fffd0a09db189695f80f456dd047095aba94e8c34fcb995020/detection swez114.ddns.net # Reference: https://www.virustotal.com/gui/file/d6b256c011e8a0d5f969bcff214dcb697e1cef51ff32e6aaf8753d8eb9c4c8e3/detection godstar.hopto.org # Reference: https://www.virustotal.com/gui/file/f2d2480e501b85bb3bd147f6b796d00bbb9b352f15e98cfb6dc0e771cb88a8ed/detection 88.150.227.112:5000 # Reference: https://www.virustotal.com/gui/file/9e2396c6cdff60fb006f0c9e637a520459d96957c220d5fb989eb467bf20b8a3/detection 88.150.227.112:4000 # Reference: https://www.virustotal.com/gui/file/e0355ea608faa4312778e16aaf5b1b09432a730c86cbcc3b9bc7b4220ea7a5a3/detection 88.150.227.112:1422 # Reference: https://www.virustotal.com/gui/file/8611a0492c37189d0066aa55c1d54c3c18915666217814f437b0f4d67b50339f/detection 216.38.7.247:9995 jukax.ddns.net # Reference: https://app.any.run/tasks/c461873d-3249-41ce-b350-b9a592a7ccf1/ sherimix.duckdns.org departdec.duckdns.org # Reference: https://app.any.run/tasks/55da3974-76de-41e0-80fb-2e8437748631/ 79.134.225.5:4040 # Reference: https://twitter.com/wwp96/status/1222594326850609153 # Reference: https://app.any.run/tasks/8e0eebfd-55bc-4211-8a78-019088791cf2/ 168.235.111.253:54671 # Reference: https://twitter.com/wwp96/status/1222644734675619848 # Reference: https://app.any.run/tasks/1da82563-fa9c-4d2b-8f79-a87f07fcf4fd/ 79.134.225.79:204 newratti.3utilities.com # Reference: https://www.virustotal.com/gui/file/c8b4cd3dc221f265a096413ea20dd2b97fff8efa162f3a69c9b8d722bd2110b6/detection 37.228.132.165:1010 37.228.132.165:1011 smithadmin.changeip.net # Reference: https://www.virustotal.com/gui/file/a5c52fa8affb071a4af2a02bd281bb8146b14536176c3b07a4be74a56872feb9/detection 205.185.125.42:1010 # Reference: https://www.virustotal.com/gui/file/54d50305787d2811dc15a71cdf996c8927ed4d8ee11a9e7e950c33c71b4df65d/detection 178.209.46.144:1010 # Reference: https://www.virustotal.com/gui/file/167bb83c774a9590876e2336eff22d420bef4880c69f15a1bb4147ede74aec52/detection 194.5.97.58:1010 # Reference: https://app.any.run/tasks/8ae3a07a-23c8-4d67-a577-e647d2b79bad/ 193.23.3.36:54984 pimpinjg.ddns.net # Reference: https://www.virustotal.com/gui/file/74579525e06c50e98205e5e4572569b3e618a304e2cf4c3d79ad37491e29ad70/detection 185.13.38.227:54907 snosy.ddns.net # Reference: https://www.virustotal.com/gui/file/b1e27b6a375d7f58cdae46e324a80d4bfef5fe505f207994587600b8acc23e79/detection 31.171.152.107:9874 # Reference: https://www.virustotal.com/gui/file/949b142fdff443cedd4e1c303f50b4cd747e3b0ba9b6d48b6263e0e3ebe55d71/detection 197.228.220.133:9874 # Reference: https://www.virustotal.com/gui/file/de6117e4692d1fcd1553b69cc537e63fae2d4d9d043f8dc909854b5df3477837/detection 31.171.152.107:1990 # Reference: https://www.virustotal.com/gui/file/8012fe6af55b01332bd9b83157f0d36c5fe632d9813fea873b7190dcc789ae8c/detection 178.239.21.105:9874 # Reference: https://www.virustotal.com/gui/file/79dcd9b0ab0e94b62db8f410610b31cd3814358862cf9725d8f29cc6abcd7694/detection 95.7.171.7:9874 # Reference: https://app.any.run/tasks/a006f71c-ece2-4c4b-8184-a57a88cb0012/ smithinnocent.ddns.net 79.134.225.21:53590 # Reference: https://pastebin.com/gKS1vLYp # Reference: https://www.virustotal.com/gui/file/aff3f9466a3b8932f1f1b39b83bcf39277226b28dfa0a7d18f6f58c98fa9f2db/detection 185.140.53.8:3457 miraqueen.publicvm.com # Reference: https://www.virustotal.com/gui/file/437b346787558fcf1ad38016c5cf8e96954ac19b34a96ed9364b8b1f25b4fbdc/detection 216.38.8.179:7568 # Reference: https://www.virustotal.com/gui/file/fec05533afdbf366e17ba6737add44ca5b376c8b585d042bd677c97738a49d9f/detection 185.244.30.9:7568 # Reference: https://www.virustotal.com/gui/file/f96edda29215441dfe2a73e803c53d21643d45d24de527f10764ffe818f58a1c/detection moneyman2020.spdns.de mothermaryblessme.duckdns.org # Reference: https://www.virustotal.com/gui/file/aaefc8d70929c09a3101aff8748839f2f349d62d2a5b8fe0d624cc4dde1c5583/detection 185.62.188.44:5003 185.62.189.77:5003 # Reference: https://www.virustotal.com/gui/file/a2ffbd0a464843fcaa3908e8b5365fce60c89f757f371bc518524a5416ad5096/detection 185.244.30.251:83 # Reference: https://www.virustotal.com/gui/file/effc2b4841d18a24ac00e9c181845d2618455379bd4f5256d3cd68ccdba7a4dc/detection 105.112.104.168:83 # Reference: https://twitter.com/wwp96/status/1224387875728478208 # Reference: https://app.any.run/tasks/fb820ab8-d843-4409-bb9a-8b9fc9ae90ac/ 185.244.30.211:1985 # Reference: https://www.virustotal.com/gui/file/883562a2a36809c07e2368a7d0fd47e8e8fc23a839837f1ebe64b86dcc3209d5/detection 79.134.225.74:2404 79.134.225.89:2404 behco.duckdns.org paris4real111.ddnsfree.com # Reference: https://app.any.run/tasks/7d0cfbcf-895b-4f93-85bd-2479689d3fcd/ deresurrection.ddns.net 185.19.85.133:1414 # Reference: https://app.any.run/tasks/a684bd88-3cd0-4286-bbbd-fa745f704e7c/ 68.192.153.27:80 # Reference: https://twitter.com/Racco42/status/1225375672023027712 # Reference: https://app.any.run/tasks/303554f6-8b27-4513-b846-a290d4843728/ 192.169.69.25:9993 216.45.59.111:9993 # Reference: https://twitter.com/wwp96/status/1225522548152176641 # Reference: https://app.any.run/tasks/747ee072-8840-4acd-92b3-7a228bfa637c/ 168.235.111.253:9080 # Reference: https://blog.talosintelligence.com/2020/02/threat-roundup-0131-0207.html (# Win.Dropper.Genkryptik-7572204-0) # Reference: https://www.virustotal.com/gui/file/0b023aa63679132222f38f83cc5d068b64294f27378657a83d5a1e382a0f5f6a/detection 79.134.225.5:4040 olodofries88.ddns.net # Reference: https://www.virustotal.com/gui/file/f258a50ca8b8d5509bffd9a3d9ecd9838a29663771db18c0d6aefc3460c34fc4/detection 185.140.53.185:4040 steel500.duckdns.org # Reference: https://www.virustotal.com/gui/file/d52c3cf4249d0f2c27d6942949badc24a00ecdd63008867c52fe49c2b4f9da08/detection 78.162.76.87:4040 # Reference: https://www.virustotal.com/gui/file/363ddc8232d216392189af61de76aa4bc1f3ae5f621805a83441c5b4ba75466b/detection 84.210.40.80:1604 krypticon95.ddns.net # Reference: https://www.virustotal.com/gui/file/99c559b39819700d6fe099a07a84038807989b06fb4e794e5918959d11674e95/detection 95.188.71.69:7777 gooodwin.ddns.net # Reference: https://www.virustotal.com/gui/file/db167cbcae2b2dfa8920f268d3af0e953d5a9e0ecc195f613c317dd6e1e98e45/detection realfolger1.ddns.net # Reference: https://www.virustotal.com/gui/domain/sdlzglass.com/relations # Reference: https://www.virustotal.com/gui/file/95e902dc390bf92e13b9b2c02832972be2f2dd1bde858fc69cf0ef764059e145/behavior/Dr.Web%20vxCube # Reference: https://app.any.run/tasks/19460de6-5d10-4df4-8711-51262870d284/ # Reference: https://www.virustotal.com/gui/ip-address/23.105.131.153/relations # Reference: https://www.virustotal.com/gui/file/bc9a61fa02eb88783395ac1d94e6461b049b1ac9d4ddb63504cc610af002d287/community sdlzglass.com 23.105.131.153:1619 23.105.131.153:1620 # Reference: https://app.any.run/tasks/bf34bcca-5726-48cf-a319-efaff53a4516/ iammrjeff00.duckdns.org 79.134.225.38:1082 # Reference: https://app.any.run/tasks/59170485-7f75-4ce5-afb8-b87e89f1e79b/ alekseynj.ddns.net 46.98.102.202:2891 # Reference: https://www.virustotal.com/gui/file/6cbe83da3d33b4bc7c9768fcb4955b58e982fbd04d3eb21f42760565a7b0f1a2/detection 5.107.37.103:1604 barclaysb.ddns.net # Reference: https://www.virustotal.com/gui/file/4e01aaa713264a42c9549238aa9ffb2c2e4b84787c7a850701edd63e3b341be1/detection 192.240.96.130:1604 # Reference: https://twitter.com/wwp96/status/1228022054655602688 # Reference: https://app.any.run/tasks/3eaae088-f301-441b-b98f-b5fd78b2419e/ 79.134.225.89:7777 # Reference: https://twitter.com/Jouliok/status/1228251835321987073 # Reference: https://app.any.run/tasks/a0998463-1fd2-443c-81b6-08266736bb2f/ 185.244.30.239:6789 # Reference: https://www.virustotal.com/gui/file/8ae646774cd6be8900bcfbf9bcf01eb9bc1cccee11722626b66c11f603e4adc2/detection 185.140.53.131:6789 # Reference: https://www.virustotal.com/gui/file/99a6eba25136e6b5a12a1dbb1006bfcde0f662421a6edf21276af224c58a5c42/detection 77.48.28.200:6789 # Reference: https://www.virustotal.com/gui/file/83cd2a789fc89c44d2d368366c7d907ae2f7f815900a931c45dbf6789e8d0da9/detection 194.5.97.14:6789 # Reference: https://twitter.com/wwp96/status/1228372397461471232 # Reference: https://app.any.run/tasks/474ff1cc-a8ec-42a5-9173-6d17a21b6f6d/ 164.132.90.226:24110 24110.duckdns.org # Reference: https://app.any.run/tasks/b17e0db5-2ef0-47ba-8d9c-aa31138e4f01/ 79.134.225.5:9334 # Reference: https://twitter.com/wwp96/status/1229443116941369345 # Reference: https://app.any.run/tasks/3389b31a-10bc-47ff-af2a-3fb2d689d743/ 79.134.225.103:3939 wealthadmin.ddns.net # Reference: https://twitter.com/wwp96/status/1229494871611920384 # Reference: https://app.any.run/tasks/980141ee-98f3-4326-9ef5-2a1acd5c8132/ 216.38.2.218:7675 # Reference: https://app.any.run/tasks/7051fa40-d545-4b09-806f-abf866a589a3/ 185.244.30.36:1754 boss5.hopto.org # Reference: https://app.any.run/tasks/a3cc6d4f-b8eb-41bb-94ab-409760f59a92/ 185.140.53.132:8282 donsea1234.ddns.net # Reference: https://app.any.run/tasks/87098615-d1b1-445b-b21f-a7a0712c98ed/ 79.134.225.69:4543 # Reference: https://app.any.run/tasks/c85f3964-ca15-4399-98fa-2c5155f49a50/ 79.134.225.74:54985 # Reference: https://twitter.com/wwp96/status/1229808427595190274 # Reference: https://app.any.run/tasks/fba6b380-5971-4bff-8673-15a96a00a721/ 168.235.111.253:9083 # Reference: https://twitter.com/ahmet_han64/status/1230040535416614912 # Reference: https://www.hybrid-analysis.com/sample/cd633e4e0741bcd242aac073dca1e4e124798343a756f8cac8a3778a952ad089/5e4cba5f6475ee0cee5f50d0 192.169.69.25:9301 91.189.180.204:9301 # Reference: https://app.any.run/tasks/220842cc-ac51-40ac-acdf-9516d97c5d63/ 79.134.225.73:8282 judge777.ddns.net # Reference: https://app.any.run/tasks/327d0805-32fa-4b82-b890-7d0f7ca21fab/ 79.134.225.11:1245 icemanbad.ddns.net # Reference: https://twitter.com/reecdeep/status/1230515771417284610 # Reference: https://app.any.run/tasks/f9e49656-e2e3-4b3b-be6a-a70fa43d5241/ 79.134.225.91:8766 pacotdc2019.duckdns.org # Reference: https://twitter.com/wwp96/status/1230579094234030081 79.134.225.35:1985 # Reference: https://www.virustotal.com/gui/file/959c0aacbd5186ff3bd1f27a8e40e83293c7ca41a90d46ad2811f58c6417b904/detection 79.134.225.38:1985 # Reference: https://www.virustotal.com/gui/file/053a007597f6e5b737ffacde94f9712bfd453dd9bb6a3993686b342fbe130532/detection 184.75.209.178:1700 ghostville.duckdns.org # Reference: https://www.virustotal.com/gui/file/ded81b1c333bbb3c7a5430ab7472d5797adc23e2fc69fc648e7e0b0078b66040/detection 79.134.225.38:1159 iammrjeff00.duckdns.org # Reference: https://www.virustotal.com/gui/file/3999bb2732a9a80181cd037dddc40e5286b128263dd0061d2ed84edb8888ec97/detection 79.134.225.38:9090 samnow.duckdns.org # Reference: https://www.virustotal.com/gui/file/9f42f2793e9c55c8c10823bc8a56b8b94326da414b51b31c0cc9cf9e4fd96342/detection 79.134.225.38:8090 # Reference: https://www.virustotal.com/gui/file/706dd8b75029416a175491653fca69711b10e38f91012a19fc68804421d92644/detection 194.5.97.82:8090 # Reference: https://www.virustotal.com/gui/file/b386ab7b5c94d5ce80fcf6adf6953419711fa9273a37dd326a5a609d99841a0b/detection variakeburne.ddns.net # Reference: https://www.virustotal.com/gui/file/c937c0cf76c12b8e7cb215c5bdb729ba0d3660acc154f18c639111b660d52f0e/detection 185.140.53.139:19603 # Reference: https://www.virustotal.com/gui/file/91ed38c4e0e79d80d544ed31f111c9e9d361ec80a10b0c6f9000d21cc90ea3d7/detection 168.235.111.253:9098 # Reference: https://www.virustotal.com/gui/file/380d55a6e9767ea2328f7e3bf93b4d68a757d4e45a8eafa8487e1ce616c97db1/detection 168.235.111.253:9086 185.244.30.36:9086 # Reference: https://www.virustotal.com/gui/file/d6f8d0dba973952be8fe56e945576f870577b53b89fd6fb885e1ee61087ec55d/detection 168.235.111.253:2197 # Reference: https://www.virustotal.com/gui/file/c906185769cc28b14696f2643907989d3574dd115d59e20321bdf9e631ed9ef9/detection 168.235.111.253:9030 # Reference: https://app.any.run/tasks/45f08fe9-a493-4f1f-864c-b33b6b075ab2/ 185.19.85.157:1985 # Reference: https://www.virustotal.com/gui/file/9cde2dad4fd9632aa2769b10f58e63c013b5ef26bda897cd40154395abbba600/detection imaima.duckdns.org # Reference: https://www.virustotal.com/gui/file/8adbc3d50822af6569c8ca12680a24a9e4290c5d1a967b81bce8342515886bad/detection # Reference: https://www.virustotal.com/gui/file/9702d39680bc0938d860b686e54c14a41ebc2eae76a5fc94d7b244402a23687a/detection 168.235.111.253:5426 vimlatedrock.duckdns.org # Reference: https://twitter.com/wwp96/status/1232378199201456129 # Reference: https://app.any.run/tasks/b7137a63-3ca3-4594-8586-fa8b49fc03c4/ 79.134.225.124:1985 # Reference: https://www.virustotal.com/gui/file/e9b1fb95ae5973df88037568836cb201221e66d4505c178ba65fc07ef7a205ba/detection 168.235.111.253:4514 # Reference: https://www.virustotal.com/gui/file/c1f5c0f5907773eaa369f5365a0b796eaad59e81e6ce08b7085b095f16bf5232/detection hexmia.hopto.org # Reference: https://app.any.run/tasks/91dfe27d-be3c-467d-9b98-e4487c92c86d/ nasiru1144.ddns.net # Reference: https://app.any.run/tasks/3f88ecf4-ae3f-414b-adc3-1cf0a087d071/ anekemoney2.firewall-gateway.com # Reference: https://www.threatcrowd.org/malware.php?md5=02639282e0f87b6984fb35053c66c201 franklyn2016.no-ip.net # Reference: https://www.threatcrowd.org/malware.php?md5=0a3ebdd830272773b8a4499704737479 skinner21.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=0b71f5cecef084fbdde18621564832c8 vyrez.noip.me # Reference: https://www.threatcrowd.org/malware.php?md5=12cdecbcb60e6ba32b4acf379928c9de danismecherul.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=159e42f07db11824fbdd6824f90aeecb mrpounds.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=15e8a490ca52d93de6975c9d40e79119 xiprime.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=199ee7655ba308f77dc0666773bce21c qwertysuxsucc.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=1baa2ab0eaffefac5c123a349ff1ce97 aarondrew313.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=1ecbc809984ec9e4c500351de27792c0 nanocore01.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=21f95400507eeeb6221a893f85739d8b rootclaiu.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=27c7b5663720100697531ae5f4c46631 essads14.no-ip.org # Reference: https://www.threatcrowd.org/malware.php?md5=29ab6292073e8a1e37b0949cd32d9b01 cd363be7.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=2e7245e5ec4e8d620ec02473234623be omerenes.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=2e89bc14251558bfa44524e9d109f6d7 jesusman.fishdns.com # Reference: https://www.threatcrowd.org/malware.php?md5=31b061a12c275eaf34b60c81dc8759c0 cvcv.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=58ba07cee30ad1e5b6ed7e3bc2138c24 chologee23.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=58fbcf64e6cf3cdde6aeee9ed34cdff8 skeet21321.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=5c8c132812d81060ed09627e78ec86c9 bruteforceok.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=5d032c3e6334e4165b9f20dc30b7659c lauracooper.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=688fd5fe14223141c68b08bbf7bd7f57 fefete.no-ip.info # Reference: https://www.threatcrowd.org/malware.php?md5=68fa2e206073a5f1d4690a5dee96b4ec devapple.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=6f816ad99c4f36cca6494cef0a326dc6 ix89bwk6as.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=7591d1f387707d30ff8b1e36e3562399 win.updated.dns-dns.com # Reference: https://www.threatcrowd.org/malware.php?md5=7bc67702c321c69787eb67b67827d1c7 smithbarry855.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=80de0180d9629515e1940f42c0bfca19 shareimages.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=839f04182d2e285af3d38d44aa1ae1fa thenope.no-ip.org # Reference: https://www.threatcrowd.org/malware.php?md5=85c910a787788fc381194209e152a8a5 calmcserver.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=8814d0c3308aa93982f82db465dadc85 java12.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=8931a69c1c1073d2cbdb50ea4d1fb511 haybay2366.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=8d0a659f2366e216d5bef4a9e18c537d mediaftw.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=8df3a77be5063033fd8ccd91a5a02b0e exceem.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=8fcad26d5424a3f46a3a61c3fcc5fa36 nadeemakram.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=92e9495e113a357c40e6c37eb198bae5 vbnxmret.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=95f2f37cac1d3eb32d5178a7e780830c qhwl1234.codns.com # Reference: https://www.threatcrowd.org/malware.php?md5=9c5ed347caa0180db682deaf03f6b7fb yourmodzv212.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=9f57950558739874b6ff1fdaf88e737c zibridezibride.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=b050651139ad721ead7aebbd7d82e0f2 nanocoreacc.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=b62b22a42c3c260847d17c58bb73f33a lugz11m2t.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=c46a16db249dfdd1c181f7f1c6619162 telekom3.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=c5c4d30f5ad98dd1657077feb882d276 jamzv3rm.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=c5fcf12de2d32089b1b263e5ba0bd68c sheepsurvival.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=ca178716a912e894d28fbb7b1352f597 serverzkaw.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=cf9fdb60ec011a1e6158f637167df7c0 asjkdhas4.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=d2686f1d7f966f371bfc07987eb2867c amnezia.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=d48b4efa8f06f9b320a9a29e3773334e granzhost.sytes.net # Reference: https://www.threatcrowd.org/malware.php?md5=dc80f65013995543a541d2d5f8ac24c9 joseagre1.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=dedccc515a8b4ff8c2e4dda7206a2fc7 zvezdahackingg.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=df0e56236a813d09d5a787f5b8bca4d5 ashleyr.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=df917731572a61435acadb6048255f7f loolll.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=e8276566f12377498ee39660597e9044 privatedns.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=f9dfadc59165c6a17f448efa84d5f4b4 santancelup.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=fdc6ea5827487edd9ecd0d81151ee15d vaporr.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=46af54359ef7057ea2675c338e002b5d godwin101.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=fdc6ea5827487edd9ecd0d81151ee15d vaporr.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=31011d10e2edfca87ca20bbab77567b6 cnc.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=cf9fdb60ec011a1e6158f637167df7c0 asjkdhas4.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=e738f0c550c4cb3bd9f4a427a56a4475 undetect3d.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=01bed136f79666dffc07b8186ec94117 pop101.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=e08642ad9591361277efe2c1a49712c3 my0.no-ip.org # Reference: https://www.threatcrowd.org/malware.php?md5=2cea5cb1ec5d2c5cb17c1347120ccfe4 blackflash.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=31c27a3f98099c910988aaa228e3ccf4 testingrattest.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=4dcc3cffe3ddc5ddf8930ea60b510c7b lawlogslumi.ddnsking.com # Reference: https://www.threatcrowd.org/malware.php?md5=55429af6abdc6a4ac7c84fd8016fcfc7 holly147.no-ip.biz # Reference: https://www.threatcrowd.org/malware.php?md5=9a27502e8ea79e83445ee8635526f024 kaymonitinz.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=a339a7bbf0946e12196279cfd65a3b3c lolz.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=a69b05f40b76fc6913db101e9f31cc79 window001loading.ddns.net # Reference: https://www.threatcrowd.org/malware.php?md5=bff8812e52d6877e25b8d8483ef213b8 flamzy.hopto.org # Reference: https://www.threatcrowd.org/malware.php?md5=c8e3af05993ed49e739c3a6bab3be941 lowass.zapto.org # Reference: https://www.threatcrowd.org/malware.php?md5=d1238588a2d9ac95729da9f22fa125ea ksaohu.duckdns.org # Reference: https://www.threatcrowd.org/malware.php?md5=128135233d7118586a354301d9a72abf ikenna.duckdns.org # Reference: https://www.virustotal.com/gui/file/3d703598b766b4b67a376070a3375c35be84502ba6f6a283653d99e807795290/detection 192.69.169.25:53998 mmoney419.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/e8e8fd3573a4c5de13242542b73fa224416af2dea45abb3d7adb3f11dd7e0844/detection 185.247.228.250:5001 dubaidhllee.ddns.net # Reference: https://www.virustotal.com/gui/file/d7e5e13b5036cbe32a44a374c0cf24e60a677322a058680b4f589699cd2b6aad/detection 185.140.53.253:5001 # Reference: https://www.virustotal.com/gui/file/b853f6fffad4a9f049eedcb11df57810294e3a112e7285d797400abe30d1f2c7/detection 91.160.15.92:33840 # Reference: https://twitter.com/Paladin3161/status/1234465325426429953 # Reference: https://pastebin.com/MFtzrQj9 188.209.52.49:1333 anekemoney2.firewall-gateway.com # Reference: https://www.virustotal.com/gui/file/bee6bd91c3bbe94742faab32f942fb6f7939997881c93a9865e3b95d2ad365a5/detection anekemoney1.duckdns.org # Reference: https://app.any.run/tasks/f87060ce-3ea5-4e8f-a763-977c04db85ee/ 91.189.180.193:2008 anny.bunnikcreations.co # Reference: https://www.virustotal.com/gui/file/249f6c1224fa45910e63cf6db65bb5c1fab4888465575243139b54b045d26569/detection # Reference: https://pastebin.com/wtXfZfaU 100.33.151.58:25565 # Reference: https://www.virustotal.com/gui/file/29d60e47d78023119a9f34d915ddc430b87ae2d729a0da3b595d3ddb2f0a7125/detection # Reference: https://pastebin.com/wtXfZfaU 107.13.9.174:2302 kamisama.ddns.net # Reference: https://www.virustotal.com/gui/file/780d178e61f836263e1dfb725906fd7625b3292fde06a8615aab0d1ac6f1d466/detection # Reference: https://pastebin.com/wtXfZfaU 185.244.30.5:1790 192.169.69.25:1790 adikaremix.duckdns.org # Reference: https://app.any.run/tasks/a982dc56-5d30-467f-a5d1-b97d9a165990/ hdstlindos.duckdns.org # Reference: https://app.any.run/tasks/3a39d8b0-24ce-481d-9b1f-14e9b7f1de22/ uzonna.ddns.net # Reference: https://app.any.run/tasks/1e329dbd-0dd1-4971-bd8a-7434568d3f97/ christiantony388.ddns.net # Reference: https://app.any.run/tasks/141b8425-d632-411c-b761-4d88be7f1c2f/ # Reference: https://urlhaus.abuse.ch/url/321143/ kingsley11223.bounceme.net # Reference: https://www.virustotal.com/gui/file/15005820e628c7ffeb245bfc4ce91797b1976847017c72fec362b688cc214c0d/detection aefaegaa.ddns.net # Reference: https://twitter.com/wwp96/status/1236022174361804801 91.189.180.208:4822 u869048.nvpn.so # Reference: https://www.virustotal.com/gui/file/0cdc24b5f7cd6c1a7348a83fe9e883442f88511d0f837fc7d8c92e4fcb881fd9/detection somore-tw.ddns.net whiteson2017.publicvm.com # Reference: https://www.virustotal.com/gui/file/6694c0eaed25095caf692ae82bf7262c03042b6b74d9363f6c606ca0cb5eeb15/detection 64.44.42.148:1993 # Reference: https://twitter.com/ScumBots/status/1236630827494227968 78.156.87.166:1234 # Reference: https://www.virustotal.com/gui/file/3e7f484ab204444240455f5538a17ce8629830e0da11d9a59e08412a59e3d0a1/detection 78.156.87.166:54984 # Reference: https://www.virustotal.com/gui/file/7b8359d49ddc798e2fe6b8af13763ab6678ab249ef0a4ebdbd4b8938a1248b32/detection 78.156.87.166:1604 # Reference: https://www.virustotal.com/gui/file/eb6919c14097aadb6bcb8d4e95eecfa0f646f28eed5204d999b5d6318b71699d/detection shellz.zapto.org # Reference: https://www.virustotal.com/gui/file/266dae07ba5e60743f7146f6c875c410ec0998cc81407e81a2e26a646d446929/detection 185.140.53.246:3734 # Reference: https://www.virustotal.com/gui/file/9088798b575a0c758ea7c299043faec477b7c17e395bf47f52a739ed33bd8165/detection astroyax.ddns.net # Reference: https://www.virustotal.com/gui/file/c62e468c8e3dcb9fc103f7366ac9072c933702bbc5f8ffe28665b17328d5c721/detection 83.179.133.195:1337 # Reference: https://app.any.run/tasks/80663b92-a9b4-4e9c-a0b7-0bf13c53a40e/ 185.244.30.137:4242 updtadmin.hopto.org # Reference: https://twitter.com/James_inthe_box/status/1236977119223140353 t6logs.sytes.net # Reference: https://twitter.com/Jouliok/status/1236904231568846849 # Reference: https://app.any.run/tasks/762d9be8-9407-4e77-b5e6-8511f5e0a565/ 185.140.53.202:2556 99grams.hopto.org # Reference: https://twitter.com/wwp96/status/1237145372197347328 # Reference: https://app.any.run/tasks/5ff407b2-fe2e-4230-bd9e-8ccc9d081a29/ 185.140.53.133:7575 oluwa16.ddns.net # Reference: https://www.virustotal.com/gui/domain/chukwu.ddns.net/detection # Reference: https://app.any.run/tasks/12abed54-e85e-4020-9d81-ac0141c29811/ 185.140.53.132:2323 chukwu.ddns.net udochukwu.ddns.net # Reference: https://app.any.run/tasks/79c672e2-2062-429c-b6e8-fe8f05b2f6f6/ 192.169.69.25:8855 galli032020.duckdns.org # Reference: https://twitter.com/wwp96/status/1237792559499542528 # Reference: https://app.any.run/tasks/6f2ec92a-fe34-453d-b865-21475b8099bd/ 172.93.148.195:50578 importantbuild.duckdns.org # Reference: https://www.virustotal.com/gui/file/1e98947f35cfd7b8963d61a6c6e93a1fcef59007d848c38f1a2983204ecfab35/detection sarlelhassan.ddns.net # Reference: https://www.virustotal.com/gui/file/d99910a312e18930dac22d3fe47052bcf6494a997a885e14df5b45b1b0eb010c/detection 79.134.225.74:2177 # Reference: https://www.virustotal.com/gui/file/b95b561812b9edaefbeeef5846a210e0d0987c0dc767e47279793fb3a42d55a8/detection 192.169.69.25:2177 # Reference: https://www.virustotal.com/gui/file/9e1696ce8c587e12dfec366f6d6bf187774d305af4702c77d66f5186fbb4c590/detection 79.134.225.74:54984 # Reference: https://www.virustotal.com/gui/file/f6720adca970fbcd4b79b60999f84af6ec92970247f5a19020dedc0b87399ee1/detection 79.134.225.83:34681 79.134.225.87:34681 # Reference: https://www.virustotal.com/gui/file/f6720adca970fbcd4b79b60999f84af6ec92970247f5a19020dedc0b87399ee1/detection 79.134.225.74:34681 # Reference: https://www.virustotal.com/gui/file/ed3139ed9ef56043c259aa2b2f2cf6b180aba8a73e69f52d7330e9d60dedcb1c/detection 81.171.57.77:2117 yettye.ddns.net # Reference: https://www.virustotal.com/gui/file/858b3dcf9b1a72b960a4ce54d8802a022702a74b56f225c743f5a393c720913c/detection 79.134.225.74:2117 # Reference: https://www.virustotal.com/gui/file/3c9a56aca9cdcff02c7a5fbbe801263f8054783591adfc7ce61d6ece6d27d1b8/detection 173.213.86.150:2117 # Reference: https://www.virustotal.com/gui/file/786c32b8080bee2501effab2715fd9a4944cb2ed507e3e0130f55ba1272caaf0/detection 79.134.225.74:1985 # Reference: https://www.virustotal.com/gui/file/9aefbd2c01aea439f398ea5f91e9869a5769cd2eaef130fded79b3b32801e8da/detection 79.134.225.74:8282 hustlesss.ddns.net # Reference: https://www.virustotal.com/gui/file/17f284b1c09d315e1ff3bc40b3d278990af4acd152ebf79a8538b14b8d837313/detection 79.134.225.74:8787 # Reference: https://www.virustotal.com/gui/file/02cbaf9ad111f07db495e03cfffa453365e8394d203da5dfdb9639667e8d2e98/detection 79.134.225.74:37186 wizk4321.serveftp.com # Reference: https://www.virustotal.com/gui/file/b82081c0920be79295f4598dac1d48be70234d05b6c22528058faa876fab100e/detection 79.134.225.113:37186 # Reference: https://www.virustotal.com/gui/file/258a33e1a09ea556a4aa613e79946c06b768e487a3fae7195ab84352748f099b/detection 79.134.225.74:54984 # Reference: https://www.virustotal.com/gui/file/5dedd71f0cf71bc75cf31b5c2f71449577bf92369c22605e8924bddbd36dd9c8/detection 79.134.225.87:54984 nannnc1.duckdns.org # Reference: https://www.virustotal.com/gui/file/5ad93b36f0aae0ef89c8716f5d9e1839555f673940c12e84bcd6c016a63a7ede/detection 192.169.69.25:54985 79.134.225.104:54985 79.134.225.113:54985 # Reference: https://www.virustotal.com/gui/file/d9dcdef4fea2521509bb3eeae3dab75392ac903891f0f3161a3a30ff6f26010f/detection 79.134.225.100:54985 # Reference: https://www.virustotal.com/gui/file/f500d7b3d6874efe5ea3a3ff832d8266991a3a48a563ad446628f3a1ab75405d/detection 79.134.225.113:9497 surrati.ddns.me # Reference: https://www.virustotal.com/gui/file/728ea826497ff306b002091bebc9cc0a69f3c8b47e2a876cd76ccd4c2836580f/detection 197.242.114.181:55420 # Reference: https://www.virustotal.com/gui/file/0842a9ae0d0676343e7843c118da6b5e450352c45642ea27e386c7065d4c71f9/detection 154.120.78.10:55420 # Reference: https://www.virustotal.com/gui/file/81750b2959b3c1059eb805bbae94312fcaef9b409502f8022358db82a8f3ea0c/detection 185.247.228.41:55420 79.134.225.117:55420 blessedjboi.hopto.org # Reference: https://www.virustotal.com/gui/file/7618cd1e9e2ca86f97552e1c3584f418ffd17141832c913021b5c3694914106d/detection 79.134.225.97:54985 # Reference: https://www.virustotal.com/gui/file/cbba9358207b9f7e45f448a2116f098f7476b05afde3a766bc757af9cacacb84/detection 79.134.225.113:9005 opussaoapaaulo.serveftp.com # Reference: https://www.virustotal.com/gui/file/2f096033f86f1724b9eff06654a45bdf8eeb928d38fd83a591c53649878f0829/detection 79.134.225.117:2114 donald081.duckdns.org # Reference: https://www.virustotal.com/gui/file/02a8e9534c4f59ca716b6b12a747eb8ff395fb1c03ce032901aaca60d1072172/detection 79.134.225.117:54 # Reference: https://www.virustotal.com/gui/file/f9436595968d10a0b1b146e8e970e3bf1c9faf8f9ebdb2b583e31888c4189623/detection 79.134.225.97:6565 # Reference: https://www.virustotal.com/gui/file/fda4b6acd7c4277dc30ed516c360957a931043c6881de0eab69c77ab217a254e/detection 79.134.225.97:9737 # Reference: https://www.virustotal.com/gui/file/367def98e7a3d0b3af07add144180dc09e4e29b1eb9181a51c338a9cf09b8f06/detection 79.134.225.97:4040 # Reference: https://www.virustotal.com/gui/file/3c9d86be0837c561a345c71e41387c04aac3b69f4cb533092926bf7dac1af342/detection 79.134.225.99:3369 # Reference: https://www.virustotal.com/gui/file/14e03864aad7954e2221188f04fb9b48af5ded6e8ab492794ae52e4128682d9c/detection 79.134.225.70:1982 # Reference: https://www.virustotal.com/gui/file/444cc81f219ebc02dbaa89e8e0f17a7c36f0be6f6c98de7a9a108c2c46d91821/detection 185.19.85.155:2019 # Reference: https://twitter.com/malwrhunterteam/status/1240243238574964737 # Reference: https://www.virustotal.com/gui/file/9bb70d76fa98fe7d87bced0cba5b22d661b14f3ea899d3b7d62e1d01932deb5c/detection 79.134.225.83:9030 nnewestttt123.ddns.net # Reference: https://www.virustotal.com/gui/file/cdc5353ad4befb9a542cb77f3148d70f2ef1979e55b4477d06d6a593269fb8cb/detection 178.124.140.145:52802 185.165.153.39:52802 # Reference: https://www.virustotal.com/gui/file/adb5d13e908d73d1f78d589bcc49b543f3f7cec5c36b276d4d7f5fc40012569f/detection 185.165.153.39:56202 iconboss26.ddns.net # Reference: https://www.virustotal.com/gui/file/476e0d8ab1f2f97b6b4a68d6db40379ae74507244c474f354f3b11e16ee8fafd/detection dllicon.ddns.net # Reference: https://www.virustotal.com/gui/file/cc86feb156ff7bf80725bdb8e7f5b645c3c1c4be0139a7f0df26900a96400eac/detection wfawiz82.hopto.org # Reference: https://www.virustotal.com/gui/file/6e665b75bf21f47471fb2233e0d8e1db1e088c5d761bfd769b05cc25fa21e0d2/detection 178.124.140.145:9101 # Reference: https://www.virustotal.com/gui/file/c9a22cf54ed88e4ef702b431dd51ef98ead052b15cc804319cd5b6c34db89bcc/detection 79.134.225.106:4343 xyzeeeee.duckdns.org # Reference: https://www.virustotal.com/gui/file/92a5e29476cdb43a5d56b2709e98a54e1ef4e4af24d4c136caa8a147014898a6/detection 178.124.140.145:30089 185.165.153.92:3434 # Reference: https://www.virustotal.com/gui/file/c8f9054a37d4ef1a9efb904f5bbda46f4a40c70b4737a24ad19f5425c61c71ad/detection 178.124.140.145:6767 # Reference: https://www.virustotal.com/gui/file/6ae95440cd07d0ae0b9e078a2b6b4862a9b49a4ffba17d8aabf15b2b8e3bae38/detection 178.124.140.145:54984 young4h.duckdns.org # Reference: https://www.virustotal.com/gui/file/dbd27ea85f0ad5c4a4aac900013a727e9931cbd524be86b29f68937112405e24/detection 91.193.75.137:1604 # Reference: https://app.any.run/tasks/18e82db8-9852-42c0-b37e-85ff0ceeb152/ 185.165.153.175:1604 # Reference: https://www.virustotal.com/gui/file/6b75103f3470b07accec228ccea676fbbfe3974cebff4c0df417c126f10d988d/detection 185.165.153.228:5353 kobi1.ddns.net # Reference: https://www.virustotal.com/gui/file/9d3ec7f8db9d701a1bd73a7363b1aed1dc87ee60c321e50c96d971b37f84ee25/detection 185.244.30.156:2018 51.83.33.56:2018 51.38.37.161:2018 80.94.92.153:2018 malkisod.casacam.net skodrf.casacam.net # Reference: https://www.virustotal.com/gui/file/d7073488b97d5c17a6a2721bd65a35d9a129769456de8e618bfe4739cda409c6/detection 185.148.241.37:5216 # Reference: https://www.virustotal.com/gui/file/6d1122689c4aed19e90c120bba0b746b256447fbd2b04d2cf3ebe650b3537a08/detection 129.205.114.15:5216 # Reference: https://www.virustotal.com/gui/file/0f5244c4373ad06600a72b8fa87f1ce3e41e4d93d3c07531dfaef58a107bdf51/detection 185.244.30.96:5216 # Reference: https://www.virustotal.com/gui/file/642a01629037276ca8c29234fc5095d8e7d0b4319d312f3b0fa13ca024b0a503/detection 46.243.189.132:5216 # Reference: https://www.virustotal.com/gui/file/35a2939df07015682909ab0c5a2930e9ab29b9e4d1f48366008a7fe4994b4b96/detection 41.203.73.47:5218 41.203.78.235:5218 # Reference: https://www.virustotal.com/gui/file/c1fa9caa647cec3aa02a9a84dba839f5df990356b76cee1a042be76ec940d461/detection 41.203.72.171:5216 # Reference: https://www.virustotal.com/gui/file/1b3d6fadcd41fddea318c3493bf987824f8aa433e9725bc917fabffe93bfb30d/detection 3.20.98.123:13672 # Reference: https://www.virustotal.com/gui/file/17e17288aa6e590b8218e045ab6577342c815d85d66a9a0f46ac85052c04ba49/detection 3.135.90.78:18896 # Reference: https://www.virustotal.com/gui/file/fb8a9115a77f891b79f8d77bab661a6276292479b15f74412fb9c72241d9291b/detection 3.13.191.225:14407 3.134.196.116:14407 3.135.90.78:14407 3.137.63.131:14407 3.17.117.250:14407 3.20.98.123:14407 # Reference: https://www.virustotal.com/gui/file/c88406a21e864429e15a375c3d008c877dd36ca82dfaa97703f1a86f6e55bfdb/detection 3.13.191.225:16437 3.135.90.78:16437 3.137.63.131:16437 3.17.117.250:16437 3.20.98.123:16437 # Reference: https://www.virustotal.com/gui/file/1b60128c20a12c59a43895d7f9fe844001b3362eda0829f8a808fc1d2c1541a2/detection 3.17.117.250:18433 # Reference: https://www.virustotal.com/gui/file/a58405d1d57121e801d13c7c10d5fb2d7e9eb860e513871106e6e8f0ac4813c2/detection 18.188.14.65:10680 3.134.196.116:10680 3.135.90.78:10680 3.137.63.131:10680 3.17.202.129:10680 3.19.114.185:10680 3.19.3.150:10680 3.20.98.123:10680 # Reference: https://www.virustotal.com/gui/file/1b6735b62f4ceb25945e1ab7aa8dbbb525fe72500fd613acebbfe8c80742561e/detection 3.13.191.225:17430 3.135.90.78:17430 3.137.63.131:17430 3.17.117.250:17430 # Reference: https://www.virustotal.com/gui/file/41ff32ed2537a5e3382df01fadc43f812806c771b18e775c53046a0d650bb000/detection 178.239.21.246:4040 # Reference: https://www.virustotal.com/gui/file/07607b3b0d00852fcf9bef207e768c173823e4f1b105203083e4bac4873357eb/detection 91.193.75.139:4040 # Reference: https://twitter.com/Racco42/status/1242062113985777665 # Reference: https://app.any.run/tasks/b5ebe671-50bd-4b4d-9e8b-0df875e321f2/ 185.140.53.183:1607 bossmandj.duckdns.org # Reference: https://twitter.com/K_N1kolenko/status/1242061809894506496 # Reference: https://twitter.com/K_N1kolenko/status/1242061777627684874 10000euro.duckdns.org btctopsss.ddnsfree.com cliffordgothoes.ddns.net darksoze.ddns.net dojlohosted.ddns.net dojlohostedaa.ddns.net hello8824hi.duckdns.org houdksps.loseyourip.com jahlol23.ddns.net ratyz.hopto.org sfghj.duckdns.org sj3hs.ddns.net usd10000.duckdns.org # Reference: https://www.virustotal.com/gui/file/643d3883d4412c3e2c0f1c83c26e28f86f04853f95f0891396309a2775a7c4e9/detection 79.134.225.115:5654 # Reference: https://www.virustotal.com/gui/file/5e7746bbd847956193c5b9082f3cef9ed79f89171277abbe25ea84b37d217631/detection 174.139.10.194:2404 79.134.225.114:2404 # Reference: https://www.virustotal.com/gui/file/0b5e4b2e45553015124e4095713f04db8285e46bbb191b0d079754ca5b7e10e9/detection 192.169.69.25:5654 # Reference: https://www.virustotal.com/gui/file/d41e358f82a940f25b7ae5939bce0b13f2c5f80124b26b4016eae457e0873ece/detection 51.38.37.161:2019 # Reference: https://www.virustotal.com/gui/file/bdf6ed015e24984b8023a1801235968d27cf041561f19161c7075de0c1e515d7/detection 91.109.180.4:54984 # Reference: https://www.virustotal.com/gui/file/3305ed40c396196e027ea2d5e84f89c93256b7ffb987b663e43717c0c1936708/detection 91.109.190.2:54984 # Reference: https://www.virustotal.com/gui/file/bce296a9962745d31c90b036f0d04d13d54d09146680d9dd105fc2828760009e/detection 141.105.71.87:1608 # Reference: https://www.virustotal.com/gui/file/3c2596940559732bc88a38c163c70bf9f9a9d49fc065be8aa4bcef7a299418f2/detection 51.178.27.101:1616 # Reference: https://www.virustotal.com/gui/file/aeee68960b2fb89bcfe21d97935f3373ee6cf1e784402dd7f33ab90483621f1a/detection 172.248.73.173:1085 # Reference: https://www.virustotal.com/gui/file/56b79fd5456c0c6e1204929c9ac39d63412a880df0a0df853ffe95e37077700d/detection 85.59.25.5:6666 nexta.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/b0fa398dd6067c7cabe937e098a7db9e7444b839c38b454028487f791b57788f/detection 181.141.45.186:8052 # Reference: https://www.virustotal.com/gui/file/9b7d374557e1d3a21711d4c34d14a04da8c7cd2003c1632143f30a9626246a69/detection 181.141.45.186:7070 # Reference: https://www.virustotal.com/gui/file/ade5157c76d20dc880acfec7481d106f52ca11c156b3b4f75d4919d3a1c6caaa/detection 185.244.30.19:1887 # Reference: https://www.virustotal.com/gui/file/225ea283cdfa2b5d6d5fa5487fcc2040745eed6b034631ca5785a67ba88d145f/detection 121.74.13.197:3389 rattydatty123.ddns.net # Reference: https://www.virustotal.com/gui/file/cb431cfd0c604d06c64538d24491d9e9d62a3b364655726f01bb24e149254e78/detection 91.193.75.25:2019 91.193.75.7:2019 ser1.vietlime.pw # Reference: https://www.virustotal.com/gui/file/64f3a65cd26e66101ab2781dd1c4e6d9993c70d61e566e4a9bca18645b41ef29/detection 91.193.75.7:9900 # Reference: https://www.virustotal.com/gui/file/404f7735858e2c93e516336a0d8e3b4f71bc475c225b107266fccfc6b69fe1b5/detection 91.193.75.7:1997 # Reference: https://www.virustotal.com/gui/file/5baccf223ea0ef2f75c9c73d12d1345638ebd9cf37e1eb510db38993c6accbdc/detection 91.193.75.7:1991 # Reference: https://www.virustotal.com/gui/file/bce7f2335162d827020c4b4db3c54cad4e9a680e7abc541f6e6fb1f3126a1386/detection 147.135.100.70:9031 # Reference: https://www.virustotal.com/gui/file/dd9a321bb24ccbf849781e37b1584080ae140a14c73a80ee417eb9d595457efd/detection unexploited-spans.000webhostapp.com # Reference: https://twitter.com/Jouliok/status/1242190956033716230 # Reference: https://app.any.run/tasks/9bcff652-b8c9-46db-9704-748575d217d8/ asianway.mn 205.169.57.91:10830 10830.duckdns.org # Reference: https://www.virustotal.com/gui/file/f75542b5c3ea4d61295e9ea44b89c62a9157c7ae209fe727ec5d703ac0125cf5/detection 141.255.154.34:110 # Reference: https://app.any.run/tasks/a7a090a4-3cf3-44e0-941d-32212f5b6011/ 185.244.30.19:2998 jk5151905.sytes.net # Reference: https://app.any.run/tasks/62817794-baa5-4744-a2c5-27b49ecc50cf/ 87.218.53.50:1604 asdfasdf12.ddns.net # Reference: https://www.virustotal.com/gui/file/5b4b74f5d6a321f07c5d37a1bdc642ed6f13cb1735ac0e9acb6ecca1bc0ee054/detection 216.170.114.99:54984 # Reference: https://twitter.com/ffforward/status/1243098924245815296 # Reference: https://app.any.run/tasks/8a688964-553f-44a8-b03d-604c041f7bef/ # Reference: https://app.any.run/tasks/b504ce3c-9c11-4fef-a72e-baae3ff9b1c7/ 185.244.30.158:53488 91.193.75.53:53488 backupnano.onthewifi.com earthtradeint.sytes.net # Reference: https://app.any.run/tasks/dd404186-922f-4988-9c50-9bc1ba389b48/ 91.193.75.7:2012 mercy222.ddns.net # Reference: https://www.virustotal.com/gui/file/5a244d09771f686d57d44886bf613f5bf7e744b8b2ba0f2b791ec0e6b18773ad/detection 91.218.65.24:54984 # Reference: https://www.virustotal.com/gui/file/6c6c4d5247b0ea006bdb1f1cfcbc76cacabda39d1df34b767f7c3082b487a49b/detection 91.218.65.24:6666 # Reference: https://twitter.com/ScumBots/status/1243882363093991425 # Reference: https://www.virustotal.com/gui/file/569be57292b0f195a11f31a462a1cd2ec7278c826697762e64c5ea10a3b1dbea/detection 79.115.83.86:101 # Reference: https://twitter.com/JayTHL/status/1244005504038379520 # Reference: https://www.virustotal.com/gui/file/62c6b78da2b5da0b5ea9dc2424634ca7ece3de964f4edd9c617ab62344d13c65/detection 76.189.243.198:64367 hellomeee109.ddns.net # Reference: https://www.virustotal.com/gui/file/d8e67bc701edd8d568ad869bba5914c60ae015904b719d7da961887ba6f00a8e/detection 76.14.164.20:1085 hostnamelol.ddns.net # Reference: https://www.virustotal.com/gui/file/e693be42959138be3448bb2b8c0d0a948a5cee7124dc649eae337af6acc56035/detection 185.158.139.32:3636 adelabbasenterprise.ddns.net # Reference: https://www.virustotal.com/gui/file/3f83c36655f2867d87a4341b96d80b3dd3dc7a490aa7d9da54ca4fa870c8df50/detection 105.112.37.1:3636 # Reference: https://www.virustotal.com/gui/file/080787adf87502eee470d472fee29f21b24e39846b8038723b6a0ec8304309b9/detection 83.193.143.58:54984 gounstyle.ddns.net # Reference: https://www.virustotal.com/gui/file/8c1a38dfe1b2e53a3151a695701677b817fd049662dbc5055e7fbb437366fb7b/detection 83.193.151.59:54984 90.30.45.248:54984 # Reference: https://www.virustotal.com/gui/file/c36e7e30a79074c6ca13dd75acd7a794867646083b350bfc3ea89e5ad736f60d/detection 141.255.157.12:54984 # Reference: https://www.virustotal.com/gui/file/7ec1cb6e477faea97fb78093c857099e4fdf72f535cab3433cdeb40a282e6359/detection 185.140.53.221:10123 win2020.duckdns.org win202o.hopto.org # Reference: https://app.any.run/tasks/057de612-273f-4133-9427-2e697d414ff1/ 192.169.69.25:1122 meeti.duckdns.org # Reference: https://app.any.run/tasks/6afce6d9-3261-457b-9c05-a2175978b244/ 154.16.93.169:1338 # Reference: https://app.any.run/tasks/d57b9bd3-aa24-4c4f-95f8-d506c80aacfd/ # Reference: https://app.any.run/tasks/efd02be8-c78b-438e-aa1b-80576b2137c8/ # Reference: https://otx.alienvault.com/pulse/5e821ee9f9dc1acdaaef68b8 91.193.75.250:10004 rmagent.xyz # Reference: https://malwareconfig.com/config/1d22acaa034a6ee34325c54bb9f950ff birdview.duckdns.org # Reference: https://www.virustotal.com/gui/file/bc803ce222401db18f90a9c520f1056c7eb14e297f0330170db6e80e889ae2f0/detection 188.64.170.86:1221 85.140.0.102:1221 85.140.7.56:1221 # Reference: https://app.any.run/tasks/19b69bf8-0552-412f-95aa-0921dafcd0c5/ 89.113.72.55:1604 r3v3nge.ddns.net # Reference: https://www.virustotal.com/gui/file/e792a4627607cb459b2d92e720f7b491cadb7e23b71a75874f31a5d1d4d08f67/detection 185.140.53.117:6735 abdul2u.ddns.net # Reference: https://www.virustotal.com/gui/file/c8745fd598eb89aae1ecca68851c10d267c67fe64fc5af13270ac63ddf1bc2a7/detection 185.165.153.130:6735 # Reference: https://www.virustotal.com/gui/file/356f90df3b413e5236da741e3c3ba67989ac02ec54ac8df060a490349b5d9a3d/detection 185.165.153.160:6735 # Reference: https://www.virustotal.com/gui/file/dfdde0a586f9dce45e0961aa1976c4a6207bcedfa7ca1c99ff62230b44156c57/detection 79.134.225.110:6735 # Reference: https://www.virustotal.com/gui/file/0605b9ad1429d767c6a8ba761cb107a4db15f6b2e4a4d22bbd8f00bf9d46e64d/detection 105.112.97.26:6735 # Reference: https://www.virustotal.com/gui/file/adaa10d25924b65432401bb432f6555b50cb62c13641952dbdbf402b73352666/detection 79.134.225.122:8778 # Reference: https://www.virustotal.com/gui/file/8a1e1866ea4a99033a46cfb91062cc11311bde4f3fa4e954ed74e12c642e7b19/detection 38.117.105.188:8778 # Reference: https://www.virustotal.com/gui/file/20a5a1527eec1367b73b159437504918bef1f6e080aae0e2a1fcca7515db8ed3/detection 79.134.225.122:34681 # Reference: https://www.virustotal.com/gui/file/eda933d530a73850228761fd32a36b0ac3e4831cfa0aac0c2803ae3b31feb260/detection 79.134.225.122:1128 # Reference: https://www.virustotal.com/gui/file/efea239402f5a6e38f46406a6e3642240d05ec832b311c1696bc4aebfefe9528/detection 193.56.28.49:6745 # Reference: https://www.virustotal.com/gui/file/71f16eb4e218ce31c48714915f935505e3c0142842819132c4b047d205a4fd7f/detection 79.134.225.122:6745 # Reference: https://www.virustotal.com/gui/file/10e26dee16c477631fae592194c800da210f15ffcc0dbe878848fce9b2453aa2/detection 204.95.99.26:1888 # Reference: https://www.virustotal.com/gui/file/6e3665d8c49204372b420eb5886812c9232e4a9b5916ec6118c1c738a88c0c09/detection turrrki.no-ip.biz # Reference: https://www.virustotal.com/gui/file/8146df67eee0a3a1301dc50e8b60791dc0582f725bd25152d7906032b4bd9907/detection 98.115.116.236:5353 # Reference: https://www.virustotal.com/gui/file/6ecb083aae745977227be78bc106090cf64fbc680047a55a8050b561478a9ecb/detection mybbbaaa000123.no-ip.biz # Reference: https://malwareconfig.com/config/7679fec5f6bf7206635b96efa52d1d07 216.170.114.4:54932 216.170.123.125:54932 # Reference: https://twitter.com/malwrhunterteam/status/1247203279471349763 # Reference: https://www.virustotal.com/gui/file/57174c910f4a37c16ce2c9d84aac1ca48724069355c2713edf4fed77eb6c19f7/detection 137.74.80.220:54822 54822.duckdns.org # Reference: https://www.virustotal.com/gui/file/ecc83d8e4e5461bd89e4e5f73eeaa9a525572e2c2fab6fc86d7ca20cf3b22cae/detection 194.187.251.91:26758 # Reference: https://www.virustotal.com/gui/file/4083cd0b72787398b39f43278b72ac8c5990857fc667007a359de4b86efe166d/detection 172.94.4.82:3850 service.verrco.com # Reference: https://malwareconfig.com/config/7e6985efb9f5ef15e81292ad68d4fd94 197.210.85.236:3090 won2020.duckdns.org # Reference: https://twitter.com/MBThreatIntel/status/1247669823405830144 # Reference: https://www.virustotal.com/gui/file/7b2512d06723cc29f80ae8c8d6df141f27bc9d962ae76b5651b84d7be4379bba/detection 185.19.85.147:8585 # Reference: https://www.virustotal.com/gui/file/98af654d0e29607dfe8fa61468b55e8519e69d33d0fdb882a339762f597d4b3a/detection 185.19.85.147:1960 eske.sytes.net # Reference: https://www.virustotal.com/gui/file/b6283c5dd3cf377b9bdbadbedeac76deaa482ff0203b75e79cd28a6774a3818f/detection 185.19.85.147:1101 # Reference: https://www.virustotal.com/gui/file/0e3e26e5d1defd9286ee035b8f9f78e1a19919fa7ba693615d4de9160cac6024/detection 79.134.225.114:5001 # Reference: https://www.virustotal.com/gui/file/33db560c1bea3195013b008d6f855b975b4d6f30fab880fb584314b5a73c276d/detection 79.134.225.114:54985 1338099.casacam.net # Reference: https://www.virustotal.com/gui/file/b9487ce9b37e55989e22063cb40646c2363b75732d54754e0b3bcc4c1c054797/detection 154.16.201.190:1608 185.125.205.74:1608 79.134.225.114:1608 bossbaby.ddns.net lelemanu.ddns.net # Reference: https://www.virustotal.com/gui/file/2345e1f5dffa854bc6caf6c0169c04e2436ba7cdd496bb0e70ca8cc7728b9018/detection 151.80.241.80:55800 154.16.201.190:55800 79.134.225.114:55800 # Reference: https://www.virustotal.com/gui/file/e88a96fda41ad6a62eb432611bfed9a71130740563032f7c0c80b66877175a8d/detection 79.134.225.114:2065 emekaonu.hopto.org # Reference: https://www.virustotal.com/gui/file/9a902bf7d145ad4f0343820e40c9318ee42d3f6e2218e4767d8244816616bbbd/detection 79.134.225.114:5060 ablegodbless.hopto.org # Reference: https://www.virustotal.com/gui/file/c12defeb704dbb21f54896cd1f7e0ec6ee3ed1dd4bd3ebf777b95d291f9b05ed/detection 79.134.225.114:20909 oluebebchi.duckdns.org # Reference: https://www.virustotal.com/gui/file/0a71d7b339554366e001adad8691edf98f0ed0f9f1c3b197ac2cfe02a46e8c7c/detection 79.134.225.114:1985 # Reference: https://www.virustotal.com/gui/file/ee4219449fb6bdea07a363d8e00c1cd9bb7dac5470369de5761bb632695419c9/detection 79.134.225.94:2404 # Reference: https://www.virustotal.com/gui/file/3e75fa86d7a14d6e70a3d7bb194f24df460fc1fa285af94f74ebaa62250defa2/detection 79.134.225.91:2404 # Reference: https://www.virustotal.com/gui/file/2a9d6c429718cfd6b72ac6fb23b5cbd94e0d768cdb2834961495023fa13076b5/detection tool404vip.ddns.net # Reference: https://www.virustotal.com/gui/file/0e8eb933f69f9f1779ec1d19b01e3977d840ed57f3b7657acbe3d3674da8b401/detection 79.134.225.114:6454 # Reference: https://www.virustotal.com/gui/file/ff575ec9830622265aae23171bc200a33673dec4f4d7d2a7e8770bba01e3f232/detection 79.134.225.114:6610 nanovip.ddns.net # Reference: https://www.virustotal.com/gui/file/eba6184ce3f28214b75df642a3d683becaed938cec955feba24c8efd6f7c5afa/detection 79.134.225.114:55850 desma.ddns.net # Reference: https://www.virustotal.com/gui/file/8c8ea5753647ed74492c40a54f38d7e4fafe2d47dea4f9d26c292c0e314ecf37/detection bossbaby.ddns.net # Reference: https://www.virustotal.com/gui/file/893c51eaf4ffe28b3246771eb11dfbef662a77c56c33da8b0854511c8d28fb90/detection 192.169.69.25:5654 79.134.225.114:5654 # Reference: https://twitter.com/malware_traffic/status/1248689865799196674 185.140.53.29:4001 185.244.30.247:4001 mbills147.ddns.net # Reference: https://www.virustotal.com/gui/file/051015f961c60fd8b5a6f6f9db935e73b25303c4bfcfaa24cd09a6ecae8fc016/detection cactus004.ddns.net # Reference: https://www.virustotal.com/gui/file/7534b9f48d70953ed739b74ace44c5fdeae45b300c350f970b16969cce9e2c10/detection # Reference: https://www.virustotal.com/gui/file/968c7728a848b87b8d2130b9087f9bbf3b8a7239615482c89c39f8a41036ea98/detection 91.189.180.201:24980 ufok.duckdns.org # Reference: https://www.virustotal.com/gui/file/558a541b16edfd7f5a1ce3e83a5df0a8c0b5408fc9c49b1102cd4f0773c94a39/detection 141.255.148.26:53896 byhackerrt.hopto.org # Reference: https://www.virustotal.com/gui/file/e208a5a1b5c20b1f62fb04fb4033011f8b358a807942c18db9852edb6c5d2af1/detection 140.82.57.249:3614 # Reference: https://www.virustotal.com/gui/file/e6aa23e800e19af4278f0fd9fdf1506b4322057b25e0cb3474a16af4e0435cd3/detection 140.82.57.249:4488 ddns.catamosky.biz # Reference: https://www.virustotal.com/gui/file/6df716e66724e3b9587c4cf6387097e97d28887d4b03dff34f4b48babaf4ed3f/detection 140.82.57.249:51899 # Reference: https://www.virustotal.com/gui/file/ec7415cda38608944e3c156c3efd027f80c33f905c85b311b62aa471dc26041a/detection 140.82.57.249:27694 # Reference: https://www.virustotal.com/gui/domain/googdns.ml/relations # Reference: https://www.virustotal.com/gui/file/906790b2d626cd2f2d13329fbe87c90a1c1fa1713e1ba5c5c8b642d872a9e3cf/detection # Reference: https://www.virustotal.com/gui/file/cc424b8697f3ed55435511670c51c901aadae994ec6f7d0492fa9326fed11e7f/detection googdns.ml 140.82.57.249:50899 140.82.57.249:50900 # Reference: https://twitter.com/James_inthe_box/status/1249698356651102208 gbedu-blast.duckdns.org # Reference: https://www.virustotal.com/gui/file/471316c3fe26f9ca1bff5057899e6ca62780b2a941273290c747b2adc2140eaa/detection 68.168.123.78:4396 79.134.225.91:4396 # Reference: https://www.virustotal.com/gui/file/40e25615e5fbf0d0cf46869521e22d32039f41451f38349e0cb6966b890c5dd2/detection 105.112.106.177:3210 79.134.225.13:3210 podzz.ddns.net # Reference: https://www.virustotal.com/gui/file/aa7be46b03ed635ea3b16d2f91124ced3026c90ae539c51489b12630cb150ede/detection 23.105.131.162:6010 # Reference: https://www.virustotal.com/gui/file/2dcb1213c0c678221ff4eb34caf23a7b8bac13d78ce4cb47b1e32f04492aa716/detection 23.105.131.162:1301 # Reference: https://www.virustotal.com/gui/file/cea30c6b808bb9308d6cbaf2cfecc17fed57c459ee29f597bb6f9e60d4ee0085/detection 23.105.131.162:24246 # Reference: https://www.virustotal.com/gui/file/b0874e7374af2f3c7cf59b30ec64c4b351b0dc9f9d9bd96e49a667eaba36b8eb/detection 23.105.131.162:50002 # Reference: https://twitter.com/James_inthe_box/status/1250904145822801920 11495.duckdns.org # Reference: https://twitter.com/ScumBots/status/1251964364657213442 3.19.114.185:17791 # Reference: https://twitter.com/ScumBots/status/1251968137530146817 64.225.39.234:1085 # Reference: https://malwareconfig.com/config/6e2a03063823bc45ae960f3995699f09 checkernitro.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1253340577728360450 # Reference: https://app.any.run/tasks/b05bdd69-ab94-458b-b2ed-20ae0f721587/ adikamoto.duckdns.org # Reference: https://twitter.com/Racco42/status/1253699455032930306 # Reference: https://app.any.run/tasks/1c4692f9-a8f4-4d79-b75f-473a212f6239/ blackhil.ddns.net # Reference: https://bazaar.abuse.ch/sample/c068b1a7379f95ee883cd4ed9639bb2b28c380934f3bc0e0c7be97ad808c7b8a/ 172.111.188.199:8829 # Reference: https://app.any.run/tasks/6e90bc74-2cb5-4cfe-b800-f49eadbc06b4/ 185.244.30.139:4050 # Reference: https://twitter.com/abuse_ch/status/1257403567998210049 # Reference: https://bazaar.abuse.ch/sample/92632fa88b730e2593837c7d51884384dcf8c887fd4b8d3cc6741d12ae9cd347/ 185.244.30.6:5626 atiku2.duckdns.org # Reference: https://twitter.com/ScumBots/status/1257435718303059968 82.231.104.94:42563 linuxhosts.ddns.net # Reference: https://www.virustotal.com/gui/file/f88a226250d6a6179189d9639a45af0ef770ad895e1f6587ce92306b4b3bacbd/detection 141.255.153.182:3344 # Reference: https://www.virustotal.com/gui/file/90ad4bfa156e6dc301fd67d9bc96bd2239e8820a7fdc2ea09a39856638722d5a/detection 94.225.175.104:3344 # Reference: https://www.virustotal.com/gui/file/bdf862a437dcb333dddbe573a7d62032830c0b5f75618dd1114fbee235322a5c/detection 141.255.153.49:4433 # Reference: https://www.virustotal.com/gui/file/df06bc1fdb230da628f9d0ea42288c55ada5ab9fca619b6f60a1d75a4534e26b/detection 46.76.230.97:4433 # Reference: https://www.virustotal.com/gui/file/23280781868ba0a182714000130d3479ccb84c21a3b886fe1cd87d73c267d296/detection 83.31.167.150:4433 # Reference: https://www.virustotal.com/gui/file/65ce054709b95367ec2eb4d7b8f56700946dfb57c2f44a7964a9113a136e84c7/detection 141.255.145.239:4433 # Reference: https://www.virustotal.com/gui/file/3cea1a42bb8aff2347763954239fc8db8a8befe37862301ed5d7398282fc283b/detection 141.255.146.147:4433 # Reference: https://www.virustotal.com/gui/file/fecf5b0f519af2092c4d2a460eccaef9fef2815a8bac6d6ba1ff356efbdbbf86/detection 141.255.151.155:3344 # Reference: https://www.virustotal.com/gui/file/fac31e837d16a049d2de382d2faf41aca880ca71934f720efc95f2a28edef7eb/detection 83.31.167.150:3344 # Reference: https://www.virustotal.com/gui/file/c1b5c976eb0b8af45260a73d5297ca925ada4c36d114538439e23614de71a829/detection 188.146.228.210:4433 # Reference: https://www.virustotal.com/gui/file/a980806678b79f14c0d756b11188cf4885a466a850db4c33b0a2a7c4c729249c/detection 141.255.156.244:4433 # Reference: https://www.virustotal.com/gui/file/d8a976b5c4d88d4f39942ad4fe90f48b47069ec6ddf886215d1aa5ff0fc5650a/detection 141.255.158.237:4433 # Reference: https://www.virustotal.com/gui/file/baebdd5088be918b37095ad1083b305502103a81bf63e762c4063898733b8e6a/detection 141.255.152.57:3344 # Reference: https://www.virustotal.com/gui/file/cb7edcff3edf4fd5b246cb248458ba1e3041d1a7205d503d97fcef1c10f2a91a/detection 141.255.158.242:4433 # Reference: https://www.virustotal.com/gui/file/c5ae0dc8c228ad28bdd7069162bd5341376d7f8bfa42fc554ed2f24dce4cb750/detection 141.255.155.111:4433 # Reference: https://www.virustotal.com/gui/file/88c3a993e362dff806e4022ba9005b5dcc4e016b08bde2b418d67caba4e0c2e2/detection 141.255.147.28:4433 # Reference: https://app.any.run/tasks/2c1fb554-0e8d-4de9-9c3c-3bb3dca55a07/ fowok.ddns.net fowok.duckdns.org 185.140.53.12:5656 # Reference: https://app.any.run/tasks/07de1110-40df-45b4-83aa-74c37040d52b/ # Reference: https://app.any.run/tasks/71ac9101-026b-432f-901b-edb9fb25420f/ pharmzone.hopto.org 79.134.225.72:1010 # Reference: https://www.virustotal.com/gui/file/d3c30dddba67afa24e91c3ed5a9be486460a5283bedad9f79da85d65990c52e9/detection 123.140.35.169:54984 # Reference: https://www.virustotal.com/gui/file/12133591c48eed192baeb1cea56c2fcb7136d001a262106c6f9809a3925b7083/detection 211.32.178.201:54984 # Reference: https://app.any.run/tasks/d032c8f5-4ff4-4708-a4c1-2970d777a4ca/ 79.134.225.94:9124 # Reference: https://www.virustotal.com/gui/file/122255fdae0ad10f3f7b41672344573eacf74df3952b79592d2aa49286565dce/detection 185.244.29.158:3119 # Reference: https://www.virustotal.com/gui/file/440dd78f8acce2e6137f158763335b184986be8418ece2ca2a0a19b4610bfd8e/detection 68.235.52.36:4822 nowy4822.duckdns.org # Reference: https://twitter.com/ScumBots/status/1258106085157810183 204.152.219.103:6616 79.134.225.89:6616 microliberated.duckdns.org sweetsabbath.duckdns.org # Reference: https://www.virustotal.com/gui/file/84f8451f6178b4dd8892f5ce15cc3bed5b0e56ca51bd62dcfbbe0c88c50867d5/detection 185.165.153.203:5638 185.244.30.117:5638 comcasted.duckdns.org # Reference: https://www.virustotal.com/gui/file/c802e3c0b78bc558c09ab355342c06896d420ee08e463368bd0ce750cf48630b/detection 185.140.53.142:5638 # Reference: https://www.virustotal.com/gui/file/e23b43d017e1e09b5175e5fc2c7d3c9e60407b1fa591fc4b56dd5286266f8ed2/detection 79.134.225.121:8050 # Reference: https://www.virustotal.com/gui/file/d8489a4c3ffbf57f2ffc293f0a7cc0e4624bccbd435417cb0da89d33cdffa385/detection 192.169.69.25:5291 79.134.225.121:5291 marshall015.duckdns.org # Reference: https://www.virustotal.com/gui/file/b9cd813de85602f1261fc97adfd2db1e4ab6ecf9a044e44b008a9061dd175fc2/detection 79.134.225.121:3410 # Reference: https://www.virustotal.com/gui/file/7950278086aef7f7d515a19e3b7d9aace45d01dbd0c9b6753f1669964b56b296/detection 91.192.100.17:8050 # Reference: https://www.virustotal.com/gui/file/c0a67bab0f6a107e62d8bb33bb1912fef316eb247a127020a765a2cafd96316d/detection 91.192.100.17:3410 # Reference: https://www.virustotal.com/gui/file/aa6c092a36a8398c5c1a4c20c9e4a8592b99c04c63a1df5e8efdae2fd2e4cc61/detection 185.140.53.106:2013 # Reference: https://www.virustotal.com/gui/file/6b0bdf0dc67fb9f5840ff8799c584bdd375efcf1fb58f1c85fd6645d7820a55b/detection ahjksdjayhgjhagsdhjga.fagdns.com # Reference: https://www.virustotal.com/gui/file/00bf73df95cdae9d856be2547393223c4fc43fa4ca949c2275221a01af4434c1/detection 83.171.151.239:5050 thisismydyndns.ddns.net # Reference: https://www.virustotal.com/gui/file/c4be699fe1f5708344006cca1e10b4f74da1abfc607c530f4fc6d22ac8fee3fd/detection 185.189.113.83:20377 windowslivesoffice.ddns.net # Reference: https://www.virustotal.com/gui/file/d5a265e4ed76519f3707d2d5f153f631cb5f57e51f3ef4b9f8f6c43c5226a0d6/detection 193.32.127.152:20377 # Reference: https://www.virustotal.com/gui/file/82b2a563fa0f2b3b4cb0d285b6a7575a2ad674013d81d6680d3e81e80d2ae9f0/detection 185.244.39.45:7177 xcvkljdsfuewor7892475hjesdfswerwsdf.publicvm.com # Reference: https://www.virustotal.com/gui/file/7ec9021da55b9e0983f463ae2e61bd9b3a9a93469ea8a75424669eb8984913dd/detection 64.42.179.51:45840 # Reference: https://www.virustotal.com/gui/file/71777d4207738a074234876f31a0c1b4925307680a42c5ffeaae4c7d25daae7e/detection 213.152.162.10:45840 # Reference: https://twitter.com/ScumBots/status/1259483914495840256 89.182.90.167:3603 dontreachme.ddns.net # Reference: https://www.virustotal.com/gui/file/bc0670d923ac5d3007bb1a9f0fafe4a75697209adccabdacfb686973fb34f31f/detection 82.165.121.217:12 xkiller85.ddns.net # Reference: https://www.virustotal.com/gui/file/a4b881f6c19fe9c7b3523fdb17fdd7be5038b0dfccfb79d3fb7a2243e626f974/detection 94.11.133.178:1738 salumstar.ddns.net # Reference: https://www.virustotal.com/gui/file/96d8e9457091a18a51c473cb3cc4e17bc68d742db9f27a4fc531e0c105eb5431/detection 185.140.53.43:58124 # Reference: https://www.virustotal.com/gui/file/8996ce9251acde109c1654747f7e8a89e33a208e6ed3756e0861bf878f0d9dde/detection 105.112.99.219:49251 185.140.53.43:49251 194.5.98.57:49251 79.134.225.35:49251 xeliteme.us # Reference: https://www.virustotal.com/gui/file/8d553909f92849780ab5fecb55b2a65f59537e50aa05ad569de0bac50a7a08da/detection 105.112.97.53:49251 105.112.99.227:49251 105.112.99.249:49251 # Reference: https://www.virustotal.com/gui/file/fb972feeb124e22002df27dad53fa72904ddcd4d254a04ebeb21dafdb420cc03/detection 105.112.99.53:49251 # Reference: https://www.virustotal.com/gui/file/ea144ceeef04011e148dbeb572e63cb95c0151b1bab52ebe071b2dc8150e69d7/detection 79.134.225.102:49251 # Reference: https://www.virustotal.com/gui/file/ac297c5bb6bfb56573b4cff94770a5721a34db94d4d3bb75f1d525ce8c2c8a79/detection 169.159.106.238:19864 185.140.53.43:19864 # Reference: https://www.virustotal.com/gui/file/212b473d2d9f4f222d9c7315d21b6045b3cbf9de120cc21b6d55969966f44f8f/detection 169.159.126.46:19864 # Reference: https://www.virustotal.com/gui/file/52c1daa48f7a7341a1fe5b90241cdbd64b4e2586c0d9f27284449be57247ad76/detection 105.112.98.122:19864 # Reference: https://www.virustotal.com/gui/file/8304d1ce83f26ae9188a16b386c8ab85ad6c685728ae66842bf2012e87456702/detection 105.112.99.112:19864 105.112.99.251:19864 79.134.225.102:19864 # Reference: https://www.virustotal.com/gui/file/1da6f82ce664a631082e84edbfe9fad3212e802f77384b113d9ff3d4dee07e31/detection 185.140.53.43:2013 kenya7.duckdns.org # Reference: https://www.virustotal.com/gui/file/1a7467227432cdaa29acb2a56b84d514cfb9ea33055a3070ecb861eb51101e69/detection # Reference: https://www.virustotal.com/gui/file/856f303e6cf127d178eb385e0aa7d914cfb754b520bead5fd0f4b2173df6da11/detection 192.169.69.25:7722 185.140.53.43:7722 kenya8.duckdns.org ikorodu1.duckdns.org ikorodu2.duckdns.org mypepsi22.duckdns.org mypepsi25.duckdns.org mypepsi32.duckdns.org mypepsi34.duckdns.org mypepsi36.duckdns.org # Reference: https://twitter.com/James_inthe_box/status/1260157297168285696 197.211.61.37:4000 rdpdoc.ddns.net # Reference: https://www.virustotal.com/gui/file/cc630f017225ee40a7d9f96e3a5d6ea2cdfe8da96154d8a481d6e40e2abed97f/detection pmanz.sytes.net podzeye.duckdns.org # Reference: https://www.virustotal.com/gui/file/dc24fc7a20319973f3b65f6a551419d5f42085cf525b0a9de864e56a85918091/detection 216.38.7.239:444 41.217.58.13:444 # Reference: https://www.virustotal.com/gui/file/aead1479ef4d8bf17c59a84b0d319a53d7c0dec8c07c0d137dbe536083ce5c16/detection 154.120.103.91:444 # Reference: https://www.virustotal.com/gui/file/d0a9a57bafde12ccbb91b3a76da54e09ddaa3350bf83401b115b994e17da3253/detection 172.93.189.93:444 # Reference: https://www.zscaler.com/blogs/research/multistage-freedom-loader-used-spread-azorult-and-nanocore-rat 216.170.114.4:54392 # Reference: https://www.virustotal.com/gui/file/bc38b0e796fc5cf0c20835bed85362e18ca27c26b6603ebc914a73d3de66393b/detection 86.136.102.191:54984 nancratchazz.ddns.net # Reference: https://www.virustotal.com/gui/file/645d6fc2d9933bf8a3e23e8ea66d0670271bfa6bf9f87b40b9db3ad58a1380f9/detection 86.188.93.33:54984 86.188.126.93:54984 # Reference: https://www.virustotal.com/gui/file/1bb3987a5514c74a2dd6addbcd1ab911e010ea09b183dc754730dcf34e6fb916/detection 78.163.1.67:1085 kurbanlar13.duckdns.org # Reference: https://www.virustotal.com/gui/file/8428daf5412459321bb89cab571f15bffb23a9a77af729283ec8e3190d0338b1/detection 1.234.108.31:54984 osu.p-e.kr # Reference: https://www.virustotal.com/gui/file/7780a1035345b4c68b849168bc68abab2edc4d16e8afc19fd1088ecb91ded790/detection 59.2.231.251:54984 # Reference: https://www.virustotal.com/gui/file/5da02c8199a8734f1ff6ba03f9cf751d13851844eda167249198c640ec61fd59/detection 105.112.98.193:64853 79.134.225.111:64853 # Reference: https://www.virustotal.com/gui/file/1b5b618360e0f816972541d9aea7993d3e539de29d3da46f1d86612765f337ed/detection 197.210.226.224:64853 # Reference: https://twitter.com/JayTHL/status/1264302125791789057 79.134.225.32:4918 # Reference: https://www.virustotal.com/gui/file/d736ea220ff2ed658cd5e72c587a47ba2cb45d451d5f05dca4ae56b71ab27c90/detection 213.159.212.162:5454 kermanuwu.ddns.net # Reference: https://www.virustotal.com/gui/file/1dae0985f5cf3bd2c5668e13680f098ddfb1cd4384a14ef5b3a15149d1bda134/detection 194.5.99.143:3333 # Reference: https://www.virustotal.com/gui/file/900a52d261b439322b6037784aad547615769f487817ead93ff2994337bfbade/detection xkiller2020.ddns.net # Reference: https://bazaar.abuse.ch/sample/f036e2aa7615446d2cb3ab689b13aac4055bf2cb8b19b0999db08d7052a80bf1/ 91.193.75.15:9900 megida123.ddns.net # Reference: https://malwareconfig.com/config/d3ed1086de7a05a675e84c5700b0dfdb xayn420.ddns.net # Reference: https://www.virustotal.com/gui/file/f8770eac2308bbaba2b0cd9436515c0ddc67a4b071df55b22c9a50a46bdfae5a/detection 116.126.222.134:54984 forchip.kro.kr # Reference: https://bazaar.abuse.ch/sample/f6833bd6cacc270d9bd9f4a5d3c857eaf1fa4bff26dde70645db48279d52f25d/ 185.140.53.11:6532 # Reference: https://www.virustotal.com/gui/file/ecedf8ca5d5fffd39a161e6e2897d1498fe838a577f4e533831691393eaea743/detection 185.140.53.15:7654 okayson.freedynamicdns.org # Reference: https://www.virustotal.com/gui/file/18472c163255e30adfdf41fef292dc864524eeb928234eefd18f29fd5e6799f6/detection 199.19.94.62:44061 forwardto.ddns.net yrz.ddns.net # Reference: https://www.virustotal.com/gui/file/38265051016034998053fd5da769103d548b48a8078f7e5e22dee058180b2d49/detection 184.75.223.211:44061 # Reference: https://www.virustotal.com/gui/file/e426a62fc1d393dda7c072fc03f6fceaa6b97ad2e2c18e5a6ecc34f8fa1bfb70/detection 18.156.13.209:11769 # Reference: https://www.virustotal.com/gui/file/4c7affc3a277874d90723474c5b453cd5357f46bbe987b4f3c385aa1dc9ebdde/detection 185.140.53.11:9900 proton1234.ddns.net # Reference: https://www.virustotal.com/gui/file/d6093e8cbda03c64c41e3184f03df9719ca44b90f5dda5741d60ffe614baa5b9/detection 185.140.53.11:1717 41.190.3.151:1717 dvsmrtn73.ddns.net # Reference: https://www.virustotal.com/gui/file/70890d23bf831b4b9ea905fb5ade1646a87c33280bc4bb857dba3e6d24de4f6c/detection 185.140.53.11:1985 # Reference: https://www.virustotal.com/gui/file/f758cdcdb557a63bfccd1da9520b296757251b43ebd04647f1d196bd4e8ced74/detection 41.190.31.26:1717 # Reference: https://www.virustotal.com/gui/file/a974a87f44252d69d2240704c2925ff17d81beef261352675c52520a451e08d9/detection 197.210.65.165:1717 # Reference: https://www.virustotal.com/gui/file/071d0777228fa43eedc5c3548b5b07aebabdeb7faaa6674a2dd1132b7dc79b92/detection badmu.myddns.me # Reference: https://www.virustotal.com/gui/file/b8799bc747346a8b6df2732e3737e36b0e5d3c8cd26b066c313ef65c88c33b95/detection 185.140.53.11:6700 # Reference: https://www.virustotal.com/gui/file/c25e50ab885dae75cf5682ae41b91cefffc8b3986b224832c1255788e24c2910/detection 216.170.114.252:6700 dontknowwhy.duckdns.org # Reference: https://bazaar.abuse.ch/sample/f728252169da3a6dc69cd201835230c017ce37c9a9cd06c1e7daa3153ebc6f80/ 194.5.98.28:5626 duckmeat.duckdns.org # Reference: https://www.virustotal.com/gui/file/051030393f578db6d747781d2553873f82ad83874193608759b968a06d71fa0e/detection 82.102.18.14:7005 pomm2pain.ddns.net # Reference: https://www.virustotal.com/gui/file/d2ffc224d5818be5ced49af7c1c1e2f73d9eca9e9e73ebb3ead1ef5e83d6a9ef/detection godblessme.hopto.org graceofgood.hopto.org # Reference: https://www.virustotal.com/gui/file/d51b32bd560b9fd2af45d8c28604ebc6cbe2097810c11e5f3bccbe1054a4cf15/detection 78.112.230.97:1605 testttttt.ddns.net # Reference: https://www.virustotal.com/gui/file/17fa709f1a866d573f997f8f1288d537de382cccc5a4f9c1811db9da34c016b2/detection 194.5.99.20:3118 forwork61420.ddns.net # Reference: https://www.virustotal.com/gui/file/682cb1c003d98478150a40e5a6eed75332e34a611749eed232e88bf6020b2c4b/detection forwork61420.duckdns.org # Reference: https://www.virustotal.com/gui/file/b852fe2db52e3c3902f5a712b116a4f1bb77ba915a111f10a10e2f4e3bdbcfa6/detection 95.211.208.55:2937 arkseven004.ddns.net # Reference: https://www.virustotal.com/gui/file/296e81d76d2b343f4a068ebcd98211852d98bdacd46943e8c866ae0358e24a1b/detection 49.196.30.48:1608 test9933.ddns.net # Reference: https://bazaar.abuse.ch/sample/17976b00ac98edbfed8a513caeb5d757c334ed3e1f94712212b5b7a4ac1f226e/ 194.5.99.9:1985 blessme.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1275831258216411136 mdhkazerni23.ddns.net # Reference: https://www.virustotal.com/gui/file/80647d0914027adabee2afcccc6035d144dd27fd428addb1733bc83059d81b27/detection 90.47.148.229:1604 saayyy.ddns.net # Reference: https://twitter.com/ScumBots/status/1276787932402155521 193.161.193.99:52957 # Reference: https://app.any.run/tasks/e750ae39-3a5e-4f69-8287-5c1fbae25f49/ ChrisLad-61434.portmap.host # Reference: https://app.any.run/tasks/5bcfab20-3200-4a70-a604-e5ba6d8bfe6b/ mogs20.hopto.org # Reference: https://app.any.run/tasks/1a62e1a7-c684-44f9-9a40-ee10689cfebc/ 185.244.30.251:1085 mogs20.hopto.org # Reference: https://twitter.com/luc4m/status/1277885198613590017 socket-controller.ddns.net # Reference: https://www.virustotal.com/gui/file/10e95970b66143465720378dfd0c0565bffc3fbdbeb4052ee25b3ccce559a8a7/detection 78.250.201.211:1604 amazigh.ddns.net # Reference: https://www.virustotal.com/gui/file/4f3cc70223b6741b19398dee2e3c073d99466a1890634923c1f582edf6689def/detection 194.5.98.111:3524 # Reference: https://www.virustotal.com/gui/file/e0c6187268fae22239659d88982ab88ed5fc4c39f756811e43e9c87c3bb51024/detection 105.112.99.116:3524 # Reference: https://www.virustotal.com/gui/file/6f4c44c25f3fbad058326da08ba53bfd3e57268405e07eb8d38ec3bf3e9cae15/detection 192.169.69.25:5118 # Reference: https://www.virustotal.com/gui/file/5108c55168d2df826e5621020a048c2eee01f999fbb025698876c19e81bafe1b/detection 79.134.225.111:7070 # Reference: https://www.virustotal.com/gui/file/82682adcd6c64959f94ac619732637c6cb8f8a3e30e6c630bc7b7e0a3c1a182c/detection 49.175.99.121:5552 # Reference: https://www.virustotal.com/gui/file/5e2c21896dd984e7c76e88dcd070d1939a6fd27e728823dd3bf846f9db1203c8/detection 13.90.73.128:1813 docencrypt.ddns.net # Reference: https://www.virustotal.com/gui/file/b2b5fa437d2b5dd11abb6ca40bec2a31d07f789e5c754b5cb7ace2e24528d243/detection 173.212.225.18:6565 whois.myddns.me # Reference: https://www.virustotal.com/gui/file/306ac086dd1217f6d3e5c3ac64378fb2104e9bb900c67a41e9b266aec97db0df/detection 95.181.157.6:8888 nano.payeermine.com # Reference: https://app.any.run/tasks/07bb1d81-3b47-4daf-aa92-2ea6c619faba/ 95.217.100.164:1608 windapts.ddns.net # Reference: https://www.virustotal.com/gui/file/214d2cb552aaa99564f24c3cbf794f3839db76aef5673b1f58b65ea957bfece7/detection 109.186.175.132:1111 test20041.ddns.net # Reference: https://www.virustotal.com/gui/file/7824efe18fb422bf6ddc22ced42e3d095e04a0fff127a835104b9f2f8c49ac10/detection 81.240.172.133:1605 # Reference: https://www.virustotal.com/gui/file/3d1c59b30ee62f7fd8606e4b666f98f1b678954b59d6ed2a6b3a6e219b14477f/detection 87.104.123.253:54984 bruh.ddns.net # Reference: https://twitter.com/VirITeXplorer/status/1290917136358088704 # Reference: https://www.virustotal.com/gui/file/41a16c2fac901e39b8d73bd18aee3a42b510c0e5a7984bb139584299b7356d16/detection 185.165.153.32:6493 aligod.duckdns.org # Reference: https://twitter.com/58_158_177_102/status/1290801098282823680 # Reference: https://app.any.run/tasks/dc2fcd38-2f38-4871-8036-944871699780/ # Reference: https://www.virustotal.com/gui/file/505314282263ad6e0a5b6908907b73d87e822a3788c1e72d50e1e4876ba4a0fd/detection 105.112.101.125:7712 185.244.30.14:7712 godisgood1.hopto.org # Reference: https://www.virustotal.com/gui/file/dbaec2a20ffccfd25b181a02c9e6b949347cdb1753e771fdea2ac1eca054179e/detection 185.244.30.16:8282 judge2020.ddns.net # Reference: https://www.virustotal.com/gui/file/4832047d5bf8f4dc4c218adeb20a4283e995d8ea641c7129ffdf0c272a9a80b6/detection 185.244.30.8:8282 # Reference: https://www.virustotal.com/gui/file/fa818a328b84e82f3473add98d8b60fe4ee6a7951465552078729d02deebdd3f/detection 41.217.68.36:8282 # Reference: https://www.virustotal.com/gui/file/c3089400b28a47eb86717230ea291b238a6500da2947b8c700cf3807fa9f5416/detection 194.5.97.18:8282 # Reference: https://www.virustotal.com/gui/file/9eabc0b8905528da9db92ac356f4955fc234cf0e9894f6855d4f88956624a62c/detection 129.205.124.22:8282 # Reference: https://www.virustotal.com/gui/file/25acfe6e0557ab678181432342ed0f909d3f22438fe20ff920579316f5c4edbb/detection 129.205.124.58:8282 # Reference: https://www.virustotal.com/gui/file/41cc013fbf2fac4d19eff0dc17d0c3dac9cf85de372fb37f1731169ef2f6f6aa/detection 129.205.124.180:8282 # Reference: https://www.virustotal.com/gui/file/6839dfb2bf232ccc68bdb4e275ffc1a2e8eb4c672071b706cd3e7a77c85cd4e3/detection 185.165.153.18:8282 # Reference: https://www.virustotal.com/gui/file/06bce1b1cba5b35d7b91140121f7450852f8297cfa280b6dbb9f72d496636a3c/detection 154.120.100.179:8282 # Reference: https://www.virustotal.com/gui/file/1060cfbd653c67aaf319e11458740e4642c9e5d86fbfa03b5f34140d1e6fce89/detection 154.118.31.181:8282 # Reference: https://www.virustotal.com/gui/file/5b5014329912875a48d3c47a61f559e2ede4a0b338270c3d92ba9bc6f16dbf06/detection 2.218.227.109:5353 awdu89021j3io123.hopto.org # Reference: https://www.virustotal.com/gui/file/933fe91d07412c99011a46b4841b02f6bb8b28e08e900c7646e1c6a9ca12e87e/detection 95.140.125.23:5000 # Reference: https://www.virustotal.com/gui/file/7727d3c7d5e0bbaa09b85aa3962082f274ffd748a30ad896945fa13f2173c246/detection tuanvosatb.hopto.org # Reference: https://www.virustotal.com/gui/file/c660d1d93adc735a9a5c59d18eecf6c4124b4e32b3a704bb754e490a2bf5eb35/detection # Reference: https://www.virustotal.com/gui/file/7926f37cb45c730b9fa347b9e605d1b8e6a055b97f335bf8f1ea99e953fc94da/detection 185.165.153.26:9036 194.5.97.10:9036 salespaul.ddns.net salespaul.hopto.org # Reference: https://www.virustotal.com/gui/file/629850087c61458e602d37b2e08f882ddce49ac214789b6bd301899465413743/detection # Reference: https://www.virustotal.com/gui/file/7e8378f852f1d65e9bc64f12fa30545292b133c0aaaabe19834fa768784b9406/detection # Reference: https://www.virustotal.com/gui/file/234c57c7f3d4143d532755cc4ab496dc38f7452bf2f4440fbd363ee7fa351e90/detection # Reference: https://www.virustotal.com/gui/file/34177404f98f44a3135ed16c9f3c514725d59594de6843feff184fb2a20f58db/detection # Reference: https://www.virustotal.com/gui/file/a4ba594c58e4ccab849590d84b02a0b92e038bc3ca578753ae82a03433e60c2d/detection # Reference: https://www.virustotal.com/gui/file/3416950352359d3ef392a276e31f2eb898c03cea18e1e66ac6d89e46ea266c68/detection # Reference: https://www.virustotal.com/gui/file/43f61c32e4bddb05307dae6dd05df8f514e8dd259e11107d984960d7f3f20b01/detection # Reference: https://www.virustotal.com/gui/file/362dbb0295ee76f7a5669bdb000c81210bf96e3a42ceab8a867af9bf95f2a85d/detection # Reference: https://www.virustotal.com/gui/file/d07d2d0ebb94ca46ad8c7d3c19dab9880c94104982b5cee71c294315e9728149/detection 184.170.29.18:90 184.170.63.178:90 63.143.101.157:90 63.143.103.252:90 69.160.108.104:90 69.160.108.158:90 69.160.117.18:90 69.160.125.151:48 69.160.98.114:90 jamaicanmodder.hopto.org # Reference: https://www.virustotal.com/gui/file/9d704430f434f57f0b3e411e8ad6d932c1e2c4f86418c4b57b470443619c2a5e/detection # Reference: https://www.virustotal.com/gui/file/fc3f3dd9aaec6fc7bf3eff2381e1069dcac4722d7815aa5f1eb7d3bb80affe01/detection 187.44.73.234:4444 187.44.73.234:5568 nois01.hopto.org # Reference: https://www.virustotal.com/gui/file/68dd11ec4ef88c75394b3a4c18b0d84ee564b39a4b102092049b41a107aff11a/detection # Reference: https://www.virustotal.com/gui/file/1974a31670d6580f2b4834c229d6123e1ee13c4bbccb9aad7a2b5e6cb3da8b93/detection 149.3.143.104:58581 calmhustler.hopto.org nanoc.myftp.biz # Reference: https://www.virustotal.com/gui/file/7691b9903a6e2b2e5352899104bbfbb124d5066412e4eac6e8a5ddb1980a651f/detection 195.123.237.248:58580 # Reference: https://www.virustotal.com/gui/file/4f40d5b8e14c3f4d34a427e50be3f770cee76536b484e883b260a8c84cddc241/detection 194.67.209.128:58580 # Reference: https://www.virustotal.com/gui/file/442a0425a657db9666e95ca0f3f147b2631f85471fcd85b0b92de43fd610df16/detection 45.249.90.48:58580 # Reference: https://www.virustotal.com/gui/file/984c10b376c5919a47852d14482971bdfdda5b1002a89a733c8355f83703d35a/detection khyberlogistics.com.pk # Reference: https://www.virustotal.com/gui/file/db4163046ee4cbffb71d888535fa219cf6e10d4e1491872a31403a18f2a2057f/detection # Reference: https://www.virustotal.com/gui/file/cbc0bf0dc18724e2aa9081616c7c9f13ee72c3a351a87528f05950e64f38f2db/detection 105.112.32.112:1972 105.112.34.68:1972 glennfloyd.hopto.org # Reference: https://www.virustotal.com/gui/file/984f6b2e7be7aa024346337efda4f0adb42c9dff876df67523586b0f3ba2f6a6/detection 185.61.149.52:6374 # Reference: https://www.virustotal.com/gui/file/e7e4408d52bece69de7318c57a52d7b854c4bac801d8f4492cb42b54d297b22d/detection 197.211.60.59:6374 # Reference: https://www.virustotal.com/gui/file/d930e2fb95334f9102c177a5d0a24572b963ba0aebdb149c6d6a47d6ed73d7ce/detection 197.211.60.87:6374 197.211.60.92:6374 # Reference: https://www.virustotal.com/gui/file/ce1ab814b21da6747275c5f83c1d9f6ce53bb51a454021a9a8221daa962402b1/detection # Reference: https://www.virustotal.com/gui/file/de35eb160473867bbee888e774d3785c692cb2c0492700f0121bf0303a16a776/detection # Reference: https://www.virustotal.com/gui/file/b437e8454c62108371971f0f92fa41d16ea48e235205ca17ff8f5fb95ef9d0a2/detection # Reference: https://www.virustotal.com/gui/file/dc92da85366c210c4668f1d42abeed2119e1f95273323628dba880b31ce7a057/detection # Reference: https://www.virustotal.com/gui/file/b4ee34b0a7b13e9e7a2f9d2ec3dd68244ff64897fb1deb372975f6324e1c3cb0/detection # Reference: https://www.virustotal.com/gui/file/7a19118fd684b5b21d6288ac80dfb187e13fec715924de69a62589caf0535239/detection # Reference: https://www.virustotal.com/gui/file/e7690b6c6c60062e2a0e2e097ca8d5e12e906d72004498351c40c71f3eeafe5b/detection 105.112.100.119:1996 105.112.100.27:1996 105.112.101.242:1996 105.112.102.33:1996 105.112.106.189:1996 194.5.97.22:1996 41.190.30.180:1996 41.190.31.38:1996 snup2020.hopto.org # Reference: https://www.virustotal.com/gui/file/853b1a4722b712768939a57e9cf16cd9335f5bc5731969d81d6a732f1759ec88/detection 88.64.63.43:1604 # Reference: https://www.virustotal.com/gui/file/a7fe56c4ac333c5d1dfbd4f576660ec405a714b65238a4558bd1e5b9e2243c5d/detection 185.247.228.5:42151 gregory66.dynu.net # Reference: https://www.virustotal.com/gui/file/77cb032892c4b001b54871403e09aaae085be1549f0c3c7b1d9d89a88592a358/detection 193.161.193.99:43861 # Reference: https://www.virustotal.com/gui/file/9cbc8beff4c865dc45fc7fd063eb848d42f83511f8d53bc80a0b605061e4dd6e/detection # Reference: https://www.virustotal.com/gui/file/82206dd1084056f0193f16d9bd8f92f37c207ace3000de994d07c6ad6262dfc1/detection 212.251.116.161:3702 62.1.59.224:3702 dinokosgr.ddns.net # Reference: https://www.virustotal.com/gui/file/c2a9ededcf9b580aa3892b8283a8e395399a1342e1a01936f49c11f9e88e0907/detection 113.160.165.75:53896 # Reference: https://www.virustotal.com/gui/file/2ce35ec71844c53c8c4267ea004f860512a006b185828b57a65693ae5fc2873a/detection 129.205.124.238:5353 exceldoc1011.ddns.net # Reference: https://www.virustotal.com/gui/file/93318d1043b7b19f3e1e5b70b8e7c268640d062ffd0125c687bcf190667b57fc/detection # Reference: https://www.virustotal.com/gui/file/13d88188719da3ef262fd7cebdf5fb68a5978308c4a3b175b261e138ac4c8dd5/detection 41.102.12.246:57415 41.102.126.80:57415 nanaorec.dnsfor.me nanomilan.ddns.me # Reference: https://www.virustotal.com/gui/file/d73c6b35d8118432a8070a9ea8fa565b9f6317e63735aa8973ce726d54c99e8a/detection # Reference: https://www.virustotal.com/gui/file/966956b7e1b7758c55794455ccfba84365ec2dee3e6fbeb7f5951a5da04c20f5/detection 103.200.5.128:6681 144.168.239.34:6681 systemone.bounceme.net # Reference: https://www.virustotal.com/gui/file/2963104ca069f66b802d0a4268b390f0f11c77666a150cdd65921e6839b0c600/detection 194.5.97.11:54985 jibrelcloe.bounceme.net jibrelcloe.freeddns.org # Reference: https://www.virustotal.com/gui/file/5864be3d3e74643d67704e0b6e77177080f9518d43f8827e9b088ef31d9196a6/detection 66.66.166.74:54984 marshg3.ddns.net # Reference: https://app.any.run/tasks/11795cb8-527c-407b-913a-dda7c5fc75e1/ # Reference: https://www.virustotal.com/gui/file/3f2c17bfa5c453a9fe4a8ab56c9d9ce24020e7489204f506d92668986b965826/behavior/Tencent%20HABO 176.233.19.216:1453 193.183.217.159:2222 208.100.26.250:2222 85.101.227.3:1453 kral.kingx.info akilay.kingx.info troyka4100.dynu.net kingspy.linkpc.net # Reference: https://www.virustotal.com/gui/file/14e2d59cda2a0f77883110003e580750ff27b2c13cf1998c24ecb15c8f6735e2/detection 176.42.37.54:1453 212.154.4.67:1453 # Reference: https://www.virustotal.com/gui/file/af661050972ec1986cea4f1b6184978014d065b942e2e0d170f89b9dacf811a0/detection 78.172.144.102:1453 # Reference: https://www.virustotal.com/gui/file/bb1a717c2ad799b9b026173f95fcc4b6fc16e233c5b24895744075418359526c/detection 193.183.217.214:1453 # Reference: https://www.virustotal.com/gui/file/01f513ae8de5bb41180a25f095a1bb432f122a808950cd317bbc3b9c6b6cb48e/detection fff.kingspy.ml # Reference: https://www.virustotal.com/gui/file/ca5f9b9d08b7245ce538fc5d37b397a628c42af94dae23141fd6cff4aa174bc4/detection 88.203.162.198:5552 noportmeh123.ddns.net # Reference: https://www.virustotal.com/gui/file/5139795f05610c8e575815985d0ca35e296aadbcfba920b2a3ccdd2dbea3de82/detection netman2323.ddns.net # Reference: https://www.virustotal.com/gui/file/67f2aee7a918bfeef9db728b20a71610bb8df72f4388e3b900ec63d3db99793b/detection 109.247.81.119:28828 # Reference: https://malwareconfig.com/config/ffed2f1e6ca4269b6f71cdd1c89d9d76 194.5.99.121:3845 # Reference: https://www.virustotal.com/gui/file/ef7b45841574477b1b5ed2ae34b73245f7584c95b2a6f779c8ef7832ff2b24a1/detection 94.194.4.192:60588 craiglolol.ddns.net # Reference: https://www.virustotal.com/gui/file/d824db4c74fa5d2370357807a8e111a006d53b2a86356d77f89d76ae66f4b8b8/detection 193.161.193.99:49990 fb38099g.bget.ru joke-cmd-49990.portmap.io # Reference: https://www.virustotal.com/gui/file/6a36e120933b856f01d2cddcbc3b58eb7089d81b774d32a47363f0b0ce2c8b30/detection 193.161.193.99:55663 bogdyboss493-56967.portmap.host # Reference: https://www.virustotal.com/gui/file/8f5e9e6a7d2410e7ab6def79f857ba3f4a50312a26712bbdecc7732fc8277a39/detection 191.217.138.24:444 trjtopfullccs.ddns.net # Reference: https://www.virustotal.com/gui/file/4ece9db006dc825df446558e92c03269acdfb2651964b7064197ee1b5eb89810/detection 193.161.193.99:29897 riteshjayte-29897.portmap.host # Reference: https://www.virustotal.com/gui/file/8c8159ac91ee5d5fdf8afa698f73b5ae52bc0617b2f45c5cbfa4b89f712f1897/detection 185.140.53.3:7654 # Reference: https://www.virustotal.com/gui/file/21d0520acdc926195c24d853e8e252126055370182deb683efd6228193af6c5b/detection 185.140.53.3:7590 # Reference: https://www.virustotal.com/gui/file/1a310d38b246012578cd21b406e771cc96b572aba58155c6dc4e621a9b51f50b/detection # Reference: https://www.virustotal.com/gui/file/38bff0accbd41e7ecd8316dfb40830502ae9010aa9959f58c0487eeb3cd83357/detection # Reference: https://www.virustotal.com/gui/file/7231955b58f7a6b19ea2719be8762b7922f1732b9f3fa1d1ddcaedb71d2b8fce/detection # Reference: https://www.virustotal.com/gui/file/93169a8299ef405c622a074d2f4ecb94b541f2775c64edeb2b602764bedce43e/detection # Reference: https://www.virustotal.com/gui/file/4b45ff6d132f42bcd2a728aa2a1cac99c55642a3831a10845e26a8a56a5a7f29/detection # Reference: https://www.virustotal.com/gui/file/0378676e03df18269307fcdcdab7bfb34869464dd687c0d24963271b6d3e4906/detection # Reference: https://www.virustotal.com/gui/file/6e427ca7123643fb1f02e376e84afb6aa8660e24af18d593df21f512acb0fbd0/detection # Reference: https://www.virustotal.com/gui/file/0029d617ece4567b862bfae7316dd70296f249207b94df615398d6b2164c8c1c/detection # Reference: https://www.virustotal.com/gui/file/b0563ffd558cf927321f243a56b3ad73dd6ef56d204187839fe647d8c448f151/detection # Reference: https://www.virustotal.com/gui/file/6cae9d6549da977253232be80dd4e1c7e6be6ac7ee68dd512a6863bdc7b15330/detection 105.112.122.238:4141 185.140.53.15:4141 185.244.30.18:4141 185.244.30.21:4141 194.5.97.13:4141 197.210.52.10:4141 197.210.52.101:4141 197.210.52.172:4141 197.210.52.34:4141 197.210.53.133:4141 197.210.53.15:4141 swizz666.ddns.net # Reference: https://www.virustotal.com/gui/file/cd8a8adc707737ad5f3cbe0eac8356b105320b9756e1c0d446a018b225c58227/detection 107.172.221.181:54984 192.169.69.25:54984 information.servecounterstrike.com # Reference: https://www.virustotal.com/gui/file/dc3c9584d79e24f6be9ddc3290b1477fbe1b08f525454a376753b2a4e278de8e/detection 78.125.163.33:54984 # Reference: https://www.virustotal.com/gui/file/4f60f2ec080e0f7107a55221e0fbefb919ef2f6422ba2896a0ed5baa9eb8ac53/detection 84.6.7.23:5498 84.6.7.23:54984 # Reference: https://www.virustotal.com/gui/file/986bf75ffe5d7e61cb3f6d4af2c6c07e034db5d8b15f6a21c473869faa64226f/detection 88.139.174.79:54984 # Reference: https://www.virustotal.com/gui/file/a259ab9f2ce1c874205cd31ac2f4ff924955caf2a81396b400dceb2438ff8921/detection # Reference: https://www.virustotal.com/gui/file/5cfb9a2c724f578bbe78e041a9a4cc5e19760f88b871ce5e9eb396485256c650/detection 184.75.209.190:2404 185.140.53.135:54985 alquilosabc.loseyourip.com alquilos123.ddns.net # Reference: https://www.virustotal.com/gui/file/da847c613a97f6c3fd62a2ab9592fbabbab6d4b3238474ae8139e5df24893429/detection 197.47.166.89:4000 197.47.61.149:4000 # Reference: https://www.virustotal.com/gui/file/97b8a45c8e2f99924898a7d230cab9ba005ad0dc692b33974a5e709406afb971/detection # Reference: https://www.virustotal.com/gui/file/70d2fad27195ab7162a6a090c8830d4e24fdf7d9d9e88fed256d3a15bb46aa07/detection # Reference: https://www.virustotal.com/gui/file/7e8378f852f1d65e9bc64f12fa30545292b133c0aaaabe19834fa768784b9406/detection # Reference: https://www.virustotal.com/gui/file/ed999dbf0261a97d14a344df647dd42ce96293f9a166f13e07b394b8cf1b698b/detection # Reference: https://www.virustotal.com/gui/file/34177404f98f44a3135ed16c9f3c514725d59594de6843feff184fb2a20f58db/detection # Reference: https://www.virustotal.com/gui/file/a4ba594c58e4ccab849590d84b02a0b92e038bc3ca578753ae82a03433e60c2d/detection # Reference: https://www.virustotal.com/gui/file/3416950352359d3ef392a276e31f2eb898c03cea18e1e66ac6d89e46ea266c68/detection # Reference: https://www.virustotal.com/gui/file/43f61c32e4bddb05307dae6dd05df8f514e8dd259e11107d984960d7f3f20b01/detection # Reference: https://www.virustotal.com/gui/file/362dbb0295ee76f7a5669bdb000c81210bf96e3a42ceab8a867af9bf95f2a85d/detection # Reference: https://www.virustotal.com/gui/file/d07d2d0ebb94ca46ad8c7d3c19dab9880c94104982b5cee71c294315e9728149/detection 184.170.29.18:90 184.170.63.178:90 63.143.101.157:90 63.143.102.237:90 63.143.103.252:90 69.160.108.104:90 69.160.108.158:90 69.160.117.18:90 69.160.125.151:48 69.160.98.114:90 jamaicanmodder.hopto.org # Reference: https://www.virustotal.com/gui/file/e42c98b7c1c0635b90c402cd827f4de7a7740d5acff7b843714d2885e904985f/detection 194.5.98.26:4040 # Reference: https://www.virustotal.com/gui/file/bbd7b2322733fc3b8992d84db06a13bc3c9297ed02671c1915dde93b5bb1b7c3/detection update-account.ddns.net # Reference: https://www.virustotal.com/gui/file/500efad5274833d7c04d4e40f9aa56ba5b7c9b53a719cfb6f3494a1d0d02886e/detection 109.57.60.221:59193 fliptheswitch.ddns.net # Reference: https://www.virustotal.com/gui/file/2938e770effc5cb1e51af3bbaacc78316bbc7357ef3a8d366d7e88bd5a545c9c/detection 185.19.85.136:31821 sketch321.serveftp.com tomati456.ddns.net # Reference: https://twitter.com/JAMESWT_MHT/status/1297877430582087680 cmb234.myq-see.com # Reference: https://www.virustotal.com/gui/file/662f115f07c983b7c060eb8a98b4dfa8951df8f3149e71523d2de7ee97d9139e/detection 79.134.225.71:1990 # Reference: https://twitter.com/VirITeXplorer/status/1298963306309353472 185.84.181.67:9124 # Reference: https://www.virustotal.com/gui/file/dc60cbd5aea9991eae966cb8499ff91647ca4c2f4a9005c17e7b804fce1bafb6/detection 5.196.102.89:4545 # Reference: https://www.proofpoint.com/us/blog/threat-insight/threat-actor-profile-ta2719-uses-colorful-lures-deliver-rats-local-languages # Reference: https://otx.alienvault.com/pulse/5f47c261f5b6aba82c4b8de6 megaida123.ddns.net # Reference: https://www.virustotal.com/gui/file/adb24fe11631219f74041fd1e304f84db1edda125ec3ed926254f511d2d7678e/detection voucomereucuu.ddns.net # Reference: https://www.virustotal.com/gui/file/fb5bae3dabbf6aec4c7812eb286414b8665173fa2daabf794c571d61ae3eaa36/detection # Reference: https://www.virustotal.com/gui/file/a2d6f81373b31670a8500a714aad457d705f07966dbadf260ec963a954061d00/detection # Reference: https://www.virustotal.com/gui/file/0fb26042a8a31d0db10d1302875a6f44d5aa5dd369b309795172dc957eef5c4a/detection 157.52.255.145:83 185.244.30.251:83 5.152.203.118:83 covidglobalupdate.myftp.biz # Reference: https://www.virustotal.com/gui/file/5090e31c81766447e354789fb37bf089e53122f21ff1d38a644b12754205bc40/detection 193.161.193.99:37458 kutas54645-53485.portmap.host # Reference: https://www.virustotal.com/gui/file/f5ee309bcf361ac82d2e7e81c0a523cccc9591cc97bd78212e5d783d3e7863a3/detection 193.161.193.99:61731 jaymaximus-61731.portmap.host # Reference: https://www.virustotal.com/gui/file/ecc84cd6a8246c10f598ecd8929c9a58e7a111e36ba746fddae0d4499bf84bf9/detection 193.161.193.99:34883 vikings46-34883.portmap.host # Reference: https://www.virustotal.com/gui/file/b0bff54fc6f5cc1986f42ddb1e5042c927eeae62f55d0693a257b1531f84f0e8/detection 193.161.193.99:52697 vnaidu-52697.portmap.host # Reference: https://www.virustotal.com/gui/file/c2f214ddd1e6374e00d442ea723973a62d526c3c59d0031933738719a2e95abb/detection 193.161.193.99:40438 nanocookie-40438.portmap.host # Reference: https://twitter.com/ScumBots/status/1300445067010863105 # Reference: https://www.virustotal.com/gui/file/4a6c3951153aca92168a984d6ce11bacf23a673ef7a93c65c22a89a05ca54c61/detection 41.251.15.86:3434 ysnirix.ddns.net xware.ddns.net # Reference: https://www.virustotal.com/gui/file/525bcc6df27258134feae6a936e82f9ac91381a0733eab0aa54c8fd2ea166b48/detection # Reference: https://www.virustotal.com/gui/file/2b5cff67f46340e42477b147b2de84771ced5907770d391d20ac8c0c18c264db/detection 216.38.7.241:2033 216.38.8.165:2033 jlf716galpha.ddns.net # Reference: https://www.virustotal.com/gui/file/10a177abdd2c1f92a98017d996610eb5ba1144bde635b1f36a10fd75782be080/detection 194.5.97.98:3615 getmoney3004.duckdns.org # Reference: https://www.virustotal.com/gui/file/687971965232a89322860120a4fdf884b246947e1639c8a9454066598a4c5d28/detection 193.161.193.99:20734 rat2000.duckdns.org # Reference: https://www.virustotal.com/gui/file/30c275d5f4ff57d0069ea318b6704a949ce95c8a3e3687bb03a87a5ff0edac3c/detection # Reference: https://www.virustotal.com/gui/file/47fa323ddd9d4df6736fc15272986bc9699680f79fe7bc2c43301475669633fa/detection # Reference: https://www.virustotal.com/gui/file/3590627c2e44ef094b89d96187a71068391ed31670aecef26846ba663fd0c238/detection 197.210.47.136:7755 79.134.225.76:7755 91.193.75.7:9829 doc-file.ddns.net # Reference: https://www.virustotal.com/gui/file/ad4ad26d707f89d25d4c3a68b3a80216e49703b15f16549026ead5642c163e5b/detection xzit007.ddns.net # Reference: https://www.virustotal.com/gui/file/0ceaca1d7d62a73acfa4d06a7e9aa2df5fe583c7d7cc568d8985880c00bb1e94/detection 192.46.168.101:8443 # Reference: https://www.virustotal.com/gui/file/fad6c79568501dd02f8592b98c46559f293d55574c60abc8205f723c59d36b95/detection # Reference: https://www.virustotal.com/gui/file/08e6b2f75f4c9f9d0850eded556409ff41d8ea510f2a7f5072307130f688fa25/detection 185.140.53.13:7654 185.244.30.7:7654 185.244.30.9:7654 194.5.97.26:7654 order777.ddns.net # Reference: https://www.virustotal.com/gui/file/4d394ed696ee7fb3d53a7b064c53f2157b28d9f192de912fe311dd284845e4c9/detection 198.46.168.101:9090 # Reference: https://app.any.run/tasks/b467375b-ea84-4455-9b40-6f98a854ba94/ 193.161.193.99:42607 spartanrulz-32158.portmap.io # Reference: https://www.virustotal.com/gui/file/40aae024ca198bbac5bd47b1d852cd742287baec8fd674af2607365ad8394e7b/detection 194.5.97.98:3615 crpasky.sytes.net # Reference: https://www.virustotal.com/gui/file/1a25dfe77d53a45af68ca9bb5bfe81e30fe2f9e5e720096f5e2b447d182495a5/detection 185.244.30.3:3606 deaphnote.ddns.net # Reference: https://www.virustotal.com/gui/file/4b44e68bb62bf786ab22a5e62568c682a0b3a58e7b730fa4ef53fddd4f5e4824/detection # Reference: https://www.virustotal.com/gui/file/76cc0138ec3c0b33845e1dceb6cb251f66a714f434048d043399369cdd600449/detection 192.169.69.25:5268 91.193.75.182:5268 204030nano.ddns.net 204080nano.duckdns.org # Reference: https://www.virustotal.com/gui/file/a8c8753cead3906503055af736df20a6f4e5a5a371bebbd04b64434f3e501f2c/detection 1111nanocorerat.ddns.net # Reference: https://www.virustotal.com/gui/file/a835ed00bee1dccde56358f359238f8da78c5233a3c44d78fc2c061ed6764f71/detection 35.193.68.228:4674 affu007.ddns.net # Reference: https://www.virustotal.com/gui/file/d438dd09e9249c6ffc54851f110cf512d226d1d2bd4ad10ace66038494a4f295/detection 79.134.225.74:3421 blackmambah.hopto.org # Reference: https://otx.alienvault.com/pulse/5f8051fc29df6226cc54143f kenkundesu.ddns.net mattrevwizard-43846.portmap.host sapho.ddns.net windowslivesoffice.ddns.net # Reference: https://www.virustotal.com/gui/file/dab93537f58cd24b5d4343ae58fb550195754d6ae1cc2c8739b75cfd3d59e168/detection 82.9.17.105:7080 10299192.kozow.com # Reference: https://www.virustotal.com/gui/file/b713419450af62ccb585f2636216809e83b16b8046159ddc5a86ca080226c67e/detection 79.134.225.82:54251 # Reference: https://www.virustotal.com/gui/file/5cd831c034ea6c14f3b2f0de15a26258d96cd0f423c0e5e61bb0892f925303ec/detection dcosta1.myq-see.com Reference: https://www.virustotal.com/gui/file/a4a7030cafc76c77d0ec6118c3cd4d57b5450ae0b24f177ea048b23889540daf/detection 154.66.22.174:1987 169.159.114.217:1987 # Reference: https://www.virustotal.com/gui/file/113d6741bf6720a3558e132c706b9aec9a42816a83b2b9b0814fa384ad636853/detection 185.165.153.232:1987 akuadi.ddns.net # Reference: https://www.virustotal.com/gui/file/2671c5a85a50aa6370dcc77a9bdf58ca419a41719602848a3ee7cc6a2e10aca7/detection 91.193.75.119:1987 # Reference: https://www.virustotal.com/gui/file/391d005a8875fd671acace6d9393b89bb79dde03651460e67e622604a8b5dc15/detection 91.193.75.80:1987 # Reference: https://www.virustotal.com/gui/file/54deeaeed632cdef34ba67c7b879e8c88ad5d19675cd69e613f663e9bcb3c51f/detection 185.140.53.68:1604 185.231.113.86:1604 mavennezeliora123.ddns.net # Reference: https://twitter.com/Racco42/status/1317104950233673728 # Reference: https://app.any.run/tasks/4c59ed1a-3ec7-48f1-b9e3-8c6d188c3979/ 79.134.225.30:6666 kozatkr.myq-see.com # Reference: https://www.virustotal.com/gui/file/0b026f254ae29721a1bbbce408d49848ecb3295385b1f1512f0b29038c024f0b/detection 185.20.99.191:1194 cribkel.ddns.net # Reference: https://www.virustotal.com/gui/file/a1dd4b5e1e8794eba42514f5ed129d40426d6e7ebdfc2ef41b9a8fffb8ffe9e5/detection ubanano20.ddns.net # Reference: https://www.virustotal.com/gui/file/c0a7dfca7eda9d3f170e318428984c17b9737d4e53c291a227f97863ea30827e/detection 185.217.1.151:9030 dailyupdates.theworkpc.com dailyupdates.warzonedns.com # Reference: https://www.virustotal.com/gui/file/9038b8076c63da42013a7c815029253ea17d544aac3cad7843fbe5410836c25e/detection 141.255.147.127:1177 1ff6889819.ddns.net # Reference: https://www.virustotal.com/gui/file/7b0128a2fb624977656a965420fbb8fa3e1b030318ba962e5c41a06295505e2f/detection 83.228.185.176:54984 fsfprogamer.ddns.net # Reference: https://app.any.run/tasks/2f5c0822-2f69-419d-a9ad-a311f1a08d14/ 2.135.86.178:7777 suka228.ddns.net # Reference: https://otx.alienvault.com/pulse/5f917584d568ac96634d58f9 ratcentho.ddns.net # Reference: https://www.virustotal.com/gui/file/9e42e9cd50555cf36e4958efb9a710f034a914f7f8e282fec5228604369c345b/detection 110.54.225.227:54984 al3nr.ddns.net # Reference: https://app.any.run/tasks/43a2e87a-660d-46b0-9775-19da736131aa/ 87.60.159.43:1747 heuzzbozz.ddns.net # Reference: https://otx.alienvault.com/pulse/5f92c6faf65388e853cde680 msbuild.ddns.net # Reference: https://www.virustotal.com/gui/file/3e86f9a176966b583fd23ca2375927638aded9d36e87d75bb9a56a41b5b83db0/detection 197.210.227.208:49155 # Reference: https://www.virustotal.com/gui/file/9bbceeb0c9f25dd755570e87aa2bfbb7c3e31e4bee00ca1d1570c0ad497a9057/detection 197.210.227.208:53896 # Reference: https://www.virustotal.com/gui/file/41fa2fb70f2da3f3f9d65b8b6b518337e8ae9ac85d1c248556959a34a5db0911/detection 197.210.85.232:53896 # Reference: https://www.virustotal.com/gui/file/8ec0be83cead99cea7344e83cdb7b9a582f3a59082c30fa0cf45a0c220e07459/detection 197.210.84.141:53896 # Reference: https://www.virustotal.com/gui/file/a23ddeed90dbe2bbd46390061d26ff80e195560f1c29aa6b4f73c816374924c4/detection ak47a.kro.kr # Reference: https://app.any.run/tasks/95e766c5-90d6-4444-9db6-ddf5add3ac41/ 185.244.30.14:4250 # Reference: https://twitter.com/smica83/status/1321716870584672261 # Reference: https://app.any.run/tasks/373041aa-59a8-4166-97c5-dc57a1b6c40b/ 84.38.134.114:8000 # Reference: https://www.virustotal.com/gui/file/1ddce9c11a9b35eb6d55006504b47ab27bcef3edc7747c49d4573712a5a3b275/detection 194.5.97.32:1604 # Reference: https://www.virustotal.com/gui/file/e924821860bcee2dd1acc0239f6413cd6a677213b640942d271ea12446fc65aa/detection 23.105.131.134:5353 hotwireboxes4.ddns.net # Reference: https://www.virustotal.com/gui/file/70ea3c2f613a92eb24bc6a40cce601feee36041d96ad7a5724ea104e218aa7ff/detection 23.105.131.134:1604 # Reference: https://www.virustotal.com/gui/ip-address/23.105.131.134/relations 2gmoney-records.no-ip.biz officialtbass.ddns.net rayxyxx.ddns.net rs7flow.duckdns.org # Reference: https://www.virustotal.com/gui/file/b14b33459a39a2a6e58cb8901158e5a0baa1f879cc3a5afc6778315249f544ff/detection # Reference: https://www.virustotal.com/gui/file/3c18438a9fc9aec1ce0e6d2be9f6f676424b4f8ffd844ac2d1a90b32a5bf0098/detection 212.7.218.65:1122 akika321.ddns.net # Reference: https://www.virustotal.com/gui/file/b1d821294065f7fe053eb3fc53e43824de1c13eddf0b6e6bd29ac9bf41843c7d/detection 79.112.244.182:7005 saphi.ddns.net # Reference: https://www.virustotal.com/gui/file/dec8d68ca8abff4d804d8af4aa9357103694f7e9544626dcfca30e434ed83a5d/detection 95.234.164.252:54984 # Reference: https://www.virustotal.com/gui/file/1312ca68e2194990db332849ee49443bd4ff0b1af91b26081319ded864579de1/detection 73.112.163.66:500 easyvirustrojan123.ddns.net # Reference: https://www.virustotal.com/gui/file/b14f8d8881ffbb14201d42215adc34f7903e1f9693b76e49a1f600202de62208/detection 104.221.111.13:777 rez007.ddns.net # Reference: https://app.any.run/tasks/734e8396-929b-4a37-be12-8611a08c18a9/ 103.207.39.131:1942 buffercc.duckdns.org # Reference: https://www.virustotal.com/gui/file/c1dd3e913417e736fe1251f0d1b890756dfbc7ce89efa4f5ceee6e895d2ec79a/detection 185.140.53.29:1369 eldragon.ooguy.com # Reference: https://www.virustotal.com/gui/file/da67c2bce19290c08c0f89b79c5c84fcded816addf5177b530dadc77d254fe21/detection 192.253.246.143:2017 swryijgrvcsgkopnmcdertvgdswbvmophtfdczxs.ydns.eu # Reference: https://www.virustotal.com/gui/file/60170c685f91ad2e2f26844d3a5620f1ca631166b1697cd726efec4a31d610c6/detection leivslacker77.shacknet.us loukousteven.redirectme.net # Reference: https://tria.ge/201101-qbrch43nvj 23.105.131.174:2008 atacoinc8897.hopto.org # Reference: https://www.virustotal.com/gui/file/56876f26eb6da9534205b2b4fbc355bf24735fdb27d049c81f92753633b83586/detection 185.140.53.231:7771 shit888.duckdns.org # Reference: https://www.virustotal.com/gui/file/940d3d31220a420ada65b6653bf1e4586efa8783ab28a267878ea2c1e3a7e3ef/detection 185.140.53.231:7005 wealth4me.ddns.net # Reference: https://www.virustotal.com/gui/file/c13d7d1dca1d22b26403a1a30d2dea359869a60605e1a1f092796fcea77d8069/detection wealths.ddns.net wealthyman.ddns.net # Reference: https://www.virustotal.com/gui/file/5f97853aa6a5a0fb5b7c55f501878ed5c9cb8e14b226954e73b6564790ac61da/detection wealthymachine.ddns.net # Reference: https://www.virustotal.com/gui/file/0a5ca4acd97ba657c0b203a9dc8d69f9e48f121554142ecb86df494a01274d58/detection 185.140.53.231:8888 # Reference: https://www.virustotal.com/gui/file/e7106b8e5cd6ea51ea2f061cd9c4e19bc174076746883f21b00b9ff7743bbf77/detection # Reference: https://www.virustotal.com/gui/file/b4fabb97f197ef4f0990d0e2bfb5ad572c7a6d044d361f2ca997ab0bbe5b36e5/detection # Reference: https://www.virustotal.com/gui/file/aab8ae3987ff1bf84081b5a12f9004eed0091d865bf5bd32428e5ef2c0de694e/detection # Reference: https://www.virustotal.com/gui/file/478b0a90b12b8bd204e4c8a970fccc26498bc85b980d0ade55bc4c8abd9bccbd/detection # Reference: https://www.virustotal.com/gui/file/37831817f23e12a1c66ef2cb4ae8ebb4a74ec6492308f5544f77364fc9898aa5/detection 185.165.153.110:54777 185.165.153.147:4775 185.165.153.147:54777 185.244.30.57:54777 91.193.75.43:54777 dora21.duckdns.org elley.awsmppl.com # Reference: https://www.virustotal.com/gui/file/d50a35f05df59b5b35e07dd204e5312629b3670b09da6801c56f89c5aef8ff6b/detection 79.134.225.77:3606 poseidon99.duckdns.org # Reference: https://www.virustotal.com/gui/file/e34a85f8ebaead2badaf0a11042ac9b4e23cc3f2c615c831291157e5bc27dcbf/detection # Reference: https://www.virustotal.com/gui/file/404ddd5047d4b506f4014f5630ed7678f8f978bbc82a75fa5f5b0bd166dfd959/detection 1.234.37.232:49960 ghgha8191.codns.com # Reference: https://www.virustotal.com/gui/file/5341199abc0af4235f23e194bc4861f61e9d8701e3413bd87bebe17764f3925f/detection 14.48.223.211:1104 hmm9823.codns.com # Reference: https://www.virustotal.com/gui/file/cfd5d9112f89a182a955591cbdba26032fce5bf9f3a516077127dad6c3110270/detection 111.118.117.164:5880 oleeolee200.codns.com # Reference: https://www.virustotal.com/gui/domain/nanocoreratpc.ddns.net/relations nanocoreratpc.ddns.net # Reference: https://www.virustotal.com/gui/file/a567714c0e73009ba7b5994361999a8cee225b0a142c0f81b7f547c09403786f/detection 212.143.127.120:4444 core11111.ddns.net # Reference: https://app.any.run/tasks/a06c0853-795b-4425-b9ba-84e68f9bdcde/ 185.140.53.175:1169 myseason.myq-see.com # Reference: https://app.any.run/tasks/9ad69023-d3ee-4550-8cb5-21e64bed36d7/ 88.113.185.17:30120 apexi.ddns.net # Reference: https://twitter.com/James_inthe_box/status/1334505689671225346 # Reference: https://app.any.run/tasks/d791c332-ccf7-4f3a-8741-a1a94c9fe40a/ 129.205.113.249:5550 centurygift.myq-see.com # Reference: https://www.virustotal.com/gui/file/5704d95e4e320e6cba7e88ad763d37f1d80c4507497edf346f269efadf15223a/detection 81.49.3.81:7005 nanocore2815.ddns.net # Reference: https://www.virustotal.com/gui/file/4985f8d5f70c84b22bf220a00d4790248b498a7aeb7cea2012064095bbb0aba0/detection 148.59.94.121:1604 glox.ddns.net # Reference: https://www.virustotal.com/gui/file/6696b561c346c756e1c5b98be267d71c3a8a23b2d9e77ce23c641c6f5188fae1/detection # Reference: https://www.virustotal.com/gui/file/992cf8ed168eed107c9cc982aa393c9505f0ff09f47020aa10491953fcfc10a8/detection # Reference: https://www.virustotal.com/gui/file/787f1f7a4d97ff46925b817174c6e487bd2da2745bb13fd4e3e7b9dd4996aa6a/detection 188.213.143.47:49300 93.118.32.11:2600 elcartel.ddns.net lapatate.ddns.net # Reference: https://www.virustotal.com/gui/file/b026faff787c88313278af87cbf64a7ccbd8c920e5f6f274f1656934f092e29f/detection diaboliko.ddns.net # Reference: https://www.virustotal.com/gui/file/6443477cf39069cffb98144387e2427435934afa46c4f83d90aa1375b10ab113/detection 178.149.189.107:1604 krembananice.ddns.net # Reference: https://app.any.run/tasks/8627d0f9-a68e-4580-a02c-fb8dfd06ff69/ 185.140.53.211:4488 # Reference: https://app.any.run/tasks/b88e47d1-1969-4709-906c-a9a0e3873b87/ 103.125.190.88:2020 # Reference: https://twitter.com/wwp96/status/1339309952083644416 # Reference: https://app.any.run/tasks/2288848c-2cd1-4246-809f-fa6ecd86fee5/ 154.66.36.101:32126 corsi111.myq-see.com # Reference: https://app.any.run/tasks/12ecc6f3-9597-4845-afb5-88f144f5b62b/ 46.217.133.68:500 windowssystem32.ddns.net # Reference: https://www.virustotal.com/gui/file/0b10d7ceed1e27d31637301cc373eaf6ef62bba9cc578dffac4bf01fde2f5468/detection 85.86.181.192:5555 # Reference: https://malwareconfig.com/config/f9b6410f7acdead8b82c03663a89bf03 # Reference: https://www.virustotal.com/gui/file/10c010d565deabffed3f424c0211305578bf72488197f502dcd9cd4ae2e016b0/detection 90.187.111.149:15099 # Reference: https://www.virustotal.com/gui/file/5dc579325eeff2dcceae533504f7ac89845cab1d80ebaf2a16b134e49daa9f24/detection 79.201.182.217:1337 # Reference: https://app.any.run/tasks/fdc42ec6-4eb7-4322-bebd-4b26176c4a37/ 193.109.78.38:6653 ammagedom.ddns.net # Reference: https://www.virustotal.com/gui/file/3529e8c9cfbed0901b0339802943464fd2c1e3d40570d225a9a5e56bda2c23c0/detection 51.11.240.55:10000 51.11.247.87:9033 pcinf.myddns.rocks salksio.mywire.org # Reference: https://otx.alienvault.com/pulse/5fe483f15a3dd00f3a7a5e3d amechi.duckdns.org billionaire.ddns.net gsyagvxnzmkoplbhduisbagtevcnxmzlopljdgye.ydns.eu hacker1233441.ddns.net ongod2020.ddns.net sonspices.ddns.net tornosubito.ddns.net windo.hopto.org # Reference: https://www.virustotal.com/gui/file/8fc5df65c492d89e2fb95d91f87bb0625bf85160e19e41820cbdc46277bde5d6/detection donrajah.hopto.org # Reference: https://www.virustotal.com/gui/file/d0f919903633feac9f4cc52fe54a6c8306fd8544d0d11a5bdf042cda0b4cbc3f/detection kingbadoo1.ddns.net # Reference: https://www.virustotal.com/gui/file/bb47641db3fc4ddaa959198ea26f40845c3da087fc7b1600c2e36cc82fabecdf/detection 79.19.165.252:54984 # Reference: https://www.virustotal.com/gui/file/bb9a1578f59d63b185023ada6c485e8b5cf9336e4b6bd3cad139d234b4f03c6d/detection 79.134.225.28:4449 # Reference: https://app.any.run/tasks/efa5419f-0e92-44b1-8a32-f33437a2aada/ valorantstuffspoof.ddns.net # Reference: https://app.any.run/tasks/d19d25d7-6426-4b7a-9b98-2fdf610c3e06/ 185.157.160.233:54984 # Reference: https://app.any.run/tasks/a7b6c05d-94e3-4c5c-863c-49601c20c6e3/ 95.251.22.73:54984 # Reference: https://app.any.run/tasks/bdd93ea2-9526-4075-a6c6-9a9a4abc2e05/ 79.134.225.72:1880 deedee111.ddns.net # Reference: https://app.any.run/tasks/41773a3c-70ac-48d5-8fc4-fc58ccdfbba1/ 82.235.86.215:1604 alakaba.ddns.net # Reference: https://app.any.run/tasks/79677331-eeec-4269-a975-83ce782b5058/ 194.33.45.107:5050 ms47.mywire.org # Reference: https://app.any.run/tasks/eb490a90-e72c-4fae-8aea-ccebf0662dfc/ 193.26.21.227:3306 # Reference: https://app.any.run/tasks/6991e1f0-f5bd-44a6-955c-2fcbce4fd33c/ 67.234.188.106:18651 sdfcse.ddns.net # Reference: https://app.any.run/tasks/3104f1e3-c382-4fca-87a7-3ed9a92edd00/ 46.128.94.36:1604 hacking1634.ddns.net # Reference: https://www.virustotal.com/gui/file/1969dc5c7798cb2b198e6821ab08a9a6ddd063fbd7badad8515f88d31a9f656e/detection 80.199.147.150:1604 cocksucker.ddns.net # Reference: https://www.virustotal.com/gui/file/074381d905e3aaec0e4c4bb9c2e7bd23da6986d1cbbe895c91857a6d35c4a3c8/detection 105.112.113.90:54984 annapro.linkpc.net # Reference: https://www.virustotal.com/gui/file/8a1531470b71afbae59477a8ba23f4f0c72895700676fd3b5371a2e7f9637b86/detection 105.112.100.246:9034 105.112.109.37:9034 79.134.225.22:9034 e12345.ddns.net # Reference: https://www.virustotal.com/gui/file/9bc650ba9819e8eb7ad716636f7d104883e1c69259cbe4bfb625fe2d8032d479/detection 79.134.225.76:9922 new8855.duckdns.org # Reference: https://www.virustotal.com/gui/file/632e01fe815ff58fdb252bcbb0f21645918e535390c2e7d053c4970c34066acf/detection 103.99.2.232:1010 # Reference: https://www.virustotal.com/gui/file/62b3f46f9c43d5d5cb7c9a7007a43cd17d6f6cccead58eaed7cb75427cd9faa9/detection ptricesoft.dyndns-work.com # Reference: https://app.any.run/tasks/5143eaab-90bd-460e-8910-00e1a7cdbd7b/ 79.134.225.38:8787 msteel.ddns.net # Reference: https://app.any.run/tasks/bacabb31-8a56-430c-beaa-4ae1857fcd48/ 151.31.54.96:54984 # Reference: https://www.virustotal.com/gui/file/17a8de8399e7ba96a151dbc72edb30ebe631106578cfe53cecd0f87758321b1d/detection asril4646.hopto.org # Reference: https://www.virustotal.com/gui/file/d2b9bc14a54b9495b36fca159fb34aab8369b70c2cb0bf48dcf9838db20ddabc/detection abelslayer.hopto.org # Reference: https://www.virustotal.com/gui/domain/hdgbcnuy73wjnho9jusrnhfhejfuy78wyi7jfknv.ydns.eu/relations # Reference: https://urlhaus.abuse.ch/host/hdgbcnuy73wjnho9jusrnhfhejfuy78wyi7jfknv.ydns.eu/ # Reference: https://precisionsec.com/threat-intelligence-feeds/nanocore/ hdgbcnuy73wjnho9jusrnhfhejfuy78wyi7jfknv.ydns.eu # Reference: https://app.any.run/tasks/75ed73c2-c4e9-4bd2-9765-3e773250b6bd/ 45.138.49.96:9999 # Reference: https://app.any.run/tasks/e0e61c63-b5bd-4221-9065-a0c22d3aa7a8/ 199.66.93.2:42000 winkeysysmon.sytes.net # Reference: https://otx.alienvault.com/pulse/5ffc3ef510d5457cf6973d12 chromie1.ddns.net sysdefender.servehalflife.com theravada.ddns.net # Reference: https://www.virustotal.com/gui/file/28f9157194103062e12869aa1b8c868d4799ba3ec3e5062d30f6eb8f425a2aae/detection CrzyRutter21.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/9ebc20c25224860dd069b5ea7e21b9d66f47b12b46cb206606dd9e95a15c7cf7/detection riskjo.ddns.net # Reference: https://app.any.run/tasks/72732fdb-0c42-473f-bc01-efa9bf2cf095/ 185.140.53.138:2021 new2021.myq-see.com # Reference: https://www.virustotal.com/gui/file/687bbaf89208397c476e41ca35b5e174cb8ebcd833f067a4b756c2426ed9da75/detection 62.76.105.46:1515 gordon6.hopto.org # Reference: https://app.any.run/tasks/248c377e-7d29-4035-96ad-7a024b9623b3/ 62.205.251.241:1604 # Reference: https://www.virustotal.com/gui/file/6f212246be3ab7db2cede2e87d8d465261ca8f44a86c7ca90cb8238bafed887f/detection 103.89.89.210:24007 ms60tzel1.ddns.net ms60tzel1.hopto.org # Reference: https://www.virustotal.com/gui/file/5d4f6ca9fc352752bbcba922bf9cebcf48689d16920eeb91ba95311b5d8c8d44/detection 91.193.75.251:1985 # Reference: https://www.virustotal.com/gui/file/fa4e412d4f56852bfe79235eaab315c64aa4c1aa9dd0898d133ccab7a6c86ee5/detection 91.193.75.251:4378 jesus.myddns.me # Reference: https://app.any.run/tasks/308bff87-92b6-4a3f-8567-029a71e37871/ 95.136.36.121:8869 fivemhostconnect.ddns.net # Reference: https://app.any.run/tasks/9a1c9077-66b5-4723-8edf-bc3853c8cf08/ 78.58.104.12:53896 cfxre.ddns.net # Reference: https://app.any.run/tasks/51d0e05a-53a1-4866-938a-edc9d737531e/ 94.131.200.162:7777 nekoanime.ddns.net # Reference: https://app.any.run/tasks/f7f5238a-de19-4040-83b5-77db5faa045f/ 193.161.193.99:62629 APEXI-62629.portmap.host # Reference: https://app.any.run/tasks/9fb4cc87-323e-42d3-82c9-230574fe3e4f/ 79.134.225.52:5090 mimi1234.duckdns.org # Reference: https://app.any.run/tasks/9c70a70b-3ccb-49ad-8348-fafa3493f0fb/ # Reference: https://app.any.run/tasks/6bd60f11-5404-4b8d-ac4f-2635da3bbda7/ 37.46.150.65:4948 fgtrert.duckdns.org # Reference: https://www.virustotal.com/gui/file/155f07fcbb697eff2449437b3b0238bdc7362395b1f86a37c4dc3a4c11fe06c6/detection bob.0pe.kr # Reference: https://www.virustotal.com/gui/file/724b6b9f50c7390a70d9b592885aeeddd073643215fbed633b98063e9fb0f9e9/detection 46.98.39.89:2891 alekseynj.ddns.net # Reference: https://www.virustotal.com/gui/file/914b288f13d450de38f775341d01ed13394773c8679cefd0124c32f89476d99c/detection # Reference: https://www.virustotal.com/gui/file/c87726a3821a33019e9ceb54f3e5b87f6bca8d245577c7edfcc97551c3029c51/detection # Reference: https://www.virustotal.com/gui/file/1c11ae71070f0d464e20f92b83a0e029dde16271703c329314c78423bcbe8b70/detection # Reference: https://www.virustotal.com/gui/file/2f9a41b230e25e27518dfbc53c9ca85320c179e1e6ea2911d3885e143e7e0db8/detection 104.243.245.151:6932 104.243.245.168:6932 104.243.245.173:6932 172.111.169.63:6932 klakjadkkjbjkjhiji.gotdns.ch # Reference: https://app.any.run/tasks/ffdbe300-ab41-4b58-b0e9-eee85514ef95/ 193.161.193.99:55948 ScammerBlaster124-55948.portmap.host # Reference: https://app.any.run/tasks/04d467c6-4e3a-47c8-9927-87b48fecbc3a/ swiszo360.ddns.net # Reference: https://www.virustotal.com/gui/file/54358d9008d5b3cb0bf3748a17084c7b15ea4a6289b8cf3693936ef5eaf4d5c9/detection 103.213.248.32:55976 zer0-day.system-ns.net # Reference: https://www.virustotal.com/gui/file/3639bafffda8e9e3103160f63a01e58d8bddea0140a74c644bdaed8aa79440e4/detection macval.duckdns.org macval19.system-ns.net # Reference: https://www.virustotal.com/gui/file/ea33505f0c925d33f863da0eac0a9c9c9d9395087b9834b09749cb366a4ce8c3/detection aminxd.system-ns.net # Reference: https://www.virustotal.com/gui/file/986cf3dc3e3a126806c040d55ed3e64be2a227a06f72ea72b6a33248346b847f/detection 188.51.180.222:444 microsoft-update.system-ns.pro windows.system-ns.org # Reference: https://www.virustotal.com/gui/file/c99c086f59774f396ee8d6a86f96b0a518e1748815db2ab40cbd80b765558c11/detection affihf0e93.manfromnantucket.xyz affihf0e93.thatmoney.xyz # Reference: https://www.virustotal.com/gui/file/9a3267c627a7e1585aae85fa0ed9857c667046399425eae14233e26ccd157aea/detection 104.129.18.213:7070 199.59.148.209:7070 c9p5gsnnvgewubz9rbsg.loseyourip.com c9p5gsnnvgewubz9rbsg.strangled.net # Reference: https://www.virustotal.com/gui/file/c05c70203cac9c52f9c1f2b0a87c68f80cc562781f63d1c3a5d5263a867e9246/detection 209.99.40.220:1337 88.95.90.9:1337 ryuu.system-ns.org # Reference: https://www.virustotal.com/gui/file/79f039b77ccbe1e9c3534facaa281d6e19f1f6fce2bc5acf5486b538c322a795/detection 191.101.158.161:6666 legitdns.freeddns.org # Reference: https://www.virustotal.com/gui/file/b3ea6e9a460cc853fb54dd6b66bd049b5a5ceb0fd6baa13a913ee0bc48cfdfd7/detection 191.101.158.161:26985 # Reference: https://app.any.run/tasks/79f281be-18b7-477a-b0dc-114518051ffe/ 193.161.193.99:38071 Reverse32-38071.portmap.io # Reference: https://app.any.run/tasks/a337a7ca-79a5-4794-968a-dad4bf56927c/ 216.238.4.151:3306 nano91.ddns.net # Reference: https://twitter.com/peterkruse/status/1362313410868822016 cloudhost.myfirewall.org cool.gotdns.ch harold.2waky.com shahzad73.ddns.net sixteen.ddns.net sylviaoslh01.ddns.net # Reference: https://malwareconfig.com/config/55eff2deb19e554c3b9f8bae159df33f poseidon99.ddns.net # Reference: https://app.any.run/tasks/650b427d-763c-4991-a366-a189573d0099/ 193.161.193.99:50463 CuzImGleb-50463.portmap.io # Reference: https://app.any.run/tasks/36d10bcd-b40e-4b11-808b-ba1cdf0e60f2/ 51.77.244.242:123 sndz2020.hopto.org # Reference: https://www.virustotal.com/gui/file/2a605f7a63a9154b135fe649eab18771f7e228368a8a3f7ab92916f5c1f2a676/detection 103.114.106.35:20987 # Reference: https://twitter.com/maldatabase/status/1363822138101288960 ilarioza.ddns.net niggaware.ddns.net # Reference: https://app.any.run/tasks/ac3c062f-ac12-4abc-9346-42957dcc14f9/ 3.22.53.161:12325 # Reference: https://www.virustotal.com/gui/file/76c3e08728b443a483df3cdf1afa547cc83469e6f4a751fc6ced8d8bf400ffbe/detection 89.35.228.199:3365 # Reference: https://www.virustotal.com/gui/file/aa07f9532100dda5a7a9940d62d132131760735799b5ae4193ddb8babee6345d/detection 192.121.82.142:4229 192.71.172.18:4229 192.71.172.83:4229 ddns.whsthings.xyz okaka.duckdns.org reserverem.duckdns.org # Reference: https://www.virustotal.com/gui/file/0034de75a2710d38310cdbffd65e7c328e3c78f755182e5c88d7bc600ee50939/detection 146.200.116.227:12311 31.220.4.216:12311 poggerslol.ddns.net # Reference: https://www.virustotal.com/gui/file/2ba5e13cb13a927fb8875743750d5a3e229021b83e78c76d075943f635e365fd/detection 31.220.4.216:1188 8cf4d54da9.ddns.net # Reference: https://www.virustotal.com/gui/file/2378f23db3a8449722eb7d83a747228e3f57aad14e8dca61b6861a05835149ff/detection 31.220.4.216:6815 # Reference: https://www.virustotal.com/gui/file/206ee51323cc5227162eecb50fa2913ab6df884ed31d644eb3c7f00afe2b778c/detection 193.183.217.159:4782 88.233.41.154:4782 kraldeli.dynu.net # Reference: https://otx.alienvault.com/pulse/604a077bbfe7ceeb90e0efec coolkid865.ddns.net francja.ddns.net janomo.duckdns.org shahzad73.casacam.net # Reference: https://www.virustotal.com/gui/file/9653d7bbee740884067ab7deb5a6bfa87a39efd126a1e906d88c06569afa9d69/detection 194.37.96.45:59044 uyeco.pw # Reference: https://www.virustotal.com/gui/file/86be0d8f4133909e34b32917107c3659ffb84e41e85ccc894d5b7bfbdad550bd/detection 104.243.245.150:6932 # Reference: https://www.virustotal.com/gui/file/fd09b41c4482260e6153d52f504e43647eb8b23dcd4f9ab2dadd2c9e0917a6f9/detection 104.250.185.70:6932 # Reference: https://www.virustotal.com/gui/file/9f1e955ea1b79a432ef743eb2298a9a09d862cc61b861ea93cf9980071814687/detection 171.111.169.32:6932 # Reference: https://www.virustotal.com/gui/file/175a445972c86cda4f1b391bce0c9a5f6c6ece3464bd078efa031f6d92ddb1fa/detection 46.243.223.71:6932 # Reference: https://www.virustotal.com/gui/file/29127712372662e18978bd0d3ae5f85e63b286afcda397f6756f173e5ae7d707/detection 164.68.122.235:2003 # Reference: https://www.virustotal.com/gui/file/2aadab87a1b29125f1b9f4ec560d448c892c6dca409961a0c7aecaa56cfb175c/detection 91.167.240.240:36434 inso6666.ddns.net # Reference: https://www.virustotal.com/gui/file/5b8d26e103e38cf590ca69fef9c92457658cc4105d9f24d42d7ccb37a9520bfa/detection 67.253.188.195:30814 forhacking.ddns.net # Reference: https://www.virustotal.com/gui/file/990df8e02a4bb9340ab3303a87f2939847653652d9b78819a253c8dde0ed056c/detection 104.250.163.196:5906 uiwsxnumhterwxcbnmowqacvyjngteaxctyhnbtyb.ydns.eu # Reference: https://www.virustotal.com/gui/file/7ee5880aa0541cc277eb7e5dce2346bac4b5a8e2f0093ce563fc65f7506b60d5/detection kalutex45.warzonedns.com # Reference: https://www.virustotal.com/gui/file/521458b18eaa79a4fbeae6b419adfdbbb385b1dcfce6044e51ddce2de578fa2d/detection frendyenemies.warzonedns.com # Reference: https://www.virustotal.com/gui/file/546e62ed1e337f0bbfa97a637fc74e51242772e19785899d07728ec848523daf/detection frontline.warzonedns.com /floranzino/fre2 # Reference: https://www.virustotal.com/gui/file/98ff46d3e4e597b5e13ad608b3d375688e3c2be42b5c69337023726701c964a3/detection # Reference: https://www.virustotal.com/gui/file/f5a940d7887d1001fedfd4358bf4f5708a07b6fc4d9017a1d377033f43684f4d/detection 24.225.113.157:7535 kaswa.ddns.net kaswa2.ddns.net # Reference: https://www.virustotal.com/gui/file/42c93f1c3a0862225942b239a45ef3786a47ccfd65cac1d10dfc409d303bf3fb/detection 77.183.225.233:5000 admin221.ddns.net # Reference: https://www.virustotal.com/gui/file/30e9bbaf7e31d3aae9d1d3ce1cecf1337cd45cb9ee783b7123ce7af93d7bd185/detection 185.220.101.49:20049 # Reference: https://app.any.run/tasks/0b8c63b1-6779-4a26-917e-9f6b72ca492d/ 185.19.85.139:1483 odogwo.ddns.net # Reference: https://app.any.run/tasks/a93e2011-e1e7-4ae4-92fb-848fbde17216/ 185.140.53.9:1116 79.134.225.74:1116 coded1116.myq-see.com # Reference: https://app.any.run/tasks/5e64db61-87fe-4d9d-b61c-d41fd7028dbe/ 144.91.105.51:54984 # Reference: https://app.any.run/tasks/e45ebc36-6056-4f75-8339-0616ea96f624/ 87.252.182.132:1604 zcxaz.ddns.net # Reference: https://app.any.run/tasks/1ea89212-41ed-4374-a0c4-2e792b7d0710/ 185.140.53.137:8152 # Reference: https://app.any.run/tasks/a35df30b-e0f0-4e1c-84ff-a8897a617425/ 73.36.140.197:54984 wavezz.ddns.net # Reference: https://app.any.run/tasks/a6179ef8-4057-4b4e-a90d-8d65ac07eb35/ 193.70.77.93:54984 # Reference: https://app.any.run/tasks/494494cb-e56f-413e-a531-d2dab1f4022d/ 192.169.69.25:8192 79.134.225.112:8192 # Reference: https://app.any.run/tasks/4f998bd4-529f-4a08-9d08-601e0ef84a0e/ 18.192.31.165:25565 3.125.102.39:25565 # Reference: https://app.any.run/tasks/98a12e28-41d7-4207-9f48-aa5faa02d805/ 216.180.137.197:54984 name223.ddns.net # Reference: https://www.virustotal.com/gui/file/0e566993f0a7c24582ac0cd61f488f51782ee5ff52a4d65cc41561717681c1d6/detection 185.140.53.7:1818 donko.publicvm.com # Reference: https://www.virustotal.com/gui/file/db3c663f17f8616e4780861cd51636010e5531c4b97135c8adb01e5efd2f99bc/detection rxen-56181.portmap.host rexten-23467.portmap.host # Reference: https://www.virustotal.com/gui/file/8d8c6bce0171d049ae28f3804a29402f2283e0a26818e68eb396efbcd04a4712/detection 193.161.193.99:7119 matrix89145-43067.portmap.host matrix89145-46670.portmap.host # Reference: https://tria.ge/210330-rw3gyjnbxs # Reference: https://www.virustotal.com/gui/file/f66215f8969f39a42b3227f185e601ab5a866cd23481012353c50693f1ef0b00/detection 185.191.231.252:38884 holyboys.ddns.net # Reference: https://www.virustotal.com/gui/file/baf5098a21b4d571d2c23727229db27ee1c81216aeddbe59ee391f94154ca33d/detection 192.169.69.25:5600 meeti12.hopto.org # Reference: https://www.virustotal.com/gui/file/311f2c8194cb056d4a4a739d6b9295cab2f34550a8d49795f32f5d3b224af8a9/detection # Reference: https://www.virustotal.com/gui/file/311f2c8194cb056d4a4a739d6b9295cab2f34550a8d49795f32f5d3b224af8a9/detection 129.205.124.119:55533 197.211.58.11:55533 ijebu.hopto.org # Reference: https://www.virustotal.com/gui/file/be43020993caf8c3375688abb6d2f8632cda093a454486b0bbf4c8706030beaa/detection liptoh.hopto.org # Reference: https://www.virustotal.com/gui/file/9781fcecf1e263ebb7f8f5df5fe43462f8e8bb5ee19248c7d3aa24c751e21510/detection # Reference: https://www.virustotal.com/gui/file/617ada66285df5e56729f0fff7261ad6c92402788edf24eddea590abf49b76ba/detection 23.105.131.137:6512 88.241.166.6:6512 positivemikey1000.hopto.org # Reference: https://www.group-ib.com/blog/rats_nigeria # Reference: https://www.virustotal.com/gui/file/70fcd3a08e569a97ba7a421985ea0ba96840f9c7cc864bdc54790e1b0e24f322/detection screw-malwrhunterteams.com # Reference: https://twitter.com/pmmkowalczyk/status/1379753326305292289 178.245.41.254:6060 185.19.85.138:6060 79.134.225.7:6060 james12.ddns.net # Reference: https://twitter.com/maldatabase/status/1380491983437844480 # Reference: https://otx.alienvault.com/pulse/607042f768554ce0c38a23e6 alphanoip2.hopto.org backu4734.duckdns.org chaya.ddns.net kalipsoahow.ddns.net manateerat.ddns.net # Reference: https://www.virustotal.com/gui/file/f542bc0175168daa808ce1448a019f88b058df6d0702c6daa4a0f83a481f2a5e/detection 79.134.225.30:1144 nassiru1155.ddns.net # Reference: https://www.virustotal.com/gui/file/d76290ab24f346401672de34139b32d4f880b7d840ba7734204fefef2d6f1ef8/detection kaktus087.hopto.org # Reference: https://www.virustotal.com/gui/file/6b97140e12e6a6a524e089033e37ebee320f324032dd0d43e5b6cbaa71906c27/detection esetceotest.publicvm.com # Reference: https://www.virustotal.com/gui/file/7ff8b71234cf614f5db606aad945a01e492c719e8f8531471eb66e22e03941e3/detection femi234.publicvm.com # Reference: https://www.virustotal.com/gui/file/d36fd8c47b86a34310fd320d5ebdb336d8bb7482ce756e6202bdd756c5d7a8e7/detection 85.86.181.192:5555 # Reference: https://blog.talosintelligence.com/2021/04/a-year-of-fajan-evolution-and-bloomberg.html (# Nanocore) 79.134.225.33:83 # Reference: https://otx.alienvault.com/pulse/6082b7f03b1fe3e6006f034a mmwrlridbhmibnr.ml edouard.ddns.net innocentbooii.hopto.org newjan.duckdns.org randompersonal.ddns.net # Reference: https://twitter.com/anyrun_app/status/1385554241322995712 # Reference: https://app.any.run/tasks/3c50a835-6ecb-463e-9ff0-30944ae2abfa/ 105.112.36.184:58931 hansonindustrycoltd.hopto.org # Reference: https://www.virustotal.com/gui/file/0ec6bb11d6954747645ec272ae7ce2c95e0c44b886836826a613ee8c7fe19eef/detection 67.215.4.123:1190 manku.no-ip.org # Reference: https://www.virustotal.com/gui/domain/ped.nan1.tecktalk.org/detection ped.nan1.tecktalk.org # Reference: https://www.virustotal.com/gui/file/0e25a468f5856605c937edeb122d5bef98492a2e0aa1d5146d6ab67572956d62/detection ewnano.tecktalk.org # Reference: https://www.virustotal.com/gui/file/13c16e80c9db66f6a123f4d81b8032aede73b568af1c18ca3e070eb57751fdf8/detection nanotech.tecktalk.org # Reference: https://twitter.com/reecdeep/status/1386630028604084225 # Reference: https://app.any.run/tasks/afeee8de-2913-43d1-889f-df26b01181c5/ 185.244.30.24:9560 rickkkkygirl.ddns.net # Reference: https://www.virustotal.com/gui/file/5827cd94556342737cc0564dfae45efa0d1d05368e4f9d8fb35c6c8ebdfd8b88/detection 46.166.182.67:54984 n0one.ddns.net # Reference: https://www.virustotal.com/gui/file/dfd9a3aaedc52a3ed464c5e7b79eba9d11d2caa21a88d1600e094bb16ad6ddfb/detection 91.109.178.5:54984 natasha1996.ddns.net # Reference: https://www.virustotal.com/gui/file/09efb455bb0ce60c3e25c3d2179b7494a69efdee0507cc96a46e1bc838d60041/detection 18.234.205.251:9911 newhost1.publicvm.com # Reference: https://www.virustotal.com/gui/file/9359e82c758da5f2bee17b926c9e999f6649e084f9e91d2840945179f63a60fb/detection 45.126.211.217:2017 floyd124.publicvm.com # Reference: https://www.virustotal.com/gui/file/931ff1be1ec60def17154c1315d4b28042359256af8b01fead9f2468437bd2a8/detection 103.158.223.228:2033 indigobaba.publicvm.com # Reference: https://www.virustotal.com/gui/file/e48629bdaa203994ac62bb4e4eec52e7b83afb30be4e512575a53994f169d627/detection 194.5.98.122:1144 # Reference: https://www.virustotal.com/gui/file/9359e82c758da5f2bee17b926c9e999f6649e084f9e91d2840945179f63a60fb/detection 45.126.211.217:2017 floyd124.publicvm.com # Reference: https://www.virustotal.com/gui/file/d48045ef0fbd1eb80b6bd1b7bb6aa02b3fde5a0ec4e8d1b6f1230379c780b89c/detection 188.119.112.240:1339 premiumtest.hopto.org # Reference: https://www.virustotal.com/gui/file/5f65d13a9d7e12d03265c24770dc70ca0389952537485f7d659b1d87ba32d6b8/detection mail-account-update.publicvm.com # Reference: https://www.virustotal.com/gui/file/d241c9a0ef5885c3f6c96c43435acd850d5caec10f4dbefe76739089dc5e2acd/detection irokko.ddns.net # Reference: https://www.virustotal.com/gui/file/d19ec41523494ad5ef0a5a49fcd0734849440c9dd7cb5d5fb0f1362ee642df67/detection sroomf.ddns.net sroom0.ddns.net sroom1.ddns.net # Reference: https://www.virustotal.com/gui/file/141d493f8a41c2a23017df33e219ee6926f3cac924697aa121823a7f76f0f132/detection 18.192.31.165:16836 3.124.142.205:16836 3.125.102.39:16836 62.24.151.225:16836 sarahrat.ddns.net # Reference: https://www.virustotal.com/gui/file/51172a67414c93fe9c80a8531714b69db2db6eef16de723a15da3bc335a4ee46/detection 197.210.70.75:4242 jamesgrego115.ddns.net # Reference: https://www.virustotal.com/gui/file/f0014bb03e44ccb27732506bcac04dbeefd8f8b6aab98276cb444fb25bc6d11e/detection 78.59.207.109:5556 # Reference: https://www.virustotal.com/gui/file/b91a6f8a42ea201c5e81ce6e35f303350de76310f988c54c989cb87b7c52445c/detection 197.210.84.69:6565 newgrace11.ddns.net # Reference: https://www.virustotal.com/gui/file/e984b71b0a0e59c5bd1e9d0434e23e4c60d8b10c505f280a68b2292d9af0cc6f/detection 82.65.40.112:5552 lemien.hopto.org # Reference: https://www.virustotal.com/gui/file/2ec21b4548b88633396a3bc85eed7f1ae41014707d909d33f13f9cbc126fe9bb/detection 100.15.49.234:5555 microsoftsupport10.ddns.net # Reference: https://www.virustotal.com/gui/file/53a6bbad8efe25cf7e970cec35b9a45a2256464c7886877dd697b08755d09e2d/detection 45.15.143.178:60159 sweaux090.duckdns.org # Reference: https://www.virustotal.com/gui/file/5e802786eaaf082dfe8037e72fa914a00c6bae012166d7d20633595e8bb391bd/detection 45.137.22.50:4801 # Reference: https://www.virustotal.com/gui/file/91f6fc2ae99e090dad56e53c7bf258dd4f43df79ac02a11f2620c31f045fc87f/detection 45.137.22.50:4557 # Reference: https://www.virustotal.com/gui/file/08ecce1fb89755fa576a2c1c855bbb0f701ef20c791f56dc0c675fb2a8163691/detection 185.140.53.138:20221 wealth2021.ddns.net # Reference: https://www.virustotal.com/gui/file/0559b801a2f46ef7c8566900b2b8c3e1b01a162069e543aff364f4904db8926b/detection 129.205.124.120:7899 haash.duckdns.org # Reference: https://www.virustotal.com/gui/file/28e575260cc878a8215800ebdaa02684d6997954a381c748e1e0fde409fadbd9/detection 45.154.4.187:8080 alexwill.ddns.net # Reference: https://www.virustotal.com/gui/file/4f68908e0d99a2a4ff8d27b66baa038d24749b632df22b2a088a147f56824e01/detection 185.140.53.250:1604 # Reference: https://www.virustotal.com/gui/file/5d8da4f6c6c82b30357e74ffca2c3ca8b52832dea9f1ccf7c99df73eb2812c14/detection 147.124.218.73:8080 # Reference: https://www.virustotal.com/gui/file/a4bc47e9fe2cec44dda13a192a574c7389611e39667c49269c23f51d3fbb1c9c/detection 23.105.131.161:4040 # Reference: https://www.virustotal.com/gui/file/d09c4c2e8827461c13cdfcec9c8d4f335953b0b2db14274b372ff677721e7469/detection 79.134.225.26:1133 nassiru1166main.ddns.net # Reference: https://www.virustotal.com/gui/file/52471b8f2614c966827dec1410a056365c1db0306c660269872e8953fc9b777f/detection 196.75.65.216:54984 yup432.ddns.net # Reference: https://www.virustotal.com/gui/file/9e1a2c9d96432c50595155d6b3f4f505be90d4fc957a647e31a804c534fa2e3e/detection 185.202.172.211:2889 185.244.30.118:2889 # Reference: https://www.virustotal.com/gui/file/fdfbd5c73747a0cb6a8a7c92066a4f6a0a921673e7fc32225ed62d62d4a65146/detection # Reference: https://www.virustotal.com/gui/file/0c648ca6454846293087345e4b9d5eb0524e906c6d45d01aae256719d628e3d2/detection newdays101.ddns.net # Reference: https://www.virustotal.com/gui/file/6c665a57019eae3314f1b7f32d69b1f49b34c78826b639cc33ea461e4ed65296/detection caplockhost.ddns.net jhostspy.hopto.org # Reference: https://www.virustotal.com/gui/file/3242d931b1c8d3bbceb329e2f00a912c36a2bb6e37da8e883d845612ae13700d/detection # Reference: https://www.virustotal.com/gui/file/480ac0561951704d75a37f55375b83c6060844e0a23ef4d60ced6278250e5ecc/detection 109.69.0.217:38969 213.152.161.149:38969 server20212021.ddns.net # Reference: https://www.virustotal.com/gui/file/ad439797439e09b5ea5987dd0120cf107947224b479a9e9a31c835afb18c1dd5/detection # Reference: https://www.virustotal.com/gui/file/381787483dbc0b248fa7b6e44cba83e6ad136a1ce5b241170ff0d13c1e24b96e/detection 98.3.16.121:3612 98.3.16.121:49287 manateerat.ddns.net # Reference: https://www.virustotal.com/gui/file/31b8170d18fc28a400ad5a2a40ab331bf9558daa538167648f20537ce0783bfa/detection 185.140.53.130:1604 185.140.53.138:1604 timmy04.ddns.net timmy66.ddns.net # Reference: https://www.virustotal.com/gui/file/a039ef0d2500b92c1c87d5394d9dc4398f639cf9772c0c70f7812fc17e2c2506/detection 197.210.76.128:6565 # Reference: https://www.virustotal.com/gui/file/aa7a1daaf13cd6273836d5ceb8ad8d8c881e82a78026c67dc7c63575d36b3131/detection 79.134.225.71:8787 nanobela.myq-see.com # Reference: https://www.virustotal.com/gui/file/6dbe7c1ad6aa3de3c750f31f4a51b024ff833a45438557681df67c12385df062/detection 197.210.28.16:1119 light1119.myq-see.com # Reference: https://www.virustotal.com/gui/file/42395fe0a9834f127984ce1ed171f4b07ed9321b6c066ec3843bbfe180c74e72/detection 3.95.194.143:9911 newzebi.myq-see.com # Reference: https://www.virustotal.com/gui/file/7a1efd39685750fe01bbfbcf5cdc0c4216bff56d59aefd4b5e439099dc05cb1d/detection 79.134.225.9:2224 europe1.myq-see.com # Reference: https://twitter.com/James_inthe_box/status/1392481554249572364 myhostisstillgood11.zapto.org # Reference: https://www.virustotal.com/gui/file/4332838bd4c0d7af8e5e615a53ede0bdc61aae8c23fc189e77ca533d599c0ee1/detection 83.253.102.78:4567 fsdfsdfdfgsdfa.myftp.biz # Reference: https://www.virustotal.com/gui/file/925df2248f658c7751ae5d58d7fbcd7c93be62cb07206ee5c7f21cdff422f56a/detection 46.101.249.24:50236 absorbing-reaction.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/440f6e4656440a2f2bf892260f70f0dde1262b6163ecf95f7e233e7adfa34cf5/detection 134.122.66.170:58840 wasteful-dad.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/9ae43b7a8e5876372919c190ef26e0468092f2463cb15dd5738b420b715afe41/detection female-run.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/dd08434fa554f0e76ebe28749547a7088f0b6e51f71d438822c634f134c58d06/detection spicy-vessel.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/b8c16ed7c643cbe05b1020f71238225938cc046c4d260ef56f62473c01dc5a63/detection utter-stranger.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/b97e012fc73402ccb9a6315da19f20a03eabb803de8c2d0e2a70278a488a447d/detection 134.209.194.210:53441 subsequent-drawer.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/ec2bb15b059b727a19eebaa827a8a6ee750e8d6580941c16fb6a2502be23017f/detection 134.122.66.170:51631 ill-informed-property.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/00dbdb30bb96bc955320894322a70629181ee0900a040f8bd8ddc2ed38dce065/detection # Reference: https://www.virustotal.com/gui/file/3d6e3a99fb947e004ecd938681080f81a8342acd93298146f04979317d754eca/detection 151.115.36.90:49606 46.101.140.16:49606 warm-voyage.auto.playit.gg # Reference: https://www.virustotal.com/gui/file/32b2c3219bbc524be5471cdaf766430a52a8d6101be304adb859bd805a3baabd/detection 176.136.47.220:8080 # Reference: https://www.virustotal.com/gui/file/facc8eb6ff18584bb64cca1c843741178759509ee7aadab80a4ef81b54b7a432/detection servicepoint.duckdns.org techpack.duckdns.org # Reference: https://www.virustotal.com/gui/file/64246eafb3187a5d814a9c1b55b61beda376eb2f3e8ec2c42988a1fafe0d5e6f/detection 103.151.125.220:2009 fucksecurity.duckdns.org # Reference: https://twitter.com/petrovic082/status/1394987545444892677 # Reference: https://app.any.run/tasks/87568d22-4e6d-4677-9ef4-db728f37ecde/ # Reference: https://www.virustotal.com/gui/file/12bb55a3dd474b56890032a15d13d1753804254a089437569bcf22efb79bfc86/detection 103.89.90.73:1604 hshjiopklmsacnzbcjuewahfdsnvmlazbcuewqjh.ydns.eu tzitziklishop.ddns.net # Reference: https://www.virustotal.com/gui/file/f2dcc47e9e2ce6adea5980a23f58df8645eaa092327275aa51418d4dce9045bb/detection # Reference: https://www.virustotal.com/gui/file/faf317619083a12e06e058d6bb65922f9efbff573f0ccee013841fcc2b013243/detection 185.140.53.132:7600 194.5.98.23:7600 joetrump2022.ddns.net # Reference: https://app.any.run/tasks/0b9111d4-1a16-4d41-826b-d1d7a2b78a13/ 45.137.22.50:28054 # Reference: https://www.virustotal.com/gui/file/6be2ea033449b97fe6b1022cad28f2c41a5609f48371ac29d49448e222330d51/detection 188.244.63.241:8080 # Reference: https://www.virustotal.com/gui/file/fdc20b9480ed26e18d71a9af65c95fc6780ce98f91b9ce074605ca8386810488/detection 5.187.75.205:9999 # Reference: https://www.virustotal.com/gui/file/220ca39356e88231e3d1a3a6092b4bc2af025803a7e692304b4ca77a39855fbd/detection 5.14.107.239:1608 darkware.ddns.net # Reference: https://twitter.com/pmmkowalczyk/status/1397855245238247424 # Reference: https://www.virustotal.com/gui/file/041ed09a65a93d5ec37055b16a7f70b5c0c130d9018e06d14ec0cc94d95940e6/detection 194.5.98.11:1990 197.210.226.215:1990 197.210.85.187:1990 197.210.85.215:1990 # Reference: https://www.virustotal.com/gui/file/695a2763c088dcd65deffc625b283fa65520ae970ec69b34cc49065089ef5253/detection # Reference: https://www.virustotal.com/gui/file/374cada6ec7e4cec71763e59b2934ca154c470fe6c2fb822af38b32c1881c1c4/detection # Reference: https://www.virustotal.com/gui/file/bd0f134d79df0d8a8fa72b958af1de70e2ddf834620ab583b4d18908b9b89d62/detection 185.244.30.3:1809 185.140.53.134:1809 197.210.227.21:1809 bangitin.ddns.net # Reference: https://www.virustotal.com/gui/file/48ef390d67cd53a1abfb2e159451982d23ad45efe27ccb3a50b55c3ee8f5f6e8/detection # Reference: https://www.virustotal.com/gui/file/81fb9949bef82c4379e80cbaec0af3c6300a19242dd341213976fdb5c0ea1109/detection 194.5.97.21:7895 197.210.85.217:7895 scottgerald242.gotdns.ch # Reference: https://www.virustotal.com/gui/file/2f56dbd14afea9803f7b5e2f311ccc3ea0d341c84134df52809028d3dcd6d081/detection # Reference: https://www.virustotal.com/gui/file/0951f969b4003c8c9bdf6a8d9fbd8fe4823779e94d6d739491ec29fe6376582b/detection # Reference: https://www.virustotal.com/gui/file/b62d02f897d3fdfc7982b6bcf324070f5c61b148cba98854538c5bb75e9384f5/detection # Reference: https://www.virustotal.com/gui/file/2eced6c67c639f97833ae7c176ac9c85e00dd88a2e48f94ef7215084f5f70312/detection 185.140.53.241:2600 185.165.153.85:2600 185.244.29.123:2600 miklo2600.chickenkiller.com miklo2600.ddns.net # Reference: https://www.virustotal.com/gui/file/bcae6a00e659868f70d17e721fa214159a762c6fd9bc84b6e6038e3c539c2ade/detection stephmiklo2019.ddns.net # Reference: https://www.virustotal.com/gui/file/298035a176b06143763374bba0e5532f5bcf3c00e03534fee4548c731545446e/detection 79.134.225.113:12345 # Reference: https://www.virustotal.com/gui/file/c3b962e92ba42d70b841f3e59fa848775fcb0e3d3669575b40bc23a6d74fc0db/detection 179.43.149.23:52802 alord.duckdns.org # Reference: https://otx.alienvault.com/pulse/60b0dc70f61002a12cefc38e # Reference: https://www.virustotal.com/gui/file/116079e9e6d1bdaeedefbbb3433900bc09e0b17455bb1b709aee49faf449b3c3/detection 82.202.167.58:2201 k-storage.com cdn.krnl.ca dbep.duckdns.org dns-domain.duckdns.org hellooow.duckdns.org woader.ddns.net # Reference: https://www.virustotal.com/gui/file/fc7516b7717704c9634ee9f3a4828dd84dbdafeb1b5fe1abb6a612e5e0c84f0d/detection 151.106.56.110:2404 # Reference: https://www.virustotal.com/gui/file/4b96cfa36daf5ab256e44413b30909d435f6dd73f1ae937bae93cb185a9c5bcb/detection 182.188.141.108:5555 john0071.no-ip.info # Reference: https://tria.ge/210601-xnp7fbh2lj ifybest85fff.ddns.net # Reference: https://www.virustotal.com/gui/file/7a84aa92f81ee3e9e694a8105b94a825147abf2504572a8fb3fb333d574bd33f/detection 199.195.253.181:54666 rnnfibi.hopto.org # Reference: https://www.virustotal.com/gui/file/ebf41b12fc72e96db992d5ec5c2b7f541e38224968dec54d4f8cd905e8be210c/detection bowlee.ddns.net # Reference: https://www.virustotal.com/gui/file/cf32bf794461f1286ddf604e1aa6022cd4eef1b05020c01efd2c682db865106e/detection 194.5.97.197:54402 # Reference: https://www.virustotal.com/gui/file/49c28c9ab46c71450929ffc850dc411cf24f125659cc253f0ee5fb16a59e3f7f/detection 23.105.131.142:2092 startedhere.ddns.net # Reference: https://www.virustotal.com/gui/file/b9d0e673a7c2087a49745714f2635e88a20f268f1bf02c29fb217680f88b8b3b/detection 40.115.28.131:54984 niggapoopsockpiss.ddns.net # Reference: https://www.virustotal.com/gui/file/0b6e863dcf477baf45541e6395caf58aee42a32ea46fb8503763cc3c791fa2c6/detection # Reference: https://www.virustotal.com/gui/file/033d346d91b47bc1edfef01631508bb6fce56bf0349c1478c810679751ae00f0/detection 93.109.26.101:49286 thouppos.ddns.net # Reference: https://www.virustotal.com/gui/file/2d5c01b39b122aef32c90300ae5790903186e526a6752e1478cb1001db68b530/detection # Reference: https://www.virustotal.com/gui/file/a331107f9704db617f106c66b7fd9a49b7b3672dd4904b8c33aac540e55286a9/detection # Reference: https://www.virustotal.com/gui/file/63b9f1d7daf36466738c2bbb8ad1709e228bff39aae1781973a4992f2bf8e673/detection 37.120.152.155:3039 95.140.125.48:3360 1616.duckdns.org 161616.mooo.com babaq.ga # Reference: https://www.virustotal.com/gui/file/698d9527fa2855cd955b8e7f23fe89ab7227019fc4d57cda69f623058c432e41/detection daviscoleman899.ddns.net # Reference: https://www.virustotal.com/gui/file/34220e03c07940a980e9feaabf171d49eaea6f0813dd62537a07ebfd140cee3b/detection # Reference: https://www.virustotal.com/gui/file/d8e990ff4fd260e3bafef9357a0ee589613eaf934f6bb93cb6b72113d5893bd7/detection # Reference: https://www.virustotal.com/gui/file/0427a66fb12d689d85dd61873f7dcdb5523078f9f1a0195884f0d745581b12dc/detection 212.251.119.197:9003 46.246.138.95:9003 46.246.139.52:9003 147.no-ip.biz # Reference: https://www.virustotal.com/gui/file/7c50958807309bb9eccad560ae5cb3e6e811d600326f1ff4989b9e77de7e216d/detection 45.164.102.50:54984 googleservice64.ddns.net # Reference: https://www.virustotal.com/gui/file/9f6d8dd5717baf891e1d1bdde5c9e56bf4e82f656ee503d59c8a550990356322/detection 79.134.225.119:94 # Reference: https://www.virustotal.com/gui/file/b499b1f9e07f93300064b94e74da97439a754747799a6af597828a7511804d42/detection 79.134.225.119:95 # Reference: https://otx.alienvault.com/pulse/60d474f56cd3b9018daa15cc dubby2021.duckdns.org tristurd.ddns.net # Reference: https://www.virustotal.com/gui/file/4151ba31163b08fe7571dbfe3a4e8b398dde414fe0506667188664ae088220c6/detection 191.177.183.137:1177 backupnew.duckdns.org # Reference: https://www.virustotal.com/gui/file/43087ea9490bfbbc1216d8e9aeece07cf0125fd8bfbcaf8ff726c93adc7bd4eb/detection 212.192.241.89:7225 newlife957.duckdns.org # Reference: https://www.virustotal.com/gui/file/730b52a76ef9038d8267ed22c09d5cca646d18c967b9807c10f2d75a0e1e320c/detection 24.101.234.141:8087 fgdgfdgfdgdfgs.ddns.net mcserversetup.serveminecraft.net # Reference: https://www.virustotal.com/gui/file/70ca9789dedb1407277252272aa9dc9711cc65fde19542ec693d8d1b6c8718ec/detection 3.22.53.161:10422 googleapis2.duckdns.org googleapis2m.duckdns.org # Reference: https://www.virustotal.com/gui/file/1150f4623748138803965ed8aabdf348a457921ca30670c0e53b95292bf056d8/detection 104.227.146.200:7170 mynano.ddns.net # Reference: https://www.virustotal.com/gui/file/4fd01964e4170ea620b139127ebfb3a2e153f0d601380fe6fcf5ac2ce8853bd8/detection 109.25.253.218:1430 zayna1304.ddns.net # Reference: https://www.virustotal.com/gui/file/cdbe67339a29bfe3066a18b4e68e9b19e28e449ab21ce23a85ed15e04c5255df/detection 203.159.80.186:6703 203.159.80.186:8234 hhjhtggfr.duckdns.org hutyrtit.ydns.eu sdafsdffssffs.ydns.eu # Reference: https://www.virustotal.com/gui/file/d0e513513bad819249e623d2898f2df26a087e321b8bde841caf8dd2f2a40f95/detection 37.0.11.232:8234 46.183.223.113:8234 asweee.jumpingcrab.com tryweaswweee.ydns.eu # Reference: https://www.virustotal.com/gui/file/94c04d6b5f82d551838ed5ea1cebc1d312991640a368ac10df709704b327a880/detection hirtoruew.duckdns.org zzeroirt.duckdns.org # Reference: https://www.virustotal.com/gui/file/bc16c48ef4435300121e3e14fd1b06c27447935e7fb14166f1cd7d16e0fc1fa3/detection 185.140.53.253:1604 84.38.133.182:1604 dedicatedlambo9.ddns.net # Reference: https://www.virustotal.com/gui/file/5acdcb8735f961014ceee591dabbe6807f7c01c9643c3f54ce70cd4994f3aace/detection 116.203.140.78:9845 # Reference: https://www.virustotal.com/gui/file/ab915bb1e45aba4cbbb762e4bac31510539b4a418d8466839bf6e4c1b40b87a2/detection 103.147.184.73:5719 # Reference: https://www.virustotal.com/gui/file/f3d7b3821f7b0613358f580a1f94bc28d483322e83c931569126d3531a323538/detection 103.147.184.73:6710 # Reference: https://www.virustotal.com/gui/file/75e5d00f80fe125c02c86961b3c68cbe099afb199e905b0f182452f6d7d94a79/detection femolampa.tk tojah77.duckdns.org # Reference: https://www.virustotal.com/gui/file/88403cdefa359b226d308a078d8e43657a8ae54c198bd2bf777b4e46c287a39b/detection onlinejones.linkpc.net # Reference: https://www.virustotal.com/gui/file/199f9134deefca5e21d1d07f695a966cdf55313d08af1c7a0a05ac50d1e73a6d/detection 95.179.210.180:4042 mey.myddns.rocks # Reference: https://otx.alienvault.com/pulse/610fc875c0a576ada4e34a2c alexalex123-41909.portmap.host soso06200.ddns.net # Reference: https://www.virustotal.com/gui/file/1ce353e990a32078c455c1d9e2bdc69267965f8bd93e00988b93241333bb3224/detection 185.244.30.84:2345 # Reference: https://www.virustotal.com/gui/file/287597fcffd11298b757ac806606000d8dd4c3c2641891c1932a1e76348d9922/detection 185.231.113.190:1990 # Reference: https://twitter.com/pr0xylife/status/1450235904107372545 # Reference: https://www.virustotal.com/gui/file/a0512e7537eac6c6d9bc33483261c2403c9ac0d49f6a10748b2ad81d591ec892/detection 194.5.98.48:8338 ezeani.duckdns.org # Reference: https://www.virustotal.com/gui/file/341dc012d18050040d8708d4b8b4d6191ae865469276d0a0556af12fee7d8cb8/detection # Reference: https://www.virustotal.com/gui/file/ecf7b1a8d8cb81c5440743ffe7d5d0116073ff65f393e31c1e105ff1aeb5de46/detection 102.185.101.81:4444 102.185.17.105:4444 102.185.174.164:4444 102.185.233.244:4444 rere12.hopto.org # Reference: https://www.virustotal.com/gui/file/49847ebb75cfdb5a1fffc310eda6c6660f6242e70b23aac8a1a1a1d1abce994a/behavior/C2AE 192.169.69.25:3883 asorock0011.ddns.net wcbradley.duckdns.org # Reference: https://www.virustotal.com/gui/file/e0e970941858a273c596475e80326684f7a8d2cac7a538c4c2912615c449bc92/behavior/C2AE 181.52.252.80:1896 nickdns104.duckdns.org # Reference: https://www.virustotal.com/gui/file/cd24b42c63793dfce4fff72bc96a8466efa54df6dc56d32331842834782caf72/behavior/C2AE 107.172.73.191:4984 sicoslanderfamilydog.gleeze.com # Reference: https://www.virustotal.com/gui/file/f6d3db86fa85378727353a5f021f9cb1336d822798d8b957f51975b707361ad7/behavior/C2AE 185.140.53.13:1790 192.254.74.210:1790 adikaremix.linkpc.net # Reference: https://www.virustotal.com/gui/file/5e3b9ca572bc41495ab4fa5e2e009fe92a919f202c4e538548b6b0a5e3599978/behavior/C2AE 185.244.30.139:4050 # Reference: https://www.virustotal.com/gui/file/2c82c8be149401e712850653c97b6810e037ce9c306300bf4bea1ea75006b74f/behavior/C2AE # Reference: https://www.virustotal.com/gui/file/6c6958e97ee9fec98d9af9b3496c6e0d289f5f6c29f5b580e4fd5f4d314b960b/behavior/C2AE megida.hopto.org # Reference: https://www.virustotal.com/gui/file/266c0f3b1cf78040080fce2037544112b77d23b25753c714d6390c2f705a3c34/behavior/C2AE 185.244.30.251:1133 vreme.ddns.net # Reference: https://www.virustotal.com/gui/file/9158b2603107bcf476eb1e8bf225a5f0e184830afc99bdd00101420c53f46b82/behavior/C2AE 5.163.149.205:5353 anthywsp.ddns.net # Reference: https://www.virustotal.com/gui/file/1aba5fdeaebc9e872d8420528ab9062a2e5738a8f3befe2497f29db78d001b9f/behavior/C2AE 172.99.21.157:53896 # Reference: https://www.virustotal.com/gui/file/29d59cff833693b1df33808ed34e64911fbdc2ba6e750c65018e559cecac19f6/behavior/C2AE 185.163.45.203:8002 # Reference: https://www.virustotal.com/gui/file/71cb674c07340bf223aa8238cb5a5a58edad0342a6b5a3fe7d2d80800881c599/detection 194.29.101.219:1760 microsoftstotre.ddns.net # Reference: https://www.virustotal.com/gui/file/576b690cf4a7ff7650546a0cdcba5b24f8b90907003293cf1f592bf37c9028f1/detection 92.57.66.153:55826 ourpcinfected.ddns.net unknownwy.ddns.net # Reference: https://www.virustotal.com/gui/file/2e3c405dadb0117a360746b3502880fbfb65e065459c3ebc1f5ac0e4009a75f4/detection # Reference: https://www.virustotal.com/gui/file/bb264eeac45ef6b82373d905a1b0a343f71618c9891e020190f2349d9547a4cf/detection # Reference: https://www.virustotal.com/gui/file/a55ea4919a0cd9f0181578759c4958784f1d0d7ab16dbace31676d56930e2576/detection 136.244.108.136:49617 194.29.101.219:49617 31.220.4.216:49617 favor.testfood.ml # Reference: https://www.virustotal.com/gui/file/d738fb0439cfeae7bb7cfd6dbaa0e61ee09fee6c92dd0472065ec8d09039fddb/detection omega.testfood.ml # Reference: https://www.virustotal.com/gui/file/a00eaebbcca9d15732f7a85590bdcaef7b96c8ce6dc76a400af674cf34ac7274/detection 104.156.238.13:49474 best.testfood.ml # Reference: https://www.virustotal.com/gui/file/2e48409abf1e4729d11a13bff4bb0559a4cd4439121ab936be4a4895d582444d/detection 94.237.68.129:49474 94.237.68.129:49557 alpha.dujanadecfoods.ga # Reference: https://www.virustotal.com/gui/file/26d2efd05144c426861c5522224290785467007dcb2990d49c2f16a681fc06cf/detection gud.testfood.ml # Reference: https://www.virustotal.com/gui/file/e64dcd60a67383f2f7c9aded00160f4bc37b2a533d9f950af404571526b82d80/detection gold.testfood.ml # Reference: https://www.virustotal.com/gui/file/bd83f6ac624e81d2eec47c2afed0353dcee2d9299112341e7434dadc3ce4dfb2/detection 94.249.111.70:53896 jordanianggs.hopto.org # Reference: https://www.virustotal.com/gui/file/8ba02d0c6683288779bac1b96ad8ec0a3696a19c949ad86650f78e5cc23547eb/detection 51.77.249.195:1085 tantoe.ddns.net # Reference: https://www.virustotal.com/gui/file/d2b923e8bdabe1720ae6c089d9c81ead282ad6145adb25e63f687e8c650ffdce/detection 194.5.98.48:7705 grace7705.ddns.net # Reference: https://www.virustotal.com/gui/file/a6027fd64a3f8d5c908282601687bc635705cd45dcdeeff8f0a2f01df02d6e6e/detection # Reference: https://www.virustotal.com/gui/file/c74e89861947deac982d38264f0c451e54b7f70da4aab9789c8b0692b948763d/detection 176.168.187.199:6606 176.168.187.199:7707 176.168.187.199:8808 91.109.176.3:6606 91.109.176.3:7707 91.109.176.3:8808 zaphir123.ddns.net # Reference: https://www.virustotal.com/gui/file/6267777762614004a43b9939a53ef97023534ce168af8c49e75286d32652895a/detection 124.123.185.247:54956 thedog12.ddns.net # Reference: https://www.virustotal.com/gui/file/7f6242d204a6ff95a909a280956be1af736db1be87994da0726126dfb00e5f9a/detection 91.109.190.4:54984 licmgr.duckdns.org wdupdate.duckdns.org # Reference: https://www.virustotal.com/gui/file/eb019a7eee47d1eebf28c8c25784674b0900665a7080afc6c27c115bdc097b92/detection h45hdecrep7.dynu.net # Reference: https://www.virustotal.com/gui/file/4501ffa7cb8b5d7b056db7c77e24a6767fb94ce3d709772e5c3113d7a6d59c8c/detection 185.140.53.131:1211 1211.hopto.org # Reference: https://www.virustotal.com/gui/file/c644673cf009fad34a79441f44b5eec4faaf81459147692f9af1e1c9c36f6543/detection 195.133.18.211:1187 dera31.ddns.net # Reference: https://www.virustotal.com/gui/file/1354c79ec14833dd6f56fd4958f7c8e8159f994e6d83067da0598edb6f156263/behavior/C2AE 91.193.75.148:8822 newme122.3utilities.com newme1122.3utilities.com # Reference: https://www.virustotal.com/gui/file/f505d3a98e47352ffc4569ecacf479707e199948f723778c4242e3250c651b81/behavior/C2AE bobby123.ddns.net 194.5.98.12:2411 # Reference: https://www.virustotal.com/gui/file/d73a9f48883eda1aa327e5c0995a8dc50be8352ca5d90575963f5f45a074ac52/behavior/Microsoft%20Sysinternals 79.134.225.69:6060 xylem11.ddns.net # Reference: https://www.virustotal.com/gui/file/8865f7c169dce0e8e9e0df1cadab4dd9db21b1f1f876c0f00245f544fa405b89/behavior/C2AE 178.33.13.161:1608 windapts.ddns.net # Reference: https://www.virustotal.com/gui/file/f32f6c5b0a380a97ee115bf7939fe31cfe000cc5e48461cb03eb6982109dd0dc/behavior/C2AE 192.169.69.25:3883 wcbradley.duckdns.org asorock0011.ddns.net # Reference: https://www.virustotal.com/gui/file/1e4fae4322aa44f845b1ea1156380dea2f21cfa360d21a238470acddd3e773c5/behavior/QiAnXin%20RedDrip dollar22.ddns.net # Reference: https://www.virustotal.com/gui/file/26a978a3dcd7a9bebab3aca43b72e4a203e8a02d48ffb40fe19599f1ac82fe14/behavior/VirusTotal%20Jujubox 90.62.63.8:4647 namiswan.ddns.net # Reference: https://www.virustotal.com/gui/file/2f1b327db06cbcf6040da7e25b71c53b9d7dc3c63e76051ad51205f70bd0cdb8/behavior/C2AE 86.194.210.97:1234 crypt.ddns.net # Reference: https://www.virustotal.com/gui/file/5cf45071d478d05dd8d10d71c03d2b03831df532c956f5d03c34df0520b65365/behavior/C2AE 94.198.42.167:59754 94.198.42.167:55841 94.198.42.167:54822 94.198.42.167:55520 qwdnoqwomdqw.tk # Reference: https://www.virustotal.com/gui/file/6562d6cf7d1ab02f15b0c2576ae862faf818ca54d2e45ca9e6eb27edb54ca72c/behavior/C2AE 194.5.97.207:3259 mec.sytes.net # Reference: https://www.virustotal.com/gui/file/d2e897665e02d48a99beaa5a6ab7ff7a299e631564603b4306ca5fcbbd299602/detection 172.94.92.54:59023 shtf.pw # Reference: https://www.virustotal.com/gui/file/a3e730374220a884a0f490f7085d26890628dea6da844ea58cde64a9b03b815a/detection amilolo.ddns.net # Reference: https://www.virustotal.com/gui/file/4e81d6eddb21fdb73b517fe5cc6f3143e90f46806c65187123942b4c2009c771/detection 90.51.247.217:54984 hack3.ddns.net # Reference: https://www.virustotal.com/gui/file/443c27b78b0fa24ae1131834d0307fa6da57f1463695fc6480d0d3874d5dcf64/detection 185.140.53.160:6640 john23432.ddns.net # Reference: https://otx.alienvault.com/pulse/619f7bf2b948aa29ee973b88 ratsertification.hopto.org sdadfffasfasffas.ddns.net # Reference: https://www.virustotal.com/gui/file/6bf0463c0e0e87c59766f3708bdc1716e0fc62a9604bafac21c54b2a6fcb4f0c/detection # Reference: https://www.virustotal.com/gui/file/ff8bdac925d5df24e77711c66d2ec0998fd7b92ef5024333f185a885ca7ee63c/detection 176.239.192.170:215 176.239.83.242:213 hjkm12.duckdns.org # Reference: https://www.virustotal.com/gui/file/0698ef3ab517d07ad1d1093fbbe0ebaa2b9492d8dc133d32e24998e0550fac51/detection # Reference: https://www.virustotal.com/gui/file/4872db70c243f4bcee4d2b8546972b4fafe357f158a8b82074b892f41de32294/detection 141.196.205.87:113 176.239.175.53:113 ahmedt.duckdns.org # Reference: https://www.joesandbox.com/analysis/526200/0/iochtml lizaelock.ddns.net # Reference: https://www.joesandbox.com/analysis/894071#iocs 9292.freemyip.com # Reference: https://www.joesandbox.com/analysis/526564/0/iochtml neoncorex.duckdns.org # Reference: https://www.joesandbox.com/analysis/894433#iocs billie4.ddns.net # Reference: https://www.joesandbox.com/analysis/894637#iocs wealthgod1234.ddns.net # Reference: https://www.joesandbox.com/analysis/895717#iocs 6262.hopto.org # Reference: https://www.joesandbox.com/analysis/895914#iocs rickjohssn.ddns.net # Reference: https://www.virustotal.com/gui/file/f8eb104af228653af478508b5bf75d92f501fb3248fc02125dfaddd7c1c5e967/detection 68.119.12.79:5555 # Reference: https://www.virustotal.com/gui/file/e1a8ab723d106bd46a651d4d37ced7ef10df596c95385966f43ed963f6b87482/detection # Reference: https://www.virustotal.com/gui/file/5d81a166213bd05958b9e1f557a5bb137179879427fb3c72e40b337558061e84/detection 23.237.25.146:54984 91.151.137.15:54984 dogcat420.ddns.net # Reference: https://www.virustotal.com/gui/file/a29713a10c25c10be0fd0108ca6e5e4cd31358367d13b15a5c87464413a80989/detection zolim.ddns.net # Reference: https://www.virustotal.com/gui/file/35f4f225c5b0e3ba8bdb85ff14646a5adf47a17058b248b22394ec2f9236a4b6/detection 37.0.11.230:2407 accessgranted.ydns.eu # Reference: https://www.virustotal.com/gui/file/d0e513513bad819249e623d2898f2df26a087e321b8bde841caf8dd2f2a40f95/detection 37.0.8.214:8234 37.0.11.232:8234 asweee.jumpingcrab.com tryweaswweee.ydns.eu # Reference: https://www.virustotal.com/gui/file/662fbe23c87844a881ca233876ff75ee05ddf2ac0a1b5546fb5bc7603474860a/detection 37.0.8.164:34566 dfdgdsasedw.ydns.eu freebeeskatobi.ydns.eu # Reference: https://www.virustotal.com/gui/file/d26e5453281bd521ba914d6dbbcfa8d1ef37cad2e2f91ed19284b0000ad67b8d/detection 195.133.40.193:4948 keshodiwa.com slot0.keshodiwa.com # Reference: https://www.virustotal.com/gui/file/1577241f1a134f418aad884997681b9c7d1cbb2b78970d1dd5a558b2d50b2657/detection 1116.hopto.org # Reference: https://www.virustotal.com/gui/file/494373c6309267c3358bd49724afcb026c0b89980c75fe3c0cfefca34b973cbd/detection 194.5.98.120:19864 mansengco778.ddns.net newcracker.duckdns.org # Reference: https://www.virustotal.com/gui/file/b297f74819a9afd1281241f46226e0546399be42bb7357e7395509fdcfddcc36/detection 86.211.116.251:7706 # Reference: https://www.virustotal.com/gui/file/b2a307b5f372f7656760523371af71190b6412ba6ba242bc57095b999e61c807/detection antish.no-ip.biz duckmuckcock.ddns.net # Reference: https://www.virustotal.com/gui/file/65fd73d8fe8bedbd49e4875d1abbc632c77e0cd6b7427bde238b85b69ae6dfda/detection 141.255.144.234:1604 ddoz.ddns.net # Reference: https://www.virustotal.com/gui/file/eb5857e5b569f90487f77377c56103816b4c4286bdb65d7e599aabd31b7f846f/detection 108.61.210.74:1337 185.141.62.35:1337 208.101.60.87:1337 66.220.147.44:1337 93.115.28.195:1337 # Reference: https://www.virustotal.com/gui/file/59565c9d35837c928e79f4300959447019cd9732ef9182e3fd5e3fa78dcaa666/detection elementary-legend.no-ip.biz # Reference: https://www.virustotal.com/gui/file/4907908891a4ad8d3e289d0edca763cd80e7ae891d6bf505f7b70a1f55d97fd3/detection # Reference: https://www.virustotal.com/gui/file/222ebc98454400a71468a2835603d625e5e4fc7e599283145a6561fe94dddc0a/detection # Reference: https://www.virustotal.com/gui/file/113550041ffe36f04838584d21680a5c21e33723e0eee88a81223216901dc627/detection 79.66.73.81:6942 92.15.9.84:6942 92.22.218.89:6942 # Reference: https://otx.alienvault.com/pulse/61d82c79ad795ce22bb34645 connectionservices.sytes.net joshirwin123.ddns.net primoney.duckdns.org ratman72.ddns.net windowsmcvs.ddns.net # Reference: https://www.virustotal.com/gui/file/1469e5c14eb824758e84376a1a3b32baa6662861b2022ad180e7297d9b49e551/detection 79.134.225.79:2887 3acomposits.com # Reference: https://www.virustotal.com/gui/file/4c75bfd023f7ddaadf6f21b3e41e54f4b3312b9ca3c2800c89f53edb4edcf6e1/detection 79.134.225.79:1881 adarella.myq-see.com # Reference: https://www.virustotal.com/gui/file/e1e1374ceca8326241b65fb4dc1b63599d4354a029fb48d3d6f61dfe9776df76/detection 79.134.225.8:8181 believe2021.ddns.net # Reference: https://www.virustotal.com/gui/file/ab80e15a7af8b3b261136ee6902cb38e729d0f68fe2b2d7779fd5607f636c014/detection 192.169.69.25:4001 benders45.duckdns.org debase45.duckdns.org # Reference: https://www.virustotal.com/gui/file/ac6a0a296852964efc48b1bbb20ef1e6130f109ce0ac73f7a2a34c4c7b9c5a31/detection 107.173.137.204:54984 cudaegua.ddns.net # Reference: https://www.virustotal.com/gui/file/e9753c1281876ab5c8c88d848dbe77d73e74d335770a407981cc0f002f76847d/detection groundsuppliers.ddns.net # Reference: https://www.virustotal.com/gui/file/9ae34424d0a15202d8d1469103af68a65d89b055f1e19877bce9048624d36c7d/detection jadedman.ddns.net jadedman.linkpc.net # Reference: https://www.virustotal.com/gui/file/d3081989a1a7523371c040d854a7a33a75d358b0842fbbaaa1edebd5638f8065/detection 79.134.225.79:1122 ruffella1122.myddns.me # Reference: https://www.virustotal.com/gui/file/39624b2756f8c0af566345772bda9465f6c32a144125eaea52aba79504eb0997/detection 79.134.225.79:3550 shakur.ddns.net shakur2021.duckdns.org # Reference: https://www.virustotal.com/gui/file/b307468be35bc5c65a5f14377fdd97491164a41416076ef8d6edfd2739b5efee/detection thanks.duckdns.org williams1988.ddns.net # Reference: https://blog.talosintelligence.com/2021/12/threat-roundup-1126-1203.html (# Win.Trojan.Nanocore-9912485-1) devilmaycryforever.ddns.net russiankgb.ddns.net # Reference: https://www.virustotal.com/gui/file/988c1b9c99f74739edaf4e80ecaba04407e0ca7284f3dbd13c87a506bf0e97b7/detection 23.102.1.5:6129 nanoboss.duckdns.org # Reference: https://www.virustotal.com/gui/file/b9bd4e56b3b8381bee246af545b1169490ac4d2972a64810379cbf81580c125f/detection 68.112.235.198:3000 toclick77.duckdns.org # Reference: https://www.virustotal.com/gui/file/3184ad91199a5619041f0db960edacf6c27867cf01ec4729e35699b98a3bfc63/detection 93.30.176.91:54984 youaretrolling.ddns.net # Reference: https://www.virustotal.com/gui/file/37e18679eccdda36e114eb2103ad552ed91aba435ef2b4e7043ea4efc76c8dbb/detection samora007.hopto.org volcano111.hopto.org # Reference: https://www.virustotal.com/gui/file/cbff27ecc0784bab44610aee553b84c756115650db543e7d737074bf3d09db64/detection 103.151.123.194:65534 mback5338.duckdns.org takjamahs.duckdns.org # Reference: https://www.virustotal.com/gui/file/c0ad912a20bacc91c793313cdf9ef0c48d8422315f97d34cb12f143dd055df53/detection 103.151.123.194:8903 # Reference: https://www.virustotal.com/gui/file/4b61697d61a8835a503f2ea6c202b338bde721644dc3ec3e41131d910c657545/detection 103.151.123.194:7632 # Reference: https://www.virustotal.com/gui/file/4c45d08201b6aa7b734e2a320947656119120f911f77ee07f827cf38ba6ae1bd/detection 20.194.35.6:8903 # Reference: https://www.virustotal.com/gui/file/daef31514909f0fa8407f53e8bc9b8fb5c42d9583e6f88a91a51c2c606b19d72/detection 103.147.185.192:8903 104.37.1.32:7632 13.77.222.211:7827 20.194.35.6:7904 bitmoney332.duckdns.org gerousd8.duckdns.org justinalwhitedd554.duckdns.org # Reference: https://otx.alienvault.com/pulse/61e409f42d3c638722eedc3e arpadnseset.theworkpc.com obeyice4rm392.bounceme.net wazzy13131.ddns.net windowssvchost.ddns.net # Reference: https://www.virustotal.com/gui/file/1b8775fa633e04edf24411129b02074e4a9b8a79c28896908ff57dafe7cde968/detection swmen.com testalienscy9090.duckdns.org # Reference: https://otx.alienvault.com/pulse/61ebf3062f462d5c5a5ad8fc andreithekoala.sytes.net xoo.ddns.net # Reference: https://www.virustotal.com/gui/file/f515a9d2910da428d7803afc2244476a5b185f30361482cc1dd49670513281a5/detection 103.153.78.234:3132 vijayikohli1.bounceme.net # Reference: https://www.virustotal.com/gui/file/6994bba2690de5c3d89027901a600ebc90ed5570aee5a9b198522e0b453e5a24/detection 5.39.217.241:4016 researchcentre.ddns.net # Reference: https://www.virustotal.com/gui/file/d0626c459953f19e59fd3ef6c91ddd19cee19f4b12ba669c099a11d9f8e3b861/detection serviceop091.ddns.net # Reference: https://www.virustotal.com/gui/file/1411be36d7858249f25711858874b626557155277d94f099bebcc5a584d1ad69/detection 45.153.203.230:4016 svchostexplorer.ddns.net # Reference: https://www.virustotal.com/gui/file/c1156ca1b902f464adca08a699978fbb48c747e07a8680d15c4a9f721ff59385/detection 194.5.97.73:8181 morelogs2020.myq-see.com # Reference: https://www.virustotal.com/gui/file/164ba76af931f4378edd9fac284a9d5fbb82f7fa6aba3610a93acad54cf01606/detection 2.56.59.13:5490 desireblex.ddns.net # Reference: https://www.virustotal.com/gui/file/5f2342af7a3defeb5e86f406ce472f06f2960f1e698948058f5e1dae4a409f76/detection 79.184.237.13:53896 cbtbdsm.viewdns.net rikccwossmg.ddns.net # Reference: https://www.virustotal.com/gui/file/1a0718d57c68091c6b21303ad4fd752155f1377b04c970f999d406a61aa1a164/detection 141.98.101.133:13317 196.47.133.40:13317 forshared.ddns.net lordranseier.from-de.com lordranseierpilot.from-ms.com neverdiev2.viewdns.net neverdiev2.webhop.me rankstars.webhop.info # Reference: https://www.virustotal.com/gui/file/ebdf7ef4fcdd20cc782a6cdb0a67859712e1be655e577a089ef3106a42c1b71f/detection 69.232.46.139:1738 anonymouscrypto.hopto.org # Reference: https://www.virustotal.com/gui/file/4e5e702bd5d2069ea65bd5d6fd3562442abd38f766dd5eaa2c38d616fd3a6c26/detection 163.172.27.6:9372 educlassic1.hopto.org educlassic3.hopto.org # Reference: https://www.virustotal.com/gui/file/1767d1b070fd29e0e3eabc2c42c196b5f1750d5a13d0ba75b1a2daf33ac4d8bd/detection 5.34.183.64:54984 educlassic2.hopto.org # Reference: https://www.virustotal.com/gui/file/21e75775adaace531fe28d279b884ebb1c3f8f5a8813c747e74f73ccc5611839/detection 198.12.105.44:48249 sb247.duckdns.org wh0re.duckdns.org # Reference: https://www.virustotal.com/gui/file/98e33ebe79b9c93602af7b79bb4f3f63c2f3c1417b1c41be6e814a9930e43b3e/detection brooklyatyin1124.hopto.org # Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2022-01-12%20Remcos%20IOCs 45.133.174.131:2030 eter202.ddns.net # Reference: https://twitter.com/petrovic082/status/1493575097852080129 # Reference: https://app.any.run/tasks/779f7c15-adca-49db-9faa-4bb0fd2fce92/ # Reference: https://www.virustotal.com/gui/file/c851b26e5580c9815d4d1d945c6c302c13a907b056f3cec5d4f279627c411ccd/detection 199.195.253.181:54984 tolatilbu.hopto.org tolatilbuuu.duckdns.org # Reference: https://www.virustotal.com/gui/file/02a85930a0d74ac5f3d0fdf64ddc7140f1827aee268bb43b8ceb88c5a5f5d388/detection 185.140.53.131:5876 5876.hopto.org # Reference: https://www.virustotal.com/gui/file/ccdad991beefa366171be40697c037d9bf2e1ac6b54efacd5ff3f1d77b823402/detection # Reference: https://www.virustotal.com/gui/file/b73b95f8d78489c8b2167e84c9d8346cc3a9423bedae7b33bfde4885949e27b0/detection # Reference: https://www.virustotal.com/gui/file/0efb4c1ae29ce9a5df2ebc871318e8dc28af1ab49db4fbe3abd9b7c0e5945056/detection 109.205.178.244:3110 109.205.178.244:717 144.126.145.38:666 79.134.225.37:717 rex1010.duckdns.org # Reference: https://www.virustotal.com/gui/file/0eb1b83d6dc59fdc4cae05a812b2465a57ab9ffc47e2571ff3c4b827031b9f51/detection 185.19.85.137:2331 favorali.duckdns.org # Reference: https://www.virustotal.com/gui/file/5270551b885685ed3ff896397fd7d6bd507e7eb5fce93294946141282dbd6942/detection hackoo.ddns.net # Reference: https://www.virustotal.com/gui/file/10824edd633a2f7ff32716e35aabbfa360b5acca86351de9c599348449a4797e/detection 93.182.170.11:3736 v3d.ddns.net # Reference: https://www.virustotal.com/gui/file/430aa173982e7acd27606d2e6dd615d78263cbd313998cd1eb6b142be061cb12/detection 185.161.210.180:1855 dangh.ddns.net # Reference: https://www.virustotal.com/gui/file/d3dc60ade96b79cb7df42eb129e2858dcce6085d9009cc14e2ae0f9763d74107/detection 194.5.98.140:8787 norly419.ddns.net # Reference: https://www.virustotal.com/gui/file/16455e07687f6c6dd7c209dd7c3d96c738d9c4c438238811b978dc3716230508/detection 79.134.225.71:1818 milkway12.ddns.net # Reference: https://github.com/pr0xylife/Nanocore/blob/main/Nanocore_24.02.2022.txt 31.210.20.215:1015 jamesskeithj.bounceme.net # Reference: https://www.virustotal.com/gui/file/f89d4b79a8b7546a3683af3a3851e3703e9334f800241957952f43fb606519e3/detection 93.179.125.92:5678 # Reference: https://www.virustotal.com/gui/file/45f0c25dadf07cb595f64a1b6f78456604dfd2751c8a68939c2e3999162cb830/detection # Reference: https://www.virustotal.com/gui/file/08e4f5d63a07de9b68ef3bd265897550596cdf33bcf172415d9934b7054413fa/detection 92.137.178.76:54984 mugiwarace.ddns.net # Reference: https://www.virustotal.com/gui/file/feb34f5cc5c725c8c1edd32f3ac4c2912c7646e4199c9aacd535ac7aa4bceb11/detection 185.140.53.6:31832 ella666.duckdns.org second54321.ddns.net # Reference: https://twitter.com/phage_nz/status/1500682848176525316 # Reference: https://app.any.run/tasks/ddcc4e54-40de-4bd9-83f7-16c61c1ea1d2/ 23.105.131.196:9070 # Reference: https://www.virustotal.com/gui/file/30d7a6fe1718c3ed6ab93ae2b2e227190a2f0ca3a4746a862418d3531dcd0af2/detection 113.168.169.191:9999 muabanlucngan.ddns.net # Reference: https://www.joesandbox.com/analysis/585133/0/html 212.192.246.6:6932 kingsley2022.bounceme.net # Reference: https://www.virustotal.com/gui/file/18ed1796db2b16e45d4b82dbd9b8219de6b93942113a1f0bf9622972f5064fa9/detection 160.154.81.135:3306 windowdsdefender.ddns.net # Reference: https://www.virustotal.com/gui/file/0c0f0f9de148d87b93732d338a440cfff220ea2b9d1dfbd0b3236bd6e05f7451/detection 192.30.89.51:36786 stellacy.duckdns.org # Reference: https://www.virustotal.com/gui/file/6b6dc8d06eee2cc72d2b0f82c69097dc98d9962bdc4465739c623100056829c6/detection 102.91.5.33:8242 member.ddnsgeek.com # Reference: https://www.virustotal.com/gui/file/7ba57ac7614a888efdc4554506305d9398b89b4f7c5770f0d8f596b1ecda2db2/detection 194.5.98.28:2021 brownhost22.ddns.net # Reference: https://www.virustotal.com/gui/file/ba4bc2bf4534fc921e4c6c34e420e46ffd44c4dad35a4424fe95436c5bb6c2ff/detection 185.19.85.155:50263 adminhostbase.hopto.org # Reference: https://otx.alienvault.com/pulse/62371873f39cbbdcded67c5e # Reference: https://www.virustotal.com/gui/file/9344ec043904f22f9cc4b18b6e7281e03b87274f70268b1fcd3f8061da7a6c53/detection # Reference: https://www.virustotal.com/gui/file/828b218429b00e462f569fdf3733bca14336dc27086e83a2fe68039955509e0f/detection # Reference: https://www.virustotal.com/gui/file/e94c70d3dc3ab2496465e73bffc7c5f1bc3963f3ae309a88d5e16d5e54a540ce/detection # Reference: https://www.virustotal.com/gui/file/dc6acfc36f44d7654605566739889ee89bc7040b7be9a46969d29fe3203bee27/detection # Reference: https://www.virustotal.com/gui/file/92feb82b41f89b611b8b56e33c7e553665cb49aefb7267181af1318160f7c1a2/detection # Reference: https://www.virustotal.com/gui/file/7e169c12694127cf4dacdbe6c380bc31838ee32217e731f202ff645a88a39c00/detection # Reference: https://www.virustotal.com/gui/file/06176687692d9e48e9c0057d3b9b64b09a2d79d45f08d80c79856df3bc392a67/detection # Reference: https://www.virustotal.com/gui/file/e8ef70d3ee8a2d0db7113163f51cff2750cf8b8f6fc46339f5f121eaae4b88c4/detection 149.109.84.49:1337 2.103.213.31:5000 2.103.213.31:6881 78.54.109.147:1337 89.247.169.215:6969 89.247.169.251:1337 91.109.188.5:1337 91.109.180.8:6969 hydrathebot.ddns.net likedoingthis.ddns.net thezone1.duckdns.org # Reference: https://www.virustotal.com/gui/file/b2912e9ae8c58704e961ea448e1537beb63e8d26db0213ed702ab88723d43fd3/detection 98.39.167.247:4784 notviruscom.freedynamicdns.org # Reference: https://www.virustotal.com/gui/file/ce3c8e1e62466029747d8664707fb8bf43240ea88fed1dcf18923b90a7e7726f/detection eaidali.ddns.net # Reference: https://www.virustotal.com/gui/file/07eba1792464c5da1f6b0b7d9900c454ad1c845caa660482ed8fecd86c5b064d/detection 185.19.85.175:50421 lowspeed.ddns.net # Reference: https://www.virustotal.com/gui/file/2810361825e72d6fec8ebf270c9ec0a2198227c4fa158e3e46b15cf43a60cbec/detection 103.145.253.56:1665 btmebd.ddns.net # Reference: https://www.virustotal.com/gui/file/f848dbbb374e0ee15b1f95425270c6f9dbfe5232a2cf08ed44695a07cc52aed2/detection 194.5.98.48:6122 nomansland.ddns.net # Reference: https://www.virustotal.com/gui/file/dee03714f1675e36fd1e7aff9905c114458a0910bfb391d83047f5921b0ff8cf/detection 194.31.98.223:1187 deranano1.ddns.net # Reference: https://www.virustotal.com/gui/file/d900c100ca4cdec50c72b681421a5d727ed17513739c673c84020608b134ff8b/detection 194.31.98.223:5121 ericdonovan07.ddns.net # Reference: https://twitter.com/sS55752750/status/1506653027066957825 ncre.duckdns.org # Reference: https://www.virustotal.com/gui/file/df0a26e8c6e64012479655b09782123cfdaf042c0806fc0482465be2f413d537/detection 5.43.142.100:1604 mikeyka.ddns.net # Reference: https://www.virustotal.com/gui/file/b96ae4aab134c7612bd21311ee76a7b0b0dc14af7b2e10713564e50fc739967e/detection 185.140.53.6:31829 mikeljack321.ddns.net # Reference: https://www.virustotal.com/gui/file/0886c4c9fd515ee3ad0be57257d6c10678786aa4b172f9727e593cc235f8262b/detection cypherzin.ddns.net # Reference: https://www.virustotal.com/gui/file/0caa510a679249f146543c8b4fbb8a50f94c661da98c4636c9bebe33a32cb9c3/detection 197.211.63.28:2525 lovemebygift.ddns.net # Reference: https://www.virustotal.com/gui/file/117416223d635c6de8eba0265a911b594006e01a454d5ef05a5d48569f4b811a/detection 91.109.184.2:54984 wyldotexe.ddns.net # Reference: https://www.virustotal.com/gui/file/efcd244049a2b06f9a99cd6bf7f5298876989112d4024e6b6c3844d67134e72c/detection # Reference: https://www.virustotal.com/gui/file/879ff8af101103d2387bbef6143dc2b4e233c7436d19e116c5fd78e132cfd05d/detection 185.140.53.50:2828 23.105.131.186:2828 henzy.ddns.net # Reference: https://www.virustotal.com/gui/file/02758e090418ab4b29bf68f0d447daa0499e47006406e2539ce24ae3725578e3/detection 23.237.25.144:7070 googleupdatter.duckdns.org microsoftfixer.duckdns.org # Reference: https://www.virustotal.com/gui/file/fa90c8e6857c483ca133f508033b76a67f709934842a452ec7b4c2762adfc85f/detection 52.14.18.129:12874 # Reference: https://www.virustotal.com/gui/file/9371423637fc954fc87a722642ad9c54345b22f0744abc85e5c32b5b9560913a/detection 52.14.18.129:13914 # Reference: https://www.virustotal.com/gui/file/4617aa97b1b815d8a6f1ce8e7ff775bac357910e012878afd1aa03b276a55552/detection 91.192.100.6:6907 # Reference: https://www.virustotal.com/gui/file/17bfeb7d3ce99be98b31104b4e05c406becc5c3c0d1995fd8cdece16e7d8531f/detection # Reference: https://www.virustotal.com/gui/file/dba2b4f8a17650e49dfa817fa19e2277b3c214f66b3c87530f94e6716e9d485f/detection 194.5.98.45:4040 lt.ruppersalimentos.com.br # Reference: https://www.virustotal.com/gui/file/4c47097394a6a6d82b21fb7778ec9b8e5e6cbb50ef0a3e4d2de7e5be0e95e0e8/detection 194.5.98.45:3226 # Reference: https://www.virustotal.com/gui/file/c122cc4b742359454f3607ef3755c789e458280bc878887cc1d4c452b8a2cfe5/detection 194.5.98.45:3886 # Reference: https://www.virustotal.com/gui/file/50de26b1f0f97457ac8623dae7f26ba274af10e86499fdef4d477377b7388d59/detection 197.210.65.88:5552 iphy2.linkpc.net # Reference: https://www.virustotal.com/gui/file/9ad646458bf31f5963c6e8ac5ada96e9b5fc6451e06a0661dd92cc406c5a2987/detection 141.255.144.255:51583 networki.linkpc.net # Reference: https://www.virustotal.com/gui/file/96b5ac5ad40731121a08282cf409cad564d3824a2c703070036476f3864eefe6/detection 35.136.112.19:8041 donco.linkpc.net # Reference: https://www.virustotal.com/gui/file/1bc8d97f5be4fd72080fbec129ecb6ab776fd894993a7ffb7ab84ceaf26e2099/detection 45.137.22.179:3218 mbahannanocore.ddns.net # Reference: https://www.virustotal.com/gui/file/de671fc6dea26e14aeb72a18416b6b5909ed0b1cd7897d630a603829c7705efc/detection 171.99.160.242:54984 maxpower.ddns.net # Reference: https://www.virustotal.com/gui/file/16e610b79ed8ff739435caf7cea1088491b4ae0a858d3e0b3b6a1faf0d29fb37/detection 91.109.178.8:54984 windows78884.ddns.net # Reference: https://www.virustotal.com/gui/file/1648ca294cea1728b8bc39c41afeb423511a2bb0340ae71589948668d9a23753/detection 116.44.155.200:1453 ssoo1451.ddns.net # Reference: https://www.virustotal.com/gui/file/c55ca52ebb82e388001e3d8b61323083cef4e717a0da70818e2011c23198d10f/detection 91.193.75.132:38331 hulabalu411.ddns.net # Reference: https://www.virustotal.com/gui/file/d4228833f29af5fc0cebe084ae93518f48c4f1829d7d3e35e1cc70df87d4b3c7/detection 79.134.225.126:5052 # Reference: https://www.virustotal.com/gui/file/c5ec4af21d1161f5ea21ced700f8601a6bc437e01bfe84e44b08ea875ae05c1e/detection 185.140.53.139:4557 # Reference: https://www.virustotal.com/gui/file/abd2b749f85a7710a6f7fa7ffcdd77cd79125c62239967927a115eac14d2593e/detection 185.140.53.139:4559 # Reference: https://www.virustotal.com/gui/file/a4755b349a5718b9aad5bb7431c43bd7ad190fe553c2b5a186bc9ae01db5116e/detection # Reference: https://www.virustotal.com/gui/file/7c4646e4b1013d4f1954b8be33abd4202a7d418b86bfa4c2115679180e383fea/detection 197.210.227.111:5057 197.210.54.231:5057 91.193.75.132:5057 # Reference: https://www.virustotal.com/gui/file/a3202b464c5b8fdb02f8c841affb82b5657b98025fc40be027f766b17a9fa24f/detection 105.112.156.57:6755 # Reference: https://www.virustotal.com/gui/file/990ff1867047795085fc0fb08fe186b066b9229ac258a4d7f8cc906371bf002f/detection 185.140.53.139:6755 # Reference: https://www.virustotal.com/gui/file/873831d6e0c0f4fb49083dff25565a28b3ef7307ff55743a1c74c43e7cb3bce9/detection 197.210.55.126:5052 # Reference: https://www.virustotal.com/gui/file/771ce47babb0312293e03f20e5db25dbdfce55e6ddae4601bf0c7067b790ed90/detection 185.140.53.139:4557 sisoretartian.000webhostapp.com # Reference: https://www.virustotal.com/gui/file/770ce29036a44d72ff33ae394de5d19fe8399a900e1fa45150231df954cc55e5/detection 79.134.225.113:5052 79.134.225.73:5053 # Reference: https://www.virustotal.com/gui/file/6de2494fb7cbdf76e1ae485bc075aee8a10922af8394b7e477cc78cd02ba888d/detection 79.134.225.126:5052 # Reference: https://www.virustotal.com/gui/file/6d168a86468e09f9246fe57e7a8047d5dca72ecddb5b270c512d9cfd0c2cda8b/detection 105.112.46.44:4559 # Reference: https://www.virustotal.com/gui/file/467fd7e0ef54df2db4028facd694f4ba4791e78ce9a0183dfa97aad9bf7d86a5/detection 197.210.227.177:4559 # Reference: https://www.virustotal.com/gui/file/39e472447dc68135b88bc68e69224e0fad479f65606e281030bb0b54706638b3/detection 105.112.153.67:4557 # Reference: https://www.virustotal.com/gui/file/2d70bf9dcedd45398b78d29b4d4bab1bb53558b8bc71bdf5c8afe4824cc64d24/detection 91.193.75.132:5054 # Reference: https://www.virustotal.com/gui/file/26223685082801f26a1f38900436c3a807e18be733aeeace86da064e7116f19e/detection 91.193.75.135:9773 # Reference: https://www.virustotal.com/gui/file/173010920ed174833b6fd01f5bef447b92e5b01cc93431bd9aaafa2ed0bab7b8/detection 105.112.153.67:6755 # Reference: https://www.virustotal.com/gui/file/5dc02173548cf7eb1b364b5336bbc9cbcebf0632ce49173ceda9b4bc5b2a6704/detection # Reference: https://www.virustotal.com/gui/file/435d0e10242410c1f8513df632eac9966534480a2a211fdc2914ad9181b87007/detection 197.210.55.100:5051 79.134.225.113:5051 azizurfattahtradings.duckdns.org # Reference: https://www.virustotal.com/gui/file/cc9f194ea52edf0413ac086a44712fe216f4e092a21896016dbafda3d0a98392/detection # Reference: https://www.virustotal.com/gui/file/cc9f194ea52edf0413ac086a44712fe216f4e092a21896016dbafda3d0a98392/detection # Reference: https://www.virustotal.com/gui/file/bd8d56914effffb8fe5f0a8c45fafd907cfd827e5b3cc6a6d422f7bc2fd9cdb8/detection # Reference: https://www.virustotal.com/gui/file/9b3e5586b8cd6ba3cac38694fd26a090c30c9b91a2a120f0e242da7eb7f5d239/detection # Reference: https://www.virustotal.com/gui/file/6a7f00749c44596d2c3c1e66210ed0027b7b8c5130ef2dedb15b1c228da8e77a/detection 129.56.71.72:3434 79.134.225.76:2882 91.193.75.132:3434 rchickenkillerr.ddns.net # Reference: https://www.virustotal.com/gui/file/0e6a5fea169e41bb0a7d7f28118900a81a74e8144343532fe96608340f6143eb/detection 185.140.53.134:5552 iphanyi.webredirect.org # Reference: https://www.virustotal.com/gui/file/66e89d06fdf5fb974392555aa88a42df0fd8b9cc584f40dad7f996992df64eed/detection 91.193.75.132:6567 chimez.3utilities.com # Reference: http://blog.talosintelligence.com/2022/04/threat-roundup-0401-0408.html (# Win.Dropper.Nanocore-9942608-0) akudon.chickenkiller.com talk2kins.ddns.net # Reference: https://www.virustotal.com/gui/file/a0aa261b6eca399214785a831f60f317f7fb5795d33fe2a07e330b7aabfc0318/detection # Reference: https://www.virustotal.com/gui/file/48a622b582744db13c9de162ec064bbb4dc3324a96987aca175420bcdd9ce56e/detection 185.140.53.133:2030 23.105.131.140:2030 godismyhelperalways.ddns.net # Reference: https://twitter.com/MBThreatIntel/status/1519004262176477184 # Reference: https://www.virustotal.com/gui/file/bc49d502de62f3fce11bf902ef9986cdf6f9b58f5a83df8a1e0e24cc07a75d64/detection 194.5.98.208:58211 kfinance86.duckdns.org # Reference: https://www.virustotal.com/gui/file/4b617174f06378b312b48e8335ce1693ff8a4b13db58a99b8bd2970bca3c3916/detection 185.140.53.174:2404 # Reference: https://www.virustotal.com/gui/file/e51f39f1042b7be2dff0f3f1248296e6b700cd5a88c12b681bd604d86703f7a6/detection 78.199.137.88:1604 bvhg.ddns.net # Reference: https://www.virustotal.com/gui/file/e389b00f89677103881823567bc4db7e214e1c9b66fcff0a7a8aab99ead8dd1f/detection 37.0.11.76:6991 newnano03.ddns.net # Reference: https://www.virustotal.com/gui/file/777a3d165788e66987e59ad74ee2592e520197eb87c13e8027f78b5275f3e2ca/detection # Reference: https://www.virustotal.com/gui/file/68626ffe91c8d25c76d1a108d370b012c1ea664a6bc1e05d97b5eed67ea3b127/detection 197.210.44.192:55150 95.140.125.67:55150 igirige.ddns.net # Reference: https://www.virustotal.com/gui/file/fb226c343034be7751e35cce8b6f5370636c81c1bb0584f5d697991f65d47dc8/detection 91.193.75.135:7654 netwomo.duckdns.org # Reference: https://www.virustotal.com/gui/file/e88ad4cddec1e6ebc93054f6dafccc95b64e7bd243ae763ac060797ce8ee3e64/detection # Reference: https://www.virustotal.com/gui/file/9f5cb52348f3ed11c3550d09ab459ca77f7251dea597c97b8dfde8fffaeb8db1/detection 194.5.99.51:6700 91.193.75.135:6700 omotogo.duckdns.org # Reference: https://www.virustotal.com/gui/file/9ec423e735b0f0297f7df86637673cfa8a58bb31767d7fdf0c877434a553bdb5/detection 194.5.98.193:1602 workstation.dyndns.org # Reference: https://www.virustotal.com/gui/file/113324abf63824e24aee440e0c75c718ce4bd22abbaafb9aa008a3a137b23c14/detection 185.19.85.163:4532 # Reference: https://www.virustotal.com/gui/file/c837280f88c94c57bc0378d783e465f47043ff97db1cacbcac28819176f5e9fd/detection 194.5.98.120:1604 joseedward5001.ddns.net # Reference: https://www.virustotal.com/gui/file/64fa90910d58c03bc0861de5b105a19f13e87018f49bbf1382df74ca511a7e51/detection 69.171.234.48:3600 tesoreria34.myftp.biz # Reference: https://www.virustotal.com/gui/file/c8775526cc16aab8abb1420eddefbe36d5617548a35f9efaff6d7234ddda5075/detection 74.57.44.107:54984 babycat.ddns.net # Reference: https://www.virustotal.com/gui/file/80342d083b4c3bdcdd413e26db65f36cd7fd3457a007fdeb561f7288fc58f26f/detection 2.56.57.83:3867 shinomoo.casacam.net # Reference: https://www.virustotal.com/gui/file/e9194085c64cdc4a943af04c4d44bad1a5dc408989c277f3650b112b00f19ae1/detection 91.192.100.51:3759 don2000.casacam.net # Reference: https://www.joesandbox.com/analysis/1014975#iocs # Reference: https://www.virustotal.com/gui/file/e41027522646237e878d402de2161155182f10e75d944f7a82f2233b07699577/detection # Reference: https://www.virustotal.com/gui/file/dcf9a1f1b289c0d0fe3ce1407c71c37508dc6973db5273f0e6723bd90dbfce25/detection # Reference: https://www.virustotal.com/gui/file/d7d85668f0e2f17b65cf1e3a393e1d19dec65329b8282fc1996af23df4cbc872/detection # Reference: https://www.virustotal.com/gui/file/9b23523d7b582f9ede78a0efe4b8f1a57c700e271975f037292e33690c89808a/detection # Reference: https://www.virustotal.com/gui/file/46684ab7193cdfff1bf0b38de0b79b6982e7895f3c2f67ff79ad0b6ebb60c490/detection 185.244.26.203:7384 194.5.97.97:7384 197.210.45.83:7384 197.210.54.95:7384 79.134.225.10:7384 79.134.225.37:7384 79.134.225.48:7384 new20121.ddns.net # Reference: https://www.virustotal.com/gui/file/2f0d53c60cb7822931ac3f7656afa63081e1bb90b1e2ff07d9bb0d6b8ba02e50/detection 62.197.136.162:6932 # Reference: https://www.virustotal.com/gui/file/2a52d3a84b0c4748f5344aa6f6b1bf6c92e1f13aa82f2c4d42edc5c9c30ff0e5/detection 194.87.84.118:1187 derananocore.ddns.net # Reference: https://gist.github.com/silence-is-best/7b71542e9713d9e8c2546090a1358789 # Reference: https://www.virustotal.com/gui/file/3ae412cee2025ba2d4dc1db206b2b6cef5b08b1942beb94dfb9c8db19e954580/detection 37.0.14.206:4040 # Reference: https://gist.github.com/silence-is-best/7b71542e9713d9e8c2546090a1358789 # Reference: https://www.virustotal.com/gui/file/d2ae9d4c8c7ce7943f76a70d1c49b9b5cb462ec185446656d2409ca5b8cd12ff/detection 185.140.53.138:4433 # Reference: https://www.virustotal.com/gui/file/d53598487480c88a31a4bcca6dad8eda546e726cf8e0b6dbd1f3d4bc715ee015/detection 91.192.100.17:1947 mtty.linkpc.net # Reference: https://www.virustotal.com/gui/file/aad86d9d1d568e00d00fef5c2856455d183086b0a806131d44dc32399ac95edb/detection 37.0.14.195:1993 boobymoore.ddns.net # Reference: https://www.virustotal.com/gui/file/2fb9bff26d02c5df574754d42659ed3a5c6693928a190a089cb795d79b097644/detection 194.147.140.9:9036 anglemanagement.ddns.net anglemanagement039.freeddns.org # Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/Nanocore/Nanocore%20-%2004072022 # Reference: https://tria.ge/220704-mjktlagecr/behavioral1 188.127.231.93:3425 config.linkpc.net # Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/Nanocore/Nanocore%20-%2005072022 136.144.41.240:5899 # Reference: https://www.virustotal.com/gui/file/4686f6994d18e775d9703ac023057dfa26347ddcb7e1da495b7f3e98ebea801f/behavior/VMRay 91.193.75.9:8976 muchlove.ddns.net oneluv.duckdns.org # Reference: https://www.virustotal.com/gui/file/314a86d79d7e1fde63dc40c4020e57c0b67e5d6e7b913c0ca6716897b1721ea4/detection 79.134.225.75:1716 wazzy.ddns.net # Reference: https://www.virustotal.com/gui/file/25053d897a2d3dfe3af26874043cba7bb53287bc6543296ff37ac5f4b6eeccfa/detection 185.92.25.78:1983 hachiko2.webredirect.org # Reference: https://www.virustotal.com/gui/file/3e96a5fb0b4847f9131670159b861e1862339a933ea3699342890ab95d7f15b7/detection 37.120.208.37:49678 37.120.208.37:52085 austinwilli123.duckdns.org austinwilliams.dynu.net # Reference: https://www.virustotal.com/gui/file/156c27383bb6311228f08d6f9320750914b4a803b6c28a6e4560825c02e11f49/detection 91.193.75.131:1691 work2020.ddns.net # Reference: https://www.virustotal.com/gui/file/39c0ae113258a2a9646a715c5cc2eeae809fe24e7b67d8e2e1f1e98b3e8f3bfb/detection 185.140.53.138:39399 timmy01.ddns.net timmy005.ddns.net # Reference: https://www.virustotal.com/gui/file/64912c5140f7b2ea0fac998a2ee9c22419a55dce1ed3acd14796ad64ab91caf5/detection 185.140.53.130:55098 55098hustlenow.hopto.org # Reference: https://www.virustotal.com/gui/file/4623d71cf790864b9701789115beb00fbbece32a62de7c5ea2841a36b6677247/detection 185.140.53.130:1945 nanam.freemyip.com # Reference: https://www.virustotal.com/gui/file/d401cecef9371db314f39d5c4bf3457340d7be6f0aac6c61b3cd25310a9dfadf/detection 185.140.53.130:7689 7689.ddns.net # Reference: https://www.virustotal.com/gui/file/7b4ef65f0ded4570752d1fc312c3501e64b093e4b8356b12160c2e1b5c46a181/detection 194.147.140.25:1991 godblessking.ddns.net # Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/Nanocore/Nanocore%20-%2008072022 91.193.75.132:7668 gyongglobaltradeltd.hopto.org # Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2022-07-19%20Nanocore%20IOCs # Reference: https://app.any.run/tasks/cfbdf896-7fd5-4f2d-8062-91165e6f0eca/ 208.67.104.253:5899 brewsterchristophe.ddns.net # Reference: https://www.virustotal.com/gui/file/7cf15de309cff41c52952b30f824c6246126558327f4b9137796792371d77176/detection 45.162.228.171:30637 shinshongv2.airdns.org # Reference: https://blog.talosintelligence.com/2022/07/threat-roundup-0715-0722.html (# Win.Packed.Nanocore-9957022-0) wirelock.000webhostapp.com # Reference: https://tria.ge/220722-1hccqaaaa2/behavioral2 bitm064.duckdns.org # Reference: https://www.virustotal.com/gui/file/df1b86d97b10bc40521490672192f91a11bf8e42e79d8d99ea6b25fca2930400/detection 141.255.159.207:1177 omanlol.ddns.net # Reference: https://www.virustotal.com/gui/file/43d53290862d4e2ce15720c8d2f9629a72ef6ab76f9da1b1632633ce9fca7263/detection 177.54.206.75:2022 papagaga.duckdns.org # Reference: https://www.virustotal.com/gui/file/99cc8bd3a613d99686656aec57b1a4e622265f13b3df894617a8e80e649eb755/detection djrascas.ddns.net lle.ddns.net # Reference: https://www.virustotal.com/gui/file/37c5623db5c2f98849681ae54240f31220dc7a2ed0a340c38efb9c5d1901c12e/detection 118.184.176.34:11831 # Reference: https://twitter.com/AttackTrends/status/1556536241956478978 192.169.69.26:11940 194.5.98.84:11940 ziggynas10.ddns.net ziggynas10.duckdns.org # Reference: https://www.virustotal.com/gui/file/e7c137d7e34cdab921d4a1abd8fc0d47a8698056431b695f0fd1ec1b3af04280/detection 172.111.164.137:6102 olufembackup.ddns.net # Reference: https://www.virustotal.com/gui/file/3188d69333cb32beed148d05948633677a16a19bfb443cbde808117c421f6354/detection 172.111.164.137:6104 # Reference: https://www.virustotal.com/gui/file/8726c4eee534d070252a218c3a14b5fa2bebd64505d37d4821a94e8f1ed1cd04/detection 175.139.96.108:6122 # Reference: https://www.virustotal.com/gui/file/3e43caef96177ebd4cd590e1500ca01a31d7ebc9f319d9f216b49bceec1de988/detection 172.111.164.137:6116 # Reference: https://otx.alienvault.com/pulse/62f0fbff6cc2f382facb6662 # Reference: https://www.virustotal.com/gui/file/fce7c8ea623a1c6f75098c7041176ba7cbea3c2a391d9af07597d61df2d960bd/detection # Reference: https://www.virustotal.com/gui/file/24892545a0acf732d2954624a4a0c81832457fa2e7e3306438df7cc9415078d6/detection # Reference: https://www.virustotal.com/gui/file/63fe3504383db7fb72f3b82b8920e08eeec7da634c8e4d59be903c418c9b9145/detection 176.221.125.191:4444 20.195.195.150:54984 91.192.100.54:54984 kolek2.ddns.net nanothatha.duckdns.org resultpopupinc.duckdns.org # Reference: https://www.virustotal.com/gui/file/aac0d666a9b1fdf2c4f5bc4418d57bc89754f2aaa007dd9932eba6a88dffe221/detection 51.103.173.125:9090 azazws6606.linkpc.net # Reference: https://www.virustotal.com/gui/file/f6d0e4e1ef5e6772bd3671abed6b8c238766b4faae39a5a6cbde2e0ad48a7011/detection 91.192.100.53:2431 tuk.linkpc.net # Reference: https://www.virustotal.com/gui/file/00f7f9df0f6355c2ddc905e6144114ea5194bbe933859708d024ca4ec36bf38c/detection 194.67.209.128:58887 kgentle77.duckdns.org kgentle777.hopto.org # Reference: https://www.virustotal.com/gui/file/7d23c8916cd92a55a9ead17e4375b61acb709565baefac9e1904cfb20e575d3f/detection niggaugotratted.awsmppl.com # Reference: https://twitter.com/pollo290987/status/1560046557474471936 # Reference: https://www.virustotal.com/gui/file/ba536f2cbdcd10526c5aa0d28b74337b83440d4296b326419c57bfea9756c506/detection 141.98.6.128:1010 kjjuigfdullygigyftkuyluylygilyfidyyuljhd.ydns.eu # Reference: https://twitter.com/James_inthe_box/status/1565362522806292481 # Reference: https://www.virustotal.com/gui/file/9b144809ef27214ff63ef708350546d6aa01929f4bb8cfb12f3efc462b0b0cd1/detection 104.144.69.130:705 katiebrady616.ddns.net # Reference: https://medium.com/@the_abjuri5t/nanocore-rat-hunting-guide-cb185473c1e0 # Reference: https://raw.githubusercontent.com/Abjuri5t/Hunting-NanoCore/master/domain-list.txt 103.151.123.194:8909 americanmedicalassociation.online 236philipjohnson.freedynamicdns.org 2meonline.ddnsgeek.com 411speed.duckdns.org 7567.ddns.net 9386.ddns.net 99gramss.ddns.net RealTopG-40301.portmap.io aleksanderbodhan.hopto.org aleksanderbodhan159.hopto.org alex419.duckdns.org alizuhohostnation.duckdns.org alliedtrade54321.ddns.net amegroupofschoos32.sytes.net amoguscum.ddns.net amuokuku.duckdns.org antitor.duckdns.org antivirus-helper.publicvm.com arieshost.ddns.net arkseven702.ddns.net asynclevel.ddns.net ayranger.ddns.net ayranger7.ddns.net ayranger8.ddns.net aztemglobaltradltd.ddns.net azuite1.ddns.net babacapa.duckdns.org beilard.duckdns.org beilard1.ignorelist.com blackb.duckdns.org blackbladeinc09.bounceme.net blackbladeinc52.ddns.net blessed147.ddns.net bmn.lpmpbanten.id bnbnnjhjkii.ddns.net boboz.ddns.net bohem11.ddns.net boyhome5100.duckdns.org brewsterchristophe.hopto.org brightnano1.ddns.net brightnano2.ddns.net brightrawfile2.ddns.net budahhsegnemich88.home-webserver.de cashlink.ddns.net chase22.ddns.net chery.hopto.org childhome4100.duckdns.org chochoinc07.bounceme.net cloudupdates.ddns.net coconuthead.ddns.net concideritdone.duckdns.org coow.ddns.net craigjonson912.bounceme.net craigjonson99.zapto.org cuckoldfarmer.ddns.net cum.x24hr.com cutixglobal.ddns.net dbgroup1.publicvm.com deranano.hopto.org deranano2.ddns.net deranano5.ddns.net derarawfile10.ddns.net dinolachy.duckdns.org donaldossoinc.hopto.org doubleup.ddns.net drostdyhoffpvt.duckdns.org drrkingsleym001.ddns.net e-businessloader.mywire.org ebuka19.ddns.net eezzyy.duckdns.org emba.espielweinstein.pw erickeith62.ddns.net eset-antivirus.ydns.eu estrenos1a.duckdns.org express104.ddns.net fastspeed.ddnsfree.com flammable.duckdns.org forsondu92.ddns.net france-barely.at.playit.gg franexserve.duckdns.org franexserver.webhop.me freeip666.ddns.net fridayom.duckdns.org gameserver.duia.us george-pressing.at.playit.gg girlhomejan6100.duckdns.org gluer.ddns.net goldresulthsot.duckdns.org goodmanp.ddns.net grace147.duckdns.org greatman.hopto.org grosjeangerard.hopto.org harold.accesscam.org hellomyfriend.ddns.net helpout.duckdns.org hemplife.ddns.net home-comp-8390.dyn.home-webserver.de horizon112.3utilities.com hostlogsnation.duckdns.org idkwhattodo.hopto.org igxchange.ddns.net interest-border.at.playit.gg iumobiliebackup.ddns.net iyhto.ddns.net jamcav.duckdns.org jasonbourne.bounceme.net jcfab.ddns.net joja.ddns.net joyyce.ddns.net justinalwhitedd5544.duckdns.org juuked.hopto.org kamuchehddhgfgf.ddns.net kasawulli845.ddns.net kasawulli845nano.ddns.net kaywestro.duckdns.org kenimaf.duckdns.org kevin.ydns.eu khalil3131.ddns.net kris119.duckdns.org loamy221.sytes.net loamy242.myddns.me logsresu59.duckdns.org louinc928.gotdns.ch lowaspeed.ddnsfree.com lucky001.duckdns.org makeke.ddns.net mallow.3utilities.com malubulule.ddns.net mamarita10005.ddns.net manaheart.ddns.net maxlogs.webhop.me mback53388.duckdns.org meetwithnicholson.ddns.net megalogs2022.duckdns.org mek123.ddns.net meki24.ddns.net mercydylan55.hopto.org michspencer.ddnsfree.com microsoft1337.ddns.net mondayomo.duckdns.org moonje19870506.bounceme.net mpdeal.duckdns.org mphanks.ddns.com mphlabs.ddns.net mup830634.duckdns.org myhostplas12312.ddns.net mynewvirom.duckdns.org naki.airdns.org nan21.duckdns.org naninano123.ddns.net nanjuly.duckdns.org nanltd.duckdns.org nano8000.duckdns.org nano8100.duckdns.org newhost1144.ddns.net newme12.3utilities.com newmeforever.3utilities.com nonny55.3utilities.com norly519.ddns.net nosee.publicvm.com novacomm.duckdns.org nsayers4rm382.bounceme.net nybenspyhost.duckdns.org oba.hopto.org odi419.duckdns.org officewk.duckdns.org oluchiiiiiii.ddns.net oluwaboysharp.ddns.net omaprilcode.duckdns.org omosep6500.duckdns.org parolespotnet.ddns.net pfgeep.ddns.net polulerat.polulesky.xyz portmapuser9999-40587.portmap.io praise.webhop.me profrtgroupnaniio.duckdns.org realtek31.ddns.net redvelvet.ddns.net remote1026.ddns.net renareport.duckdns.org richardmills770.ddns.net rowdea.ddns.net sannation.duckdns.org saturdayom.duckdns.org seatosea.duckdns.org shopexport20.ddns.net silverstargarage.webredirect.org sirohmsgm.duckdns.org slava3257.hopto.org smookish.hopto.org softtrim.hopto.org something4you.gotdns.ch sssyh.ydns.eu strongest.ddns.net suit1-fax.myhome-server.de surya.ddns.net sussyamous34.ddns.net susyamog458dhref34.ddns.net sys2021.linkpc.net thanig.ddns.net timmy06.ddns.net timmy13.ddns.net trustedvpnconnection.anondns.net updatedhostlogs.duckdns.org urregular.ddnsgeek.com vpnozo.hopto.org vrchat.hopto.org watermalon1.sytes.net williamrippa.hopto.org xp230522.ddns.net yefgfghh.ddns.net yomo.hopto.org youngnonte.hopto.org zaezsefsdfqfds.ddns.net zenmacro.ddns.net # Reference: https://www.virustotal.com/gui/file/342778b335198430501489e780bfd6d59f8b2179bf0e8f83eddaf1eea93c30b8/detection microsoft-window.servehttp.com # Reference: https://twitter.com/malware_traffic/status/1570404210730061831 # Reference: https://app.any.run/tasks/fd551487-34b3-48eb-ba25-f6e9acc017a1/ # Reference: https://tria.ge/220915-qbvwdaghcm/behavioral3 185.216.71.194:1010 dera5nano.ddns.net # Reference: https://twitter.com/pollo290987/status/1571890606775095297 # Reference: https://www.virustotal.com/gui/file/8798dff01c8a9db2b19034f12c920e594b1187043938fe4345f4c6011e7be0e2/detection 137.63.71.51:3959 # Reference: https://otx.alienvault.com/pulse/6332e6f1ae4649524ac4d697 cable-corporation.at.playit.gg # Reference: https://www.virustotal.com/gui/file/298e3860779d4c5ccb788fe78d91781446caef1b165d44610acbe5577314113a/detection 82.217.124.24:1604 nanocoretj.ddns.net # Reference: https://tria.ge/221010-qxfnksbhh5/behavioral1 79.134.225.5:6513 encoder147.duckdns.org # Reference: https://twitter.com/malware_traffic/status/1579507488529223682 # Reference: https://app.any.run/tasks/3a3bd485-3310-4086-bef4-af44b80fcbf8/ 80.76.51.109:1010 # Reference: https://tria.ge/220915-n9qyzagfhj/behavioral1 212.193.30.230:14981 hamzzagolozar.loseyourip.com # Reference: https://www.virustotal.com/gui/file/11d7551a7ada4972ba554c4e5f683bce5a458d8dc0930053abc929a5ff02a575/detection 216.38.2.204:4545 realone.giize.com # Reference: https://www.virustotal.com/gui/file/3794803e550275d65f0c27338bfdf610396fc65a07fe500fb3fe59e8a96ea964/detection 79.113.124.42:56785 xgrept1.hopto.org # Reference: https://www.virustotal.com/gui/file/ed2f52dc367bcbc656beca4f2bf46f7620b381870f90845632037783f093ae95/detection 173.46.85.20:4714 preciousyrn.ddns.net # Reference: https://www.virustotal.com/gui/file/1187df949b93ff8d0d52f59a74deebd6686a723a2e95aa85a80f03321123eb6f/detection paul456.ddns.net # Reference: https://www.virustotal.com/gui/file/a8356973d51bff101451770fc7e464e2fa17572b5ee8ba5931cfc3b0d57e8343/detection 79.134.225.76:1919 grace532.publicvm.com # Reference: https://www.virustotal.com/gui/file/a162c6d70a0b45fcf581336b9b442ee17600c2e78d2c7778c9343b1cf8727714/detection 87.237.165.17:8282 iykoo11.ddns.net # Reference: https://www.virustotal.com/gui/file/41c7ccc6c482b078e1c6ae5a6c229b424afaa22edb7334a4abad5793feecebb4/detection 85.202.169.14:9829 docfile.ddns.net docfilepdf.ddns.net # Reference: https://www.virustotal.com/gui/file/e3486cc29831e367af1656f56d42d31b88f2b3960d755345ed9b9c09dc8d3cdd/detection 194.5.98.23:8181 futurist40.duckdns.org # Reference: https://tria.ge/221024-xzvnvaabh7 37.139.128.94:8000 rze6.sytes.net # Reference: https://www.virustotal.com/gui/file/ea4bd6fd20e2dd1ee4e6ddffcae0657e809ab262d0db5b394e42cff6d98004b9/detection aashkanani22.casacam.net aashkanani22.ddns.net # Reference: https://blog.talosintelligence.com/threat-roundup-1028-1104/ (# Win.Dropper.Nanocore-9976516-0) nexaustin.ddns.net # Reference: https://www.virustotal.com/gui/file/26d62fb1ca77910b4ae35e3868c4c1e45fc58b9261a14de8a39fb0ba3144d943/detection 104.24.124.152:60611 # Reference: https://www.virustotal.com/gui/file/7d794aa4eea0a8136b0d447f81d0445572bf28ec9d351e2b63f0b1ee55b861fe/detection 103.224.182.252:440 # Reference: https://www.virustotal.com/gui/file/b9cb1c7c428f91440c27d5e121934cce55d778c3131fcf0eed0a4e5be37af54e/detection # Reference: https://www.virustotal.com/gui/file/463d034ddcb02b886e5fb9e7dc002757fcd3beea143bd3e512ef98f0ab793db4/detection # Reference: https://www.virustotal.com/gui/file/388d204f125290642ba82eaa1352937a2ba62a30f61498a465810c19591ffc19/detection 178.73.192.3:54984 46.246.12.69:2404 46.246.84.4:5555 backup.senegalsante.org redirection-anti-spam.duckdns.org # Reference: https://twitter.com/kienbigmummy/status/1590193685446414336 # Reference: https://www.virustotal.com/gui/file/9649d40fac02e4209bce389a120672921994f083862684306cb2c863aac38b38/detection 137.63.71.51:3968 # Reference: https://www.virustotal.com/gui/file/ee5a72ebdd5bafdf47777db69c63c352725776757c2c58fc0316a498fa1434fc/detection 95.136.36.121:1011 0001002230.ddns.net # Reference: https://twitter.com/ScumBots/status/1602189593511608322 # Reference: https://www.virustotal.com/gui/file/51cd2ba92fa54c33411ba7e082c1a2a042dd3bc3bbde931d508258dea2967598/detection 209.25.140.180:14931 209.25.141.180:14931 pro-ethiopia.at.ply.gg # Reference: https://twitter.com/TeamDreier/status/1602254294949953536 # Reference: https://tria.ge/221212-mns1rsbb35/behavioral1 194.180.48.210:5634 svetanakravenova248.ddns.net # Reference: https://www.virustotal.com/gui/file/3c87080123203da609afd0a8c6c73a2b82c7fb1ce524b950142dd8f623fb1136/detection # Reference: https://www.virustotal.com/gui/file/8d9ac1f7b2a16e8b3a2b3615db6ad686e046dc566f304f9f02184af92e7fd53d/detection 78.87.218.147:23341 78.87.218.147:44713 0101010101.duckdns.org # Reference: https://www.virustotal.com/gui/file/042016e79024e0d7569d34b557ce91660116356e3da1bb82465d35694277f2df/detection 91.109.186.4:1605 12kx.sytes.net # Reference: https://www.virustotal.com/gui/file/42ada343e760c0720184703e6e49739a27d9ce3a2a64b307799d2bb82078d159/detection 2.223.67.90:5353 123ajkwid.hopto.org # Reference: https://www.virustotal.com/gui/file/994320f1a18a051da9daa8284d18e2ba5befb5d770c52db911cf0e54b1ccb2f1/detection # Reference: https://www.virustotal.com/gui/file/95819cb6a11ff9abc442a4bd33851259fee9e4034b79e34b0edb18bd6084f493/detection 185.82.217.154:5454 123ght123.hopto.org # Reference: https://www.virustotal.com/gui/file/cde7e767d7c581252d84fffc579492cf5df5eec30588f41bcacbc613ef29b40c/detection 185.140.53.9:2022 2022.hopto.org # Reference: https://www.virustotal.com/gui/file/6538d82770f38764b59f2fdf6ad83c6760aa96bcf771e1c00b30259b52ba8a65/detection 194.147.140.181:9090 2022ofgreatness.hopto.org # Reference: https://www.virustotal.com/gui/file/40e577ca71fd8988f110b0ed2246f5925ceec3a9e74b016e4a75c535bd3b6bb8/detection 2630.hopto.org # Reference: https://www.virustotal.com/gui/file/afc5de157cad8aa5da9e6aeef5d791b2de8b2e9dd8732a3e9ce5a1384bc00b0d/detection 86.90.27.189:5678 04229512.ddns.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ 101.43.166.109:5846 103.114.107.108:54984 103.133.111.25:1007 103.141.138.125:24980 103.151.123.194:8763 103.151.123.77:1996 103.153.77.119:7632 103.153.78.76:7707 103.176.111.90:8550 103.46.140.43:54984 103.46.141.73:14109 104.144.69.130:707 104.144.69.135:7600 104.144.69.139:3990 104.144.69.141:54955 104.144.69.144:707 104.144.69.159:54984 104.144.69.160:7600 104.168.65.245:5498 105.112.100.199:57689 107.150.23.184:38952 107.172.75.158:21038 107.182.129.128:1818 107.182.129.16:8687 107.182.129.248:1010 107.182.129.248:6860 107.182.129.51:1996 107.182.129.59:2000 107.182.129.61:1665 107.182.129.71:2010 107.213.220.165:53 109.206.241.128:5211 109.206.241.195:5899 109.206.243.174:6696 109.248.150.171:83 128.116.201.163:1234 13.58.157.220:10104 13.59.15.185:17425 13.59.15.185:17662 13.59.15.185:17912 13.59.15.185:18445 13.59.15.185:19948 134.19.179.147:63576 134.19.179.179:6755 135.148.12.148:1608 136.144.41.76:2222 136.243.111.71:54984 137.184.34.130:8273 137.63.71.51:3994 138.128.245.10:2023 141.95.116.226:2782 141.98.102.187:6755 141.98.6.123:21038 141.98.6.128:1187 141.98.6.20:6754 141.98.6.231:6318 141.98.6.70:54984 144.168.243.161:705 144.202.69.96:22102 146.70.35.143:1012 152.89.218.40:54984 155.138.222.252:53896 156.96.44.202:1333 156.96.62.59:6051 163.123.142.161:141 163.123.142.254:6700 163.123.143.143:1665 163.123.143.235:666 165.22.47.100:54984 165.22.47.100:6141 167.71.56.116:22053 167.71.56.116:22378 171.22.30.167:1007 171.22.30.170:1989 171.22.30.239:6932 171.22.30.56:1996 171.22.30.90:3693 171.22.30.97:1989 172.107.169.46:3421 172.111.199.139:14109 172.111.208.177:9036 172.111.251.195:9036 172.245.163.134:9036 172.245.163.161:2049 172.245.163.161:9003 172.94.42.77:54983 172.98.92.42:58491 177.75.89.26:5000 18.156.13.209:13809 18.156.13.209:16050 18.156.13.209:16368 18.157.68.73:13809 18.157.68.73:16050 18.157.68.73:16368 18.158.58.205:13731 18.189.106.45:10715 18.189.106.45:12356 18.189.106.45:14111 18.189.106.45:14324 18.189.106.45:16463 18.189.106.45:17337 18.192.93.86:13809 18.192.93.86:16050 18.192.93.86:16368 18.197.239.5:13809 18.197.239.5:16050 18.197.239.5:16368 18.198.77.177:11915 18.198.77.177:19408 184.105.192.5:2333 184.105.237.195:10001 184.105.237.195:10010 184.105.237.195:2929 184.75.223.235:2755 184.75.223.235:3782 184.75.223.235:3810 184.75.223.235:3811 184.75.223.235:3847 185.102.170.106:2010 185.140.53.12:8100 185.140.53.132:6122 185.140.53.134:6262 185.140.53.138:7755 185.140.53.147:1604 185.140.53.158:7688 185.140.53.174:1604 185.140.53.183:8844 185.140.53.243:4573 185.140.53.25:7688 185.140.53.3:31789 185.140.53.69:30507 185.140.53.6:1212 185.157.161.6:2022 185.157.162.187:1604 185.157.162.75:1608 185.165.153.209:45635 185.165.153.209:7654 185.165.153.26:44321 185.173.34.190:5557 185.174.40.75:7688 185.19.85.141:2502 185.19.85.141:2702 185.19.85.144:4040 185.19.85.160:54761 185.19.85.181:9034 185.213.155.161:2264 185.216.71.149:5899 185.216.71.189:5899 185.216.71.196:5899 185.220.69.56:6662 185.222.58.111:5355 185.225.73.164:7712 185.244.29.156:24980 185.244.29.89:2021 185.244.31.162:7688 185.254.37.72:2025 185.29.9.48:32114 185.65.134.179:2264 185.65.134.180:2264 185.81.157.236:5080 188.127.237.221:2431 188.215.229.145:3546 192.158.232.67:1447 192.158.233.204:54984 192.169.69.25:1501 192.169.69.25:1996 192.169.69.25:2000 192.169.69.25:2002 192.169.69.25:22027 192.169.69.25:2278 192.169.69.25:24980 192.169.69.25:40000 192.169.69.25:40001 192.169.69.25:40005 192.169.69.25:4040 192.169.69.25:4842 192.169.69.25:4937 192.169.69.25:5001 192.169.69.25:54980 192.169.69.25:5555 192.169.69.25:5873 192.169.69.25:58887 192.169.69.25:6969 192.169.69.25:7654 192.169.69.25:7791 192.169.69.25:8050 192.169.69.25:9087 192.169.69.26:15607 192.169.69.26:1994 192.169.69.26:2027 192.169.69.26:3535 192.169.69.26:40111 192.169.69.26:4842 192.169.69.26:48562 192.169.69.26:54980 192.169.69.26:54984 192.169.69.26:5550 192.169.69.26:6262 192.169.69.26:7776 192.169.69.26:8234 192.169.69.26:8888 192.3.193.136:1344 192.30.89.67:2449 193.111.125.123:511 193.169.253.188:9750 193.233.185.110:1187 193.233.187.19:555 193.31.30.138:1365 193.47.61.170:1989 193.47.61.249:53965 194.147.140.103:1122 194.147.140.230:10101 194.147.140.55:8779 194.147.5.75:5899 194.15.108.51:54991 194.180.224.105:40001 194.180.224.105:40005 194.26.213.230:5525 194.31.98.116:2022 194.31.98.178:1187 194.31.98.18:1187 194.5.97.123:11059 194.5.97.169:4573 194.5.97.17:5023 194.5.97.192:9050 194.5.97.21:6060 194.5.97.21:8282 194.5.97.231:6030 194.5.97.247:2525 194.5.97.26:1098 194.5.97.98:2180 194.5.98.102:3100 194.5.98.126:8605 194.5.98.12:3531 194.5.98.12:8779 194.5.98.138:6090 194.5.98.141:2180 194.5.98.148:5050 194.5.98.148:6776 194.5.98.156:12094 194.5.98.15:8282 194.5.98.160:12042 194.5.98.160:4090 194.5.98.160:5090 194.5.98.160:7090 194.5.98.165:19864 194.5.98.167:19864 194.5.98.173:5842 194.5.98.176:60451 194.5.98.17:1177 194.5.98.183:52005 194.5.98.198:54999 194.5.98.208:50720 194.5.98.20:6060 194.5.98.219:40111 194.5.98.219:48562 194.5.98.222:4190 194.5.98.227:19864 194.5.98.24:4693 194.5.98.24:6060 194.5.98.29:8282 194.5.98.33:53409 194.5.98.38:7410 194.5.98.46:6920 194.5.98.46:8181 194.5.98.54:9034 194.5.98.5:4918 194.5.98.7:52943 194.5.98.84:54984 194.5.98.93:4444 194.5.98.9:52943 194.55.186.150:7600 194.87.84.135:1187 194.87.84.21:1995 194.87.84.21:7687 194.9.172.60:54984 195.133.40.119:2500 195.178.120.227:4032 195.242.110.163:1001 195.242.110.7:54984 198.12.252.160:443 198.20.177.159:705 198.50.231.134:5498 2.3.155.124:54984 2.56.56.126:1818 2.56.56.74:10449 2.56.56.96:111 2.56.57.130:5899 2.56.59.101:1828 2.56.59.113:1818 2.58.149.232:4573 2.58.149.236:6932 202.182.100.23:40001 208.67.105.101:2025 208.67.105.178:1492 209.127.186.205:2102 209.182.100.23:40001 209.25.140.180:27725 209.25.141.180:25384 209.25.141.180:56956 209.25.141.180:57584 209.25.141.211:80 209.25.141.229:38741 209.25.141.229:42124 212.192.241.164:1187 212.192.246.176:2486 212.192.246.194:1990 212.193.30.148:53904 212.193.30.204:1187 212.193.30.230:14977 212.193.30.230:40111 212.193.30.230:60451 212.193.30.230:60705 212.193.30.23:2122 212.193.30.80:5454 212.87.204.153:6100 213.152.161.211:28146 213.152.161.229:6324 213.152.161.69:52049 213.152.161.85:6755 213.152.187.210:6755 213.184.126.143:1993 216.218.135.117:3603 216.218.135.118:3603 216.218.135.118:9497 216.244.221.110:4005 216.250.250.94:54955 216.250.251.191:24980 23.105.131.166:3531 23.105.131.186:1620 23.105.131.196:7788 23.105.131.206:67 23.105.131.228:7788 23.105.131.237:9091 23.105.131.249:1620 23.105.171.87:44800 23.229.34.114:705 23.237.25.128:54984 24.135.175.197:24069 27.254.163.12:8080 3.121.139.82:11915 3.121.139.82:16163 3.124.67.191:14664 3.124.67.191:17240 3.125.188.168:14664 3.125.188.168:17240 3.126.224.214:14664 3.126.224.214:18009 3.126.37.18:13809 3.126.37.18:16050 3.126.37.18:16368 3.127.138.57:13809 3.127.138.57:16050 3.127.253.86:16163 3.127.253.86:19408 3.127.59.75:11915 3.127.59.75:16841 3.128.107.74:17425 3.128.107.74:17662 3.128.107.74:17912 3.128.107.74:18445 3.128.107.74:19948 3.129.187.220:14880 3.129.187.220:19235 3.13.191.225:12323 3.13.191.225:14605 3.13.191.225:17628 3.13.191.225:17742 3.131.147.49:12362 3.131.147.49:14880 3.131.147.49:19235 3.131.207.170:17425 3.131.207.170:17662 3.131.207.170:17912 3.131.207.170:18445 3.131.207.170:19948 3.132.159.158:10715 3.132.159.158:12356 3.132.159.158:14111 3.132.159.158:14324 3.132.159.158:16463 3.133.207.110:14880 3.133.207.110:16559 3.133.207.110:19235 3.134.125.175:12323 3.134.125.175:14605 3.134.125.175:17146 3.134.125.175:17628 3.134.125.175:17742 3.134.39.220:11828 3.134.39.220:12323 3.134.39.220:14605 3.136.65.236:14880 3.136.65.236:16559 3.136.65.236:19235 3.138.180.119:12362 3.138.180.119:14880 3.138.180.119:19235 3.138.45.170:17425 3.138.45.170:17912 3.138.45.170:18445 3.138.45.170:19948 3.14.182.203:11970 3.14.182.203:12323 3.14.182.203:14605 3.14.182.203:17146 3.14.182.203:17628 3.14.182.203:17742 3.140.223.7:10715 3.140.223.7:14111 3.140.223.7:14324 3.140.223.7:16463 3.140.223.7:17337 3.141.142.211:10715 3.141.142.211:14111 3.141.142.211:14324 3.141.142.211:16463 3.141.142.211:17337 3.141.177.1:10715 3.141.177.1:12356 3.141.177.1:14111 3.141.177.1:14324 3.141.177.1:17337 3.141.210.37:10715 3.141.210.37:12356 3.141.210.37:14111 3.141.210.37:14324 3.141.210.37:16463 3.141.210.37:17337 3.142.129.56:10104 3.142.167.4:10104 3.142.167.54:10104 3.142.81.166:10104 3.145.201.105:3637 3.17.7.232:11828 3.17.7.232:12323 3.17.7.232:14605 3.17.7.232:17628 3.17.7.232:17742 3.19.130.43:10104 3.22.15.135:14880 3.22.15.135:16559 3.22.15.135:19235 3.22.30.40:12323 3.22.30.40:14605 3.22.30.40:17146 3.22.30.40:17628 3.22.30.40:17742 3.22.53.161:17425 3.22.53.161:17912 3.22.53.161:18445 3.22.53.161:19948 3.67.112.102:13731 3.67.15.169:14664 3.67.15.169:17240 3.67.15.169:18009 3.67.62.142:13731 3.68.56.232:14664 3.68.56.232:18009 31.210.20.129:8686 31.210.20.18:2486 34.221.57.122:83 35.158.159.254:11915 35.158.159.254:19408 35.198.98.125:80 37.0.11.164:7600 37.0.11.252:1993 37.0.11.6:1515 37.0.14.195:2023 37.0.14.195:4489 37.0.14.195:6122 37.0.14.196:1759 37.0.14.196:28289 37.0.14.198:9090 37.0.14.203:57601 37.0.14.210:6060 37.0.14.216:2828 37.0.8.115:1605 37.0.8.138:1990 37.0.8.234:6932 37.0.8.61:1492 37.0.8.61:7650 37.0.8.98:2010 37.120.141.153:7782 37.120.141.168:20442 37.120.210.219:3397 37.120.210.219:8430 37.139.128.94:6000 37.139.129.71:7712 37.139.129.91:9921 41.216.183.170:1665 41.216.183.49:1447 43.154.234.84:28100 45.11.231.129:2030 45.12.253.26:1665 45.132.106.37:6060 45.132.106.37:6445 45.133.1.119:6991 45.133.1.126:2010 45.137.20.4:4984 45.137.20.4:56648 45.137.22.152:8472 45.137.22.35:54984 45.137.65.132:6269 45.137.65.229:5050 45.139.105.174:8282 45.14.165.113:5709 45.141.239.47:2010 45.154.98.222:54984 45.195.25.163:4000 45.35.105.148:6700 45.59.127.4:4783 45.74.38.17:9036 46.183.220.115:31740 46.243.140.88:5569 46.246.84.5:9124 5.134.196.78:43235 5.181.234.149:54678 51.89.157.228:54984 52.14.18.129:17425 52.14.18.129:17662 52.14.18.129:17912 52.14.18.129:18445 52.14.18.129:19948 52.28.112.211:11915 52.28.112.211:16841 52.28.112.211:19408 54.188.68.225:1008 62.197.136.144:2486 62.197.136.237:55688 62.197.136.29:6932 62.197.136.51:6262 63.141.237.50:44621 65.92.124.154:1929 66.94.106.77:1337 67.182.249.169:8273 68.196.160.138:4567 68.235.43.100:59335 68.235.44.57:59335 73.229.114.85:54984 74.201.28.111:141 76.8.53.140:62520 77.92.253.196:3377 78.172.239.55:1604 78.173.184.33:54984 79.110.62.150:4032 79.110.62.158:4089 79.110.62.187:4032 79.134.225.108:1985 79.134.225.115:7688 79.134.225.119:3384 79.134.225.11:8085 79.134.225.121:54984 79.134.225.13:5673 79.134.225.18:1414 79.134.225.18:9034 79.134.225.20:1997 79.134.225.22:54761 79.134.225.26:2943 79.134.225.28:2580 79.134.225.30:1717 79.134.225.38:15110 79.134.225.49:10101 79.134.225.53:7171 79.134.225.69:1620 79.134.225.6:1620 79.134.225.6:43147 79.134.225.6:60110 79.134.225.71:7480 79.134.225.73:3531 79.134.225.74:1515 79.134.225.75:7691 79.134.225.76:1515 79.134.225.76:5252 79.134.225.77:7988 79.134.225.7:40405 80.76.51.88:408 80.76.51.88:409 81.161.229.140:1447 83.213.245.105:5555 84.38.129.53:31789 84.38.130.214:1604 84.38.133.204:3535 84.51.52.166:54984 85.202.169.165:2025 85.208.136.69:6932 85.31.46.156:54984 85.31.46.207:22 85.86.25.62:1515 85.86.25.62:5555 85.97.69.68:6122 86.219.97.216:53896 87.251.79.109:48405 91.109.176.11:443 91.109.182.3:65535 91.109.186.5:1991 91.109.190.5:1194 91.192.100.11:15049 91.192.100.14:53081 91.192.100.16:48562 91.192.100.4:3531 91.192.100.5:2702 91.192.100.8:1333 91.192.100.8:33400 91.192.100.8:5842 91.192.100.8:9036 91.192.100.9:2404 91.193.75.131:1990 91.193.75.131:5455 91.193.75.132:5422 91.193.75.132:6884 91.193.75.132:7189 91.193.75.132:7354 91.193.75.132:7664 91.193.75.133:1110 91.193.75.133:22233 91.193.75.133:2323 91.193.75.133:2630 91.193.75.133:2938 91.193.75.133:6884 91.193.75.134:6561 91.193.75.134:8282 91.193.75.135:16554 91.193.75.135:60110 91.193.75.136:5252 91.193.75.141:15359 91.193.75.144:7688 91.193.75.147:2456 91.193.75.154:1604 91.193.75.169:10449 91.193.75.177:37186 91.193.75.211:15410 91.193.75.218:54999 91.193.75.221:4040 91.193.75.221:5055 91.193.75.223:33456 91.193.75.226:1983 91.193.75.234:3259 91.193.75.248:15440 91.193.75.252:26000 91.92.120.123:705 91.92.120.183:705 92.240.245.3:1122 93.114.128.20:5678 94.23.103.59:54984 95.214.24.80:2021 95.214.27.236:7007 95.70.139.81:54984 98.221.242.137:4782 2022success.ddns.net battlewow.us.to blessed1234.duckdns.org cardeliver.ca cherpa.eu claude111.duckdns.org crotac.duckdns.org danteyy.ddns.net december2n.duckdns.org fotosintesisballs69.ddns.net gervenneoil.buzz justkowir.duckdns.org muna001.duckdns.org pp.specterlogisitics.com realtopg-40301.portmap.io slave01.duckdns.org smithcity123.ddns.net something5you.gotdns.ch stevewells.hopto.org tradeguru.com.pk wealth555.ddns.net williamscomputer101.ddns.net # Reference: https://www.virustotal.com/gui/file/bd37993bd00521207013e610f522bc61cd9b5a50e24811bd7b8405230e96b358/detection 23.227.203.221:4904 brillis.duckdns.org # Reference: https://www.virustotal.com/gui/file/fb456ac776b521f1673988bccc5de5c74843f6d9e447929d4456b1689273a97a/detection # Reference: https://www.virustotal.com/gui/file/e6b74e0198d2489952bd31a985fa7cadb3a493f440159bf78ee203e52c518fba/detection 185.33.234.172:1515 nonstop1881.duckdns.org nonstop2020.duckdns.org # Reference: https://www.virustotal.com/gui/file/58556c4d5976e8d36fcf36742877454ed2c9fc6e90afebcaab3a7a1b86d350a2/detection # Reference: https://www.virustotal.com/gui/file/28facaeb8bf5891b98e09ae33d135c27bf57eb843705eaf972668cc963ce1412/detection 197.210.85.120:53535 37.0.14.209:53535 lucasjules.ddns.net # Reference: https://www.virustotal.com/gui/file/441882d2fa3135295a1a9912d2bbbcb09dbcf18ce24b9d1af13741c64573e378/detection beniecenvet.sytes.net # Reference: https://www.virustotal.com/gui/file/cfd85cb6f869eb09c97ee58a17eea5f972e3846b466f97d53276ba20b98d7b2a/detection 185.213.155.165:4577 gregern.ddns.net # Reference: https://www.virustotal.com/gui/file/855fd72221ab535c7955a874e53e443f25f585e372e55d53b4bf1e6d05032f79/detection 141.98.255.149:30108 141.98.255.154:30108 # Reference: https://twitter.com/SarlackLab/status/1628824910679138307 192.169.69.26:4156 # Reference: https://twitter.com/malmoeb/status/1630820398257299456 # Reference: https://www.virustotal.com/gui/file/2cfa6e2290e53959d5f6d2f9d8a4e714941735b750a710223df1db7a0758cf22/detection 45.137.65.132:6369 mobort.duckdns.org # Reference: https://www.virustotal.com/gui/file/47eb8dc93f94ba337810352ba67e1f0a60666d3ba6f13d3888924d419d8b3fce/detection cooempresasltda104.duckdns.org # Reference: https://www.virustotal.com/gui/file/ff860847be3898e4c6df45ddce5e100c3729a5506d5be12188923205970027d9/detection 92.99.238.135:1604 fortest123.hopto.org # Reference: https://www.virustotal.com/gui/file/d2e347f7ecbcb94a4fe2e0ea86f92d0f60321be94441265b97f0e0b212c0efbc/detection 46.246.12.15:2020 46.246.86.15:2020 patria.duckdns.org # Reference: https://www.virustotal.com/gui/file/0cf89e8630810da61825cf3b04989edd2ef05c7a9219070ba0dfe3c9b63358bb/detection allonsy.hopto.org # Reference: https://www.virustotal.com/gui/file/3513481979f9846a21de74830c896ffe4080c8bf1a57c4578544600be47cc158/detection 196.77.23.238:54984 41.143.49.111:54984 rasdrasd.publicvm.com # Reference: https://blog.talosintelligence.com/threat-roundup-0331-0407-2/ (# Win.Dropper.Nanocore-9995112-1) # Reference: https://www.virustotal.com/gui/file/0d36017cc6ac2ccd7b332ef4efc2c3a7c039c594caab75eff13999fbb27b5980/detection obelltd.ddns.net # Reference: https://www.virustotal.com/gui/file/aec3e3652da5df8a17e09647efbfec7771e5ec1c2263d0d6218ba1d4bdb086a9/detection 185.65.134.165:62427 secureserver123.duckdns.org # Reference: https://www.virustotal.com/gui/file/dc28cbcc9ef6bdfc3a3ccf58b13023e24b007b8ee4cd03f8bd5dc5f62b921e1a/detection # Reference: https://www.virustotal.com/gui/file/c3eef118cd5d331e6792f16d59afdf8c58fdfdd5d3797657902a86f11837fbfc/detection 185.65.134.164:62709 185.65.134.165:62709 185.65.134.167:62709 185.65.134.181:62709 185.65.134.182:62709 ttvtw.freemyip.com # Reference: https://www.virustotal.com/gui/file/0dbe3c1b57287888e4eeea2a486e5adda95bb9fce97e2bdffad47802e4d9d92f/detection alertt.duckdns.org # Reference: https://www.virustotal.com/gui/file/57e5641d6352c5a2c9fee6b2bf6bc91ace13360e30493903c14db3850b1b8f64/detection bankuntu.duckdns.org # Reference: https://www.virustotal.com/gui/file/0a5bc24c57e9483aed14ac2c9d30d56d7515f0b003e453406a6b6d5884493744/detection bouricrat.duckdns.org # Reference: https://www.virustotal.com/gui/file/8d3b0b73f7f381bafb21e0518a4f70eb9c1872c28da7faafa54e668315e9ad33/detection # Reference: https://www.virustotal.com/gui/file/628829ae292146d2e3b84e09295ff623e9a158a2791c277c009b5d4055a502e5/detection # Reference: https://www.virustotal.com/gui/file/8eb2f7ab9bab3a18b8e697ade5fa57a70f7200bb442179bb8761b9f2d876345f/detection 45.132.106.37:4766 45.132.106.37:6269 macador.duckdns.org macrim.duckdns.org # Reference: https://www.virustotal.com/gui/file/f3281de38ce156662c0691317174b3792e18b15ac9ebfdf82c10e1b2f5f6e3e7/detection # Reference: https://www.virustotal.com/gui/file/3a15ee54a292dbe70ab7e4e684bf3954897ab97374cb96cd9639c067f0c290e4/detection # Reference: https://www.virustotal.com/gui/file/0facd089f92fda41f49e30f186ec2767b612cd96e46491451523fc50260d77fb/detection stepin.duckdns.org # Reference: https://www.virustotal.com/gui/file/cb5a3edef941f770e70d5938bb2c5bad7f82892884b73b0512f76a0be0e8b692/detection # Reference: https://www.virustotal.com/gui/file/6092c6114d7aaf7442af519890d2ac3136806b31bda6a411a12b61d1ccfa118c/detection # Reference: https://www.virustotal.com/gui/file/3d36a06552f24dc4a5ac3a4d9594e30dee088c95c1139b6e2d1374130d9065d9/detection valentine23.duckdns.org # Reference: https://www.virustotal.com/gui/file/d2fc202f8c3d4adf3e5f43bcb79913fdbba8c98c1bf6f81e80309d283aa15059/detection 45.141.27.208:54984 # Reference: https://www.virustotal.com/gui/file/f87fb8666397746bf471e8bec498f83d11e53c204d515abccb2154c44c3763a3/detection # Reference: https://www.virustotal.com/gui/file/70f45664499746bac72bb3aabc25b79f8623479ebaf80d03ca56479fe4e516a2/detection 192.169.69.25:2929 79.134.225.40:2929 benedictus.duckdns.org # Reference: https://www.virustotal.com/gui/file/08ad4fdc0668b7696b3041e0c791f2a9b1b8c6c0814c0904e711779ece205f6f/detection 23.105.131.129:7185 harold.ns01.info haroldy.accesscam.org # Reference: https://www.virustotal.com/gui/file/25cf559d1de914a23563ad710eb291840283e5e9963b3941e51799220cc09ea5/detection 23.146.242.147:3606 31.210.20.226:3606 # Reference: https://www.virustotal.com/gui/file/9b5f44aa8226ef02d998f3b6e60eb14ddf3301c38694e5c55ea040545e83886b/detection 134.19.179.147:38046 dominion46.ddns.net # Reference: https://twitter.com/kienbigmummy/status/1658813288464125952 # Reference: https://www.virustotal.com/gui/file/a31358e9f59219cfa5f1acbc680eab9f56aa3fd9975fc73537768d9f43fb6abc/detection 141.98.6.167:4032 jasonbourneblack.ddns.net rolandlandson149.bounceme.net # Reference: https://github.com/Gi7w0rm/MalwareConfigLists/blob/main/SmokeLoader/smoke_out_14_05_2023_NL.txt # Reference: https://www.virustotal.com/gui/file/03c8ae088d9b5ed64de0ac1782f3b2a9ee31ebd3597d03f285a0c31b9e6ef25f/detection http://213.170.135.147 213.170.135.147:4449 max.con-ip.com # Reference: https://www.virustotal.com/gui/file/a3d233a87114b7ff5648e4ee135c6fc69245c2a2b9c37dd7e340f3de5864f946/detection 194.147.140.137:4811 197.210.29.97:4811 # Reference: https://www.virustotal.com/gui/file/847a1d56185a69c2e30b44368c404bc91107463274fa66b260277b1c0616b66b/detection 213.152.187.210:4367 demouser.theworkpc.com # Reference: https://www.virustotal.com/gui/file/039bb173b6ffb1047323d9b5f31bf063f7c5bdd74bcb5c3736d529234e2932e1/detection 160.120.17.236:3240 160.120.22.55:3240 160.120.25.124:3240 160.120.25.88:3240 173.252.103.64:3240 66.220.147.11:3240 69.171.244.15:3240 69.171.247.71:3240 imagine.here-for-more.info ivoirienpoe.ddns.net # Reference: https://www.virustotal.com/gui/file/17c08dfb80f2cbc34023cb196c27380eaf7ea99df4e20082e3b5cff7f84db48d/detection 213.152.161.40:33045 mozess.is-a-cpa.com # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-07-28) 103.212.81.151:58876 103.212.81.152:4654 103.212.81.155:23591 103.212.81.155:3190 103.212.81.157:23591 107.182.128.9:6636 107.182.128.9:7727 109.206.242.17:4141 12.202.180.134:8550 13.229.3.203:14920 13.58.157.220:18184 13.59.15.185:13025 141.255.152.96:1991 141.255.156.145:1991 159.223.171.199:22282 159.223.171.199:22550 159.223.171.199:3404 165.227.31.192:22429 168.119.0.173:5665 176.9.158.133:3456 177.67.82.66:5000 18.136.148.247:14920 18.139.9.214:14920 18.141.129.246:14920 18.158.249.75:29052 185.252.179.198:8282 192.121.102.38:57788 192.169.69.25:2097 192.169.69.25:6790 192.169.69.26:414 192.169.69.26:54914 192.169.69.26:60451 192.169.69.26:60705 192.169.69.26:61715 192.253.241.112:55420 193.56.29.145:8550 194.147.140.133:1092 194.147.140.133:50720 194.5.98.137:50720 194.87.151.236:4334 209.25.141.212:45203 209.25.141.224:12008 212.193.30.230:4984 212.193.30.230:6060 212.193.30.230:61715 212.193.30.230:9387 213.152.161.138:3648 213.152.161.138:3658 213.152.161.138:3672 213.152.161.138:3692 213.152.161.40:21942 213.152.162.181:9387 216.218.135.117:3344 24.199.85.225:4137 24.199.85.225:6349 24.199.85.225:8273 3.125.102.39:29052 3.126.37.18:18809 3.128.107.74:13025 3.129.187.220:10918 3.129.187.220:17403 3.13.191.225:14795 3.131.147.49:10918 3.131.147.49:17403 3.131.207.170:13025 3.133.207.110:10918 3.133.207.110:17403 3.134.125.175:14795 3.134.39.220:14795 3.136.65.236:10918 3.138.180.119:10918 3.138.180.119:17403 3.138.45.170:13025 3.14.182.203:14795 3.142.129.56:18184 3.142.167.4:18184 3.142.167.54:18184 3.142.81.166:18184 3.145.201.105:3436 3.17.7.232:14795 3.19.130.43:18184 3.22.15.135:10918 3.22.15.135:17403 3.22.30.40:14795 3.22.53.161:13025 3.6.115.64:16968 3.6.30.85:16968 3.6.98.232:16968 31.210.55.103:41480 31.210.55.103:43673 37.0.14.197:58876 45.12.253.242:5899 45.137.22.133:5899 45.35.64.214:5665 45.88.67.63:6060 45.88.67.63:63882 46.246.86.210:54984 5.252.165.230:28289 52.14.18.129:13025 52.220.121.212:14920 67.164.193.74:8273 77.153.188.104:54984 82.130.171.45:5555 82.66.202.142:53896 91.109.178.4:1991 91.109.184.9:1991 91.109.190.2:1991 91.166.222.211:16383 91.192.100.6:8844 91.192.100.7:1620 91.192.100.7:54984 91.193.75.131:1116 91.193.75.178:62335 91.193.75.249:23591 91.207.57.115:13838 95.214.27.236:7008 and-tim.at.ply.gg arkseven7002.ddns.net arkseven7003.ddns.net ayranger10.ddns.net december2nd.ddns.net ezemnia3.ddns.net hadleyshope.3utilities.com hkmtdr.ddns.net insurance-agencies.at.ply.gg jix37.duckdns.org kala007.duckdns.org microsoftservicev55.hopto.org nonoise.duckdns.org patyneduchez3212.duckdns.org percolysrl2.ddns.net secur3.duckdns.org sneakerpop.bounceme.net staywicked99.ddns.net testscama-myleads.ddns.net timmy08.ddns.net uilove.ddns.net wqqkgzmrdwxl8j.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-07-31) 167.235.75.225:7594 194.147.140.139:1620 mbkmoney604.duckdns.org # Reference: https://threatfox.abuse.ch/ioc/1146593/ 91.193.75.133:1574 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-08-06) 167.235.75.225:7490 94.156.6.225:4040 chibuikemusic.duckdns.org # Reference: https://threatfox.abuse.ch/ioc/1148915/ 46.246.80.20:19864 # Reference: https://threatfox.abuse.ch/ioc/1149108/ 79.134.225.9:1620 # Reference: https://threatfox.abuse.ch/ioc/1149141/ 91.193.75.133:62335 # Reference: https://www.virustotal.com/gui/file/2bbf795b1430a6e901f4d4e3cb925b6af80f4ea53738f869961e5f38340366ef/detection # Reference: https://www.virustotal.com/gui/file/e5afd1d7198414e74482aa9e53fdde6fd79456d0fb262de7ba92aa8da81b84ad/detection 91.193.75.133:8977 dani.3utilities.com pohilso.servehttp.com # Reference: https://www.virustotal.com/gui/file/c1f70d82d56a3ddf30730e0ccd8f0e25ec7c6e7489b1ec4d5cc680e91508f239/detection 194.147.140.133:1092 1092.hopto.org # Reference: https://www.virustotal.com/gui/file/8d4cefb6b9731cc1d44cb1d6c16ed55716367e7b1a2e75b327a402262799ccf8/detection 91.193.75.133:2937 2937.hopto.org # Reference: https://www.virustotal.com/gui/file/90e0763354e956676cf7c3c371672a4bad49f0ecab66570913391e83155424d2/detection 91.193.75.133:2938 2938.ddns.net # Reference: https://www.virustotal.com/gui/file/1f44da481d980a1c0d9955d97cf58d38ec97ad821dfded798bd580c05a3ef8d3/detection 103.212.81.152:4654 105.113.41.198:4654 4654.hopto.org # Reference: https://www.virustotal.com/gui/file/2f43286ba3da4a19aa465c51af2130cc3dc57e0ec7bc9a383a6e281c6fcc63f9/detection 91.193.75.134:6561 6561.hopto.org # Reference: https://www.virustotal.com/gui/file/42731732074c860e752911e1747a0028bad7012ce856dced0949cfe854eeef5a/detection 91.193.75.133:9812 9812.hopto.org # Reference: https://www.virustotal.com/gui/file/159433fe7000b328be897e37c401a64b3790d8453bc4655ce59d7cc8385ad6d3/detection # Reference: https://www.virustotal.com/gui/file/ae4f2a0ab27b630601d66b50c722a3f01c0ffa1d4a389e5e49e7ebdfd1fa9717/detection 91.193.75.133:15105 91.193.75.133:50263 admininchost.hopto.org # Reference: https://www.virustotal.com/gui/file/94b5dd676db5a4b2c2d56522ee5f499aca900924c10101aa7084e53bc43e15b9/detection azizurfattahtradin.ddns.net # Reference: https://www.virustotal.com/gui/file/1070dee071d8bb8f8f267bbd512bf24741602941071d22a59c8da62fc2574bed/detection 37.0.14.196:1759 lisajennyjohn.ddns.net mjosh6995.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/91.193.75.133/relations # Reference: https://www.virustotal.com/gui/file/49451319e9605e88dffc27c6788585dbc6757fc0898ed1b08c92ae901a51d58e/detection 91.193.75.133:5629 lynhwarzone.duckdns.org mooretrade.ddns.net newnex.3utilities.com philiso87162.ddns.net raymondmoss1943.ddns.net # Reference: https://www.virustotal.com/gui/file/04cc1e5b566d91f9ed6e0dfdaa0eac9743f3fcaba9abf51460145e20e7861f97/detection 91.193.75.133:8779 zafar101.duckdns.org # Reference: https://threatfox.abuse.ch/ioc/1149159/ 82.64.201.36:54984 alexbp.ddns.net # Reference: https://www.virustotal.com/gui/file/eadaa6c5195abd231c11c4540550773fcd11c24bc7ae715a71d971deb720b8bc/detection 94.156.102.196:28288 # Reference: https://www.virustotal.com/gui/file/8184aa07e14a482daf56010882a9cb1d156f4cd9725e45f396f453d1917de1af/detection 79.134.225.6:4322 onyeotiti.ddns.net # Reference: https://www.virustotal.com/gui/file/ce6d92f2ac0e95b55e05b308939b556412064693ace1f7cf5335ee23ed4b04a5/detection 104.220.158.189:4449 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-08-13) 103.114.104.81:54984 macarenaluis.hopto.org # Reference: https://www.virustotal.com/gui/file/9176ae3289cdf74e0d2223faa379e7a35a4f49fb17326b883c7165dce0e610bf/detection baikooncioso.ddns.net ok.ddns.net # Reference: https://www.virustotal.com/gui/file/06df2e8ab38235eecd202741ef99e105085bbe1f5f66935cd24e450e44d1edd7/detection 67.21.81.85:1990 # Reference: https://www.virustotal.com/gui/file/aeba12133f15b8a33a8ee0ed0622f2c54f1b53e93b46f829fe6e9d518daf49f2/detection 103.212.81.152:6191 6191.ddns.net # Reference: https://twitter.com/SarlackLab/status/1691026946874867713 194.147.140.141:50720 # Reference: https://www.virustotal.com/gui/file/08fb36ea8552c7eef6501383da202a2e4469d1b50fb11984dcd75faa4fa02a6a/detection 102.90.45.249:8282 atelilian99.ddns.net # Reference: https://threatfox.abuse.ch/ioc/1150342/ 176.42.9.192:17134 # Reference: https://twitter.com/SarlackLab/status/1691933092095660285 147.185.221.16:21534 volume-breeding.gl.at.ply.gg # Reference: https://www.virustotal.com/gui/file/f2ded71623a8c2ef073aa0876d5569a9c77e6955a1088a7a38f7a716299b8029/detection 95.211.140.99:4529 nano.airdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-08-24) 103.212.81.160:48405 176.128.50.230:1152 91.92.240.61:65535 aliresulthostlogininc.duckdns.org # Reference: https://www.virustotal.com/gui/file/004c06779b7aa854c078e655f92ddc173275d025046742232e6df98a69b51d6b/detection 93.123.118.134:1981 jegjav.duckdns.org # Reference: https://www.virustotal.com/gui/file/3aea4b07f82b8107a05fed6f9b6fb781b600ca835493c54182dfb45eb509f216/detection 87.64.132.105:3369 fackumen.ddns.net # Reference: https://www.virustotal.com/gui/file/0005203a2c65d85044a93e358aa1ed0403cadde153d8fe135b140ab221712398/detection pixpoeisjfw.hopto.org # Reference: https://www.virustotal.com/gui/file/001ebe46f188e964f02928f0cd165b47ba2985b395007ab80bcc5ff30a6388a7/detection dome1337.hopto.org # Reference: https://www.virustotal.com/gui/file/002b2667951507cb96019f2fe27e337c6bfd9d8b3335f505360a7c2d82e3e2a3/detection hemera.hopto.org # Reference: https://twitter.com/SarlackLab/status/1695511500859867625 # Reference: https://www.virustotal.com/gui/ip-address/91.192.100.38/relations 91.192.100.38:48405 55990hst.duckdns.org 87765lcd.duckdns.org blessedwithwealth.servehumour.com dss1.serveirc.com freshpp.duckdns.org freshpp.myftp.biz justkeephustling12.ddns.net mywealth.ddns.me owens.ddns.net special1.hopto.org ughozt.duckdns.org ugoblaze.duckdns.org wealthismine.brasilia.me wealthyman.brasilia.me # Reference: https://www.virustotal.com/gui/file/0004e4a5435b59606042e80ec86736a01fdb1d9f0ee3e8d27bdd95365141def5/detection faze.no-ip.org # Reference: https://threatfox.abuse.ch/ioc/1152707/ # Reference: https://www.virustotal.com/gui/ip-address/194.147.140.157/relations # Reference: https://www.virustotal.com/gui/file/a1f59eb0838048ed3417dc068bd67df602e9dfd52ff509431bbdbb312fd44db7/detection 194.147.140.157:50720 biblegateway.store # Reference: https://www.virustotal.com/gui/file/05a48cbd0f33c3952ecb646a29c29055703e931fe42a1c508c161786bc44fb9e/detection soportes469.duckdns.org # Reference: https://threatfox.abuse.ch/ioc/1155005/ # Reference: https://www.virustotal.com/gui/ip-address/103.212.81.152/relations 103.212.81.152:6141 6141.ddns.net 6353.hopto.org eiuthwr5436dr.duckdns.org futuristic11.ddns.net gbotowaya.duckdns.org ihttree.duckdns.org kingggttttd.duckdns.org newacash.ddns.net richard4545.loseyourip.com tekyagsha.3utilities.com winvins.3utilities.com yesican.ddns.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-04) 3.13.191.225:19529 3.134.125.175:19529 3.134.39.220:19529 3.14.182.203:19529 3.17.7.232:19529 3.22.30.40:19529 # Reference: https://twitter.com/SarlackLab/status/1698984403588805074 103.212.81.152:7689 # Reference: https://twitter.com/SarlackLab/status/1698954187814416724 91.192.100.5:9387 # Reference: https://twitter.com/SarlackLab/status/1699014582507909549 194.180.48.119:4444 discojockeylight.duckdns.org # Reference: https://www.virustotal.com/gui/file/135e0121c17b4d53bcf74a462175a129629fc3e0c6474b1c7a3f9a4f55b51a64/detection 2.59.254.111:6357 express105.ddns.net # Reference: https://www.virustotal.com/gui/file/647fc190ea3335f9acea054c074feaefaaa7ae11a5976500a78b8b8b29c3ee34/detection 185.140.53.91:8383 accept.ddns.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-11) 38.170.239.42:1012 xpnano091123.ddns.net # Reference: https://twitter.com/SarlackLab/status/1701928782716620915 # Reference: https://www.virustotal.com/gui/file/531f71d9031613a45d12fd4fe4f885e860a515f8f0c437b236602e6cba37e2f6/detection 42.117.107.194:9246 xdanet3.duckdns.org xdanetnow.duckdns.org # Reference: https://twitter.com/SarlackLab/status/1702261954889335229 194.180.48.209:8209 thecookieisthere.duckdns.org # Reference: https://threatfox.abuse.ch/ioc/1163668/ 141.98.6.167:5837 # Reference: https://twitter.com/SarlackLab/status/1702532762421338621 141.98.6.9:5490 # Reference: https://twitter.com/SarlackLab/status/1702653573551546443 91.193.75.135:7245 7245.ddns.net # Reference: https://www.virustotal.com/gui/file/e4d193d060a99ffc9dfeeb843432b54ff639401982f596098497e52cc422b0db/detection 79.110.62.170:4445 # Reference: https://twitter.com/SarlackLab/status/1703755817655152812 kopping.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-20) 3.127.59.75:10357 45.81.39.98:4444 babaface.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-21) 103.212.81.155:47216 3.121.139.82:10357 35.158.159.254:10357 52.28.112.211:10357 # Reference: https://www.virustotal.com/gui/file/5561e3654aada98f893cfa5caba6979f8cf65f7e19f95aab2dcb52b8f70758ca/detection 194.5.98.44:8879 31.192.107.185:8879 laflames.ddns.net # Reference: https://www.virustotal.com/gui/file/8302d501ea5912d4f9475f5dd51e9ea6c85db1105c30f4b114bc0981090ab593/detection 212.193.30.230:56609 excellenthvncepurelander.onedumb.com # Reference: https://twitter.com/James_inthe_box/status/1707029148202385876 mailhosting.click # Reference: https://www.virustotal.com/gui/file/a34926ab5dc1133b387e6c81da031bcd3bb1ee21b39026ee40fd83931ddf26d8/detection 79.134.225.11:1212 # Reference: https://tria.ge/220830-w1zhrachar/behavioral1 216.18.189.81:54984 # Reference: https://github.com/Gi7w0rm/MalwareConfigLists/blob/main/nanocore/nanocore_c2s_2020_to_2023.txt http://34.91.75.162 http://35.198.98.125 http://83.159.194.96 100.72.162.1:9033 103.1.250.238:30314 103.125.189.164:2008 103.140.250.132:3421 103.143.166.136:5355 103.194.171.108:30301 103.200.6.62:4009 103.200.6.79:6774 103.249.31.160:5560 103.25.58.220:72 103.28.70.172:34217 103.60.14.173:54984 104.129.0.106:5110 104.207.150.47:4563 104.238.79.240:1604 104.244.74.228:9981 104.246.53.61:53069 104.254.92.59:54984 104.3.77.123:25565 106.157.122.206:54984 107.155.162.19:2100 107.173.60.45:54955 108.161.136.113:9987 108.61.211.120:10150 109.124.17.231:1604 109.147.61.152:54984 109.19.143.49:53459 109.230.215.181:1604 111.118.183.211:5678 128.226.252.143:54984 13.67.71.33:5353 134.249.130.48:5552 136.144.41.4:4991 138.197.134.31:3382 139.99.231.195:54977 142.44.161.51:7025 143.198.135.170:54984 144.208.127.26:3131 145.255.3.11:54984 146.255.79.163:3413 146.255.79.172:6789 146.59.156.137:54984 146.70.76.43:56281 149.255.35.4:54984 149.56.113.37:30301 149.56.118.121:50573 151.106.2.118:54984 153.92.44.100:5213 154.16.220.112:1717 154.16.248.85:2346 154.16.93.178:9888 154.16.93.185:52943 156.96.157.102:1726 160.202.163.200:5560 160.202.163.240:1850 160.202.163.240:2222 160.202.163.240:70 160.202.163.246:1011 160.202.163.248:1983 161.129.71.136:5900 161.35.226.214:54984 162.220.160.243:20198 163.158.111.118:27068 167.172.160.108:53896 172.111.188.199:8826 172.111.188.199:8828 172.111.249.15:55420 172.111.250.107:51000 172.111.250.107:54984 172.111.252.131:6700 172.245.162.145:1738 172.245.23.178:54555 172.250.154.138:9005 172.69.62.146:1608 172.81.129.208:4110 172.93.151.252:7865 172.93.166.26:4090 172.94.100.243:55420 172.94.125.147:1943 172.94.44.202:1245 172.94.88.147:1610 172.98.94.11:6605 173.254.195.174:6199 173.254.223.104:7362 173.46.85.204:4084 173.52.88.141:4782 174.127.99.220:62104 174.52.199.252:8273 174.52.65.101:3182 176.112.227.240:1604 176.126.86.243:62520 176.168.5.0:2605 176.31.117.22:4562 176.31.174.37:55128 176.32.194.230:2094 176.48.165.114:1604 178.124.140.135:1818 178.124.140.145:1604 178.17.174.71:3310 178.170.138.163:5626 178.209.51.235:54901 178.239.21.116:9071 178.239.21.130:1350 178.239.21.163:56732 178.239.21.3:6003 178.239.21.5:58954 178.32.224.116:46218 178.33.222.241:5569 178.63.172.23:4326 179.43.146.237:22212 18.184.222.225:41432 180.16.189.226:54984 181.214.55.24:1960 181.215.247.5:2890 181.215.247.70:3031 181.215.247.86:5152 181.215.247.92:6061 182.188.78.114:54984 184.75.223.235:3012 184.75.223.235:3822 184.75.223.235:3887 184.75.223.235:3915 184.75.223.235:3952 185.101.94.172:1792 185.103.96.147:54617 185.11.147.108:54984 185.12.45.79:6713 185.125.205.79:1112 185.125.205.93:9003 185.125.216.154:9033 185.13.39.4:51815 185.134.30.152:4525 185.136.167.228:1010 185.136.169.24:54984 185.140.53.106:1604 185.140.53.10:1145 185.140.53.10:2012 185.140.53.10:37151 185.140.53.10:5050 185.140.53.129:2323 185.140.53.12:1985 185.140.53.130:1716 185.140.53.130:2364 185.140.53.131:5723 185.140.53.131:6262 185.140.53.131:8787 185.140.53.131:9292 185.140.53.131:9386 185.140.53.132:1604 185.140.53.132:1817 185.140.53.132:2008 185.140.53.132:22202 185.140.53.132:3940 185.140.53.134:4242 185.140.53.134:7272 185.140.53.135:1187 185.140.53.135:1943 185.140.53.135:7031 185.140.53.136:1092 185.140.53.137:1717 185.140.53.137:2012 185.140.53.139:7743 185.140.53.13:6384 185.140.53.140:1604 185.140.53.140:4455 185.140.53.147:6830 185.140.53.149:1985 185.140.53.14:1940 185.140.53.14:4328 185.140.53.152:1190 185.140.53.154:5540 185.140.53.158:1414 185.140.53.15:7600 185.140.53.15:8000 185.140.53.160:9856 185.140.53.162:2187 185.140.53.167:1604 185.140.53.175:4190 185.140.53.175:6789 185.140.53.175:7820 185.140.53.175:7980 185.140.53.176:3765 185.140.53.178:1985 185.140.53.181:1865 185.140.53.183:83 185.140.53.187:4488 185.140.53.191:1985 185.140.53.192:4455 185.140.53.204:1604 185.140.53.205:3124 185.140.53.207:2121 185.140.53.208:1122 185.140.53.208:1960 185.140.53.212:4488 185.140.53.216:7747 185.140.53.219:1990 185.140.53.221:4488 185.140.53.226:8960 185.140.53.232:1042 185.140.53.233:4488 185.140.53.236:2017 185.140.53.237:1604 185.140.53.238:56732 185.140.53.251:1995 185.140.53.252:54001 185.140.53.25:1970 185.140.53.25:6789 185.140.53.28:1985 185.140.53.34:6634 185.140.53.3:8976 185.140.53.51:1985 185.140.53.52:4488 185.140.53.5:7575 185.140.53.60:7076 185.140.53.62:5355 185.140.53.64:57689 185.140.53.6:1165 185.140.53.75:97 185.140.53.76:52001 185.140.53.88:1090 185.140.53.9:1118 185.140.53.9:1119 185.140.53.9:1818 185.140.53.9:7567 185.140.53.9:9124 185.148.241.35:6789 185.148.241.43:6442 185.148.241.46:1680 185.150.24.7:4750 185.157.160.229:60006 185.157.160.229:6700 185.157.160.233:2020 185.157.160.233:2212 185.157.161.86:50005 185.157.162.187:60140 185.157.162.81:40700 185.157.162.81:5504 185.157.162.92:2036 185.158.139.27:3052 185.162.88.148:1604 185.162.88.16:2359 185.162.88.26:20911 185.163.45.199:1956 185.165.153.114:52943 185.165.153.124:57689 185.165.153.157:3575 185.165.153.16:8494 185.165.153.17:1905 185.165.153.188:1985 185.165.153.18:1001 185.165.153.199:20219 185.165.153.19:1918 185.165.153.201:1985 185.165.153.218:6969 185.165.153.236:9083 185.165.153.249:10001 185.165.153.24:8014 185.165.153.251:50450 185.165.153.26:1985 185.165.153.30:2177 185.165.153.33:1156 185.165.153.39:3002 185.165.153.6:2786 185.165.153.84:20110 185.165.153.85:2040 185.17.1.12:54984 185.17.1.204:1607 185.171.25.25:9723 185.174.40.228:1985 185.19.85.133:9995 185.19.85.134:25078 185.19.85.134:50105 185.19.85.134:8976 185.19.85.135:2012 185.19.85.137:7020 185.19.85.137:8494 185.19.85.150:54085 185.19.85.150:57695 185.19.85.155:50300 185.19.85.165:3030 185.19.85.170:57356 185.19.85.175:48562 185.19.85.177:54085 185.19.85.180:5787 185.19.85.183:10001 185.19.85.186:40510 185.191.231.252:2525 185.208.211.11:3752 185.208.211.17:1996 185.208.211.76:2017 185.209.85.183:7177 185.217.1.133:3967 185.217.1.137:45787 185.217.1.168:7030 185.217.1.176:555 185.217.1.176:717 185.222.57.149:4557 185.222.57.152:4001 185.222.57.158:62520 185.222.57.171:4445 185.222.57.233:20209 185.222.57.73:4437 185.222.57.90:4445 185.228.80.45:54985 185.231.113.95:5401 185.234.216.161:2094 185.239.242.237:4567 185.239.242.243:2010 185.239.242.44:46622 185.244.26.198:2092 185.244.26.199:2008 185.244.26.244:2700 185.244.26.250:3231 185.244.29.128:9995 185.244.29.130:1980 185.244.29.130:6932 185.244.29.131:2128 185.244.29.132:1985 185.244.29.199:4488 185.244.29.216:24980 185.244.29.223:24980 185.244.29.227:7342 185.244.29.237:47651 185.244.29.248:10011 185.244.29.248:5678 185.244.30.102:2040 185.244.30.107:1985 185.244.30.10:3310 185.244.30.10:6532 185.244.30.114:2404 185.244.30.124:5051 185.244.30.128:4050 185.244.30.12:4693 185.244.30.131:1985 185.244.30.139:2121 185.244.30.13:52943 185.244.30.14:19833 185.244.30.157:52943 185.244.30.161:1985 185.244.30.18:1985 185.244.30.18:2222 185.244.30.192:20219 185.244.30.19:1985 185.244.30.209:5844 185.244.30.209:8366 185.244.30.20:2525 185.244.30.212:57689 185.244.30.216:8417 185.244.30.21:5050 185.244.30.225:2021 185.244.30.22:52943 185.244.30.238:1985 185.244.30.23:3421 185.244.30.247:1980 185.244.30.251:1012 185.244.30.251:1144 185.244.30.251:5600 185.244.30.253:50450 185.244.30.33:55420 185.244.30.63:1916 185.244.30.6:1985 185.244.30.75:8939 185.244.30.89:2121 185.244.30.8:4629 185.244.30.90:20975 185.244.30.93:3752 185.244.30.99:2133 185.244.31.132:2438 185.244.31.172:32443 185.244.31.26:18989 185.244.31.53:8909 185.244.36.245:2376 185.244.38.210:7008 185.247.228.10:867 185.247.228.11:8657 185.247.228.193:1990 185.29.8.54:7731 185.4.29.173:8172 185.5.175.206:1950 185.5.175.225:9033 185.61.137.30:9002 185.61.137.30:9902 185.65.134.180:3063 185.77.128.65:22212 185.77.128.65:64345 185.81.157.26:54984 185.82.203.204:600 185.84.181.81:7601 185.84.181.89:6090 185.84.181.89:9083 185.92.239.14:55085 188.141.118.122:6666 188.165.42.163:9033 188.233.47.224:35274 191.101.151.13:1970 191.101.22.231:6000 191.101.22.32:1004 191.101.22.32:1122 191.101.42.138:935 191.96.25.26:11940 191.96.25.26:54999 192.111.132.75:54984 192.152.0.58:6060 192.227.90.76:54984 192.248.151.215:5000 192.99.127.206:1720 193.0.200.146:3360 193.124.64.117:55116 193.161.193.99:44911 193.164.7.90:3333 193.178.169.213:1085 193.26.21.58:47507 193.37.254.35:4070 193.56.28.30:53896 193.56.29.150:8004 193.56.29.150:8005 193.93.193.247:1435 194.147.140.7:8293 194.180.224.105:40004 194.5.97.100:15279 194.5.97.107:8462 194.5.97.10:2364 194.5.97.117:10256 194.5.97.125:51470 194.5.97.14:2323 194.5.97.158:1817 194.5.97.16:1078 194.5.97.179:4488 194.5.97.180:52943 194.5.97.182:4455 194.5.97.186:52943 194.5.97.18:2322 194.5.97.19:90 194.5.97.207:52943 194.5.97.215:10001 194.5.97.21:2364 194.5.97.221:24817 194.5.97.237:58931 194.5.97.23:4419 194.5.97.242:5999 194.5.97.249:3231 194.5.97.24:6546 194.5.97.26:9211 194.5.97.34:6700 194.5.97.40:1604 194.5.97.47:54001 194.5.97.48:4488 194.5.97.75:7823 194.5.97.7:21600 194.5.97.7:4543 194.5.97.82:55420 194.5.97.91:7583 194.5.97.93:6033 194.5.98.11:1825 194.5.98.11:2821 194.5.98.120:3748 194.5.98.123:1040 194.5.98.127:2303 194.5.98.127:54984 194.5.98.129:57268 194.5.98.12:52943 194.5.98.12:58931 194.5.98.133:55420 194.5.98.136:2888 194.5.98.139:52149 194.5.98.148:53911 194.5.98.14:2323 194.5.98.16:1617 194.5.98.16:2420 194.5.98.17:5637 194.5.98.180:24980 194.5.98.180:52943 194.5.98.180:57689 194.5.98.182:3765 194.5.98.182:5546 194.5.98.18:19877 194.5.98.19:53795 194.5.98.202:4488 194.5.98.208:54402 194.5.98.208:5566 194.5.98.211:4132 194.5.98.21:54309 194.5.98.231:5050 194.5.98.249:1133 194.5.98.250:1012 194.5.98.250:1144 194.5.98.26:1011 194.5.98.28:3040 194.5.98.31:52943 194.5.98.32:1990 194.5.98.38:57689 194.5.98.3:4321 194.5.98.49:83 194.5.98.4:2010 194.5.98.52:2303 194.5.98.52:54984 194.5.98.84:1129 194.5.98.8:4573 194.5.98.92:6060 194.5.98.9:2109 194.5.99.14:1918 194.5.99.14:3362 194.5.99.15:87 194.5.99.19:3280 194.5.99.21:19515 194.5.99.222:4488 194.5.99.24:1716 194.5.99.2:2525 194.5.99.55:50710 194.5.99.5:1898 194.5.99.75:6030 194.5.99.8:6932 194.68.59.34:1028 194.68.59.34:1128 194.68.59.34:54309 194.68.59.60:333 194.68.59.80:1606 194.9.179.0:1978 195.133.18.136:3106 195.242.110.183:5654 198.12.96.149:55994 198.50.171.25:4513 198.98.49.245:24980 199.195.250.222:58984 199.195.250.222:6665 199.36.223.34:30312 2.56.56.117:2486 2.56.8.230:59698 20.203.173.201:49211 20.52.46.119:52190 20.79.206.212:8000 20.91.192.34:6422 201.174.233.241:53776 203.159.80.127:645 203.159.80.19:8090 206.123.141.99:50572 209.159.151.5:24980 212.192.241.216:5005 212.252.162.99:54984 212.7.192.241:8181 212.7.192.242:9045 212.7.208.102:5659 212.7.208.83:5050 212.7.218.47:3535 212.83.46.26:4021 213.152.161.138:6134 213.152.162.154:54617 213.183.40.60:1604 213.183.58.12:58442 213.183.58.24:1159 213.183.58.52:54986 213.183.58.61:1690 213.184.126.138:2727 213.208.129.215:1313 213.208.129.218:57356 213.208.129.219:1212 213.238.172.95:1923 216.170.114.4:36251 216.170.114.99:1821 216.170.119.120:53897 216.170.119.19:24980 216.38.2.215:50505 216.38.7.228:4422 216.38.7.249:4050 216.38.8.182:4050 217.138.212.57:2018 217.138.212.57:25211 217.138.212.59:2020 217.138.212.59:2212 217.138.212.59:54984 23.105.131.139:5626 23.105.131.140:9219 23.105.131.162:4040 23.105.131.163:9909 23.105.131.164:5050 23.105.131.170:20201 23.105.131.171:4040 23.105.131.177:4040 23.105.131.177:4545 23.105.131.183:1177 23.105.131.186:8777 23.105.131.190:4040 23.105.131.206:4040 23.105.131.214:4040 23.105.131.216:52943 23.105.131.228:6280 23.105.131.229:4040 23.105.131.230:21180 23.108.57.135:1169 23.238.217.173:54999 23.242.41.96:1607 23.249.162.143:3420 23.81.246.58:54984 23.82.140.49:4111 23.92.211.243:8765 23.94.24.200:9826 23.94.54.224:5257 23.94.82.41:11940 23.95.26.134:9034 24.133.1.29:3265 24.14.60.181:5552 24.144.103.48:54984 25.88.22.106:7777 27.254.163.12:8080 3.83.242.140:8787 31.171.152.101:1789 31.171.152.99:7554 31.45.75.24:2346 35.167.44.157:54984 35.246.78.137:2346 37.0.10.190:1919 37.0.10.22:1187 37.0.10.38:4001 37.0.14.211:20203 37.120.141.152:4381 37.120.145.226:54985 37.120.210.211:56281 37.230.130.63:7031 37.247.48.201:9035 38.117.105.156:6666 38.117.105.186:50002 40.124.7.222:8999 41.231.120.13:7554 41.231.120.141:17082 45.11.19.24:53896 45.125.239.181:4488 45.133.1.167:5590 45.137.22.142:9867 45.137.22.36:4837 45.137.22.50:4021 45.137.22.50:4667 45.137.22.56:65535 45.137.22.60:4023 45.138.49.96:1759 45.144.225.120:2486 45.15.143.169:5353 45.15.143.249:7890 45.154.4.178:8080 45.154.4.187:7416 45.155.124.168:3334 45.32.193.48:4507 45.67.229.4:54984 45.77.147.196:24980 45.77.147.196:8401 46.101.159.120:54984 46.160.247.55:1604 46.183.220.61:4488 46.183.222.16:8769 46.219.11.137:1604 46.243.147.194:4041 46.243.189.139:1133 46.243.189.145:1979 46.39.31.236:25565 5.206.227.57:1604 5.254.106.236:4000 5.254.112.21:1177 5.254.112.21:1604 5.254.112.56:6017 5.9.145.244:50572 51.195.45.141:4782 51.38.92.6:50573 51.77.254.162:54984 52.188.147.221:5620 52.191.197.71:6969 54.36.24.65:30301 54.37.235.82:1621 54.37.36.116:24980 54.38.123.240:7004 62.197.136.188:4052 63.209.33.1:24980 66.225.194.4:83 67.186.192.96:8273 67.211.209.25:54948 67.215.9.236:6969 68.32.241.132:54984 68.9.144.83:1337 69.10.42.234:24980 69.247.222.153:31337 69.61.59.215:60000 69.61.59.215:60003 69.61.84.206:9080 69.65.7.130:2177 72.204.107.181:1608 73.134.7.30:1565 74.65.100.22:1805 74.91.121.229:9033 77.247.110.178:2828 78.130.176.161:1002 78.253.115.7:123 78.61.51.200:2490 78.99.192.104:2346 79.134.225.100:1985 79.134.225.101:1012 79.134.225.101:83 79.134.225.103:101 79.134.225.103:1985 79.134.225.103:2180 79.134.225.103:50703 79.134.225.105:3575 79.134.225.106:2110 79.134.225.106:86 79.134.225.111:7590 79.134.225.112:6432 79.134.225.114:2072 79.134.225.114:3240 79.134.225.114:50956 79.134.225.115:10429 79.134.225.115:21180 79.134.225.116:1985 79.134.225.116:50902 79.134.225.117:1604 79.134.225.117:2180 79.134.225.119:9843 79.134.225.11:1212 79.134.225.11:5000 79.134.225.120:1913 79.134.225.120:1974 79.134.225.121:1985 79.134.225.121:6195 79.134.225.121:7583 79.134.225.126:898 79.134.225.12:1414 79.134.225.12:1717 79.134.225.12:1996 79.134.225.12:52650 79.134.225.12:5600 79.134.225.12:83 79.134.225.15:9583 79.134.225.18:57689 79.134.225.19:54910 79.134.225.19:8902 79.134.225.21:1985 79.134.225.22:7290 79.134.225.23:1985 79.134.225.23:33733 79.134.225.23:3890 79.134.225.24:38412 79.134.225.25:52650 79.134.225.26:4019 79.134.225.28:1122 79.134.225.29:1990 79.134.225.31:1604 79.134.225.32:1996 79.134.225.32:4019 79.134.225.33:4045 79.134.225.36:7040 79.134.225.36:8432 79.134.225.39:3342 79.134.225.40:48154 79.134.225.42:8689 79.134.225.45:59990 79.134.225.46:2019 79.134.225.47:8909 79.134.225.49:1985 79.134.225.50:50670 79.134.225.52:1144 79.134.225.52:5540 79.134.225.58:49504 79.134.225.5:1761 79.134.225.5:9848 79.134.225.69:1604 79.134.225.69:2525 79.134.225.69:4040 79.134.225.69:4322 79.134.225.69:9398 79.134.225.6:1212 79.134.225.6:32100 79.134.225.6:6197 79.134.225.70:6331 79.134.225.71:2121 79.134.225.72:1717 79.134.225.72:1990 79.134.225.72:5151 79.134.225.72:5221 79.134.225.72:7405 79.134.225.72:7798 79.134.225.72:8976 79.134.225.72:93 79.134.225.72:99 79.134.225.74:1980 79.134.225.74:2146 79.134.225.74:2446 79.134.225.74:45456 79.134.225.75:2012 79.134.225.75:21600 79.134.225.76:2130 79.134.225.76:3431 79.134.225.77:5355 79.134.225.79:1988 79.134.225.7:1007 79.134.225.7:1800 79.134.225.7:6009 79.134.225.7:8545 79.134.225.7:9634 79.134.225.81:57356 79.134.225.84:1985 79.134.225.85:2100 79.134.225.85:2468 79.134.225.85:5654 79.134.225.86:1985 79.134.225.87:1144 79.134.225.87:1985 79.134.225.88:5050 79.134.225.89:12190 79.134.225.8:1212 79.134.225.8:1604 79.134.225.8:6534 79.134.225.8:8293 79.134.225.91:1978 79.134.225.91:1985 79.134.225.91:4488 79.134.225.92:6809 79.134.225.93:1985 79.134.225.93:50956 79.134.225.93:7766 79.134.225.93:79 79.134.225.93:8721 79.134.225.93:88 79.134.225.93:98 79.134.225.95:1985 79.134.225.95:8585 79.134.225.96:2544 79.134.225.98:1604 79.134.225.99:35317 79.134.225.9:1456 79.134.225.9:1503 79.134.225.9:4321 79.175.228.187:54984 80.6.107.16:54984 81.132.125.36:4782 82.153.167.249:53896 82.156.51.150:54984 82.21.252.87:1234 82.24.18.196:1085 82.64.141.173:6666 84.38.132.25:5200 84.38.133.178:6498 85.244.29.130:1990 86.16.82.110:1334 86.216.253.86:7006 87.231.21.54:1337 87.231.21.54:3639 87.231.21.54:4242 87.231.21.54:6666 87.231.21.54:9033 87.237.165.78:7070 88.189.104.89:4500 88.208.246.146:4990 89.114.86.236:9033 89.136.124.132:7777 89.163.240.198:2960 89.187.145.54:8808 89.35.228.194:1002 89.35.228.244:2233 89.44.9.240:626 90.119.104.71:54984 90.190.23.204:54984 90.52.104.56:808 91.189.180.193:2019 91.189.180.197:3590 91.189.180.201:4455 91.192.100.17:3890 91.192.100.23:1414 91.192.100.25:29890 91.192.100.25:56372 91.192.100.3:4354 91.192.100.54:58764 91.192.100.55:19864 91.192.100.55:56098 91.192.100.6:6060 91.192.100.6:7554 91.192.100.7:3020 91.192.100.7:8494 91.192.100.8:6331 91.193.75.100:11903 91.193.75.131:2546 91.193.75.158:84 91.193.75.158:95 91.193.75.16:8181 91.193.75.180:54984 91.193.75.18:1985 91.193.75.199:11110 91.193.75.199:5449 91.193.75.228:1985 91.193.75.228:4540 91.193.75.228:54984 91.193.75.228:7687 91.193.75.233:8605 91.193.75.245:6735 91.193.75.252:2210 91.193.75.252:83 91.193.75.26:5353 91.193.75.46:1985 91.193.75.58:1985 91.193.75.66:2049 91.193.75.66:50710 91.233.116.104:4040 91.233.116.104:7203 91.236.116.127:58979 91.236.116.131:9000 91.236.116.142:5888 91.236.116.193:9033 92.119.17.181:54984 92.222.72.160:4156 92.240.245.136:65196 92.253.237.148:54984 92.45.199.157:4341 92.53.66.44:6166 92.53.66.44:7070 93.115.97.82:53896 94.156.35.43:1604 94.245.132.86:25565 95.140.125.119:2019 95.140.125.27:2873 95.140.125.48:55882 95.140.125.70:7070 95.140.125.76:4580 95.140.125.79:2033 95.140.125.90:1990 95.141.43.200:1980 95.141.43.202:1860 95.148.231.84:30000 95.165.25.7:55979 95.168.27.120:53459 95.189.111.131:7777 95.213.251.165:24577 95.213.251.165:54964 95.217.140.37:1104 96.243.31.69:9033 97.86.180.64:1603 98.116.226.129:1604 98.143.144.232:3890 0mynameisstaff.warzonedns.com 0x01337.duckdns.org 100myman.duckdns.org 1098.ddns.net 123pc.ddns.net 12edqwsad123sd1.ddns.net 14services.hopto.org 15deseptimebre.duckdns.org 16deoctubre.duckdns.org 1989.ddns.net 1c3a5ccbec9af7e0bf2c3eb4dac15059.duckdns.org 1gstemos.duckdns.org 2.kingx.info 2001.fcuked.me.uk 20141129server.no-ip.org 2022.hopto.org 20810.duckdns.org 20million.ddns.net 229.ip.ply.gg 236philipjohnson.freedynamicdns.org 247krypto.ddns.net 24thmatch2020.duckdns.org 2546.hopto.org 2630.hopto.org 26deagosto.duckdns.org 26octubre2020.duckdns.org 27300.duckdns.org 27dejulio.duckdns.org 27deoctu.duckdns.org 2938.ddns.net 2meonline.ddnsgeek.com 305way.duckdns.org 30deoctubre.duckdns.org 3112r.duckdns.org 3113r.duckdns.org 333.icodework.com 34112r.rapiddns.ru 3utli.3utilities.com 4099.ddns.net 41008.duckdns.org 484848fg.twilightparadox.com 4e2q.duckdns.org 54312.duckdns.org 5455.hopto.org 54811.duckdns.org 549177.duckdns.org 54989.duckdns.org 5723.hopto.org 58881.duckdns.org 60days.duckdns.org 666.complex-server.xyz 6667.icodework.com 74cosmefun93.no-ip.org 77caliescali77.no-ip.org 77nwo77.no-ip.org 8787.hopto.org 8888.icodework.com 8888.tshacks.online 88blakejames.ddns.net 8nn7efnd2.ddns.net 8r1ngth33nd.ddns.net 9211.hopto.org 9398.redirectme.net 99light.ddns.net 9project.duckdns.org a32-36-97-43.deploy.static.akamaitechnologies.info aaaaafffffddddd.ddns.net aaronberry872.ddns.net aawwssdd2.no-ip.biz abaleke.duckdns.org abcdon.ddns.net abidejeks.hopto.org abigaeelrs.ddns.net absalaad.duckdns.org acen.selfhost.tk acesanders.duckdns.org acokoye85.hopto.org activate2018.duckdns.org activeman101.ddns.net actuall.ddns.net adam150994.mooo.com adams333.ddns.net adika.publicvm.com admin.ndplc.gq aeonn.mooo.com agood.duckdns.org agor0020.gotdns.ch aimway.ignorelist.com aje.ddns.net akamegakill.no-ip.info akem.duckdns.org albertsamco76.ddns.net aleksanderbodhan.ddns.net alibabadino8.ddns.net alilatestspyhost.ddns.net alla.mywire.org alltempsplein.ddns.net almanac266.ignorelist.com alpay.germanywestcentral.cloudapp.azure.com alphachea.duckdns.org alphagame.duckdns.org amanai.net-freaks.com ambimi.publicvm.com anda167.chickenkiller.com anda167.duckdns.org anda167.no-ip.org andesal.com.au andrew.techdrax.de andrew566-21312.portmap.io anglekeys111.ddnsgeek.com anna7997.hopto.org annapro.linkpc.net. annapro55.ddns.net anonyfile.duckdns.org ant69.ddns.net anthyscambaits.ddns.net antivirus-firewall.duckdns.org antonlmcmotor.ddns.net antony2ok.duckdns.org anunankis555.duckdns.org apaduckdns.duckdns.org apawizy.duckdns.org apfelnano.no-ip.de applestoreupdate.sytes.net aprilnew.duckdns.org apriomo.duckdns.org aqo.no-ip.org ararat.mangospot.net arinnnnnnnn.ddns.net aristoweb.chickenkiller.com aristoweb2015.chickenkiller.com arkseven77.ddns.net armanoizoamani.duckdns.org armanyofficial.ddns.net armanyofficial.hopto.org arnoldimperial13.hopto.org arpadnssecure.mywire.org asdoajodwjw.ddns.net ashebi.ddns.net askseven7.ddns.net asshost.duckdns.eu asusdriverupdate.no-ip.org asusoftware.no-ip.org asy.anondns.net atallatall.ddns.net augcavite.duckdns.org averyserkis.hopto.org avito.duckdns.org ayatollahdada1.ddns.net ayoway.ddns.net azerty5550.ddns.net baba-link.lflinkup.org babbyhouse90.duckdns.org backdoorddns.net backupconnections.onthewifi.com backupdude.duckdns.org backupjuly.duckdns.org backupnewhost.duckdns.org backupnewhost1.duckdns.org backupnow.duckdns.org baddest101.ddns.net bananarx.publicvm.com band.ddns.net bandfree.ddns.net bangslang.ddns.net bankofamerica220.bounceme.net banzim96.hopto.org baseseven.ddns.net basspeak134.ddns.net batterthings.duckdns.org bbenson.ddns.net bbshp.giize.com beastyyou.no-ip.org bemery2.no-ip.biz billion1920.duckdns.org bitcoinonemmusdbkup.duckdns.org bition.duckdns.org blackgy.ddnsking.com blesseddon.dynu.net blessedlogins101.duckdns.org blessfullluck.ddns.net blessingwaylord.ddns.net blessingzz.ddns.net bliss12.ddns.net blissdonworkforceworkchop.ddns.net blissfulfamily.ddns.net blitzwar45.duckdns.org blockcontract.ddns.net bloodlocker247.ddns.net bm4128628.duckdns.org boapayment.ddns.net bobbyino.duckdns.org boele.duckdns.org bohemiabenz.ddns.net boki.boscco.club boki.zapto.org bolingost.ddns.net bonjourlesfr.ddns.net book234.mooo.com booka11.ddns.net bornsinner.myq-see.com boss2020.ddns.net bossback.camdvr.org boyonnem.ddns.net br13fack.warzonedns.com branderhostx.bid bravebizzle.no-ip.biz brianbriano.ddns.net britishkid1.ddns.net bruno12345.ddns.net bruno12345.duckdns.org brunoonochie.no-ip.biz bubbe.duckdns.org budapest.ydns.eu bugodns.myddns.rocks businessdb00.ddns.net businessdb00.no-ip.biz businessdb01.no-ip.biz businessdb02.noip.me businessdb04.no-ip.biz businessdb04.no.ip.biz bustabantu1996.duckdns.org bvans.duckdns.org c.j.ydns.eu c3a37688828.ddns.net caglar223.ddns.net camelzftw.ddns.net canarybeachhotel.sa candycandy.ddns.net cantrellking62.ddns.net captainbulusss.no-ip.biz card-conversation.at.playit.gg carlxmilz.ddns.net carsonknows.hopto.org cash.mywire.org cashout.ddns.net castedteam.ddns.net cdream.duckdns.org chadonlight.sytes.net changalan.ddns.net changnoah007.duckdns.org charuagroplest34.ddns.net cheapshoes.ddns.net cheatreet.ddns.net cheks.ddns.net chibuikelight.ddns.net chibuikeubachukwuka.ddns.net chickensoup.no-ip.info chidinduirofuala.ddns.net chiguserver.ml chima2022.ddns.net chingin.myq-see.com chivalrous-condition.auto.playit.gg chiwork.ddns.net chk.malatifs.com chromax123.ddns.net chtlg.ddns.net chukwuemeka.ddns.net cin389.ddns.net cipeh.ddns.net ckrenanet.duckdns.org classof.spdns.org classof.theworkpc.com claudeebob.ddns.net cldgr.duckdns.org cloudeyes.duckdns.org cloudservices.duckdns.org cmgdns.ddns.net cobaltmc.ddns.net cobart.duckdns.org cockandballs.ddns.net cockandballs1.ddns.net codamasaru00.duckdns.org codezero700.ddns.net colinco.twilightparadox.com cometz.chickenkiller.com companiesbaddest.hopto.org complex-server.xyz compoteeee57.ddns.net confirma.ooguy.com connect76.zapto.org connectddotserver.duckdns.org connectionservices.ddns.net contract.ddns.net cookies3.ddns.net coolashell.ddns.net copieronlineph209.ddns.net cotthwilen51.ddns.net covid30466.duckdns.org cramsfs.ddns.net cramzkie2014.duckdns.org crankshit2.duckdns.org crc2k18.mooo.com creamium.ddns.net crudii.strangled.net cryoutloud.myddns.rocks csgoshittergamer.ddns.net cubanasrhtd.ddns.net cynic.ddns.net cyrus-test.ddns.net d162563.ddns.net dahicothebest.ddns.net dailnetworkinternet.gotdns.ch daisyes.ddnsw.net damgout.ddns.net dangam.ddns.net dannoip.ddns.net darkcc.duckdns.org darkeye.hopto.org darkrig.ddns.net darlingtondc.hopto.org dave2h.ddns.net davidflick.duckdns.org daviscoleman8999.ddns.net davissmith.hopto.org dawood01.ddns.net dawood02.no-ip.org dbaclinc.ddns.net dbest2021.ddns.net dcserv.noip.me dd.fedex-shipping.xyz ddzikus69.ddns.net dealbaba.ddns.net dearrx.chickenkiller.com debbiealbuckar.ddns.net deez.zapto.org deezmanboc.ddns.net degrace2020.hopto.org deklan4321.ddns.net delightson.ddns.net deone.hopto.org depannageaba.ooguy.com dephantomz.ddns.net dera118.hopto.org dera12.ddns.net deranano.ddns.net dertrefg.duckdns.org devil222.duckdns.org dico.homelinux.net dico.is-a-designer.com dikaa.ddns.net dinowar.anondns.net dinowar.dynv6.net dioman33.ddns.net discordgg.ddns.net discoveryvipshinjiru2law.ooguy.com dish123nano.publicvm.com dish123newpro.publicvm.com dmjncbzvayuywqalponmcbvzcxhyuesgfhdnautwm.ydns.eu dnsupdater.cable-modem.org documentpdf.ddns.net dodoservicessk.info dollarfilter101.ddns.net dollarman.ddns.net dolphnindia.duckdns.org dolxxnanx.hopto.org domahaddtopgg.ddns.net domingos-50227.portmap.io donald.lewis83.hopto.org donlin795.hopto.org dontreachme6.ddns.net donx.strangled.net dosiokal.kozow.com doty.strangled.net dowas.hopto.org drbenz.duckdns.org dreamswitchd.no-ip.org dres199.ddns.net drftybun.ddns.net driss100.ddns.net drk.duckdns.org drweb78.no-ip.org drxppedt.ddns.net dsfdfsdfsdf.ddns.net duncan00.ddns.net duncan01.no-ip.org dunga.duckdns.org duruawka.linkpc.net dusksel.insidedns.com dv-sec.hopper.pw dynamicinnovator.hopto.org dzino.ddns.net eagleshth.ddns.net easiacess5.ddns.net eberk30.mooo.com eberk300.chickenkiller.com edsales348.hopto.org edubros.duckdns.org ekenekevin1.ddns.net ekuro.hopto.org eleks.ddns.net elinaksoi.freeddns.org ellatest.ddns.net elvis231.hopto.org elvis4.ddns.net emaeff.duckdns.org emirduck.duckdns.org emmydan.ddns.net emvstudio.ddns.net engr101.ddns.net engr101.hopto.org enomfon.duckdns.org epicgamesfn.ddns.net epicryan449.duckdns.org epicswagg.duckdns.org equity2001.ddns.net equity2020money.duckdns.org ericfresh.duckdns.org ericgacia.hopto.org ericmoney.ddns.net erunski.duckdns.org esetceotestercz.publicvm.com eth420.ddns.net ethel19733.ddns.net etoiilefiilante.duckdns.org euroano.ddns.net euroano2.ddns.net ev232.no-ip.biz evapimp.myq-see.com eventmulla.ddns.net evi0.no-ip.biz evilrspsha1.duckdns.org ewunoip.ddns.net exceltionguidle.ddns.net expensivewire.ddns.net explosions.no-ip.org exportwallanddeco.hopto.org exzubnt.zapto.org eyolakadon.ddnsgeek.com ezego.duckdns.org ezengwongwo.duckdns.org fablousy.kozow.com facebook32.ignorelist.com fackrul.ddns.net faq.medecinsansfrontiere.fr farah99.zapto.org fartmonkey9000.mooo.com fashoct.duckdns.org fastnfure.ddns.net fastnfure.jumpingcrab.com fathom85.duckdns.org fellasbam.ddns.net fenixalec.ddns.net fenixalec.sytes.net festus1.ddns.net fiftygood.duckdns.org findmyservice.ignorelist.com fineama.ddns.net finejacco.ddns.net finlandmc.com fire4fire.ddns.net fire4fire123.ddns.net fishpnd.duckdns.org fji673mfa09zhvs.freemyip.com flashgen.ddns.net fliy.ddns.net flowmoney.ddns.net flysky1400.ddns.net fmw87907.no-ip.org fokn2121.duckdns.org foknstreet.duckdns.org forcesbots.ddns.net forkash.ddns.net formaicafeng123.ddns.net formt.hopto.org fortyu.duckdns.org franex.sytes.net frank121.duckdns.org frank3000.ddns.net frankhobbes34.sytes.net fredj.ddns.net freedemboiz.ddns.net freedomainnow.ddns.net freemason.ddns.net freetime.accesscam.org fridayac.duckdns.org fridaycav.duckdns.org friomo.duckdns.org fromfirsttolast.no-ip.biz frubong.duckdns.org fspy.cf fuckto242506.ddns.net fuevermili.hopto.org fugn.duckdns.org fugn1610.duckdns.org fugn1881.duckdns.org fungame.duckdns.org fungame2.mooo.com funsecond.ddns.net futurist11.ddns.net fxforti.chickenkiller.com g4ng.duckdns.org gahenyt.myddns.me games100123.duckdns.org games101123.ddns.net garlicbread.ddns.net gato113377.sytes.net gayama.ddns.net gdhfj.ddns.net geekmind1.no-ip.org gefide4.ddns.net gen2.hacked.jp generaloffice.ddns.net gentle.duckdns.org geo321.ddns.net gertzicraft.serveminecraft.net getmeontop.sytes.net ghf.ooguy.com ghost123123.ddns.net ghostcum.ddns.net ghostnature.ddns.net gifted.gleeze.com gintex.ddns.net gl.no-ip.info glbringiton.ddns.net gmlgml.zz.am goat22.ddns.net goated.ddns.net goblinloblin.chickenkiller.com godblessing4693.ddns.net godfavour.ddns.net godfavour234.ddns.net godisgood.hopto.org godnogoshameus.ddns.net godofhost.fullstrap.tech godofhost.fullstrap.us godrich.duckdns.org godsblessing.ddns.net godsuckedmeoff.ddns.net godtimeishere777.chickenkiller.com gold.ooguy.com gold080.ooguy.com goodmanp.hopto.org google-lc2.servegame.com google-service.ddns.net googleaccservce.ddns.net googleupdater.duckdns.org googleusercontent.ddns.net gop5top.ddns.net gowno.ddns.net goz.ydns.eu grace121.duckdns.org grace147.ddns.net grace532.sytes.net gracemultiply.myq-see.com graceonme.ddns.net gracious2021.ddns.net great001noch.chickenkiller.com greatness84.ddns.net greatnew.duckdns.org green.mexican.jumpingcrab.com greyytb.ddns.net group3.no-ip.biz gruk.ddns.net gshwjnkiyrgdhavczmlopnbvcdtrjhbcxzuiopweazxbwqmnbf.ydns.eu gtrevengerat.ddns.net guygeh.ddns.net gwascannon.bounceme.net hackcentral.ga hackedbyplouk.ddns.net hackedbyplouk2.ddns.net hackenamin.duckdns.org hackforumsseek.chickenkiller.com hackid.publicvm.com hacksufod.ddns.net hadicentra.ddns.net hadkhadma.hopto.org hailongfvt.zapto.org hampowell.ddns.net hanku.giize.com happistesupreme.ddns.net happiwrk.duckdns.org haroldvvic.ddns.net harri2gud.hopto.org harri2gudd.duckdns.org harri2gudd.hopto.org harry7potter7.ddns.net harryjakess.no-ip.ca harrypotter2.ddns.net harrysmit.ddns.net harshman.duckdns.org harvest33.duckdns.org haserhym3.ddns.net hawla2016.zapto.org hddhasnet.duckdns.org hedgehoghf.no-ip.org helixsohum-59977.portmap.io heuzz.ddns.net hexrex.no-ip.biz hiewan.myq-see.com higgins.ooguy.com highallthetime.ddns.net highminded.us hikanddns.keenetic.link hiutuko.theworkpc.com hoanghuyen1527.ddns.net holdem331.sytes.net holimoneygoinghome.duckdns.org home.no-ip.net homtom.mooo.com hopiapa.ddns.net horizon1122.3utilities.com hostednational.duckdns.org hostkmail.ooguy.com hostnamexample.ddns.net hostriekso.mywire.org hostrila.accesscam.org hostrio.freeddns.org hostriok.accesscam.org hostwiththeroast.zapto.org housterq.freeddns.org houstrik.casacam.net houstru.ddnsfree.com houtske.freeddns.org hsjbvxnzmk12.myftp.biz hsteiqs.mywire.org http4.duckdns.org http4.justdns.pw htyeirhfjdbf.duckdns.org hungerfighter.ooguy.com hungry.kozow.com hurt.femboy.zone hustlerman.ddns.net icontact565.duckdns.org igweway.ddns.net ijeawele.duckdns.org ijehawele.duckdns.org ik123.duckdns.org ikroad.duckdns.org ilovenanocore.chickenkiller.com ilsinho23.ddns.net imanonyme.ddns.net imglb.zapto.org immi.zapto.org imortal.myq-see.com implciite.anondns.net inchostlucost.duckdns.org incur.chickenkiller.com indigostores.duckdns.org indomie.linkpc.net indomies.linkpc.net infit.ddns.net informer.ddns.net innocentyo.ddns.net intelligentminds14.mooo.com involved-stars.at.playit.gg inyene.duckdns.org io.burrow.io ionusos-25533.portmap.host irenewoman.duckdns.org irofualauzo1.ddns.net isaac163.mooo.com isaaconyejekwe.ddns.net isiefi.ddns.net isiefinama.duckdns.org ispnano1.ddns.net itsbanter.no-ip.org iutkcom.duckdns.org izu2128.hopto.org jaama.hopto.org jacknanoles472son.publicvm.com jackpiaaunano.duckdns.org jacrel.duckdns.org jadidqs.accesscam.org jagab.duckdns.org jahismyhelper.hopto.org jamalrnukkam58.sytes.net jamesk.serveftp.com jamesnew.duckdns.org jan7100.duckdns.org janded.ddns.net jannewyearomo.duckdns.org jawah22.ddns.net jayjaa.ddns.net jbbalboamonark.ddns.net jbbalboamonark.hopto.org jeezy2907.ddns.net jeffery123.ddns.net jeffyjeffy.duckdns.org jege1.duckdns.org jegs.no-ip.biz jeksabide.duckdns.org jesus-christ.redirectme.net jesus-redirectme.chickenkiller.com jesusfountain.redirectme.net jesustheway.ddns.net jfncghc.ddns.net jiiihihihiguuhhgygygtdtdtgdsdxfulllbb.ydns.eu jikit45.ddns.net jlogins123.duckdns.org joesrat.no-ip.biz john101.chickenkiller.com john7.hopto.org johnmark449.ddns.net johnobi.ddns.net johnsuccess18.ddns.net jonbbc.ignorelist.com jonbullie.duckdns.org jos.hopto.org joseph2.duckdns.org joutd.mywire.org juhanirats-22583.portmap.host julio8duck2.duckdns.org july2.duckdns.org julynan.duckdns.org justanix.ddns.net justme.dyndns-server.com justmethods.ddns.net justmoneymes.duckdns.org jventure.duckdns.org kachi2020.hopto.org kachijosh19.hopto.org kainox.ddns.net kala1.duckdns.org kalyppo.ddns.net kalyppo2.ddns.net kamzy2022.ddns.net kancesucess.chickenkiller.com kary.hopto.org katrinapastternak.duckdns.org kayxmedd.chickenkiller.com kcbill.ooguy.com kcfresh.duckdns.org kekevzcmkopdhunbsgwtfcvzcxgjhyegvbcnmgte.ydns.eu kel-j.duckdns.org kelvin2018.ddns.net ken42.ignorelist.com kene321.ddns.net kene3210.ddns.net kengeorge.zapto.org kengoerge018.ddns.net kengroup.publicvm.com kennethw201.ddns.net kenvilla.no-ip.org kery.hopto.org ketamiini.ddns.net keving.duckdns.org kewnslayer.ddns.net keystroke.chickenkiller.com keystroke94.chickenkiller.com kgentle77.hopto.org kgentle777.duckdns.org khangaii.ddns.net khkeur.no-ip.org kikizo-49360.portmap.io killa985.ddns.net kimmyavalos7.ddns.net kingjeff.chickenkiller.com kingjeff2015.chickenkiller.com kingman1.ddns.net kingofus.chickenkiller.com kingsnake.ddns.net kingspy.dynu.com kittenuid.mooo.com kjwoconfigwindows.xyz kkmmtt.duckdns.org kkmmtt1.duckdns.org kkuttt.ddns.net klbfever.ddns.net klippcraos.mooo.com klonnygermanip.ddns.net klonnygermanip1.ddns.net klonnyworlds.duckdns.org kmt-2.ddns.net kmt.ddnsking.com kmt2020.duckdns.org kmt22.ddns.net kmttk.hopto.org kocheme.ddns.net kolsdyeur.camdvr.org kotetsy.hopto.org krazzy-61352.portmap.io krieten.zapto.org krypzo-41088.portmap.io ktmpss.mooo.com kukgubben05.ddns.net kurcinasmrdljiva.ddns.net kvngnelson007.hopto.org lachouffe.ddns.net lafia.hopto.org lagacylinktrytonice.ddns.net lakadon.duckdns.org lakes14.ddns.me lakes14.no-ip.org lakosmake.camdvr.org lambogini199.ddns.net lamescape.no-ip.biz lanky.ddns.net lastme11.ddns.net lasuiod.freeddns.org latestspyhostincsub.hopto.org lawrencezion4real.ddns.net lecairequejaime1.casacam.net lemons.duckdns.org lewisshh.ddns.net lifehaks.ddns.net light01.ddns.net lightman.ddns.net limfa.sytes.net lineservie.freeddns.org links5675.ddns.net links5675q.ddns.net liquidmetaring.myddns.rocks lis1034.hopto.org littlacen.selfhost.tk littlesteps543.serveftp.com ll4rzd8w5.ddns.net lockerrollercooller.mywire.org logs1234.duckdns.org logshostinc55.hopto.org lolex218.ddns.net lolli.no-ip.info looipoko.loseyourip.com loutcho.ddns.net lowkee.ddns.net lowspeed121.ddns.net lucidair.ddns.net luf.ddns.net lunar666.ddns.net lyfoon.ddns.net lyhv.ddns.net maccdnsx.duckdns.org machies.ddns.net madbunny.duckdns.org maggii.myq-see.com magsi.no-ip.org mailsiro.casacam.net maine009007.hopto.org makaveli.ddns.net makavli.ddns.net makuoemecheta.ddns.net malikso.giize.com malisokre.loseyourip.com mallow2.3utilities.com mamapap.giize.com mamdrogat.ddns.net man90.ddns.net mapec.no-ip.biz market.ndplc.gq marksrat.duckdns.org marmarx.duckdns.org marquinhos-36228.portmap.host marshost.publicvm.com maryik.ddns.net maryik.hopto.org maskuoslq.freeddns.org massingalemarcus.dynu.net master042.duckdns.org masterstan.quicksytes.com mastersure042.duckdns.org masterwork.ydns.eu maszddos.ddns.net maxhasminipp.ddns.net maxibrainz.linkpc.net maystanview.duckdns.org mb22mb.duckdns.org mcsoft.hd.free.fr mdhkazerni1555.ddnsking.com mdx2893.3utilities.com megamoneyaneke.duckdns.org melbourneau.duckdns.org melionx.duckdns.org metal3oxide.hopto.org metin2coder.duckdns.org metoliks.chickenkiller.com mevsus.duckdns.org mewmewmew.twilightparadox.com mexi11.ddns.net michaelray919.ddns.net microsoftuserman111.ddns.net midiminuit.ddns.net mikeanam.ddns.net mikeeee.duckdns.org millarat.ddns.net millions7654.gotdns.ch millykay.ddns.net mimi121.duckdns.org minasxat.duckdns.org minecraftserver1337.ddns.net mirra.hopto.org mn255.freeddns.org mnvh54254.ddns.net mobite.ddns.net modernpale.duckdns.org modz80.ddns.net moftsvs.ig42.org mohd2020.myddns.rocks molardaniel.hopto.org moneycaptain.duckdns.org moneymaketime.duckdns.org moneymood.myq-see.com monkeynuts420.serveminecraft.net monoxoiz.airdns.org monoxoiz.chickenkiller.com moonlk.ddns.net more007.fe100.net moregrace.ddns.net morelogs.duckdns.org moremore.hopto.org mphnewconn.ddns.net mrniceguyinc.bounceme.net mrsaix.noip.me msaqibafrozo.duckdns.org mscontrolcenter.ddns.net msctrlcenter.ddns.net mssdlc.pw mssdll.pw msupdater378.my.to mudananil.duckdns.org multipleentry90dayscontroller.homingbeacon.net mundodark.crabdance.com muslimdogger.mooo.com mustpay2211.ddns.net mydnsnanocore123.ddns.net myduck222.duckdns.org myfiat.myq-see.com myhost2607.ddns.net myhustle.duckdns.org myrepoquery.chickenkiller.com mystupidfriend.duckdns.org naga0.ddns.net nan.fuzetec-tw.com nanc.ddns.net nani.blueheartsmed.com nannocoretest.ddns.net nano-normal.ddns.net nano.ssfn.site nano032020.duckdns.org nano122.ddns.net nano2.serveftp.org nano20.hopto.org nano63773737.duckdns.org nano833.duckdns.org nanobless.dyndns.biz nanocandy1337.ddns.net nanoce.ddns.net nanocore.click.duia.eu nanocore1.publicvm.com nanocore2023.duckdns.org nanocore9914.ddns.net nanocoreo.ddns.net nanocorevsmyself.ddns.net nanocorewb.linkpc.net nanodell.no-ip.biz nanodk.sytes.net nanoevo.ddns.net nanogrouch.chickenkiller.com nanohead.servemp3.comh nanoiskewl.duckdns.org nanomalay23.hopto.org nanorammbhjuy.ddns.net nanospency.duckdns.org nansedd.duckdns.org nanso.no-ip.biz napymon81.dyndns.org nas231.duckdns.org nasatweb.duckdns.org nasim1.duckdns.org nassiru1166sub.ddns.net nattyma.no-ip.biz navaikargranites.work.gd nazareen12.ddns.net nc.anondns.net ndlovusamkello.hopto.org netccwomo.duckdns.org netnew421.jumpingcrab.com netrna.duckdns.org netserv.serveftp.com netvillsm.giize.com netwirelucas.chickenkiller.com netwroksolutionse.ooguy.com new555.ddns.net newagain.duckdns.org newhost.publicvm.com newipset.hopto.org newjege.duckdns.org newmeforever12.3utilities.com newmeonego.duckdns.org newnanmail.xyz newnano.ddns.net newoffce.duckdns.org newresultinc.hopto.org newsamcav.duckdns.org newworks.sinsincity.com newworks2050.sinsincity.com newz.sytes.net nibiru33.duckdns.org nibiru333.duckdns.org nickdns22.duckdns.org nickdns27.duckdns.org niggaer2.ddns.net niiarmah.duckdns.org nj428.ddns.net njo54.ddns.net nkmzizbest4.no-ip.org nmkrupp.ddns.net noan12.noanvaruncorekumar.cf noancore.linkpc.net nobiwideget.dvrdns.org noname38.no-ip.info noname381.no-ip.info nonny55.ddns.net nor.strangled.net norahbrookss.duckdns.org nosheep.noip.me nov20126746.duckdns.org nov6400.duckdns.org novakcy.ddns.net novakcy.duckdns.org november.chickenkiller.com nserv.anondns.net nserv.v6.rocks nucleardom.is-a-geek.com nukimz.crabdance.com nuttara2020.ddns.net nwme22.duckdns.org nyidlahebhf.mooo.com nyoka.duckdns.org nzekanze.hopto.org nzenzeka1.hopto.org obai419.ddns.net obama101.duckdns.org obidikeejike.hopto.org oblack.ddns.net obomita.ddns.net oby123.ddns.net octnew.duckdns.org octomoo.duckdns.org office13.servemp3.com officemorgana.duckdns.org officeofgrace.duckdns.org officewk2020.hopto.org officezafar.hopto.org oficeban.duckdns.org ofon.duckdns.org ogidi.sytes.net ojeff.ddns.net okaman.no-ip.biz okay2222.ddns.net okeyz.duckdns.org okirikiri.mywire.org oleg321.ddns.net olodofries8.ddns.net oloshog2.duckdns.org olusho.quor8.com oluwavenza101.ddns.net olux.twilightparadox.com omada1.ddns.net omarch.duckdns.org omcasm.duia.us ome2j3bw.3utilities.com omojune.duckdns.org omsep.duckdns.org onebillion.hopto.org onedrive.duckdns.org oneup.publicvm.com onohsamy.duckdns.org onyedika.ddns.net onyejekwejekwu.ddns.net onyeka.gotdns.ch onyekaj.hopto.org onyeotit.ddns.net open-translator.at.ply.gg openporting.ddns.net oplm.ddns.net oranjun-60963.portmap.io orcusss.duckdns.org orika.ddns.net ororo.ddns.net osethaps.ddns.net osharay.ddns.net ostehaps.ddns.net otcv4.ddns.net ouff.anondns.net ourcompany.ddns.net owoego.chickenkiller.com ozanboi67.ddns.net packservie.giize.com palmtreesbynastyc.ddns.net papacy.hopto.org papilo.2waky.com parqan.hopto.org pasha1337.linkpc.net patriciawangs.duckdns.org pattersonfelix.freeddns.org paulcoe.ignorelist.com paymenthurb.duckdns.org paymentmaba.sinsincity.com paymentmonth.libfoobar.com paymentrab.sinsincity.com pc.charlito33.fr.nf pepe7.duckdns.org perry.myftp.org personalosas.no-ip.org petersonvargas77.ddns.net pharmalone.hopto.org philbillibilli.duckdns.org phill.onmypc.us phone2347.linkpc.net pi0n.ddns.net pierrelbg47.hopto.org pineapplebutter.ddns.net pinksnanocore.ddns.net piratebox.no-ip.org pizzabuttpizza.servebeer.com pleata1234.ddns.net plugins.dynamic-dns.net plutonano.dynu.com plutonano.linkpc.net plz.servebeer.com pogiako.no-ip.biz pont222.hopto.org poopers.mooo.com popup.upnadservice.icu port80.publicvm.com positivemikey.myq-see.com postnl.duckdns.org pparable.no-ip.biz prakashrao.hopto.org pre08080.nsupdate.info press007.linkpc.net press042.hopto.org press042.linkpc.net prime.myftp.biz prime1.zapto.org primero.hopto.org pripri.duckdns.org privatehostinc.hopto.org probykam.giize.com processor.ddns.net programmev3.kozow.com psycho1337.no-ip.org puas.zapto.org public4750.myq-see.com purestokhom.duckdns.org pvibes.ddns.net pw3922065test.ddns.net pwrat.duckdns.org qd4sda0v.redirectme.net qousar4.ddnsfree.com qqqqqqqqqq.ddnsking.com quartierrat.polulesky.xyz queda212.ddns.net quill.sytes.net r0c.ddns.net r6d6.ddns.net r6d6.zapto.org radicalblessing.webhop.me rage.hopto.org rageofpain.duckdns.org range-back2.duckdns.org range13.duckdns.org rat-val.ddns.net rat.birdlip.tk rat123.ddns.net ratatatata.duckdns.org ratcenthoo.ddns.net ratest.lattu.ga ratj.ddns.net ratlt2.ddns.net ratm.ddns.net ratserver.ddns.net rattester.airdns.org ratttyyy.mooo.com ravev1.ddns.net ray00.kozow.com rayrat.chickenkiller.com rayriager.duckdns.org raz23-39752.portmap.io razbigboy.duckdns.org razummix.ddns.net rcode5000.duckdns.org rcontrol4sec.ddnsgeek.com rdns0.vipsms101.com reborn0147.duckdns.org rebornx.duckdns.org recently-clark.at.ply.gg reckage.ddns.net redgie.duckdns.org redshadow.ddns.net refund2me.mywire.org registryhost.servegame.org resultat2015.ddns.net resulthostsockinc.duckdns.org results98.duckdns.org rex231.duckdns.org reysec-43171.portmap.host rizzla.no-ip.org robbertwayne.no-ip.biz robertjoe607.ddns.net robgreen.hopto.org robi54.duckdns.org robme54.duckdns.org rock-lightning.at.ply.gg rogerboy12.no-ip.biz rolex.ddns.net routess.no-ip.biz roxy.is-gone.com royal2222.duckdns.org royalty11.ddns.net royratter.chickenkiller.com rt54.duckdns.org ruffella.ddns.net ruffella11.ddns.net ruffella2407.ddns.net rungmotors20.ddns.net runnermank.rapiddns.ru rushinc3.ddns.net ryan903.duckdns.org rzf9k8gh4.duckdns.org saadhente.ddns.net sakrolod.freeddns.org sales-peter27.ddns.net sallyshooter100.chickenkiller.com salyou.theworkpc.com samdiv.camdvr.org samnewagain.duckdns.org samp304.quor8.com samy.chickenkiller.com sandersace.duckdns.org santora.chickenkiller.com saturom.duckdns.org savagescape.duckdns.org sawitupnew.expackplc.club scammerhost11.ddns.net schoolserver405.mooo.com se7ense7en.hopto.org seabillion.duckdns.org seashadow.ddns.net sebonwealth.ddns.net securityveriservers.ddns.net sekoi.ddns.net senatorojugo.ddns.net seniordunc.ddns.net sepfire.duckdns.org september101991.ddns.net serviceswin.ddns.net severedsoulzztoolzz.myftp.biz sexycam.ddns.net sgk.linkpc.net sgt-strik3r.no-ip.org shamim.zapto.org shamimaquize.ddns.net shantitins.zapto.org sharongrace.ddns.net shekinahwish.ddns.net shotababywitham4a1.ddns.net shshitmang.fishdns.com shtpmf.duckdns.org shutupgay.ddns.net sickfuckingskills.mooo.com sidactionorg.no-ip.org sifenajma.no-ip.biz sikes.chickenkiller.com silkanonymous.ddns.net silkfromanonymous.ddns.net sipudye.mywire.org sirsmith74.ddns.net sito276.zapto.org sizisizi.freeddns.org sjokolade.duckdns.com sjokolade.duckdns.org sketchftp.ddns.net sketchvip.ddns.net skidnet.ddns.net skullsnail1.myftp.org slickcsgo.no-ip.org sm94-21612.portmap.host smartslaves.hopto.org smith2020.ddns.net smith2021.ddns.net smito.ddns.net smito80.ddns.net smokiez94.no-ip.biz sn00k131nc.no-ip.org sneakyhackersinc16.ddns.net snoopafly01.no-ip.org snopper13.ddns.net snow.rule-de-game.com snowboy789.ddns.net snup2020.ddns.net sobe123.ddns.net soc11.duckdns.org sock5.mooo.com socks5.chickenkiller.com socratecafu.hopto.org sofiqn.ddns.net softwaretrader.chickenkiller.com soith999.dns.net som2020.zapto.org sortltd.duckdns.org souliiiiiiii.ddns.net soutrikf.mywire.org spamhaus.cornrnscope.com ss1sda1231fsdf.ddns.net sslnad.ooguy.com sss.off.li ssssadad.myddns.me sssss10.duckdns.org stainless0511.chickenkiller.com stanadmin.nhlfan.net stankovic.geekgalaxy.com stannano.golffan.us startup1.ddns.net stay460x.ddns.net steamserver285.ddns.net stilletics.ddns.net stixio.chickenkiller.com story.servepics.com strike44rus.ddns.net strivemaxlogs.ddns.net stronggods.ddns.net strzdka732373.ddns.net subdomaintest.chickenkiller.com sucepd.no-ip.org suckmy.ddns.net sugarcane.hopto.org suggy2.duckdns.org suggyworldbackup.zapto.org sulumanco.duckdns.org summersyz.duckdns.org sunnysept.duckdns.org super1x1.hopto.org supernovaswag.ignorelist.net surcercu.ddns.net svchost64.ddns.net svr.fspy.cf svr10032.mangospot.net swagkhalifa.ddns.net swift-copy.ddns.net swiftzone.ddns.net swingling.myq-see.com sydney112.hopto.org syhost.ddns.net syhost.duckdns.org syoll.duckdns.org sys78.strangled.net t35tenj0yth1shba.chickenkiller.com t5estst.ddns.net tadas123.mooo.com takepisson.ydns.eu tangomango.hoptp.org taskintelguard.ddns.net tboss1.ddns.net teames.hopto.org teammoanygang.crabdance.com tekinmehmet.duckdns.org terrystoner45.ddns.net teslafires.ddns.net test0303.chickenkiller.com test1002.gleeze.com testalerlynch.ddns.net testalerlynch2.ddns.net testdomain1.chickenkiller.com teste69420.ddns.net testers1.zapto.org testforyo.no-ip.org testingmyrat.ddns.net testrun123.hopto.org tgfhgfd.casacam.net thanks001.ddns.net thatsaboutit.fishdns.com thecevoo.duckdns.org thefatelvis.chickenkiller.com thehyperdns.ddns.net themanwithgrayhat.ddns.net themenace.ddns.net theprohacker.ddns.net thesopranos.duckdns.org this-france.at.playit.gg tiben.ddns.net tikes.ddns.net tiltedfn.ddns.net timduckdns0123.duckdns.org timremcos.ddns.net titiaty.duckdns.org tochi.ddns.net togba.duckdns.org toknowomo.duckdns.org tokyouprising.ddns.et tolaresfgc.ddns.net tomatodns.duckdns.org tomharryk.ddnsgeek.com tonymarshal.ddns.net tonypeter96.myq-see.com tooblaq1.ddns.net tooblaq2.ddns.net toolmachine404.ddns.net tormenta.hopto.org torrentmyfriend.chickenkiller.com totalcurryoffsets.ddns.net tr1.localtonet.com trollo991.ddns.net trustingod4brktru.dns53.biz tunneddd.ydns.eu tuttotone.mooo.com twodrive.duckdns.org twojstary28.ddns.net tyurnmfffirt.duckdns.org ubern.mooo.com uccccccheee.ddns.net uche2018.ddns.net ucnano180523.ddns.net ucrexz.hopto.org udpdns.ddns.net ugn1610.duckdns.org ugorji.ddns.net ugotrattedp100.ddns.net uhie2025.hopto.org uiopwq.duckdns.org universex2.ddns.net universex3.ddns.net unkknown.ddns.net update-system.duckdns.org urualla.duckdns.org urualla3.duckdns.org user.serveftp.com vailderprepaidvcarder.theworkpc.com vape11.ddns.net vardanashvildwc.ddns.net varunbenchod221234.freemyip.com vauxhall.hopto.org vayqormansduckk.duckdns.org vector5.ddns.net vengeance.duckdns.org venom112.ddns.net viccavi.duckdns.org vicnew.duckdns.org view43750.ddns.net vincenthardvvare.ddns.net vipsms101.com virtualhost19791.duckdns.org visualhd.duckdns.org vjhelena.duckdns.org voip4suriname.duckdns.org vps.rootlayer.net vremenew.ddns.net waf901309oi.freemyip.com walexusa.hopto.org walkerben706.ddns.net warqazx.strangled.net watermalon34.hopto.org wazzy113.ddns.net wazzy131.ddns.net wealthybillionaire.ddns.net weddinglight.ddns.net wekeepworking.sytes.net wekeepworking12.sytes.net weloveyoumum.no-ip.biz welu111.ddns.net wespeaktruthtoman.sytes.net wespeaktruthtoman12.sytes.net western12.ddns.net wharfedale.no-ip.org wichsfresse.ddns.net williamfred.ddns.net williamsgraig68.ddns.net willspammer.duckdns.org wilsonlim564.ddns.net wilsonzz.webredirect.org win2020.zapto.org windosupdater.no-ip.biz windowschecker.sytes.net windowsexplorer.ddns.net windowsmanager.freemyip.com windowsssservice.ddnsfree.com windrv.ddns.net winlogon001.3utilities.com winserver103.dyndns-server.com winserver103.hopto.org winsrv.ddns.net winter-dew-56140.pktriot.net wintozz.hopto.org without.duckdns.org wlyksd.gotdns.ch wncry.duckdns.org woebegone-smoke.auto.playit.gg wonderwork99.hopto.org woolner4u.ddns.net wordz54.duckdns.org workerholic.myq-see.com workshopnc.ddns.net worldnow.duckdns.org wupdate162.cloudns.nz ww3.ryl2history.net xavi-bales.ddns.net xcarfini.ddns.net xgeo123.duckdns.org xkr0wnx.no-ip.biz xkr0wnx.no-ip.org xuplex.ddns.net xxcsgoxx.duckdns.org xxcsgoxx.javafaq.nu xxcsgoxx1.duckdns.org xxxpornstory.xyz xzblackman.ddns.net yabs.duckdns.org yaunywxb.ddns.net yawalessinc.hopto.org yeahbabka.duckdns.org yeeternet.servehttp.com yes.dnsabr.com yesboyy.chickenkiller.com yolokali.ddns.net yopp.crabdance.com yoratduckdns.org yota890.hopto.org youmomisgay.ddns.net youngsouth.duckdns.org yourmomisawhore.duckdns.org yrnwhathapenn.ddns.net yuppaji.ddns.net yusufeddy.ddns.net zacy547.ddns.net zam.accesscam.org zam123.myftp.biz zctchaos2.chickenkiller.com zctchaos4.chickenkiller.com ze-slade.chickenkiller.com zechlli82.ddns.net zeus444.sytes.net zewuslogs.duckdns.org zhardyalzabi.ddnsfree.com ziaurus111.duckdns.org zoros.ddns.net zouina1.ddnsfree.com # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-28) 81.161.229.107:7763 hondaza.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-09-29) 2.59.254.205:3078 newnanpeople.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-10-03) 104.250.181.155:9036 titus.casacam.net # Reference: https://twitter.com/SarlackLab/status/1709403038618673545 45.66.230.22:54984 backupcraft.ddns.net supercraft123.serveminecraft.net # Reference: https://www.virustotal.com/gui/file/15f43e7843401484c486ddcfcf8119d2cd0f29f2e99017f4c96c83e530a91b17/detection fgudhiiugiufgifufgihdhuidfxgd.duckdns.org nojewsjwooujweq.duckdns.org # Reference: https://twitter.com/SarlackLab/status/1713781884105220342 95.214.27.6:4984 # Reference: https://twitter.com/SarlackLab/status/1713872489942487157 94.156.6.14:6110 29122021.sytes.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-10-17) 173.212.199.134:555 193.42.33.27:4242 3.13.191.225:11674 3.134.125.175:11674 3.14.182.203:11674 3.17.7.232:11674 64.44.156.43:50720 67.207.161.208:50720 91.193.75.195:23591 uilovee.ddns.net # Reference: https://twitter.com/SarlackLab/status/1714597271591850401 3.6.115.64:18792 3.6.30.85:18792 # Reference: https://www.virustotal.com/gui/file/1ef5ead841c58c6d93dc180b4326b9f5904da838fac865237d8f6de2972a8707/detection 138.197.55.204:40812 159.203.144.58:40812 # Reference: https://github.com/Gi7w0rm/MalwareConfigLists/edit/main/nanocore/nanocore_c2s_2023_10_16.txt gracealloverme.ddns.net jmsbond101.noip.me niggaer2.ddns.net. titus102023.ddns.net updats.hopto.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-11-01) 103.114.104.79:54984 3.79.242.82:54984 54.176.73.138:12288 58.27.212.38:54984 74.77.124.104:54984 93.242.233.250:54984 # Reference: https://twitter.com/SarlackLab/status/1720154110354182452 54.219.247.190:18488 # Reference: https://twitter.com/SarlackLab/status/1720154073033277564 193.161.193.99:28278 safe242-28278.portmap.host # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-11-02) 130.51.20.126:37190 147.185.221.17:10524 149.56.101.42:54984 156.96.44.204:9866 158.69.40.137:54984 188.241.39.165:54984 194.147.140.185:23591 194.33.191.126:54984 194.87.217.31:54984 194.49.94.45:54984 201.229.167.115:54984 210.204.137.38:54984 24.152.38.230:54984 3.13.191.225:15432 3.134.125.175:15432 3.134.39.220:15432 3.14.182.203:15432 3.17.7.232:15432 3.22.30.40:15432 31.214.243.202:54984 41.140.148.78:54984 43.155.118.60:54984 45.120.177.164:54984 45.61.128.201:54984 78.92.112.76:54984 78.92.97.220:54984 82.165.201.41:54984 82.64.87.168:54984 89.230.242.182:54984 89.231.229.193:54984 91.92.242.192:54357 91.92.244.198:6696 91.92.247.217:9003 91.92.249.11:54984 91.92.255.112:54984 94.156.64.212:54984 95.164.22.207:54984 6coinc.zapto.org days-jd.gl.at.ply.gg us3.localto.net # Reference: https://twitter.com/SarlackLab/status/1720350203750842637 103.212.81.160:23591 # Reference: https://www.virustotal.com/gui/file/44e58c0dba27d13f4b08dc74a0fa0bee6fc34371669fa6a48a570879585275a2/detection # Reference: https://www.virustotal.com/gui/file/b9627cc6e13c3cf93c74dd35a8a1c084211b1172953f11789bef2bb9fa41a210/detection # Reference: https://www.virustotal.com/gui/file/e553c1490bdfe5a177b3d92b5d10fa091ab1249728c95a0b9ad14848106a4c63/detection 193.56.28.42:2419 77.87.77.145:2419 2419.servep2p.com # Reference: https://www.virustotal.com/gui/file/cef46c6564d6d53dc7f2bc5ea0b2b749bd08fd3c40b70e1d02774936a6e044d1/detection jserver.mine.nu someone.forgot.his.name # Reference: https://www.virustotal.com/gui/file/25f08750dba082efb9587761ab0e610b93504f6fd506969175fd7c4e2f6be823/detection 209.58.173.138:52090 213.152.161.234:52090 # Reference: https://www.virustotal.com/gui/file/b58a0a97fa1e66a466302c59d576fad5ddad3a7557105b54f7679fd71a38df07/detection 51.103.152.3:9085 sakouiet.mywire.org # Reference: https://www.virustotal.com/gui/file/a57bf31eb7d2f6b39c7cd00c38c20794a01cd84718451f8d761b7712f0e92586/detection 40.89.178.238:9085 koisioa.camdvr.org # Reference: https://app.validin.com/axon?find=185.81.157.16/29&type=ip4 # Reference: https://www.virustotal.com/gui/ip-address/185.81.157.20/relations h-secure.from-al.com infomailssld.xyz ktsv2.ddns.net mailsskleminfo.duckdns.org mailssklkole.camdvr.org mailsslkoter98.xyz mailsslkoter99.xyz mailsslkyouslf.xyz securesell-service.ml sericmailssl00.xyz sericmailssl01.xyz servinfkkool96.xyz servinfkkool97.xyz ultim.for-our.info ultim.mine.nu wp-cpcontrol-syst.ml wp-cprotects.ml wp-wprotects.ml # Reference: https://www.virustotal.com/gui/file/6fb27e9cc7184cffe0e14323fab01b962f53c845d4b751f7655dd4c5c5d10982/detection 20.43.33.61:6702 # Reference: https://www.virustotal.com/gui/file/e76736fa86f0c4104c8e83d66650175b77ca72a5d61164bbb93241dc4a281419/detection chykul1977.ddns.net # Reference: https://www.virustotal.com/gui/file/c292045f82feb7f82750c1fe379b1d3011e322d2b54b4bbdbaaa9f88109237e2/detection dabgamer.ddns.net # Reference: https://www.virustotal.com/gui/file/79bf1c44315ce64f680b9caaa865de1a7a0d5c46025e1c010959f62f9db0c6b7/detection 185.244.30.99:7773 46.243.189.129:7773 catalogues.bounceme.net catalogues.ddns.net # Reference: https://www.virustotal.com/gui/file/56e76c26b1e484adbdad2b6f495497906d5f4ff87c654cb192d9de18a1ee63cf/detection # Reference: https://www.virustotal.com/gui/file/9f4aee3ef0c0263ba2f550ebab3e4c6596cb922fe995bd059157f1123ff21e4f/detection # Reference: https://www.virustotal.com/gui/file/7a0ee494e14e659eed66332b6dd9419db9908944d6485768e41324bc1d5eaddc/detection # Reference: https://www.virustotal.com/gui/file/0a0b576cd582019690dd0a62e8fbe3ff0114823db3c166fb6dc0e05d770cc3dc/detection 2.154.154.78:25951 2.154.154.78:25955 adobsys.cf updater.adobsys.cf helperupdater.duckdns.org # Reference: https://www.virustotal.com/gui/file/c35ac7e4ecc5fba55b27cfc43194ebf0546d1975e53d3bd8dadb41f6421b39c0/detection 37.0.14.199:54984 upgrade1linkedin.ddns.net # Reference: https://www.virustotal.com/gui/file/6073c87e162ba02ba3ed0f05ec9c94795d4ac3cf69783740037fea85295c005f/detection 194.5.98.27:6161 buike.ddns.net # Reference: https://www.virustotal.com/gui/file/b2275ebc15e0f35870d20daacfc9e8065ad5ae354e49265455c1ddf09031599e/detection # Reference: https://www.virustotal.com/gui/file/d0516d313273121f119b894531fb0b8933e916b25e558c9f2ab6a12bd16cf04b/detection 103.212.81.151:8447 # Reference: https://www.virustotal.com/gui/file/e3582ee250dc855c213dbd0d5fc6d77c8d3265bed0469f166e7d4f5733950513/detection # Reference: https://www.virustotal.com/gui/file/9670f2b474b187a7d2b4e3ae6432a6bba704ed7db059bf4fc85a6b08f4e687a3/detection # Reference: https://www.virustotal.com/gui/file/1633f50e4875cc605a369f15275300c5acd77c57ee10af9ce497b6281892c541/detection 41.90.70.170:33406 91.192.100.39:33406 sortedhosted43.duckdns.org sortedhosted43.hopto.org # Reference: https://www.virustotal.com/gui/file/69737675f40cd8e8aeb92a30e6a5051cb0dd18c732ef328050ad99e9642611ab/detection 154.234.238.101:3228 racinn.duckdns.org # Reference: https://www.virustotal.com/gui/file/d142bfa9255d81d9658cb58db7292a4d1e7c63d118b02bd85d71b8e47c389e87/detection 213.152.161.118:13761 timduckdns2023.duckdns.org # Reference: https://app.validin.com/axon?find=141.255.152.0/23&type=ip4 # Reference: https://www.virustotal.com/gui/file/d52fc344e28d6ba77bce73dbed94fd41346d8187bf7a6af9b582c1bf0a3b9bb0/detection 217.138.194.68:9194 dido07.linkpc.net mada-payment.ddns.net # Reference: https://www.virustotal.com/gui/file/70b918a391880b512d4c0f98b78151a422ff4cbc16f14248f95e6842f82a1c4a/detection 181.141.4.186:1014 martesserdnsmartesdns.duckdns.org # Reference: https://www.virustotal.com/gui/file/8c1ca0eb51b1ee8d30b34cdb831da40f2021b323a9bada00af62f7cef51997f4/detection 181.131.217.138:1013 lugodnrelugo.duckdns.org # Reference: https://www.virustotal.com/gui/file/ebb5e3fc765ff1b293e621a2445bfd49a66614528387be591e9e7cca6da56519/detection # Reference: https://www.virustotal.com/gui/file/e4e73e6c71665fd55fa8310a654160c3afe1f8d24842abbe83753e8370b47576/detection # Reference: https://www.virustotal.com/gui/file/e22798f84a0e8112d2a4cf6b78ab8e410b15077d19f077eb466015e1b6e9f52f/detection 181.71.216.115:1014 monacodnremonaco.duckdns.org # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-12-03) http://34.100.137.129 103.114.106.29:4510 103.114.106.29:6696 103.97.209.13:54984 122.54.105.164:54984 123.206.29.183:54984 139.84.139.29:1620 147.185.221.17:25786 161.129.47.59:54980 194.107.126.86:54984 194.147.140.186:3636 3.13.191.225:14849 3.134.125.175:14849 3.134.39.220:14849 3.14.182.203:14849 3.17.7.232:14849 3.22.30.40:14849 62.146.226.202:54984 83.213.157.103:5555 91.92.241.178:54984 91.92.248.204:6696 91.92.248.48:54984 rn72836.sytes.net # Reference: https://twitter.com/SarlackLab/status/1731513990021324981 91.92.251.203:4510 btldinc7.sytes.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-12-07) 13.52.173.49:12152 158.220.124.165:54984 173.211.106.109:50720 52.9.207.250:13832 54.241.198.186:13832 81.109.131.3:54984 90.91.100.126:54984 91.92.248.208:8967 91.92.250.47:54984 93.127.26.74:54984 # Reference: https://www.virustotal.com/gui/file/e65126d135c19535eea9e9feadf7c09435ffd49e21ca37e2896a0605f0526cc6/detection emyeju22.duckdns.org # Reference: https://www.virustotal.com/gui/file/aa0253c194ada9fc203b59b0f5848b86bb640fc80ce3cc92f9c680789df0ea85/detection # Reference: https://www.virustotal.com/gui/file/89bfeb9065865f24ef5cc770a5ba9b47edaccd5ea1a963634e0bb599c5e403dc/detection 46.246.14.19:3580 46.246.14.2:3580 46.246.80.9:3580 46.246.82.2:3580 46.246.84.3:3580 server.freedynamicdns.org # Reference: https://www.virustotal.com/gui/file/86cc95c97295074932cb67d7d03ecfbbd4ba8c732012d34348cb284408ba44f3/detection 46.246.14.19:19864 # Reference: https://www.virustotal.com/gui/file/77009cdab6c8667e842edc0bf7243f1531a4d1f532e5189d1de16c05301324eb/detection 46.246.14.19:8367 # Reference: https://www.virustotal.com/gui/file/416673c1df7d3b8aaff9d7065e772dc410268b01c5e790bace7e4862d9a5d864/detection 194.5.98.165:8734 # Reference: https://www.virustotal.com/gui/file/f2b090035dd0ae7a49ae55b6c183754c53a986303c1386530859648aae4e2c84/detection 46.246.84.18:2404 # Reference: https://www.virustotal.com/gui/domain/mansengco778.ddns.net/relations # Reference: https://www.virustotal.com/gui/file/153ddc9c118766f7f30adf60c448a6195a3a0eeb2e4a8f56f58ed6b9560e5f92/detection 102.212.236.78:19864 102.218.89.31:19864 102.36.222.57:19864 102.85.244.207:19864 102.89.32.104:19864 102.90.44.11:19864 102.91.5.34:19864 102.91.53.246:19864 102.91.72.21:19864 105.112.100.150:19864 105.112.102.29:19864 105.112.102.39:19864 105.112.104.121:19864 105.112.105.82:19864 105.112.106.26:19864 105.112.107.176:19864 105.112.107.226:19864 105.112.109.133:19864 105.112.109.159:19864 105.112.109.167:19864 105.112.109.93:19864 105.112.123.246:19864 105.112.125.82:19864 105.112.211.113:19864 105.112.211.30:19864 105.112.32.16:19864 105.112.96.82:19864 105.112.97.107:19864 105.112.97.141:19864 105.112.98.0:19864 105.112.98.97:19864 105.112.99.107:19864 105.112.99.154:19864 178.73.192.75:19864 178.73.192.8:19864 178.73.218.2:19864 185.140.53.198:19864 188.126.90.19:19864 188.126.90.23:19864 188.126.90.66:19864 188.126.90.67:19864 194.5.98.140:19864 194.5.98.214:19864 197.210.226.101:19864 197.210.226.114:19864 197.210.226.118:19864 197.210.226.141:19864 197.210.226.156:19864 197.210.226.183:19864 197.210.226.200:19864 197.210.226.36:19864 197.210.227.182:19864 197.210.227.22:19864 197.210.52.10:19864 197.210.53.157:19864 197.210.53.9:19864 197.210.54.170:19864 197.210.54.202:19864 197.210.54.229:19864 197.210.54.29:19864 197.210.54.3:19864 197.210.54.61:19864 197.210.54.79:19864 197.210.54.84:19864 197.210.54.91:19864 197.210.70.73:19864 197.210.77.139:19864 197.210.78.121:19864 197.210.78.165:19864 197.210.78.176:19864 197.210.78.206:19864 197.210.78.224:19864 197.210.78.22:19864 197.210.78.23:19864 197.210.78.38:19864 197.210.78.56:19864 197.210.78.67:19864 197.210.78.89:19864 197.210.78.91:19864 197.210.79.112:19864 197.210.79.114:19864 197.210.79.125:19864 197.210.79.138:19864 197.210.79.161:19864 197.210.84.110:19864 197.210.84.224:19864 197.210.84.238:19864 197.210.84.59:19864 197.210.85.126:19864 197.210.85.194:19864 197.210.85.43:19864 197.210.85.80:19864 41.190.3.121:19864 41.190.31.153:19864 41.190.31.78:19864 46.246.12.18:19864 46.246.12.19:19864 46.246.12.210:19864 46.246.12.5:19864 46.246.12.68:19864 46.246.12.76:19864 46.246.12.9:19864 46.246.14.2:19864 46.246.14.4:19864 46.246.4.10:19864 46.246.6.12:19864 46.246.6.4:19864 46.246.6.73:19864 46.246.6.7:19864 46.246.80.2:19864 46.246.80.8:19864 46.246.82.66:19864 46.246.82.69:19864 46.246.82.9:19864 46.246.84.20:19864 46.246.84.67:19864 46.246.84.9:19864 46.82.174.69:19864 59.24.3.174:19864 79.134.225.21:19864 79.134.225.33:19864 79.134.225.87:19864 8.7.198.46:19864 93.46.8.90:19864 # Reference: https://www.virustotal.com/gui/file/5e9bf6cd983cfc55d18b63556188efaa833328a7b5bdbec69f93de24f68665f3/detection 189.198.27.14:54984 # Reference: https://www.virustotal.com/gui/file/42cf181d902d9f247f1792e23ff94f9939c35b72ea07661228f3aa99d60ef333/detection 46.246.80.21:9382 # Reference: https://www.virustotal.com/gui/file/4403f7b906a99f50c9d42c8d24b03e9daf0afdc52814e067c931411e41f1c7eb/detection 46.246.84.2:2020 46.246.84.8:2020 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2023-12-17) 173.212.199.134:212 185.244.111.216:1608 185.65.134.162:12567 192.99.152.153:54984 206.189.20.127:53896 216.218.135.117:12567 43.249.192.204:41166 83.213.157.103:54984 85.195.105.66:54980 91.92.242.204:54984 91.92.243.245:9192 91.92.248.48:53081 93.243.153.98:54984 bebis2.ddns.net bigwlat.ddns.net bivkaniva.duckdns.org dagnag.ddns.net dvrsoc.ddns.net globron.duckdns.org man-organized.gl.at.ply.gg saurondark75.ddns.net volomo223.no-ip.biz # Reference: https://twitter.com/SarlackLab/status/1738016730125832397 91.92.245.58:4444 seemeseeyou.duckdns.org # Reference: https://twitter.com/SarlackLab/status/1738605629726474373 94.156.64.168:54984 # Reference: https://twitter.com/SarlackLab/status/1739390768047952062 103.207.37.74:1664 jugoken567.ddns.net # Reference: https://threatfox.abuse.ch/ioc/1223764/ 91.107.200.181:7632 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-01-03) 109.248.144.199:1333 141.255.145.138:54984 18.158.249.75:11297 18.192.31.165:11297 195.85.250.247:54984 3.124.142.205:11297 3.125.102.39:11297 3.125.209.94:11297 3.125.223.134:11297 46.246.82.21:54984 86.218.240.44:54984 # Reference: https://twitter.com/SarlackLab/status/1742652269441519727 83.85.165.190:1604 sp1oorat.ddns.net # Reference: https://www.virustotal.com/gui/file/513f44a66e06bd9d24ca7c0dcf06d1915736669fadb25e9d4b59708a57b66593/detection 147.185.221.17:35565 minecraftbedrockwar.ddns.net # Reference: https://www.virustotal.com/gui/file/0925c2ba2308fe1a84e9737521177e8f3b564ac2c7cc3b418e5c36db438f682e/detection 147.185.221.17:45753 17.ip.gl.ply.gg # Reference: https://twitter.com/SarlackLab/status/1743558253869494694 # Reference: https://twitter.com/SarlackLab/status/1743709278626557983 147.185.221.17:41958 147.185.221.17:56274 a-studying.gl.at.ply.gg ability-jason.gl.at.ply.gg ability-roommates.gl.at.ply.gg ability-webpage.gl.at.ply.gg according-managing.gl.at.ply.gg according-ti.gl.at.ply.gg account-meditation.gl.at.ply.gg activities-crack.gl.at.ply.gg activity-ethnic.gl.at.ply.gg activity-stroke.gl.at.ply.gg add-lets.gl.at.ply.gg add-pricing.gl.at.ply.gg administration-trends.gl.at.ply.gg ads-biblical.gl.at.ply.gg advertise-utah.gl.at.ply.gg agency-expiration.gl.at.ply.gg agreement-apple.gl.at.ply.gg along-indiana.gl.at.ply.gg alternative-establishment.gl.at.ply.gg alwadi.mooo.com always-vic.gl.at.ply.gg america-jp.gl.at.ply.gg among-stadium.gl.at.ply.gg amount-screening.gl.at.ply.gg amount-sized.gl.at.ply.gg an-platinum.gl.at.ply.gg an-senate.gl.at.ply.gg and-ka.gl.at.ply.gg animal-automatically.gl.at.ply.gg answers-mathematics.gl.at.ply.gg answers-something.gl.at.ply.gg any-dvds.gl.at.ply.gg any-ef.gl.at.ply.gg any-marked.gl.at.ply.gg apple-mandate.gl.at.ply.gg apple-trend.gl.at.ply.gg application-earnings.gl.at.ply.gg april-calculator.gl.at.ply.gg archive-statistical.gl.at.ply.gg archives-proof.gl.at.ply.gg area-basic.gl.at.ply.gg area-diet.gl.at.ply.gg areas-scientists.gl.at.ply.gg around-sierra.gl.at.ply.gg artist-emergency.gl.at.ply.gg artists-continues.gl.at.ply.gg arts-rom.gl.at.ply.gg as-depression.gl.at.ply.gg associated-oliver.gl.at.ply.gg aug-acute.gl.at.ply.gg authors-news.gl.at.ply.gg authors-reliance.gl.at.ply.gg auto-affected.gl.at.ply.gg availability-inside.gl.at.ply.gg available-mixed.gl.at.ply.gg awards-assisted.gl.at.ply.gg awards-leslie.gl.at.ply.gg away-wearing.gl.at.ply.gg az-marathon.gl.at.ply.gg back-logical.gl.at.ply.gg bad-infections.gl.at.ply.gg bank-playlist.gl.at.ply.gg based-grande.gl.at.ply.gg battery-nathan.gl.at.ply.gg beach-comics.gl.at.ply.gg beautiful-reliable.gl.at.ply.gg beautiful-royalty.gl.at.ply.gg become-eggs.gl.at.ply.gg being-literacy.gl.at.ply.gg being-paying.gl.at.ply.gg best-constitutional.gl.at.ply.gg between-beats.gl.at.ply.gg bid-worm.gl.at.ply.gg bit-number.gl.at.ply.gg blood-acts.gl.at.ply.gg boards-pearl.gl.at.ply.gg book-access.gl.at.ply.gg book-constraint.gl.at.ply.gg boston-wherever.gl.at.ply.gg box-egyptian.gl.at.ply.gg box-sticks.gl.at.ply.gg boys-toward.gl.at.ply.gg brand-relocation.gl.at.ply.gg bring-wants.gl.at.ply.gg budget-whose.gl.at.ply.gg building-eliminate.gl.at.ply.gg bush-gm.gl.at.ply.gg businesses-lloyd.gl.at.ply.gg button-our.gl.at.ply.gg button-saw.gl.at.ply.gg can-viral.gl.at.ply.gg case-shield.gl.at.ply.gg casino-lenses.gl.at.ply.gg categories-cnet.gl.at.ply.gg cause-cables.gl.at.ply.gg cd-screens.gl.at.ply.gg centre-siemens.gl.at.ply.gg century-mineral.gl.at.ply.gg chinese-being.gl.at.ply.gg chinese-mailing.gl.at.ply.gg choose-commander.gl.at.ply.gg christian-muscle.gl.at.ply.gg christian-under.gl.at.ply.gg city-regulatory.gl.at.ply.gg clear-relatively.gl.at.ply.gg clothing-au.gl.at.ply.gg color-thanks.gl.at.ply.gg com-bg.gl.at.ply.gg com-compression.gl.at.ply.gg come-talent.gl.at.ply.gg coming-ds.gl.at.ply.gg comment-charge.gl.at.ply.gg common-combo.gl.at.ply.gg communications-winner.gl.at.ply.gg compare-hansen.gl.at.ply.gg compare-textbook.gl.at.ply.gg condition-hockey.gl.at.ply.gg construction-diana.gl.at.ply.gg contains-iraq.gl.at.ply.gg contents-telecom.gl.at.ply.gg continue-io.gl.at.ply.gg contract-belt.gl.at.ply.gg copyright-spider.gl.at.ply.gg corporate-configure.gl.at.ply.gg could-seller.gl.at.ply.gg credit-qty.gl.at.ply.gg cross-forces.gl.at.ply.gg currently-bibliography.gl.at.ply.gg currently-mph.gl.at.ply.gg customers-niger.gl.at.ply.gg customers-printed.gl.at.ply.gg cut-adult.gl.at.ply.gg date-exchanges.gl.at.ply.gg dating-tie.gl.at.ply.gg david-rpm.gl.at.ply.gg days-bikes.gl.at.ply.gg days-virtual.gl.at.ply.gg dead-reviewer.gl.at.ply.gg dead-treatment.gl.at.ply.gg deals-baltimore.gl.at.ply.gg deals-pharmacies.gl.at.ply.gg death-quotes.gl.at.ply.gg debt-comparable.gl.at.ply.gg dec-jam.gl.at.ply.gg december-square.gl.at.ply.gg decision-dollar.gl.at.ply.gg default-faqs.gl.at.ply.gg default-jamie.gl.at.ply.gg default-v.gl.at.ply.gg degree-inspections.gl.at.ply.gg degree-remarks.gl.at.ply.gg designed-cove.gl.at.ply.gg desktop-helen.gl.at.ply.gg develop-abortion.gl.at.ply.gg develop-night.gl.at.ply.gg disclaimer-polyester.gl.at.ply.gg discount-nasty.gl.at.ply.gg disease-dividend.gl.at.ply.gg division-spencer.gl.at.ply.gg dog-realistic.gl.at.ply.gg domain-ce.gl.at.ply.gg done-exploring.gl.at.ply.gg due-fixed.gl.at.ply.gg during-wires.gl.at.ply.gg earth-residence.gl.at.ply.gg earth-typically.gl.at.ply.gg earth-zshops.gl.at.ply.gg edition-drums.gl.at.ply.gg education-perfume.gl.at.ply.gg effect-commodity.gl.at.ply.gg effective-packages.gl.at.ply.gg electric-classified.gl.at.ply.gg electronic-secretariat.gl.at.ply.gg email-pg.gl.at.ply.gg environmental-raised.gl.at.ply.gg error-casey.gl.at.ply.gg established-broke.gl.at.ply.gg estate-legs.gl.at.ply.gg et-acid.gl.at.ply.gg even-receives.gl.at.ply.gg event-abs.gl.at.ply.gg ever-strength.gl.at.ply.gg every-baseline.gl.at.ply.gg every-unnecessary.gl.at.ply.gg everyone-subjective.gl.at.ply.gg evidence-grad.gl.at.ply.gg expected-illness.gl.at.ply.gg face-intermediate.gl.at.ply.gg fall-sustained.gl.at.ply.gg father-framework.gl.at.ply.gg fax-my.gl.at.ply.gg feature-humanities.gl.at.ply.gg features-cb.gl.at.ply.gg february-manager.gl.at.ply.gg february-potentially.gl.at.ply.gg february-wages.gl.at.ply.gg feed-reservation.gl.at.ply.gg fees-harvey.gl.at.ply.gg feet-tomato.gl.at.ply.gg female-daughter.gl.at.ply.gg female-provides.gl.at.ply.gg field-molecules.gl.at.ply.gg find-lecture.gl.at.ply.gg fish-sexual.gl.at.ply.gg flowers-recovered.gl.at.ply.gg following-s.gl.at.ply.gg food-boy.gl.at.ply.gg for-czech.gl.at.ply.gg for-nails.gl.at.ply.gg force-death.gl.at.ply.gg form-hardcover.gl.at.ply.gg format-topics.gl.at.ply.gg forum-throw.gl.at.ply.gg found-incidence.gl.at.ply.gg free-fever.gl.at.ply.gg french-speeches.gl.at.ply.gg friends-draw.gl.at.ply.gg front-realm.gl.at.ply.gg function-charging.gl.at.ply.gg funds-andale.gl.at.ply.gg funds-weather.gl.at.ply.gg further-r.gl.at.ply.gg g-vocational.gl.at.ply.gg george-cas.gl.at.ply.gg gift-map.gl.at.ply.gg give-harder.gl.at.ply.gg government-program.gl.at.ply.gg groups-bread.gl.at.ply.gg groups-plant.gl.at.ply.gg hand-recommendation.gl.at.ply.gg here-discusses.gl.at.ply.gg hi-dimensional.gl.at.ply.gg high-temp.gl.at.ply.gg homepage-allah.gl.at.ply.gg horse-undertake.gl.at.ply.gg horse-uv.gl.at.ply.gg hotels-nursery.gl.at.ply.gg house-experiencing.gl.at.ply.gg housing-deck.gl.at.ply.gg how-add.gl.at.ply.gg how-additional.gl.at.ply.gg hp-simplified.gl.at.ply.gg html-group.gl.at.ply.gg human-walked.gl.at.ply.gg improve-sells.gl.at.ply.gg india-singer.gl.at.ply.gg industrial-six.gl.at.ply.gg inn-coverage.gl.at.ply.gg instead-yn.gl.at.ply.gg instructions-excluded.gl.at.ply.gg insurance-smith.gl.at.ply.gg internal-medication.gl.at.ply.gg internet-scholars.gl.at.ply.gg into-ea.gl.at.ply.gg introduction-broader.gl.at.ply.gg introduction-nations.gl.at.ply.gg introduction-showing.gl.at.ply.gg investment-die.gl.at.ply.gg involved-failing.gl.at.ply.gg involved-heather.gl.at.ply.gg is-modem.gl.at.ply.gg island-cd.gl.at.ply.gg italy-completed.gl.at.ply.gg item-hazard.gl.at.ply.gg items-italian.gl.at.ply.gg items-separated.gl.at.ply.gg items-vast.gl.at.ply.gg its-type.gl.at.ply.gg j-randy.gl.at.ply.gg james-replies.gl.at.ply.gg jan-given.gl.at.ply.gg java-ireland.gl.at.ply.gg joined-healing.gl.at.ply.gg journal-makers.gl.at.ply.gg july-ethernet.gl.at.ply.gg k-arrives.gl.at.ply.gg kitchen-literature.gl.at.ply.gg know-pole.gl.at.ply.gg know-where.gl.at.ply.gg knowledge-soc.gl.at.ply.gg language-forums.gl.at.ply.gg late-ntsc.gl.at.ply.gg late-opt.gl.at.ply.gg latest-grande.gl.at.ply.gg leading-string.gl.at.ply.gg learn-come.gl.at.ply.gg leave-corp.gl.at.ply.gg left-murder.gl.at.ply.gg legal-containing.gl.at.ply.gg length-approval.gl.at.ply.gg less-stick.gl.at.ply.gg let-comment.gl.at.ply.gg letter-rising.gl.at.ply.gg letter-young.gl.at.ply.gg like-mixing.gl.at.ply.gg limited-cord.gl.at.ply.gg links-tourism.gl.at.ply.gg links-transition.gl.at.ply.gg little-paint.gl.at.ply.gg living-ut.gl.at.ply.gg loans-binary.gl.at.ply.gg long-associate.gl.at.ply.gg longer-verbal.gl.at.ply.gg look-fever.gl.at.ply.gg los-ensures.gl.at.ply.gg lot-cooked.gl.at.ply.gg ltd-legislation.gl.at.ply.gg ltd-postings.gl.at.ply.gg lyrics-successfully.gl.at.ply.gg m-trailers.gl.at.ply.gg mailing-ideas.gl.at.ply.gg mailing-melbourne.gl.at.ply.gg main-electronic.gl.at.ply.gg maintenance-species.gl.at.ply.gg maintenance-whale.gl.at.ply.gg major-alloy.gl.at.ply.gg major-troy.gl.at.ply.gg making-pipeline.gl.at.ply.gg manager-contributed.gl.at.ply.gg martin-ent.gl.at.ply.gg master-glasses.gl.at.ply.gg master-israeli.gl.at.ply.gg mature-votes.gl.at.ply.gg maximum-regular.gl.at.ply.gg means-adjacent.gl.at.ply.gg medicine-produce.gl.at.ply.gg medicine-quarter.gl.at.ply.gg meet-responses.gl.at.ply.gg meeting-mounts.gl.at.ply.gg member-cancel.gl.at.ply.gg member-ceiling.gl.at.ply.gg memory-timely.gl.at.ply.gg men-mails.gl.at.ply.gg menu-companion.gl.at.ply.gg mind-tablet.gl.at.ply.gg model-democratic.gl.at.ply.gg modern-departure.gl.at.ply.gg modified-buffalo.gl.at.ply.gg money-florida.gl.at.ply.gg month-expects.gl.at.ply.gg more-harper.gl.at.ply.gg most-airports.gl.at.ply.gg movie-midnight.gl.at.ply.gg movies-arch.gl.at.ply.gg movies-motel.gl.at.ply.gg much-materials.gl.at.ply.gg multi-pepper.gl.at.ply.gg name-sonic.gl.at.ply.gg near-google.gl.at.ply.gg necessary-cement.gl.at.ply.gg needed-acknowledge.gl.at.ply.gg net-pittsburgh.gl.at.ply.gg night-attachment.gl.at.ply.gg notes-ol.gl.at.ply.gg november-ambassador.gl.at.ply.gg november-viii.gl.at.ply.gg o-rca.gl.at.ply.gg of-wiring.gl.at.ply.gg office-group.gl.at.ply.gg ohio-share.gl.at.ply.gg on-rebound.gl.at.ply.gg opinion-arabia.gl.at.ply.gg opinion-connectors.gl.at.ply.gg opportunity-lectures.gl.at.ply.gg or-pros.gl.at.ply.gg organization-knights.gl.at.ply.gg organization-thailand.gl.at.ply.gg organizations-drug.gl.at.ply.gg overall-wx.gl.at.ply.gg owner-cc.gl.at.ply.gg owners-brands.gl.at.ply.gg package-rings.gl.at.ply.gg package-spaces.gl.at.ply.gg package-thee.gl.at.ply.gg page-studio.gl.at.ply.gg pages-babes.gl.at.ply.gg paid-copy.gl.at.ply.gg partner-josh.gl.at.ply.gg partners-quantitative.gl.at.ply.gg party-genius.gl.at.ply.gg payment-keep.gl.at.ply.gg paypal-saturday.gl.at.ply.gg pc-remix.gl.at.ply.gg people-closest.gl.at.ply.gg people-locks.gl.at.ply.gg percent-antiques.gl.at.ply.gg personal-carries.gl.at.ply.gg personal-nominations.gl.at.ply.gg personal-singing.gl.at.ply.gg phentermine-smith.gl.at.ply.gg phones-combination.gl.at.ply.gg photo-za.gl.at.ply.gg pictures-manual.gl.at.ply.gg plan-guess.gl.at.ply.gg player-paths.gl.at.ply.gg please-spears.gl.at.ply.gg plus-loves.gl.at.ply.gg point-extended.gl.at.ply.gg points-convinced.gl.at.ply.gg points-like.gl.at.ply.gg poker-beginning.gl.at.ply.gg poker-reminder.gl.at.ply.gg politics-sign.gl.at.ply.gg pop-median.gl.at.ply.gg popular-apparent.gl.at.ply.gg population-host.gl.at.ply.gg posts-winners.gl.at.ply.gg pre-gdp.gl.at.ply.gg present-sing.gl.at.ply.gg press-birds.gl.at.ply.gg prices-startup.gl.at.ply.gg print-swift.gl.at.ply.gg printer-engineer.gl.at.ply.gg prior-systems.gl.at.ply.gg privacy-colon.gl.at.ply.gg probably-telecommunications.gl.at.ply.gg process-certificates.gl.at.ply.gg processing-steel.gl.at.ply.gg product-functional.gl.at.ply.gg programme-spokesman.gl.at.ply.gg projects-rates.gl.at.ply.gg protein-mailed.gl.at.ply.gg pst-warned.gl.at.ply.gg questions-kelly.gl.at.ply.gg r-continental.gl.at.ply.gg radio-middle.gl.at.ply.gg rate-mpegs.gl.at.ply.gg ratings-hawaii.gl.at.ply.gg read-support.gl.at.ply.gg reason-gotten.gl.at.ply.gg reference-commodity.gl.at.ply.gg relations-dump.gl.at.ply.gg release-completed.gl.at.ply.gg remember-aviation.gl.at.ply.gg remote-crucial.gl.at.ply.gg reply-accidents.gl.at.ply.gg report-printed.gl.at.ply.gg report-reed.gl.at.ply.gg reported-ghana.gl.at.ply.gg reported-seeking.gl.at.ply.gg reports-warehouse.gl.at.ply.gg republic-incomplete.gl.at.ply.gg require-gdp.gl.at.ply.gg required-extent.gl.at.ply.gg requires-cream.gl.at.ply.gg resource-report.gl.at.ply.gg response-continuing.gl.at.ply.gg responsible-organ.gl.at.ply.gg restaurant-torture.gl.at.ply.gg result-recipient.gl.at.ply.gg results-got.gl.at.ply.gg results-towers.gl.at.ply.gg returns-national.gl.at.ply.gg reviews-flags.gl.at.ply.gg rights-brazilian.gl.at.ply.gg river-serves.gl.at.ply.gg rock-round.gl.at.ply.gg run-met.gl.at.ply.gg run-nuke.gl.at.ply.gg running-wearing.gl.at.ply.gg safe-rendered.gl.at.ply.gg sales-elite.gl.at.ply.gg san-harley.gl.at.ply.gg save-corp.gl.at.ply.gg say-polyphonic.gl.at.ply.gg school-respect.gl.at.ply.gg science-www.gl.at.ply.gg score-thesaurus.gl.at.ply.gg screen-documentation.gl.at.ply.gg sea-devon.gl.at.ply.gg season-aberdeen.gl.at.ply.gg season-emacs.gl.at.ply.gg see-entering.gl.at.ply.gg see-unix.gl.at.ply.gg seen-noon.gl.at.ply.gg selection-metres.gl.at.ply.gg self-ata.gl.at.ply.gg sell-interact.gl.at.ply.gg sep-former.gl.at.ply.gg series-satisfy.gl.at.ply.gg server-fitted.gl.at.ply.gg session-except.gl.at.ply.gg set-genealogy.gl.at.ply.gg shall-someone.gl.at.ply.gg share-spy.gl.at.ply.gg she-colonial.gl.at.ply.gg ships-anthropology.gl.at.ply.gg shopping-differ.gl.at.ply.gg should-bangladesh.gl.at.ply.gg should-nutritional.gl.at.ply.gg show-flame.gl.at.ply.gg side-ho.gl.at.ply.gg sign-occur.gl.at.ply.gg silver-bowl.gl.at.ply.gg similar-puerto.gl.at.ply.gg since-intensity.gl.at.ply.gg six-fleece.gl.at.ply.gg so-shoppers.gl.at.ply.gg software-valentine.gl.at.ply.gg sony-arts.gl.at.ply.gg sort-sleeve.gl.at.ply.gg space-caps.gl.at.ply.gg space-led.gl.at.ply.gg specified-boats.gl.at.ply.gg speed-canyon.gl.at.ply.gg stage-tim.gl.at.ply.gg stars-memories.gl.at.ply.gg starting-plaza.gl.at.ply.gg states-expert.gl.at.ply.gg still-safe.gl.at.ply.gg stock-law.gl.at.ply.gg stop-bbc.gl.at.ply.gg stores-engineering.gl.at.ply.gg stories-optimize.gl.at.ply.gg story-calculate.gl.at.ply.gg story-towers.gl.at.ply.gg string-ones.gl.at.ply.gg student-relation.gl.at.ply.gg students-healthy.gl.at.ply.gg studio-solar.gl.at.ply.gg stuff-mar.gl.at.ply.gg style-tractor.gl.at.ply.gg subjects-movements.gl.at.ply.gg subscribe-marina.gl.at.ply.gg summary-wool.gl.at.ply.gg super-marshall.gl.at.ply.gg surface-disco.gl.at.ply.gg system-resorts.gl.at.ply.gg t-trim.gl.at.ply.gg takes-steven.gl.at.ply.gg teaching-delivers.gl.at.ply.gg team-bathrooms.gl.at.ply.gg team-eagle.gl.at.ply.gg tech-cool.gl.at.ply.gg tel-airports.gl.at.ply.gg texas-frog.gl.at.ply.gg texas-quit.gl.at.ply.gg thanks-displayed.gl.at.ply.gg the-academics.gl.at.ply.gg the-mastercard.gl.at.ply.gg them-uniprotkb.gl.at.ply.gg third-ride.gl.at.ply.gg thomas-vp.gl.at.ply.gg three-bands.gl.at.ply.gg thus-muslims.gl.at.ply.gg tickets-saints.gl.at.ply.gg tips-sleeve.gl.at.ply.gg title-mechanics.gl.at.ply.gg to-deleted.gl.at.ply.gg told-pdt.gl.at.ply.gg toys-infrastructure.gl.at.ply.gg trade-civic.gl.at.ply.gg trip-specially.gl.at.ply.gg true-oh.gl.at.ply.gg try-inch.gl.at.ply.gg trying-shirts.gl.at.ply.gg tue-iceland.gl.at.ply.gg tuesday-menu.gl.at.ply.gg tx-configure.gl.at.ply.gg tx-weird.gl.at.ply.gg types-telecharger.gl.at.ply.gg uk-rebel.gl.at.ply.gg union-prayer.gl.at.ply.gg union-stock.gl.at.ply.gg unit-updates.gl.at.ply.gg university-stations.gl.at.ply.gg university-tall.gl.at.ply.gg until-nuts.gl.at.ply.gg up-rates.gl.at.ply.gg up-scanners.gl.at.ply.gg updates-figured.gl.at.ply.gg user-cas.gl.at.ply.gg using-license.gl.at.ply.gg usr-relevant.gl.at.ply.gg valley-elegant.gl.at.ply.gg value-brad.gl.at.ply.gg values-dice.gl.at.ply.gg van-foto.gl.at.ply.gg version-wanting.gl.at.ply.gg very-williams.gl.at.ply.gg via-herself.gl.at.ply.gg via-rosa.gl.at.ply.gg views-ticket.gl.at.ply.gg voice-dialogue.gl.at.ply.gg voice-tab.gl.at.ply.gg vote-dialog.gl.at.ply.gg w-advancement.gl.at.ply.gg wall-ownership.gl.at.ply.gg warning-hc.gl.at.ply.gg watch-apply.gl.at.ply.gg watch-rule.gl.at.ply.gg ways-significant.gl.at.ply.gg ways-slovak.gl.at.ply.gg weight-aid.gl.at.ply.gg went-phenomenon.gl.at.ply.gg what-redhead.gl.at.ply.gg while-interfaces.gl.at.ply.gg while-schools.gl.at.ply.gg william-citations.gl.at.ply.gg window-demo.gl.at.ply.gg wireless-tires.gl.at.ply.gg without-arrivals.gl.at.ply.gg without-candidates.gl.at.ply.gg woman-entities.gl.at.ply.gg worth-lesbians.gl.at.ply.gg would-ada.gl.at.ply.gg write-we.gl.at.ply.gg y-quality.gl.at.ply.gg y-sm.gl.at.ply.gg year-tim.gl.at.ply.gg york-gnome.gl.at.ply.gg young-moms.gl.at.ply.gg yourself-catholic.gl.at.ply.gg # Reference: https://twitter.com/SarlackLab/status/1743814926399910052 # Reference: https://www.virustotal.com/gui/file/da6233dc061a61811d75a450fea2d019442d84c20aaa7c45e7636b580d8e66a2/detection 85.195.105.85:7072 kennynanobelintourismedleonline.dumb1.com # Reference: https://www.virustotal.com/gui/file/f35b3a3ed4f9525f6093f500488c6b28e022f354a12786a2b66bee5197665069/detection nanocoretrillium.dynu.net # Reference: https://www.virustotal.com/gui/file/02bee671a927ac261fd9ca079f034542736f8cd7e668d06cb4b4e594e75b3796/detection 2.56.212.39:9191 corevirus.ddnsgeek.com # Reference: https://www.virustotal.com/gui/file/27fc024e206b537f9be1186c2e5a895c6c4ddd5d19bd6c27c911b02e2d125390/detection grounderblackrunner.kozow.com # Reference: https://www.virustotal.com/gui/file/12feef9907a6ee89660ec453de07faff4b9dcfd52d53a3d5a8ec224367404cbc/detection 54.39.245.150:8080 # Reference: https://www.virustotal.com/gui/file/bf0eff54295f8465b89d1269a891545618ebd4031d198d335994083fe34e2f0a/detection 194.5.98.103:5230 198.12.110.198:5230 91.121.250.247:5230 # Reference: https://twitter.com/SarlackLab/status/1744902106396446977 91.92.252.6:61715 # Reference: https://www.virustotal.com/gui/file/779eedaebe3f1d76b760eda47a8120fb492daf4e434db2f9672931ddeb700acd/detection windowsupdate.ddns.net # Reference: https://www.virustotal.com/gui/file/d0d1a1928103ac1bb1a64a3bb38ab44cf0e85e97d008bae1735e08a1b3058e7d/detection ratjj.ddns.net # Reference: https://www.virustotal.com/gui/file/6ab25b50183214c0349b233d73b6fe1ba1d8b0dff45ffe2a5b6161da468147d1/detection 91.92.255.203:5050 # Reference: https://www.virustotal.com/gui/file/2aef241c8c48579042670ef2dc6f1cf81fb9b83528c00332daae95950e97dd41/detection 103.114.104.158:1664 # Reference: https://twitter.com/SarlackLab/status/1746370610601533775 54.252.142.240:14280 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-01-15) 107.150.7.246:54984 139.84.228.75:22669 147.185.221.17:62984 193.142.59.209:54984 216.218.135.117:90 47.216.198.63:54984 # Reference: https://app.validin.com/axon?source=DNS&type=ip&find=91.92.252.40 # Reference: https://www.virustotal.com/gui/file/63ecfdef547d4a46d6b85fb8efe9e5f659f9195a3f1502b7f655d4036c5c69b7/detection 185.244.30.157:52650 79.134.225.12:52650 bingonlineservices.selfip.net tyueu112.ddns.net # Reference: https://www.virustotal.com/gui/file/10cb4b97c86f74f5431c9457faad4ffb51018ef2b13338ee2cc270205498e801/detection 91.92.252.40:61715 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-01-23) 130.0.238.42:54984 89.230.242.214:54984 91.92.243.16:6269 91.92.255.54:6513 93.242.10.67:54984 94.156.65.121:54984 94.156.65.121:65517 jogard.duckdns.org macgains.duckdns.org # Reference: https://www.virustotal.com/gui/file/08f39c24be554e44e231c7b8ded00770920b98407a0fbecb39311919bb7a788f/detection # Reference: https://www.virustotal.com/gui/file/274e4183558f6679eddd5dd2991078194d0823546a0b5e6ec5cc50a9bd15d2ee/detection # Reference: https://www.virustotal.com/gui/file/74b0628f720b211fb01b092775ead2b3a82b8b977376bbfbaaf2482b6766432f/detection # Reference: https://www.virustotal.com/gui/file/7d63a6e8afbfd71bf4993f27e2b30a0e7b0b4969bf71297594f28d96975a2fc3/detection burkycloudflare.workers.dev # Reference: https://twitter.com/SarlackLab/status/1750503853437424001 91.92.242.242:6051 # Reference: https://www.virustotal.com/gui/file/aeec5c5a08dc2b246396e6cc038d4d91fd3ab18c536ecc4b7ce0ac887a050cef/detection 185.81.157.150:59 newdrix.ddns.net # Reference: https://www.virustotal.com/gui/file/b98a0232d3f1a67df56120e02fd0877cda1c62399159fa1700802d7e50b93d24/detection 196.117.170.5:30001 froumhokaile.mywire.org # Reference: https://twitter.com/SarlackLab/status/1750760541184765959 46.196.24.72:54984 # Reference: https://www.virustotal.com/gui/file/9b40ddd2bda9e53615af721d76c7e096bc0a9071ddff71288fd3669f76816dcc/detection 139.167.172.50:1600 akku.duckdns.org # Reference: https://twitter.com/SarlackLab/status/1750851153456173195 103.167.90.225:4251 # Reference: https://www.virustotal.com/gui/file/0cd2d3a0889b80d09e140e4906b76027c64fb44c5a9aaf1317f54a00bcbe83a4/detection 141.255.144.61:8080 cobaiadanet.ddns.net # Reference: https://twitter.com/SarlackLab/status/1751228644964360433 # Reference: https://www.virustotal.com/gui/file/fcbe2ceaf680fc8f9b379dc41fc3d88887478965321551b385a40dd42c6dd4cc/detection # Reference: https://www.virustotal.com/gui/file/7945cdf866ba3cd80cc31c851bbb4b321339e168550d862ea3378503404307c8/detection 142.67.130.172:54999 76.11.95.217:31337 divert64.hopto.org elmafisher.servepics.com scamonly.gotdns.ch # Reference: https://www.virustotal.com/gui/file/618a46164267ad7743c367d98f92860184a01d4b93f5fdf4a98bdd6515afe290/detection 142.67.133.144:58037 172.98.80.5:58037 dev.3utilities.com winservices0.hopto.org # Reference: https://twitter.com/SarlackLab/status/1751349444195279308 # Reference: https://www.virustotal.com/gui/file/6b022147da43fb2b94bc2939044986570bd09dc1a0afbc7caa956c82954d608c/detection # Reference: https://www.virustotal.com/gui/file/3aa231b88fad6d6ee68b75b9fdcecdfa8dd77af5991600ffd73bc8a59ddcf747/detection # Reference: https://www.virustotal.com/gui/file/2c11c0f14edbe2f966b5ad5f240b5da6be7bd1c6c9fbabff1dcc925ba1cabe2c/detection # Reference: https://www.virustotal.com/gui/file/1b0f0f68bba4c25b14187378bebf8db9dce85ec634e7375b53a287ad2dc12ea2/detection 90.15.154.112:4899 victacking.ddns.net # Reference: https://www.virustotal.com/gui/file/f2b83b05f1b98782d2899398d9d1ec4ba8bd1305b4bb9821c236c0ea0da2ed64/detection # Reference: https://www.virustotal.com/gui/file/dce6a3d0abb9a5cda6117d36e5e3bf6359147e400e5a1e88381c5ac3e4b3a6e1/detection # Reference: https://www.virustotal.com/gui/file/cbc16991bac8309fc33c27e62b8192843932ae73c0dce8d12183bd6b60edec22/detection 90.15.154.112:54984 90.15.154.112:54994 90.15.154.112:7707 lehostdevicta.ddns.net # Reference: https://twitter.com/SarlackLab/status/1751606114108526851 185.222.58.84:8990 # Reference: https://twitter.com/SarlackLab/status/1751908253619916928 192.169.69.25:3003 # Reference: https://www.virustotal.com/gui/file/1be7fd142b96667cd0a8dc7999430c91636375510e97422cb485b3ab066056f4/detection 197.210.85.147:8765 christainbleek.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/197.210.85.147/relations miyatan.publicvm.com # Reference: https://twitter.com/SarlackLab/status/1751968617132962006 # Reference: https://www.virustotal.com/gui/file/05de2544ddd7a02ccc42689d5b43404fdd9df5d0f20e514c9cad978e113e6dc6/detection 192.169.69.26:65517 94.156.67.11:65517 # Reference: https://www.virustotal.com/gui/file/198a1f987275796f772cde4fb12e97427b5be5c256f08bfce44b5f61e157f185/detection 78.135.63.225:53081 # Reference: https://www.virustotal.com/gui/file/705bc7195bef7a1304004fcd66143fb2943dbc338b21638f4f33f828c31b1e2c/detection tzitziklishop3.ddns.net # Reference: https://www.virustotal.com/gui/file/e41641e4512e04ca3939bb31c1ac2beed5253aa124eaebb9ce263b6a75c49652/detection 89.149.23.88:20427 technoblade.ddns.net # Reference: https://twitter.com/SarlackLab/status/1753735306237354152 191.101.209.29:20427 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-02-03) 3.132.159.158:17366 3.140.223.7:17366 3.141.142.211:17366 3.141.177.1:17366 3.141.210.37:17366 39.32.193.156:54984 45.154.98.217:54984 184.72.44.51:17240 50.18.8.146:17240 52.8.87.87:17240 54.193.184.75:17240 # Reference: https://www.virustotal.com/gui/file/0b9ca6e1597ec89cc959fd7f59820216473675c4178cccc5a533551ab8a61099/detection 78.92.32.96:6923 84.2.81.135:6923 tuxy.ddns.net # Reference: https://www.virustotal.com/gui/file/31a0c7357057f36725bafc6e999687d925c36a93a0d938aed4736a5c16e89741/detection 178.73.218.5:24251 46.246.14.4:24251 mr24251.duckdns.org # Reference: https://twitter.com/SarlackLab/status/1754158108736176596 94.156.69.37:54984 updacon.hopto.org updata.hopto.org # Reference: https://www.virustotal.com/gui/file/0e265d5af1a5336a122ed19292094bcf17d88b734a52b771c5a1cb061534b405/detection 203.159.80.107:4738 # Reference: https://www.virustotal.com/gui/file/b85c3a94c2a3baf49a21d178fdbd5eb4878525d7f8950bd8e2602281b6c5473d/detection 163.123.142.157:6703 # Reference: https://www.virustotal.com/gui/file/e235ea6049cb87bd6dc3a99f03fca2b73c72a557136acbfaf6b20a084a54e14f/detection 212.192.241.5:6703 # Reference: https://www.virustotal.com/gui/file/03030b4b8956e90558cbca148708bef3cbc18f17e14af330d1f22a16bc45ca4c/detection 163.123.142.157:6703 185.102.170.122:6703 195.133.18.121:6703 195.133.40.19:6703 203.159.80.107:6703 203.159.80.165:6703 37.0.10.40:6703 37.0.11.232:6703 37.0.11.28:6703 37.0.11.39:6703 37.0.8.214:6703 80.209.237.19:6703 # Reference: https://www.virustotal.com/gui/file/7d5c964e4efa00ac05a78f01a08711b4a5be766cd315349df6d385429daad481/detection 154.195.152.232:63641 # Reference: https://www.virustotal.com/gui/file/80c674f0c8f3b35f3b7487772ff5905424a9740cab8dfc5dcbae3f2074f26236/detection 94.156.64.228:61715 # Reference: https://twitter.com/SarlackLab/status/1754973419966194073 # Reference: https://www.virustotal.com/gui/ip-address/216.218.135.118/relations 216.218.135.118:9583 3252352356262.ddns.net 43254245.ddns.net 7hxh213.ddns.net ablegod2020.ddns.net akpisk.ddns.net allajbuyuktur99.ddns.net anyibest1994.ddns.net anyibillion2020.ddns.net apolion.ddns.net asorock11111.ddns.net bellachao.ddns.net billion30.ddns.net blessings2020.ddns.net chibueze46.ddns.net cholitoloco.ddns.net cifra.hopto.org dadav.ddns.net darxdarxdar.ddns.net dhl.ddns.net dmak777.ddns.net dontfwithme.ddns.net emmyvision2020.ddns.net engineservs.ddns.net fazzis123321.ddns.net fsafsa234132131.ddns.net gemalto.ddns.net german007.ddns.net goodblessing.ddns.net idareyoutoping.zapto.org itech4u.ddns.net johnmark4life.ddns.net kaban1488.ddns.net kahahsv.ddns.net kmt2.ddns.net legitfilehost4datas.ddns.net lojed66072.ddns.net luckyserverhostdata.ddns.net mailduplicate.ddns.net makarti.ddns.net manojvashanava234.sytes.net marketingsiamgrains.zapto.org markscott.ddns.net maxchuks256.ddns.net michellewach.myddns.me minecraftservernlen.ddns.net ministeredelasantnj.sytes.net motohack.ddns.net mrm7md8d.ddns.net myriv.ddns.net near078.ddns.net nedware.bounceme.net newgrace.ddns.net noelmillz.ddns.net orisxao.ddns.net pssssssssss.ddns.net psychoserver.ddns.net raba1.ddns.net ronsimso08.ddns.net sanihaxhia.ddns.net sspowerdubhai.ddns.net subshakshay.ddns.net successfulguy.ddns.net sungi.ddns.net support.gotdns.ch systemcomms.sytes.net systemsupport.ddns.net uniformxd.ddns.net up10grade.sytes.net w1w2w3.hopto.org winmore247.ddns.net worstnowyes.ddns.net wtfesr2325232.serveftp.com # Reference: https://twitter.com/SarlackLab/status/1755230146733211740 192.169.69.26:64418 # Reference: https://twitter.com/SarlackLab/status/1755486791098831259 46.183.220.203:40935 airvpn-lv.ddns.net jakesjacket.duckdns.org jakesqbit.duckdns.org jakesradar.duckdns.org jakessonar.duckdns.org kiwtreyy456rwty.duckdns.org # Reference: https://www.virustotal.com/gui/file/b0789be37c5d48b2f6ec00316510d2a7181be8829ac68cc7e8cd262060680e7e/detection # Reference: https://www.virustotal.com/gui/file/41e90e3f23846b476f2a80715577d8ea93feb792349734bb7bc390c1c6174df3/detection 185.140.53.11:20 185.140.53.11:55 185.140.53.171:20 185.140.53.171:55 91.193.75.131:20 91.193.75.131:55 amoryamistad9000.duckdns.org arbneshashehu.duckdns.org ngbasync.duckdns.org # Reference: https://www.virustotal.com/gui/file/e9d8ceb9e634ab8174eb3275442556f9c4a6f3ff69c08aa0c5f2ee40567bd3b3/detection 194.5.98.235:9997 # Reference: https://www.virustotal.com/gui/file/cd204bf34d782c579bc1f48c538cf34a70c3b544583906d163c7e306354562c2/detection 194.5.98.235:20 # Reference: https://www.virustotal.com/gui/file/8c3ddd61bdc71e5b8df62c7554703f5f9d2c6cc2e1874ef9788b56c9e5c25875/detection 194.5.98.235:4588 # Reference: https://www.virustotal.com/gui/file/473d1d3f2d9f13fd3a04c50ea9936999033f322d8ac69703d85fc318bef81c21/detection 194.5.98.235:61537 # Reference: https://www.virustotal.com/gui/file/25032de84b3ca4c7501f6cb1921196c0722dde4c64871f361cb8eee32494f6a7/detection 41.190.31.140:8605 phenoms.ddns.net # Reference: https://www.virustotal.com/gui/file/c8f07c9dda36d7e448398f137ac3d5edff2cb2edee342e6da24fcc75ee53181a/detection 185.140.53.171:9997 # Reference: https://www.virustotal.com/gui/file/f1bfb0abbe980cdf1a0a4425076839567f67dfac336b0e8c78b4417b97bcf51e/detection 93.75.154.103:54984 dneprolom.ddns.net sirusok13.ddns.net sirusok13.keenetic.pro sirusok2311.ddns.net # Reference: https://www.virustotal.com/gui/file/da7340880fa8396d64a5b37f59abd1b025234b95fefc936699fbd2bfb7039ec3/detection 188.126.90.13:56526 madlogs2018.ddns.net # Reference: https://www.virustotal.com/gui/file/725638efbdecf58477214cc06d7774e4acbee4393dbf57436ffb8739f3782a08/detection # Reference: https://www.virustotal.com/gui/file/04912f0b103186ee1ba396a1ba4a43890f44c42da2579e3a7a26648f3439a9b2/detection 88.165.236.23:64278 nanocore73.zapto.org # Reference: https://www.virustotal.com/gui/file/6a0b8f403b660202a6d599aa998802af71064fa3cdbbc2377b75885149cf1773/detection 185.29.10.51:5211 jmoha66808.ddns.net # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-02-24) http://218.156.253.232 103.114.104.158:1663 128.90.145.218:54984 139.84.139.29:5273 140.82.54.39:54984 172.187.200.225:443 185.161.208.123:8763 185.29.11.37:54984 192.169.69.26:1177 192.169.69.26:313 222.114.183.144:54984 3.13.191.225:18237 3.131.147.49:16825 3.133.207.110:16825 3.134.125.175:18237 3.134.39.220:18237 3.136.65.236:16825 3.138.180.119:16825 3.14.182.203:18237 3.17.7.232:18237 3.22.30.40:18237 31.6.179.181:54984 38.146.219.232:54984 41.68.133.39:54984 43.143.228.239:7766 45.74.60.199:54984 45.88.186.108:54984 5.39.43.50:3456 50.3.70.191:54984 67.213.108.79:4782 72.69.74.23:54984 82.117.230.122:54984 83.213.157.103:1515 84.17.61.179:54984 87.3.215.35:65199 88.165.236.23:54985 94.156.64.228:65517 elianisgalidon3020.duckdns.org ihateciroparisi.serveminecraft.net kgj112233.codns.com # Reference: https://twitter.com/SarlackLab/status/1761798420396736576 # Reference: https://www.virustotal.com/gui/file/b958e36e93d80636de88dfef2d66659a4b97642b198ccf5ae7a685ef78721745/detection # Reference: https://www.virustotal.com/gui/file/9f124cc051efd9492f53488f2a60642d552900fb0f70f465e520fee11d60b481/detection 87.88.94.223:54984 87.88.94.223:5589 pezow.ovh id.pezow.ovh pve.pezow.ovh # Reference: https://www.virustotal.com/gui/file/6eed2122af8b437db0aad59f6eb3c817aa84e9047c7043d7fa60cf171fe63463/detection 185.244.31.24:54984 # Reference: https://www.virustotal.com/gui/file/bc9974c73518623c4cb767b21611acd3c985127d0ac869c8f4122dc3268d62dd/detection 91.193.75.10:3531 # Reference: https://www.virustotal.com/gui/file/4cab4ce09cade6e59399735f831acf6e065f3e39a115b2c05f62fb7e4f9e6f63/detection 212.7.208.105:1155 # Reference: https://www.virustotal.com/gui/file/b9f3d42408db0e7b7bc9a34124fe18fc9d9fb4d39b392771bbe6df4b9ec46561/detection # Reference: https://www.virustotal.com/gui/file/a5321f2108e0ac3fb6186844edf6056c3ff557beda200f1a13a579f90afe05ee/detection 107.174.70.27:4040 185.244.31.16:4040 script6060.ddns.net # Reference: https://www.virustotal.com/gui/file/1618b11928479c0448d91bc960012095def764723d6879c63644cec822938bae/detection 212.7.208.95:3637 smithmario.ddns.net # Reference: https://www.virustotal.com/gui/ip-address/212.7.208.105/relations mrsweiofficial.duckdns.org ngabito.servebeer.com sftdcrew.jumpingcrab.com smithmario.chickenkiller.com # Reference: https://www.virustotal.com/gui/file/65c2f1c85650dbb08a28f550550813a9217661f1d50de782cd18066097ea9d9d/detection 185.225.73.187:1990 # Reference: https://www.virustotal.com/gui/file/8779353c362f4da8be48f962f14e1a0f7e3b957767b358806441c690179c6132/detection 171.22.30.253:3542 # Reference: https://twitter.com/SarlackLab/status/1770360499303027096 # Reference: https://www.virustotal.com/gui/ip-address/194.147.140.141/relations 194.147.140.141:8100 allmyjob.duckdns.org indigopeter.ddns.net nanomarch8100.duckdns.org # Reference: https://www.virustotal.com/gui/file/d513854639b9edde5577df7925356c0d7a8d0269fa7876a914c2d710e3e19ca2/detection # Reference: https://www.virustotal.com/gui/file/7e5cd0f768e4ba46d189611a0e3bb9d7e65bfcafbce331fa4727d29602f82248/detection 185.222.57.84:2741 # Reference: https://rexorvc0.com/2024/03/25/NanoCore_Update/ # Reference: https://www.virustotal.com/gui/file/d679d6613e06d554b15466aaca0982fe77132188696d7c09d7873d460b3b4c79/detection # Reference: https://www.virustotal.com/gui/file/12a061b82ef5bc4becaee8f9069db0375fb461302107dd4d53dc85522df8c8e8/detection # Reference: https://www.virustotal.com/gui/file/b23239ed530027cd6332ae70044daf31516721ae42f568c7af44a077e20e7ce0/detection # Reference: https://www.virustotal.com/gui/file/f2b8ab95d31e2e8381965f6ca4f2f1cf6226e11604375733bed3bc59334dfac0/detection 194.147.140.151:9090 91.193.75.249:2456 94.156.69.145:64418 baggard437.ddns.net customcheats.ddns.net seeno.hopto.org # Reference: https://www.virustotal.com/gui/file/85b67b251911e62315280221350ee2cea5f5fc489f703a1fd2739ed128782df7/detection # Reference: https://www.virustotal.com/gui/file/347a53fcbc562cc996da731a2098fdc112e00581e852062be8b3b379c3a504c9/detection 194.147.140.138:3615 readytogo.sytes.net # Reference: https://www.virustotal.com/gui/file/9884096c61f66623858aae0d951fcc987a6d38faecb8986d0840b63662af90fb/detection 193.37.254.67:15230 194.147.140.136:15230 2023endofyear.duckdns.org # Reference: https://www.virustotal.com/gui/file/832ae6a611b1abb3b56c91cf01f7db4b8bad48d1019bbce6fcffbfadabdf2688/detection 209.73.100.130:6969 kingjoker420.ddnsking.com # Reference: https://www.virustotal.com/gui/file/0a077ce09a841ef7ed4e292efd9df007dfba54420357678814c568e1e00e7d99/detection 194.147.140.149:6060 # Reference: https://threatfox.abuse.ch/browse/malware/win.nanocore/ (# 2024-04-06) http://39.120.184.43 103.125.189.138:54984 103.151.123.225:1664 111.229.114.158:54984 146.70.198.22:60129 147.189.168.81:54984 172.111.139.205:54984 172.111.139.246:54984 172.111.139.88:54984 172.111.159.146:54984 176.135.229.160:54984 18.158.249.75:11720 18.192.31.165:11720 192.169.69.26:7719 194.147.140.158:2323 200.217.111.70:54984 23.94.30.124:54984 24.24.236.97:54984 3.124.142.205:11720 3.125.102.39:11720 3.125.209.94:11720 3.125.223.134:11720 3.6.115.182:10651 3.6.115.182:15030 3.6.115.64:15030 3.6.122.107:10651 3.6.122.107:15030 3.6.30.85:10651 3.6.30.85:15030 3.6.98.232:10651 3.6.98.232:15030 41.68.131.21:54984 45.154.96.48:54984 45.74.50.132:54984 45.74.50.53:54984 45.95.169.113:3190 45.95.169.113:4190 82.67.69.234:54984 89.213.140.91:54984 91.92.245.231:56648 91.92.245.231:64418 93.123.39.100:8763 api.fwfy.club appdiscordgg.duckdns.org tzitziklishop4.ddns.net # Reference: https://www.virustotal.com/gui/file/3198f2bde1d3adefb1e63ba7dcfeeec2c7b9d31e6bd0edfa220f444b53e3e63a/detection 185.8.153.27:53773 # Reference: https://www.virustotal.com/gui/file/05313016547f4333a754bc06925283b5db426b462815be01c170b7ff27dc2bb7/detection # Reference: https://www.virustotal.com/gui/file/bc7ce5f904c600b73f1765e5479662db545ffb2ca097055e638ae27253941245/detection 111.90.149.119:9284 2.56.212.39:9482 87.98.245.48:9482 marriesortanoneline.ddnsgeek.com