# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://www.fireeye.com/blog/threat-research/2017/05/threat-actors-leverage-eternalblue-exploit-to-deliver-non-wannacry-payloads.html hackqz.f3322.org 120.209.40.157:8880 # Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Nitol-P/detailed-analysis.aspx dingtao333.3322.org # Reference: https://twitter.com/securiteoff/status/739574861543149568 # Reference: https://www.virustotal.com/gui/file/20d841afa96e58fb7d2b4c5e8bb25d07ff36e25bbb14fc176f3f46c650cb016e/detection feng12763.3322.org qlsb.f3322.net # Reference: https://twitter.com/P3pperP0tts/status/1153026768590258179 520yxsf.com # Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2012/2012-04-19-digging-into-the-nitol-ddos-botnet/digging-into-the-nitol-ddos-botnet.csv aisini1314.3322.org bcl5736120.3322.org ccddos.net erwbtkidthetcwerc.com fangqi.6600.org fangqi.7766.org fuck0313.6600.org guangkuo119.3322.org kankan902.3322.org ksattack.6600.org maguss.3322.org maple110.3322.org mybaccy.3322.org rterybrstutnrsbberve.com rvbwtbeitwjeitv.com sousou123.3322.org xin9liao.gnway.net xinxin168.3322.org xiong97.3322.org yezi999.3322.org ylddos.3322.org zwx5060.3322.org # Reference: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/tale-of-the-two-payloads-trickbot-and-nitol/ # Reference: https://github.com/AlienVault-OTX/Threat-Trends/blob/master/MaliciousDomains_UmbrellaRanking.csv e.googlex.me # Reference: https://asec.ahnlab.com/1031 b.googlex.me # Reference: https://www.virustotal.com/gui/file/62010ae6b25999cbc37c935c163285f571294f4732965c66b9233a7573c13c10/detection w.googlex.me m.googlex.me # Reference: https://totalhash.cymru.com/network/?dnsrr:*.googlex.me w.googlex.me m.googlex.me googlex.me # Reference: https://twitter.com/pancak3lullz/status/748172641131847681 # Reference: https://www.virustotal.com/gui/ip-address/110.173.30.68/relations 110.173.30.68:1111 110.173.30.68:1150 110.173.30.68:1380 110.173.30.68:1472 110.173.30.68:2013 110.173.30.68:2014 110.173.30.68:6666 110.173.30.68:8080 110.173.30.68:8085 110.173.30.68:8089 xiaoaolong.f3322.org # Reference: https://twitter.com/pancak3lullz/status/744918444265578496 # Reference: https://www.virustotal.com/gui/file/a2d02236c2a9684310d95d5a98734d17d226da16607f98903e0a5f9d62298521/detection # Reference: https://www.virustotal.com/gui/file/40ac46478014d0a89f787c25dd380424b0e16913bd5ff03db90c32b75aa10c35/detection 173.254.236.5:8900 45.34.191.179:8900 119.147.145.218:8511 wx137672811.f3322.net # Reference: https://twitter.com/pancak3lullz/status/740562923639046146 # Reference: https://www.virustotal.com/gui/file/e39a3ca5574dfba2bd29a71b933c9bf22633baad10c7fcac5abbc700e5b8f175/detection 183.60.202.97:1993 longge520.f3322.net qlsb.f3322.net # Reference: https://twitter.com/pancak3lullz/status/739878964064194560 aabao.top a.aklianfa.com # Reference: https://www.virustotal.com/gui/domain/leiyan.hk/relations leiyan.hk # Reference: https://twitter.com/pancak3lullz/status/739573412973150208 zhaojinyi5045.f3322.org # Reference: https://twitter.com/pancak3lullz/status/742832969539158017 125.88.146.61:9595 hackxiao.top # Reference: https://www.virustotal.com/gui/file/9ea76521dacafc0437c12d3e7b2db5e4cd27054c476e87dfe9fb2934bbd3668b/detection gyddos.com # Reference: https://www.virustotal.com/gui/file/87c00a2dbc7aad92c63afe8633dde5253da9dd8c663dfe257ab17c087c967b16/detection 61.160.232.140:65534 5302000.publicvm.com # Reference: https://www.virustotal.com/gui/file/f5ce87456cad6b035e20df4e3c8cfd6f68353913dbb78be8383036842c54ec69/detection 103.226.124.222:65534 # Reference: https://www.virustotal.com/gui/file/a624fd04789db3e1327fd981ac01b79c1d432819e752291843e4e4778794d6aa/detection 112.74.75.143:6666 # Reference: https://www.virustotal.com/gui/file/96a8382fe8bd91e1cf9ab358cb03f597dc3bcef66503275c17b914e28b438c92/detection 210.222.25.223:6666 # Reference: https://www.virustotal.com/gui/file/22bd3e766de31699464b08467a47b6c44f4825e4984221f74209cdb9c2b26756/detection 61.84.56.105:1234 # Reference: https://www.virustotal.com/gui/file/1b9c5b63df29807ca8dd96c4878d33dc2b1a3bed6a11e8e7bb29ba7a868ac341/detection sexgb.codns.com # Reference: https://www.virustotal.com/gui/file/bcf7e416d7fdb066b831720789ffffcde71e4e1ba99294a159ff342175d9c069/detection 182.225.123.146:8080 tv1004.codns.com # Reference: https://www.virustotal.com/gui/file/6bf39bbb04edf94d46ba9f1a80ac41a3113eac9befc02dc72444aa8e5a68ea55/detection # Reference: https://www.virustotal.com/gui/file/4406f6e797db9308fb2e7d37483f96c71f91fadc98d45539bbe4137f6a8bb241/detection 173.208.243.3:8090 173.208.243.4:8914 74.91.16.130:8089 74.91.16.132:8914 74.91.16.133:6688 imddos.my03.com # Reference: https://www.virustotal.com/gui/file/8b7539df3ca2a8d75f9ce1da69b66b761ff1661fe42b03f18103cd0b0f068956/detection 103.30.40.76:881 103.70.77.18:881 185.207.154.26:881 185.207.154.91:881 185.239.225.133:881 193.42.27.224:881 194.156.132.105:881 222.186.59.89:881 23.236.68.162:881 23.236.68.175:881 23.236.68.185:881 23.236.68.213:881 23.236.68.213:9999 23.236.68.89:881 23.236.68.89:9999 23.236.68.99:881 43.224.249.211:881 45.116.77.70:881 45.116.77.70:9999 45.117.102.172:881 45.120.156.139:881 45.120.156.160:881 45.120.156.160:9999 45.120.156.178:881 45.120.156.178:9999 45.13.199.120:881 45.13.199.120:9999 45.137.10.85:881 45.138.81.176:881 45.138.81.176:9999 78.142.194.122:881 5123.2288.org # Reference: https://www.virustotal.com/gui/file/1d15ccc6dc69f1f0a40f2b1396220120577396a18a9d09ca79a0c267a50e23cf/detection 211.243.120.137:2 ghkdtldhs.p-e.kr # Reference: https://www.virustotal.com/gui/file/295708d2a5ebd22cebe29b3f23a74e2d6f7f1056715324b35f5afc5e1d30ea57/detection 112.152.98.136:1212 # Reference: https://www.virustotal.com/gui/file/3eb70dc98b72cb6e0350f99848e4312fa37ca279c16bb011a9ff676ce530b879/detection a1104.r-e.kr # Reference: https://www.virustotal.com/gui/file/4dea27a086a7fe58de28b8fcd61df55d8656dbcb1803e3ff385cb1e2beded384/detection chlehdgj.r-e.kr # Reference: https://www.virustotal.com/gui/file/54171f4fd9b873b381f597c5b029433d325f27f7d1f1b7b1a131aaf182a47fe6/detection 116.38.148.166:1542 118.40.137.174:1542 wnsdud0430.kro.kr # Reference: https://www.virustotal.com/gui/file/9619b87a5b19e587227eba60171d2763b1fe9f81b27c0207fb3d52233ffbd059/detection 116.38.148.174:1542 116.38.148.175:1542 # Reference: https://www.virustotal.com/gui/file/21f59a60d6632320cad5a25dad18ec42d57bb4d3aebd3afac85ba7d81a5e09f1/detection 175.118.59.183:8125 # Reference: https://www.virustotal.com/gui/file/eb1982fba971cd54894c5755c6bb239ef92b1afcf21f16329f16580f5a103847/detection 124.111.116.108:8125 # Reference: https://www.virustotal.com/gui/file/45b6991cbb39b1598a993ff5b36eafc1308488ebdade8dbda7fe5a5d86c712c4/detection 218.238.223.33:8080 sexymon12.kro.kr # Reference: https://www.virustotal.com/gui/file/4685ce889d2e1ea74385dc9d0da97f279e258db237ca3c057fca0017c011d874/detection 218.238.223.33:6414 # Reference: https://www.virustotal.com/gui/file/4f0248164f3d33045922b8fb8e049df752abb52a4682164aa0dfeff2c1711d89/detection # Reference: https://www.virustotal.com/gui/file/e0e00179548df8be9a772b12744810e6ee3a1e48af967c8af3495ed7c541fac4/detection 103.95.240.43:2018 105.234.35.162:2018 122.213.24.236:2018 124.98.73.100:2018 132.233.176.72:2018 136.106.125.33:2018 148.226.138.194:2018 153.22.87.11:2018 158.73.36.83:2018 164.144.233.221:2018 182.224.234.115:2018 182.224.234.115:2018 182.227.60.248:2018 189.156.42.74:2018 193.207.245.146:2018 202.76.11.129:2018 212.22.201.53:2018 218.91.182.254:2018 246.135.36.50:2018 253.205.144.251:2018 28.207.215.223:2018 43.249.242.252:2018 48.45.191.69:2018 49.175.99.121:2018 9.89.177.30:2018 95.79.19.64:2018 # Reference: https://www.virustotal.com/gui/file/fbbba2a2aadb00fdc81cbbd79523414297de75496ff3f2d11498fb1e5016d249/detection # Reference: https://www.virustotal.com/gui/file/13446373e14035431a35d0f9b1543cf5067c774b999f750fe43ba4e97ee66ab1/detection # Reference: https://www.virustotal.com/gui/file/f393bba5f1252dd68fec310b8f89cda0ec8f59816edb9602f5446df4ba6f6cb3/detection # Reference: https://www.virustotal.com/gui/file/09733d736979f2192a205d576ea3d792740a8cabef8b0e6827b824cc89ef7903/detection # Reference: https://www.virustotal.com/gui/file/96c68339d429c7bc375d18241952caf4e4c58b1c556aa66784288078a738c2d4/detection 101.152.154.58:1800 107.190.198.28:1800 114.249.167.81:1800 116.35.216.50:1800 118.134.172.15:1800 124.193.141.68:1800 128.78.147.2:1800 135.137.116.55:1800 136.121.120.128:1800 14.5.119.153:1800 14.5.119.153:8808 141.171.69.199:1800 142.48.159.25:1800 148.108.129.78:1800 15.187.26.11:1800 15.246.205.111:1800 152.248.134.12:1800 159.52.103.65:1800 165.90.147.35:1800 166.33.192.121:1800 169.161.107.143:1800 174.212.56.214:1800 175.198.201.12:1800 176.105.39.108:1800 176.34.121.22:1800 182.224.234.115:1800 187.234.223.9:1800 187.49.14.95:1800 190.143.255.30:1800 2.89.141.243:1800 200.147.27.118:1800 200.204.108.32:1800 201.87.103.17:1800 211.91.1.105:1800 212.73.235.170:1800 213.164.82.189:1800 217.77.220.79:1800 222.128.169.151:1800 222.17.210.157:1800 222.35.230.92:1800 247.29.146.10:1800 25.190.52.98:1800 252.63.182.76:1800 32.142.109.126:1800 32.60.209.254:1800 37.110.158.71:1800 37.193.185.198:1800 39.228.13.20:1800 4.242.51.24:1800 42.244.134.15:1800 44.149.116.88:1800 49.175.99.121:1800 50.172.115.7:1800 51.6.147.64:1800 55.93.90.75:1800 66.38.193.62:1800 67.180.18.75:1800 79.135.77.85:1800 84.135.45.77:1800 86.171.185.13:1800 89.186.249.149:1800 90.221.6.85:1800 94.92.185.5:1800 # Reference: https://www.virustotal.com/gui/file/b5fabc8dc9e2516642cac9e4bfbda280b6312f1ceb107436f723902c8ee2e841/detection 140.143.145.162:29134 # Reference: https://www.virustotal.com/gui/file/fe5855d961748d6922d5687f0d0f10f07e6c8555cc042d73ba1188801fab7367/detection gdownpack.jomodns.com # Reference: https://www.virustotal.com/gui/file/45d34e4733c9b34cf8e43e13515ebd02c5a3dc9a7a04304caea7f6199b3c1e8c/detection 175.210.132.122:3 194.120.222.177:3 207.217.235.199:3 21.190.31.193:3 218.35.210.186:3 45.232.19.203:3 56.176.248.190:3 # Reference: https://www.virustotal.com/gui/file/aaf036cbf8b7436e69dcc517576c4a01a002f1e204c729469e4217b71e1a8285/detection 49.166.162.113:8080 1145678.p-e.kr # Reference: https://www.virustotal.com/gui/file/e259c7d12802a94129632c8287da2ef5d6ca2f06cac46eb4a0e264e2e69ce5be/detection # Reference: https://www.virustotal.com/gui/file/03d1ae34d48f1da0515fd077dc3a3c9d368dd884a605ee30096c32b4d0469e37/detection 159.58.62.229:1900 172.155.75.252:1900 175.198.201.12:1900 18.56.156.205:1900 182.100.50.239:1900 206.14.37.248:1900 21.114.88.242:1900 217.213.11.235:1900 32.154.41.228:1900 42.98.143.215:1900 53.42.117.202:1900 66.140.130.225:1900 77.212.105.212:1900 8.112.53.218:1900 88.156.79.199:1900 bkhwa123.p-e.kr # Reference: https://www.virustotal.com/gui/file/2a315ec1fbd8a3dfb70ba259699a660389c8a13a158f0c29cace1e1d67131130/detection 121.164.182.43:7327 185.53.179.29:8889 # Reference: https://www.virustotal.com/gui/file/bcf17bd4576d7494a71db278478a1f78112324c5bf847853e4d82c6c8dcde604/detection # Reference: https://www.virustotal.com/gui/file/441f5b8b76b7708eec2250570c714e1d5a35e0bdc867cfae54d639b4b1c4a200/detection # Reference: https://www.virustotal.com/gui/file/a31a9f60e27390091a25f134511f09c7776efab4b758b99cfdfe0498f88caf6d/detection # Reference: https://www.virustotal.com/gui/file/4c9fdb66f53b71a4c98892b62b26939006dd5d6b6353795a6181767b9258e2cc/detection # Reference: https://www.virustotal.com/gui/file/3dcca6757b9dd064348e0897dca21bf4cb8d7a5ce3fa5f54d934e7748684d908/detection 105.209.90.18:2 108.20.136.155:2 116.153.65.5:2 12.195.52.15:2 129.250.78.28:2 143.214.133.34:2 148.108.158.204:2 149.28.251.67:2 153.159.107.21:2 182.227.151.35:2 220.122.152.173:2 220.122.152.173:3 36.109.39.24:2 47.54.142.11:2 60.151.26.34:2 71.95.129.21:2 81.167.103.8:2 95.10.116.31:2 # Reference: https://www.virustotal.com/gui/file/6e2bfdaf17806fa35c8b113fcf6931e22a6fcb8516c2f741bac6cbd63d62ca32/detection 220.122.152.173:12 # Reference: https://www.virustotal.com/gui/file/0a352acc084973c5ccbc13dd487fc5e3e746bb902c5420f98f6c74eb0c120c71/detection mhddos.kro.kr # Reference: https://www.virustotal.com/gui/file/37d02d69a4404525f924954e7ed61b389ae10283ca4cba9fa3e3a6fd66f5b102/detection # Reference: https://www.virustotal.com/gui/file/9bd0184051693d604f2b16ee748b3c4d1a9c988eef4f90fbd933db188dc7ab56/detection 31.13.72.54:6300 67.228.74.123:6300 85.155.231.209:6300 ziscoll.hopto.org # Reference: https://www.virustotal.com/gui/file/b7c16208e51ff8fed8e00a1a203b25f5dbab43f7dd3022f457995b8b726569c3/detection 211.209.68.52:4368 211.209.68.52:8080 211.209.68.52:8500 jjh0547.ddns.net # Referenc: https://www.virustotal.com/gui/file/7f3f596898d41c390b96b234f6c7e6582004e2d2f0915186f679c4e1d786dc84/detection 58.227.92.15:1234 # Reference: https://www.virustotal.com/gui/file/927d0f45bf59f19e915b8a8807372f547d151b60455a7fe40f696b8742d3ae3a/detection 103.101.205.121:7766 107.183.180.136:7766 110.42.0.146:53021 154.213.17.131:7766 43.230.144.18:7766 apple.vzboot.com # Reference: https://www.virustotal.com/gui/file/3dd6bec54999df3bfdf712a225545fce48205c53af9960e428d5eef0ac32f54b/detection 02nkh.kro.kr # Reference: https://www.virustotal.com/gui/file/0edc06c67de685862554ccd0f6add477d0f196d193ae111dcdde9887498ae0d1/detection # Reference: https://www.virustotal.com/gui/file/70122334d98ad43b6d45f70fa696ba0974e0e9a1e0f63750ab36477805426da9/detection # Reference: https://www.virustotal.com/gui/file/85223f374cc2b876e013e1984cd32ac22af1a72cc3811d4c816293979c382f8b/detection 125.136.40.2:1478 27.124.159.202:1478 ghgha8191.kro.kr # Reference: https://www.virustotal.com/gui/file/83c86d011632b66600f2bc40928282b202f75f8486e7b936a8a18828871e3992/detection 211.219.163.11:1234 # Reference: https://www.virustotal.com/gui/file/c67203de44ad8c4aa81a362b6188ed83b055b5fb9551df21c384dee7fe6cbf39/detection # Reference: https://www.virustotal.com/gui/file/353d13e06c526bd774a603d43a0ef66826604eaddd933db2bee067b86393861a/detection 104.18.44.248:2018 124.156.99.141:2018 121.54.174.199:2018 wlxxlt.com # Reference: https://www.virustotal.com/gui/file/dc49649e53f19262d7b6c0b2d5fd3492d3ca1ab1b3d38f917c41c0525961b277/detection # Reference: https://www.virustotal.com/gui/file/78b7836e2f173a4b1b29ebce842d765abdb5cd115a2bd415f31b5f682c2fb8d6/detection 103.246.246.148:8097 182.254.229.239:2017 myss.ddns.net xiaxiansheng.f3322.net # Reference: https://www.virustotal.com/gui/file/858a84f0c01e4e9863f619f1506b0eb3df0f0010c3481ff1a0d4fd810143cf62/detection 47.93.189.22:7777 # Reference: https://www.virustotal.com/gui/file/ecd057c283ad644e7420698275a704009762c251ca7dd0cee9699a3aa9b6ade7/detection 182.254.229.239:2012 98.126.167.245:8889 base8.gyddos.com # Reference: https://www.virustotal.com/gui/file/dea81efe7bbe77d228c339afc803315c287f8d5c0c6ba17c1cb452fe856230ae/detection 47.93.189.22:2017 # Reference: https://www.virustotal.com/gui/file/aa9e1deace9a4a1bc717188d071cf825c1da0b92a666a5add251757682ee1358/detection 39.116.22.96:2102 sub070145.codns.com # Reference: https://www.virustotal.com/gui/file/9535fbc5fb7a77e9a12a4b40e16d2de5ae81ffe170fa3abdc0c8056002056fc2/detection 39.116.214.99:2102 # Reference: https://www.virustotal.com/gui/file/0102d26be50617e603388e5d04887f82258922817d5c53f02050bab6ead3ce90/detection 39.121.199.163:1597 # Reference: https://www.virustotal.com/gui/file/54c198fc6d27e6990cd3c02918372cd29a17a479d8071788ec8d3cada76c08dc/detection 14.48.223.211:1346 # Reference: https://www.virustotal.com/gui/file/6b41dfe97a3ba4cc742d2d426f9b464694156b82b2b1d49245b3b2e8ab802dfa/detection 221.141.101.24:203 nj7979.codns.com # Reference: https://www.virustotal.com/gui/file/0dcbe537215e61fa0d2a9817c8d38a6c7c53b7cb912c82ab8e7761026619dbda/detection codns2847.codns.com # Reference: https://www.virustotal.com/gui/file/fea85f469ecfd4ad2ac356ebe671e2b050cc59c1891a0bf0a6759041812a1061/detection ydj1115.codns.com # Reference: https://www.virustotal.com/gui/file/afad3c6be6939ec621cedc5b98897583030cf08178a485b4b6d68bf664cb178e/detection whwns5265.codns.com # Reference: https://www.virustotal.com/gui/file/a58bfc1b857fcb16283bbce698ec52746bc9325b077a917e39d21cda8b2a5969/detection 111.171.90.60:3625 115.160.74.103:920 # Reference: https://www.virustotal.com/gui/file/6db85922561469819c8ffaf0ec78c45ea82056373377df5d276c0a25947040b7/detection cjwk32.codns.com # Reference: https://www.virustotal.com/gui/file/4fe03646f2f23c555d0d66d9105aba070f757fcd78166f935acb6c729c5e1ad3/detection 211.223.6.162:1234 tjdcksdl21.codns.com # Reference: https://www.virustotal.com/gui/file/ea248a7a4724db933f8d792659a74b2b60d5d268606961baae75240b4eb29b93/detection 45.64.113.197:8888 binghe.tbfull.com # Reference: https://www.virustotal.com/gui/file/e59ff1c2c2350b29f745f2443c4760cb6a57fce5f7f50c0223ce47e7dc82f044/detection 103.200.28.68:3600 # Reference: https://www.virustotal.com/gui/file/a2eb66833fc95f4b80b7ffe1b7dec6054c19e58d1141e64f37d35ce1975f6137/detection 45.64.113.197:3600 # Reference: https://www.virustotal.com/gui/file/e49f2dabbb58e4c4db895a63ac02fb64da420278dcdfab8d41ff1edc5a50059a/detection 125.77.30.170:3600 bh.tbfull.com # Reference: https://www.virustotal.com/gui/file/921bb69a90829e33da52e088bf3144712796063219e70d6d54a2bd6f844a433d/detection 125.77.30.157:28655 125.77.30.157:8080 xxg.tbfull.com # Reference: https://www.virustotal.com/gui/file/dc6934d639c55d886a2fa229f8aa9c8ccd980e4fa01a691ca7b6794345cda9d8/detection vtcmdr2.codns.com # Reference: https://www.virustotal.com/gui/file/9a34004d08b5d0148bcd55f18532672664ac2d334cb622457134a946e033d48c/detection 39.118.202.145:8795 swchoco.codns.com # Reference: https://www.virustotal.com/gui/file/e9c546e54233f4f75ff3118c92c51ecb6066ec878ef44c519f5e528284e3b73a/detection 115.143.174.43:1024 kaza2.codns.com # Reference: https://www.virustotal.com/gui/file/3fe990f6e85733b6ba762d77de0b3795ec42ac0917cfa5c1edba1dac1250d1a0/detection 148.81.111.121:65520 mang75.codns.com # Reference: https://www.virustotal.com/gui/file/375f60b24f38fb49b37154b859a91e1da829fdd5c92c147d2ca4e62cc4d6a4e4/detection kwj111.codns.com # Reference: https://www.virustotal.com/gui/file/1a5756fd43ad80ce55b73b4c92c495143e5e6b4c0a58c6f3bdb0bff3f276dc7c/detection 211.40.201.28:1234 218.151.35.171:1126 whdnqls3455.codns.com # Reference: https://www.virustotal.com/gui/file/48762fa5a279dd4fbf2acfb1a947743807ba4c87c87f2920f335aad8397be050/detection kimbob0701.codns.com # Reference: https://www.virustotal.com/gui/file/ad8ed264366df740bf96d120520bd46d69fd8b55fe7c1993d2a865ca598f2570/detection # Reference: https://www.virustotal.com/gui/file/69480a9a4542086c1761f80b8b45dbe4336f4ec807d1bd47dd3984cc93f4ce13/detection # Reference: https://www.virustotal.com/gui/ip-address/148.81.111.121/relations 148.81.111.121:65520 panti.codns.com # Reference: https://www.virustotal.com/gui/file/144b82598213c7323628e77babb470bd7fde257a796322dccdfd8675ef6dbe78/detection duddnjs2666.codns.com # Reference: https://www.virustotal.com/gui/file/25486ed1836c179cc7a5bb914416c24155b09e200bcc4dcb8f80080162f8a530/detection apple12313.codns.com # Reference: https://www.virustotal.com/gui/file/82f7cc07b7e9d1afdb70b7d74d6dcc92ab4b400a5ffc3bfaf61e80565375d1f8/detection 221.164.177.54:1275 khu6912.codns.com # Reference: https://www.virustotal.com/gui/file/4461b7325e242ad0aaff2a074b9af07ce37c51ac757a923f34f29d0ba1e5a172/detection 103.39.108.20:439