# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: crysan

# Reference: https://twitter.com/suyog41/status/1130804704152305664

mikus192091.ddns.net

# Reference: https://twitter.com/luc4m/status/1106618159522635776

queda212.duckdns.org

# Reference: https://twitter.com/CERT_Polska/status/1072793091856392192
# Reference: https://www.cert.pl/news/single/trojan-oraz-ransomware-w-kampanii-podszywajacej-sie-pod-inpost/

213.152.161.99:47390
213.152.161.100:47390
213.152.161.101:47390
213.152.161.102:47390
213.152.161.103:47390
213.152.161.232:47390
213.152.161.233:47390
213.152.161.234:47390
213.152.161.235:47390
213.152.161.99:47392
213.152.161.100:47392
213.152.161.101:47392
213.152.161.102:47392
213.152.161.103:47392
213.152.161.232:47392
213.152.161.233:47392
213.152.161.234:47392
213.152.161.235:47392

# Reference: https://twitter.com/Threat_hunts/status/1135810121227882499
# Reference: https://app.any.run/tasks/5ad34df1-b5a8-415f-9496-334d9bfdd7b1/

95.167.151.253:7707

# Reference: https://twitter.com/James_inthe_box/status/1141072205771448320

kizzoyi.duckdns.org

# Reference: https://twitter.com/powershellcode/status/1148234398703030273

internetexploter.duckdns.org
systenfailued.ddns.com.br

# Reference: https://twitter.com/DynamicAnalysis/status/1165901579536539649

79.134.225.90:4782

# Reference: https://twitter.com/James_inthe_box/status/1167217092245872640
# Reference: https://app.any.run/tasks/8eb2d184-08ec-40ab-8742-32f6988c5638/

23.105.131.169:6606
193.56.28.173:7707
193.56.28.173:8808
rownip.3utilities.com
rownip.mooo.com
rownip.theworkpc.com
rownip.dyndnss.net
rowanyne.ooo

# Reference: https://twitter.com/JAMESWT_MHT/status/1169142417754337281
# Reference: https://app.any.run/tasks/308651b4-37c0-4c66-87ba-5bf05d1ff411/

79.134.225.115:4404
eg-east.com

# Reference: https://twitter.com/dcTavvy/status/1188352813937463298
# Reference: https://app.any.run/tasks/6aedb064-1078-4304-b1e8-a8205a5ba698/

193.161.193.99:43158
Lolikot-43158.portmap.host

# Reference: https://twitter.com/JayTHL/status/1197240502699073537

5.62.41.111:5320
91.193.75.151:5320
netty.myftp.biz
ify.insidedns.com

# Reference: https://www.virustotal.com/gui/file/598ba7562062467fbf05d47bfadf27578a8ed4d5d5abdf17a5a4820ad71651bf/detection

3.19.3.150:6606

# Reference: https://twitter.com/w3ndige/status/1214596648644620288
# Reference: https://app.any.run/tasks/509acd2f-9474-44d4-aac2-d186a4716bef/

g.top4top.io

# Reference: https://twitter.com/killamjr/status/1217630017116499968
# Reference: https://app.any.run/tasks/2517942c-3364-4d56-93ab-cfa47fd14299/

101.86.170.36:1199
45.11.19.240:7707
xred.mooo.com

# Reference: https://www.virustotal.com/gui/file/cc7a634047451f72a51766d1b6e33ce8a154579d80f6abcf9a109ff64c22f3a6/detection

177.98.43.164:7707
skypeprocesshost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/0c8a1d1eb4a0ee3ca2cf22cb4ede61f85e5170885549769984110edb6b64a236/detection

179.95.221.147:6606
179.95.221.147:7707
179.95.221.147:8808
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/b1a7fda679c569e51e4b1239d044bb6e6e1f3557ccd2060c32a11b0978919b2d/detection

177.206.102.68:7707
177.206.102.68:9830

# Reference: https://www.virustotal.com/gui/file/366c8707d33501338e524e4c70f8b10ac993341134aa28b32a550f06911ba646/detection

191.32.227.90:7707

# Reference: https://www.virustotal.com/gui/file/d60372f5bbed48ea826b894402e4412a478979b590bed2b9b0d1d84017549bd0/detection

177.133.237.246:9830
179.180.17.194:7707

# Reference: https://www.virustotal.com/gui/file/9fbc310b2579816b488dbc44485acd418b20a72ef8dceb558f645a735fe10f05/detection

177.98.43.164:6606

# Reference: https://www.virustotal.com/gui/file/4913ae8055d7c6f225c0bd63ffceb28138483b39d9887de8ebcc8773e9d0d46f/detection

177.98.43.164:9830
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/9a3e8a5bd3bfae58180089d27f1e23ba5f8118272b903a4ce99047969874a989/detection

177.133.246.134:9830

# Reference: https://www.virustotal.com/gui/file/ef332bc4cca2207ceb999f77d3e8a02b9d3b2c475d39310d2f1b09ae8f335de9/detection

177.133.246.134:7707

# Reference: https://www.virustotal.com/gui/file/6ede0a69b6d4d7b9cddc97ed35f58a284427fa92923d7a3e9e1442a5a0ad1b46/detection

177.98.127.109:7707
177.98.127.109:8808

# Reference: https://www.virustotal.com/gui/file/87571c558c0c211cd407d87217a3a64240736fb6645919e970dadef3680975ef/detection

177.133.235.48:6606
177.133.235.48:8808
177.133.235.48:9830

# Reference: https://www.virustotal.com/gui/file/d0ca0770e89e27b72703029c7900853a655be67c65fb1bcbd0c652eceb3b384f/detection

177.75.41.182:6606

# Reference: https://app.any.run/tasks/5e7bb6ce-39e9-4243-8802-968c8fb28753/

cloudclout.duckdns.org
79.134.225.38:7707

# Reference: https://app.any.run/tasks/823454cc-ac69-47d8-821a-262f4226ca10/

sbmsbm20.duckdns.org
64.225.20.238:2030

# Reference: https://www.virustotal.com/gui/file/712bc10802ec06baeb0774fa92d2816c477d6a5dceb0ac9960120344fcf7e1f7/detection

141.255.159.75:6606
141.255.159.75:7707
141.255.159.75:8808

# Reference: https://www.virustotal.com/gui/file/55618c029549b2e2f8919902d09c19658e98390cc3e3faeb05743f091e22818d/detection

79.135.146.203:6606
79.135.146.203:7707
79.135.146.203:8808

# Reference: https://app.any.run/tasks/5bbbc0e9-1c84-413d-be8e-371aa483f11b/

141.255.146.30:6606
141.255.146.30:7707
141.255.146.30:8808

# Reference: https://app.any.run/tasks/f44c32ed-727b-437b-9249-743b5ae74ed4/

185.140.53.12:21000

# Reference: https://twitter.com/wwp96/status/1236015091029590017
# Reference: https://app.any.run/tasks/7a110950-e58a-4f0a-80ab-fc17c39d38cd/

185.140.53.154:6606
185.140.53.154:7707
185.140.53.154:8808

# Reference: https://twitter.com/JayTHL/status/1240390421467074561

216.38.8.179:5505
216.38.8.179:6606
216.38.8.179:7707
216.38.8.179:8808
peacelist.ignorelist.com

# Reference: https://app.any.run/tasks/96716bfb-5070-40e4-bda5-d6573d7e1e55/
# Reference: https://app.any.run/tasks/d292b50e-71d7-46c2-9c75-3c053b7c36cd/

46.183.223.29:6606
46.183.223.29:7707
46.183.223.29:8808

# Reference: https://twitter.com/James_inthe_box/status/1243161779212935168
# Reference: https://app.any.run/tasks/393f52ea-8176-4081-9f69-2e4706e7f27a/

51.75.154.242:1515

# Reference: https://www.virustotal.com/gui/file/77e5748478eb6c6064e118bd35ef28f90bfd0eb908eee0291b994c9a6d5b11f5/detection
# Reference: https://www.virustotal.com/gui/file/b892431179d2ed7f4b5c68eff968491b7716a067b6ab16caa5e204c9766d5bcf/detection

41.104.11.200:7707
41.104.122.164:7707
41.104.221.163:7707
41.105.197.112:7707
41.109.189.104:7707
41.109.193.177:7707
41.109.228.158:7707
41.109.242.126:7707
91.109.176.6:7707
91.109.178.2:7707
91.109.178.6:7707
91.109.182.2:7707
91.109.182.3:7707
91.109.182.5:7707
91.109.186.5:7707
91.109.188.10:7707
91.109.190.2:7707
91.109.190.7:7707

# Reference: https://twitter.com/James_inthe_box/status/1248964446505947136
# Reference: https://app.any.run/tasks/4cc95d8b-f2c7-457d-97d2-991d0115c1b4/

77.247.127.128:8855
88futur.xyz

# Reference: https://twitter.com/James_inthe_box/status/1250441655452237825
# Reference: https://app.any.run/tasks/a8c80640-e0bc-499c-bd8b-de1c9166d4dc/

45.32.167.239:6606
45.32.167.239:7707
45.32.167.239:8808
hdkshnfk.ddns.net

# Reference: https://www.virustotal.com/gui/file/51482d0164957eec01b4916354b5a992e6705655bcb44ca4b0b2a520e3b64e6c/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
soucdtevoceumcuzao.duckdns.org

# Reference: https://www.virustotal.com/gui/file/626879e64f571e21902bdc2f249ce247e03420e8656990d54f3ab4ceb99b4fb4/detection

105.111.80.222:4000
azure34.mywire.org

# Reference: https://twitter.com/ScumBots/status/1250963567366545408
# Reference: https://www.virustotal.com/gui/file/b465ae7940f04cb8b6f6baf9a288eecb5e405290bf48b18fe70ba41e9cc97389/detection

192.169.69.25:4000
amazon34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5abfea336ec1f8f078499dd4713d65b5e75c59243b6137af1f5297706413dc63/detection

105.103.214.89:4000
amazon3407.mooo.com

# Reference: https://www.virustotal.com/gui/file/6f5567af58976eb61af59c7edf1e5cdad7e3cd2fc60c16b123dfa53cd44e8f6d/detection

85.229.141.17:1337
92.34.156.156:1337
bob1337.chickenkiller.com
getconnected.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/762a570980637077dbf431c691c38de20e50474d0c67003b4483c6f20a16e533/detection

129.56.25.121:6743
asyncrat6743.ddns.net

# Reference: https://www.virustotal.com/gui/file/5e6bd1b03148962cff91b0f6a1d4e915bafd1049931d5d4ff2bda151bd761e28/detection

unknownamehost.ddns.net

# Reference: https://www.virustotal.com/gui/file/f17981f481d0e31ac51cbf66b5c94d3f73d5a2647a158370ab9e6b3357a00f9f/detection

unknowhostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1250960155900104705
# Reference: https://www.virustotal.com/gui/file/5a4958af2c13c0a9a6eff86bb5f4fd339a85a66249a22278cc5b50cecd89188a/detection

88.208.245.177:1443

# Reference: https://www.virustotal.com/gui/file/8c344acd0dfc01ac093b4a4407cd2f126f74bae0ca5b66f92912d522160ac639/detection

103.82.249.19:8808

# Reference: https://twitter.com/mahnyan1/status/1251321072865042435

babyboyhammer2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e9c607f263a990db1bf0465c8688ed7ce7e5f294845041fb56af313df34f45df/detection

176.31.26.213:6606
176.31.26.213:7707

# Reference: https://www.virustotal.com/gui/file/7bebcd498c41f74199691dd8c0d9144f562b4c71dc9c96607260689397ba2285/detection

178.209.46.144:20108
73ch91ch13f.100chickens.me

# Reference: https://www.virustotal.com/gui/file/a0e26b77db21ef8899c3b18fa562a53f51b37a3cb8677034bbd8c2c5b37cf78b/detection

193.161.193.99:61436
karakan123-50010.portmap.io

# Reference: https://www.virustotal.com/gui/file/dd8069de43a40341482301c95b3a05d0201a9386a5c586b17451ca37447dd1ac/detection

152.246.228.24:6606
152.246.63.32:6606

# Reference: https://www.virustotal.com/gui/file/1c7dccd9e95acff427990af9670ad69d54fcc056aa0eb7744ec8f22d35088c45/detection

193.161.193.99:56282

# Reference: https://twitter.com/ScumBots/status/1250963480783527938
# Reference: https://www.virustotal.com/gui/file/31345f8b3aefaaa13a783f4febe071bb8da7ae27f5f5c06024f9f29db0116321/detection

192.169.69.30:6606
192.169.69.30:7707
192.169.69.30:8808

# Reference: https://twitter.com/ScumBots/status/1250963998922739712
# Reference: https://www.virustotal.com/gui/file/91ecc56db47e5fe085075ff0d7fa76d2911e787734b95b81a4570a15a45444b9/detection

192.254.74.210:6606
192.254.74.210:7707
192.254.74.210:8808

# Reference: https://twitter.com/ScumBots/status/1250964170302009344

cmradelucifer.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee035f65117dd6ead3f1da5a952df99efbaa39c7345fc11f8ccbbb6ecf86037/detection

168.197.229.117:6606
168.197.229.117:7707
168.197.229.117:8808
79.134.225.20:6606
79.134.225.20:7707
79.134.225.20:8808

# Reference: https://www.virustotal.com/gui/file/4a5cea334cdd0c4042498850f591717d0677fb606331d11210f7b5d2b3a27ff2/detection

213.213.206.18:3306

# Reference: https://www.virustotal.com/gui/file/d09e5b5fabdfa8578b377d46b44fcddc0772a92750e4ead921e2e56e97cdda35/detection

185.165.153.95:8989

# Reference: https://www.virustotal.com/gui/file/a3f870eeaf9cb8e486363b1ff8e1fb79937ed85bab6237ee6123125ad3a43290/detection

186.53.186.235:4132
yugdab.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1b5e3eb733257954a9dd28f6a3e081d941deaa73418d4b22beaa3200a8f96285/detection

41.140.208.184:6606
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/0e0bf4239bf7472066cb37ab517d74b1102c69af9e0feca64d567dff879ae1eb/detection

69.171.248.112:5557
8701.viewdns.net

# Reference: https://twitter.com/ScumBots/status/1251156576615849985
# Reference: https://www.virustotal.com/gui/file/419fa3facde23e4b18afe0c7f7198844f3ee9e28da6e39f2e2e9e60c41e83570/detection

193.161.193.99:63374

# Reference: https://www.virustotal.com/gui/file/9b471c2935fdd01c7e9d57e78f91d213e6d1b5a44ac1719048d92d02d1976422/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
number2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/aff7d626d09099f6aaf329f1b2e0623a378b45fdf4536ad83e63efc87e7e0865/detection

124.50.195.153:5050
kkk1046.kro.kr

# Reference: https://twitter.com/ScumBots/status/1251180572711550983

103.18.14.217:1337
dedsee2c.accesscam.org

# Reference: https://www.virustotal.com/gui/file/923092b6cec8aaa0cd11fefa625ed17f98702edac91c3a52beaf7e54f6e5f784/detection

13.235.76.244:1337

# Reference: https://www.virustotal.com/gui/file/582fb62f0d92afaee2dc79108622667cc62d298cafbde3d1e2ec1738c977f4a6/detection

nohostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251180991995088900

103.244.74.228:46839

# Reference: https://www.virustotal.com/gui/file/36b272fbada18f510fa34a479fa391131797f13218f6756c52825d9e7711be6e/detection

41.103.199.216:1337

# Reference: https://www.virustotal.com/gui/file/850bcc510ee39c6d6dde91f041bcb276b74a8101c84279a35c0a3570a4e6440d/detection

poiuytrewq3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181425933647877

dqrkodz34.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181595635126274

jess19991102.ddns.net

# Reference: https://www.virustotal.com/gui/file/d4a629944bf1e03d43a04b530f9606d8315b84e847c83042427224011f3067ba/detection

193.161.193.99:36811
hussaryn-36811.portmap.host

# Reference: https://www.virustotal.com/gui/file/c338d425a1293b82ac13c856c43d588ce0053b27349620b7353273a42a04d845/detection

jess19991102ddns.com
jess19991102.ddns.com

# Reference: https://www.virustotal.com/gui/file/0a276fdaf3367ca3fd4cf90eb338dd3d0575ba3979f1bd609ce58e13e2aa0a8e/detection

204.14.73.154:8080
bomi.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251182632517410817

salsamania.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251183213747277826

googledrive.dynu.net
googledrive.linkpc.net

# Reference: https://www.virustotal.com/gui/file/f71eaaf23ecba6aafc314f3d42badafb4430b1be62a1ba325c592b258b8f1319/detection

213.152.162.84:9040

# Reference: https://www.virustotal.com/gui/file/ee1e5a4ee19c1b613aaa82b48e313c6e3eeb5874d7593809c2207037254a57cc/detection

fertun-29801.portmap.host

# Reference: https://www.virustotal.com/gui/file/2b70dd97d36efbbadd5f63afc22e28dc53d26302bae846b4f4e49e27cf95a70f/detection

176.232.239.198:5060
denemeiso1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a86751d7ee905499b6e324dc5175e287a20d34cde78cbe35a290523dea9d1cd0/detection

13.235.23.234:1337

# Reference: https://www.virustotal.com/gui/file/e20e1fd207ef943af95774fc0fc0e38da70c808b78a3dfb141e4852036a8dc12/detection

noregisterdomain.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251185289055350784

87.14.96.105:1303
emmek.crabdance.com

# Reference: https://www.virustotal.com/gui/file/b76b157a8d6ccfd5cc7ea8eed54af4d0aab9e97f8d641f886617252d9acc48bc/detection

41.100.199.86:5555
clayroot2016.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251185716111069184

am164.kro.kr

# Reference: https://www.virustotal.com/gui/file/f25f43f5cea51647e82413accd831b93fe8c2b7f072fc1468cd1d13bf08224ec/detection

136.243.31.186:1608

# Reference: https://www.virustotal.com/gui/file/1298f1fd280d2768e2a5e3f1089ec3ad18e17cade3fbeb78be864d9c3caff337/detection

173.238.140.238:6606
173.238.140.238:7707
173.238.140.238:8808
bshades.ddns.net
dark-comet.ddns.net

# Reference: https://www.virustotal.com/gui/file/47979eca9030c7f8de4c86c048e17efa02f66c6aed8a52c24dbd4bd7b0692b88/detection

75.80.221.198:1604

# Reference: https://www.virustotal.com/gui/file/5515739bd8752264b7ee2a2c9b957d36af9fb16b19d7dd1aef4139f2fe74af47/detection

sam144169-56334.portmap.io
webforma.chickenkiller.com
webdata.ddns.net

# Reference: https://www.virustotal.com/gui/file/610a58f5e46ffe61093dad4ef8528df34894d29347a1eec0224a87bba7864b8f/detection

46.237.79.53:8080
rat24695.ddns.net

# Reference: https://www.virustotal.com/gui/file/5b18ab7442af71b0ba9293b200fa26961e6de7b98d51456644aa58d307dc0e1f/detection

154.16.248.14:3230

# Reference: https://twitter.com/ScumBots/status/1251187877255528448

112.149.90.49:5050
hyungwoo.kro.kr

# Reference: https://www.virustotal.com/gui/file/03a58d54e04d346d4d06637a40834795431147472e07c815a0fee27475bcc970/detection

a24369093123.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251188552500723712

40.114.49.176:4040

# Reference: https://www.virustotal.com/gui/file/b796ac10d1f3133ca6b77141e50e414f1fc704299884d0b0fb676ab0db7fed89/detection

yesweekend12.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251189068190318593

213.152.162.84:9040

# Reference: https://twitter.com/ScumBots/status/1251189153976516610

unregisteredhost.dynu.net

# Reference: https://www.virustotal.com/gui/file/516c73d324fa23f5aaf50bf9306c2d5aa3d55b0b8c9be60e273ac3c1895f15f3/detection

23.249.168.43:9090
ccmorgan.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0eb9cb0a88f2e88881e06ce961c2da388475c1b595f2669c57e0cf1b5eb7677/detection

41.143.216.51:1738
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/44e550a4dbdc40e1cacca65b7e516618558c0d2114b3641cda6ddd69190ed8b9/detection

141.255.155.90:9023
nonamehost1.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251189930300227584

anonauth.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251191403851505665

216.246.49.165:6606
216.246.49.165:7707
216.246.49.165:8808

# Reference: https://twitter.com/ScumBots/status/1251191570986082305

82.84.85.59:1608

# Reference: https://twitter.com/ScumBots/status/1251191655589445635

62.108.37.42:6606
62.108.37.42:7707
62.108.37.42:8808

# Reference: https://twitter.com/ScumBots/status/1251192193597014016

84.51.52.166:6606
84.51.52.166:7707
84.51.52.166:8808
kingspy.duia.eu
kingspy.noip.pl

# Reference: https://twitter.com/ScumBots/status/1251858682108956672

61.69.131.134:1604
yilmazkocakau.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251915307536580608

141.255.146.238:6606
141.255.146.238:7707
141.255.146.238:8808
alltricks.hopto.org

# Reference: https://www.virustotal.com/gui/file/cd61eefce1bda8e8fd7d6f38bb9e6d70b4f1d90efb039a1346d890eeedbd63ef/detection
# Reference: https://www.virustotal.com/gui/file/ae089f74371ab598c6cf00e6debbb9d70c091d90641c406b4aa4c88e3fa81c25/detection

41.42.6.83:6606
41.42.6.83:7707
41.42.6.83:8808
81031.ddns.net

# Reference: https://www.virustotal.com/gui/file/5185c0e1245a6ef3f2e38459095098a085e1b3f0fb75c7aa657df068be3334dc/detection

41.35.15.87:6606
41.35.15.87:7707
41.35.15.87:8808

# Reference: https://www.virustotal.com/gui/file/31846d250a4f71ff4d5348ba0417584e560f6a93a949bba415a9efd261a41e17/detection

77.78.103.70:222
qwerty123123123.hopto.org

# Reference: https://twitter.com/Racco42/status/1255493982420942856
# Reference: https://app.any.run/tasks/9e6d5087-6d1d-44b5-9ac4-349e14df5eb9/

62.102.148.158:62727
panda45.duckdns.org

# Reference: https://bazaar.abuse.ch/sample/5be39967ba90f3766fa81f354a61102a7ddf6bc19ec282e56727abb6dafb973c/

185.244.29.175:7071

# Reference: https://www.virustotal.com/gui/file/3e9fc29f4f0edfaebea7d78f2de99dc5dfdcd440fc8afc2fc8be0d9a6e10466e/detection

188.52.75.171:5558

# Reference: https://www.virustotal.com/gui/file/646bd5449aa3c3d5d029daeb30efbb49c68209ec434f4216593952d1310343ab/detection

80.200.143.32:5353

# Reference: https://www.virustotal.com/gui/file/f6270d604a6e859c46733c14315da1dc07d7c50eea5cefd427e915c7c726cd24/detection

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
pointblankbrasil.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ffb897728bb3cdaf183b6346255551615e9de81c4178a74cfdf92c8a03dc11c1/detection

91.109.188.2:1010

# Reference: https://www.virustotal.com/gui/file/9a512140b526841ae759063ba36e46b1812c105d9cc94f8dfe11ff69f3cbb336/detection

51.39.198.26:6606
51.39.198.26:7707
51.39.198.26:8808

# Reference: https://twitter.com/ScumBots/status/1257439484339277831

141.255.158.227:6606
141.255.158.227:7707
141.255.158.227:8808
jnhacker.con-ip.com

# Reference: https://www.virustotal.com/gui/file/8e0bde81c9e355be99d2fd2a8cd0a1ff088ccb9e4d846323a07c20948e385497/detection

42.116.41.65:3979
kingspy.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257437270765953025

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
mydnshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/78f70e9f02eb5434bb36715f107a092a695b060a3e4dba41e6d6213813d6f6e3/detection

86.7.195.44:7777
nfrurqcjthnjznd.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257468146027503618

93.22.123.135:6606
93.22.123.135:7707
93.22.123.135:8808
backdoor.mcrage.me

# Reference: https://twitter.com/ScumBots/status/1257751258787700743
# Reference: https://www.virustotal.com/gui/file/046b3e5c4418660a9eed9ffc4e9769df9e133eb96b40e2585eec87cf202d9b0b/detection

41.109.165.237:3000
cappa.myq-see.com

# Reference: https://www.virustotal.com/gui/file/509607c23436a0d4ef33b21734a19aa129fbcd63bad4cb2965f06fc3f32c2554/detection

41.105.203.238:3000

# Reference: https://app.any.run/tasks/4c0659cd-b563-45a9-93ca-77b82e795fba/

193.161.193.99:56769
unity123-56769.portmap.host

# Reference: https://app.any.run/tasks/bca9407f-6879-4ca7-9dc9-c5c7d9472e38/

193.161.193.99:7112
193.161.193.99:45885
reality-45885.portmap.host

# Reference: https://twitter.com/ScumBots/status/1257955102553448451
# Reference: https://www.virustotal.com/gui/file/5d5d00143b5f578c0293a7cd806009ecd8da5b30d713ebdfb4fcfb83b85e31c1/detection

108.168.118.205:4782
havingfun.chickenkiller.com

# Reference: https://twitter.com/ScumBots/status/1258452953662439429

103.74.18.65:8899
103.74.18.65:9090
webdata.ddns.net
poda.duckdns.org
poda.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/e2dd6989c2d9bd1038f5c6e741f4cdfa9b4584739fabf98db244f7763607178f/detection

asyncrat.ddns.net

# Reference: https://bazaar.abuse.ch/sample/43264fd31d2b8ce6104a5daf7cf933d315e21e2a968998591361c13fbc365baf/

194.5.97.223:6204

# Reference: https://www.virustotal.com/gui/file/b611859ca933afe409d9c00d3c75fb42a4049ccee735afd2123e566bbf066c29/detection

185.140.53.43:4444
lagba10.ddns.net

# Reference: https://www.virustotal.com/gui/file/34e20c34bb369fb81054fe19e90916e62251720cca8b961942f9ebbcb669919a/detection

193.161.193.99:25270
hiddensick-25270.portmap.io

# Reference: https://app.any.run/tasks/88548d77-fbc2-421d-be4b-2da16bd0b5f3/

193.161.193.99:34785
Slxthy23rf-34785.portmap.io

# Reference: https://twitter.com/ScumBots/status/1261669580067549186

5.9.221.55:6606
5.9.221.55:7707
5.9.221.55:8808

# Reference: https://www.virustotal.com/gui/file/32501c0b743c1a550d9f4a24c73a6e58cb7e7a24919cdea9e85bd7d417273806/detection

220.120.90.123:6060
am164.kro.kr

# Reference: https://twitter.com/ScumBots/status/1262284883466096640

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1262417002142085121

79.134.225.101:5552

# Reference: https://twitter.com/ScumBots/status/1262647276843028480

59.26.17.108:1212
obidori.kro.kr

# Reference: https://www.virustotal.com/gui/file/31f8ef6bce5d3c220c3fb531b699dc5026b343bd0e76f3dd9fc9359dc86936d0/detection

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1263461921547747329

128.199.41.159:2001

# Reference: https://twitter.com/ScumBots/status/1263674037227659264

61.81.92.38:1212
test9909.p-e.kr

# Reference: https://twitter.com/JayTHL/status/1263709348422967296

123.240.25.197:1604
asdf3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1266652411889926146
# Reference: https://www.virustotal.com/gui/file/298587d8c8a376568ed09d332f329f3a4282e96e905f4569fbf24223ed10e491/detection

77.162.55.86:6606
77.162.55.86:7707
77.162.55.86:8808
monsternetwork01.ddns.net

# Reference: https://twitter.com/ScumBots/status/1268143488413118464

193.218.39.43:8686

# Reference: https://twitter.com/ScumBots/status/1268532368790491137

188.250.211.240:3715
diass.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1269007937349058560

193.161.193.99:21292
allan4053883-60334.portmap.io

# Reference: https://twitter.com/ScumBots/status/1269358998307983361

64.225.66.117:1331
64.225.66.117:1332
kr142.duckdns.org

# Reference: https://www.virustotal.com/gui/file/86636201a899e360ad6fae1b71304c625ed6395ddf99e6b09906617da53ee93b/detection

91.193.75.208:3000

# Reference: https://www.virustotal.com/gui/file/8228d1299256a23377e57d575160dbd58f9ac46598c5c90b321743e366f3d09a/detection

173.225.115.144:6606
173.225.115.144:7707
173.225.115.144:8808

# Reference: https://twitter.com/ScumBots/status/1269910131933921281

42.119.15.63:3189
kingspy1301.ddns.net

# Reference: https://www.virustotal.com/gui/file/d2d1030a5a122043c7a99b3f2c1b1d456be205033ed1327a0b4780f723a5e362/detection

42.117.191.69:8386

# Reference: https://twitter.com/ScumBots/status/1270064901101432840

100.64.15.50:5431

# Reference: https://app.any.run/tasks/5b5cba25-c74c-4c2c-80c5-c2f2c9156e6c/

128.74.42.86:6606
128.74.42.86:7707
128.74.42.86:8808
logan1h.ddns.net

# Reference: https://www.virustotal.com/gui/file/b8ff21e26e0da11d7146dd250b71206c698275e312bff612b38380e38385a4c7/detection

193.161.193.99:42300
193.161.193.99:6606
193.161.193.99:7707
193.161.193.99:8808
xaz19og-42300.portmap.io

# Reference: https://www.virustotal.com/gui/file/e235e749a792841f78e1fcc8ddfea4d9c31471aaaa3df6928a43a96a8235698e/detection

102.42.76.37:2001
al3bkri13456.ddns.net

# Reference: https://www.virustotal.com/gui/file/b891b61de4a7c50a50bffa4fb1394c696c25f80717ed57363f4e1a4a216973bb/detection

94.60.172.123:4500

# Reference: https://app.any.run/tasks/01c6c449-cfe1-4e4a-b34c-3536b67599af/

193.161.193.99:48736
WindowsDefenderNet-48736.portmap.io

# Reference: https://app.any.run/tasks/38f351cc-2e3e-4980-9a6d-4ceb645e4cbb/

195.2.93.77:8808
servesvpn.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1270744376042553345
# Reference: https://www.virustotal.com/gui/file/4e8ca2787e65b0edaa21180883b642d7b3b7f85140ab7fc03d09c30da124dc5b/detection

193.161.193.99:1337
193.161.193.99:52390
sdsd33-43977.portmap.host

# Reference: https://www.virustotal.com/gui/file/ae84c5af88241d3bb2e75160c53c6cdaee23555e0a83f0b9b5f218fe525c67b0/detection

82.205.2.127:6606
82.205.2.127:7707
82.205.2.127:8808
googlexfx.ddns.net

# Reference: https://twitter.com/ScumBots/status/1271484250349547521

109.247.81.119:23818

# Reference: https://twitter.com/ScumBots/status/1271514445739634689

105.108.81.5:333
b34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b1421de897b9903d393051f42730ac0fc7c19a3115f7b2fb019f2f7edd28e2af/detection

185.140.53.247:4723
sukasa.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/3af55f9bb1a968506ea79b9f24d4a61f99d07e652af05bc5c557f13c19343a03/detection

18.197.239.5:10611
18.197.239.5:25565

# Reference: https://www.virustotal.com/gui/file/3f240073edad176ed8dc359ec2420361d67368ed7859bece7b94180c9deba172/detection

18.197.239.5:11328

# Reference: https://twitter.com/ScumBots/status/1272224126346964993

89.182.127.205:9955
fifa2020-ps4.ddns.net

# Reference: https://www.virustotal.com/gui/file/6313e287489f083c691693a5582888ea7ab7e3d03c81612012dec332d27c66e2/detection

185.140.53.11:2079
185.140.53.11:6606
185.140.53.11:7707
185.140.53.11:8808
212.225.226.30:6606
212.225.226.30:7707
212.225.226.30:8808
bazilspain.dynu.net

# Reference: https://www.virustotal.com/gui/file/67cd0179d490d478ba231ee4719aa7e1427045de0067a24a0adc91f33fdcac3d/detection

212.225.226.30:2079

# Reference: https://www.virustotal.com/gui/file/621b16461f4c6844bb3438e8cc872ae6d81414bd2e60cc097e2af348697fd088/detection

39.108.140.215:60006
39.108.140.215:9999
2ee51a1ab0951a62.natapp.cc

# Reference: https://app.any.run/tasks/fa7cb330-07b2-4366-a9a1-03984fe05c1d/

84.38.134.21:6606
84.38.134.21:7707
84.38.134.21:8808

# Reference: https://twitter.com/ScumBots/status/1273960570220404739

193.161.193.99:62895

# Reference: https://twitter.com/ScumBots/status/1274107785345712132

45.74.26.57:5326

# Reference: https://twitter.com/ScumBots/status/1274213483081596929

43.251.103.150:8848

# Reference: https://twitter.com/ScumBots/status/1274349378992582657

193.218.118.190:6666

# Reference: https://twitter.com/ScumBots/status/1274432429110034432

45.138.157.147:1111

# Reference: https://www.virustotal.com/gui/file/f83df0f45665f9f5d7d1e888cf778bb4440850503e24821bb0d976e86a5e87e8/detection

77.30.137.105:6606
77.30.137.105:7707
77.30.137.105:8808

# Reference: https://www.virustotal.com/gui/file/7528e56efe65fa4b61c7f7156e8d178473051f88d1dc1174378867bdef381f05/detection

202.79.168.134:3399

# Reference: https://twitter.com/ScumBots/status/1274753289091874818

95.70.134.40:8565

# Reference: https://twitter.com/ScumBots/status/1275421447985430529

14.249.183.252:5555
1593572468.ddns.net

# Reference: https://twitter.com/ScumBots/status/1276036748053745669

8.210.144.63:6688

# Reference: https://twitter.com/ScumBots/status/1277490072456171520

117.3.216.38:3589
spy9999.ddns.net


# Reference: https://app.any.run/tasks/ca2adff9-796b-45c0-b901-6542eb02857f/

xSkewber-24412.portmap.host

# Reference: https://app.any.run/tasks/86f951e0-a325-4f4d-9d00-dcc9f1a58754/

steamguard1337.myddns.me

# Reference: https://twitter.com/ScumBots/status/1278645187594551296

67.211.213.207:8080
67.211.213.207:9090

# Reference: https://www.virustotal.com/gui/file/1f6ea95aa6e7d84c2db2f180e6964449d9fe0b8112b9661889b5b200120b5cb9/detection

213.152.161.239:9980
bien.airdns.org

# Reference: https://twitter.com/ScumBots/status/1278879232505110529
# Reference: https://www.virustotal.com/gui/file/ab5f8fc012927d2a8f6f9e45891da8111e1de9adddd57969540ce7a39697a5e3/detection

105.154.111.193:1596
105.154.111.193:2695
105.154.111.193:4562
dellpower.theworkpc.com

# Reference: https://twitter.com/ScumBots/status/1278301761690894337

45.61.136.48:6606
45.61.136.48:7707
45.61.136.48:8808

# Reference: https://twitter.com/ScumBots/status/1279766327733952512

154.209.74.134:3399

# Reference: https://www.virustotal.com/gui/file/dbb7d9edbc04874b351fe0277d7ec7ccb41023f17e87e18da28dc267b2878ebb/detection

114.129.198.91:6606
114.129.198.91:7707
114.129.198.91:8808

# Reference: https://www.virustotal.com/gui/file/afede1c861d5026ace0d1864ab10214cbbe9e46f2299f401ac2589f924fd4a28/detection

vksaodyd.kro.kr

# Reference: https://twitter.com/ScumBots/status/1281038456521740289

23.105.171.85:35247

# Reference: https://twitter.com/ScumBots/status/1281283822118723585
# Reference: https://www.virustotal.com/gui/file/6e8ae7b434f014a40003c7b24984bdb3751515c7ab4edd36af33b02881d9d82d/detection

186.233.178.201:6606
186.233.178.201:7707
186.233.178.201:8808
duckjigsaw.duckdns.org

# Reference: https://twitter.com/hexfati/status/1281490222618939392

julian.linkpc.net

# Reference: https://twitter.com/ScumBots/status/1281570951919013888

193.161.193.99:1437

# Reference: https://twitter.com/ScumBots/status/1281570862492274691

193.161.193.99:28472
Pomm2paingg-28472.portmap.host

# Reference: https://twitter.com/abuse_ch/status/1281641153524375553
# Reference: https://bazaar.abuse.ch/sample/3f28fd2c56f0bb9501f62fa64c71f6475d7cca2ee1908e097febdfc5516358ed/

194.5.98.8:8824

# Reference: https://www.virustotal.com/gui/file/b3a4d10421309deb064c7c31d143b704471d2dc60a6b15a14402d2d069daa3e8/detection

193.161.193.99:24207
portababy-24207.portmap.host

# Reference: https://www.virustotal.com/gui/file/cf302c3f21b10392c776e72d3b13e5065b1b6f503a3b63ffb343d13c1d83a6dd/detection

84.210.40.80:5552
krypticon9332.duckdns.org

# Reference: https://app.any.run/tasks/eec7d68b-fa8f-4654-9544-2b59b27dc6be/

206.123.129.103:5456

# Reference: https://twitter.com/ScumBots/status/1283031589962878980

193.161.193.99:38891
193.161.193.99:4443

# Reference: https://www.virustotal.com/gui/file/2de91b424589709529fb7f6dd861ee8fe089e2ac0927971d2242362e09c29502/detection

176.205.153.139:9476

# Reference: https://www.virustotal.com/gui/file/ba42409b340eba51a84a63ef57b8944d952ca927a4889948e069f8fc2352b727/detection

118.68.139.26:3189

# Reference: https://twitter.com/ScumBots/status/1283424178268405760

185.140.53.68:1515
mavennezeliora.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284137629882159104

174.0.47.124:8574
lowkeyjust.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284303722840035330

193.161.193.99:4040
193.161.193.99:41801
Crowlinqs-41801.portmap.io

# Reference: https://www.virustotal.com/gui/file/9fae837fb9b2e3389ac912a88518a953bfd2e78b39daf89191187ae9b520dea8/detection

110.141.6.190:6606
110.141.6.190:7707
110.141.6.190:8808
110.141.6.190:3389
server1738.ddns.net

# Reference: https://www.virustotal.com/gui/file/8b003d7f7d72eba439d095c2321003840b05e80099fabdd29fce757db0f57043/detection

185.140.53.76:1604
blanco.linkpc.net

# Reference: https://www.virustotal.com/gui/file/0948d7d120fa3bfd8eb53b747e9ea08c6703f231663671441edec451b6d72586/detection

27.70.237.210:6606
27.70.237.210:7707
27.70.237.210:8808
27.70.237.210:8888
nohop1998.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdc7c7b4a95ee6a1df9b61e24097e0e0d9b5fb967e0430ddfc092aeeaadc1f3c/detection

193.161.193.99:29353
vuadaubepz15-29353.portmap.host

# Reference: https://www.virustotal.com/gui/file/cb2eaf3e9c009c32591913cd555aa2c51eff9bb7ab0a656bd059d5ddadab82ee/detection

118.217.154.223:6606
118.217.154.223:7707
118.217.154.223:8808
mact194.kro.kr

# Reference: https://twitter.com/ScumBots/status/1284798238680387585

161.35.56.21:7001

# Reference: https://twitter.com/ScumBots/status/1284892597912313857

206.189.76.209:5252

# Reference: https://twitter.com/ScumBots/status/1284896544760762368

24.254.43.171:6606
24.254.43.171:7707
24.254.43.171:8808

# Reference: https://twitter.com/ScumBots/status/1285047538941394944

14.5.119.153:6606
14.5.119.153:7707
14.5.119.153:8808

# Reference: https://www.virustotal.com/gui/file/955bd3f4c3f39ae1e20ef7bb1b83adf6dd4ac55110cffc79a5843e7c06641a6b/detection

156.206.124.24:1025
erksene.dynu.net

# Reference: https://www.virustotal.com/gui/file/b724abcdfe906318472e2c9dcc1e8bd211b10e881c689a600782d0462916701d/detection

216.170.126.139:4660

# Reference: https://www.virustotal.com/gui/file/2622f9874b537293700a77646a386b3c708e257f00e218cd72baf10aed32456a/detection

193.161.193.99:5556
anonissou.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0634bf7e0d376d34450c4752cdd0945aba11ba2b316e64d3bc9d57c6980f189/detection

220.122.40.142:8080
criticalvip.kro.kr

# Reference: https://www.virustotal.com/gui/file/bfdfe76cd0b61105c6bbea1952de0380012c3decbfc51ad263e00564cdea1983/detection

182.221.160.164:8080
zcx.kro.kr

# Reference: https://www.virustotal.com/gui/file/e14d03068fdc83cd2a6b16bf40553f78d39e0a6478af3f329e69f6cca0df919b/detection

185.222.57.150:3450

# Reference: https://www.virustotal.com/gui/file/b724d53c26514502a8dc138a9a9b5c48b2f699e43a29060ff68bdfd857ce3caf/detection

121.137.39.53:8080

# Reference: https://www.virustotal.com/gui/file/99e489abde6b13f45c6cfababe1b9e46cf8692b12134b015096a323402c71259/detection

121.137.39.53:6606
121.137.39.53:7707
121.137.39.53:8808

# Reference: https://www.virustotal.com/gui/file/7b5dd184f138daf820509d1240dc7b00938d555ba1e9eebe5000d0e8ff2d3889/detection

121.137.39.53:5050

# Reference: https://www.virustotal.com/gui/file/2e04efdd2de2a1be9a27be389987fed425a3ee6826f69180db9093c5383e4833/detection

209.200.39.2:4040
209.200.39.2:7070
209.200.39.2:8080

# Reference: https://www.virustotal.com/gui/file/34b6843018283be543557947fea752642b68d5e72c412a0ab3bdd28ea1c498f9/detection

193.161.193.99:45680
youcefmadskull-45680.portmap.host

# Reference: https://www.virustotal.com/gui/file/3377c9208f9f7427e2d5134f7009a5427637432c49797fbd7d83925a5ea954cd/detection

193.161.193.99:1236
193.161.193.99:61574
hackthisishack-61574.portmap.host

# Reference: https://www.virustotal.com/gui/file/0427b7e094b0ced7de6ecc37aa5d5ff6de9b13785b068e8480bf62ed2fdac0e3/detection

95.120.211.220:4665
holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/4abdc1b37c11f32707551f7a3479462a68c043e08a84f93b36ad308bfc8e4624/detection

54.95.64.241:1521

# Reference: https://app.any.run/tasks/5092ca08-de2c-4fea-a24c-98a224b251e7/

185.140.53.11:9845

# Reference: https://app.any.run/tasks/7e29c9db-d891-425e-a793-badabc8fe75c/

79.134.225.83:4783
superkicka.org

# Reference: https://www.virustotal.com/gui/file/2faf5255c368288325aac011cd2066c6942ea0b755718490363fdb6606dec40f/detection

188.151.38.115:1717
schost.duckdns.org

# Reference: https://app.any.run/tasks/01eae1cf-71f1-4732-86d6-321117b8382c/

64.20.43.83:3123
advisorgoetia-dns.xyz

# Reference: https://twitter.com/JAMESWT_MHT/status/1288860715143573505
# Reference: https://bazaar.abuse.ch/sample/54d46ffbefae7f6025765c0c274f7f87714e5467da8926967efb01025693bb8e/

177.255.91.168:49737
177.255.91.168:8057
gfsgvbxcv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/30232515c14a00a60978fc801bff8ec6db9c540f88cf6ec8851512e892917719/detection

84.210.40.80:5555

# Reference: https://www.virustotal.com/gui/file/cda5b8bf4e397c606b20ebf098253dc1456f28cc3aeec5ec7a1332afb33bc5b4/detection

185.122.168.250:6606
185.122.168.250:7707
185.122.168.250:8808

# Reference: https://www.virustotal.com/gui/file/97bf01ea73fc39e6dc829aa7a0c45762526c86b7d348ec19f6e3b2897775a6e9/detection

holocms.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5d6500005736439ccf00e8136c00a351bd7c69fb33fb9485a1be9908187a66da/detection

holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/c1877080b35ea82105c4a242cc49c832cc2f7207e672712cc8d364d2b005cf81/detection

193.161.193.99:34540

# Reference: https://www.virustotal.com/gui/file/b174722176293ad63a56287567655d408293addcbd6e248fbd058816667d3cde/detection

176.168.187.199:6606
176.168.187.199:7707
176.168.187.199:8808
lolo0909.ddns.net

# Reference: https://www.virustotal.com/gui/file/d7ec327d2a382d2035818a0376fd27bf68dab2d89a7f4e04b04babaef977b16a/detection

120.78.86.213:5917
120.78.86.213:5925
120.78.86.213:5936
120.78.86.213:5944
120.78.86.213:5951

# Reference: https://www.virustotal.com/gui/file/8ca05cad682799f231e0a0fb670a2a04fb6f361f801c884f62a607b26ccc25f4/detection

192.227.158.120:4770

# Reference: https://www.virustotal.com/gui/file/2485169398a574f4b8c68b612c29715f43ecd5a00d61a42def399034ed389517/detection

193.161.193.99:39075
zufair.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/d7ec3ec2ac8cb6d1f2898f2d7eb02850e34fc088f71e3ef82e966d10dbfc203b/detection

pensive-pond-55232.pktriot.net

# Reference: https://www.virustotal.com/gui/file/bb1223e5556adf3f9cb6976fefe3c51af74baacb5c159fe34a03e49ffd43aa39/detection

161.97.82.232:4141

# Reference: https://twitter.com/ScumBots/status/1291947998524706816
# Reference: https://www.virustotal.com/gui/file/3a81c9e1bfe70ae9506eef64194e9b6b8a49a7c2f64fa427ed31d0a9444a785e/detection

121.214.208.2:1111
121.214.208.2:2222
121.214.208.2:30
121.214.208.2:6606
121.214.208.2:7707
121.214.208.2:8808
sirenhead.ddns.net

# Reference: https://www.virustotal.com/gui/file/4df01904a9abf7085fc4aafc372c7614cb7077c7350446188ceafc98001fb5b1/detection
# Reference: https://www.virustotal.com/gui/file/90e9abb1b28a06edc6ae7a174b6468cfdfc91dcc29cd27be8fcd10d3c746f26e/detection
# Reference: https://www.virustotal.com/gui/file/a71149ae63fc78968c81e659eb4dba652ffd3ea8d2a1c58bb631b7fbbaae8e43/detection
# Reference: https://www.virustotal.com/gui/file/4e022a47ae07545c1a28418a9beb0f6d360144ec8087bc0bd2ac0f086bea9ddd/detection
# Reference: https://www.virustotal.com/gui/file/71922e073726160d1bec9230d8b87eace72792499ddf4c731047a446b6876ee6/detection

185.140.53.54:4923
185.165.153.186:4923
77.74.194.214:4923
79.134.225.96:4923
79.134.225.103:4923
91.193.75.69:4923
bambooo.dynu.net

# Reference: https://www.virustotal.com/gui/file/f4cecaa360ee6ab479cbf9b99c15b45ba7e9f548b7e368063a0c9f686fbc2630/detection

212.251.116.161:1604
212.251.116.161:6606
212.251.116.161:7707
212.251.116.161:8808
62.1.59.224:1604
62.1.59.224:6606
62.1.59.224:7707
62.1.59.224:8808

# Reference: https://www.virustotal.com/gui/file/889e35bc6ff36524dd0df82fbcf8a8015fd3c95d94b00c0875e9bb239eb12e28/detection

91.193.75.146:4780

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
Zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/43f97c03faf5199c8ebc7c49c076e45ed95fdf3edc26b4859fdbd705be21dd1e/detection

172.94.42.34:1043
dnsnuev009.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8f40ea9560e30c37b6ab4a3d6501b7cbf3898c20d1ecc31e2b7fe360449c0b33/detection

8.210.158.0:6606
8.210.158.0:7707
8.210.158.0:8808

# Reference: https://www.virustotal.com/gui/file/1dfb088dd661a1ab2025603696ced23a04e00c837590ad881a49a24768e09de4/detection

172.94.28.17:2021
tusnalguitas.duckdns.org

# Reference: https://www.virustotal.com/gui/file/28dc802c58e106829fa716e2b4b0a1834967709075076bdbf0aec64f5e124f62/detection

172.94.42.34:5623
nikiko.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3183e83479da8d8ef421e91538fb85085229673f4bd2f13d3de7c8be2fc96c1e/detection

5.152.206.196:6600

# Reference: https://www.virustotal.com/gui/file/ad8b72167b5dd6b0bcba0a0685ec2addf744bc6da79c70476dd7d138cec764a4/detection

34.73.5.116:4444

# Reference: https://www.virustotal.com/gui/file/565054fa53c89061f7a81e18737a2140457316a526b616349e1ae614db363814/detection

109.247.81.119:20000

# Reference: https://www.virustotal.com/gui/file/d78ddc2b6e359f4d23f06437a5ff498c5afde61d925889129a8da056817bef70/detection

177.98.227.24:6606
177.98.227.24:7707
177.98.227.24:8808

# Reference: https://www.virustotal.com/gui/file/8e3c7cd8bb4826e4919aa56481167a1fcf9cb2d0e2c4a9c74ec155523f5d180c/detection
# Reference: https://www.virustotal.com/gui/file/9660ae0cf1fe3b7745287ab05d242247334cbf51ba64b900998fb5073bedf890/detection
# Reference: https://www.virustotal.com/gui/file/75feac230513a5d543e2f9559068259554200ed7440c44749e7678feb19b470c/detection
# Reference: https://www.virustotal.com/gui/file/6c24f8caa4f1f21a9dd8b714066bdfa5e2d8c84ab068d50672ef12b048c4518c/detection
# Reference: https://www.virustotal.com/gui/file/02b62fd53cf9ed3c98a70aa7c4ead2b9c8851079517747d8e106873654098651/detection
# Reference: https://www.virustotal.com/gui/file/cf234f8fcdab2a576d303c8b0821b7754ec13e1319be9d24d335b351f774b1f3/detection

179.178.236.31:2080
179.183.119.159:2080
179.183.119.159:6606
179.183.119.159:7707
179.183.119.159:8808
187.114.175.149:2080
187.114.178.10:2080
187.114.178.10:6606
187.114.178.10:7707
187.114.178.10:8808
191.250.65.147:2080
191.250.65.147:6606
191.250.65.147:7707
191.250.65.147:8808
191.33.110.91:6606
191.33.110.91:7707
191.33.110.91:8808

# Reference: https://www.virustotal.com/gui/file/2154f0eae29106cd24148ff7a4486eb7467c0d590f7979c6ffb517f4d99d4c37/detection

211.108.200.7:4872
211.108.200.7:4873
0743.hopto.org

# Reference: https://www.virustotal.com/gui/file/557ea13e8175753fff89bdfb1ede7e27779f6a55b5ba69ff2ecd7d6e9255ab8a/detection

177.255.91.168:8057
fsdgfd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bdd504540ae6cbfcef701abb424def21007a55d3df5ce5bd03034c4cc66464d6/detection

78.63.71.91:6606
78.63.71.91:7707
78.63.71.91:8808
youtude.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8c3c2b6c66710984751b0ec262a618829be47e3c926c3c0c706365d5d0aacd5/detection

103.207.39.83:1024

# Reference: https://www.virustotal.com/gui/file/a93b12c36e78db3c5e27c9a35a23d7f87a3d788adf60f811485890a33c726c7c/detection

90.46.146.196:5552
shadowstest.ddns.net

# Reference: https://www.virustotal.com/gui/file/d0ba64c92f0512db66ff99cc87ffced9bebeb3bf15470865c81858f02e3302a6/detection

193.161.193.99:24255
193.161.193.99:42219
iskyze-24255.portmap.host

# Reference: https://www.virustotal.com/gui/file/74d10507f05b48357e55b0349a24144874a509980c1e0aabf43f781fdac10fff/detection

asdxcvxdfgdnbvrwe.ru
marcristosc.ac.ug
194.5.98.95:6970

# Reference: https://www.virustotal.com/gui/file/d288f6645d0f90ddff285c41b2512a1496a8b5b7c34df8bcecda8070314939b6/detection

51.178.240.250:6606
51.178.240.250:7707
51.178.240.250:8808

# Reference: https://www.virustotal.com/gui/file/459fe6ce78839307fd87c192fca2545ed25e89fe63f602356022fd32c8db8aba/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808

# Reference: https://www.virustotal.com/gui/file/65232e1c7aedfd29788abfdf468587c2858822e65cb2fb15169b4261e4be1ed1/detection

123.110.29.249:1604
andy1688.ddns.net

# Reference: https://www.virustotal.com/gui/file/305aacda61fb9f14aa1bb5124841ac25b7f23ff254a886a56a3d40bdf5a1a5e4/detection

107.172.221.181:333
107.172.221.181:6606
107.172.221.181:7707
107.172.221.181:8808

# Reference: https://www.virustotal.com/gui/file/310a6b915908dbc78e3d9dd56d06bf0fb3fd11e1c4db826a18611f5e80f9bed3/detection

82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808

# Reference: https://www.virustotal.com/gui/file/304663149c45d54a23e0cf65b9775538009a76db474912fff395bedd3e789a01/detection

193.161.193.99:48637
boneless-48637.portmap.host

# Reference: https://www.virustotal.com/gui/file/90aaeb0077277b5e45a7cdcbe365ead4781b5a0a5fd755f99ed8a2ec79e5e58c/detection

193.161.193.99:58562
newcosmo-58562.portmap.host

# Reference: https://www.virustotal.com/gui/file/de3db6f0d0d8dd22a21731e739dbbacf86b2bc8bc21ea2a0ade9a16581a1ac14/detection

193.161.193.99:31239
ioplololo-31239.portmap.host

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/9a95c0829cd7766087de65e50b32a3689a91e3ad05a7cc94365ef94d4f685cde/detection

193.161.193.99:37930
pritom-37930.portmap.host

# Reference: https://www.virustotal.com/gui/file/441a169e51070282b35537e90edab11e0064e3a0e6c4eab8759773d79cf00ae1/detection

193.161.193.99:2510
193.161.193.99:25360
vasco-25360.portmap.host

# Reference: https://www.virustotal.com/gui/file/5c05897f869e9c72390065f8bbeaab7b7fb3f9089f56a68eb7b358a5d12cf968/detection

193.161.193.99:25987
prem131bn-25987.portmap.host

# Reference: https://www.virustotal.com/gui/file/4415b9d3c5fc2ceaa6f935864c1d9a573447802f30ec30efd212a8be4fd2a82d/detection

193.161.193.99:54729
ismailbourji-54729.portmap.host

# Reference: https://www.virustotal.com/gui/file/b5a85b868ec6932c4577c11ce91e0bfce9ea5ae81b788133fefc640015c3b0bc/detection

193.161.193.99:20760
f2had-20760.portmap.host

# Reference: https://www.virustotal.com/gui/file/c381f88012efb8742927995e6f91525c4a1f9b4f3b3a4f25d431e8269842836b/detection

193.161.193.99:25125
hmz04-25125.portmap.host

# Reference: https://www.virustotal.com/gui/file/ab10554a3e0ce5270d2c02e884a097e271dae6cbe2e51a70703da7d4e89919bb/detection

193.161.193.99:36161
prodharani-36161.portmap.host

# Reference: https://www.virustotal.com/gui/file/af37a83779f91b64f3b03bf0daa2d79bd531a3968141e0dcc2bcee677f4b701e/detection

193.161.193.99:58345
keyman-58345.portmap.host

# Reference: https://www.virustotal.com/gui/file/1ee13968473a9b9733efdca8caf07f22d39730a2b2ebf9c2c8d467e6f385d826/detection

193.161.193.99:37695
anonjayy-37695.portmap.host

# Reference: https://www.virustotal.com/gui/file/8b4592b2bb2a904be55ab95ff2cb69808b15d819498cccb6ec05b2f5b7b3d63f/detection

193.161.193.99:37692
madman-37692.portmap.host

# Reference: https://www.virustotal.com/gui/file/e9db2ade37b84b00334f829395b6af092dda2ae1f559cfbdb772ec15c7a54d94/detection

42.119.90.242:3189
kubeodz92.ddns.net

# Reference: https://www.virustotal.com/gui/file/a5d78beef4d80eb7def57f7fd7647d09ec76a16eeedb2a5a3fc6f445526c8f4a/detection

193.161.193.99:20050
pawianek2-20050.portmap.host

# Reference: https://www.virustotal.com/gui/file/e28f8760f889ff458aec8aedd2139e44735cb9468d34d175aec42643b90291b5/detection

46.60.22.192:6606
46.60.22.192:7707
46.60.22.192:8808
82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808
googledrive.myftp.org

# Reference: https://www.virustotal.com/gui/file/08b15d045255c81dcb3e29b70ffcd1a8d614bf99549f079085bfbc54a994d109/detection

42.119.90.242:3189
kubeodz2019.ddns.net

# Reference: https://www.virustotal.com/gui/file/5f8ff6fd7b8bbcb8efd6e69b2300be59a059061ed3bd2a2fd63ab6e98cd7cd2c/detection

192.169.69.25:1044
192.169.69.25:20485
193.161.193.99:20485
franktembo-20485.portmap.io
samarakandi.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f198e0cfa503100d64d15ed39b2516587582587f42afea74ace075b28f663fb4/detection

193.56.29.251:6606
193.56.29.251:7707
193.56.29.251:8808
bogdanxx90900.servemp3.com

# Reference: https://www.virustotal.com/gui/file/33d1d991a9bda6bdec91b6be82e7ddc684a8f7400ac8402917ffefa0a5dfd631/detection

121.214.208.2:3000

# Reference: https://www.virustotal.com/gui/file/fc9ee822f9872fd4ca4531d5a91e29adfdc3a4a9e2e8f6e668305fe3bfa9fada/detection

193.161.193.99:41892
oksosokak-41892.portmap.io

# Reference: https://www.virustotal.com/gui/file/e021d822f3a44473cd7d12518402469b38d200a27065c7aa757d13a15ae607ee/detection

197.206.218.240:5555
clayroot2016.linkpc.net

# Reference: https://www.virustotal.com/gui/file/54d53186682c7277d99c86cea69d45960d2867041477a0d9edae6f08c8e8b52d/detection

186.52.202.235:3040
cortanahost.ddns.net

# Reference: https://www.virustotal.com/gui/file/910c9c2a61c8748fe9bd3417eeb284535db3bbc30c6405f102002ecef3d6304b/detection

81.61.77.92:6606
81.61.77.92:7707
81.61.77.92:8808
campestre.hopto.org

# Reference: https://www.virustotal.com/gui/file/4f41374a921e33b06bb11f64e72bc02c2f928704ebea63682ec66b85b1349f44/detection

175.37.36.152:6606
175.37.36.152:7707
175.37.36.152:8808
kakejake.ddns.net

# Reference: https://www.virustotal.com/gui/file/15753a223aa59f5e2265569080d31e8351d546e6b7316c6660757a39bda94887/detection

121.137.39.232:5050

# Reference: https://www.virustotal.com/gui/file/fa2cbc10aa98e5cfe362065b2c19556c67dc8b7d48871008404f4778e8537f3a/detection

34.66.124.165:5555

# Reference: https://www.virustotal.com/gui/file/851d536bdf21ad02eab1ed632b7ef36fc5734e628c421c9f7c8dcb05d30f4d32/detection

198.251.64.252:6606
198.251.64.252:7707
198.251.64.252:8808

# Reference: https://www.virustotal.com/gui/file/b69e8a276d2c444b502238383ae3611714822c8605f074ef5a0a9a99c69b49a8/detection

79.173.65.159:19638
79.173.65.159:6606
79.173.65.159:7707
79.173.65.159:8808
rootaccountadmin.ddns.net

# Reference: https://www.virustotal.com/gui/file/1c02bb46103de9bf189deaf1b8915afa62186f1b0e1b90742b70b58e44962bf9/detection

178.33.93.88:19678

# Reference: https://www.virustotal.com/gui/file/20ef74b6ca8718706ca786c9cd8c9de916df7daf77c81f436ab23b6c50db0487/detection

49.175.99.35:1234
leepipi.kro.kr

# Reference: https://www.virustotal.com/gui/file/c811c161d9d0be1c09173a50af290a718729fd9509b63ff953ad4b07e2501657/detection
# Reference: https://www.virustotal.com/gui/file/f48d69fb64fe7ae544769ce22a0500e07ac2f945b12bc717b78ca77a7b5a6924/detection

91.168.196.175:6606
91.168.196.175:7707
91.168.196.175:8808
likatn.zapto.org

# Reference: https://www.virustotal.com/gui/file/ca17a69a46caf3e05a1cd8bf2f1d6679b55aa6ecf46ee63bf323ee892f88f80e/detection

105.107.4.125:6606
105.107.4.125:7707
105.107.4.125:8808

# Reference: https://www.virustotal.com/gui/file/c7cb970a67b5c370741e139dda48d47433477ab400e51a62a99b7a379a6c0dbc/detection

138.197.189.80:6606
138.197.189.80:7707
138.197.189.80:8808
blackid-35823.portmap.host

# Reference: https://app.any.run/tasks/b31c0049-b5de-40a8-9069-8c14e27b738f/

193.161.193.99:32260
Kupcia-53901.portmap.io

# Reference: https://www.virustotal.com/gui/file/81e96984130042d0ee70ae09a7bc9375974d513938e80877720d251330e4b37e/detection

39.122.189.147:1
fsft.p-e.kr

# Reference: https://www.virustotal.com/gui/file/1f48d54ad69726c01a7ae1e7ceff7ae6093005be1e100a75968476d72d75cf06/detection

101.179.85.220:1111
101.179.85.220:6606
101.179.85.220:7707
101.179.85.220:8808

# Reference: https://www.virustotal.com/gui/file/dcaf6810871062a1a5a292c8e46667a8b7de908d292513ef1c443929ce8897c5/detection

18.157.68.73:15558
18.157.68.73:16155
18.157.68.73:4444
18.192.93.86:15558
18.192.93.86:16155
18.192.93.86:4444

# Reference: https://www.virustotal.com/gui/file/bbae735df39c1301901ca97c6993f2b6fd7233a0360761eab8b65f2556df4517/detection

145.239.201.157:8443

# Reference: https://www.virustotal.com/gui/file/ee5dbfca30be494b6ad8ac1c18255b6054339de4aba768180a1f32e9921a30ce/detection

193.239.147.16:6606
193.239.147.16:7707
193.239.147.16:8808

# Reference: https://www.virustotal.com/gui/file/ff081035cd38c28b8093f8f0887450407e27a89ee1ff254dd627849bd6334fb5/detection

193.161.193.99:53485
hack567832-53485.portmap.io

# Reference: https://www.virustotal.com/gui/file/126a37d9189d9ef7872b74fb13f562bc8601622b6455e01fefd646b463966fa6/detection

193.161.193.99:39400
kepada9494-39400.portmap.io

# Reference: https://www.virustotal.com/gui/file/32e6114d2ce3e3c8f778769261cb06eb874b5f38271436d88053c41930f1ce47/detection

202.182.121.93:5050
kny777.kro.kr

# Reference: https://www.virustotal.com/gui/file/49510b87db400c9570b85eba6271642d0a157d0c8cd5457171a6564aa73e7795/detection

avantgrajgrup.com.tr
/ilksan_sorgu.php?tck=

# Reference: https://www.virustotal.com/gui/file/7c3eeba909d90095b3ac593ccc111251212ebe3304d5f9725325d81b2e6acd14/detection

13.82.134.169:48166
13.82.134.169:5555
13.82.134.169:6606
13.82.134.169:7707
13.82.134.169:8808
ROCK19870-48166.portmap.io

# Reference: https://www.virustotal.com/gui/file/292a0b69dfc9ff8aa030fdbe13e0bc047606177ea3250c597e06dfeec1c92304/detection

194.5.98.100:1337
blackhair.ddnsfree.com

# Reference: https://twitter.com/ScumBots/status/1315367256235311105
# Reference: https://www.virustotal.com/gui/file/b07c2fbb1e0470cdbffd9c1147de5cf1763edcc4c5a918ddc63ad49d1ecbc563/detection

45.95.168.116:1333
45.95.168.116:1334
45.95.168.116:1335
45.95.168.116:1337
45.95.168.116:1338
45.95.168.116:1339

# Reference: https://www.virustotal.com/gui/file/a3074419485db4ee08451afe2693184a89c031b3237e0a51b7627eb33eddc342/detection

222.114.199.209:5050
pyeonno.kro.kr

# Reference: https://app.any.run/tasks/5bc8c7e8-e45e-4fff-9fc6-7a380e82e03f/

193.161.193.99:54987
papachullan-54987.portmap.host

# Reference: https://www.virustotal.com/gui/file/7e3e36dfb02909a470035b63d7db577f62431689e631fc7e1f21198745ce339d/detection

185.165.153.140:6606
185.165.153.140:7707
185.165.153.140:8808

# Reference: https://www.virustotal.com/gui/file/39eb27e6d13e6a373bb1da0becb487e808ff2d3849d481eb0bd4aa3b6d398cc1/detection

79.145.12.52:1335
79.145.12.52:6606
79.145.12.52:7707
79.145.12.52:8808

# Reference: https://www.virustotal.com/gui/file/913033893ab065b61e551399c91cdd877c134dc7dadacacbc87c3dfd798653a1/detection

91.109.176.2:6606
91.109.176.2:7707
91.109.176.2:8808
mika201.duckdns.org

# Reference: https://app.any.run/tasks/407ac320-c34a-4b59-966e-1f8403fe92e5/

193.161.193.99:28793
saudis-28793.portmap.host

# Reference: https://www.virustotal.com/gui/file/708ba499db884070420f378523658870927c31654d03d24cdac303b5d60b0ac4/detection

2.56.62.44:4444
2.56.62.44:6821
2.56.62.44:6606
2.56.62.44:7707
2.56.62.44:8808
fuckmyass.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0cd8a5e9deb573fb2fda25cca06453abcd0a42ee7b0de44420973aeff3e0fcbc/detection

185.161.209.16:6606
185.161.209.16:7707
185.161.209.16:8808
bitcoins.giize.com

# Reference: https://app.any.run/tasks/ddf3cca3-adcc-4110-976a-b724a6aab722/

ectoraid.ddns.net

# Reference: https://www.virustotal.com/gui/file/fcdc5a453e07582d39d35234b39a67bbf958832ac88f0a82d413961482bdbcc0/detection

175.203.53.37:5050
nsr0209.kro.kr

# Reference: https://app.any.run/tasks/107f53fe-e988-40c3-9659-bb47c7283615/

193.161.193.99:60167
elechine-60167.portmap.host

# Reference: https://www.virustotal.com/gui/file/5979eee66faff5910c181a7b1af0111d68a0feda3dd974306f8e5c5624af7cdf/detection

51.75.169.41:6606
51.75.169.41:7707
51.75.169.41:8808

# Reference: https://app.any.run/tasks/7468050a-b7fe-4748-b667-6933722a010a/

193.161.193.99:33504
Scambaiter123ASAS-33504.portmap.host

# Reference: https://www.virustotal.com/gui/file/a95000dca55523f7c8a1293563a03693f973fc12f91618deb86ec5aeee353728/detection

151.240.194.206:7777
nethalpop.sytes.net

# Reference: https://www.virustotal.com/gui/file/9b9f13a8e3663e2b05e3af0b00abec4bc662b823a7fde9447164b9031bc59fe7/detection

52.156.134.11:4892
jah0seh.duckdns.org

# Reference: https://gist.github.com/silence-is-best/0aa844b003c62c6ce491e91e168ac662
# Reference: https://www.virustotal.com/gui/file/49f9c9e79441d891f84d5a457fed44897f95f8f691b387fcab2e63ec9a505667/detection

194.5.97.76:2121

# Reference: https://www.virustotal.com/gui/file/0c323c02db0a52d9a1764a74e3cb5a7bcc8e7b9839160179a772de3a6bc8cf26/detection

pounds1990.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ff734df4d09afad52e931fce898a5497b78081fbca44f091e55a3da4b47c1350/detection

185.140.53.141:2256
freshg.ddns.net

# Reference: https://www.virustotal.com/gui/file/0840d78515e4bdaa61b7d285b710361e19d10c31e34a0cfc58e5fae89e118bbb/detection

193.161.193.99:4332
193.161.193.99:57654

# Reference: https://www.virustotal.com/gui/file/4124fa166c07644eb29d7b813889a90795f9f1448f7cae2040a1375006748617/detection

91.109.180.6:6606
91.109.180.6:7707
91.109.180.6:8808

# Reference: https://www.virustotal.com/gui/file/3ba05ff4ea1e849ad3ce6780aadb44af45e48442f058510fcc096e115c853d80/detection

91.109.188.7:6606
91.109.188.7:7707
91.109.188.7:8808
mika202.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9cca37bc8df3f2d7d439db0ffb0ed8d4a1c2f88c5c43754bc78b674009b35b05/detection

109.202.107.147:7113

# Reference: https://www.virustotal.com/gui/file/e1a9c9a66a236487973368591a6735b9e14dd6a8c7be77106f63ec5835cebd2c/detection

203.115.24.234:8282

# Reference: https://app.any.run/tasks/0a2ba392-8c95-48d9-b4e6-b192643675c9/

193.161.193.99:26660
carminebongo-26660.portmap.host

# Reference: https://www.virustotal.com/gui/file/6e5fdf8624b69aa1cbda80d760e5a77143aafcf2b54617485023d2c520e7c431/detection

103.207.39.131:6606
103.207.39.131:7707
103.207.39.131:8808

# Reference: https://www.virustotal.com/gui/file/4467e78c9356062cd52d9d9da5dee3329558749d764ef8c72c14977ae65d139e/detection

82.65.39.148:6606
82.65.39.148:7707
82.65.39.148:8808

# Reference: https://app.any.run/tasks/c5ef1463-1168-4ef0-8536-d42d953c919e/

85.224.37.213:6606
85.224.37.213:7707
85.224.37.213:8808

# Reference: https://www.virustotal.com/gui/file/971226ecd2869473e61804629f46507232584393f74bf7f8cc11c6592e916ffc/detection

128.134.139.235:5050

# Reference: https://www.virustotal.com/gui/file/5052cc68d40a843a8500983cc7e8c84601e5221149f88f1aa135f328e9e1a9b7/detection

93.190.51.64:1234

# Reference: https://twitter.com/wwp96/status/1328325861456699394
# Reference: https://app.any.run/tasks/85c6b9fa-195f-43c2-b480-8dea0a699fb7/
# Reference: https://app.any.run/tasks/d6fa28e7-0425-49c1-a12f-0185af0ed4ab/

185.239.242.76:6606
185.239.242.76:7707
185.239.242.76:8808
5.230.22.165:6606
5.230.22.165:7707
5.230.22.165:8808

# Reference: https://www.virustotal.com/gui/file/815e7085a1cf084e05f86a972b0d91b4e5555577f8d47528d79d85dcbb45bc4a/detection

79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808

# Reference: https://www.virustotal.com/gui/file/17433a45b35d1eab013795ac90856a2349ed97974c05653030279c52a367774d/detection

137.135.73.55:18
137.135.73.55:6606
137.135.73.55:7707
137.135.73.55:8808
cemnasq.duckdns.org

# Reference: https://app.any.run/tasks/e7870287-b274-4f3b-9246-e7104d7f9cc3/

45.144.30.41:6606
45.144.30.41:7707
45.144.30.41:8808

# Reference: https://www.virustotal.com/gui/file/f3fcbb0fedb1e3b732185aebbf845ca185c950ca3635026d8a754312220577c9/detection

212.239.144.144:1177
212.239.144.144:6606
212.239.144.144:7707
212.239.144.144:8808
liligharba5.ddns.net

# Reference: https://www.virustotal.com/gui/file/1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831/detection

78.161.81.149:1604
78.161.81.149:222
78.161.81.149:6606
78.161.81.149:7707
78.161.81.149:8808
ipmdegismismalcry.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d0f7a30d75237013c95ab544faf873ba165f252321c49e2ccc5e5b43126a4c3d/detection

84.117.241.36:1604
84.117.241.36:6606
84.117.241.36:7707
84.117.241.36:8808
sexpulapistol.ddns.net

# Reference: https://www.virustotal.com/gui/file/c6565e82f8873c8064caf5e73f1fe276b103c131e6df769dfd5bce2da760dca0/detection

91.105.195.23:5679

# Reference: https://www.virustotal.com/gui/file/7017de5d73a4f3bb86c343d87148c3af0087191fd401632b2643368ad38d0929/detection

90.37.128.28:1111
90.37.128.28:6606
90.37.128.28:7707
90.37.128.28:8808
osinte555555.gotdns.ch

# Reference: https://www.virustotal.com/gui/file/cf69b63b9cb0ecae224f272bbf7d02fefa14e31ea1e2dab90d2f7fad8b742edb/detection

45.153.243.96:8888

# Reference: https://app.any.run/tasks/57ef4913-3bdd-47c9-bbca-1d16df9b9c1f/

193.161.193.99:24383
nullbytes.duckdns.org

# Reference: https://www.virustotal.com/gui/file/32ac22ae67128eee2d9771d0d579ca2fd222dc5937480391df2b1f50af84bd1e/detection

23.95.13.157:5356

# Reference: https://www.virustotal.com/gui/file/99c1bb646297307dad07a81cc77cd283f6eb854ab9b33a322725add022528bec/detection

185.20.185.96:9091
giness.giize.com

# Reference: https://www.virustotal.com/gui/file/a8e0a5a7a055e7d431c3e28f77d81c9d7a4a6f3449382c7a88ae52a52091cdd7/detection

185.20.185.96:6606
185.20.185.96:7707
185.20.185.96:8808
genlast.giize.com

# Reference: https://www.virustotal.com/gui/file/67d0d003a313f542a40efad51c91a6b81f13a9d7da5059edc39c9d7ad5b1c166/detection

105.108.31.15:2020
frefiredll.servehttp.com

# Reference: https://app.any.run/tasks/8be5fee5-16e7-46d2-8b79-186227574f25/

201.219.204.73:1881
dfdfcdc1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ee3e0599c68bd9454f2e9175faa65c9a474160bc41acb07532158b6309ba991c/detection
# Reference: https://www.virustotal.com/gui/file/edab64dac1dee32fef52a0871d0323e1b5bf246d70aa0617d83dcc7975bef283/detection

14.231.186.175:5555

# Reference: https://app.any.run/tasks/6a264419-9242-4e6f-9974-abc8cc7c194d/

14.231.186.175:8888
getcookies.ddns.net

# Reference: https://www.virustotal.com/gui/file/fa26846e38ca581bcfeb41da686153970b4d29ed706e76352dd2771c12267cde/detection

anunankis10.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c92433dcc69cb79b43a176f68820d85c4c8d7ef0a6b31881de5e9cfb70464d14/detection

85.214.37.238:9192

# Reference: https://www.virustotal.com/gui/file/4082d61ef1a193655d3d50eb923fb95e4d0026de3104f2d5f4e162597e6d37b6/detection

88.232.12.125:150
nonick55400.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d2000f86d47cc1a1ab87f3080c90b4b61aaa317aac5c2d4cd8609286ebacee8b/detection
# Reference: https://www.virustotal.com/gui/file/cf4ddce71aba43a35beb19ec82d3e90b0008c09b3e6018d286ba321616ced13b/detection

46.114.109.193:59999
83.135.171.146:59999
drei.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3c634e5d4ee8aa6eeb7896e14bc39c6ab8b4ceb39dc26bc09418e4bfa9b0820/detection

193.161.193.99:28070
lufeteme08-28070.portmap.host

# Reference: https://www.virustotal.com/gui/file/9160bff6b2976faebb45e316ae521f76fc25893a85818c02317b3435163545c8/detection
# Reference: https://www.virustotal.com/gui/file/7940abde1678d42fc39c4cc0c69a17d2903c462747d9f8115b2b68f4a0f3d768/detection

206.166.251.78:6606
206.166.251.78:7707
206.166.251.78:8808

# Reference: https://twitter.com/jorgemieres/status/1336699712796299264
# Reference: https://www.virustotal.com/gui/file/558af040bcfa1aaf774e953cca682eaaf38ec8c4f3ca4f3e24e0ea8a783ca1df/detection
# Reference: https://www.virustotal.com/gui/file/1f89b0e486eb986a03b0a5cbbacc8f4e7552f5b9ed74c408ae9febd2e424dbdb/detection

23.105.131.244:1881
maraddiego763.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1342046396048932865
# Reference: https://bazaar.abuse.ch/sample/c397eb85439a20b9185e001ec8cd286281d27d6be336d32e93558e451e6aeeeb/
# Reference: https://app.any.run/tasks/74f1a309-b81d-447c-80c9-fc94ed5a0d41/

3.22.15.135:14345

# Reference: https://www.virustotal.com/gui/file/ab62e63b551e5f354ec3fe9fd7142d9a07311af48a898ab02faa8a9067fa9894/detection

47.93.12.104:6000

# Reference: https://www.virustotal.com/gui/file/258d5d44809036c29e621367b7aec4338278950edf3766277e3a891bcb8200d6/detection

78.163.1.80:1608
78.163.1.80:6606
78.163.1.80:7707
78.163.1.80:8808
kurbanlar12.freedynamicdns.org

# Reference: https://app.any.run/tasks/816acf79-0c72-436c-b229-3cae510f1308/

118.91.123.84:6606
118.91.123.84:7707
118.91.123.84:8808

# Reference: https://www.virustotal.com/gui/file/82e765d576749be75f8eec64ab5cb4c934b494e30a74fc9a4f70b1c8d3cb25ef/detection

212.125.28.114:4096

# Reference: https://app.any.run/tasks/b1409386-ce03-4eea-8a2e-32434ba38ee5/

37.120.208.40:49746
chongmei33.publicvm.com

# Reference: https://app.any.run/tasks/c1f8c77d-4c72-4419-a381-8d166413e5e9/

193.161.193.99:23074

# Reference: https://app.any.run/tasks/cf031967-ce6c-4a6e-8b9f-a718560ee709/

68.235.43.126:56927

# Reference: https://app.any.run/tasks/005ff4be-a1df-4e61-9390-b61d968ed4c0/

125.209.137.105:6606

# Reference: https://www.virustotal.com/gui/file/a6264de41b4d2ad578a3ec5e082b621dcbf3b716e9bbe86f66682d785c7fc476/detection

45.140.146.29:7979
45.84.1.78:7779

# Reference: https://app.any.run/tasks/4585a843-0924-4dfa-9714-322eb3a61d12/

193.161.193.99:48622
crazynigga123-48622.portmap.host

# Reference: https://app.any.run/tasks/fea4d4d7-cc76-4655-8e00-400d40f683ab/

79.42.176.16:8080
backdoor.sopix.it

# Reference: https://app.any.run/tasks/afd0acb5-ce1d-4a29-b525-cd198d6d69fd/

3.13.191.225:12246

# Reference: https://app.any.run/tasks/85ac5faf-d2bd-4e6c-84f4-276c16c8c260/

20.50.121.62:1604
arda3369.duckdns.org

# Reference: https://app.any.run/tasks/fbf0f2b7-868b-4aad-b0b1-8028f3303b73/

193.161.193.99:25740
skeetware-25740.portmap.host

# Reference: https://twitter.com/Glacius_/status/1354914904004820992
# Reference: https://www.virustotal.com/gui/file/baec9d73487e85c2bdd78b6ae43abaa6a7fec4b969d92b14427e8aca0510a24b/detection

172.241.27.124:6666
fat7e0recovery.ddns.net

# Reference: https://www.virustotal.com/gui/file/ca15972126b044ee0306f30aea6ee94ac41c3696c6c4789649a8554c8011acd2/detection

193.109.78.123:5454
193.109.78.123:6606
193.109.78.123:7707
193.109.78.123:8808

# Reference: https://www.virustotal.com/gui/file/1ee5494e35b15b468334a05ab0b8b233cf09d3fdaf6b2fbfa997f30bb7e95534/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808
supertop2.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1355991497095700491
# Reference: https://www.virustotal.com/gui/file/a9c4777eaa8ebd606b60f1a40c3789fe3cc0fa874610fed377cf1aea7093d638/detection

118.91.99.226:6606
118.91.99.226:7707
118.91.99.226:8808

# Reference: https://www.virustotal.com/gui/file/6d46e1bb744cc57d651c3812520e5efa06f760631df2740987ade7b1340262dd/detection

3.138.45.170:14232
52.14.18.129:14232

# Reference: https://www.virustotal.com/gui/file/fc96f417ac8229c6b5bb9303f3256d0ed54e416ae2328360b31c72b8b77bd027/detection

3.14.182.203:15821
3.14.182.203:25565
3.138.45.170:6606
3.138.45.170:7707
3.138.45.170:8808
3.138.45.170:28856

# Reference: https://www.virustotal.com/gui/file/3f82201b874febc1f265408f7574966eedd494c87ab21e20099c0463341c4ec5/detection

51.83.21.214:1177

# Reference: https://app.any.run/tasks/0713ac99-9dc7-4ea8-b408-dfc72f582df0/

62.228.99.44:25565
swiftyboiiiii.ddns.net

# Reference: https://www.virustotal.com/gui/file/cf0ac94c2958739cad12578e671278f78e9a36ca8dfa060e7cb99beacf5443f1/detection

77.149.2.122:5552
hookshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/4864f1d1db04b797fd2e43e2a842afe736f7a8a69d985d20c0a506b2cd1e6710/detection

201.219.204.73:1881
ortegadani4521.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3794538f0e3b4c499c8f5edf04fa2ee3bbf61cf51c9185ee60184d1473db6c58/detection

91.109.190.8:6606
91.109.190.8:7707
91.109.190.8:8808
mrtx.duckdns.org

# Reference: https://app.any.run/tasks/99dabdb4-e15c-4a04-a587-01ebe4a1ecb0/

193.161.193.99:47970
Lollypopman34-47970.portmap.host

# Reference: https://www.virustotal.com/gui/file/4fb8606551676da10e81801a00d3fc7899c064b4ceec54939b41e8cdd7f81159/detection

209.99.40.220:1000
updatersvc.duckdns.org
windowsupdater.system-ns.net

# Reference: https://www.virustotal.com/gui/file/292f5a19fadef7188670b8bc2e69bcd9d1f54c7e23928427392dc135dcdc8a0d/detection
# Reference: https://tria.ge/210214-whb5qfxctj

23.102.129.234:6606
23.102.129.234:7707
23.102.129.234:8808

# Reference: https://www.virustotal.com/gui/file/c4c4c3ddd9cf42d0352a5135a9250a0cc64a40a8ed49ca860cf31061cfca5304/detection

40.75.8.74:6606
40.75.8.74:7707
40.75.8.74:8808

# Reference: https://app.any.run/tasks/9528fcbf-be7a-42a4-b363-808a22a624fd/

52.14.18.129:11677

# Reference: https://twitter.com/reecdeep/status/1361585509387149315
# Reference: https://app.any.run/tasks/4c21b945-025a-4fe9-9296-eadb5f04cf50/

103.151.123.132:6204
severdops.ddns.net

# Reference: https://app.any.run/tasks/d343dc45-6f76-4c18-aeee-4f1cf7e1764e/

193.161.193.99:55575
gzzzjc-55575.portmap.io

# Reference: https://twitter.com/someinfosecguy/status/1362440625619144708
# Reference: https://tria.ge/210218-jmjxwxbpqx/behavioral2

193.161.193.99:26187
193.161.193.99:64861
malkalanok357-26187.portmap.io

# Reference: https://app.any.run/tasks/654e69f2-b60d-4dd5-8cf4-895123bbbe08/

95.252.85.20:8080
unbelratcomesideve.ddns.net

# Reference: https://www.virustotal.com/gui/file/c75f28cdb21bec49700a7579d3b630074e3fb6de4cda70c5937dcd8424bbebbf/detection

121.137.39.135:5050

# Reference: https://www.virustotal.com/gui/file/fad55e42bde0dce163f94a0ac272418b17100a67e439574fdc49ab7e2b12bc3e/detection

220.78.222.190:5050
yohan002.kro.kr

# Reference: https://app.any.run/tasks/5f595a39-7203-4809-8d78-e3431e057227/

193.164.7.176:6606
193.164.7.176:7707
193.164.7.176:8808

# Reference: https://app.any.run/tasks/7cc3c6d0-fe7e-4491-8d55-9f1644649546/

193.161.193.99:36606
sizetmp-36606.portmap.host

# Reference: https://app.any.run/tasks/a542e55d-6ff8-4aaa-9f49-13ea77bdbfd5/

69.136.25.93:54115
azxsdc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/2399e5acd8e6fec2e83de445cf83b598676f57fdfedd1f67a7872a5009866591/detection

154.16.67.107:1177
newss.myq-see.com

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365774874870972416
# Reference: https://app.any.run/tasks/119bfa2f-93ed-46e1-8ade-2eb69c0165d2/

194.5.97.132:35714

# Reference: https://twitter.com/wwp96/status/1366429485080457221
# Reference: https://app.any.run/tasks/d93648e9-999f-4a82-b7ee-3d318546c9c6/

152.89.247.27:1210
3324546.duckdns.org
owncablestdywirecord.dns.army

# Reference: https://www.virustotal.com/gui/file/1b3d41d44659ff038cf8aafdc5ff021646771106d957783aecdff725158c216c/detection
# Reference: https://tria.ge/210305-v3pe2f2w5s/behavioral2

177.124.77.43:4000
micomico.ddns.net

# Reference: https://www.virustotal.com/gui/file/7b5ac1f2b4852a2c27afd5c5529660f71f0e7ad0f890208ed3f5e248d6e7b84a/detection
# Reference: https://www.virustotal.com/gui/file/3decf98948eb4ae09dec3ff5955f33bd9c4ce38cdccae4107f3fa9bfffb7b050/detection

85.170.227.97:4000
85.170.227.97:5000
rat94522.ddnsking.com

# Reference: https://www.virustotal.com/gui/file/b04d9a311d595e1d0a44992ecd4ea00528270378d0e52da5dc75b8ccc1ce5599/detection

31.220.4.216:1738

# Reference: https://www.virustotal.com/gui/file/b77906648505d304d711b3021f19104a70f7725f6021e4cee0d492fa96597028/detection

potrq.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdbb642769e8cc0eec1e09d29c9635d76d5885abb07deca4d2ef5c84bbba5c67/detection

136.175.8.57:1177
100k1.ddns.net
100k2.ddns.net

# Reference: https://www.virustotal.com/gui/file/bc796e4f7602321306d3762eca6dc809ee2c043caf03386deb17b1422209a1ec/detection

45.32.200.152:1177
fat7e07.ddns.net

# Reference: https://www.virustotal.com/gui/file/67d8ec4d7cde7188fc49f8268a10855abe89cffffc13c6f6111ba904caebe6f7/detection

93.93.193.189:9341
corporation.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/78430db636f5d5be5dd3959a3f74b14792897b8fdea1de1c441eba120164cfb6/detection

liverpoolsupporters9.com

# Reference: https://www.virustotal.com/gui/file/3c7d9801bed9dc95108527bc38cbc100260c5bd76331adffb9b21620c91b5049/detection
# Reference: https://www.virustotal.com/gui/file/c4b9e67adddddb84ad88135affcf47881c6ff4a560557e760da2990aaca02510/detection

186.4.232.55:6606
186.4.232.55:7707
186.4.232.55:8808
rcvasconez.ddns.net

# Reference: https://www.virustotal.com/gui/file/2f9e71f1807b0e909226f4fced8c62fb38c787b2ae56ec8646ade0a6a54ec725/detection

193.161.193.99:43299
gammadoppler123-43299.portmap.host

# Reference: https://www.virustotal.com/gui/file/0100972f01df9b75c0958a7198170d2d37a51f1d500501bcdbf122bb43253bcc/detection

102.36.149.155:30300
79.134.225.11:30300
rbltd.ddns.net

# Reference: https://www.group-ib.com/blog/rats_nigeria
# Reference: https://www.virustotal.com/gui/file/8613c29feb93ea1eb6a48e037da61e0643ca06234d51462814e0b314e2aa9b50/detection

http://68.235.38.157
east-ge.com
kingtexs-tvv.com
mariotkitchens.com
sommernph.com

# Reference: https://www.virustotal.com/gui/file/fee6cda76d8c5b289b76deba1176049e529f51ac06f817a8a22ec77b17d74f35/detection

188.161.190.135:6606
82.205.21.99:6606
82.205.22.86:6606
188.161.190.135:7707
82.205.21.99:7707
82.205.22.86:7707
188.161.190.135:8808
82.205.21.99:8808
82.205.22.86:8808
squadx.hopto.org

# Reference: https://www.virustotal.com/gui/file/95fbecb2d0b0aa0fa80e02732237fc9eb43fc9f8af1efff062435b44b57f1a03/detection

97.90.7.88:4782
97.90.7.88:6606
97.90.7.88:7707
97.90.7.88:8808
cademc.zapto.org

# Reference: https://www.virustotal.com/gui/file/e706bf49908519c14eb135357c5cd822be3f139be7365a94081b54342db0eb91/detection

20.79.41.10:5967
tayfagreatie.duckdns.org

# Reference: https://www.virustotal.com/gui/file/23d4837df84a76f96c674581c96e6a1729bac2981787d3b36ac5149d861f13e5/detection

160.152.102.175:8988
160.152.102.175:8992
loading8992.bounceme.net

# Reference: https://www.virustotal.com/gui/file/668d4a42b6e049ee80146d86f93c706a6598c90156b670b966a4a413a83e58d1/detection

144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/af8558a48c8cd10691fc61aba79b6522807ff92a85fe833556445dba63f149d6/detection

45.77.142.82:9797

# Reference: https://www.virustotal.com/gui/file/2f054e75bbe251c38dfa8a3a31d51123d71f80054720c909ed3901e14859c656/detection

49.12.11.240:6606
49.12.11.240:7707
49.12.11.240:8808
49.12.11.240:6821

# Reference: https://www.virustotal.com/gui/file/89c38091fdb1977853e9533b62a68082b65dfa61007bd7d7f9dfaa228646252b/detection

20.52.142.130:9797

# Reference: https://www.virustotal.com/gui/file/fe57fc52dcd3215bca8bc6cebb224eb2c2d2b5238f3b671e84147ae555af936d/detection

144.202.70.248:6606
144.202.70.248:7707
144.202.70.248:8808
144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/ab09142c8ecb158bb84696cb92e922fea9959a57bc6e1bacc6d8e87ffc1c63f8/detection

45.32.211.35:6821

# Reference: https://www.virustotal.com/gui/file/96f0812b2f8c0589a04b40ea1a9438d41e901ef660ed493c3d5221c535c18b4a/detection

216.230.75.194:8621

# Reference: https://www.virustotal.com/gui/file/c64c2b5fd4c90ac4dd5c41b733d43669fd3dfa75342d98f29b7bd3178e6374de/detection

139.99.73.120:6606
139.99.73.120:7707
139.99.73.120:8808
139.99.73.120:5555

# Reference: https://www.virustotal.com/gui/file/30368f7cf5ab4464ed45c1cf1c7a21110663a56b56ee5fe94a4e9bb376e2d5e4/detection

91.109.180.5:6606
91.109.180.5:7707
91.109.180.5:8808

# Reference: https://www.virustotal.com/gui/file/c06fdc9f0dbfd0b42d74c9226ed28f3f52b5bfc04af70f58b8b5b16439196184/detection

185.19.85.167:3413

# Reference: https://www.virustotal.com/gui/file/f7b01c9dd7e2184231f40d009c54374d0cdcf563e987fe2a3586e6b767852dea/detection

175.144.21.17:2703
185.244.30.92:2703
192.169.69.25:49703
37.120.208.36:49746
79.134.225.92:49703
87.98.245.48:49746
chongmei33.publicvm.com
rahim321.duckdns.org

# Reference: https://www.virustotal.com/gui/file/62a8add7d225619b038ee5e87b9546fbdb796c98b1c65fc4ecdc4b079069500d/detection

95.211.239.205:777
tahoo.linkpc.net

# Reference: https://www.virustotal.com/gui/file/dfc5f5a467242e30666b413878511d034ab02651a8b791732b70317a72c6a543/detection

105.103.141.231:777
domaineweb.publicvm.com

# Reference: https://www.virustotal.com/gui/file/7081ef94c2d39376308f54702b74cc685f2489f90d95f1db288ff96c7e434202/detection

184.170.245.2:6606
184.170.245.2:7707
184.170.245.2:8808
hacker1313131dd.ddns.net

# Reference: https://www.virustotal.com/gui/file/7cf0450f46dbf13e125b76f7358c0505a9b5e6655d908281ed00b8ce5c94a3dc/detection
# Reference: https://app.any.run/tasks/409d87b3-2e1a-4699-9fb2-42bc6c107dda/

105.112.46.168:2021
105.112.78.3:2021
kimjoy.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3566a97c163540e23dd172c1c872bb8e4dab98c1a049bacef3f3fbf68744835/detection

74.199.72.115:3702
nazinaturistic.ddns.net

# Reference: https://www.virustotal.com/gui/file/bd30df969f3a11aabd58ff65c72fd14a507ee43efe4d77331338facbeaed77c4/detection

195.62.33.67:9911
bad96.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d9ea4fd548efa07e3051dcef175d5b0446958cdf0d7f623a0f98945acc1dbb8/detection

94.61.14.42:6606
94.61.14.42:7707
94.61.14.42:8808
robloxfanscripts.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1389666118294327297
# Reference: https://www.virustotal.com/gui/file/146f7a39df033afe4bb001da5b4a6eceb89f9efab5538c470b7f7f3cb4bbd15e/detection

79.134.225.18:2455
franco.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee67445d4ffeedd7c11e1e14949bf0f6060f34352e3f2c8d2184ffe0b4d235f/detection

79.134.225.18:6606
79.134.225.18:7707
79.134.225.18:8808
bigman2021.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8d2b3f58baa5dc605a8618d66b3070c97b8f3f01c214c3e39b0d3df1c820f12f/detection

78.189.145.29:1064
cancan01.duckdns.org

# Reference: https://www.virustotal.com/gui/file/192b8b333a2d956f13512165a108e109e79f73680e28af2e98f4aafbaea378f4/detection

89.160.26.37:1907
89.160.26.37:6606
89.160.26.37:7707
89.160.26.37:8808
leoz07.ddns.net

# Reference: https://www.virustotal.com/gui/file/af844d4f524a764af31c6d600148248dae088a54356bbd63604f93602ae8a655/detection

41.105.36.185:1231
170293.ddns.net

# Reference: https://www.virustotal.com/gui/file/aefeb07afc0d9f4d09ab09317db14edef1b58df175f70cf6ea88d7f6cdce8cfc/detection

159.242.234.220:8991
160.152.102.175:8991
160.152.128.216:8991
160.152.155.95:8991
160.152.184.22:8991
160.152.34.228:8991
160.152.57.245:8991
197.210.70.144:8991
197.210.71.96:8991
79.134.225.119:8991
adobe.myactivedirectory.com

# Reference: https://www.virustotal.com/gui/file/d452cee94e3a2d58b05e9f62a4aa4004c0632d9b56fa8b57664d295bc88c4df0/detection

160.152.128.216:8988
160.152.155.95:8988
160.152.179.159:8988
160.152.71.32:8988
5.62.58.238:8988
79.134.225.119:8988
160.152.128.216:8989
160.152.155.95:8989
160.152.179.159:8989
160.152.71.32:8989
5.62.58.238:8989
79.134.225.119:8989
asin8988.ddns.net
asin8989.ddns.net

# Reference: https://www.virustotal.com/gui/file/e8aca8f27af178b2c191206c7bc04bfddc604a78b95699a72ca20c22f618c9b0/detection

160.152.187.169:8988
79.134.225.119:8988
160.152.187.169:8989
79.134.225.119:8989
160.152.187.169:8990
79.134.225.119:8990
asin8990.ddns.net

# Reference: https://www.virustotal.com/gui/file/d88f2958d0acb7f06c1cfbf71f496477b5bae94fda49b9084def65709b211546/detection

41.102.72.91:2019
mrdiazdz.myq-see.com

# Reference: https://www.virustotal.com/gui/file/7e2c927caec040c6a134fbcd520023dd48379be367b6af0a353dfc1e4d0bcc3d/detection

79.134.225.7:9476
sipex2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/af664ecd43c0dd5152022855d80d3faa80bf938477b7959fdfe3d67c50ab93d6/detection

14.191.50.101:8080

# Reference: https://www.virustotal.com/gui/file/2fd8dd35009746246e06cafdd744c0bea6862576483a55a93b3c00de75989876/detection

77.247.127.24:6666

# Reference: https://twitter.com/pmmkowalczyk/status/1392794233724100608
# Reference: https://www.virustotal.com/gui/file/d17a7a0afd4342b88db7bfdba2ed30b44e03d95104d27d5e869bf7641895ad5d/detection

46.101.140.16:47533
fnk3.playit.gg
far-street.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ea3e00b1c26220883d6e27179ec9391efa9a2062414eb1c5576db0e204291104/detection
# Reference: https://www.virustotal.com/gui/file/8ab4f231ebf6150eb8bcfa302353732cce3f6c72ea7892f27a22e2720509dc37/detection

134.122.66.170:1604
134.122.66.170:1700
134.122.66.170:55772
134.122.66.170:8929
139.59.82.105:1604
139.59.82.105:1700
139.59.82.105:55772
139.59.82.105:8929
bng1.playit.gg
fnk1.playit.gg
roasted-egg.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4cb3d0afec4c271f4d2351022cecd072a7ef96b7c2f63223144278de67067d42/detection

157.245.170.36:1604
157.245.170.36:55078
157.245.170.36:6606
157.245.170.36:7707
157.245.170.36:8808
crooked-wash.auto.playit.gg
sf1.playit.gg

# Reference: https://www.virustotal.com/gui/file/b3a697477ca999a3cedb88a7dfef0735ac12032f26106008a31c6db4bdf1b7c8/detection

134.209.194.210:56635
ams1.playit.gg
gullible-substance.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/05030526532dbe4d0a3e49140489439468957d6dea9f482ff983e778b21c61d0/detection

147.189.168.238:1996
nova22.ddns.net

# Reference: https://www.virustotal.com/gui/file/d3b9abaed3de3549b0fc83ec846a02612d91dfaca5a82aad2d7fa58b6e6c8f59/detection

134.122.66.170:59266
enchanted-sugar.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/5acd937d84b28e21755ea9707e88cb73eaa6f183f03568e69077eee97ff5c6ca/detection

134.209.194.210:56874
134.209.194.210:6606
134.209.194.210:7707
134.209.194.210:8808
bored-baby.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4a69b932f7d7abe2e40d828020271ad2c82895fe0e45639a5e63898097383229/detection

waiting-distribution.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/25b60ae10029b3dc5b7c9e0c4fda13f676fd138f9407fb3d515b16f307964987/detection

134.122.66.170:2626
134.122.66.170:52083
staking-afterthought.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/c984664d6300015a18c84ddf60d978b2cedcf5323dcf32365b72456766770dec/detection

134.122.66.170:56797
134.122.66.170:6606
134.122.66.170:7707
134.122.66.170:8808
parsimonious-elbow.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/f7aede4740b641f6ca71b683741b35e4cd8fcb9cd9aac929605e2f41de19db76/detection

smelly-plantation.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ae068da2d2b92d3884eebcb3b088d3764c64899341deab9e431bb0cf5af2f011/detection

134.122.66.170:52859
parallel-spade.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4816d6f30051bd5fd3b3c585ab45068cc68b1698bedebdf829b6df2c1345787d/detection

151.115.36.90:51696
151.115.36.90:6157
scintillating-jeans.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/3c19eba85ce343b5cb5a2afd7036a2528c520c19dae153c9c50552ec2f33d548/detection

46.101.140.16:59842

# Reference: https://www.virustotal.com/gui/file/7787b0ad1912dfe4feac545132d8c27f2cd89f1f9a8cf1ed7d787a487e523e9b/detection
# Reference: https://www.virustotal.com/gui/file/5c3d28aefe454f0503484f737fd56fb0303c93556c579c4568a72d684ee14ed3/detection

46.101.140.16:49723
little-toothbrush.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/0d937a6efda9883e93d429cf6c4d60dc145ed5f3fd69ddb744cb44a4a0b7396d/detection

46.101.140.16:47458
slippery-cactus.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/8e1ae1790f2ee8b22b8956cd8b1cedf9b0bf82246d5d5a998bc503ac780b3496/detection
# Reference: https://www.virustotal.com/gui/file/f8e56bed47bf278dd23e4e8bbac71c8bc0464bfb91c07c242a2d26a37aa83d16/detection

46.101.140.16:47537
tremendous-icicle.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/822edf21c4b1bdd1a85dc45219158b462323339f5510c9780c900e12a8a125cf/detection

151.115.36.90:49057
151.115.36.90:6157
cloistered-dogs.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/b47b6d3289ae1968dbf8c2ade9b51b8648e422b1676e5ca320f588768b90a28c/detection

134.209.194.210:59208
46.101.140.16:59208

# Reference: https://www.virustotal.com/gui/file/29e7e0de201646f11e3ac7b7f861cc489e5f8343834871de5143e4842d1718ef/detection

46.101.140.16:46467
unkempt-silver.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/32b3b1966fae4e513fa11870958bf2fd585144a9b9a37b4ed0da8f9871f40176/detection

176.136.47.220:1605
176.136.47.220:6606
176.136.47.220:7707
176.136.47.220:8808
xuehue.freedynamicdns.net

# Reference: https://www.virustotal.com/gui/file/90fab6977cc5f967959d3dd307d4dd99dfa8da7f7fe2c159c1e7911bc6f5105f/detection

20.52.37.83:6606
20.52.37.83:7707
20.52.37.83:8808
orospureaxx.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cdbbddacd34d002729ac3889252f36c544b936002005a2f357e831cb2f669d7b/detection

194.76.226.201:6606
194.76.226.201:7707
194.76.226.201:8808

# Reference: https://www.virustotal.com/gui/file/dc3e48d0b12659129b857a0293e2978a29809664572b4f6f556491ca4f677dbf/detection

150.107.31.190:9060

# Reference: https://www.virustotal.com/gui/file/69642f95f35b3d14f1123de60819e66e59c8f125defb58d23b8766f498597de3/detection

79.134.225.53:9872

# Reference: https://www.virustotal.com/gui/file/494924af556726976ac133cfe12a92b3d5b193f19df0d3ea785c645cea18e6fb/detection

24.101.234.141:4782

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1400166564268331009
# Reference: https://www.virustotal.com/gui/file/c810a1bde5027f6fcf656067381133c6c8e61349cd05b4f4c7a9695b9a44f31f/detection

195.174.209.145:1781
195.174.209.145:6606
195.174.209.145:7707
195.174.209.145:8808

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1399327839896342529
# Reference: https://www.virustotal.com/gui/file/e89d388de70b933316724146def5eeab047a08514b7bf70bcea3916e09162669/detection

peebeekay-22139.portmap.io

# Reference: https://www.virustotal.com/gui/file/6610572cbe4075996e903d9e13a29cf812537be7b7ed2d9f6bc341a3998f4459/detection
# Reference: https://www.virustotal.com/gui/file/48b3e497f5e533a663b3686b731bcf2b486ba3aedb006091fd95d1f573944c90/detection

87.132.215.23:4250
89.182.98.3:3601
dontreachme5.ddns.net
dontreachme.duckdns.org
dontreachme1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ec503a0e10888dfadfaa3716eb128b6dd7479fd708e45a181cba7c14e8ad59f9/detection
# Reference: https://www.virustotal.com/gui/file/ee45e7b7efce62cdf53205e25010044bd2612498113e665e76f9731d4e2843e0/detection

162.255.119.29:54984
173.189.160.249:54984
snow-leopards.xyz

# Reference: https://www.virustotal.com/gui/file/1c1aad21ca7a30cdb51deac733927ed1b603c242b7640c9e42605ea8202782f2/detection

106.214.237.83:8088

# Reference: https://www.virustotal.com/gui/file/f6f4e3772ac0e480939d5af16464ba425c44040e1f1ce6edb82591694d5e3f01/detection

ooyeah-24044.portmap.io

# Reference: https://www.virustotal.com/gui/file/44b58d71e60589298b48dbbdcd296ebd7b0330dceb8988369267a167a85d631c/detection
# Reference: https://www.virustotal.com/gui/file/b564ee571c17fcf612bf67207a44d92e463f1c12c2558f205c4cbb45d8950839/detection

141.255.155.84:4444
141.255.157.163:4444
cryptserver.hopto.org

# Reference: https://gist.github.com/myrtus0x0/deb815eadd362f660aabb41a7806e187

172.93.222.156:6606
172.93.222.156:7707
172.93.222.156:8808
173.63.124.155:1604
178.33.222.241:2703
178.33.222.241:49703
178.33.222.241:49714
178.33.222.241:49746
185.165.153.116:2703
185.165.153.116:49703
185.165.153.116:49714
185.165.153.116:49746
185.19.85.155:5080
185.244.30.92:2703
185.244.30.92:49703
185.244.30.92:49714
185.244.30.92:49746
194.5.97.249:9951
194.5.98.196:4529
194.5.98.107:6970
203.115.24.234:8282
37.120.208.36:2703
37.120.208.36:49703
37.120.208.36:49714
37.120.208.36:49746
45.153.243.96:8888
45.35.158.173:6606
45.35.158.173:7707
45.35.158.173:8808
54.246.188.45:6606
54.37.36.116:2703
54.37.36.116:49703
54.37.36.116:49714
54.37.36.116:49746
79.134.225.92:2703
79.134.225.92:49703
79.134.225.92:49714
79.134.225.92:49746
79.134.225.99:4726
79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808
91.105.195.23:5679
agentpurple.ac.ug
agentttt.ac.ug
bruhmoment123123123.ddns.net
dongreg202020.duckdns.org
gateway.swat.host
genjustu.hopto.org
johnboo.hopto.org

# Reference: https://www.virustotal.com/gui/file/6c9d744a929a0e67b79dbb669cf8be1ac357b0e8eb75074ace81fa90857e5552/detection

197.1.99.237:6606
197.1.99.237:7707
197.1.99.237:8808
197.1.99.237:9995
197.238.81.24:6606
197.238.81.24:7707
197.238.81.24:8808
197.238.81.24:9995
chromsec19.zapto.org

# Reference: https://tria.ge/210528-3n4n93ztka

185.19.85.168:5946
shugardaddy.ddns.net

# Reference: https://twitter.com/petrovic082/status/1397093409521905664
# Reference: https://app.any.run/tasks/a1d1ad79-e892-450e-99ff-19aea71774ce/
# Reference: https://www.virustotal.com/gui/file/51863340741893ed0860f30704e00ee4e4c4f0ac4b2c6eefd5e765008f20eb29/detection

scarsofthesoul.com/wp-content/themes/45gHdoYZRK3EEBAC.jpg
scarsofthesoul.com/wp-content/themes/SNavmh60gxje6Rii.jpg

# Reference: https://www.virustotal.com/gui/file/2b8678fa955d08b909a9068aad612ed566a9a98c0476585770f6d1c8dc0c3f9e/detection

141.255.144.58:1604

# Reference: https://twitter.com/James_inthe_box/status/1406995650307256320
# Reference: https://tria.ge/210621-g8zj1sp5j6/behavioral1

88.234.171.239:555
asc1.linkpc.net

# Reference: https://www.virustotal.com/gui/file/227f44cda2b2f73785a5ae5b258fe818dd3302ce533aa50837ab21d99cb8219a/detection

185.244.26.217:5892
exchangexe2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/068a691ba494e231b27af202af806ff1daac8b660993678a4c0b73ffc8a2d242/detection

185.140.53.169:8970
8970.ddns.net

# Reference: https://twitter.com/ps66uk/status/1407090099699994626
# Reference: https://www.virustotal.com/gui/file/ca8929421ca89c108483865008ee79bd23e3386b899ffebdd897e1d072ad9e92/detection

172.111.244.39:46422
172.111.244.39:6578
leechong444.ddnsgeek.com

# Reference: https://www.virustotal.com/gui/file/14a78e85a9719b24dd71fa5cded55f59c14d45211a18bf89f5196cd2e0cd45e5/detection

83.252.99.10:8080
keyloggerhacker.ddns.net

# Reference: https://www.virustotal.com/gui/file/a72d1d21eaf2f89f06ea807db188ee0e4c6ada5e966568d8543e4c3dbd5c7c73/detection

135.148.134.17:8080

# Reference: https://twitter.com/BushidoToken/status/1416498021127409674

185.195.232.251:57667

# Reference: https://www.virustotal.com/gui/file/5f106bf6a105b2febc08dbc9885420f6341eae88eb5570d5b5454a3bee0c2a08/detection

3.22.15.135:6606
3.22.15.135:7707
3.22.15.135:8808
3.22.15.135:16029
3.129.187.220:6606
3.129.187.220:7707
3.129.187.220:8808

# Reference: https://www.virustotal.com/gui/file/878487e25eb96ab2c4ebd889e4bfc1739d730722c2af4736bc46ac3d11eca453/detection

206.123.141.239:7777

# Reference: https://www.virustotal.com/gui/file/d68b4d6cec032458824abdf3ac6f379f33db2167cb0c399845f4d7735a426827/detection

95.169.210.148:6666

# Reference: https://www.virustotal.com/gui/file/8b388efb71328e18ee3dd5b4c932387ddad5ee79b595751a79fe535533e2c4ed/detection

191.88.250.118:5020
marcelajarakmisdhuakfsg.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c4b86c9533e71721f549923868ca2f940e6bee5b9ef49b661343a5028a16b363/detection

cabovela.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a0329b99847941ede2712082eca9b6fecf89a9150fa36160328b3e596f3c23fc/detection

45.134.225.35:7821
45.134.225.35:6606
45.134.225.35:7707
45.134.225.35:8808

# Reference: https://www.virustotal.com/gui/file/1677e0afc52a9166c9a433e5db3864f71fe5816a98784f6ee3e86540827da084/detection

86.107.197.52:6606
86.107.197.52:7707
86.107.197.52:8808

# Reference: https://www.virustotal.com/gui/file/fa34352f3aec8d28f7e9ebc21a01c3a32e98620790ca91e29ad385919c0e213d/detection

136.144.41.4:4771

# Reference: https://twitter.com/pmelson/status/1419399465207836674
# Reference: https://www.virustotal.com/gui/file/07ac588af0a2789108da9687b452144e346c0a05583ae21660b5b49ef9740046/detection

137.74.176.167:1177
host.aliveafterguard.store

# Reference: https://www.virustotal.com/gui/file/fd78341536c5abe19c4beec49876f8f854819aa075092e3d9aec8c193339fcca/detection

171.235.78.216:4444

# Reference: https://www.virustotal.com/gui/file/b6444d49ebd6cf176222cd2ec2816c07727d334a8c6aed056e6e953796f7433a/detection

197.210.71.57:8971
makesuretobackup.loginto.me

# Reference: https://www.virustotal.com/gui/file/0705b69d12b5171f99bb4e89191939fe874ef994ffacb2508abcc2057463b605/detection

104.227.146.200:8835
104.227.146.200:8970
104.227.146.200:8971
104.227.146.200:8973
8970.ddns.net

# Reference: https://www.virustotal.com/gui/file/4e8bacc82d5684af7b56acbd3150ec033db6d6cc89e60bcf1d16ff13766d41e4/detection

185.140.53.169:8835
185.140.53.169:8970
185.140.53.169:8971
185.140.53.169:8973

# Reference: https://www.virustotal.com/gui/file/eeea15c1411e2f21445e11f510f4c3a3a9c8390085757daf352d48dcfa50d182/detection

104.227.146.200:8070
185.140.53.169:8070
35asyn88.ddns.net
7298hwor.ddns.net
newagain.servep3.co

# Reference: https://www.virustotal.com/gui/file/da8a2b68f14fab211ffe09dc43922790417dbb6e5fa437b461ad1d5ac7d4f788/detection

141.255.151.240:2880
xinpin.ddns.net

# Reference: https://www.virustotal.com/gui/file/0da6b4eb3e0cd74821c92e1cf094e148f62749a6bc8a2d5e457ca320be2947da/detection

46.249.32.186:3000
46.249.32.186:4000
camfro9ksa.no-ip.biz
jamal16a.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/c31f8b69245d8207cf420a1e7ca523553eccd96d649168314db28644203cea9e/detection

194.5.98.8:3030
adikremix.ydns.eu

# Reference: https://www.virustotal.com/gui/file/19470ceb697cfe1039f344962da8fe0b1fe484bd0488db00afef27816ee62ae6/detection

185.244.26.165:9582
e29rava.ddns.net

# Reference: https://www.virustotal.com/gui/file/623534bf150f2538edb27e51ed56b92f464adb5da8e2db378ec3a666fcb64772/detection

185.244.26.213:9872

# Reference: https://www.virustotal.com/gui/file/6693e9ce0848fe351b1df785a7540ec3bc1950fd698977cdd8cde1b3d4f19681/detection

177.126.146.148:6606
177.126.146.148:7707
177.126.146.148:8808
word.is-a-rockstar.com

# Reference: https://www.virustotal.com/gui/file/df5909d3af4ca4654c190c579631cd6d9aae3e0270daa83e92c7ee4397322364/detection

79.134.225.109:9070
asyn101.duckdns.org

# Reference: https://app.any.run/tasks/7e4869df-9ab6-4ee4-9772-f5af5721ca83/

91.151.88.245:2070

# Reference: https://app.any.run/tasks/eb9ed5cc-ca36-4fcd-955b-81a360cda877/

20.199.121.197:7707

# Reference: https://app.any.run/tasks/78c5b68f-1c96-46a6-8519-d7f8e475a714/

151.237.185.211:20090
harnav1.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8b7234f8cbfaa32f5c52c02b259511861bfa602a447aea1b1e82f024f102e50/detection

37.49.230.185:5874

# Reference: https://twitter.com/James_inthe_box/status/1438506362107928582
# Reference: https://www.virustotal.com/gui/file/0d9937ff3380d575397c7dae4b22267d42a029956d45a16f956cddf479c3cf59/detection

194.5.98.132:1849
rick63.publicvm.com

# Reference: https://www.virustotal.com/gui/file/4a0d7d71ba4692f70972ca28028f943a5cb56086f4fed16829f276a6d70fbc38/behavior/C2AE

195.133.40.157:9909
195.133.40.157:8808
rocking.ddns.net

# Reference: https://www.virustotal.com/gui/file/a352ce2dcf084f7017ee2f287678a5852470b9f64f00988a51104d9370a442fd/behavior/C2AE

microsoftstore.ddns.net

# Reference: https://www.virustotal.com/gui/file/7bbc45943986a1f5886ca429f3fadde428a7936c2e3a421b5f8f24e06ace0308/behavior/VirusTotal%20Jujubox

196.170.63.108:6606
196.170.63.108:8808
zeroxzerox19.ddns.net

# Reference: https://www.virustotal.com/gui/file/6c5a78bc2995bd9098af7b5b2cc18b3763a5c16b8960847d8d1518ea03fa5262/behavior/C2AE

kalilinux123.ddns.net

# Reference: https://www.virustotal.com/gui/file/3a466603350e269cc3c6d47e9467525319d96b93abf4a4f94aa81ef616409792/behavior/C2AE

192.169.69.26:1884
dgrthdg.duckdns.org

# Reference: https://www.virustotal.com/gui/file/19261c2bcb77b1f207415ca68e845ee2d7bea24d870b0543233bb277c1c3416a/behavior/C2AE

142.126.121.109:9897
eeeeeeeeeee1111333.ddns.net

# Reference: https://www.virustotal.com/gui/file/511be2e5f0ecf8da123bd5eaf462869233c658c88f4ab6c5472792f62a67a898/behavior/C2AE

91.109.186.6:8808
91.109.186.6:6606
91.109.186.6:7707
milla.publicvm.com

# Reference: https://www.virustotal.com/gui/file/0cf2d9d9b8cf8181784372da15e5c19918577d9462eb38de60f2cd48ef793685/behavior/C2AE

185.157.160.198:1973

# Reference: https://www.virustotal.com/gui/file/4556c1debf74fe9cdc70eeae3ad1737867f12aafe5f129f2e4c32c3bca5d2373/behavior/C2AE

119.91.81.102:10050
vaoz.hopto.org

# Reference: https://www.virustotal.com/gui/file/cef377096aa29c2d56751c604f9c12149596aed21307ae70889367b3717820c3/behavior/C2AE

41.225.94.19:6606
41.225.94.19:4444
41.225.94.19:8808
41.225.94.19:7707
nosnos89.ddns.net

# Reference: https://www.virustotal.com/gui/file/49af85ae6afd7dd5c5df440d8c6043c2c14f206a8aaeda0dc2d8d2fa4942faa9/behavior/C2AE

128.127.209.204:1188
ethanily7lm.ddns.net

# Reference: https://www.virustotal.com/gui/file/aa8b3ea0e61c4e7951f01a7934c1b500a57afabbac14f794036723048bdd2959/behavior/C2AE

193.161.193.99:6606
193.161.193.99:7020
193.161.193.99:45415
193.161.193.99:8808
193.161.193.99:7707
sherlmes2-45415.portmap.host

# Reference: https://www.virustotal.com/gui/file/f77b792b18ed388d1223539319cac1d6c2ec1af3193325aca3d0094160049ad0/detection

91.109.176.3:1010
poplll.ddns.net

# Reference: https://www.virustotal.com/gui/file/e55a4da819c806619edb25aba1ae1e1a4b95f46861b636f9958f910166e34cf9/detection
# Reference: https://www.virustotal.com/gui/file/dd1fb521c590a121ce61b6a422c1ec3212248c4973f47be6ddcaa2189d410966/detection

91.109.176.3:1100
91.109.176.3:1122
shero21.ddns.net
shero21.hopto.org

# Reference: https://www.virustotal.com/gui/file/918aca7c4e894fac419afbf9d3b933604bd354f84c819a4241a8a9a7bd81c9ca/detection

91.109.176.3:3242
brikol32.hopto.org

# Reference: https://www.virustotal.com/gui/file/c8ca46366ec70b0463b3ee7e747c1c22e1d42f7e7e77e0e896edf99aebdbeb10/detection

79.134.225.77:9532
79.134.225.77:9690

# Reference: https://twitter.com/pr0xylife/status/1450398699121750019
# Reference: https://www.virustotal.com/gui/file/3959233284f7f4a7bec2a314820e3b8e073591a31dfe8c43a03f7a24833b7fd3/detection

139.28.37.182:5200

# Reference: https://www.virustotal.com/gui/file/47ba489de1983d8cba9e284e4ff259ec8fee5fd95464953483c16af9ded7f499/detection

37.0.10.5:1553

# Reference: https://www.virustotal.com/gui/file/0a8ca65757f6c874a8d6124b06c9661f7066a6508d887ed93119539b17de39f3/detection

51.222.98.71:23411

# Reference: https://www.virustotal.com/gui/file/62b91b016641d20e062da305675e6b9ebdc8166c0406c6c151deb00a3b0eea35/detection
# Reference: https://www.virustotal.com/gui/file/caaa9c3c18c70d0fa3ce8eeb331098923c5d66c85852d61ff35e44ef3717d552/detection

194.85.248.50:1616
45.144.225.178:1616
bbccdd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/44c2e5015639f92b300d495be689bb6f5973c650dc0ac861d77ae97cb21b7807/detection

144.126.141.41:6606
144.126.141.41:7707
144.126.141.41:8808

# Reference: https://www.virustotal.com/gui/file/ac89daad73dd89dc4a2f4fe58a4a5ab29b14bdecf1710a172bc58ea513e6c3e4/detection

http://149.56.200.165
149.56.200.165:6606
149.56.200.165:7707
149.56.200.165:8808

# Reference: https://www.virustotal.com/gui/file/665dc88a9cccd536d40ac75c3eb23de8d1d5e95aee504f0ce31f4b31db81d468/detection
# Reference: https://www.virustotal.com/gui/file/ea068c51c9036a7fabe4d259e1447154b9bce2ab58d8a5feec10012c72595955/detection
# Reference: https://www.virustotal.com/gui/file/7768e84058b04954d258242e0e36804d74aa93cd96ea0c32aad85af86e2040c9/detection
# Reference: https://www.virustotal.com/gui/file/2b7dbd887c6917e12d524ce2b2de699908df59566500acef015660d379cb8205/detection

186.169.35.22:9194
186.169.42.167:9194
186.169.52.151:9194
186.169.76.22:9194
anysdk.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6f194457591e38ef91c704ee2e78d676158721b7123c5d6f1f7ab893525c1d0f/detection

5.36.102.135:6606
5.36.102.135:7707
5.36.102.135:8808

# Reference: https://www.virustotal.com/gui/file/853274bbcb0c9406640b129d9b5ec887e31da0483b1c5b1204b13369361fa7cc/detection
# Reference: https://www.virustotal.com/gui/file/3b378370df4ccdf42f83ac4ca27c77c7a84e76f370e6a1fd0f0cd997c7862eb5/detection

89.10.111.40:3074
getfucked69420.ddns.net

# Reference: https://www.virustotal.com/gui/file/12547cac918d152b630f82bc88399322ea3537082f0eb167e5e3915fef512037/detection

hhahkek.ddns.net

# Reference: https://www.virustotal.com/gui/file/9a0bcd595c00fac69969827f5c83d08bbe6bb5f5d29b2a9bd294e9618ecf1cc4/detection

193.183.217.94:42431

# Reference: https://www.virustotal.com/gui/file/b0106b10a4ec8d9be9349ea21ce7d8810884a54e65a025a1c57d282eb5b49b73/detection

20.113.56.70:1939
yarakkurek31.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6ef6850e025b28edccc2d716a969257368082a7e64a6c73253315881fa3da18c/detection
# Reference: https://www.virustotal.com/gui/file/d7275e118bd4932e36789d4c03147c3efe3a31ea9c719b8e93d8697baabfbe4f/detection

103.1.184.108:4000
216.250.97.121:1568
216.250.97.121:4000
216.250.97.121:6220
216.250.97.121:712
mycollege.duckdns.org
ournewos.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8e57ba59e782cb55787620258867e2c64d2e30ee02924f02a6e9e61a9b6775a4/detection
# Reference: https://www.virustotal.com/gui/file/7a2c578192832bb2e9282ff4c79c8d0b0c51e4c2b90680e4752f738e6ae37926/detection
# Reference: https://www.virustotal.com/gui/file/0e3cda3174da3842c349bfcaa42f79b634314859cd2dbb60fb254ba2ea265524/detection

194.29.101.219:81
216.250.97.121:81
42.106.199.93:81
medicalservices.publicvm.com

# Reference: https://twitter.com/ScarletSharkSec/status/1476615969191731215
# Reference: https://app.any.run/tasks/0560b542-81d1-4214-9f3a-d89ca1cf3adf/

144.126.136.214:3101
imghost.myftp.org
uspsform.info

# Reference: https://gist.github.com/silence-is-best/e2af8aa61000e4b740934331291c619b
# Reference: https://www.virustotal.com/gui/file/769c5c1d9681b468b84a14af0c33ec4ee786f8c7a0eecf7819bd9286cab2d474/detection

185.140.53.178:1515

# Reference: https://www.virustotal.com/gui/file/f2e9cc84d53231470b1fa5491464a00cb7562000a56e0ce8264a61783e44ed75/detection

185.244.30.58:62750

# Reference: https://www.virustotal.com/gui/file/0df8f6927d1c11bddd28ac7ce0699bb205c36c7d690c5ca9db3109bcc319904f/detection
# Reference: https://www.virustotal.com/gui/file/9bd27defdb0f664430d2775c7cdfe585bd87052e856ff07f124a416eacc01b32/detection
# Reference: https://www.virustotal.com/gui/file/262fe30f28e10a70ff92f0936f1934664e6c55d6a0b7e9541370d75bb62165bb/detection

2.97.222.100:4272
2.97.222.100:5000
2.97.222.100:5321
2.97.220.50:5321
3.141.142.211:16656
3.141.142.211:4444
3.141.142.211:5321
3.141.142.211:6942

# Reference: https://www.virustotal.com/gui/file/c0f7710298626ad629721a8683adbea6d73db902d3bcdc782c7fd1b524646392/detection

92.15.9.84:5000

# Reference: https://www.virustotal.com/gui/file/4094cb0eaf6d140e67eb7f3a09043ae48a1ff92ed749ba81ff471bc24f2e3747/detection

kingg32.ddns.net

# Reference: https://www.virustotal.com/gui/file/96bf189c954cf26d2aa54d3e9da9e06d2fbefe5922b48b12b5302fbe0b64e2cb/detection

105.112.70.6:6606
105.112.70.6:7707
105.112.70.6:8808
rainbowsmile.freeddns.org

# Reference: https://www.virustotal.com/gui/file/9945c3e1fd6ceb2e42f17983cbc5e71e28220bb9b9785fc5c7747f299312b2e2/detection

45.142.212.31:6606
45.142.212.31:7707
45.142.212.31:8808

# Reference: https://www.virustotal.com/gui/file/62e268ffe865dbd7d75337c7e9a3c0607942e4c57e67ff2d68f00bc68a4ece5e/detection

http://119.17.214.76

# Reference: https://www.virustotal.com/gui/file/577060714ee5177e501acbc7cbffdb5589dc21bab72307062aa7883ed14f4442/detection

109.228.37.222:20000
213.171.211.204:21000
dlldns.xyz

# Reference: https://www.virustotal.com/gui/file/48d25c5b9b73012e8b2df3579c75ffdaa1f9d1686d6155bea7c1d5a5065f229f/detection

79.134.225.79:6606
79.134.225.79:7707
79.134.225.79:8808
planst09991.duckdns.org
pureloader1.ddns.net

# Reference: https://www.virustotal.com/gui/file/c144524875b9b3d451ed3d075e879677cd84fa50093063a395648551717e3fa3/detection

207.246.86.113:8888
207.246.86.113:9999

# Reference: https://www.virustotal.com/gui/file/765a57140b17fcf2388544f17837ef208ad578e92602bc972e42fab41ef33834/detection

207.246.86.113:1986

# Reference: https://www.virustotal.com/gui/file/10a87fd245cbee46c1565d369a0276d9e25a4540977af9f132dae6257040b155/detection

207.246.86.113:1988

# Reference: https://www.virustotal.com/gui/file/fa07402a7655d9e2fc0558ab22b75c004602e35ec5e3310b7e264e6ec2a79fb5/detection

149.28.35.14:8668

# Reference: https://www.virustotal.com/gui/file/45995c61073b4228eef6414c0ffd9357429c6945f731e4d8150f779994143425/detection

173.225.99.230:9966

# Reference: https://www.virustotal.com/gui/file/6f3b7811c3e549e0d8b77fa1bd511ebf55ebc8f276446ce77184c6df665f8a28/detection

185.144.28.238:8848

# Reference: https://www.virustotal.com/gui/file/98c1afc5a3d52830e518a8ba4fb2950aa28147efd5cc8bf08386cde9b579c142/detection

104.207.152.120:1868

# Reference: https://www.virustotal.com/gui/file/d887313a40393517370c184c6afa227305a91c05d96d8eda6bf74f133654e572/detection

194.33.45.165:6666
ahmed2611.linkpc.net

# Reference: https://www.virustotal.com/gui/file/2079ee598c065e370547a1522995502ccdff9ca9878963b86b285489c165b176/detection

2.56.57.210:1444
2.56.57.210:89

# Reference: https://www.virustotal.com/gui/file/23bb1ec79732017c4f1ce1a41a07bf9df4c9dcdbb8c79ebfa1b3e83f4538c573/detection
# Reference: https://www.virustotal.com/gui/file/6cec9b24677f0912fe91b0b40836752be09888e6c2b1783f51c9a7aa6827b864/detection

154.118.104.174:61857
154.118.104.174:61974
2.56.57.210:61857
2.56.57.210:61974
artedriendfrim.hopto.org
famesurvelizerditis.sytes.net
haldriendfrifaimano.ddns.net
reoildriend.sytes.net
riemaldriendfri.sytes.net
tancesucesm.chickenkiller.com
universalchampionis.zapto.org

# Reference: https://www.virustotal.com/gui/file/63ef801de07c0cad9af70847fff881fc454ed5430f289b95581399b4aee809a0/detection

103.151.123.194:7829
103.151.123.194:7840
103.151.123.194:7841
103.151.123.194:7842
asyncmoney.duckdns.org
asyncpcc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/47f83bc0ad5cec2e365409f45ba67220e8ecf9a7313a38caef08fd9559e8a2ba/detection
# Reference: https://www.virustotal.com/gui/file/edf90d101a43361dc1245ebc74132e08f54db942af670377c431003e85534b22/detection

13.82.65.56:4021
64.188.16.134:4021
yuri101.duckdns.org

# Reference: https://www.virustotal.com/gui/file/68106918876232b746129b1161c3ac81914672776522f722062945f55166ba68/detection

23.102.1.5:6230
23.102.1.5:6231
23.102.1.5:6232
dccrypa.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b7f3d1dd2aa804eb498480b7a3b03ea003efb665005e844e51be5b8ab9dc8e79/detection

23.102.1.5:6121
asyncspread.duckdns.org

# Reference: https://www.virustotal.com/gui/file/456ae44a137a75594a129beed2a917afa00e94b79825fd9500c6b07da69310b9/detection

103.151.123.194:1990
meunknown.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a3013ca2f3bee249886bfa72085ae98f31ff49ab7b0e0bb4de883e94d88cd9ed/detection
# Reference: https://www.virustotal.com/gui/file/597e67048274e435928e11acf5e712b932695b1eb343398559fa83993c91296c/detection

88.111.229.212:6606
88.111.229.212:7707
88.111.229.212:8808
88.111.229.212:20000
88.111.229.212:21000

# Reference: https://www.virustotal.com/gui/file/7bc5ed12f076a174ab2b7e39ace5f88cfe695c75f3bc67701f42736be6de04a7/detection

88.111.236.191:6606
88.111.236.191:7707
88.111.236.191:8808
88.111.236.191:20000
88.111.236.191:21000

# Reference: https://www.virustotal.com/gui/file/c743735f89a5586315aeba456f9f4167a3365ea070d9d631e35aeaad4772d09e/detection

92.3.192.170:6606
92.3.192.170:7707
92.3.192.170:8808
92.3.192.170:20000
92.3.192.170:21000

# Reference: https://www.virustotal.com/gui/file/4d13e663aebabe2376c4f231356688108b5a124e0aafbc1717efa9f82e23f2b2/detection
# Reference: https://www.virustotal.com/gui/file/eb918b8f920a7f710cbd2460ba6132a177996912cc0ef6144ac824e3e37e4fdb/detection

104.21.13.168:5380
172.67.200.214:5380
37.238.146.36:5380
91.109.190.3:5380
fact.azad.live

# Reference: https://www.virustotal.com/gui/file/a672aa201c4172fb50bbf332a57a25c399e1c0a881f09ace05dbcc77d859627e/detection

46.246.6.11:9000
david123456.duckdns.org

# Reference: https://twitter.com/1ZRR4H/status/1485771167948546048
# Reference: https://tria.ge/220125-adlgqacfg6/behavioral1

104.249.62.71:4212
strekhost2030.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fd607e03512a15e3bf9dd3c80dbca2b9235012004cb9b69fa05df2f5344037ef/detection
# Reference: https://www.virustotal.com/gui/file/8b022a46d08a7cf80f1141e534f647d1113fe87426e01dc35465f62bfd5052da/detection

189.146.59.185:81
201.121.135.170:4449
3.14.182.203:26008
3.17.7.232:26008
3.22.30.40:26008
venom5002sitask.6te.net
venomsi.mypsx.net
/venom5002SiTask/

# Reference: https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign
# Reference: https://otx.alienvault.com/pulse/61f2ace89496fafe74bbb9c7

11l19secondpop.ddns.net
2pop.ddns.net
elliotgateway.ddns.net
newopt.servehttp.com
newsa.ddns.net
nomako.ddns.net
pop11.ddns.net
python.myvnc.com
wthcv.sytes.net

# Reference: https://www.virustotal.com/gui/file/d775bef532e71e692eb0e66292da60db38864a4f3dba5d2382ace1992ddd55f3/detection

212.192.246.239:1001

# Reference: https://www.virustotal.com/gui/file/9d17ef60c2fe51c9ddd8c03a519059d3eddfd2ac8803ac5d7d91a71075810887/detection

212.192.246.239:228
212.192.246.239:901

# Reference: https://www.virustotal.com/gui/file/4743f18e28808ce90f8c9197c112fe5ceeb91c20f41b92a00034e2884cab1907/detection

212.192.246.239:8000

# Reference: https://www.virustotal.com/gui/file/d0b02f3290dc695e0d9e63060a3dcad7d351c7db7570d656da965ba95f1368b7/detection
# Reference: https://www.virustotal.com/gui/file/ee64468498a36ca484a8ea1079b6e125590749dd2535c7cbfb0b24050b10dd3c/detection

209.127.27.27:6606
209.127.27.27:7707
209.127.27.27:8808
crypto-support.network
myvps2022.ddns.net

# Reference: https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign

178.238.8.233:6606
178.238.8.233:7707
178.238.8.233:8808
python.blogsyte.com

# Reference: https://www.virustotal.com/gui/file/169a4309780969168c4af528075bb4b1e2526f976ab572cdfa6ff3e13a009faa/detection

194.127.179.238:8855

# Reference: https://www.virustotal.com/gui/file/f95c8ace1331a172303a2f2cea8edc805203156e499012df465a158246495cce/detection

216.250.249.156:1148
216.250.249.156:1560
216.250.249.156:1985
23.95.115.74:1465
23.95.115.74:1560

# Reference: https://www.virustotal.com/gui/file/f6092f6961226ced6b4858af475736af69ac36f35dea6f539eb552dad3b00fbc/detection

104.37.174.26:1985
104.37.174.26:4040
104.37.174.26:5050
216.250.249.156:1985
216.250.249.156:4040
216.250.249.156:5050

# Reference: https://www.virustotal.com/gui/file/f54d3ce36fea6ef51b10501d96f8e82deab82440005200ef16f88e4154d923ba/detection

216.250.249.156:6606
216.250.249.156:7707
216.250.249.156:8808

# Reference: https://www.virustotal.com/gui/file/f25eb7952a3cea441effa29b4b95ac46269fb8ab56e39166a0e56ade8f7bdf5a/detection

216.250.249.156:1148
216.250.249.156:1414
216.250.249.156:1465
216.250.249.156:1759
5.230.72.3:1148
5.230.72.3:1414
5.230.72.3:1465
5.230.72.3:1560
5.230.72.3:1759
5.230.72.3:1985

# Reference: https://www.virustotal.com/gui/file/ca2f1fd98c74804cf417f07a86db13a71baed4647e919a110a82df0bfba02e85/detection

http://5.230.68.154

# Reference: https://www.virustotal.com/gui/file/c507346693107714c35dae061f39b4af97f7ee55a12e7fbb689ca62405af7414/detection

51.210.48.148:6606
51.210.48.148:7707
51.210.48.148:8808

# Reference: https://www.virustotal.com/gui/file/ba1c40946756613c5321bea71118ec169096783344d0aca7e9ee5e0ac62b07ef/detection

216.250.249.156:1980
216.250.249.156:1981
216.250.249.156:1982
216.250.254.208:1465
216.250.254.208:1560
216.250.254.208:1980
216.250.254.208:1981
216.250.254.208:1982
216.250.254.208:1985

# Reference: https://www.virustotal.com/gui/file/b135b4f9bbc86735c19170c9728466e972f5985ccef6f44fc39b50e24987b0fb/detection

104.37.174.26:1759
5.230.84.50:1465

# Reference: https://www.virustotal.com/gui/file/a576dd4d6b216109bf7044bc90ebd70a2205bffb43272b28f8f112b480eecea5/detection

193.29.104.186:1465
193.29.104.186:1560
193.29.104.186:6606
193.29.104.186:7707
193.29.104.186:8808
216.250.254.208:1465
216.250.254.208:1560
216.250.254.208:6606
216.250.254.208:7707
216.250.254.208:8808

# Reference: https://www.virustotal.com/gui/file/832ed387078d95665e268d6fc1da6b62f9c785049c1a479bdb9eb45e8945eadf/detection

14.18.141.27:33355

# Reference: https://www.virustotal.com/gui/file/5c7887914b2ebb56fc762b555093719b30978e7d603ee1ba198f288090bec15b/detection

104.37.174.26:4848
216.250.249.156:4848

# Reference: https://www.virustotal.com/gui/file/19247536d1bb8035395a3a2bca3ecb17c36ddf48fee86a00d9d6e3e4bf622f35/detection

104.37.174.26:2018
216.250.249.156:2015

# Reference: https://www.virustotal.com/gui/file/ceaeb1dd68355d7a47455dffd00f3ab735e295c2aad6d7c0d754f371af3e0093/detection
# Reference: https://www.virustotal.com/gui/file/c0d614d65f3710bac72f12f0dbd86b77971f64a7fd3dad978ccde2d0e4d7d39f/detection
# Reference: https://www.virustotal.com/gui/file/6c2ee1611af326cf2c791ef63f6816ee8364fcccfc7a2facb5dbbb82bf310fe3/detection

185.110.106.210:1337
185.163.218.120:1337
81.94.199.203:1337
kho8arje.ddns.net

# Reference: https://www.virustotal.com/gui/file/fd8419faf4dbccd31e6305cb19cb9043dacaea147b38d1c0e78105802a9d99df/detection

45.144.154.150:1095
45.144.154.150:1097
45.144.154.150:1098
45.144.154.150:1604
45.144.154.150:18
45.144.154.150:4782
45.144.154.150:4784
45.144.154.150:59
45.144.154.150:5900
45.144.154.150:9495
alemdar571.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ef3108a8fa42fa5ed82f82a3c9d7d9f5cd2b35dd653127585977578321ce21d0/detection

189.38.106.99:8080

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_03.02.2022.txt

documents.pro.br

# Reference: https://www.virustotal.com/gui/file/00ecb52e6754df0b9b25f896e8d923d6fc11c80fa333df430d1c3e3c94a7a404/detection

201.212.135.172:3042

# Reference: https://www.virustotal.com/gui/file/a829a8001f09c89ec992913ea3a6d2bde958779e8a7788d9d2a0e1e319e316bc/detection

173.44.55.179:13294
173.44.55.155:48241
kumar.airdns.org
minchia.airdns.org

# Reference: https://www.virustotal.com/gui/file/5511ab25c4f241c5683ad0b26452c2c474841dce3666010d723243f987b06872/detection

3.131.123.134:24138
zealous-fire-94898.pktriot.net

# Reference: https://www.virustotal.com/gui/file/2b4fcba2cacdd48089b43c746a24cda262ee87db830bd9aaf9ee82f5cb900de5/detection

79.134.225.90:83
confucanism.hopto.org

# Reference: https://www.virustotal.com/gui/file/443858dce1aeb48c098475dcf1f04c286a6d69593a41613436f05fd12fb35bc9/detection

51.89.253.23:6606
51.89.253.23:7707
51.89.253.23:8808
3laallah.myvnc.com

# Reference: https://twitter.com/peterkruse/status/1492796546525638656
# Reference: https://www.virustotal.com/gui/file/76854bcfb1fe0e8baf04c994cf4db49f5445e77201535ca49616a23c0ca69004/detection
# Reference: https://www.virustotal.com/gui/file/4a7484b8027c04f1b339c56ab4bc40ba6b8bb876507d421a59807684aab1e83c/detection

159.65.243.143:8080
20.113.159.145:3162

# Reference: https://www.virustotal.com/gui/file/9cd3f611b2d854917d5d0229d7440b30f2610984d51a5cf591591fd156558973/detection
# Reference: https://www.virustotal.com/gui/file/3cf3c75627a9a6813f7d5f708c88d2d41c6d18e92fe9dea86bb370c6b816bf40/detection

199.195.253.181:6606
199.195.253.181:7707
199.195.253.181:8089
199.195.253.181:8808
prhostings.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d9f2bab44100729ed79b2acaf2b8f1cf3b665d55988847e06b19ec0625f25fed/detection

37.221.122.76:6606
37.221.122.76:7707
37.221.122.76:8808
jeazerlog.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d8a413d1ff3f0d7cc9e07393e720b54403c0d180157065b7d0c81c090124a73c/detection

179.13.2.243:4204
strekhost2031.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bee9c217ba2e0a439775033e5abba4a999bebe29474dda7011d67e77173598aa/detection

107.128.170.0:1604
monkeygame.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b74da435a84b6a240fdefcb357abb948e5451fa11dd48e4381b9897abf1cd267/detection

46.183.220.49:46422
46.183.220.49:6578
chonglee575.duckdns.org

# Reference: https://www.virustotal.com/gui/file/10037dcdfbe006f14125b3b5fec8ab336ce996c1fe8af03114597b51d446b843/detection

141.255.144.69:6665
141.255.156.217:2020
141.255.156.217:6663
45.164.102.81:2019
45.164.102.81:2020
45.164.102.81:5000
45.164.102.81:6662
45.164.102.81:6665
hotelposeidonia.ddns.net
putha.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9917e1b3643ebd9b87d96eaa225e293b4ab0a92f78f0df1f99efd85cf220f469/detection

86.156.139.211:32244
86.156.139.211:6606
86.156.139.211:7707
86.156.139.211:8808
venos1245.ddns.net
venos12678.ddns.net

# Reference: https://www.virustotal.com/gui/file/61309fd4c88c63e431b06b603aa83b1e3b1326ade092502675597b1469150e39/detection

191.248.178.226:7777
kklele.ddns.net

# Reference: https://www.virustotal.com/gui/file/f561b5e40ebff43e78dd61cb03ac5300aa6dce51cfe67bb288d3bec154effd69/detection

102.186.16.48:5556
asg1.ddns.net

# Reference: https://www.virustotal.com/gui/file/d4d90420777353fb8faece913558695e0ffd478cc0fccdd6ef316ce68b118a83/detection

163.123.142.141:6606
163.123.142.141:7707
163.123.142.141:8808
163.123.142.251:6606
163.123.142.251:7707
163.123.142.251:8808
mywatermoney.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3d26b6aed4ef3cf1d0cf3d53e5280a11367cb792db7b13c50ffc695d77d0e80/detection

136.243.111.71:6606
136.243.111.71:7707
136.243.111.71:8808

# Reference: https://www.virustotal.com/gui/file/5bc250fe115f0af94d9d57840c5aa4ddc91b5c3f4100edba4e154cd438e8d682/detection

20.123.180.103:1337
20.123.180.103:6606
20.123.180.103:7707
20.123.180.103:8808

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_28.02.2022.txt

52.15.81.204:6606
52.15.81.204:7707
52.15.81.204:8808
nsysc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3a2bcee2582e82d8caf5a85d4b3a8b5d779313aead59394e43cb0577e2ac5caa/detection

91.193.75.222:1337

# Reference: https://www.virustotal.com/gui/file/23d9cd92f8a143d8c11189ea65e238954e8dac8da8a8867cf243eb199af2a45f/behavior/Zenbox

216.250.97.121:4242
darkflood.ru

# Reference: https://www.virustotal.com/gui/file/02c4db3938f02e93ac275981ac2121254191a76732235e574d20f70f89a415d0/behavior/Microsoft%20Sysinternals

20.113.168.5:5552

# Reference: https://www.virustotal.com/gui/file/a03a750c266a3440bad4bdbf1a6539a5f3108d4b1701049167dce3c21b8892c9/behavior/Zenbox

144.126.209.63:7707
144.126.209.63:1443
144.126.209.63:8808

# Reference: https://www.virustotal.com/gui/file/a42aaf89dfaf1dc938def40171798b2a5e641da48851a30cc83e46243d677341/behavior/VMRay

181.141.6.14:1543
async19.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b75253da4ffdfd8ffb110066ed246127053b71f331210dcab40581fe9529dd1b/behavior/Microsoft%20Sysinternals

105.155.171.124:1177
virustheonluone.ddns.net

# Reference: https://www.virustotal.com/gui/file/f1d52de14a1e669c219644cb3cbd8f5e7155799334b9f43576cdaaf985feab29/behavior/Microsoft%20Sysinternals

156.204.146.6:1177
mokea.ddns.net

# Reference: https://www.virustotal.com/gui/file/356d357fd1d8ebbce5b44f0e2fc758f08b0ddd8fbba0e5d705c7f3b823c61194/detection

41.140.166.138:8080
amineaskary234.ddns.net

# Reference: https://www.virustotal.com/gui/file/c87370e8e2e08a93f6becca89df295a17a6c8136edadec5522360cee30b6a2d4/detection

2.89.88.55:8620
nydarcl0b.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1501663331458818057
# Reference: https://app.any.run/tasks/8cc8d2fc-f24a-42ea-9db8-ca2bceb791e6/

217.64.31.3:6606
217.64.31.3:7707
217.64.31.3:8808
217.64.31.3:8437

# Reference: https://www.virustotal.com/gui/file/14217d54e50cb1750df957ee13ceddfb0775e9df7b286dbbe8bccfde89e8462c/detection

123.27.146.13:6606
123.27.146.13:7707
123.27.146.13:8808
spikevntm1.ddns.net

# Reference: https://www.virustotal.com/gui/file/2d2351681ab5a3fc5d448474986d26cfe06fe6f889435523fd2a1f1c9e7b684c/detection

41.238.79.40:1177
41.238.79.40:4444
eeent2am1.ddns.net
ennt2am11.ddns.net
matrixhack9.ddns.net

# Reference: https://www.virustotal.com/gui/file/fcd5fc495b4f81bf91491b52e1759cf93794bf135fed6469a5d1e0663dfb6c3e/detection

94.204.143.223:6606
94.204.143.223:7707
94.204.143.223:8808
exelelo.zapto.org

# Reference: https://www.virustotal.com/gui/file/a9e0e20979d2a5ee73322a2dd94bed304e2586d91d01808130ffe1ae6c043a69/detection

142.114.120.140:8080
rezan.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1508822431422582785
# Reference: https://app.any.run/tasks/bbe72cb9-d347-4b41-8517-99be1dac9a07/

79.134.225.89:5900
crazydns.linkpc.net

# Reference: https://otx.alienvault.com/pulse/6244476ff6012996f9a9cba1

hahakek.ddns.net

# Reference: https://www.virustotal.com/gui/file/abfbde0fea7eba7c409710cafb5a7fe2b2315b4a95898420117ad5088ad4c6b3/detection
# Reference: https://www.virustotal.com/gui/file/a81a4b5eaea54fad12b6fc2e4b1eae62f30a2a9ba1d1abb94ca85e58dbfa8623/detection
# Reference: https://www.virustotal.com/gui/file/a81a4b5eaea54fad12b6fc2e4b1eae62f30a2a9ba1d1abb94ca85e58dbfa8623/detection
# Reference: https://www.virustotal.com/gui/file/a5488fe77d6f68e3512c20b5ffd2105265ae55f50f872fe9b3429b39ed16b7de/detection

43.133.1.136:48214
45.133.1.136:5579
sivnquldmiqa.ratkings.net

# Reference: https://www.virustotal.com/gui/file/fa0a7de603a1fa1dc694862999423e093b8f5285498607d27c1a6074a00455f5/detection
# Reference: https://www.virustotal.com/gui/file/9dee44e6c8075f0f369cde080e56edca0e2fb93b59520dd99a2884ea7b55c7f9/detection
# Reference: https://www.virustotal.com/gui/file/75a1202f0bc5aafe9d205c52416c1bc5b1f2976edb490dffc812f4197bb02277/detection
# Reference: https://www.virustotal.com/gui/file/4f1dcb5778a57d02f7cb485e2d76234ce1913bcc872535221966d596c78056d0/detection

2.56.59.227:4455
212.192.241.41:4455
pnake.000webhostapp.com
vuqozgiamcvoe.ratkings.net

# Reference: https://www.virustotal.com/gui/file/98e74bdca833fffdeadd8aaa3887c60eda29d658e35c7e02a6e364c6a0566039/detection

178.238.8.233:6606
178.238.8.233:7707
178.238.8.233:8808
pythonn.linkpc.net

# Reference: https://www.virustotal.com/gui/file/00abaec0096cdb5a62684479e06fae3c39632e15adb436d2e7e975e9f2cf8c96/detection

89.134.228.127:45000
empirehosting.ddns.net

# Reference: https://www.virustotal.com/gui/file/bd2260b469f9c0504fa2156fe99ce3eb54a093a185c09cb5e0729114ff13a100/detection

194.85.248.87:6606
194.85.248.87:7707
194.85.248.87:8808
194.85.248.87:9807
asylimited.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6e5bc57767ea314f50262e10884e592ac5e833165d85db41e2033baaa7c5682d/detection

185.19.85.133:6606
185.19.85.133:7707
185.19.85.133:8808
185.19.85.133:9807

# Reference: https://www.virustotal.com/gui/file/2a0eb4a2eace0686d5ef6c83dfbd9065f46055b8446e1bb67dc58df5be480d43/detection

91.193.75.132:6606
91.193.75.132:7707
91.193.75.132:8808
91.193.75.132:9807

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_05.04.2022.txt

195.62.47.132:5311
37.120.141.190:5311
hrjekd.duckdns.org
mcgarryrob9.duckdns.org
msmonday21.duckdns.org
vernomqmonday.duckdns.org
wsfgv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/642af4b4d12bb24a30e617317bc1785aafc4176e8c3ca8abadff04bd61368d18/detection

178.238.8.201:6666
helpher.linkpc.net

# Reference: https://www.virustotal.com/gui/file/5383c008207a242411c692a017d677e0a7f4b790b2962ded2fe3f2b1a9e0accc/detection

208.51.61.44:128
help-microsoft.dnslive.net

# Reference: https://www.virustotal.com/gui/file/d3502dc6519cc2395fd39b603c925d7ff61fef6d78cb89a23254905b9eeaff97/detection

update.myiphost.com

# Reference: http://blog.talosintelligence.com/2022/04/asyncrat-3losh-update.html

anderione.com
mekhocairos.linkpc.net
n.myvnc.com

# Reference: https://www.virustotal.com/gui/file/1ff86b4d3d1a04b48064bc64940010c469a106db236e261ac106053411641b7d/detection

136.243.111.71:1166

# Reference: https://tria.ge/220404-dwb8jshec2

212.193.30.54:9524

# Reference: https://tria.ge/220327-27nygsadap

71.81.138.151:6606
71.81.138.151:7707
71.81.138.151:8808
uhhfuckmedaddy.hopto.org

# Reference: https://tria.ge/220330-ckkvwaeed9

118.184.78.78:6606
118.184.78.78:7707
118.184.78.78:8808
mytestserver.myftp.org

# Reference: https://www.virustotal.com/gui/file/29ece6628445e46733703f70aa521fc207b5475fb1e620a97c2e8fe55f547fab/detection

http://78.46.133.215
78.46.133.215:6606
78.46.133.215:7707
78.46.133.215:8808

# Reference: https://www.virustotal.com/gui/file/d45978f809cb4ce3ad9ef5ba7719b137b9d0ef02315d77f6fb30e10aa1c465f3/detection

177.36.170.206:6606
177.36.170.206:7707
177.36.170.206:8808
myhost47.accesscam.org

# Reference: https://www.virustotal.com/gui/file/04adf54cb3faa4aa1fc78aa4a567a69e9e4b4d48661b2619c3d82dc9569f538c/detection

188.82.222.181:6622
davidgayne.ddns.net

# Reference: https://www.virustotal.com/gui/file/a89725461034445d1b80d5fc5207595d1842cfcf1dc13d6dbb853617c0bdefa9/detection

64.188.13.46:8080
64.188.13.46:9788

# Reference: https://www.virustotal.com/gui/file/a157e62c8fcf8c20202cb64d6b295379fba158677d9776c6001db1352b4d9feb/detection

64.188.13.46:1786

# Reference: https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader
# Reference: https://otx.alienvault.com/pulse/6144852424a73a80ade66aa3
# Reference: https://www.virustotal.com/gui/file/4591eda045e3587a714bb11062eb258f82ee6f0637e6aa4d90f2d0b447a48ef7/detection
# Reference: https://www.virustotal.com/gui/file/cf09a3807622d7c2e0c9422bcee04ed53a08a230204de7f5818405e7f8dca16d/detection

185.163.45.104:456
gjghvga7ffgb.xyz
huugbbvuay4.cn
windowsupdatecdn.cn

# Reference: https://www.virustotal.com/gui/file/794929f8ae932ae3bfd16c3f013b7b32a025a07a0583f2d9b2d272b736284ef0/detection

45.242.44.194:2323
updatefacebook.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b9eba1c7c318b24ba7a01b71e004b6e8b17d91d3e28721977e974696d8e88be6/detection

23.105.131.166:6606
23.105.131.166:7707
23.105.131.166:8808

# Reference: https://www.virustotal.com/gui/file/abe5225238fb82b6ad7d2942d931bb109538395e734d296bc9ac55ae1d6ddf71/detection

2.56.57.222:6606
2.56.57.222:7707
2.56.57.222:8808

# Reference: https://twitter.com/phage_nz/status/1516977615378079745
# Reference: https://tria.ge/220421-dfad1shgep

91.193.75.203:9217
sky01.publicvm.com

# Reference: https://twitter.com/James_inthe_box/status/1517192899682701312
# Reference: https://app.any.run/tasks/1395aadc-27f1-415d-a1f8-6247c4a0aa8e/

91.193.75.194:5900

# Reference: https://twitter.com/pmelson/status/1518724244103995392
# Reference: https://twitter.com/pmelson/status/1521221361829617666
# Reference: https://www.virustotal.com/gui/file/47598ae5503ecc9b4acfc063deb3cf77998ff762104e484a288eede075f0f7d5/detection

194.5.98.35:21000
dlldns.co.uk
dlldns.xyz
dlldns.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1c6ec68a3017dd39da5043ff4cecd25ae5dadcc4f2577ba7103c84547c228882/detection

128.90.115.36:3468

# Reference: https://www.virustotal.com/gui/file/6fa04b5325e52bb0db3b3b307d5e6e802bc468da09fb062f78f978c4efbadd82/detection
# Reference: https://www.virustotal.com/gui/file/5b42476fbd6d402e3a77156da5b563e4450f0e142223f707157b223fce237f8b/detection
# Reference: https://www.virustotal.com/gui/file/27712ba8e0925e351934d3ae04f5ee648a7ec733c2d4be2a3dd54712548d30b7/detection

77.78.103.129:2022
77.78.103.129:5000
salma6.ddns.net

# Reference: https://www.virustotal.com/gui/file/72a638827d037d077f1f1672f2d280f657496fab48b8e79d99742b48bf8f39ee/detection

83.180.241.5:5000
333kuk333.ddns.net

# Reference: https://www.virustotal.com/gui/file/b374241715d190e7731b63e2f4cee1038e3307d52836969fab3854a2090d0b89/detection

198.54.128.70:56781
slav934.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d72cb7c95bcec88f7bf4bfffdb2b0ebe5902f3da943d03794e8a6f586f0c1a3/detection
# Reference: https://www.virustotal.com/gui/file/89fb709ed5ac5cc3342b9894af039dcbb1988848c87063ba15b4ab69399ae77d/detection
# Reference: https://www.virustotal.com/gui/file/b0d62e927975627c720fcf734ea7bb49ebe0790defa6d1085ff93e4b39c74f57/detection
# Reference: https://www.virustotal.com/gui/file/f8720cc2747a3518d13193a2fe9cb791be7e37396fbc448f63a8227d5f552e52/detection

149.28.31.166:29527
149.28.31.166:443
160.108.30.0:29527
168.108.118.0:29527
168.108.122.0:29527
168.108.24.0:29527
168.108.25.0:29527
168.108.32.0:29527
168.108.35.0:29527
168.108.37.0:29527
168.108.42.0:29527
168.108.43.0:29527
168.108.44.0:29527
168.108.45.0:29527
168.108.47.0:29527
34.150.70.89:29527
40.108.48.0:29527
80.176.90.0:29527

# Reference: https://www.virustotal.com/gui/file/ae1df83bad300c4f1cbe9f899c9f394e9b2a2c9bc69a55137bb07adefaed27f0/detection

invison.xyz

# Reference: https://www.virustotal.com/gui/file/0a33db379fb16265aa27569abcaafade7ba257d7adf518eee804b1e5c9514d24/detection

105.106.74.27:6606
105.106.74.27:7707
105.106.74.27:8808
doda.ddns.net

# Reference: https://www.virustotal.com/gui/file/b1daa3bc8bae29f14939e7beea3593ced703a3b159f3fabaa3679df8186e2546/detection
# Reference: https://www.virustotal.com/gui/file/67825f8d43671a1b2a021f371183007baa0dd8034daea8ae0f3c02dd5645e787/detection

77.250.44.30:4444
mariush91.ddns.net

# Reference: https://www.virustotal.com/gui/file/68811404cce73244b2326ca2397d7e95b103a86f5f1dc0220096206438dd3b76/behavior/Zenbox

dominostark2028.duckdns.org

# Reference: https://www.virustotal.com/gui/file/79b8d9f481f0b24b5cb7115a90fbb74c9b6e0448ec908761824e22fa36f255f0/behavior/Microsoft%20Sysinternals

51.116.130.83:4496

# Reference: https://www.virustotal.com/gui/file/fccc5b2fe1d1b1c730e2854e5d68219fe84e0d9277049f69712a28fb6b0e700a/behavior/Zenbox

91.93.162.73:6666
167.71.56.116:6666
awesome-dew-72404.pktriot.net
eu-central-7075.packetriot.net

# Reference: https://www.virustotal.com/gui/file/bc51107a5224a0935006255b4121048f5184619f88020946f3c590f5a09361b3/behavior/Zenbox

177.255.88.25:5001
strekhost2037.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ccd98e1fd5051669cde7d0aa853f103d62407f044dbbce89226fadeef766981a/behavior/VirusTotal%20Jujubox

193.161.193.99:39592
trabajopanel1-39592.portmap.io

# Reference: https://www.virustotal.com/gui/file/cce1f99874e7a0436fc4930a9c63e030064d42b39fc8012d76e0433f146838b8/behavior/Zenbox

31.142.90.220:22
wayto.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d720f60685f9f08d3ca9f47376c66b28ff8fdd4cab4a2ed88ca33c294d2bc16b/behavior/C2AE

132.232.169.101:6656

# Reference: https://www.virustotal.com/gui/file/f18391acc8f08909407a1319569d2f01b55ee51b9e317228abdff5aebe87968f/detection

173.225.115.253:8848
194.31.98.113:6606
194.31.98.113:7707
194.31.98.113:8808
194.31.98.113:9909
172.83.152.87:8848
172.83.152.65:8848
2.58.149.126:6606
2.58.149.126:7707
2.58.149.126:8808
2.58.149.126:9909
polarjwns.xyz

# Reference: https://www.virustotal.com/gui/file/d14d9a7e754c71b0b15e03dce5dc0d8a58cc7be737c2e350bbb4fc99c5d64366/detection

23.105.131.227:4404

# Reference: https://www.virustotal.com/gui/file/3189f5b4f50c04b25cea385aee92275fd3007f9332c329d9975c0b1270c6d26b/detection

31.210.20.172:6606
31.210.20.172:7707
31.210.20.172:8808

# Reference: https://www.virustotal.com/gui/file/99fe56a2f1d965843780325665c2ac286cc9bc52f80509e606028bc063c49210/detection

85.215.229.157:6227
6227hallo6227.ddns.net

# Reference: https://www.virustotal.com/gui/file/13d27cdf24f15d418b2197f6d017725bbd26ea1b8db7a61bdd648e90f1d269c5/detection

46.246.80.3:7090
bendito2714.duckdns.org

# Reference: https://www.virustotal.com/gui/file/43427de4b45f2aa2e6289d1a6d5e6859f4184e5cf638a4b6c185fafca6a85838/detection

185.140.53.150:1515
glengaidos2881.ddns.net

# Reference: https://www.virustotal.com/gui/file/2f0dfcbd68df9ed438855a7b65bb08931df67234e6c55f78b6a16f2368f4d44e/detection

92.42.46.216:1996
xhoys.linkpc.net

# Reference: https://www.virustotal.com/gui/file/fb67354e820721b6eb4684b167c1eb382936635843983ec24d06a72fdec8ad32/detection

24.15.119.31:1604
korruptinq.duckdns.org
lulzsec.zapto.org

# Reference: https://www.virustotal.com/gui/file/e91c4edb7c7cc1517cb8827127699e2e360596d240176f91e14556ac7ded8283/detection

slicer.ddns.net

# Reference: https://twitter.com/phage_nz/status/1529614527486013440
# Reference: https://tria.ge/220525-3tjmaaehd7
# Reference: https://tria.ge/220525-3v5wxaagfn

91.193.75.139:1345
91.193.75.165:3851
1biggie.publicvm.com
ecx1hang.publicvm.com

# Reference: https://www.virustotal.com/gui/file/56645ddbb6d65ff46e2db21ff0cd583d4b0ad988b6b6bcd140626a8b5eb81fa6/detection

188.232.176.99:7771

# Reference: https://twitter.com/Joseliyo_Jstnk/status/1531970265059573766
# Reference: https://www.virustotal.com/gui/file/fe8970a7f08ca9e71f485ba987cb78d1bb82d8973251962210e3fced77c15f99/detection
# Reference: https://www.virustotal.com/gui/file/79068b82bcf0786b6af1b7cc96de1bf4e1a66b0d95e7e72ed1b1054443f6c5e3/detection

217.195.197.70:6606
217.195.197.70:7707
217.195.197.70:8808

# Reference: https://www.virustotal.com/gui/file/92a3c41d78e3fdb64c6313818bdba8d6c1652e507ee7ea08c4dd28cd8076e56e/detection

91.240.118.79:2727
91.240.118.79:2780
92.255.85.40:2707
92.255.85.40:2780

# Reference: https://www.fortinet.com/blog/threat-research/threat-actors-prey-on-eager-travelers

33b4-163-123-142-137.ngrok.io
dc5b-163-123-142-137.ngrok.io
dnets.ddns.net
znets.ddns.net

# Reference: https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia/
# Reference: https://otx.alienvault.com/pulse/629dc0568c4a8863c10e59be

palau.voipstelecom.com.au

# Reference: https://twitter.com/James_inthe_box/status/1536418013691277312
# Reference: https://app.any.run/tasks/2d79a22c-84e3-4609-9436-3ceed9e36f36/

185.70.104.87:3851

# Reference: https://tria.ge/220613-2s2wssfdf4/behavioral1

91.193.75.200:9217

# Reference: https://www.virustotal.com/gui/file/e2548ff0d1c69d0cad6504335aa2ef3fa21eaa9a429ead3acbddd9326129d819/detection

203.78.129.202:6666

# Reference: https://twitter.com/abuse_ch/status/1540590647022915584

74.201.28.166:6606
74.201.28.166:7707
74.201.28.166:8808

# Reference: https://twitter.com/c_APT_ure/status/1540053981648588804

193.233.185.132:6606
193.233.185.132:7707
193.233.185.132:8808
biz808080.duckdns.org

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2028062022
# Reference: https://tria.ge/220629-em9ccsgce5/behavioral2

103.156.90.165:4055
serviceserver.site
venohvn.duckdns.org

# Reference: https://www.virustotal.com/gui/file/676c79531be211041712ad8f9cf037a8cb4ed8c5362caf6cedde66d521314310/detection
# Reference: https://www.virustotal.com/gui/file/a6f9557ec4704f2d7f00491e9dad466ca8483f61300f87708a93bf951138a4d6/detection

103.156.90.165:5050
venomcra25.duckdns.org
venomcra3.duckdns.org

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2022-06-28%20AsyncRAT%20IOCs

147.189.168.74:6666
2dod.ddns.net
rowadtqnee.online

# Reference: https://asec.ahnlab.com/en/36315/
# Reference: https://otx.alienvault.com/pulse/62c69b05fe6a61daffeb9593
# Reference: https://www.virustotal.com/gui/file/0b357167f1d1e759b1b54d75bdb102da84578ecb5cb1a1d71733402deec91a83/detection

http://154.19.203.208
154.19.203.208:6606
154.19.203.208:7707
154.19.203.208:8808

# Reference: https://tria.ge/220713-nxaffsggd9/behavioral1

185.200.116.219:9016
chinaco3.airdns.org

# Reference: https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/targeted-attack-on-government-agencies.html

107.173.143.111:6606
107.173.143.111:7707
107.173.143.111:8808
107.173.143.111:8989

# Reference: https://www.virustotal.com/gui/file/6659c7a1e89ce896ac616abf1cf6068381954c8c35b18a9d1fd24690ca9c4d3c/detection

198.23.212.148:6606
198.23.212.148:7707
198.23.212.148:8808
4Mekey.myftp.biz

# Reference: https://www.virustotal.com/gui/file/10037dcdfbe006f14125b3b5fec8ab336ce996c1fe8af03114597b51d446b843/detection

141.255.144.69:8848
45.164.102.81:6663
93.46.8.90:6664

# Reference: https://www.virustotal.com/gui/file/c63dd27a4c9a42fd4c68bda6d2628e6791dae0ed3036b69f0b1e6433b5d7c473/detection

67.205.142.16:6606
67.205.142.16:7707
67.205.142.16:8808

# Reference: https://twitter.com/malwrhunterteam/status/1547857576359997440
# Reference: https://twitter.com/Iamdeadlyz/status/1547902451147108352

plutoniumwallet.ml
/FaggotNiggerKysHaveFunTrying/

# Reference: https://www.virustotal.com/gui/file/40b6c05272cb9e3f7431f8afc74cef3ffbb21c86c3b57f94d9ac685b009c9ede/detection

cdnofficecloud.com

# Reference: https://www.virustotal.com/gui/file/02675ed3f879a7fbefabfcfa064bb53a2b925fb6751b7925d5dd2b25a51f4150/detection

194.187.251.115:8973
storage.nsupdate.info

# Reference: https://www.joesandbox.com/analysis/596663/0/executive

141.255.146.167:2019

# Reference: https://www.virustotal.com/gui/file/2a9edc18b10a532f7632d6b44f2610ca3a823c2b2be7a3fd3126b55af2c68ede/detection

172.245.210.138:6606
172.245.210.138:7707
172.245.210.138:8808
189.201.235.59:6606
189.201.235.59:7707
189.201.235.59:8808
111234.ddns.net
cdt2021.hopto.org

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2025072022
# Reference: https://tria.ge/220725-r8z22abab3

194.5.97.97:5069
194.5.97.97:6638
polimaplasko.duckdns.org

# Reference: https://gist.github.com/stoerchl/ae32c9ec9d7003c608bb4c19e9fe7bd7
# Reference: https://twitter.com/James_inthe_box/status/1567597599984852992
# Reference: https://www.virustotal.com/gui/file/6f105d359fe32edd24c3e5a441f3f8d3f4be7fad856ce7b0e606e9e18b742024/detection
# Reference: https://www.virustotal.com/gui/file/0671d1cf46c957d8ca3084d500f4ccb2e71f5f687868cb5f113127e560422e76/detection

45.14.224.94:444
51.81.105.238:1981
51.81.94.115:888
superfaster1.is-found.org
superfaster22.selfip.info
superha3y.is-a-geek.com
superhay.is-a-geek.com
superslo4w.is-a-nascarfan.com
superslow.is-a-nascarfan.com
superziad.is-a-liberal.com

# Reference: https://twitter.com/1ZRR4H/status/1551713964660326402
# Reference: https://www.virustotal.com/gui/file/00bcbf44a3a8dfdd43324ad3dc7a868049bc1856237d97307cc1bbec2ce68ffe/detection
# Reference: https://www.virustotal.com/gui/file/92c085aab941207d5aba2eb3b7c1f6542c075698310b213ba17aff352fee7810/detection
# Reference: https://www.virustotal.com/gui/file/dd0528c7214c1ff510d922eff856d56d616341f689edfa40f4b2bbbca82b8aa8/detection

191.88.251.106:1990
albertogiraldolora09.duckdns.org
freddysolanolora09.duckdns.org
jhonatanmartinezmartinez09.duckdns.org
julianmaldonalora09.duckdns.org
luispereiralora09.con-ip.com
mauroplatalora09.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8638697480078473d60b20cbeb522b7745dde8ae749159064356b0a31a825e88/detection

185.140.53.76:7738

# Reference: https://www.joesandbox.com/analysis/677285/0/html

194.213.3.182:6606
194.213.3.182:7707
194.213.3.182:8808
vvat22.con-ip.com

# Reference: https://www.virustotal.com/gui/file/d2d84301495b692c57680cd232d752253011aeeea1cfe3de144c42c5189b8168/detection

37.0.14.198:6161

# Reference: https://tria.ge/220805-n2cflsaafj

185.225.73.221:5493

# Reference: https://www.virustotal.com/gui/file/00cb0795efc4104c5f4f121172a9728af0d5387cee5d8c7abf8e416f443acc05/detection

23.133.216.180:7582
did-diff.at.playit.gg

# Reference: https://twitter.com/pmelson/status/1556425256046411776
# Reference: https://twitter.com/pmelson/status/1556425274853564416
# Reference: https://www.virustotal.com/gui/file/5d3fc59a805561bfbb27bd0d845c303d4523eefb796c5b815a22bec8973ec331/detection

134.35.6.44:6606
134.35.6.44:7707
134.35.6.44:8808
sabaye-d.space
sabanjm2.ddns.net

# Reference: https://www.virustotal.com/gui/file/d5a2e7315be0afecb9d4a0a5d4b8ee40552675c22405fe17f839023b74a232ad/detection

20.90.119.110:6606
20.90.119.110:7707
20.90.119.110:8808

# Reference: https://www.virustotal.com/gui/file/0fd56384d2b39661d2a81b16bd5aa72ae4deb023dda532796acc94516fc1b9de/detection
# Reference: https://app.any.run/tasks/ccecbcd8-f578-40c7-be8a-8bf59e751e0e/

147.185.221.180:14456
3.125.102.39:13643
3.126.224.214:11664
believe-stars.at.playit.gg
positive-be.at.playit.gg

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2010082022
# Reference: https://tria.ge/220810-yl2exaecen/behavioral1
# Reference: https://tria.ge/220810-yqa4hsgdb9/behavioral2

2.58.56.32:6666
modymos.linkpc.net
mosacor.co.za

# Reference: https://www.virustotal.com/gui/file/8bc112ddd27f0fc2fdc5f50901f8bd15a999042383cc7fe93d3f2b2d8dd085ac/detection

technologie.duckdns.org

# Reference: https://www.virustotal.com/gui/file/40da5be82081d0f0a205474abc614379ce4a655ae84c048353a53b49780fa39f/detection

blazevault.ddns.net

# Reference: https://www.virustotal.com/gui/file/dc645f9fb41904317cc725625eb703c260b4bfea01abe8e31988a83c06930226/detection

negritos.site

# Reference: https://www.virustotal.com/gui/file/39fe79e59e8fc4e86513ec09959c895e5667a39e9d32bb90d8cf29ac892496d0/detection

107.173.255.227:2000
107.173.255.227:3000
107.173.255.227:4000
cdt2021.zapto.org

# Reference: https://twitter.com/embee_research/status/1563149262707257344

173.209.51.37:5137

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2026082022
# Reference: https://tria.ge/220826-pb2s9adcd2/

91.192.100.9:8976

# Reference: https://twitter.com/Iamdeadlyz/status/1562823487932100608

193.124.22.17:4449

# Reference: https://twitter.com/r3dbU7z/status/1564893492924538880
# Reference: https://twitter.com/r3dbU7z/status/1564940756950843392
# Reference: https://www.virustotal.com/gui/ip-address/54.236.21.218/relations
# Reference: https://www.joesandbox.com/analysis/693848/0/html

54.236.21.218:6606
54.236.21.218:7707
54.236.21.218:8808
myacesverif.duckdns.org
myverifyaccess.my03.com

# Reference: https://twitter.com/0xToxin/status/1565599718000009216
# Reference: https://tria.ge/220902-f7pn5aghbj/behavioral1

139.28.219.37:2000
172.94.80.37:2000
dangerous1.ddns.net
donzola.duckdns.org

# Reference: https://ti-research-io.github.io/ti/ioc_extender/?name=TF_AsyncRAT

ahmedhasan-43601.portmap.host
darkvader94-36189.portmap.host
dasdad2-27665.portmap.host
freeedp.duckdns.org
fresh02.ddns.net
gaminghost873737-38124.portmap.io
java.servebeer.com
jul-perl.myvnc.com
lordfish12312-53903.portmap.host
minecrafthosting6969-35389.portmap.io
realfive5-49318.portmap.host
zeldorispiety-50433.portmap.host

# Reference: https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/
# Reference: https://www.virustotal.com/gui/ip-address/20.78.19.235/relations
# Reference: https://www.virustotal.com/gui/file/818d184a57f7cce89dda848cb17a503e0c5957803eb8d088491f809ad750cc21/detection
# Reference: https://www.virustotal.com/gui/file/75ae08629e69a57887d2c8e6ba798e16ff9bd8e7af85a1ea029c0594c076ef59/detection
# Reference: https://www.virustotal.com/gui/file/be88db263dee3dcd1a9a236c7dd4b7885ea664e6df404f910a5e0173d1be19c4/detection

aeternam.me
graviom.fr
tf-bank.com
nedbankplc.4nmn.com
press.giize.com
secure.graviom.fr

# Reference: https://tria.ge/220907-s2q18acdf7/behavioral2

45.14.224.94:2001
45.14.224.94:444

# Reference: https://twitter.com/malwrhunterteam/status/1568182218127712256
# Reference: https://www.virustotal.com/gui/file/e5a27354665310d4b974f19bb79a01dd8eeb21dabde06eb6941c8d27b57bc689/detection

172.94.11.178:7878
g8787.ddns.net

# Reference: https://www.virustotal.com/gui/file/85a13e4751a7a3dbccd46a23a441ec7838f5df8ce13f6a76e0347838200e47b9/detection

rippeymp811.ml
rippeymp811.ddns.net

# Reference: https://twitter.com/malwrhunterteam/status/1568194124330713089
# Reference: https://www.virustotal.com/gui/file/c2eac887aeca169e624ea5922167854e32faa4c47d52d5cf01949f965d26f00c/detection

198.98.53.231:5677

# Reference: https://www.virustotal.com/gui/file/d01e1d3d771a443f0fb994b3b3583422124677d4fba4eec14ce6f387e97055c3/detection

adobedata.webredirect.org
cdt.3utilities.com

# Reference: https://www.virustotal.com/gui/file/5f6579f4f7371307b56a578c760042466708f88f04ccf09b8291ed495ad97f5f/detection

45.74.38.17:6606
45.74.38.17:7707
45.74.38.17:8808
niiarmah.kozow.com

# Reference: https://www.virustotal.com/gui/file/112bc23dbf145fb1c5c78e842b605a4da6202c9993114c7118fbdf902d6c7673/detection

3.22.30.40:13857

# Reference: https://tria.ge/221010-ggv9naafh4/behavioral1

193.161.193.99:40774
tienMonkey-40774.portmap.io

# Reference: https://tria.ge/221010-t26bkscgck/behavioral1

64.44.167.136:46452

# Reference: https://twitter.com/pollo290987/status/1578046865987276806
# Reference: https://www.virustotal.com/gui/file/0e57f8d6bd3306206086c712cf06004c893f72f92374d0724579810b4ae20160/detection

pushkin.ydns.eu

# Reference: https://tria.ge/220719-e9y5xabean/behavioral2

212.193.30.230:79

# Reference: https://twitter.com/0xToxin/status/1581235287182966784
# Reference: https://tria.ge/221015-e6n6jafbe8/behavioral1

103.209.76.44:2000

# Reference: https://twitter.com/0xToxin/status/1581304132866301952

45.141.215.212:222
45.141.215.212:6606
45.141.215.212:7707
45.141.215.212:8808
red2056.freeddns.org

# Reference: https://twitter.com/SquiblydooBlog/status/1581627679300030465
# Reference: https://tria.ge/221016-pnbgtshef9/behavioral1

45.138.16.240:6666
basejumper.io
nasori.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/bf7e15bd062dd3a60eb36c7ee466d06439efcbf08afea2d166c7bd0707ee63f4/detection

83.51.53.98:1604
testing35123.duckdns.org

# Reference: https://www.virustotal.com/gui/file/68fa24f693d9b5955eb2a34a6fbbd3ac7b9e4e8efa53b17b6a94ddd01baab2fe/detection

185.216.71.4:4449
45.155.165.234:4449
venom12345.duckdns.org
venomunverified.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0a151bff139d2541495279ae8db6f3fede5f867337ee69b466023de228a9bacf/detection

141.255.144.193:4444

# Reference: https://www.virustotal.com/gui/file/84d2ec2e12cda6b36e0269b75fb40afeca89d0612e8b4091006348cf9a37530d/detection

51.255.152.131:6606
51.255.152.131:7707
51.255.152.131:8808
andojan.ddns.net

# Reference: https://www.virustotal.com/gui/file/b26760b051260ea435c5c32f8e65cd200034495db040e58da7b453b3d57132a5/detection

85.209.134.94:6606
85.209.134.94:7707
85.209.134.94:8808

# Reference: https://www.virustotal.com/gui/file/5e3588e8ddebd61c2bd6dab4b87f601bd6a4857b33eb281cb5059c29cfe62b80/detection

109.206.241.84:6606
109.206.241.84:7707
109.206.241.84:8808

# Reference: https://www.virustotal.com/gui/file/c7dcb35fe7258ccbebe3b42065a24813c0a012a26fdd3990627114687ca3d3b3/detection

194.5.98.21:4000
dan4000.duckdns.org

# Reference: https://twitter.com/r3dbU7z/status/1584710460737474560
# Reference: https://www.virustotal.com/gui/file/3fef9fb9da2241e00c15b8f0ebd58b5b7c1c7a4c0bf03f8d703a43f99b212bdb/detection

18.189.106.45:13405
18.189.106.45:15258
3.134.125.175:15258
3.134.125.175:8848
3.141.177.1:13405
3.141.210.37:13405
3.141.210.37:15258

# Reference: https://twitter.com/abuse_ch/status/1585666644101283843
# Reference: https://tria.ge/221027-r75wwscdg9/behavioral1

20.240.61.211:8080
kachininanayiyicem.swedencentral.cloudapp.azure.com

# Reference: https://www.virustotal.com/gui/file/23704a63aeba9bdc475ee744cb79d6b2e0dbb6980fe7a0121f81a8eb4c97d143/detection

20.224.160.59:7000

# Reference: https://www.virustotal.com/gui/file/ef91ae5e27e371faf3f08f8bc68acde7ede075b799fe96d186fcec75ddf6ca10/detection

203.159.80.120:16518
203.159.80.120:4815
update.supportmozilla.org

# Reference: https://otx.alienvault.com/pulse/63722ef12028314bb58019d8
# Reference: https://www.virustotal.com/gui/file/c7dc5f8604385b4b61489ec6910ebdc627bcef90cd6eb6c1a699c0d34c59d350/detection
# Reference: https://www.virustotal.com/gui/file/2ffc476fcd66111e82bd4a24a475f9a59b47691268e3acf812769d73b62d9cd0/detection
# Reference: https://www.virustotal.com/gui/file/2e160f9cd9333884fac63e6d730a746eb64e5ff47318e27934335caa330fdd2e/detection

159.89.35.152:6606
159.89.35.152:7707
159.89.35.152:8808

# Reference: https://tria.ge/221117-kq1ghsaa7x/behavioral1

207.244.231.35:9194
asyrz.duckdns.org

# Reference: https://tria.ge/221117-kq1ghsaa7w/behavioral1

arrw.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1594105082077143042
# Reference: https://www.virustotal.com/gui/file/0b1482290fad57d42705337dcb0c45acdc60f4925c1e8fd673638ebf41c78c23/detection

146.190.69.247:6606
146.190.69.247:7707
146.190.69.247:8808

# Reference: https://www.virustotal.com/gui/file/1525076c87558a452430e1a867c8e889f0f15fc658162debd2cd29c617b372c7/detection

158.247.232.56:6606
158.247.232.56:7707
158.247.232.56:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/

http://45.153.240.69
http://66.94.109.58
http://51.68.180.4
100.42.65.218:6606
100.42.65.218:8080
101.99.94.33:6606
101.99.94.33:7707
101.99.94.33:8808
103.117.72.103:8848
103.133.111.110:5200
103.147.185.182:1170
103.147.185.182:1814
103.147.185.182:9080
103.149.201.214:6606
103.149.201.214:7707
103.149.201.214:8808
103.151.123.194:7849
103.151.239.166:6606
103.151.239.166:7707
103.151.239.166:8808
103.153.73.37:6606
103.153.73.37:7707
103.153.73.37:8808
103.167.84.119:2257
103.195.238.235:16058
103.195.238.95:8808
103.213.111.207:6606
103.47.144.100:49746
103.47.144.126:2703
103.47.144.67:2703
103.47.144.71:2703
103.47.144.71:49746
103.74.101.124:2245
103.89.88.236:1998
104.128.189.120:6606
104.128.189.120:7707
104.128.189.120:8808
104.168.141.171:8713
104.168.152.36:7707
104.168.33.32:6606
104.168.33.32:7707
104.168.33.32:8808
104.168.33.53:6606
104.168.33.53:7707
104.168.33.53:8808
104.238.147.18:6606
104.238.147.18:7707
104.238.147.18:8808
104.243.37.4:6606
104.243.37.4:7707
104.243.37.4:8808
104.249.62.71:4211
104.250.180.32:2119
104.37.172.204:56777
105.112.154.175:7505
105.154.200.41:64
105.156.105.249:64
107.172.44.141:6606
107.172.44.141:7707
107.172.44.141:8808
107.173.62.21:6606
107.173.63.199:5656
107.182.128.19:6606
107.182.128.19:7707
107.182.128.19:8808
107.182.129.16:8010
107.182.237.14:58453
108.143.240.80:112
109.206.240.5:5992
109.206.241.215:1999
109.206.243.58:3306
111.90.143.12:4489
111.90.143.12:4899
111.90.143.12:8080
111.90.147.102:4449
111.90.147.102:56721
114.116.34.118:7777
114.116.34.118:8888
115.231.235.56:8848
115.64.43.254:25567
115.75.66.68:6606
115.75.66.68:6821
115.75.66.68:7707
115.75.66.68:8808
116.108.48.70:374
116.203.252.195:4449
119.45.104.153:8848
119.91.100.114:7890
121.40.151.214:8808
124.217.247.242:8808
124.223.14.242:443
129.151.91.127:7177
13.59.15.185:19091
13.66.153.98:1604
134.255.234.198:7777
135.125.27.236:22
135.148.113.4:6789
135.181.204.51:8848
136.144.41.223:8394
136.36.83.93:8888
137.74.157.86:4449
138.201.2.2:2022
138.201.81.121:38022
138.201.81.121:55686
138.99.209.222:2000
138.99.211.39:2119
139.180.143.50:11334
139.180.143.50:6606
139.180.143.50:7707
139.180.143.50:8808
14.173.70.169:8080
14.186.155.171:6788
141.101.173.15:2000
141.101.173.39:2000
141.255.144.117:2000
141.255.147.50:7707
141.94.112.3:9925
141.95.84.40:222
141.95.84.40:4040
141.95.89.79:2005
141.98.101.133:5503
141.98.102.235:16296
141.98.6.228:8808
142.202.240.108:5505
142.202.240.108:6606
142.202.240.108:7707
142.202.240.116:5555
142.202.240.82:5253
142.202.240.88:8808
142.202.242.181:6666
142.202.242.198:222
142.202.242.198:2222
142.202.242.198:5555
142.202.242.210:9090
144.126.209.63:1442
144.126.209.63:6606
144.76.65.183:57117
146.19.57.77:6606
146.70.128.174:55178
146.70.165.100:57508
146.70.165.10:61288
147.124.211.69:5050
147.135.106.246:6606
147.135.106.246:7707
147.135.106.246:8808
147.135.95.107:6606
147.185.221.180:1491
147.185.221.180:64654
147.185.221.180:6606
147.185.221.212:15420
147.189.169.46:4444
147.189.169.46:6606
147.189.169.46:7707
147.189.169.46:8808
147.189.172.218:6666
147.189.172.222:2222
147.189.174.182:6666
147.50.253.67:3926
147.50.253.67:6606
147.50.253.67:7707
147.50.253.67:8808
147.50.253.97:8454
148.163.80.206:7778
149.56.43.121:4199
15.204.170.1:8808
15.235.10.108:6606
154.204.180.237:8848
154.211.6.212:8848
154.212.139.228:1337
154.38.112.92:8848
154.39.252.24:8848
154.53.40.254:3110
154.91.228.23:8848
156.96.154.30:6668
156.96.154.30:7778
156.96.156.177:6666
157.90.202.235:5252
157.90.206.49:6606
157.90.206.49:7707
157.90.206.49:8808
158.101.188.195:1575
159.203.126.35:22174
159.203.126.35:5555
159.69.234.3:1010
159.69.234.3:6606
159.69.234.3:7707
159.69.234.3:8808
160.152.137.3:1604
160.177.92.182:64
160.178.160.73:66
160.178.206.45:65
161.129.44.189:8808
162.14.83.129:8848
162.55.179.46:6606
162.55.179.46:7707
162.55.179.46:8808
163.123.142.155:5764
163.172.225.185:412
163.172.225.185:441
163.172.225.185:551
163.172.225.185:6606
163.172.225.185:661
163.172.225.185:677
163.172.225.185:7707
163.172.225.185:8808
164.92.113.92:9007
165.227.31.192:22545
165.232.151.233:2022
167.71.56.116:22993
167.71.7.168:6606
167.71.7.168:7707
167.71.7.168:7770
167.71.7.168:8808
168.119.140.238:8848
171.22.30.33:8808
171.235.66.23:233
172.104.148.228:6606
172.111.147.42:2119
172.111.147.89:2119
172.111.149.2:1994
172.111.204.106:6606
172.111.204.106:8808
172.111.216.100:49746
172.245.251.219:2015
172.245.94.220:10090
172.81.184.73:8808
172.81.62.54:5085
172.86.120.88:4449
172.93.220.135:6606
172.93.220.135:7707
172.93.220.135:8808
172.94.111.4:2008
172.94.122.20:2000
172.94.15.163:5200
172.94.64.70:6606
172.94.80.56:2000
172.94.9.77:2119
173.234.105.145:5201
173.249.17.53:2252
176.232.184.98:1604
176.9.31.109:3674
176.9.31.109:7707
177.255.88.205:8042
177.255.88.25:4217
177.255.89.112:4203
177.255.89.43:4203
178.175.131.101:56064
178.20.44.131:6666
179.13.1.226:8042
179.13.3.107:4203
179.13.5.152:4203
179.13.5.152:4204
179.43.142.197:5789
179.43.162.20:1337
179.43.166.50:6606
179.43.187.19:2525
179.43.187.19:33
179.43.187.19:4523
179.43.187.19:5555
18.139.9.214:11409
18.141.129.246:11409
18.192.31.165:10108
18.192.31.165:13820
18.207.218.15:1337
181.131.216.129:8050
181.141.0.235:8050
181.141.3.105:7707
181.141.5.226:8091
181.214.48.40:6670
181.215.5.168:8809
181.71.216.22:7707
185.106.94.165:2323
185.132.176.192:4449
185.140.53.10:2121
185.140.53.12:6161
185.140.53.131:7171
185.140.53.136:2014
185.140.53.137:1604
185.140.53.15:3023
185.140.53.176:2376
185.140.53.242:2256
185.140.53.63:8721
185.162.74.65:5455
185.171.91.4:1604
185.176.220.145:6606
185.176.220.145:7707
185.176.220.145:8808
185.189.151.24:8808
185.19.85.172:5050
185.199.226.19:6606
185.199.226.19:7707
185.199.226.19:8808
185.205.209.206:2020
185.213.155.163:57808
185.222.57.137:3333
185.222.57.203:6606
185.222.57.238:4449
185.222.57.72:6606
185.222.57.72:7707
185.222.57.72:8780
185.222.57.72:8808
185.222.57.80:6275
185.222.58.50:4545
185.225.28.148:57652
185.225.28.150:57718
185.225.28.156:54873
185.225.73.150:8808
185.225.73.183:4782
185.225.74.38:6606
185.225.74.38:8808
185.227.70.219:8088
185.227.70.220:8808
185.227.70.254:8808
185.236.78.58:7707
185.236.78.58:8808
185.237.96.105:7707
185.241.208.144:5555
185.241.208.144:6666
185.241.208.148:6666
185.241.208.193:5001
185.241.208.233:5430
185.243.181.86:7707
185.244.30.237:1195
185.244.31.182:4000
185.244.31.182:8848
185.246.220.208:6606
185.246.220.208:7707
185.246.220.208:8808
185.246.220.26:12336
185.246.220.26:18867
185.246.220.26:19624
185.246.220.26:26993
185.246.220.26:51115
185.246.220.26:5200
185.246.220.26:6606
185.246.220.26:7707
185.246.220.26:8808
185.25.48.203:1703
185.250.149.180:25566
185.250.241.219:6066
185.250.241.219:6606
185.250.241.219:7707
185.250.241.219:8808
185.252.178.121:222
185.252.178.121:5126
185.252.178.121:6126
185.254.37.238:1432
185.254.37.238:1452
185.254.37.238:3306
185.255.95.191:99
185.29.8.22:4444
185.64.104.84:12312
185.64.105.42:470
185.66.91.81:6121
185.7.214.8:4449
185.81.157.117:1858
185.81.157.169:2022
185.81.157.202:2535
185.81.157.202:5555
185.81.157.244:6601
185.81.157.71:4343
185.81.157.71:4444
185.81.157.71:5555
185.81.157.7:2001
185.81.157.7:5522
186.152.129.124:2113
188.119.112.140:4449
188.132.156.147:1604
188.161.17.116:555
188.212.124.129:4444
188.227.57.46:22
190.123.44.184:3321
190.123.44.184:8012
190.123.44.184:8201
190.2.147.39:4449
190.2.147.39:8848
190.213.78.26:5000
191.101.130.243:7707
191.101.130.28:8808
191.101.30.41:4413
192.158.232.67:1431
192.158.232.67:8848
192.188.88.248:6606
192.210.201.53:8809
192.253.245.243:7771
192.3.101.108:4404
192.3.101.108:6606
192.3.101.108:7707
192.3.101.108:8808
192.3.101.190:2015
192.3.193.136:2023
192.3.205.21:2014
192.30.89.27:29843
192.30.89.51:29843
192.30.89.51:6253
192.30.89.51:6397
192.30.89.67:29843
192.99.180.181:6606
192.99.180.181:7707
192.99.180.181:8808
193.142.146.212:6606
193.142.146.212:8808
193.149.176.156:1337
193.149.176.156:4449
193.149.3.239:1938
193.164.7.108:1604
193.200.134.9:9969
193.203.238.103:6666
193.203.238.54:6666
193.23.160.250:8848
193.233.185.161:8808
193.233.191.150:6606
193.233.191.150:7707
193.233.191.150:8808
193.233.191.4:6606
193.233.191.4:8808
193.233.203.224:4444
193.233.48.17:8848
193.29.104.92:3579
193.37.255.162:9441
194.147.140.15:3030
194.156.91.122:6666
194.233.169.93:7707
194.26.192.121:7077
194.26.192.174:2005
194.26.192.174:6606
194.26.192.190:7707
194.26.192.221:2020
194.26.192.77:7707
194.26.192.77:8808
194.26.192.82:1010
194.26.192.82:2020
194.31.98.58:2405
194.31.98.80:6606
194.31.98.80:7707
194.31.98.80:8808
194.33.45.175:6666
194.37.96.118:54861
194.49.94.212:444
194.49.94.212:555
194.5.97.203:7070
194.5.97.228:5069
194.5.97.232:3738
194.5.97.41:5200
194.5.97.41:6606
194.5.97.41:7707
194.5.97.41:8808
194.5.97.88:5050
194.5.98.11:6606
194.5.98.120:4449
194.5.98.120:8647
194.5.98.178:3330
194.5.98.198:4545
194.5.98.227:8647
194.5.98.251:4598
194.5.98.6:20
194.55.224.44:6606
194.55.224.44:7707
194.55.224.44:8808
194.55.224.72:8808
194.59.218.147:8808
194.61.119.50:8884
194.87.151.125:7399
194.87.151.134:7878
194.87.218.241:8808
194.9.172.60:6606
194.9.172.60:7707
195.178.120.137:5097
195.178.120.137:6071
195.178.120.187:8848
195.178.120.6:1337
195.178.120.6:8808
195.206.235.234:1907
195.3.222.57:6001
196.65.134.20:64
196.77.237.119:55555
196.77.31.30:65
198.13.52.249:8080
198.23.145.147:1070
198.23.145.147:1137
198.23.145.147:2525
198.23.191.98:45674
198.23.191.98:6075
198.23.200.102:1759
198.23.200.102:7707
198.23.207.34:2023
198.23.207.34:6606
198.23.207.34:7707
198.23.207.34:8808
198.244.206.24:6606
198.244.206.24:6666
198.244.206.24:7707
198.244.206.24:8808
198.244.251.250:6666
199.195.253.181:1256
199.249.233.130:6253
199.249.233.130:6397
199.34.31.224:45005
2.224.144.191:2222
2.56.56.122:2022
2.56.56.180:4444
2.56.56.88:2406
2.56.57.210:7787
2.56.57.226:6606
2.56.57.55:7707
2.56.57.68:8754
2.56.59.167:420
2.56.59.167:6606
2.56.59.167:7707
2.56.59.167:8808
2.56.59.189:8898
2.58.56.106:6666
2.58.56.120:4433
2.58.56.148:5555
2.58.56.148:6666
2.58.56.148:8888
2.58.56.183:222
2.58.56.183:2222
2.58.56.22:5211
2.58.56.243:6121
2.58.56.41:1996
2.58.56.44:6666
2.59.119.56:3131
2.59.119.66:8080
2.59.119.84:7943
20.100.196.69:9281
20.107.115.162:50239
20.108.44.45:3152
20.111.19.215:3152
20.111.34.199:1604
20.111.63.231:7072
20.114.139.208:4498
20.117.208.193:8080
20.12.204.46:8080
20.125.118.35:2244
20.125.122.98:4449
20.127.4.172:8080
20.127.4.172:8848
20.151.221.59:1604
20.16.8.148:6606
20.16.8.148:7707
20.16.8.148:8808
20.16.8.148:8848
20.166.62.124:49264
20.169.104.228:6666
20.169.37.196:6666
20.171.107.243:6606
20.171.107.243:7707
20.171.107.243:8808
20.197.226.40:4448
20.199.101.68:3161
20.211.5.151:4449
20.212.19.59:51585
20.212.19.59:6606
20.212.19.59:7707
20.212.19.59:8808
20.224.162.224:6606
20.224.162.224:7707
20.224.162.224:8080
20.224.162.224:8808
20.226.0.95:6606
20.226.101.17:40
20.226.101.17:6606
20.226.101.17:7707
20.226.101.17:8808
20.226.120.127:22
20.238.78.172:6606
20.4.6.16:43521
20.42.114.46:8080
20.54.113.5:3131
20.54.113.5:6606
20.54.113.5:7707
20.54.113.5:8808
20.62.3.66:8000
20.62.3.66:8808
20.69.124.187:6606
20.69.124.187:7707
20.69.124.187:8808
20.77.254.176:2200
20.8.122.174:31682
20.83.245.27:1604
20.98.96.97:1605
203.78.128.202:7707
205.185.118.52:20000
206.123.132.35:2119
206.123.132.41:2119
206.123.132.68:2020
206.217.133.4:49815
206.53.55.8:1337
207.244.233.24:6666
207.244.235.47:6606
207.32.216.119:5555
207.32.216.119:6666
207.32.216.198:2233
207.32.216.198:6666
207.32.216.198:8808
207.32.216.212:5001
207.32.217.109:222
207.32.217.246:7707
207.32.217.247:6666
207.32.218.108:6666
207.32.218.11:1996
207.32.218.123:6666
207.32.218.12:6606
207.32.219.50:6666
207.32.219.80:6666
208.109.33.30:7777
208.109.33.30:8888
209.126.2.34:6606
209.126.2.34:7707
209.126.2.34:8808
209.126.83.213:8808
209.127.186.218:6305
209.141.44.112:8808
209.209.40.132:2
209.25.141.211:33901
209.90.234.22:6606
209.90.234.22:7707
209.90.234.22:8808
210.87.207.134:8808
211.149.180.60:8848
212.114.52.113:8888
212.114.52.212:1893
212.174.54.164:8808
212.192.219.56:5612
212.192.241.130:6606
212.192.241.130:7707
212.192.241.130:8808
212.192.241.194:7271
212.192.241.87:8754
212.192.246.87:5803
212.193.30.144:7331
212.193.30.230:7011
212.193.30.54:8754
212.193.30.54:8755
212.193.30.96:5022
212.227.169.228:4449
212.68.34.230:6606
213.152.161.117:56390
213.152.161.170:6751
213.152.161.211:50552
213.152.161.5:6253
213.152.161.5:6397
213.152.187.230:6751
216.126.224.171:6606
216.126.224.171:7707
216.126.224.171:8808
216.250.97.121:20000
217.195.197.85:6606
217.195.197.85:7707
217.195.197.85:8808
217.64.149.93:1973
217.64.31.3:9742
23.101.213.237:4546
23.102.122.72:8080
23.105.131.196:6606
23.105.131.196:7707
23.105.131.196:8808
23.105.131.196:9121
23.105.131.196:9128
23.105.131.209:1070
23.105.131.209:1137
23.105.131.209:19328
23.129.232.160:2222
23.129.232.160:6666
23.146.242.100:4449
23.226.77.22:4449
23.237.25.246:6606
23.237.25.246:7707
23.237.25.246:8808
23.94.159.212:6606
23.94.159.212:7707
23.94.159.212:8808
23.94.236.147:6606
23.94.236.147:7707
23.94.236.147:8808
23.94.82.24:10240
3.125.115.192:18
3.125.115.192:25
3.138.180.119:18729
3.141.210.37:12300
3.142.167.54:14923
3.144.124.4:7771
3.219.26.62:6606
3.219.26.62:7707
3.219.26.62:8808
3.237.100.172:8808
3.66.38.117:12104
3.68.171.119:12104
3.69.115.178:12104
3.69.157.220:12104
31.170.22.28:55775
31.192.236.139:3434
31.41.244.135:8808
34.125.144.45:5000
34.125.144.45:5001
34.125.144.45:5002
34.140.211.85:7707
37.0.10.214:6171
37.0.11.246:6606
37.0.11.246:7707
37.0.11.246:8808
37.0.14.196:2050
37.0.14.196:6161
37.0.14.196:6606
37.0.14.196:7707
37.0.14.196:8808
37.0.14.197:6060
37.0.14.197:7171
37.0.14.198:17086
37.0.14.203:1905
37.0.14.204:2019
37.0.14.204:2022
37.0.14.204:5631
37.120.210.219:48408
37.120.212.235:6606
37.120.217.243:6253
37.120.217.243:6397
37.249.78.26:5554
37.249.78.26:5555
38.105.209.167:8848
38.130.221.190:6606
38.130.221.190:7707
38.130.221.190:808
38.17.51.104:1989
38.47.205.151:8848
4.227.187.147:8080
4.229.235.23:8000
4.231.233.180:25310
41.141.211.80:64
41.216.183.175:4404
41.216.183.61:6751
41.251.4.158:64
41.72.146.10:6606
43.138.160.55:6606
43.139.124.22:6666
43.154.97.109:1981
43.154.97.109:8848
43.249.30.55:8848
44.192.67.149:4784
45.12.253.31:6606
45.12.253.58:1515
45.12.253.58:2323
45.133.1.152:6606
45.133.1.152:7707
45.133.1.152:8808
45.133.174.122:7707
45.134.140.152:60060
45.134.142.193:61341
45.134.142.193:6606
45.134.142.193:7707
45.134.142.193:8808
45.134.142.211:1337
45.134.142.211:56597
45.136.4.101:888
45.136.4.99:8808
45.137.22.111:8787
45.137.22.182:6606
45.137.22.182:7707
45.137.22.182:8808
45.137.22.41:4449
45.138.16.104:7707
45.138.16.109:6666
45.138.16.133:5555
45.138.16.162:6969
45.138.16.186:2004
45.138.16.218:2020
45.138.16.240:2222
45.138.16.39:6606
45.138.16.39:6666
45.138.16.71:8808
45.139.105.207:4782
45.139.105.252:6666
45.14.224.94:5020
45.140.146.4:25569
45.141.237.30:55055
45.143.8.181:13389
45.143.8.181:4449
45.143.8.181:8149
45.144.154.192:1604
45.144.30.31:25565
45.144.31.124:4444
45.154.98.151:7777
45.154.98.194:555
45.154.98.214:6606
45.154.98.87:8453
45.155.158.187:1337
45.158.77.78:10135
45.158.77.78:6606
45.158.77.78:7707
45.158.77.78:8808
45.176.91.143:9001
45.242.220.23:50
45.242.84.173:50
45.66.248.114:8899
45.74.4.244:7707
45.74.4.244:8808
45.80.158.108:555
45.80.158.108:6606
45.80.158.108:6666
45.80.158.108:7707
45.80.158.108:8808
45.80.158.114:6606
45.80.158.127:7707
45.80.158.160:6666
45.80.158.237:5558
45.80.158.65:7777
45.81.243.217:6606
45.81.243.217:7707
45.81.243.217:8808
45.88.67.12:6666
45.88.67.9:3306
45.88.67.9:3309
45.88.67.9:3358
45.88.79.224:54
45.88.79.224:55686
45.92.1.24:5001
45.92.1.59:6606
45.92.1.59:7707
45.92.1.71:8808
46.183.220.21:6606
46.183.223.109:8088
46.246.6.11:7090
46.3.199.101:4449
49.12.0.239:3760
5.161.115.90:6666
5.161.139.136:6666
5.161.139.136:7777
5.161.76.198:2003
5.181.234.149:51822
5.188.51.32:4449
5.188.86.237:6606
5.188.86.237:7707
5.188.86.237:8808
5.230.68.234:6606
5.230.68.234:7707
5.230.68.234:8808
5.230.70.13:6606
5.230.70.13:7707
5.230.70.13:8808
5.230.72.132:6606
5.230.72.132:7707
5.230.72.132:8808
5.39.15.167:88
5.68.138.73:3939
5.78.65.18:8848
51.116.125.149:3536
51.12.89.205:8361
51.222.69.7:6666
51.222.98.70:6606
51.222.98.70:8808
51.254.246.45:1974
51.255.130.2:6606
51.38.247.74:5555
51.68.180.4:4040
51.68.180.4:5058
51.68.180.4:6606
51.68.180.4:7707
51.68.180.4:8808
51.77.78.35:6606
51.77.78.35:6666
51.77.78.35:7707
51.77.78.35:8808
51.79.116.37:8848
51.81.126.39:1972
51.81.24.93:8000
51.83.137.127:6606
51.83.137.127:7707
51.83.137.127:8808
51.83.21.211:7707
51.83.231.254:6606
51.83.231.254:7707
51.83.231.254:8808
51.89.204.67:8808
51.89.205.213:8808
52.143.164.37:5555
52.178.132.52:6606
52.178.132.52:7707
52.178.132.52:8808
52.28.247.255:15066
52.90.30.10:7707
54.196.16.250:1337
54.37.42.165:4782
58.221.72.142:8848
61.14.233.88:6606
61.14.233.88:7707
61.14.233.88:8808
62.108.37.84:8848
62.108.37.84:8881
62.197.136.146:5672
62.197.136.146:6606
62.197.136.146:7707
62.197.136.146:8808
62.197.136.165:7777
62.197.136.165:8080
62.197.136.167:1111
62.197.136.167:6606
62.197.136.167:7707
62.197.136.167:8808
62.197.136.175:6606
62.197.136.175:7707
62.197.136.175:8808
62.197.136.195:3333
62.210.57.2:1284
64.56.68.152:8888
64.56.68.17:8888
64.56.68.209:8888
65.21.177.234:555
66.94.105.170:4449
66.94.109.58:6606
66.94.109.58:7707
66.94.109.58:8808
66.94.118.174:4001
67.214.175.69:7535
67.43.236.220:4151
68.235.43.172:59004
68.235.44.58:59335
70.36.108.28:4444
70.36.108.69:8888
70.36.110.176:8888
73.143.210.113:1337
73.143.210.113:56597
76.8.53.133:62520
77.192.68.90:1900
78.138.107.121:8808
78.138.107.121:8877
78.153.130.88:3232
78.170.251.123:7707
78.171.150.184:6606
78.171.173.96:1044
78.173.187.50:6606
78.186.210.130:8808
78.191.189.97:81
79.110.62.147:2025
79.134.225.11:7935
79.134.225.22:7936
79.134.225.23:6606
79.134.225.23:7707
79.134.225.23:8808
79.134.225.6:2782
79.134.225.72:2233
79.134.225.73:3030
79.134.225.74:6161
79.134.225.8:6161
79.134.225.97:4449
79.134.225.9:6060
8.210.121.56:10165
8.39.147.42:6606
8.39.147.42:7707
80.240.18.7:3131
80.253.246.144:6606
80.66.64.134:6161
80.66.64.151:7070
80.66.88.146:8848
82.115.223.14:4449
83.245.137.185:3306
84.38.130.171:9216
84.39.179.220:7707
84.52.187.222:8080
84.54.13.124:6606
84.54.13.124:8808
84.54.50.51:8848
85.104.99.83:4014
85.105.88.221:2531
85.202.169.14:855
85.202.169.230:8080
85.206.160.189:6606
85.215.214.84:7349
85.215.216.205:8088
85.31.45.38:8808
85.31.46.207:6606
85.31.46.207:7707
85.31.46.207:8808
86.48.18.223:7707
86.48.18.223:8808
86.57.195.165:8808
87.121.52.241:2000
87.237.165.133:6161
87.249.134.10:61341
87.249.134.10:6606
87.249.134.10:7707
87.249.134.10:8808
87.249.134.18:59004
87.249.134.1:61341
87.249.134.1:6606
87.249.134.1:7707
87.249.134.1:8808
87.251.79.126:18066
88.248.18.120:1604
88.248.18.120:33918
88.248.18.120:6606
88.248.18.120:7707
88.248.18.120:8808
89.117.21.144:6606
89.117.77.193:6606
89.223.71.59:5856
89.249.74.218:6253
89.249.74.218:6397
90.49.136.9:8080
91.109.176.14:6606
91.109.176.15:8808
91.109.176.6:6606
91.109.178.12:8808
91.109.178.13:6606
91.109.178.13:7707
91.109.178.14:6606
91.109.178.14:7707
91.109.178.14:8808
91.109.178.2:7707
91.109.178.3:7707
91.109.178.5:8808
91.109.178.5:9909
91.109.178.6:6606
91.109.178.8:8808
91.109.178.9:6606
91.109.180.11:6606
91.109.180.12:6606
91.109.180.13:8808
91.109.180.16:8808
91.109.180.9:7707
91.109.182.11:6606
91.109.182.9:6606
91.109.184.18:7707
91.109.184.3:6606
91.109.184.3:8808
91.109.184.4:7707
91.109.184.7:7707
91.109.184.9:7707
91.109.186.13:6606
91.109.186.2:7707
91.109.186.3:8808
91.109.186.5:8808
91.109.186.7:6606
91.109.186.7:8808
91.109.188.10:6606
91.109.188.10:8808
91.109.188.12:6606
91.109.188.14:8808
91.109.188.23:6606
91.109.188.5:7707
91.109.188.8:6606
91.109.188.8:7707
91.109.190.10:7707
91.109.190.7:8808
91.109.190.9:8808
91.134.187.20:4449
91.151.88.159:3131
91.151.94.59:1212
91.192.100.7:8282
91.192.100.8:8153
91.193.75.132:9191
91.193.75.135:3030
91.193.75.154:1515
91.193.75.204:5900
91.193.75.205:5900
91.193.75.249:5900
91.227.113.154:6666
91.245.253.84:4449
91.245.255.120:4040
92.118.36.201:3001
92.118.36.201:6606
92.118.36.201:7707
92.118.36.201:8808
92.138.188.75:7006
92.204.146.31:6666
92.204.146.31:8000
92.222.212.65:6606
92.222.212.65:7707
92.222.212.65:8808
94.130.208.107:2021
94.26.49.118:6606
95.13.149.131:7707
95.173.247.110:8806
95.179.130.232:1703
95.214.24.32:7790
95.214.27.226:6606
95.214.27.226:7707
95.214.27.226:8808
95.214.27.237:1515
95.214.27.237:1717
95.216.102.32:8808
95.216.192.137:8808
95.217.121.186:4449
95.70.151.185:8805
96.227.248.173:8751
admincairo.linkpc.net
asmodeus666.ddns.net
bbiy00362.duckdns.org
bbrainx01.publicvm.com
bigdipsOn.publicvm.com
boxtest.publicvm.com
clsuplementos.ddns.net
corpoleve.3utilities.com
corpoleve.duckdns.org
craig.kozow.com
danbochie2.dns.army
darknode88.duckdns.org
daveblack.publicvm.com
dimascu.duckdns.org
dpunktesting.ddns.net
egrh.linkpc.net
elgzar207070.kozow.com
escanor2022.linkpc.net
flingmodder-53370.portmap.io
franc01.publicvm.com
gfhhjgh.duckdns.org
ijogaa.duckdns.org
jok7oda.publicvm.com
kkshdh.duckdns.org
krnewfine.work.gd
lyoni-55552.portmap.host
mikeludomax.ddns.net
mikeludoyyxx.ddns.net
mikludoykxx.ddns.net
mineawrtes.ddns.net
mmten.publicvm.com
mo1010.duckdns.org
moaaaza.com
monogon.cc
n0fuzga.publicvm.com
nasser.endofinternet.net
new2023.ddnsfree.com
new6000fix.duckdns.org
nexsa111.sells-it.net
nexss111.sells-it.net
nexst111.sells-it.net
nulled2nd.camdvr.org
paris-comrademay17.duckdns.org
pofsecure.worse-than.tv
polymoly.info
pop11.linkpc.net
pop5.ddns.net
portdin.publicvm.com
quizzical-meadow-22997.pktriot.net
reinfocomplete.us
ridaq1.is-a-caterer.com
ridaq2.is-a-caterer.com
rider.giize.com
services.work.gd
snaxosveilbmoswar.ooguy.com
tarjapreta.news
vrln.linkpc.net
waelrakha.com
winhost.ddns.net
wizzy.hopto.org
wpmediatech.com
xavierat.ddnsfree.com
xxxpasoxxx.ddnsfree.com
xxxsthebagsxxx.mywire.org

# Reference: https://www.virustotal.com/gui/file/881168bc9d9b2dd0ab96a2ebf781069c7f0adb347d2aed6afffc40fc876440b2/detection

gratedmonth.duckdns.org

# Reference: https://www.virustotal.com/gui/file/00175798dec9209ec22acf95a8484f3fcc58524973ff82111268dc117f3647ad/detection

103.151.123.121:8891
handofhor.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fdaa11387459b12583b27ace60c86e5fee4d882eff1a3c84d934fe84a31a914f/detection

23.133.216.180:21340

# Reference: https://www.virustotal.com/gui/file/0031ede66d7106d7d02eeddba63722046419ee6acf14b1d0441fc6e57bb63bf4/detection

147.185.221.180:25384
147.185.221.180:4852
23.133.216.180:25384
23.133.216.180:4852

# Reference: https://tria.ge/221128-sds6nsga4v/behavioral2
# Reference: https://www.virustotal.com/gui/file/53f99ccc4b2f86fbd235ebb718b1425017f23c01bc1a2b5ba39da3d4d21ab2b8/detection

147.185.221.180:9969

# Reference: https://www.virustotal.com/gui/file/68ea91f5203fb365e373f3325f2388db0d3f83237381548418f92af5659b8d64/detection

90.166.185.205:6606
90.166.185.205:7707
90.166.185.205:8808
torpesito.ddns.net

# Reference: https://www.virustotal.com/gui/file/3e3ef95e4d20e1cf759021d91f834b6f2c82a1a9dbab3cab1605a55bc85d5be5/detection

167.71.56.116:22823

# Reference: https://www.virustotal.com/gui/file/f1b069632065fa9b56ec7fe634303955294d883a43b66449467fd0e84ac41981/detection

103.156.90.165:6688
inthepinvbxss.duckdns.org

# Reference: https://twitter.com/r3dbU7z/status/1600095143272402946

dybc.publicvm.com
elgzar.kozow.com
nasori.ddnsfree.com

# Reference: https://mp.weixin.qq.com/s/J_A12SOX0k5TOYFAegBv_w (Chinese)
# Reference: https://www.virustotal.com/gui/file/68573d7720dd2af77d97303843b1b8e80bff6650738c80df21fff51dac1075cc/detection

182.183.241.98:6666
tindertx.ddns.net

# Reference: https://www.virustotal.com/gui/file/9f87770bad3dd34c91f94032c8d219f327fea68d9452355804a59359dc8fde5c/detection

63.250.60.207:3060

# Reference: https://twitter.com/suyog41/status/1603656406854520832
# Reference: https://www.virustotal.com/gui/file/3cb88219d3e69e3831a24c06a1bcab6e6689358af1ce39e72876a27e73f236fd/detection

chasmic-slings.000webhostapp.com

# Reference: https://www.virustotal.com/gui/file/b090e91734b2b0159a3c73193665c461c57f46d8d10e9a01f662149b98c228db/detection

198.23.212.148:8848

# Reference: https://www.virustotal.com/gui/file/96c34bd9fb09b04617ca76e8e4e1ece03c9307335a25c882ae1b4a8e9fdbcca4/detection

4.201.51.87:5786
guardionofthelimiar.duckdns.org

# Reference: https://twitter.com/58_158_177_102/status/1607911624815542273
# Reference: https://www.virustotal.com/gui/file/f470c59c6294eb44a1710a494df0901093e8efef423e243bc41044a3f7349616/detection
# Reference: https://www.virustotal.com/gui/file/d43adab8c5f838640ed5b27cd6117f7482fbd1548cdab806ac675ab021e3b4e4/detection
# Reference: https://www.virustotal.com/gui/file/f6362f72ab7bf169e6f17cdfbf06871528526a210126f75dbd2f8ca8a2cb73cd/detection
# Reference: https://www.virustotal.com/gui/file/f1a0466f8d953d09ec77419609e8050f76c76aa93e9626ce3fc50fe9c296ad7f/detection
# Reference: https://www.virustotal.com/gui/file/9ea0227fe34a921ea91ee6780651f62011d3a17a67df57e22afeb4efb7ba75f4/detection
# Reference: https://www.virustotal.com/gui/file/2a0485239bcd3617d9b6139a2ecd01e2c094eeec2fbe8ac0aeed9e1fa2f4d781/detection

105.154.204.219:64
160.176.131.9:64
160.176.70.134:64
160.179.101.16:65
196.64.173.7:65
peakypinkers.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f8f2577b633797d4f522bc7365c943b83e3a92062ff2bd22f807d3d2f9fe354b/detection
# Reference: https://www.virustotal.com/gui/file/ead9e87d8a4aede84c362453156b467d3d0c31f26a670c4aea5a57ced4c6b4eb/detection

82.131.101.66:5552
1604.hopto.org

# Reference: https://mobile.twitter.com/x3ph1/status/1610430091041046529
# Reference: https://www.virustotal.com/gui/file/a71286ed9bc67a7bc404b462229db4cb869d36b84f41bfbc36a9227759ed434c/detection

147.189.168.100:6606
147.189.168.100:7707
147.189.168.100:8808
synergymediplus.com
1bxb.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1612459856639971328
# Reference: https://app.any.run/tasks/8bd63423-0ecb-4836-8e46-6ef6028d5f3c/

185.176.220.29:6606
185.176.220.29:7707
185.176.220.29:8808
mulla2022.hopto.org

# Reference: https://twitter.com/malwrhunterteam/status/1612581159699107843
# Reference: https://www.virustotal.com/gui/file/afbc4002c8369634933a12c9d2963644e648e30dc1ab25e506696f593fda4a33/detection

20.25.94.83:6606
20.25.94.83:7707
20.25.94.83:8808
c1crt.axfree.com
draxinc.linkpc.net

# Reference: https://twitter.com/Racco42/status/1612697711475572738
# Reference: https://app.any.run/tasks/46f2915c-5ebc-447d-976c-f4cfc4339f67/
# Reference: https://www.virustotal.com/gui/file/b90713c5c5f654a3dec2c6cd9c6b38d34a371403aa307a84f3d8cce512e41c0c/detection
# Reference: https://www.virustotal.com/gui/file/37d871a4da364d19f9a32d10a9845f808daa5b60479f9134d1d2d6501e21fa25/detection

109.206.243.198:6606
109.206.243.198:7707
109.206.243.198:8808

# Reference: https://www.virustotal.com/gui/file/da7c929bf15c5b5f503449155f5000987a35916cb8cd97ce46b3509a16cfd6ac/detection

141.95.84.40:3060

# Reference: https://www.virustotal.com/gui/file/d8ebb55bf18869dc3f5b0a3f3c1a5287b6499dd2749feb9aa42f9bd8f30fece1/detection

141.95.84.40:3030

# Reference: https://www.virustotal.com/gui/file/a70000522eeafcb0dabe06ae1f49b25257795d90269b6d47737b64cecbabb91c/detection

def.sytes.net

# Reference: https://www.virustotal.com/gui/file/137b0598d14eaba417a9e7a9aea72027aa2e98fc30c814df45b91a992824e6dc/detection

46.43.90.99:7788

# Reference: https://twitter.com/embee_research/status/1614805554261815297

1c76ec89.anchor.northphxchiro.com

# Reference: https://twitter.com/phage_nz/status/1615132638288957440
# Reference: https://tria.ge/230116-3mxwbsfc89/behavioral1

154.12.250.38:6606
154.12.250.38:7707
154.12.250.38:8808

# Reference: https://twitter.com/petrovic082/status/1615628082353676288

179.96.121.149:8080

# Reference: https://www.virustotal.com/gui/file/5cad69a96f097577cf7c73adeb0b43857c1acca3cf901c23f1f14768a16ac350/detection

45.138.16.150:6666
d1x3x.linkpc.net

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-01-19%20AsyncRAT%20IOCs

154.12.234.207:6606
154.12.234.207:7707
154.12.234.207:8808
newtryex.ddns.net

# Reference: https://www.virustotal.com/gui/file/4fe815a0f25f582df5512d777afceaa3dfe65da5ded46465fad849ff3487d170/detection

91.109.176.7:9441
bemviver-repouso.com.br
cdt2023.ddns.net

# Reference: https://twitter.com/1ZRR4H/status/1617696464230285313

2023foco.com.br

# Reference: https://app.any.run/tasks/d332f444-028c-48d1-9e84-9311b233e9e9/

95.216.102.32:6606
95.216.102.32:7707

# Reference: https://twitter.com/petrovic082/status/1618549394911170565
# Reference: https://www.virustotal.com/gui/file/fa3a9b975c2a6c0aafaba29157cb94daba8e5fe20da8c3c70c5552e2aaccf378/detection
# Reference: https://www.virustotal.com/gui/file/1649b879a199aea927d7879701a8017d286c291cd294b31e46486d2137c7789e/detection

134.209.126.30:6666
159.65.235.56:6666
181.214.94.75:6666
morph.sytes.net

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-01-27%20AsyncRAT%20IOCs
# Reference: https://www.virustotal.com/gui/file/e180cd1b7fcf1674287a2aa516901ab1491aaaf7d9beb067b8109e742d89a50b/detection
# Reference: https://www.virustotal.com/gui/file/041201ea61adce22ef2f36f64f9ccac66d638bffcb043e48f53d33cc7d8692a6/detection

http://109.107.174.128
109.107.174.128:6606
109.107.174.128:7707
109.107.174.128:8000
109.107.174.128:8808

# Reference: https://twitter.com/ScumBots/status/1621102979033010179
# Reference: https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia
# Reference: https://www.virustotal.com/gui/file/55e25bce90136a80ea0e24c17e4fa2b6582d9d387b3defeb06d40e38313ea6fe/detection

46.246.80.9:1543
46.246.86.3:1543
asy1543.duckdns.org

# Reference: https://twitter.com/malwrhunterteam/status/1622654044899614737
# Reference: https://www.virustotal.com/gui/file/360e29b66b74183494f32501a184eb3f39b425459b57cf84a6e3f8061dc519a2/detection
# Reference: https://www.virustotal.com/gui/file/cfd9d28726de527ffe41e35c827f4dbf94671b9f74d70fd0ac118ddd8bcd8485/detection

85.217.170.33:8008
fintran.site
filetrinsf.xyz

# Reference: https://www.virustotal.com/gui/file/6a5e14ed26730c4e7fcbcbbc98db1cb7bdc45b27af457fd7f349b78cc35da9f8/detection
# Reference: https://www.virustotal.com/gui/file/8a1b62fe165e75fe0004fcfa274a2b1316cb4012fb57454a45c15514b693fdc8/detection

85.217.170.33:8090
filetrisnf.store

# Reference: https://twitter.com/atomiczsec/status/1623112165212184583
# Reference: https://tria.ge/230207-2ydfdsga92/behavioral2

osostata.com

# Reference: https://www.virustotal.com/gui/file/16b4a6fec76b452f77a6832871ff2e906d673e557a0e6c2673fc952181d1319b/detection

185.249.198.46:6666

# Reference: https://twitter.com/dr4k0nia/status/1624214043639660544

18.206.35.13:6666
40.113.131.31:6666
xe3x1.ath.cx
xonxen.dnsalias.com

# Reference: https://www.virustotal.com/gui/file/727b7a1920d25e48af6ff6c8ee65be66ca062ba068d156a8211510c6e906e126/detection

20.206.103.69:4448
operador.ddns.me

# Reference: https://www.virustotal.com/gui/file/1b713a56ede95505160c5f6942799badd8c749a0cf767f34dbc276f31d5087e2/detection

20.195.202.119:4449

# Reference: https://www.virustotal.com/gui/file/1cf7ad31eb11c1ab20417351de431a3dd795ff9753e0f5e70c7ac3b7619283cd/detection

20.206.103.69:4449

# Reference: https://www.virustotal.com/gui/file/d4e1be1a339a03490a108e86604bd02f58aac556e4be18a52217bcc52816a936/detection

20.13.152.56:4449

# Reference: https://www.virustotal.com/gui/file/a1e5cd57d6884986e59bc05f2fc0b6bfb1199cba589ff293fbe538dfec78d835/detection

http://20.166.20.230
20.195.163.160:4449

# Reference: https://www.virustotal.com/gui/file/9b9477b4a407bb0cd74e70a1ceae6249a65bcefcf8cc9b98a79b03bca1fbb826/detection

20.206.103.69:7788
bitflysecurity.s3.amazonaws.com
operador.ddns.me

# Reference: https://www.virustotal.com/gui/file/817fd089f6f29233a21a67a8adc3f01e5816017cc653504d25ce0e3e41bad02f/detection

nofinebucket.s3.amazonaws.com

# Reference: https://www.virustotal.com/gui/file/4644d5d8f56afb7b2095ca5c209e840ad3a7dddaa294fa6a074283f0f6b1d956/detection

exodusdownload.s3.amazonaws.com

# Reference: https://www.virustotal.com/gui/file/0160a5ab3ac93ff1cbc18c74777e65600ef2982a2b147697944ad3033c6fd115/detection

esplogem.ga

# Reference: https://twitter.com/0xToxin/status/1624368467511021569

207.244.236.205:6606
207.244.236.205:7707
207.244.236.205:8808

# Reference: https://twitter.com/malwrhunterteam/status/1625586060276162589
# Reference: https://www.virustotal.com/gui/file/8572c19e4037b11c860ad014609a29a906ca1cdbd06ae6f13a3bf2e32c3acfb7/detection

20.229.137.82:1337
nonly.live

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-02-14%20AsyncRAT%20IOCs

195.133.40.128:333
195.133.40.128:6606
195.133.40.128:7707
195.133.40.128:8808

# Reference: https://twitter.com/dr4k0nia/status/1625965366793961472
# Reference: https://www.virustotal.com/gui/file/75ace7d4e6c6cd5abb6e28deb7a902f361afa443b0b71af834ff9d38972a441a/detection
# Reference: https://www.virustotal.com/gui/file/9e66a5a4ce6774b137b47c5feaa407b75b96349bbff3c2dfe24b522cfa06f46b/detection

185.241.208.233:1337
barbaraalle.camdvr.org
barbaraallen.camdvr.org
raymonddapson.camdvr.org

# Reference: https://www.virustotal.com/gui/file/017f7fb81dad9de4238b0dc6e59989eda959d8626df7451e8afe1ece3892621d/detection

http://185.11.61.245
185.11.61.245:6606
185.11.61.245:7707
185.11.61.245:8808

# Reference: https://www.virustotal.com/gui/file/5dd033f850835b3e0b4ae423aad9922a9759d6b3f7ea5ff2b171815bf3a18825/detection

194.5.97.59:6606
194.5.97.59:7707
194.5.97.59:8808

# Refereence: https://www.virustotal.com/gui/file/ceb12c810554c6988f7a88335613971616ef832dfd7e9027ae3bdf76f0974ee4/detection

18.228.115.60:19289
18.229.146.63:19289
18.229.248.167:19289
18.231.93.153:19289

# Reference: https://www.virustotal.com/gui/file/1e5407baf23480666ea2e978ccf1ad1276118b002c82160d5780f093a7517297/detection

178.175.142.195:26741

# Reference: https://www.virustotal.com/gui/file/f2399be73420c3074326fc31451d2c126c862dad095be5bcfbc0a0c0b022e4c7/detection

185.65.135.177:56604

# Reference: https://www.virustotal.com/gui/file/9a0bcf924ffecb891bae26ba6d17c2deb44f59f51a9d4f529b480393077585a5/detection

185.65.135.177:8925
maltosen.ddns.net

# Reference: https://www.virustotal.com/gui/file/26e95fe011f8d21bde28c916cc60ec5f7d817bba6f8df6302449a8fc0aaf729f/detection

185.65.134.181:56981

# Reference: https://www.virustotal.com/gui/file/cbe84d22f09c9a8eb3d15710e72eac9e21941400e66f3e890ce6fcca294b8ce1/detection
# Reference: https://www.virustotal.com/gui/file/8170cd47490cd0a0e8769cc662fe9d7a4e975c34e5fe494b209e0d73bc0d6433/detection

185.225.28.158:54944
3.64.4.198:18640
3.67.112.102:18640

# Reference: https://www.virustotal.com/gui/file/14c5a30526484ef4edf641a38e56a9c150d4f94ae125af2bbc9d821056d20023/detection

193.138.218.162:55373
193.138.218.162:57296

# Reference: https://www.virustotal.com/gui/file/9cc2a804dd840e979b6481c0cbc8045c991422d193b3e6358bacd082dd657c35/detection

209.25.140.180:55682
whole-playback.at.ply.gg

# Reference: https://twitter.com/malwrhunterteam/status/1630275606666440704
# Reference: https://www.virustotal.com/gui/file/b3051daf1bb20dfa1cbc49a1da48ad341ed3a3ccb86fa8ba5a264c4e98cdc0e0/detection

http://176.113.115.123
176.113.115.123:6606
176.113.115.123:7707
176.113.115.123:8808

# Reference: https://www.virustotal.com/gui/file/38d27eca5b197c4352ac713713e13e52ffe90c9eb61675315b0027ffa7c2aaf4/detection

51.142.111.3:3779
yourfather101.duckdns.org

# Reference: https://twitter.com/StopMalvertisin/status/1631318221465997314
# Reference: https://twitter.com/ThreatBookLabs/status/1632647230007173122
# Reference: https://www.virustotal.com/gui/file/90cb95264d0b555fe9a760de404196ac183a958c9cc1aad0689598e35fbb0c3b/detection

0ffice365update.blogspot.com
urlcallinghta1.blogspot.com

# Reference: https://twitter.com/StopMalvertisin/status/1631318233650446336
# Reference: https://twitter.com/c_APT_ure/status/1632327563921051648
# Reference: https://www.virustotal.com/gui/ip-address/212.87.204.83/relations
# Reference: https://www.virustotal.com/gui/file/c64e61aaa97d1744f8ec61dbd9ca72f3f5443bf534ee98eab39832338be39204/detection
# Reference: https://www.virustotal.com/gui/file/94c3945bc834baae76d1e1e9fe6f647fc3438cc8b2dd1cbcf71e1fa57ff777b8/detection

212.87.204.83:3000
212.87.204.83:5000
port3000newspm.duckdns.org
port6000old.duckdns.org
port7000old.duckdns.org

# Reference: https://www.virustotal.com/gui/file/43905bff6b7bdac9698c9109764e7ac3ffddddf59b9d278c648dfd8e6b1403ac/detection

3.64.4.198:16972
3.67.161.133:16972
3.67.62.142:16972
3.67.62.142:19425

# Reference: https://www.virustotal.com/gui/file/13de2024361712c76d9e5aed5aa9efb5af58dbc42e0ef58fa9084f422e268195/detection

165.227.31.192:22832
us-west-11608.packetriot.net

# Reference: https://twitter.com/TrackerC2Bot/status/1634253108975894528
# Reference: https://www.virustotal.com/gui/file/25beb3bb95290ffbb5b12ad678ca9c7eb1bc2a135ecd0ec35621d30a9bab31d3/detection

172.93.231.202:4442
172.93.231.202:5552

# Reference: https://www.virustotal.com/gui/file/52688b2d7ff1b147902bb6eade2be7d52e27efb10f318ede17e05eb398386cac/detection

181.141.1.250:2424
46.246.12.16:2424
telo2158.duckdns.org

# Reference: https://any.run/malware-trends/asyncrat

kmspico.one
majul.com
eltem.iptime.org
fund-linda.at.playit.gg
lesgoo.kozow.com
mind-cpu.at.playit.gg
nethttp.sytes.net
trip-it.at.playit.gg
trojeiros.duckdns.org

# Reference: https://twitter.com/0xrb/status/1635946014031978497
# Reference: https://www.virustotal.com/gui/file/5379820f930466a3fd452e5161da9da7771db18a2c88050a9f7a908960e1d7c8/detection

185.136.161.11:1337

# Reference: https://github.com/RussianPanda95/Malware/blob/main/AsyncRAT/hindi_config-3-17-2023.txt

chromedata.webredirect.org

# Reference: https://www.virustotal.com/gui/file/486d9c1f259ee472964bf817ed2b8e218440f7b1145230ff8cbba6a3da3c8f55/detection

181.141.1.67:4243
dcleomessi.duckdns.org

# Reference: https://twitter.com/pmelson/status/1640822646089678848

p24xy.xyz

# Reference: https://www.virustotal.com/gui/file/0c6b9d6c37b17c04112ce5b33b8b7770c483cb70b1e28f66d06d1bbf8384c777/detection

91.192.100.36:4444
dlusercontent.net

# Reference: https://www.virustotal.com/gui/file/c0414a72120a5810090003e67dfd5deb57d40b7114a427b3cb8b255d92e7e1cb/detection

37.166.213.98:6606
37.166.213.98:7707
37.166.213.98:8808
cloudflarenet.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1c5a1893e2d9ebec47e904cb5848c73160e44bbdc132ef4629ed01248c126bd0/detection

91.109.186.14:6606
91.109.186.14:7707
91.109.186.14:8808
seznam.zapto.org

# Reference: https://app.any.run/tasks/d76a4082-1636-4122-9ac8-55a52a8c79d8/

103.47.144.42:7045

# Reference: https://www.virustotal.com/gui/file/5faef14a931cb73235865309f5b8d151decefe3163036e6d15442325eeda14fa/detection

82.213.21.251:6606
82.213.21.251:7707
82.213.21.251:8808
ccleaner.hopto.org

# Reference: https://app.any.run/tasks/842a3193-57c3-4a67-919d-f63d091ef85d/
# Reference: https://www.virustotal.com/gui/file/6dedc7da4dacf1e6bec9ca8b120343dfea5a46df41ca454f37284b163211ff78/detection

http://185.81.157.135
185.81.157.209:2301

# Reference: https://twitter.com/malwrhunterteam/status/1643576221354033154
# Reference: https://www.virustotal.com/gui/file/cb977702b8e144294287783f421fa0c9648e91b2ae7a22c9564ef2986bd76675/detection

209.25.141.223:50753
overview-bm.at.ply.gg

# Reference: https://www.virustotal.com/gui/file/b605abc87533cdc19417cb5d77523786566abea6d3c50f9726cb50e572a72a6d/detection

194.26.192.121:6606
194.26.192.121:7707
194.26.192.121:8808
mssssusa.accesscam.org
wmssssss47477474.casacam.net
6606.mssssusa.accesscam.org
7707.mssssusa.accesscam.org

# Reference: https://www.virustotal.com/gui/file/f38e60203e63c6698a2ece1184f19377d9f42caf2c3d474b9f8a210d41313d00/detection

win10.webredirect.org
win11.giize.com

# Reference: https://www.virustotal.com/gui/file/6d7250146b15601a91d4a0b1f7b61c92663ba3c292a7a599b729c0f63702534e/detection

185.65.134.182:15888

# Reference: https://www.virustotal.com/gui/file/a41eb1afcafeaa654907fcb9bf5933bf5fd628f921e846ac9337b9841300194d/detection

185.65.134.182:57274

# Reference: https://twitter.com/x3ph1/status/1646691991982333954
# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/e22683de5510cbc523e79448c8695ae6c07e03b6548acbd8960ce243282594c0/detection

147.189.170.192:6666
wbem.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/f12589613148fd8c49340d2a052055a904eebcb6be0139e88c195199e017ee7c/detection
# Reference: https://www.virustotal.com/gui/file/d914868ffae77ca23a37923e9af6e4f4b006a1647de5312881abb32e86e1004b/detection
# Reference: https://www.virustotal.com/gui/file/6c53e66888f9ea39e6742852b010583ba15026c20e175cfbf889681f72407b31/detection

2.56.56.223:1996
207.32.218.11:1996
zipcode96.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/b4a9322a15a084fe9b8347b2c7bceac6f82d838a808dadcdd82b48bd1763ae2c/detection

207.32.216.100:1999
bigflossy.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/0be38f7ea9f1a73de2b0d3a5780837eb07a46cdb784b1f89e355d4c4dab76eb2/detection

2.58.56.41:1996
cynax22.hopto.org

# Reference: https://www.virustotal.com/gui/file/f5b225cee24542e5f59f4aeb62bc8dcfe407014e644987586c5effa2e443df91/detection

176.97.70.164:1177

# Reference: https://www.virustotal.com/gui/file/5f69e57505862bfe9efc097de17ffa99c93eedb60e86b073cbe494b00a2d9a37/detection

18.228.115.60:12097
18.229.146.63:12097
18.229.248.167:12097
18.231.93.153:12097
54.94.248.37:12097

# Reference: https://twitter.com/r3dbU7z/status/1649082685338402816
# Reference: https://www.virustotal.com/gui/file/d5a2a03d87b4f1471dabcc76c057b74ebf4557058bdc225194a444413964b13a/detection
# Reference: https://www.virustotal.com/gui/file/b65be0351a717f4440b29a61d206acf4457c4755693f5d68e8cb39948ec5c1cf/detection

http://51.89.207.173
51.161.107.21:666
usb.directory

# Reference: https://www.virustotal.com/gui/file/33a24cdd53b8d0a52bd93e9b59482c4c7c933d119dba87f01f7c02a8c97bed0a/detection

147.185.221.223:24460
myfilesx.s3.us-west-004.backblazeb2.com
/ddgqprb4fbn/fgtryh45c.txt
/ddgqprb4fbn/
/fgtryh45c.txt

# Reference: https://twitter.com/sicehice/status/1650703773839286272
# Reference: https://www.virustotal.com/gui/file/9bc6f7078b4a80e7363336194ffccb04d646da487bb093775b3caefd224f7d87/detection

31.192.235.146:8000
31.192.236.139:3434

# Reference: https://twitter.com/g0njxa/status/1652022542259896335

20.123.197.130:8080

# Reference: https://www.virustotal.com/gui/file/140e8710e1a8c2dfbeea2587180ffc0656523fca8824880e7e3de91a3a56d7a4/detection

81.161.229.121:4545

# Reference: https://www.virustotal.com/gui/file/0571c7fd18f633e731f93e93f82260c89157e2e014152b1d909cfbc1c7d68570/detection

179.43.154.184:8008
minijusfil.com

# Reference: https://www.virustotal.com/gui/file/cd279fe4806f1925c2985f4a3f4a0052b140e85ffad9a2e46b27f8ff2cd99baa/detection

bahrdevo.endoftheinternet.org

# Reference: https://twitter.com/malwrhunterteam/status/1654111835136708608
# Reference: https://www.virustotal.com/gui/file/09cc73e85312daa39cbf1e5a523ed368a0611c0691cecbafd5f6b0c2d64eaaba/detection

46.21.153.135:9897
apatee40rm.gotdns.ch

# Reference: https://www.virustotal.com/gui/file/817c463f2b2d6ad916bd11bdc8e81e232b443d333cb02a3943d28f11d206ccc3/detection

45.80.158.114:6606
45.80.158.114:7707
45.80.158.114:8808
1dog.ddns.net

# Reference: https://www.virustotal.com/gui/file/3ebfbbd09064aae6f6238d019637a666740b3b35141e46cf76524c8dde88fb26/detection

103.30.126.242:8848

# Reference: https://twitter.com/Artilllerie/status/1655915223604244482
# Reference: https://www.virustotal.com/gui/file/4d275403b2993bb1dcf4d3262a5a70b32c0caa04e3cdb8c236420a3b1b1855b6/detection

190.2.142.239:5566
downlodanydesk.com

# Reference: https://www.virustotal.com/gui/file/91971af253069cff21a8c104773ba2f80ac611a6e72db84d20432141136578f4/detection

104.234.119.55:50511
mortgage-service.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1141b995cd24c8f2eb4d83d08a3a9dba4f2c4cd5d6e1528f64aa8d51ddbd62bb/detection
# Reference: https://www.virustotal.com/gui/file/afda04b91b8bff33be9e8f9c7a3cf441c4b2c92f9fcef42a00bcf35e495a9e67/detection

79.134.225.40:2211
vmware.trickip.org

# Reference: https://www.virustotal.com/gui/file/0c32c4300e32863030d1ed5633f530a4f411df1c391d4388140c8ff2974638b0/detection

194.5.97.49:6970
83.151.238.37:8080
dvcfxgcvbbasfsd.ru
xafsavxcfdgbdsfg.ru
giuseppe.ug
tamera.ug

# Reference: https://twitter.com/0xToxin/status/1661101374166257664

strekhost2058.duckdns.org
strekhost2065.duckdns.org
strekhost2068.duckdns.org

# Reference: https://gist.github.com/embee-research/f6af45017a3bb3c64a1654b7c4810525

109.230.238.142:6666
116.62.115.255:8808
120.146.185.63:443
142.202.240.126:5555
146.59.161.194:8808
149.102.132.253:3110
15.165.236.45:8808
172.81.60.205:8808
185.81.157.105:5130
185.81.157.135:7777
185.81.157.14:4444
185.81.157.168:7701
185.81.157.5:4152
190.28.148.168:2000
192.119.108.77:8713
192.119.108.78:8713
193.23.161.246:6666
194.156.91.127:8743
194.9.172.60:8808
198.244.251.230:2222
20.67.243.141:113
207.244.232.102:8808
207.32.217.71:5001
23.254.130.126:6667
23.254.227.121:6666
23.254.231.83:1002
38.242.242.149:7777
45.138.16.161:2020
45.138.16.202:6666
45.138.16.48:1234
45.141.215.81:888
45.141.215.84:222
45.143.99.54:1337
45.154.98.110:1989
45.154.98.192:222
45.58.190.125:8808
45.80.158.57:8888
5.224.222.214:4001
5.249.165.85:6666
51.120.120.162:8808
51.161.104.149:8808
51.161.105.119:7707
51.161.59.75:7707
51.81.126.13:222
51.81.24.93:7000
51.89.204.67:7707
51.89.207.166:8808
54.38.124.50:8096
54.38.234.73:8808
66.94.118.174:1188
66.94.122.207:8808
70.36.110.159:8888
74.222.22.72:8888
82.159.198.174:4002
85.206.172.156:444
85.215.190.69:8808
98.26.85.5:6969

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (04 Jun 2023)

111.90.149.195:5111
111.90.149.195:7766
151.80.52.38:4449
185.252.178.121:8808
192.71.244.54:8080
37.196.152.120:4449
43.226.49.147:8080
45.80.29.139:1337
64.235.61.43:8848
84.54.50.9:6606
84.54.50.9:7707
84.54.50.9:8808
88.198.206.217:4449
91.192.100.7:8808
95.214.27.44:6606
95.214.27.44:7707
95.214.27.44:8808

# Reference: https://www.virustotal.com/gui/file/74c1d1141cf501cd8b9d86f97acb67cc7dc7e9213f8722600ae991f5d254b68b/behavior

websites.vpndns.net

# Reference: https://www.virustotal.com/gui/file/28e1470bf46b1680e230c7bb57e4836d3b6bef4d35d2cc927984950416a4c1d7/detection
# Reference: https://www.virustotal.com/gui/file/367831dcb90d2df723eeccb94c21fe58691a6946b4ea40cb9de2bac316319d9b/detection
# Reference: https://www.virustotal.com/gui/file/ba5ed5f0f25b952f16a30d9dc97c1be2a9c1f7676345311b421584ca4c4c1405/detection

18.198.77.177:17851
3.121.139.82:17851
3.127.253.86:17851
3.127.59.75:17851
35.158.159.254:17851
52.28.112.211:17851
solarx.site

# Reference: https://www.virustotal.com/gui/file/da642fc983f09b106c32181f7e66d0cad426924650594ca613e5ce5b25b71493/detection
# Reference: https://www.virustotal.com/gui/file/2d2211d9266e7080e6e12d150829935a3f0794e4d499199f9c7480de02b458d7/detection

141.95.84.40:456
141.95.84.40:916

# Reference: https://www.virustotal.com/gui/file/9b3c1321f7bee06e6790ee733d7ff90400f628040fee4e65d240340f957d00a1/detection

104.243.47.45:5230
104.243.47.45:6606
104.243.47.45:7707
104.243.47.45:8808
celsperial.hopto.org

# Reference: https://www.virustotal.com/gui/file/f9171de76ea630a461f1764aa9c27fadf7e8fcbddfa7a2c3b44067867c029f05/detection

91.208.92.49:7001
miopsbn.con-ip.com

# Reference: https://www.virustotal.com/gui/file/0747abd54dd664fed5dd0028ac579905845c91d5a0da537133ba4bfcb5fea15c/detection

181.142.211.88:7577

# Reference: https://www.virustotal.com/gui/file/71a2fe2a79055b9aca04daaa8288730f1027c0b186e2f10718b21e2d1e89355d/detection

64.235.61.43:42069

# Reference: https://www.virustotal.com/gui/file/cd704cdaf7397e725eaa339fb7ad3a0ab26f503428eb8eaaf4abb656ae949382/detection

188.126.90.211:3636
188.126.90.212:3636
46.246.12.211:3636
46.246.4.211:3636
planpnl.duckdns.org

# Reference: https://www.virustotal.com/gui/file/132358ecc4d7b80efba0d2d57fe104b563673ecc9935efcd4e8440c886e0138c/detection

18.228.115.60:17832
18.229.146.63:17832
18.229.248.167:17832
18.231.93.153:17832
54.94.248.37:17832

# Reference: https://www.virustotal.com/gui/file/3ec57ea55466112ec38310d0066fc024e3600887785e768a8219230d236a7eb8/detection

18.228.115.60:16864
18.229.146.63:16864
18.229.248.167:16864
18.231.93.153:16864
54.94.248.37:16864

# Reference: https://www.virustotal.com/gui/file/c44075c86a18be51547cba1e2d357aaef5008a0bfb25daa4dba2c6c5e25f2ca1/detection

209.25.140.194:51862
209.25.141.194:51862
209.25.142.194:51862
194.ip.ply.gg

# Reference: https://www.virustotal.com/gui/file/994385b5a04f107c65d45c3cb54483e847d63b6b75988ad8ecfd6c9df1cba295/detection

18.230.117.219:6000

# Reference: https://www.virustotal.com/gui/file/c7b9a1bf733e98f545d5cb946165c32923c564b4cc3603924eae9a44df203a3d/detection

18.231.156.119:7000

# Reference: https://www.virustotal.com/gui/file/fbc3ad3bdb040103596ab07b85d80331dcaa9868e55220481faba563c85f890a/detection

18.228.115.60:13552
18.229.146.63:13552
18.229.248.167:13552
18.231.93.153:13552
54.94.248.37:13552

# Reference: https://www.virustotal.com/gui/file/f8fc2647fffca9883e5eb6cc375c4efafdb56d2f4a11fce3b4444dadfb51d0cb/detection

192.119.108.74:8710
192.119.108.74:8712
microsoftdell5.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fd5b9cbb176cfea7cb3ba0b8f10e323eb1a9c1a914a0ab9182aa033c8ea18429/detection

181.141.4.153:8000
walder08.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d173f0a86e693ad02d756c7f8f1bee445c663aecf2b4f886f733ca01c0911345/detection

181.141.4.153:6969
an6969.duckdns.org

# Reference: https://www.virustotal.com/gui/file/296a2cb7bf3fa274918f985358debd7983e2af29068fc37dd9cb99e070b9f0fd/detection

151.106.30.145:7410
741qu.bounceme.net

# Reference: https://www.virustotal.com/gui/file/577047181197a34939a106666deec71d3e91e386deda32d412ef1e8b3de2b000/detection

198.12.123.17:5004
198.12.123.17:6606
198.12.123.17:6700
198.12.123.17:7707
198.12.123.17:8808
celesperial.ddns.net

# Reference: https://www.virustotal.com/gui/file/67905601c2fc9f78274058e39de8c2714f46b40cfd29e5d5a06117fc7d07ab46/detection

172.111.136.105:2022
admina.duckdns.org

# Reference: https://www.virustotal.com/gui/file/60ae5794afacdc55c75268040eedce59d20776dced641d2cba250bd768359d8a/detection

alertgeeks.ddnsfree.com

# Reference: https://www.virustotal.com/gui/ip-address/185.150.117.106/relations
# Reference: https://www.virustotal.com/gui/ip-address/84.32.190.45/relations
# Reference: https://www.virustotal.com/gui/ip-address/85.217.144.194/relations
# Reference: https://www.virustotal.com/gui/file/9ae87c35d2a6209b208dcefea9785a31d69a1a9396a825883edddd3e030188e4/detection

fox-news-checker.cc
microsoft-auth-network.cc
microsoft-service-checker.xyz
security-service-api-link.cc
update-checker-status.cc
utorrent-backup-server.top
utorrent-backup-server2.top
utorrent-backup-server3.top
utorrent-backup-server4.top
utorrent-backup-server5.top
utorrent-server-api.cc
utorrent-servers.xyz
win-network-checker.cc
windows-services-update.com
youtube-checker.cc

# Reference: https://www.virustotal.com/gui/file/9a6aa7bc60f817e2c0761373100d5bb22207847da7d8452db757b17c03c18c9c/detection

185.174.101.94:5464
electroniccomerceanddatabasesforstudypurposesonly.online

# Reference: https://www.virustotal.com/gui/file/b0fafe361aa7083b1d3482ec723158599dd01c5d26fa5ea3c30d78a325c9fb8a/detection

209.25.140.229:18084
209.25.141.229:18084
209.25.142.229:18084
decision-at.at.ply.gg

# Reference: https://twitter.com/k3yp0d/status/1681973711774130176

nansen.accesscam.org

# Reference: https://www.virustotal.com/gui/file/0c72727630c83e823fd60d776bad262f01c7e0a9e52ea92fdd9a3adf04910d6e/detection

209.25.140.181:26235

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-23)

http://51.79.49.73
103.169.34.151:2245
103.170.118.35:6606
103.212.81.152:3845
103.212.81.152:3850
103.212.81.152:6606
103.212.81.152:7707
103.212.81.152:8808
104.255.175.12:8008
107.175.113.198:8011
108.58.155.197:6606
108.58.155.197:7000
108.58.155.197:7707
108.58.155.197:808
108.58.155.197:8808
108.58.155.197:8881
108.58.155.197:9909
109.195.94.247:8096
111.90.150.186:8977
116.62.11.90:8848
136.243.151.123:8808
136.243.151.123:9999
136.243.151.21:65
136.243.151.21:66
138.201.95.65:8808
141.98.6.105:5010
144.126.149.221:8888
146.59.161.10:8808
147.189.174.239:6666
149.202.0.249:8808
149.56.79.3:4007
154.12.252.41:4449
154.213.18.103:6000
154.213.18.70:6000
154.213.18.70:8808
154.213.18.84:8808
158.69.131.146:222
158.69.131.146:2222
166.88.209.145:1337
172.245.23.178:7777
179.13.0.238:4203
185.104.195.215:1981
185.104.195.215:2000
185.106.92.84:4449
185.17.3.72:7707
185.222.58.44:4040
185.225.74.254:6606
185.225.74.254:8808
185.24.55.37:8808
185.241.208.104:5555
185.241.208.142:6666
185.241.208.99:2222
185.241.208.99:6666
191.101.130.205:6606
191.101.130.205:7707
191.101.130.205:8808
191.89.243.236:5757
192.119.108.75:8713
192.119.108.76:8713
192.159.99.5:1010
192.159.99.5:2020
193.149.185.150:7707
193.23.3.123:6666
193.233.133.58:5631
193.26.115.74:888
194.213.3.18:6666
194.31.87.133:8808
194.32.149.80:8808
194.59.31.39:2025
194.87.151.87:8808
194.9.6.69:8808
2.58.56.143:222
2.58.56.143:2222
2.58.56.143:5555
20.150.193.28:4449
20.200.63.2:2727
207.32.218.20:8008
209.145.56.0:4017
209.25.140.212:34507
209.25.140.212:8848
209.25.141.180:6498
23.101.143.72:6666
23.101.143.72:7777
23.101.143.72:8888
23.229.67.133:5808
3.88.20.74:1111
45.12.253.107:8808
45.125.48.112:8808
45.136.6.79:8808
45.138.16.108:8808
45.138.16.145:2222
45.138.16.145:4444
45.138.16.145:6666
45.138.16.213:1194
45.138.16.235:6666
45.138.16.235:7777
45.141.215.109:7707
45.141.215.121:4444
45.141.215.121:6666
45.147.45.253:30303
45.154.98.201:6666
45.80.158.116:6666
5.161.192.28:6606
5.196.35.57:8808
5.224.222.63:4002
5.224.222.63:5001
5.224.222.63:5003
5.252.165.130:8808
51.142.112.141:113
51.75.52.3:2020
51.81.24.93:8088
52.28.112.211:19945
66.94.105.222:8808
68.219.184.180:3131
69.172.233.16:6666
69.172.233.44:6666
70.36.111.185:8888
77.73.131.83:8080
78.161.80.191:8808
78.47.172.152:5555
81.171.25.97:113
82.159.146.144:5000
84.54.50.31:8877
85.217.144.78:8808
87.121.221.53:6606
87.121.221.53:7707
87.121.221.53:8808
89.23.96.181:7777
91.109.176.4:8808
91.109.178.10:8808
91.109.182.6:6606
91.109.182.6:8808
94.142.138.19:443
windows10-11.ddns.net
windows10-11.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/167ed73a98ed7c3ff1ff221117f497c8fb6fa98ee0c1160a567415ad6d39195a/detection

18.197.239.109:12694
18.197.239.109:66086
18.197.239.109:7707
18.197.239.109:8808
3.69.157.220:12694
3.69.157.220:6606
3.69.157.220:7707
3.69.157.220:8808

# Reference: https://www.virustotal.com/gui/file/1a4f3da692806a57a243e8d165a183019c0a0126e8c6f0aade81979679ab3d94/detection

181.52.111.53:3028
sept24stri.con-ip.com

# Reference: https://www.trellix.com/en-us/about/newsroom/stories/research/beyond-file-search-a-novel-method.html

111.90.150.186:6606
111.90.150.186:7707
111.90.150.186:8753
111.90.150.186:8808
111.90.150.186:9907
79.110.49.162:6606
79.110.49.162:7707
79.110.49.162:8753
79.110.49.162:8808
79.110.49.162:8977
79.110.49.162:9907

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-29)

142.202.240.126:6666
147.50.253.108:5505
147.50.253.108:6606
147.50.253.108:7707
147.50.253.108:8808
172.94.105.98:2000
185.246.222.170:1616
192.121.247.21:2000
20.124.90.72:5002
20.200.63.2:3232
92.178.8.159:8848
onadeatcamside.sytes.net
ronadeatcamside.sytes.net

# Reference: https://www.virustotal.com/gui/file/6c16c890ebece47d2e9c9160c366e632fc7577ac766ae32ef640070481ab8c3e/detection

157.90.51.195:58001

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-31)

147.185.221.16:10735
206.53.55.8:6606
206.53.55.8:7707
206.53.55.8:8808
213.238.177.40:8848
91.109.176.13:6606
91.109.176.13:7707
91.109.176.13:8808
