# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://news.sophos.com/en-us/2018/10/02/the-price-of-a-cheap-mobile-phone-may-include-your-privacy/

apis.sunlight-leds.com/user/register_lock
apis.sunlight-leds.com/get/policy
apis.sunlight-leds.com/get/net_work
dt.szprize.cn/mbinfo.php
play.xhxt2016.com/logcollect/log-information

# Reference: https://www.virustotal.com/gui/file/02322b3070844386db63a6fe75688c1509a8d2a661361d5065c468a7374e82d5/detection

3.17.202.129:11299

# Reference: https://www.virustotal.com/gui/file/a5e5d15acedf0eb09e0e741834f4564e3926438082c092ce3d1616cd33313ff3/detection

3.17.202.129:13313
3.19.114.185:13313

# Reference: https://www.virustotal.com/gui/file/accf9c81afd552851876ca8ae4400b14ba55ff13658b988f1366b2342d3c8e65/detection

3.17.202.129:15480

# Reference: https://www.virustotal.com/gui/file/497e57857f583a9be4dfef3ec6735cbfd9d11a3628aa245bf6a60a1c3eeca126/detection

3.17.202.129:14730

# Reference: https://www.virustotal.com/gui/file/5debbfefa6b93758d192a1ae79f9bd2bbbc948707e2ab3d792c8c48626902948/detection

3.17.202.129:19987

# Reference: https://www.virustotal.com/gui/file/7bf338e1985e0aae524221790c301c6179ee140f4c6200cff2c1bc19392d611d/detection

3.17.202.129:12281

# Reference: https://www.virustotal.com/gui/file/0fe215ec2b7b14900f952bc88819da93e20795013b07071a0e452ce6de71e6f6/detection

3.17.202.129:14738

# Reference: https://www.virustotal.com/gui/file/d608c0d9dcdc8a2e04f6c9e8a1f7a44106e6a2049fcd70355f0de7376b1ff795/detection

3.17.202.129:19850

# Reference: https://www.virustotal.com/gui/file/55bfef694ecd7f83c8a6b020fe08b5f88dbdfe3db61d70bfdb80ef911011df31/detection

3.17.202.129:12057

# Reference: https://www.virustotal.com/gui/file/a02d3fa2780671c590de9ef57bd7cee904c005d8d53ab07a2320e2b68440ea75/detection

18.223.41.243:14001
3.17.202.129:14001

# Reference: https://www.virustotal.com/gui/file/fca4504252a76e785c7e4a6ee74cde9a36c0e071d4b7a56d340a2d1c0ebba279/detection

3.17.202.129:26569

# Reference: https://www.virustotal.com/gui/file/b6655c33c4f6859884998a74d3eb64773d16b00570457c72eb6f11df00a82a2d/detection

3.17.202.129:18169

# Reference: https://www.virustotal.com/gui/file/3e6b5947af518d207467feecf83f9d4460e36c2469a77891b7a6eaa87efd37eb/detection

3.17.202.129:14617

# Reference: https://www.virustotal.com/gui/file/b6dad30adce1b40c7890324713988a4bf6c4133bdc7666d5b8d3c4c8289592c9/detection

3.17.202.129:18336

# Reference: https://www.virustotal.com/gui/file/603ea32e446844ab166e372e6313988ff5fdbc734f690f5b84fa2f0ddad93b4c/detection

3.17.202.129:11577

# Reference: https://www.virustotal.com/gui/file/d4dd94327bb4612a3f1d52dda9512475067b08b5cdb78370fa8469f055f2a881/detection

3.17.202.129:16380

# Reference: https://www.virustotal.com/gui/file/0aeace0c4d16e8c73e6619e122c799b1c5f12b443dd335ea8b96c7941503a99a/detection

3.17.202.129:11707

# Reference: https://www.virustotal.com/gui/file/9662b054f00b36df55875fe9d38f791fa8127e4fbcfdd599aea35a16ba934d2b/detection

3.17.202.129:16480

# Reference: https://www.virustotal.com/gui/file/2e258069d4769fa101c604d94ec1a629a67bf69f388169a398c19ae04d4f1297/detection

3.17.202.129:19658

# Reference: https://www.virustotal.com/gui/file/c2347e12238c8a580fc63f7647e11bf73afce09d8a156c3d1acb4e7a43493446/detection

3.17.202.129:10562

# Reference: https://www.virustotal.com/gui/file/81f99af35301cda05d914f56d00f2665a4c14c63f36cd17544bbac8fd413d200/detection

3.17.202.129:10726

# Reference: https://www.virustotal.com/gui/file/024d46533f896209db769aea6ac2331edafe3cbbf2164f711fd5a88fe362a7eb/detection

3.17.202.129:14116

# Reference: https://www.virustotal.com/gui/file/2281f2b6462735730db80b63716cbe71cc1e2bf1b1c6e9f30b62a1ddf067db2a/detection

3.17.202.129:17784

# Reference: https://www.virustotal.com/gui/file/7eb928117a5726c50e428c78cc1e670dd7a5c9efbcb1b43247346ffc0decc18c/detection

3.17.202.129:13200

# Reference: https://www.virustotal.com/gui/file/dbfed351b791792543396f1b18e8d5bf57704f70014e9a762fa85729656f6150/detection

3.17.202.129:19779
3.17.202.129:9923

# Reference: https://www.virustotal.com/gui/file/0ce05256e857261832580f7149782108ac172219df39fca6d3381e58e3d7c3d4/detection

3.17.202.129:13932

# Reference: https://www.virustotal.com/gui/file/415da659e5ce862170f8ab626e0e13e5630a1aa99a9368f17b885ed85c9ab0c7/detection

3.17.202.129:12456

# Reference: https://www.virustotal.com/gui/file/f1a2032e7bebf2b49d8d5f6dd8747bf4936ea0fdeeb41192dc28b189b62c6879/detection

3.17.202.129:11052

# Reference: https://www.virustotal.com/gui/file/37b8beece5078b3822c5f3cee4ea815c678d5fa15e1691cabaf25065f5ebcf9a/detection

3.17.202.129:13860

# Reference: https://www.virustotal.com/gui/file/5386be0c5bc968f51d6020a41d1898836abf5fd2fb6f5c4e5ea34ff68ad038ba/detection

3.17.202.129:15385

# Reference: https://www.virustotal.com/gui/file/69261a01ede9e887934bc2e7bcea3562178e8d0de6436a8e6cff30c56dcc0167/detection

193.161.193.99:51693
MehakSandhu-51693.portmap.io

# Reference: https://www.virustotal.com/gui/file/1b0947c910a0c9d2b3f3481e624c34ee13c12a970175b001768fea07a0e6a656/detection

193.161.193.99:44222
obrine7-44222.portmap.io

# Reference: https://www.virustotal.com/gui/file/dbb92acba8f57a900c3c053c78ea5c07126abc58a48a1c9cfbf7cbfccc9d7308/detection

193.161.193.99:34029

# Reference: https://www.virustotal.com/gui/file/6a3eb7847313b6cb1d69a5890d7593d16e830caa19b5d6a2e068e5d3cabb161e/detection

xeminem-60058.portmap.io

# Reference: https://www.virustotal.com/gui/file/ed11ff922b646279651d84413205b5ce21385770a6cecddb86c272922979e5ff/detection

193.161.193.99:42149
updatedata-42149.portmap.io

# Reference: https://www.virustotal.com/gui/file/4d681c6795d55c10f453e39fcf6a6915b9083f24a8bef7ae7c1a1d91809958e4/detection

193.161.193.99:39494
Hlothere-54820.portmap.host

# Reference: https://www.virustotal.com/gui/file/9aa5b80f67a887af40cf047c36e29ef7e657057c2d4ed23b8e480d2e92a17ace/detection

193.161.193.99:45730
DevilHacKer6-45730.portmap.host

# Reference: https://www.virustotal.com/gui/file/1126b45458447f5cb508fd914f4886eb8a2caf43bcac9dc2d16d55afa1a9fe11/detection

193.161.193.99:49331

# Reference: https://www.virustotal.com/gui/file/14417c94f9951b05d03fc95303b950673f046152f298a0aed50f3bed978c97a7/detection

193.161.193.99:31338

# Reference: https://www.virustotal.com/gui/file/1e9f71570c7224c9f4d812fa6c1020c85d34044dc6491a7b7555df899e3b0a31/detection

193.161.193.99:47558

# Reference: https://www.virustotal.com/gui/file/0e487c504c389f8319e289030626e5e809bff09f1fea197a3319967c5a9cf32f/detection

193.161.193.99:48073
abcdzu-46166.portmap.host

# Reference: https://www.virustotal.com/gui/file/544bea74366f76fba5f2091463dc912e6e7f0e20fd5c5ffa22ef242b71f3fa06/detection

praveenecil-62024.portmap.host

# Reference: https://www.virustotal.com/gui/file/72ef44526599e2fddb900245f0fbc23248a072604c5a4ca8f780a37e9e3128c4/detection

193.161.193.99:1194

# Reference: https://www.virustotal.com/gui/file/4d828a11b6d41998caebfd0bbff403eb3340fc1264a472546a7a5ae42b785faa/detection

99999-27441.portmap.host

# Reference: https://www.virustotal.com/gui/file/c181610dc3161a8dc8f791ba4f4ab2d8b636fc416ad34ae2609d8e6f7b257eea/detection

193.161.193.99:54451

# Reference: https://www.virustotal.com/gui/file/5f00a60dad8e08e4d8b6ad31adf2b3068de94828e04e931462389c6907507144/detection

p8kka--chu.duckdns.org

# Reference: https://www.virustotal.com/gui/file/63d91aa82d6cc522e1f53b3485d483e262b40ca5ec19870c7d5835866e0c8584/detection

gabbarcchand-54721.portmap.io

# Reference: https://www.virustotal.com/gui/file/1293738c104a66e192f24cee7a1a2e717364a868ee9c8ba76e4b99472eb743c7/detection

hahaha555-57697.portmap.host

# Reference: https://www.virustotal.com/gui/file/f867c68c55e8c30062a5b75699789ff2190c4935eb2efcadd02ea4d5f6e24c91/detection

3.19.3.150:12256

# Reference: https://www.virustotal.com/gui/file/cfa969019302476144732173197af9a7376babe6f89c7d4e15d811f4bbca4030/detection

d600cc51.ngrok.io

# Reference: https://www.virustotal.com/gui/file/35fe03229b7134205c91d18bb4c33ed314bf5780a05aedf12ff8a60a11c8bd87/detection

3.14.212.173:16707
3.19.114.185:16707
3.19.3.150:16707

# Reference: https://www.virustotal.com/gui/file/ab23da0477da3a2dd77ec03d024901edce05be4999dad81bfbca14345047ff0b/detection

3.14.212.173:13105
3.19.3.150:13105

# Reference: https://www.virustotal.com/gui/file/8b5a7c8f1c1957a3e2ddd7014e13921b23ec7d58dc9fb63a6ce5e314b5b8ab17/detection

763484e5.ngrok.io

# Reference: https://www.virustotal.com/gui/file/92e289cbabe8675dd9b06c46758f93ca60aa2f6ea1693d0b882e62363db1eadb/detection

3.19.3.150:13040

# Reference: https://www.virustotal.com/gui/file/c32a89b0d5b3233019db259d26b0d3ea7d42d0a088aa3099887e5835b2520b41/detection

3.19.3.150:15110

# Reference: https://www.virustotal.com/gui/file/ca2f756292e94f533dd3c0a3a41a44e2c9629b612d271f27e449495cec59210c/detection

3.19.3.150:4444

# Reference: https://www.virustotal.com/gui/file/978692920e1ec6ebae680fcd24cace4b17906e1648ab83eb74bd5d17e6e14593/detection

357788e4.ngrok.io

# Reference: https://www.virustotal.com/gui/file/5f43271ddb293c8cc17e2bfa6e26f5a8fb7831b228646662a9232a5a55659efa/detection

18.188.14.65:17807
3.19.3.150:17807

# Reference: https://www.virustotal.com/gui/file/2a2e93bd2652d132bceaa9a49ec02f453b8625c889e4bc1e37dae0573cf25fc4/detection

3.19.3.150:18450

# Reference: https://www.virustotal.com/gui/file/83591246e5ce5fffa36bdd1062568f2f74df576eefebbc81f5fc591549126cad/detection

3.19.3.150:13760

# Reference: https://www.virustotal.com/gui/file/b1d455bbc5f9fef50bebab004e367c59568de8c1b48f67403625ca5d74cda250/detection

3.19.3.150:11980

# Reference: https://www.virustotal.com/gui/file/abec497d5cd9b31274b9b1bbe78ccc619c66ac1503ca38b837a3b39474ca11f9/detection

3.19.3.150:12442

# Reference: https://www.virustotal.com/gui/file/44e027329cb94bc425c00f47903f4b781eee61e11dd25875db3f1e0c9258bc24/detection

3.19.3.150:14011

# Reference: https://www.virustotal.com/gui/file/0b816d6282595479d59836f37a699a8dfd07dfdd4b1eb84581242bcd4452ea92/detection

3.19.3.150:16783

# Reference: https://www.virustotal.com/gui/file/16994a8e7fd8afbbd6f883fabea07a10988225aae2043719fec51f6a0263f9a5/detection

3.19.3.150:14227

# Reference: https://www.virustotal.com/gui/file/2f18805aefeadae420fbb1776167112ba1daa0893e15abc4df4ac144f607f82a/detection

3.19.3.150:19609

# Reference: https://www.virustotal.com/gui/file/49791f3dc3435a7402c500a941c1ed891b05b300ce703eb9da7104ef2da2ebfc/detection

3.19.3.150:13697

# Reference: https://www.virustotal.com/gui/file/70be9fbc415ac86f900ba60e6f575df5eac19d0d64e221514b7f6edf9977371c/detection

e6215e63.ngrok.io

# Reference: https://www.virustotal.com/gui/file/5e189d84b9aad0f1b57d1f953256b0f9bcf1f36d2cb9e4b65968fa1e923a4c85/detection

141.255.145.96:4444
fecbook.ddns.net

# Reference: https://www.virustotal.com/gui/file/21c5af3f15751c0492d1e43f3cacbba23ec7fcc4f1da7a6dbd9a0b825dd5b626/detection

91.109.176.6:44444

# Reference: https://www.virustotal.com/gui/file/d0e579c25e91db1f57deaea23c61c39983015672e7941b40e4cb1788cc8d69d5/detection

119.3.22.174:63333

# Reference: https://twitter.com/JAMESWT_MHT/status/1225869020076875778
# Reference: https://www.virustotal.com/gui/file/b5ac215c277e6c9206386dd5da034bb8f7e35ff9d0e871e3cae0e0b18e323cf4/detection

roperty.info

# Reference: https://www.virustotal.com/gui/file/4af130f1dd2886c930be1934a6e34f97a8653268eaa8febee13a0775746cecf4/detection
# Reference: https://otx.alienvault.com/pulse/5e6fa2a12088756147d24648

64.188.25.205:6914

# Reference: https://www.virustotal.com/gui/file/412c66f0a5f52bdde39b8563c5f34afdb9c30fae3db80b47437cb4f0df46d1db/detection

3.135.90.78:19098

# Reference: https://www.virustotal.com/gui/file/10a6e9297f530e767321e0f1c20006867142e4802ff3b8355f4d72bfa7b702db/detection

18.188.14.65:15716
18.223.41.243:15716
3.135.90.78:15716
3.14.212.173:15716
3.17.202.129:15716
3.19.114.185:15716
3.19.3.150:15716

# Reference: https://twitter.com/malwrhunterteam/status/1243834882280828928
# Reference: https://www.virustotal.com/gui/file/9c1dbbbbfab2dffc05335bd52fd8eea8c9e0e83fca0c9ab6c56d85ecfdcf57d7/detection
# Reference: https://www.virustotal.com/gui/ip-address/164.100.133.168/relations

164.100.133.168:8086
164.100.133.168:8087

# Reference: https://twitter.com/malwrhunterteam/status/1245679870128132097
# Reference: https://www.virustotal.com/gui/file/3abf5bb72292d3c211e183ef5d449ffc06f57dda087eeb9caf7179b7b0d2b110/detection

3.17.202.129:14825

# Reference: https://twitter.com/malwrhunterteam/status/1245692611815505922
# Reference: https://www.virustotal.com/gui/file/407b2b82bddd04399542bbc2fabd3c03ccb2b4d73cdfab9e3c90d73ae92ec158/detection

45.77.12.191:4444
hackto.ddns.net

# Reference: https://twitter.com/malwrhunterteam/status/1246032955472035841
# Reference: https://www.virustotal.com/gui/file/83c79324ae63fd5ce329ea316d97eac7da5cd0ad02c0eed63fdf39980fc5cb43/detection

http://138.197.179.194
http://172.104.65.17
http://178.128.15.109
http://84.16.227.159

# Reference: https://twitter.com/malwrhunterteam/status/1250797179423330305

95.179.243.180:8091

# Reference: https://twitter.com/malwrhunterteam/status/1251196892710604800
# Reference: https://www.virustotal.com/gui/file/f821eb9f904572ae49cb1a954915616931b778c1ff9399d5ed060ab33866b33c/detection

3.20.98.123:18641

# Reference: https://twitter.com/malwrhunterteam/status/1251231671543902208
# Reference: https://www.virustotal.com/gui/file/aa7c8a6b3ddb144c1b0f5d8a1328a6b2ea9e45010e60cdee1ef6ebdd4a1380f8/detection

8f9b0669.ngrok.io

# Reference: https://twitter.com/malwrhunterteam/status/1251503858578309120
# Reference: https://www.virustotal.com/gui/file/8b436946073f4fc1f8bb97a06d6e7c8a0ac1088abd97fa88f316714c445969e0/detection

139.162.161.211:11768
fw1.sshreach.me

# Reference: https://twitter.com/bl4ckh0l3z/status/1255607262711873539
# Reference: https://www.virustotal.com/gui/file/93fe31be27ba6b7cea2ba12023ec422bc76853d0277d228a3c2ea16dc7f1fe5f/detection

172.111.173.196:4444
kalihosts.ddns.net

# Reference: https://twitter.com/malwrhunterteam/status/1260816205352521728
# Reference: https://www.virustotal.com/gui/file/96b48bc60a4d7aed92bad7e1b92580482ff913697989b1a42194b697d526035a/detection

3.17.117.250:17975
4f2d7638.ngrok.io

# Reference: https://www.virustotal.com/gui/file/94077ec69ccdddb90d234eaf2e1f4a1d14cda922a7e785fe2b6203c27ddc6960/detection

142.93.132.225:1432

# Reference: https://twitter.com/bl4ckh0l3z/status/1272954921185415170
# Reference: https://twitter.com/KorbenD_Intel/status/1272936929110028288
# Reference: https://www.virustotal.com/gui/file/23cab771765424ce0f859486d784f34e942abc7e94c8ee4ee2c19c8c19eb4b38/detection

http://217.129.59.131
evilcorp.anondns.net

# Reference: https://www.virustotal.com/gui/file/c5edac666b4a1996e603aa56d948a8eb6d8770f21de1e2fb3fd7c34a2d44de60/detection

payload123.ddns.net

# Reference: https://twitter.com/malwrhunterteam/status/1275481657571790848
# Reference: https://www.virustotal.com/gui/file/c3f9441d3b6f08205a0565f19b7732188e9df700ae073d63dcbc6d7f47eb7f98/detection

3.137.63.131:10410

# Reference: https://www.virustotal.com/gui/file/1613d65ccf0c6f88603037b9ec58e838d72e22810cac4f1c715d89d5f19c299c/detection

159.89.214.31:1923

# Reference: https://www.virustotal.com/gui/file/70131c8207c3f8787fcefbfb93ac687e1caf564cdee4a168eff56afac78aef65/detection

193.161.193.99:59461
Gravel-59461.portmap.host

# Reference: https://www.virustotal.com/gui/file/a9ca7635c4d7f8d12a2326df10673b7731b36ac5a6c9cc2a0e4cbba88def5764/detection

156.207.115.112:4444
djttcote.hopto.org

# Reference: https://www.virustotal.com/gui/file/e9f57aaa05afb86f05c33bb35dbc311ab8fd80ab5dc0e7831adda0bf8344daa4/detection

156.207.32.174:1111

# Reference: https://www.virustotal.com/gui/file/bbc75bd6e4b0029058d71bef65b99ca118048d4d2532298d224335a591b1bb3e/detection

102.47.251.111:4444
156.207.101.136:4444
156.207.76.55:4444

# Reference: https://www.virustotal.com/gui/file/be685e6502e36986af83d6bf4edf14a9ee5a76d0b693518f77d9b10281c3ebd1/detection

102.47.245.174:4444
156.207.25.76:4444
156.207.93.216:4444
156.207.49.99:4444

# Reference: https://www.virustotal.com/gui/file/7977515bb40b80e8bd5c837eff66fe1496d7ae49966bb552bb635ea1fe00e51f/detection

193.161.193.99:24842

# Reference: https://www.virustotal.com/gui/ip-address/222.126.246.252/relations

222.126.246.252:8080

# Reference: https://www.virustotal.com/gui/file/a67f98a11b1afc81b91cceafb8aea6f2044f77373d8563f627691da12970b09d/detection

193.161.193.99:38724
bossboss-40794.portmap.host

# Reference: https://www.virustotal.com/gui/file/d1c49f54405642d38c531a1b951c5e020cbf299bb5b99fcf09c865750e9533b6/detection

fqsdfqsdgf-60038.portmap.host

# Reference: https://www.virustotal.com/gui/file/b11110ee9dd16bfc625c47c3c422b1e16e94fe92bfe9629d7bc1bebe16bbae14/detection

aliasdqwert-29456.portmap.host

# Reference: https://www.virustotal.com/gui/file/fa564f6ebf25b6954bc4c5554c8c9ccd3f57dc71672537f716421240d3de54a9/detection

101.132.33.79:5665

# Reference: https://www.virustotal.com/gui/file/0fb7975b5bca8da36ef5b054be3dbee70f04c062204c20b33a200216283a39ef/detection

101.132.33.79:6666

# Reference: https://www.virustotal.com/gui/file/8b804d3802c1f2731fedcba463ecad9e98ae849142b294290f3613846578e801/detection
# Reference: https://www.virustotal.com/gui/file/b5532015a8817c7b2636b7a52a2562c0b5f5588d52eb8fdc5f8ea3279931d832/detection

88.201.19.156:7000

# Reference: https://www.virustotal.com/gui/file/a70ad7c066951fd8a1cdcb1fe9e406b6e025ff4661b52633660a2464db958265/detection

197.206.118.99:789
aze123.ddns.net

# Reference: https://www.virustotal.com/gui/file/ba7cf6cd342c0a2bd6739166912c9b9378a8b09fa718586cefa3a0b7fbde9731/detection

139.162.161.211:12041

# Reference: https://www.virustotal.com/gui/file/261d868867aed7bd66ec4b28f8aa8b85dd28b7512f2c45b5af9fbeb2913355db/detection

139.162.161.211:12452

# Reference: https://www.virustotal.com/gui/file/8621a791159be4a1199a602035580c46250384ead7079c8512babcda62ef6661/detection

139.162.161.211:13306

# Reference: https://www.virustotal.com/gui/file/ae7f166740052fc58a002876d9656d20189a1b3413ecb6a6ed61fbe0fed7a5ec/detection

139.162.161.211:14529

# Reference: https://www.virustotal.com/gui/file/cc0afd2c7020772ea09e1a977076832bad38b52bd847efd327c4815e430ec32d/detection

139.162.161.211:14019

# Reference: https://www.virustotal.com/gui/file/38f85cab519ade03b8deeb78dbc593a87d307ad9783f8ff2ba61be8a1223d357/detection

139.162.161.211:14621

# Reference: https://www.virustotal.com/gui/file/b6372a04a08c8a310176c59ce36b5e1a1e855a643d66a2737c2b219776fd15d5/detection

139.162.161.211:14078

# Reference: https://www.virustotal.com/gui/file/5e3f4a8b792dbe78a2ca82960bc4502ffa796c0ed8a7f4b185e9b37808a0ca8b/detection

139.162.161.211:10178
159.89.214.31:9500
193.161.193.99:45339

# Reference: https://www.virustotal.com/gui/file/5bb4972509ea0e4f5a7708964e5ba70223c2ab66579fccf771179041dfdde75d/detection

159.89.214.31:5454

# Reference: https://www.virustotal.com/gui/file/ff58ff308a6f3414770ab5de846a7c236e2753a87771deba3e340b06708860f7/detection

139.162.161.211:12737

# Reference: https://www.virustotal.com/gui/file/eb9dc4e9cf72f9be9fc4e4ad9a0d2a21284be2533b2071ebb5d28c7869611dc6/detection

139.162.161.211:10473

# Reference: https://www.virustotal.com/gui/file/9e7e63e1d8384cb6f441404352d2ac02bf19bf1d9e33ec89fd5252c981ace6af/detection

139.162.161.211:10959

# Reference: https://www.virustotal.com/gui/file/97029f92e4b5a22273b37d3eedef182797683947f94ee248e9d7bc226f84b226/detection
# Reference: https://www.virustotal.com/gui/file/acd45e87deb7a8a0050ef081f20e0502f89b18e66ec3482d595086007ac8bdd5/detection

123.207.20.180:10008
123.207.20.180:10010
vipgz4.idcfengye.com

# Reference: https://www.virustotal.com/gui/file/68b19e75ce6ffb07f392813262932d32a8eb277b49f594a91f30ca8abeb5142b/detection
# Reference: https://www.virustotal.com/gui/file/4a4e1993a2d793d1494a49a2514cb87466fd99173e0899969e8e90b78949da4c/detection

102.111.107.4:4444
bilel123.ddns.net

# Reference: https://www.virustotal.com/gui/file/0fd557d9100c98afe10e51894873472dfaf36b8fdd45fb7291671044f55d0227/detection

43.254.217.140:2345

# Reference: https://www.virustotal.com/gui/file/29c280b4ece7ec1cf20358a2020954fe17d039a19116ec9ec89e2e2e075022b0/detection

3.14.182.203:4444

# Reference: https://www.virustotal.com/gui/file/b3f6d668bd3db25b094960466b1c0925ff6210b29c38416c173fa718fc7a3820/detection

3.128.107.74:15294

# Reference: https://www.virustotal.com/gui/file/b885319ade7e33f1552fa565b1ece56a7b5086121d67a3a903c4aacce5caeefd/detection

52.14.18.129:15294

# Reference: https://www.virustotal.com/gui/file/769bbd804c23f88d26823ca41525c8aeb9aeafa92ee745a965ab82956730124a/detection

47.106.222.106:5027

# Reference: https://twitter.com/malwrhunterteam/status/1341709207498854402
# Reference: https://www.virustotal.com/gui/file/fe066b46b6eedc5055688b9a3df852df6594b7abbdc09a6ffb2aa592853790e5/detection

193.161.193.99:63699

# Reference: https://www.virustotal.com/gui/file/acebc6816028698336ce7ff2b08d0101923d49c2c6ee1fd6936b832cc9c30cc9/detection

149.248.6.193:2001

# Reference: https://twitter.com/malwrhunterteam/status/1350374023524450306
# Reference: https://www.virustotal.com/gui/file/d14b3b42c4a682922a93d1db15e460b73e249d2c11fe73c12c00e317baa18c28/detection

37.111.137.110:4444

# Reference: https://www.virustotal.com/gui/file/0a40c5e62c339e3ce7eb9d3e85ed8f57282821c9f67a1d7e09aedd3ef029ad30/detection

3.131.207.170:19374

# Reference: https://www.virustotal.com/gui/file/c931ddec7f84688c8ffb6867e0bbd7f84bf3b2718dd766c8eba6a96d6fa3c8dd/detection

52.14.18.129:18334

# Reference: https://www.virustotal.com/gui/file/a95a44b1fa943e8bba21c90903db991b235a92e255de9b483cce544c5319a891/detection

3.22.53.161:16498

# Reference: https://www.virustotal.com/gui/file/9785842cb4b2b1c7b79ae12138bcf7791b29dfb2c9bbfe9106604c09c8f309fd/detection

52.14.18.129:12130

# Reference: https://www.virustotal.com/gui/file/1f6805e45b7a60630ccf6452cd50ecc78861932889baf702358e8320a568fb91/detection

52.14.18.129:16474

# Reference: https://www.virustotal.com/gui/file/96b646d5b2e8dc2b71b41a66c5683fc2c5a98aad71ec64a2741c90553c6a8403/detection

52.14.18.129:10273

# Reference: https://www.virustotal.com/gui/file/c1ff743bed44807f3f4fd6850f9084c600ea335e02b6b1a3ff5d6f2485599f41/detection

52.14.18.129:19541

# Reference: https://www.virustotal.com/gui/file/2ddb44d365dc54ddd817dda2ace1e8146dc177bf61840728193f279cb9b81346/detection

52.14.18.129:18585

# Reference: https://www.virustotal.com/gui/file/d47c7bb9f6343f38237397750a02b878da991150b93ca2db15ec20cca5ff1e0e/detection

52.14.18.129:13870

# Reference: https://www.virustotal.com/gui/file/b40d33a67e13c54371ecd7adf2ddb89027f533948c7857a58419c2d4038560c8/detection

52.14.18.129:13886

# Reference: https://www.virustotal.com/gui/file/5244f2aadd5f00d9527785008ea2c0cc1177d81aa34bfd9a2e2e4873aa3cf528/detection

52.14.18.129:11041

# Reference: https://www.virustotal.com/gui/file/f70bd9d384b594a335d2b4b56ed866eb7b4814e77aff6e3ac10fa5aa5a05e03f/detection

52.14.18.129:19011

# Reference: https://www.virustotal.com/gui/file/5099d9b63b09b66cc252ab6c4e5fa24d89adf6d81242881dd38a96775660143b/detection

52.14.18.129:14937

# Reference: https://www.virustotal.com/gui/file/acdd07f85cb845fd43101c3d8bbf886fa22678ef4f043aa610bcab745f0cbc7e/detection

52.14.18.129:13264

# Reference: https://www.virustotal.com/gui/file/b675c82163fd49308549cb3da0072d1629a19f23a0ca24470c06a663933eb748/detection

52.14.18.129:12205

# Reference: https://www.virustotal.com/gui/file/9b8917882fda6b681057aa18796e43d26f9938e1c6ca1776e8f4fa6d71ba1e1e/detection

52.14.18.129:19496

# Reference: https://www.virustotal.com/gui/file/be95dc8da04b630e0b0f439b0f858457a8a0e69d7daaf6e2298cd5ff13015b39/detection

52.14.18.129:16890

# Reference: https://www.virustotal.com/gui/file/0a672b13e978411f4597cdb0abf00f7120fc7e01b2ac2d35cd90e4d93d9bf238/detection

52.14.18.129:13354

# Reference: https://www.virustotal.com/gui/file/4d8ff8a8c4898eb4493eed9775ae7647f4d30d1ba9ce3e3d5fca98201a5c1a7c/detection

52.14.18.129:17108

# Reference: https://blog.netlab.360.com/use-dns-data-produce-threat-intelligence-3-en/
# Reference: https://www.virustotal.com/gui/file/027be71398c40f4600f70accda67b1f52be89b025a342bc7a230e13229ae2fb8/detection
# Reference: https://www.virustotal.com/gui/file/c394682c4c5873e2788a10f8af9e7b82ad7fd1a55941479e669490154e0339a5/detection

edcarefe.fun
ehousan.top
erefulpat.top
ereusingl.fun
holidano.top
lesseased.top
lisersrath.fun
ningspais.top
ntrealing.fun
predition.fun
riemanufa.top
ssuminat.top
stirlinebea.top
swoulder.fun
thinkdisen.top
utionstro.top
willitepartisti.club

# Reference: https://twitter.com/malwrhunterteam/status/1365315884026392577
# Reference: https://www.virustotal.com/gui/file/ac21baabcbe1ba9b4f37452697198d66fdf9748b6caab18154088d9d3bbda863/detection

88.237.14.170:4444
rewqnos1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b32d384153b5a0eeef363c2e48956cd1c85d94d8e4f18168ebfdd41191683b7b/detection

91.109.188.4:4444
koko1235.ddns.net

# Reference: https://www.virustotal.com/gui/file/0a62b9faf81804d8430c5f773afe916a3fc6a9ee5628e61e7a6cd6b41f156b5b/detection

111.231.94.96:44441

# Reference: https://www.virustotal.com/gui/file/2c7375b0e8010cf369486bd7989ffbed29a81c22c568fc3c26a1f877f54cc287/detection
# Reference: https://www.virustotal.com/gui/file/f3ca787c268cf5b003d01e071d2e77cd14f26850b90813361aebd7245e22225e/detection
# Reference: https://www.virustotal.com/gui/file/aca1cf9a8ddc625ed6f6a7442bd60a8df029942048d040e111a1dbda3d31d9e3/detection

185.162.235.197:4444

# Reference: https://www.virustotal.com/gui/file/5b8320a78f0d669d817cd32b0d11b7d7afceab75c1984d2249717c974870cc3b/detection
# Reference: https://www.virustotal.com/gui/file/e59340394b0c7c5d2da1eb3bb21bde50f47e0f5249a5fa3f5a9858b3e5fc7540/detection
# Reference: https://www.virustotal.com/gui/file/88e138701c6e772a49a260bb464400087625187cce24610ae3eeac51ef1f4e96/detection

141.255.147.124:1337
180.242.183.1:2811
180.244.247.225:2811
36.72.97.84:2811
cybertux354.ddns.net

# Reference: https://www.virustotal.com/gui/file/e7ee992a228e0d7449d8804103e74858c77f8e1eff3e7ea2ed2a12c7517b95e7/detection

3.22.30.40:12209

# Reference: https://www.virustotal.com/gui/file/53a4bb9e8a4a5df0936c8617da16b993a16dad3c3886397eb26825fe8de970d7/detection

158.247.209.125:9696

# Reference: https://www.virustotal.com/gui/file/42be2e2b079dc2d63dcace9d2daeda73e499e12da1bb7e65de96e2081c49ce45/detection

109.220.93.139:4444
zjzjsedk.bounceme.net

# Reference: https://www.virustotal.com/gui/file/88f5b1109ed08531735cc7fb1a9ed4e1d06bb9027843ee020ffdef495639c39b/detection

3.134.125.175:19517

# Reference: https://www.virustotal.com/gui/file/9becb350c7295ce59519281bf205a103aeb797d1cb39fc851f02360818a72e10/detection

123.207.20.180:10086

# Reference: https://www.virustotal.com/gui/file/72a1391a66e7ab31c1be1da418189943fe2b2fd44cbd34c07d6e44b61ac5b634/detection

185.162.235.196:1478

# APK trails (https://twitter.com/markus_neis/status/1242752623041798145)

/ac19.apk
/aplicacion.apk
/app_backdoor.apk
/corona_v1.apk
/covid19.apk
/hackFB.apk
/smcovid19.apk
/smcovid19_beta22.apk
/smcovid19_end.apk
/smcovid19_v2.apk
/wifiapk.apk
