# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: crysan

# Reference: https://twitter.com/suyog41/status/1130804704152305664

mikus192091.ddns.net

# Reference: https://twitter.com/luc4m/status/1106618159522635776

queda212.duckdns.org

# Reference: https://twitter.com/CERT_Polska/status/1072793091856392192
# Reference: https://www.cert.pl/news/single/trojan-oraz-ransomware-w-kampanii-podszywajacej-sie-pod-inpost/

213.152.161.99:47390
213.152.161.100:47390
213.152.161.101:47390
213.152.161.102:47390
213.152.161.103:47390
213.152.161.232:47390
213.152.161.233:47390
213.152.161.234:47390
213.152.161.235:47390
213.152.161.99:47392
213.152.161.100:47392
213.152.161.101:47392
213.152.161.102:47392
213.152.161.103:47392
213.152.161.232:47392
213.152.161.233:47392
213.152.161.234:47392
213.152.161.235:47392

# Reference: https://twitter.com/Threat_hunts/status/1135810121227882499
# Reference: https://app.any.run/tasks/5ad34df1-b5a8-415f-9496-334d9bfdd7b1/

95.167.151.253:7707

# Reference: https://twitter.com/James_inthe_box/status/1141072205771448320

kizzoyi.duckdns.org

# Reference: https://twitter.com/powershellcode/status/1148234398703030273

internetexploter.duckdns.org
systenfailued.ddns.com.br

# Reference: https://twitter.com/DynamicAnalysis/status/1165901579536539649

79.134.225.90:4782

# Reference: https://twitter.com/James_inthe_box/status/1167217092245872640
# Reference: https://app.any.run/tasks/8eb2d184-08ec-40ab-8742-32f6988c5638/

23.105.131.169:6606
193.56.28.173:7707
193.56.28.173:8808
rownip.3utilities.com
rownip.mooo.com
rownip.theworkpc.com
rownip.dyndnss.net
rowanyne.ooo

# Reference: https://twitter.com/JAMESWT_MHT/status/1169142417754337281
# Reference: https://app.any.run/tasks/308651b4-37c0-4c66-87ba-5bf05d1ff411/

79.134.225.115:4404
eg-east.com

# Reference: https://twitter.com/dcTavvy/status/1188352813937463298
# Reference: https://app.any.run/tasks/6aedb064-1078-4304-b1e8-a8205a5ba698/

193.161.193.99:43158
Lolikot-43158.portmap.host

# Reference: https://twitter.com/JayTHL/status/1197240502699073537

5.62.41.111:5320
91.193.75.151:5320
netty.myftp.biz
ify.insidedns.com

# Reference: https://www.virustotal.com/gui/file/598ba7562062467fbf05d47bfadf27578a8ed4d5d5abdf17a5a4820ad71651bf/detection

3.19.3.150:6606

# Reference: https://twitter.com/w3ndige/status/1214596648644620288
# Reference: https://app.any.run/tasks/509acd2f-9474-44d4-aac2-d186a4716bef/

g.top4top.io

# Reference: https://twitter.com/killamjr/status/1217630017116499968
# Reference: https://app.any.run/tasks/2517942c-3364-4d56-93ab-cfa47fd14299/

101.86.170.36:1199
45.11.19.240:7707
xred.mooo.com

# Reference: https://www.virustotal.com/gui/file/cc7a634047451f72a51766d1b6e33ce8a154579d80f6abcf9a109ff64c22f3a6/detection

177.98.43.164:7707
skypeprocesshost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/0c8a1d1eb4a0ee3ca2cf22cb4ede61f85e5170885549769984110edb6b64a236/detection

179.95.221.147:6606
179.95.221.147:7707
179.95.221.147:8808
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/b1a7fda679c569e51e4b1239d044bb6e6e1f3557ccd2060c32a11b0978919b2d/detection

177.206.102.68:7707
177.206.102.68:9830

# Reference: https://www.virustotal.com/gui/file/366c8707d33501338e524e4c70f8b10ac993341134aa28b32a550f06911ba646/detection

191.32.227.90:7707

# Reference: https://www.virustotal.com/gui/file/d60372f5bbed48ea826b894402e4412a478979b590bed2b9b0d1d84017549bd0/detection

177.133.237.246:9830
179.180.17.194:7707

# Reference: https://www.virustotal.com/gui/file/9fbc310b2579816b488dbc44485acd418b20a72ef8dceb558f645a735fe10f05/detection

177.98.43.164:6606

# Reference: https://www.virustotal.com/gui/file/4913ae8055d7c6f225c0bd63ffceb28138483b39d9887de8ebcc8773e9d0d46f/detection

177.98.43.164:9830
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/9a3e8a5bd3bfae58180089d27f1e23ba5f8118272b903a4ce99047969874a989/detection

177.133.246.134:9830

# Reference: https://www.virustotal.com/gui/file/ef332bc4cca2207ceb999f77d3e8a02b9d3b2c475d39310d2f1b09ae8f335de9/detection

177.133.246.134:7707

# Reference: https://www.virustotal.com/gui/file/6ede0a69b6d4d7b9cddc97ed35f58a284427fa92923d7a3e9e1442a5a0ad1b46/detection

177.98.127.109:7707
177.98.127.109:8808

# Reference: https://www.virustotal.com/gui/file/87571c558c0c211cd407d87217a3a64240736fb6645919e970dadef3680975ef/detection

177.133.235.48:6606
177.133.235.48:8808
177.133.235.48:9830

# Reference: https://www.virustotal.com/gui/file/d0ca0770e89e27b72703029c7900853a655be67c65fb1bcbd0c652eceb3b384f/detection

177.75.41.182:6606

# Reference: https://app.any.run/tasks/5e7bb6ce-39e9-4243-8802-968c8fb28753/

cloudclout.duckdns.org
79.134.225.38:7707

# Reference: https://app.any.run/tasks/823454cc-ac69-47d8-821a-262f4226ca10/

sbmsbm20.duckdns.org
64.225.20.238:2030

# Reference: https://www.virustotal.com/gui/file/712bc10802ec06baeb0774fa92d2816c477d6a5dceb0ac9960120344fcf7e1f7/detection

141.255.159.75:6606
141.255.159.75:7707
141.255.159.75:8808

# Reference: https://www.virustotal.com/gui/file/55618c029549b2e2f8919902d09c19658e98390cc3e3faeb05743f091e22818d/detection

79.135.146.203:6606
79.135.146.203:7707
79.135.146.203:8808

# Reference: https://app.any.run/tasks/5bbbc0e9-1c84-413d-be8e-371aa483f11b/

141.255.146.30:6606
141.255.146.30:7707
141.255.146.30:8808

# Reference: https://app.any.run/tasks/f44c32ed-727b-437b-9249-743b5ae74ed4/

185.140.53.12:21000

# Reference: https://twitter.com/wwp96/status/1236015091029590017
# Reference: https://app.any.run/tasks/7a110950-e58a-4f0a-80ab-fc17c39d38cd/

185.140.53.154:6606
185.140.53.154:7707
185.140.53.154:8808

# Reference: https://twitter.com/JayTHL/status/1240390421467074561

216.38.8.179:5505
216.38.8.179:6606
216.38.8.179:7707
216.38.8.179:8808
peacelist.ignorelist.com

# Reference: https://app.any.run/tasks/96716bfb-5070-40e4-bda5-d6573d7e1e55/
# Reference: https://app.any.run/tasks/d292b50e-71d7-46c2-9c75-3c053b7c36cd/

46.183.223.29:6606
46.183.223.29:7707
46.183.223.29:8808

# Reference: https://twitter.com/James_inthe_box/status/1243161779212935168
# Reference: https://app.any.run/tasks/393f52ea-8176-4081-9f69-2e4706e7f27a/

51.75.154.242:1515

# Reference: https://www.virustotal.com/gui/file/77e5748478eb6c6064e118bd35ef28f90bfd0eb908eee0291b994c9a6d5b11f5/detection
# Reference: https://www.virustotal.com/gui/file/b892431179d2ed7f4b5c68eff968491b7716a067b6ab16caa5e204c9766d5bcf/detection

41.104.11.200:7707
41.104.122.164:7707
41.104.221.163:7707
41.105.197.112:7707
41.109.189.104:7707
41.109.193.177:7707
41.109.228.158:7707
41.109.242.126:7707
91.109.176.6:7707
91.109.178.2:7707
91.109.178.6:7707
91.109.182.2:7707
91.109.182.3:7707
91.109.182.5:7707
91.109.186.5:7707
91.109.188.10:7707
91.109.190.2:7707
91.109.190.7:7707

# Reference: https://twitter.com/James_inthe_box/status/1248964446505947136
# Reference: https://app.any.run/tasks/4cc95d8b-f2c7-457d-97d2-991d0115c1b4/

77.247.127.128:8855
88futur.xyz

# Reference: https://twitter.com/James_inthe_box/status/1250441655452237825
# Reference: https://app.any.run/tasks/a8c80640-e0bc-499c-bd8b-de1c9166d4dc/

45.32.167.239:6606
45.32.167.239:7707
45.32.167.239:8808
hdkshnfk.ddns.net

# Reference: https://www.virustotal.com/gui/file/51482d0164957eec01b4916354b5a992e6705655bcb44ca4b0b2a520e3b64e6c/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
soucdtevoceumcuzao.duckdns.org

# Reference: https://www.virustotal.com/gui/file/626879e64f571e21902bdc2f249ce247e03420e8656990d54f3ab4ceb99b4fb4/detection

105.111.80.222:4000
azure34.mywire.org

# Reference: https://twitter.com/ScumBots/status/1250963567366545408
# Reference: https://www.virustotal.com/gui/file/b465ae7940f04cb8b6f6baf9a288eecb5e405290bf48b18fe70ba41e9cc97389/detection

192.169.69.25:4000
amazon34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5abfea336ec1f8f078499dd4713d65b5e75c59243b6137af1f5297706413dc63/detection

105.103.214.89:4000
amazon3407.mooo.com

# Reference: https://www.virustotal.com/gui/file/6f5567af58976eb61af59c7edf1e5cdad7e3cd2fc60c16b123dfa53cd44e8f6d/detection

85.229.141.17:1337
92.34.156.156:1337
bob1337.chickenkiller.com
getconnected.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/762a570980637077dbf431c691c38de20e50474d0c67003b4483c6f20a16e533/detection

129.56.25.121:6743
asyncrat6743.ddns.net

# Reference: https://www.virustotal.com/gui/file/5e6bd1b03148962cff91b0f6a1d4e915bafd1049931d5d4ff2bda151bd761e28/detection

unknownamehost.ddns.net

# Reference: https://www.virustotal.com/gui/file/f17981f481d0e31ac51cbf66b5c94d3f73d5a2647a158370ab9e6b3357a00f9f/detection

unknowhostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1250960155900104705
# Reference: https://www.virustotal.com/gui/file/5a4958af2c13c0a9a6eff86bb5f4fd339a85a66249a22278cc5b50cecd89188a/detection

88.208.245.177:1443

# Reference: https://www.virustotal.com/gui/file/8c344acd0dfc01ac093b4a4407cd2f126f74bae0ca5b66f92912d522160ac639/detection

103.82.249.19:8808

# Reference: https://twitter.com/mahnyan1/status/1251321072865042435

babyboyhammer2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e9c607f263a990db1bf0465c8688ed7ce7e5f294845041fb56af313df34f45df/detection

176.31.26.213:6606
176.31.26.213:7707

# Reference: https://www.virustotal.com/gui/file/7bebcd498c41f74199691dd8c0d9144f562b4c71dc9c96607260689397ba2285/detection

178.209.46.144:20108
73ch91ch13f.100chickens.me

# Reference: https://www.virustotal.com/gui/file/a0e26b77db21ef8899c3b18fa562a53f51b37a3cb8677034bbd8c2c5b37cf78b/detection

193.161.193.99:61436
karakan123-50010.portmap.io

# Reference: https://www.virustotal.com/gui/file/dd8069de43a40341482301c95b3a05d0201a9386a5c586b17451ca37447dd1ac/detection

152.246.228.24:6606
152.246.63.32:6606

# Reference: https://www.virustotal.com/gui/file/1c7dccd9e95acff427990af9670ad69d54fcc056aa0eb7744ec8f22d35088c45/detection

193.161.193.99:56282

# Reference: https://twitter.com/ScumBots/status/1250963480783527938
# Reference: https://www.virustotal.com/gui/file/31345f8b3aefaaa13a783f4febe071bb8da7ae27f5f5c06024f9f29db0116321/detection

192.169.69.30:6606
192.169.69.30:7707
192.169.69.30:8808

# Reference: https://twitter.com/ScumBots/status/1250963998922739712
# Reference: https://www.virustotal.com/gui/file/91ecc56db47e5fe085075ff0d7fa76d2911e787734b95b81a4570a15a45444b9/detection

192.254.74.210:6606
192.254.74.210:7707
192.254.74.210:8808

# Reference: https://twitter.com/ScumBots/status/1250964170302009344

cmradelucifer.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee035f65117dd6ead3f1da5a952df99efbaa39c7345fc11f8ccbbb6ecf86037/detection

168.197.229.117:6606
168.197.229.117:7707
168.197.229.117:8808
79.134.225.20:6606
79.134.225.20:7707
79.134.225.20:8808

# Reference: https://www.virustotal.com/gui/file/4a5cea334cdd0c4042498850f591717d0677fb606331d11210f7b5d2b3a27ff2/detection

213.213.206.18:3306

# Reference: https://www.virustotal.com/gui/file/d09e5b5fabdfa8578b377d46b44fcddc0772a92750e4ead921e2e56e97cdda35/detection

185.165.153.95:8989

# Reference: https://www.virustotal.com/gui/file/a3f870eeaf9cb8e486363b1ff8e1fb79937ed85bab6237ee6123125ad3a43290/detection

186.53.186.235:4132
yugdab.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1b5e3eb733257954a9dd28f6a3e081d941deaa73418d4b22beaa3200a8f96285/detection

41.140.208.184:6606
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/0e0bf4239bf7472066cb37ab517d74b1102c69af9e0feca64d567dff879ae1eb/detection

69.171.248.112:5557
8701.viewdns.net

# Reference: https://twitter.com/ScumBots/status/1251156576615849985
# Reference: https://www.virustotal.com/gui/file/419fa3facde23e4b18afe0c7f7198844f3ee9e28da6e39f2e2e9e60c41e83570/detection

193.161.193.99:63374

# Reference: https://www.virustotal.com/gui/file/9b471c2935fdd01c7e9d57e78f91d213e6d1b5a44ac1719048d92d02d1976422/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
number2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/aff7d626d09099f6aaf329f1b2e0623a378b45fdf4536ad83e63efc87e7e0865/detection

124.50.195.153:5050
kkk1046.kro.kr

# Reference: https://twitter.com/ScumBots/status/1251180572711550983

103.18.14.217:1337
dedsee2c.accesscam.org

# Reference: https://www.virustotal.com/gui/file/923092b6cec8aaa0cd11fefa625ed17f98702edac91c3a52beaf7e54f6e5f784/detection

13.235.76.244:1337

# Reference: https://www.virustotal.com/gui/file/582fb62f0d92afaee2dc79108622667cc62d298cafbde3d1e2ec1738c977f4a6/detection

nohostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251180991995088900

103.244.74.228:46839

# Reference: https://www.virustotal.com/gui/file/36b272fbada18f510fa34a479fa391131797f13218f6756c52825d9e7711be6e/detection

41.103.199.216:1337

# Reference: https://www.virustotal.com/gui/file/850bcc510ee39c6d6dde91f041bcb276b74a8101c84279a35c0a3570a4e6440d/detection

poiuytrewq3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181425933647877

dqrkodz34.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181595635126274

jess19991102.ddns.net

# Reference: https://www.virustotal.com/gui/file/d4a629944bf1e03d43a04b530f9606d8315b84e847c83042427224011f3067ba/detection

193.161.193.99:36811
hussaryn-36811.portmap.host

# Reference: https://www.virustotal.com/gui/file/c338d425a1293b82ac13c856c43d588ce0053b27349620b7353273a42a04d845/detection

jess19991102ddns.com
jess19991102.ddns.com

# Reference: https://www.virustotal.com/gui/file/0a276fdaf3367ca3fd4cf90eb338dd3d0575ba3979f1bd609ce58e13e2aa0a8e/detection

204.14.73.154:8080
bomi.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251182632517410817

salsamania.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251183213747277826

googledrive.dynu.net
googledrive.linkpc.net

# Reference: https://www.virustotal.com/gui/file/f71eaaf23ecba6aafc314f3d42badafb4430b1be62a1ba325c592b258b8f1319/detection

213.152.162.84:9040

# Reference: https://www.virustotal.com/gui/file/ee1e5a4ee19c1b613aaa82b48e313c6e3eeb5874d7593809c2207037254a57cc/detection

fertun-29801.portmap.host

# Reference: https://www.virustotal.com/gui/file/2b70dd97d36efbbadd5f63afc22e28dc53d26302bae846b4f4e49e27cf95a70f/detection

176.232.239.198:5060
denemeiso1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a86751d7ee905499b6e324dc5175e287a20d34cde78cbe35a290523dea9d1cd0/detection

13.235.23.234:1337

# Reference: https://www.virustotal.com/gui/file/e20e1fd207ef943af95774fc0fc0e38da70c808b78a3dfb141e4852036a8dc12/detection

noregisterdomain.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251185289055350784

87.14.96.105:1303
emmek.crabdance.com

# Reference: https://www.virustotal.com/gui/file/b76b157a8d6ccfd5cc7ea8eed54af4d0aab9e97f8d641f886617252d9acc48bc/detection

41.100.199.86:5555
clayroot2016.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251185716111069184

am164.kro.kr

# Reference: https://www.virustotal.com/gui/file/f25f43f5cea51647e82413accd831b93fe8c2b7f072fc1468cd1d13bf08224ec/detection

136.243.31.186:1608

# Reference: https://www.virustotal.com/gui/file/1298f1fd280d2768e2a5e3f1089ec3ad18e17cade3fbeb78be864d9c3caff337/detection

173.238.140.238:6606
173.238.140.238:7707
173.238.140.238:8808
bshades.ddns.net
dark-comet.ddns.net

# Reference: https://www.virustotal.com/gui/file/47979eca9030c7f8de4c86c048e17efa02f66c6aed8a52c24dbd4bd7b0692b88/detection

75.80.221.198:1604

# Reference: https://www.virustotal.com/gui/file/5515739bd8752264b7ee2a2c9b957d36af9fb16b19d7dd1aef4139f2fe74af47/detection

sam144169-56334.portmap.io
webforma.chickenkiller.com
webdata.ddns.net

# Reference: https://www.virustotal.com/gui/file/610a58f5e46ffe61093dad4ef8528df34894d29347a1eec0224a87bba7864b8f/detection

46.237.79.53:8080
rat24695.ddns.net

# Reference: https://www.virustotal.com/gui/file/5b18ab7442af71b0ba9293b200fa26961e6de7b98d51456644aa58d307dc0e1f/detection

154.16.248.14:3230

# Reference: https://twitter.com/ScumBots/status/1251187877255528448

112.149.90.49:5050
hyungwoo.kro.kr

# Reference: https://www.virustotal.com/gui/file/03a58d54e04d346d4d06637a40834795431147472e07c815a0fee27475bcc970/detection

a24369093123.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251188552500723712

40.114.49.176:4040

# Reference: https://www.virustotal.com/gui/file/b796ac10d1f3133ca6b77141e50e414f1fc704299884d0b0fb676ab0db7fed89/detection

yesweekend12.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251189068190318593

213.152.162.84:9040

# Reference: https://twitter.com/ScumBots/status/1251189153976516610

unregisteredhost.dynu.net

# Reference: https://www.virustotal.com/gui/file/516c73d324fa23f5aaf50bf9306c2d5aa3d55b0b8c9be60e273ac3c1895f15f3/detection

23.249.168.43:9090
ccmorgan.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0eb9cb0a88f2e88881e06ce961c2da388475c1b595f2669c57e0cf1b5eb7677/detection

41.143.216.51:1738
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/44e550a4dbdc40e1cacca65b7e516618558c0d2114b3641cda6ddd69190ed8b9/detection

141.255.155.90:9023
nonamehost1.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251189930300227584

anonauth.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251191403851505665

216.246.49.165:6606
216.246.49.165:7707
216.246.49.165:8808

# Reference: https://twitter.com/ScumBots/status/1251191570986082305

82.84.85.59:1608

# Reference: https://twitter.com/ScumBots/status/1251191655589445635

62.108.37.42:6606
62.108.37.42:7707
62.108.37.42:8808

# Reference: https://twitter.com/ScumBots/status/1251192193597014016

84.51.52.166:6606
84.51.52.166:7707
84.51.52.166:8808
kingspy.duia.eu
kingspy.noip.pl

# Reference: https://twitter.com/ScumBots/status/1251858682108956672

61.69.131.134:1604
yilmazkocakau.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251915307536580608

141.255.146.238:6606
141.255.146.238:7707
141.255.146.238:8808
alltricks.hopto.org

# Reference: https://www.virustotal.com/gui/file/cd61eefce1bda8e8fd7d6f38bb9e6d70b4f1d90efb039a1346d890eeedbd63ef/detection
# Reference: https://www.virustotal.com/gui/file/ae089f74371ab598c6cf00e6debbb9d70c091d90641c406b4aa4c88e3fa81c25/detection

41.42.6.83:6606
41.42.6.83:7707
41.42.6.83:8808
81031.ddns.net

# Reference: https://www.virustotal.com/gui/file/5185c0e1245a6ef3f2e38459095098a085e1b3f0fb75c7aa657df068be3334dc/detection

41.35.15.87:6606
41.35.15.87:7707
41.35.15.87:8808

# Reference: https://www.virustotal.com/gui/file/31846d250a4f71ff4d5348ba0417584e560f6a93a949bba415a9efd261a41e17/detection

77.78.103.70:222
qwerty123123123.hopto.org

# Reference: https://twitter.com/Racco42/status/1255493982420942856
# Reference: https://app.any.run/tasks/9e6d5087-6d1d-44b5-9ac4-349e14df5eb9/

62.102.148.158:62727
panda45.duckdns.org

# Reference: https://bazaar.abuse.ch/sample/5be39967ba90f3766fa81f354a61102a7ddf6bc19ec282e56727abb6dafb973c/

185.244.29.175:7071

# Reference: https://www.virustotal.com/gui/file/3e9fc29f4f0edfaebea7d78f2de99dc5dfdcd440fc8afc2fc8be0d9a6e10466e/detection

188.52.75.171:5558

# Reference: https://www.virustotal.com/gui/file/646bd5449aa3c3d5d029daeb30efbb49c68209ec434f4216593952d1310343ab/detection

80.200.143.32:5353

# Reference: https://www.virustotal.com/gui/file/f6270d604a6e859c46733c14315da1dc07d7c50eea5cefd427e915c7c726cd24/detection

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
pointblankbrasil.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ffb897728bb3cdaf183b6346255551615e9de81c4178a74cfdf92c8a03dc11c1/detection

91.109.188.2:1010

# Reference: https://www.virustotal.com/gui/file/9a512140b526841ae759063ba36e46b1812c105d9cc94f8dfe11ff69f3cbb336/detection

51.39.198.26:6606
51.39.198.26:7707
51.39.198.26:8808

# Reference: https://twitter.com/ScumBots/status/1257439484339277831

141.255.158.227:6606
141.255.158.227:7707
141.255.158.227:8808
jnhacker.con-ip.com

# Reference: https://www.virustotal.com/gui/file/8e0bde81c9e355be99d2fd2a8cd0a1ff088ccb9e4d846323a07c20948e385497/detection

42.116.41.65:3979
kingspy.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257437270765953025

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
mydnshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/78f70e9f02eb5434bb36715f107a092a695b060a3e4dba41e6d6213813d6f6e3/detection

86.7.195.44:7777
nfrurqcjthnjznd.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257468146027503618

93.22.123.135:6606
93.22.123.135:7707
93.22.123.135:8808
backdoor.mcrage.me

# Reference: https://twitter.com/ScumBots/status/1257751258787700743
# Reference: https://www.virustotal.com/gui/file/046b3e5c4418660a9eed9ffc4e9769df9e133eb96b40e2585eec87cf202d9b0b/detection

41.109.165.237:3000
cappa.myq-see.com

# Reference: https://www.virustotal.com/gui/file/509607c23436a0d4ef33b21734a19aa129fbcd63bad4cb2965f06fc3f32c2554/detection

41.105.203.238:3000

# Reference: https://app.any.run/tasks/4c0659cd-b563-45a9-93ca-77b82e795fba/

193.161.193.99:56769
unity123-56769.portmap.host

# Reference: https://app.any.run/tasks/bca9407f-6879-4ca7-9dc9-c5c7d9472e38/

193.161.193.99:7112
193.161.193.99:45885
reality-45885.portmap.host

# Reference: https://twitter.com/ScumBots/status/1257955102553448451
# Reference: https://www.virustotal.com/gui/file/5d5d00143b5f578c0293a7cd806009ecd8da5b30d713ebdfb4fcfb83b85e31c1/detection

108.168.118.205:4782
havingfun.chickenkiller.com

# Reference: https://twitter.com/ScumBots/status/1258452953662439429

103.74.18.65:8899
103.74.18.65:9090
webdata.ddns.net
poda.duckdns.org
poda.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/e2dd6989c2d9bd1038f5c6e741f4cdfa9b4584739fabf98db244f7763607178f/detection

asyncrat.ddns.net

# Reference: https://bazaar.abuse.ch/sample/43264fd31d2b8ce6104a5daf7cf933d315e21e2a968998591361c13fbc365baf/

194.5.97.223:6204

# Reference: https://www.virustotal.com/gui/file/b611859ca933afe409d9c00d3c75fb42a4049ccee735afd2123e566bbf066c29/detection

185.140.53.43:4444
lagba10.ddns.net

# Reference: https://www.virustotal.com/gui/file/34e20c34bb369fb81054fe19e90916e62251720cca8b961942f9ebbcb669919a/detection

193.161.193.99:25270
hiddensick-25270.portmap.io

# Reference: https://app.any.run/tasks/88548d77-fbc2-421d-be4b-2da16bd0b5f3/

193.161.193.99:34785
Slxthy23rf-34785.portmap.io

# Reference: https://twitter.com/ScumBots/status/1261669580067549186

5.9.221.55:6606
5.9.221.55:7707
5.9.221.55:8808

# Reference: https://www.virustotal.com/gui/file/32501c0b743c1a550d9f4a24c73a6e58cb7e7a24919cdea9e85bd7d417273806/detection

220.120.90.123:6060
am164.kro.kr

# Reference: https://twitter.com/ScumBots/status/1262284883466096640

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1262417002142085121

79.134.225.101:5552

# Reference: https://twitter.com/ScumBots/status/1262647276843028480

59.26.17.108:1212
obidori.kro.kr

# Reference: https://www.virustotal.com/gui/file/31f8ef6bce5d3c220c3fb531b699dc5026b343bd0e76f3dd9fc9359dc86936d0/detection

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1263461921547747329

128.199.41.159:2001

# Reference: https://twitter.com/ScumBots/status/1263674037227659264

61.81.92.38:1212
test9909.p-e.kr

# Reference: https://twitter.com/JayTHL/status/1263709348422967296

123.240.25.197:1604
asdf3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1266652411889926146
# Reference: https://www.virustotal.com/gui/file/298587d8c8a376568ed09d332f329f3a4282e96e905f4569fbf24223ed10e491/detection

77.162.55.86:6606
77.162.55.86:7707
77.162.55.86:8808
monsternetwork01.ddns.net

# Reference: https://twitter.com/ScumBots/status/1268143488413118464

193.218.39.43:8686

# Reference: https://twitter.com/ScumBots/status/1268532368790491137

188.250.211.240:3715
diass.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1269007937349058560

193.161.193.99:21292
allan4053883-60334.portmap.io

# Reference: https://twitter.com/ScumBots/status/1269358998307983361

64.225.66.117:1331
64.225.66.117:1332
kr142.duckdns.org

# Reference: https://www.virustotal.com/gui/file/86636201a899e360ad6fae1b71304c625ed6395ddf99e6b09906617da53ee93b/detection

91.193.75.208:3000

# Reference: https://www.virustotal.com/gui/file/8228d1299256a23377e57d575160dbd58f9ac46598c5c90b321743e366f3d09a/detection

173.225.115.144:6606
173.225.115.144:7707
173.225.115.144:8808

# Reference: https://twitter.com/ScumBots/status/1269910131933921281

42.119.15.63:3189
kingspy1301.ddns.net

# Reference: https://www.virustotal.com/gui/file/d2d1030a5a122043c7a99b3f2c1b1d456be205033ed1327a0b4780f723a5e362/detection

42.117.191.69:8386

# Reference: https://twitter.com/ScumBots/status/1270064901101432840

100.64.15.50:5431

# Reference: https://app.any.run/tasks/5b5cba25-c74c-4c2c-80c5-c2f2c9156e6c/

128.74.42.86:6606
128.74.42.86:7707
128.74.42.86:8808
logan1h.ddns.net

# Reference: https://www.virustotal.com/gui/file/b8ff21e26e0da11d7146dd250b71206c698275e312bff612b38380e38385a4c7/detection

193.161.193.99:42300
193.161.193.99:6606
193.161.193.99:7707
193.161.193.99:8808
xaz19og-42300.portmap.io

# Reference: https://www.virustotal.com/gui/file/e235e749a792841f78e1fcc8ddfea4d9c31471aaaa3df6928a43a96a8235698e/detection

102.42.76.37:2001
al3bkri13456.ddns.net

# Reference: https://www.virustotal.com/gui/file/b891b61de4a7c50a50bffa4fb1394c696c25f80717ed57363f4e1a4a216973bb/detection

94.60.172.123:4500

# Reference: https://app.any.run/tasks/01c6c449-cfe1-4e4a-b34c-3536b67599af/

193.161.193.99:48736
WindowsDefenderNet-48736.portmap.io

# Reference: https://app.any.run/tasks/38f351cc-2e3e-4980-9a6d-4ceb645e4cbb/

195.2.93.77:8808
servesvpn.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1270744376042553345
# Reference: https://www.virustotal.com/gui/file/4e8ca2787e65b0edaa21180883b642d7b3b7f85140ab7fc03d09c30da124dc5b/detection

193.161.193.99:1337
193.161.193.99:52390
sdsd33-43977.portmap.host

# Reference: https://www.virustotal.com/gui/file/ae84c5af88241d3bb2e75160c53c6cdaee23555e0a83f0b9b5f218fe525c67b0/detection

82.205.2.127:6606
82.205.2.127:7707
82.205.2.127:8808
googlexfx.ddns.net

# Reference: https://twitter.com/ScumBots/status/1271484250349547521

109.247.81.119:23818

# Reference: https://twitter.com/ScumBots/status/1271514445739634689

105.108.81.5:333
b34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b1421de897b9903d393051f42730ac0fc7c19a3115f7b2fb019f2f7edd28e2af/detection

185.140.53.247:4723
sukasa.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/3af55f9bb1a968506ea79b9f24d4a61f99d07e652af05bc5c557f13c19343a03/detection

18.197.239.5:10611
18.197.239.5:25565

# Reference: https://www.virustotal.com/gui/file/3f240073edad176ed8dc359ec2420361d67368ed7859bece7b94180c9deba172/detection

18.197.239.5:11328

# Reference: https://twitter.com/ScumBots/status/1272224126346964993

89.182.127.205:9955
fifa2020-ps4.ddns.net

# Reference: https://www.virustotal.com/gui/file/6313e287489f083c691693a5582888ea7ab7e3d03c81612012dec332d27c66e2/detection

185.140.53.11:2079
185.140.53.11:6606
185.140.53.11:7707
185.140.53.11:8808
212.225.226.30:6606
212.225.226.30:7707
212.225.226.30:8808
bazilspain.dynu.net

# Reference: https://www.virustotal.com/gui/file/67cd0179d490d478ba231ee4719aa7e1427045de0067a24a0adc91f33fdcac3d/detection

212.225.226.30:2079

# Reference: https://www.virustotal.com/gui/file/621b16461f4c6844bb3438e8cc872ae6d81414bd2e60cc097e2af348697fd088/detection

39.108.140.215:60006
39.108.140.215:9999
2ee51a1ab0951a62.natapp.cc

# Reference: https://app.any.run/tasks/fa7cb330-07b2-4366-a9a1-03984fe05c1d/

84.38.134.21:6606
84.38.134.21:7707
84.38.134.21:8808

# Reference: https://twitter.com/ScumBots/status/1273960570220404739

193.161.193.99:62895

# Reference: https://twitter.com/ScumBots/status/1274107785345712132

45.74.26.57:5326

# Reference: https://twitter.com/ScumBots/status/1274213483081596929

43.251.103.150:8848

# Reference: https://twitter.com/ScumBots/status/1274349378992582657

193.218.118.190:6666

# Reference: https://twitter.com/ScumBots/status/1274432429110034432

45.138.157.147:1111

# Reference: https://www.virustotal.com/gui/file/f83df0f45665f9f5d7d1e888cf778bb4440850503e24821bb0d976e86a5e87e8/detection

77.30.137.105:6606
77.30.137.105:7707
77.30.137.105:8808

# Reference: https://www.virustotal.com/gui/file/7528e56efe65fa4b61c7f7156e8d178473051f88d1dc1174378867bdef381f05/detection

202.79.168.134:3399

# Reference: https://twitter.com/ScumBots/status/1274753289091874818

95.70.134.40:8565

# Reference: https://twitter.com/ScumBots/status/1275421447985430529

14.249.183.252:5555
1593572468.ddns.net

# Reference: https://twitter.com/ScumBots/status/1276036748053745669

8.210.144.63:6688

# Reference: https://twitter.com/ScumBots/status/1277490072456171520

117.3.216.38:3589
spy9999.ddns.net


# Reference: https://app.any.run/tasks/ca2adff9-796b-45c0-b901-6542eb02857f/

xSkewber-24412.portmap.host

# Reference: https://app.any.run/tasks/86f951e0-a325-4f4d-9d00-dcc9f1a58754/

steamguard1337.myddns.me

# Reference: https://twitter.com/ScumBots/status/1278645187594551296

67.211.213.207:8080
67.211.213.207:9090

# Reference: https://www.virustotal.com/gui/file/1f6ea95aa6e7d84c2db2f180e6964449d9fe0b8112b9661889b5b200120b5cb9/detection

213.152.161.239:9980
bien.airdns.org

# Reference: https://twitter.com/ScumBots/status/1278879232505110529
# Reference: https://www.virustotal.com/gui/file/ab5f8fc012927d2a8f6f9e45891da8111e1de9adddd57969540ce7a39697a5e3/detection

105.154.111.193:1596
105.154.111.193:2695
105.154.111.193:4562
dellpower.theworkpc.com

# Reference: https://twitter.com/ScumBots/status/1278301761690894337

45.61.136.48:6606
45.61.136.48:7707
45.61.136.48:8808

# Reference: https://twitter.com/ScumBots/status/1279766327733952512

154.209.74.134:3399

# Reference: https://www.virustotal.com/gui/file/dbb7d9edbc04874b351fe0277d7ec7ccb41023f17e87e18da28dc267b2878ebb/detection

114.129.198.91:6606
114.129.198.91:7707
114.129.198.91:8808

# Reference: https://www.virustotal.com/gui/file/afede1c861d5026ace0d1864ab10214cbbe9e46f2299f401ac2589f924fd4a28/detection

vksaodyd.kro.kr

# Reference: https://twitter.com/ScumBots/status/1281038456521740289

23.105.171.85:35247

# Reference: https://twitter.com/ScumBots/status/1281283822118723585
# Reference: https://www.virustotal.com/gui/file/6e8ae7b434f014a40003c7b24984bdb3751515c7ab4edd36af33b02881d9d82d/detection

186.233.178.201:6606
186.233.178.201:7707
186.233.178.201:8808
duckjigsaw.duckdns.org

# Reference: https://twitter.com/hexfati/status/1281490222618939392

julian.linkpc.net

# Reference: https://twitter.com/ScumBots/status/1281570951919013888

193.161.193.99:1437

# Reference: https://twitter.com/ScumBots/status/1281570862492274691

193.161.193.99:28472
Pomm2paingg-28472.portmap.host

# Reference: https://twitter.com/abuse_ch/status/1281641153524375553
# Reference: https://bazaar.abuse.ch/sample/3f28fd2c56f0bb9501f62fa64c71f6475d7cca2ee1908e097febdfc5516358ed/

194.5.98.8:8824

# Reference: https://www.virustotal.com/gui/file/b3a4d10421309deb064c7c31d143b704471d2dc60a6b15a14402d2d069daa3e8/detection

193.161.193.99:24207
portababy-24207.portmap.host

# Reference: https://www.virustotal.com/gui/file/cf302c3f21b10392c776e72d3b13e5065b1b6f503a3b63ffb343d13c1d83a6dd/detection

84.210.40.80:5552
krypticon9332.duckdns.org

# Reference: https://app.any.run/tasks/eec7d68b-fa8f-4654-9544-2b59b27dc6be/

206.123.129.103:5456

# Reference: https://twitter.com/ScumBots/status/1283031589962878980

193.161.193.99:38891
193.161.193.99:4443

# Reference: https://www.virustotal.com/gui/file/2de91b424589709529fb7f6dd861ee8fe089e2ac0927971d2242362e09c29502/detection

176.205.153.139:9476

# Reference: https://www.virustotal.com/gui/file/ba42409b340eba51a84a63ef57b8944d952ca927a4889948e069f8fc2352b727/detection

118.68.139.26:3189

# Reference: https://twitter.com/ScumBots/status/1283424178268405760

185.140.53.68:1515
mavennezeliora.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284137629882159104

174.0.47.124:8574
lowkeyjust.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284303722840035330

193.161.193.99:4040
193.161.193.99:41801
Crowlinqs-41801.portmap.io

# Reference: https://www.virustotal.com/gui/file/9fae837fb9b2e3389ac912a88518a953bfd2e78b39daf89191187ae9b520dea8/detection

110.141.6.190:6606
110.141.6.190:7707
110.141.6.190:8808
110.141.6.190:3389
server1738.ddns.net

# Reference: https://www.virustotal.com/gui/file/8b003d7f7d72eba439d095c2321003840b05e80099fabdd29fce757db0f57043/detection

185.140.53.76:1604
blanco.linkpc.net

# Reference: https://www.virustotal.com/gui/file/0948d7d120fa3bfd8eb53b747e9ea08c6703f231663671441edec451b6d72586/detection

27.70.237.210:6606
27.70.237.210:7707
27.70.237.210:8808
27.70.237.210:8888
nohop1998.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdc7c7b4a95ee6a1df9b61e24097e0e0d9b5fb967e0430ddfc092aeeaadc1f3c/detection

193.161.193.99:29353
vuadaubepz15-29353.portmap.host

# Reference: 

118.217.154.223:6606
118.217.154.223:7707
118.217.154.223:8808
mact194.kro.kr

# Reference: https://twitter.com/ScumBots/status/1284798238680387585

161.35.56.21:7001

# Reference: https://twitter.com/ScumBots/status/1284892597912313857

206.189.76.209:5252

# Reference: https://twitter.com/ScumBots/status/1284896544760762368

24.254.43.171:6606
24.254.43.171:7707
24.254.43.171:8808

# Reference: https://twitter.com/ScumBots/status/1285047538941394944

14.5.119.153:6606
14.5.119.153:7707
14.5.119.153:8808

# Reference: https://www.virustotal.com/gui/file/955bd3f4c3f39ae1e20ef7bb1b83adf6dd4ac55110cffc79a5843e7c06641a6b/detection

156.206.124.24:1025
erksene.dynu.net

# Reference: https://www.virustotal.com/gui/file/b724abcdfe906318472e2c9dcc1e8bd211b10e881c689a600782d0462916701d/detection

216.170.126.139:4660

# Reference: https://www.virustotal.com/gui/file/2622f9874b537293700a77646a386b3c708e257f00e218cd72baf10aed32456a/detection

193.161.193.99:5556
anonissou.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0634bf7e0d376d34450c4752cdd0945aba11ba2b316e64d3bc9d57c6980f189/detection

220.122.40.142:8080
criticalvip.kro.kr

# Reference: https://www.virustotal.com/gui/file/bfdfe76cd0b61105c6bbea1952de0380012c3decbfc51ad263e00564cdea1983/detection

182.221.160.164:8080
zcx.kro.kr

# Reference: https://www.virustotal.com/gui/file/e14d03068fdc83cd2a6b16bf40553f78d39e0a6478af3f329e69f6cca0df919b/detection

185.222.57.150:3450

# Reference: https://www.virustotal.com/gui/file/b724d53c26514502a8dc138a9a9b5c48b2f699e43a29060ff68bdfd857ce3caf/detection

121.137.39.53:8080

# Reference: https://www.virustotal.com/gui/file/99e489abde6b13f45c6cfababe1b9e46cf8692b12134b015096a323402c71259/detection

121.137.39.53:6606
121.137.39.53:7707
121.137.39.53:8808

# Reference: https://www.virustotal.com/gui/file/7b5dd184f138daf820509d1240dc7b00938d555ba1e9eebe5000d0e8ff2d3889/detection

121.137.39.53:5050

# Reference: https://www.virustotal.com/gui/file/2e04efdd2de2a1be9a27be389987fed425a3ee6826f69180db9093c5383e4833/detection

209.200.39.2:4040
209.200.39.2:7070
209.200.39.2:8080

# Reference: https://www.virustotal.com/gui/file/34b6843018283be543557947fea752642b68d5e72c412a0ab3bdd28ea1c498f9/detection

193.161.193.99:45680
youcefmadskull-45680.portmap.host

# Reference: https://www.virustotal.com/gui/file/3377c9208f9f7427e2d5134f7009a5427637432c49797fbd7d83925a5ea954cd/detection

193.161.193.99:1236
193.161.193.99:61574
hackthisishack-61574.portmap.host

# Reference: https://www.virustotal.com/gui/file/0427b7e094b0ced7de6ecc37aa5d5ff6de9b13785b068e8480bf62ed2fdac0e3/detection

95.120.211.220:4665
holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/4abdc1b37c11f32707551f7a3479462a68c043e08a84f93b36ad308bfc8e4624/detection

54.95.64.241:1521

# Reference: https://app.any.run/tasks/5092ca08-de2c-4fea-a24c-98a224b251e7/

185.140.53.11:9845

# Reference: https://app.any.run/tasks/7e29c9db-d891-425e-a793-badabc8fe75c/

79.134.225.83:4783
superkicka.org

# Reference: https://www.virustotal.com/gui/file/2faf5255c368288325aac011cd2066c6942ea0b755718490363fdb6606dec40f/detection

188.151.38.115:1717
schost.duckdns.org

# Reference: https://app.any.run/tasks/01eae1cf-71f1-4732-86d6-321117b8382c/

64.20.43.83:3123
advisorgoetia-dns.xyz

# Reference: https://twitter.com/JAMESWT_MHT/status/1288860715143573505
# Reference: https://bazaar.abuse.ch/sample/54d46ffbefae7f6025765c0c274f7f87714e5467da8926967efb01025693bb8e/

177.255.91.168:49737
177.255.91.168:8057
gfsgvbxcv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/30232515c14a00a60978fc801bff8ec6db9c540f88cf6ec8851512e892917719/detection

84.210.40.80:5555

# Reference: https://www.virustotal.com/gui/file/cda5b8bf4e397c606b20ebf098253dc1456f28cc3aeec5ec7a1332afb33bc5b4/detection

185.122.168.250:6606
185.122.168.250:7707
185.122.168.250:8808

# Reference: https://www.virustotal.com/gui/file/97bf01ea73fc39e6dc829aa7a0c45762526c86b7d348ec19f6e3b2897775a6e9/detection

holocms.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5d6500005736439ccf00e8136c00a351bd7c69fb33fb9485a1be9908187a66da/detection

holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/c1877080b35ea82105c4a242cc49c832cc2f7207e672712cc8d364d2b005cf81/detection

193.161.193.99:34540

# Reference: https://www.virustotal.com/gui/file/b174722176293ad63a56287567655d408293addcbd6e248fbd058816667d3cde/detection

176.168.187.199:6606
176.168.187.199:7707
176.168.187.199:8808
lolo0909.ddns.net

# Reference: https://www.virustotal.com/gui/file/d7ec327d2a382d2035818a0376fd27bf68dab2d89a7f4e04b04babaef977b16a/detection

120.78.86.213:5917
120.78.86.213:5925
120.78.86.213:5936
120.78.86.213:5944
120.78.86.213:5951

# Reference: https://www.virustotal.com/gui/file/8ca05cad682799f231e0a0fb670a2a04fb6f361f801c884f62a607b26ccc25f4/detection

192.227.158.120:4770

# Reference: https://www.virustotal.com/gui/file/2485169398a574f4b8c68b612c29715f43ecd5a00d61a42def399034ed389517/detection

193.161.193.99:39075
zufair.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/d7ec3ec2ac8cb6d1f2898f2d7eb02850e34fc088f71e3ef82e966d10dbfc203b/detection

pensive-pond-55232.pktriot.net

# Reference: https://www.virustotal.com/gui/file/bb1223e5556adf3f9cb6976fefe3c51af74baacb5c159fe34a03e49ffd43aa39/detection

161.97.82.232:4141

# Reference: https://twitter.com/ScumBots/status/1291947998524706816
# Reference: https://www.virustotal.com/gui/file/3a81c9e1bfe70ae9506eef64194e9b6b8a49a7c2f64fa427ed31d0a9444a785e/detection

121.214.208.2:1111
121.214.208.2:2222
121.214.208.2:30
121.214.208.2:6606
121.214.208.2:7707
121.214.208.2:8808
sirenhead.ddns.net

# Reference: https://www.virustotal.com/gui/file/4df01904a9abf7085fc4aafc372c7614cb7077c7350446188ceafc98001fb5b1/detection
# Reference: https://www.virustotal.com/gui/file/90e9abb1b28a06edc6ae7a174b6468cfdfc91dcc29cd27be8fcd10d3c746f26e/detection
# Reference: https://www.virustotal.com/gui/file/a71149ae63fc78968c81e659eb4dba652ffd3ea8d2a1c58bb631b7fbbaae8e43/detection
# Reference: https://www.virustotal.com/gui/file/4e022a47ae07545c1a28418a9beb0f6d360144ec8087bc0bd2ac0f086bea9ddd/detection
# Reference: https://www.virustotal.com/gui/file/71922e073726160d1bec9230d8b87eace72792499ddf4c731047a446b6876ee6/detection

185.140.53.54:4923
185.165.153.186:4923
77.74.194.214:4923
79.134.225.96:4923
79.134.225.103:4923
91.193.75.69:4923
bambooo.dynu.net

# Reference: https://www.virustotal.com/gui/file/f4cecaa360ee6ab479cbf9b99c15b45ba7e9f548b7e368063a0c9f686fbc2630/detection

212.251.116.161:1604
212.251.116.161:6606
212.251.116.161:7707
212.251.116.161:8808
62.1.59.224:1604
62.1.59.224:6606
62.1.59.224:7707
62.1.59.224:8808

# Reference: https://www.virustotal.com/gui/file/889e35bc6ff36524dd0df82fbcf8a8015fd3c95d94b00c0875e9bb239eb12e28/detection

91.193.75.146:4780

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
Zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/43f97c03faf5199c8ebc7c49c076e45ed95fdf3edc26b4859fdbd705be21dd1e/detection

172.94.42.34:1043
dnsnuev009.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8f40ea9560e30c37b6ab4a3d6501b7cbf3898c20d1ecc31e2b7fe360449c0b33/detection

8.210.158.0:6606
8.210.158.0:7707
8.210.158.0:8808

# Reference: https://www.virustotal.com/gui/file/1dfb088dd661a1ab2025603696ced23a04e00c837590ad881a49a24768e09de4/detection

172.94.28.17:2021
tusnalguitas.duckdns.org

# Reference: https://www.virustotal.com/gui/file/28dc802c58e106829fa716e2b4b0a1834967709075076bdbf0aec64f5e124f62/detection

172.94.42.34:5623
nikiko.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3183e83479da8d8ef421e91538fb85085229673f4bd2f13d3de7c8be2fc96c1e/detection

5.152.206.196:6600

# Reference: https://www.virustotal.com/gui/file/ad8b72167b5dd6b0bcba0a0685ec2addf744bc6da79c70476dd7d138cec764a4/detection

34.73.5.116:4444

# Reference: https://www.virustotal.com/gui/file/565054fa53c89061f7a81e18737a2140457316a526b616349e1ae614db363814/detection

109.247.81.119:20000

# Reference: https://www.virustotal.com/gui/file/d78ddc2b6e359f4d23f06437a5ff498c5afde61d925889129a8da056817bef70/detection

177.98.227.24:6606
177.98.227.24:7707
177.98.227.24:8808

# Reference: https://www.virustotal.com/gui/file/8e3c7cd8bb4826e4919aa56481167a1fcf9cb2d0e2c4a9c74ec155523f5d180c/detection
# Reference: https://www.virustotal.com/gui/file/9660ae0cf1fe3b7745287ab05d242247334cbf51ba64b900998fb5073bedf890/detection
# Reference: https://www.virustotal.com/gui/file/75feac230513a5d543e2f9559068259554200ed7440c44749e7678feb19b470c/detection
# Reference: https://www.virustotal.com/gui/file/6c24f8caa4f1f21a9dd8b714066bdfa5e2d8c84ab068d50672ef12b048c4518c/detection
# Reference: https://www.virustotal.com/gui/file/02b62fd53cf9ed3c98a70aa7c4ead2b9c8851079517747d8e106873654098651/detection
# Reference: https://www.virustotal.com/gui/file/cf234f8fcdab2a576d303c8b0821b7754ec13e1319be9d24d335b351f774b1f3/detection

179.178.236.31:2080
179.183.119.159:2080
179.183.119.159:6606
179.183.119.159:7707
179.183.119.159:8808
187.114.175.149:2080
187.114.178.10:2080
187.114.178.10:6606
187.114.178.10:7707
187.114.178.10:8808
191.250.65.147:2080
191.250.65.147:6606
191.250.65.147:7707
191.250.65.147:8808
191.33.110.91:6606
191.33.110.91:7707
191.33.110.91:8808

# Reference: https://www.virustotal.com/gui/file/2154f0eae29106cd24148ff7a4486eb7467c0d590f7979c6ffb517f4d99d4c37/detection

211.108.200.7:4872
211.108.200.7:4873
0743.hopto.org

# Reference: https://www.virustotal.com/gui/file/557ea13e8175753fff89bdfb1ede7e27779f6a55b5ba69ff2ecd7d6e9255ab8a/detection

177.255.91.168:8057
fsdgfd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bdd504540ae6cbfcef701abb424def21007a55d3df5ce5bd03034c4cc66464d6/detection

78.63.71.91:6606
78.63.71.91:7707
78.63.71.91:8808
youtude.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8c3c2b6c66710984751b0ec262a618829be47e3c926c3c0c706365d5d0aacd5/detection

103.207.39.83:1024

# Reference: https://www.virustotal.com/gui/file/a93b12c36e78db3c5e27c9a35a23d7f87a3d788adf60f811485890a33c726c7c/detection

90.46.146.196:5552
shadowstest.ddns.net

# Reference: https://www.virustotal.com/gui/file/d0ba64c92f0512db66ff99cc87ffced9bebeb3bf15470865c81858f02e3302a6/detection

193.161.193.99:24255
193.161.193.99:42219
iskyze-24255.portmap.host

# Reference: https://www.virustotal.com/gui/file/74d10507f05b48357e55b0349a24144874a509980c1e0aabf43f781fdac10fff/detection

asdxcvxdfgdnbvrwe.ru
marcristosc.ac.ug
194.5.98.95:6970

# Reference: https://www.virustotal.com/gui/file/d288f6645d0f90ddff285c41b2512a1496a8b5b7c34df8bcecda8070314939b6/detection

51.178.240.250:6606
51.178.240.250:7707
51.178.240.250:8808

# Reference: https://www.virustotal.com/gui/file/459fe6ce78839307fd87c192fca2545ed25e89fe63f602356022fd32c8db8aba/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808

# Reference: https://www.virustotal.com/gui/file/65232e1c7aedfd29788abfdf468587c2858822e65cb2fb15169b4261e4be1ed1/detection

123.110.29.249:1604
andy1688.ddns.net

# Reference: https://www.virustotal.com/gui/file/305aacda61fb9f14aa1bb5124841ac25b7f23ff254a886a56a3d40bdf5a1a5e4/detection

107.172.221.181:333
107.172.221.181:6606
107.172.221.181:7707
107.172.221.181:8808

# Reference: https://www.virustotal.com/gui/file/310a6b915908dbc78e3d9dd56d06bf0fb3fd11e1c4db826a18611f5e80f9bed3/detection

82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808

# Reference: https://www.virustotal.com/gui/file/304663149c45d54a23e0cf65b9775538009a76db474912fff395bedd3e789a01/detection

193.161.193.99:48637
boneless-48637.portmap.host

# Reference: https://www.virustotal.com/gui/file/90aaeb0077277b5e45a7cdcbe365ead4781b5a0a5fd755f99ed8a2ec79e5e58c/detection

193.161.193.99:58562
newcosmo-58562.portmap.host

# Reference: https://www.virustotal.com/gui/file/de3db6f0d0d8dd22a21731e739dbbacf86b2bc8bc21ea2a0ade9a16581a1ac14/detection

193.161.193.99:31239
ioplololo-31239.portmap.host

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/9a95c0829cd7766087de65e50b32a3689a91e3ad05a7cc94365ef94d4f685cde/detection

193.161.193.99:37930
pritom-37930.portmap.host

# Reference: https://www.virustotal.com/gui/file/441a169e51070282b35537e90edab11e0064e3a0e6c4eab8759773d79cf00ae1/detection

193.161.193.99:2510
193.161.193.99:25360
vasco-25360.portmap.host

# Reference: https://www.virustotal.com/gui/file/5c05897f869e9c72390065f8bbeaab7b7fb3f9089f56a68eb7b358a5d12cf968/detection

193.161.193.99:25987
prem131bn-25987.portmap.host

# Reference: https://www.virustotal.com/gui/file/4415b9d3c5fc2ceaa6f935864c1d9a573447802f30ec30efd212a8be4fd2a82d/detection

193.161.193.99:54729
ismailbourji-54729.portmap.host

# Reference: https://www.virustotal.com/gui/file/b5a85b868ec6932c4577c11ce91e0bfce9ea5ae81b788133fefc640015c3b0bc/detection

193.161.193.99:20760
f2had-20760.portmap.host

# Reference: https://www.virustotal.com/gui/file/c381f88012efb8742927995e6f91525c4a1f9b4f3b3a4f25d431e8269842836b/detection

193.161.193.99:25125
hmz04-25125.portmap.host

# Reference: https://www.virustotal.com/gui/file/ab10554a3e0ce5270d2c02e884a097e271dae6cbe2e51a70703da7d4e89919bb/detection

193.161.193.99:36161
prodharani-36161.portmap.host

# Reference: https://www.virustotal.com/gui/file/af37a83779f91b64f3b03bf0daa2d79bd531a3968141e0dcc2bcee677f4b701e/detection

193.161.193.99:58345
keyman-58345.portmap.host

# Reference: https://www.virustotal.com/gui/file/1ee13968473a9b9733efdca8caf07f22d39730a2b2ebf9c2c8d467e6f385d826/detection

193.161.193.99:37695
anonjayy-37695.portmap.host

# Reference: https://www.virustotal.com/gui/file/8b4592b2bb2a904be55ab95ff2cb69808b15d819498cccb6ec05b2f5b7b3d63f/detection

193.161.193.99:37692
madman-37692.portmap.host

# Reference: https://www.virustotal.com/gui/file/e9db2ade37b84b00334f829395b6af092dda2ae1f559cfbdb772ec15c7a54d94/detection

42.119.90.242:3189
kubeodz92.ddns.net

# Reference: https://www.virustotal.com/gui/file/a5d78beef4d80eb7def57f7fd7647d09ec76a16eeedb2a5a3fc6f445526c8f4a/detection

193.161.193.99:20050
pawianek2-20050.portmap.host

# Reference: https://www.virustotal.com/gui/file/e28f8760f889ff458aec8aedd2139e44735cb9468d34d175aec42643b90291b5/detection

46.60.22.192:6606
46.60.22.192:7707
46.60.22.192:8808
82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808
googledrive.myftp.org

# Reference: https://www.virustotal.com/gui/file/08b15d045255c81dcb3e29b70ffcd1a8d614bf99549f079085bfbc54a994d109/detection

42.119.90.242:3189
kubeodz2019.ddns.net

# Reference: https://www.virustotal.com/gui/file/5f8ff6fd7b8bbcb8efd6e69b2300be59a059061ed3bd2a2fd63ab6e98cd7cd2c/detection

192.169.69.25:1044
192.169.69.25:20485
193.161.193.99:20485
franktembo-20485.portmap.io
samarakandi.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f198e0cfa503100d64d15ed39b2516587582587f42afea74ace075b28f663fb4/detection

193.56.29.251:6606
193.56.29.251:7707
193.56.29.251:8808
bogdanxx90900.servemp3.com

# Reference: https://www.virustotal.com/gui/file/33d1d991a9bda6bdec91b6be82e7ddc684a8f7400ac8402917ffefa0a5dfd631/detection

121.214.208.2:3000

# Reference: https://www.virustotal.com/gui/file/fc9ee822f9872fd4ca4531d5a91e29adfdc3a4a9e2e8f6e668305fe3bfa9fada/detection

193.161.193.99:41892
oksosokak-41892.portmap.io

# Reference: https://www.virustotal.com/gui/file/e021d822f3a44473cd7d12518402469b38d200a27065c7aa757d13a15ae607ee/detection

197.206.218.240:5555
clayroot2016.linkpc.net

# Reference: https://www.virustotal.com/gui/file/54d53186682c7277d99c86cea69d45960d2867041477a0d9edae6f08c8e8b52d/detection

186.52.202.235:3040
cortanahost.ddns.net

# Reference: https://www.virustotal.com/gui/file/910c9c2a61c8748fe9bd3417eeb284535db3bbc30c6405f102002ecef3d6304b/detection

81.61.77.92:6606
81.61.77.92:7707
81.61.77.92:8808
campestre.hopto.org

# Reference: https://www.virustotal.com/gui/file/4f41374a921e33b06bb11f64e72bc02c2f928704ebea63682ec66b85b1349f44/detection

175.37.36.152:6606
175.37.36.152:7707
175.37.36.152:8808
kakejake.ddns.net

# Reference: https://www.virustotal.com/gui/file/15753a223aa59f5e2265569080d31e8351d546e6b7316c6660757a39bda94887/detection

121.137.39.232:5050

# Reference: https://www.virustotal.com/gui/file/fa2cbc10aa98e5cfe362065b2c19556c67dc8b7d48871008404f4778e8537f3a/detection

34.66.124.165:5555

# Reference: https://www.virustotal.com/gui/file/851d536bdf21ad02eab1ed632b7ef36fc5734e628c421c9f7c8dcb05d30f4d32/detection

198.251.64.252:6606
198.251.64.252:7707
198.251.64.252:8808

# Reference: https://www.virustotal.com/gui/file/b69e8a276d2c444b502238383ae3611714822c8605f074ef5a0a9a99c69b49a8/detection

79.173.65.159:19638
79.173.65.159:6606
79.173.65.159:7707
79.173.65.159:8808
rootaccountadmin.ddns.net

# Reference: https://www.virustotal.com/gui/file/1c02bb46103de9bf189deaf1b8915afa62186f1b0e1b90742b70b58e44962bf9/detection

178.33.93.88:19678

# Reference: https://www.virustotal.com/gui/file/20ef74b6ca8718706ca786c9cd8c9de916df7daf77c81f436ab23b6c50db0487/detection

49.175.99.35:1234
leepipi.kro.kr

# Reference: https://www.virustotal.com/gui/file/c811c161d9d0be1c09173a50af290a718729fd9509b63ff953ad4b07e2501657/detection
# Reference: https://www.virustotal.com/gui/file/f48d69fb64fe7ae544769ce22a0500e07ac2f945b12bc717b78ca77a7b5a6924/detection

91.168.196.175:6606
91.168.196.175:7707
91.168.196.175:8808
likatn.zapto.org

# Reference: https://www.virustotal.com/gui/file/ca17a69a46caf3e05a1cd8bf2f1d6679b55aa6ecf46ee63bf323ee892f88f80e/detection

105.107.4.125:6606
105.107.4.125:7707
105.107.4.125:8808

# Reference: https://www.virustotal.com/gui/file/c7cb970a67b5c370741e139dda48d47433477ab400e51a62a99b7a379a6c0dbc/detection

138.197.189.80:6606
138.197.189.80:7707
138.197.189.80:8808
blackid-35823.portmap.host

# Reference: https://app.any.run/tasks/b31c0049-b5de-40a8-9069-8c14e27b738f/

193.161.193.99:32260
Kupcia-53901.portmap.io

# Reference: https://www.virustotal.com/gui/file/81e96984130042d0ee70ae09a7bc9375974d513938e80877720d251330e4b37e/detection

39.122.189.147:1
fsft.p-e.kr

# Reference: https://www.virustotal.com/gui/file/1f48d54ad69726c01a7ae1e7ceff7ae6093005be1e100a75968476d72d75cf06/detection

101.179.85.220:1111
101.179.85.220:6606
101.179.85.220:7707
101.179.85.220:8808

# Reference: https://www.virustotal.com/gui/file/dcaf6810871062a1a5a292c8e46667a8b7de908d292513ef1c443929ce8897c5/detection

18.157.68.73:15558
18.157.68.73:16155
18.157.68.73:4444
18.192.93.86:15558
18.192.93.86:16155
18.192.93.86:4444

# Reference: https://www.virustotal.com/gui/file/bbae735df39c1301901ca97c6993f2b6fd7233a0360761eab8b65f2556df4517/detection

145.239.201.157:8443

# Reference: https://www.virustotal.com/gui/file/ee5dbfca30be494b6ad8ac1c18255b6054339de4aba768180a1f32e9921a30ce/detection

193.239.147.16:6606
193.239.147.16:7707
193.239.147.16:8808

# Reference: https://www.virustotal.com/gui/file/ff081035cd38c28b8093f8f0887450407e27a89ee1ff254dd627849bd6334fb5/detection

193.161.193.99:53485
hack567832-53485.portmap.io

# Reference: https://www.virustotal.com/gui/file/126a37d9189d9ef7872b74fb13f562bc8601622b6455e01fefd646b463966fa6/detection

193.161.193.99:39400
kepada9494-39400.portmap.io

# Reference: https://www.virustotal.com/gui/file/32e6114d2ce3e3c8f778769261cb06eb874b5f38271436d88053c41930f1ce47/detection

202.182.121.93:5050
kny777.kro.kr

# Reference: https://www.virustotal.com/gui/file/49510b87db400c9570b85eba6271642d0a157d0c8cd5457171a6564aa73e7795/detection

avantgrajgrup.com.tr
/ilksan_sorgu.php?tck=

# Reference: https://www.virustotal.com/gui/file/7c3eeba909d90095b3ac593ccc111251212ebe3304d5f9725325d81b2e6acd14/detection

13.82.134.169:48166
13.82.134.169:5555
13.82.134.169:6606
13.82.134.169:7707
13.82.134.169:8808
ROCK19870-48166.portmap.io

# Reference: https://www.virustotal.com/gui/file/292a0b69dfc9ff8aa030fdbe13e0bc047606177ea3250c597e06dfeec1c92304/detection

194.5.98.100:1337
blackhair.ddnsfree.com

# Reference: https://twitter.com/ScumBots/status/1315367256235311105
# Reference: https://www.virustotal.com/gui/file/b07c2fbb1e0470cdbffd9c1147de5cf1763edcc4c5a918ddc63ad49d1ecbc563/detection

45.95.168.116:1333
45.95.168.116:1334
45.95.168.116:1335
45.95.168.116:1337
45.95.168.116:1338
45.95.168.116:1339

# Reference: https://www.virustotal.com/gui/file/a3074419485db4ee08451afe2693184a89c031b3237e0a51b7627eb33eddc342/detection

222.114.199.209:5050
pyeonno.kro.kr

# Reference: https://app.any.run/tasks/5bc8c7e8-e45e-4fff-9fc6-7a380e82e03f/

193.161.193.99:54987
papachullan-54987.portmap.host

# Reference: https://www.virustotal.com/gui/file/7e3e36dfb02909a470035b63d7db577f62431689e631fc7e1f21198745ce339d/detection

185.165.153.140:6606
185.165.153.140:7707
185.165.153.140:8808

# Reference: https://www.virustotal.com/gui/file/39eb27e6d13e6a373bb1da0becb487e808ff2d3849d481eb0bd4aa3b6d398cc1/detection

79.145.12.52:1335
79.145.12.52:6606
79.145.12.52:7707
79.145.12.52:8808

# Reference: https://www.virustotal.com/gui/file/913033893ab065b61e551399c91cdd877c134dc7dadacacbc87c3dfd798653a1/detection

91.109.176.2:6606
91.109.176.2:7707
91.109.176.2:8808
mika201.duckdns.org

# Reference: https://app.any.run/tasks/407ac320-c34a-4b59-966e-1f8403fe92e5/

193.161.193.99:28793
saudis-28793.portmap.host

# Reference: https://www.virustotal.com/gui/file/708ba499db884070420f378523658870927c31654d03d24cdac303b5d60b0ac4/detection

2.56.62.44:4444
2.56.62.44:6821
2.56.62.44:6606
2.56.62.44:7707
2.56.62.44:8808
fuckmyass.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0cd8a5e9deb573fb2fda25cca06453abcd0a42ee7b0de44420973aeff3e0fcbc/detection

185.161.209.16:6606
185.161.209.16:7707
185.161.209.16:8808
bitcoins.giize.com

# Reference: https://app.any.run/tasks/ddf3cca3-adcc-4110-976a-b724a6aab722/

ectoraid.ddns.net

# Reference: https://www.virustotal.com/gui/file/fcdc5a453e07582d39d35234b39a67bbf958832ac88f0a82d413961482bdbcc0/detection

175.203.53.37:5050
nsr0209.kro.kr

# Reference: https://app.any.run/tasks/107f53fe-e988-40c3-9659-bb47c7283615/

193.161.193.99:60167
elechine-60167.portmap.host

# Reference: https://www.virustotal.com/gui/file/5979eee66faff5910c181a7b1af0111d68a0feda3dd974306f8e5c5624af7cdf/detection

51.75.169.41:6606
51.75.169.41:7707
51.75.169.41:8808

# Reference: https://app.any.run/tasks/7468050a-b7fe-4748-b667-6933722a010a/

193.161.193.99:33504
Scambaiter123ASAS-33504.portmap.host

# Reference: https://www.virustotal.com/gui/file/a95000dca55523f7c8a1293563a03693f973fc12f91618deb86ec5aeee353728/detection

151.240.194.206:7777
nethalpop.sytes.net

# Reference: https://www.virustotal.com/gui/file/9b9f13a8e3663e2b05e3af0b00abec4bc662b823a7fde9447164b9031bc59fe7/detection

52.156.134.11:4892
jah0seh.duckdns.org

# Reference: https://gist.github.com/silence-is-best/0aa844b003c62c6ce491e91e168ac662
# Reference: https://www.virustotal.com/gui/file/49f9c9e79441d891f84d5a457fed44897f95f8f691b387fcab2e63ec9a505667/detection

194.5.97.76:2121

# Reference: https://www.virustotal.com/gui/file/0c323c02db0a52d9a1764a74e3cb5a7bcc8e7b9839160179a772de3a6bc8cf26/detection

pounds1990.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ff734df4d09afad52e931fce898a5497b78081fbca44f091e55a3da4b47c1350/detection

185.140.53.141:2256
freshg.ddns.net

# Reference: https://www.virustotal.com/gui/file/0840d78515e4bdaa61b7d285b710361e19d10c31e34a0cfc58e5fae89e118bbb/detection

193.161.193.99:4332
193.161.193.99:57654

# Reference: https://www.virustotal.com/gui/file/4124fa166c07644eb29d7b813889a90795f9f1448f7cae2040a1375006748617/detection

91.109.180.6:6606
91.109.180.6:7707
91.109.180.6:8808

# Reference: https://www.virustotal.com/gui/file/3ba05ff4ea1e849ad3ce6780aadb44af45e48442f058510fcc096e115c853d80/detection

91.109.188.7:6606
91.109.188.7:7707
91.109.188.7:8808
mika202.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9cca37bc8df3f2d7d439db0ffb0ed8d4a1c2f88c5c43754bc78b674009b35b05/detection

109.202.107.147:7113

# Reference: https://www.virustotal.com/gui/file/e1a9c9a66a236487973368591a6735b9e14dd6a8c7be77106f63ec5835cebd2c/detection

203.115.24.234:8282

# Reference: https://app.any.run/tasks/0a2ba392-8c95-48d9-b4e6-b192643675c9/

193.161.193.99:26660
carminebongo-26660.portmap.host

# Reference: https://www.virustotal.com/gui/file/6e5fdf8624b69aa1cbda80d760e5a77143aafcf2b54617485023d2c520e7c431/detection

103.207.39.131:6606
103.207.39.131:7707
103.207.39.131:8808

# Reference: https://www.virustotal.com/gui/file/4467e78c9356062cd52d9d9da5dee3329558749d764ef8c72c14977ae65d139e/detection

82.65.39.148:6606
82.65.39.148:7707
82.65.39.148:8808

# Reference: https://app.any.run/tasks/c5ef1463-1168-4ef0-8536-d42d953c919e/

85.224.37.213:6606
85.224.37.213:7707
85.224.37.213:8808

# Reference: https://www.virustotal.com/gui/file/971226ecd2869473e61804629f46507232584393f74bf7f8cc11c6592e916ffc/detection

128.134.139.235:5050

# Reference: https://www.virustotal.com/gui/file/5052cc68d40a843a8500983cc7e8c84601e5221149f88f1aa135f328e9e1a9b7/detection

93.190.51.64:1234

# Reference: https://twitter.com/wwp96/status/1328325861456699394
# Reference: https://app.any.run/tasks/85c6b9fa-195f-43c2-b480-8dea0a699fb7/
# Reference: https://app.any.run/tasks/d6fa28e7-0425-49c1-a12f-0185af0ed4ab/

185.239.242.76:6606
185.239.242.76:7707
185.239.242.76:8808
5.230.22.165:6606
5.230.22.165:7707
5.230.22.165:8808

# Reference: https://www.virustotal.com/gui/file/815e7085a1cf084e05f86a972b0d91b4e5555577f8d47528d79d85dcbb45bc4a/detection

79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808

# Reference: https://www.virustotal.com/gui/file/17433a45b35d1eab013795ac90856a2349ed97974c05653030279c52a367774d/detection

137.135.73.55:18
137.135.73.55:6606
137.135.73.55:7707
137.135.73.55:8808
cemnasq.duckdns.org

# Reference: https://app.any.run/tasks/e7870287-b274-4f3b-9246-e7104d7f9cc3/

45.144.30.41:6606
45.144.30.41:7707
45.144.30.41:8808

# Reference: https://www.virustotal.com/gui/file/f3fcbb0fedb1e3b732185aebbf845ca185c950ca3635026d8a754312220577c9/detection

212.239.144.144:1177
212.239.144.144:6606
212.239.144.144:7707
212.239.144.144:8808
liligharba5.ddns.net

# Reference: https://www.virustotal.com/gui/file/1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831/detection

78.161.81.149:1604
78.161.81.149:222
78.161.81.149:6606
78.161.81.149:7707
78.161.81.149:8808
ipmdegismismalcry.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d0f7a30d75237013c95ab544faf873ba165f252321c49e2ccc5e5b43126a4c3d/detection

84.117.241.36:1604
84.117.241.36:6606
84.117.241.36:7707
84.117.241.36:8808
sexpulapistol.ddns.net

# Reference: https://www.virustotal.com/gui/file/c6565e82f8873c8064caf5e73f1fe276b103c131e6df769dfd5bce2da760dca0/detection

91.105.195.23:5679

# Reference: https://www.virustotal.com/gui/file/7017de5d73a4f3bb86c343d87148c3af0087191fd401632b2643368ad38d0929/detection

90.37.128.28:1111
90.37.128.28:6606
90.37.128.28:7707
90.37.128.28:8808
osinte555555.gotdns.ch

# Reference: https://www.virustotal.com/gui/file/cf69b63b9cb0ecae224f272bbf7d02fefa14e31ea1e2dab90d2f7fad8b742edb/detection

45.153.243.96:8888

# Reference: https://app.any.run/tasks/57ef4913-3bdd-47c9-bbca-1d16df9b9c1f/

193.161.193.99:24383
nullbytes.duckdns.org

# Reference: https://www.virustotal.com/gui/file/32ac22ae67128eee2d9771d0d579ca2fd222dc5937480391df2b1f50af84bd1e/detection

23.95.13.157:5356

# Reference: https://www.virustotal.com/gui/file/99c1bb646297307dad07a81cc77cd283f6eb854ab9b33a322725add022528bec/detection

185.20.185.96:9091
giness.giize.com

# Reference: https://www.virustotal.com/gui/file/a8e0a5a7a055e7d431c3e28f77d81c9d7a4a6f3449382c7a88ae52a52091cdd7/detection

185.20.185.96:6606
185.20.185.96:7707
185.20.185.96:8808
genlast.giize.com

# Reference: https://www.virustotal.com/gui/file/67d0d003a313f542a40efad51c91a6b81f13a9d7da5059edc39c9d7ad5b1c166/detection

105.108.31.15:2020
frefiredll.servehttp.com

# Reference: https://app.any.run/tasks/8be5fee5-16e7-46d2-8b79-186227574f25/

201.219.204.73:1881
dfdfcdc1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ee3e0599c68bd9454f2e9175faa65c9a474160bc41acb07532158b6309ba991c/detection
# Reference: https://www.virustotal.com/gui/file/edab64dac1dee32fef52a0871d0323e1b5bf246d70aa0617d83dcc7975bef283/detection

14.231.186.175:5555

# Reference: https://app.any.run/tasks/6a264419-9242-4e6f-9974-abc8cc7c194d/

14.231.186.175:8888
getcookies.ddns.net

# Reference: https://www.virustotal.com/gui/file/fa26846e38ca581bcfeb41da686153970b4d29ed706e76352dd2771c12267cde/detection

anunankis10.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c92433dcc69cb79b43a176f68820d85c4c8d7ef0a6b31881de5e9cfb70464d14/detection

85.214.37.238:9192

# Reference: https://www.virustotal.com/gui/file/4082d61ef1a193655d3d50eb923fb95e4d0026de3104f2d5f4e162597e6d37b6/detection

88.232.12.125:150
nonick55400.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d2000f86d47cc1a1ab87f3080c90b4b61aaa317aac5c2d4cd8609286ebacee8b/detection
# Reference: https://www.virustotal.com/gui/file/cf4ddce71aba43a35beb19ec82d3e90b0008c09b3e6018d286ba321616ced13b/detection

46.114.109.193:59999
83.135.171.146:59999
drei.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3c634e5d4ee8aa6eeb7896e14bc39c6ab8b4ceb39dc26bc09418e4bfa9b0820/detection

193.161.193.99:28070
lufeteme08-28070.portmap.host

# Reference: https://www.virustotal.com/gui/file/9160bff6b2976faebb45e316ae521f76fc25893a85818c02317b3435163545c8/detection
# Reference: https://www.virustotal.com/gui/file/7940abde1678d42fc39c4cc0c69a17d2903c462747d9f8115b2b68f4a0f3d768/detection

206.166.251.78:6606
206.166.251.78:7707
206.166.251.78:8808

# Reference: https://twitter.com/jorgemieres/status/1336699712796299264
# Reference: https://www.virustotal.com/gui/file/558af040bcfa1aaf774e953cca682eaaf38ec8c4f3ca4f3e24e0ea8a783ca1df/detection
# Reference: https://www.virustotal.com/gui/file/1f89b0e486eb986a03b0a5cbbacc8f4e7552f5b9ed74c408ae9febd2e424dbdb/detection

23.105.131.244:1881
maraddiego763.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1342046396048932865
# Reference: https://bazaar.abuse.ch/sample/c397eb85439a20b9185e001ec8cd286281d27d6be336d32e93558e451e6aeeeb/
# Reference: https://app.any.run/tasks/74f1a309-b81d-447c-80c9-fc94ed5a0d41/

3.22.15.135:14345

# Reference: https://www.virustotal.com/gui/file/ab62e63b551e5f354ec3fe9fd7142d9a07311af48a898ab02faa8a9067fa9894/detection

47.93.12.104:6000

# Reference: https://www.virustotal.com/gui/file/258d5d44809036c29e621367b7aec4338278950edf3766277e3a891bcb8200d6/detection

78.163.1.80:1608
78.163.1.80:6606
78.163.1.80:7707
78.163.1.80:8808
kurbanlar12.freedynamicdns.org

# Reference: https://app.any.run/tasks/816acf79-0c72-436c-b229-3cae510f1308/

118.91.123.84:6606
118.91.123.84:7707
118.91.123.84:8808

# Reference: https://www.virustotal.com/gui/file/82e765d576749be75f8eec64ab5cb4c934b494e30a74fc9a4f70b1c8d3cb25ef/detection

212.125.28.114:4096

# Reference: https://app.any.run/tasks/b1409386-ce03-4eea-8a2e-32434ba38ee5/

37.120.208.40:49746
chongmei33.publicvm.com

# Reference: https://app.any.run/tasks/c1f8c77d-4c72-4419-a381-8d166413e5e9/

193.161.193.99:23074

# Reference: https://app.any.run/tasks/cf031967-ce6c-4a6e-8b9f-a718560ee709/

68.235.43.126:56927

# Reference: https://app.any.run/tasks/005ff4be-a1df-4e61-9390-b61d968ed4c0/

125.209.137.105:6606

# Reference: https://www.virustotal.com/gui/file/a6264de41b4d2ad578a3ec5e082b621dcbf3b716e9bbe86f66682d785c7fc476/detection

45.140.146.29:7979
45.84.1.78:7779

# Reference: https://app.any.run/tasks/4585a843-0924-4dfa-9714-322eb3a61d12/

193.161.193.99:48622
crazynigga123-48622.portmap.host

# Reference: https://app.any.run/tasks/fea4d4d7-cc76-4655-8e00-400d40f683ab/

79.42.176.16:8080
backdoor.sopix.it

# Reference: https://app.any.run/tasks/afd0acb5-ce1d-4a29-b525-cd198d6d69fd/

3.13.191.225:12246

# Reference: https://app.any.run/tasks/85ac5faf-d2bd-4e6c-84f4-276c16c8c260/

20.50.121.62:1604
arda3369.duckdns.org

# Reference: https://app.any.run/tasks/fbf0f2b7-868b-4aad-b0b1-8028f3303b73/

193.161.193.99:25740
skeetware-25740.portmap.host

# Reference: https://twitter.com/Glacius_/status/1354914904004820992
# Reference: https://www.virustotal.com/gui/file/baec9d73487e85c2bdd78b6ae43abaa6a7fec4b969d92b14427e8aca0510a24b/detection

172.241.27.124:6666
fat7e0recovery.ddns.net

# Reference: https://www.virustotal.com/gui/file/ca15972126b044ee0306f30aea6ee94ac41c3696c6c4789649a8554c8011acd2/detection

193.109.78.123:5454
193.109.78.123:6606
193.109.78.123:7707
193.109.78.123:8808

# Reference: https://www.virustotal.com/gui/file/1ee5494e35b15b468334a05ab0b8b233cf09d3fdaf6b2fbfa997f30bb7e95534/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808
supertop2.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1355991497095700491
# Reference: https://www.virustotal.com/gui/file/a9c4777eaa8ebd606b60f1a40c3789fe3cc0fa874610fed377cf1aea7093d638/detection

118.91.99.226:6606
118.91.99.226:7707
118.91.99.226:8808

# Reference: https://www.virustotal.com/gui/file/6d46e1bb744cc57d651c3812520e5efa06f760631df2740987ade7b1340262dd/detection

3.138.45.170:14232
52.14.18.129:14232

# Reference: https://www.virustotal.com/gui/file/fc96f417ac8229c6b5bb9303f3256d0ed54e416ae2328360b31c72b8b77bd027/detection

3.14.182.203:15821
3.14.182.203:25565
3.138.45.170:6606
3.138.45.170:7707
3.138.45.170:8808
3.138.45.170:28856

# Reference: https://www.virustotal.com/gui/file/3f82201b874febc1f265408f7574966eedd494c87ab21e20099c0463341c4ec5/detection

51.83.21.214:1177

# Reference: https://app.any.run/tasks/0713ac99-9dc7-4ea8-b408-dfc72f582df0/

62.228.99.44:25565
swiftyboiiiii.ddns.net

# Reference: https://www.virustotal.com/gui/file/cf0ac94c2958739cad12578e671278f78e9a36ca8dfa060e7cb99beacf5443f1/detection

77.149.2.122:5552
hookshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/4864f1d1db04b797fd2e43e2a842afe736f7a8a69d985d20c0a506b2cd1e6710/detection

201.219.204.73:1881
ortegadani4521.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3794538f0e3b4c499c8f5edf04fa2ee3bbf61cf51c9185ee60184d1473db6c58/detection

91.109.190.8:6606
91.109.190.8:7707
91.109.190.8:8808
mrtx.duckdns.org

# Reference: https://app.any.run/tasks/99dabdb4-e15c-4a04-a587-01ebe4a1ecb0/

193.161.193.99:47970
Lollypopman34-47970.portmap.host

# Reference: https://www.virustotal.com/gui/file/4fb8606551676da10e81801a00d3fc7899c064b4ceec54939b41e8cdd7f81159/detection

209.99.40.220:1000
updatersvc.duckdns.org
windowsupdater.system-ns.net

# Reference: https://www.virustotal.com/gui/file/292f5a19fadef7188670b8bc2e69bcd9d1f54c7e23928427392dc135dcdc8a0d/detection
# Reference: https://tria.ge/210214-whb5qfxctj

23.102.129.234:6606
23.102.129.234:7707
23.102.129.234:8808

# Reference: https://www.virustotal.com/gui/file/c4c4c3ddd9cf42d0352a5135a9250a0cc64a40a8ed49ca860cf31061cfca5304/detection

40.75.8.74:6606
40.75.8.74:7707
40.75.8.74:8808

# Reference: https://app.any.run/tasks/9528fcbf-be7a-42a4-b363-808a22a624fd/

52.14.18.129:11677

# Reference: https://twitter.com/reecdeep/status/1361585509387149315
# Reference: https://app.any.run/tasks/4c21b945-025a-4fe9-9296-eadb5f04cf50/

103.151.123.132:6204
severdops.ddns.net

# Reference: https://app.any.run/tasks/d343dc45-6f76-4c18-aeee-4f1cf7e1764e/

193.161.193.99:55575
gzzzjc-55575.portmap.io

# Reference: https://twitter.com/someinfosecguy/status/1362440625619144708
# Reference: https://tria.ge/210218-jmjxwxbpqx/behavioral2

193.161.193.99:26187
193.161.193.99:64861
malkalanok357-26187.portmap.io

# Reference: https://app.any.run/tasks/654e69f2-b60d-4dd5-8cf4-895123bbbe08/

95.252.85.20:8080
unbelratcomesideve.ddns.net

# Reference: https://www.virustotal.com/gui/file/c75f28cdb21bec49700a7579d3b630074e3fb6de4cda70c5937dcd8424bbebbf/detection

121.137.39.135:5050

# Reference: https://www.virustotal.com/gui/file/fad55e42bde0dce163f94a0ac272418b17100a67e439574fdc49ab7e2b12bc3e/detection

220.78.222.190:5050
yohan002.kro.kr

# Reference: https://app.any.run/tasks/5f595a39-7203-4809-8d78-e3431e057227/

193.164.7.176:6606
193.164.7.176:7707
193.164.7.176:8808

# Reference: https://app.any.run/tasks/7cc3c6d0-fe7e-4491-8d55-9f1644649546/

193.161.193.99:36606
sizetmp-36606.portmap.host

# Reference: https://app.any.run/tasks/a542e55d-6ff8-4aaa-9f49-13ea77bdbfd5/

69.136.25.93:54115
azxsdc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/2399e5acd8e6fec2e83de445cf83b598676f57fdfedd1f67a7872a5009866591/detection

154.16.67.107:1177
newss.myq-see.com

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365774874870972416
# Reference: https://app.any.run/tasks/119bfa2f-93ed-46e1-8ade-2eb69c0165d2/

194.5.97.132:35714

# Reference: https://twitter.com/wwp96/status/1366429485080457221
# Reference: https://app.any.run/tasks/d93648e9-999f-4a82-b7ee-3d318546c9c6/

152.89.247.27:1210
3324546.duckdns.org
owncablestdywirecord.dns.army

# Reference: https://www.virustotal.com/gui/file/1b3d41d44659ff038cf8aafdc5ff021646771106d957783aecdff725158c216c/detection
# Reference: https://tria.ge/210305-v3pe2f2w5s/behavioral2

177.124.77.43:4000
micomico.ddns.net

# Reference: https://www.virustotal.com/gui/file/7b5ac1f2b4852a2c27afd5c5529660f71f0e7ad0f890208ed3f5e248d6e7b84a/detection
# Reference: https://www.virustotal.com/gui/file/3decf98948eb4ae09dec3ff5955f33bd9c4ce38cdccae4107f3fa9bfffb7b050/detection

85.170.227.97:4000
85.170.227.97:5000
rat94522.ddnsking.com

# Reference: https://www.virustotal.com/gui/file/b04d9a311d595e1d0a44992ecd4ea00528270378d0e52da5dc75b8ccc1ce5599/detection

31.220.4.216:1738

# Reference: https://www.virustotal.com/gui/file/b77906648505d304d711b3021f19104a70f7725f6021e4cee0d492fa96597028/detection

potrq.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdbb642769e8cc0eec1e09d29c9635d76d5885abb07deca4d2ef5c84bbba5c67/detection

136.175.8.57:1177
100k1.ddns.net
100k2.ddns.net

# Reference: https://www.virustotal.com/gui/file/bc796e4f7602321306d3762eca6dc809ee2c043caf03386deb17b1422209a1ec/detection

45.32.200.152:1177
fat7e07.ddns.net

# Reference: https://www.virustotal.com/gui/file/67d8ec4d7cde7188fc49f8268a10855abe89cffffc13c6f6111ba904caebe6f7/detection

93.93.193.189:9341
corporation.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/78430db636f5d5be5dd3959a3f74b14792897b8fdea1de1c441eba120164cfb6/detection

liverpoolsupporters9.com

# Reference: https://www.virustotal.com/gui/file/3c7d9801bed9dc95108527bc38cbc100260c5bd76331adffb9b21620c91b5049/detection
# Reference: https://www.virustotal.com/gui/file/c4b9e67adddddb84ad88135affcf47881c6ff4a560557e760da2990aaca02510/detection

186.4.232.55:6606
186.4.232.55:7707
186.4.232.55:8808
rcvasconez.ddns.net

# Reference: https://www.virustotal.com/gui/file/2f9e71f1807b0e909226f4fced8c62fb38c787b2ae56ec8646ade0a6a54ec725/detection

193.161.193.99:43299
gammadoppler123-43299.portmap.host

# Reference: https://www.virustotal.com/gui/file/0100972f01df9b75c0958a7198170d2d37a51f1d500501bcdbf122bb43253bcc/detection

102.36.149.155:30300
79.134.225.11:30300
rbltd.ddns.net

# Reference: https://www.group-ib.com/blog/rats_nigeria
# Reference: https://www.virustotal.com/gui/file/8613c29feb93ea1eb6a48e037da61e0643ca06234d51462814e0b314e2aa9b50/detection

http://68.235.38.157
east-ge.com
kingtexs-tvv.com
mariotkitchens.com
sommernph.com

# Reference: https://www.virustotal.com/gui/file/fee6cda76d8c5b289b76deba1176049e529f51ac06f817a8a22ec77b17d74f35/detection

188.161.190.135:6606
82.205.21.99:6606
82.205.22.86:6606
188.161.190.135:7707
82.205.21.99:7707
82.205.22.86:7707
188.161.190.135:8808
82.205.21.99:8808
82.205.22.86:8808
squadx.hopto.org

# Reference: https://www.virustotal.com/gui/file/95fbecb2d0b0aa0fa80e02732237fc9eb43fc9f8af1efff062435b44b57f1a03/detection

97.90.7.88:4782
97.90.7.88:6606
97.90.7.88:7707
97.90.7.88:8808
cademc.zapto.org

# Reference: https://www.virustotal.com/gui/file/e706bf49908519c14eb135357c5cd822be3f139be7365a94081b54342db0eb91/detection

20.79.41.10:5967
tayfagreatie.duckdns.org

# Reference: https://www.virustotal.com/gui/file/23d4837df84a76f96c674581c96e6a1729bac2981787d3b36ac5149d861f13e5/detection

160.152.102.175:8988
160.152.102.175:8992
loading8992.bounceme.net

# Reference: https://www.virustotal.com/gui/file/668d4a42b6e049ee80146d86f93c706a6598c90156b670b966a4a413a83e58d1/detection

144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/af8558a48c8cd10691fc61aba79b6522807ff92a85fe833556445dba63f149d6/detection

45.77.142.82:9797

# Reference: https://www.virustotal.com/gui/file/2f054e75bbe251c38dfa8a3a31d51123d71f80054720c909ed3901e14859c656/detection

49.12.11.240:6606
49.12.11.240:7707
49.12.11.240:8808
49.12.11.240:6821

# Reference: https://www.virustotal.com/gui/file/89c38091fdb1977853e9533b62a68082b65dfa61007bd7d7f9dfaa228646252b/detection

20.52.142.130:9797

# Refereence: https://www.virustotal.com/gui/file/fe57fc52dcd3215bca8bc6cebb224eb2c2d2b5238f3b671e84147ae555af936d/detection

144.202.70.248:6606
144.202.70.248:7707
144.202.70.248:8808
144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/ab09142c8ecb158bb84696cb92e922fea9959a57bc6e1bacc6d8e87ffc1c63f8/detection

45.32.211.35:6821

# Reference: https://www.virustotal.com/gui/file/96f0812b2f8c0589a04b40ea1a9438d41e901ef660ed493c3d5221c535c18b4a/detection

216.230.75.194:8621

# Reference: https://www.virustotal.com/gui/file/c64c2b5fd4c90ac4dd5c41b733d43669fd3dfa75342d98f29b7bd3178e6374de/detection

139.99.73.120:6606
139.99.73.120:7707
139.99.73.120:8808
139.99.73.120:5555

# Reference: https://www.virustotal.com/gui/file/30368f7cf5ab4464ed45c1cf1c7a21110663a56b56ee5fe94a4e9bb376e2d5e4/detection

91.109.180.5:6606
91.109.180.5:7707
91.109.180.5:8808

# Reference: https://www.virustotal.com/gui/file/c06fdc9f0dbfd0b42d74c9226ed28f3f52b5bfc04af70f58b8b5b16439196184/detection

185.19.85.167:3413

# Reference: https://www.virustotal.com/gui/file/f7b01c9dd7e2184231f40d009c54374d0cdcf563e987fe2a3586e6b767852dea/detection

175.144.21.17:2703
185.244.30.92:2703
192.169.69.25:49703
37.120.208.36:49746
79.134.225.92:49703
87.98.245.48:49746
chongmei33.publicvm.com
rahim321.duckdns.org

# Reference: https://www.virustotal.com/gui/file/62a8add7d225619b038ee5e87b9546fbdb796c98b1c65fc4ecdc4b079069500d/detection

95.211.239.205:777
tahoo.linkpc.net

# Reference: https://www.virustotal.com/gui/file/dfc5f5a467242e30666b413878511d034ab02651a8b791732b70317a72c6a543/detection

105.103.141.231:777
domaineweb.publicvm.com

# Reference: https://www.virustotal.com/gui/file/7081ef94c2d39376308f54702b74cc685f2489f90d95f1db288ff96c7e434202/detection

184.170.245.2:6606
184.170.245.2:7707
184.170.245.2:8808
hacker1313131dd.ddns.net

# Reference: https://www.virustotal.com/gui/file/7cf0450f46dbf13e125b76f7358c0505a9b5e6655d908281ed00b8ce5c94a3dc/detection
# Reference: https://app.any.run/tasks/409d87b3-2e1a-4699-9fb2-42bc6c107dda/

105.112.46.168:2021
105.112.78.3:2021
kimjoy.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3566a97c163540e23dd172c1c872bb8e4dab98c1a049bacef3f3fbf68744835/detection

74.199.72.115:3702
nazinaturistic.ddns.net

# Reference: https://www.virustotal.com/gui/file/bd30df969f3a11aabd58ff65c72fd14a507ee43efe4d77331338facbeaed77c4/detection

195.62.33.67:9911
bad96.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d9ea4fd548efa07e3051dcef175d5b0446958cdf0d7f623a0f98945acc1dbb8/detection

94.61.14.42:6606
94.61.14.42:7707
94.61.14.42:8808
robloxfanscripts.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1389666118294327297
# Reference: https://www.virustotal.com/gui/file/146f7a39df033afe4bb001da5b4a6eceb89f9efab5538c470b7f7f3cb4bbd15e/detection

79.134.225.18:2455
franco.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee67445d4ffeedd7c11e1e14949bf0f6060f34352e3f2c8d2184ffe0b4d235f/detection

79.134.225.18:6606
79.134.225.18:7707
79.134.225.18:8808 
bigman2021.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8d2b3f58baa5dc605a8618d66b3070c97b8f3f01c214c3e39b0d3df1c820f12f/detection

78.189.145.29:1064
cancan01.duckdns.org

# Reference: https://www.virustotal.com/gui/file/192b8b333a2d956f13512165a108e109e79f73680e28af2e98f4aafbaea378f4/detection

89.160.26.37:1907
89.160.26.37:6606
89.160.26.37:7707
89.160.26.37:8808
leoz07.ddns.net

# Reference: https://www.virustotal.com/gui/file/af844d4f524a764af31c6d600148248dae088a54356bbd63604f93602ae8a655/detection

41.105.36.185:1231
170293.ddns.net

# Reference: https://www.virustotal.com/gui/file/aefeb07afc0d9f4d09ab09317db14edef1b58df175f70cf6ea88d7f6cdce8cfc/detection

159.242.234.220:8991
160.152.102.175:8991
160.152.128.216:8991
160.152.155.95:8991
160.152.184.22:8991
160.152.34.228:8991
160.152.57.245:8991
197.210.70.144:8991
197.210.71.96:8991
79.134.225.119:8991
adobe.myactivedirectory.com

# Reference: https://www.virustotal.com/gui/file/d452cee94e3a2d58b05e9f62a4aa4004c0632d9b56fa8b57664d295bc88c4df0/detection

160.152.128.216:8988
160.152.155.95:8988
160.152.179.159:8988
160.152.71.32:8988
5.62.58.238:8988
79.134.225.119:8988
160.152.128.216:8989
160.152.155.95:8989
160.152.179.159:8989
160.152.71.32:8989
5.62.58.238:8989
79.134.225.119:8989
asin8988.ddns.net
asin8989.ddns.net

# Reference: https://www.virustotal.com/gui/file/e8aca8f27af178b2c191206c7bc04bfddc604a78b95699a72ca20c22f618c9b0/detection

160.152.187.169:8988
79.134.225.119:8988
160.152.187.169:8989
79.134.225.119:8989
160.152.187.169:8990
79.134.225.119:8990
asin8990.ddns.net

# Reference: https://www.virustotal.com/gui/file/d88f2958d0acb7f06c1cfbf71f496477b5bae94fda49b9084def65709b211546/detection

41.102.72.91:2019
mrdiazdz.myq-see.com

# Reference: https://www.virustotal.com/gui/file/7e2c927caec040c6a134fbcd520023dd48379be367b6af0a353dfc1e4d0bcc3d/detection

79.134.225.7:9476
sipex2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/af664ecd43c0dd5152022855d80d3faa80bf938477b7959fdfe3d67c50ab93d6/detection

14.191.50.101:8080

# Reference: https://www.virustotal.com/gui/file/2fd8dd35009746246e06cafdd744c0bea6862576483a55a93b3c00de75989876/detection

77.247.127.24:6666

# Reference: https://twitter.com/pmmkowalczyk/status/1392794233724100608
# Reference: https://www.virustotal.com/gui/file/d17a7a0afd4342b88db7bfdba2ed30b44e03d95104d27d5e869bf7641895ad5d/detection

46.101.140.16:47533
fnk3.playit.gg
far-street.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ea3e00b1c26220883d6e27179ec9391efa9a2062414eb1c5576db0e204291104/detection
# Reference: https://www.virustotal.com/gui/file/8ab4f231ebf6150eb8bcfa302353732cce3f6c72ea7892f27a22e2720509dc37/detection

134.122.66.170:1604
134.122.66.170:1700
134.122.66.170:55772
134.122.66.170:8929
139.59.82.105:1604
139.59.82.105:1700
139.59.82.105:55772
139.59.82.105:8929
bng1.playit.gg
fnk1.playit.gg
roasted-egg.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4cb3d0afec4c271f4d2351022cecd072a7ef96b7c2f63223144278de67067d42/detection

157.245.170.36:1604
157.245.170.36:55078
157.245.170.36:6606
157.245.170.36:7707
157.245.170.36:8808
crooked-wash.auto.playit.gg
sf1.playit.gg

# Reference: https://www.virustotal.com/gui/file/b3a697477ca999a3cedb88a7dfef0735ac12032f26106008a31c6db4bdf1b7c8/detection

134.209.194.210:56635
ams1.playit.gg
gullible-substance.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/05030526532dbe4d0a3e49140489439468957d6dea9f482ff983e778b21c61d0/detection

147.189.168.238:1996
nova22.ddns.net

# Reference: https://www.virustotal.com/gui/file/d3b9abaed3de3549b0fc83ec846a02612d91dfaca5a82aad2d7fa58b6e6c8f59/detection

134.122.66.170:59266
enchanted-sugar.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/5acd937d84b28e21755ea9707e88cb73eaa6f183f03568e69077eee97ff5c6ca/detection

134.209.194.210:56874
134.209.194.210:6606
134.209.194.210:7707
134.209.194.210:8808
bored-baby.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4a69b932f7d7abe2e40d828020271ad2c82895fe0e45639a5e63898097383229/detection

waiting-distribution.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/25b60ae10029b3dc5b7c9e0c4fda13f676fd138f9407fb3d515b16f307964987/detection

134.122.66.170:2626
134.122.66.170:52083
staking-afterthought.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/c984664d6300015a18c84ddf60d978b2cedcf5323dcf32365b72456766770dec/detection

134.122.66.170:56797
134.122.66.170:6606
134.122.66.170:7707
134.122.66.170:8808
parsimonious-elbow.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/f7aede4740b641f6ca71b683741b35e4cd8fcb9cd9aac929605e2f41de19db76/detection

smelly-plantation.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ae068da2d2b92d3884eebcb3b088d3764c64899341deab9e431bb0cf5af2f011/detection

134.122.66.170:52859
parallel-spade.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4816d6f30051bd5fd3b3c585ab45068cc68b1698bedebdf829b6df2c1345787d/detection

151.115.36.90:51696
151.115.36.90:6157
scintillating-jeans.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/3c19eba85ce343b5cb5a2afd7036a2528c520c19dae153c9c50552ec2f33d548/detection

46.101.140.16:59842

# Reference: https://www.virustotal.com/gui/file/7787b0ad1912dfe4feac545132d8c27f2cd89f1f9a8cf1ed7d787a487e523e9b/detection
# Reference: https://www.virustotal.com/gui/file/5c3d28aefe454f0503484f737fd56fb0303c93556c579c4568a72d684ee14ed3/detection

46.101.140.16:49723
little-toothbrush.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/0d937a6efda9883e93d429cf6c4d60dc145ed5f3fd69ddb744cb44a4a0b7396d/detection

46.101.140.16:47458
slippery-cactus.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/8e1ae1790f2ee8b22b8956cd8b1cedf9b0bf82246d5d5a998bc503ac780b3496/detection
# Reference: https://www.virustotal.com/gui/file/f8e56bed47bf278dd23e4e8bbac71c8bc0464bfb91c07c242a2d26a37aa83d16/detection

46.101.140.16:47537
tremendous-icicle.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/822edf21c4b1bdd1a85dc45219158b462323339f5510c9780c900e12a8a125cf/detection

151.115.36.90:49057
151.115.36.90:6157
cloistered-dogs.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/b47b6d3289ae1968dbf8c2ade9b51b8648e422b1676e5ca320f588768b90a28c/detection

134.209.194.210:59208
46.101.140.16:59208

# Reference: https://www.virustotal.com/gui/file/29e7e0de201646f11e3ac7b7f861cc489e5f8343834871de5143e4842d1718ef/detection

46.101.140.16:46467
unkempt-silver.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/32b3b1966fae4e513fa11870958bf2fd585144a9b9a37b4ed0da8f9871f40176/detection

176.136.47.220:1605
176.136.47.220:6606
176.136.47.220:7707
176.136.47.220:8808
xuehue.freedynamicdns.net

# Reference: https://www.virustotal.com/gui/file/90fab6977cc5f967959d3dd307d4dd99dfa8da7f7fe2c159c1e7911bc6f5105f/detection

20.52.37.83:6606
20.52.37.83:7707
20.52.37.83:8808
orospureaxx.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cdbbddacd34d002729ac3889252f36c544b936002005a2f357e831cb2f669d7b/detection

194.76.226.201:6606
194.76.226.201:7707
194.76.226.201:8808

# Reference: https://www.virustotal.com/gui/file/dc3e48d0b12659129b857a0293e2978a29809664572b4f6f556491ca4f677dbf/detection

150.107.31.190:9060

# Reference: https://www.virustotal.com/gui/file/69642f95f35b3d14f1123de60819e66e59c8f125defb58d23b8766f498597de3/detection

79.134.225.53:9872

# Reference: https://www.virustotal.com/gui/file/494924af556726976ac133cfe12a92b3d5b193f19df0d3ea785c645cea18e6fb/detection

24.101.234.141:4782

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1400166564268331009
# Reference: https://www.virustotal.com/gui/file/c810a1bde5027f6fcf656067381133c6c8e61349cd05b4f4c7a9695b9a44f31f/detection

195.174.209.145:1781
195.174.209.145:6606
195.174.209.145:7707
195.174.209.145:8808

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1399327839896342529
# Reference: https://www.virustotal.com/gui/file/e89d388de70b933316724146def5eeab047a08514b7bf70bcea3916e09162669/detection

peebeekay-22139.portmap.io

# Reference: https://www.virustotal.com/gui/file/6610572cbe4075996e903d9e13a29cf812537be7b7ed2d9f6bc341a3998f4459/detection
# Reference: https://www.virustotal.com/gui/file/48b3e497f5e533a663b3686b731bcf2b486ba3aedb006091fd95d1f573944c90/detection

87.132.215.23:4250
89.182.98.3:3601
dontreachme5.ddns.net
dontreachme.duckdns.org
dontreachme1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ec503a0e10888dfadfaa3716eb128b6dd7479fd708e45a181cba7c14e8ad59f9/detection
# Reference: https://www.virustotal.com/gui/file/ee45e7b7efce62cdf53205e25010044bd2612498113e665e76f9731d4e2843e0/detection

162.255.119.29:54984
173.189.160.249:54984
snow-leopards.xyz

# Reference: https://www.virustotal.com/gui/file/1c1aad21ca7a30cdb51deac733927ed1b603c242b7640c9e42605ea8202782f2/detection

106.214.237.83:8088

# Reference: https://www.virustotal.com/gui/file/f6f4e3772ac0e480939d5af16464ba425c44040e1f1ce6edb82591694d5e3f01/detection

ooyeah-24044.portmap.io

# Reference: https://www.virustotal.com/gui/file/44b58d71e60589298b48dbbdcd296ebd7b0330dceb8988369267a167a85d631c/detection
# Reference: https://www.virustotal.com/gui/file/b564ee571c17fcf612bf67207a44d92e463f1c12c2558f205c4cbb45d8950839/detection

141.255.155.84:4444
141.255.157.163:4444
cryptserver.hopto.org

# Reference: https://gist.github.com/myrtus0x0/deb815eadd362f660aabb41a7806e187

172.93.222.156:6606
172.93.222.156:7707
172.93.222.156:8808
173.63.124.155:1604
178.33.222.241:2703
178.33.222.241:49703
178.33.222.241:49714
178.33.222.241:49746
185.165.153.116:2703
185.165.153.116:49703
185.165.153.116:49714
185.165.153.116:49746
185.19.85.155:5080
185.244.30.92:2703
185.244.30.92:49703
185.244.30.92:49714
185.244.30.92:49746
194.5.97.249:9951
194.5.98.196:4529
194.5.98.107:6970
203.115.24.234:8282
37.120.208.36:2703
37.120.208.36:49703
37.120.208.36:49714
37.120.208.36:49746
45.153.243.96:8888
45.35.158.173:6606
45.35.158.173:7707
45.35.158.173:8808
54.246.188.45:6606
54.37.36.116:2703
54.37.36.116:49703
54.37.36.116:49714
54.37.36.116:49746
79.134.225.92:2703
79.134.225.92:49703
79.134.225.92:49714
79.134.225.92:49746
79.134.225.99:4726
79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808
91.105.195.23:5679
agentpurple.ac.ug
agentttt.ac.ug
bruhmoment123123123.ddns.net
dongreg202020.duckdns.org
gateway.swat.host
genjustu.hopto.org
johnboo.hopto.org

# Reference: https://www.virustotal.com/gui/file/6c9d744a929a0e67b79dbb669cf8be1ac357b0e8eb75074ace81fa90857e5552/detection

197.1.99.237:6606
197.1.99.237:7707
197.1.99.237:8808
197.1.99.237:9995
197.238.81.24:6606
197.238.81.24:7707
197.238.81.24:8808
197.238.81.24:9995
chromsec19.zapto.org

# Reference: https://tria.ge/210528-3n4n93ztka

185.19.85.168:5946
shugardaddy.ddns.net

# Reference: https://twitter.com/petrovic082/status/1397093409521905664
# Reference: https://app.any.run/tasks/a1d1ad79-e892-450e-99ff-19aea71774ce/
# Reference: https://www.virustotal.com/gui/file/51863340741893ed0860f30704e00ee4e4c4f0ac4b2c6eefd5e765008f20eb29/detection

scarsofthesoul.com/wp-content/themes/45gHdoYZRK3EEBAC.jpg
scarsofthesoul.com/wp-content/themes/SNavmh60gxje6Rii.jpg

# Reference: https://www.virustotal.com/gui/file/2b8678fa955d08b909a9068aad612ed566a9a98c0476585770f6d1c8dc0c3f9e/detection

141.255.144.58:1604

# Reference: https://twitter.com/James_inthe_box/status/1406995650307256320
# Reference: https://tria.ge/210621-g8zj1sp5j6/behavioral1

88.234.171.239:555
asc1.linkpc.net

# Reference: https://www.virustotal.com/gui/file/227f44cda2b2f73785a5ae5b258fe818dd3302ce533aa50837ab21d99cb8219a/detection

185.244.26.217:5892
exchangexe2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/068a691ba494e231b27af202af806ff1daac8b660993678a4c0b73ffc8a2d242/detection

185.140.53.169:8970
8970.ddns.net

# Reference: https://twitter.com/ps66uk/status/1407090099699994626
# Reference: https://www.virustotal.com/gui/file/ca8929421ca89c108483865008ee79bd23e3386b899ffebdd897e1d072ad9e92/detection

172.111.244.39:46422
172.111.244.39:6578
leechong444.ddnsgeek.com

# Reference: https://www.virustotal.com/gui/file/14a78e85a9719b24dd71fa5cded55f59c14d45211a18bf89f5196cd2e0cd45e5/detection

83.252.99.10:8080
keyloggerhacker.ddns.net

# Reference: https://www.virustotal.com/gui/file/a72d1d21eaf2f89f06ea807db188ee0e4c6ada5e966568d8543e4c3dbd5c7c73/detection

135.148.134.17:8080
