
# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/ScumBots/status/1088825084125401088

0.tcp.ngrok.io
144.202.70.19:1212
194.67.209.128:9999
91.160.178.111:1982
94.237.28.110:1212
morfey888-55156.portmap.host
nerv7.ddns.net
newnewlt.duckdns.org
ngrok.dalao.pub
office365update.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1109090811801673730
# Reference: https://twitter.com/blackorbird/status/1099940318026186753

holydns.warzonedns.com
projectblackhat.com

# Reference: https://twitter.com/P3pperP0tts/status/1098968156125696000

doverenewables.watchdogdns.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1112446136911048704

netpipe.warzonedns.com

# Reference: https://twitter.com/P3pperP0tts/status/1192365962332459009
# Reference: https://app.any.run/tasks/ca1539a9-7e4b-4bbb-a25a-cb8202ac0985/

185.140.53.93:5118
xyzass.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6ff74cd439a1ac27f495a78e2d9a4d90d8d78c9a2a1f5cf8371c93f9d7b0f714/detection

185.217.1.190:1337
185.217.1.190:1338

# Reference: https://www.virustotal.com/gui/file/372bf82bf81274f9f246d4392f88e148de31c6a1fd4e43e86afb0c76b96fc376/detection

79.134.225.77:5118
oxcds.duckdns.org

# Reference: https://app.any.run/tasks/927fdec0-3dd3-4da8-8e4e-3fd632c5589f/

79.134.225.31:1212

# Reference: https://app.any.run/tasks/296c5277-7954-42ac-96aa-f5955d2dfff7/

139.194.4.144:6444

# Reference: https://app.any.run/tasks/0b56092a-39bb-4c79-b379-dc63de439033/

141.255.159.36:3301

# Reference: https://www.virustotal.com/gui/file/af8b797b7d4710b273ba35952f445e308cd1644a1e1530487d40c1a439a2be95/detection

91.218.65.24:8888

# Reference: https://www.virustotal.com/gui/file/23b7968fb9289579e42123554ff58315e33a4b54edbf449f3b66ce3b15e73a64/detection

91.218.65.24:7888

# Reference: https://www.virustotal.com/gui/file/0deadc5f74d3e5b33a8743a1c41a5a67fe43b7e2ceda98ecd1cab4e855d52d4b/detection

39.35.192.117:5643
codertricks.zapto.org

# Reference: https://www.virustotal.com/gui/file/b2c19cbe6c6f97b987ee5f38d4e8af4b259b9e2ddcb07ebd8e7b5cd981df6806/detection

5.253.114.116:8052

# Reference: https://twitter.com/ScumBots/status/1251919136210518021

193.161.193.99:33011
luisgrace000-33011.portmap.host

# Reference: https://twitter.com/malwrhunterteam/status/1260573461312950272
# Reference: https://www.virustotal.com/gui/file/3d56b121b85ea111f4e92b31f69c3bf9b10962f4dc3a1724029d8087008ad1a3/detection
# Reference: https://twitter.com/malwrhunterteam/status/1260573461312950272/photo/1

194.35.114.8:19001
194.35.114.8:19002
194.35.114.8:32552
194.35.114.8:34443
194.35.114.8:54000
hustleking.myddns.me

# Reference: https://twitter.com/ScumBots/status/1266690144016437250

91.193.75.22:8989

# Reference: https://www.virustotal.com/gui/file/b7068ae57689865398f221590abf6e2deb0607c775571a2cf16d8ca91c9c67ec/detection

173.46.85.68:2017

# Reference: https://www.virustotal.com/gui/file/d88b39939a162d699d12e9f317d4c8e6ae94a2bcc6318524c39e86c547da7726/detection

86.99.25.192:8989

# Reference: https://www.virustotal.com/gui/file/520108930b7f633761bb877605a9c21005f4cbf1a4ab2d0548a73294bc208238/detection

193.161.193.99:57830
mememigg-57830.portmap.host

# Reference: https://www.virustotal.com/gui/file/a0240fcf4cc43ae636bd6ce76110aefa52961b8b65ed48e007dd58ddf032cdeb/detection

193.161.193.99:50006
simon123ac-50006.portmap.host

# Reference: https://www.virustotal.com/gui/file/57702328585c0065461abed0ec07916b7176c8679a519a3714a7887743f7cc15/detection

193.161.193.99:42607

# Reference: https://www.virustotal.com/gui/file/efddb8625f7f35e91fad6672c67fe3c5073ba036d95e640de966fe68025afaff/detection

104.211.119.95:7777

# Reference: https://www.virustotal.com/gui/file/47bf790a982f69acdab7fa7a667d247099c56ef6e05c0150480080bb20f02a3c/detection

164.68.122.235:1212

# Reference: https://www.virustotal.com/gui/file/548a083bdc818bbd1525d308c567f814f28e8bad1a3f97235f1c9c6b4fd14e20/detection

105.103.104.74:288

# Reference: https://www.virustotal.com/gui/file/256e129e32a9015ac139ec3f714264a526b587523a5645fb4398526a87f19f8a/detection
# Reference: https://www.virustotal.com/gui/file/5942b2182716e0c3844f5919316900df7e7d061f88529193511e343c7c4ddf3b/detection

194.207.106.180:8080
5.198.38.68:8080
callumssss.ddns.net

# Reference: https://www.virustotal.com/gui/file/8b9fd93906cbfe3753c41220bc9ad789d0cc7f279ccb223b7ced9e965a544c52/detection

71.28.247.154:8085
niggerssuk.hopto.org

# Reference: https://tria.ge/210609-sqlka9lans/behavioral1

ipcheck.servehttp.com

# Reference: https://www.virustotal.com/gui/file/439551a7fe9f22c4e56edabd991a81ffcb5989393317f7bb496f5d543f3ba975/detection

176.136.47.220:1605
testingvmz.ddns.net

# Reference: https://www.virustotal.com/gui/file/ea19c38f8a2c0eb0033242679c4bb5cc80d40ed636af56d0dc859abcba56656a/detection

193.161.193.99:26626
hackerhi2-26626.portmap.host
