# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/malwrhunterteam/status/1240215543480750082
# Reference: https://www.virustotal.com/gui/file/f3b0aa7d9664258c9e1783289c4fc56e05b23e3eb9a3557f55733806564deb73/detection

45.142.212.126:6677

# Reference: https://www.virustotal.com/gui/file/d920f89a4d8ae2f2cc597779c57e515c0f9451a66ecdaeef35169f6d0a43a35d/detection

176.57.69.250:6677
goldfrommadagaskar.pw

# Reference: https://www.virustotal.com/gui/file/1bd9e1a6c02737ffdfca1d3c32985361a5c5bdc5da7cc2593291650eb32dd15d/detection

204.95.99.26:6677
zyzoom007.no-ip.org

# Reference: https://unit42.paloaltonetworks.com/how-cybercriminals-prey-on-the-covid-19-pandemic/ (# RedLine Stealer)

covid-19-gov.com

# Reference: https://twitter.com/jorgemieres/status/1255243161099735046

192.154.229.100:6677

# Reference: https://www.virustotal.com/gui/file/56f4a42801fab4c065a0cf4d34ee6d476419d7ab5570268d811cbfbdfa6f7e5e/detection

45.142.214.84:6677

# Reference: https://twitter.com/yusaerguven/status/1263470947706773504

xalonndoth.xyz

# Reference: https://app.any.run/tasks/2e6b708f-3add-4428-9f4c-f087874050a5/
# Reference: https://www.virustotal.com/gui/file/f6c756d3b2667ac43f733489fffd65d440ea62da586eb792877dcaab2074873d/detection

http://45.66.9.166

# Reference: https://twitter.com/iamwinstonm/status/1275548216470233092

http://45.76.21.56
yy31t.chokun.ru

# Reference: https://twitter.com/James_inthe_box/status/1283383567028908032
# Reference: https://www.virustotal.com/gui/ip-address/198.23.172.50/relations

http://198.23.172.50

# Reference: https://www.virustotal.com/gui/file/ba8d3d5d0d4b0d2178ea3ed1ff72e49ac8f6b608aac2718c6cf9904390dbeb80/detection

http://45.142.214.206

# Reference: https://www.virustotal.com/gui/file/aa30299c8266809acb727ef5ec89a80f0cdbcc848550607743f256438f00e398/detection

http://178.159.43.68

# Reference: https://www.virustotal.com/gui/file/96f235bfbc90b71caa6e4da9a3d73d33a035d944f80f9c53afc4da0ee1a10fce/detection
# Reference: https://www.virustotal.com/gui/ip-address/80.89.238.64/relations

http://80.89.238.64

# Reference: https://www.virustotal.com/gui/file/2d52cbd88d34e2928831164fba18a62dd72ed96927059feca90941c38f45e0d4/detection

80.89.238.64:8080

# Reference: https://www.virustotal.com/gui/file/a14148130d16c614e137f9aa0d4a24c09136db6b21974a594df6770b9b1d922d/detection

80.89.238.64:8087

# Reference: https://www.virustotal.com/gui/file/74110b6941ce18add7a009279ce36b06917c66025734daf729bc8bae7ec49cb1/detection

80.89.238.64:8990

# Reference: https://www.virustotal.com/gui/file/070967deea1294d9f3ae5993cc6d9c8bf5d800640b1477944838c02a5613e23d/detection

fragly.top

# Reference: https://www.virustotal.com/gui/file/54567d476e085f5aa1ba45e0b80e7eec75337d93de996f118da592b93b144c8e/detection

3.127.146.248:6677
a0438890.xsph.ru

# Reference: https://app.any.run/tasks/101376ff-5daa-4b49-a1b9-fb391c852079/

http://95.181.172.34

# Reference: https://www.virustotal.com/gui/file/4f0c8558a81e024b9248403a05a3aa50163da44d9e966822acc77926aeb17abc/detection

http://45.142.213.244
45.142.213.244:88

# Reference: https://www.virustotal.com/gui/file/409d53cfaf4e43f9257c281b2026fe075b5459d1bb19e5eb30d8ff75e882689c/detection

45.142.213.244:27016

# Reference: https://www.virustotal.com/gui/file/9a234c43b87d16370414c22b3b2f37f2f92f86da711fab87e392eb1fbc9c0cde/detection

45.67.228.55:27016

# Reference: https://www.virustotal.com/gui/file/4759a80ce3801139ad2972a42e524a728c2b19d9c6a9d82d7a52ad2742bf9d0f/detection

omilonian.club

# Reference: https://www.virustotal.com/gui/file/cbbffd737dab38f3f637a532e210273f295243fd83a130003d36eb0689df2282/detection

dirtate.club

# Reference: https://www.virustotal.com/gui/file/4b6956cc243efb50c75fb740540bf1ec648ee56433e9868d85751f3677e50bca/detection
# Reference: https://www.virustotal.com/gui/file/3b942a9b290020ae3ff94d7af18dbe23669cbfb1d9e16272048ebcc88117cf8d/detection

http://159.69.40.187
j1093145.myjino.ru

# Reference: https://www.virustotal.com/gui/file/89773ed5a0fd438d9c7d86da129b19d945be5696b736314739a2364839a3a2b4/detection

74.208.166.46:22

# Reference: https://www.virustotal.com/gui/file/9da816bddae582a08537dd5804549c0b2cf594f4ac2f9065d242d61e41d78259/detection

rrkimal.xyz

# Reference: https://www.virustotal.com/gui/file/029ae517a07624221886a5f2e15bbbecff3d2afed842e4b52eafaec1409f87d7/detection

haroldreadlife.info

# Reference: https://www.virustotal.com/gui/file/0687165c7a9b105319ada7d1ea051a4852a5b2f32c81a322e6af98d0db9d9257/detection

http://195.161.41.183
185.153.198.216:35253

# Reference: https://www.virustotal.com/gui/file/276a4b8565a2cf1eb94e998cd025cd1cc961e034464206f15f0bb1d9a6da27bd/detection

4hzp4c.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/e7b4146f9277fee3e790d8d2d83f9f1fd2d1e263b3eaee3dce79f03f1dcf20af/detection

http://81.177.165.192
8hjbhuh.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/c07df4766d20cd66406250d96e6b4c3e632688c784caec6f780387686117ddf5/detection

recipeskitchen.info

# Reference: https://www.virustotal.com/gui/file/206f7d63fc4fedf05a3880eda3671b2338ba2cebeaf1a58f65d7a7bcdb68a2b8/detection

http://217.107.219.68
217.107.219.68:35253

# Reference: https://www.virustotal.com/gui/file/d86500e2e0bfb50d01b7836ded1cc2e4573152a66819b487e1a188694f7098eb/detection

elerinomi.xyz

# Reference: https://www.virustotal.com/gui/file/93e56b013a5c3b7125ed9dfbce83683cd10c9507fe7c7039bdf498926b7f6776/detection

http://195.123.241.230

# Reference: https://www.virustotal.com/gui/file/487b0a4a808b62ec9c1ea73ff12e5307ba02c0d07339feb8f8aad79f429eb9f8/detection

http://185.153.198.216
http://193.38.54.91
185.153.198.216:35254
193.38.54.91:8080

# Reference: https://www.virustotal.com/gui/file/974b11810776fd4496f5ca9a8b5d0b67e7f713c289477f2b09973a26f2ab82af/detection

http://49.12.11.188
j1093144.myjino.ru

# Reference: https://www.virustotal.com/gui/file/cbec9612f5b1c5379fdc3d746caff4a4b5695b3292c6099700ab63c6bd45bdb0/detection

195.2.70.204:35253

# Reference: https://www.virustotal.com/gui/file/e99ed0cb6113a0b1713147da8ba391315cd7eeecc69e95dfd651bd5966d97eef/detection

http://179.43.170.130

# Reference: https://www.virustotal.com/gui/file/fc62c32a79b9d84ad82c08d5197df46e0699c94282c24f9f4df6887b9b6c62e6/detection

http://195.2.71.122
5v78i24.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/75731505d87f120fc84cd1453a5249de96f6633613b3dcbdc1ad2fdbe9d0a673/detection

http://80.208.231.136

# Reference: https://www.virustotal.com/gui/file/a28cab7a918a6d7b70304aa304f18ab4bee134bd4c1558e7ecf85533158671da/detection

43lox5.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/f13d0d8fba18fe459fb352640410b4e259d78afd37d053e97fcc3bc366be629e/detection

http://195.2.92.164

# Reference: https://www.virustotal.com/gui/file/42e142781db3adc5da9a6072c51c9a2258e42ad2ec9e362503e172443b72062c/detection

http://212.162.148.15
3f6mm0.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/6afc908999cba554d911d760c5d4dc065fb72d06dcecd7e599035833332d910e/detection

http://93.115.22.96

# Reference: https://www.virustotal.com/gui/file/d5200ca81e04d0d3e23fe9f35cde3f7ceef75e0ac5f5e5df710c30761de46a82/detection

http://45.67.228.55

# Reference: https://www.virustotal.com/gui/file/803829f97e020d3d5f35bd9fc11568f54ca7ab01394053e8ade7e5e299f3263e/detection

http://159.69.249.205
xuriq.makeiralone.ru

# Reference: https://www.virustotal.com/gui/file/9c3d3d932f2cfd6b1278e544ec50fba691fb3372c808ad4ce83c182ac596eb61/detection

j1093151.myjino.ru

# Reference: https://www.virustotal.com/gui/file/bc6cf1a2f555a8c40590edebdf5f62a36ec96c637d192ce3777797c22103a336/detection

http://195.161.41.119

# Reference: https://www.virustotal.com/gui/file/77b6705f4dbf707dc4c28ee59f58c5d7ae3a452c6a05a920cd07034dce05bc78/detection

4xnnbwh.aletitself.ru

# Reference: https://www.virustotal.com/gui/file/4ad6224ad13d804a0e51b000f1d3d8467bf3fd92adae42181505dad425fc3c16/detection

wcmj3.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/86582d84d6e4b1321431c74645528727169c1af9b23d396abaeeccc9adbbe7ce/detection

http://45.139.236.84
45.139.236.84:35253

# Reference: https://www.virustotal.com/gui/file/6d3d3f597ccdc42b0944f4fcbdc679a7aa431b726717d8ddea75433e0feb0480/detection

26geyw.makeiralone.ru

# Reference: https://www.virustotal.com/gui/file/d1a5e0e77ac5fcc92e382632e7aba769ddc8c579079e9b87752844b9f47afb66/detection

zphy9.mydepp.ru

# Reference: https://www.virustotal.com/gui/file/67582fe3899bf3660787599bfca689a22fb68401ec59e35b147fdaba61f23063/detection

http://49.12.104.203

# Reference: https://www.virustotal.com/gui/file/6225c71091ec37b9e09972c04738a81212a51adeab87ff7a1a3bb7b150268026/detection

tq5d.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/09d5ddcab205a8a1a7dc89eb59388fc5ac860d8bd907e8652244ff2bcf00929e/detection

643yrw6.regfrodom.ru

# Reference: https://www.virustotal.com/gui/file/5d19f63183cbe6d2fa0c5f583d7eea04d4b772c00856beba98085ccb1cc513c4/detection

k12.regfrodom.ru

# Reference: https://twitter.com/JAMESWT_MHT/status/1297878628450152448

95.181.172.34:35253

# Reference: https://app.any.run/tasks/a407ad1e-5b05-496d-8f95-6dda9d511dc0/

bolarie.xyz

# Reference: https://twitter.com/JAMESWT_MHT/status/1322845872544194562
# Reference: https://bazaar.abuse.ch/sample/b3cfbb058c0ecbd7da7f5bdd740fa729f7b0d9cf61f93b32750ce06745abc24c
# Reference: https://www.virustotal.com/gui/file/b3cfbb058c0ecbd7da7f5bdd740fa729f7b0d9cf61f93b32750ce06745abc24c/detection
# Reference: https://www.virustotal.com/gui/file/446edc0d1f7fff55b43dc47d935ac4c8b4ec345a5edaf90f5ea2122d3137f19b/detection

avscanner.site
marscleaner.site
fatfarts.com
solarpwr.ru

# Reference: https://www.virustotal.com/gui/file/fc98a2d606c58b8d7c318b470a77c342b290d1dea2da32d2f9648cbeddff9143/detection

banesys.xyz

# Reference: https://www.virustotal.com/gui/file/d0056dc81acbc4ea4fa63420e780f58beba75a1d5ad1111e3194689f9d241120/detection

2.56.213.140:35253

# Reference: https://www.virustotal.com/gui/file/f7a125635ef310828bb6268a833c825bf0d8dbc3917524a7d568ec8e0977ac7d/detection

45.141.58.213:35200
loveland957.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1330817468424708097
# Reference: https://www.virustotal.com/gui/file/0d5bfc0c20d8142640a572b53e611015b225c0312faac51006c299e59a061a8a/detection

http://95.179.148.51
95.179.148.51:35200

# Reference: https://www.virustotal.com/gui/file/7ace2e47f0da1dc1e67271229b77429ea7b09853f94cf034fd2ebc838e8f3f42/detection
# Reference: https://app.any.run/tasks/c635f3bf-91ce-4b8f-9656-975785309f22/

45.150.67.5:35200
s58s.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/58ccc1924fab52eea591a2259d3d2d5b9b71b826f73d2ad44c8a978a69274639/detection
# Reference: https://www.virustotal.com/gui/file/505480d98283a5b8eb3b59da40bbd87ccd0c87a3ee17967a01f6bc77f85a7bb0/detection

i1.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/4e47e31a1e3be59e4dad30afc9ebe982d63a4744639173ce1714b483c7d5097e/detection

8lyo1em.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/749779f774ba19e92898e12efe456f817dd2c7a28bd39996a94bb0982c47d228/detection
# Reference: https://www.virustotal.com/gui/file/4c52abff5124e2f083461359f36f0e80cf278124175c513a2219c7e2bbb403ca/detection

4nmb2f.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/a0028ba2c7d5692b05291ab737ae30afe27db4c70221ffde0c987c3ce6f44de4/detection

rzbk.puanp.ru
univialan.xyz

# Reference: https://www.virustotal.com/gui/file/50c123fb7a5375bdefa79954ea6004557ab44a5cc4539a44b4ec0781998ec279/detection

45.142.214.15:35200

# Reference: https://www.virustotal.com/gui/file/c3a9fbfdac63bd430d676fd00b17e0b8594bc6d0e65d4961abc011485bc791a6/detection
# Reference: https://www.virustotal.com/gui/file/b3f6769773249be4fc2099e0c49cbf4f338e871764f98cfbaac393476318efdd/detection

139.180.146.6:1524
http://139.180.146.6
w1azp.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/9850bb21544a0375948ab304014fbad4d3a9bbd7289c5ca42de9447298ff8bce/detection

piterpakrework.info

# Reference: https://www.virustotal.com/gui/file/c5a2167d4f12dc79ff66922a7e831220238e787f98386cc1c813ac05a5de37ad/detection

http://87.251.71.88
7qxlq4x.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/3918fafd28e4bc2e79d4c2c3813c930a29d7d547a601c755c1d92331dea32303/detection

185.144.29.169:4898
ni0.puanp.ru

# Reference: https://www.virustotal.com/gui/file/ecfccb38dafd7a68787fba8bec49fa35cf8ea0a6b05b86acc7d1bc3b1338696f/detection
# Reference: https://www.virustotal.com/gui/file/7f9a8d9625a8cc588517f5d1e460b85db1ba571b3b5e8291dff141b77194de07/detection

138.124.180.175:35200
52p666a.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/4f210f1d93df30ac3aadce50e30505efc0bf2e60ee86048a5cc8ad062dd90dad/detection

htpdi.ru

# Reference: https://www.virustotal.com/gui/file/88cc6bfc643dedc34cb9fccd86f0cea599824b2b2095eb3596562e708fb78f36/detection

45.144.29.87:1195
o23.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/4f47e4807dcac7a4937c7965b35de917b0615e79698d8246806b3d34bf42058f/detection

168.119.121.41:35200
5.252.194.139:35200
j1118490.myjino.ru

# Reference: https://www.virustotal.com/gui/file/294a004c549914c140983de8717d053e0637994bd08c1763820d6d9a21f1fce1/detection

gc.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/9d9bd21d06e78c427c294410a7799ce6a058b4c5230b55669fb7f83af273c6ab/detection

http://93.115.20.250
1ioax6.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/08a123f5a2182eeafb1fd72cfb659e959d78e9222a63c9ef84ed62e2753052ec/detection

8evknfk.puanp.ru

# Reference: https://www.virustotal.com/gui/file/0773af8db04a5c0d400f13a6d0f7d071fc3b82b93d6b099cd4b7c3f3708f056c/detection

3bvmyz.subbir.ru
yoreanan.xyz

# Reference: https://www.virustotal.com/gui/file/59556af8b735f061c760947644536940b0a4c88a5af608bf4cdad28e234c8f83/detection

72ac38q.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/1306b4761ccf503919cdda75b4360f25c5b68f664c404b766740114fc9b7dc85/detection

udp3.puanp.ru

# Reference: https://www.virustotal.com/gui/file/08eb269d6c3bfaf4d3cde53a987e0adc96a171235d3c34e3c6e9422920e793dd/detection

http://185.153.198.13
rgvq.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/50c123fb7a5375bdefa79954ea6004557ab44a5cc4539a44b4ec0781998ec279/detection

4wqk49.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/f7dbd623d406d873ce55897d7ac498d5d4a1d6ea21977b9fa6c5706304b9ed00/detection

4jmxoa.subbir.ru

# Reference: https://www.virustotal.com/gui/file/c03873769ea8145738ec2c73fb8210f4cfe5d24ece2f62184ae18b86d67c057c/detection

135.181.170.172:35200

# Reference: https://www.virustotal.com/gui/file/be63c5b03643c69c93022467c742f41748e42ab93bfc81c41856729ceb71554e/detection

qqu2.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/1275562d0649464260ad7346739d6e006fbf0556fb829d42800e088ad3b64b45/detection

f7.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/07131d1d78e385d8f41ecaf56cc69fdb29bbfa171c7785b00489c9f9c25599e3/detection

2.56.214.31:35200

# Reference: https://www.virustotal.com/gui/file/e7111acd60f1fbe98eac7e7ff9215b34758257a9badf2fe02ce8d39a1d0a3b73/detection

c.subbir.ru
jx.puanp.ru

# Reference: https://www.virustotal.com/gui/file/d9ccd4ee8088ff64bff8589070ca44905754da2707c0afb9de753d9d38fd6f9c/detection

95.181.155.204:35253
a.puanp.ru

# Reference: https://www.virustotal.com/gui/file/01062222fcf001cc384406df80713d0b1b98daf2d22e8e362489a6949210ffd4/detection

8ogmcq6.puanp.ru

# Reference: https://www.virustotal.com/gui/file/f2bd72ba73945d222c4926b283989470496b401e5710a1648f9f56ab7986492e/detection

c.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/804f3fdb4418931a6d012454ec03223ef5d790a23b12178da818ac67518b45bb/detection

94.177.123.237:35200
http://94.177.123.237

# Reference: https://www.virustotal.com/gui/file/2d2a494f761dcc19ea6b436879c11a9cd5ab04278b227136a7400ab0e41be743/detection

168.119.153.70:35200
http://168.119.153.70

# Reference: https://www.virustotal.com/gui/file/3b29fba829ff5dd4302df9677afe95834aed420a3ab55ef3c2af073017baef32/detection

159.69.35.97:35200
94sb341.subbir.ru

# Reference: https://www.virustotal.com/gui/file/28b42afa0f57a32f9570b828c78816904e30c2c9fe375245d7a4697f9fc00976/detection

188.119.112.47:35200
uv5l0.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/21c532b3140b7141251e85c65f4570dd9e4734c539f895638cab18dbf44e81f4/detection

j1118489.myjino.ru

# Reference: https://www.virustotal.com/gui/file/1df8267dd9ce51b8ccf14a1e06ff7b592e5530e711691d472c927034c46e4eca/detection

hf.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/3280540ae8b952dcb6d6ae152296c8f16f7d623490de7d6903dd400c346b1823/detection

http://45.67.228.250
29zghs.subbir.ru

# Reference: https://www.virustotal.com/gui/file/9fd9e221b5df01d174146d0a88f66600370216ac3d88fb6db8a3639d16d09d0d/detection

188.119.112.224:2581

# Reference: https://www.virustotal.com/gui/file/9901d2a24460508bd010bf1944727516ffb308c28a1efea12fe63e72acaf9cd2/detection

http://95.181.155.204
6srudc7.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/a1e3d4da3cc10b983697f02d2184e060998026c55fbf9e4b5afbb77cbc77ba2d/detection
# Reference: https://www.virustotal.com/gui/file/145bae0149a58edee8a8254ff3ac9a6d4b2ccb59b78c1b9cf53dd31fa7c24113/detection

45.150.67.34:35200
http://45.150.67.34
9brv2vd.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/ce7a10844b3230e848410c58ed5e71309b3cb6b35df648cef4dd787436fc0189/detection

kcj.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/2108a24632f3c3c9cf7ec40bfd020dca9affa6d0aca41d2e76a80d167c0923f1/detection

g5.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/9eb28569e5108dc54581385ba4f7dc90ddffc6e53ee1940ef6546b827319b4dc/detection

79cfu0n.puanp.ru

# Reference: https://www.virustotal.com/gui/file/bc83115007b82b120ab3371136658e2bff388ffe6f54471b44d172ce605ba058/detection

188.119.113.20:35200
http://188.119.113.20

# Reference: https://www.virustotal.com/gui/file/f5115ca7397b49441a77cea1dafabd849971d41ed0e0f60f6fe4ccc26d5b4868/detection
# Reference: https://www.virustotal.com/gui/file/c0d04f87398a9af33e156813ce38572a447ec1999440bde836a605510e2c83a1/detection

135.181.111.110:35200
45.144.29.58:1195
http://45.144.29.58

# Reference: https://www.virustotal.com/gui/file/5c399d5ff7178119a6b3fc3fa597cf7af8f0596517470a42434683574bf5d99d/detection

49.12.79.198:35253
http://49.12.79.198
is.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/f5998c484f87463cc04aaa8ced6b548863d52b95b471b73edcddf54b32333d56/detection

185.107.237.53:35253
http://185.107.237.53

# Reference: https://www.virustotal.com/gui/file/100e040d5cff64538d4a787561042383c68438502632dd1a44433196fd4f8496/detection

2.56.214.31:35200

# Reference: https://www.virustotal.com/gui/file/b2031f84e618d24377831cfe2639e9bc979f0de22f7dd8d3a30575e0eb3e7a25/detection

7lls84p.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/9409ca81b94b456d58c5d7221f7e63d56c6138dae8259a605423fdac7c8e111f/detection

tallipere.xyz

# Reference: https://www.virustotal.com/gui/file/e5e31dc2eabf77b13a496b0abab78e285ae11eb94f7afc71224c559ef59e5fd2/detection

zr29n.subbir.ru

# Reference: https://www.virustotal.com/gui/file/f435aa6b2acbabae5380c5a7be7680567e06e2a7617cd557f11f5896b64f66a9/detection

45.139.236.16:35200
wuqrx.stjbg.ru

# Reference: https://www.virustotal.com/gui/file/8825eebf3e19804f89d438aa971ccf8335cb70724e76057c70f0a5cc3257d72c/detection

npe0.ibidazn.ru

# Reference: https://www.virustotal.com/gui/file/41885c175733f5df1372a3f8812c3e66db547bc6efbc91e3e92dc3df4da7e6ba/detection
# Reference: https://www.virustotal.com/gui/ip-address/94.140.115.156/relations

mardarem.xyz
qileilaro.xyz

# Reference: https://www.virustotal.com/gui/file/519d1f80db167258cb18fbf2780c2a063ce08b362fb321b2e43d0e21337f605b/detection

s7cd.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/a0e6eb32d87b13bfadae56c82e41444d03e92dd882d0693edc38f40410d61601/detection

5scblnq.puanp.ru

# Reference: https://www.virustotal.com/gui/file/c8612c9da44cf8f88062150bace1aa6787dcecebc125856fe061b87307284b11/detection

mxq.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/38ff2e34e7b48b137c10cc985556d1be8f566f4252fa73e2a316c9584e55c92e/detection

j1118491.myjino.ru

# Reference: https://www.virustotal.com/gui/file/09eb0f2a3a32f28887a5438ff400c263e2247b6af78f73df809b40e3bdbc62c6/detection

z4xvw.subbir.ru

# Reference: https://www.virustotal.com/gui/file/250fa44d69942d88c917832591ef2d53e5942117dbc78c4bc49ee1032da25cf0/detection

9yvt40h.subbir.ru

# Reference: https://www.virustotal.com/gui/file/9d97472dc6349edf41e235de9e45beda91afc7fe493e0bdb39a2cd619f4937e9/detection

pg0.subbir.ru

# Reference: https://www.virustotal.com/gui/file/d40a3ec4da61672c31927b65f7829386154d5d9d3122367fec90c9a7edb7ee5d/detection
# Reference: https://www.virustotal.com/gui/file/0eb70fd1476d81dcf01cef53f0cc4f6eb2718c86722eb8a08667f929a8254430/detection

149.3.170.231:35253
173.243.112.96:35253
185.153.198.26:35253
23.95.85.239:35253
redline957.duckdns.org

# Reference: https://twitter.com/makflwana/status/1339732100497326080
# Reference: https://www.virustotal.com/gui/file/6dcb770e16f75716f0b123ebd34b68f6dd98aaa0ab7b4ec0a87461ff16fcdfba/detection

45.84.0.210:27018

# Reference: https://www.virustotal.com/gui/file/e205cb41d5af00b327b7fbc6112ccc6bda75b71ea68d6016050c3228e4955ce8/detection

86.106.181.211:35200
sl0a.holditbb.ru

# Reference: https://www.virustotal.com/gui/file/bc7025907debe969af97397a7e8cf7d3032f2a51873e1a550b17361f74b691aa/detection

j4l.nonakadde.ru

# Reference: https://www.virustotal.com/gui/file/b42b33ffa4b45bc81b71f13d89dc1283b155204913aa8362e99e9aa44366bfb2/detection

173.234.155.143:35253
185.238.171.69:35200
03rdk6.kayumina.ru
addstar.site
p4lq.ibidazn.ru
xp5v87.ahanuna.ru

# Reference: https://www.virustotal.com/gui/file/90dd420c2d134eed9cbec83d1754eb2ec7d9f675108c288222214890d5062945/detection

p361.htpdi.ru

# Reference: https://www.virustotal.com/gui/file/c2fd177d37562389c5360914d8674750d0e20986d57e4437073eb7a51b6fa8e1/detection

ncm.holditbb.ru

# Reference: https://app.any.run/tasks/d6bb5728-7992-492c-a3c0-3fd3fc5575bd/

168.119.126.136:35200

# Reference: https://www.virustotal.com/gui/file/90dd420c2d134eed9cbec83d1754eb2ec7d9f675108c288222214890d5062945/detection

p361.htpdi.ru
venepahu.xyz

# Reference: https://www.virustotal.com/gui/file/1f45245431fe82ce18d68f81e3cc6619e9190ae03f869dbd14dbabf5a0df2346/detection

193.38.54.44:6677

# Reference: https://www.virustotal.com/gui/file/3729cc0e9183d4e4e6e7c9b82311538cc4357e35f817c32791131cc62a32ae1a/detection

3.250.34.72:35200

# Reference: https://www.virustotal.com/gui/file/d048781928e542d4e2a1926a38088c53e45282f350bbd3ddec5bb02fa5c4f20d/detection

http://195.88.209.205
195.88.209.205:35200

# Reference: https://www.virustotal.com/gui/file/ed8fcc8188b4cdc148f4c4ba02572f1fa0d96ffda5ab4f6933d1611be190bd20/detection

http://45.67.228.85
185.140.53.37:1900

# Reference: https://www.virustotal.com/gui/file/c86ceb78c8aa8ecb5e96f7d44a8c593ef2c310102189366d4c0d35e80c0115c9/detection

dovakl.xyz

# Reference: https://www.virustotal.com/gui/file/c277d8c504ae1630a12647c17febacdeec9b945e6c0dd3de13d77e1b19e152f8/detection

80.209.229.192:35253

# Reference: https://www.virustotal.com/gui/file/3d38447751fa697d5555d6105dae910095a2d707d3cbafe74e1b5fedc320ea02/detection

http://138.124.180.103
138.124.180.103:6677

# Reference: https://www.virustotal.com/gui/file/6562d614d287aa4a3ae744b8e7b369a83f98186341bad59115362f6547662b87/detection

45.150.67.47:35200
5.252.194.139:35253
5.61.48.187:35200

# Reference: https://www.virustotal.com/gui/file/7cd263c6c0cfc519ded0b5d4a81611c1a705d7306644ac136af244ba49e039e8/detection

http://138.124.180.103
138.124.180.103:6677

# Reference: https://www.virustotal.com/gui/file/a184c16338fac42c9252dd633adc8998d3807c2b0a6ec092f5236d0f672ff6e4/detection

http://147.78.67.95
http://195.88.209.205
147.78.67.95:35200
195.88.209.205:35200

# Reference: https://www.virustotal.com/gui/file/b7a16329d7ca5a5ff38f6d424b426f33a29e1fff8490016530a7433134b391f6/detection

147.78.67.95:35200
185.248.100.191:35200
5.252.194.139:35200

# Reference: https://www.virustotal.com/gui/file/6efa18e06585b385b74ad9805626c5a2111ccf84cfbc671c570aed1063aaee62/detection

http://185.153.198.36
185.248.101.89:35200

# Reference: https://app.any.run/tasks/8071b4b6-d714-451c-974d-7408ede5c189/

95.217.250.25:3074

# Reference: https://app.any.run/tasks/4b0b368a-f358-4319-b2d8-2e73038292f2/

bilirtylo.xyz

# Reference: https://app.any.run/tasks/400b4c57-3456-4fd5-8cca-39c932931679/

gysmetze.xyz

# Reference: https://app.any.run/tasks/17f4822f-1458-402c-8bae-bacf0407351b/

45.147.230.79:35200

# Reference: https://twitter.com/JAMESWT_MHT/status/1357636864157634560
# Reference: https://pastebin.com/huuZNhcH

45.33.89.196:81
45.67.231.50:81
178.20.40.83:81
185.250.149.233:81

# Reference: https://otx.alienvault.com/pulse/601fd7724f7fa4e61de64741
# Reference: https://www.virustotal.com/gui/file/2fef5d56e1f31582e1d6f1693634c29e42f7ba5ff2997f4f7ec6704388559439/detection
# Reference: https://www.virustotal.com/gui/file/999c372086c7675936d59a123a2dfafa6e4be906e62950126bc2bb0234c43413/detection

19cdd.utsukushikaini.ru
orinenia.xyz

# Reference: https://www.virustotal.com/gui/file/21111940eab18ef660752aa518f6eecc95ee454a6af69b8809f0880d921b1f8e/detection

wornegmot.top

# Reference: https://app.any.run/tasks/1815006b-c425-426f-85cd-7049d7ab9906/

86.106.181.38:3214
2ke9e.uxurani.ru

# Reference: https://twitter.com/wato_dn/status/1362322209868505090

94.103.85.106:35200

# Reference: https://www.virustotal.com/gui/file/cc9f19572d3f795d0c8ef6b27637b14ff8045b7e39874b1cab13069d9c71d9ba/detection

http://178.20.44.143
178.20.44.143:3214
t0hb.uxurani.ru

# Reference: https://www.virustotal.com/gui/file/7b104a5471795edee469e975818adbe98e0bd5077269c62eba6720dfc36079aa/detection

45.140.147.121:3214

# Reference: https://www.virustotal.com/gui/file/faec65d1f24b2d1274db5a3039d58b66b2d97b9483ea9fe4a247a286c31f9e7d/detection

http://185.234.247.197
185.234.247.197:3214
v42.sldov.ru

# Reference: https://www.virustotal.com/gui/file/42a729ad71e53fdaf3827364a3ffe8398e78489d62b9bcd5c5f2d25d286b6f58/detection

45.153.186.104:3214
c.sldov.ru

# Reference: https://www.virustotal.com/gui/file/99248a018982e114235573812d225d219a2a14038bb857e963e1d23ae8d7e9cd/detection

45.145.185.127:3214
e.sldov.ru

# Reference: https://www.virustotal.com/gui/file/ce3b3f21f9673c5cf0c3925e6eb9532fe34aad9555c8057eece9e5ea29e1ae20/detection

45.67.231.58:3214
j5.sldov.ru

# Reference: https://www.virustotal.com/gui/file/a14fb42ce0bb182cfbaf6319ae29a96c81ba4ac195cba646ad899f63085e205c/detection

2.56.214.103:3214
vbi.sldov.ru

# Reference: https://www.virustotal.com/gui/file/1276508d3f174cd89e0c35054ab8bf79581b83c821a36c5958b6071d1835872a/detection

80.92.206.118:3214
pp.sldov.ru

# Reference: https://www.virustotal.com/gui/file/e401a949ac7801d662b4f05acb3dc55e604de12632f032c6efecbc607a848ba9/detection

http://80.92.206.118
80.92.206.118:3214
s6g.sldov.ru

# Reference: https://www.virustotal.com/gui/file/c7114a36aa57968aab7329de0ce98f1882a26afd6ee7d99d774f5821f80dc7a8/detection

http://86.105.252.250
86.105.252.250:3214
op.sldov.ru

# Reference: https://www.virustotal.com/gui/file/cbd5572a46685f16c81aa1c1b738ec7f8ace9069d9debe93de76bfad16f4d96e/detection

1m12.sldov.ru

# Reference: https://www.virustotal.com/gui/file/38e9eda271a1bbf27d7486fb5ebf88da22a92711ffb19a43b9519e512c336252/detection

87.251.71.103:3214
0cl.sldov.ru
5ur9mv.asubeshi.ru

# Reference: https://blog.talosintelligence.com/2021/02/threat-roundup-0212-0219.html (# Win.Packed.RedLine-9831330-0)

jelonaki.xyz
kapesteis.xyz
ronamei.club

# Reference: https://www.virustotal.com/gui/file/622355bac67fa35d2367c93ef6491e2baaf4c2ff8a8ed75ab23ca25ceeba4b6b/detection

37.252.5.213:6677
zmjj.doshofater.ru

# Reference: https://www.virustotal.com/gui/file/7c8b8fe872d1c7ea1edd0f808c08b0d61d5c5599461695f486b661730607570a/detection

http://45.67.230.60
172.104.79.63:43
192.0.32.59:43
45.67.230.60:3214

# Reference: https://www.virustotal.com/gui/file/fd2086abf2e433332ee2cd656d6899c08e0d1555eda59c90f6670f8e2378334a/detection

40.124.50.181:3214
redcompo.hopto.org

# Reference: https://www.virustotal.com/gui/file/9e81297c900c7ea07b188d31e34317fcd8431271e49f17660a11130b60cbd079/detection

hasgtxbb.000webhostapp.com

# Reference: https://app.any.run/tasks/5fdcec5f-c7b8-4660-b39f-3f29defdd310/

94.232.44.45:35200

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365772605337272321
# Reference: https://app.any.run/tasks/6dbdd571-570d-46ce-afa9-be31243bcfb3/

87.251.71.75:3214

# Reference: https://www.virustotal.com/gui/file/291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca/detection

104.21.17.169:8880
voditelaux.icu

# Reference: https://twitter.com/1ZRR4H/status/1367948254944628736
# Reference: https://app.any.run/tasks/c4f3ae95-c384-4f97-abf0-570e70b73310/

80.89.224.252:3214

# Reference: https://app.any.run/tasks/2ce79039-efc9-44b6-8774-2e63aec21979/

95.181.172.238:3214

# Reference: https://twitter.com/pmmkowalczyk/status/1369670369829879810

denverbbq.net
gellyoema.xyz

# Reference: https://twitter.com/pmmkowalczyk/status/1370119344647249920

2xkgoj5b.nakadesh.ru
uhuua.ru

# Reference: https://twitter.com/pmmkowalczyk/status/1370800929558118405
# Reference: https://www.virustotal.com/gui/file/a19778657179c0a74cf22e6cefbd26dee57e6b65e552a50899f5172b0c9a74f4/detection

80.92.206.135:4264

# Reference: https://www.virustotal.com/gui/file/5916b4cb77fa0d3c53675210a85fc7058724c345e75b9c6427d2b8f0dd19394b/detection

185.4.64.199:6677

# Reference: https://www.virustotal.com/gui/file/32bd47f74329daa79e785f109d8351f7596659c3fdade6589ec5ae90b77d29fb/detection

ii.alabamasan.ru

# Reference: https://www.virustotal.com/gui/file/4071fddbbcd1201ca71328e9266fd1d63c80964503da17bc1cc69f9711103cd6/detection

lk.alabamasan.ru

# Reference: https://www.virustotal.com/gui/file/ddea6c32fbea5f2488e4a30cee1da96785e5dc8b1e5a6abe1a934862d556caee/detection

93.115.21.231:6677
f.saithingware.ru
jf.watashinonegai.ru
kt.saithingware.ru

# Reference: https://www.virustotal.com/gui/file/c1a7366f706c6a1800ce81399ffce1f042dddba1c8244fd679c9ce95d08ddde2/detection

195.161.114.43:6677
5ymk2w.amatiftp.ru
j8.watashinonegai.ru

# Reference: https://www.virustotal.com/gui/file/cd4bae9ff7319757829d451ef8f4c5ed56a49e5d32131e2b591c4202993451db/detection

104.18.52.215:6677
104.18.53.215:6677
104.24.124.192:6677
104.24.125.192:6677
194.67.71.52:6677
45.132.106.75:6677
andichust.ru
promo-usa.info

# Reference: https://www.virustotal.com/gui/file/f3b17d8e503d10d4aa35dd1832aab470d7edc629d3c4affad27a6f6ca54e01b0/detection

j1065947.myjino.ru
usa-load.info

# Reference: https://www.virustotal.com/gui/file/74ab7b0f07de3de8583448c6cc24b2ca14f649190dae8cf1b759c6141fd9a902/detection

qci.haudireadyfi.ru

# Reference: https://www.virustotal.com/gui/file/c027c1ae371596fff5baa6fc7da0d25281b031a4ab1e8209578e3c18dc97d2c7/detection

t41iu.justcankillthepain.ru

# Reference: https://www.virustotal.com/gui/file/0ddd7d646dfb1a2220c5b3827c8190f7ab8d7398bbc2c612a34846a0d38fb32b/detection

66.206.18.186:6677

# Reference: https://www.virustotal.com/gui/file/2e99c313e0c650e1550099cda6493a1896741c8ca294b201d2f2edd5238cdb7a/detection

213.166.69.6:7779
45.132.106.75:7779
95mxtw.kseignait.ru

# Reference: https://www.virustotal.com/gui/file/4aebd2918942c4d01076cd9cb47402c5b8c61e14e86a397488d1abc2e444d626/detection

ri4m.justcankillthepain.ru

# Reference: https://www.virustotal.com/gui/file/10cccfc51b88898e64d5df015f8ee2c1d4815d174ad30599aaa7c89090882bcf/detection

h1.iwakalong.ru

# Reference: https://twitter.com/4chr4f2/status/1378196386529865730
# Reference: https://app.any.run/tasks/cb9e66fb-f03b-415e-93ca-c10fdd23f941/

51.195.108.215:40355
85.208.186.172:8080

# Reference: https://twitter.com/ANeilan/status/1381605134115954691
# Reference: https://twitter.com/ffforward/status/1381610525260451846
# Reference: https://www.virustotal.com/gui/file/7a7faa8e5954aa27f3d16454c25cf86af9cf20434f98f4db3479d22132c0f57b/detection

joinclub-house.site

# Reference: https://www.virustotal.com/gui/file/b26a0f386cacda560b3e32d60144e5570fd87c809ed06a237708f72782c8d6cf/detection

git4you.ru

# Reference: https://twitter.com/dubstard/status/1387781798353068039

bincoinbot.com

# Reference: https://tria.ge/210507-5gm7t8k8ds

77.232.41.231:43981

# Reference: https://www.virustotal.com/gui/file/8d730630389f403985ddbff2c9617c9b9ca9fd4ad0c9ee5d9fceeecc44356340/detection

http://157.90.162.135
157.90.162.135:35200

# Reference: https://www.virustotal.com/gui/file/29b9058449c81cf5aaa57316c620d80a48e2161d583c6e9351b8c44899315505/detection
# Reference: https://www.virustotal.com/gui/file/25214117747d585b843f9eb5e135fd31feb88898bfef69b184f9bd4fcbc7d5d3/detection

http://185.234.247.183
185.234.247.183:3214

# Reference: https://www.virustotal.com/gui/file/0e23f525007e9be46b85d1c6dacb16579c8555221867eee619f3f5f0f5ae660e/detection

http://188.119.112.16
188.119.112.16:29931

# Reference: https://www.virustotal.com/gui/file/90a6fcc18a558a9599d8377cbde14d14e4af078e920dd182bf0a46cb88bbba4e/detection

http://188.165.156.214
188.165.156.214:65356

# Reference: https://www.virustotal.com/gui/file/fe28808f8b07b484ff987a1ccc2f187857139e84d58dfbbb8004ce29f21bf1ea/detection

http://195.2.84.82
195.2.84.82:56801

# Reference: https://www.virustotal.com/gui/file/e82f3b7b3794a2db65698a2723511e3f8df217fc4b99de215246f8f77529a602/detection

http://199.195.251.96
199.195.251.96:43073

# Reference: https://www.virustotal.com/gui/file/b5e9f31e9150c4530dba7fa1d830fdc736ab939aecd563332e0856c7041f3de7/detection

http://213.166.71.146
213.166.71.146:30027

# Reference: https://www.virustotal.com/gui/file/b35472ac451e4923a094af8eaa687656c1f6576f7655655c877e98c0fa9c7709/detection

http://3.120.134.248
3.120.134.248:65368

# Reference: https://www.virustotal.com/gui/file/f6a21f38fcaf4a5d6e47bfa62f2293b025eac7179b63a4fde24ea14594a040a5/detection

http://45.140.146.151
45.140.146.151:40355

# Reference: https://www.virustotal.com/gui/file/36fe71c3af87bcc22aee5e1df862f664d68608620affb4a5a8f4ba21342561a5/detection

http://45.67.231.8
45.67.231.8:3403
9mw9.magicnow24.ru

# Reference: https://www.virustotal.com/gui/file/3a82ff19205ac49b150cd26c622c96eaaec0d80cedea5a9d6e2d523cad7f5622/detection

http://87.251.71.153
45.67.228.131:9603
gameshome.xyz
holdingfr0nts.xyz
j1155411.myjino.ru
news-systems.xyz
sthellete.xyz

# Reference: https://www.virustotal.com/gui/ip-address/45.153.184.71/relations

wispdocweb.xyz

# Reference: https://www.virustotal.com/gui/file/015d8ec1d116d36ff3c99b510528b3798e9c82337550b4efa2394dd6c0aae972/detection

http://45.90.46.164
45.90.46.164:54557

# Reference: https://www.virustotal.com/gui/file/25681de7e02857c21c6d3ffed80354333751a7fc7c3a07b8ae7be45c93307ab2/detection

45.138.157.149:21502
49.12.13.16:55953

# Reference: https://www.virustotal.com/gui/file/2702d43f54c385a12f7a24754c0530fe3b18d64a98878fc2ff9c3b13aef03f20/detection

http://5.188.118.35
5.188.118.35:19651

# Reference: https://www.virustotal.com/gui/file/2e40b603ecab881a303288ea4a6a0d7441a3bd897eefe6573e6140f037559f5c/detection

http://52.14.161.64
52.14.161.64:25486

# Reference: https://www.virustotal.com/gui/file/c22f6d1356f9ab62f87e9dab44673bb3fdb7a225f63042f55c3682f46006260e/detection

http://77.232.41.231
77.232.41.231:43981

# Reference: https://www.virustotal.com/gui/file/0a30ff3094e25dcc431dc3b4c7df1a83ac8a35a66c0c38e644ce0b89437b5747/detection

http://80.92.204.95
80.92.204.95:59766
7x8x.purplecafe.ru

# Reference: https://www.virustotal.com/gui/file/e8a22cc13143b1e542e6789290452ed883ad070eb987146f656db78f0b7cbbe0/detection

http://80.92.206.128

# Reference: https://www.virustotal.com/gui/file/841a86c4312c091a4ee4d5ef5a976ffd63d082da363591b60df4bfe2680efa22/detection

http://86.105.252.237
86.105.252.237:17660

# Reference: https://www.virustotal.com/gui/file/c846d8d913f6365c146beae5e70cde269256db120c6f2bf7d550fef7e9844601/detection

http://86.107.197.8
86.107.197.8:38214

# Reference: https://www.virustotal.com/gui/file/7c7cff0a48bcfe565fb02e3a39087ce2ad56d5b1c57b229f2d0142f41b7ab191/detection

http://87.251.71.193
87.251.71.193:20119

# Reference: https://www.virustotal.com/gui/file/83422a63a67f69382eb8b0770a89d1841b43aac04beb7ae14429d35ce4b77a3f/detection

93.115.21.41:50755

# Reference: https://www.virustotal.com/gui/file/5691e44d8eb881544b9f440ef473d5b526e55af8f7d299a0aa263711572a5ee9/detection

dylarache.site

# Reference: https://www.virustotal.com/gui/file/ab927ea11fbf644738e3423423850de3100dc0d2b3c120ea71ae9823bf7742e5/detection

qurernenail.xyz

# Reference: https://www.virustotal.com/gui/file/6cae92665b23b4bccccd25fad925b745ad83e700b1775a6cabae079b5741accd/detection

byrunkrntyj.xyz

# Reference: https://www.virustotal.com/gui/file/41d0f4c47ed4745ef6fb196273873f5e8092baf18f05075452efead370ec23a4/detection

9a1o.ogmassive.ru

# Reference: https://www.virustotal.com/gui/file/8a7d98508e448ab8150540c6e0ca4559c308f5bba4a6bb64e2d4d416232ccfc9/detection

nd.git4you.ru

# Reference: https://www.virustotal.com/gui/file/15509eb0045271635c94808f8291b4a0a55e1be0a78296315ec67201ccf2ab01/detection

http://87.251.71.204

# Reference: https://www.virustotal.com/gui/file/d8caecf9a341e1f5cb2ca90a648d0792cfe654afe2d38fa7c4a26d73aff885c6/detection

http://87.251.71.62
y4y.ogmassive.ru

# Reference: https://www.virustotal.com/gui/file/e8c658ac0bb00a2a8c7c6f30da580823e383eaf907cde6dcc0b962d7e653199e/detection

95.181.152.183:15785
s8v.purplecafe.ru

# Reference: https://www.virustotal.com/gui/file/3aca76d7bdd23aa701fffa2994e4b9438439056ad0317b78f6c7251b3fb9f2c5/detection

95.181.152.183:31019

# Reference: https://twitter.com/dark0pcodes/status/1390720778711207938
# Reference: https://pastebin.com/ErqXq4er

21jhss.club
crownnest.cyou
erherst.ml
gooutdayblog.info
ierinapu.xyz
kystearlar.xyz
lazerprojekt.store
nshoreyle.xyz
phelammi.xyz
qusenero.xyz
redline957.duckdns.org
redworksite.info
sthellete.xyz
styonorong.xyz
ureltodwie.xyz
wiseroniee.xyz
ynnnzonie.xyz

# Reference: https://www.virustotal.com/gui/file/521e6ab3da29cda2fc6399ac88289ed9762577ff4e9742a56ec89bf4521be6c1/detection

109.234.38.124:35200

# Reference: https://tria.ge/210510-cdf8nml7an/behavioral1
# Reference: https://www.virustotal.com/gui/ip-address/185.82.219.104/relations

astulpiagi.xyz
wnyalvene.xyz
zastaredan.xyz

# Reference: https://www.virustotal.com/gui/file/98d31fa6f8f9b5bc7db0bc77ab6f5b411880d3d1994db29ecba3696f079225d8/detection

fastboomerzoomer.top

# Reference: https://www.virustotal.com/gui/file/6f26456f887bb2cd91337242a58fb3d9d189b578fc0ce59aed9d2d2feae53637/detection

185.215.113.54:62132

# Reference: https://www.virustotal.com/gui/file/dbfc0f6a14532b867334b38aa4789fe1da4267c72955f89e00811392df0bd42a/detection

http://51.254.187.177
51.254.187.177:3705
mm.hellomir.ru
ucf.hyperfast.ru

# Reference: https://www.virustotal.com/gui/file/8d46e1ef94efbf4fd8d36dfb36d68d6ba36c436b3fe480118ef1a2828acc3b2d/detection

135.181.170.169:50845

# Reference: https://www.virustotal.com/gui/file/a9d7457834c3b27e451d027c0242f23cdd61f3c1b9c496d010e0693d0b15f225/detection

profi-max.info

# Reference: https://twitter.com/1ZRR4H/status/1395851977691705352

updatedefender.online

# Reference: https://tria.ge/210525-49cwzpzfaa/behavioral1

innaynelar.xyz

# Reference: https://www.virustotal.com/gui/file/bf9be8425f9523539e9fadbd7b96ced4fc65eaabb1006996a6974c6da8041a7e/detection

jelliousbra1n.xyz
powerins3rts.xyz

# Reference: https://www.virustotal.com/gui/file/96b6705d251bb18c5f6ccbc0f4dc667023fb7100d5e6ff775c6bb4b9c84b66a5/detection

j1155410.myjino.ru

# Reference: https://blog.morphisec.com/google-ppc-ads-deliver-redline-taurus-and-mini-redline-infostealers
# Reference: https://otx.alienvault.com/pulse/60b89765d9d4209af982cf7c

109.234.37.201:15647
anydesk-connect.com
anydesk-en-downloads.com
anydesk-go.com
anydesk-new.com
anydesk-one.com
anydesk-pro.com
anydesk-top.com
anydesk-vip.com
pc-whatisapp.com
telegram-home.com
jasafodidei.xyz

# Reference: https://www.virustotal.com/gui/file/a33fba201470062e7411eb129e52102e9ec7150d0d4d46c877aa241d2fef826c/detection

prinega.xyz

# Reference: https://twitter.com/James_inthe_box/status/1402746771512594439
# Reference: https://app.any.run/tasks/4921d1fe-1a14-4bf2-9d27-c443353362a8/

188.68.202.244:46946

# Reference: https://www.virustotal.com/gui/file/a6a1b66e1d7d31bfa37a6a591b30469b71c25a431096a9fc60bd072d7e9b1889/detection

rdesbarile.xyz

# Reference: https://twitter.com/dark0pcodes/status/1403415277413539849
# Reference: https://tria.ge/210611-wver3park2

acanaceous-tripling-cayuga.cc

# Reference: https://www.virustotal.com/gui/file/bb6275b6358d48ab7aeb1a3f54eb12527163210e78154b5f73cec4d23595d3b3/detection

spaceufx.site

# Reference: https://www.virustotal.com/gui/file/f93db670fa4eaa1689858ee523b67e049a461776a4f5ca5eca2fec1e7df971aa/detection

coronttegal.xyz

# Reference: https://www.virustotal.com/gui/file/437d83e73fa880cd7831e3cebb1507fac360f91bb295450128f6e92f078b183c/detection

bukkva.site

# Reference: https://www.virustotal.com/gui/file/f8aa33b99bb248f640363d937986e465239346a7f25f8e8579b92b5c975f38a9/detection

xalemiaind.xyz
pcfixmy-download-13.xyz
videoconvert-download12.xyz

# Reference: https://otx.alienvault.com/pulse/60cddd73ef248acd19c84367

fabrserian.xyz
hiconvanor.xyz
ierinapu.xyz
ralynillalel.xyz
topnewsdesign.xyz
ugeorunnog.xyz

# Reference: https://www.virustotal.com/gui/file/79bbdb8009278ba629dae626b86f4447a81333ef9535e2a9341d5728571e4ae1/detection

leselesp.info
iphonemail.xyz
mazama.xyz
noveysish.xyz

# Reference: https://www.virustotal.com/gui/file/44faa82f7ab6fe3a40a57480504d2f7caf1d20b66656f02840e5ed83a6ad27b3/detection
# Reference: https://www.virustotal.com/gui/file/d54d492167ffb9664d3db2fb35577ef1b1e830fe32c6d786cc461fcf415bc2b0/detection

http://3.15.24.25
3.15.24.25:1026
95.213.144.186:8080
pumpbot.su

# Reference: https://twitter.com/pollo290987/status/1407226717912113154

185.215.113.17:18597

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

176.111.174.254:56328

# Reference: https://www.virustotal.com/gui/file/730bb47a033579a7b914829c4f0cde8f8ef4ea8fc884c43a1863736f02882d03/detection

87.251.71.195:19388

# Reference: https://www.virustotal.com/gui/file/44c9fd219866b0264b7d29b0c08a5ffae64a51453d0ec3499a1f1dd37245c7ad/detection

http://87.251.71.195
87.251.71.195:11924

# Reference: https://www.virustotal.com/gui/file/fef705b3666606b7acb2c1ded1b7e48a9b9ea0b50c86d0d2ad055a9186f9a90e/detection

r4.hidekad.ru

# Reference: https://www.virustotal.com/gui/file/a39005b1071d391ba53eb623bf17805b144c25475e37a67b6179e76f947577bc/detection

9htz.hiterima.ru

# Reference: https://www.virustotal.com/gui/file/68aab4d5d6d862bbf77cf836e80ea486a14ae11bc32cec46291a32834dd15045/detection

45.139.236.24:63373
87.251.71.195:82

# Reference: https://tria.ge/210623-v3483mttex

185.215.113.50:43919

# Reference: https://tria.ge/210616-1spssdy8ja

185.215.113.15:61506

# Reference: https://tria.ge/210616-2ex5ctlf1a

pupdatastar.store
pupdatastart.store
pupdatastart.tech
pupdatastart.xyz

# Reference: https://blog.talosintelligence.com/2021/07/threat-roundup-0625-0702.html (# Win.Packed.Redline-9874565-0)

jevanerrin.xyz
kathonaror.xyz
rdanoriran.xyz
whatareyousayblog.info

# Reference: https://otx.alienvault.com/pulse/60e0527b25ed2feb559e6a85

dishontesa.xyz
enatuykebe.xyz
fackerty.info
fikerty.info
flamkravmaga.com
idowload.com
ierinapu.xyz
iphonemail.xyz
kanagannne.xyz
qitoshalan.xyz
rdanoriran.xyz
videoconvert-download38.xyz
zedaumalev.xyz

# Generic

/IRemotePanel
/NewtonsoftJsonSerializationSerializationCallback68342
/PrivateImplementationDetailsSystemDatanetmoduleStaticArrayInitTypeSize3677
/SystemCodeDomCompilerCompilerErrors
/SystemComponentModelLocalizableAttributer
/SystemNetFtpWebRequestRequestStage38750
/SystemServiceModelChannelsApplicationContainerSettings9021
/aBJXGuRWOOChT
/AwFPxyYrZDZZ
/bBAFKbdpDn
/bfiVAuLpfWqFk
/BGPafgTxUo
/BLqbUofdaQ
/bOWOalKGRnZO
/clPbZdgzZHNSt
/datPLwhdNbHfyf
/DNTRuwkUqoU
/DzkDWttwvoKbbU
/eCWRTDeWaY
/eiHJVeZlZel
/enhxvoOXjm
/eslgJjBiaFSNie
/EZPJPntjaS
/EzudSRBBoyErr
/fjGCWmatSetaRk
/fmEsTfSlOS
/fpBPPYvLzGZg
/FSeSOsewQarRTk
/fVdDrjDBVqOTl
/FzTzVrETDAia
/GHIpuVQdtOjs
/gUqsvtGNvbl
/GSTdsemDLfnLCY
/GVAzNZIWJb
/gVRyWoARuqUFQx
/gwrbuDQXVZ
/hohOqRFfjGTYKT
/hZLaJtFVgqkK
/iifnWYFiwLVOv
/IsTrhNVvNvzbg
/jbBdzcgnxNedWq
/JBiYmOBvruue
/JHNWmfCudW
/JikYAqBrCza
/HhHKSplglZv
/kcSFSDJucG
/kCuZEqRvDTx
/KEwkPdfCYc
/KszXJVpeOaaY
/lIaAPypbOQh
/LJKqqYAKjeYev
/mQTZdKLkCHu
/NewtonsoftJsonSerializationNamingStrategyu
/NewtonsoftJsonUtilitiesThreadSafeStoreJ
/nfKStcgBiB
/nJhdCfcerUrYW
/NnmOVfiRPRYUVO
/nrjUuvwsqu
/NylanLKUyBi
/OHerqvVJkjjot
/OmJhllkytEX
/oXNrGlbrzdosnE
/PuIHhXAOUC
/qgfdoLbtlFQUSL
/QyxObytOCfc
/rRLBdSgitz
/RKzBKDTXdTsw
/SiPZeKLkObaa
/SSiFruVhJW
/sUrocprvLWhsf
/SwktNtqpEKK
/SystemCodeDomCodeDirectionExpressionF
/SystemCodeDomCodeRegionDirectiveH
/SystemDataOleDbOleDbTransactionWrappedTransactionz
/SystemNetAutoWebProxyScriptEngineAutoDetectorH
/SystemNetBufferAsyncResultv
/SystemNetNetworkInformationMibIcmpInfot
/SystemNetWebExceptionStatus22274
/SystemRuntimeInteropServicesComTypesFORMATETC56125
/SystemSecurityCryptographyCAPIBasePROVENUMALGSEXr
/SystemSecurityCryptographyCAPIBaseCERTPOLICIESINFOB
/SystemServiceModelSecurityWSSecurityXXX22902
/SystemUriTemplateTableFastPathInfo24807
/TTYeJZsWYoNm
/UHFoSlidyYFoX
/upjzQJjqpU
/UTAeubRxbj
/UVKuWpQAwjuRp
/vbhoCRCLHjTJdC
/VyiDlXEoff
/wEjHKwmDQOSc
/wnTaBpnHzWwvi
/wulgBGSVwHvFD
/XKZwsujmGgrL
/xspZxirSlNuWL
/YatJcrUyyU
/YNXdQGPwfTZ
/YvGqvGmCji
/YXvnDxrXscmv
/zjLDVpxTeL
/ZPAypYNCtN
/ZRVdzdkoBGtcY
/ZTuYirtfLBuyu
/ZxETnyofta
/zZmDkRbdCVdkSA
