# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://blog.talosintelligence.com/2019/08/threat-roundup-0726-0802.html (# Win.Trojan.Zegost-7086512-0)
# Reference: https://www.virustotal.com/gui/file/33dec68634d566b64b824855ad65a2c4c9737060bac34f9189b574b9d25c71a8/detection
# Reference: https://www.virustotal.com/gui/ip-address/104.165.160.85/relations
# NoteL online games stealers

110.110.110.5:2011
110.110.110.6:2011
110.110.110.7:2011
110.110.110.8:2011
110.110.110.11:2011
110.110.110.12:2011
110.110.110.13:2011
110.110.110.14:2011
110.110.110.17:2011
110.110.110.20:2011
110.110.110.21:2011
110.110.110.22:2011
110.110.110.23:2011
110.110.110.24:2011
110.110.110.25:2011
110.110.110.26:2011
110.110.110.27:2011
110.110.110.28:2011
af0575.com
bjerfogxz.ddns.net
fz0575.com
q9p6.com
rktmcnd123.codns.com
wk1888.com
z8q5.com

# Reference: https://twitter.com/Paladin3161/status/1179228516329635842

nxxxn.ga

# Reference: https://www.virustotal.com/gui/file/b8367eca44a6dff6b6084bd1ac48185b849b30e6d330d0d2ab619db02754728f/detection

projectteammu.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/e9f03e471142e13875bd639bfd0eeb2c329a3713cd11813e8ceadb4647aba6c6/detection

96.44.160.131:5060
moqi.f3322.net

# Reference: https://www.virustotal.com/gui/file/cfafd7cad1a07d89ef14cfa3b6c45a32205b92eb5c106ffca1c9bbdcb021d07b/detection

111.229.231.218:5060

# Reference: https://www.virustotal.com/gui/file/b8a2f27eb955f7e71e90d82dfcb129f82e00224de2f01f5db48b46b1e46bd0e2/detection

121.185.22.160:8000
125.188.2.167:5453
dltmdcks78.codns.com
zzxx9508.codns.com

# Reference: https://www.virustotal.com/gui/file/282ea10b68805909fa2008c81b35ab2d3166e30c0a3c92834fbf9699e694ce1f/detection

kiss58.myvnc.com
kiss58.myvnc.com.ovh.net
lmshusheng.com

# Reference: https://twitter.com/Lokesh42651261/status/1285513089706635264
# Reference: https://www.virustotal.com/gui/domain/ssh.22ssh.com/relations
# Reference: https://www.virustotal.com/gui/file/5fb20cca77d85fedf3653f24c8109d985c946955ad50ffd18bff9e33d64bc5ef/detection

117.25.145.178:22
ssh.22ssh.com

# Reference: https://www.virustotal.com/gui/file/26084ab8e995c4614ed9b787290b937a64a8f57b7377b638d96128e14b4137f8/detection

59.46.53.214:22
ssh.361com.com

# Reference: https://www.virustotal.com/gui/file/7456e451f3c209fda2c5dd276acbb84e6c6055c48c28773396c87355c027ec4f/detection

124.207.174.197:22
ssh.4i7i.com

# Reference: https://www.virustotal.com/gui/file/ab33788b1fb4976e023c9d4885e6b7761aec25df8826b5d7fef80089a4c99251/detection

47.111.82.157:10000
lock-domain.vicp.net
wshdhk.gicp.net

# Reference: https://blog.talosintelligence.com/2020/11/threat-roundup-1106-1113.html (# Win.Trojan.Zegost-9787396-0)
# Reference: https://www.virustotal.com/gui/file/5d21dc1acd0a1dc1f3eee5da9a1fd8caa2830fc17cc1bbb7d48322c20c528e3b/detection
# Reference: https://www.virustotal.com/gui/file/7348169666e09fb7a97643248db6c8dd42d6f05f51c27ded7d2fdf6cf5bc1c49/detection

106.54.180.66:2018
128.1.136.235:2018
4s.net579.com
xiao7.in.3322.org
2017.5im.top
fs1.f3322.org
2017.64pr.com
v2.3322.net

# Reference: https://www.virustotal.com/gui/file/ad47ac369abea2a95403ea5297d95bfdb9de47de481511f4b977a307e890089d/detection

45.64.113.197:6666

# Reference: https://www.virustotal.com/gui/file/e88c154139db59428a473e662931621a8aa76d56db7cb697b0c420b377c71e57/detection

120.24.231.105:7458
47.101.191.149:30000
kks.tbfull.com

# Reference: https://www.virustotal.com/gui/file/6f835f8087c3d8b8f4ba8271441a71cf793df38d101890fc45ac5e28e5581c7b/detection

43.248.201.133:29089

# Reference: https://www.virustotal.com/gui/file/8e08db7f90390be23fd9539250ab927edc92f8fe931ef63d08a291d6b1a3fbd4/detection

119.8.103.117:8080

# Reference: https://www.virustotal.com/gui/file/27c61168094d5403096d8557e3cf94b449001aa9c9793a9f2d7ff35f49bb8643/detection

43.248.201.209:20451

# Reference: https://www.virustotal.com/gui/file/617eb393c34f20b2d9ec357fb60e40d70bcdc5e47c2be8f29b9175a1c974bd62/detection

49.234.219.172:33331

# Reference: https://www.virustotal.com/gui/file/7b5b566fbad6b738724de4caf5eafbdec95cf3f51214d43c802c7aa7d4f0d814/detection

bbs.tbfull.com

# Reference: https://www.virustotal.com/gui/file/524c91310e1db181c4d58eee43fdccf03f5e66a0b7dcc445e12887fc846354a7/detection
# Reference: https://www.virustotal.com/gui/file/28737af6b92c685b444089c3fdcb649d8978bd700c5ff9716d829ba3d1624a0f/detection

122.114.120.114:14993
125.77.29.181:2020
aaf.tbfull.com
xsdhbh.f3322.net

# Reference: https://www.virustotal.com/gui/file/b14e15bad86cdbb1fd936fed536b54316649812686dcf40a5e9cb2ff4fd27a6c/detection

114.221.193.207:2020
211.157.109.231:14993
sss.tbfull.com

# Reference: https://www.virustotal.com/gui/file/0c90bc30f5b52b580533156d6fa9849eaaaa9f065646650e7ae6cf140008398c/detection

106.12.163.200:14995

# Reference: https://www.virustotal.com/gui/file/e3280c977a5d732087bde3e98cbefe78636da37da990ec4d9d7a3da07e0cd5be/detection
# Reference: https://www.virustotal.com/gui/file/8e551b73db9971cd238a469fe46199921b380a4cec99ec8a977cfa8951d3bbf6/detection

44082288.nat123.cc

# Reference: https://www.virustotal.com/gui/file/0b23f953d2a93845adb25019df3a20e7c4872d91289fc8f7439a2204b3d5de40/detection

http://121.40.167.210
/netsyst81.dll

# Reference: https://www.virustotal.com/gui/file/2a5ab7f4ce909fa0b313e2c01e5c7340ed8058319f7ec1995fb1606f23c6e8d2/detection
# Reference: https://www.virustotal.com/gui/file/1f54af21f0f969b5b5848eaf891f19c9841035093f27bdf984d7118b7f9471e2/detection

172.247.132.147:228
221.212.158.114:228
221.212.158.114:229
vip79318901.f3322.net

# Reference: https://www.virustotal.com/gui/file/db0a89d1e507573c31c2210cf0bf19206a66cb0c7f4e811d0885b01d86538ab5/detection

61.147.103.140:17000

# Reference: https://www.virustotal.com/gui/file/7eb666c6fb0d25770eb749fda2ec1da6ea56b0c3a974e971f393234c053354b8/detection

139.162.27.37:1356
139.162.60.232:1356

# Reference: https://www.virustotal.com/gui/file/fa11e68313e87e65e8413a13c6c63962b089939f3f97e11b37c5dfe4032c9d52/detection

139.162.71.92:1356
195.128.124.140:1356

# Reference: https://www.virustotal.com/gui/file/452fec0a680e9f11334e75a0ad8f7f2b837676f08303d935b5ad188f218dcd8b/detection

139.162.71.92:57890

# Reference: https://otx.alienvault.com/pulse/5ff06173bf924de2d1a2d2ca
# Reference: https://www.virustotal.com/gui/file/a6080e25081838b19e523103e8eb985af775103d7a6c479607bfbdd723ba4c4b/detection

wpu0.3322.org

# Reference: https://www.virustotal.com/gui/file/8dbabd369816118bb89f14b65b0ee9b029ba7155c8171aaf53f33f08e0dde3f4/detection

hackxd.f3322.net

# Reference: https://www.virustotal.com/gui/file/555d04422641049dc9757e9b006e7310e1c1f3ba87db8495c8183359e001d308/detection

119.10.151.120:2012
zhuaj1392097858.f3322.org

# Reference: https://www.virustotal.com/gui/file/03a54ea15676d646976cfa49215ca31f96c5b290ff3d5da82dff0e7476bca7a9/detection

119.10.151.120:8013

# Reference: https://www.virustotal.com/gui/file/20189a3e3c7f67e93ff73d921810710ecc9bc27167290d4b150e333a1e01a330/detection
# Reference: https://www.virustotal.com/gui/file/07474b5f2eea8ecf511f5e60212bf68f8abda90dbe4c8f5e034312354cfd3c26/detection

119.10.151.120:442
119.10.151.120:81
xf19990716.f3322.org

# Reference: https://www.virustotal.com/gui/file/ac8168f406c9ca83d55c06944161f70d1f59741bb985ffd3660fd0fac37c33da/detection
# Reference: https://www.virustotal.com/gui/file/c0cdb58f8587f1ae4765b322ef9f635a178fe6963b690988a04b4017ec06880b/detection
# Reference: https://www.virustotal.com/gui/file/9c0e0c1628b59098e0be31445b535bee18ae990be2f7b77c4f02bf3270f04e70/detection

119.10.151.120:3888
119.10.151.120:4407
119.10.151.120:8080
132.232.11.138:8080
xf1392097858.f3322.org

# Reference: https://www.virustotal.com/gui/file/fc6eeadb71a324b277c344f1fabee12ade3652043393faa00948eb17cc4631ae/detection

melthmethodcanada.ca
/cenapec/lending/tds.php

# Reference: https://www.virustotal.com/gui/file/a5429d60cb786842e1ad29dffba0b6f80ead431f8bceca258793f21fae7ef542/detection

47.112.127.168:8000

# Reference: https://www.virustotal.com/gui/file/9b2532c7774f91f33864923aa40913e187cc2efacda686ef219fe93cc2727f11/detection
# Reference: https://www.virustotal.com/gui/ip-address/94.191.22.137/relations

47.112.127.168:8001
94.191.22.137:8888
/yyfz/jrfz.txt

# Reference: https://www.virustotal.com/gui/file/d5702facd457c48f1522a994a99e40ce646f46f6deb43dd2cfedcf99922edf1f/detection

47.112.127.168:8002

# Reference: https://www.virustotal.com/gui/file/eac660e268f24a4c851667383140a153df0221073845fa2866fd0d2b063cdebf/detection

79.143.52.19:8000

# Reference: https://www.virustotal.com/gui/file/f8f0f2863071151e19bd06de6957ffa3a2e3b21712c4c3d4b7addb80f6e63f47/detection

152.136.255.75:8000
152.136.255.75:8080
43.242.73.57:8899
luoyefeihua.site

# Reference: https://www.virustotal.com/gui/file/2faccea5803f512f67cec6a9dc3f96d74c68af6901c289dcd7d9b0c64406cb65/detection

193.218.38.152:8899
47.112.127.168:8003

# Reference: https://www.virustotal.com/gui/file/43e429073e467ef479a40195ec1873501c1f6bb867c2d7b9b7bda8cd0fce3bde/detection

23.225.183.2:6677

# Reference: https://otx.alienvault.com/pulse/602d067f158130a55ce6be6b

8836hxjy.e2.luyouxia.net
aa0533.3322.org
haidishijie.3322.org
lzdly120026.e2.luyouxia.net
xiaoheiyu.7766.org

# Reference: https://www.virustotal.com/gui/file/873d5658aa1eea6a477f01a1bae0452c16b092283572325e928c694316ac4ca4/detection

43.248.201.209:32729
212951jh19.iok.la

# Reference: https://www.virustotal.com/gui/file/1225327396c376d06eaa79db845c20e5aadcfd9ae5336e3ce6a5ffe1ac815285/detection
# Reference: https://www.virustotal.com/gui/file/fd0a6c619f5ce1caf57758b6cb1ed5e38c1c996aae6702c4c11ff1ac593896a0/detection
# Reference: https://www.virustotal.com/gui/file/e8f38ddb6809ee4922de44649d4ef990d409c5eacae02388ecb7cd52f98179c8/detection

43.248.201.209:30354
gao2665.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/8a939f5ea9e78ce156eea4dfe5826abc04aab34cf95fd83bb2797ad36ba98aaa/detection

43.248.201.209:20207
12-56.xicp.net

# Reference: https://www.virustotal.com/gui/file/69f85cb5ef61ad6ce776e6192b9aff6cf894bc1508c1d2217bf39c7c748bbd30/detection

43.248.201.209:24131
1403856152ll.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/a5dbc81b3d0ad72f118c2e021d1e728477d75a19f151ee8e9bf0711c6b5465a8/detection

43.248.201.209:5454
lht006128.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/5a3677b276dcbc8dfc1a7610527ae219f6a9399ef6dbede2573146b5b5d1fb31/detection

43.248.201.209:21772
a2973433298.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/4d0a5ed1d10f092327cd726247ac786c710fd3b675099b6d7efae06045f96f3a/detection

43.248.201.209:28173
linjiayu.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/e319d6fb7d5db98bb56baec51c9cc936108f87a4c0cd3e2c1f717e1f8e4453fe/detection

43.248.201.209:29957
qq2231257226.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/260540a0dfcf35f466ee763a7b8dfa8dafdc67082321a75ef99ab94b134de6ca/detection

43.248.201.209:28648
broneth.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/5b3cd24beb2076794ad75cbde75d5fa4d4b0ecbaa2bfba88a00ba409391fbb9a/detection

222.186.171.159:25809
awd54a5d.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/6de4fab29b56dd6817c171f8f1065a1be12b053a2b164875ea1665f6ff228e98/detection

43.248.201.209:29438
f3437392562.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/ba72ba11ae732268bcb073cd6f341e6c96e602541e724269918de17b1638648e/detection
# Reference: https://www.virustotal.com/gui/file/ce00bc96e2f7748feb21f269bcb525acc0fdec7c067fcd30b72c320201f5d31f/detection

103.214.169.45:1245
222.186.170.37:28384
43.248.201.209:28384
qq1134.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/269973280f321e9bc78e7301aab227eecb494704ad26eeb819a68e1e8441230b/detection

qweqaqert.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/c7c91581dc97a9adccab6d881adee790e23f4c8c0a98c977ec736dac714176e6/detection

222.186.170.37:26546
bkfuzhu.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/f48b0969aa3f6a92aee2a4a41b94af6fdc5246b66270ddb22591f9f17c94292b/detection

a647705030.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/07adf99db1bf88b1c7d53694b48bb886a41cf4d2743382467046143c895f780f/detection

222.186.170.37:32964
cookiemc233.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/09bcad89a3fb5a55efbecdea7939f5e1e3825f9316089bf5478c1b2062fc0c4a/detection

aabxcb.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/48ee9d65a1390fa5dd4d73e2e2930cc9f2e470e1de4d372e1919594ff3a609f5/detection

43.248.201.209:34655
qq77292256.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/24b541d3b65f5f7d23131dc708e9df25653d0f47c5758c1df4c27448aa04b064/detection

ferfererv.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/10802a99323417fce172087f98fe669acb9fdc47f4fba5f3f52e5725325cd253/detection

yuziteng.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/d96502eecf8985637fd8e7d670722d745f776396c83cac4a75940b1cf9dd5ed2/detection

321asdf.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/188d2b100be3afb3c7dd0d4975bf0739114de06dba86e852f510aaee9945f4d8/detection

1633754164aa.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/77dc8f31885fed7c7568f73f26d441ce2b6bfecbb21023efdfddf96765b6d3e6/detection

qq1780849668.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/f8b0718433804184236dc746f4c56717564821729ee8e4f25b23329fa0c36555/detection

43.248.201.209:23988
loser10.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/c2e51555200a907aa446d9127d5e85a1f4a1eeadebbe9d1cbabbcf6a3d1d54b7/detection

43.248.201.209:33097
lcbp.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/902bfe991af2d881f98f7ceb91a578a40bb98564dd3bc60887995552183958b5/detection

43.248.201.209:31946
w2690583284.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/a340068b98bfb4c20016e29b1d401ff4c7bf5d69253c571badb37b4b9e91eb0c/detection

43.248.201.209:24914
w1402384186.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/4e44be542b781655897ebdeeb074791f6a7ff982f553dfe8807521900358d2b0/detection

43.248.201.209:21659
wsxe134679.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/c03f708f359d6a1021844dc826b54a4503cc2f49ec34370ebc62f022c442dd10/detection

43.248.201.209:23642
a2230771201.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/c7409546d19d07af9d91e9db87b4309570252bd5555348f72876bb695ad13621/detection

43.248.201.209:26396
op2757942610.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/45241b2b6b0e68b8338d9f8cdaee4f7b82c282f43e04f22452c21d857f0f6146/detection

43.248.201.209:23824
w669869501.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/bda3d2fc4071cca4b5f4d02a956ee3f2c173e349d3c35eb9ff3929e3ba802cdc/detection
# Reference: https://www.virustotal.com/gui/file/df583d731d119f711b9ef3c49b6d1f2abb5707a5394a223d575adc19fe8b800c/detection

115.28.204.197:7415
117.41.184.226:8585
139.219.13.66:8585
43.248.201.209:8787
a18590181602.e2.luyouxia.net
yk.sk5ds.cn

# Reference: https://www.virustotal.com/gui/file/42155ea06003e98f4a110df7f657ab48642d69d9504d8b1801ace6666909bced

w2692791781.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/8a051c8d18c63af3a7c6c0becfe0edff83a850d98540b59f76be7a5eebb69183/detection

43.248.201.209:32657
shuizhun.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/edcd083cdc934ac1fa20d716ddc36ff45fed4ece497edc08eed2c059cd864f81/detection

43.248.201.209:25238
a515667099.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/108d2833498bdfa9f6a43af2d9df50003f95bb0bf0f071b042052be77e0bf5d0/detection

43.248.201.209:20999
zhangjiaqi14.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/da05724c267a29d68c312a50358a56a8833b51303933246be830089a2ea3c84b/detection

43.248.201.133:30567
guihu88.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/70b9eedaef787bc132c0faa1bf96ecd33d742c1941db8e066ceb410853e3122f/detection

aowan.w3.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/a34f48ec7af3722d0c041a5a58e6b48728f3aba53dd4d9670e0d32c47ac1640a/detection

222.186.170.0:40607
niuniu6177.b1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/5640176917623e2f696f4b1e170a2a916586e462e31f545ff188c18e920f8006/detection

111.230.69.194:358 
222.186.170.37:34536
w1308534183.e2.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/fe91cbf4df9885490934ca9d75e3ee38d945441f3aff93bcc5f787b3d89cde9d/detection

opopop12.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/32b1c21af2ca6029746d2c4dd8c1b8998c5fa5cf98f82868da2b34f1275e42ae/detection

43.248.201.133:31561
49.232.147.19:8080
asdasdasfasd.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/36a4bade855f031a1ff70570c58a666095b133f19074500b67590e67cb60361b/detection

43.248.201.133:29343
49.234.217.77:49596
jwj52.msns.cn
ping9978.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/740b48285aee49026a4bc13e0bffb73552beb5560fcb6653643a47c5cf3dee8c/detection

43.248.201.133:29091
lyh263367.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/440a63bc6e5d053b6550b24f21f0138a80f34a2c2d2fb7d8f43ffbb4d105c513/detection

222.186.56.73:15950
43.248.201.133:26771
qq80378994.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/46dded2cd2d77706e3472c85a92d28d34766137ae522ecc9b693a090b22f8993/detection

43.248.201.133:32012
yy67184.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/9ab1347ff9d4fc08aa7d34c46d4f608aee556c4ee5cebeaaf93f3ea780a55861/detection

43.248.201.133:27562
yjm407027319.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/59b83ab3e491c98b0e5a660ac414d75019c71253095739a3b8de19ab868c541f/detection

t13687175412.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/ee58ad2d7d18311c2538adc38578ba06f7e0d35198b5f571c3ca59276e3d371e/detection

43.248.201.133:22885
xcxcxc12.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/b462494258901e58abd8e4add2ec47dcf3043b3c93c29296396be28ae6b7c2ba/detection
# Reference: https://www.virustotal.com/gui/file/f331242ce2e4b545656e755464b47e6d3f8781178591e52902b9a2f53e298211/detection

222.186.171.159:26815
43.248.201.133:20294
727475027a.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/97dd8705e394964d71f824759b8f0282d91fd54e438e3b294853df1a816ca7c7/detection
# Reference: https://www.virustotal.com/gui/file/fe75511e9df720a54781a70edbde26047cfcf1685754ec114a813218949108d7/detection

43.248.201.133:26213
43.248.201.133:34373
love1122.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/ba1009fcbd0a8ad4b55f9a515ef6b225c517171162a5a02091458df1dafa8715/detection

222.186.56.73:14996
43.248.201.133:29530
jianbainiubi.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/cde5b632362aa720224ba307445b821837eeff61c7a29669516e76032ecc47f8/detection

43.248.201.133:29301
pipichenya.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/5bf5f0845a6ded5913121db90695ec29e8160515f9c916970be263a156d547e6/detection

43.248.201.133:29172
qq88606054.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/d8cb25198702663f1869d83ba14ef6847a16f83618d04ea80b781de34736cb1f/detection

222.186.170.35:26971
q2547429290.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/fcf018e71e36c6eb32ba113cdd685c6ffc6b642388eea2f426c0054cb9436ee1/detection

43.248.201.133:23988
loser10.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/f4baa0787b64f702df7cb435f4a239159c368d13b61821cf2d13b235bbcd2e2b/detection

43.248.201.133:24617
sky667.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/e45dfe20a968aed5661624066341bb8a011612e6c0aa75c3b1b9b3ecece9d1d6/detection

39.102.84.215:15950
43.248.201.133:22121
43.248.201.133:23070
lx1728559344.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/d871bce37b200f7778a5d45c51c1a3f03a800bd549560a9f46ee7507e3cdf9a4/detection

222.186.170.35:26099
yuxuanow.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/f5a929484cb51318c51ddee277669d482ba8899e9cf171860bcb8f66b0c7c97f/detection

39.102.84.215:14996
43.248.201.133:22743
qq147258963.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/a2b42b0040cc7d2d247d47c770cff018731b92cc2f56b7e5ab771e1de23b6d70/detection

43.248.201.133:20144
xiaomiao110.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/6fa4cff9bc9b3f13e5bca4dd36e9945323cca7f1b74da4f307b5ef8e32eb43b0/detection

43.248.201.133:20521
liun6.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/438a5372af062c263737ef88acb1f88104a3f3240ec55ca8dc95aa2fe1293c40/detection
# Reference: https://www.virustotal.com/gui/file/da65603440685c4c88a976d4271fd3de027281a973962bd3d7c3c1392213eeb2/detection

43.248.201.133:21526
43.248.201.133:24144
chuchengsuna.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/533ad89ae812b075fe288f10eb01601f1bdcac1b893f858935d77d69e5a9204a/detection
# Reference: https://www.virustotal.com/gui/file/253146480b9fb4af334f37e1ee29c648f6ea892a227412730ec7dc0da1a34e84/detection

222.186.171.159:27042
43.248.201.133:27042
huanfeng6.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/ec4421e4f372e70fac27b73ca2239f60af56c3543de37d8e3c38ad121f75b422/detection
# Reference: https://www.virustotal.com/gui/file/c027ec51f80da18e7fc3ba5dc1c700bdc72835e34bb35648081569af6bb7c193/detection

174.128.255.252:923
43.248.201.133:20249
43.248.201.133:23891
duhun.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/9116b86de3d96bb9f856668cdc82e854c2627f5372f0084ffa4ee6c17aba8d35/detection
# Reference: https://www.virustotal.com/gui/file/3f1e9805ffcb63066a926ac320224587107e1ba9a7e052827e8718285530041d/detection

222.186.171.159:28696
43.248.201.133:28696
yuaotian.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/3a85c32c85ff461dad3dcfe1f11d1032e396a4aa528078bb75e06cd5dd7bf685/detection

222.186.170.123:33250
yu407027319.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/c2d784739d12b4aa2960164ed9343af4e1c872a2991fe21488729f68bb7bf29c/detection
# Reference: https://www.virustotal.com/gui/file/940ac7aec4040f0bf346b39e44f36953be326e46a32538a9d2d0a719bb33d868/detection

43.248.201.133:22056
43.248.201.133:27934
nancheng1.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/5fd363c855694506e89e22732e1ac60361852132dda5e5247b2a48fa83c5a39e/detection

43.248.201.133:23804
ma1314zaygr.e1.luyouxia.net

# Reference: https://www.virustotal.com/gui/file/94185bc50b65faeb50cf9ef21d36b38e63e847466b0ab106f8e5b6937654ee0a/detection

hao123456520.f3322.net

# Reference: https://www.virustotal.com/gui/file/8759166e20be8809566d688f74387a1b5d05235d6b5849aa6356bc7aeeacf3b1/detection

k531085863.xicp.net
l531085863.gnway.net

# Reference: https://www.virustotal.com/gui/file/270c84112a2f8e38a85500b360f5d11d0bb12895bc8f66080f50b69674975637/detection

62.76.74.245:17890

# Reference: https://www.virustotal.com/gui/file/97fc2b8f2757427c85cd711fac82b67acbd24de84462efa9fa0e27b1554b10e6/detection

113.212.91.169:15523
aj.skt-one.com

# Reference: https://www.virustotal.com/gui/file/0f181de12b4399291340c4b0be79fc473b9c5ff066c883af7418d6ca77364377/detection

45.154.198.176:15523

# Reference: https://www.virustotal.com/gui/file/794508f4f378f15f46bec246f8c21106005aed8343df0fbbc1de50df135a54c0/detection

jojo383835.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/935d563b8079495c7a08f27801df081df47c1969b25ee5eaf44757e4f1d1850b/detection

123.249.9.151:8000
asd5211.f3322.net

# Reference: https://www.virustotal.com/gui/file/6c41f94446ed7e6df8cf908576d298ba0a700b9f7de7b7496ea81d0004f04af0/detection
# Reference: https://www.virustotal.com/gui/file/5a7ec36abf5172e17729f905768da050faef7139236e80c691d1cfe30bbe004a/detection

115.230.124.27:7071
59315398.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/a397ec2d121a7b6d4ac03bb5a23f1bab55d51293454cccbe15a00ace1a8737d9/detection

1124956.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/16853990983e6d120c4d4fba81cc3a40a9af5dcc92390059a80f8d253d42dbee/detection

1.93.56.129:7777
180.140.211.138:2012
gaomizhe.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/665dc17b84f6ca3c94d18dc9dfb01319ec854138e75b0036318f34b6e5285dd5/detection

xiaoai230.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2b7e5cd424168fa34684a05085333c6d72a0bee58b6e19a81d87c36522b9d485/detection

jimmys.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/06993badbc0aa7c1b35f04939a6066f034820ac7f871a5e67724eb6892b58ddb/detection

a453820211.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/63dcbcea75b52d6552479e3ea8dac9bbf73ad73f92460623677972a944c3001e/detection

xia718603199.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/352391d1929046f3bcf99deb9eb05d1fbe29245b99602704bbde058ad9b478bd/detection

mahaoran.tl-ip.com
qwert8800.gicp.net

# Reference: https://blog.talosintelligence.com/2021/03/threat-roundup-0305-0312.html (# Win.Trojan.Zegost-9840060-0)

312789691.3322.org
5angel.3322.org
625568680.3322.org
6603541.3322.org
6862082.3322.org
792143545.3322.org
a254437891.3322.org
a306310821.gnway.net
a450526783.3322.org
a82045763.gnway.net
a846578461.gicp.net
ckm609198663.meibu.com
jinbizi.gicp.net
q362375754.3322.org
q924413267.3322.org
qq444914178.3322.org
qq849181440.3322.org
tianditong001.3322.org
vbvb1212.8866.org
win226.8866.org
wsqadr.3322.org
wuxianxia.3322.org
z444687973.3322.org
z954985733.3322.org
zx976339.3322.org

# Reference: https://www.virustotal.com/gui/file/28b3136b7e9b9abf0d40ff0c168c22d4f11839e47f1a28a5a869a4574f28accb/detection

a6089657.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/7f99e539eb439769dbc126ea3ac65caa936200732f05460191efccba458107a5/detection
# Reference: https://www.virustotal.com/gui/file/1f13dfb9d7cd9aa3faf1789bd2664c12c893f59ab14e2199d81c5436fb01f8c8/detection
# Reference: https://www.virustotal.com/gui/file/4ee5175bf211b406f131e77f98f6bf157d4a9eb16197a3a6af5ecb8b54369f36/detection

1.93.55.69:7029
211.149.205.10:7029
219.235.4.247:7029
543800306.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/3dbea25f593bea0fb7f848ed93171abd1c685c99cd28d69c5b49151b760300d9/detection

y529267378.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2301c9552e1c0d6b1188511b1dbb542b5f5b154d3120dfc2a3db1865bc3c8eea/detection

115.230.124.27:28587
yanchao.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/cb8cb4c9287eecffeac05cb3882cf4de600b14994bda331e6fb713e7c89f7920/detection

a1219153016.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/bdf34e7ab7ba91057c4c212a23b85cc09203b9e83d9bf24b960476db356ac050/detection
# Reference: https://www.virustotal.com/gui/file/e149a1e0215dcfad7ea8fb39e87ec7eb7536ea8b2d929dcbccc0595e0debb17c/detection

221.229.197.136:9033
bbswzy.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/d399482fbac1b430592ae099e04db9269824e07963a6421433a52b74bb5cad2e/detection

23.95.29.45:7014
sjxiao.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2faceac02a3a509846da3f1fb1a216ab28442f402b786eb75275bb35ec5648df
# Reference: https://www.virustotal.com/gui/file/9aabb795f5600b5ac2bdd09723ed8dcb55bfd1622db0b52380cbe9ff71a1d0cf

834380882.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/7b0e40d20406fb56a2f01e256c35be0edac6730ee3ed656fcc88ebe9d3850d4e/detection

154.88.220.174:7135
sososwj.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/eb8213fbdfa90cf8627f8d344a2d983ddffaa2bc71045b5e2da0f225fbcac542/detection

heixia.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/48fa7453b32dae464fb4ec52d6e59d8c3e6b8a3ae882520b8e1af72d618bbf1e/detection

123.68.104.175:9020
157.122.62.205:2012
mamsma.tl-ip.com
sichong.3322.org

# Reference: https://www.virustotal.com/gui/file/40a68268e13c784ac41d941a27d7b42fed04a0a734b9b2262ae6070ecc3e13b8/detection

usbwin.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2abd643ba228fbb1fc1a73eb0c44b27f11cc1930689c511a26d571623680172d/detection
# Reference: https://www.virustotal.com/gui/file/bdfb174f4944d71c1155e32ffb9ef9254cc01e2442bef89bf969fe6926c23f73/detection

107.182.21.216:7456
91.195.240.87:7456
yangshu.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/7e80e6e317ea88761ec802c0e69317908b394408014b7c94834cb55af8271e8e/detection

115.230.124.27:7288
91.195.240.87:7288
asd996431832.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/5d0f2397ddff29e92d723beae25f862272f196044d8171aa44c747c04a0a15e2/detection
# Reference: https://www.virustotal.com/gui/file/19887cac569173792ebb263dea89cfb3b6bb2b712a73fc622acf0613b21f3b99/detection

123.53.125.122:1314
91.195.240.87:1314
cyaiwb1324.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/7851142bbc1f3c75a7cb0b735d575f7dee96ce319c3c7ddc2e9d29fc9eeb06f1/detection
# Reference: https://www.virustotal.com/gui/file/224f7561b42988465fff6c09670fb88e50cb0cb5603f369d216b0ff03d21b2c7/detection

118.193.165.167:6168
43.255.106.147:6168
43.255.106.147:7195
jinshi06.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/8eeb8c156ff5c5277a96f7afac78cfaf5003a51bc64912b8c2e7bdebb831cad6/detection

3366qq.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/d021935e5a3280dbac134b8314b72d17e8001eb27d1c8eacd2a4159a921a80cc/detection

124.228.103.178:2012
124.228.103.178:5200
liuyiaif.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/3d52d30c020c7e36d4d97985466d55ffbf707e786ec34a9c547d63605e1fc173/detection

107.22.223.163:8032
kunkun.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/59bea2b67e22e3ee41b7a606b7fe7bb2db7c5f7d9635ab95ae11a47dae27f318/detection

103.40.18.229:7322
118.89.38.104:7322
121.201.119.141:7322
221.231.27.254:7322
47.245.10.59:7322
58.219.162.32:7322
91.195.240.87:7322
a498840636.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2bf4059c1697958854b9f376dc35bfed577eb5d8ce2ee545a8d17198bb963b92/detection

gyyx-cn.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/c5e02e95be6b6b6f9d570ea2afa0e96f1bf91fbc0708f6d5cbc99fd03790d47c/detection

268028866.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/1a874cb59eee3ed6f882687e1ebba2fb6018f90136488090ae7813947ba9df52/detection

cyaiwb.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/8ec6767bc789106ea25bea3ef132716a83c81067a4ce470812d6bd378b9639de/detection

cdma129.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/10d23d34ecc4417a0bb1653bb7060869778240fd730ae57e92924013eaee4fe6/detection
# Reference: https://www.virustotal.com/gui/file/9b16a6f0eb700654cf85ea1a67d72fbefa57b6c33fdaaf5279007807856a81de/detection

103.213.251.198:8010
154.88.220.174:8010
43.255.105.181:8010
liubu08.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/00678bc4ff65c9921b10f426b12471982539fdd6432ba9eecdc857ddba9f5726/detection
# Reference: https://www.virustotal.com/gui/file/ad686ee12f28a2180880ae1920d7c43c9c3f72dd0d19503163f98692ea2b594c/detection

103.55.25.193:8165
154.88.220.174:8165
foyhot1002.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/518f3a176aaab22c4e727cff1c22cdf68284e30fda30d820cd02d81a0cc877b5/detection
# Reference: https://www.virustotal.com/gui/file/078dba52b19e8359a36cde390bfee53d7f265fb1824fe4e107078425cd393fe1/detection

43.255.106.147:7193
91.195.240.87:7193
foyhot.tl-ip.com

# Reference: https://www.virustotal.com/gui/file/2316912d9bb5b4a2b6c213ab203d070ed6a63330be9794031a3409f0bc3e2b7d/detection

45.197.95.2:4000
dandan888.top

# Reference: https://www.virustotal.com/gui/file/2a31bcadbe65b4219a457937a38c499d0e3c17f0ae33b879e2236cc764a6ec30/detection

45.197.95.2:8971

# Reference: https://www.virustotal.com/gui/file/474a03ed0ac91046a827da74fe0a80b60347cdb30516f94b02e9d48e0e74ab52/detection

934222930.vicp.net

# Reference: https://www.virustotal.com/gui/file/a256c16e24197fc0c43c3bbf5a6fa0abf95c63375c5f1c763772d703e9ae2fdb/detection

ltp666.com

# Reference: https://www.virustotal.com/gui/file/484ec65f81432509f64b71faf8fb8155f4f66b111b40ff996451ec33816b8c22/detection

144.48.67.211:81
fdhfhgxrj.xyz

# Reference: https://blog.talosintelligence.com/2021/04/threat-roundup-0409-0416.html (# Win.Malware.Zegost-9851864-0)

dai5859.gnway.cc
huangzhen7.3322.org
mcpehuiyi.oicp.net
qq511891965.f3322.org
renhuanxi.3322.org
shuangdao.f3322.org
vip023.f3322.org
xw1996.f3322.org

# Reference: https://www.virustotal.com/gui/file/24aa3e1767d7f22cbc99a1670a6d9a2174a250777bcd50824a007b5ee46fe8d7/detection

ncmlove.tk

# Reference: https://www.virustotal.com/gui/file/d14f4408a7e126af404623520c6a1496163df31ae9c42f4744b80112e3b6c9b7/detection

memejerry.top

# Reference: https://blog.talosintelligence.com/2021/04/threat-roundup-0416-0423.html (# Win.Trojan.Zegost-9852502-1)

1qdisk.vicp.cc
a1027663760.eicp.net
quan.f3322.net
rouji5200.wicp.net
szzhongzi.f3322.net
vnet.f3322.org
weiaufu.f3322.org
woaini67.f3322.net
woaini68.f3322.net

# Reference: https://www.virustotal.com/gui/file/59cd6dcf4419000b086ab2fd13d6833e2ed713d13dcbf317d9795b870a86e1fa/detection

185.227.153.177:2013

# Reference: https://blog.talosintelligence.com/2021/05/threat-roundup-0507-0514.html (# Win.Malware.Zegost-9860024-0)

425900290.3322.org
a4114325.6600.org
a616713144.3322.org
a6657457.3322.org
a759112398.3322.org
a846578461.gicp.net
aaa520520.3322.org
aaxaa11.3322.org
ahai22680.3322.org
mojun1688.3322.org
woai1184661657.gicp.net
wqvb137110.3322.org
xiaoyu9633.3322.org

# Reference: https://blog.talosintelligence.com/2021/05/threat-roundup-0514-0521.html (# Win.Malware.Zegost-9861320-1)

d.webaw.win
e.webaw.win
mcxhkj.top
mc7.xyz

# Reference: https://blog.talosintelligence.com/2021/05/threat-roundup-0521-0528.html (# Win.Trojan.Zegost-9863903-0)

zhanghao520.cn
zxyhwww.com
qq3803174.eicp.net
w8l9.f3322.net

# Reference: https://www.virustotal.com/gui/file/5f1080a0e6cb3d314b4d525d4c3488fe7ec16690945f08e74aaa56c46ee33d50/detection

samysql.linkpc.net

# Reference: https://blog.talosintelligence.com/2021/06/threat-roundup-0528-0604.html (# Win.Trojan.Zegost-9865428-0)

312789691.3322.org
452799839.3322.org
a306310821.gnway.net
a450526783.3322.org
a616713144.3322.org
a6613452.3322.org
a782842790.3322.org
a839342100.3322.org
a846578461.gicp.net
a997321466.gicp.net
aa81667376.gicp.net
q503983725.3322.org
q6623010.gicp.net
q6629048.3322.org
q814287263.3322.org
qiangqiang32101.3322.org
qq444914178.3322.org
qq849181440.3322.org
qw312570947.3322.org
qwe553101557.3322.org
suyoujia0.3322.org
zxcvbnm65777.3322.org

# Reference: https://blog.talosintelligence.com/2021/06/threat-roundup-0604-0611.html (# Win.Trojan.Zegost-9869702-0)

zhanghaor.xicp.net
zjzfzq.com
zjzfzq.f3322.net
zjzfzq.no-ip.org
zjzfzq.vicp.net

# Reference: https://www.virustotal.com/gui/file/00505315d1c6a3fb48dc7b2befb426e5d5c194073088754cd041268d5384b4a1/detection

142.4.211.167:3312

# Generic

/netsyst67.jpg
/NetSyst81.dll
/netsyst96.dll
