# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: crysan, 3losh, 3loshrat, sheetrat

# Reference: https://twitter.com/suyog41/status/1130804704152305664

mikus192091.ddns.net

# Reference: https://twitter.com/luc4m/status/1106618159522635776

queda212.duckdns.org

# Reference: https://twitter.com/CERT_Polska/status/1072793091856392192
# Reference: https://www.cert.pl/news/single/trojan-oraz-ransomware-w-kampanii-podszywajacej-sie-pod-inpost/

213.152.161.99:47390
213.152.161.100:47390
213.152.161.101:47390
213.152.161.102:47390
213.152.161.103:47390
213.152.161.232:47390
213.152.161.233:47390
213.152.161.234:47390
213.152.161.235:47390
213.152.161.99:47392
213.152.161.100:47392
213.152.161.101:47392
213.152.161.102:47392
213.152.161.103:47392
213.152.161.232:47392
213.152.161.233:47392
213.152.161.234:47392
213.152.161.235:47392

# Reference: https://twitter.com/Threat_hunts/status/1135810121227882499
# Reference: https://app.any.run/tasks/5ad34df1-b5a8-415f-9496-334d9bfdd7b1/

95.167.151.253:7707

# Reference: https://twitter.com/James_inthe_box/status/1141072205771448320

kizzoyi.duckdns.org

# Reference: https://twitter.com/powershellcode/status/1148234398703030273

internetexploter.duckdns.org
systenfailued.ddns.com.br

# Reference: https://twitter.com/DynamicAnalysis/status/1165901579536539649

79.134.225.90:4782

# Reference: https://twitter.com/James_inthe_box/status/1167217092245872640
# Reference: https://app.any.run/tasks/8eb2d184-08ec-40ab-8742-32f6988c5638/

23.105.131.169:6606
193.56.28.173:7707
193.56.28.173:8808
rownip.3utilities.com
rownip.mooo.com
rownip.theworkpc.com
rownip.dyndnss.net
rowanyne.ooo

# Reference: https://twitter.com/JAMESWT_MHT/status/1169142417754337281
# Reference: https://app.any.run/tasks/308651b4-37c0-4c66-87ba-5bf05d1ff411/

79.134.225.115:4404
eg-east.com

# Reference: https://twitter.com/dcTavvy/status/1188352813937463298
# Reference: https://app.any.run/tasks/6aedb064-1078-4304-b1e8-a8205a5ba698/

193.161.193.99:43158
Lolikot-43158.portmap.host

# Reference: https://twitter.com/JayTHL/status/1197240502699073537

5.62.41.111:5320
91.193.75.151:5320
netty.myftp.biz
ify.insidedns.com

# Reference: https://www.virustotal.com/gui/file/598ba7562062467fbf05d47bfadf27578a8ed4d5d5abdf17a5a4820ad71651bf/detection

3.19.3.150:6606

# Reference: https://twitter.com/w3ndige/status/1214596648644620288
# Reference: https://app.any.run/tasks/509acd2f-9474-44d4-aac2-d186a4716bef/

g.top4top.io

# Reference: https://twitter.com/killamjr/status/1217630017116499968
# Reference: https://app.any.run/tasks/2517942c-3364-4d56-93ab-cfa47fd14299/

101.86.170.36:1199
45.11.19.240:7707
xred.mooo.com

# Reference: https://www.virustotal.com/gui/file/cc7a634047451f72a51766d1b6e33ce8a154579d80f6abcf9a109ff64c22f3a6/detection

177.98.43.164:7707
skypeprocesshost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/0c8a1d1eb4a0ee3ca2cf22cb4ede61f85e5170885549769984110edb6b64a236/detection

179.95.221.147:6606
179.95.221.147:7707
179.95.221.147:8808
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/b1a7fda679c569e51e4b1239d044bb6e6e1f3557ccd2060c32a11b0978919b2d/detection

177.206.102.68:7707
177.206.102.68:9830

# Reference: https://www.virustotal.com/gui/file/366c8707d33501338e524e4c70f8b10ac993341134aa28b32a550f06911ba646/detection

191.32.227.90:7707

# Reference: https://www.virustotal.com/gui/file/d60372f5bbed48ea826b894402e4412a478979b590bed2b9b0d1d84017549bd0/detection

177.133.237.246:9830
179.180.17.194:7707

# Reference: https://www.virustotal.com/gui/file/9fbc310b2579816b488dbc44485acd418b20a72ef8dceb558f645a735fe10f05/detection

177.98.43.164:6606

# Reference: https://www.virustotal.com/gui/file/4913ae8055d7c6f225c0bd63ffceb28138483b39d9887de8ebcc8773e9d0d46f/detection

177.98.43.164:9830
workwinrarhost.ddns.com.br

# Reference: https://www.virustotal.com/gui/file/9a3e8a5bd3bfae58180089d27f1e23ba5f8118272b903a4ce99047969874a989/detection

177.133.246.134:9830

# Reference: https://www.virustotal.com/gui/file/ef332bc4cca2207ceb999f77d3e8a02b9d3b2c475d39310d2f1b09ae8f335de9/detection

177.133.246.134:7707

# Reference: https://www.virustotal.com/gui/file/6ede0a69b6d4d7b9cddc97ed35f58a284427fa92923d7a3e9e1442a5a0ad1b46/detection

177.98.127.109:7707
177.98.127.109:8808

# Reference: https://www.virustotal.com/gui/file/87571c558c0c211cd407d87217a3a64240736fb6645919e970dadef3680975ef/detection

177.133.235.48:6606
177.133.235.48:8808
177.133.235.48:9830

# Reference: https://www.virustotal.com/gui/file/d0ca0770e89e27b72703029c7900853a655be67c65fb1bcbd0c652eceb3b384f/detection

177.75.41.182:6606

# Reference: https://app.any.run/tasks/5e7bb6ce-39e9-4243-8802-968c8fb28753/

cloudclout.duckdns.org
79.134.225.38:7707

# Reference: https://app.any.run/tasks/823454cc-ac69-47d8-821a-262f4226ca10/

sbmsbm20.duckdns.org
64.225.20.238:2030

# Reference: https://www.virustotal.com/gui/file/712bc10802ec06baeb0774fa92d2816c477d6a5dceb0ac9960120344fcf7e1f7/detection

141.255.159.75:6606
141.255.159.75:7707
141.255.159.75:8808

# Reference: https://www.virustotal.com/gui/file/55618c029549b2e2f8919902d09c19658e98390cc3e3faeb05743f091e22818d/detection

79.135.146.203:6606
79.135.146.203:7707
79.135.146.203:8808

# Reference: https://app.any.run/tasks/5bbbc0e9-1c84-413d-be8e-371aa483f11b/

141.255.146.30:6606
141.255.146.30:7707
141.255.146.30:8808

# Reference: https://app.any.run/tasks/f44c32ed-727b-437b-9249-743b5ae74ed4/

185.140.53.12:21000

# Reference: https://twitter.com/wwp96/status/1236015091029590017
# Reference: https://app.any.run/tasks/7a110950-e58a-4f0a-80ab-fc17c39d38cd/

185.140.53.154:6606
185.140.53.154:7707
185.140.53.154:8808

# Reference: https://twitter.com/JayTHL/status/1240390421467074561

216.38.8.179:5505
216.38.8.179:6606
216.38.8.179:7707
216.38.8.179:8808
peacelist.ignorelist.com

# Reference: https://app.any.run/tasks/96716bfb-5070-40e4-bda5-d6573d7e1e55/
# Reference: https://app.any.run/tasks/d292b50e-71d7-46c2-9c75-3c053b7c36cd/

46.183.223.29:6606
46.183.223.29:7707
46.183.223.29:8808

# Reference: https://twitter.com/James_inthe_box/status/1243161779212935168
# Reference: https://app.any.run/tasks/393f52ea-8176-4081-9f69-2e4706e7f27a/

51.75.154.242:1515

# Reference: https://www.virustotal.com/gui/file/77e5748478eb6c6064e118bd35ef28f90bfd0eb908eee0291b994c9a6d5b11f5/detection
# Reference: https://www.virustotal.com/gui/file/b892431179d2ed7f4b5c68eff968491b7716a067b6ab16caa5e204c9766d5bcf/detection

41.104.11.200:7707
41.104.122.164:7707
41.104.221.163:7707
41.105.197.112:7707
41.109.189.104:7707
41.109.193.177:7707
41.109.228.158:7707
41.109.242.126:7707
91.109.176.6:7707
91.109.178.2:7707
91.109.178.6:7707
91.109.182.2:7707
91.109.182.3:7707
91.109.182.5:7707
91.109.186.5:7707
91.109.188.10:7707
91.109.190.2:7707
91.109.190.7:7707

# Reference: https://twitter.com/James_inthe_box/status/1248964446505947136
# Reference: https://app.any.run/tasks/4cc95d8b-f2c7-457d-97d2-991d0115c1b4/

77.247.127.128:8855
88futur.xyz

# Reference: https://twitter.com/James_inthe_box/status/1250441655452237825
# Reference: https://app.any.run/tasks/a8c80640-e0bc-499c-bd8b-de1c9166d4dc/

45.32.167.239:6606
45.32.167.239:7707
45.32.167.239:8808
hdkshnfk.ddns.net

# Reference: https://www.virustotal.com/gui/file/51482d0164957eec01b4916354b5a992e6705655bcb44ca4b0b2a520e3b64e6c/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
soucdtevoceumcuzao.duckdns.org

# Reference: https://www.virustotal.com/gui/file/626879e64f571e21902bdc2f249ce247e03420e8656990d54f3ab4ceb99b4fb4/detection

105.111.80.222:4000
azure34.mywire.org

# Reference: https://twitter.com/ScumBots/status/1250963567366545408
# Reference: https://www.virustotal.com/gui/file/b465ae7940f04cb8b6f6baf9a288eecb5e405290bf48b18fe70ba41e9cc97389/detection

192.169.69.25:4000
amazon34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5abfea336ec1f8f078499dd4713d65b5e75c59243b6137af1f5297706413dc63/detection

105.103.214.89:4000
amazon3407.mooo.com

# Reference: https://www.virustotal.com/gui/file/6f5567af58976eb61af59c7edf1e5cdad7e3cd2fc60c16b123dfa53cd44e8f6d/detection

85.229.141.17:1337
92.34.156.156:1337
bob1337.chickenkiller.com
getconnected.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/762a570980637077dbf431c691c38de20e50474d0c67003b4483c6f20a16e533/detection

129.56.25.121:6743
asyncrat6743.ddns.net

# Reference: https://www.virustotal.com/gui/file/5e6bd1b03148962cff91b0f6a1d4e915bafd1049931d5d4ff2bda151bd761e28/detection

unknownamehost.ddns.net

# Reference: https://www.virustotal.com/gui/file/f17981f481d0e31ac51cbf66b5c94d3f73d5a2647a158370ab9e6b3357a00f9f/detection

unknowhostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1250960155900104705
# Reference: https://www.virustotal.com/gui/file/5a4958af2c13c0a9a6eff86bb5f4fd339a85a66249a22278cc5b50cecd89188a/detection

88.208.245.177:1443

# Reference: https://www.virustotal.com/gui/file/8c344acd0dfc01ac093b4a4407cd2f126f74bae0ca5b66f92912d522160ac639/detection

103.82.249.19:8808

# Reference: https://twitter.com/mahnyan1/status/1251321072865042435

babyboyhammer2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e9c607f263a990db1bf0465c8688ed7ce7e5f294845041fb56af313df34f45df/detection

176.31.26.213:6606
176.31.26.213:7707

# Reference: https://www.virustotal.com/gui/file/7bebcd498c41f74199691dd8c0d9144f562b4c71dc9c96607260689397ba2285/detection

178.209.46.144:20108
73ch91ch13f.100chickens.me

# Reference: https://www.virustotal.com/gui/file/a0e26b77db21ef8899c3b18fa562a53f51b37a3cb8677034bbd8c2c5b37cf78b/detection

193.161.193.99:61436
karakan123-50010.portmap.io

# Reference: https://www.virustotal.com/gui/file/dd8069de43a40341482301c95b3a05d0201a9386a5c586b17451ca37447dd1ac/detection

152.246.228.24:6606
152.246.63.32:6606

# Reference: https://www.virustotal.com/gui/file/1c7dccd9e95acff427990af9670ad69d54fcc056aa0eb7744ec8f22d35088c45/detection

193.161.193.99:56282

# Reference: https://twitter.com/ScumBots/status/1250963480783527938
# Reference: https://www.virustotal.com/gui/file/31345f8b3aefaaa13a783f4febe071bb8da7ae27f5f5c06024f9f29db0116321/detection

192.169.69.30:6606
192.169.69.30:7707
192.169.69.30:8808

# Reference: https://twitter.com/ScumBots/status/1250963998922739712
# Reference: https://www.virustotal.com/gui/file/91ecc56db47e5fe085075ff0d7fa76d2911e787734b95b81a4570a15a45444b9/detection

192.254.74.210:6606
192.254.74.210:7707
192.254.74.210:8808

# Reference: https://twitter.com/ScumBots/status/1250964170302009344

cmradelucifer.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee035f65117dd6ead3f1da5a952df99efbaa39c7345fc11f8ccbbb6ecf86037/detection

168.197.229.117:6606
168.197.229.117:7707
168.197.229.117:8808
79.134.225.20:6606
79.134.225.20:7707
79.134.225.20:8808

# Reference: https://www.virustotal.com/gui/file/4a5cea334cdd0c4042498850f591717d0677fb606331d11210f7b5d2b3a27ff2/detection

213.213.206.18:3306

# Reference: https://www.virustotal.com/gui/file/d09e5b5fabdfa8578b377d46b44fcddc0772a92750e4ead921e2e56e97cdda35/detection

185.165.153.95:8989

# Reference: https://www.virustotal.com/gui/file/a3f870eeaf9cb8e486363b1ff8e1fb79937ed85bab6237ee6123125ad3a43290/detection

186.53.186.235:4132
yugdab.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1b5e3eb733257954a9dd28f6a3e081d941deaa73418d4b22beaa3200a8f96285/detection

41.140.208.184:6606
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/0e0bf4239bf7472066cb37ab517d74b1102c69af9e0feca64d567dff879ae1eb/detection

69.171.248.112:5557
8701.viewdns.net

# Reference: https://twitter.com/ScumBots/status/1251156576615849985
# Reference: https://www.virustotal.com/gui/file/419fa3facde23e4b18afe0c7f7198844f3ee9e28da6e39f2e2e9e60c41e83570/detection

193.161.193.99:63374

# Reference: https://www.virustotal.com/gui/file/9b471c2935fdd01c7e9d57e78f91d213e6d1b5a44ac1719048d92d02d1976422/detection

192.169.69.25:6606
192.169.69.25:7707
192.169.69.25:8808
number2.duckdns.org

# Reference: https://www.virustotal.com/gui/file/aff7d626d09099f6aaf329f1b2e0623a378b45fdf4536ad83e63efc87e7e0865/detection

124.50.195.153:5050
kkk1046.kro.kr

# Reference: https://twitter.com/ScumBots/status/1251180572711550983

103.18.14.217:1337
dedsee2c.accesscam.org

# Reference: https://www.virustotal.com/gui/file/923092b6cec8aaa0cd11fefa625ed17f98702edac91c3a52beaf7e54f6e5f784/detection

13.235.76.244:1337

# Reference: https://www.virustotal.com/gui/file/582fb62f0d92afaee2dc79108622667cc62d298cafbde3d1e2ec1738c977f4a6/detection

nohostname.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251180991995088900

103.244.74.228:46839

# Reference: https://www.virustotal.com/gui/file/36b272fbada18f510fa34a479fa391131797f13218f6756c52825d9e7711be6e/detection

41.103.199.216:1337

# Reference: https://www.virustotal.com/gui/file/850bcc510ee39c6d6dde91f041bcb276b74a8101c84279a35c0a3570a4e6440d/detection

poiuytrewq3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181425933647877

dqrkodz34.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251181595635126274

jess19991102.ddns.net

# Reference: https://www.virustotal.com/gui/file/d4a629944bf1e03d43a04b530f9606d8315b84e847c83042427224011f3067ba/detection

193.161.193.99:36811
hussaryn-36811.portmap.host

# Reference: https://www.virustotal.com/gui/file/c338d425a1293b82ac13c856c43d588ce0053b27349620b7353273a42a04d845/detection

jess19991102ddns.com
jess19991102.ddns.com

# Reference: https://www.virustotal.com/gui/file/0a276fdaf3367ca3fd4cf90eb338dd3d0575ba3979f1bd609ce58e13e2aa0a8e/detection

204.14.73.154:8080
bomi.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251182632517410817

salsamania.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251183213747277826

googledrive.dynu.net
googledrive.linkpc.net

# Reference: https://www.virustotal.com/gui/file/f71eaaf23ecba6aafc314f3d42badafb4430b1be62a1ba325c592b258b8f1319/detection

213.152.162.84:9040

# Reference: https://www.virustotal.com/gui/file/ee1e5a4ee19c1b613aaa82b48e313c6e3eeb5874d7593809c2207037254a57cc/detection

fertun-29801.portmap.host

# Reference: https://www.virustotal.com/gui/file/2b70dd97d36efbbadd5f63afc22e28dc53d26302bae846b4f4e49e27cf95a70f/detection

176.232.239.198:5060
denemeiso1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a86751d7ee905499b6e324dc5175e287a20d34cde78cbe35a290523dea9d1cd0/detection

13.235.23.234:1337

# Reference: https://www.virustotal.com/gui/file/e20e1fd207ef943af95774fc0fc0e38da70c808b78a3dfb141e4852036a8dc12/detection

noregisterdomain.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251185289055350784

87.14.96.105:1303
emmek.crabdance.com

# Reference: https://www.virustotal.com/gui/file/b76b157a8d6ccfd5cc7ea8eed54af4d0aab9e97f8d641f886617252d9acc48bc/detection

41.100.199.86:5555
clayroot2016.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1251185716111069184

am164.kro.kr

# Reference: https://www.virustotal.com/gui/file/f25f43f5cea51647e82413accd831b93fe8c2b7f072fc1468cd1d13bf08224ec/detection

136.243.31.186:1608

# Reference: https://www.virustotal.com/gui/file/1298f1fd280d2768e2a5e3f1089ec3ad18e17cade3fbeb78be864d9c3caff337/detection

173.238.140.238:6606
173.238.140.238:7707
173.238.140.238:8808
bshades.ddns.net
dark-comet.ddns.net

# Reference: https://www.virustotal.com/gui/file/47979eca9030c7f8de4c86c048e17efa02f66c6aed8a52c24dbd4bd7b0692b88/detection

75.80.221.198:1604

# Reference: https://www.virustotal.com/gui/file/5515739bd8752264b7ee2a2c9b957d36af9fb16b19d7dd1aef4139f2fe74af47/detection

sam144169-56334.portmap.io
webforma.chickenkiller.com
webdata.ddns.net

# Reference: https://www.virustotal.com/gui/file/610a58f5e46ffe61093dad4ef8528df34894d29347a1eec0224a87bba7864b8f/detection

46.237.79.53:8080
rat24695.ddns.net

# Reference: https://www.virustotal.com/gui/file/5b18ab7442af71b0ba9293b200fa26961e6de7b98d51456644aa58d307dc0e1f/detection

154.16.248.14:3230

# Reference: https://twitter.com/ScumBots/status/1251187877255528448

112.149.90.49:5050
hyungwoo.kro.kr

# Reference: https://www.virustotal.com/gui/file/03a58d54e04d346d4d06637a40834795431147472e07c815a0fee27475bcc970/detection

a24369093123.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251188552500723712

40.114.49.176:4040

# Reference: https://www.virustotal.com/gui/file/b796ac10d1f3133ca6b77141e50e414f1fc704299884d0b0fb676ab0db7fed89/detection

yesweekend12.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251189068190318593

213.152.162.84:9040

# Reference: https://twitter.com/ScumBots/status/1251189153976516610

unregisteredhost.dynu.net

# Reference: https://www.virustotal.com/gui/file/516c73d324fa23f5aaf50bf9306c2d5aa3d55b0b8c9be60e273ac3c1895f15f3/detection

23.249.168.43:9090
ccmorgan.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0eb9cb0a88f2e88881e06ce961c2da388475c1b595f2669c57e0cf1b5eb7677/detection

41.143.216.51:1738
asco.dynu.net

# Reference: https://www.virustotal.com/gui/file/44e550a4dbdc40e1cacca65b7e516618558c0d2114b3641cda6ddd69190ed8b9/detection

141.255.155.90:9023
nonamehost1.zapto.org

# Reference: https://twitter.com/ScumBots/status/1251189930300227584

anonauth.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251191403851505665

216.246.49.165:6606
216.246.49.165:7707
216.246.49.165:8808

# Reference: https://twitter.com/ScumBots/status/1251191570986082305

82.84.85.59:1608

# Reference: https://twitter.com/ScumBots/status/1251191655589445635

62.108.37.42:6606
62.108.37.42:7707
62.108.37.42:8808

# Reference: https://twitter.com/ScumBots/status/1251192193597014016

84.51.52.166:6606
84.51.52.166:7707
84.51.52.166:8808
kingspy.duia.eu
kingspy.noip.pl

# Reference: https://twitter.com/ScumBots/status/1251858682108956672

61.69.131.134:1604
yilmazkocakau.ddns.net

# Reference: https://twitter.com/ScumBots/status/1251915307536580608

141.255.146.238:6606
141.255.146.238:7707
141.255.146.238:8808
alltricks.hopto.org

# Reference: https://www.virustotal.com/gui/file/cd61eefce1bda8e8fd7d6f38bb9e6d70b4f1d90efb039a1346d890eeedbd63ef/detection
# Reference: https://www.virustotal.com/gui/file/ae089f74371ab598c6cf00e6debbb9d70c091d90641c406b4aa4c88e3fa81c25/detection

41.42.6.83:6606
41.42.6.83:7707
41.42.6.83:8808
81031.ddns.net

# Reference: https://www.virustotal.com/gui/file/5185c0e1245a6ef3f2e38459095098a085e1b3f0fb75c7aa657df068be3334dc/detection

41.35.15.87:6606
41.35.15.87:7707
41.35.15.87:8808

# Reference: https://www.virustotal.com/gui/file/31846d250a4f71ff4d5348ba0417584e560f6a93a949bba415a9efd261a41e17/detection

77.78.103.70:222
qwerty123123123.hopto.org

# Reference: https://twitter.com/Racco42/status/1255493982420942856
# Reference: https://app.any.run/tasks/9e6d5087-6d1d-44b5-9ac4-349e14df5eb9/

62.102.148.158:62727
panda45.duckdns.org

# Reference: https://bazaar.abuse.ch/sample/5be39967ba90f3766fa81f354a61102a7ddf6bc19ec282e56727abb6dafb973c/

185.244.29.175:7071

# Reference: https://www.virustotal.com/gui/file/3e9fc29f4f0edfaebea7d78f2de99dc5dfdcd440fc8afc2fc8be0d9a6e10466e/detection

188.52.75.171:5558

# Reference: https://www.virustotal.com/gui/file/646bd5449aa3c3d5d029daeb30efbb49c68209ec434f4216593952d1310343ab/detection

80.200.143.32:5353

# Reference: https://www.virustotal.com/gui/file/f6270d604a6e859c46733c14315da1dc07d7c50eea5cefd427e915c7c726cd24/detection

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
pointblankbrasil.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ffb897728bb3cdaf183b6346255551615e9de81c4178a74cfdf92c8a03dc11c1/detection

91.109.188.2:1010

# Reference: https://www.virustotal.com/gui/file/9a512140b526841ae759063ba36e46b1812c105d9cc94f8dfe11ff69f3cbb336/detection

51.39.198.26:6606
51.39.198.26:7707
51.39.198.26:8808

# Reference: https://twitter.com/ScumBots/status/1257439484339277831

141.255.158.227:6606
141.255.158.227:7707
141.255.158.227:8808
jnhacker.con-ip.com

# Reference: https://www.virustotal.com/gui/file/8e0bde81c9e355be99d2fd2a8cd0a1ff088ccb9e4d846323a07c20948e385497/detection

42.116.41.65:3979
kingspy.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257437270765953025

191.250.107.152:6606
191.250.107.152:7707
191.250.107.152:8808
mydnshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/78f70e9f02eb5434bb36715f107a092a695b060a3e4dba41e6d6213813d6f6e3/detection

86.7.195.44:7777
nfrurqcjthnjznd.ddns.net

# Reference: https://twitter.com/ScumBots/status/1257468146027503618

93.22.123.135:6606
93.22.123.135:7707
93.22.123.135:8808
backdoor.mcrage.me

# Reference: https://twitter.com/ScumBots/status/1257751258787700743
# Reference: https://www.virustotal.com/gui/file/046b3e5c4418660a9eed9ffc4e9769df9e133eb96b40e2585eec87cf202d9b0b/detection

41.109.165.237:3000
cappa.myq-see.com

# Reference: https://www.virustotal.com/gui/file/509607c23436a0d4ef33b21734a19aa129fbcd63bad4cb2965f06fc3f32c2554/detection

41.105.203.238:3000

# Reference: https://app.any.run/tasks/4c0659cd-b563-45a9-93ca-77b82e795fba/

193.161.193.99:56769
unity123-56769.portmap.host

# Reference: https://app.any.run/tasks/bca9407f-6879-4ca7-9dc9-c5c7d9472e38/

193.161.193.99:7112
193.161.193.99:45885
reality-45885.portmap.host

# Reference: https://twitter.com/ScumBots/status/1257955102553448451
# Reference: https://www.virustotal.com/gui/file/5d5d00143b5f578c0293a7cd806009ecd8da5b30d713ebdfb4fcfb83b85e31c1/detection

108.168.118.205:4782
havingfun.chickenkiller.com

# Reference: https://twitter.com/ScumBots/status/1258452953662439429

103.74.18.65:8899
103.74.18.65:9090
webdata.ddns.net
poda.duckdns.org
poda.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/e2dd6989c2d9bd1038f5c6e741f4cdfa9b4584739fabf98db244f7763607178f/detection

asyncrat.ddns.net

# Reference: https://bazaar.abuse.ch/sample/43264fd31d2b8ce6104a5daf7cf933d315e21e2a968998591361c13fbc365baf/

194.5.97.223:6204

# Reference: https://www.virustotal.com/gui/file/b611859ca933afe409d9c00d3c75fb42a4049ccee735afd2123e566bbf066c29/detection

185.140.53.43:4444
lagba10.ddns.net

# Reference: https://www.virustotal.com/gui/file/34e20c34bb369fb81054fe19e90916e62251720cca8b961942f9ebbcb669919a/detection

193.161.193.99:25270
hiddensick-25270.portmap.io

# Reference: https://app.any.run/tasks/88548d77-fbc2-421d-be4b-2da16bd0b5f3/

193.161.193.99:34785
Slxthy23rf-34785.portmap.io

# Reference: https://twitter.com/ScumBots/status/1261669580067549186

5.9.221.55:6606
5.9.221.55:7707
5.9.221.55:8808

# Reference: https://www.virustotal.com/gui/file/32501c0b743c1a550d9f4a24c73a6e58cb7e7a24919cdea9e85bd7d417273806/detection

220.120.90.123:6060
am164.kro.kr

# Reference: https://twitter.com/ScumBots/status/1262284883466096640

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1262417002142085121

79.134.225.101:5552

# Reference: https://twitter.com/ScumBots/status/1262647276843028480

59.26.17.108:1212
obidori.kro.kr

# Reference: https://www.virustotal.com/gui/file/31f8ef6bce5d3c220c3fb531b699dc5026b343bd0e76f3dd9fc9359dc86936d0/detection

115.23.99.222:2256
dokdo2256.p-e.kr

# Reference: https://twitter.com/ScumBots/status/1263461921547747329

128.199.41.159:2001

# Reference: https://twitter.com/ScumBots/status/1263674037227659264

61.81.92.38:1212
test9909.p-e.kr

# Reference: https://twitter.com/JayTHL/status/1263709348422967296

123.240.25.197:1604
asdf3341.ddns.net

# Reference: https://twitter.com/ScumBots/status/1266652411889926146
# Reference: https://www.virustotal.com/gui/file/298587d8c8a376568ed09d332f329f3a4282e96e905f4569fbf24223ed10e491/detection

77.162.55.86:6606
77.162.55.86:7707
77.162.55.86:8808
monsternetwork01.ddns.net

# Reference: https://twitter.com/ScumBots/status/1268143488413118464

193.218.39.43:8686

# Reference: https://twitter.com/ScumBots/status/1268532368790491137

188.250.211.240:3715
diass.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1269007937349058560

193.161.193.99:21292
allan4053883-60334.portmap.io

# Reference: https://twitter.com/ScumBots/status/1269358998307983361

64.225.66.117:1331
64.225.66.117:1332
kr142.duckdns.org

# Reference: https://www.virustotal.com/gui/file/86636201a899e360ad6fae1b71304c625ed6395ddf99e6b09906617da53ee93b/detection

91.193.75.208:3000

# Reference: https://www.virustotal.com/gui/file/8228d1299256a23377e57d575160dbd58f9ac46598c5c90b321743e366f3d09a/detection

173.225.115.144:6606
173.225.115.144:7707
173.225.115.144:8808

# Reference: https://twitter.com/ScumBots/status/1269910131933921281

42.119.15.63:3189
kingspy1301.ddns.net

# Reference: https://www.virustotal.com/gui/file/d2d1030a5a122043c7a99b3f2c1b1d456be205033ed1327a0b4780f723a5e362/detection

42.117.191.69:8386

# Reference: https://app.any.run/tasks/5b5cba25-c74c-4c2c-80c5-c2f2c9156e6c/

128.74.42.86:6606
128.74.42.86:7707
128.74.42.86:8808
logan1h.ddns.net

# Reference: https://www.virustotal.com/gui/file/b8ff21e26e0da11d7146dd250b71206c698275e312bff612b38380e38385a4c7/detection

193.161.193.99:42300
193.161.193.99:6606
193.161.193.99:7707
193.161.193.99:8808
xaz19og-42300.portmap.io

# Reference: https://www.virustotal.com/gui/file/e235e749a792841f78e1fcc8ddfea4d9c31471aaaa3df6928a43a96a8235698e/detection

102.42.76.37:2001
al3bkri13456.ddns.net

# Reference: https://www.virustotal.com/gui/file/b891b61de4a7c50a50bffa4fb1394c696c25f80717ed57363f4e1a4a216973bb/detection

94.60.172.123:4500

# Reference: https://app.any.run/tasks/01c6c449-cfe1-4e4a-b34c-3536b67599af/

193.161.193.99:48736
WindowsDefenderNet-48736.portmap.io

# Reference: https://app.any.run/tasks/38f351cc-2e3e-4980-9a6d-4ceb645e4cbb/

195.2.93.77:8808
servesvpn.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1270744376042553345
# Reference: https://www.virustotal.com/gui/file/4e8ca2787e65b0edaa21180883b642d7b3b7f85140ab7fc03d09c30da124dc5b/detection

193.161.193.99:1337
193.161.193.99:52390
sdsd33-43977.portmap.host

# Reference: https://www.virustotal.com/gui/file/ae84c5af88241d3bb2e75160c53c6cdaee23555e0a83f0b9b5f218fe525c67b0/detection

82.205.2.127:6606
82.205.2.127:7707
82.205.2.127:8808
googlexfx.ddns.net

# Reference: https://twitter.com/ScumBots/status/1271484250349547521

109.247.81.119:23818

# Reference: https://twitter.com/ScumBots/status/1271514445739634689

105.108.81.5:333
b34.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b1421de897b9903d393051f42730ac0fc7c19a3115f7b2fb019f2f7edd28e2af/detection

185.140.53.247:4723
sukasa.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/3af55f9bb1a968506ea79b9f24d4a61f99d07e652af05bc5c557f13c19343a03/detection

18.197.239.5:10611
18.197.239.5:25565

# Reference: https://www.virustotal.com/gui/file/3f240073edad176ed8dc359ec2420361d67368ed7859bece7b94180c9deba172/detection

18.197.239.5:11328

# Reference: https://twitter.com/ScumBots/status/1272224126346964993

89.182.127.205:9955
fifa2020-ps4.ddns.net

# Reference: https://www.virustotal.com/gui/file/6313e287489f083c691693a5582888ea7ab7e3d03c81612012dec332d27c66e2/detection

185.140.53.11:2079
185.140.53.11:6606
185.140.53.11:7707
185.140.53.11:8808
212.225.226.30:6606
212.225.226.30:7707
212.225.226.30:8808
bazilspain.dynu.net

# Reference: https://www.virustotal.com/gui/file/67cd0179d490d478ba231ee4719aa7e1427045de0067a24a0adc91f33fdcac3d/detection

212.225.226.30:2079

# Reference: https://www.virustotal.com/gui/file/621b16461f4c6844bb3438e8cc872ae6d81414bd2e60cc097e2af348697fd088/detection

39.108.140.215:60006
39.108.140.215:9999
2ee51a1ab0951a62.natapp.cc

# Reference: https://app.any.run/tasks/fa7cb330-07b2-4366-a9a1-03984fe05c1d/

84.38.134.21:6606
84.38.134.21:7707
84.38.134.21:8808

# Reference: https://twitter.com/ScumBots/status/1273960570220404739

193.161.193.99:62895

# Reference: https://twitter.com/ScumBots/status/1274107785345712132

45.74.26.57:5326

# Reference: https://twitter.com/ScumBots/status/1274213483081596929

43.251.103.150:8848

# Reference: https://twitter.com/ScumBots/status/1274349378992582657

193.218.118.190:6666

# Reference: https://twitter.com/ScumBots/status/1274432429110034432

45.138.157.147:1111

# Reference: https://www.virustotal.com/gui/file/f83df0f45665f9f5d7d1e888cf778bb4440850503e24821bb0d976e86a5e87e8/detection

77.30.137.105:6606
77.30.137.105:7707
77.30.137.105:8808

# Reference: https://www.virustotal.com/gui/file/7528e56efe65fa4b61c7f7156e8d178473051f88d1dc1174378867bdef381f05/detection

202.79.168.134:3399

# Reference: https://twitter.com/ScumBots/status/1274753289091874818

95.70.134.40:8565

# Reference: https://twitter.com/ScumBots/status/1275421447985430529

14.249.183.252:5555
1593572468.ddns.net

# Reference: https://twitter.com/ScumBots/status/1276036748053745669

8.210.144.63:6688

# Reference: https://twitter.com/ScumBots/status/1277490072456171520

117.3.216.38:3589
spy9999.ddns.net


# Reference: https://app.any.run/tasks/ca2adff9-796b-45c0-b901-6542eb02857f/

xSkewber-24412.portmap.host

# Reference: https://app.any.run/tasks/86f951e0-a325-4f4d-9d00-dcc9f1a58754/

steamguard1337.myddns.me

# Reference: https://twitter.com/ScumBots/status/1278645187594551296

67.211.213.207:8080
67.211.213.207:9090

# Reference: https://www.virustotal.com/gui/file/1f6ea95aa6e7d84c2db2f180e6964449d9fe0b8112b9661889b5b200120b5cb9/detection

213.152.161.239:9980
bien.airdns.org

# Reference: https://twitter.com/ScumBots/status/1278879232505110529
# Reference: https://www.virustotal.com/gui/file/ab5f8fc012927d2a8f6f9e45891da8111e1de9adddd57969540ce7a39697a5e3/detection

105.154.111.193:1596
105.154.111.193:2695
105.154.111.193:4562
dellpower.theworkpc.com

# Reference: https://twitter.com/ScumBots/status/1278301761690894337

45.61.136.48:6606
45.61.136.48:7707
45.61.136.48:8808

# Reference: https://twitter.com/ScumBots/status/1279766327733952512

154.209.74.134:3399

# Reference: https://www.virustotal.com/gui/file/dbb7d9edbc04874b351fe0277d7ec7ccb41023f17e87e18da28dc267b2878ebb/detection

114.129.198.91:6606
114.129.198.91:7707
114.129.198.91:8808

# Reference: https://www.virustotal.com/gui/file/afede1c861d5026ace0d1864ab10214cbbe9e46f2299f401ac2589f924fd4a28/detection

vksaodyd.kro.kr

# Reference: https://twitter.com/ScumBots/status/1281038456521740289

23.105.171.85:35247

# Reference: https://twitter.com/ScumBots/status/1281283822118723585
# Reference: https://www.virustotal.com/gui/file/6e8ae7b434f014a40003c7b24984bdb3751515c7ab4edd36af33b02881d9d82d/detection

186.233.178.201:6606
186.233.178.201:7707
186.233.178.201:8808
duckjigsaw.duckdns.org

# Reference: https://twitter.com/hexfati/status/1281490222618939392

julian.linkpc.net

# Reference: https://twitter.com/ScumBots/status/1281570951919013888

193.161.193.99:1437

# Reference: https://twitter.com/ScumBots/status/1281570862492274691

193.161.193.99:28472
Pomm2paingg-28472.portmap.host

# Reference: https://twitter.com/abuse_ch/status/1281641153524375553
# Reference: https://bazaar.abuse.ch/sample/3f28fd2c56f0bb9501f62fa64c71f6475d7cca2ee1908e097febdfc5516358ed/

194.5.98.8:8824

# Reference: https://www.virustotal.com/gui/file/b3a4d10421309deb064c7c31d143b704471d2dc60a6b15a14402d2d069daa3e8/detection

193.161.193.99:24207
portababy-24207.portmap.host

# Reference: https://www.virustotal.com/gui/file/cf302c3f21b10392c776e72d3b13e5065b1b6f503a3b63ffb343d13c1d83a6dd/detection

84.210.40.80:5552
krypticon9332.duckdns.org

# Reference: https://app.any.run/tasks/eec7d68b-fa8f-4654-9544-2b59b27dc6be/

206.123.129.103:5456

# Reference: https://twitter.com/ScumBots/status/1283031589962878980

193.161.193.99:38891
193.161.193.99:4443

# Reference: https://www.virustotal.com/gui/file/2de91b424589709529fb7f6dd861ee8fe089e2ac0927971d2242362e09c29502/detection

176.205.153.139:9476

# Reference: https://www.virustotal.com/gui/file/ba42409b340eba51a84a63ef57b8944d952ca927a4889948e069f8fc2352b727/detection

118.68.139.26:3189

# Reference: https://twitter.com/ScumBots/status/1283424178268405760

185.140.53.68:1515
mavennezeliora.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284137629882159104

174.0.47.124:8574
lowkeyjust.ddns.net

# Reference: https://twitter.com/ScumBots/status/1284303722840035330

193.161.193.99:4040
193.161.193.99:41801
Crowlinqs-41801.portmap.io

# Reference: https://www.virustotal.com/gui/file/9fae837fb9b2e3389ac912a88518a953bfd2e78b39daf89191187ae9b520dea8/detection

110.141.6.190:6606
110.141.6.190:7707
110.141.6.190:8808
110.141.6.190:3389
server1738.ddns.net

# Reference: https://www.virustotal.com/gui/file/8b003d7f7d72eba439d095c2321003840b05e80099fabdd29fce757db0f57043/detection

185.140.53.76:1604
blanco.linkpc.net

# Reference: https://www.virustotal.com/gui/file/0948d7d120fa3bfd8eb53b747e9ea08c6703f231663671441edec451b6d72586/detection

27.70.237.210:6606
27.70.237.210:7707
27.70.237.210:8808
27.70.237.210:8888
nohop1998.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdc7c7b4a95ee6a1df9b61e24097e0e0d9b5fb967e0430ddfc092aeeaadc1f3c/detection

193.161.193.99:29353
vuadaubepz15-29353.portmap.host

# Reference: https://www.virustotal.com/gui/file/cb2eaf3e9c009c32591913cd555aa2c51eff9bb7ab0a656bd059d5ddadab82ee/detection

118.217.154.223:6606
118.217.154.223:7707
118.217.154.223:8808
mact194.kro.kr

# Reference: https://twitter.com/ScumBots/status/1284798238680387585

161.35.56.21:7001

# Reference: https://twitter.com/ScumBots/status/1284892597912313857

206.189.76.209:5252

# Reference: https://twitter.com/ScumBots/status/1284896544760762368

24.254.43.171:6606
24.254.43.171:7707
24.254.43.171:8808

# Reference: https://twitter.com/ScumBots/status/1285047538941394944

14.5.119.153:6606
14.5.119.153:7707
14.5.119.153:8808

# Reference: https://www.virustotal.com/gui/file/955bd3f4c3f39ae1e20ef7bb1b83adf6dd4ac55110cffc79a5843e7c06641a6b/detection

156.206.124.24:1025
erksene.dynu.net

# Reference: https://www.virustotal.com/gui/file/b724abcdfe906318472e2c9dcc1e8bd211b10e881c689a600782d0462916701d/detection

216.170.126.139:4660

# Reference: https://www.virustotal.com/gui/file/2622f9874b537293700a77646a386b3c708e257f00e218cd72baf10aed32456a/detection

193.161.193.99:5556
anonissou.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0634bf7e0d376d34450c4752cdd0945aba11ba2b316e64d3bc9d57c6980f189/detection

220.122.40.142:8080
criticalvip.kro.kr

# Reference: https://www.virustotal.com/gui/file/bfdfe76cd0b61105c6bbea1952de0380012c3decbfc51ad263e00564cdea1983/detection

182.221.160.164:8080
zcx.kro.kr

# Reference: https://www.virustotal.com/gui/file/e14d03068fdc83cd2a6b16bf40553f78d39e0a6478af3f329e69f6cca0df919b/detection

185.222.57.150:3450

# Reference: https://www.virustotal.com/gui/file/b724d53c26514502a8dc138a9a9b5c48b2f699e43a29060ff68bdfd857ce3caf/detection

121.137.39.53:8080

# Reference: https://www.virustotal.com/gui/file/99e489abde6b13f45c6cfababe1b9e46cf8692b12134b015096a323402c71259/detection

121.137.39.53:6606
121.137.39.53:7707
121.137.39.53:8808

# Reference: https://www.virustotal.com/gui/file/7b5dd184f138daf820509d1240dc7b00938d555ba1e9eebe5000d0e8ff2d3889/detection

121.137.39.53:5050

# Reference: https://www.virustotal.com/gui/file/2e04efdd2de2a1be9a27be389987fed425a3ee6826f69180db9093c5383e4833/detection

209.200.39.2:4040
209.200.39.2:7070
209.200.39.2:8080

# Reference: https://www.virustotal.com/gui/file/34b6843018283be543557947fea752642b68d5e72c412a0ab3bdd28ea1c498f9/detection

193.161.193.99:45680
youcefmadskull-45680.portmap.host

# Reference: https://www.virustotal.com/gui/file/3377c9208f9f7427e2d5134f7009a5427637432c49797fbd7d83925a5ea954cd/detection

193.161.193.99:1236
193.161.193.99:61574
hackthisishack-61574.portmap.host

# Reference: https://www.virustotal.com/gui/file/0427b7e094b0ced7de6ecc37aa5d5ff6de9b13785b068e8480bf62ed2fdac0e3/detection

95.120.211.220:4665
holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/4abdc1b37c11f32707551f7a3479462a68c043e08a84f93b36ad308bfc8e4624/detection

54.95.64.241:1521

# Reference: https://app.any.run/tasks/5092ca08-de2c-4fea-a24c-98a224b251e7/

185.140.53.11:9845

# Reference: https://app.any.run/tasks/7e29c9db-d891-425e-a793-badabc8fe75c/

79.134.225.83:4783
superkicka.org

# Reference: https://www.virustotal.com/gui/file/2faf5255c368288325aac011cd2066c6942ea0b755718490363fdb6606dec40f/detection

188.151.38.115:1717
schost.duckdns.org

# Reference: https://app.any.run/tasks/01eae1cf-71f1-4732-86d6-321117b8382c/

64.20.43.83:3123
advisorgoetia-dns.xyz

# Reference: https://twitter.com/JAMESWT_MHT/status/1288860715143573505
# Reference: https://bazaar.abuse.ch/sample/54d46ffbefae7f6025765c0c274f7f87714e5467da8926967efb01025693bb8e/

177.255.91.168:49737
177.255.91.168:8057
gfsgvbxcv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/30232515c14a00a60978fc801bff8ec6db9c540f88cf6ec8851512e892917719/detection

84.210.40.80:5555

# Reference: https://www.virustotal.com/gui/file/cda5b8bf4e397c606b20ebf098253dc1456f28cc3aeec5ec7a1332afb33bc5b4/detection

185.122.168.250:6606
185.122.168.250:7707
185.122.168.250:8808

# Reference: https://www.virustotal.com/gui/file/97bf01ea73fc39e6dc829aa7a0c45762526c86b7d348ec19f6e3b2897775a6e9/detection

holocms.duckdns.org

# Reference: https://www.virustotal.com/gui/file/5d6500005736439ccf00e8136c00a351bd7c69fb33fb9485a1be9908187a66da/detection

holocmsv2.zapto.org

# Reference: https://www.virustotal.com/gui/file/c1877080b35ea82105c4a242cc49c832cc2f7207e672712cc8d364d2b005cf81/detection

193.161.193.99:34540

# Reference: https://www.virustotal.com/gui/file/b174722176293ad63a56287567655d408293addcbd6e248fbd058816667d3cde/detection

176.168.187.199:6606
176.168.187.199:7707
176.168.187.199:8808
lolo0909.ddns.net

# Reference: https://www.virustotal.com/gui/file/d7ec327d2a382d2035818a0376fd27bf68dab2d89a7f4e04b04babaef977b16a/detection

120.78.86.213:5917
120.78.86.213:5925
120.78.86.213:5936
120.78.86.213:5944
120.78.86.213:5951

# Reference: https://www.virustotal.com/gui/file/8ca05cad682799f231e0a0fb670a2a04fb6f361f801c884f62a607b26ccc25f4/detection

192.227.158.120:4770

# Reference: https://www.virustotal.com/gui/file/2485169398a574f4b8c68b612c29715f43ecd5a00d61a42def399034ed389517/detection

193.161.193.99:39075
zufair.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/d7ec3ec2ac8cb6d1f2898f2d7eb02850e34fc088f71e3ef82e966d10dbfc203b/detection

pensive-pond-55232.pktriot.net

# Reference: https://www.virustotal.com/gui/file/bb1223e5556adf3f9cb6976fefe3c51af74baacb5c159fe34a03e49ffd43aa39/detection

161.97.82.232:4141

# Reference: https://twitter.com/ScumBots/status/1291947998524706816
# Reference: https://www.virustotal.com/gui/file/3a81c9e1bfe70ae9506eef64194e9b6b8a49a7c2f64fa427ed31d0a9444a785e/detection

121.214.208.2:1111
121.214.208.2:2222
121.214.208.2:30
121.214.208.2:6606
121.214.208.2:7707
121.214.208.2:8808
sirenhead.ddns.net

# Reference: https://www.virustotal.com/gui/file/4df01904a9abf7085fc4aafc372c7614cb7077c7350446188ceafc98001fb5b1/detection
# Reference: https://www.virustotal.com/gui/file/90e9abb1b28a06edc6ae7a174b6468cfdfc91dcc29cd27be8fcd10d3c746f26e/detection
# Reference: https://www.virustotal.com/gui/file/a71149ae63fc78968c81e659eb4dba652ffd3ea8d2a1c58bb631b7fbbaae8e43/detection
# Reference: https://www.virustotal.com/gui/file/4e022a47ae07545c1a28418a9beb0f6d360144ec8087bc0bd2ac0f086bea9ddd/detection
# Reference: https://www.virustotal.com/gui/file/71922e073726160d1bec9230d8b87eace72792499ddf4c731047a446b6876ee6/detection

185.140.53.54:4923
185.165.153.186:4923
77.74.194.214:4923
79.134.225.96:4923
79.134.225.103:4923
91.193.75.69:4923
bambooo.dynu.net

# Reference: https://www.virustotal.com/gui/file/f4cecaa360ee6ab479cbf9b99c15b45ba7e9f548b7e368063a0c9f686fbc2630/detection

212.251.116.161:1604
212.251.116.161:6606
212.251.116.161:7707
212.251.116.161:8808
62.1.59.224:1604
62.1.59.224:6606
62.1.59.224:7707
62.1.59.224:8808

# Reference: https://www.virustotal.com/gui/file/889e35bc6ff36524dd0df82fbcf8a8015fd3c95d94b00c0875e9bb239eb12e28/detection

91.193.75.146:4780

# Reference: https://www.virustotal.com/gui/file/cf7363ad9935b3ba3dd93451d9be8eb43f5445179740e0c2bfecd7bddd860fec/detection

185.244.30.27:3381

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
Zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/43f97c03faf5199c8ebc7c49c076e45ed95fdf3edc26b4859fdbd705be21dd1e/detection

172.94.42.34:1043
dnsnuev009.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8f40ea9560e30c37b6ab4a3d6501b7cbf3898c20d1ecc31e2b7fe360449c0b33/detection

8.210.158.0:6606
8.210.158.0:7707
8.210.158.0:8808

# Reference: https://www.virustotal.com/gui/file/1dfb088dd661a1ab2025603696ced23a04e00c837590ad881a49a24768e09de4/detection

172.94.28.17:2021
tusnalguitas.duckdns.org

# Reference: https://www.virustotal.com/gui/file/28dc802c58e106829fa716e2b4b0a1834967709075076bdbf0aec64f5e124f62/detection

172.94.42.34:5623
nikiko.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3183e83479da8d8ef421e91538fb85085229673f4bd2f13d3de7c8be2fc96c1e/detection

5.152.206.196:6600

# Reference: https://www.virustotal.com/gui/file/ad8b72167b5dd6b0bcba0a0685ec2addf744bc6da79c70476dd7d138cec764a4/detection

34.73.5.116:4444

# Reference: https://www.virustotal.com/gui/file/565054fa53c89061f7a81e18737a2140457316a526b616349e1ae614db363814/detection

109.247.81.119:20000

# Reference: https://www.virustotal.com/gui/file/d78ddc2b6e359f4d23f06437a5ff498c5afde61d925889129a8da056817bef70/detection

177.98.227.24:6606
177.98.227.24:7707
177.98.227.24:8808

# Reference: https://www.virustotal.com/gui/file/8e3c7cd8bb4826e4919aa56481167a1fcf9cb2d0e2c4a9c74ec155523f5d180c/detection
# Reference: https://www.virustotal.com/gui/file/9660ae0cf1fe3b7745287ab05d242247334cbf51ba64b900998fb5073bedf890/detection
# Reference: https://www.virustotal.com/gui/file/75feac230513a5d543e2f9559068259554200ed7440c44749e7678feb19b470c/detection
# Reference: https://www.virustotal.com/gui/file/6c24f8caa4f1f21a9dd8b714066bdfa5e2d8c84ab068d50672ef12b048c4518c/detection
# Reference: https://www.virustotal.com/gui/file/02b62fd53cf9ed3c98a70aa7c4ead2b9c8851079517747d8e106873654098651/detection
# Reference: https://www.virustotal.com/gui/file/cf234f8fcdab2a576d303c8b0821b7754ec13e1319be9d24d335b351f774b1f3/detection

179.178.236.31:2080
179.183.119.159:2080
179.183.119.159:6606
179.183.119.159:7707
179.183.119.159:8808
187.114.175.149:2080
187.114.178.10:2080
187.114.178.10:6606
187.114.178.10:7707
187.114.178.10:8808
191.250.65.147:2080
191.250.65.147:6606
191.250.65.147:7707
191.250.65.147:8808
191.33.110.91:6606
191.33.110.91:7707
191.33.110.91:8808

# Reference: https://www.virustotal.com/gui/file/2154f0eae29106cd24148ff7a4486eb7467c0d590f7979c6ffb517f4d99d4c37/detection

211.108.200.7:4872
211.108.200.7:4873
0743.hopto.org

# Reference: https://www.virustotal.com/gui/file/557ea13e8175753fff89bdfb1ede7e27779f6a55b5ba69ff2ecd7d6e9255ab8a/detection

177.255.91.168:8057
fsdgfd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bdd504540ae6cbfcef701abb424def21007a55d3df5ce5bd03034c4cc66464d6/detection

78.63.71.91:6606
78.63.71.91:7707
78.63.71.91:8808
youtude.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8c3c2b6c66710984751b0ec262a618829be47e3c926c3c0c706365d5d0aacd5/detection

103.207.39.83:1024

# Reference: https://www.virustotal.com/gui/file/a93b12c36e78db3c5e27c9a35a23d7f87a3d788adf60f811485890a33c726c7c/detection

90.46.146.196:5552
shadowstest.ddns.net

# Reference: https://www.virustotal.com/gui/file/d0ba64c92f0512db66ff99cc87ffced9bebeb3bf15470865c81858f02e3302a6/detection

193.161.193.99:24255
193.161.193.99:42219
iskyze-24255.portmap.host

# Reference: https://www.virustotal.com/gui/file/74d10507f05b48357e55b0349a24144874a509980c1e0aabf43f781fdac10fff/detection

asdxcvxdfgdnbvrwe.ru
marcristosc.ac.ug
194.5.98.95:6970

# Reference: https://www.virustotal.com/gui/file/d288f6645d0f90ddff285c41b2512a1496a8b5b7c34df8bcecda8070314939b6/detection

51.178.240.250:6606
51.178.240.250:7707
51.178.240.250:8808

# Reference: https://www.virustotal.com/gui/file/459fe6ce78839307fd87c192fca2545ed25e89fe63f602356022fd32c8db8aba/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808

# Reference: https://www.virustotal.com/gui/file/65232e1c7aedfd29788abfdf468587c2858822e65cb2fb15169b4261e4be1ed1/detection

123.110.29.249:1604
andy1688.ddns.net

# Reference: https://www.virustotal.com/gui/file/305aacda61fb9f14aa1bb5124841ac25b7f23ff254a886a56a3d40bdf5a1a5e4/detection

107.172.221.181:333
107.172.221.181:6606
107.172.221.181:7707
107.172.221.181:8808

# Reference: https://www.virustotal.com/gui/file/310a6b915908dbc78e3d9dd56d06bf0fb3fd11e1c4db826a18611f5e80f9bed3/detection

82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808

# Reference: https://www.virustotal.com/gui/file/304663149c45d54a23e0cf65b9775538009a76db474912fff395bedd3e789a01/detection

193.161.193.99:48637
boneless-48637.portmap.host

# Reference: https://www.virustotal.com/gui/file/90aaeb0077277b5e45a7cdcbe365ead4781b5a0a5fd755f99ed8a2ec79e5e58c/detection

193.161.193.99:58562
newcosmo-58562.portmap.host

# Reference: https://www.virustotal.com/gui/file/de3db6f0d0d8dd22a21731e739dbbacf86b2bc8bc21ea2a0ade9a16581a1ac14/detection

193.161.193.99:31239
ioplololo-31239.portmap.host

# Reference: https://www.virustotal.com/gui/file/caa8c15569dd97b52c88cd2a500cb6304db09a6e3761511657be45645f19e815/detection

193.161.193.99:54030
zmining-54030.portmap.host

# Reference: https://www.virustotal.com/gui/file/9a95c0829cd7766087de65e50b32a3689a91e3ad05a7cc94365ef94d4f685cde/detection

193.161.193.99:37930
pritom-37930.portmap.host

# Reference: https://www.virustotal.com/gui/file/441a169e51070282b35537e90edab11e0064e3a0e6c4eab8759773d79cf00ae1/detection

193.161.193.99:2510
193.161.193.99:25360
vasco-25360.portmap.host

# Reference: https://www.virustotal.com/gui/file/5c05897f869e9c72390065f8bbeaab7b7fb3f9089f56a68eb7b358a5d12cf968/detection

193.161.193.99:25987
prem131bn-25987.portmap.host

# Reference: https://www.virustotal.com/gui/file/4415b9d3c5fc2ceaa6f935864c1d9a573447802f30ec30efd212a8be4fd2a82d/detection

193.161.193.99:54729
ismailbourji-54729.portmap.host

# Reference: https://www.virustotal.com/gui/file/b5a85b868ec6932c4577c11ce91e0bfce9ea5ae81b788133fefc640015c3b0bc/detection

193.161.193.99:20760
f2had-20760.portmap.host

# Reference: https://www.virustotal.com/gui/file/c381f88012efb8742927995e6f91525c4a1f9b4f3b3a4f25d431e8269842836b/detection

193.161.193.99:25125
hmz04-25125.portmap.host

# Reference: https://www.virustotal.com/gui/file/ab10554a3e0ce5270d2c02e884a097e271dae6cbe2e51a70703da7d4e89919bb/detection

193.161.193.99:36161
prodharani-36161.portmap.host

# Reference: https://www.virustotal.com/gui/file/af37a83779f91b64f3b03bf0daa2d79bd531a3968141e0dcc2bcee677f4b701e/detection

193.161.193.99:58345
keyman-58345.portmap.host

# Reference: https://www.virustotal.com/gui/file/1ee13968473a9b9733efdca8caf07f22d39730a2b2ebf9c2c8d467e6f385d826/detection

193.161.193.99:37695
anonjayy-37695.portmap.host

# Reference: https://www.virustotal.com/gui/file/8b4592b2bb2a904be55ab95ff2cb69808b15d819498cccb6ec05b2f5b7b3d63f/detection

193.161.193.99:37692
madman-37692.portmap.host

# Reference: https://www.virustotal.com/gui/file/e9db2ade37b84b00334f829395b6af092dda2ae1f559cfbdb772ec15c7a54d94/detection

42.119.90.242:3189
kubeodz92.ddns.net

# Reference: https://www.virustotal.com/gui/file/a5d78beef4d80eb7def57f7fd7647d09ec76a16eeedb2a5a3fc6f445526c8f4a/detection

193.161.193.99:20050
pawianek2-20050.portmap.host

# Reference: https://www.virustotal.com/gui/file/e28f8760f889ff458aec8aedd2139e44735cb9468d34d175aec42643b90291b5/detection

46.60.22.192:6606
46.60.22.192:7707
46.60.22.192:8808
82.205.33.194:6606
82.205.33.194:7707
82.205.33.194:8808
googledrive.myftp.org

# Reference: https://www.virustotal.com/gui/file/08b15d045255c81dcb3e29b70ffcd1a8d614bf99549f079085bfbc54a994d109/detection

42.119.90.242:3189
kubeodz2019.ddns.net

# Reference: https://www.virustotal.com/gui/file/5f8ff6fd7b8bbcb8efd6e69b2300be59a059061ed3bd2a2fd63ab6e98cd7cd2c/detection

192.169.69.25:1044
192.169.69.25:20485
193.161.193.99:20485
franktembo-20485.portmap.io
samarakandi.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f198e0cfa503100d64d15ed39b2516587582587f42afea74ace075b28f663fb4/detection

193.56.29.251:6606
193.56.29.251:7707
193.56.29.251:8808
bogdanxx90900.servemp3.com

# Reference: https://www.virustotal.com/gui/file/33d1d991a9bda6bdec91b6be82e7ddc684a8f7400ac8402917ffefa0a5dfd631/detection

121.214.208.2:3000

# Reference: https://www.virustotal.com/gui/file/fc9ee822f9872fd4ca4531d5a91e29adfdc3a4a9e2e8f6e668305fe3bfa9fada/detection

193.161.193.99:41892
oksosokak-41892.portmap.io

# Reference: https://www.virustotal.com/gui/file/e021d822f3a44473cd7d12518402469b38d200a27065c7aa757d13a15ae607ee/detection

197.206.218.240:5555
clayroot2016.linkpc.net

# Reference: https://www.virustotal.com/gui/file/54d53186682c7277d99c86cea69d45960d2867041477a0d9edae6f08c8e8b52d/detection

186.52.202.235:3040
cortanahost.ddns.net

# Reference: https://www.virustotal.com/gui/file/910c9c2a61c8748fe9bd3417eeb284535db3bbc30c6405f102002ecef3d6304b/detection

81.61.77.92:6606
81.61.77.92:7707
81.61.77.92:8808
campestre.hopto.org

# Reference: https://www.virustotal.com/gui/file/4f41374a921e33b06bb11f64e72bc02c2f928704ebea63682ec66b85b1349f44/detection

175.37.36.152:6606
175.37.36.152:7707
175.37.36.152:8808
kakejake.ddns.net

# Reference: https://www.virustotal.com/gui/file/15753a223aa59f5e2265569080d31e8351d546e6b7316c6660757a39bda94887/detection

121.137.39.232:5050

# Reference: https://www.virustotal.com/gui/file/fa2cbc10aa98e5cfe362065b2c19556c67dc8b7d48871008404f4778e8537f3a/detection

34.66.124.165:5555

# Reference: https://www.virustotal.com/gui/file/851d536bdf21ad02eab1ed632b7ef36fc5734e628c421c9f7c8dcb05d30f4d32/detection

198.251.64.252:6606
198.251.64.252:7707
198.251.64.252:8808

# Reference: https://www.virustotal.com/gui/file/b69e8a276d2c444b502238383ae3611714822c8605f074ef5a0a9a99c69b49a8/detection

79.173.65.159:19638
79.173.65.159:6606
79.173.65.159:7707
79.173.65.159:8808
rootaccountadmin.ddns.net

# Reference: https://www.virustotal.com/gui/file/1c02bb46103de9bf189deaf1b8915afa62186f1b0e1b90742b70b58e44962bf9/detection

178.33.93.88:19678

# Reference: https://www.virustotal.com/gui/file/20ef74b6ca8718706ca786c9cd8c9de916df7daf77c81f436ab23b6c50db0487/detection

49.175.99.35:1234
leepipi.kro.kr

# Reference: https://www.virustotal.com/gui/file/c811c161d9d0be1c09173a50af290a718729fd9509b63ff953ad4b07e2501657/detection
# Reference: https://www.virustotal.com/gui/file/f48d69fb64fe7ae544769ce22a0500e07ac2f945b12bc717b78ca77a7b5a6924/detection

91.168.196.175:6606
91.168.196.175:7707
91.168.196.175:8808
likatn.zapto.org

# Reference: https://www.virustotal.com/gui/file/ca17a69a46caf3e05a1cd8bf2f1d6679b55aa6ecf46ee63bf323ee892f88f80e/detection

105.107.4.125:6606
105.107.4.125:7707
105.107.4.125:8808

# Reference: https://www.virustotal.com/gui/file/c7cb970a67b5c370741e139dda48d47433477ab400e51a62a99b7a379a6c0dbc/detection

138.197.189.80:6606
138.197.189.80:7707
138.197.189.80:8808
blackid-35823.portmap.host

# Reference: https://app.any.run/tasks/b31c0049-b5de-40a8-9069-8c14e27b738f/

193.161.193.99:32260
Kupcia-53901.portmap.io

# Reference: https://www.virustotal.com/gui/file/81e96984130042d0ee70ae09a7bc9375974d513938e80877720d251330e4b37e/detection

39.122.189.147:1
fsft.p-e.kr

# Reference: https://www.virustotal.com/gui/file/1f48d54ad69726c01a7ae1e7ceff7ae6093005be1e100a75968476d72d75cf06/detection

101.179.85.220:1111
101.179.85.220:6606
101.179.85.220:7707
101.179.85.220:8808

# Reference: https://www.virustotal.com/gui/file/dcaf6810871062a1a5a292c8e46667a8b7de908d292513ef1c443929ce8897c5/detection

18.157.68.73:15558
18.157.68.73:16155
18.157.68.73:4444
18.192.93.86:15558
18.192.93.86:16155
18.192.93.86:4444

# Reference: https://www.virustotal.com/gui/file/bbae735df39c1301901ca97c6993f2b6fd7233a0360761eab8b65f2556df4517/detection

145.239.201.157:8443

# Reference: https://www.virustotal.com/gui/file/ee5dbfca30be494b6ad8ac1c18255b6054339de4aba768180a1f32e9921a30ce/detection

193.239.147.16:6606
193.239.147.16:7707
193.239.147.16:8808

# Reference: https://www.virustotal.com/gui/file/ff081035cd38c28b8093f8f0887450407e27a89ee1ff254dd627849bd6334fb5/detection

193.161.193.99:53485
hack567832-53485.portmap.io

# Reference: https://www.virustotal.com/gui/file/126a37d9189d9ef7872b74fb13f562bc8601622b6455e01fefd646b463966fa6/detection

193.161.193.99:39400
kepada9494-39400.portmap.io

# Reference: https://www.virustotal.com/gui/file/32e6114d2ce3e3c8f778769261cb06eb874b5f38271436d88053c41930f1ce47/detection

202.182.121.93:5050
kny777.kro.kr

# Reference: https://www.virustotal.com/gui/file/49510b87db400c9570b85eba6271642d0a157d0c8cd5457171a6564aa73e7795/detection

avantgrajgrup.com.tr
/ilksan_sorgu.php?tck=

# Reference: https://www.virustotal.com/gui/file/7c3eeba909d90095b3ac593ccc111251212ebe3304d5f9725325d81b2e6acd14/detection

13.82.134.169:48166
13.82.134.169:5555
13.82.134.169:6606
13.82.134.169:7707
13.82.134.169:8808
ROCK19870-48166.portmap.io

# Reference: https://www.virustotal.com/gui/file/292a0b69dfc9ff8aa030fdbe13e0bc047606177ea3250c597e06dfeec1c92304/detection

194.5.98.100:1337
blackhair.ddnsfree.com

# Reference: https://twitter.com/ScumBots/status/1315367256235311105
# Reference: https://www.virustotal.com/gui/file/b07c2fbb1e0470cdbffd9c1147de5cf1763edcc4c5a918ddc63ad49d1ecbc563/detection

45.95.168.116:1333
45.95.168.116:1334
45.95.168.116:1335
45.95.168.116:1337
45.95.168.116:1338
45.95.168.116:1339

# Reference: https://www.virustotal.com/gui/file/a3074419485db4ee08451afe2693184a89c031b3237e0a51b7627eb33eddc342/detection

222.114.199.209:5050
pyeonno.kro.kr

# Reference: https://app.any.run/tasks/5bc8c7e8-e45e-4fff-9fc6-7a380e82e03f/

193.161.193.99:54987
papachullan-54987.portmap.host

# Reference: https://www.virustotal.com/gui/file/7e3e36dfb02909a470035b63d7db577f62431689e631fc7e1f21198745ce339d/detection

185.165.153.140:6606
185.165.153.140:7707
185.165.153.140:8808

# Reference: https://www.virustotal.com/gui/file/39eb27e6d13e6a373bb1da0becb487e808ff2d3849d481eb0bd4aa3b6d398cc1/detection

79.145.12.52:1335
79.145.12.52:6606
79.145.12.52:7707
79.145.12.52:8808

# Reference: https://www.virustotal.com/gui/file/913033893ab065b61e551399c91cdd877c134dc7dadacacbc87c3dfd798653a1/detection

91.109.176.2:6606
91.109.176.2:7707
91.109.176.2:8808
mika201.duckdns.org

# Reference: https://app.any.run/tasks/407ac320-c34a-4b59-966e-1f8403fe92e5/

193.161.193.99:28793
saudis-28793.portmap.host

# Reference: https://www.virustotal.com/gui/file/708ba499db884070420f378523658870927c31654d03d24cdac303b5d60b0ac4/detection

2.56.62.44:4444
2.56.62.44:6821
2.56.62.44:6606
2.56.62.44:7707
2.56.62.44:8808
fuckmyass.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0cd8a5e9deb573fb2fda25cca06453abcd0a42ee7b0de44420973aeff3e0fcbc/detection

185.161.209.16:6606
185.161.209.16:7707
185.161.209.16:8808
bitcoins.giize.com

# Reference: https://app.any.run/tasks/ddf3cca3-adcc-4110-976a-b724a6aab722/

ectoraid.ddns.net

# Reference: https://www.virustotal.com/gui/file/fcdc5a453e07582d39d35234b39a67bbf958832ac88f0a82d413961482bdbcc0/detection

175.203.53.37:5050
nsr0209.kro.kr

# Reference: https://app.any.run/tasks/107f53fe-e988-40c3-9659-bb47c7283615/

193.161.193.99:60167
elechine-60167.portmap.host

# Reference: https://www.virustotal.com/gui/file/5979eee66faff5910c181a7b1af0111d68a0feda3dd974306f8e5c5624af7cdf/detection

51.75.169.41:6606
51.75.169.41:7707
51.75.169.41:8808

# Reference: https://app.any.run/tasks/7468050a-b7fe-4748-b667-6933722a010a/

193.161.193.99:33504
Scambaiter123ASAS-33504.portmap.host

# Reference: https://www.virustotal.com/gui/file/a95000dca55523f7c8a1293563a03693f973fc12f91618deb86ec5aeee353728/detection

151.240.194.206:7777
nethalpop.sytes.net

# Reference: https://www.virustotal.com/gui/file/9b9f13a8e3663e2b05e3af0b00abec4bc662b823a7fde9447164b9031bc59fe7/detection

52.156.134.11:4892
jah0seh.duckdns.org

# Reference: https://gist.github.com/silence-is-best/0aa844b003c62c6ce491e91e168ac662
# Reference: https://www.virustotal.com/gui/file/49f9c9e79441d891f84d5a457fed44897f95f8f691b387fcab2e63ec9a505667/detection

194.5.97.76:2121

# Reference: https://www.virustotal.com/gui/file/0c323c02db0a52d9a1764a74e3cb5a7bcc8e7b9839160179a772de3a6bc8cf26/detection

pounds1990.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ff734df4d09afad52e931fce898a5497b78081fbca44f091e55a3da4b47c1350/detection

185.140.53.141:2256
freshg.ddns.net

# Reference: https://www.virustotal.com/gui/file/0840d78515e4bdaa61b7d285b710361e19d10c31e34a0cfc58e5fae89e118bbb/detection

193.161.193.99:4332
193.161.193.99:57654

# Reference: https://www.virustotal.com/gui/file/4124fa166c07644eb29d7b813889a90795f9f1448f7cae2040a1375006748617/detection

91.109.180.6:6606
91.109.180.6:7707
91.109.180.6:8808

# Reference: https://www.virustotal.com/gui/file/3ba05ff4ea1e849ad3ce6780aadb44af45e48442f058510fcc096e115c853d80/detection

91.109.188.7:6606
91.109.188.7:7707
91.109.188.7:8808
mika202.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9cca37bc8df3f2d7d439db0ffb0ed8d4a1c2f88c5c43754bc78b674009b35b05/detection

109.202.107.147:7113

# Reference: https://www.virustotal.com/gui/file/e1a9c9a66a236487973368591a6735b9e14dd6a8c7be77106f63ec5835cebd2c/detection

203.115.24.234:8282

# Reference: https://app.any.run/tasks/0a2ba392-8c95-48d9-b4e6-b192643675c9/

193.161.193.99:26660
carminebongo-26660.portmap.host

# Reference: https://www.virustotal.com/gui/file/6e5fdf8624b69aa1cbda80d760e5a77143aafcf2b54617485023d2c520e7c431/detection

103.207.39.131:6606
103.207.39.131:7707
103.207.39.131:8808

# Reference: https://www.virustotal.com/gui/file/4467e78c9356062cd52d9d9da5dee3329558749d764ef8c72c14977ae65d139e/detection

82.65.39.148:6606
82.65.39.148:7707
82.65.39.148:8808

# Reference: https://app.any.run/tasks/c5ef1463-1168-4ef0-8536-d42d953c919e/

85.224.37.213:6606
85.224.37.213:7707
85.224.37.213:8808

# Reference: https://www.virustotal.com/gui/file/971226ecd2869473e61804629f46507232584393f74bf7f8cc11c6592e916ffc/detection

128.134.139.235:5050

# Reference: https://www.virustotal.com/gui/file/5052cc68d40a843a8500983cc7e8c84601e5221149f88f1aa135f328e9e1a9b7/detection

93.190.51.64:1234

# Reference: https://twitter.com/wwp96/status/1328325861456699394
# Reference: https://app.any.run/tasks/85c6b9fa-195f-43c2-b480-8dea0a699fb7/
# Reference: https://app.any.run/tasks/d6fa28e7-0425-49c1-a12f-0185af0ed4ab/

185.239.242.76:6606
185.239.242.76:7707
185.239.242.76:8808
5.230.22.165:6606
5.230.22.165:7707
5.230.22.165:8808

# Reference: https://www.virustotal.com/gui/file/815e7085a1cf084e05f86a972b0d91b4e5555577f8d47528d79d85dcbb45bc4a/detection

79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808

# Reference: https://www.virustotal.com/gui/file/17433a45b35d1eab013795ac90856a2349ed97974c05653030279c52a367774d/detection

137.135.73.55:18
137.135.73.55:6606
137.135.73.55:7707
137.135.73.55:8808
cemnasq.duckdns.org

# Reference: https://app.any.run/tasks/e7870287-b274-4f3b-9246-e7104d7f9cc3/

45.144.30.41:6606
45.144.30.41:7707
45.144.30.41:8808

# Reference: https://www.virustotal.com/gui/file/f3fcbb0fedb1e3b732185aebbf845ca185c950ca3635026d8a754312220577c9/detection

212.239.144.144:1177
212.239.144.144:6606
212.239.144.144:7707
212.239.144.144:8808
liligharba5.ddns.net

# Reference: https://www.virustotal.com/gui/file/1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831/detection

78.161.81.149:1604
78.161.81.149:222
78.161.81.149:6606
78.161.81.149:7707
78.161.81.149:8808
ipmdegismismalcry.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d0f7a30d75237013c95ab544faf873ba165f252321c49e2ccc5e5b43126a4c3d/detection

84.117.241.36:1604
84.117.241.36:6606
84.117.241.36:7707
84.117.241.36:8808
sexpulapistol.ddns.net

# Reference: https://www.virustotal.com/gui/file/c6565e82f8873c8064caf5e73f1fe276b103c131e6df769dfd5bce2da760dca0/detection

91.105.195.23:5679

# Reference: https://www.virustotal.com/gui/file/7017de5d73a4f3bb86c343d87148c3af0087191fd401632b2643368ad38d0929/detection

90.37.128.28:1111
90.37.128.28:6606
90.37.128.28:7707
90.37.128.28:8808
osinte555555.gotdns.ch

# Reference: https://www.virustotal.com/gui/file/cf69b63b9cb0ecae224f272bbf7d02fefa14e31ea1e2dab90d2f7fad8b742edb/detection

45.153.243.96:8888

# Reference: https://app.any.run/tasks/57ef4913-3bdd-47c9-bbca-1d16df9b9c1f/

193.161.193.99:24383
nullbytes.duckdns.org

# Reference: https://www.virustotal.com/gui/file/32ac22ae67128eee2d9771d0d579ca2fd222dc5937480391df2b1f50af84bd1e/detection

23.95.13.157:5356

# Reference: https://www.virustotal.com/gui/file/99c1bb646297307dad07a81cc77cd283f6eb854ab9b33a322725add022528bec/detection

185.20.185.96:9091
giness.giize.com

# Reference: https://www.virustotal.com/gui/file/a8e0a5a7a055e7d431c3e28f77d81c9d7a4a6f3449382c7a88ae52a52091cdd7/detection

185.20.185.96:6606
185.20.185.96:7707
185.20.185.96:8808
genlast.giize.com

# Reference: https://www.virustotal.com/gui/file/67d0d003a313f542a40efad51c91a6b81f13a9d7da5059edc39c9d7ad5b1c166/detection

105.108.31.15:2020
frefiredll.servehttp.com

# Reference: https://app.any.run/tasks/8be5fee5-16e7-46d2-8b79-186227574f25/

201.219.204.73:1881
dfdfcdc1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ee3e0599c68bd9454f2e9175faa65c9a474160bc41acb07532158b6309ba991c/detection
# Reference: https://www.virustotal.com/gui/file/edab64dac1dee32fef52a0871d0323e1b5bf246d70aa0617d83dcc7975bef283/detection

14.231.186.175:5555

# Reference: https://app.any.run/tasks/6a264419-9242-4e6f-9974-abc8cc7c194d/

14.231.186.175:8888
getcookies.ddns.net

# Reference: https://www.virustotal.com/gui/file/fa26846e38ca581bcfeb41da686153970b4d29ed706e76352dd2771c12267cde/detection

anunankis10.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c92433dcc69cb79b43a176f68820d85c4c8d7ef0a6b31881de5e9cfb70464d14/detection

85.214.37.238:9192

# Reference: https://www.virustotal.com/gui/file/4082d61ef1a193655d3d50eb923fb95e4d0026de3104f2d5f4e162597e6d37b6/detection

88.232.12.125:150
nonick55400.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d2000f86d47cc1a1ab87f3080c90b4b61aaa317aac5c2d4cd8609286ebacee8b/detection
# Reference: https://www.virustotal.com/gui/file/cf4ddce71aba43a35beb19ec82d3e90b0008c09b3e6018d286ba321616ced13b/detection

46.114.109.193:59999
83.135.171.146:59999
drei.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3c634e5d4ee8aa6eeb7896e14bc39c6ab8b4ceb39dc26bc09418e4bfa9b0820/detection

193.161.193.99:28070
lufeteme08-28070.portmap.host

# Reference: https://www.virustotal.com/gui/file/9160bff6b2976faebb45e316ae521f76fc25893a85818c02317b3435163545c8/detection
# Reference: https://www.virustotal.com/gui/file/7940abde1678d42fc39c4cc0c69a17d2903c462747d9f8115b2b68f4a0f3d768/detection

206.166.251.78:6606
206.166.251.78:7707
206.166.251.78:8808

# Reference: https://twitter.com/jorgemieres/status/1336699712796299264
# Reference: https://www.virustotal.com/gui/file/558af040bcfa1aaf774e953cca682eaaf38ec8c4f3ca4f3e24e0ea8a783ca1df/detection
# Reference: https://www.virustotal.com/gui/file/1f89b0e486eb986a03b0a5cbbacc8f4e7552f5b9ed74c408ae9febd2e424dbdb/detection

23.105.131.244:1881
maraddiego763.duckdns.org

# Reference: https://twitter.com/JAMESWT_MHT/status/1342046396048932865
# Reference: https://bazaar.abuse.ch/sample/c397eb85439a20b9185e001ec8cd286281d27d6be336d32e93558e451e6aeeeb/
# Reference: https://app.any.run/tasks/74f1a309-b81d-447c-80c9-fc94ed5a0d41/

3.22.15.135:14345

# Reference: https://www.virustotal.com/gui/file/ab62e63b551e5f354ec3fe9fd7142d9a07311af48a898ab02faa8a9067fa9894/detection

47.93.12.104:6000

# Reference: https://www.virustotal.com/gui/file/258d5d44809036c29e621367b7aec4338278950edf3766277e3a891bcb8200d6/detection

78.163.1.80:1608
78.163.1.80:6606
78.163.1.80:7707
78.163.1.80:8808
kurbanlar12.freedynamicdns.org

# Reference: https://app.any.run/tasks/816acf79-0c72-436c-b229-3cae510f1308/

118.91.123.84:6606
118.91.123.84:7707
118.91.123.84:8808

# Reference: https://www.virustotal.com/gui/file/82e765d576749be75f8eec64ab5cb4c934b494e30a74fc9a4f70b1c8d3cb25ef/detection

212.125.28.114:4096

# Reference: https://app.any.run/tasks/b1409386-ce03-4eea-8a2e-32434ba38ee5/

37.120.208.40:49746
chongmei33.publicvm.com

# Reference: https://app.any.run/tasks/c1f8c77d-4c72-4419-a381-8d166413e5e9/

193.161.193.99:23074

# Reference: https://app.any.run/tasks/cf031967-ce6c-4a6e-8b9f-a718560ee709/

68.235.43.126:56927

# Reference: https://app.any.run/tasks/005ff4be-a1df-4e61-9390-b61d968ed4c0/

125.209.137.105:6606

# Reference: https://www.virustotal.com/gui/file/a6264de41b4d2ad578a3ec5e082b621dcbf3b716e9bbe86f66682d785c7fc476/detection

45.140.146.29:7979
45.84.1.78:7779

# Reference: https://app.any.run/tasks/4585a843-0924-4dfa-9714-322eb3a61d12/

193.161.193.99:48622
crazynigga123-48622.portmap.host

# Reference: https://app.any.run/tasks/fea4d4d7-cc76-4655-8e00-400d40f683ab/

79.42.176.16:8080
backdoor.sopix.it

# Reference: https://app.any.run/tasks/afd0acb5-ce1d-4a29-b525-cd198d6d69fd/

3.13.191.225:12246

# Reference: https://app.any.run/tasks/85ac5faf-d2bd-4e6c-84f4-276c16c8c260/

20.50.121.62:1604
arda3369.duckdns.org

# Reference: https://app.any.run/tasks/fbf0f2b7-868b-4aad-b0b1-8028f3303b73/

193.161.193.99:25740
skeetware-25740.portmap.host

# Reference: https://twitter.com/Glacius_/status/1354914904004820992
# Reference: https://www.virustotal.com/gui/file/baec9d73487e85c2bdd78b6ae43abaa6a7fec4b969d92b14427e8aca0510a24b/detection

172.241.27.124:6666
fat7e0recovery.ddns.net

# Reference: https://www.virustotal.com/gui/file/ca15972126b044ee0306f30aea6ee94ac41c3696c6c4789649a8554c8011acd2/detection

193.109.78.123:5454
193.109.78.123:6606
193.109.78.123:7707
193.109.78.123:8808

# Reference: https://www.virustotal.com/gui/file/1ee5494e35b15b468334a05ab0b8b233cf09d3fdaf6b2fbfa997f30bb7e95534/detection

179.124.220.225:6606
179.124.220.225:7707
179.124.220.225:8808
supertop2.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1355991497095700491
# Reference: https://www.virustotal.com/gui/file/a9c4777eaa8ebd606b60f1a40c3789fe3cc0fa874610fed377cf1aea7093d638/detection

118.91.99.226:6606
118.91.99.226:7707
118.91.99.226:8808

# Reference: https://www.virustotal.com/gui/file/6d46e1bb744cc57d651c3812520e5efa06f760631df2740987ade7b1340262dd/detection

3.138.45.170:14232
52.14.18.129:14232

# Reference: https://www.virustotal.com/gui/file/fc96f417ac8229c6b5bb9303f3256d0ed54e416ae2328360b31c72b8b77bd027/detection

3.14.182.203:15821
3.14.182.203:25565
3.138.45.170:6606
3.138.45.170:7707
3.138.45.170:8808
3.138.45.170:28856

# Reference: https://www.virustotal.com/gui/file/3f82201b874febc1f265408f7574966eedd494c87ab21e20099c0463341c4ec5/detection

51.83.21.214:1177

# Reference: https://app.any.run/tasks/0713ac99-9dc7-4ea8-b408-dfc72f582df0/

62.228.99.44:25565
swiftyboiiiii.ddns.net

# Reference: https://www.virustotal.com/gui/file/cf0ac94c2958739cad12578e671278f78e9a36ca8dfa060e7cb99beacf5443f1/detection

77.149.2.122:5552
hookshome.ddns.net

# Reference: https://www.virustotal.com/gui/file/4864f1d1db04b797fd2e43e2a842afe736f7a8a69d985d20c0a506b2cd1e6710/detection

201.219.204.73:1881
ortegadani4521.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3794538f0e3b4c499c8f5edf04fa2ee3bbf61cf51c9185ee60184d1473db6c58/detection

91.109.190.8:6606
91.109.190.8:7707
91.109.190.8:8808
mrtx.duckdns.org

# Reference: https://app.any.run/tasks/99dabdb4-e15c-4a04-a587-01ebe4a1ecb0/

193.161.193.99:47970
Lollypopman34-47970.portmap.host

# Reference: https://www.virustotal.com/gui/file/4fb8606551676da10e81801a00d3fc7899c064b4ceec54939b41e8cdd7f81159/detection

209.99.40.220:1000
updatersvc.duckdns.org
windowsupdater.system-ns.net

# Reference: https://www.virustotal.com/gui/file/292f5a19fadef7188670b8bc2e69bcd9d1f54c7e23928427392dc135dcdc8a0d/detection
# Reference: https://tria.ge/210214-whb5qfxctj

23.102.129.234:6606
23.102.129.234:7707
23.102.129.234:8808

# Reference: https://www.virustotal.com/gui/file/c4c4c3ddd9cf42d0352a5135a9250a0cc64a40a8ed49ca860cf31061cfca5304/detection

40.75.8.74:6606
40.75.8.74:7707
40.75.8.74:8808

# Reference: https://app.any.run/tasks/9528fcbf-be7a-42a4-b363-808a22a624fd/

52.14.18.129:11677

# Reference: https://twitter.com/reecdeep/status/1361585509387149315
# Reference: https://app.any.run/tasks/4c21b945-025a-4fe9-9296-eadb5f04cf50/

103.151.123.132:6204
severdops.ddns.net

# Reference: https://app.any.run/tasks/d343dc45-6f76-4c18-aeee-4f1cf7e1764e/

193.161.193.99:55575
gzzzjc-55575.portmap.io

# Reference: https://twitter.com/someinfosecguy/status/1362440625619144708
# Reference: https://tria.ge/210218-jmjxwxbpqx/behavioral2

193.161.193.99:26187
193.161.193.99:64861
malkalanok357-26187.portmap.io

# Reference: https://app.any.run/tasks/654e69f2-b60d-4dd5-8cf4-895123bbbe08/

95.252.85.20:8080
unbelratcomesideve.ddns.net

# Reference: https://www.virustotal.com/gui/file/c75f28cdb21bec49700a7579d3b630074e3fb6de4cda70c5937dcd8424bbebbf/detection

121.137.39.135:5050

# Reference: https://www.virustotal.com/gui/file/fad55e42bde0dce163f94a0ac272418b17100a67e439574fdc49ab7e2b12bc3e/detection

220.78.222.190:5050
yohan002.kro.kr

# Reference: https://app.any.run/tasks/5f595a39-7203-4809-8d78-e3431e057227/

193.164.7.176:6606
193.164.7.176:7707
193.164.7.176:8808

# Reference: https://app.any.run/tasks/7cc3c6d0-fe7e-4491-8d55-9f1644649546/

193.161.193.99:36606
sizetmp-36606.portmap.host

# Reference: https://app.any.run/tasks/a542e55d-6ff8-4aaa-9f49-13ea77bdbfd5/

69.136.25.93:54115
azxsdc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/2399e5acd8e6fec2e83de445cf83b598676f57fdfedd1f67a7872a5009866591/detection

154.16.67.107:1177
newss.myq-see.com

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1365774874870972416
# Reference: https://app.any.run/tasks/119bfa2f-93ed-46e1-8ade-2eb69c0165d2/

194.5.97.132:35714

# Reference: https://twitter.com/wwp96/status/1366429485080457221
# Reference: https://app.any.run/tasks/d93648e9-999f-4a82-b7ee-3d318546c9c6/

152.89.247.27:1210
3324546.duckdns.org
owncablestdywirecord.dns.army

# Reference: https://www.virustotal.com/gui/file/1b3d41d44659ff038cf8aafdc5ff021646771106d957783aecdff725158c216c/detection
# Reference: https://tria.ge/210305-v3pe2f2w5s/behavioral2

177.124.77.43:4000
micomico.ddns.net

# Reference: https://www.virustotal.com/gui/file/7b5ac1f2b4852a2c27afd5c5529660f71f0e7ad0f890208ed3f5e248d6e7b84a/detection
# Reference: https://www.virustotal.com/gui/file/3decf98948eb4ae09dec3ff5955f33bd9c4ce38cdccae4107f3fa9bfffb7b050/detection

85.170.227.97:4000
85.170.227.97:5000
rat94522.ddnsking.com

# Reference: https://www.virustotal.com/gui/file/b04d9a311d595e1d0a44992ecd4ea00528270378d0e52da5dc75b8ccc1ce5599/detection

31.220.4.216:1738

# Reference: https://www.virustotal.com/gui/file/b77906648505d304d711b3021f19104a70f7725f6021e4cee0d492fa96597028/detection

potrq.ddns.net

# Reference: https://www.virustotal.com/gui/file/fdbb642769e8cc0eec1e09d29c9635d76d5885abb07deca4d2ef5c84bbba5c67/detection

136.175.8.57:1177
100k1.ddns.net
100k2.ddns.net

# Reference: https://www.virustotal.com/gui/file/bc796e4f7602321306d3762eca6dc809ee2c043caf03386deb17b1422209a1ec/detection

45.32.200.152:1177
fat7e07.ddns.net

# Reference: https://www.virustotal.com/gui/file/67d8ec4d7cde7188fc49f8268a10855abe89cffffc13c6f6111ba904caebe6f7/detection

93.93.193.189:9341
corporation.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/78430db636f5d5be5dd3959a3f74b14792897b8fdea1de1c441eba120164cfb6/detection

liverpoolsupporters9.com

# Reference: https://www.virustotal.com/gui/file/3c7d9801bed9dc95108527bc38cbc100260c5bd76331adffb9b21620c91b5049/detection
# Reference: https://www.virustotal.com/gui/file/c4b9e67adddddb84ad88135affcf47881c6ff4a560557e760da2990aaca02510/detection

186.4.232.55:6606
186.4.232.55:7707
186.4.232.55:8808
rcvasconez.ddns.net

# Reference: https://www.virustotal.com/gui/file/2f9e71f1807b0e909226f4fced8c62fb38c787b2ae56ec8646ade0a6a54ec725/detection

193.161.193.99:43299
gammadoppler123-43299.portmap.host

# Reference: https://www.virustotal.com/gui/file/0100972f01df9b75c0958a7198170d2d37a51f1d500501bcdbf122bb43253bcc/detection

102.36.149.155:30300
79.134.225.11:30300
rbltd.ddns.net

# Reference: https://www.group-ib.com/blog/rats_nigeria
# Reference: https://www.virustotal.com/gui/file/8613c29feb93ea1eb6a48e037da61e0643ca06234d51462814e0b314e2aa9b50/detection

http://68.235.38.157
east-ge.com
kingtexs-tvv.com
mariotkitchens.com
sommernph.com

# Reference: https://www.virustotal.com/gui/file/fee6cda76d8c5b289b76deba1176049e529f51ac06f817a8a22ec77b17d74f35/detection

188.161.190.135:6606
82.205.21.99:6606
82.205.22.86:6606
188.161.190.135:7707
82.205.21.99:7707
82.205.22.86:7707
188.161.190.135:8808
82.205.21.99:8808
82.205.22.86:8808
squadx.hopto.org

# Reference: https://www.virustotal.com/gui/file/95fbecb2d0b0aa0fa80e02732237fc9eb43fc9f8af1efff062435b44b57f1a03/detection

97.90.7.88:4782
97.90.7.88:6606
97.90.7.88:7707
97.90.7.88:8808
cademc.zapto.org

# Reference: https://www.virustotal.com/gui/file/e706bf49908519c14eb135357c5cd822be3f139be7365a94081b54342db0eb91/detection

20.79.41.10:5967
tayfagreatie.duckdns.org

# Reference: https://www.virustotal.com/gui/file/23d4837df84a76f96c674581c96e6a1729bac2981787d3b36ac5149d861f13e5/detection

160.152.102.175:8988
160.152.102.175:8992
loading8992.bounceme.net

# Reference: https://www.virustotal.com/gui/file/668d4a42b6e049ee80146d86f93c706a6598c90156b670b966a4a413a83e58d1/detection

144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/af8558a48c8cd10691fc61aba79b6522807ff92a85fe833556445dba63f149d6/detection

45.77.142.82:9797

# Reference: https://www.virustotal.com/gui/file/2f054e75bbe251c38dfa8a3a31d51123d71f80054720c909ed3901e14859c656/detection

49.12.11.240:6606
49.12.11.240:7707
49.12.11.240:8808
49.12.11.240:6821

# Reference: https://www.virustotal.com/gui/file/89c38091fdb1977853e9533b62a68082b65dfa61007bd7d7f9dfaa228646252b/detection

20.52.142.130:9797

# Reference: https://www.virustotal.com/gui/file/fe57fc52dcd3215bca8bc6cebb224eb2c2d2b5238f3b671e84147ae555af936d/detection

144.202.70.248:6606
144.202.70.248:7707
144.202.70.248:8808
144.202.70.248:6821

# Reference: https://www.virustotal.com/gui/file/ab09142c8ecb158bb84696cb92e922fea9959a57bc6e1bacc6d8e87ffc1c63f8/detection

45.32.211.35:6821

# Reference: https://www.virustotal.com/gui/file/96f0812b2f8c0589a04b40ea1a9438d41e901ef660ed493c3d5221c535c18b4a/detection

216.230.75.194:8621

# Reference: https://www.virustotal.com/gui/file/c64c2b5fd4c90ac4dd5c41b733d43669fd3dfa75342d98f29b7bd3178e6374de/detection

139.99.73.120:6606
139.99.73.120:7707
139.99.73.120:8808
139.99.73.120:5555

# Reference: https://www.virustotal.com/gui/file/30368f7cf5ab4464ed45c1cf1c7a21110663a56b56ee5fe94a4e9bb376e2d5e4/detection

91.109.180.5:6606
91.109.180.5:7707
91.109.180.5:8808

# Reference: https://www.virustotal.com/gui/file/c06fdc9f0dbfd0b42d74c9226ed28f3f52b5bfc04af70f58b8b5b16439196184/detection

185.19.85.167:3413

# Reference: https://www.virustotal.com/gui/file/f7b01c9dd7e2184231f40d009c54374d0cdcf563e987fe2a3586e6b767852dea/detection

175.144.21.17:2703
185.244.30.92:2703
192.169.69.25:49703
37.120.208.36:49746
79.134.225.92:49703
87.98.245.48:49746
chongmei33.publicvm.com
rahim321.duckdns.org

# Reference: https://www.virustotal.com/gui/file/62a8add7d225619b038ee5e87b9546fbdb796c98b1c65fc4ecdc4b079069500d/detection

95.211.239.205:777
tahoo.linkpc.net

# Reference: https://www.virustotal.com/gui/file/dfc5f5a467242e30666b413878511d034ab02651a8b791732b70317a72c6a543/detection

105.103.141.231:777
domaineweb.publicvm.com

# Reference: https://www.virustotal.com/gui/file/7081ef94c2d39376308f54702b74cc685f2489f90d95f1db288ff96c7e434202/detection

184.170.245.2:6606
184.170.245.2:7707
184.170.245.2:8808
hacker1313131dd.ddns.net

# Reference: https://www.virustotal.com/gui/file/7cf0450f46dbf13e125b76f7358c0505a9b5e6655d908281ed00b8ce5c94a3dc/detection
# Reference: https://app.any.run/tasks/409d87b3-2e1a-4699-9fb2-42bc6c107dda/

105.112.46.168:2021
105.112.78.3:2021
kimjoy.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3566a97c163540e23dd172c1c872bb8e4dab98c1a049bacef3f3fbf68744835/detection

74.199.72.115:3702
nazinaturistic.ddns.net

# Reference: https://www.virustotal.com/gui/file/bd30df969f3a11aabd58ff65c72fd14a507ee43efe4d77331338facbeaed77c4/detection

195.62.33.67:9911
bad96.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d9ea4fd548efa07e3051dcef175d5b0446958cdf0d7f623a0f98945acc1dbb8/detection

94.61.14.42:6606
94.61.14.42:7707
94.61.14.42:8808
robloxfanscripts.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1389666118294327297
# Reference: https://www.virustotal.com/gui/file/146f7a39df033afe4bb001da5b4a6eceb89f9efab5538c470b7f7f3cb4bbd15e/detection

79.134.225.18:2455
franco.ddns.net

# Reference: https://www.virustotal.com/gui/file/9ee67445d4ffeedd7c11e1e14949bf0f6060f34352e3f2c8d2184ffe0b4d235f/detection

79.134.225.18:6606
79.134.225.18:7707
79.134.225.18:8808
bigman2021.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8d2b3f58baa5dc605a8618d66b3070c97b8f3f01c214c3e39b0d3df1c820f12f/detection

78.189.145.29:1064
cancan01.duckdns.org

# Reference: https://www.virustotal.com/gui/file/192b8b333a2d956f13512165a108e109e79f73680e28af2e98f4aafbaea378f4/detection

89.160.26.37:1907
89.160.26.37:6606
89.160.26.37:7707
89.160.26.37:8808
leoz07.ddns.net

# Reference: https://www.virustotal.com/gui/file/af844d4f524a764af31c6d600148248dae088a54356bbd63604f93602ae8a655/detection

41.105.36.185:1231
170293.ddns.net

# Reference: https://www.virustotal.com/gui/file/aefeb07afc0d9f4d09ab09317db14edef1b58df175f70cf6ea88d7f6cdce8cfc/detection

159.242.234.220:8991
160.152.102.175:8991
160.152.128.216:8991
160.152.155.95:8991
160.152.184.22:8991
160.152.34.228:8991
160.152.57.245:8991
197.210.70.144:8991
197.210.71.96:8991
79.134.225.119:8991
adobe.myactivedirectory.com

# Reference: https://www.virustotal.com/gui/file/d452cee94e3a2d58b05e9f62a4aa4004c0632d9b56fa8b57664d295bc88c4df0/detection

160.152.128.216:8988
160.152.155.95:8988
160.152.179.159:8988
160.152.71.32:8988
5.62.58.238:8988
79.134.225.119:8988
160.152.128.216:8989
160.152.155.95:8989
160.152.179.159:8989
160.152.71.32:8989
5.62.58.238:8989
79.134.225.119:8989
asin8988.ddns.net
asin8989.ddns.net

# Reference: https://www.virustotal.com/gui/file/e8aca8f27af178b2c191206c7bc04bfddc604a78b95699a72ca20c22f618c9b0/detection

160.152.187.169:8988
79.134.225.119:8988
160.152.187.169:8989
79.134.225.119:8989
160.152.187.169:8990
79.134.225.119:8990
asin8990.ddns.net

# Reference: https://www.virustotal.com/gui/file/d88f2958d0acb7f06c1cfbf71f496477b5bae94fda49b9084def65709b211546/detection

41.102.72.91:2019
mrdiazdz.myq-see.com

# Reference: https://www.virustotal.com/gui/file/7e2c927caec040c6a134fbcd520023dd48379be367b6af0a353dfc1e4d0bcc3d/detection

79.134.225.7:9476
sipex2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/af664ecd43c0dd5152022855d80d3faa80bf938477b7959fdfe3d67c50ab93d6/detection

14.191.50.101:8080

# Reference: https://www.virustotal.com/gui/file/2fd8dd35009746246e06cafdd744c0bea6862576483a55a93b3c00de75989876/detection

77.247.127.24:6666

# Reference: https://twitter.com/pmmkowalczyk/status/1392794233724100608
# Reference: https://www.virustotal.com/gui/file/d17a7a0afd4342b88db7bfdba2ed30b44e03d95104d27d5e869bf7641895ad5d/detection

46.101.140.16:47533
fnk3.playit.gg
far-street.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ea3e00b1c26220883d6e27179ec9391efa9a2062414eb1c5576db0e204291104/detection
# Reference: https://www.virustotal.com/gui/file/8ab4f231ebf6150eb8bcfa302353732cce3f6c72ea7892f27a22e2720509dc37/detection

134.122.66.170:1604
134.122.66.170:1700
134.122.66.170:55772
134.122.66.170:8929
139.59.82.105:1604
139.59.82.105:1700
139.59.82.105:55772
139.59.82.105:8929
bng1.playit.gg
fnk1.playit.gg
roasted-egg.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4cb3d0afec4c271f4d2351022cecd072a7ef96b7c2f63223144278de67067d42/detection

157.245.170.36:1604
157.245.170.36:55078
157.245.170.36:6606
157.245.170.36:7707
157.245.170.36:8808
crooked-wash.auto.playit.gg
sf1.playit.gg

# Reference: https://www.virustotal.com/gui/file/b3a697477ca999a3cedb88a7dfef0735ac12032f26106008a31c6db4bdf1b7c8/detection

134.209.194.210:56635
ams1.playit.gg
gullible-substance.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/05030526532dbe4d0a3e49140489439468957d6dea9f482ff983e778b21c61d0/detection

147.189.168.238:1996
nova22.ddns.net

# Reference: https://www.virustotal.com/gui/file/d3b9abaed3de3549b0fc83ec846a02612d91dfaca5a82aad2d7fa58b6e6c8f59/detection

134.122.66.170:59266
enchanted-sugar.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/5acd937d84b28e21755ea9707e88cb73eaa6f183f03568e69077eee97ff5c6ca/detection

134.209.194.210:56874
134.209.194.210:6606
134.209.194.210:7707
134.209.194.210:8808
bored-baby.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4a69b932f7d7abe2e40d828020271ad2c82895fe0e45639a5e63898097383229/detection

waiting-distribution.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/25b60ae10029b3dc5b7c9e0c4fda13f676fd138f9407fb3d515b16f307964987/detection

134.122.66.170:2626
134.122.66.170:52083
staking-afterthought.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/c984664d6300015a18c84ddf60d978b2cedcf5323dcf32365b72456766770dec/detection

134.122.66.170:56797
134.122.66.170:6606
134.122.66.170:7707
134.122.66.170:8808
parsimonious-elbow.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/f7aede4740b641f6ca71b683741b35e4cd8fcb9cd9aac929605e2f41de19db76/detection

smelly-plantation.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/ae068da2d2b92d3884eebcb3b088d3764c64899341deab9e431bb0cf5af2f011/detection

134.122.66.170:52859
parallel-spade.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/4816d6f30051bd5fd3b3c585ab45068cc68b1698bedebdf829b6df2c1345787d/detection

151.115.36.90:51696
151.115.36.90:6157
scintillating-jeans.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/3c19eba85ce343b5cb5a2afd7036a2528c520c19dae153c9c50552ec2f33d548/detection

46.101.140.16:59842

# Reference: https://www.virustotal.com/gui/file/7787b0ad1912dfe4feac545132d8c27f2cd89f1f9a8cf1ed7d787a487e523e9b/detection
# Reference: https://www.virustotal.com/gui/file/5c3d28aefe454f0503484f737fd56fb0303c93556c579c4568a72d684ee14ed3/detection

46.101.140.16:49723
little-toothbrush.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/0d937a6efda9883e93d429cf6c4d60dc145ed5f3fd69ddb744cb44a4a0b7396d/detection

46.101.140.16:47458
slippery-cactus.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/8e1ae1790f2ee8b22b8956cd8b1cedf9b0bf82246d5d5a998bc503ac780b3496/detection
# Reference: https://www.virustotal.com/gui/file/f8e56bed47bf278dd23e4e8bbac71c8bc0464bfb91c07c242a2d26a37aa83d16/detection

46.101.140.16:47537
tremendous-icicle.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/822edf21c4b1bdd1a85dc45219158b462323339f5510c9780c900e12a8a125cf/detection

151.115.36.90:49057
151.115.36.90:6157
cloistered-dogs.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/b47b6d3289ae1968dbf8c2ade9b51b8648e422b1676e5ca320f588768b90a28c/detection

134.209.194.210:59208
46.101.140.16:59208

# Reference: https://www.virustotal.com/gui/file/29e7e0de201646f11e3ac7b7f861cc489e5f8343834871de5143e4842d1718ef/detection

46.101.140.16:46467
unkempt-silver.auto.playit.gg

# Reference: https://www.virustotal.com/gui/file/32b3b1966fae4e513fa11870958bf2fd585144a9b9a37b4ed0da8f9871f40176/detection

176.136.47.220:1605
176.136.47.220:6606
176.136.47.220:7707
176.136.47.220:8808
xuehue.freedynamicdns.net

# Reference: https://www.virustotal.com/gui/file/90fab6977cc5f967959d3dd307d4dd99dfa8da7f7fe2c159c1e7911bc6f5105f/detection

20.52.37.83:6606
20.52.37.83:7707
20.52.37.83:8808
orospureaxx.duckdns.org

# Reference: https://www.virustotal.com/gui/file/cdbbddacd34d002729ac3889252f36c544b936002005a2f357e831cb2f669d7b/detection

194.76.226.201:6606
194.76.226.201:7707
194.76.226.201:8808

# Reference: https://www.virustotal.com/gui/file/dc3e48d0b12659129b857a0293e2978a29809664572b4f6f556491ca4f677dbf/detection

150.107.31.190:9060

# Reference: https://www.virustotal.com/gui/file/69642f95f35b3d14f1123de60819e66e59c8f125defb58d23b8766f498597de3/detection

79.134.225.53:9872

# Reference: https://www.virustotal.com/gui/file/494924af556726976ac133cfe12a92b3d5b193f19df0d3ea785c645cea18e6fb/detection

24.101.234.141:4782

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1400166564268331009
# Reference: https://www.virustotal.com/gui/file/c810a1bde5027f6fcf656067381133c6c8e61349cd05b4f4c7a9695b9a44f31f/detection

195.174.209.145:1781
195.174.209.145:6606
195.174.209.145:7707
195.174.209.145:8808

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1399327839896342529
# Reference: https://www.virustotal.com/gui/file/e89d388de70b933316724146def5eeab047a08514b7bf70bcea3916e09162669/detection

peebeekay-22139.portmap.io

# Reference: https://www.virustotal.com/gui/file/6610572cbe4075996e903d9e13a29cf812537be7b7ed2d9f6bc341a3998f4459/detection
# Reference: https://www.virustotal.com/gui/file/48b3e497f5e533a663b3686b731bcf2b486ba3aedb006091fd95d1f573944c90/detection

87.132.215.23:4250
89.182.98.3:3601
dontreachme5.ddns.net
dontreachme.duckdns.org
dontreachme1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ec503a0e10888dfadfaa3716eb128b6dd7479fd708e45a181cba7c14e8ad59f9/detection
# Reference: https://www.virustotal.com/gui/file/ee45e7b7efce62cdf53205e25010044bd2612498113e665e76f9731d4e2843e0/detection

162.255.119.29:54984
173.189.160.249:54984
snow-leopards.xyz

# Reference: https://www.virustotal.com/gui/file/1c1aad21ca7a30cdb51deac733927ed1b603c242b7640c9e42605ea8202782f2/detection

106.214.237.83:8088

# Reference: https://www.virustotal.com/gui/file/f6f4e3772ac0e480939d5af16464ba425c44040e1f1ce6edb82591694d5e3f01/detection

ooyeah-24044.portmap.io

# Reference: https://www.virustotal.com/gui/file/44b58d71e60589298b48dbbdcd296ebd7b0330dceb8988369267a167a85d631c/detection
# Reference: https://www.virustotal.com/gui/file/b564ee571c17fcf612bf67207a44d92e463f1c12c2558f205c4cbb45d8950839/detection

141.255.155.84:4444
141.255.157.163:4444
cryptserver.hopto.org

# Reference: https://gist.github.com/myrtus0x0/deb815eadd362f660aabb41a7806e187

172.93.222.156:6606
172.93.222.156:7707
172.93.222.156:8808
173.63.124.155:1604
178.33.222.241:2703
178.33.222.241:49703
178.33.222.241:49714
178.33.222.241:49746
185.165.153.116:2703
185.165.153.116:49703
185.165.153.116:49714
185.165.153.116:49746
185.19.85.155:5080
185.244.30.92:2703
185.244.30.92:49703
185.244.30.92:49714
185.244.30.92:49746
194.5.97.249:9951
194.5.98.196:4529
194.5.98.107:6970
203.115.24.234:8282
37.120.208.36:2703
37.120.208.36:49703
37.120.208.36:49714
37.120.208.36:49746
45.153.243.96:8888
45.35.158.173:6606
45.35.158.173:7707
45.35.158.173:8808
54.246.188.45:6606
54.37.36.116:2703
54.37.36.116:49703
54.37.36.116:49714
54.37.36.116:49746
79.134.225.92:2703
79.134.225.92:49703
79.134.225.92:49714
79.134.225.92:49746
79.134.225.99:4726
79.134.225.99:6606
79.134.225.99:7707
79.134.225.99:8808
91.105.195.23:5679
agentpurple.ac.ug
agentttt.ac.ug
bruhmoment123123123.ddns.net
dongreg202020.duckdns.org
gateway.swat.host
genjustu.hopto.org
johnboo.hopto.org

# Reference: https://www.virustotal.com/gui/file/6c9d744a929a0e67b79dbb669cf8be1ac357b0e8eb75074ace81fa90857e5552/detection

197.1.99.237:6606
197.1.99.237:7707
197.1.99.237:8808
197.1.99.237:9995
197.238.81.24:6606
197.238.81.24:7707
197.238.81.24:8808
197.238.81.24:9995
chromsec19.zapto.org

# Reference: https://tria.ge/210528-3n4n93ztka

185.19.85.168:5946
shugardaddy.ddns.net

# Reference: https://twitter.com/petrovic082/status/1397093409521905664
# Reference: https://app.any.run/tasks/a1d1ad79-e892-450e-99ff-19aea71774ce/
# Reference: https://www.virustotal.com/gui/file/51863340741893ed0860f30704e00ee4e4c4f0ac4b2c6eefd5e765008f20eb29/detection

scarsofthesoul.com/wp-content/themes/45gHdoYZRK3EEBAC.jpg
scarsofthesoul.com/wp-content/themes/SNavmh60gxje6Rii.jpg

# Reference: https://www.virustotal.com/gui/file/2b8678fa955d08b909a9068aad612ed566a9a98c0476585770f6d1c8dc0c3f9e/detection

141.255.144.58:1604

# Reference: https://twitter.com/James_inthe_box/status/1406995650307256320
# Reference: https://tria.ge/210621-g8zj1sp5j6/behavioral1

88.234.171.239:555
asc1.linkpc.net

# Reference: https://www.virustotal.com/gui/file/227f44cda2b2f73785a5ae5b258fe818dd3302ce533aa50837ab21d99cb8219a/detection

185.244.26.217:5892
exchangexe2021.ddns.net

# Reference: https://www.virustotal.com/gui/file/068a691ba494e231b27af202af806ff1daac8b660993678a4c0b73ffc8a2d242/detection

185.140.53.169:8970
8970.ddns.net

# Reference: https://twitter.com/ps66uk/status/1407090099699994626
# Reference: https://www.virustotal.com/gui/file/ca8929421ca89c108483865008ee79bd23e3386b899ffebdd897e1d072ad9e92/detection

172.111.244.39:46422
172.111.244.39:6578
leechong444.ddnsgeek.com

# Reference: https://www.virustotal.com/gui/file/14a78e85a9719b24dd71fa5cded55f59c14d45211a18bf89f5196cd2e0cd45e5/detection

83.252.99.10:8080
keyloggerhacker.ddns.net

# Reference: https://www.virustotal.com/gui/file/a72d1d21eaf2f89f06ea807db188ee0e4c6ada5e966568d8543e4c3dbd5c7c73/detection

135.148.134.17:8080

# Reference: https://twitter.com/BushidoToken/status/1416498021127409674

185.195.232.251:57667

# Reference: https://www.virustotal.com/gui/file/5f106bf6a105b2febc08dbc9885420f6341eae88eb5570d5b5454a3bee0c2a08/detection

3.22.15.135:6606
3.22.15.135:7707
3.22.15.135:8808
3.22.15.135:16029
3.129.187.220:6606
3.129.187.220:7707
3.129.187.220:8808

# Reference: https://www.virustotal.com/gui/file/878487e25eb96ab2c4ebd889e4bfc1739d730722c2af4736bc46ac3d11eca453/detection

206.123.141.239:7777

# Reference: https://www.virustotal.com/gui/file/d68b4d6cec032458824abdf3ac6f379f33db2167cb0c399845f4d7735a426827/detection

95.169.210.148:6666

# Reference: https://www.virustotal.com/gui/file/8b388efb71328e18ee3dd5b4c932387ddad5ee79b595751a79fe535533e2c4ed/detection

191.88.250.118:5020
marcelajarakmisdhuakfsg.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c4b86c9533e71721f549923868ca2f940e6bee5b9ef49b661343a5028a16b363/detection

cabovela.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a0329b99847941ede2712082eca9b6fecf89a9150fa36160328b3e596f3c23fc/detection

45.134.225.35:7821
45.134.225.35:6606
45.134.225.35:7707
45.134.225.35:8808

# Reference: https://www.virustotal.com/gui/file/1677e0afc52a9166c9a433e5db3864f71fe5816a98784f6ee3e86540827da084/detection

86.107.197.52:6606
86.107.197.52:7707
86.107.197.52:8808

# Reference: https://www.virustotal.com/gui/file/fa34352f3aec8d28f7e9ebc21a01c3a32e98620790ca91e29ad385919c0e213d/detection

136.144.41.4:4771

# Reference: https://twitter.com/pmelson/status/1419399465207836674
# Reference: https://www.virustotal.com/gui/file/07ac588af0a2789108da9687b452144e346c0a05583ae21660b5b49ef9740046/detection

137.74.176.167:1177
host.aliveafterguard.store

# Reference: https://www.virustotal.com/gui/file/fd78341536c5abe19c4beec49876f8f854819aa075092e3d9aec8c193339fcca/detection

171.235.78.216:4444

# Reference: https://www.virustotal.com/gui/file/b6444d49ebd6cf176222cd2ec2816c07727d334a8c6aed056e6e953796f7433a/detection

197.210.71.57:8971
makesuretobackup.loginto.me

# Reference: https://www.virustotal.com/gui/file/0705b69d12b5171f99bb4e89191939fe874ef994ffacb2508abcc2057463b605/detection

104.227.146.200:8835
104.227.146.200:8970
104.227.146.200:8971
104.227.146.200:8973
8970.ddns.net

# Reference: https://www.virustotal.com/gui/file/4e8bacc82d5684af7b56acbd3150ec033db6d6cc89e60bcf1d16ff13766d41e4/detection

185.140.53.169:8835
185.140.53.169:8970
185.140.53.169:8971
185.140.53.169:8973

# Reference: https://www.virustotal.com/gui/file/eeea15c1411e2f21445e11f510f4c3a3a9c8390085757daf352d48dcfa50d182/detection

104.227.146.200:8070
185.140.53.169:8070
35asyn88.ddns.net
7298hwor.ddns.net
newagain.servep3.co

# Reference: https://www.virustotal.com/gui/file/da8a2b68f14fab211ffe09dc43922790417dbb6e5fa437b461ad1d5ac7d4f788/detection

141.255.151.240:2880
xinpin.ddns.net

# Reference: https://www.virustotal.com/gui/file/0da6b4eb3e0cd74821c92e1cf094e148f62749a6bc8a2d5e457ca320be2947da/detection

46.249.32.186:3000
46.249.32.186:4000
camfro9ksa.no-ip.biz
jamal16a.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/c31f8b69245d8207cf420a1e7ca523553eccd96d649168314db28644203cea9e/detection

194.5.98.8:3030
adikremix.ydns.eu

# Reference: https://www.virustotal.com/gui/file/19470ceb697cfe1039f344962da8fe0b1fe484bd0488db00afef27816ee62ae6/detection

185.244.26.165:9582
e29rava.ddns.net

# Reference: https://www.virustotal.com/gui/file/623534bf150f2538edb27e51ed56b92f464adb5da8e2db378ec3a666fcb64772/detection

185.244.26.213:9872

# Reference: https://www.virustotal.com/gui/file/6693e9ce0848fe351b1df785a7540ec3bc1950fd698977cdd8cde1b3d4f19681/detection

177.126.146.148:6606
177.126.146.148:7707
177.126.146.148:8808
word.is-a-rockstar.com

# Reference: https://www.virustotal.com/gui/file/df5909d3af4ca4654c190c579631cd6d9aae3e0270daa83e92c7ee4397322364/detection

79.134.225.109:9070
asyn101.duckdns.org

# Reference: https://app.any.run/tasks/7e4869df-9ab6-4ee4-9772-f5af5721ca83/

91.151.88.245:2070

# Reference: https://app.any.run/tasks/eb9ed5cc-ca36-4fcd-955b-81a360cda877/

20.199.121.197:7707

# Reference: https://app.any.run/tasks/78c5b68f-1c96-46a6-8519-d7f8e475a714/

151.237.185.211:20090
harnav1.ddns.net

# Reference: https://www.virustotal.com/gui/file/c8b7234f8cbfaa32f5c52c02b259511861bfa602a447aea1b1e82f024f102e50/detection

37.49.230.185:5874

# Reference: https://twitter.com/James_inthe_box/status/1438506362107928582
# Reference: https://www.virustotal.com/gui/file/0d9937ff3380d575397c7dae4b22267d42a029956d45a16f956cddf479c3cf59/detection

194.5.98.132:1849
rick63.publicvm.com

# Reference: https://www.virustotal.com/gui/file/4a0d7d71ba4692f70972ca28028f943a5cb56086f4fed16829f276a6d70fbc38/behavior/C2AE

195.133.40.157:9909
195.133.40.157:8808
rocking.ddns.net

# Reference: https://www.virustotal.com/gui/file/a352ce2dcf084f7017ee2f287678a5852470b9f64f00988a51104d9370a442fd/behavior/C2AE

microsoftstore.ddns.net

# Reference: https://www.virustotal.com/gui/file/7bbc45943986a1f5886ca429f3fadde428a7936c2e3a421b5f8f24e06ace0308/behavior/VirusTotal%20Jujubox

196.170.63.108:6606
196.170.63.108:8808
zeroxzerox19.ddns.net

# Reference: https://www.virustotal.com/gui/file/6c5a78bc2995bd9098af7b5b2cc18b3763a5c16b8960847d8d1518ea03fa5262/behavior/C2AE

kalilinux123.ddns.net

# Reference: https://www.virustotal.com/gui/file/3a466603350e269cc3c6d47e9467525319d96b93abf4a4f94aa81ef616409792/behavior/C2AE

192.169.69.26:1884
dgrthdg.duckdns.org

# Reference: https://www.virustotal.com/gui/file/19261c2bcb77b1f207415ca68e845ee2d7bea24d870b0543233bb277c1c3416a/behavior/C2AE

142.126.121.109:9897
eeeeeeeeeee1111333.ddns.net

# Reference: https://www.virustotal.com/gui/file/511be2e5f0ecf8da123bd5eaf462869233c658c88f4ab6c5472792f62a67a898/behavior/C2AE

91.109.186.6:8808
91.109.186.6:6606
91.109.186.6:7707
milla.publicvm.com

# Reference: https://www.virustotal.com/gui/file/0cf2d9d9b8cf8181784372da15e5c19918577d9462eb38de60f2cd48ef793685/behavior/C2AE

185.157.160.198:1973

# Reference: https://www.virustotal.com/gui/file/4556c1debf74fe9cdc70eeae3ad1737867f12aafe5f129f2e4c32c3bca5d2373/behavior/C2AE

119.91.81.102:10050
vaoz.hopto.org

# Reference: https://www.virustotal.com/gui/file/cef377096aa29c2d56751c604f9c12149596aed21307ae70889367b3717820c3/behavior/C2AE

41.225.94.19:6606
41.225.94.19:4444
41.225.94.19:8808
41.225.94.19:7707
nosnos89.ddns.net

# Reference: https://www.virustotal.com/gui/file/49af85ae6afd7dd5c5df440d8c6043c2c14f206a8aaeda0dc2d8d2fa4942faa9/behavior/C2AE

128.127.209.204:1188
ethanily7lm.ddns.net

# Reference: https://www.virustotal.com/gui/file/aa8b3ea0e61c4e7951f01a7934c1b500a57afabbac14f794036723048bdd2959/behavior/C2AE

193.161.193.99:6606
193.161.193.99:7020
193.161.193.99:45415
193.161.193.99:8808
193.161.193.99:7707
sherlmes2-45415.portmap.host

# Reference: https://www.virustotal.com/gui/file/f77b792b18ed388d1223539319cac1d6c2ec1af3193325aca3d0094160049ad0/detection

91.109.176.3:1010
poplll.ddns.net

# Reference: https://www.virustotal.com/gui/file/e55a4da819c806619edb25aba1ae1e1a4b95f46861b636f9958f910166e34cf9/detection
# Reference: https://www.virustotal.com/gui/file/dd1fb521c590a121ce61b6a422c1ec3212248c4973f47be6ddcaa2189d410966/detection

91.109.176.3:1100
91.109.176.3:1122
shero21.ddns.net
shero21.hopto.org

# Reference: https://www.virustotal.com/gui/file/918aca7c4e894fac419afbf9d3b933604bd354f84c819a4241a8a9a7bd81c9ca/detection

91.109.176.3:3242
brikol32.hopto.org

# Reference: https://www.virustotal.com/gui/file/c8ca46366ec70b0463b3ee7e747c1c22e1d42f7e7e77e0e896edf99aebdbeb10/detection

79.134.225.77:9532
79.134.225.77:9690

# Reference: https://twitter.com/pr0xylife/status/1450398699121750019
# Reference: https://www.virustotal.com/gui/file/3959233284f7f4a7bec2a314820e3b8e073591a31dfe8c43a03f7a24833b7fd3/detection

139.28.37.182:5200

# Reference: https://www.virustotal.com/gui/file/47ba489de1983d8cba9e284e4ff259ec8fee5fd95464953483c16af9ded7f499/detection

37.0.10.5:1553

# Reference: https://www.virustotal.com/gui/file/0a8ca65757f6c874a8d6124b06c9661f7066a6508d887ed93119539b17de39f3/detection

51.222.98.71:23411

# Reference: https://www.virustotal.com/gui/file/62b91b016641d20e062da305675e6b9ebdc8166c0406c6c151deb00a3b0eea35/detection
# Reference: https://www.virustotal.com/gui/file/caaa9c3c18c70d0fa3ce8eeb331098923c5d66c85852d61ff35e44ef3717d552/detection

194.85.248.50:1616
45.144.225.178:1616
bbccdd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/44c2e5015639f92b300d495be689bb6f5973c650dc0ac861d77ae97cb21b7807/detection

144.126.141.41:6606
144.126.141.41:7707
144.126.141.41:8808

# Reference: https://www.virustotal.com/gui/file/ac89daad73dd89dc4a2f4fe58a4a5ab29b14bdecf1710a172bc58ea513e6c3e4/detection

http://149.56.200.165
149.56.200.165:6606
149.56.200.165:7707
149.56.200.165:8808

# Reference: https://www.virustotal.com/gui/file/665dc88a9cccd536d40ac75c3eb23de8d1d5e95aee504f0ce31f4b31db81d468/detection
# Reference: https://www.virustotal.com/gui/file/ea068c51c9036a7fabe4d259e1447154b9bce2ab58d8a5feec10012c72595955/detection
# Reference: https://www.virustotal.com/gui/file/7768e84058b04954d258242e0e36804d74aa93cd96ea0c32aad85af86e2040c9/detection
# Reference: https://www.virustotal.com/gui/file/2b7dbd887c6917e12d524ce2b2de699908df59566500acef015660d379cb8205/detection

186.169.35.22:9194
186.169.42.167:9194
186.169.52.151:9194
186.169.76.22:9194
anysdk.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6f194457591e38ef91c704ee2e78d676158721b7123c5d6f1f7ab893525c1d0f/detection

5.36.102.135:6606
5.36.102.135:7707
5.36.102.135:8808

# Reference: https://www.virustotal.com/gui/file/853274bbcb0c9406640b129d9b5ec887e31da0483b1c5b1204b13369361fa7cc/detection
# Reference: https://www.virustotal.com/gui/file/3b378370df4ccdf42f83ac4ca27c77c7a84e76f370e6a1fd0f0cd997c7862eb5/detection

89.10.111.40:3074
getfucked69420.ddns.net

# Reference: https://www.virustotal.com/gui/file/12547cac918d152b630f82bc88399322ea3537082f0eb167e5e3915fef512037/detection

hhahkek.ddns.net

# Reference: https://www.virustotal.com/gui/file/9a0bcd595c00fac69969827f5c83d08bbe6bb5f5d29b2a9bd294e9618ecf1cc4/detection

193.183.217.94:42431

# Reference: https://www.virustotal.com/gui/file/b0106b10a4ec8d9be9349ea21ce7d8810884a54e65a025a1c57d282eb5b49b73/detection

20.113.56.70:1939
yarakkurek31.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6ef6850e025b28edccc2d716a969257368082a7e64a6c73253315881fa3da18c/detection
# Reference: https://www.virustotal.com/gui/file/d7275e118bd4932e36789d4c03147c3efe3a31ea9c719b8e93d8697baabfbe4f/detection

103.1.184.108:4000
216.250.97.121:1568
216.250.97.121:4000
216.250.97.121:6220
216.250.97.121:712
mycollege.duckdns.org
ournewos.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8e57ba59e782cb55787620258867e2c64d2e30ee02924f02a6e9e61a9b6775a4/detection
# Reference: https://www.virustotal.com/gui/file/7a2c578192832bb2e9282ff4c79c8d0b0c51e4c2b90680e4752f738e6ae37926/detection
# Reference: https://www.virustotal.com/gui/file/0e3cda3174da3842c349bfcaa42f79b634314859cd2dbb60fb254ba2ea265524/detection

194.29.101.219:81
216.250.97.121:81
42.106.199.93:81
medicalservices.publicvm.com

# Reference: https://twitter.com/ScarletSharkSec/status/1476615969191731215
# Reference: https://app.any.run/tasks/0560b542-81d1-4214-9f3a-d89ca1cf3adf/

144.126.136.214:3101
imghost.myftp.org
uspsform.info

# Reference: https://gist.github.com/silence-is-best/e2af8aa61000e4b740934331291c619b
# Reference: https://www.virustotal.com/gui/file/769c5c1d9681b468b84a14af0c33ec4ee786f8c7a0eecf7819bd9286cab2d474/detection

185.140.53.178:1515

# Reference: https://www.virustotal.com/gui/file/f2e9cc84d53231470b1fa5491464a00cb7562000a56e0ce8264a61783e44ed75/detection

185.244.30.58:62750

# Reference: https://www.virustotal.com/gui/file/0df8f6927d1c11bddd28ac7ce0699bb205c36c7d690c5ca9db3109bcc319904f/detection
# Reference: https://www.virustotal.com/gui/file/9bd27defdb0f664430d2775c7cdfe585bd87052e856ff07f124a416eacc01b32/detection
# Reference: https://www.virustotal.com/gui/file/262fe30f28e10a70ff92f0936f1934664e6c55d6a0b7e9541370d75bb62165bb/detection

2.97.222.100:4272
2.97.222.100:5000
2.97.222.100:5321
2.97.220.50:5321
3.141.142.211:16656
3.141.142.211:4444
3.141.142.211:5321
3.141.142.211:6942

# Reference: https://www.virustotal.com/gui/file/c0f7710298626ad629721a8683adbea6d73db902d3bcdc782c7fd1b524646392/detection

92.15.9.84:5000

# Reference: https://www.virustotal.com/gui/file/4094cb0eaf6d140e67eb7f3a09043ae48a1ff92ed749ba81ff471bc24f2e3747/detection

kingg32.ddns.net

# Reference: https://www.virustotal.com/gui/file/96bf189c954cf26d2aa54d3e9da9e06d2fbefe5922b48b12b5302fbe0b64e2cb/detection

105.112.70.6:6606
105.112.70.6:7707
105.112.70.6:8808
rainbowsmile.freeddns.org

# Reference: https://www.virustotal.com/gui/file/9945c3e1fd6ceb2e42f17983cbc5e71e28220bb9b9785fc5c7747f299312b2e2/detection

45.142.212.31:6606
45.142.212.31:7707
45.142.212.31:8808

# Reference: https://www.virustotal.com/gui/file/62e268ffe865dbd7d75337c7e9a3c0607942e4c57e67ff2d68f00bc68a4ece5e/detection

http://119.17.214.76

# Reference: https://www.virustotal.com/gui/file/577060714ee5177e501acbc7cbffdb5589dc21bab72307062aa7883ed14f4442/detection

109.228.37.222:20000
213.171.211.204:21000
dlldns.xyz

# Reference: https://www.virustotal.com/gui/file/48d25c5b9b73012e8b2df3579c75ffdaa1f9d1686d6155bea7c1d5a5065f229f/detection

79.134.225.79:6606
79.134.225.79:7707
79.134.225.79:8808
planst09991.duckdns.org
pureloader1.ddns.net

# Reference: https://www.virustotal.com/gui/file/c144524875b9b3d451ed3d075e879677cd84fa50093063a395648551717e3fa3/detection

207.246.86.113:8888
207.246.86.113:9999

# Reference: https://www.virustotal.com/gui/file/765a57140b17fcf2388544f17837ef208ad578e92602bc972e42fab41ef33834/detection

207.246.86.113:1986

# Reference: https://www.virustotal.com/gui/file/10a87fd245cbee46c1565d369a0276d9e25a4540977af9f132dae6257040b155/detection

207.246.86.113:1988

# Reference: https://www.virustotal.com/gui/file/fa07402a7655d9e2fc0558ab22b75c004602e35ec5e3310b7e264e6ec2a79fb5/detection

149.28.35.14:8668

# Reference: https://www.virustotal.com/gui/file/45995c61073b4228eef6414c0ffd9357429c6945f731e4d8150f779994143425/detection

173.225.99.230:9966

# Reference: https://www.virustotal.com/gui/file/6f3b7811c3e549e0d8b77fa1bd511ebf55ebc8f276446ce77184c6df665f8a28/detection

185.144.28.238:8848

# Reference: https://www.virustotal.com/gui/file/98c1afc5a3d52830e518a8ba4fb2950aa28147efd5cc8bf08386cde9b579c142/detection

104.207.152.120:1868

# Reference: https://www.virustotal.com/gui/file/d887313a40393517370c184c6afa227305a91c05d96d8eda6bf74f133654e572/detection

194.33.45.165:6666
ahmed2611.linkpc.net

# Reference: https://www.virustotal.com/gui/file/2079ee598c065e370547a1522995502ccdff9ca9878963b86b285489c165b176/detection

2.56.57.210:1444
2.56.57.210:89

# Reference: https://www.virustotal.com/gui/file/23bb1ec79732017c4f1ce1a41a07bf9df4c9dcdbb8c79ebfa1b3e83f4538c573/detection
# Reference: https://www.virustotal.com/gui/file/6cec9b24677f0912fe91b0b40836752be09888e6c2b1783f51c9a7aa6827b864/detection

154.118.104.174:61857
154.118.104.174:61974
2.56.57.210:61857
2.56.57.210:61974
artedriendfrim.hopto.org
famesurvelizerditis.sytes.net
haldriendfrifaimano.ddns.net
reoildriend.sytes.net
riemaldriendfri.sytes.net
tancesucesm.chickenkiller.com
universalchampionis.zapto.org

# Reference: https://www.virustotal.com/gui/file/63ef801de07c0cad9af70847fff881fc454ed5430f289b95581399b4aee809a0/detection

103.151.123.194:7829
103.151.123.194:7840
103.151.123.194:7841
103.151.123.194:7842
asyncmoney.duckdns.org
asyncpcc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/47f83bc0ad5cec2e365409f45ba67220e8ecf9a7313a38caef08fd9559e8a2ba/detection
# Reference: https://www.virustotal.com/gui/file/edf90d101a43361dc1245ebc74132e08f54db942af670377c431003e85534b22/detection

13.82.65.56:4021
64.188.16.134:4021
yuri101.duckdns.org

# Reference: https://www.virustotal.com/gui/file/68106918876232b746129b1161c3ac81914672776522f722062945f55166ba68/detection

23.102.1.5:6230
23.102.1.5:6231
23.102.1.5:6232
dccrypa.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b7f3d1dd2aa804eb498480b7a3b03ea003efb665005e844e51be5b8ab9dc8e79/detection

23.102.1.5:6121
asyncspread.duckdns.org

# Reference: https://www.virustotal.com/gui/file/456ae44a137a75594a129beed2a917afa00e94b79825fd9500c6b07da69310b9/detection

103.151.123.194:1990
meunknown.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a3013ca2f3bee249886bfa72085ae98f31ff49ab7b0e0bb4de883e94d88cd9ed/detection
# Reference: https://www.virustotal.com/gui/file/597e67048274e435928e11acf5e712b932695b1eb343398559fa83993c91296c/detection

88.111.229.212:6606
88.111.229.212:7707
88.111.229.212:8808
88.111.229.212:20000
88.111.229.212:21000

# Reference: https://www.virustotal.com/gui/file/7bc5ed12f076a174ab2b7e39ace5f88cfe695c75f3bc67701f42736be6de04a7/detection

88.111.236.191:6606
88.111.236.191:7707
88.111.236.191:8808
88.111.236.191:20000
88.111.236.191:21000

# Reference: https://www.virustotal.com/gui/file/c743735f89a5586315aeba456f9f4167a3365ea070d9d631e35aeaad4772d09e/detection

92.3.192.170:6606
92.3.192.170:7707
92.3.192.170:8808
92.3.192.170:20000
92.3.192.170:21000

# Reference: https://www.virustotal.com/gui/file/4d13e663aebabe2376c4f231356688108b5a124e0aafbc1717efa9f82e23f2b2/detection
# Reference: https://www.virustotal.com/gui/file/eb918b8f920a7f710cbd2460ba6132a177996912cc0ef6144ac824e3e37e4fdb/detection

104.21.13.168:5380
172.67.200.214:5380
37.238.146.36:5380
91.109.190.3:5380
fact.azad.live

# Reference: https://www.virustotal.com/gui/file/a672aa201c4172fb50bbf332a57a25c399e1c0a881f09ace05dbcc77d859627e/detection

46.246.6.11:9000
david123456.duckdns.org

# Reference: https://twitter.com/1ZRR4H/status/1485771167948546048
# Reference: https://tria.ge/220125-adlgqacfg6/behavioral1

104.249.62.71:4212
strekhost202201.duckdns.org
strekhost2024.duckdns.org
strekhost2025.duckdns.org
strekhost2028.duckdns.org
strekhost2029.duckdns.org
strekhost2030.duckdns.org
strekhost2034.duckdns.org
strekhost2035.duckdns.org
strekhost2036.duckdns.org
strekhost2045.duckdns.org
strekhost2054.duckdns.org
strekhost2057.ddns.net
strekhost2061.ddns.net
strekhost2063.ddns.net
strekhost2067.ddns.net
strekhost2074.duckdns.org
strekhost2076.duckdns.org
strekhost2084.con-ip.com
strekhost2087.con-ip.com
strekhost2091.con-ip.com

# Reference: https://www.virustotal.com/gui/file/fd607e03512a15e3bf9dd3c80dbca2b9235012004cb9b69fa05df2f5344037ef/detection
# Reference: https://www.virustotal.com/gui/file/8b022a46d08a7cf80f1141e534f647d1113fe87426e01dc35465f62bfd5052da/detection

189.146.59.185:81
201.121.135.170:4449
3.14.182.203:26008
3.17.7.232:26008
3.22.30.40:26008
venom5002sitask.6te.net
venomsi.mypsx.net
/venom5002SiTask/

# Reference: https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign
# Reference: https://otx.alienvault.com/pulse/61f2ace89496fafe74bbb9c7

11l19secondpop.ddns.net
2pop.ddns.net
elliotgateway.ddns.net
newopt.servehttp.com
newsa.ddns.net
nomako.ddns.net
pop11.ddns.net
python.myvnc.com
wthcv.sytes.net

# Reference: https://www.virustotal.com/gui/file/d775bef532e71e692eb0e66292da60db38864a4f3dba5d2382ace1992ddd55f3/detection

212.192.246.239:1001

# Reference: https://www.virustotal.com/gui/file/9d17ef60c2fe51c9ddd8c03a519059d3eddfd2ac8803ac5d7d91a71075810887/detection

212.192.246.239:228
212.192.246.239:901

# Reference: https://www.virustotal.com/gui/file/4743f18e28808ce90f8c9197c112fe5ceeb91c20f41b92a00034e2884cab1907/detection

212.192.246.239:8000

# Reference: https://www.virustotal.com/gui/file/d0b02f3290dc695e0d9e63060a3dcad7d351c7db7570d656da965ba95f1368b7/detection
# Reference: https://www.virustotal.com/gui/file/ee64468498a36ca484a8ea1079b6e125590749dd2535c7cbfb0b24050b10dd3c/detection

209.127.27.27:6606
209.127.27.27:7707
209.127.27.27:8808
crypto-support.network
myvps2022.ddns.net

# Reference: https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign

178.238.8.233:6606
178.238.8.233:7707
178.238.8.233:8808
python.blogsyte.com

# Reference: https://www.virustotal.com/gui/file/169a4309780969168c4af528075bb4b1e2526f976ab572cdfa6ff3e13a009faa/detection

194.127.179.238:8855

# Reference: https://www.virustotal.com/gui/file/f95c8ace1331a172303a2f2cea8edc805203156e499012df465a158246495cce/detection

216.250.249.156:1148
216.250.249.156:1560
216.250.249.156:1985
23.95.115.74:1465
23.95.115.74:1560

# Reference: https://www.virustotal.com/gui/file/f6092f6961226ced6b4858af475736af69ac36f35dea6f539eb552dad3b00fbc/detection

104.37.174.26:1985
104.37.174.26:4040
104.37.174.26:5050
216.250.249.156:1985
216.250.249.156:4040
216.250.249.156:5050

# Reference: https://www.virustotal.com/gui/file/f54d3ce36fea6ef51b10501d96f8e82deab82440005200ef16f88e4154d923ba/detection

216.250.249.156:6606
216.250.249.156:7707
216.250.249.156:8808

# Reference: https://www.virustotal.com/gui/file/f25eb7952a3cea441effa29b4b95ac46269fb8ab56e39166a0e56ade8f7bdf5a/detection

216.250.249.156:1148
216.250.249.156:1414
216.250.249.156:1465
216.250.249.156:1759
5.230.72.3:1148
5.230.72.3:1414
5.230.72.3:1465
5.230.72.3:1560
5.230.72.3:1759
5.230.72.3:1985

# Reference: https://www.virustotal.com/gui/file/ca2f1fd98c74804cf417f07a86db13a71baed4647e919a110a82df0bfba02e85/detection

http://5.230.68.154

# Reference: https://www.virustotal.com/gui/file/c507346693107714c35dae061f39b4af97f7ee55a12e7fbb689ca62405af7414/detection

51.210.48.148:6606
51.210.48.148:7707
51.210.48.148:8808

# Reference: https://www.virustotal.com/gui/file/ba1c40946756613c5321bea71118ec169096783344d0aca7e9ee5e0ac62b07ef/detection

216.250.249.156:1980
216.250.249.156:1981
216.250.249.156:1982
216.250.254.208:1465
216.250.254.208:1560
216.250.254.208:1980
216.250.254.208:1981
216.250.254.208:1982
216.250.254.208:1985

# Reference: https://www.virustotal.com/gui/file/b135b4f9bbc86735c19170c9728466e972f5985ccef6f44fc39b50e24987b0fb/detection

104.37.174.26:1759
5.230.84.50:1465

# Reference: https://www.virustotal.com/gui/file/a576dd4d6b216109bf7044bc90ebd70a2205bffb43272b28f8f112b480eecea5/detection

193.29.104.186:1465
193.29.104.186:1560
193.29.104.186:6606
193.29.104.186:7707
193.29.104.186:8808
216.250.254.208:1465
216.250.254.208:1560
216.250.254.208:6606
216.250.254.208:7707
216.250.254.208:8808

# Reference: https://www.virustotal.com/gui/file/832ed387078d95665e268d6fc1da6b62f9c785049c1a479bdb9eb45e8945eadf/detection

14.18.141.27:33355

# Reference: https://www.virustotal.com/gui/file/5c7887914b2ebb56fc762b555093719b30978e7d603ee1ba198f288090bec15b/detection

104.37.174.26:4848
216.250.249.156:4848

# Reference: https://www.virustotal.com/gui/file/19247536d1bb8035395a3a2bca3ecb17c36ddf48fee86a00d9d6e3e4bf622f35/detection

104.37.174.26:2018
216.250.249.156:2015

# Reference: https://www.virustotal.com/gui/file/ceaeb1dd68355d7a47455dffd00f3ab735e295c2aad6d7c0d754f371af3e0093/detection
# Reference: https://www.virustotal.com/gui/file/c0d614d65f3710bac72f12f0dbd86b77971f64a7fd3dad978ccde2d0e4d7d39f/detection
# Reference: https://www.virustotal.com/gui/file/6c2ee1611af326cf2c791ef63f6816ee8364fcccfc7a2facb5dbbb82bf310fe3/detection

185.110.106.210:1337
185.163.218.120:1337
81.94.199.203:1337
kho8arje.ddns.net

# Reference: https://www.virustotal.com/gui/file/fd8419faf4dbccd31e6305cb19cb9043dacaea147b38d1c0e78105802a9d99df/detection

45.144.154.150:1095
45.144.154.150:1097
45.144.154.150:1098
45.144.154.150:1604
45.144.154.150:18
45.144.154.150:4782
45.144.154.150:4784
45.144.154.150:59
45.144.154.150:5900
45.144.154.150:9495
alemdar571.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ef3108a8fa42fa5ed82f82a3c9d7d9f5cd2b35dd653127585977578321ce21d0/detection

189.38.106.99:8080

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_03.02.2022.txt

documents.pro.br

# Reference: https://www.virustotal.com/gui/file/00ecb52e6754df0b9b25f896e8d923d6fc11c80fa333df430d1c3e3c94a7a404/detection

201.212.135.172:3042

# Reference: https://www.virustotal.com/gui/file/a829a8001f09c89ec992913ea3a6d2bde958779e8a7788d9d2a0e1e319e316bc/detection

173.44.55.179:13294
173.44.55.155:48241
kumar.airdns.org
minchia.airdns.org

# Reference: https://www.virustotal.com/gui/file/5511ab25c4f241c5683ad0b26452c2c474841dce3666010d723243f987b06872/detection

3.131.123.134:24138
zealous-fire-94898.pktriot.net

# Reference: https://www.virustotal.com/gui/file/2b4fcba2cacdd48089b43c746a24cda262ee87db830bd9aaf9ee82f5cb900de5/detection

79.134.225.90:83
confucanism.hopto.org

# Reference: https://www.virustotal.com/gui/file/443858dce1aeb48c098475dcf1f04c286a6d69593a41613436f05fd12fb35bc9/detection

51.89.253.23:6606
51.89.253.23:7707
51.89.253.23:8808
3laallah.myvnc.com

# Reference: https://twitter.com/peterkruse/status/1492796546525638656
# Reference: https://www.virustotal.com/gui/file/76854bcfb1fe0e8baf04c994cf4db49f5445e77201535ca49616a23c0ca69004/detection
# Reference: https://www.virustotal.com/gui/file/4a7484b8027c04f1b339c56ab4bc40ba6b8bb876507d421a59807684aab1e83c/detection

159.65.243.143:8080
20.113.159.145:3162

# Reference: https://www.virustotal.com/gui/file/9cd3f611b2d854917d5d0229d7440b30f2610984d51a5cf591591fd156558973/detection
# Reference: https://www.virustotal.com/gui/file/3cf3c75627a9a6813f7d5f708c88d2d41c6d18e92fe9dea86bb370c6b816bf40/detection

199.195.253.181:6606
199.195.253.181:7707
199.195.253.181:8089
199.195.253.181:8808
prhostings.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d9f2bab44100729ed79b2acaf2b8f1cf3b665d55988847e06b19ec0625f25fed/detection

37.221.122.76:6606
37.221.122.76:7707
37.221.122.76:8808
jeazerlog.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d8a413d1ff3f0d7cc9e07393e720b54403c0d180157065b7d0c81c090124a73c/detection

179.13.2.243:4204
strekhost2031.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bee9c217ba2e0a439775033e5abba4a999bebe29474dda7011d67e77173598aa/detection

107.128.170.0:1604
monkeygame.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b74da435a84b6a240fdefcb357abb948e5451fa11dd48e4381b9897abf1cd267/detection

46.183.220.49:46422
46.183.220.49:6578
chonglee575.duckdns.org

# Reference: https://www.virustotal.com/gui/file/10037dcdfbe006f14125b3b5fec8ab336ce996c1fe8af03114597b51d446b843/detection

141.255.144.69:6665
141.255.156.217:2020
141.255.156.217:6663
45.164.102.81:2019
45.164.102.81:2020
45.164.102.81:5000
45.164.102.81:6662
45.164.102.81:6665
hotelposeidonia.ddns.net
putha.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9917e1b3643ebd9b87d96eaa225e293b4ab0a92f78f0df1f99efd85cf220f469/detection

86.156.139.211:32244
86.156.139.211:6606
86.156.139.211:7707
86.156.139.211:8808
venos1245.ddns.net
venos12678.ddns.net

# Reference: https://www.virustotal.com/gui/file/61309fd4c88c63e431b06b603aa83b1e3b1326ade092502675597b1469150e39/detection

191.248.178.226:7777
kklele.ddns.net

# Reference: https://www.virustotal.com/gui/file/f561b5e40ebff43e78dd61cb03ac5300aa6dce51cfe67bb288d3bec154effd69/detection

102.186.16.48:5556
asg1.ddns.net

# Reference: https://www.virustotal.com/gui/file/d4d90420777353fb8faece913558695e0ffd478cc0fccdd6ef316ce68b118a83/detection

163.123.142.141:6606
163.123.142.141:7707
163.123.142.141:8808
163.123.142.251:6606
163.123.142.251:7707
163.123.142.251:8808
mywatermoney.ddns.net

# Reference: https://www.virustotal.com/gui/file/c3d26b6aed4ef3cf1d0cf3d53e5280a11367cb792db7b13c50ffc695d77d0e80/detection

136.243.111.71:6606
136.243.111.71:7707
136.243.111.71:8808

# Reference: https://www.virustotal.com/gui/file/5bc250fe115f0af94d9d57840c5aa4ddc91b5c3f4100edba4e154cd438e8d682/detection

20.123.180.103:1337
20.123.180.103:6606
20.123.180.103:7707
20.123.180.103:8808

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_28.02.2022.txt

52.15.81.204:6606
52.15.81.204:7707
52.15.81.204:8808
nsysc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3a2bcee2582e82d8caf5a85d4b3a8b5d779313aead59394e43cb0577e2ac5caa/detection

91.193.75.222:1337

# Reference: https://www.virustotal.com/gui/file/23d9cd92f8a143d8c11189ea65e238954e8dac8da8a8867cf243eb199af2a45f/behavior/Zenbox

216.250.97.121:4242
darkflood.ru

# Reference: https://www.virustotal.com/gui/file/02c4db3938f02e93ac275981ac2121254191a76732235e574d20f70f89a415d0/behavior/Microsoft%20Sysinternals

20.113.168.5:5552

# Reference: https://www.virustotal.com/gui/file/a03a750c266a3440bad4bdbf1a6539a5f3108d4b1701049167dce3c21b8892c9/behavior/Zenbox

144.126.209.63:7707
144.126.209.63:1443
144.126.209.63:8808

# Reference: https://www.virustotal.com/gui/file/a42aaf89dfaf1dc938def40171798b2a5e641da48851a30cc83e46243d677341/behavior/VMRay

181.141.6.14:1543
async19.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b75253da4ffdfd8ffb110066ed246127053b71f331210dcab40581fe9529dd1b/behavior/Microsoft%20Sysinternals

105.155.171.124:1177
virustheonluone.ddns.net

# Reference: https://www.virustotal.com/gui/file/f1d52de14a1e669c219644cb3cbd8f5e7155799334b9f43576cdaaf985feab29/behavior/Microsoft%20Sysinternals

156.204.146.6:1177
mokea.ddns.net

# Reference: https://www.virustotal.com/gui/file/356d357fd1d8ebbce5b44f0e2fc758f08b0ddd8fbba0e5d705c7f3b823c61194/detection

41.140.166.138:8080
amineaskary234.ddns.net

# Reference: https://www.virustotal.com/gui/file/c87370e8e2e08a93f6becca89df295a17a6c8136edadec5522360cee30b6a2d4/detection

2.89.88.55:8620
nydarcl0b.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1501663331458818057
# Reference: https://app.any.run/tasks/8cc8d2fc-f24a-42ea-9db8-ca2bceb791e6/

217.64.31.3:6606
217.64.31.3:7707
217.64.31.3:8808
217.64.31.3:8437

# Reference: https://www.virustotal.com/gui/file/14217d54e50cb1750df957ee13ceddfb0775e9df7b286dbbe8bccfde89e8462c/detection

123.27.146.13:6606
123.27.146.13:7707
123.27.146.13:8808
spikevntm1.ddns.net

# Reference: https://www.virustotal.com/gui/file/2d2351681ab5a3fc5d448474986d26cfe06fe6f889435523fd2a1f1c9e7b684c/detection

41.238.79.40:1177
41.238.79.40:4444
eeent2am1.ddns.net
ennt2am11.ddns.net
matrixhack9.ddns.net

# Reference: https://www.virustotal.com/gui/file/fcd5fc495b4f81bf91491b52e1759cf93794bf135fed6469a5d1e0663dfb6c3e/detection

94.204.143.223:6606
94.204.143.223:7707
94.204.143.223:8808
exelelo.zapto.org

# Reference: https://www.virustotal.com/gui/file/a9e0e20979d2a5ee73322a2dd94bed304e2586d91d01808130ffe1ae6c043a69/detection

142.114.120.140:8080
rezan.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1508822431422582785
# Reference: https://app.any.run/tasks/bbe72cb9-d347-4b41-8517-99be1dac9a07/

79.134.225.89:5900
crazydns.linkpc.net

# Reference: https://otx.alienvault.com/pulse/6244476ff6012996f9a9cba1

hahakek.ddns.net

# Reference: https://www.virustotal.com/gui/file/abfbde0fea7eba7c409710cafb5a7fe2b2315b4a95898420117ad5088ad4c6b3/detection
# Reference: https://www.virustotal.com/gui/file/a81a4b5eaea54fad12b6fc2e4b1eae62f30a2a9ba1d1abb94ca85e58dbfa8623/detection
# Reference: https://www.virustotal.com/gui/file/a81a4b5eaea54fad12b6fc2e4b1eae62f30a2a9ba1d1abb94ca85e58dbfa8623/detection
# Reference: https://www.virustotal.com/gui/file/a5488fe77d6f68e3512c20b5ffd2105265ae55f50f872fe9b3429b39ed16b7de/detection

43.133.1.136:48214
45.133.1.136:5579
sivnquldmiqa.ratkings.net

# Reference: https://www.virustotal.com/gui/file/fa0a7de603a1fa1dc694862999423e093b8f5285498607d27c1a6074a00455f5/detection
# Reference: https://www.virustotal.com/gui/file/9dee44e6c8075f0f369cde080e56edca0e2fb93b59520dd99a2884ea7b55c7f9/detection
# Reference: https://www.virustotal.com/gui/file/75a1202f0bc5aafe9d205c52416c1bc5b1f2976edb490dffc812f4197bb02277/detection
# Reference: https://www.virustotal.com/gui/file/4f1dcb5778a57d02f7cb485e2d76234ce1913bcc872535221966d596c78056d0/detection

2.56.59.227:4455
212.192.241.41:4455
pnake.000webhostapp.com
vuqozgiamcvoe.ratkings.net

# Reference: https://www.virustotal.com/gui/file/98e74bdca833fffdeadd8aaa3887c60eda29d658e35c7e02a6e364c6a0566039/detection

178.238.8.233:6606
178.238.8.233:7707
178.238.8.233:8808
pythonn.linkpc.net

# Reference: https://www.virustotal.com/gui/file/00abaec0096cdb5a62684479e06fae3c39632e15adb436d2e7e975e9f2cf8c96/detection

89.134.228.127:45000
empirehosting.ddns.net

# Reference: https://www.virustotal.com/gui/file/bd2260b469f9c0504fa2156fe99ce3eb54a093a185c09cb5e0729114ff13a100/detection

194.85.248.87:6606
194.85.248.87:7707
194.85.248.87:8808
194.85.248.87:9807
asylimited.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6e5bc57767ea314f50262e10884e592ac5e833165d85db41e2033baaa7c5682d/detection

185.19.85.133:6606
185.19.85.133:7707
185.19.85.133:8808
185.19.85.133:9807

# Reference: https://www.virustotal.com/gui/file/2a0eb4a2eace0686d5ef6c83dfbd9065f46055b8446e1bb67dc58df5be480d43/detection

91.193.75.132:6606
91.193.75.132:7707
91.193.75.132:8808
91.193.75.132:9807

# Reference: https://github.com/pr0xylife/AsyncRAT/blob/main/AsyncRAT_05.04.2022.txt

195.62.47.132:5311
37.120.141.190:5311
hrjekd.duckdns.org
mcgarryrob9.duckdns.org
msmonday21.duckdns.org
vernomqmonday.duckdns.org
wsfgv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/642af4b4d12bb24a30e617317bc1785aafc4176e8c3ca8abadff04bd61368d18/detection

178.238.8.201:6666
helpher.linkpc.net

# Reference: https://www.virustotal.com/gui/file/5383c008207a242411c692a017d677e0a7f4b790b2962ded2fe3f2b1a9e0accc/detection

208.51.61.44:128
help-microsoft.dnslive.net

# Reference: https://www.virustotal.com/gui/file/d3502dc6519cc2395fd39b603c925d7ff61fef6d78cb89a23254905b9eeaff97/detection

update.myiphost.com

# Reference: http://blog.talosintelligence.com/2022/04/asyncrat-3losh-update.html

anderione.com
mekhocairos.linkpc.net
n.myvnc.com

# Reference: https://www.virustotal.com/gui/file/1ff86b4d3d1a04b48064bc64940010c469a106db236e261ac106053411641b7d/detection

136.243.111.71:1166

# Reference: https://tria.ge/220404-dwb8jshec2

212.193.30.54:9524

# Reference: https://tria.ge/220327-27nygsadap

71.81.138.151:6606
71.81.138.151:7707
71.81.138.151:8808
uhhfuckmedaddy.hopto.org

# Reference: https://tria.ge/220330-ckkvwaeed9

118.184.78.78:6606
118.184.78.78:7707
118.184.78.78:8808
mytestserver.myftp.org

# Reference: https://www.virustotal.com/gui/file/29ece6628445e46733703f70aa521fc207b5475fb1e620a97c2e8fe55f547fab/detection

http://78.46.133.215
78.46.133.215:6606
78.46.133.215:7707
78.46.133.215:8808

# Reference: https://www.virustotal.com/gui/file/d45978f809cb4ce3ad9ef5ba7719b137b9d0ef02315d77f6fb30e10aa1c465f3/detection

177.36.170.206:6606
177.36.170.206:7707
177.36.170.206:8808
myhost47.accesscam.org

# Reference: https://www.virustotal.com/gui/file/04adf54cb3faa4aa1fc78aa4a567a69e9e4b4d48661b2619c3d82dc9569f538c/detection

188.82.222.181:6622
davidgayne.ddns.net

# Reference: https://www.virustotal.com/gui/file/a89725461034445d1b80d5fc5207595d1842cfcf1dc13d6dbb853617c0bdefa9/detection

64.188.13.46:8080
64.188.13.46:9788

# Reference: https://www.virustotal.com/gui/file/a157e62c8fcf8c20202cb64d6b295379fba158677d9776c6001db1352b4d9feb/detection

64.188.13.46:1786

# Reference: https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader
# Reference: https://otx.alienvault.com/pulse/6144852424a73a80ade66aa3
# Reference: https://www.virustotal.com/gui/file/4591eda045e3587a714bb11062eb258f82ee6f0637e6aa4d90f2d0b447a48ef7/detection
# Reference: https://www.virustotal.com/gui/file/cf09a3807622d7c2e0c9422bcee04ed53a08a230204de7f5818405e7f8dca16d/detection

185.163.45.104:456
gjghvga7ffgb.xyz
huugbbvuay4.cn
windowsupdatecdn.cn

# Reference: https://www.virustotal.com/gui/file/794929f8ae932ae3bfd16c3f013b7b32a025a07a0583f2d9b2d272b736284ef0/detection

45.242.44.194:2323
updatefacebook.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b9eba1c7c318b24ba7a01b71e004b6e8b17d91d3e28721977e974696d8e88be6/detection

23.105.131.166:6606
23.105.131.166:7707
23.105.131.166:8808

# Reference: https://www.virustotal.com/gui/file/abe5225238fb82b6ad7d2942d931bb109538395e734d296bc9ac55ae1d6ddf71/detection

2.56.57.222:6606
2.56.57.222:7707
2.56.57.222:8808

# Reference: https://twitter.com/phage_nz/status/1516977615378079745
# Reference: https://tria.ge/220421-dfad1shgep

91.193.75.203:9217
sky01.publicvm.com

# Reference: https://twitter.com/James_inthe_box/status/1517192899682701312
# Reference: https://app.any.run/tasks/1395aadc-27f1-415d-a1f8-6247c4a0aa8e/

91.193.75.194:5900

# Reference: https://twitter.com/pmelson/status/1518724244103995392
# Reference: https://twitter.com/pmelson/status/1521221361829617666
# Reference: https://www.virustotal.com/gui/file/47598ae5503ecc9b4acfc063deb3cf77998ff762104e484a288eede075f0f7d5/detection

194.5.98.35:21000
dlldns.co.uk
dlldns.xyz
dlldns.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1c6ec68a3017dd39da5043ff4cecd25ae5dadcc4f2577ba7103c84547c228882/detection

128.90.115.36:3468

# Reference: https://www.virustotal.com/gui/file/6fa04b5325e52bb0db3b3b307d5e6e802bc468da09fb062f78f978c4efbadd82/detection
# Reference: https://www.virustotal.com/gui/file/5b42476fbd6d402e3a77156da5b563e4450f0e142223f707157b223fce237f8b/detection
# Reference: https://www.virustotal.com/gui/file/27712ba8e0925e351934d3ae04f5ee648a7ec733c2d4be2a3dd54712548d30b7/detection

77.78.103.129:2022
77.78.103.129:5000
salma6.ddns.net

# Reference: https://www.virustotal.com/gui/file/72a638827d037d077f1f1672f2d280f657496fab48b8e79d99742b48bf8f39ee/detection

83.180.241.5:5000
333kuk333.ddns.net

# Reference: https://www.virustotal.com/gui/file/b374241715d190e7731b63e2f4cee1038e3307d52836969fab3854a2090d0b89/detection

198.54.128.70:56781
slav934.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d72cb7c95bcec88f7bf4bfffdb2b0ebe5902f3da943d03794e8a6f586f0c1a3/detection
# Reference: https://www.virustotal.com/gui/file/89fb709ed5ac5cc3342b9894af039dcbb1988848c87063ba15b4ab69399ae77d/detection
# Reference: https://www.virustotal.com/gui/file/b0d62e927975627c720fcf734ea7bb49ebe0790defa6d1085ff93e4b39c74f57/detection
# Reference: https://www.virustotal.com/gui/file/f8720cc2747a3518d13193a2fe9cb791be7e37396fbc448f63a8227d5f552e52/detection

149.28.31.166:29527
149.28.31.166:443
160.108.30.0:29527
168.108.118.0:29527
168.108.122.0:29527
168.108.24.0:29527
168.108.25.0:29527
168.108.32.0:29527
168.108.35.0:29527
168.108.37.0:29527
168.108.42.0:29527
168.108.43.0:29527
168.108.44.0:29527
168.108.45.0:29527
168.108.47.0:29527
34.150.70.89:29527
40.108.48.0:29527
80.176.90.0:29527

# Reference: https://www.virustotal.com/gui/file/ae1df83bad300c4f1cbe9f899c9f394e9b2a2c9bc69a55137bb07adefaed27f0/detection

invison.xyz

# Reference: https://www.virustotal.com/gui/file/0a33db379fb16265aa27569abcaafade7ba257d7adf518eee804b1e5c9514d24/detection

105.106.74.27:6606
105.106.74.27:7707
105.106.74.27:8808
doda.ddns.net

# Reference: https://www.virustotal.com/gui/file/b1daa3bc8bae29f14939e7beea3593ced703a3b159f3fabaa3679df8186e2546/detection
# Reference: https://www.virustotal.com/gui/file/67825f8d43671a1b2a021f371183007baa0dd8034daea8ae0f3c02dd5645e787/detection

77.250.44.30:4444
mariush91.ddns.net

# Reference: https://www.virustotal.com/gui/file/68811404cce73244b2326ca2397d7e95b103a86f5f1dc0220096206438dd3b76/behavior/Zenbox

dominostark2028.duckdns.org

# Reference: https://www.virustotal.com/gui/file/79b8d9f481f0b24b5cb7115a90fbb74c9b6e0448ec908761824e22fa36f255f0/behavior/Microsoft%20Sysinternals

51.116.130.83:4496

# Reference: https://www.virustotal.com/gui/file/fccc5b2fe1d1b1c730e2854e5d68219fe84e0d9277049f69712a28fb6b0e700a/behavior/Zenbox

91.93.162.73:6666
167.71.56.116:6666
awesome-dew-72404.pktriot.net
eu-central-7075.packetriot.net

# Reference: https://www.virustotal.com/gui/file/bc51107a5224a0935006255b4121048f5184619f88020946f3c590f5a09361b3/behavior/Zenbox

177.255.88.25:5001
strekhost2037.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ccd98e1fd5051669cde7d0aa853f103d62407f044dbbce89226fadeef766981a/behavior/VirusTotal%20Jujubox

193.161.193.99:39592
trabajopanel1-39592.portmap.io

# Reference: https://www.virustotal.com/gui/file/cce1f99874e7a0436fc4930a9c63e030064d42b39fc8012d76e0433f146838b8/behavior/Zenbox

31.142.90.220:22
wayto.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d720f60685f9f08d3ca9f47376c66b28ff8fdd4cab4a2ed88ca33c294d2bc16b/behavior/C2AE

132.232.169.101:6656

# Reference: https://www.virustotal.com/gui/file/f18391acc8f08909407a1319569d2f01b55ee51b9e317228abdff5aebe87968f/detection

173.225.115.253:8848
194.31.98.113:6606
194.31.98.113:7707
194.31.98.113:8808
194.31.98.113:9909
172.83.152.87:8848
172.83.152.65:8848
2.58.149.126:6606
2.58.149.126:7707
2.58.149.126:8808
2.58.149.126:9909
polarjwns.xyz

# Reference: https://www.virustotal.com/gui/file/d14d9a7e754c71b0b15e03dce5dc0d8a58cc7be737c2e350bbb4fc99c5d64366/detection

23.105.131.227:4404

# Reference: https://www.virustotal.com/gui/file/3189f5b4f50c04b25cea385aee92275fd3007f9332c329d9975c0b1270c6d26b/detection

31.210.20.172:6606
31.210.20.172:7707
31.210.20.172:8808

# Reference: https://www.virustotal.com/gui/file/99fe56a2f1d965843780325665c2ac286cc9bc52f80509e606028bc063c49210/detection

85.215.229.157:6227
6227hallo6227.ddns.net

# Reference: https://www.virustotal.com/gui/file/13d27cdf24f15d418b2197f6d017725bbd26ea1b8db7a61bdd648e90f1d269c5/detection

46.246.6.16:7090
46.246.80.3:7090
bendito2714.duckdns.org

# Reference: https://www.virustotal.com/gui/file/43427de4b45f2aa2e6289d1a6d5e6859f4184e5cf638a4b6c185fafca6a85838/detection

185.140.53.150:1515
glengaidos2881.ddns.net

# Reference: https://www.virustotal.com/gui/file/2f0dfcbd68df9ed438855a7b65bb08931df67234e6c55f78b6a16f2368f4d44e/detection

92.42.46.216:1996
xhoys.linkpc.net

# Reference: https://www.virustotal.com/gui/file/fb67354e820721b6eb4684b167c1eb382936635843983ec24d06a72fdec8ad32/detection

24.15.119.31:1604
korruptinq.duckdns.org
lulzsec.zapto.org

# Reference: https://www.virustotal.com/gui/file/e91c4edb7c7cc1517cb8827127699e2e360596d240176f91e14556ac7ded8283/detection

slicer.ddns.net

# Reference: https://twitter.com/phage_nz/status/1529614527486013440
# Reference: https://tria.ge/220525-3tjmaaehd7
# Reference: https://tria.ge/220525-3v5wxaagfn

91.193.75.139:1345
91.193.75.165:3851
1biggie.publicvm.com
ecx1hang.publicvm.com

# Reference: https://www.virustotal.com/gui/file/56645ddbb6d65ff46e2db21ff0cd583d4b0ad988b6b6bcd140626a8b5eb81fa6/detection

188.232.176.99:7771

# Reference: https://twitter.com/Joseliyo_Jstnk/status/1531970265059573766
# Reference: https://www.virustotal.com/gui/file/fe8970a7f08ca9e71f485ba987cb78d1bb82d8973251962210e3fced77c15f99/detection
# Reference: https://www.virustotal.com/gui/file/79068b82bcf0786b6af1b7cc96de1bf4e1a66b0d95e7e72ed1b1054443f6c5e3/detection

217.195.197.70:6606
217.195.197.70:7707
217.195.197.70:8808

# Reference: https://www.virustotal.com/gui/file/92a3c41d78e3fdb64c6313818bdba8d6c1652e507ee7ea08c4dd28cd8076e56e/detection

91.240.118.79:2727
91.240.118.79:2780
92.255.85.40:2707
92.255.85.40:2780

# Reference: https://www.fortinet.com/blog/threat-research/threat-actors-prey-on-eager-travelers

33b4-163-123-142-137.ngrok.io
dc5b-163-123-142-137.ngrok.io
dnets.ddns.net
znets.ddns.net

# Reference: https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia/
# Reference: https://otx.alienvault.com/pulse/629dc0568c4a8863c10e59be

palau.voipstelecom.com.au

# Reference: https://twitter.com/James_inthe_box/status/1536418013691277312
# Reference: https://app.any.run/tasks/2d79a22c-84e3-4609-9436-3ceed9e36f36/

185.70.104.87:3851

# Reference: https://tria.ge/220613-2s2wssfdf4/behavioral1

91.193.75.200:9217

# Reference: https://www.virustotal.com/gui/file/e2548ff0d1c69d0cad6504335aa2ef3fa21eaa9a429ead3acbddd9326129d819/detection

203.78.129.202:6666

# Reference: https://twitter.com/abuse_ch/status/1540590647022915584

74.201.28.166:6606
74.201.28.166:7707
74.201.28.166:8808

# Reference: https://twitter.com/c_APT_ure/status/1540053981648588804

193.233.185.132:6606
193.233.185.132:7707
193.233.185.132:8808
biz808080.duckdns.org

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2028062022
# Reference: https://tria.ge/220629-em9ccsgce5/behavioral2

103.156.90.165:4055
serviceserver.site
venohvn.duckdns.org

# Reference: https://www.virustotal.com/gui/file/676c79531be211041712ad8f9cf037a8cb4ed8c5362caf6cedde66d521314310/detection
# Reference: https://www.virustotal.com/gui/file/a6f9557ec4704f2d7f00491e9dad466ca8483f61300f87708a93bf951138a4d6/detection

103.156.90.165:5050
venomcra25.duckdns.org
venomcra3.duckdns.org

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2022-06-28%20AsyncRAT%20IOCs

147.189.168.74:6666
2dod.ddns.net
rowadtqnee.online

# Reference: https://asec.ahnlab.com/en/36315/
# Reference: https://otx.alienvault.com/pulse/62c69b05fe6a61daffeb9593
# Reference: https://www.virustotal.com/gui/file/0b357167f1d1e759b1b54d75bdb102da84578ecb5cb1a1d71733402deec91a83/detection

http://154.19.203.208
154.19.203.208:6606
154.19.203.208:7707
154.19.203.208:8808

# Reference: https://tria.ge/220713-nxaffsggd9/behavioral1

185.200.116.219:9016
chinaco3.airdns.org

# Reference: https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/targeted-attack-on-government-agencies.html

107.173.143.111:6606
107.173.143.111:7707
107.173.143.111:8808
107.173.143.111:8989

# Reference: https://www.virustotal.com/gui/file/6659c7a1e89ce896ac616abf1cf6068381954c8c35b18a9d1fd24690ca9c4d3c/detection

198.23.212.148:6606
198.23.212.148:7707
198.23.212.148:8808
4Mekey.myftp.biz

# Reference: https://www.virustotal.com/gui/file/10037dcdfbe006f14125b3b5fec8ab336ce996c1fe8af03114597b51d446b843/detection

141.255.144.69:8848
45.164.102.81:6663
93.46.8.90:6664

# Reference: https://www.virustotal.com/gui/file/c63dd27a4c9a42fd4c68bda6d2628e6791dae0ed3036b69f0b1e6433b5d7c473/detection

67.205.142.16:6606
67.205.142.16:7707
67.205.142.16:8808

# Reference: https://twitter.com/malwrhunterteam/status/1547857576359997440
# Reference: https://twitter.com/Iamdeadlyz/status/1547902451147108352

plutoniumwallet.ml
/FaggotNiggerKysHaveFunTrying/

# Reference: https://www.virustotal.com/gui/file/40b6c05272cb9e3f7431f8afc74cef3ffbb21c86c3b57f94d9ac685b009c9ede/detection

cdnofficecloud.com

# Reference: https://www.virustotal.com/gui/file/02675ed3f879a7fbefabfcfa064bb53a2b925fb6751b7925d5dd2b25a51f4150/detection

194.187.251.115:8973
storage.nsupdate.info

# Reference: https://www.joesandbox.com/analysis/596663/0/executive

141.255.146.167:2019

# Reference: https://www.virustotal.com/gui/file/2a9edc18b10a532f7632d6b44f2610ca3a823c2b2be7a3fd3126b55af2c68ede/detection

172.245.210.138:6606
172.245.210.138:7707
172.245.210.138:8808
189.201.235.59:6606
189.201.235.59:7707
189.201.235.59:8808
111234.ddns.net
cdt2021.hopto.org

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2025072022
# Reference: https://tria.ge/220725-r8z22abab3

194.5.97.97:5069
194.5.97.97:6638
polimaplasko.duckdns.org

# Reference: https://gist.github.com/stoerchl/ae32c9ec9d7003c608bb4c19e9fe7bd7
# Reference: https://twitter.com/James_inthe_box/status/1567597599984852992
# Reference: https://www.virustotal.com/gui/file/6f105d359fe32edd24c3e5a441f3f8d3f4be7fad856ce7b0e606e9e18b742024/detection
# Reference: https://www.virustotal.com/gui/file/0671d1cf46c957d8ca3084d500f4ccb2e71f5f687868cb5f113127e560422e76/detection

45.14.224.94:444
51.81.105.238:1981
51.81.94.115:888
superfaster1.is-found.org
superfaster22.selfip.info
superha3y.is-a-geek.com
superhay.is-a-geek.com
superslo4w.is-a-nascarfan.com
superslow.is-a-nascarfan.com
superziad.is-a-liberal.com

# Reference: https://twitter.com/1ZRR4H/status/1551713964660326402
# Reference: https://www.virustotal.com/gui/file/00bcbf44a3a8dfdd43324ad3dc7a868049bc1856237d97307cc1bbec2ce68ffe/detection
# Reference: https://www.virustotal.com/gui/file/92c085aab941207d5aba2eb3b7c1f6542c075698310b213ba17aff352fee7810/detection
# Reference: https://www.virustotal.com/gui/file/dd0528c7214c1ff510d922eff856d56d616341f689edfa40f4b2bbbca82b8aa8/detection

191.88.251.106:1990
albertogiraldolora09.duckdns.org
freddysolanolora09.duckdns.org
jhonatanmartinezmartinez09.duckdns.org
julianmaldonalora09.duckdns.org
luispereiralora09.con-ip.com
mauroplatalora09.duckdns.org

# Reference: https://www.virustotal.com/gui/file/8638697480078473d60b20cbeb522b7745dde8ae749159064356b0a31a825e88/detection

185.140.53.76:7738

# Reference: https://www.joesandbox.com/analysis/677285/0/html

194.213.3.182:6606
194.213.3.182:7707
194.213.3.182:8808
vvat22.con-ip.com

# Reference: https://www.virustotal.com/gui/file/d2d84301495b692c57680cd232d752253011aeeea1cfe3de144c42c5189b8168/detection

37.0.14.198:6161

# Reference: https://tria.ge/220805-n2cflsaafj

185.225.73.221:5493

# Reference: https://www.virustotal.com/gui/file/00cb0795efc4104c5f4f121172a9728af0d5387cee5d8c7abf8e416f443acc05/detection

23.133.216.180:7582
did-diff.at.playit.gg

# Reference: https://twitter.com/pmelson/status/1556425256046411776
# Reference: https://twitter.com/pmelson/status/1556425274853564416
# Reference: https://www.virustotal.com/gui/file/5d3fc59a805561bfbb27bd0d845c303d4523eefb796c5b815a22bec8973ec331/detection

134.35.6.44:6606
134.35.6.44:7707
134.35.6.44:8808
sabaye-d.space
sabanjm2.ddns.net

# Reference: https://www.virustotal.com/gui/file/d5a2e7315be0afecb9d4a0a5d4b8ee40552675c22405fe17f839023b74a232ad/detection

20.90.119.110:6606
20.90.119.110:7707
20.90.119.110:8808

# Reference: https://www.virustotal.com/gui/file/0fd56384d2b39661d2a81b16bd5aa72ae4deb023dda532796acc94516fc1b9de/detection
# Reference: https://app.any.run/tasks/ccecbcd8-f578-40c7-be8a-8bf59e751e0e/

147.185.221.180:14456
3.125.102.39:13643
3.126.224.214:11664
believe-stars.at.playit.gg
positive-be.at.playit.gg

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2010082022
# Reference: https://tria.ge/220810-yl2exaecen/behavioral1
# Reference: https://tria.ge/220810-yqa4hsgdb9/behavioral2

2.58.56.32:6666
modymos.linkpc.net
mosacor.co.za

# Reference: https://www.virustotal.com/gui/file/8bc112ddd27f0fc2fdc5f50901f8bd15a999042383cc7fe93d3f2b2d8dd085ac/detection

technologie.duckdns.org

# Reference: https://www.virustotal.com/gui/file/40da5be82081d0f0a205474abc614379ce4a655ae84c048353a53b49780fa39f/detection

blazevault.ddns.net

# Reference: https://www.virustotal.com/gui/file/dc645f9fb41904317cc725625eb703c260b4bfea01abe8e31988a83c06930226/detection

negritos.site

# Reference: https://www.virustotal.com/gui/file/39fe79e59e8fc4e86513ec09959c895e5667a39e9d32bb90d8cf29ac892496d0/detection

107.173.255.227:2000
107.173.255.227:3000
107.173.255.227:4000
cdt2021.zapto.org

# Reference: https://twitter.com/embee_research/status/1563149262707257344

173.209.51.37:5137

# Reference: https://github.com/0xToxin/Malware-IOCs/blob/main/AsyncRAT/AsyncRAT%2026082022
# Reference: https://tria.ge/220826-pb2s9adcd2/

91.192.100.9:8976

# Reference: https://twitter.com/Iamdeadlyz/status/1562823487932100608

193.124.22.17:4449

# Reference: https://twitter.com/r3dbU7z/status/1564893492924538880
# Reference: https://twitter.com/r3dbU7z/status/1564940756950843392
# Reference: https://www.virustotal.com/gui/ip-address/54.236.21.218/relations
# Reference: https://www.joesandbox.com/analysis/693848/0/html

54.236.21.218:6606
54.236.21.218:7707
54.236.21.218:8808
myacesverif.duckdns.org
myverifyaccess.my03.com

# Reference: https://twitter.com/0xToxin/status/1565599718000009216
# Reference: https://tria.ge/220902-f7pn5aghbj/behavioral1

139.28.219.37:2000
172.94.80.37:2000
dangerous1.ddns.net
donzola.duckdns.org

# Reference: https://ti-research-io.github.io/ti/ioc_extender/?name=TF_AsyncRAT

ahmedhasan-43601.portmap.host
darkvader94-36189.portmap.host
dasdad2-27665.portmap.host
freeedp.duckdns.org
fresh02.ddns.net
gaminghost873737-38124.portmap.io
java.servebeer.com
jul-perl.myvnc.com
lordfish12312-53903.portmap.host
minecrafthosting6969-35389.portmap.io
realfive5-49318.portmap.host
zeldorispiety-50433.portmap.host

# Reference: https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/
# Reference: https://www.virustotal.com/gui/ip-address/20.78.19.235/relations
# Reference: https://www.virustotal.com/gui/file/818d184a57f7cce89dda848cb17a503e0c5957803eb8d088491f809ad750cc21/detection
# Reference: https://www.virustotal.com/gui/file/75ae08629e69a57887d2c8e6ba798e16ff9bd8e7af85a1ea029c0594c076ef59/detection
# Reference: https://www.virustotal.com/gui/file/be88db263dee3dcd1a9a236c7dd4b7885ea664e6df404f910a5e0173d1be19c4/detection

aeternam.me
graviom.fr
tf-bank.com
nedbankplc.4nmn.com
press.giize.com
secure.graviom.fr

# Reference: https://tria.ge/220907-s2q18acdf7/behavioral2

45.14.224.94:2001
45.14.224.94:444

# Reference: https://twitter.com/malwrhunterteam/status/1568182218127712256
# Reference: https://www.virustotal.com/gui/file/e5a27354665310d4b974f19bb79a01dd8eeb21dabde06eb6941c8d27b57bc689/detection

172.94.11.178:7878
g8787.ddns.net

# Reference: https://www.virustotal.com/gui/file/85a13e4751a7a3dbccd46a23a441ec7838f5df8ce13f6a76e0347838200e47b9/detection

rippeymp811.ml
rippeymp811.ddns.net

# Reference: https://twitter.com/malwrhunterteam/status/1568194124330713089
# Reference: https://www.virustotal.com/gui/file/c2eac887aeca169e624ea5922167854e32faa4c47d52d5cf01949f965d26f00c/detection

198.98.53.231:5677

# Reference: https://www.virustotal.com/gui/file/d01e1d3d771a443f0fb994b3b3583422124677d4fba4eec14ce6f387e97055c3/detection

adobedata.webredirect.org
cdt.3utilities.com

# Reference: https://www.virustotal.com/gui/file/5f6579f4f7371307b56a578c760042466708f88f04ccf09b8291ed495ad97f5f/detection

45.74.38.17:6606
45.74.38.17:7707
45.74.38.17:8808
niiarmah.kozow.com

# Reference: https://www.virustotal.com/gui/file/112bc23dbf145fb1c5c78e842b605a4da6202c9993114c7118fbdf902d6c7673/detection

3.22.30.40:13857

# Reference: https://tria.ge/221010-ggv9naafh4/behavioral1

193.161.193.99:40774
tienMonkey-40774.portmap.io

# Reference: https://tria.ge/221010-t26bkscgck/behavioral1

64.44.167.136:46452

# Reference: https://twitter.com/pollo290987/status/1578046865987276806
# Reference: https://www.virustotal.com/gui/file/0e57f8d6bd3306206086c712cf06004c893f72f92374d0724579810b4ae20160/detection

pushkin.ydns.eu

# Reference: https://tria.ge/220719-e9y5xabean/behavioral2

212.193.30.230:79

# Reference: https://twitter.com/0xToxin/status/1581235287182966784
# Reference: https://tria.ge/221015-e6n6jafbe8/behavioral1

103.209.76.44:2000

# Reference: https://twitter.com/0xToxin/status/1581304132866301952

45.141.215.212:222
45.141.215.212:6606
45.141.215.212:7707
45.141.215.212:8808
red2056.freeddns.org

# Reference: https://twitter.com/SquiblydooBlog/status/1581627679300030465
# Reference: https://tria.ge/221016-pnbgtshef9/behavioral1

45.138.16.240:6666
basejumper.io
nasori.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/bf7e15bd062dd3a60eb36c7ee466d06439efcbf08afea2d166c7bd0707ee63f4/detection

83.51.53.98:1604
testing35123.duckdns.org

# Reference: https://www.virustotal.com/gui/file/68fa24f693d9b5955eb2a34a6fbbd3ac7b9e4e8efa53b17b6a94ddd01baab2fe/detection

185.216.71.4:4449
45.155.165.234:4449
venom12345.duckdns.org
venomunverified.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0a151bff139d2541495279ae8db6f3fede5f867337ee69b466023de228a9bacf/detection

141.255.144.193:4444

# Reference: https://www.virustotal.com/gui/file/84d2ec2e12cda6b36e0269b75fb40afeca89d0612e8b4091006348cf9a37530d/detection

51.255.152.131:6606
51.255.152.131:7707
51.255.152.131:8808
andojan.ddns.net

# Reference: https://www.virustotal.com/gui/file/b26760b051260ea435c5c32f8e65cd200034495db040e58da7b453b3d57132a5/detection

85.209.134.94:6606
85.209.134.94:7707
85.209.134.94:8808

# Reference: https://www.virustotal.com/gui/file/5e3588e8ddebd61c2bd6dab4b87f601bd6a4857b33eb281cb5059c29cfe62b80/detection

109.206.241.84:6606
109.206.241.84:7707
109.206.241.84:8808

# Reference: https://www.virustotal.com/gui/file/c7dcb35fe7258ccbebe3b42065a24813c0a012a26fdd3990627114687ca3d3b3/detection

194.5.98.21:4000
dan4000.duckdns.org

# Reference: https://twitter.com/r3dbU7z/status/1584710460737474560
# Reference: https://www.virustotal.com/gui/file/3fef9fb9da2241e00c15b8f0ebd58b5b7c1c7a4c0bf03f8d703a43f99b212bdb/detection

18.189.106.45:13405
18.189.106.45:15258
3.134.125.175:15258
3.134.125.175:8848
3.141.177.1:13405
3.141.210.37:13405
3.141.210.37:15258

# Reference: https://twitter.com/abuse_ch/status/1585666644101283843
# Reference: https://tria.ge/221027-r75wwscdg9/behavioral1

20.240.61.211:8080
kachininanayiyicem.swedencentral.cloudapp.azure.com

# Reference: https://www.virustotal.com/gui/file/23704a63aeba9bdc475ee744cb79d6b2e0dbb6980fe7a0121f81a8eb4c97d143/detection

20.224.160.59:7000

# Reference: https://www.virustotal.com/gui/file/ef91ae5e27e371faf3f08f8bc68acde7ede075b799fe96d186fcec75ddf6ca10/detection

203.159.80.120:16518
203.159.80.120:4815
update.supportmozilla.org

# Reference: https://otx.alienvault.com/pulse/63722ef12028314bb58019d8
# Reference: https://www.virustotal.com/gui/file/c7dc5f8604385b4b61489ec6910ebdc627bcef90cd6eb6c1a699c0d34c59d350/detection
# Reference: https://www.virustotal.com/gui/file/2ffc476fcd66111e82bd4a24a475f9a59b47691268e3acf812769d73b62d9cd0/detection
# Reference: https://www.virustotal.com/gui/file/2e160f9cd9333884fac63e6d730a746eb64e5ff47318e27934335caa330fdd2e/detection

159.89.35.152:6606
159.89.35.152:7707
159.89.35.152:8808

# Reference: https://tria.ge/221117-kq1ghsaa7x/behavioral1

207.244.231.35:9194
asyrz.duckdns.org

# Reference: https://tria.ge/221117-kq1ghsaa7w/behavioral1

arrw.duckdns.org

# Reference: https://twitter.com/ScumBots/status/1594105082077143042
# Reference: https://www.virustotal.com/gui/file/0b1482290fad57d42705337dcb0c45acdc60f4925c1e8fd673638ebf41c78c23/detection

146.190.69.247:6606
146.190.69.247:7707
146.190.69.247:8808

# Reference: https://www.virustotal.com/gui/file/1525076c87558a452430e1a867c8e889f0f15fc658162debd2cd29c617b372c7/detection

158.247.232.56:6606
158.247.232.56:7707
158.247.232.56:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/

http://45.153.240.69
http://66.94.109.58
http://51.68.180.4
100.42.65.218:6606
100.42.65.218:8080
101.99.94.33:6606
101.99.94.33:7707
101.99.94.33:8808
103.117.72.103:8848
103.133.111.110:5200
103.147.185.182:1170
103.147.185.182:1814
103.147.185.182:9080
103.149.201.214:6606
103.149.201.214:7707
103.149.201.214:8808
103.151.123.194:7849
103.151.239.166:6606
103.151.239.166:7707
103.151.239.166:8808
103.153.73.37:6606
103.153.73.37:7707
103.153.73.37:8808
103.167.84.119:2257
103.195.238.235:16058
103.195.238.95:8808
103.213.111.207:6606
103.47.144.100:49746
103.47.144.126:2703
103.47.144.67:2703
103.47.144.71:2703
103.47.144.71:49746
103.74.101.124:2245
103.89.88.236:1998
104.128.189.120:6606
104.128.189.120:7707
104.128.189.120:8808
104.168.141.171:8713
104.168.152.36:7707
104.168.33.32:6606
104.168.33.32:7707
104.168.33.32:8808
104.168.33.53:6606
104.168.33.53:7707
104.168.33.53:8808
104.238.147.18:6606
104.238.147.18:7707
104.238.147.18:8808
104.243.37.4:6606
104.243.37.4:7707
104.243.37.4:8808
104.249.62.71:4211
104.250.180.32:2119
104.37.172.204:56777
105.112.154.175:7505
105.154.200.41:64
105.156.105.249:64
107.172.44.141:6606
107.172.44.141:7707
107.172.44.141:8808
107.173.62.21:6606
107.173.63.199:5656
107.182.128.19:6606
107.182.128.19:7707
107.182.128.19:8808
107.182.129.16:8010
107.182.237.14:58453
108.143.240.80:112
109.206.240.5:5992
109.206.241.215:1999
109.206.243.58:3306
111.90.143.12:4489
111.90.143.12:4899
111.90.143.12:8080
111.90.147.102:4449
111.90.147.102:56721
114.116.34.118:7777
114.116.34.118:8888
115.231.235.56:8848
115.64.43.254:25567
115.75.66.68:6606
115.75.66.68:6821
115.75.66.68:7707
115.75.66.68:8808
116.108.48.70:374
116.203.252.195:4449
119.45.104.153:8848
119.91.100.114:7890
121.40.151.214:8808
124.217.247.242:8808
124.223.14.242:443
129.151.91.127:7177
13.59.15.185:19091
13.66.153.98:1604
134.255.234.198:7777
135.125.27.236:22
135.148.113.4:6789
135.181.204.51:8848
136.144.41.223:8394
136.36.83.93:8888
137.74.157.86:4449
138.201.2.2:2022
138.201.81.121:38022
138.201.81.121:55686
138.99.209.222:2000
138.99.211.39:2119
139.180.143.50:11334
139.180.143.50:6606
139.180.143.50:7707
139.180.143.50:8808
14.173.70.169:8080
14.186.155.171:6788
141.101.173.15:2000
141.101.173.39:2000
141.255.144.117:2000
141.255.147.50:7707
141.94.112.3:9925
141.95.84.40:222
141.95.84.40:4040
141.95.89.79:2005
141.98.101.133:5503
141.98.102.235:16296
141.98.6.228:8808
142.202.240.108:5505
142.202.240.108:6606
142.202.240.108:7707
142.202.240.116:5555
142.202.240.82:5253
142.202.240.88:8808
142.202.242.181:6666
142.202.242.198:222
142.202.242.198:2222
142.202.242.198:5555
142.202.242.210:9090
144.126.209.63:1442
144.126.209.63:6606
144.76.65.183:57117
146.19.57.77:6606
146.70.128.174:55178
146.70.165.100:57508
146.70.165.10:61288
147.124.211.69:5050
147.135.106.246:6606
147.135.106.246:7707
147.135.106.246:8808
147.135.95.107:6606
147.185.221.180:1491
147.185.221.180:64654
147.185.221.180:6606
147.185.221.212:15420
147.189.169.46:4444
147.189.169.46:6606
147.189.169.46:7707
147.189.169.46:8808
147.189.172.218:6666
147.189.172.222:2222
147.189.174.182:6666
147.50.253.67:3926
147.50.253.67:6606
147.50.253.67:7707
147.50.253.67:8808
147.50.253.97:8454
148.163.80.206:7778
149.56.43.121:4199
15.204.170.1:8808
15.235.10.108:6606
154.204.180.237:8848
154.211.6.212:8848
154.212.139.228:1337
154.38.112.92:8848
154.39.252.24:8848
154.53.40.254:3110
154.91.228.23:8848
156.96.154.30:6668
156.96.154.30:7778
156.96.156.177:6666
157.90.202.235:5252
157.90.206.49:6606
157.90.206.49:7707
157.90.206.49:8808
158.101.188.195:1575
159.203.126.35:22174
159.203.126.35:5555
159.69.234.3:1010
159.69.234.3:6606
159.69.234.3:7707
159.69.234.3:8808
160.152.137.3:1604
160.177.92.182:64
160.178.160.73:66
160.178.206.45:65
161.129.44.189:8808
162.14.83.129:8848
162.55.179.46:6606
162.55.179.46:7707
162.55.179.46:8808
163.123.142.155:5764
163.172.225.185:412
163.172.225.185:441
163.172.225.185:551
163.172.225.185:6606
163.172.225.185:661
163.172.225.185:677
163.172.225.185:7707
163.172.225.185:8808
164.92.113.92:9007
165.227.31.192:22545
165.232.151.233:2022
167.71.56.116:22993
167.71.7.168:6606
167.71.7.168:7707
167.71.7.168:7770
167.71.7.168:8808
168.119.140.238:8848
171.22.30.33:8808
171.235.66.23:233
172.104.148.228:6606
172.111.147.42:2119
172.111.147.89:2119
172.111.149.2:1994
172.111.204.106:6606
172.111.204.106:8808
172.111.216.100:49746
172.245.251.219:2015
172.245.94.220:10090
172.81.184.73:8808
172.81.62.54:5085
172.86.120.88:4449
172.93.220.135:6606
172.93.220.135:7707
172.93.220.135:8808
172.94.111.4:2008
172.94.122.20:2000
172.94.15.163:5200
172.94.64.70:6606
172.94.80.56:2000
172.94.9.77:2119
173.234.105.145:5201
173.249.17.53:2252
176.232.184.98:1604
176.9.31.109:3674
176.9.31.109:7707
177.255.88.205:8042
177.255.88.25:4217
177.255.89.112:4203
177.255.89.43:4203
178.175.131.101:56064
178.20.44.131:6666
179.13.1.226:8042
179.13.3.107:4203
179.13.5.152:4203
179.13.5.152:4204
179.43.142.197:5789
179.43.162.20:1337
179.43.166.50:6606
179.43.187.19:2525
179.43.187.19:33
179.43.187.19:4523
179.43.187.19:5555
18.139.9.214:11409
18.141.129.246:11409
18.192.31.165:10108
18.192.31.165:13820
18.207.218.15:1337
181.131.216.129:8050
181.141.0.235:8050
181.141.3.105:7707
181.141.5.226:8091
181.214.48.40:6670
181.215.5.168:8809
181.71.216.22:7707
185.106.94.165:2323
185.132.176.192:4449
185.140.53.10:2121
185.140.53.12:6161
185.140.53.131:7171
185.140.53.136:2014
185.140.53.137:1604
185.140.53.15:3023
185.140.53.176:2376
185.140.53.242:2256
185.140.53.63:8721
185.162.74.65:5455
185.171.91.4:1604
185.176.220.145:6606
185.176.220.145:7707
185.176.220.145:8808
185.189.151.24:8808
185.19.85.172:5050
185.199.226.19:6606
185.199.226.19:7707
185.199.226.19:8808
185.205.209.206:2020
185.213.155.163:57808
185.222.57.137:3333
185.222.57.203:6606
185.222.57.238:4449
185.222.57.72:6606
185.222.57.72:7707
185.222.57.72:8780
185.222.57.72:8808
185.222.57.80:6275
185.222.58.50:4545
185.225.28.148:57652
185.225.28.150:57718
185.225.28.156:54873
185.225.73.150:8808
185.225.73.183:4782
185.225.74.38:6606
185.225.74.38:8808
185.227.70.219:8088
185.227.70.220:8808
185.227.70.254:8808
185.236.78.58:7707
185.236.78.58:8808
185.237.96.105:7707
185.241.208.144:5555
185.241.208.144:6666
185.241.208.148:6666
185.241.208.193:5001
185.241.208.233:5430
185.243.181.86:7707
185.244.30.237:1195
185.244.31.182:4000
185.244.31.182:8848
185.246.220.208:6606
185.246.220.208:7707
185.246.220.208:8808
185.246.220.26:12336
185.246.220.26:18867
185.246.220.26:19624
185.246.220.26:26993
185.246.220.26:51115
185.246.220.26:5200
185.246.220.26:6606
185.246.220.26:7707
185.246.220.26:8808
185.25.48.203:1703
185.250.149.180:25566
185.250.241.219:6066
185.250.241.219:6606
185.250.241.219:7707
185.250.241.219:8808
185.252.178.121:222
185.252.178.121:5126
185.252.178.121:6126
185.254.37.238:1432
185.254.37.238:1452
185.254.37.238:3306
185.255.95.191:99
185.29.8.22:4444
185.64.104.84:12312
185.64.105.42:470
185.66.91.81:6121
185.7.214.8:4449
185.81.157.117:1858
185.81.157.169:2022
185.81.157.202:2535
185.81.157.202:5555
185.81.157.244:6601
185.81.157.71:4343
185.81.157.71:4444
185.81.157.71:5555
185.81.157.7:2001
185.81.157.7:5522
186.152.129.124:2113
188.119.112.140:4449
188.132.156.147:1604
188.161.17.116:555
188.212.124.129:4444
188.227.57.46:22
190.123.44.184:3321
190.123.44.184:8012
190.123.44.184:8201
190.2.147.39:4449
190.2.147.39:8848
190.213.78.26:5000
191.101.130.243:7707
191.101.130.28:8808
191.101.30.41:4413
192.158.232.67:1431
192.158.232.67:8848
192.188.88.248:6606
192.210.201.53:8809
192.253.245.243:7771
192.3.101.108:4404
192.3.101.108:6606
192.3.101.108:7707
192.3.101.108:8808
192.3.101.190:2015
192.3.193.136:2023
192.3.205.21:2014
192.30.89.27:29843
192.30.89.51:29843
192.30.89.51:6253
192.30.89.51:6397
192.30.89.67:29843
192.99.180.181:6606
192.99.180.181:7707
192.99.180.181:8808
193.142.146.212:6606
193.142.146.212:8808
193.149.176.156:1337
193.149.176.156:4449
193.149.3.239:1938
193.164.7.108:1604
193.200.134.9:9969
193.203.238.103:6666
193.203.238.54:6666
193.23.160.250:8848
193.233.185.161:8808
193.233.191.150:6606
193.233.191.150:7707
193.233.191.150:8808
193.233.191.4:6606
193.233.191.4:8808
193.233.203.224:4444
193.233.48.17:8848
193.29.104.92:3579
193.37.255.162:9441
194.147.140.15:3030
194.156.91.122:6666
194.233.169.93:7707
194.26.192.121:7077
194.26.192.174:2005
194.26.192.174:6606
194.26.192.190:7707
194.26.192.221:2020
194.26.192.77:7707
194.26.192.77:8808
194.26.192.82:1010
194.26.192.82:2020
194.31.98.58:2405
194.31.98.80:6606
194.31.98.80:7707
194.31.98.80:8808
194.33.45.175:6666
194.37.96.118:54861
194.49.94.212:444
194.49.94.212:555
194.5.97.203:7070
194.5.97.228:5069
194.5.97.232:3738
194.5.97.41:5200
194.5.97.41:6606
194.5.97.41:7707
194.5.97.41:8808
194.5.97.88:5050
194.5.98.11:6606
194.5.98.120:4449
194.5.98.120:8647
194.5.98.178:3330
194.5.98.198:4545
194.5.98.227:8647
194.5.98.251:4598
194.5.98.6:20
194.55.224.44:6606
194.55.224.44:7707
194.55.224.44:8808
194.55.224.72:8808
194.59.218.147:8808
194.61.119.50:8884
194.87.151.125:7399
194.87.151.134:7878
194.87.218.241:8808
194.9.172.60:6606
194.9.172.60:7707
195.178.120.137:5097
195.178.120.137:6071
195.178.120.187:8848
195.178.120.6:1337
195.178.120.6:8808
195.206.235.234:1907
195.3.222.57:6001
196.65.134.20:64
196.77.237.119:55555
196.77.31.30:65
198.13.52.249:8080
198.23.145.147:1070
198.23.145.147:1137
198.23.145.147:2525
198.23.191.98:45674
198.23.191.98:6075
198.23.200.102:1759
198.23.200.102:7707
198.23.207.34:2023
198.23.207.34:6606
198.23.207.34:7707
198.23.207.34:8808
198.244.206.24:6606
198.244.206.24:6666
198.244.206.24:7707
198.244.206.24:8808
198.244.251.250:6666
199.195.253.181:1256
199.249.233.130:6253
199.249.233.130:6397
199.34.31.224:45005
2.224.144.191:2222
2.56.56.122:2022
2.56.56.180:4444
2.56.56.88:2406
2.56.57.210:7787
2.56.57.226:6606
2.56.57.55:7707
2.56.57.68:8754
2.56.59.167:420
2.56.59.167:6606
2.56.59.167:7707
2.56.59.167:8808
2.56.59.189:8898
2.58.56.106:6666
2.58.56.120:4433
2.58.56.148:5555
2.58.56.148:6666
2.58.56.148:8888
2.58.56.183:222
2.58.56.183:2222
2.58.56.22:5211
2.58.56.243:6121
2.58.56.41:1996
2.58.56.44:6666
2.59.119.56:3131
2.59.119.66:8080
2.59.119.84:7943
20.100.196.69:9281
20.107.115.162:50239
20.108.44.45:3152
20.111.19.215:3152
20.111.34.199:1604
20.111.63.231:7072
20.114.139.208:4498
20.117.208.193:8080
20.12.204.46:8080
20.125.118.35:2244
20.125.122.98:4449
20.127.4.172:8080
20.127.4.172:8848
20.151.221.59:1604
20.16.8.148:6606
20.16.8.148:7707
20.16.8.148:8808
20.16.8.148:8848
20.166.62.124:49264
20.169.104.228:6666
20.169.37.196:6666
20.171.107.243:6606
20.171.107.243:7707
20.171.107.243:8808
20.197.226.40:4448
20.199.101.68:3161
20.211.5.151:4449
20.212.19.59:51585
20.212.19.59:6606
20.212.19.59:7707
20.212.19.59:8808
20.224.162.224:6606
20.224.162.224:7707
20.224.162.224:8080
20.224.162.224:8808
20.226.0.95:6606
20.226.101.17:40
20.226.101.17:6606
20.226.101.17:7707
20.226.101.17:8808
20.226.120.127:22
20.238.78.172:6606
20.4.6.16:43521
20.42.114.46:8080
20.54.113.5:3131
20.54.113.5:6606
20.54.113.5:7707
20.54.113.5:8808
20.62.3.66:8000
20.62.3.66:8808
20.69.124.187:6606
20.69.124.187:7707
20.69.124.187:8808
20.77.254.176:2200
20.8.122.174:31682
20.83.245.27:1604
20.98.96.97:1605
203.78.128.202:7707
205.185.118.52:20000
206.123.132.35:2119
206.123.132.41:2119
206.123.132.68:2020
206.217.133.4:49815
206.53.55.8:1337
207.244.233.24:6666
207.244.235.47:6606
207.32.216.119:5555
207.32.216.119:6666
207.32.216.198:2233
207.32.216.198:6666
207.32.216.198:8808
207.32.216.212:5001
207.32.217.109:222
207.32.217.246:7707
207.32.217.247:6666
207.32.218.108:6666
207.32.218.11:1996
207.32.218.123:6666
207.32.218.12:6606
207.32.219.50:6666
207.32.219.80:6666
208.109.33.30:7777
208.109.33.30:8888
209.126.2.34:6606
209.126.2.34:7707
209.126.2.34:8808
209.126.83.213:8808
209.127.186.218:6305
209.141.44.112:8808
209.209.40.132:2
209.25.141.211:33901
209.90.234.22:6606
209.90.234.22:7707
209.90.234.22:8808
210.87.207.134:8808
211.149.180.60:8848
212.114.52.113:8888
212.114.52.212:1893
212.174.54.164:8808
212.192.219.56:5612
212.192.241.130:6606
212.192.241.130:7707
212.192.241.130:8808
212.192.241.194:7271
212.192.241.87:8754
212.192.246.87:5803
212.193.30.144:7331
212.193.30.230:7011
212.193.30.54:8754
212.193.30.54:8755
212.193.30.96:5022
212.227.169.228:4449
212.68.34.230:6606
213.152.161.117:56390
213.152.161.170:6751
213.152.161.211:50552
213.152.161.5:6253
213.152.161.5:6397
213.152.187.230:6751
216.126.224.171:6606
216.126.224.171:7707
216.126.224.171:8808
216.250.97.121:20000
217.195.197.85:6606
217.195.197.85:7707
217.195.197.85:8808
217.64.149.93:1973
217.64.31.3:9742
23.101.213.237:4546
23.102.122.72:8080
23.105.131.196:6606
23.105.131.196:7707
23.105.131.196:8808
23.105.131.196:9121
23.105.131.196:9128
23.105.131.209:1070
23.105.131.209:1137
23.105.131.209:19328
23.129.232.160:2222
23.129.232.160:6666
23.146.242.100:4449
23.226.77.22:4449
23.237.25.246:6606
23.237.25.246:7707
23.237.25.246:8808
23.94.159.212:6606
23.94.159.212:7707
23.94.159.212:8808
23.94.236.147:6606
23.94.236.147:7707
23.94.236.147:8808
23.94.82.24:10240
3.125.115.192:18
3.125.115.192:25
3.138.180.119:18729
3.141.210.37:12300
3.142.167.54:14923
3.144.124.4:7771
3.219.26.62:6606
3.219.26.62:7707
3.219.26.62:8808
3.237.100.172:8808
3.66.38.117:12104
3.68.171.119:12104
3.69.115.178:12104
3.69.157.220:12104
31.170.22.28:55775
31.192.236.139:3434
31.41.244.135:8808
34.125.144.45:5000
34.125.144.45:5001
34.125.144.45:5002
34.140.211.85:7707
37.0.10.214:6171
37.0.11.246:6606
37.0.11.246:7707
37.0.11.246:8808
37.0.14.196:2050
37.0.14.196:6161
37.0.14.196:6606
37.0.14.196:7707
37.0.14.196:8808
37.0.14.197:6060
37.0.14.197:7171
37.0.14.198:17086
37.0.14.203:1905
37.0.14.204:2019
37.0.14.204:2022
37.0.14.204:5631
37.120.210.219:48408
37.120.212.235:6606
37.120.217.243:6253
37.120.217.243:6397
37.249.78.26:5554
37.249.78.26:5555
38.105.209.167:8848
38.130.221.190:6606
38.130.221.190:7707
38.130.221.190:808
38.17.51.104:1989
38.47.205.151:8848
4.227.187.147:8080
4.229.235.23:8000
4.231.233.180:25310
41.141.211.80:64
41.216.183.175:4404
41.216.183.61:6751
41.251.4.158:64
41.72.146.10:6606
43.138.160.55:6606
43.139.124.22:6666
43.154.97.109:1981
43.154.97.109:8848
43.249.30.55:8848
44.192.67.149:4784
45.12.253.31:6606
45.12.253.58:1515
45.12.253.58:2323
45.133.1.152:6606
45.133.1.152:7707
45.133.1.152:8808
45.133.174.122:7707
45.134.140.152:60060
45.134.142.193:61341
45.134.142.193:6606
45.134.142.193:7707
45.134.142.193:8808
45.134.142.211:1337
45.134.142.211:56597
45.136.4.101:888
45.136.4.99:8808
45.137.22.111:8787
45.137.22.182:6606
45.137.22.182:7707
45.137.22.182:8808
45.137.22.41:4449
45.138.16.104:7707
45.138.16.109:6666
45.138.16.133:5555
45.138.16.162:6969
45.138.16.186:2004
45.138.16.218:2020
45.138.16.240:2222
45.138.16.39:6606
45.138.16.39:6666
45.138.16.71:8808
45.139.105.207:4782
45.139.105.252:6666
45.14.224.94:5020
45.140.146.4:25569
45.141.237.30:55055
45.143.8.181:13389
45.143.8.181:4449
45.143.8.181:8149
45.144.154.192:1604
45.144.30.31:25565
45.144.31.124:4444
45.154.98.151:7777
45.154.98.194:555
45.154.98.214:6606
45.154.98.87:8453
45.155.158.187:1337
45.158.77.78:10135
45.158.77.78:6606
45.158.77.78:7707
45.158.77.78:8808
45.176.91.143:9001
45.242.220.23:50
45.242.84.173:50
45.66.248.114:8899
45.74.4.244:7707
45.74.4.244:8808
45.80.158.108:555
45.80.158.108:6606
45.80.158.108:6666
45.80.158.108:7707
45.80.158.108:8808
45.80.158.114:6606
45.80.158.127:7707
45.80.158.160:6666
45.80.158.237:5558
45.80.158.65:7777
45.81.243.217:6606
45.81.243.217:7707
45.81.243.217:8808
45.88.67.12:6666
45.88.67.9:3306
45.88.67.9:3309
45.88.67.9:3358
45.88.79.224:54
45.88.79.224:55686
45.92.1.24:5001
45.92.1.59:6606
45.92.1.59:7707
45.92.1.71:8808
46.183.220.21:6606
46.183.223.109:8088
46.246.6.11:7090
46.3.199.101:4449
49.12.0.239:3760
5.161.115.90:6666
5.161.139.136:6666
5.161.139.136:7777
5.161.76.198:2003
5.181.234.149:51822
5.188.51.32:4449
5.188.86.237:6606
5.188.86.237:7707
5.188.86.237:8808
5.230.68.234:6606
5.230.68.234:7707
5.230.68.234:8808
5.230.70.13:6606
5.230.70.13:7707
5.230.70.13:8808
5.230.72.132:6606
5.230.72.132:7707
5.230.72.132:8808
5.39.15.167:88
5.68.138.73:3939
5.78.65.18:8848
51.116.125.149:3536
51.12.89.205:8361
51.222.69.7:6666
51.222.98.70:6606
51.222.98.70:8808
51.254.246.45:1974
51.255.130.2:6606
51.38.247.74:5555
51.68.180.4:4040
51.68.180.4:5058
51.68.180.4:6606
51.68.180.4:7707
51.68.180.4:8808
51.77.78.35:6606
51.77.78.35:6666
51.77.78.35:7707
51.77.78.35:8808
51.79.116.37:8848
51.81.126.39:1972
51.81.24.93:8000
51.83.137.127:6606
51.83.137.127:7707
51.83.137.127:8808
51.83.21.211:7707
51.83.231.254:6606
51.83.231.254:7707
51.83.231.254:8808
51.89.204.67:8808
51.89.205.213:8808
52.143.164.37:5555
52.178.132.52:6606
52.178.132.52:7707
52.178.132.52:8808
52.28.247.255:15066
52.90.30.10:7707
54.196.16.250:1337
54.37.42.165:4782
58.221.72.142:8848
61.14.233.88:6606
61.14.233.88:7707
61.14.233.88:8808
62.108.37.84:8848
62.108.37.84:8881
62.197.136.146:5672
62.197.136.146:6606
62.197.136.146:7707
62.197.136.146:8808
62.197.136.165:7777
62.197.136.165:8080
62.197.136.167:1111
62.197.136.167:6606
62.197.136.167:7707
62.197.136.167:8808
62.197.136.175:6606
62.197.136.175:7707
62.197.136.175:8808
62.197.136.195:3333
62.210.57.2:1284
64.56.68.152:8888
64.56.68.17:8888
64.56.68.209:8888
65.21.177.234:555
66.94.105.170:4449
66.94.109.58:6606
66.94.109.58:7707
66.94.109.58:8808
66.94.118.174:4001
67.214.175.69:7535
67.43.236.220:4151
68.235.43.172:59004
68.235.44.58:59335
70.36.108.28:4444
70.36.108.69:8888
70.36.110.176:8888
73.143.210.113:1337
73.143.210.113:56597
76.8.53.133:62520
77.192.68.90:1900
78.138.107.121:8808
78.138.107.121:8877
78.153.130.88:3232
78.170.251.123:7707
78.171.150.184:6606
78.171.173.96:1044
78.173.187.50:6606
78.186.210.130:8808
78.191.189.97:81
79.110.62.147:2025
79.134.225.11:7935
79.134.225.22:7936
79.134.225.23:6606
79.134.225.23:7707
79.134.225.23:8808
79.134.225.6:2782
79.134.225.72:2233
79.134.225.73:3030
79.134.225.74:6161
79.134.225.8:6161
79.134.225.97:4449
79.134.225.9:6060
8.210.121.56:10165
8.39.147.42:6606
8.39.147.42:7707
80.240.18.7:3131
80.253.246.144:6606
80.66.64.134:6161
80.66.64.151:7070
80.66.88.146:8848
82.115.223.14:4449
83.245.137.185:3306
84.38.130.171:9216
84.39.179.220:7707
84.52.187.222:8080
84.54.13.124:6606
84.54.13.124:8808
84.54.50.51:8848
85.104.99.83:4014
85.105.88.221:2531
85.202.169.14:855
85.202.169.230:8080
85.206.160.189:6606
85.215.214.84:7349
85.215.216.205:8088
85.31.45.38:8808
85.31.46.207:6606
85.31.46.207:7707
85.31.46.207:8808
86.48.18.223:7707
86.48.18.223:8808
86.57.195.165:8808
87.121.52.241:2000
87.237.165.133:6161
87.249.134.10:61341
87.249.134.10:6606
87.249.134.10:7707
87.249.134.10:8808
87.249.134.18:59004
87.249.134.1:61341
87.249.134.1:6606
87.249.134.1:7707
87.249.134.1:8808
87.251.79.126:18066
88.248.18.120:1604
88.248.18.120:33918
88.248.18.120:6606
88.248.18.120:7707
88.248.18.120:8808
89.117.21.144:6606
89.117.77.193:6606
89.223.71.59:5856
89.249.74.218:6253
89.249.74.218:6397
90.49.136.9:8080
91.109.176.14:6606
91.109.176.15:8808
91.109.176.6:6606
91.109.178.12:8808
91.109.178.13:6606
91.109.178.13:7707
91.109.178.14:6606
91.109.178.14:7707
91.109.178.14:8808
91.109.178.2:7707
91.109.178.3:7707
91.109.178.5:8808
91.109.178.5:9909
91.109.178.6:6606
91.109.178.8:8808
91.109.178.9:6606
91.109.180.11:6606
91.109.180.12:6606
91.109.180.13:8808
91.109.180.16:8808
91.109.180.9:7707
91.109.182.11:6606
91.109.182.9:6606
91.109.184.18:7707
91.109.184.3:6606
91.109.184.3:8808
91.109.184.4:7707
91.109.184.7:7707
91.109.184.9:7707
91.109.186.13:6606
91.109.186.2:7707
91.109.186.3:8808
91.109.186.5:8808
91.109.186.7:6606
91.109.186.7:8808
91.109.188.10:6606
91.109.188.10:8808
91.109.188.12:6606
91.109.188.14:8808
91.109.188.23:6606
91.109.188.5:7707
91.109.188.8:6606
91.109.188.8:7707
91.109.190.10:7707
91.109.190.7:8808
91.109.190.9:8808
91.134.187.20:4449
91.151.88.159:3131
91.151.94.59:1212
91.192.100.7:8282
91.192.100.8:8153
91.193.75.132:9191
91.193.75.135:3030
91.193.75.154:1515
91.193.75.204:5900
91.193.75.205:5900
91.193.75.249:5900
91.227.113.154:6666
91.245.253.84:4449
91.245.255.120:4040
92.118.36.201:3001
92.118.36.201:6606
92.118.36.201:7707
92.118.36.201:8808
92.138.188.75:7006
92.204.146.31:6666
92.204.146.31:8000
92.222.212.65:6606
92.222.212.65:7707
92.222.212.65:8808
94.130.208.107:2021
94.26.49.118:6606
95.13.149.131:7707
95.173.247.110:8806
95.179.130.232:1703
95.214.24.32:7790
95.214.27.226:6606
95.214.27.226:7707
95.214.27.226:8808
95.214.27.237:1515
95.214.27.237:1717
95.216.102.32:8808
95.216.192.137:8808
95.217.121.186:4449
95.70.151.185:8805
96.227.248.173:8751
admincairo.linkpc.net
asmodeus666.ddns.net
bbiy00362.duckdns.org
bbrainx01.publicvm.com
bigdipsOn.publicvm.com
boxtest.publicvm.com
clsuplementos.ddns.net
corpoleve.3utilities.com
corpoleve.duckdns.org
craig.kozow.com
danbochie2.dns.army
darknode88.duckdns.org
daveblack.publicvm.com
dimascu.duckdns.org
dpunktesting.ddns.net
egrh.linkpc.net
elgzar207070.kozow.com
escanor2022.linkpc.net
flingmodder-53370.portmap.io
franc01.publicvm.com
gfhhjgh.duckdns.org
ijogaa.duckdns.org
jok7oda.publicvm.com
kkshdh.duckdns.org
krnewfine.work.gd
lyoni-55552.portmap.host
mikeludomax.ddns.net
mikeludoyyxx.ddns.net
mikludoykxx.ddns.net
mineawrtes.ddns.net
mmten.publicvm.com
mo1010.duckdns.org
moaaaza.com
monogon.cc
n0fuzga.publicvm.com
nasser.endofinternet.net
new2023.ddnsfree.com
new6000fix.duckdns.org
nexsa111.sells-it.net
nexss111.sells-it.net
nexst111.sells-it.net
nulled2nd.camdvr.org
paris-comrademay17.duckdns.org
pofsecure.worse-than.tv
polymoly.info
pop11.linkpc.net
pop5.ddns.net
portdin.publicvm.com
quizzical-meadow-22997.pktriot.net
reinfocomplete.us
ridaq1.is-a-caterer.com
ridaq2.is-a-caterer.com
rider.giize.com
services.work.gd
snaxosveilbmoswar.ooguy.com
tarjapreta.news
vrln.linkpc.net
waelrakha.com
winhost.ddns.net
wizzy.hopto.org
wpmediatech.com
xavierat.ddnsfree.com
xxxpasoxxx.ddnsfree.com
xxxsthebagsxxx.mywire.org

# Reference: https://www.virustotal.com/gui/file/881168bc9d9b2dd0ab96a2ebf781069c7f0adb347d2aed6afffc40fc876440b2/detection

gratedmonth.duckdns.org

# Reference: https://www.virustotal.com/gui/file/00175798dec9209ec22acf95a8484f3fcc58524973ff82111268dc117f3647ad/detection

103.151.123.121:8891
handofhor.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fdaa11387459b12583b27ace60c86e5fee4d882eff1a3c84d934fe84a31a914f/detection

23.133.216.180:21340

# Reference: https://www.virustotal.com/gui/file/0031ede66d7106d7d02eeddba63722046419ee6acf14b1d0441fc6e57bb63bf4/detection

147.185.221.180:25384
147.185.221.180:4852
23.133.216.180:25384
23.133.216.180:4852

# Reference: https://tria.ge/221128-sds6nsga4v/behavioral2
# Reference: https://www.virustotal.com/gui/file/53f99ccc4b2f86fbd235ebb718b1425017f23c01bc1a2b5ba39da3d4d21ab2b8/detection

147.185.221.180:9969

# Reference: https://www.virustotal.com/gui/file/68ea91f5203fb365e373f3325f2388db0d3f83237381548418f92af5659b8d64/detection

90.166.185.205:6606
90.166.185.205:7707
90.166.185.205:8808
torpesito.ddns.net

# Reference: https://www.virustotal.com/gui/file/3e3ef95e4d20e1cf759021d91f834b6f2c82a1a9dbab3cab1605a55bc85d5be5/detection

167.71.56.116:22823

# Reference: https://www.virustotal.com/gui/file/f1b069632065fa9b56ec7fe634303955294d883a43b66449467fd0e84ac41981/detection

103.156.90.165:6688
inthepinvbxss.duckdns.org

# Reference: https://twitter.com/r3dbU7z/status/1600095143272402946

dybc.publicvm.com
elgzar.kozow.com
nasori.ddnsfree.com

# Reference: https://mp.weixin.qq.com/s/J_A12SOX0k5TOYFAegBv_w (Chinese)
# Reference: https://www.virustotal.com/gui/file/68573d7720dd2af77d97303843b1b8e80bff6650738c80df21fff51dac1075cc/detection

182.183.241.98:6666
tindertx.ddns.net

# Reference: https://www.virustotal.com/gui/file/9f87770bad3dd34c91f94032c8d219f327fea68d9452355804a59359dc8fde5c/detection

63.250.60.207:3060

# Reference: https://twitter.com/suyog41/status/1603656406854520832
# Reference: https://www.virustotal.com/gui/file/3cb88219d3e69e3831a24c06a1bcab6e6689358af1ce39e72876a27e73f236fd/detection

chasmic-slings.000webhostapp.com

# Reference: https://www.virustotal.com/gui/file/b090e91734b2b0159a3c73193665c461c57f46d8d10e9a01f662149b98c228db/detection

198.23.212.148:8848

# Reference: https://www.virustotal.com/gui/file/96c34bd9fb09b04617ca76e8e4e1ece03c9307335a25c882ae1b4a8e9fdbcca4/detection

4.201.51.87:5786
guardionofthelimiar.duckdns.org

# Reference: https://twitter.com/58_158_177_102/status/1607911624815542273
# Reference: https://www.virustotal.com/gui/file/f470c59c6294eb44a1710a494df0901093e8efef423e243bc41044a3f7349616/detection
# Reference: https://www.virustotal.com/gui/file/d43adab8c5f838640ed5b27cd6117f7482fbd1548cdab806ac675ab021e3b4e4/detection
# Reference: https://www.virustotal.com/gui/file/f6362f72ab7bf169e6f17cdfbf06871528526a210126f75dbd2f8ca8a2cb73cd/detection
# Reference: https://www.virustotal.com/gui/file/f1a0466f8d953d09ec77419609e8050f76c76aa93e9626ce3fc50fe9c296ad7f/detection
# Reference: https://www.virustotal.com/gui/file/9ea0227fe34a921ea91ee6780651f62011d3a17a67df57e22afeb4efb7ba75f4/detection
# Reference: https://www.virustotal.com/gui/file/2a0485239bcd3617d9b6139a2ecd01e2c094eeec2fbe8ac0aeed9e1fa2f4d781/detection

105.154.204.219:64
160.176.131.9:64
160.176.70.134:64
160.179.101.16:65
196.64.173.7:65
peakypinkers.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f8f2577b633797d4f522bc7365c943b83e3a92062ff2bd22f807d3d2f9fe354b/detection
# Reference: https://www.virustotal.com/gui/file/ead9e87d8a4aede84c362453156b467d3d0c31f26a670c4aea5a57ced4c6b4eb/detection

82.131.101.66:5552
1604.hopto.org

# Reference: https://mobile.twitter.com/x3ph1/status/1610430091041046529
# Reference: https://www.virustotal.com/gui/file/a71286ed9bc67a7bc404b462229db4cb869d36b84f41bfbc36a9227759ed434c/detection

147.189.168.100:6606
147.189.168.100:7707
147.189.168.100:8808
synergymediplus.com
1bxb.ddns.net

# Reference: https://twitter.com/James_inthe_box/status/1612459856639971328
# Reference: https://app.any.run/tasks/8bd63423-0ecb-4836-8e46-6ef6028d5f3c/

185.176.220.29:6606
185.176.220.29:7707
185.176.220.29:8808
mulla2022.hopto.org

# Reference: https://twitter.com/malwrhunterteam/status/1612581159699107843
# Reference: https://www.virustotal.com/gui/file/afbc4002c8369634933a12c9d2963644e648e30dc1ab25e506696f593fda4a33/detection

20.25.94.83:6606
20.25.94.83:7707
20.25.94.83:8808
c1crt.axfree.com
draxinc.linkpc.net

# Reference: https://twitter.com/Racco42/status/1612697711475572738
# Reference: https://app.any.run/tasks/46f2915c-5ebc-447d-976c-f4cfc4339f67/
# Reference: https://www.virustotal.com/gui/file/b90713c5c5f654a3dec2c6cd9c6b38d34a371403aa307a84f3d8cce512e41c0c/detection
# Reference: https://www.virustotal.com/gui/file/37d871a4da364d19f9a32d10a9845f808daa5b60479f9134d1d2d6501e21fa25/detection

109.206.243.198:6606
109.206.243.198:7707
109.206.243.198:8808

# Reference: https://www.virustotal.com/gui/file/da7c929bf15c5b5f503449155f5000987a35916cb8cd97ce46b3509a16cfd6ac/detection

141.95.84.40:3060

# Reference: https://www.virustotal.com/gui/file/d8ebb55bf18869dc3f5b0a3f3c1a5287b6499dd2749feb9aa42f9bd8f30fece1/detection

141.95.84.40:3030

# Reference: https://www.virustotal.com/gui/file/a70000522eeafcb0dabe06ae1f49b25257795d90269b6d47737b64cecbabb91c/detection

def.sytes.net

# Reference: https://www.virustotal.com/gui/file/137b0598d14eaba417a9e7a9aea72027aa2e98fc30c814df45b91a992824e6dc/detection

46.43.90.99:7788

# Reference: https://twitter.com/embee_research/status/1614805554261815297

1c76ec89.anchor.northphxchiro.com

# Reference: https://twitter.com/phage_nz/status/1615132638288957440
# Reference: https://tria.ge/230116-3mxwbsfc89/behavioral1

154.12.250.38:6606
154.12.250.38:7707
154.12.250.38:8808

# Reference: https://twitter.com/petrovic082/status/1615628082353676288

179.96.121.149:8080

# Reference: https://www.virustotal.com/gui/file/5cad69a96f097577cf7c73adeb0b43857c1acca3cf901c23f1f14768a16ac350/detection

45.138.16.150:6666
d1x3x.linkpc.net

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-01-19%20AsyncRAT%20IOCs

154.12.234.207:6606
154.12.234.207:7707
154.12.234.207:8808
newtryex.ddns.net

# Reference: https://www.virustotal.com/gui/file/4fe815a0f25f582df5512d777afceaa3dfe65da5ded46465fad849ff3487d170/detection

91.109.176.7:9441
bemviver-repouso.com.br
cdt2023.ddns.net

# Reference: https://twitter.com/1ZRR4H/status/1617696464230285313

2023foco.com.br

# Reference: https://app.any.run/tasks/d332f444-028c-48d1-9e84-9311b233e9e9/

95.216.102.32:6606
95.216.102.32:7707

# Reference: https://twitter.com/petrovic082/status/1618549394911170565
# Reference: https://www.virustotal.com/gui/file/fa3a9b975c2a6c0aafaba29157cb94daba8e5fe20da8c3c70c5552e2aaccf378/detection
# Reference: https://www.virustotal.com/gui/file/1649b879a199aea927d7879701a8017d286c291cd294b31e46486d2137c7789e/detection

134.209.126.30:6666
159.65.235.56:6666
181.214.94.75:6666
morph.sytes.net

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-01-27%20AsyncRAT%20IOCs
# Reference: https://www.virustotal.com/gui/file/e180cd1b7fcf1674287a2aa516901ab1491aaaf7d9beb067b8109e742d89a50b/detection
# Reference: https://www.virustotal.com/gui/file/041201ea61adce22ef2f36f64f9ccac66d638bffcb043e48f53d33cc7d8692a6/detection

http://109.107.174.128
109.107.174.128:6606
109.107.174.128:7707
109.107.174.128:8000
109.107.174.128:8808

# Reference: https://twitter.com/ScumBots/status/1621102979033010179
# Reference: https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia
# Reference: https://www.virustotal.com/gui/file/55e25bce90136a80ea0e24c17e4fa2b6582d9d387b3defeb06d40e38313ea6fe/detection

46.246.80.9:1543
46.246.86.3:1543
asy1543.duckdns.org

# Reference: https://twitter.com/malwrhunterteam/status/1622654044899614737
# Reference: https://www.virustotal.com/gui/file/360e29b66b74183494f32501a184eb3f39b425459b57cf84a6e3f8061dc519a2/detection
# Reference: https://www.virustotal.com/gui/file/cfd9d28726de527ffe41e35c827f4dbf94671b9f74d70fd0ac118ddd8bcd8485/detection

85.217.170.33:8008
fintran.site
filetrinsf.xyz

# Reference: https://www.virustotal.com/gui/file/6a5e14ed26730c4e7fcbcbbc98db1cb7bdc45b27af457fd7f349b78cc35da9f8/detection
# Reference: https://www.virustotal.com/gui/file/8a1b62fe165e75fe0004fcfa274a2b1316cb4012fb57454a45c15514b693fdc8/detection

85.217.170.33:8090
filetrisnf.store

# Reference: https://twitter.com/atomiczsec/status/1623112165212184583
# Reference: https://tria.ge/230207-2ydfdsga92/behavioral2

osostata.com

# Reference: https://www.virustotal.com/gui/file/16b4a6fec76b452f77a6832871ff2e906d673e557a0e6c2673fc952181d1319b/detection

185.249.198.46:6666

# Reference: https://twitter.com/dr4k0nia/status/1624214043639660544

18.206.35.13:6666
40.113.131.31:6666
xe3x1.ath.cx
xonxen.dnsalias.com

# Reference: https://www.virustotal.com/gui/file/727b7a1920d25e48af6ff6c8ee65be66ca062ba068d156a8211510c6e906e126/detection

20.206.103.69:4448
operador.ddns.me

# Reference: https://www.virustotal.com/gui/file/1b713a56ede95505160c5f6942799badd8c749a0cf767f34dbc276f31d5087e2/detection

20.195.202.119:4449

# Reference: https://www.virustotal.com/gui/file/1cf7ad31eb11c1ab20417351de431a3dd795ff9753e0f5e70c7ac3b7619283cd/detection

20.206.103.69:4449

# Reference: https://www.virustotal.com/gui/file/d4e1be1a339a03490a108e86604bd02f58aac556e4be18a52217bcc52816a936/detection

20.13.152.56:4449

# Reference: https://www.virustotal.com/gui/file/a1e5cd57d6884986e59bc05f2fc0b6bfb1199cba589ff293fbe538dfec78d835/detection

http://20.166.20.230
20.195.163.160:4449

# Reference: https://www.virustotal.com/gui/file/9b9477b4a407bb0cd74e70a1ceae6249a65bcefcf8cc9b98a79b03bca1fbb826/detection

20.206.103.69:7788
bitflysecurity.s3.amazonaws.com
operador.ddns.me

# Reference: https://www.virustotal.com/gui/file/817fd089f6f29233a21a67a8adc3f01e5816017cc653504d25ce0e3e41bad02f/detection

nofinebucket.s3.amazonaws.com

# Reference: https://www.virustotal.com/gui/file/4644d5d8f56afb7b2095ca5c209e840ad3a7dddaa294fa6a074283f0f6b1d956/detection

exodusdownload.s3.amazonaws.com

# Reference: https://www.virustotal.com/gui/file/0160a5ab3ac93ff1cbc18c74777e65600ef2982a2b147697944ad3033c6fd115/detection

esplogem.ga

# Reference: https://twitter.com/0xToxin/status/1624368467511021569

207.244.236.205:6606
207.244.236.205:7707
207.244.236.205:8808

# Reference: https://twitter.com/malwrhunterteam/status/1625586060276162589
# Reference: https://www.virustotal.com/gui/file/8572c19e4037b11c860ad014609a29a906ca1cdbd06ae6f13a3bf2e32c3acfb7/detection

20.229.137.82:1337
nonly.live

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2023-02-14%20AsyncRAT%20IOCs

195.133.40.128:333
195.133.40.128:6606
195.133.40.128:7707
195.133.40.128:8808

# Reference: https://twitter.com/dr4k0nia/status/1625965366793961472
# Reference: https://www.virustotal.com/gui/file/75ace7d4e6c6cd5abb6e28deb7a902f361afa443b0b71af834ff9d38972a441a/detection
# Reference: https://www.virustotal.com/gui/file/9e66a5a4ce6774b137b47c5feaa407b75b96349bbff3c2dfe24b522cfa06f46b/detection

185.241.208.233:1337
barbaraalle.camdvr.org
barbaraallen.camdvr.org
raymonddapson.camdvr.org

# Reference: https://www.virustotal.com/gui/file/017f7fb81dad9de4238b0dc6e59989eda959d8626df7451e8afe1ece3892621d/detection

http://185.11.61.245
185.11.61.245:6606
185.11.61.245:7707
185.11.61.245:8808

# Reference: https://www.virustotal.com/gui/file/5dd033f850835b3e0b4ae423aad9922a9759d6b3f7ea5ff2b171815bf3a18825/detection

194.5.97.59:6606
194.5.97.59:7707
194.5.97.59:8808

# Reference: https://www.virustotal.com/gui/file/ceb12c810554c6988f7a88335613971616ef832dfd7e9027ae3bdf76f0974ee4/detection

18.228.115.60:19289
18.229.146.63:19289
18.229.248.167:19289
18.231.93.153:19289

# Reference: https://www.virustotal.com/gui/file/1e5407baf23480666ea2e978ccf1ad1276118b002c82160d5780f093a7517297/detection

178.175.142.195:26741

# Reference: https://www.virustotal.com/gui/file/f2399be73420c3074326fc31451d2c126c862dad095be5bcfbc0a0c0b022e4c7/detection

185.65.135.177:56604

# Reference: https://www.virustotal.com/gui/file/9a0bcf924ffecb891bae26ba6d17c2deb44f59f51a9d4f529b480393077585a5/detection

185.65.135.177:8925
maltosen.ddns.net

# Reference: https://www.virustotal.com/gui/file/26e95fe011f8d21bde28c916cc60ec5f7d817bba6f8df6302449a8fc0aaf729f/detection

185.65.134.181:56981

# Reference: https://www.virustotal.com/gui/file/cbe84d22f09c9a8eb3d15710e72eac9e21941400e66f3e890ce6fcca294b8ce1/detection
# Reference: https://www.virustotal.com/gui/file/8170cd47490cd0a0e8769cc662fe9d7a4e975c34e5fe494b209e0d73bc0d6433/detection

185.225.28.158:54944
3.64.4.198:18640
3.67.112.102:18640

# Reference: https://www.virustotal.com/gui/file/14c5a30526484ef4edf641a38e56a9c150d4f94ae125af2bbc9d821056d20023/detection

193.138.218.162:55373
193.138.218.162:57296

# Reference: https://www.virustotal.com/gui/file/9cc2a804dd840e979b6481c0cbc8045c991422d193b3e6358bacd082dd657c35/detection

209.25.140.180:55682
whole-playback.at.ply.gg

# Reference: https://twitter.com/malwrhunterteam/status/1630275606666440704
# Reference: https://www.virustotal.com/gui/file/b3051daf1bb20dfa1cbc49a1da48ad341ed3a3ccb86fa8ba5a264c4e98cdc0e0/detection

http://176.113.115.123
176.113.115.123:6606
176.113.115.123:7707
176.113.115.123:8808

# Reference: https://www.virustotal.com/gui/file/38d27eca5b197c4352ac713713e13e52ffe90c9eb61675315b0027ffa7c2aaf4/detection

51.142.111.3:3779
yourfather101.duckdns.org

# Reference: https://twitter.com/StopMalvertisin/status/1631318221465997314
# Reference: https://twitter.com/ThreatBookLabs/status/1632647230007173122
# Reference: https://www.virustotal.com/gui/file/90cb95264d0b555fe9a760de404196ac183a958c9cc1aad0689598e35fbb0c3b/detection

0ffice365update.blogspot.com
urlcallinghta1.blogspot.com

# Reference: https://twitter.com/StopMalvertisin/status/1631318233650446336
# Reference: https://twitter.com/c_APT_ure/status/1632327563921051648
# Reference: https://www.virustotal.com/gui/ip-address/212.87.204.83/relations
# Reference: https://www.virustotal.com/gui/file/c64e61aaa97d1744f8ec61dbd9ca72f3f5443bf534ee98eab39832338be39204/detection
# Reference: https://www.virustotal.com/gui/file/94c3945bc834baae76d1e1e9fe6f647fc3438cc8b2dd1cbcf71e1fa57ff777b8/detection

212.87.204.83:3000
212.87.204.83:5000
port3000newspm.duckdns.org
port6000old.duckdns.org
port7000old.duckdns.org

# Reference: https://www.virustotal.com/gui/file/43905bff6b7bdac9698c9109764e7ac3ffddddf59b9d278c648dfd8e6b1403ac/detection

3.64.4.198:16972
3.67.161.133:16972
3.67.62.142:16972
3.67.62.142:19425

# Reference: https://www.virustotal.com/gui/file/13de2024361712c76d9e5aed5aa9efb5af58dbc42e0ef58fa9084f422e268195/detection

165.227.31.192:22832
us-west-11608.packetriot.net

# Reference: https://twitter.com/TrackerC2Bot/status/1634253108975894528
# Reference: https://www.virustotal.com/gui/file/25beb3bb95290ffbb5b12ad678ca9c7eb1bc2a135ecd0ec35621d30a9bab31d3/detection

172.93.231.202:4442
172.93.231.202:5552

# Reference: https://www.virustotal.com/gui/file/52688b2d7ff1b147902bb6eade2be7d52e27efb10f318ede17e05eb398386cac/detection

181.141.1.250:2424
46.246.12.16:2424
telo2158.duckdns.org

# Reference: https://any.run/malware-trends/asyncrat

kmspico.one
majul.com
eltem.iptime.org
fund-linda.at.playit.gg
lesgoo.kozow.com
mind-cpu.at.playit.gg
nethttp.sytes.net
trip-it.at.playit.gg
trojeiros.duckdns.org

# Reference: https://twitter.com/0xrb/status/1635946014031978497
# Reference: https://www.virustotal.com/gui/file/5379820f930466a3fd452e5161da9da7771db18a2c88050a9f7a908960e1d7c8/detection

185.136.161.11:1337

# Reference: https://github.com/RussianPanda95/Malware/blob/main/AsyncRAT/hindi_config-3-17-2023.txt

chromedata.webredirect.org

# Reference: https://www.virustotal.com/gui/file/486d9c1f259ee472964bf817ed2b8e218440f7b1145230ff8cbba6a3da3c8f55/detection

181.141.1.67:4243
dcleomessi.duckdns.org

# Reference: https://twitter.com/pmelson/status/1640822646089678848

p24xy.xyz

# Reference: https://www.virustotal.com/gui/file/0c6b9d6c37b17c04112ce5b33b8b7770c483cb70b1e28f66d06d1bbf8384c777/detection

91.192.100.36:4444
dlusercontent.net

# Reference: https://www.virustotal.com/gui/file/c0414a72120a5810090003e67dfd5deb57d40b7114a427b3cb8b255d92e7e1cb/detection

37.166.213.98:6606
37.166.213.98:7707
37.166.213.98:8808
cloudflarenet.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1c5a1893e2d9ebec47e904cb5848c73160e44bbdc132ef4629ed01248c126bd0/detection

91.109.186.14:6606
91.109.186.14:7707
91.109.186.14:8808
seznam.zapto.org

# Reference: https://app.any.run/tasks/d76a4082-1636-4122-9ac8-55a52a8c79d8/

103.47.144.42:7045

# Reference: https://www.virustotal.com/gui/file/5faef14a931cb73235865309f5b8d151decefe3163036e6d15442325eeda14fa/detection

82.213.21.251:6606
82.213.21.251:7707
82.213.21.251:8808
ccleaner.hopto.org

# Reference: https://app.any.run/tasks/842a3193-57c3-4a67-919d-f63d091ef85d/
# Reference: https://www.virustotal.com/gui/file/6dedc7da4dacf1e6bec9ca8b120343dfea5a46df41ca454f37284b163211ff78/detection

http://185.81.157.135
185.81.157.209:2301

# Reference: https://twitter.com/malwrhunterteam/status/1643576221354033154
# Reference: https://www.virustotal.com/gui/file/cb977702b8e144294287783f421fa0c9648e91b2ae7a22c9564ef2986bd76675/detection

209.25.141.223:50753
overview-bm.at.ply.gg

# Reference: https://www.virustotal.com/gui/file/b605abc87533cdc19417cb5d77523786566abea6d3c50f9726cb50e572a72a6d/detection

194.26.192.121:6606
194.26.192.121:7707
194.26.192.121:8808
mssssusa.accesscam.org
mssssss47477474.casacam.net
wmssssss47477474.casacam.net
6606.mssssusa.accesscam.org
7707.mssssusa.accesscam.org

# Reference: https://www.virustotal.com/gui/file/f38e60203e63c6698a2ece1184f19377d9f42caf2c3d474b9f8a210d41313d00/detection

win10.webredirect.org
win11.giize.com

# Reference: https://www.virustotal.com/gui/file/6d7250146b15601a91d4a0b1f7b61c92663ba3c292a7a599b729c0f63702534e/detection

185.65.134.182:15888

# Reference: https://www.virustotal.com/gui/file/a41eb1afcafeaa654907fcb9bf5933bf5fd628f921e846ac9337b9841300194d/detection

185.65.134.182:57274

# Reference: https://twitter.com/x3ph1/status/1646691991982333954
# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/e22683de5510cbc523e79448c8695ae6c07e03b6548acbd8960ce243282594c0/detection

147.189.170.192:6666
wbem.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/f12589613148fd8c49340d2a052055a904eebcb6be0139e88c195199e017ee7c/detection
# Reference: https://www.virustotal.com/gui/file/d914868ffae77ca23a37923e9af6e4f4b006a1647de5312881abb32e86e1004b/detection
# Reference: https://www.virustotal.com/gui/file/6c53e66888f9ea39e6742852b010583ba15026c20e175cfbf889681f72407b31/detection

2.56.56.223:1996
207.32.218.11:1996
zipcode96.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/b4a9322a15a084fe9b8347b2c7bceac6f82d838a808dadcdd82b48bd1763ae2c/detection

207.32.216.100:1999
bigflossy.ddns.net

# Reference: https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/ASyncRAT
# Reference: https://www.virustotal.com/gui/file/0be38f7ea9f1a73de2b0d3a5780837eb07a46cdb784b1f89e355d4c4dab76eb2/detection

2.58.56.41:1996
cynax22.hopto.org

# Reference: https://www.virustotal.com/gui/file/f5b225cee24542e5f59f4aeb62bc8dcfe407014e644987586c5effa2e443df91/detection

176.97.70.164:1177

# Reference: https://www.virustotal.com/gui/file/5f69e57505862bfe9efc097de17ffa99c93eedb60e86b073cbe494b00a2d9a37/detection

18.228.115.60:12097
18.229.146.63:12097
18.229.248.167:12097
18.231.93.153:12097
54.94.248.37:12097

# Reference: https://twitter.com/r3dbU7z/status/1649082685338402816
# Reference: https://www.virustotal.com/gui/file/d5a2a03d87b4f1471dabcc76c057b74ebf4557058bdc225194a444413964b13a/detection
# Reference: https://www.virustotal.com/gui/file/b65be0351a717f4440b29a61d206acf4457c4755693f5d68e8cb39948ec5c1cf/detection

http://51.89.207.173
51.161.107.21:666
usb.directory

# Reference: https://www.virustotal.com/gui/file/33a24cdd53b8d0a52bd93e9b59482c4c7c933d119dba87f01f7c02a8c97bed0a/detection

147.185.221.223:24460
myfilesx.s3.us-west-004.backblazeb2.com
/ddgqprb4fbn/fgtryh45c.txt
/ddgqprb4fbn/
/fgtryh45c.txt

# Reference: https://twitter.com/sicehice/status/1650703773839286272
# Reference: https://www.virustotal.com/gui/file/9bc6f7078b4a80e7363336194ffccb04d646da487bb093775b3caefd224f7d87/detection

31.192.235.146:8000
31.192.236.139:3434

# Reference: https://twitter.com/g0njxa/status/1652022542259896335

20.123.197.130:8080

# Reference: https://www.virustotal.com/gui/file/140e8710e1a8c2dfbeea2587180ffc0656523fca8824880e7e3de91a3a56d7a4/detection

81.161.229.121:4545

# Reference: https://www.virustotal.com/gui/file/0571c7fd18f633e731f93e93f82260c89157e2e014152b1d909cfbc1c7d68570/detection

179.43.154.184:8008
minijusfil.com

# Reference: https://www.virustotal.com/gui/file/cd279fe4806f1925c2985f4a3f4a0052b140e85ffad9a2e46b27f8ff2cd99baa/detection

bahrdevo.endoftheinternet.org

# Reference: https://twitter.com/malwrhunterteam/status/1654111835136708608
# Reference: https://www.virustotal.com/gui/file/09cc73e85312daa39cbf1e5a523ed368a0611c0691cecbafd5f6b0c2d64eaaba/detection

46.21.153.135:9897
apatee40rm.gotdns.ch

# Reference: https://www.virustotal.com/gui/file/817c463f2b2d6ad916bd11bdc8e81e232b443d333cb02a3943d28f11d206ccc3/detection

45.80.158.114:6606
45.80.158.114:7707
45.80.158.114:8808
1dog.ddns.net

# Reference: https://www.virustotal.com/gui/file/3ebfbbd09064aae6f6238d019637a666740b3b35141e46cf76524c8dde88fb26/detection

103.30.126.242:8848

# Reference: https://twitter.com/Artilllerie/status/1655915223604244482
# Reference: https://www.virustotal.com/gui/file/4d275403b2993bb1dcf4d3262a5a70b32c0caa04e3cdb8c236420a3b1b1855b6/detection

190.2.142.239:5566
downlodanydesk.com

# Reference: https://www.virustotal.com/gui/file/91971af253069cff21a8c104773ba2f80ac611a6e72db84d20432141136578f4/detection

104.234.119.55:50511
mortgage-service.duckdns.org

# Reference: https://www.virustotal.com/gui/file/1141b995cd24c8f2eb4d83d08a3a9dba4f2c4cd5d6e1528f64aa8d51ddbd62bb/detection
# Reference: https://www.virustotal.com/gui/file/afda04b91b8bff33be9e8f9c7a3cf441c4b2c92f9fcef42a00bcf35e495a9e67/detection

79.134.225.40:2211
vmware.trickip.org

# Reference: https://www.virustotal.com/gui/file/0c32c4300e32863030d1ed5633f530a4f411df1c391d4388140c8ff2974638b0/detection

194.5.97.49:6970
83.151.238.37:8080
dvcfxgcvbbasfsd.ru
xafsavxcfdgbdsfg.ru
giuseppe.ug
tamera.ug

# Reference: https://twitter.com/0xToxin/status/1661101374166257664

strekhost2058.duckdns.org
strekhost2065.duckdns.org
strekhost2068.duckdns.org

# Reference: https://gist.github.com/embee-research/f6af45017a3bb3c64a1654b7c4810525

109.230.238.142:6666
116.62.115.255:8808
120.146.185.63:443
142.202.240.126:5555
146.59.161.194:8808
149.102.132.253:3110
15.165.236.45:8808
172.81.60.205:8808
185.81.157.105:5130
185.81.157.135:7777
185.81.157.14:4444
185.81.157.168:7701
185.81.157.5:4152
190.28.148.168:2000
192.119.108.77:8713
192.119.108.78:8713
193.23.161.246:6666
194.156.91.127:8743
194.9.172.60:8808
198.244.251.230:2222
20.67.243.141:113
207.244.232.102:8808
207.32.217.71:5001
23.254.130.126:6667
23.254.227.121:6666
23.254.231.83:1002
38.242.242.149:7777
45.138.16.161:2020
45.138.16.202:6666
45.138.16.48:1234
45.141.215.81:888
45.141.215.84:222
45.143.99.54:1337
45.154.98.110:1989
45.154.98.192:222
45.58.190.125:8808
45.80.158.57:8888
5.224.222.214:4001
5.249.165.85:6666
51.120.120.162:8808
51.161.104.149:8808
51.161.105.119:7707
51.161.59.75:7707
51.81.126.13:222
51.81.24.93:7000
51.89.204.67:7707
51.89.207.166:8808
54.38.124.50:8096
54.38.234.73:8808
66.94.118.174:1188
66.94.122.207:8808
70.36.110.159:8888
74.222.22.72:8888
82.159.198.174:4002
85.206.172.156:444
85.215.190.69:8808
98.26.85.5:6969

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (04 Jun 2023)

111.90.149.195:5111
111.90.149.195:7766
151.80.52.38:4449
185.252.178.121:8808
192.71.244.54:8080
37.196.152.120:4449
43.226.49.147:8080
45.80.29.139:1337
64.235.61.43:8848
84.54.50.9:6606
84.54.50.9:7707
84.54.50.9:8808
88.198.206.217:4449
91.192.100.7:8808
95.214.27.44:6606
95.214.27.44:7707
95.214.27.44:8808

# Reference: https://www.virustotal.com/gui/file/74c1d1141cf501cd8b9d86f97acb67cc7dc7e9213f8722600ae991f5d254b68b/behavior

websites.vpndns.net

# Reference: https://www.virustotal.com/gui/file/28e1470bf46b1680e230c7bb57e4836d3b6bef4d35d2cc927984950416a4c1d7/detection
# Reference: https://www.virustotal.com/gui/file/367831dcb90d2df723eeccb94c21fe58691a6946b4ea40cb9de2bac316319d9b/detection
# Reference: https://www.virustotal.com/gui/file/ba5ed5f0f25b952f16a30d9dc97c1be2a9c1f7676345311b421584ca4c4c1405/detection

18.198.77.177:17851
3.121.139.82:17851
3.127.253.86:17851
3.127.59.75:17851
35.158.159.254:17851
52.28.112.211:17851
solarx.site

# Reference: https://www.virustotal.com/gui/file/da642fc983f09b106c32181f7e66d0cad426924650594ca613e5ce5b25b71493/detection
# Reference: https://www.virustotal.com/gui/file/2d2211d9266e7080e6e12d150829935a3f0794e4d499199f9c7480de02b458d7/detection

141.95.84.40:456
141.95.84.40:916

# Reference: https://www.virustotal.com/gui/file/9b3c1321f7bee06e6790ee733d7ff90400f628040fee4e65d240340f957d00a1/detection

104.243.47.45:5230
104.243.47.45:6606
104.243.47.45:7707
104.243.47.45:8808
celsperial.hopto.org

# Reference: https://www.virustotal.com/gui/file/f9171de76ea630a461f1764aa9c27fadf7e8fcbddfa7a2c3b44067867c029f05/detection

91.208.92.49:7001
miopsbn.con-ip.com

# Reference: https://www.virustotal.com/gui/file/0747abd54dd664fed5dd0028ac579905845c91d5a0da537133ba4bfcb5fea15c/detection

181.142.211.88:7577

# Reference: https://www.virustotal.com/gui/file/71a2fe2a79055b9aca04daaa8288730f1027c0b186e2f10718b21e2d1e89355d/detection

64.235.61.43:42069

# Reference: https://www.virustotal.com/gui/file/cd704cdaf7397e725eaa339fb7ad3a0ab26f503428eb8eaaf4abb656ae949382/detection

188.126.90.211:3636
188.126.90.212:3636
46.246.12.211:3636
46.246.4.211:3636
planpnl.duckdns.org

# Reference: https://www.virustotal.com/gui/file/132358ecc4d7b80efba0d2d57fe104b563673ecc9935efcd4e8440c886e0138c/detection

18.228.115.60:17832
18.229.146.63:17832
18.229.248.167:17832
18.231.93.153:17832
54.94.248.37:17832

# Reference: https://www.virustotal.com/gui/file/3ec57ea55466112ec38310d0066fc024e3600887785e768a8219230d236a7eb8/detection

18.228.115.60:16864
18.229.146.63:16864
18.229.248.167:16864
18.231.93.153:16864
54.94.248.37:16864

# Reference: https://www.virustotal.com/gui/file/c44075c86a18be51547cba1e2d357aaef5008a0bfb25daa4dba2c6c5e25f2ca1/detection

209.25.140.194:51862
209.25.141.194:51862
209.25.142.194:51862
194.ip.ply.gg

# Reference: https://www.virustotal.com/gui/file/994385b5a04f107c65d45c3cb54483e847d63b6b75988ad8ecfd6c9df1cba295/detection

18.230.117.219:6000

# Reference: https://www.virustotal.com/gui/file/c7b9a1bf733e98f545d5cb946165c32923c564b4cc3603924eae9a44df203a3d/detection

18.231.156.119:7000

# Reference: https://www.virustotal.com/gui/file/fbc3ad3bdb040103596ab07b85d80331dcaa9868e55220481faba563c85f890a/detection

18.228.115.60:13552
18.229.146.63:13552
18.229.248.167:13552
18.231.93.153:13552
54.94.248.37:13552

# Reference: https://www.virustotal.com/gui/file/f8fc2647fffca9883e5eb6cc375c4efafdb56d2f4a11fce3b4444dadfb51d0cb/detection

192.119.108.74:8710
192.119.108.74:8712
microsoftdell5.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fd5b9cbb176cfea7cb3ba0b8f10e323eb1a9c1a914a0ab9182aa033c8ea18429/detection

181.141.4.153:8000
walder08.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d173f0a86e693ad02d756c7f8f1bee445c663aecf2b4f886f733ca01c0911345/detection

181.141.4.153:6969
an6969.duckdns.org

# Reference: https://www.virustotal.com/gui/file/296a2cb7bf3fa274918f985358debd7983e2af29068fc37dd9cb99e070b9f0fd/detection

151.106.30.145:7410
741qu.bounceme.net

# Reference: https://www.virustotal.com/gui/file/577047181197a34939a106666deec71d3e91e386deda32d412ef1e8b3de2b000/detection

198.12.123.17:5004
198.12.123.17:6606
198.12.123.17:6700
198.12.123.17:7707
198.12.123.17:8808
celesperial.ddns.net

# Reference: https://www.virustotal.com/gui/file/67905601c2fc9f78274058e39de8c2714f46b40cfd29e5d5a06117fc7d07ab46/detection

172.111.136.105:2022
admina.duckdns.org

# Reference: https://www.virustotal.com/gui/file/60ae5794afacdc55c75268040eedce59d20776dced641d2cba250bd768359d8a/detection

alertgeeks.ddnsfree.com

# Reference: https://www.virustotal.com/gui/ip-address/185.150.117.106/relations
# Reference: https://www.virustotal.com/gui/ip-address/84.32.190.45/relations
# Reference: https://www.virustotal.com/gui/ip-address/85.217.144.194/relations
# Reference: https://www.virustotal.com/gui/file/9ae87c35d2a6209b208dcefea9785a31d69a1a9396a825883edddd3e030188e4/detection

fox-news-checker.cc
microsoft-auth-network.cc
microsoft-service-checker.xyz
security-service-api-link.cc
update-checker-status.cc
utorrent-backup-server.top
utorrent-backup-server2.top
utorrent-backup-server3.top
utorrent-backup-server4.top
utorrent-backup-server5.top
utorrent-server-api.cc
utorrent-servers.xyz
win-network-checker.cc
windows-services-update.com
youtube-checker.cc

# Reference: https://www.virustotal.com/gui/file/9a6aa7bc60f817e2c0761373100d5bb22207847da7d8452db757b17c03c18c9c/detection

185.174.101.94:5464
electroniccomerceanddatabasesforstudypurposesonly.online

# Reference: https://www.virustotal.com/gui/file/b0fafe361aa7083b1d3482ec723158599dd01c5d26fa5ea3c30d78a325c9fb8a/detection

209.25.140.229:18084
209.25.141.229:18084
209.25.142.229:18084
decision-at.at.ply.gg

# Reference: https://twitter.com/k3yp0d/status/1681973711774130176

nansen.accesscam.org

# Reference: https://www.virustotal.com/gui/file/0c72727630c83e823fd60d776bad262f01c7e0a9e52ea92fdd9a3adf04910d6e/detection

209.25.140.181:26235

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-23)

http://51.79.49.73
103.169.34.151:2245
103.170.118.35:6606
103.212.81.152:3845
103.212.81.152:3850
103.212.81.152:6606
103.212.81.152:7707
103.212.81.152:8808
104.255.175.12:8008
107.175.113.198:8011
108.58.155.197:6606
108.58.155.197:7000
108.58.155.197:7707
108.58.155.197:808
108.58.155.197:8808
108.58.155.197:8881
108.58.155.197:9909
109.195.94.247:8096
111.90.150.186:8977
116.62.11.90:8848
136.243.151.123:8808
136.243.151.123:9999
136.243.151.21:65
136.243.151.21:66
138.201.95.65:8808
141.98.6.105:5010
144.126.149.221:8888
146.59.161.10:8808
147.189.174.239:6666
149.202.0.249:8808
149.56.79.3:4007
154.12.252.41:4449
154.213.18.103:6000
154.213.18.70:6000
154.213.18.70:8808
154.213.18.84:8808
158.69.131.146:222
158.69.131.146:2222
166.88.209.145:1337
172.245.23.178:7777
179.13.0.238:4203
185.104.195.215:1981
185.104.195.215:2000
185.106.92.84:4449
185.17.3.72:7707
185.222.58.44:4040
185.225.74.254:6606
185.225.74.254:8808
185.24.55.37:8808
185.241.208.104:5555
185.241.208.142:6666
185.241.208.99:2222
185.241.208.99:6666
191.101.130.205:6606
191.101.130.205:7707
191.101.130.205:8808
191.89.243.236:5757
192.119.108.75:8713
192.119.108.76:8713
192.159.99.5:1010
192.159.99.5:2020
193.149.185.150:7707
193.23.3.123:6666
193.233.133.58:5631
193.26.115.74:888
194.213.3.18:6666
194.31.87.133:8808
194.32.149.80:8808
194.59.31.39:2025
194.87.151.87:8808
194.9.6.69:8808
2.58.56.143:222
2.58.56.143:2222
2.58.56.143:5555
20.150.193.28:4449
20.200.63.2:2727
207.32.218.20:8008
209.145.56.0:4017
209.25.140.212:34507
209.25.140.212:8848
209.25.141.180:6498
23.101.143.72:6666
23.101.143.72:7777
23.101.143.72:8888
23.229.67.133:5808
3.88.20.74:1111
45.12.253.107:6606
45.12.253.107:7707
45.12.253.107:8808
45.125.48.112:6606
45.125.48.112:7707
45.125.48.112:8808
45.136.6.79:6606
45.136.6.79:7707
45.136.6.79:8808
45.138.16.108:6606
45.138.16.108:7707
45.138.16.108:8808
45.138.16.145:2222
45.138.16.145:4444
45.138.16.145:6666
45.138.16.213:1194
45.138.16.235:6666
45.138.16.235:7777
45.141.215.109:6606
45.141.215.109:7707
45.141.215.109:8808
45.141.215.121:4444
45.141.215.121:6666
45.147.45.253:30303
45.154.98.201:6666
45.80.158.116:6666
5.161.192.28:6606
5.161.192.28:7707
5.161.192.28:8808
5.196.35.57:6606
5.196.35.57:7707
5.196.35.57:8808
5.224.222.63:4002
5.224.222.63:5001
5.224.222.63:5003
5.252.165.130:8808
51.142.112.141:113
51.75.52.3:2020
51.81.24.93:8088
52.28.112.211:19945
66.94.105.222:8808
68.219.184.180:3131
69.172.233.16:6666
69.172.233.44:6666
70.36.111.185:8888
77.73.131.83:8080
78.161.80.191:8808
78.47.172.152:5555
81.171.25.97:113
82.159.146.144:5000
84.54.50.31:8877
85.217.144.78:8808
87.121.221.53:6606
87.121.221.53:7707
87.121.221.53:8808
89.23.96.181:7777
91.109.176.4:8808
91.109.178.10:8808
91.109.182.6:6606
91.109.182.6:8808
94.142.138.19:443
windows10-11.ddns.net
windows10-11.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/167ed73a98ed7c3ff1ff221117f497c8fb6fa98ee0c1160a567415ad6d39195a/detection

18.197.239.109:12694
18.197.239.109:66086
18.197.239.109:7707
18.197.239.109:8808
3.69.157.220:12694
3.69.157.220:6606
3.69.157.220:7707
3.69.157.220:8808

# Reference: https://www.virustotal.com/gui/file/1a4f3da692806a57a243e8d165a183019c0a0126e8c6f0aade81979679ab3d94/detection

181.52.111.53:3028
sept24stri.con-ip.com

# Reference: https://www.trellix.com/en-us/about/newsroom/stories/research/beyond-file-search-a-novel-method.html

111.90.150.186:6606
111.90.150.186:7707
111.90.150.186:8753
111.90.150.186:8808
111.90.150.186:9907
79.110.49.162:6606
79.110.49.162:7707
79.110.49.162:8753
79.110.49.162:8808
79.110.49.162:8977
79.110.49.162:9907

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-29)

142.202.240.126:6666
147.50.253.108:5505
147.50.253.108:6606
147.50.253.108:7707
147.50.253.108:8808
172.94.105.98:2000
185.246.222.170:1616
192.121.247.21:2000
20.124.90.72:5002
20.200.63.2:3232
92.178.8.159:8848
onadeatcamside.sytes.net
ronadeatcamside.sytes.net

# Reference: https://www.virustotal.com/gui/file/6c16c890ebece47d2e9c9160c366e632fc7577ac766ae32ef640070481ab8c3e/detection

157.90.51.195:58001

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-07-31)

147.185.221.16:10735
206.53.55.8:6606
206.53.55.8:7707
206.53.55.8:8808
213.238.177.40:8848
61.136.166.128:8848
91.109.176.13:6606
91.109.176.13:7707
91.109.176.13:8808

# Reference: https://app.any.run/tasks/6dc0de33-d560-47a1-9e99-8b678a549174/

185.81.114.175:6606
185.81.114.175:7707
185.81.114.175:8808

# Reference: https://www.virustotal.com/gui/file/c3329f80f820ce5f4740cff9a03ebfb1a417f49cd81a6fac7f1174f8b9e65dc1/detection

208.67.107.168:9090

# Reference: https://www.virustotal.com/gui/file/a01b92a477bdf998362cd7ec70b0aa1a8fdc1cdbb2350ef47c5f17abcd422066/detection

208.67.107.168:9055

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-08-02)

185.180.230.132:1488
plazzasecretballeronline.onedumb.com

# Reference: https://www.virustotal.com/gui/file/8627f2595a4e2b9b3e78fd956771b037772ce92c49ebc06fd0b53c247f9513bf/detection

201.185.208.130:7580

# Reference: https://www.virustotal.com/gui/file/cf85e1acf51f48393b1ebeb6cc99d5987a84c0d6536f39c264e1bd3d60c21db4/detection

162.194.106.79:8848
noxbot.ddns.net

# Reference: https://threatfox.abuse.ch/ioc/1148970/
# Reference: https://www.virustotal.com/gui/file/763d970f36c8f7d30a356690884f8db111379153bafa55607b6f41bdb12fc01d/detection
# Reference: https://www.virustotal.com/gui/file/fe145c31edc5e0541a4e5857b1c8a54bfae66d78a76937469e0d1a37a0739073/detection

51.75.41.118:6606
51.75.41.118:7707
51.75.41.118:8808
3llah23.run.place
3llah.vpndns.net

# Reference: https://threatfox.abuse.ch/ioc/1149069/

45.74.0.212:2000

# Reference: https://www.virustotal.com/gui/file/398bf921701c72139dfa6d11b2eb41810170eaf847cc73f16ff00c8f86d6d30a/detection

46.246.12.26:2106
46.246.84.5:2106

# Reference: https://www.virustotal.com/gui/file/e6d3b5e5e32627fd5ebfe02729366a88a0af661ac60cf50e5acba8a575908732/detection

46.246.14.15:5050

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-08-10)

77.232.132.25:5001
91.109.178.2:1018

# Reference: https://www.virustotal.com/gui/file/dc86ebc16af410e160c279988a5aebe2dd492d932100e83aeef785fee2ef201a/detection

104.220.158.189:7788

# Reference: https://www.virustotal.com/gui/file/978acff20319adccc0f9f6b576a421387b4085496a535c6676f4f1258d718a71/detection

104.220.158.189:7771

# Reference: https://www.virustotal.com/gui/ip-address/81.171.25.97/relations
# Reference: https://www.virustotal.com/gui/file/73b3658f98fbf321844980d67ca63ca1c7d1b16ae50f112da68858b4924ac3d2/detection
# Reference: https://www.virustotal.com/gui/file/0cc0e3fe599b7bd362dd160efafaefd26c692934682cc13e12575c05aa028a99/detection
# Reference: https://www.virustotal.com/gui/file/f041884345406408839d2289106f09cd0f002fffd5a66bb2e34a141457bc7e82/detection

81.171.25.97:114
81.171.25.97:6606
81.171.25.97:7707
81.171.25.97:8808
new22.vpndns.net
windowsignn.theworkpc.com

# Reference: https://www.virustotal.com/gui/file/61be8cdec38d60d5a8a64fd0f891656f0410825d7c1181d7f40eb6aaf56d3521/detection

177.255.88.161:7575
2riandcra.duckdns.org

# Reference: https://www.virustotal.com/gui/file/fd87155ae16286e44eb0068f8ea18a735bc8b8a1fbefc60f70b7a5a14538677b/detection

185.106.94.122:4449

# Reference: https://www.virustotal.com/gui/file/3e5129342dbb24524cf03acc4830c429e57ed7d54c0bfe996675c35680378326/detection

51.254.49.49:5005
augustsimillarity5045norep.ooguy.com

# Reference: https://www.virustotal.com/gui/file/c69860ee4b8d0f24138de42421cd4123ef15e3618b08faa5becf9b52c69fc8e4/detection

41.98.125.239:1000

# Reference: https://threatfox.abuse.ch/ioc/1149939/

185.225.75.5:3450

# Reference: https://threatfox.abuse.ch/ioc/1150150/

20.200.63.2:3636

# Reference: https://www.virustotal.com/gui/file/04f21858d3b9bf77deda4fb7f68682cc3958b4ce07ff15be06272978dda62cd0/detection

94.156.102.141:1188
94.156.102.141:7575
freighteighttwocam.ddns.net
freighteightonecam.sytes.net

# Reference: https://twitter.com/r3dbU7z/status/1692693944713326673
# Reference: https://www.virustotal.com/gui/file/63a7fd8b6ff6ffbcd258d9809d672a7c14eb111da7b99995ad43441c7164ca03/detection
# Reference: https://www.virustotal.com/gui/file/3d9240c729af948921184ce965f54cf1d3841d81465ed06f537e4ef838a01643/detection

206.53.55.190:1717
206.53.55.190:1990
206.53.55.190:1991
206.53.55.190:1992
206.53.55.190:1993
206.53.55.190:1996
206.53.55.190:1997
206.53.55.190:1998
206.53.55.190:6161
206.53.55.190:6606
206.53.55.190:7171
206.53.55.190:7707
206.53.55.190:8808
psmohmedhatx21.teaches-yoga.com
xp3host.dynalias.com
xp4flash.selfip.biz

# Reference: https://www.virustotal.com/gui/file/7fb648fac5909411544f76c0444f0e2f285c1a965030661f573264818b2f8e8f/detection

103.145.13.69:9889

# Reference: https://irfan-eternal.github.io/analysing-.net-asyncrat-using-dnspy/
# Reference: https://www.virustotal.com/gui/file/8da2ee52332138905d6c21a8c2fd16c1ccb16aa057b64df7e66f2bd38664e86f/detection

185.252.178.121:6606
185.252.178.121:7707
josemonila.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/3cc1baf7b47138253df8ee572d99ab99a8d597cd8f72a9e2a5de264ba480933d/detection

181.52.102.110:6606
181.52.102.110:7707
181.52.102.110:8808
asynrat2023.duckdns.org

# Reference: https://twitter.com/pmelson/status/1693342246563627400
# Reference: https://pastebin.com/BThmj07d

45.14.165.113:6606
45.14.165.113:7707
45.14.165.113:8808

# Reference: https://www.virustotal.com/gui/file/002f60e1c62d85643e17295edef3ba55f4f5c9487d76d9df279cf69ab3e9cd86/detection

37.3.242.75:4449
myhosas.ddns.net

# Reference: https://twitter.com/suyog41/status/1693917329372102953

enesoftware.top

# Reference: https://decoded.avast.io/martinchlumecky/hotrat-the-risks-of-illegal-software-downloads-and-hidden-autohotkey-script-within/
# Reference: https://otx.alienvault.com/pulse/64be7858d74c880dfcfe7615
# Reference: https://www.virustotal.com/gui/file/0b32aa65d2e322aa176f313791444b5dc313bddab13ec31dd7bcd278ee07e7bc/detection
# Reference: https://www.virustotal.com/gui/file/9a294dbc6efbe24b7da955c62a7f12b6f142a41b10b9e168788e4b4e23ea3a4a/detection
# Reference: https://www.virustotal.com/gui/file/73bd4c7a86d191c46a14cc37e901529de17df2705b6d7cbfd832d051cd72053c/detection
# Reference: https://www.virustotal.com/gui/file/46f81e5fcd1cdd8b4dc3079f615bddbd1d75f1540e29b79201c7b284965b367f/detection
# Reference: https://www.virustotal.com/gui/file/43e8b2afe0a807842cb12ec6b5b67f0d25c1031c0398c3e394df128958896e9e/detection
# Reference: https://www.virustotal.com/gui/file/d6722a29d0c7f579f7c2190928090194fd9d02d6dbc605a29da6a52e43428efc/detection
# Reference: https://www.virustotal.com/gui/file/288af01303abb4d064c4217d425c25d0b21388a3262dae56742891dbfaadfc45/detection
# Reference: https://www.virustotal.com/gui/file/1f6d0c9cf3c2f6a006bb9bc518f700748c1ac9b56615e12c60009175359830a8/detection
# Reference: https://www.virustotal.com/gui/file/b9965723a0480239544ec3990132ff2db7dfe18787122a3d0e91a282becb99eb/detection
# Reference: https://www.virustotal.com/gui/file/8c1ca084dc5a5ff7d8488267ea077911718d43e369449afe346e8b631ba2a542/detection
# Reference: https://www.virustotal.com/gui/file/198e2c9faec77fb6efcee8dbd2e910ab96e0aa8e080d7a43cd3b399c0fba6418/detection

108.143.240.80:771
13.80.133.110:70
185.205.209.206:1114
185.205.209.206:2012
20.218.135.231:306
209.145.56.0:2012
45.138.16.87:1113
78.181.128.17:4014
85.102.222.140:4015
88.229.26.95:4015
88.232.117.185:4015
88.249.141.131:55
88.252.196.9:91
51-83-136-132.xyz
s1-filecr.xyz
dynsys.is-a-guru.com
fon1.sells-it.net
foxn1.sells-it.net
rec.casacam.net
samaerx.ddnsfree.com
srxy123.is-a-geek.com
websites.theworkpc.com

# Reference: https://www.virustotal.com/gui/file/ed7156a259cecc750c121faed21545185d9436de677556ef9e271e519073fb34/detection

78.170.251.123:6606
78.170.251.123:8808
81.214.76.150:6606
81.214.76.150:7707
81.214.76.150:8808

# Reference: https://www.virustotal.com/gui/file/817f9928ccca9886ff23d9c68894c6d510da21bf238f9955a909d7b9e4054a61/detection

78.161.80.94:4017
live.publicvm.com

# Reference: https://www.virustotal.com/gui/file/7d5b09c3ff843a1196ce62f5d8b5c9d52b6c83b3bfff3e6d18534586ddb5010f/detection

78.169.11.161:6606
78.169.11.161:7707
78.169.11.161:8808

# Reference: https://www.virustotal.com/gui/file/390fa96690573ffd2037a1d21bc066f5c6ca16b67448cf677b92f09c0dd862d5/detection

45.138.16.48:66
assdwdssa.sells-it.net
dsdwdwnsd.sells-it.net
sotso.homedns.org

# Reference: https://www.virustotal.com/gui/file/fb9c17a01cf868d55c0368d7d099f4509bed812409eeb5abf7200f1ab5817c32/detection

78.161.80.94:4018
88.237.201.81:4018
live.sells-it.net

# Reference: https://twitter.com/ScumBots/status/1694109037594366260
# Reference: https://www.virustotal.com/gui/file/0467d797db1facd534f6d1e0093dbfc95de214e09bb180eb3d18ed24c474163d/detection

141.98.6.105:5010
141.98.6.105:6606
141.98.6.105:7707
141.98.6.105:8808
r0nj.ooguy.com

# Reference: https://threatfox.abuse.ch/ioc/1151706/

194.169.175.43:1339

# Reference: https://www.virustotal.com/gui/file/c60bcda1d38ac7b02ee20d89378b2c6bac63e1866aa4bc5fd218edbbad8c8066/detection

93.115.35.130:4418

# Reference: https://www.virustotal.com/gui/file/4b6ffa81db06ef905a14b9483472f506e642d9be730c7926b32b1aab98a8aedd/detection

91.92.120.18:4441

# Reference: https://threatfox.abuse.ch/ioc/1152320/

85.239.241.136:1338

# Reference: https://threatfox.abuse.ch/ioc/1152406/

138.197.66.62:22256

# Reference: https://threatfox.abuse.ch/ioc/1152460/

213.3.43.23:58640

# Reference: https://www.virustotal.com/gui/file/0829db1ff9d39045943c0774e8d059593c4aada1527d34fa21889504fea3e153/detection

172.94.104.195:2000
78.101.189.42:2000
donzola.duckdns.org

# Reference: https://threatfox.abuse.ch/ioc/1152519/

95.173.247.110:8810

# Reference: https://www.virustotal.com/gui/file/0106b0d302d02505f7681a44f5390357e98d9d040a833b899cb74eee07303fe5/detection

95.173.247.110:8806

# Reference: https://www.virustotal.com/gui/file/352c232d90178707026177ddb1d09a36149f4167ae50323ac8d29ddd5dafdb03/detection

95.173.247.110:8807

# Reference: https://www.virustotal.com/gui/file/146a834437e2f564d98221dbf31b65fb7c8202439efffe188b92299983197391/detection
# Reference: https://www.virustotal.com/gui/file/c868403af8ea5fcad690924167f28c1dc2aa8e1dd342d2ff14d3289f8870fb0b/detection

193.43.104.22:3232

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-08-31)

138.197.66.62:22596
147.185.221.16:30170
181.131.219.51:2727
38.6.189.150:8848
4.212.242.253:8848
80.66.79.27:4404

# Reference: https://www.virustotal.com/gui/file/28ffb4d5d61e7b2e35372c8b2a434c2d66825b1431ca1c2caf523584426dfc97/detection

43.159.134.109:6606
43.159.134.109:7707
43.159.134.109:8808

# Reference: https://www.virustotal.com/gui/file/dfc4a0222fb2f69e65438196a7935f86c6e42e3005c136930506a37542f6a0f9/detection

43.133.48.66:6606
43.133.48.66:7707
43.133.48.66:8808

# Reference: https://www.virustotal.com/gui/file/2293710fbf66e120d90e03f95a38b966da05d33ee0a1df2f14500e4811085494/detection

45.13.199.216:6606
45.13.199.216:7707
45.13.199.216:8808

# Reference: https://www.virustotal.com/gui/file/2a852589c52954a54a1e658a114fb19e936443aaa85b4fed48b3c64ff1162b81/detection

45.128.221.39:6606
45.128.221.39:7707
45.128.221.39:8808

# Reference: https://www.virustotal.com/gui/file/1ad2936e4d510633259697d0e7d692131c88de79716228963b39eb128a0dd301/detection

193.42.24.214:6606
193.42.24.214:7707
193.42.24.214:8808
193.42.24.214:8809

# Reference: https://www.virustotal.com/gui/file/641926faa61b285dc56392e849301861e5f786a3e45a7373dd334f34aa65d40d/detection

65.108.24.87:6606
65.108.24.87:7707
65.108.24.87:8808

# Reference: https://www.virustotal.com/gui/file/787f1dcd58cff8afb05bea4917395c330f5c4b5b129bee31009c824d9eac4cdf/detection
# Reference: https://www.virustotal.com/gui/file/07442f6c22ad2b6a0d4f4c342c3e2a9095941147462b2722e2cb95c3ad77221f/detection

45.92.1.24:5001
febrawryman80noistry10.kozow.com

# Reference: https://www.virustotal.com/gui/file/c923878c9c57da5f62d876f98adb44b7dcb289a9f745ac5ce97b7ac31815b487/detection

172.94.40.145:8004
16agostok.duckdns.org

# Reference: https://www.virustotal.com/gui/file/964555913ef321b88a1e52594f8438820230e704dd06f14768fafa9285038af9/detection

51.254.49.49:222
51.254.49.49:9191

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-09-04)

146.59.161.10:6606
146.59.161.10:7707
146.59.161.10:8808
147.124.209.80:222
15.204.170.1:6606
15.204.170.1:7707
15.204.170.1:8808
158.69.131.146:6606
158.69.131.146:7707
158.69.131.146:8808
185.252.179.66:6906
198.244.251.250:222
23.254.227.121:222
45.138.16.217:222
45.138.16.89:222
5.196.35.57:6606
5.196.35.57:7707
5.196.35.57:8808
51.161.105.119:6606
51.161.105.119:7707
51.161.105.119:8808
51.195.145.78:6606
51.195.145.78:7707
51.195.145.78:8808
51.195.251.7:6606
51.195.251.7:7707
51.195.251.7:8808
51.195.251.9:222
51.222.69.3:222
51.81.7.207:222
51.89.204.67:6606
51.89.204.67:7707
51.89.204.67:8808
51.89.207.166:6606
51.89.207.166:7707
51.89.207.166:8808
74.208.105.80:222
89.23.101.212:3232
95.214.25.236:4404

# Reference: https://www.virustotal.com/gui/file/1da13a6219c242b5216483316f8d98e64ef55cc44deb3b7023ed9ea3a1aa00ee/detection

218.89.171.135:23647
218.89.171.135:4139
218.89.171.135:6606
218.89.171.135:7707
218.89.171.135:8808

# Reference: https://gi7w0rm.medium.com/uncovering-ddgroup-a-long-time-threat-actor-d3b3020625a4

192.155.91.72:5000

# Reference: https://www.virustotal.com/gui/file/ee666f67a09821bcfb7c7a19bf9fe04be8c0359884aa9b32bc887c9c26a4e579/detection

179.13.2.154:7000
nuevamenteeste.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d391692283a5dee65d00f4e3163e736da942ad2562136094da8613ac106fd5f0/detection

193.203.238.54:7777
mr1robot11.ddns.net

# Reference: https://www.virustotal.com/gui/ip-address/177.255.88.161/relations
# Reference: https://www.virustotal.com/gui/file/e04cc364b53b6af7b8fe20a186f330dc67173f5d5e9b3ec9929f82092c72302f/detection

177.255.88.161:8525
informesespeciales123.duckdns.org
mistersjsas1.duckdns.org
newemprender.freeddns.org
newpouelsen1.duckdns.org
newzamrecarga.duckdns.org
polusennew1.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-09-09)

194.180.48.53:6606
194.180.48.53:7707
194.180.48.53:8808

# Reference: https://github.com/Gi7w0rm/MalwareConfigLists/blob/main/AsyncRAT/asyncrat_found_c2s_2020_to_2023.txt

http://124.182.146.41
http://181.162.213.36
http://20.86.129.162
http://212.125.28.114
http://88.138.252.119
1.117.82.177:6689
1.117.82.177:8848
1.14.103.49:8848
101.33.208.151:6606
101.33.208.151:7707
101.33.208.151:8808
101.42.20.213:4449
101.43.254.90:8848
103.108.66.222:2023
103.108.66.222:2818
103.108.66.222:4449
103.108.66.225:2023
103.127.236.137:8848
103.138.108.71:1070
103.138.108.71:1137
103.138.108.71:2018
103.142.218.222:63979
103.147.184.53:1991
103.147.184.73:7920
103.147.185.192:7829
103.147.185.192:7840
103.147.185.192:7841
103.148.186.105:8848
103.149.13.196:8621
103.149.201.155:8925
103.149.201.162:2023
103.149.201.212:2023
103.149.201.212:20811
103.149.201.212:4449
103.149.201.212:8910
103.151.123.2:8621
103.153.79.210:8621
103.156.91.96:8621
103.167.90.172:06275
103.20.221.33:3232
103.231.254.62:8848
103.233.253.101:8921
103.233.253.118:8920
103.235.175.244:4448
103.235.175.244:4449
103.239.244.27:8848
103.254.108.50:1688
103.39.109.48:4449
103.39.109.63:4449
103.42.30.227:2023
103.42.30.227:8908
103.42.31.140:2023
103.42.31.140:2082
103.88.35.24:14449
104.129.26.162:7707
104.129.26.162:8809
104.152.188.104:1986
104.152.188.104:6606
104.152.188.104:7707
104.152.188.104:8808
104.194.156.4:3232
104.206.98.246:11903
104.223.106.133:3480
104.223.106.133:7700
104.223.106.133:7780
104.223.106.133:9800
104.233.228.116:8848
104.3.77.123:25566
104.37.174.26:1465
105.103.106.56:4449
107.148.13.135:1981
107.148.8.176:8848
107.150.4.162:4449
107.175.178.6:7277
107.182.237.15:55736
107.213.221.23:4449
109.120.188.95:8848
109.195.94.247:4782
109.248.200.191:6627
110.238.105.105:8848
111.67.201.24:8848
111.92.241.239:2023
112.150.137.53:6606
112.150.137.53:666
112.150.137.53:7707
112.150.137.53:8808
112.213.110.66:8848
114.132.125.213:8848
114.134.188.218:2023
118.195.199.246:8848
120.78.151.171:6658
121.45.37.175:6606
123.215.61.198:2020
123.215.61.198:6060
123.215.61.198:8080
124.248.229.210:8848
129.151.83.165:7177
13.233.168.154:8686
13.233.168.154:8687
13.36.178.139:4784
13.68.249.188:1881
13.72.107.36:7707
13.72.68.255:7707
13.77.164.68:7707
13.77.222.211:6650
13.77.222.211:6890
13.77.222.211:7829
13.77.222.211:9034
13.81.84.141:7788
134.122.167.65:8848
134.195.91.47:5555
135.181.53.40:4444
136.144.41.186:8848
136.144.41.24:3091
136.144.41.252:6606
136.144.41.252:7707
136.144.41.252:8808
136.144.41.83:4102
136.175.8.117:6606
136.175.8.117:7707
136.175.8.117:8808
136.243.191.199:18
136.243.191.199:4784
136.243.191.199:59
136.243.191.199:5900
136.244.94.164:3132
137.117.100.173:443
138.201.2.2:2002
139.28.235.223:6606
139.28.235.223:7707
139.28.235.223:8808
139.28.5.19:6606
139.28.5.19:7707
139.28.5.19:8808
139.99.73.120:34567
14.17.115.109:12356
14.17.115.109:22222
14.17.115.109:55555
14.17.115.109:8848
141.95.84.40:3020
141.95.84.40:3040
141.95.84.40:5055
141.95.84.40:555
141.95.84.40:911
141.95.84.40:912
141.98.11.72:4449
141.98.252.169:58750
142.11.209.177:6606
142.11.209.177:6821
142.11.209.177:7707
142.11.209.177:8808
142.4.200.50:6606
142.4.200.50:7707
142.4.200.50:8808
144.202.75.107:6606
144.202.75.107:7707
144.202.75.107:8808
144.217.68.78:3010
144.48.222.103:8848
147.124.208.212:6606
147.124.208.212:7707
147.124.208.212:8808
147.124.214.14:6606
147.124.214.14:7707
147.124.214.14:8808
147.185.221.161:15753
147.185.221.161:4449
147.185.221.16:11623
147.185.221.16:15753
147.185.221.16:41950
147.185.221.16:4429
147.185.221.16:4449
147.185.221.16:5050
147.185.221.180:8840
147.185.221.181:1024
147.185.221.181:16409
147.185.221.181:2044
147.185.221.181:53898
147.185.221.181:8848
147.185.221.212:46856
147.185.221.212:52456
147.185.221.223:5050
147.185.221.223:64895
147.189.171.186:1337
148.163.80.217:8542
149.104.148.244:8848
149.28.173.200:4784
15.235.10.108:8848
15.235.130.74:6606
15.235.130.74:7707
15.235.130.74:8808
151.248.122.243:6666
154.12.86.189:2023
154.12.87.239:2023
154.12.90.13:8922
154.12.90.2:2023
154.12.90.31:2023
154.12.90.49:8903
154.127.53.193:40404
154.127.53.26:1040
154.221.24.181:8848
154.23.176.93:4449
154.40.36.190:6606
154.47.25.194:1987
154.61.75.84:4444
154.61.75.84:5060
154.61.75.84:6659
154.61.75.84:8848
154.91.227.35:8848
155.94.129.4:4449
156.254.127.78:1443
157.230.255.179:5555
157.230.255.179:6606
157.230.255.179:7707
157.230.255.179:8808
162.14.197.20:8848
162.246.187.245:6128
162.246.187.245:6606
162.246.187.245:7707
162.246.187.245:8808
163.123.143.164:4747
164.155.129.86:4449
165.227.168.205:6606
167.71.56.116:22011
168.62.160.75:1604
168.62.160.75:222
170.39.185.242:6606
170.39.185.242:6821
170.39.185.242:7707
170.39.185.242:8808
172.0.0.1:8908
172.111.200.225:2768
172.111.252.131:9090
172.241.29.21:1608
172.241.29.21:3389
172.241.29.21:6606
172.241.29.21:8808
172.245.244.102:1809
172.93.163.101:6606
172.93.163.101:7707
172.93.163.101:8808
172.93.181.21:8848
172.93.222.169:6606
172.93.222.169:7707
172.93.222.169:8808
172.94.109.17:2703
172.94.109.17:46422
172.94.109.17:49746
172.94.109.17:6578
172.94.14.239:6606
172.94.47.80:4411
173.234.155.108:6666
173.243.112.143:6606
173.243.112.143:7707
173.243.112.143:8808
173.31.169.124:82
176.98.41.115:1938
176.98.41.49:6606
176.98.41.49:7707
176.98.41.49:8808
178.20.230.68:1604
178.208.94.113:4404
178.209.51.192:6663
178.211.139.47:4449
178.33.222.241:46943
178.33.222.243:2703
178.33.222.243:46943
178.33.222.243:49703
178.33.222.243:49746
179.43.139.10:4449
179.43.140.175:1678
179.43.140.208:6606
179.43.140.208:7707
179.43.140.208:8808
18.133.124.202:4784
18.156.13.209:10944
18.156.13.209:16608
18.156.13.209:4824
18.156.13.209:5403
18.157.68.73:16608
18.157.68.73:5403
18.158.249.75:12395
18.158.249.75:4824
18.192.93.86:15165
18.192.93.86:16608
18.192.93.86:4824
18.192.93.86:5403
18.197.239.109:16321
18.197.239.109:4824
18.197.239.5:16608
18.197.239.5:5403
18.212.29.200:4449
18.222.208.120:1938
18.222.33.57:7017
18.223.28.97:4784
180.214.239.36:6090
181.129.12.44:7777
181.162.213.36:4449
184.75.221.59:56390
184.90.251.249:7707
185.106.94.165:4449
185.112.146.237:8080
185.112.83.111:1338
185.128.25.29:6606
185.128.25.29:7707
185.128.25.29:8808
185.136.169.109:3480
185.136.169.109:6606
185.136.169.109:7707
185.136.169.109:8808
185.136.169.163:3480
185.136.169.163:6606
185.136.169.163:7707
185.136.169.163:8808
185.136.169.24:6606
185.136.169.24:7707
185.136.169.24:8808
185.140.53.133:2435
185.140.53.143:7707
185.140.53.162:8877
185.140.53.167:1515
185.140.53.192:1515
185.140.53.194:1002
185.140.53.213:6606
185.140.53.213:7707
185.140.53.227:6606
185.140.53.227:7707
185.140.53.227:8808
185.140.53.253:10001
185.140.53.41:5288
185.140.53.47:2424
185.140.53.67:10001
185.140.53.71:5622
185.140.53.7:6606
185.140.53.7:7707
185.140.53.7:8808
185.140.53.7:9090
185.140.53.8:6060
185.150.24.5:9171
185.157.160.136:1973
185.157.160.147:1973
185.157.161.205:1973
185.16.39.143:8848
185.165.153.116:46943
185.165.153.209:1990
185.165.153.215:6606
185.165.153.249:4371
185.165.153.249:4571
185.165.153.251:5050
185.165.153.251:6606
185.165.153.251:7707
185.165.153.251:8808
185.165.153.43:5007
185.172.111.229:27015
185.183.33.129:4449
185.183.35.122:4444
185.189.151.142:1122
185.189.151.142:5200
185.19.85.136:6060
185.19.85.143:9688
185.19.85.149:4898
185.19.85.149:6606
185.19.85.149:7707
185.19.85.149:8808
185.19.85.171:6606
185.19.85.177:54925
185.19.85.177:9961
185.19.85.179:6606
185.191.231.252:54984
185.195.79.212:5656
185.213.26.169:3389
185.214.10.196:6606
185.214.10.196:7707
185.214.10.196:8808
185.219.221.55:6606
185.219.221.55:7707
185.219.221.55:8808
185.22.154.160:33080
185.222.57.171:3678
185.222.57.203:7707
185.222.57.203:8808
185.222.57.233:2059
185.222.58.151:59668
185.222.58.151:59790
185.222.58.154:45216
185.222.58.154:51390
185.223.28.241:444
185.223.28.241:6606
185.223.28.241:7707
185.223.28.241:8808
185.239.242.166:5536
185.239.242.74:23500
185.241.208.97:5505
185.244.26.198:2021
185.244.26.234:4675
185.244.30.112:222
185.244.30.112:6606
185.244.30.121:7882
185.244.30.253:5050
185.244.30.253:6606
185.244.30.253:7707
185.244.30.253:8808
185.244.30.92:46943
185.246.222.249:4444
185.250.204.245:6606
185.250.204.245:7707
185.250.204.245:8808
185.33.234.204:4784
185.33.234.71:1337
185.33.234.96:2306
185.65.134.165:55160
185.65.134.165:55498
185.70.187.145:5555
185.81.157.117:9905
185.81.157.154:2424
185.81.157.169:2023
185.81.157.19:3312
185.81.157.19:6666
185.81.157.209:2312
185.81.157.46:1020
185.81.157.7:5523
185.92.74.18:3391
188.215.229.22:8900
188.215.229.44:7900
188.32.117.137:4200
188.72.112.72:1443
190.247.124.60:6821
191.101.193.202:6606
191.101.193.202:7707
191.101.193.202:8808
191.234.193.127:4449
191.96.236.162:22745
191.96.236.162:8000
192.210.214.230:6606
192.253.237.23:8848
192.253.255.182:6606
192.253.255.182:7707
192.253.255.182:8808
193.142.146.204:6606
193.142.146.204:7707
193.142.146.204:8808
193.149.185.169:6606
193.149.185.169:7707
193.149.185.169:8808
193.161.193.99:1500
193.161.193.99:25627
193.161.193.99:29069
193.161.193.99:38787
193.161.193.99:43453
193.161.193.99:43741
193.161.193.99:56777
193.164.7.105:4784
193.233.233.154:7781
193.239.147.156:6606
193.239.147.156:7707
193.239.147.156:8808
193.239.147.169:6606
193.239.147.169:7707
193.239.147.169:8808
193.239.147.169:8888
193.239.147.231:6606
193.239.147.40:8808
193.27.13.52:58107
193.27.13.57:58107
193.32.232.64:7777
193.56.28.20:5200
193.56.28.20:6606
193.56.28.20:7707
193.56.28.20:8808
194.127.178.3:3578
194.127.178.3:6606
194.127.178.3:7707
194.127.178.3:8808
194.127.179.127:6666
194.127.179.131:6666
194.147.140.145:9346
194.147.140.145:9955
194.156.90.31:5004
194.156.98.161:6606
194.156.98.161:7707
194.156.98.161:8808
194.180.48.177:4449
194.233.169.93:1604
194.233.169.93:6606
194.233.169.93:8808
194.233.92.247:4449
194.26.192.154:4449
194.33.45.109:7777
194.33.45.109:8888
194.49.94.163:6606
194.49.94.227:4449
194.5.97.165:5454
194.5.97.165:6606
194.5.97.165:7707
194.5.97.177:10011
194.5.97.208:4563
194.5.97.212:1199
194.5.97.21:2675
194.5.97.54:4449
194.5.97.6:7006
194.5.97.84:6606
194.5.97.84:7707
194.5.97.85:6606
194.5.97.85:7707
194.5.97.85:8808
194.5.97.85:9909
194.5.98.120:1515
194.5.98.129:5554
194.5.98.16:1337
194.5.98.174:1515
194.5.98.17:4545
194.5.98.231:6606
194.5.98.231:7707
194.5.98.231:8808
194.5.98.32:8808
194.5.98.32:9909
194.5.98.46:7707
194.5.98.52:18187
194.5.98.52:6606
194.5.98.52:7707
194.5.98.52:8808
194.5.98.64:1515
194.5.98.81:2510
194.5.98.81:3434
194.5.98.81:6128
194.5.99.181:4533
194.62.157.177:6969
195.133.18.181:8878
195.140.213.93:5220
195.174.142.168:4784
195.174.209.145:481
195.174.29.189:81
195.174.29.189:86
195.178.120.137:4001
195.206.105.12:2050
195.78.54.247:15491
195.78.54.247:23092
195.78.54.247:8080
195.85.201.65:6106
195.85.205.219:4449
197.210.55.94:3650
197.210.55.94:6606
197.210.55.94:7707
197.210.55.94:8808
198.44.167.128:4449
198.44.168.227:2023
198.44.168.246:4449
198.44.186.222:4449
198.46.141.251:6606
198.46.141.251:7707
198.46.141.251:8808
198.46.177.119:3480
198.46.177.119:6606
198.46.177.119:7707
198.46.177.119:8808
2.56.59.219:5643
2.56.62.12:2013
2.58.149.98:5634
2.59.119.56:3132
20.106.79.151:8808
20.112.14.182:1337
20.115.143.128:3152
20.172.182.62:8080
20.188.60.159:1881
20.197.177.229:6821
20.199.112.16:3535
20.203.178.116:2070
20.224.56.152:6606
20.224.56.152:7707
20.224.56.152:8808
20.36.21.13:2070
20.52.138.14:1881
20.52.138.14:1911
20.52.139.127:6821
20.52.151.53:1604
20.52.178.148:444
20.52.178.148:6606
20.52.178.148:7707
20.52.178.148:8808
20.52.33.123:2222
20.68.110.75:7272
20.69.152.28:7707
20.84.181.62:11647
20.84.181.62:25565
20.84.181.62:4355
20.84.181.62:7293
20.86.129.162:5205
20.86.129.162:6606
20.86.129.162:7707
20.86.129.162:81
20.86.129.162:8808
20.86.129.162:9999
20.86.25.230:1605
20.98.113.24:1604
20.98.113.24:6606
20.98.113.24:7707
20.98.113.24:8808
20.98.203.218:8080
201.111.223.252:6700
201.111.223.252:6702
201.97.129.143:6700
202.55.133.118:5200
202.95.14.199:8848
203.159.80.216:6606
203.159.80.216:7707
203.159.80.216:8080
203.159.80.216:8808
203.159.80.52:5800
203.186.44.219:6606
203.186.44.219:7707
203.186.44.219:8080
203.186.44.219:8808
206.189.139.209:2022
207.32.216.106:6606
207.32.216.106:7707
207.32.216.106:8808
207.32.217.131:6666
207.32.218.231:1111
207.32.218.231:7777
207.32.218.231:8888
207.32.218.43:5555
207.32.218.43:6666
207.32.218.84:6666
207.32.219.26:6666
207.32.219.92:1111
209.127.186.228:6606
209.145.56.157:6606
209.145.56.157:7707
209.145.56.157:8808
209.205.141.181:39858
209.25.141.180:13917
209.25.141.180:28818
209.25.141.180:4449
209.25.141.180:7878
209.25.141.181:23778
209.25.141.181:28050
209.25.141.181:39858
209.25.141.181:8080
209.25.141.212:11647
209.25.141.212:25565
209.25.141.212:4355
209.25.141.212:7293
209.54.104.73:8558
211.47.109.200:6606
211.47.109.200:7707
211.47.109.200:8808
212.129.4.112:6606
212.129.4.112:7707
212.129.4.112:8808
212.192.246.207:3162
213.142.159.41:6606
213.142.159.41:7707
213.142.159.41:8808
213.152.186.24:16941
213.226.119.176:6606
213.226.119.226:1881
213.226.119.28:6606
213.226.119.28:7707
213.226.119.28:8808
213.238.166.43:8080
213.238.172.124:1604
213.238.172.95:6606
213.238.172.95:7707
213.238.172.95:8808
216.230.75.194:6606
216.230.75.194:7707
216.230.75.194:8808
216.230.75.62:1107
216.250.252.148:6606
216.250.252.148:7707
216.250.252.148:8808
217.146.88.139:5220
217.182.78.12:56623
217.182.78.12:7119
217.64.149.101:1973
217.64.149.183:1975
222.211.72.47:8848
23.105.131.169:7707
23.105.131.169:8808
23.105.131.201:7776
23.105.131.207:10001
23.105.131.212:4409
23.105.131.236:4409
23.106.223.244:6668
23.238.217.173:6606
23.238.217.173:7707
23.238.217.173:8808
23.254.161.249:4444
23.254.225.164:4449
23.92.209.138:6606
23.92.209.138:7707
23.92.209.138:8808
23.95.115.74:1148
23.95.115.74:1759
23.95.115.74:1985
23.95.44.214:3306
27.124.12.12:8848
27.124.4.139:8848
27.254.163.62:1337
27.254.163.62:3306
27.254.163.62:6606
27.254.163.62:7707
27.254.163.62:8808
3.124.67.191:13184
3.124.67.191:4824
3.126.37.18:16608
3.126.37.18:5403
3.127.138.57:16608
3.127.138.57:4503
3.127.138.57:5403
3.127.59.75:11670
3.127.59.75:4824
3.128.29.88:4892
3.131.190.22:21200
3.135.234.129:4784
3.67.161.133:16225
3.67.161.133:5403
3.69.157.220:10147
3.69.157.220:4824
31.150.163.112:6606
31.150.163.112:7707
31.150.163.112:8808
31.17.132.37:8808
31.210.20.167:6606
31.210.20.167:7707
31.210.20.167:8808
31.210.20.192:8808
31.210.20.79:3311
31.223.35.146:4449
31.41.244.235:8848
34.223.60.188:6606
34.91.242.34:5472
34.91.242.34:6606
34.91.242.34:7707
34.91.242.34:8808
35.177.119.94:1508
36.255.96.200:4190
37.0.11.45:1604
37.0.11.45:3162
37.0.11.45:448
37.0.11.45:9495
37.0.8.17:46422
37.0.8.17:6578
37.0.8.93:7050
37.120.208.36:46943
37.19.210.29:60371
37.75.98.113:6666
37.8.111.210:5552
38.132.124.138:7777
38.132.99.156:6606
38.132.99.156:7707
38.132.99.156:8808
38.46.13.242:5555
38.46.13.242:8848
38.55.205.246:8848
40.113.56.160:6606
40.113.56.160:7707
40.113.56.160:8808
40.122.131.23:24175
40.74.229.0:6606
40.74.229.0:7707
40.74.229.0:8808
40.90.168.244:7707
40.90.168.244:8808
40.90.168.244:9909
40.90.210.21:3054
42.192.139.42:8880
43.137.15.104:8848
43.138.142.86:8848
43.140.202.229:8848
43.142.15.215:25566
43.143.12.71:8848
43.143.249.228:8848
43.143.249.228:9723
43.152.225.81:8848
43.249.8.248:2023
43.249.8.250:2023
45.119.84.166:3303
45.119.84.166:4404
45.119.84.166:5505
45.12.253.146:6606
45.12.253.146:7707
45.12.253.146:8808
45.131.1.70:1604
45.132.1.226:4342
45.133.174.122:6606
45.133.174.122:8808
45.137.20.108:8848
45.137.22.115:14496
45.137.22.115:29746
45.137.22.70:24626
45.137.22.70:32204
45.137.22.70:36374
45.137.65.94:4449
45.139.202.202:6606
45.139.202.55:4784
45.14.185.127:4449
45.143.223.34:3218
45.144.225.194:2424
45.145.185.245:1234
45.145.22.128:9495
45.145.22.142:6606
45.15.143.183:1336
45.15.143.183:1337
45.15.143.183:1338
45.15.143.183:1339
45.15.143.183:1400
45.15.143.191:6606
45.15.143.191:7707
45.15.143.191:8808
45.15.143.199:6606
45.15.143.199:7707
45.15.143.199:8808
45.154.98.42:4449
45.204.126.250:8848
45.227.255.194:6606
45.227.255.194:6969
45.227.255.194:7707
45.227.255.194:8808
45.32.48.250:6606
45.32.48.250:7707
45.32.48.250:8808
45.32.99.249:6606
45.32.99.249:7707
45.32.99.249:8621
45.32.99.249:8808
45.63.42.221:6821
45.66.230.191:8083
45.74.4.244:6606
45.76.219.163:6606
45.76.219.163:7707
45.76.219.163:8808
45.76.50.199:6606
45.76.50.199:7707
45.76.50.199:8808
45.76.56.26:6606
45.76.56.26:7707
45.76.56.26:8808
45.77.101.153:6606
45.77.101.153:7707
45.77.101.153:8808
45.80.158.113:8080
45.80.158.113:8848
45.91.92.112:8345
45.95.168.110:6606
45.95.168.110:7707
45.95.168.110:8808
45.95.168.110:9909
45.95.168.116:1336
45.95.168.116:1400
45.95.168.166:6666
45.95.169.112:6606
45.95.169.112:7707
45.95.169.112:7760
45.95.169.112:8808
46.1.54.174:85
46.1.54.174:87
46.153.20.70:11451
46.153.20.70:4449
47.111.31.251:1999
47.242.89.34:8848
47.54.37.55:6606
47.54.37.55:6821
47.54.37.55:7707
47.54.37.55:8808
5.152.206.196:6050
5.180.104.172:8579
5.180.107.130:1234
5.180.107.130:4782
5.180.107.130:6606
5.180.107.130:7707
5.180.107.130:8808
5.196.102.93:6606
5.196.102.93:7707
5.196.102.93:8808
5.196.174.49:433
5.230.69.11:1148
5.230.69.11:1465
5.230.69.11:1560
5.230.69.11:1759
5.230.70.106:1148
5.230.70.106:1465
5.230.70.106:1560
5.230.70.106:1759
5.230.84.50:1560
5.230.84.50:1759
5.230.84.50:1985
50.27.35.75:6606
50.27.35.75:7707
50.27.35.75:8808
51.138.76.245:6821
51.140.15.13:1604
51.141.172.115:1604
51.141.178.162:7707
51.178.148.147:54877
51.178.8.228:1337
51.178.8.228:6606
51.178.8.228:7707
51.178.8.228:8808
51.195.37.2:8808
51.254.27.116:4449
51.75.191.89:6606
51.75.191.89:7707
51.75.191.89:8808
51.79.197.196:6606
51.79.197.196:7707
51.79.197.196:8808
51.81.191.248:1281
51.81.241.89:6606
51.81.241.89:7707
51.81.241.89:8808
51.89.204.5:6666
52.144.47.89:4782
52.144.47.89:6606
52.144.47.89:7707
52.144.47.89:8808
52.148.154.111:2070
52.170.189.162:6606
52.170.189.162:7707
52.170.189.162:8808
52.170.189.162:8888
52.177.173.249:1604
52.191.174.30:2222
52.233.66.100:7707
52.250.64.247:6606
52.42.85.68:6606
54.236.46.72:1604
54.237.250.208:5552
54.36.220.171:5050
54.36.220.171:7707
54.36.220.171:8808
54.37.160.138:6601
54.37.191.165:8808
54.37.36.116:46943
54.89.93.238:6669
58.221.46.155:8848
58.221.58.124:8848
6.6.54.46:6606
6.6.54.46:7707
6.6.54.46:8808
6.6.54.46:9482
61.139.65.135:61638
61.160.213.14:8848
62.122.170.171:11647
62.122.170.171:25565
62.122.170.171:4355
62.122.170.171:7293
62.234.35.139:30441
62.37.96.229:30120
65.109.196.96:8080
66.154.113.12:6606
66.154.113.12:7707
66.154.113.12:8808
66.168.88.41:4444
66.42.72.69:1337
66.63.162.20:6606
68.235.44.53:56571
68.58.248.242:6606
69.30.227.43:4449
70.125.175.238:6606
70.125.175.238:7707
70.125.175.238:8808
72.176.161.178:10
72.176.161.178:20
72.176.161.178:9
73.140.59.149:333
73.168.2.231:4449
74.119.194.180:0
74.119.194.180:4449
74.119.194.180:44490
74.119.195.9:4821
74.141.196.43:32370
74.141.196.43:4449
74.201.28.178:6606
74.201.28.178:7707
74.201.28.178:8808
74.208.157.153:8191
76.223.249.60:6606
76.223.249.60:7707
76.223.249.60:8808
77.204.204.154:6606
77.247.127.9:6666
77.68.4.186:1604
78.140.241.23:6666
79.134.225.115:43765
79.134.225.117:1515
79.134.225.124:1515
79.134.225.125:1515
79.134.225.17:2022
79.134.225.18:1515
79.134.225.19:7941
79.134.225.21:8657
79.134.225.22:6606
79.134.225.22:7707
79.134.225.22:7734
79.134.225.22:7890
79.134.225.22:8808
79.134.225.23:30493
79.134.225.23:6667
79.134.225.26:6606
79.134.225.26:7707
79.134.225.26:8808
79.134.225.32:6606
79.134.225.32:7707
79.134.225.32:8808
79.134.225.34:6606
79.134.225.34:7707
79.134.225.34:8808
79.134.225.35:1004
79.134.225.36:4044
79.134.225.36:7570
79.134.225.36:8409
79.134.225.44:7450
79.134.225.45:2233
79.134.225.47:8420
79.134.225.50:6460
79.134.225.52:4022
79.134.225.53:8765
79.134.225.59:1515
79.134.225.69:1313
79.134.225.75:2050
79.134.225.78:5007
79.134.225.82:54280
79.134.225.83:7707
79.134.225.85:1515
79.134.225.91:1973
79.134.225.92:46943
79.134.225.92:6606
79.134.225.92:7707
79.134.225.95:7779
79.134.225.99:4449
79.134.225.99:4576
79.134.225.9:3030
79.86.49.168:30120
79.86.49.168:6606
79.86.49.168:7707
79.86.49.168:8808
80.178.10.107:1604
80.232.93.176:1604
80.232.93.176:18467
80.232.93.176:4040
80.232.93.177:1604
80.232.93.177:18467
80.232.93.177:4040
80.253.247.232:1638
80.89.230.176:4449
81.163.246.9:5020
82.102.28.107:62727
82.147.85.168:3232
82.197.208.225:55498
82.2.147.149:54984
82.2.147.149:6606
82.2.147.149:7707
82.2.147.149:8808
82.202.167.226:2600
82.202.167.226:6606
83.193.10.199:7006
84.21.172.33:6606
84.21.172.33:7707
84.21.172.33:8808
84.27.151.14:7707
84.51.52.166:1000
84.51.52.166:1001
84.51.52.166:1002
85.187.94.142:1337
85.187.94.142:6606
85.187.94.142:7707
85.187.94.142:8808
85.192.40.255:4449
85.31.45.6:4444
86.38.230.179:5552
87.249.134.33:1337
87.4.136.146:2306
87.98.245.48:2703
87.98.245.48:46943
87.98.245.48:49703
88.119.174.117:444
88.121.6.16:1604
88.121.6.16:6606
88.121.6.16:7707
88.121.6.16:8808
88.138.252.119:1807
88.138.252.119:2525
88.198.101.59:6606
88.198.101.59:7707
88.198.101.59:8080
88.198.101.59:8808
88.198.101.62:6606
88.198.101.62:7707
88.198.101.62:8080
88.198.101.62:8808
88.248.18.120:7894
88.80.224.150:420
88.80.224.150:6606
88.80.224.150:7707
88.80.224.150:8808
89.117.21.143:6606
89.117.21.143:7707
89.117.21.143:8808
89.208.103.42:4545
89.212.152.239:6606
89.223.125.80:7655
89.23.101.38:5306
89.238.150.43:57095
89.252.176.182:6606
89.252.176.182:7707
89.252.176.182:8808
89.40.13.195:4908
90.100.176.56:5501
90.100.176.56:5502
90.100.176.56:5503
90.100.176.56:5504
90.100.176.56:5505
90.100.176.56:5506
90.100.176.56:5507
90.100.176.56:5508
90.100.176.56:5509
90.100.176.56:5510
90.100.176.56:5555
90.79.207.194:56623
90.79.207.194:7119
91.116.253.83:6606
91.116.253.83:7707
91.116.253.83:8808
91.134.150.150:4449
91.134.150.151:6606
91.134.187.25:4449
91.134.214.15:4449
91.151.88.146:4530
91.151.88.146:6606
91.151.88.146:7707
91.151.88.146:8808
91.192.100.61:2323
91.192.100.61:4449
91.193.75.122:6606
91.193.75.122:7707
91.193.75.122:8808
91.193.75.132:5529
91.193.75.132:7779
91.193.75.132:8848
91.193.75.132:9109
91.193.75.132:9909
91.193.75.182:8808
91.193.75.189:1604
91.193.75.189:6606
91.193.75.189:7707
91.193.75.189:8808
91.193.75.199:11011
91.193.75.202:11011
91.211.250.207:6606
91.211.250.207:7707
91.211.250.207:8808
91.92.109.70:5353
91.92.136.123:4449
92.205.184.19:1337
93.190.8.71:3131
93.82.44.26:4040
93.95.27.97:6606
93.95.27.97:7707
93.95.27.97:8808
94.156.6.224:6606
94.156.6.224:7707
94.156.6.224:8808
94.156.6.65:1337
94.177.245.135:9656
94.46.187.194:7707
95.179.128.208:8088
95.179.142.67:6606
95.179.142.67:6656
95.179.142.67:7707
95.179.142.67:8808
95.214.24.134:1911
95.214.24.134:1912
95.216.52.21:7575
95.216.52.21:8848
95.68.162.99:7777
95.93.127.180:2511
96.9.210.115:4449
96.9.226.19:7707
99.75.73.147:8808
001011000101100010110.duckdns.org
08099311.duckdns.org
100k0.ddns.net
100k5.ddns.net
123defsq.duckdns.org
147lanaway.duckdns.org
14deoctubre.duckdns.org
1pop.ddns.net
2021bestasync.mypets.ws
211.ip.ply.gg
223.ip.ply.gg
239jj.duckdns.org
23wsfd.duckdns.org
26deagosto.duckdns.org
3enbah0st.ddns.net
3gfdsfgsfgsdfg-37612.portmap.io
4-hitler.publicvm.com
4343night.ddns.net
4dod.ddns.net
4heba.camdvr.org
4pyramid.duckdns.org
72093721.duckdns.org
7593352b2g.imdo.co
7dediciembre.duckdns.org
8079048a.e2.luyouxia.net
83961200.duckdns.org
9221new.ddns.net
9dediciembreconlabendicion.duckdns.org
a.famsydev.top
aa9064aa.e1.luyouxia.net
aasdfqwe1234.duckdns.org
abdul666.duckdns.org
abhorrent-thrill.auto.playit.gg
acronispandora.ddns.net
actionsstartnow.duckdns.org
activo1235.duckdns.org
actualizaciondedatosgrupoaval.net
adan993e8.duckdns.org
adawdas-33789.portmap.io
addimq.duckdns.org
adgjmptw2.kro.kr
advanced-hat.at.playit.gg
adwa.ddns.net
afdsagareg.duckdns.org
ahmed21018.linkpc.net
ahmed210183.linkpc.net
aisviua77s.xyz
ak.3.amazing2021.net
aka2.ddns.net
aka3.ddns.net
akuasync.from-ca.com
alan7-50232.portmap.io
alddie7mg.ddns.net
alfalf.con-ip.com
alfmedallo.con-ip.com
aliali785.ddns.net
aliensoldier.duckdns.org
allah3131.duckdns.org
amarilopato12.duckdns.org
amazonservers.bit
amazonshipping.duckdns.org
amazonsoftware.onthewifi.com
ambiboss.ydns.eu
ancesucess.chickenkiller.com
andrearodrigues0913.duckdns.org
anhphux4-60615.portmap.host
anon345.ddns.net
anonymouse3805-58890.portmap.io
ansynmoney.duckdns.org
antivirus-ssl.myiphost.com
antoniosanchez19703.duckdns.org
apahak.zapto.org
apartmentdue.camdvr.org
api.google-analytics.cloud
april-spec.at.ply.gg
aqq.linkpc.net
arilariseverim.mentality.cloud
asd1112.f3322.net
asd2xxx.duckdns.org
asdasud.xyz
asdc4c5x.duckdns.org
asdfdsg.duckdns.org
asdghn.duckdns.org
asdsasf.duckdns.org
asidivuvuas8rnvns73.xyz
aslavazgecme.duckdns.org
asy33.duckdns.org
async2020.duckdns.org
async2021.duckdns.org
async95.duckdns.org
asyncat.duckdns.org
asyncgeneration1.duckdns.org
asyncman.duckdns.org
asynco.ydns.eu
asyncpc.duckdns.org
asyncr.dyndns.org
asynctypebeat.duckdns.org
asynno.ddns.net
asyynet.duckdns.org
ate.westus2.cloudapp.azure.com
autobasecars404.ddns.net
autobasecars4040.ddns.net
awfwafwaf.ddns.net
awshosting.bit
azazelxd.duckdns.org
back114.ddns.net
backvernomm.duckdns.org
bad2.ddns.net
balasid-48598.portmap.host
beaned.ddns.net
bevdona.theworkpc.com
bichota.duckdns.org
bigc6514.duckdns.org
bigchungusatemyass.duckdns.org
bigdaddy-service.biz
bigdaddy.ddns.net
biggismall.ddns.net
bin.treatwellshome.xyz
bisbossdma9sem.ooguy.com
bition1.hopto.org
bk2bk.duckdns.org
blackbyte.ddns.net
blackid-42037.portmap.host
block.safeservice.cx
bluetooth.duckdns.org
bmxfghsh.duckdns.org
bobbawb1000.duckdns.org
bolilau456.duckdns.org
booking-detail.ddns.net
bozuksaatiniz.duckdns.org
brat.dyndns.org
brazzzyl-42474.portmap.host
brig-38796.portmap.io
browser-geology.at.ply.gg
brytonwilliams8.ddns.net
btsarmy.monogon.cc
bujubanton.ddns.net
burbenbrg.duckdns.org
burk2n.dynu.net
buy-dynamics.at.playit.gg
buyandsell.ddns.net
cafechef2.zapto.org
cafechef22.zapto.org
cailongithenhi.ddns.net
caipirinhademorango.ddns.net
callsip.serveblog.net
capeview.duckdns.org
capone.kozow.com
carlosmenguallora09.duckdns.org
carmnesarmienthasbfa.duckdns.org
cassa.hopto.org
cch2dw3sdsmcs.hopto.org
cch2dw8oisnxss.hopto.org
ceco.ddnsgeek.com
ceda7x.vip
cepas2023.duckdns.org
certserver.zapto.org
chefcafe.ddns.net
chexfotii.ddns.net
chimiechonga.ddns.net
chimpail.com
chinasea.duckdns.org
chrisbli-25890.portmap.host
chromeclusterspectr.ddns.net
churchmon.ddns.net
churchmon21.ddns.net
churchmon22.ddns.net
cigdem5.duckdns.org
cisaui5.publicvm.com
classic-parental.at.ply.gg
cn-gx-plc-1.openfrp.top
cobeckconstructioncompany.camdvr.org
code2023.kozow.com
cody-elzingery.com
colombiamaleta.duckdns.org
com86.endofinternet.net
comav14.publicvm.com
comebakk.myq-see.com
comr4de.dynalias.org
con22.duckdns.org
connect.l0lz.co
connect.servehttp.com
considered-stars.at.ply.gg
coolbixb0y.ddns.net
coolmaneurokoolcom-26401.portmap.host
copyright-convinced.at.ply.gg
cpa2022.ddns.net
cracke08.ddns.net
crushco.ddns.net
crvenazvezda.ddns.net
d1x3x.dyndns.org
d1x3x.gotdns.com
d1x3x.selfip.biz
d1x3x.selfip.com
d1x3x.selfip.info
d1x3x.selfip.net
dada2020.linkpc.net
damp1337-62649.portmap.host
danielmaestrelora09.duckdns.org
darknessdz.ddns.net
darksqlrat.duckdns.org
darkvezirv2.duckdns.org
darudesandstorm1111-25323.portmap.host
datacikerim.duckdns.org
daue.kro.kr
davidmalik07.ddns.net
davidnoriegalora09.duckdns.org
dazadiego.duckdns.org
dbdgnry.duckdns.org
dbegarv.duckdns.org
dbgroup.publicvm.com
dc1337.ddns.net
dclimited.duckdns.org
ddfgfdshg.duckdns.org
decyzja-36420.portmap.host
decyzja-42138.portmap.host
default2.duckdns.org
degree-imported.at.ply.gg
devnodes.duckdns.org
dfareterg.duckdns.org
dfdagreyt.duckdns.org
dfegvcxzvzxc.duckdns.org
dfghsfgsjsk.duckdns.org
dfsdgrg.duckdns.org
dgjidsjgvcx2341.ddns.net
dhayan.ip-dynamic.com
dhciaicjzis.xyz
dia6969.duckdns.org
diciembrearbolitodebelen20222022.duckdns.org
diciembrefeliz.duckdns.org
diegoparra.duckdns.org
diegovillareallora09.duckdns.org
dilescemo.servegame.com
dios.westus2.cloudapp.azure.com
discordmod.duckdns.org
disownnet.duckdns.org
ditmemay.ddns.net
djdlghk34.kro.kr
dnsontopnegros.ddns.net
docdns467.duckdns.org
doddyfire.dyndns.info
dodusiekkk-60757.portmap.host
dola2611.linkpc.net
doloresguerra.duckdns.org
doloreshuerta.duckdns.org
dom1337.duckdns.org
dom45x.duckdns.org
dominiodeprueba202220222022.duckdns.org
dominostark07.duckdns.org
doublezuckshhst.ddns.net
dox2022.homeip.net
drive.winupgrade.org
dropout-35209.portmap.host
dropout-37757.portmap.host
dropy.ddns.net
drxppedlpbbbb.ddns.net
dry-dream-17049.pktriot.net
dsijfiudsfiashvu7ds43.xyz
dsrgdsfgdf.duckdns.org
dtbvira.zapto.org
duartesantiagoji22.con-ip.com
duck3131.duckdns.org
dv7ddw4sds8ds8.hopto.org
dv7lv4sds8ds5.hopto.org
dwdtte4wfjs0ds5.hopto.org
eaglescof.centralus.cloudapp.azure.com
ebuka.duckdns.org
eds.edspeck.org
eduardlarauhasdhau32ndanh.duckdns.org
edwardthornton163.duckdns.org
efweegfdg.duckdns.org
egfcj56rgs.duckdns.org
egoyibouda.linkpc.net
ehadghsfyjsgah.duckdns.org
ehjay2022.duckdns.org
elchester789.duckdns.org
elkinbarajasujsdfsa334.duckdns.org
elpatocuacua.duckdns.org
elpatodonal.duckdns.org
elperood.duckdns.org
eltigangiad02.duckdns.org
emisparkled.duckdns.org
emolovebosy.ddns.net
enero2022async.publicvm.com
eneroeneroenero2023202311.duckdns.org
eniuu.duckdns.org
enviocode.duckdns.org
ericanabou.duckdns.org
ericfresh.ddns.net
ericmoney11.ddns.net
ertyftgfg.duckdns.org
escobaurch30.duckdns.org
escolavolutaria.fun
esxo.ddnsfree.com
etonel.chickenkiller.com
ewtwet.duckdns.org
exos.mywire.org
expresschiatto.freeddns.org
ezinchcho.ddns.net
f3k3jimashe.theworkpc.com
f88vbv8b8erht8baos.com
fabiancarrillolora09.duckdns.org
fabianhenaosierra003.duckdns.org
famous147.ddns.net
famsydev.top
fat7e114.ddns.net
fat7eorami.ddns.net
fdgfdgfdhgfj.duckdns.org
fdhfghf.duckdns.org
feb23-pandor.duckdns.org
febreroynoesvisiesto20222022.duckdns.org
fedeloperome09.duckdns.org
fejong.duckdns.org
felixojedamartinez09.duckdns.org
fell.ddns.net
fernandoguerralora09.duckdns.org
fesfsefseg5.duckdns.org
fessjacksrat.duckdns.org
fforward20.duckdns.org
ffuze.duckdns.org
ffxzdgfshfd.duckdns.org
fghnmvhdf.duckdns.org
fhdtvbcxnvn.duckdns.org
fhfgmjhmsdsdzx.duckdns.org
fjrtjrjyjj.duckdns.org
fjuj84hgoa84gn.xyz
flingmodder-44266.portmap.io
flubabapro.duckdns.org
flurrybeatmecamtest.ddns.net
flurrybeatmecamtest.sytes.net
formbook.hopto.org
formenn.linkpc.net
fpt1.duckdns.org
frajerte-37406.portmap.io
frank12.ddnsgeek.com
frankent2021.ddns.net
frankrab.giize.com
fransislopesierra09.duckdns.org
frdan.mywire.org
fredylopezlora09.duckdns.org
free66.hopto.org
fries1.ddns.net
fromrusso.org
frozeislegend.duckdns.org
frp1.freefrp.net
fsdgsgads.duckdns.org
fsgetesvzxc.duckdns.org
fsggasd.duckdns.org
fuckyou98.ddns.net
fusion71050500-40756.portmap.io
fusion71050500.ddns.net
fusioncore32023.hopto.org
g896696.duckdns.org
garsonpessutti.duckdns.org
gazetrto.myddns.me
gcgfjghjg.duckdns.org
gdfhtrtyrtt.duckdns.org
geeftniksbro.duckdns.org
getcdnlist.com
getupdated2021win2k.cn
gfhdjksjd.duckdns.org
gfhghgfcf.duckdns.org
ggdhzyrd.duckdns.org
ghankall40.duckdns.org
ghdfvdfdf.duckdns.org
ghgfkhdfgvvvvswqawer.duckdns.org
ghjfhdtxcfbv.duckdns.org
ghjghghfhj.duckdns.org
ghoss.freeddns.org
gingles.dynu.net
godlymoney806.duckdns.org
godtest.myddns.net
gomaa.theworkpc.com
gonzalesdelpilarmaria09.duckdns.org
goodpc.theworkpc.com
goods-generic.at.playit.gg
googe.f3322.net
googleipm1.ddns.net
goosent323.duckdns.org
gpmaw.duckdns.org
grant123four5.ddns.net
greatestyear2021.ddns.net
grega0835.ddns.net
griffins.hopto.org
grotomnipobell.sytes.net
grotomnipobell.zapto.org
gru-s13.duckdns.org
gsfdsfhghsff.duckdns.org
gto7tuiyuighfgfdj.duckdns.org
guasonliiiine.con-ip.com
gv7lv454sds8ds5.hopto.org
gw.allstaffs.net
haberci.ddns.net
hackas.ddns.net
hackdns1.duckdns.org
hacker-unknown-46140.portmap.io
hackisking.ddns.net
hajrkn.duckdns.org
haldriemaldriendfrif.sytes.net
hallmoney927.duckdns.org
handmoety.duckdns.org
hardrickkonsultg.ddns.net
harry9171-41182.portmap.io
harrypotta.ddns.net
haxxservers.ddns.net
hazardmain-37159.portmap.io
hck453-58158.portmap.host
hduisahidasr.ddns.net
healthup.con-ip.com
heatblast-33349.portmap.host
heisne.casacam.net
hellobozo.duckdns.org
helpmetakeyoursoul.awsmppl.com
helpserver.ddns.net
hema55.publicvm.com
hgjvhnfgg.duckdns.org
hgukhs-39227.portmap.host
highlifesearch.net
hitl44.001www.com
hitler0077.linkpc.net
hitler5573.linkpc.net
hiv.dyndns.org
hiveys.duckdns.org
hoang19008198.ddns.net
hoaviet-54998.portmap.host
hoc2021.ddns.net
hognyusket.com
holiday-wrote.at.ply.gg
holl3-43069.portmap.host
hope2023.sytes.net
hortiag1npox901.ooguy.com
houserent.camdvr.org
hpdndbnb.duckdns.org
hpwongrgbgames.ddns.net
hsjdup.duckdns.org
hsolic.duckdns.org
hsthdfghgj.duckdns.org
htr.ddd.amafo.cc
httosd.duckdns.org
hugh69021.duckdns.org
hurensohnliste-31639.portmap.io
icacxndo.ac.ug
icando.ug
icesmile.ddns.net
ifemelumma.linkpc.net
ifuyghiu.duckdns.org
ii-usd.at.ply.gg
iloveware.ddns.net
imageline.dyndns.org
info.ctxcel.com
info07.ddns.net
infodate.ddns.net
ip2.p36.xyz
iphy1.duckdns.org
isabelaflores.fun
itsource7.ddns.net
iyanyaegodi.ddns.net
jacktrade.ddns.net
jaga.theworkpc.com
jaimearaujonhiasiiwe32sa.duckdns.org
jaimegarjhahsswda.duckdns.org
jajo0.ddns.net
jamesalex13-32442.portmap.host
jamiekarvans.duckdns.org
janwiggins-29366.portmap.io
javierandresparramojica09.duckdns.org
javierimssmarecolie.hopto.org
jazminyshujtasvytassacadscd.duckdns.org
jeanmichmich.ddns.net
jeazerx.duckdns.org
jen202.casacam.net
jen203.camdvr.org
jeremymass01-46300.portmap.host
jesuisdonaldjtrump666.anondns.net
jesusamado.duckdns.org
jesuslopez19011.duckdns.org
jetafunit.servebbs.org
jhonvelasqueslora09.duckdns.org
jilldoggyy.duckdns.org
jinxzone.duckdns.org
jj.byd66.cn
jjajajajajadsdwasd-27002.portmap.host
jkuifyghm.duckdns.org
jntlmanaway.con-ip.com
jntrojan.ddns.net
jorgemoscotehgbayhjeq8u73cs.duckdns.org
jorigt95.ddns.net
joselamartineslora09.duckdns.org
joseluissaldarriagalora09.duckdns.org
jovial-haze-85764.pktriot.net
jrg9hjsigfjs.duckdns.org
juanconrradolora09.duckdns.org
juanlunalora09.duckdns.org
juerneshfguisdfo.duckdns.org
julianmaldonadolora09.duckdns.org
juliomotoalora09.duckdns.org
juniormanco.duckdns.org
jyzjkjj.com
kadumello.ddns.net
kaka.publicvm.com
kandingon123.ddns.net
kann5787.duckdns.org
karalarbaglar.duckdns.org
kaught-36793.portmap.host
kaycee-64139.portmap.host
kaygeorge456.duckdns.org
kcfresh.ddns.net
keke0001.duckdns.org
kenmolle.ddns.net
keyauth.ddns.net
kgb.linkpc.net
khejzetabneol-33665.portmap.host
kiestdesignsyrev.sytes.net
kiki1022.duckdns.org
killam.ddns.net
kindy.gotdns.ch
kinholima.duckdns.org
kissam.ddns.net
kjbvjrvb.duckdns.org
klept0wiz-33913.portmap.host
kokomarko.theworkpc.com
kolove.accesscam.org
kometa.hopto.org
kontakt-online.selfip.net
kontakt-service.selfip.net
kontakt-update.selfip.net
kurtbloomberg.ddns.net
kurtyusuf.duckdns.org
kyarelixo-59275.portmap.host
kza021.duckdns.org
laboratoriogenfarp.linkpc.net
lak0v1337.ddns.net
lambertofield1.ddns.net
lamerz.hopto.org
largo777.kozow.com
latte.dynv6.net
laurabedoya624.duckdns.org
lauracarrillo0sosa09.duckdns.org
laurasofiherre10.duckdns.org
lazuraa.ddns.net
leetman.dyndns.info
leetman.dynuddns.com
legacyud.duckdns.org
leonardodavinchi.duckdns.org
leonelsaldarriaga01.duckdns.org
lila152511.duckdns.org
limakan-56623.portmap.io
limakan.hopto.org
limer.ignorelist.com
lisazhang.duckdns.org
litlehf.ddns.net
lizalizalizasky.ddns.net
lizalizasky.ddns.net
lizasweetsky.ddns.net
lleguen8383.duckdns.org
loader2b.duckdns.org
localhostu.dynuddns.com
lollypopman4-29266.portmap.host
lolojako.con-ip.com
lookatmebitch.ddns.net
lordban.ddns.net
lorenbermu09.duckdns.org
lozadiego998.duckdns.org
lucky-unlock.tpddns.cn
luiscetrelora09.duckdns.org
lumar-59428.portmap.host
lynnnn.duckdns.org
machine-cheap.at.ply.gg
machine3.duckdns.org
mad311.duckdns.org
maestroqueda.ddns.net
maestroqueda.duckdns.org
mafiaconnects.duckdns.org
maidright.chickenkiller.com
majid059.zapto.org
makabuike.duckdns.org
makesureeasteats.duckdns.org
maksuda2230-52612.portmap.host
malamutealaska.duckdns.org
malware.ddns.net
manifest.duckdns.org
marbeyli.duckdns.org
marcelodosanto09.duckdns.org
marcozapatalora09.duckdns.org
margotmejiabyusfnscdvds.duckdns.org
marianalaverde03.duckdns.org
marianavilla3008o.duckdns.org
mariangonzjabyeuwrg.duckdns.org
marifaculdolora09.duckdns.org
marioddns.hopto.org
markskith-28099.portmap.io
marli27.duckdns.org
marli27.kozow.com
marmar1.linkpc.net
martineliasdiazlora09.duckdns.org
mashirong.top
mass.ososfix99.ru
mass2023.duckdns.org
mauriciocarrascallora09.duckdns.org
mauriciojavierhoyos09.duckdns.org
maxdev-31558.portmap.host
maximumthousands.ddns.net
maxtodor-27383.portmap.host
mayomayomayo202202222022.duckdns.org
mazi.ddns.net
mbit921.duckdns.org
meanser.duckdns.org
medotelegram.work.gd
meganfoxx.duckdns.org
megaplaneta01.ddns.net
mehdoganmin70.duckdns.org
mekhonet.dynip.org
meltdili.duckdns.org
mence.duckdns.org
mendey.duckdns.org
merat3131.duckdns.org
mercadao.tech
meskullzmint.com
microsoft12.ddns.net
microsoftserver.ddns.net
microsoftupdate001.duckdns.org
mifantuanzi1.e1.luyouxia.net
miguellondono0315.duckdns.org
mikedonohue.kozow.com
milanooffice.hopto.org
milenial.duckdns.org
milinerds.duckdns.org
milla.publicvm.org
mimihard.ddns.net
minecraftmods.myftp.biz
minerboy123-61906.portmap.host
minharola.hopto.org
minjihuws.kro.kr
mnbvclhg.duckdns.org
mnvbvnvgc.duckdns.org
modyhr.ddnsfree.com
momo5050.ddns.net
monastery2626.duckdns.org
monedfghsja.duckdns.org
moneios.linkpc.net
moneyveno.duckdns.org
monkeys11-39982.portmap.host
monodofus.hopto.org
mooroopecamroy.sytes.net
morelogs22.sytes.net
moveforme.ug
mozzza.ddns.net
mr7bashbab.ddns.net
mrjeffy.duckdns.org
mrkarik14-50898.portmap.io
mrv001.linkpc.net
mrv00100.publicvm.com
ms47.zapto.org
ms4747.loseyourip.com
mtest.loseyourip.com
muchodinero.duckdns.org
muchodinero14deoctubre.duckdns.org
mulla1.mywire.org
mulla2.mywire.org
multibit.hopto.org
murderer.ddns.net
mushrum.duckdns.org
mvcx.serveftp.com
mxmarve-24835.portmap.io
mxtopsz.duckdns.org
myconect.ddns.net
myluckyhost.ddns.net
mysubdomain873.duckdns.org
nano-c.ddns.net
nareshsemalty-30366.portmap.io
nasihej725.hopto.org
navaikargranites.line.pm
ncbdgwe.duckdns.org
ndospjn.ddns.net
nessator.bounceme.net
nessator.myddns.me
netfamily.windowshost.ru
new.investimer.name
new.payeermine.com
new11.ddns.net
newbiesx-25518.portmap.host
newbignninggood.duckdns.org
newddnss.ddns.net
newfrost.ddns.net
newtechublil.ddns.net
newtimnoip.freeddns.org
newvpnasync.myq-see.com
newworld.mypsx.net
newx.ddns.net
nexsa2111.sells-it.net
nextboss.ddns.net
niceone20.cn
nicosircu1.ddns.net
nigatex.ml
nikopaskamaa-21457.portmap.host
nisdfsuie.duckdns.org
nixa21.zapto.org
nmaxom.duckdns.org
nngplic.ddns.net
nnoport.ddns.net
nobles35-22823.portmap.host
noluyoruzawk.duckdns.org
northem.ddns.net
nov16665.ddns.net
nova.servegame.com
nova1.linkpc.net
nova2.casacam.net
novachrono.dyndns-ip.com
ns1.l96.org
ns1usaupload.myphotos.cc
ns2.l96.org
ntlplaast11.duckdns.org
nuevoremremrem20232023.duckdns.org
nunzioisbitch.serveftp.com
nwoork.kozow.com
nx22.myq-see.com
oebonur600.duckdns.org
oeiti-47629.portmap.host
office-bcr-host.duckdns.org
officiallysoldtoprof.ddnsfree.com
ohgowhsnv.duckdns.org
okaa0-51499.portmap.host
olodofries888.ddns.net
omahaclothingline.webredirect.org
omkarusdajvc.ac.ug
omnicrie.ddns.net
omomom.ac.ug
once-york.gl.at.ply.gg
onlineisofilelandersbaseballer1.mrbonus.com
ooof.hopto.org
open.imgov.cn
opium-network.ddns.net
orc.dyndns.org
orcus.dyndns.org
orcusrat.dvrdns.org
ouaff.ddns.net
oxy01.duckdns.org
p.webshare.io
pacman.dynalias.com
pacman.dyndns.org
paisaloro.kozow.com
palmgorohive.myddns.me
parkerpublic.com
parrarobertogali10.duckdns.org
paython.myq-see.com
pazmental.duckdns.org
pedobusters.online
pedroalcantaralora09.duckdns.org
peniscocksucker4.hopto.org
petersonsherian7.duckdns.org
petrol-chem108.duckdns.org
petropresidente.duckdns.org
pettbull.ddns.net
pfesp.duckdns.org
phantom111-31422.portmap.host
pibot.ug
pics-starts.at.ply.gg
piddix.duckdns.org
pingo3000.hopto.org
pksru.ddns.net
pm-dome.at.ply.gg
poder.kozow.com
pompake.duckdns.org
pop12.linkpc.net
pop6.ddns.net
portmaprat-26778.portmap.io
potenzax999.linkpc.net
powershell-test.duckdns.org
primopumps.duckdns.org
privat-sparkasse.de
product62.duckdns.org
productos.linkpc.net
prontovibes.ddns.net
protectgoogle.ddns.net
prowantedo.ddns.net
pruevapoiu-20286.portmap.io
psmax.dnsalias.net
psmax0.dnsdojo.net
psshatx.accesscam.org
pssmohammed.gets-it.net
qovar.cf
qz.dyndns.org
r00tz-36170.portmap.io
r0z.duckdns.org
r4tt3r.duckdns.org
rafaledrat.ddns.net
ragebit.ddns.net
ramlifaris684.duckdns.org
ramps.duckdns.org
rapraprat.duckdns.org
ratcik0.duckdns.org
ratsss.publicvm.com
ratyedinbb.duckdns.org
realtekhoster.ddns.net
registry.ddns.net
rej.rejgroups.com
remiakbaba.duckdns.org
remove.is-uberleet.com
replyitselfmako.sytes.net
reportbox0.duckdns.org
reportss.duckdns.org
resulttoday2.duckdns.org
retregdsgzbz.duckdns.org
reversethis.store
revshell.3utilities.com
rexm.xyz
rggsrfbcx.duckdns.org
rio.casacam.net
rippeanut.duckdns.org
rl.zuiwen.top
rmlkin.duckdns.org
robertobolanolora09.duckdns.org
robertsaldarriagasoto09.duckdns.org
roberurrutialora09.duckdns.org
rock19870-48166.portmap.io
rock87.ddnsfree.com
rocky07.ddnsfree.com
romarivanegamoauhsyhafjbaju233nsa.duckdns.org
rony.ooguy.com
roollingstonecam.sytes.net
roollingstonecam.zapto.org
root.kahharsoftware.com
rositxado.tk
rotte.ddns.net
rownip.dyndnss.netrownip.dyndnss.net
roy2023.kozow.com
rtergsdfs.duckdns.org
rvng.dyndns.org
ry8325585.duckdns.org
ryyeyq.duckdns.org
s1995.ddns.net
sadcgvc.duckdns.org
saddlepoint.duckdns.org
sadgfbvcnvccmb.duckdns.org
saedmad.linkpc.net
saico015.linkpc.net
saikuzen-49289.portmap.io
sakivivjasiv8cozo3.cn
salutsalut.ddns.net
sammiyoyo.linkpc.net
sanael-62946.portmap.host
sandobalvaleria214.duckdns.org
sandyclark255.hopto.org
sandyy.hopto.org
saralynnp8.duckdns.org
satrakyarab.ddns.net
sau88b8yb7e7gf7g.cn
sbdndbnb.duckdns.org
sdfgfgdsdfgfd.duckdns.org
sdfsbvfbfda.duckdns.org
sdfsdfasdf.duckdns.org
sdfsdgfgj.duckdns.org
seamoney.duckdns.org
sebasguerranjdd3ewdadf.duckdns.org
secdb.duckdns.org
security70.duckdns.org
semetiooctubre2022202220222022.duckdns.org
seniorpicchi-43516.portmap.host
server.b92dt.com
server.vukhitoithuong.co
server2.raxana.net
service32.sytes.net
servicess.dynip.org
servidor2050.ddns.net
servr.jordangaming3.xyz
seznam.publicvm.com
sgfdhtw.duckdns.org
sgrmbroker.duckdns.org
shadowofsun.e5.luyouxia.net
shambanzy202202.con-ip.com
shortcut2021.duckdns.org
silent-rain-87337.pktriot.net
simple-drain.at.ply.gg
sinki-43136.portmap.host
siuw83.duckdns.org
sivwbviw.duckdns.org
skalleper.ddns.net
skidnation.ddns.net
skiler.duckdns.org
skullzyboat-37846.portmap.host
skylucky.duckdns.org
slawdor.westus2.cloudapp.azure.com
slpete1533.duckdns.org
smartvodafone.duckdns.org
smoothy.ddns.net
soft.tjsosda.com
some-cheapest.at.ply.gg
southside.bounceme.net
sparkinject.ddns.net
speedplayers-23540.portmap.io
spk.accesscam.org
spongpoppp.myq-see.com
spookyfroot-52933.portmap.host
spring-consultation.at.ply.gg
squeruu-39056.portmap.host
sr5gsedfgwsers.freemyip.com
sson.dnsup.net
ssonn.v6.rocks
starsat123.ddns.net
steam008.ddns.net
stellacy.tk
stoo02093.duckdns.org
strekhost2038.duckdns.org
strekhost2039.duckdns.org
strekhost2041.duckdns.org
strekhost2043.duckdns.org
strekhost2047.duckdns.org
su2d.nerdpol.ovh
subwoope.ooguy.com
sukura.duckdns.org
susiahat24199a.ddns.net
swchiowbcjd.con-ip.com
sym.publicvm.com
takerman.ddns.net
teambit.giize.com
tearnservi11.duckdns.org
techandro.giize.com
techgames.duckdns.org
technovez.duckdns.org
tehliike.duckdns.org
testetstest.ddns.net
testfor.duckdns.org
tfwed.duckdns.org
tgjhgf.duckdns.org
thebest39393.ddns.net
thegamingclub.xyz
thewatersmoney.hopto.org
theyk6836.duckdns.org
thoe409.duckdns.org
thwit.ddns.net
tienmonkey-40774.portmap.io
timairvpn.ddns.net
timmo-27933.portmap.host
tjcoker123456.duckdns.org
tksoficialbrasil.sytes.net
torment.ddns.net
torment1628.duckdns.org
tox11.ddns.net
tplinklocal.linkpc.net
tr2.localto.net
trabajo2021.duckdns.org
travazap.duckdns.org
tripdeep.duckdns.org
tripleswagsir-42873.portmap.io
trust.meldrez5x.xyz
tuna91.duckdns.org
type1520.duckdns.org
ubiquitouslv-34772.portmap.host
udmansoud-59712.portmap.host
ufyu78r8r7.duckdns.org
updateservicer.ignorelist.com
uribeparaco.duckdns.org
usa-man.accesscam.org
utilityservice.ignorelist.com
uvd88.duckdns.org
v13cracker.ddns.net
valentinmihai-48225.portmap.io
vcnnxfdf.duckdns.org
venelix.duckdns.org
venmo8500.duckdns.org
vernortoday.duckdns.org
verynice.ddns.net
veztechno.duckdns.org
vfdhgfjdhgkjsf.duckdns.org
vic1.duckdns.org
vicentcastillnhdagg.duckdns.org
victori55.duckdns.org
view43748.viewdns.net
violinud.duckdns.org
vjwm.dyndns.org
vl.io.vn
vladmir001.myddns.me
vlhoangkimpk.net
vr-bank.com.de
vtgfcgfcvvvvvvvavavvvaavavava.duckdns.org
wabbus02.duckdns.org
wai.dogelab.net
wai.dogetaxi.io
wai.squidgame.to
walter12ryan.duckdns.org
wanted12-62000.portmap.host
warzon957.duckdns.org
warzoneupdater.redirectme.net
wasted9sss1-51443.portmap.host
wasted9sss1-57562.portmap.host
waterspourmoney.ddns.net
wegrferhgbrtegerfewfwedwedewdew.hopto.org
wertpkgc.duckdns.org
wesdrfggkhgfd.ddns.net
westernogetobarsbrmng.ooguy.com
wggr6uncx.duckdns.org
white-camcorders.at.ply.gg
willtrojan.ddns.net
windows-services-udpate.linkpc.net
winhostconio.duckdns.org
winlogon.ddns.net
wispy-hill-25808.pktriot.net
work114.ddns.net
worldpassed.publicvm.com
worldwreck.ddns.net
wr.espielweinstein.pw
xaft.camdvr.org
xafvbndsfg.ru
xiomarajerezasidhasfjafas.duckdns.org
xlordbodyl-60544.portmap.io
xsme.loseyourip.com
xxxprofxxx.dnsdojo.com
xxxsexyxxx.dnsdojo.com
y1k0z3.hopto.org
yatruopidf.giize.com
yedbopds.duckdns.org
yeetdskrt.ddns.net
yenhack.ddns.net
yhsfgs.duckdns.org
yoperreosola.duckdns.org
yubahack.duckdns.org
yubarat.ddns.net
yudith.duckdns.org
yyutrer.duckdns.org
zaza99.duckdns.org
zazazazaz.duckdns.org
zcvxcdsfew.duckdns.org
zen3x.duckdns.org
zero0.ddns.net
zhudaji.f3322.net
zkgwnqekr7qrgadf.duckdns.org
zobbi.zobbi.com
zockrellemile.sytes.net
zopzw.ddns.net
zuiwen.top
zulakim.duckdns.org
zxc123598.e2.luyouxia.net
zzzpmax.ddns.net

# Reference: https://twitter.com/IntezerLabs/status/1701230783837454369
# Reference: https://twitter.com/t3ft3lb/status/1701506318383956224

193.161.193.99:31507

# Reference: https://twitter.com/Jane_0sint/status/1701604129221890240
# Reference: https://www.virustotal.com/gui/file/11409951fd87917609f76566a567f768e8f2af92997618dbbf2536dce684b4d1/detection

123.99.200.175:4449
123.99.200.175:8950

# Reference: https://threatfox.abuse.ch/ioc/1163379/

62.106.84.215:4444

# Reference: https://threatfox.abuse.ch/ioc/1163442/

4.151.131.10:1010

# Reference: https://www.virustotal.com/gui/file/740705bda250b4aa10bc9ac53c45ea625baa4a7b982d76fcdd013644d7f0f5ae/detection

147.185.221.16:22080
193.161.193.99:22080
feature-fbi.gl.at.ply.gg

# Reference: https://threatfox.abuse.ch/ioc/1163510/

185.81.157.153:55

# Reference: https://threatfox.abuse.ch/ioc/1163511/

185.81.157.153:100

# Reference: https://www.virustotal.com/gui/file/eb1b3103fc42ae087eedbdc261bddff18d9aaaa5bf3c4646153b0fe67b9ad2b2/detection

esteesparahoy.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-09-22)

147.189.169.11:8848
185.117.91.202:999
185.81.157.154:2301
194.58.71.17:7771
206.53.55.186:8181
51.89.12.10:6606
51.89.12.10:7707
51.89.12.10:8808
78.171.102.209:3001
81.161.229.73:6606
81.161.229.73:7707
81.161.229.73:8808
95.214.27.6:2442

# Reference: https://www.virustotal.com/gui/file/7d8d345ba5e90f5eb674b3a0afeee3af3d7cdb8da249f92a5ff86f214d4ebc99/detection

84.54.50.42:1338

# Reference: https://www.virustotal.com/gui/file/1eb09eab835bb8295c10bc42f04a9f5379da88131996e603ec0643e3700e2bcc/detection

4.151.131.10:1011

# Reference: https://www.virustotal.com/gui/file/535884651e8ced605074dff4220651f4ceb02ea86025ff2721c816de2a94fd6a/detection

80.76.51.237:2023

# Reference: https://www.virustotal.com/gui/file/5fe0500266860557912ff1d77ed5e386f4c849bf21891e46dedabad62d78d328/detection

31.192.107.178:2525

# Reference: https://twitter.com/r3dbU7z/status/1705645264206184806
# Reference: https://www.virustotal.com/gui/file/d1dd950783c34f9d1a34a39b9068fb01023b537805ea97791b17dda03a95ebd9/detection
# Reference: https://www.virustotal.com/gui/file/968f94101c97e3d7d7ba5a994409595c41f33645956454f4dce9d93c9abc9c79/detection
# Reference: https://www.virustotal.com/gui/file/cad6a66eac36a2f482176d9636619dade6ece13f02613540184bbd341ee0983d/detection

93.123.118.253:39001
93.123.118.253:39002
93.123.118.253:39003
93.123.118.253:58001
93.123.118.253:7709
dingdang.ddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-09-25)

http://74.133.86.50
101.34.3.12:8848
101.42.137.105:3593
103.108.66.216:9905
103.38.236.46:4449
103.42.31.134:9901
103.42.31.180:9904
123.99.200.153:4449
124.248.66.139:4449
124.248.66.140:4449
124.248.66.144:4449
134.255.254.224:7707
135.181.226.133:49287
140.143.167.227:3214
154.53.45.95:4449
185.17.0.246:4449
185.221.67.3:4449
198.44.165.77:6605
198.44.184.40:4449
2.59.254.111:5500
222.211.73.251:4848
42.51.40.184:6606
42.51.40.184:7707
42.51.40.184:8808
49.232.230.111:6630
5.104.84.227:4449
62.234.33.152:3502
62.234.35.139:5631
65.21.177.234:6606
65.21.177.234:7707
74.133.86.50:4449
90.62.249.133:2550
90.62.249.133:2551
90.62.249.133:2552
90.62.249.133:2553
90.62.249.133:2554
90.62.249.133:2555
90.62.249.133:2556
90.62.249.133:2557
90.62.249.133:2558
90.62.249.133:2559
90.62.249.133:2560
90.62.249.133:2561
90.62.249.133:2562
90.62.249.133:2563
90.62.249.133:2564
90.62.249.133:2565
90.62.249.133:2566
90.62.249.133:2567
90.62.249.133:2568
90.62.249.133:2569
90.62.249.133:2570
90.62.249.133:2571
90.62.249.133:2572
90.62.249.133:2573
90.62.249.133:2574
90.62.249.133:2575
90.62.249.133:2576
90.62.249.133:2577
90.62.249.133:2578
90.62.249.133:2579
90.62.249.133:2580
90.62.249.133:2581
90.62.249.133:2582
90.62.249.133:2583
90.62.249.133:2584
90.62.249.133:2585
90.62.249.133:2586
90.62.249.133:2587
90.62.249.133:2588
90.62.249.133:2589
90.62.249.133:2590
90.62.249.133:2591
90.62.249.133:2592
90.62.249.133:2593
90.62.249.133:2594
90.62.249.133:2595
90.62.249.133:2596
90.62.249.133:2597
90.62.249.133:2598
90.62.249.133:2599
90.62.249.133:2600
capitalizerutc.com
de2.localto.net
erorr2.webhop.net
ewoiutz9dt9bzo89tz.com
extra-hack.ddns.net
iroexjds.work.gd
nbnf43456httpshost.online
non.accesscam.org
popo01.mywire.org
riewoti.work.gd
saefigozower.fun
sdfubuzoeoeiv.top
seuriouhvhusr.cn
slim1.thruhere.net
telachapesu.com
trx05.duckdns.org
viper34.servebbs.net
webwhatsapp.cc
wpe.mysynology.net

# Reference: https://www.virustotal.com/gui/file/c3f02339dcd6fbf6425fcc439a044416922c3f229d67e8f4e737dd29e7184e3b/behavior

23.105.131.172:2323
23.105.131.172:6606
23.105.131.172:7707
23.105.131.172:8808
dqdqededqedqe.tk
bin.treatwellshome.xyz

# Reference: https://threatfox.abuse.ch/ioc/1167640/

95.214.27.6:5500

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-09-26)

185.25.51.99:444
185.225.73.105:7896
185.225.73.105:8675
185.81.157.150:2023
185.81.157.150:2035
194.180.49.190:9254
5.231.208.228:1337
51.103.217.70:6677
51.103.217.70:8585
74.208.105.80:2005
74.208.105.80:7777
80.85.153.152:28323
91.103.252.215:4449

# Reference: https://www.virustotal.com/gui/file/6841b9d41f26f9bbd98430b17aa75910e24e5a72aa4df3b40f251afba21d5297/behavior

18.228.115.60:14488
18.229.146.63:14488
18.231.93.153:14488

# Reference: https://twitter.com/beacon1ng/status/1708620162000396480
# Reference: https://app.any.run/tasks/c35e037b-a03f-4179-9764-1dcbb679dbc7/

85.217.144.78:222
85.217.144.78:6606
85.217.144.78:7707
85.217.144.78:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-03)

185.225.73.105:6606
185.225.73.105:7707
185.225.73.105:8808
5.249.163.45:5555

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-06)

138.201.18.225:4449
185.241.208.184:6606
185.241.208.184:7707
185.241.208.184:8808
5.230.67.224:6606
5.230.67.224:7707
5.230.67.224:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-07)

185.16.38.41:2023
185.16.38.41:2035
185.241.208.114:5555
185.241.208.203:6606
185.241.208.203:7707
185.241.208.203:8808
185.241.208.42:2266
185.241.208.42:4444
185.81.157.21:2404
193.26.115.167:6606
193.26.115.167:7707
193.26.115.167:8808
209.145.56.0:57
4.151.131.10:2404
79.110.62.189:30305

# Reference: https://www.virustotal.com/gui/file/470556fb4a6a391d85e137d35fd76f1b8f9f984b4e4c8dadf3da3a072e901112/detection

193.26.115.188:8788
474ba67bdb289c6263b36dfd8.xyz

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-09)

http://103.212.81.80
http://88.99.251.36
103.141.68.86:8080
107.175.113.198:6011
107.175.113.198:9901
107.175.243.138:6606
107.175.243.138:7707
107.175.243.138:8808
135.125.21.39:222
135.125.21.39:2222
136.243.151.123:4444
136.243.151.21:57
136.243.151.21:58
136.243.151.21:60
136.243.151.21:62
136.243.151.21:64
136.243.151.21:70
136.243.151.21:71
136.243.151.21:79
139.99.148.35:7707
142.11.241.177:2002
142.11.241.177:2003
142.11.241.177:2004
142.11.241.177:2005
142.11.241.177:4014
142.11.241.177:4016
142.202.240.116:6969
142.202.240.46:7707
142.202.242.171:2028
142.202.242.171:2205
144.126.149.221:1996
144.126.149.221:2106
147.50.253.12:9909
15.204.170.1:6666
158.69.131.146:555
158.69.131.146:5555
158.69.131.146:7777
162.244.210.198:7070
172.245.244.118:7070
172.245.244.118:9090
172.96.172.69:2002
172.96.172.69:2003
172.96.172.69:2004
172.96.172.69:2005
172.96.172.69:4014
172.96.172.69:4016
173.212.250.19:2000
173.212.250.19:5000
173.212.250.19:6000
173.212.250.19:7000
181.131.218.210:8000
185.104.195.215:1234
185.104.195.215:1975
185.104.195.215:1980
185.104.195.215:1985
185.104.195.215:1989
185.104.195.215:1990
185.104.195.215:1991
185.104.195.215:2001
185.104.195.215:2002
185.104.195.215:2004
185.104.195.215:2009
185.104.195.215:5555
185.104.195.215:7777
185.104.195.215:8888
185.117.91.202:7707
185.117.91.202:8808
185.117.91.202:9909
185.16.38.41:20000
185.16.38.41:2022
185.16.38.41:2033
185.161.210.60:4020
185.169.180.143:1604
185.169.180.209:1604
185.239.237.59:6666
185.239.237.59:7777
185.241.208.114:7777
185.241.208.29:6666
185.241.208.42:2244
185.241.208.42:6606
185.241.208.42:7707
185.241.208.42:8808
185.241.208.51:555
185.241.208.51:5555
185.241.208.51:6666
185.25.51.99:555
185.81.157.135:2323
185.81.157.149:2303
185.81.157.14:2301
185.81.157.14:2501
185.81.157.14:2502
185.81.157.14:2701
185.81.157.154:2303
185.81.157.154:2304
185.81.157.154:2525
185.81.157.174:8088
185.81.157.178:6606
185.81.157.178:7707
185.81.157.178:8808
185.81.157.218:9090
185.81.157.24:6006
185.81.157.24:8008
187.24.73.87:8888
187.24.73.87:9999
188.77.229.84:5001
191.101.206.33:6666
192.119.108.74:8713
192.119.108.75:8714
192.119.108.76:8714
192.119.108.77:8710
192.159.99.6:50
194.156.89.185:8080
194.156.90.168:2222
194.156.90.168:4444
194.156.90.168:5505
194.156.90.168:5555
194.156.90.168:6606
194.156.90.168:7707
194.156.90.168:7777
194.156.90.168:8808
194.180.49.17:6606
194.180.49.17:7707
194.180.49.17:8808
194.26.192.68:6606
194.26.192.68:6666
194.26.192.68:7707
194.26.192.68:8808
198.12.125.30:8808
198.12.125.30:8880
2.58.56.243:6606
2.58.56.243:6666
2.58.56.243:7707
2.58.56.243:8808
206.53.55.186:1000
206.53.55.186:7171
209.145.56.0:1234
209.145.56.0:2011
209.145.56.0:2022
209.145.56.0:4014
3.84.52.3:6606
3.84.52.3:7707
3.84.52.3:8808
34.29.228.84:1996
34.29.228.84:1997
35.197.164.151:443
38.180.69.154:6606
38.180.69.154:7707
38.180.69.154:8808
42.117.76.36:7569
42.117.76.36:7815
42.117.76.36:8010
42.117.76.36:8159
42.117.76.36:8579
45.138.16.41:6666
45.138.16.41:8888
45.141.215.91:6666
45.141.215.91:7777
45.141.215.91:8888
45.156.84.213:6666
45.81.39.78:115
45.92.1.142:333
45.92.1.142:6066
45.92.1.142:888
45.92.1.162:1996
46.246.82.9:2000
5.230.74.240:6666
5.230.74.240:7777
5.230.74.240:8888
51.161.107.68:555
51.161.107.68:5555
51.161.107.68:6666
51.195.145.78:4343
51.195.251.9:6606
51.195.251.9:7707
51.195.251.9:8808
51.254.49.49:5001
51.38.57.226:6606
51.81.126.13:2222
51.81.126.13:555
51.81.126.13:5555
51.81.126.13:777
51.81.126.13:7777
51.81.24.93:4242
51.81.7.207:6606
51.81.7.207:7707
51.81.7.207:8808
51.89.190.17:6000
51.89.190.17:7000
51.89.190.17:8000
51.89.190.17:8088
62.106.84.211:4444
62.106.84.211:6606
62.106.84.211:8808
62.106.84.212:6606
62.106.84.212:8808
62.106.84.213:4444
62.106.84.213:6606
62.106.84.213:8808
62.106.84.214:6606
62.106.84.214:8808
62.106.84.215:8808
64.56.68.203:8888
66.94.118.174:2000
66.94.120.244:6606
66.94.120.244:7707
66.94.120.244:8808
78.161.33.61:20000
84.54.50.9:8888
85.206.172.156:222
85.206.172.156:555
86.48.18.223:6606
88.119.175.231:444
88.119.175.231:555
88.119.175.231:5555
88.119.175.231:6666
88.119.175.231:8888
89.23.100.93:4449
91.109.116.34:8808
91.109.182.4:7707
91.109.188.3:8808
93.123.118.250:2222
93.123.118.250:4444
93.123.118.250:6666
94.130.130.51:112
94.130.130.51:113
94.130.130.51:114
94.130.130.51:6606
94.130.130.51:7707
94.130.130.51:8808
94.156.253.72:6606
94.156.253.72:7707
94.156.253.72:8808
94.228.168.80:10000
95.214.27.64:5505
95.214.27.64:6606
95.214.27.64:7707
95.214.27.64:8808

# Reference: https://www.virustotal.com/gui/file/dad4aa37fb7f808d7cdc3e81585c2a0b31fd07d5aeadf9bd6562e73250d7d81a/detection

208.64.33.62:4449

# Reference: https://www.virustotal.com/gui/file/1a06018f6c3e8b85ba401a081e96a71d3c6c795ea2b35cb586b33897bca4abe2/detection

194.180.48.105:6606
194.180.48.105:7707
194.180.48.105:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-10)

135.125.21.39:5555
135.125.21.39:7777
136.243.151.21:73
194.156.90.168:9999
209.145.56.0:1232

# Reference: https://twitter.com/r3dbU7z/status/1711882323367457217

185.81.157.213:222
185.81.157.213:6606
185.81.157.213:7707
185.81.157.213:8808
rxrr.duckdns.org

# Reference: https://tria.ge/231010-11axlsgc97/behavioral1

46.1.103.69:2341

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-11)

108.165.237.62:8080
139.99.17.29:6606
139.99.17.29:7707
139.99.17.29:8808
144.126.159.54:8888
166.0.156.25:4444
169.150.249.71:8888
185.81.157.21:8888
192.119.108.74:8714
192.119.108.75:8710
192.119.108.76:8712
192.119.108.77:8712
192.119.108.78:8710
192.119.108.78:8712
198.12.125.30:6606
198.12.125.30:7707
198.12.125.30:8808
207.244.238.106:4444
46.196.24.46:6606
46.196.24.46:7707
46.196.24.46:8808
51.195.145.78:4242
51.89.190.17:6606
51.89.190.17:7707
51.89.190.17:8808
88.237.19.232:20000
91.109.184.2:6606
91.109.184.2:7707
91.109.184.2:8808

# Reference: https://www.virustotal.com/gui/file/724b95160127a1fac9bea14139ad0c773a9fd7f4bf0811c950e9a56003e3a49b/detection

http://194.5.237.240

# Reference: https://twitter.com/karol_paciorek/status/1712422451534045305
# Reference: https://twitter.com/g0njxa/status/1712424483766550940
# Reference: https://tria.ge/231012-mwgbyaga58/behavioral1

181.235.14.39:9330
aaarr43.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-13)

101.35.255.93:8888
108.165.237.62:7070
116.98.23.227:257
173.212.250.19:6606
173.212.250.19:7707
173.212.250.19:8808
177.255.84.119:8000
185.117.91.202:6606
185.241.208.45:6606
185.241.208.45:6666
185.241.208.45:7707
185.241.208.45:8808
185.81.157.149:2301
185.81.157.174:8089
185.81.157.238:6603
187.24.0.226:8888
187.24.6.130:9999
188.77.229.84:4002
191.89.242.212:5757
192.119.108.75:8712
192.119.108.76:8710
192.119.108.77:8714
192.119.108.78:8714
193.23.3.37:4001
209.145.56.0:1955
213.195.120.176:4002
213.195.120.176:5001
42.194.128.203:6606
42.194.128.203:7707
42.194.128.203:8808
45.136.4.172:1453
45.81.39.77:111
49.12.7.88:1604
65.21.177.234:8808
78.161.41.50:20000
78.161.41.50:888
82.147.85.206:38002
91.109.182.2:6606
91.109.182.2:8808
91.208.92.183:6606
91.208.92.183:7707
91.208.92.183:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-16)

14.173.175.182:8080
147.189.169.231:6606
154.91.82.186:8888
173.212.250.19:1337
173.254.253.214:6606
173.254.253.214:7707
173.254.253.214:8808
185.81.157.201:8181
185.81.157.244:6606
185.81.157.244:7707
185.81.157.244:8808
193.26.115.55:9999
194.26.192.61:8888
195.85.205.141:6006
198.23.227.140:8880
213.195.120.176:4003
46.246.82.6:2000
82.65.203.216:443
91.109.176.4:7707
91.109.188.3:7707
91.109.190.4:7707
91.109.190.4:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-19)

103.212.81.159:1997
171.22.28.214:4404
185.241.208.21:888
185.81.157.105:6606
185.81.157.105:7707
185.81.157.105:8808
185.81.157.242:6606
185.81.157.242:7707
185.81.157.242:8808
185.81.157.252:6606
185.81.157.252:7707
185.81.157.252:8808
187.24.12.53:8888
20.211.121.138:4449
212.102.59.77:8888
46.246.12.9:2000
46.246.6.3:2000
46.246.86.17:8888
62.106.84.212:4444
62.106.84.214:4444
95.214.27.6:4545

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-20)

147.189.170.39:6666
185.81.157.24:6606
185.81.157.24:7707
185.81.157.24:8808
187.24.64.107:8888
187.24.64.107:9999
193.26.115.207:2001
198.12.125.30:8806
45.138.16.131:6606
45.138.16.131:7707
45.138.16.131:8808
51.77.230.223:2404
88.232.113.230:20000
88.232.113.230:888
91.109.176.9:6606
91.109.176.9:7707
91.109.176.9:8808

# Reference: https://twitter.com/smica83/status/1715700508818571717
# Reference: https://tria.ge/231021-nxvrdsfh66/behavioral2

82.131.152.206:4449
venomkarhel.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-23)

105.158.157.80:55555
147.189.169.231:6666
167.235.78.69:8888
172.111.233.177:3389
181.131.216.141:4040
185.81.157.103:6606
185.81.157.103:7707
185.81.157.103:8808
185.81.157.160:6606
185.81.157.160:888
187.24.2.121:8888
187.24.73.4:8888
187.24.73.4:9999
190.28.153.166:2000
190.28.161.89:2000
192.210.229.11:8880
192.210.229.8:8801
193.26.115.207:2002
193.26.115.207:2003
193.26.115.207:2004
193.26.115.207:2005
197.246.186.65:9999
197.246.197.142:9999
197.246.199.117:6666
197.246.235.14:9999
198.12.125.30:9901
209.145.56.0:2004
209.145.56.0:2005
209.145.56.0:2006
37.19.216.81:8888
45.141.215.141:7771
45.145.230.68:4449
78.161.14.145:20000
78.161.14.145:888
82.147.85.118:38002
85.109.221.202:20000
88.232.119.41:20000
88.232.119.41:888
91.109.176.7:7707
91.109.176.7:8808
91.109.184.3:7707
91.109.184.7:8808
91.134.150.159:4449
93.242.233.250:51125
93.43.214.206:7707

# Reference: https://www.virustotal.com/gui/ip-address/186.169.60.158/relations
# Reference: https://www.virustotal.com/gui/file/b99b8c52dd67d2a9d4b8a58664056b7ce64f271e25efe3a3b8adf33c70d3db46/detection

186.169.60.158:1993
cotizacionesnuevas1.duckdns.org
ibat21.duckdns.org

# Reference: https://www.virustotal.com/gui/file/9906536e261362180e3b4c087a6e5941afd3766d077dfcfc3efbeb0ca91c9201/detection

186.169.60.158:1998

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-26)

116.203.24.34:2222
141.164.37.178:6606
141.164.37.178:7707
141.164.37.178:8808
172.111.233.109:3389
172.96.172.69:4019
178.73.192.20:8888
185.216.71.238:7708
185.216.71.238:8008
185.216.71.238:9909
185.81.157.112:6606
185.81.157.12:5555
185.81.157.12:6666
185.81.157.12:8888
187.24.69.150:8888
190.28.134.15:2000
194.156.89.178:2222
194.156.89.178:4444
197.246.196.91:9999
197.246.211.208:9999
198.12.125.30:8019
198.23.227.140:8080
198.23.227.140:8085
198.23.227.175:8080
209.145.56.0:6666
46.246.4.18:8888
91.109.184.4:8808
91.109.190.5:660666
91.109.190.5:7707
91.109.190.5:8808
91.208.92.210:1411
connect.servrweb.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-10-30)

http://92.87.6.121
103.141.68.91:6606
107.172.76.170:1982
107.172.76.170:8909
135.125.21.39:444
136.243.151.123:1234
136.243.151.21:69
136.243.151.21:75
144.126.149.221:6666
144.126.159.54:6666
145.239.200.145:6606
145.239.200.145:6666
145.239.200.145:7707
145.239.200.145:8808
147.189.173.111:9999
161.97.151.222:2004
162.55.36.154:2222
177.143.216.81:3389
178.33.203.39:5010
181.214.240.179:7707
181.90.42.189:7707
182.253.153.225:10549
185.150.25.181:6666
185.196.8.53:6000
185.241.208.136:1177
185.249.197.248:2222
185.249.197.248:4444
185.81.157.12:6606
185.81.157.12:7707
185.81.157.12:8808
185.81.157.12:9999
185.81.157.238:366
186.102.163.66:2404
186.102.163.66:7777
186.102.163.66:8888
186.102.174.131:2404
186.102.174.131:8888
187.24.13.129:8888
187.24.70.241:8888
187.24.70.241:9999
187.24.71.243:5155
187.24.71.243:9999
190.28.166.77:2000
191.246.186.145:9999
191.88.249.96:2018
192.210.229.8:8891
197.246.187.103:9999
197.246.196.187:9999
197.246.199.162:7777
197.246.199.238:9999
198.12.125.30:8015
207.246.74.117:8000
209.127.186.195:2222
209.145.56.0:4444
213.195.120.176:6606
213.195.120.176:7707
213.195.120.176:8808
216.244.84.180:6606
216.244.84.180:7707
37.1.211.248:6606
37.156.26.161:10000
45.12.253.222:115
45.141.215.3:3306
45.141.215.40:7707
45.88.186.47:9999
5.75.182.255:2222
51.89.242.53:100
81.214.77.85:20000
81.214.77.85:888
85.206.172.156:6606
87.248.157.179:1604
88.248.212.24:20000
88.248.212.24:888
88.251.135.18:20000
88.251.135.18:888
89.137.121.142:4782
91.109.176.5:7707
91.109.176.5:8808
91.109.180.4:8808
91.109.182.7:7707
91.109.182.7:8808
91.109.186.2:8808
91.109.188.2:7707
91.109.188.2:8808
91.109.188.8:8808
91.92.240.157:6606
91.92.243.216:81
94.130.130.51:119
94.156.69.57:81
intclientpage.co
foxgazafreego.mypsx.net

# Reference: https://www.virustotal.com/gui/file/ed243022114ee48f4c5f9cfbc83cf3fed190052d413eeb50abff861582299bce/detection

141.255.156.206:21555
141.255.156.206:21666
141.255.156.206:21777
141.255.156.206:21888
141.255.156.206:21999
enterprise999.ddns.net
mjtask.duckdns.org

# Reference: https://www.virustotal.com/gui/file/ca92d9d3ed2415dd25079356940f9feec35b3e1b5e7d46c1de4e474ac5656d47/detection

taaymhostv2.ddns.net

# Reference: https://www.virustotal.com/gui/file/607b2909a0cd25015eb49d92b087870d750329254c641146059519008fd9874f/detection
# Reference: https://www.virustotal.com/gui/file/120ff3fc38cc42844c647564284ccb431dd3e77f22da6284f7219229dec503e2/detection

45.88.180.17:7700
45.88.180.17:9700
couchelavable.ddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-11-12)

104.243.47.96:2222
142.202.188.173:9953
142.44.252.22:833
172.94.8.75:2020
185.25.51.99:222
185.62.86.134:666
185.81.157.150:6606
185.81.157.150:7707
185.81.157.150:8808
186.102.161.73:2404
186.102.161.73:7777
186.102.161.73:8888
186.168.71.240:8888
198.12.125.30:8191
37.1.211.248:7707
37.1.211.248:8808
45.141.215.5:7707
45.88.186.47:8888
46.1.103.69:2341
66.94.118.174:4002
72.11.142.131:8808
85.206.172.156:8808
85.239.241.136:1337
91.109.188.6:7707

# Reference: https://www.virustotal.com/gui/file/4c2d509873e08dc7e46df73f082502d116d13da9dc9cb52d9e69b921a0cdecc1/detection

91.92.241.80:4449

# Reference: https://www.virustotal.com/gui/file/4b317b533a355aa2a7410563ab6e3e4f9563dce4adea4926baaaa027037a29c4/detection

91.92.241.80:39001

# Reference: https://www.virustotal.com/gui/file/b9e5dd660dda0daa188d1dee546d4c97f5432e46a54bc812cac7e66e538dc43a/detection
# Reference: https://www.virustotal.com/gui/file/01c52fb377d59ee5c9ac7db9cbf58186f6470f3a5c78d378bc2a0cb79627c2fe/detection

194.87.151.53:39001
194.87.151.53:4449
researchchemicals.ddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-11-15)

http://136.243.151.21
103.47.147.204:2000
14.161.135.108:8080
181.235.82.111:2404
181.235.82.111:8888
181.235.87.205:2404
181.235.87.205:8888
185.81.157.103:2222
185.81.157.133:6666
185.81.157.135:2525
185.81.157.149:2024
185.81.157.236:4444
185.81.157.254:6606
185.81.157.254:7707
185.81.157.254:8808
186.112.202.44:2404
186.112.202.44:8888
186.168.71.240:2404
187.24.3.145:8888
190.28.181.222:2000
191.246.186.145:2021
193.23.3.37:4003
193.23.3.37:4545
198.23.227.175:8880
201.185.178.29:8888
31.11.194.49:1337
37.19.216.81:7777
45.154.98.86:4444
46.1.103.69:4263
46.1.103.69:7355
81.214.77.85:57
91.192.100.22:8000
91.208.92.74:4444
91.92.243.43:7719
panel.freeddns.org

# Reference: https://www.virustotal.com/gui/file/2473f5514d45b2d56863331a9c24fdccf74b787e476b2b48963e40b0421462e0/detection

98.34.154.249:1605
ratlol.ddns.net

# Reference: https://www.virustotal.com/gui/file/f9836e2f445c098ec9e41577906b5c25d419d780bbd0f12af29a1f1019981fd1/detection
# Reference: https://www.virustotal.com/gui/file/f598e0fd21c125852521c64159f7400c7005d83ab8f071de9e95b23ad98c4980/detection
# Reference: https://www.virustotal.com/gui/file/cd2cd968c9bdb300458c0cac8d95aecc487d7d0b9ac57126425d67756693eb01/detection
# Reference: https://www.virustotal.com/gui/file/74a7a0f3461b71369a22c9b7e6cc89d02f41d4c4484966f545eb3fef56642206/detection

185.81.157.19:3306
185.81.157.19:3307
185.81.157.19:3309
45.141.215.3:3309
ns2usaupload.is-a-techie.com

# Reference: https://www.virustotal.com/gui/file/e91838e3f9c6aa4e1e043fa30ac176081877347166e52aa9b9cb1e7f25acecbf/detection

forlatinamerica.bumbleshrimp.com

# Reference: https://www.virustotal.com/gui/file/7494ac575753c074738a4ea8aa3eb2dc0d7fe699b3e3f6dbbfb066b367aacc58/detection

envio2023asy.bumbleshrimp.com

# Reference: https://www.virustotal.com/gui/file/6bd3a9be98f3e06d4cefbc574149bd6f80e1bd96b6ac7131349313c2c9c19fae/detection

185.81.157.21:7777
bendicionesoctubre.ddnsguru.com

# Reference: https://www.virustotal.com/gui/file/b53a2201e29a52a0ff66ce50fc05a3e0ab920b4b5c86773fc8766e9462aff871/detection

51.161.59.75:6606
51.161.59.75:8808
exrobotos2023.mywire.org

# Reference: https://www.virustotal.com/gui/file/ebf8f470ffc1fa2c68fb9674c6e9842f9b5e5a15e2d37b11ffdb1de90d017b92/detection

141.255.147.253:8080
64.235.35.197:3333
parapowshell.blogdns.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-11-20)

1.120.227.126:4449
103.149.201.161:6106
103.233.253.8:8801
103.82.38.49:4449
104.129.27.19:6606
104.129.27.19:7707
104.129.27.19:8808
104.168.24.201:2345
121.62.23.38:5555
124.248.66.136:4449
124.248.66.143:4449
124.248.66.148:4449
124.248.66.154:4449
138.199.21.208:4449
147.185.221.16:47793
147.185.221.16:57444
154.221.25.208:8848
167.71.56.116:22863
172.111.138.100:4447
172.234.16.71:6606
172.234.16.71:7707
172.234.16.71:8808
185.221.67.19:18883
185.221.67.19:4449
198.37.108.208:5555
198.44.165.35:6602
198.44.165.35:8802
198.44.165.77:6105
199.36.223.62:52364
199.36.223.62:8848
20.201.123.99:30120
24.254.118.248:4449
4.229.227.81:8080
4.229.227.81:8081
45.138.16.87:998
45.88.186.47:4444
46.1.103.69:9371
65.21.8.16:4449
79.134.225.113:9346
91.107.228.216:4449
12tainss1s.xyz
asdvua78v8ed4t6fhvha.cn
asfyvisoeogtca3.fun
bloxstrap.theworkpc.com
bollon8.kozow.com
dcemprendimiento.duckdns.org
dkteamfix.webhop.net
dool.ddns.net
drippmedsot.mywire.org
erouhisugvizi4.cn
exrobotos.duckdns.org
foodie.ooguy.com
hmza.con-ip.com
itskmc.run.place
jauan2023.kozow.com
jobsearchtest.com
l11ol12s.sells-it.net
lesson.webredirect.org
lila152512.duckdns.org
lol1112s.sells-it.net
loveisthegreatest.ddnsfree.com
microwsfp5555.ddns.net
mloptuytonroyem.sytes.net
modyforeditor.loseyourip.com
newjakodns.con-ip.com
nsairoet.kozow.com
pacman.dontexist.org
saofidubixo4r.top
sdhvvy7vbysuxnvjdr6gtd64.com
sen3tors.linkpc.net
shady-mo.duckdns.org
taaymhost.ddns.net
w3llstore.work.gd
webazssc.sytes.net
webazsswebc.sytes.net
webwdircetcc.sytes.net
webwsetcc.sytes.net
yaper.dynuddns.net

# Reference: https://twitter.com/x3ph1/status/1726780232630198723
# Reference: https://www.virustotal.com/gui/file/6f9f2414e5ef9896fcef55deb74992200a418221aa6a169a76c688c82e9d7a5b/detection
# Reference: https://www.virustotal.com/gui/file/b4b449797d6cf8c8ff86601d9b259c9a4a5d79fc48093f90fc4eb967ef527780/detection
# Reference: https://www.virustotal.com/gui/file/f6a865b00b28e810029384d9941cbfe80deb2d24b992047f2a1634b6192ca4aa/detection

185.81.157.25:222
coffee.ddns.me

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-11-22)

104.243.32.185:6000
136.243.151.123:111
141.255.151.147:8888
144.126.159.54:7777
149.0.234.87:4444
162.244.210.198:6606
162.244.210.198:7707
162.244.210.198:8808
172.111.148.101:2020
173.212.250.19:1997
179.13.2.132:8020
181.214.240.179:6606
181.214.240.179:6666
181.214.240.179:8808
181.235.82.111:7777
181.90.42.189:8808
185.25.51.99:3333
185.81.157.246:6606
185.81.157.246:7707
185.81.157.246:8808
185.81.157.24:7007
186.170.115.82:8888
187.24.1.26:6606
187.24.1.26:9443
187.24.1.26:9999
187.24.70.150:9999
188.165.251.43:4242
190.28.170.122:2000
193.23.3.37:4002
194.213.3.100:7707
194.33.127.198:10000
195.178.121.53:6604
206.123.132.235:2000
213.195.120.176:5003
23.172.112.130:7707
23.172.112.130:8808
45.137.22.110:6606
45.138.16.48:8888
45.138.16.48:9999
45.88.186.47:5555
45.88.186.47:7777
45.92.1.15:9999
51.20.70.15:4443
51.38.57.226:7707
51.38.57.226:8808
78.161.26.61:20000
78.161.26.61:888
81.214.139.34:1604
91.92.242.246:4444
95.214.26.58:8808

# Reference: https://www.virustotal.com/gui/file/1761a57ada75a812d72141a1443aa22032bd9a2b2e167463d1cb06b2a1707c80/detection

51.222.31.217:3333

# Reference: https://www.virustotal.com/gui/file/729c57b7bfb87adeade5b33ad6af0b17c6ffa452d42caa42c6a1b4318601007f/detection

213.152.161.118:12184
timdynu23.freeddns.org

# Reference: https://www.virustotal.com/gui/file/18cb72e1caa929417b210801b615149c10b7d7962e738526bdade965b7e2bec2/detection

128.242.245.125:777
95.211.140.160:777
webchek.redirectme.net

# Reference: https://www.virustotal.com/gui/file/81bbf492816fdf74123d81ae5f01d85764f9be418fe4930e7c569fcdff1b3787/detection

186.169.35.157:8523
varo12l.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e08cde99d5c7427bd85cc6b26f9d6165561d80a52eac668f6883ffb66955ab63/detection

191.91.176.64:3035
asdfghtr.duckdns.org

# Reference: https://www.virustotal.com/gui/file/2b8c89ff1e46b7f9955583390fe471e299e1af0156e25a10b1c48780000a6524/detection

fdghjkhgf.duckdns.org

# Reference: https://www.virustotal.com/gui/file/669e35994017a740f8d56ac2e06aa7c45c9747ac27000d0413b5e5d2bdcda9e6/detection

200.116.159.187:4041
monocell08.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-03)

http://193.124.205.3
113.169.210.179:8080
113.207.105.241:17803
136.243.151.21:61
136.243.151.21:81
141.255.147.113:8888
141.255.151.249:8888
147.189.173.65:6666
154.16.67.94:8080
158.220.96.15:3318
181.90.42.189:6606
185.196.8.10:4449
185.62.85.197:444
185.81.157.147:6606
185.81.157.147:7707
185.81.157.147:8808
185.81.157.201:5008
187.24.66.236:9999
187.24.69.254:9999
188.215.229.107:1993
193.109.85.53:4449
193.149.176.5:7707
194.213.3.100:6606
194.213.3.100:8808
198.12.125.30:8818
2.58.56.160:7707
2.58.56.188:7707
2.58.56.37:7777
213.195.117.254:4002
213.195.117.254:4003
213.195.117.254:5001
213.195.117.254:5003
213.195.117.254:6606
213.195.117.254:7707
213.195.117.254:8808
213.195.125.89:4002
213.195.125.89:4003
213.195.125.89:5001
213.195.125.89:5003
213.195.125.89:6606
213.195.125.89:7707
213.195.125.89:8808
23.172.112.130:6606
45.92.1.59:8888
45.92.1.59:9999
5.249.161.42:9999
51.81.126.50:7777
66.94.118.174:9999
78.163.243.12:20000
78.163.243.12:888
82.165.74.190:1111
88.119.175.231:3333
88.229.10.198:3001
91.109.184.5:7707
91.109.186.8:7707
91.109.186.8:8808
91.109.188.9:9999
91.109.190.6:8808
91.92.244.203:4449
91.92.244.84:3232
91.92.248.239:6606
91.92.248.239:7707
91.92.248.239:8808
91.92.248.33:6606
91.92.248.66:6606

# Reference: https://twitter.com/banthisguy9349/status/1731374045218611702

http://138.68.144.100
143.110.162.255:81
159.65.215.80:81
162.244.210.198:222

# Reference: https://twitter.com/noexceptcpp/status/1731632258849673715
# Reference: https://gist.github.com/teixeira0xfffff/be875d101aa12bd4115d4d2133edd4ac#file-asyncrat_server-csv

http://107.173.143.111
http://165.154.186.149
http://192.210.236.242
http://198.23.144.126
http://198.23.145.12
http://20.187.64.131
http://67.243.58.12
http://76.83.131.163
http://77.73.131.83
1.53.214.230:8443
102.176.1.40:3306
102.176.1.40:6068
102.176.9.223:9300
102.41.50.232:6606
103.212.180.182:8888
103.212.81.157:6606
103.212.81.77:111
103.47.57.94:8080
103.99.0.229:443
104.161.23.232:6666
104.194.128.64:6606
104.211.203.236:2000
104.250.169.22:2000
104.250.170.27:6606
104.250.170.27:7707
104.250.170.27:8808
104.255.175.11:5001
104.255.175.12:5001
105.158.129.43:55555
105.158.132.27:55555
106.75.36.196:6606
106.75.36.196:7707
106.75.36.196:8808
107.172.76.170:1978
107.173.143.111:8080
107.175.113.198:8891
108.165.237.60:7707
109.107.179.248:7707
109.230.238.142:7777
116.148.86.63:6666
116.148.86.6:7777
116.148.86.70:6666
117.147.92.57:6666
129.146.108.93:8808
13.69.153.63:8080
13.80.133.110:67
13.80.133.110:68
130.211.201.48:5001
134.255.232.141:5555
134.255.234.198:5555
134.255.234.198:6666
134.255.234.198:8888
134.255.252.149:7777
135.148.171.75:8081
136.243.111.71:2200
136.243.151.21:63
136.243.151.21:67
136.243.151.21:72
136.243.151.21:74
136.244.116.149:1515
139.99.3.41:8808
14.164.98.70:8080
14.173.68.236:8080
14.234.24.74:8080
14.234.25.79:8080
140.82.55.70:2222
140.82.55.70:7777
141.255.146.104:8880
141.255.147.254:8880
141.255.158.165:8880
141.98.6.105:9191
142.11.241.177:2001
142.202.240.126:505
142.202.240.126:8888
142.202.240.91:6666
144.172.122.159:6606
145.239.200.145:7777
146.158.73.209:7777
147.124.209.80:6060
147.124.209.80:6666
147.124.209.80:8808
147.189.172.222:5555
147.189.172.222:6666
147.189.172.222:7777
147.189.172.222:9999
147.189.172.2:7707
147.189.174.47:7777
147.50.253.12:6606
147.50.253.12:7707
147.50.253.12:8808
149.102.243.138:8743
149.202.0.249:6666
149.56.79.3:4343
154.38.172.60:6666
155.254.244.188:6606
156.225.129.86:1433
159.69.11.30:6606
159.69.11.30:7707
159.69.11.30:8808
159.75.177.150:8443
160.178.236.210:55555
160.179.188.127:55555
161.97.151.222:7788
170.39.187.29:8080
172.245.23.178:9090
172.86.70.30:7777
172.86.76.198:6600
172.94.104.179:2000
172.94.6.198:2000
172.94.9.83:2020
172.96.172.69:1003
173.212.199.134:5552
173.212.250.19:1993
173.212.250.19:6066
173.212.250.19:6666
173.238.144.207:7707
173.249.196.201:4466
177.255.88.17:8020
178.33.203.39:9191
178.73.192.4:2000
179.14.8.129:8000
18.163.74.152:2333
18.197.239.109:10041
181.131.217.94:8808
181.215.5.168:4444
181.215.5.168:6666
181.90.42.189:2112
183.80.59.98:7946
183.80.59.98:8416
183.80.59.98:8420
183.80.59.98:8481
183.80.59.98:8533
183.80.59.98:8568
183.80.59.98:8598
185.104.195.215:5001
185.114.157.168:8080
185.117.91.202:8088
185.154.13.125:6606
185.158.251.88:2023
185.16.38.41:2024
185.162.235.142:6606
185.162.235.142:7707
185.162.235.142:8808
185.216.71.90:6606
185.216.71.90:7707
185.216.71.90:8808
185.223.77.181:8080
185.225.73.13:5001
185.225.73.192:4444
185.225.74.63:6606
185.225.74.63:7707
185.225.74.63:8808
185.225.75.54:12499
185.241.208.104:6666
185.241.208.140:1111
185.241.208.142:7777
185.241.208.159:880
185.241.208.161:8808
185.241.208.173:5555
185.241.208.177:6666
185.241.208.177:7777
185.241.208.187:7777
185.241.208.239:1177
185.241.208.72:6666
185.249.197.248:6606
185.249.197.248:7707
185.249.197.248:7777
185.25.51.99:5555
185.25.51.99:6666
185.62.84.65:7777
185.62.84.66:7777
185.62.84.67:7777
185.62.84.68:7777
185.62.84.69:7777
185.62.85.197:666
185.62.86.134:444
185.62.86.134:777
185.81.157.105:5135
185.81.157.105:5140
185.81.157.105:5150
185.81.157.105:9014
185.81.157.105:9015
185.81.157.105:9016
185.81.157.105:9017
185.81.157.105:9018
185.81.157.105:9019
185.81.157.105:9020
185.81.157.105:9021
185.81.157.105:9022
185.81.157.105:9023
185.81.157.105:9024
185.81.157.105:9027
185.81.157.105:9028
185.81.157.12:7777
185.81.157.135:2024
185.81.157.135:4343
185.81.157.135:4444
185.81.157.135:5555
185.81.157.135:6666
185.81.157.148:5555
185.81.157.149:2025
185.81.157.14:1010
185.81.157.14:2024
185.81.157.14:4343
185.81.157.14:7777
185.81.157.150:20000
185.81.157.150:2024
185.81.157.150:6666
185.81.157.152:7777
185.81.157.157:9009
185.81.157.168:7702
185.81.157.174:8090
185.81.157.209:2306
185.81.157.209:2310
185.81.157.209:4343
185.81.157.209:7777
185.81.157.218:1010
185.81.157.218:2020
185.81.157.238:5503
185.81.157.238:5601
185.81.157.5:9019
185.81.157.5:9020
185.81.157.71:2024
185.81.157.71:7777
186.102.174.131:7777
186.170.115.82:7777
187.24.1.147:7707
187.24.1.26:6666
187.24.12.23:6666
187.24.6.130:8888
187.24.64.107:2021
187.24.68.152:9090
187.24.70.150:9441
187.24.73.4:6606
187.24.73.4:7707
187.24.73.87:2020
187.24.9.5:9999
188.77.229.84:5002
188.77.229.84:6606
188.77.229.84:7707
188.77.229.84:8808
190.213.184.38:6606
190.213.184.38:7707
190.28.134.141:2000
190.28.145.222:2000
190.28.155.162:2000
190.28.161.114:2000
190.28.176.211:2000
190.28.177.104:2000
190.28.223.143:2000
190.28.246.177:2000
190.28.249.178:2000
190.28.250.147:2000
190.28.251.148:2000
190.97.165.170:8808
191.88.249.14:6969
192.121.82.67:2000
192.129.253.82:4444
192.129.253.82:9999
192.129.253.83:4444
192.129.253.83:9999
192.129.253.84:2001
192.129.253.84:4444
192.129.253.84:9999
192.129.253.85:4444
192.129.253.85:9999
192.129.253.86:2001
192.129.253.86:4444
192.129.253.86:9999
192.210.201.49:8891
192.210.236.158:7070
192.210.236.242:8080
192.3.27.141:8000
192.3.27.141:8118
193.142.146.212:7707
193.23.161.246:7777
193.23.3.123:6606
193.23.3.123:7707
193.23.3.123:8808
193.23.3.37:4343
193.26.115.217:6666
193.26.115.217:7777
193.26.115.78:7777
193.34.69.105:6666
193.42.32.17:7777
193.42.33.216:3306
193.42.33.58:8808
193.53.126.35:443
193.56.29.146:7777
194.180.48.14:5600
194.213.3.111:444
194.213.3.18:7777
194.213.3.36:7777
194.26.192.144:7777
194.26.192.144:8888
194.26.192.174:1991
194.26.192.174:2000
194.26.192.174:2002
194.26.192.174:5001
194.26.192.174:5555
194.26.192.174:6666
194.26.192.174:7777
194.26.192.174:8008
194.26.192.22:2222
194.26.192.22:7777
194.31.87.133:8080
194.49.94.212:9999
195.178.120.6:8088
195.3.222.57:5001
195.3.222.57:5554
195.3.222.57:5555
195.3.222.57:6000
196.217.83.3:55555
196.217.85.101:55555
196.217.87.251:55555
197.14.239.140:1177
197.246.187.170:7777
197.48.87.159:6606
198.12.125.30:8815
198.12.125.30:8891
198.23.144.126:8080
198.23.144.126:8088
198.23.145.12:8088
198.23.227.140:8191
198.23.227.140:8905
198.244.251.230:4444
198.244.251.230:5555
198.244.251.230:6666
198.244.251.230:7777
198.244.251.230:8888
198.245.77.54:7777
198.27.97.88:7707
198.37.108.192:7777
198.50.243.177:6000
198.50.243.177:7000
198.50.243.177:8000
198.50.243.177:8088
2.155.153.144:5000
2.155.153.144:5001
2.155.153.144:7070
2.155.41.147:5001
2.155.41.147:5003
2.58.56.148:7777
2.58.56.183:5555
2.58.56.188:5555
2.58.56.243:3000
2.58.56.44:2222
2.58.56.72:1337
2.58.56.73:6666
2.59.254.111:5552
20.117.92.125:9999
20.124.90.72:443
20.125.135.51:6666
20.150.149.137:70
20.163.10.14:2222
20.169.37.196:8808
20.21.57.76:8080
20.214.161.67:6606
20.218.135.231:6666
20.231.104.157:6665
20.231.104.157:7777
205.234.231.52:8808
206.123.132.65:2020
206.53.55.190:5000
206.53.55.8:1717
206.53.55.8:6060
206.53.55.8:6066
206.72.202.44:8080
207.244.238.106:5555
207.244.238.106:6666
207.32.216.212:8008
207.32.217.109:2222
207.32.217.109:5555
207.32.217.122:6666
207.32.217.247:5555
207.32.217.71:8008
207.32.218.23:6666
207.32.218.23:8808
209.126.11.174:6606
209.126.11.174:7707
209.126.11.174:8808
209.141.47.27:6606
209.141.47.27:7707
209.141.47.27:8808
209.145.56.0:1956
209.145.56.0:2001
209.145.56.0:53
209.145.56.0:5555
209.145.56.0:8877
209.209.40.132:199
212.102.59.83:6666
212.102.59.83:7777
212.102.59.83:8888
213.170.135.22:7777
213.170.135.27:6666
213.170.135.27:7777
213.170.135.31:444
213.195.120.176:5002
23.106.125.206:443
23.254.227.121:20000
23.254.231.83:1001
23.254.231.83:2001
23.254.231.83:2002
23.254.231.83:2004
23.94.171.142:6606
23.94.171.142:7707
23.94.171.142:8808
24.133.200.15:6606
24.52.60.3:8080
27.78.181.161:257
34.125.63.198:5000
34.125.63.198:5001
34.125.69.88:5000
34.125.69.88:5001
34.125.83.204:5000
34.125.83.204:5001
34.125.83.204:5002
35.172.119.52:8888
37.139.129.145:8442
37.211.90.37:4782
38.242.242.149:1991
38.242.242.149:2000
40.113.131.31:7777
40.113.131.31:8888
41.155.10.158:135
41.155.10.158:1433
41.155.10.158:49152
41.155.10.158:49154
41.155.10.158:5432
41.155.10.158:8002
41.155.10.158:8081
41.155.10.158:8181
41.155.10.158:8880
41.155.3.95:2080
41.155.3.95:554
41.155.3.95:8020
41.155.3.95:8081
41.210.0.105:25
41.210.11.200:25
41.210.3.29:11000
41.210.3.29:9090
41.210.3.29:9100
41.35.23.138:6606
42.117.250.222:8084
42.117.76.36:8085
42.117.76.36:8252
42.117.76.36:8463
42.117.76.36:8589
45.128.234.233:8081
45.133.235.219:7777
45.137.22.236:5000
45.138.16.133:222
45.138.16.133:2222
45.138.16.133:7777
45.138.16.161:1010
45.138.16.186:1234
45.138.16.186:22
45.138.16.186:6666
45.138.16.186:7777
45.138.16.186:89
45.138.16.202:7777
45.138.16.206:1010
45.138.16.213:5555
45.138.16.252:1194
45.138.16.252:2222
45.138.16.39:5001
45.138.16.41:5555
45.138.16.48:4444
45.138.16.48:6666
45.138.16.48:7777
45.138.16.89:555
45.138.16.89:5555
45.139.199.152:4445
45.141.215.103:2021
45.141.215.103:7777
45.141.215.103:8888
45.141.215.121:2106
45.141.215.139:1010
45.141.215.141:7788
45.141.215.145:555
45.141.215.145:8888
45.141.215.3:3310
45.141.215.3:3312
45.141.215.41:7777
45.141.215.63:7777
45.141.215.77:1010
45.141.215.77:2020
45.141.215.81:5555
45.141.215.81:8888
45.141.215.84:2222
45.141.27.86:9999
45.147.45.253:7
45.147.45.253:81
45.15.157.71:6606
45.15.157.71:7707
45.154.98.110:1991
45.154.98.110:2000
45.154.98.110:2001
45.154.98.110:2002
45.154.98.110:5555
45.154.98.110:7777
45.154.98.151:6666
45.154.98.192:2222
45.154.98.192:444
45.154.98.192:4444
45.154.98.192:5555
45.154.98.192:6066
45.154.98.192:666
45.154.98.192:6666
45.156.85.189:7777
45.43.18.229:6666
45.58.190.125:6606
45.58.190.125:7707
45.61.128.122:8808
45.61.128.231:6666
45.61.129.206:7707
45.61.129.206:8808
45.61.166.56:8888
45.66.230.96:5552
45.76.46.64:6606
45.79.170.6:6606
45.79.170.6:7707
45.80.158.183:7707
45.80.158.57:2222
45.80.158.57:7777
45.80.158.66:2222
45.80.158.66:6666
45.80.158.66:7707
45.80.158.66:7777
45.81.39.110:8808
45.81.39.153:7707
45.81.39.77:6606
45.92.1.17:7707
46.109.232.207:6606
46.109.232.207:7707
46.246.12.19:2000
46.246.14.16:2000
46.246.14.21:8000
46.246.6.13:8000
46.246.6.17:2000
46.246.6.6:2306
46.246.6.8:5427
46.246.80.15:2424
46.246.82.17:2000
46.246.84.17:8000
46.246.86.8:8000
46.246.86.9:8000
47.120.0.195:6606
47.120.0.195:7707
5.161.111.38:7777
5.161.111.38:9999
5.161.182.109:7707
5.161.182.109:8808
5.161.67.9:7777
5.161.68.223:7777
5.180.81.207:7707
5.196.117.233:1975
5.224.222.63:5002
5.231.208.228:6606
5.231.208.228:7707
5.249.163.32:7777
5.249.163.45:7777
5.61.40.196:81
51.195.251.7:7000
51.195.251.7:8000
51.195.251.7:8088
51.222.69.3:8808
51.38.247.74:6666
51.81.76.84:9999
51.81.97.229:6666
51.89.190.17:5600
51.89.190.17:5700
51.89.204.172:3306
51.89.204.69:6606
51.89.204.69:7707
51.89.204.69:8990
62.106.84.211:7707
62.106.84.212:7707
62.106.84.213:7707
62.106.84.214:7707
62.106.84.215:6606
62.106.84.215:7707
69.172.233.16:6066
69.172.233.44:4433
69.172.233.44:4444
74.234.126.146:8080
77.228.78.243:5000
77.228.78.74:5000
77.228.78.74:6060
77.231.107.226:5001
77.231.107.226:5002
77.231.107.226:7070
77.231.37.221:5000
77.231.37.221:5001
77.73.129.60:7707
78.135.83.219:8080
78.161.26.61:3000
78.161.3.93:888
78.161.41.50:3000
78.161.41.50:3001
78.163.63.59:3001
78.164.59.222:888
78.180.125.80:8080
78.185.120.130:888
78.84.244.67:6606
78.84.244.67:7707
78.84.244.67:8808
78.84.249.41:8808
79.110.62.191:6606
81.214.77.85:3000
81.214.77.85:3002
81.214.77.85:777
81.230.10.189:443
82.159.146.144:5001
82.159.146.172:5001
82.159.170.113:5001
82.159.175.186:5000
82.159.175.186:5001
84.38.135.222:8808
85.107.56.38:3000
85.107.56.38:888
85.208.136.58:222
85.208.139.71:2222
85.208.139.71:4444
85.215.172.173:7777
85.215.205.213:6606
85.215.205.213:7707
85.215.205.213:8808
87.237.52.235:8888
87.237.52.40:5555
88.229.10.198:20000
88.229.11.248:3000
88.232.119.41:7777
88.237.19.232:3002
88.244.33.230:3000
88.251.135.18:3000
88.251.135.18:3001
89.117.21.144:7707
89.117.55.98:3110
89.117.72.232:8808
89.117.77.110:7707
89.117.77.193:7707
89.140.147.214:5000
89.140.147.214:5001
89.44.9.137:6606
89.44.9.137:7707
89.44.9.137:8808
91.109.176.4:8888
91.109.176.5:8888
91.109.176.6:8808
91.109.176.7:6606
91.109.176.7:8888
91.109.178.8:8888
91.109.180.3:8808
91.109.180.5:9090
91.109.190.11:6666
91.208.92.220:7777
91.208.92.68:7777
91.208.92.80:7707
91.208.92.83:444
91.208.92.9:444
91.208.92.9:7777
91.92.240.97:9191
91.92.252.69:111
93.43.214.206:6606
94.130.207.164:1010
94.26.246.198:8080
95.214.24.218:6606
95.214.24.218:7707
95.217.0.146:1604
95.217.121.188:8848
95.23.150.98:7707
95.23.150.98:8808
95.65.130.17:4444
2escob4r.ddns.net
44box.ddns.net
jntls.publicvm.com
money.ddnsgeek.com
nets.homedns.org
optimization-marketing.com
s2x1ce.from-ma.com

# Reference: https://twitter.com/banthisguy9349/status/1731596141278400938

http://91.92.244.16
91.92.244.16:222

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-04)

113.207.105.229:8302
136.243.151.21:76
141.255.144.96:8888
141.255.146.81:8888
141.255.159.47:8888
193.149.176.5:6606
193.149.176.5:8808
193.222.96.19:6606
193.222.96.19:7707
193.222.96.19:8808
5.249.161.42:8888
88.229.10.198:3004
91.109.178.9:8808
91.92.244.16:6606
91.92.244.16:8808

# Reference: https://www.virustotal.com/gui/file/4a880f082a6ded92d2b65ff46f3876ad5d15657c166a3290431c093f06430552/detection

207.32.218.138:4444
adad3.casacam.net

# Reference: https://www.virustotal.com/gui/file/beb770ec5787870eba31691540aa5f7d30361afeb95ba5976ce432a3bf7a227f/detection

207.32.218.138:3333
syncca.theworkpc.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-05)

104.243.47.96:2233
107.175.113.198:7710
107.175.113.198:8018
107.175.113.198:8801
136.243.179.5:700
141.255.150.149:8888
144.126.149.221:9999
149.13.5.179:5050
154.38.172.60:555
154.38.172.60:5555
161.97.151.222:2006
162.244.210.198:6060
173.212.250.19:1717
173.212.250.19:1818
173.212.250.19:1998
173.212.250.19:1999
173.212.250.19:6060
185.62.85.197:555
185.81.157.103:1111
185.81.157.119:1111
185.81.157.201:9991
185.81.157.238:6301
190.28.157.161:2000
191.101.206.72:6666
191.233.245.58:60000
194.26.192.34:555
198.12.125.30:8011
2.58.56.37:6666
206.123.132.162:2000
209.145.56.0:2020
213.195.114.146:4002
213.195.114.146:4003
213.195.114.146:5001
213.195.114.146:5003
213.195.114.146:6606
213.195.114.146:7707
213.195.114.146:8808
213.195.125.89:4001
37.19.216.81:6666
41.251.193.151:66
45.32.173.196:6969
45.92.1.59:6666
78.163.243.12:3000
80.253.246.12:7707
85.209.176.108:8080
85.239.237.148:7788
88.229.10.198:3002
88.229.10.198:3003
91.109.188.4:7707
91.109.188.4:8808
94.130.130.51:5505
95.214.26.58:9909
mta1.candledmush.net

# Reference: https://twitter.com/ScumBots/status/1732041986474180873
# Reference: https://www.virustotal.com/gui/file/779468167b7fb6ae608f098d8460a0c6f7a825e088fe60ed31ea4f9e8e664f00/detection

179.14.8.224:1984
diciembre12.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e8c2e235a5d47cbe374d5aadea5a7f5cc21616a1ffe1ed7a8217fba02c7620db/detection

91.92.251.143:8200
greatkingtravel8200.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e437950df0a59d8a6d6a0ca0a4ca52c3d8c733b02d263a8f63987dc211e40b30/detection
# Reference: https://www.virustotal.com/gui/file/87aa05b65e67ddfb826e987343b64af0ab5b11b166ea2d35575c487076518a79/detection

91.92.251.143:8100
greatkingxlimited.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e879574d750ebd02a3affea08fca995185c05ed7deda29882463b3f81c25d6e1/detection

173.44.50.84:2016
window10.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-08)

103.161.112.130:4449
142.202.240.140:4444
149.0.232.42:4444
178.33.57.150:4449
181.41.200.232:4000
185.81.157.24:6126
20.168.112.95:8888
20.168.112.95:9999
209.145.56.0:2017
23.145.120.49:8808
27.64.157.66:257
38.181.25.204:5858
46.1.103.124:2341
46.1.103.124:9371
52.185.48.220:8585
82.165.74.190:2003
88.251.226.111:20000
91.92.248.48:5552

# Reference: https://www.virustotal.com/gui/file/5771678df53b5f26796bd57c74de0917e65ee23c9e6f46d67dd7a5e190f41ee6/detection

141.255.144.8:6606
141.255.144.8:7707
141.255.144.8:8808

# Reference: https://www.virustotal.com/gui/file/f5917e4093be8eda6413dc810e8a2156886e2ba03895784672b059753887adde/detection

85.215.218.19:2023
85.215.218.19:777

# Reference: https://www.virustotal.com/gui/file/96e14b48b61a6cd9748446ce2d54e0474d5852c18ce23c00bf95ca9ecf0c8e39/detection

85.215.218.19:2024
/arasramo

# Reference: https://www.virustotal.com/gui/file/5bc5d0bac3cb3194ac6f62d1cfc4ae12964972c40e3becad4defc10c668615de/detection

85.215.218.19:2026
java-runtime.servehttp.com

# Reference: https://www.virustotal.com/gui/file/2bc4c1c50a459ed02dbd8ee98d5ef346425e0125c5014ba9650b5c3af4a33fa1/detection

196.196.227.93:8521
01net.sytes.net

# Reference: https://www.virustotal.com/gui/ip-address/85.215.218.19/relations

updatedriver.3utilities.com
utilitaires.servegame.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-12)

185.81.157.154:2727
213.195.115.111:4002
213.195.115.111:4003
213.195.115.111:5001
46.105.147.140:1602
84.38.129.116:8080
91.92.243.58:8808
95.15.65.177:20000
95.15.65.177:888
95.214.177.110:4444

# Reference: https://www.virustotal.com/gui/file/bd08d9ecd8e02b4eee95353fe94ce148f31758ee1271e63e6951ccac032ce58b/detection

204.44.124.113:3000

# Reference: https://www.virustotal.com/gui/file/c3287d43e42a5d93dbb7ee425d8f9d22678f900d8b9c9132e7ec4cf73c8a07b3/detection

204.44.124.113:6666

# Reference: https://www.virustotal.com/gui/file/3ad3a9385859a3063e5a8e1ea9a93ea41e113e5107baaf6efd23537662993c1d/detection

46.246.86.24:8000
reader08.duckdns.org

# Reference: https://www.virustotal.com/gui/file/82bf98526028165b2b4700282a2a0e88f36015c1948ba4890aee7e53f14b2a50/detection

46.246.80.20:1618
46.246.84.18:1618

# Reference: https://www.virustotal.com/gui/file/cd3a8f6ea97d9b8879c0d7e623d94e5f12dac5cef00538f82b200f48daf45666/detection

46.246.84.8:1504

# Reference: https://twitter.com/V3n0mStrike/status/1736058054884388929
# Reference: https://www.virustotal.com/gui/file/dcbe457f09b71c4ed6fbb2183246f39d5229bc29ac5736a627604249398fb78e/detection
# Reference: https://www.virustotal.com/gui/file/b988d864e59da4746ff4d24377c57942ae3f0e20e28164bae9b848e98c3bda23/detection
# Reference: https://www.virustotal.com/gui/file/b988d864e59da4746ff4d24377c57942ae3f0e20e28164bae9b848e98c3bda23/detection
# Reference: https://www.virustotal.com/gui/file/f5eb7f30ca962192527a03ef232e74274a727969ea42a761acc19db26b741703/detection

91.92.251.22:5122
innomac.duckdns.org
mcwillis.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-17)

103.195.103.33:8808
136.175.8.57:4545
142.202.240.78:8888
181.32.146.243:7707
185.62.87.237:4444
185.62.87.239:4444
185.62.87.247:4444
185.81.157.103:4444
187.24.7.81:9999
194.33.127.198:2086
20.197.242.109:6060
207.246.82.230:5290
213.195.115.111:5003
213.195.115.111:6606
213.195.115.111:7707
213.195.115.111:8808
37.1.208.229:4444
37.1.208.229:8888
37.1.208.229:9999
5.161.200.142:333
5.75.147.113:3000
91.92.248.48:222
91.92.248.72:6606
95.216.41.33:81

# Reference: https://twitter.com/1ZRR4H/status/1736870188480434417
# Reference: https://www.virustotal.com/gui/file/048b743925b2f30e9300e30bafb67985185653f1c3adcef2dc3257db705020c2/detection
# Reference: https://www.virustotal.com/gui/file/c2ae169495738288c01df97f582da3db67e4f4d4514be563a7e2cbc069b76448/detection

http://91.92.245.38
193.26.115.142:2004
91.92.245.38:445
love1.loseyourip.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-22)

103.186.215.91:3390
103.186.215.91:4449
103.193.188.13:8080
103.193.188.13:8848
103.195.103.33:6606
103.195.103.33:7707
103.207.165.25:4449
106.53.119.74:8848
109.205.214.146:8848
109.248.151.48:1997
111.173.80.91:8848
111.173.80.92:8848
111.173.89.39:8848
111.229.116.176:8848
121.62.23.71:8848
123.99.200.134:2351
123.99.200.157:2450
123.99.200.157:2991
123.99.200.175:4595
123.99.200.184:2650
123.99.200.188:4449
123.99.200.191:4449
124.156.160.52:8848
124.221.43.13:5222
124.248.69.70:8848
124.248.69.71:8848
125.64.108.85:4449
134.122.133.177:4449
143.92.32.18:4449
143.92.35.85:4449
147.185.221.16:49190
147.185.221.17:20761
147.185.221.17:22684
147.185.221.17:2276
147.185.221.17:3767
147.185.221.17:6606
147.185.221.17:7707
147.185.221.17:8264
147.185.221.17:8808
154.12.87.251:8301
154.12.87.251:9601
154.91.229.111:4449
154.91.229.36:4449
154.91.230.208:4449
156.251.19.50:4449
159.69.85.54:4449
163.172.165.144:8080
165.73.249.21:6606
165.73.249.21:7707
165.73.249.21:8808
167.71.56.116:22942
176.129.191.64:5123
18.192.93.86:14444
182.43.76.21:7788
185.196.9.95:8008
185.62.87.238:4444
185.62.87.246:4444
185.81.157.19:3310
185.81.157.19:3314
185.94.29.178:4477
188.148.105.135:3113
193.161.193.99:41254
198.13.34.134:4449
198.23.227.140:6661
2.56.245.187:3232
202.63.172.63:8848
206.119.117.179:4449
206.123.140.95:3232
206.233.132.232:8848
206.233.240.31:4449
213.195.115.250:5001
3.64.4.198:15224
3.64.4.198:4824
31.214.243.202:8848
38.55.197.206:4449
42.51.39.90:4449
43.248.186.20:8848
43.251.16.74:5342
44.193.61.216:4449
45.125.46.201:57469
45.138.16.216:8888
45.141.215.230:4449
45.145.224.40:4449
45.145.229.151:8803
45.145.229.151:9603
45.152.66.153:8807
45.152.66.165:8808
45.152.66.165:9608
45.84.199.34:7000
62.234.175.104:9000
68.10.7.227:5620
81.11.198.38:4449
82.165.213.242:7771
82.64.54.249:3232
91.92.241.17:4449
91.92.248.33:7707
91.92.248.33:8808
94.130.130.51:206
1.err.line.pm
a0880508.xsph.ru
agent-thumbnail.gl.at.ply.gg
aniuus.linkpc.net
basgoingbrewca.serveirc.com
bold-bush-09147.pktriot.net
browse-classic.gl.at.ply.gg
cn-bj1-kvlqs4ee.frp.cool
country-wellness.gl.at.ply.gg
dlitryuzoneu.sytes.net
doradp.gleeze.com
ecuadorasyn.duckdns.org
enviofinal.kozow.com
fat7ola07.ddns.net
fhfgjghkgh.ddns.net
flitryuzoneu.zapto.org
getting-roommate.gl.at.ply.gg
gnbeatscagig.sytes.net
gtitryuzoneorji.zapto.org
hdr.theworkpc.com
hexrxr.duckdns.org
iced.ddns.net
loribard.ddnsfree.com
luci2023.kozow.com
mxrecordsipcordsss.ddns.net
national-pension.gl.at.ply.gg
nationalteams11.publicvm.com
noescorrecto2023.kozow.com
pasgoingcrewmoviand.3utilities.com
pibirat.ddns.net
pythondsh4.loseyourip.com
reply.gl.at.ply.gg
test56654.myddns.me
tndeatcamside.sytes.net
w3llstore.mywire.org
win009.theworkpc.com
windowsddns.duckdns.org
wins23octok.duckdns.org
xcrew1990.kozow.com
xdatarfree.ddns.net
zhangfeng123.eu.org

# Reference: https://twitter.com/noexceptcpp/status/1738148336056647907
# Reference: https://www.virustotal.com/gui/ip-address/185.81.157.148/relations

185.81.157.148:777
ae-dhwaybill.com 
ae-express-delivery.com 
amaznemiratesapp.com
chronopost-aidecolis.com
express-ca-waybill.com 
express-ie-package.com 
express-ie-waybill.com 
express-ireland-waybill.com 
ie-dhwaybill.com
instruc-for-iraq-pack-collection.com
instruc-for-pack-collection.com
iraqi-package-and-instruc-for-collect.com
liefer-routing.de
netflix-infopayment.com
notifications-chronopost.fr
payment-restriction.com
sfr-espaceclientmessagerie.fr
sfr-messageriemail.fr
suivi-acheminements.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2023-12-24)

140.82.26.84:5959
185.81.157.119:2222
185.81.157.123:6606
185.81.157.123:7707
185.81.157.123:8808
185.81.157.183:2222
190.28.128.226:2000
190.28.155.51:2000
193.34.212.17:7777
206.123.132.227:2000
207.180.238.243:8888
213.195.115.250:4002
213.195.115.250:4003
213.195.115.250:5003
213.195.115.250:6606
213.195.115.250:7707
213.195.115.250:8808
38.242.236.116:8888
46.246.86.8:8889
5.51.198.41:1155
88.229.3.212:20000
88.229.3.212:888
91.109.182.6:7707
91.109.186.4:7707
91.92.241.23:8000
94.130.130.51:202
95.10.154.172:4444
like-sports.linkpc.net

# Reference: https://embee-research.ghost.io/threat-intel-queries-with-fofabot/

1.14.206.144:6606
103.252.136.171:6606
103.252.136.171:7707
103.252.136.171:8808
109.107.189.163:6606
109.230.238.165:6666
130.51.42.190:6606
135.125.27.218:6606
136.175.8.57:6606
136.175.8.57:7707
136.175.8.57:8808
136.243.151.21:7788
144.217.36.75:6606
144.217.36.75:7707
144.217.36.75:8808
147.189.169.67:5555
149.28.103.159:1234
151.80.238.21:6606
151.80.238.21:7707
151.80.238.21:8808
154.16.67.94:6606
154.16.67.94:6666
154.16.67.94:7707
154.16.67.94:8808
154.3.2.209:6606
154.3.2.209:7707
154.3.2.209:8808
16.170.146.242:6606
172.111.139.148:7707
172.86.98.98:6606
172.96.172.69:6606
172.96.172.69:7707
173.212.250.19:1990
173.212.250.19:1991
173.249.13.74:6606
173.249.13.74:7707
173.249.13.74:8808
178.33.203.39:6606
181.214.240.179:7777
185.16.38.38:6606
185.16.38.38:7707
185.16.38.38:8808
185.172.128.52:5555
185.25.51.99:8808
185.62.85.197:777
185.62.86.134:1411
185.81.157.103:3333
185.81.157.172:6666
185.81.157.172:7777
187.24.66.110:9443
188.2.200.58:6606
190.213.184.38:8808
193.26.115.142:7707
193.26.115.142:8808
193.26.115.142:9909
193.26.115.69:8808
194.26.192.57:6606
194.26.192.57:7707
194.33.191.242:7707
196.206.8.44:55555
198.12.125.30:5505
198.12.125.30:8091
198.12.125.30:8801
198.12.125.30:9990
20.168.112.95:7777
207.244.254.163:3331
207.32.218.155:6606
207.32.218.155:7707
207.32.218.155:8808
209.145.56.0:3331
212.13.186.180:10001
212.98.224.226:7707
212.98.224.226:8080
213.195.115.250:5002
216.250.253.166:6606
23.94.99.6:8808
31.215.109.21:8808
31.220.103.103:7707
31.220.103.103:8808
34.29.228.84:1998
34.71.108.66:4444
37.1.208.229:5555
37.1.208.229:7777
38.242.236.116:880
45.138.16.125:777
45.138.16.213:7777
45.154.12.105:7707
45.154.12.105:8808
45.154.98.34:6606
45.154.98.34:7707
45.154.98.34:8808
45.77.92.194:2021
45.88.186.145:8808
46.196.24.72:8808
47.95.197.160:8808
47.95.197.160:9898
5.161.182.109:6606
5.249.163.45:6666
51.195.94.209:6606
51.195.94.209:7707
51.195.94.209:8808
54.38.151.131:6606
54.38.151.131:7707
54.38.151.131:8808
78.161.78.78:3000
78.178.154.228:20000
78.84.235.110:6606
8.141.93.70:6606
8.141.93.70:7707
8.141.93.70:8808
85.239.237.141:6606
85.239.237.141:7707
85.239.237.141:8808
87.121.87.41:7707
87.121.87.42:7707
88.229.10.198:3005
88.229.3.212:3000
91.92.250.202:6606
91.92.251.62:6606
91.92.251.62:7707
91.92.251.62:8808
91.92.252.126:6606
91.92.252.126:7707
91.92.252.126:8808
91.92.254.36:8808
92.118.235.49:1604
94.130.130.51:9909
95.15.65.177:3000
95.214.177.110:8080
amazon-prime-support.com
auth.optimization-marketing.com
authsmtp.optimization-marketing.com
box.optimization-marketing.com
cpanel.ruankpp.top
dev.optimization-marketing.com
exchange.optimization-marketing.com
gamcis.com
greedylandshinjirulorder2.sexidude.com
gw.optimization-marketing.com
hermes.optimization-marketing.com
imap.optimization-marketing.com
juankorkie.net
m.ruankpp.top
mail.missiondentalcentre.com
mail.optimization-marketing.com
mail.palmexpilipinas.com
mail.parachutisme-beziers.com
mail.randyzadra.com
mail.roelofkiers.com
mail01.optimization-marketing.com
mail10.optimization-marketing.com
mail2.optimization-marketing.com
mail4.optimization-marketing.com
mail7.optimization-marketing.com
mailbox.optimization-marketing.com
mailer.optimization-marketing.com
mailgate.optimization-marketing.com
mailin.optimization-marketing.com
mails.optimization-marketing.com
missiondentalcentre.com
ms.optimization-marketing.com
mx02.optimization-marketing.com
mx1.optimization-marketing.com
mx10.optimization-marketing.com
mx20.optimization-marketing.com
mx3.optimization-marketing.com
mx4.optimization-marketing.com
mxs.optimization-marketing.com
newmail.optimization-marketing.com
ns.optimization-marketing.com
ns1.optimization-marketing.com
outmail.optimization-marketing.com
palmexpilipinas.com
parachutisme-beziers.com
pbrand.optimization-marketing.com
po.optimization-marketing.com
pop.optimization-marketing.com
post.optimization-marketing.com
postmaster.optimization-marketing.com
pourtousagir.com
randyzadra.com
relay.optimization-marketing.com
remote.optimization-marketing.com
roelofkiers.com
root.optimization-marketing.com
ruankpp.top
server1.optimization-marketing.com
smtp.ruankpp.top
smtp1.optimization-marketing.com
smtp2.optimization-marketing.com
smtps.optimization-marketing.com
smtpseguro.optimization-marketing.com
spam.optimization-marketing.com
taikang.com.optimization-marketing.com
update.smartpromogroup.com
webdisk.ruankpp.top
webmail.optimization-marketing.com
zimbra.optimization-marketing.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-01-01)

http://212.13.186.180
1.14.206.144:7707
103.82.134.190:7707
104.161.27.4:8888
135.125.27.218:6000
135.125.27.218:7000
135.125.27.218:8000
135.125.27.218:8088
136.243.151.21:78
14.234.25.153:8080
144.126.128.158:7777
144.126.128.158:8888
15.235.3.1:2001
154.223.17.134:5959
155.133.27.6:2000
158.220.96.15:3320
163.5.215.211:4449
172.111.248.167:8088
172.94.122.166:8088
172.94.122.166:9999
172.96.172.69:1002
181.214.240.107:8808
185.16.38.41:2034
185.16.38.41:6666
185.172.128.52:7777
185.172.128.52:8888
185.172.128.52:9999
185.250.148.237:2424
185.81.157.154:2302
185.81.157.160:777
185.81.157.172:4444
185.81.157.172:8888
185.81.157.213:888
186.112.202.162:2404
186.112.202.162:8888
187.24.64.252:9999
190.28.142.129:2000
206.123.132.167:2000
206.123.132.170:2000
206.123.132.236:2000
209.145.56.0:4123
212.102.59.84:7777
212.102.59.84:8888
212.13.186.180:15618
212.13.186.180:17970
212.13.186.180:2082
212.13.186.180:33389
212.13.186.180:3497
212.13.186.180:37578
212.13.186.180:40000
212.13.186.180:54603
212.13.186.180:55524
212.13.186.180:5649
212.13.186.180:8000
213.195.112.94:5001
213.195.119.8:4001
213.195.119.8:4002
213.195.119.8:4003
213.195.119.8:5001
213.195.119.8:5003
213.195.119.8:6606
213.195.119.8:7707
213.195.119.8:8808
213.195.120.238:5001
23.225.40.139:8808
27.64.172.13:257
31.220.103.103:6606
37.1.214.209:2222
37.1.214.209:4444
37.1.214.209:8088
37.1.214.209:8888
37.1.214.209:9999
37.221.93.62:8080
38.180.91.62:8088
45.126.209.4:7707
45.88.186.145:7707
46.1.103.124:9876
47.95.197.160:6606
47.95.197.160:7707
51.20.249.187:8080
74.222.22.109:8888
78.178.154.228:3001
78.178.154.228:3003
78.178.154.228:3004
78.178.154.228:888
82.65.19.134:4443
87.121.87.195:6699
87.121.87.36:1335
87.121.87.92:6699
88.201.16.151:443
88.214.56.145:4444
88.214.56.145:8088
88.214.56.145:8888
88.214.56.145:9999
88.229.34.236:20000
88.229.34.236:3001
88.229.34.236:3004
88.235.35.170:20000
91.109.178.8:7707
91.109.186.9:7707
91.109.190.6:7707
91.92.243.45:6606
91.92.246.124:7707
91.92.250.243:4887
91.92.254.36:4747
92.46.172.137:10258
92.46.172.137:28363
92.46.172.137:29256
92.46.172.137:36274
92.46.172.137:427
92.46.172.137:46949
92.46.172.137:636
94.156.64.168:222

# Reference: https://twitter.com/banthisguy9349/status/1742109603133857897

http://94.156.69.26

# Reference: https://www.virustotal.com/gui/file/5d58c5fa7aa0f5a8c4d2448b0f5fbb8ffb835228bcb3e4b6fa53f5593a2166bb/detection

23.95.13.189:6606
23.95.13.189:7707
23.95.13.189:8808

# Reference: https://www.virustotal.com/gui/file/968a2f466fbd0e777f6e33eddb60bc3f953b4da4235758d60370dac5a99b6157/detection

46.199.193.93:3551
myhostfrfr0.ddns.net

# Reference: https://www.virustotal.com/gui/file/1742b48fad9814441ee7726009a0e375757134dcc872f88ed584b6a2099c7473/detection

46.246.6.15:1234
46.246.6.15:8889
asegurarasyncrat.4cloud.click

# Reference: https://www.virustotal.com/gui/file/2bf22438c6aeb5c825c35d92e3d31fd62b9fc2a997ed3618e1b71030e5e00b4f/detection

111.180.188.53:6606
111.180.188.53:7707
111.180.188.53:8808

# Reference: https://twitter.com/K_N1kolenko/status/1744626527210266949

116.204.169.212:26879
45.88.186.145:6606

# Reference: https://www.malware-traffic-analysis.net/2024/01/09/index.html

45.126.209.4:222
45.126.209.4:6606
45.126.209.4:8808
madmrx.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6e658c94d36a1177444666ade64855bbefc1a6ae0afe1616a76dadc41b8daa9d/detection

peribzw.top
/ritgzoe/us1/gde.php
/ritgzoe/us2/gde.php
/ritgzoe/us3/gde.php
/ritgzoe/us4/gde.php
/ritgzoe/us5/gde.php
/ritgzoe/us6/gde.php
/ritgzoe/us7/gde.php
/ritgzoe/us8/gde.php
/ritgzoe/us9/gde.php
/ritgzoe/

# Reference: https://www.virustotal.com/gui/file/097aeda9f5d3d3c979d37b0b6bd8249254ff5b9636a2b0947c47702628086b6b/detection
# Reference: https://www.virustotal.com/gui/file/9b8b9e6ce4e03da593d4c5591b4bd2c2b6b72ca5087eb142aa7c42de6a631abd/detection
# Reference: https://www.virustotal.com/gui/file/836e7ddc748d65441117ca62254783a04cb1939e906c20329993ee694bcadf29/detection

140.82.27.51:14235
149.248.20.213:53245
34.174.61.199:6567
34.29.71.138:6567
45.32.94.58:6567
asdvua78v8ed4t6fhvha.cn
asfyvisoeogtca3.fun
erouhisugvizi4.cn
saofidubixo4r.top
sdhvvy7vbysuxnvjdr6gtd64.com

# Reference: https://www.virustotal.com/gui/ip-address/164.90.149.198/relations

akamai-cdn.top

# Reference: https://www.virustotal.com/gui/ip-address/181.131.217.242/relations
# Reference: https://www.virustotal.com/gui/file/02f7ef431654292b6b80cccbe9ecc391cafa706918ee2b3510a5c8dfd8378a15/detection

181.131.217.242:1984
bancolombia-token.duckdns.org
hernanenvio.duckdns.org
jairoee.ddns.net
soslilolilo.duckdns.org
soste2023.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-01-10)

http://149.102.235.34
http://93.153.68.186
1.14.206.144:8808
103.195.103.138:5555
103.67.162.240:2256
104.131.167.132:4747
104.243.37.176:5555
104.243.37.176:6666
107.150.23.137:8020
109.234.34.210:4449
136.243.151.123:222
136.243.179.5:82
139.180.171.110:1604
139.180.171.110:22636
139.84.229.159:2017
141.255.156.121:4443
141.255.156.150:4443
142.67.130.172:31415
146.70.161.85:4217
147.124.212.75:2010
149.102.235.34:61125
158.220.83.114:9909
158.247.235.51:443
163.5.64.75:7391
172.234.95.198:8443
176.40.9.245:40249
176.40.9.245:42358
176.40.9.245:50126
176.40.9.245:62822
179.13.3.199:8020
181.131.219.252:4203
181.235.94.107:2404
181.235.94.107:8888
185.81.157.119:4444
185.81.157.129:7707
185.81.157.148:9999
185.81.157.150:777
185.81.157.152:6606
185.81.157.152:7707
185.81.157.152:8808
185.81.157.183:8181
185.81.157.1:6606
185.81.157.1:7707
185.81.157.1:8808
186.112.204.173:2404
186.112.205.208:8888
186.168.66.85:2404
186.168.66.85:8888
186.168.66.85:9999
187.24.11.12:9999
187.24.12.179:9999
187.24.65.44:9999
190.28.139.66:2000
190.28.171.243:2000
193.142.59.177:443
193.26.115.51:6606
193.26.115.51:7707
193.26.115.51:8808
194.213.3.123:6606
194.213.3.123:7707
194.213.3.123:8808
194.33.191.248:4449
203.20.113.158:6606
203.20.113.158:7707
203.20.113.158:8808
206.123.132.169:2000
207.32.217.14:8888
207.32.219.78:8888
212.118.52.86:4449
213.195.118.64:4002
213.195.118.64:4003
213.195.118.64:5001
213.195.118.64:5003
213.195.120.238:4002
213.195.120.238:4003
213.195.120.238:5003
45.74.34.32:1994
45.80.158.60:2003
45.80.158.60:2004
46.246.80.19:8889
46.4.37.212:81
72.11.158.94:8808
74.222.22.137:8888
80.79.7.197:8888
82.115.223.244:4449
83.213.157.103:4444
88.229.34.236:888
89.148.48.240:443
91.109.178.4:8808
91.109.182.12:9999
91.109.184.6:7707
91.109.184.6:8808
91.109.188.6:8808
91.109.188.9:7707
91.109.188.9:8808
91.92.240.159:8088
91.92.241.54:4782
91.92.248.67:6606
91.92.248.67:7707
91.92.248.67:8808
91.92.251.144:4449
91.92.255.187:4449
93.123.39.68:4449
93.153.68.186:61125
94.156.64.207:1337
94.156.66.169:4449
94.156.67.158:3392
94.156.68.120:7707
94.46.246.95:2404
elofizetesitearea.com
185azyn6606dec24rd13.ddns.net
moonvenom4449.duckdns.org

# Reference: https://twitter.com/malwrhunterteam/status/1745382312483696766
# Reference: https://www.virustotal.com/gui/file/bd23b38717e8fec3a17dc23020ffc985172f7683d2d46d0080eff8a80825845c/detection
# Reference: https://www.virustotal.com/gui/file/5d6cc4d7e7ce998cf1d7bc8b78f787f9b034ab3dbdf8c91a33ad0233ddef2ac4/detection
# Reference: https://www.virustotal.com/gui/file/585f9d699807c982dac2f8384a20d510736aa771653de965fe7bb2c40b4a3fa8/detection
# Reference: https://www.virustotal.com/gui/file/27ec0c704261af619ce67a04c2f71b34e5c74110970b555208afb4aa65b4a723/detection
# Reference: https://www.virustotal.com/gui/file/26d19bf8f5b21152256f078fdd31a2749d85fb05a2bc34ff1de557b54a4dfca4/detection

194.33.191.248:7287

# Reference: https://www.virustotal.com/gui/file/a531f0dd0dafe349094b69c4c136961f07787b9b78b4778a8bbcc94ee1de94be/detection

91.92.250.149:3333
91.92.253.187:5531

# Reference: https://www.virustotal.com/gui/file/70bbe17e106d5112380cc14f8b2cf155910ea79544b1fe3c849e2d87b422e783/detection

91.92.253.186:5531

# Reference: https://www.virustotal.com/gui/file/d4076291918200b06355a617109b38fd7ee923db078fb1c46cc4ddf7f517de80/detection
# Reference: https://www.virustotal.com/gui/file/8a77e94a47c7a06b194248676e3837dae7f5305cdd81fddb0affc6a2cff69ed9/detection

103.214.23.99:1599

# Reference: https://www.virustotal.com/gui/file/e4ebcfe60d19d3e2fdd578070af1ddcf25af1834335fa357761a165cb3bcf8a6/detection

91.92.250.222:8100

# Reference: https://www.virustotal.com/gui/file/4ea73062b3a81d30d88472993cc5f4dc9a3efbcb0c5ef27419b513bea41a1361/detection

94.156.65.114:4449

# Reference: https://twitter.com/K_N1kolenko/status/1747861984261898444

193.26.115.55:333

# Reference: https://www.virustotal.com/gui/file/fc6574ad10963a5edfaa488cfb4ba221eac437c85026b8efe77dbfa55cd01bd1/detection

46.246.84.13:9000
cocomelondc.duckdns.org

# Reference: https://www.virustotal.com/gui/ip-address/185.81.157.150/relations
# Reference: https://www.virustotal.com/gui/file/002e8d95c4d009cda92b5708f324a5107c42b7739c5a37b3960b245006170a6d/detection

185.81.157.150:2033
185.81.157.150:2034
185.81.157.150:2035

# Reference: https://www.virustotal.com/gui/file/090023db3b15f48bdb182b8d7c04ce0e2a55ad75d37816799117bd07d6a65fd4/detection

141.255.144.122:5554
disgold.ddns.net

# Reference: https://twitter.com/1ZRR4H/status/1751310603916882357
# Reference: https://www.virustotal.com/gui/ip-address/91.92.251.163/relations
# Reference: https://www.virustotal.com/gui/file/d576202174867dbed41a0dde9841b8deb1c4c3cb54bc3f3cb1311d97e0f1fd58/detection
# Reference: https://www.virustotal.com/gui/file/2986cab6e805bdeeedf6b815ee439417e2c861c33ef67c77b4c1ad57ad9d6169/detection
# Reference: https://www.virustotal.com/gui/file/ac702ccbd80c7f46d05ed6ecbbac34a930c0c1befe4dfc9e74bdcd7c7b4c09a4/detection
# Reference: https://www.virustotal.com/gui/file/861c39ed6c9c822297b546d05fc0c5ea6011a29fc8ed9afd8c2a34b07aa043b9/detection
# Reference: https://www.virustotal.com/gui/file/504be1f8bf80df47b6cbe74f1837864da5ec119e4ea91eae268e3652a626a4a9/detection

178.33.57.153:4449

# Reference: https://twitter.com/1ZRR4H/status/1751656174515098023
# Reference: https://twitter.com/r3dbU7z/status/1753692024216113625
# Reference: https://www.virustotal.com/gui/file/b69ec13ecdd61c9959d3a0a99efa0b23579c37bfbd5747e9647e1fd8439be3b6/detection
# Reference: https://www.virustotal.com/gui/file/9ba372b8822cbf5a131c426cc16a1e7d1ded7ade81b1b2887ac70ad8c001beb8/detection

http://91.92.254.14
http://91.92.255.205
91.92.254.14:4412
91.92.254.14:443
91.92.254.14:445
91.92.255.205:58001
91.92.255.205:58002
91.92.255.205:58003

# Reference: https://twitter.com/r3dbU7z/status/1752379313863709174
# Reference: https://www.virustotal.com/gui/file/96a45d777aeadce4f44c6208e7a8b335d1d75372af628174c256bb0dffde335e/detection
# Reference: https://www.virustotal.com/gui/file/947fe877e46776464c29e85fae444e6c0ff1465f7b32543230eccf5e766e5b23/detection
# Reference: https://www.virustotal.com/gui/file/65d6301d607eb8b0a5b95d13a57c779e4508aa28b07f74322e4d6cc5148e1cbf/detection

41.216.188.138:555
41.216.188.138:6606
41.216.188.138:7707
41.216.188.138:8808
cartel.theworkpc.com

# Reference: https://www.virustotal.com/gui/file/eb5fb8d9eecb22126ad410533c44136dd28928e5ba1dbbba72dad0058dbbb20b/detection
# Reference: https://www.virustotal.com/gui/file/1ba09bcd10729085d28a1c0377f351ad1f4c0029a4d173676b3aa7cc91a709cf/detection

95.217.208.125:3232

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-02-04)

151.67.33.99:8080
172.94.32.33:6606
172.94.32.33:7707
172.94.32.33:8808
172.94.32.33:8881
175.24.197.196:53576
178.73.192.6:2000
18.134.234.207:443
18.192.31.165:13832
185.81.157.135:8181
186.112.194.124:2404
186.112.194.124:8888
186.112.205.208:2404
20.106.168.188:8808
209.145.56.0:1995
216.250.254.227:7707
34.29.228.84:2000
45.141.215.222:8808
45.145.55.81:6606
46.246.84.15:2000
80.79.7.197:6606
80.79.7.197:7707
80.79.7.197:8808
87.98.177.182:1337
89.148.24.117:443
91.92.240.147:7000
91.92.240.147:8000
91.92.240.147:8088
94.156.67.155:8088
94.156.69.136:1337

# Reference: https://www.virustotal.com/gui/file/5d819ed56f094d863f70ab2654243b00f263646b48d0e680f9b76bac113ce76f/detection

103.48.85.6:9999

# Reference: https://www.virustotal.com/gui/file/a07b12177cd55059f812ca04ed2f6da5ab7a66a603a6995a6d480a7bf824fb68/detection

172.171.254.153:4748

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-02-11)

104.156.247.38:8000
107.161.81.150:6606
107.161.81.150:7707
107.161.81.150:8808
138.201.176.60:7707
154.16.67.94:8088
154.212.145.72:8008
154.212.146.81:8008
161.97.151.222:2011
172.96.172.203:6606
172.96.172.203:7707
172.96.172.203:8808
172.96.172.69:8808
181.235.80.187:2404
181.235.80.187:8888
185.81.157.104:6606
185.81.157.104:7707
185.81.157.104:8808
185.81.157.106:777
185.81.157.14:8181
185.81.157.179:6606
185.81.157.179:7707
185.81.157.179:8808
185.81.157.183:9696
187.24.66.48:9999
190.28.167.19:2000
194.26.229.212:8080
20.106.168.188:6606
20.106.168.188:7707
20.81.43.192:8080
206.123.132.163:2000
206.123.132.240:2000
216.250.254.227:6606
216.250.254.227:8808
27.79.88.176:8007
40.66.42.165:8808
45.141.215.222:6606
45.141.215.222:7707
45.145.55.81:7707
45.145.55.81:8808
45.154.98.190:6606
45.154.98.190:7707
45.154.98.190:8808
45.88.186.16:7707
46.246.82.3:2000
46.246.82.4:2000
68.67.203.245:80
78.161.49.74:20000
78.161.49.74:3003
78.161.49.74:888
91.92.255.64:6000
91.92.255.64:8000
91.92.255.64:8088
93.242.137.1:51124
94.156.68.217:3162
94.156.69.196:6000
94.156.69.196:8000

# Reference: https://www.virustotal.com/gui/ip-address/5.39.43.50/relations

asyncrr.ddns.net
moriatri.serveminecraft.net
nechaev.hopto.org
newfuture.hopto.org
russianmurders.myvnc.com

# Reference: https://www.virustotal.com/gui/file/fb76f99beccd51813b860fccb5ef75881a921be0fbfd354e83619ac02f332f0f/detection

192.177.98.104:1337

# Reference: https://www.virustotal.com/gui/file/f93a1d7d6fe9d5b8210963f708214c797855d976baf3a39d7b4475b170a910b7/detection

5.181.159.31:2106
contodapug.con-ip.com

# Reference: https://twitter.com/ScumBots/status/1758508495589028007
# Reference: https://www.virustotal.com/gui/file/df37b362150d37374f604ed290c613701e5167d84abae499b82bc74f970d966b/detection

186.169.36.241:7082
186.169.60.26:7082
186.169.80.244:7082

# Reference: https://twitter.com/naumovax/status/1759572523539214715
# Reference: https://tria.ge/240219-kw6kqabf3w/behavioral1
# Reference: https://www.virustotal.com/gui/file/bc6005c0a53f37d259323fd3aeb2682b914050f20409fcfd21da5b31474a908b/detection
# Reference: https://www.virustotal.com/gui/file/6564e424cf162beab08aef52693eb9f16d0716332ead8b7a956c18bbfa0fe898/detection

171.233.98.70:1337
171.233.98.70:18274

# Reference: https://www.virustotal.com/gui/file/6462c1ebef5a874a824bd055723d2784dc62e81849a8715a4d118db95106c431/detection

46.246.80.20:2023

# Reference: https://www.virustotal.com/gui/file/1874360499cbed040d9e1f182bb150c9ef6c20740419b0e36de80860cfe46f27/detection

46.246.82.18:2023

# Reference: https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-02-21-IOCs-from-SocGholish-AsyncRAT-infection.txt
# Reference: https://www.virustotal.com/gui/ip-address/167.71.107.109/relations
# Reference: https://www.virustotal.com/gui/ip-address/49.13.65.235/relations
# Reference: https://www.virustotal.com/gui/ip-address/5.161.113.150/relations

0f2onmxtqv5ih2h.fun
0f2onmxtqv5ih2h.top
bjlkchhaaigceke.top
bo2fob5q7ieimav.top
c9gvk11qg9v2zba.top
dggnbheeebmnngl.top
euuahsxqozcnddo.top
eykle9pb40gl1hz.top
fdbcngcjiifkjcf.top
fjy1a0lbdrx5eid.top
h4cg7rhbmieqskr.top
hmndbhadcibafhn.top
jjifagmhgbilbdh.top
ldfgchkbbbdbmjc.top
naajagigfikmhfj.top
pbvzje4.top
uzrn46l8bv5abtl.top
vk530xh8kmmuouz.top
vnveyd8sznqtcy9.top
w89tu45t8e7dqzo.top
x5jixoe8td3f2wd.top
ytn9rv1th4ox312.top

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-02-24)

http://5.252.74.133
http://77.105.132.94
104.210.36.227:8808
104.243.46.129:6666
109.199.104.52:8888
113.174.1.186:8080
136.243.111.71:5900
136.243.179.5:8888
138.201.176.60:6606
138.201.176.60:8808
147.124.213.188:4444
147.124.213.188:6006
147.124.213.188:8008
147.135.97.94:6606
147.135.97.94:7707
147.135.97.94:8808
147.189.172.103:6969
147.189.172.2:6666
154.212.146.81:7707
154.212.146.81:8808
172.111.148.12:222
172.111.148.20:222
172.94.111.213:8888
178.33.203.39:7707
178.33.203.39:8808
178.73.218.5:2000
181.131.216.198:6606
181.71.216.30:4040
185.222.58.40:1978
185.81.157.103:8888
185.81.157.106:443
185.81.157.21:7707
185.81.157.21:8808
185.87.150.199:2222
186.112.206.181:2404
186.112.206.181:8888
186.112.207.226:2404
186.112.207.226:8888
186.170.114.55:2404
186.170.114.55:8888
186.170.96.237:2404
186.170.96.237:8888
186.170.98.239:2404
186.170.98.239:8888
192.250.225.3:6000
192.250.225.3:7000
192.250.225.3:8000
192.250.225.3:8088
193.26.115.221:6606
193.26.115.221:7707
193.26.115.221:8808
193.26.115.42:6606
193.26.115.42:7707
194.67.204.7:88
196.112.147.229:5566
204.12.229.169:5600
206.123.135.63:2020
207.231.111.88:6606
207.231.111.88:7707
207.32.217.170:2004
212.193.11.40:7707
213.195.118.64:4001
213.195.119.244:4002
213.195.119.244:4003
213.195.119.244:5001
213.195.119.244:5003
34.176.21.185:8808
34.86.252.187:8808
37.1.214.209:1111
38.242.236.116:7707
38.242.236.116:8808
45.128.96.16:4449
45.134.83.162:8808
45.134.83.165:8808
45.138.16.248:9090
45.40.96.97:9441
45.80.158.25:5055
45.88.186.16:8808
45.88.186.65:6606
45.88.186.65:8808
46.246.4.7:2000
46.246.6.5:2000
46.246.82.18:2000
46.4.37.212:100
5.252.74.133:8080
51.89.199.122:6606
77.105.132.94:4449
77.105.132.94:465
77.105.132.94:8080
82.165.208.218:8888
85.215.197.98:8888
85.239.237.148:2006
88.214.59.174:9090
89.117.21.203:6606
89.117.21.203:7707
89.117.21.203:8808
91.92.242.133:2025
91.92.242.57:8008
91.92.243.63:5000
91.92.251.202:2024

# Reference: https://www.virustotal.com/gui/file/c29da2306b6d491c1907b6fa1150104854bc32530fd70f50cd7da4d37c1fcc26/detection

172.111.139.95:7771

# Reference: https://www.virustotal.com/gui/file/d96a05ace2861cae6b3143918c3e42004ee3d5740dabefb710028b6609e89114/detection

144.172.73.36:22
144.172.73.36:6606
144.172.73.36:7707
144.172.73.36:8808
193.176.29.231:1900
193.176.29.231:443

# Reference: https://www.virustotal.com/gui/ip-address/37.120.141.139/relations
# Reference: https://www.virustotal.com/gui/file/e8fe2be82f8af0c2ba3570fdcf18bdd5d22f030dedec85b924ee89ede119a6d9/detection

37.120.141.139:25044
fornet-wire.duckdns.org
pandora-ams.duckdns.org

# Reference: https://urlhaus.abuse.ch/url/2773510/

91.92.247.100:666
kareemovic22.webredirect.org

# Reference: https://twitter.com/banthisguy9349/status/1765362836065141045
# Reference: https://www.virustotal.com/gui/file/c753aa350f21c0b97c8b84aacc92d07997b3f8c300ebacd20b458a02cfdb3401/detection

147.124.213.188:6606
147.124.213.188:7707
147.124.213.188:8808
45.154.98.24:222
strongandliving.ddnsfree.com

# Reference: https://twitter.com/DonPasci/status/1765692054674251999

kolove.accesscam.org

# Reference: https://twitter.com/Dkavalanche/status/1766180682584232361
# Reference: https://app.any.run/tasks/e24ad05b-7afe-4f0a-b2fa-d27833d7c452/
# Reference: https://www.virustotal.com/gui/file/4cf8aecd3c9028fa90f3d9090c77825e74d764f883eb3d240abf50e59ac28697/detection
# Reference: https://www.virustotal.com/gui/file/13e222f0ed3ce85b8dde6dc7d39fa21acc66fbfadfadbef16d75086d318513fe/detection

46.246.4.22:1234
46.246.4.22:8889
91.92.244.103:2202
heztak.pro
bg1.heztak.pro

# Reference: https://www.virustotal.com/gui/file/06074b04985faa20b53a36bf8fa355041929c9bca9cd7a5707dbcd8b744d1eed/detection

pepecasas123.mywire.org
pepecasas123.net

# Reference: https://www.virustotal.com/gui/file/ee08667ddd29bc7ae5129a14f8feefeda818bf8e165082225e3470b9999671e2/detection

186.169.80.244:7080
companinuevoano1.con-ip.com

# Reference: https://twitter.com/1ZRR4H/status/1766223253360574957
# Reference: https://twitter.com/doc_guard/status/1769670285031100672
# Reference: https://www.malware-traffic-analysis.net/2024/03/14/index.html

101.99.94.234:8789
91.134.150.150:3232
91.92.252.234:3232
sunshine-bizrate-inc-software.trycloudflare.com

# Reference: https://twitter.com/1ZRR4H/status/1766945121650569598
# Reference: https://www.virustotal.com/gui/ip-address/12.202.180.134/relations
# Reference: https://www.virustotal.com/gui/file/43feb4c81e9e5be7b22c542dd0d54725075a67dbf592bb65b3b625c04256af55/detection

12.202.180.134:8890
194.48.251.9:8890
87.121.105.4:8890
febvenom8.duckdns.org
jossmaybs.duckdns.org
jsspreadew.duckdns.org
markvenm2.duckdns.org
mkys.duckdns.org
momenttoday550.duckdns.org
myday.duckdns.org
nevinxwrm.duckdns.org
vendjksld.duckdns.org
vernotom6.duckdns.org
vrnmmondays.duckdns.org
dial-posters-corporations-des.trycloudflare.com

# Reference: https://github.com/executemalware/Malware-IOCs/blob/main/2024-03-12%20ScreenConnect_AsyncRAT%20IOCS
# Reference: https://www.virustotal.com/gui/file/a4307eefdf28abe7c3148164e0b539ac01c50b9037099afb972708ad13285d73/detection
# Reference: https://www.virustotal.com/gui/file/b2435f2ad323243d174aea7cb04511ccc1d794a98c2b3b60a25c5841423c90b3/detection
# Reference: https://www.virustotal.com/gui/file/6d385d3e4cc971a1d9528181514b1b087baf6d0dec5915cbae3fb7bd058d8a1e/detection

http://45.74.19.84
15.204.170.41:555
15.204.170.41:6606
15.204.170.41:7707
15.204.170.41:8808
ahyoussef.webredirect.org
akok.winconnection.net
macafee.theworkpc.com

# Reference: https://www.virustotal.com/gui/file/29f3c5f06270cc2b6edd54a49d485edf762a82054ea84f643c57a86e176d3799/detection

194.147.140.138:2200
reverseproxy.con-ip.com

# Reference: https://www.virustotal.com/gui/file/493bf4b452ca75101bcadb25cfe9f2525f67c39e5f1a0c897416aeb8278eb7ec/detection

194.147.140.199:6606
194.147.140.199:7707
194.147.140.199:8808
roolingstone.sytes.net

# Reference: https://www.virustotal.com/gui/file/a790b9a416ef7767ef09e45ad0971eec91f712d362b23f5b13070638f95e3ac9/detection
# Reference: https://www.virustotal.com/gui/file/2ce1a4c789df5d7915e45c979acd87efd3294f9c86b04b1dcb68fdd4a5cae2a7/detection

49.13.200.170:7878

# Reference: https://any.run/malware-trends/asyncrat

ansy.duckdns.org
aobertoferndomip.con-ip.com
asystore.duckdns.org
fat7e007707.ddns.net
johnjo.ddnsgeek.com
johnsonville.ddnsgeek.com
kdfsv.duckdns.org
miguel2024.kozow.com
proceso122024.duckdns.org
torrentsports.co
wangli.cyou

# Reference: https://twitter.com/alex_lanstein/status/1769711805507486034
# Reference: https://www.virustotal.com/gui/file/b77024add128e3b0fd17dd694b06b41a9ff49f6a09488b69df6c981dc4bed62d/detection
# Reference: https://www.virustotal.com/gui/file/b53d6081f93c3405d8bbd8b1ecc24ee73d3c5b7719c0d0bc6c6ddb8ca8c8cdfa/detection
# Reference: https://www.virustotal.com/gui/file/cad704f67c07750fe76eaec079ebc850fa02a54fd5c978e5a8c8a82e147cba0a/detection

0ho.la

# Reference: https://www.virustotal.com/gui/file/bc1dccf2aeeeda040449933ff595cbb7e243ef1be7709012e55134b673c53000/detection
# Reference: https://www.virustotal.com/gui/file/5ea2e0e5450f0ac01aa2288a4f1a60e16965a47b32814dea6d5b308db4171b01/detection

85.102.113.105:9899
85.97.153.196:9899
88.226.148.207:9899
hlevcik.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-03-20)

http://193.124.205.80
http://91.92.254.250
128.90.113.242:9999
128.90.113.56:9999
128.90.122.163:9999
128.90.128.157:9999
128.90.61.78:9999
135.125.21.74:4242
142.11.201.125:8712
142.113.120.107:8080
147.124.217.110:6666
147.124.217.110:8888
147.124.217.110:9999
15.228.170.102:5000
151.81.14.228:8080
154.16.67.94:4242
154.16.67.94:4444
154.27.70.229:4449
154.30.255.175:8887
172.111.148.11:222
172.111.148.61:222
178.73.192.17:2000
181.131.218.39:4041
184.147.209.221:8080
185.117.250.169:3393
185.174.101.80:6606
185.174.101.80:7707
186.170.114.55:1111
187.24.4.94:9999
188.126.90.14:2000
191.88.250.63:4203
191.88.250.63:4208
191.88.250.63:4210
192.159.99.54:8888
193.124.205.80:4608
193.32.162.198:8808
2.58.85.145:6004
2.58.85.145:8808
203.30.9.90:443
206.123.132.164:2000
213.195.119.244:4001
216.250.255.99:6606
216.250.255.99:7707
216.250.255.99:8808
23.26.201.73:5555
23.26.201.73:6666
23.26.201.73:8888
37.120.141.139:1113
38.180.30.53:8080
38.242.236.116:7777
45.134.83.162:6606
45.134.83.162:7707
45.134.83.165:6606
45.134.83.165:7707
45.138.16.228:9090
45.240.136.144:5055
45.94.31.49:8888
45.94.31.49:9999
46.246.84.11:2000
5.161.113.150:25658
51.161.107.68:8808
51.195.231.121:6606
51.195.231.121:7707
51.195.231.121:8808
51.77.68.50:1231
51.89.109.154:6606
51.89.109.154:7707
51.89.109.154:8808
66.225.254.138:7707
66.94.120.244:9999
69.64.95.233:6606
69.64.95.233:7707
69.64.95.233:8808
72.167.134.164:5055
85.99.80.60:888
89.117.49.133:1337
89.117.49.133:1996
89.117.49.133:2000
89.117.49.133:6006
91.92.246.100:4443
91.92.246.100:6606
91.92.246.100:7707
91.92.246.100:8808
91.92.246.134:8808
91.92.246.152:4747
91.92.250.61:3232
94.156.68.16:137
94.156.69.174:6606
94.156.69.174:7707
94.156.69.226:1337
94.156.69.251:6606
aireynvuw.homeunix.com
scambaiter11.ddns.net
windows11.loseyourip.com

# Reference: https://www.virustotal.com/gui/ip-address/178.73.192.2/relations
# Reference: https://www.virustotal.com/gui/file/6bab7f86a6b3d13bd73b22d2dc210713452130fd83d7e1fe455aac8945f6dab8/detection

178.73.192.2:9003
sostener200.duckdns.org
winscapmarzo.duckdns.org

# Reference: https://twitter.com/ULTRAFRAUD/status/1771590513973395666
# Reference: https://tria.ge/240323-vjw6macc4s/behavioral1

download-updata.com
s2.download-updata.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-03-24)
# Reference: https://www.virustotal.com/gui/file/94ece5a7d0c2fd5d90185356145b00e9ffa4f7b595ee02ae4b3771c0462c3bee/detection

103.48.85.6:4449
103.74.172.94:40288
103.74.172.94:4499
104.243.34.3:2003
104.243.34.3:2004
104.243.34.3:4016
107.148.49.57:39632
109.205.162.97:4739
109.205.162.97:8361
109.248.201.153:6606
109.248.201.153:7707
109.248.201.153:8808
113.128.118.199:6606
113.128.118.199:7707
113.128.118.199:8808
113.207.105.195:15806
113.207.105.200:3201
113.207.105.200:8301
113.207.105.224:16804
113.207.105.229:7302
113.207.105.241:9803
117.18.12.59:8880
119.42.170.7:443
120.46.33.65:8848
121.62.63.238:8848
123.99.200.157:2802
123.99.200.158:7223
123.99.200.175:8848
123.99.200.184:2140
124.166.95.10:4449
124.166.95.10:8080
124.248.66.160:6422
124.248.69.96:4449
128.90.122.92:9999
13.36.174.17:6606
13.36.174.17:7707
13.36.174.17:8808
13.66.133.43:6606
13.66.133.43:6821
13.66.133.43:7707
13.66.133.43:8808
13.66.221.58:7707
134.19.177.59:5003
136.244.89.250:3131
139.99.86.164:6606
139.99.86.164:7707
139.99.86.164:8808
141.105.130.87:6606
141.105.130.87:7707
141.105.130.87:8808
141.94.223.150:6677
141.95.84.40:4291
141.95.84.40:6262
142.11.201.122:8712
142.11.201.123:8714
142.11.201.126:8712
142.11.201.126:8714
142.202.242.170:6666
144.208.127.116:7707
144.208.127.116:8808
146.56.230.174:1720
146.56.230.174:4449
146.70.129.19:38371
147.124.212.80:6606
147.124.212.80:7707
147.124.212.80:7777
147.124.212.80:8808
147.124.212.80:8888
147.185.221.16:4040
147.185.221.16:63770
147.185.221.17:33732
147.185.221.17:48347
147.185.221.17:50732
147.185.221.184:41092
147.185.221.18:35708
147.185.221.18:41437
147.185.221.18:43941
147.185.221.18:4449
147.185.221.18:56236
147.185.221.18:7771
147.189.161.48:4449
147.189.161.48:4839
149.127.237.203:6606
149.127.237.203:7707
149.127.237.203:8808
15.237.210.97:4444
153.36.240.58:15092
153.36.240.58:15095
154.204.60.74:6610
154.221.22.54:4449
154.39.238.95:4449
154.48.237.186:8808
154.91.65.150:8848
154.91.65.153:8848
159.146.14.122:1604
159.146.14.122:18068
159.146.14.122:18840
159.146.14.122:4040
159.146.14.122:4782
163.5.215.225:1602
168.119.211.236:115
172.94.105.163:2222
176.150.69.221:42474
176.150.69.221:42475
176.150.69.221:4449
178.20.230.68:4784
179.127.14.82:29000
181.131.216.198:7707
182.254.221.150:4449
185.157.162.206:2191
185.234.247.30:4449
185.253.161.186:4444
186.112.193.255:2404
186.112.203.192:2404
186.168.67.211:2404
186.168.67.211:8888
192.161.193.99:5058
192.161.193.99:5228
192.161.193.99:8848
192.177.111.46:18200
192.177.111.46:4449
193.161.193.99:49207
193.161.193.99:64023
193.222.96.253:4449
193.222.96.47:4462
193.222.96.47:9471
193.233.132.186:4404
193.233.132.186:5505
193.233.132.186:6606
193.26.115.42:100
194.147.140.239:7707
194.33.191.245:2405
194.33.191.3:7391
195.213.0.34:2008
198.44.165.35:5602
198.44.167.139:38795
198.44.167.139:41352
198.44.167.139:57321
198.44.167.215:38795
198.44.167.215:41352
198.44.167.215:57321
198.44.167.231:38795
198.44.167.231:41352
198.44.167.231:57321
2.58.56.152:3232
20.69.96.235:7707
20.98.80.51:6606
20.98.80.51:7707
20.98.80.51:8808
207.32.217.101:8888
207.32.218.138:2002
207.32.218.138:2003
207.32.218.138:2004
207.32.218.138:2005
207.32.218.47:666
212.129.30.248:6000
213.195.124.90:4001
213.195.124.90:4002
213.195.124.90:5001
213.32.243.233:6606
217.64.31.3:3819
217.64.31.3:4871
23.105.131.217:83
24.50.117.82:8848
26.199.97.56:13377
3.6.115.182:11800
3.6.115.182:13997
3.6.115.182:4040
3.6.115.182:4444
3.6.115.182:6080
31.210.20.231:200
31.214.240.57:3232
37.114.41.142:8848
38.147.172.98:6307
38.165.8.185:7771
38.180.91.75:4444
38.54.1.41:4449
39.103.129.63:6606
39.103.129.63:7707
39.103.129.63:8808
40.66.40.50:4173
40.66.40.50:6214
43.138.156.178:6606
43.138.156.178:7707
43.138.156.178:8808
43.240.221.130:9833
43.248.140.94:8848
43.248.140.96:8848
43.251.17.199:4449
45.128.36.146:8848
45.128.96.133:8848
45.131.111.98:4449
45.138.99.2:6606
45.138.99.2:7707
45.138.99.2:8808
45.141.215.32:4449
45.145.224.55:7000
45.145.229.147:9606
45.145.229.148:9604
45.145.229.150:9605
45.15.143.164:6606
45.15.143.164:7707
45.15.143.164:8808
45.76.155.94:6606
45.76.155.94:7707
45.76.155.94:8808
45.76.232.247:6606
45.80.158.48:4449
45.83.31.113:2004
45.83.31.113:8888
45.83.31.113:9999
45.94.31.248:4447
46.246.4.5:2000
46.36.67.36:51566
46.36.67.36:8848
47.104.179.7:8848
47.104.236.243:8848
47.94.3.159:4455
47.94.3.159:8848
5.9.194.71:3232
50.29.244.5:5753
50.29.244.5:6606
50.29.244.5:7707
50.29.244.5:8808
51.195.231.121:6000
51.195.231.121:7000
51.195.231.121:8000
52.59.51.24:1932
54.39.29.90:6606
61.14.233.111:4404
61.14.233.111:5505
64.176.178.205:1989
64.44.167.67:6900
64.56.68.144:8888
66.135.22.80:6000
66.135.22.80:8000
66.135.22.80:8808
66.154.122.230:1337
67.205.154.243:4431
74.81.52.179:33643
76.70.94.161:4449
76.70.94.161:9999
78.186.152.249:1938
78.187.224.170:1604
79.134.225.21:8646
79.134.225.35:6606
79.134.225.35:7707
79.134.225.49:1984
79.134.225.82:3004
8.140.33.34:6606
8.140.33.34:7707
8.140.33.34:8808
80.48.119.72:8848
81.249.25.228:1605
85.105.88.221:6935
85.215.196.156:2222
86.153.66.129:443
86.20.95.188:8080
86.20.95.188:8848
88.232.116.241:3007
88.232.116.241:888
89.148.44.245:443
89.163.221.170:4444
90.8.19.214:7006
91.134.150.149:8808
91.92.242.227:6606
91.92.247.123:5531
91.92.247.161:5531
91.92.247.96:5531
91.92.250.147:5038
91.92.254.14:58004
93.190.10.16:7707
94.156.64.122:8888
95.164.3.135:4449
95.216.85.80:6606
96.9.215.146:6606
96.9.215.146:7707
96.9.215.146:8808
1hitler.accesscam.org
1tapfinn.ddns.net
23preguntas.duckdns.org
28febnde.dynv6.net
2hitler.ddnsgeek.com
404nothere5-52195.portmap.io
404nothere5-62048.portmap.host
404nothere5-63469.portmap.io
46tochristmas15dec.ddns.net
470krlio.shenzhuo.vip
5ra.webredirect.org
999triana999.1cooldns.com
a0979283148.ddns.net
alerts.linkpc.net
aliveafterguard.icu
allay.x3322.net
ancy2024.kozow.com
aoputer.crabdance.com
armandocastillodominio.con-ip.com
asdofugugja883.xyz
asdugvua37vhax.cn
azurecloud-bridge.cn
bebefiin.duckdns.org
bestcoder.duckdns.org
bofa.su
boty.theworkpc.com
buike.kozow.com
chichichi01.duckdns.org
chingyen-23182.portmap.host
cn-wh-plc-1.openfrp.top
competent-elion.193-142-59-177.plesk.page
copyright-sofa.gl.at.ply.gg
cringelord6969.ddns.net
cryptojoke.con-ip.com
cutecat-46661.portmap.host
cyesterbill.chickenkiller.com
danielballesterosdominper.con-ip.com
darkstorm275991.ddns.net
davidricardodom.con-ip.com
dohavevictem2024.duckdns.org
drax2023.run.place
e7team-54210.portmap.host
eaxhost.ddns.net
ech0.theworkpc.com
ekuroak.hopto.org
fat7ola0077.ddns.net
fearme-45002.portmap.host
fearme-55506.portmap.host
fearme-62451.portmap.host
febrerososte.duckdns.org
finessebitcoin.duckdns.org
fl-survivor.gl.at.ply.gg
g6666lrd10424346129.ddns.net
ggghmn8766vg.hopto.org
h2mhost123ontop.ddns.net
hassan.webhop.net
helprxr.duckdns.org
hitler55.dvrdns.org
hitler55.dyndns.org
hmnms.duckdns.org
hoes-truth.gl.at.ply.gg
hsm.theworkpc.com
icant.theworkpc.com
interstellar.onthewifi.com
jksdghfsd.loseyourip.com
jojomo.duckdns.org
kapobiko1.mooo.com
koradon.giize.com
krallarcarding.duckdns.org
kreyze.ddns.net
lemback.dns.navy
littlenerd.duckdns.org
loan-mode.gl.at.ply.gg
loliletnotnoobonf-28917.portmap.host
lolzpopbob-31243.portmap.host
magarodriajhsdbajifuqwe12341safqdv.duckdns.org
mankemane-47945.portmap.io
mariarizazapata09.duckdns.org
martingonzalessoto09.duckdns.org
mcehonline-48303.portmap.io
meowpc-33643.portmap.host
merthamurc.duckdns.org
milan.giize.com
momentdhs.duckdns.org
mono2024.kozow.com
mrrxr.duckdns.org
mydogis.onthewifi.com
myryam.con-ip.com
mytestdns123.mooo.com
mznhr.ddns.net
nabeellasdfasdf-52048.portmap.host
nagerproxysinintercavi8464perringuta.duckdns.org
nasser.is-found.org
ndichinnenanna0110.ddns.net
newhost.dyndns.info
nezo123-21027.portmap.host
non.theworkpc.com
nso1.nsolau.net
okaa0-60956.portmap.host
osso.camdvr.org
patients-councils.gl.at.ply.gg
podejrzanylink.xyz
pooldiaz14.duckdns.org
popo.office-on-the.net
powellfrank.ddns.net
proxy-shady.cloud
quepasa2024.kozow.com
rat.loseyourip.com
rat2024.e3.luyouxia.net
rat34.ddns.net
ratdeniyoz7386.duckdns.org
rawy.ooguy.com
rem-new-2.duckdns.org
reyfelipeborbon.loseyourip.com
richard-foods.gl.at.ply.gg
roscript.ddns.net
rtx.con-ip.com
sandraferreirodominiopersonal.con-ip.com
scrubloader.ru
sdd4514136100juciywrldl.ddns.net
sebastianmindioladomini.con-ip.com
selldrugs.duckdns.org
ser.nrovn.xyz
sfclog.ddns.net
shailputrimt1.publicvm.com
shoes-truth.gl.at.ply.gg
sis.4cloud.click
sis.is-a-blogger.com
sosob9ta.line.pm
spidermanbaba.ddns.net
spiffy-balloon.auto.playit.gg
spongethug.ddns.net
stormx.dynu.net
subdominiodesub.duckdns.org
sunday-survivors.gl.at.ply.gg
swifty123-23089.portmap.host
swifty123-48281.portmap.host
t3fakpraf.ddns.net
talapain.ddns.net
tanta.theworkpc.com
testdamahe.duckdns.org
testdns.ydns.eu
tobacos.ddns.net
torbrowser-39837.portmap.host
torenta2.vpndns.net
travisway-41408.portmap.host
trbe.mentality.cloud
tularz.duckdns.org
usaugen.xyz
utorrent.theworkpc.com
volam2.club
vx2sw7soh8ds5.hopto.org
w3llsfarg0h0st.ddns.net
wandering-field-84417.pktriot.net
wassgoodmane-45751.portmap.host
wassgoodmane-46736.portmap.host
waytovwmk40.ddns.net
whiteshadows.ddns.net
win0090.theworkpc.com
worldxw.xyz
xfreddy2751.duckdns.org
yubarats.ddns.net
yy.webhop.me

# Reference: https://www.virustotal.com/gui/file/c0a969afb972ff37818cbcdad02c52c1cf2a20e94e626eee7fc7c7322b92189c/detection

194.147.140.138:1549
team3004.myddns.me

# Reference: https://twitter.com/malwarelab_eu/status/1772779102849614292
# Reference: https://app.any.run/tasks/1cbca783-8323-474e-aa6a-ca655ed6637e/
# Reference: https://www.virustotal.com/gui/file/e86017b846165690bcaf38242e09df96651aec60e9c2dae4bf50de8ace77f029/detection

154.30.255.175:8890
154.30.255.175:8895
154.30.255.175:8896
bagdg.duckdns.org
hjkdnd.duckdns.org
jdokds.duckdns.org
mdgh.duckdns.org
posters-dial.com
vbdsg.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-03-31)

104.243.37.110:6667
109.199.120.42:2023
128.90.122.170:9999
142.11.201.124:8712
142.11.201.124:8714
172.94.125.164:2222
172.94.8.37:2222
172.94.9.23:222
185.196.10.233:6606
185.196.10.233:7707
185.196.10.233:8808
185.196.11.223:1339
192.227.177.214:7707
194.156.90.112:6666
2.58.56.109:9090
206.123.132.165:2000
38.180.92.22:4444
54.39.29.90:7707
54.39.29.90:8808
88.229.0.76:20000
89.163.221.180:4444
89.163.221.180:8888
91.92.120.13:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-04-03)

128.90.122.249:9999
128.90.123.31:9999
146.103.11.88:6606
146.103.11.88:8808
172.111.137.194:2222
185.174.101.164:8888
185.174.101.246:6006
91.92.241.169:3434
91.92.254.251:8808
94.156.68.16:4443
94.156.69.11:1337

# Reference: https://www.virustotal.com/gui/file/17e26fd4612acbe0b3f6c597e7abac5e1bdfabb50b1017b93c1a836f57202b2c/detection

45.74.7.59:8898

# Reference: https://www.virustotal.com/gui/file/782bb5dccbd7b065aac6ab04ec053097bc9d8031d6e33a3a03692eb33e262926/detection

8.217.140.110:65503
91.204.226.63:65503

# Reference: https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins
# Reference: https://www.virustotal.com/gui/file/8843b83e255dfacd3d78539a144db0a209d0a6772150102904c773a41b39b158/detection

185.252.179.71:8075
markjohnhvncpure.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-04-10)

103.47.147.22:2000
110.42.102.204:7000
123.253.32.76:22
128.90.102.230:9999
128.90.103.14:1018
128.90.103.14:9443
128.90.103.14:9999
128.90.123.160:9999
146.103.11.88:7707
157.254.223.38:6606
157.254.223.38:8808
16.171.25.219:8099
163.172.59.233:6606
167.88.168.110:9090
172.111.131.97:8808
172.111.137.179:2222
172.111.137.180:2222
172.111.245.38:2222
172.111.245.98:2222
172.94.73.133:2222
172.94.73.162:2222
172.94.8.100:2222
177.255.88.116:8020
178.73.218.12:2000
179.13.3.18:8020
185.174.101.246:4444
191.89.247.6:6606
194.26.192.34:666
195.3.223.146:4443
2.58.56.66:4443
207.32.217.79:9090
213.195.121.48:4001
213.195.121.48:4002
213.195.121.48:5001
213.195.121.48:6606
213.195.121.48:8808
31.124.151.205:9000
34.88.143.155:8808
38.180.31.223:2222
38.180.62.112:2222
45.138.16.235:2003
45.77.24.231:9090
46.246.84.8:2000
5.63.21.76:1604
51.116.96.182:3000
52.185.161.226:8808
91.207.102.163:9899
91.92.254.44:1339
91.92.255.45:2000
91.92.255.45:20000
94.156.64.122:9999
94.156.65.159:6606
94.156.65.159:7707
94.156.65.217:6606
94.156.65.217:7707
94.156.65.217:8808
94.156.65.9:6606
94.156.65.9:7707
94.156.65.9:8808
95.216.41.33:82

# Reference: https://www.virustotal.com/gui/ip-address/179.13.2.154/relations
# Reference: https://www.virustotal.com/gui/file/56f60067ded74f202a942df75d72e8ea0f24c2d789658e5796ebba39947b5fa9/detection

179.13.2.154:2141
conesperasehetodo.duckdns.org
conmuchafesi.duckdns.org
deioreseesteo.duckdns.org
dioasamigoayu.duckdns.org
enladediosest.duckdns.org
esesmiodio.duckdns.org
estedominaya.duckdns.org
horastenebb.duckdns.org
listospordi.duckdns.org
lostemasson.duckdns.org
seanamia.duckdns.org
semanticasto.duckdns.org
senderodedios.duckdns.org
seraestemidiadi.duckdns.org
serastefssr.duckdns.org
seremosgagdores.duckdns.org
sistemasparajoy.duckdns.org
trenemfdo.duckdns.org

# Reference: https://www.virustotal.com/gui/file/a678475627246ac2716b5618ec5010e67660ab4441367bee23de473449d98c11/detection

185.183.106.85:42069
420.igboat.com

# Reference: https://www.virustotal.com/gui/file/14c66a0b3a199d38a236bed7780258d84c8a3cf335f9397769dc06a17d5707e0/detection

46.246.4.3:8887
adminrodrem.duckdns.org
bypass-asyn.4cloud.click
proxy21.duckdns.org

# Reference: https://twitter.com/banthisguy9349/status/1780489993762332900

103.47.147.18:11113
103.47.147.18:1140
103.47.147.18:12140
103.47.147.18:12141
103.47.147.18:12142
103.47.147.18:12143
103.47.147.18:2000
103.47.147.18:2053
103.47.147.18:222
103.47.147.18:3306
103.47.147.18:3954
103.47.147.18:7800
103.47.147.23:2000
104.156.247.38:2024
104.243.32.185:3389
104.243.32.185:47001
104.243.32.185:5985
151.106.34.168:2224
151.106.34.168:3389
151.106.34.168:5055
156.195.153.143:7547
178.73.218.8:2000
178.73.218.8:5357
178.73.218.8:8888
181.131.216.198:2222
181.131.216.198:8808
181.214.223.125:3389
181.214.223.125:47001
185.196.11.252:1337
185.196.11.252:3389
185.196.11.252:47001
185.196.11.252:5985
191.88.250.63:2869
191.88.250.63:7070
194.105.5.194:3389
194.105.5.194:4444
194.26.192.34:3389
194.26.192.34:47001
194.26.192.34:5357
194.26.192.34:5985
194.33.191.3:3389
194.33.191.3:7070
2.224.144.191:1188
20.2.223.28:3389
20.2.223.28:5555
20.2.223.28:7070
20.226.0.95:3389
20.226.0.95:7707
20.226.0.95:8808
207.32.217.79:3389
207.32.217.79:47001
207.32.217.79:5985
31.124.151.205:8085
45.138.16.235:3389
45.138.16.235:47001
45.138.16.235:5357
45.138.16.235:5985
5.63.21.76:3389
5.63.21.76:47001
5.63.21.76:5357
5.63.21.76:5985
51.81.126.50:3389
51.81.126.50:47001
51.81.126.50:5555
51.81.126.50:5985
51.81.126.50:5986
51.81.126.50:7070
77.134.63.213:1122

# Reference: https://twitter.com/banthisguy9349/status/1780500318846906644

147.124.213.188:222
192.159.99.43:222
192.3.109.131:222
207.244.249.35:222
207.32.219.92:222
212.23.222.206:222
35.233.238.201:222
45.94.31.103:222
51.195.94.201:222
87.120.84.91:222

# Reference: https://www.virustotal.com/gui/file/37c59b4a6bc52f2fa3398bba784ab89b2316c17edf13bb350e2c7dbf5933d285/detection

45.32.168.59:4040
powerdc.dynuddns.net

# Reference: https://twitter.com/r3dbU7z/status/1780877399070015700
# Reference: https://www.virustotal.com/gui/ip-address/185.81.157.148/relations
# Reference: https://www.virustotal.com/gui/file/aba88f736591e30f238049e3585ae6d67a83bc7aed9223b613010b29946939e4/detection
# Reference: https://www.virustotal.com/gui/file/b797141148c613d952a1d86790620a705c3c385daa61eb805a46555105f518cb/detection

192.227.177.214:6606
192.227.177.214:7707
192.227.177.214:8808
raw223111.com
raw3losh2321321w.com
raw39w493.com

# Reference: https://www.virustotal.com/gui/file/f5d4afb68b4ceacbb6d5a5b8b153d55e452f08f1c0c1674b35c904673da5e2cd/detection

82.114.186.73:6606
82.114.186.73:7707
82.114.186.73:8808
myserver7.sytes.net

# Reference: https://www.virustotal.com/gui/file/be0c7f808c76369d03678fae7ed3dac43e292586c2cec1541af9424ade3f6fa5/detection
# Reference: https://www.virustotal.com/gui/file/12cbff9bb36d6f63d5fec636980581530abfb0ad3d3bdd0bbad07892d2637b27/detection
# Reference: https://www.virustotal.com/gui/file/257a49d59b2b2ae5f44688cf4d2cac26f583e121c826787e7046324d9890adee/detection

186.169.47.11:7081
186.169.62.202:1990
njverde1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0c9b67e54ea019fcbcb375de464025d82eb3fb62de692a3492f67c6d6fb93212/detection

186.169.37.89:1988
statusnuevoano1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/dcf90d69b4a83839e6b741986745c373a2c386a1a5518cab19133fda1f7f6e16/detection

179.13.0.175:7090
preferenciales12.duckdns.org

# Reference: https://twitter.com/banthisguy9349/status/1783059801255063882

http://91.92.252.220

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/45.94.31.69

45.94.31.69:222

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/51.38.95.108

51.38.95.108:222

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/51.195.94.205

51.195.94.205:222

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/80.94.95.238

http://80.94.95.238

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/87.120.84.126

87.120.84.126:222

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/104.243.32.185

http://104.243.32.185
104.243.32.185:222

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/109.199.101.109

http://109.199.101.109

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/149.102.147.106

http://149.102.147.106

# Reference: https://twitter.com/banthisguy9349/status/1783409848576516361
# Reference: https://urlhaus.abuse.ch/host/154.12.231.18

http://154.12.231.18
154.12.231.18:443
154.12.231.18:90

# Reference: https://www.virustotal.com/gui/file/731a20791887573ed4bd909011e707ae8be38524b43b54e798a97ab2d96d76b4/detection

80.133.66.162:7777

# Reference: https://www.virustotal.com/gui/file/90a2c2490d375e84023257c2698971641714043e140b07d90207fe31e6e20efa/detection

151.95.173.129:255
cholito1312.ddns.net

# Reference: https://twitter.com/x3ph1/status/1784948127226568770
# Reference: https://www.virustotal.com/gui/file/64f373211953aa5e294e9d7dee8dee07866ceb7fa944f8c5845792489433afb6/detection

144.76.71.93:313
eve.now-dns.net

# Reference: https://www.virustotal.com/gui/file/eb8cc36d9f0c3ac66b51583fa0674e50c911cfddcacdb3b7111583a0caf0ca76/detection

45.133.174.75:8795
aysmasterpro.duckdns.org

# Reference: https://twitter.com/malwrhunterteam/status/1786305462133997951
# Reference: https://www.virustotal.com/gui/ip-address/91.92.247.100/relations
# Reference: https://app.validin.com/detail?find=Invoice%20Informations&type=raw&ref_id=03cfa3a9c25#tab=host_pairs

http://91.92.247.102
invoiceinformations.com
invoicesinformation.com
liket.top
myposty.bond
au.liket.top
au.myposty.bond

# Reference: https://urlhaus.abuse.ch/browse/tag/AsyncRAT/ (# 2024-05-03)

http://1.14.206.144
http://104.243.38.245
http://109.172.45.94
http://116.62.11.90
http://141.98.6.105
http://142.11.211.80
http://157.254.223.253
http://158.69.131.146
http://159.223.189.221
http://16.171.25.219
http://172.96.172.203
http://176.107.185.29
http://178.33.57.158
http://185.117.91.202
http://185.196.8.223
http://185.216.70.70
http://185.241.208.181
http://185.241.208.97
http://185.252.178.121
http://185.81.157.148
http://185.81.157.152
http://185.81.157.213
http://185.81.157.244
http://192.119.74.208
http://192.3.109.131
http://192.99.180.181
http://193.26.115.238
http://193.34.212.17
http://193.42.32.101
http://194.213.3.23
http://195.133.40.128
http://195.178.120.137
http://198.46.178.147
http://20.127.168.10
http://209.126.7.24
http://38.242.242.149
http://41.216.188.20
http://45.12.253.105
http://45.154.98.81
http://45.80.158.237
http://45.92.1.59
http://5.206.227.251
http://51.89.109.154
http://62.171.178.45
http://65.21.177.234
http://77.221.151.42
http://77.91.68.249
http://79.110.62.189
http://79.137.202.195
http://84.54.50.9
http://85.209.133.106
http://85.209.176.59
http://85.239.240.244
http://85.239.241.136
http://86.68.222.14
http://88.218.61.219
http://91.92.240.177
http://91.92.242.80
http://91.92.247.100
http://91.92.252.85
http://93.123.39.225
http://93.123.39.68
http://94.156.128.246
http://94.156.69.208
http://94.156.69.220
http://94.156.71.212
http://94.156.79.216
http://95.216.192.137
104.243.38.245:222
104.243.44.136:666
107.161.81.150:222
129.213.49.94:8888
141.98.6.105:222
147.124.212.80:222
156.96.156.177:222
18.118.199.163:353
185.16.38.38:555
185.81.114.175:642
185.81.157.104:222
185.81.157.108:222
185.81.157.142:222
185.81.157.150:222
185.81.157.152:222
185.81.157.152:333
185.81.157.1:222
185.81.157.219:222
185.81.157.244:222
185.81.157.24:222
193.26.115.174:222
193.26.115.230:555
198.12.81.135:222
198.20.177.229:444
200.98.145.181:8888
4.229.235.23:222
45.12.253.107:222
45.128.96.133:8000
45.128.96.204:222
45.138.16.39:222
45.141.215.109:555
45.76.232.247:222
45.80.158.168:222
45.81.39.110:222
45.90.222.198:8080
5.249.163.134:333
51.161.61.92:222
51.195.94.209:222
51.222.98.70:222
51.89.109.154:3000
51.89.212.151:222
84.54.50.9:222
86.48.18.223:666
91.92.240.177:888
91.92.253.239:888
91.92.254.77:222
94.156.69.35:222
94.72.113.52:770
24help.ooguy.com
2m-store.com
a0920080.xsph.ru
adminigobnal.store
anonhost.in
arm-cc.com
arthurcambell.ac.ug
autoenhancer.tech
autoupdate.com.ua
ayazsehk.beget.tech
beautifulqueen.com.br
buypropertyinuae.com
carthagefire.net
cdn-120.filechan.org
cdn-130.filechan.org
chrisco-upperroom.org
documentacionrav003483980903884833.blogspot.com
duckz.online
eionsfsjk.tk
f0868357.xsph.ru
familyfontsview.mooo.com
file-drop.cc
fransceysse.ac.ug
hydramecs.com
invitadoscarlsjr.mx
jonnyomar.xyz
joshbystrom.com
js-hurling.com
kareemovic22.webredirect.org
maincoon.frido19777.repl.co
makkahmart.org
mphasistech.com
mrfreeman.shop
mrfreeman.xyz
nestlejobs.tk
okokokokokok.khaby.lol
paldo.ac.ug
pmjo.fra1.cdn.digitaloceanspaces.com
pub-bfce74d1910148989228a2ae7c102b8a.r2.dev
rec4.tv
s2r.tn
s3rrrv3r.xyz
sbs-sysco.com
sinopecllc.top
solutionsinengineering.com
specialetrt.online
theemirateshills.com
thrivetrail.org
totalhorsehealth.com
tr62gf3t.ngrok.io
tractorandinas.com
upload.vina-host.com
vps-135c3c5b.vps.ovh.ca
vptriathlon.com
winderswonders.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-05-03)

103.249.112.118:8848
128.90.103.36:9999
128.90.123.67:9999
128.90.128.169:9999
136.175.8.35:444
136.175.8.35:4444
139.99.133.66:6666
142.202.191.162:222
154.53.42.53:8448
154.53.42.53:8847
156.195.128.36:8000
163.5.210.97:3307
172.160.240.225:7654
172.160.240.225:8976
179.14.9.152:2020
181.131.217.222:4203
184.174.96.94:2222
184.174.96.94:4444
184.174.96.94:5555
184.174.96.94:8888
184.174.96.94:9999
194.26.192.196:1610
207.32.219.85:8888
213.252.247.202:222
213.252.247.202:6606
216.250.252.159:50545
41.43.199.238:8000
46.246.14.22:2000
51.195.145.87:7071
78.161.0.177:3001
78.185.140.143:81
85.97.168.208:20000
87.121.105.4:8797
88.229.18.221:20000
88.229.18.221:888
91.92.247.15:8008
91.92.250.227:7707
91.92.253.249:6606
91.92.253.249:7707
91.92.253.249:8808
93.71.184.63:6606
94.156.65.26:6006
94.156.65.26:7777
95.211.208.153:6606
95.211.208.153:7707
95.211.208.153:8808
hjdsasync.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0225ab7231a491eba5d422b3fc0589d02b3f35525740ed804c635c3272e43985/detection

194.26.192.57:222
194.26.192.57:5552
194.26.192.57:57114
194.26.192.57:8808

# Reference: https://www.virustotal.com/gui/file/71a53e0ee0dbb54b4125b864908a5335d7dbbafb723f6dcd60c5560f1fb6ed40/detection

197.58.43.133:54984
197.58.43.133:6606
197.58.43.133:7707
197.58.43.133:8808

# Reference: https://twitter.com/CyberRaiju/status/1787013536549679292
# Reference: https://twitter.com/c_APT_ure/status/1787046377035309389

102.188.149.156:6666
102.46.149.233:6666
102.47.223.168:6666
105.196.137.169:6666
194.127.178.224:6666
196.157.103.228:6666
197.132.65.63:6666
197.37.104.46:6666
197.37.111.190:6666
197.37.140.174:6666
197.37.198.12:6666
197.37.229.172:6666
197.37.233.55:6666
197.37.33.248:6666
197.58.154.105:6666
197.58.43.133:6666
41.43.12.86:6666
41.43.55.99:6666
41.68.112.224:6666
41.68.56.78:6666
41.69.33.153:6666
41.69.35.144:6666
41.69.47.180:6666

# Reference: https://twitter.com/banthisguy9349/status/1787421260575600786
# Reference: https://www.virustotal.com/gui/file/1b8a7847861a5325f1f0c4c1586e28fda420b9b32c6fcbfad31c4dbd479d5134/detection

103.195.103.142:443
103.195.103.142:90
103.195.103.142:6606
103.195.103.142:7707
103.195.103.142:8808
45.88.91.145:443
66.94.120.219:443
85.239.240.244:443
94.156.79.216:443
evolve27.com
sirdff309.duckdns.org

# Reference: https://www.virustotal.com/gui/ip-address/87.121.105.4/relations
# Reference: https://www.virustotal.com/gui/file/15fe3ab91a5454d888ceec3916cac3d80de7b79fe650c843522605ff4b73122d/detection

87.121.105.4:8896
ghshe.duckdns.org
hjxwrm5.duckdns.org
kdke.duckdns.org
nmds.duckdns.org
undjsj.duckdns.org

# Reference: https://twitter.com/alex_lanstein/status/1788269323020280277
# Reference: https://www.virustotal.com/gui/file/2f8dc972e9ec1b47d2beb064776d2df9778d253a5030870405843bed0fb32640/detection
# Reference: https://www.virustotal.com/gui/file/4ee40029d668e951398af606ed60163cfba237dda047f98c13f53937411d9fde/detection

193.222.96.124:5050
193.222.96.124:7287

# Reference: https://twitter.com/karol_paciorek/status/1788556707620159734
# Reference: https://www.virustotal.com/gui/file/29841f038da6a26dac5df28f23b4adcb080f5b0a2312bf996c8073940849eef6/detection
# Reference: https://www.virustotal.com/gui/file/4eedc7ed6ade620eef8eb160d18518afc9c59eb262baf8a9fdbe758fb611b6f0/detection

http://45.88.186.125
193.222.96.193:81
45.61.150.201:6606
45.61.150.201:7707
45.61.150.201:8808
45.88.186.125:6606
45.88.186.125:7707
45.88.186.125:8808
beshomandotestbesnd.run.place

# Reference: https://twitter.com/banthisguy9349/status/1789341523823169815
# Reference: https://urlhaus.abuse.ch/host/45.138.16.97/

45.138.16.97:222

# Reference: https://www.virustotal.com/gui/file/3bc93aa2bfad02c3e93e87242b7789c657d72d983b8f10daaaccd6ad935b2a4e/detection

185.29.11.28:43147
obime.duckdns.org

# Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2024-05-17-v10598/1649

bangkok-generally-ensemble-nfl.trycloudflare.com
invoice.trycloudflare.com
invoicetrycloudflare.com
loaded-swift-degrees-packages.trycloudflare.com
maintenance-princess-musical-vocational.trycloudflare.com
nail-lists-compact-project.trycloudflare.com
oral-career-renewable-bacterial.trycloudflare.com
snap-guide-leeds-des.trycloudflare.com
tired-shareholders-reservoir-talked.trycloudflare.com

# Reference: https://x.com/banthisguy9349/status/1792886215479349594

141.11.109.151:8000

# Reference: https://x.com/karol_paciorek/status/1793201205050499327

185.196.11.223:1339
185.196.11.252:1339
85.239.241.136:1339
91.92.249.94:1339
94.156.64.207:1339
94.156.69.136:1998
94.156.69.226:1998
leetboy.dynuddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-05-22)

http://156.195.80.192
http://156.195.84.201
http://181.214.223.125
http://193.111.125.200
http://88.138.253.60
http://94.156.8.44
103.1.40.154:8000
104.234.204.57:7707
104.250.169.165:2222
12.202.180.134:8797
128.90.103.12:9999
128.90.103.39:9999
128.90.122.129:9999
128.90.123.108:9999
128.90.123.87:9999
135.125.21.74:4545
136.175.8.56:9090
14.164.99.119:8080
147.135.165.29:6606
147.135.165.29:7707
148.163.101.182:6606
151.106.34.110:8081
156.195.143.153:443
156.195.80.192:8080
165.227.44.40:6606
172.105.121.169:6606
172.105.121.169:7707
172.105.121.169:8808
172.111.148.205:222
172.111.148.95:222
172.111.169.67:2222
172.111.216.199:7707
172.111.216.4:6606
172.111.216.4:8808
173.211.46.114:6606
173.211.46.114:7707
173.211.46.114:8808
178.215.236.224:4444
178.73.192.2:2000
179.13.4.37:8082
18.192.31.165:15221
185.104.195.215:1337
185.104.195.215:4444
185.196.11.252:4444
186.102.167.18:6606
186.137.33.82:2112
187.24.4.218:9999
192.227.228.34:8808
193.38.34.125:2000
195.26.240.251:9999
198.23.227.175:8881
199.223.235.67:8808
2.29.196.40:9000
200.9.154.160:10000
202.133.88.95:8080
204.12.199.30:6606
204.12.199.30:7707
204.12.199.30:8808
207.246.64.185:6161
209.145.56.0:7788
213.195.117.131:5001
213.195.126.87:5001
3.125.102.39:15221
3.125.209.94:15221
3.125.223.134:15221
34.41.72.142:2000
4.233.217.192:8808
45.126.209.172:5555
45.126.209.172:6666
45.126.209.21:4444
45.126.209.21:7707
45.126.209.21:7777
45.126.209.21:9999
45.126.209.49:6666
45.126.209.67:7707
45.126.209.70:6666
45.128.96.103:6666
45.128.96.103:8808
45.128.96.204:6666
45.141.215.159:8088
45.88.186.197:4444
45.88.186.197:6666
45.88.186.197:7777
45.88.186.197:8888
45.88.186.241:6606
45.88.186.241:6666
45.88.186.62:8888
45.88.90.224:2222
46.246.6.18:2000
46.246.80.12:2000
46.246.80.15:9004
47.245.105.90:9876
5.249.165.126:9090
5.252.53.186:1337
51.195.211.231:1337
51.195.94.205:6606
51.195.94.205:7707
51.195.94.205:8808
51.254.53.24:4449
51.81.105.250:8808
51.81.169.92:6606
51.81.169.92:7707
51.89.158.68:8888
54.39.216.104:2222
64.23.156.73:4047
66.66.146.74:9511
78.161.80.54:888
78.179.134.46:3000
78.179.134.46:888
78.179.247.213:888
79.110.49.252:6606
79.110.49.252:7707
79.110.49.252:8808
84.247.154.81:6606
84.247.154.81:7707
84.247.154.81:8808
84.38.134.107:59543
85.107.228.217:20000
85.107.228.217:3001
85.107.228.217:7070
85.107.228.217:888
85.114.96.11:1602
85.209.133.18:4545
85.239.237.148:2005
87.121.105.252:6606
89.39.106.35:1339
91.110.144.65:9000
91.219.62.14:8888
91.92.246.53:5554
91.92.248.82:4443
91.92.248.82:8900
91.92.250.227:6606
91.92.251.136:8900
91.92.251.153:8900
91.92.251.159:4443
91.92.251.159:8900
91.92.251.179:8900
91.92.251.245:8900
91.92.251.57:1337
91.92.254.201:4443
91.92.254.201:8900
91.92.254.21:8900
91.92.255.108:6606
91.92.255.108:7707
91.92.255.108:8808
91.92.255.16:8900
91.92.255.182:4444
91.92.255.190:6606
91.92.255.190:7707
91.92.255.190:8808
91.92.255.220:6606
91.92.255.25:4443
91.92.255.25:8900
91.92.255.79:8900
94.130.130.51:1919
94.156.10.12:443
94.156.64.21:4443
94.156.64.21:8900
94.156.64.51:4443
94.156.64.51:8900
94.156.64.5:8900
94.156.64.90:8900
94.156.65.181:3434
94.156.67.103:6606
94.156.67.103:7707
94.156.67.103:8808
94.156.67.112:6606
94.156.67.214:4444
94.156.67.214:6006
94.156.67.214:7777
94.156.67.214:8008
94.156.69.161:8900
94.156.69.163:8900
94.156.69.164:8900
94.156.69.165:4443
94.156.69.165:8900
94.156.69.166:8900
94.156.79.216:8888
94.156.8.44:443
94.228.162.82:6606
94.228.162.82:7707
94.228.162.82:8808
95.7.175.50:20000
afterksmelipandmahdiimadss.ddns.net
character-acquisitions.gl.at.ply.gg
comas.sells-it.net
comm.sells-it.net
coms.sells-it.net
comss.sells-it.net
de-engines.gl.at.ply.gg
goodone.loseyourip.com
linux-treatment.gl.at.ply.gg
mark1234567.ddns.net
nerakar.duckdns.org
strekhost2085.con-ip.com
twinks234.duckdns.org

# Reference: https://x.com/banthisguy9349/status/1793331162502353303

http://94.156.69.134
http://94.156.69.246

# Reference: https://www.virustotal.com/gui/file/11d0a663c5d6ee1b77b3a62d755c11312598ebaa10fda764b1551b106ef517a8/detection

191.88.248.162:6606
191.88.248.162:7707
191.88.248.162:8808
telegramsystem32dn.duckdns.org

# Reference: https://www.virustotal.com/gui/file/94907cb7c5a3d388de870383d35ed9d8564985fd5d913403b2888f8c42583dd5/detection

181.131.216.141:1524
canastapatrones.con-ip.com
paseoencarro2024.con-ip.com
pasoscon.con-ip.com
pasticosmemos.con-ip.com
remixripiolo.con-ip.com

# Reference: https://www.virustotal.com/gui/file/a8eea383b255aa5e3f762534e08b635697ddf21aeba04bef038eb9c647b516f3/detection
# Reference: https://www.virustotal.com/gui/file/a87e8ab853de960f05f82b36d0a604a50d1af983a6a14d764508402c2d8d2a69/detection
# Reference: https://www.virustotal.com/gui/file/e5321f397068d010f4c218d85eea1d878a3905031b2477c2330ea218845d7727/detection

181.141.2.226:1013
181.141.4.186:1013
181.141.4.186:1014
loggedestadosundns.duckdns.org
segundoservestadosuni.duckdns.org
vanyplasserrem.duckdns.org

# Reference: https://www.virustotal.com/gui/file/2b335c518a6168241e941c02c1fb91012dbd0f9171531718b60d1a162b1f28ab/detection

177.255.88.252:5023
aefw3rgevoyv7bgnwev.con-ip.com

# Reference: https://app.validin.com/detail?find=181.141.0.0%2F24&type=ip&ref_id=cca0920a3a7#tab=resolutions
# Reference: https://www.virustotal.com/gui/file/52abf2d9d26529b8d17b31ce9ae97329c68d1bea55033d5217f21b2370ae664e/detection

181.141.0.182:1800
asrhadhf.duckdns.org
ayudamedios.con-ip.com
bdmtnz.ddns.net
bendicionespatoelmundo.duckdns.org
carteraada.duckdns.org
comercdgvhhn.duckdns.org
dfghwfh.duckdns.org
dfgsdkfasjfaslfnalf.duckdns.org
dfjeyj.duckdns.org
dfsdhdsvasgfh.duckdns.org
dgfdsafyjdgj.duckdns.org
dgjhdvfjdsklasdlas.duckdns.org
dgysru.duckdns.org
enviocacha.duckdns.org
fagheklolkdhsk.duckdns.org
fastidiasdf.duckdns.org
fgfdshrt.duckdns.org
fghff.duckdns.org
fneibvuwcusd.duckdns.org
gabriela2021.duckdns.org
gdjsbdsbdkbk.duckdns.org
gfhjrrb.duckdns.org
gsgdgjghkfgbdf.duckdns.org
guejsyatidjkgh.duckdns.org
hdjdksnshjcsc.duckdns.org
hjgxadfa.duckdns.org
jfusdhakdnfjf.duckdns.org
jgffgstst.duckdns.org
relucas.con-ip.com
rswerfressd.duckdns.org
santuario.con-ip.com
sdhqrth.duckdns.org
sdhrt.duckdns.org
volvimosfuertesdios.con-ip.com
wrytrioag.duckdns.org

# Reference: https://www.virustotal.com/gui/file/4f9ae5b89c89e5c79c53db694d4d67e2d9b3c47c7389c8c3899dedbc9e92be76/detection
# Reference: https://www.virustotal.com/gui/file/c7c5e47db28796b3f6ece9dea26af6aa9b960c7a2e628434b245a344be469c3f/detection

20.117.108.240:5612
20.117.108.240:7825

# Reference: https://x.com/karol_paciorek/status/1797594552758411301

12.202.180.134:8797
asyncss.duckdns.org

# Reference: https://www.virustotal.com/gui/file/250b462897a479fdcd5b11e5deb8b86decd999dc97e1062ea151cc4db997f168/detection

dhhj.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e596d827af9b25d8348caffa981f5ef4a6ea88bfcfb35e5a5d2d337d6bf90aa9/detection

103.156.90.165:6703
103.156.90.165:7301
103.156.90.165:8890
strig3982.duckdns.org

# Reference: https://x.com/K_N1kolenko/status/1798618849040113999
# Reference: https://www.virustotal.com/gui/file/a9ee57985d3757c31f8529dc176889069d0a1ff57d2cc0a02152f17266c0a725/detection
# Reference: https://www.virustotal.com/gui/file/98436572cf0f7a2b027582b07c3327decea5a5ede68b0d49dfaf75b86ba9cdad/detection

http://46.102.174.48
91.92.254.123:8848

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-07-08)

103.179.189.111:8848
110.42.248.7:4449
185.196.10.81:4449
191.88.248.178:3008
194.26.192.147:7244
194.59.31.74:5552
195.10.205.90:4608
198.55.115.39:6606
198.55.115.39:7707
198.55.115.39:8808
23.227.196.84:6606
66.235.168.242:3232
66.235.168.242:4449
80.76.49.162:4545
85.209.133.248:4449
91.92.243.101:1081
94.232.249.90:8848
unio.bumbleshrimp.com

# Reference: https://urlhaus.abuse.ch/url/2864552/

postaipay.top

# Reference: https://x.com/banthisguy9349/status/1799493903021723748
# Reference: https://www.virustotal.com/gui/ip-address/109.199.101.109/relations
# Reference: https://www.virustotal.com/gui/file/dbf24ee62e11f79ecb32f6cda9e8ab0cec3e8c12789acaf9f73cae9db6a02ef1/detection
# Reference: https://www.virustotal.com/gui/file/34f6634f4d992f3159096ba6bd46592ad15e43fafc40f589c0c77c3581a6e907/detection
# Reference: https://www.virustotal.com/gui/file/193175474fa67a46cacd15c7c3221b4e9f50b1a68074437bc2a81bf9f10a225d/detection

http://109.199.101.109
109.199.101.109:1000
109.199.101.109:770
ch3.theworkpc.com
world1.webredirect.org

# Reference: https://www.virustotal.com/gui/file/fd8d402ef7a6c8c46c03fac9f89893d71360d0dcff12b67f34024d66dbe04373/detection

184.75.214.163:12380
96.47.229.59:13293
asyn.airdns.org
asyn.anondns.net

# Reference: https://app.validin.com/detail?type=ip&find=64.42.179.59#tab=resolutions

alex-ssh.airdns.org
artemi.mooo.com
bettyscupcakes.ddns.net
campbellm.duckdns.org
checkout.awsmppl.com
hanli.dedyn.io
jetbear.duckdns.org
micropython.duckdns.org
rbl.ddns.net
runningbrushln.asuscomm.com

# Reference: https://x.com/IronNetTR/status/1801285491431555328

135.181.65.141:4099
45.80.158.22:9090
45.94.31.124:6606
45.94.31.124:7707
45.94.31.124:8808

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-06-13)

168.119.119.140:8808
172.232.239.216:8808
45.74.25.39:6606
45.8.146.124:2005
51.81.30.54:7707

# Reference: https://www.virustotal.com/gui/file/c767c1608932a04a286984d8f940d9cb2acdeb4cfc4f885bb836518589fb65fd/detection
# Reference: https://www.virustotal.com/gui/file/6927cee8b7d0f4b7934d9c439945ef0e9fe854a2e7e06ebd69e9e4860c6e1f1d/detection

157.173.197.177:6606
157.173.197.177:7707
157.173.197.177:8808

# Reference: https://x.com/banthisguy9349/status/1801548426288472405

61.160.213.14:48596

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-06-15)

http://108.174.200.80
http://157.254.223.212
http://45.83.31.241
http://98.67.161.144
103.195.102.21:5555
104.223.22.86:7777
104.223.22.86:8888
104.234.195.153:8888
104.238.173.66:6606
107.175.31.172:6606
107.175.31.172:7707
108.165.237.196:7707
108.174.200.80:8808
115.223.43.224:8888
128.90.113.119:9999
128.90.113.241:9999
134.255.217.251:7707
136.243.111.71:3000
136.243.111.71:888
136.243.151.123:110
136.243.151.21:2000
136.243.151.21:6606
136.243.151.21:9990
136.243.151.21:9999
142.11.201.122:8715
142.11.201.122:8716
142.11.201.123:8715
142.11.201.123:8716
142.11.201.124:8715
142.11.201.124:8716
142.11.201.125:8715
142.11.201.125:8716
142.11.201.126:8715
142.11.201.126:8716
142.202.240.93:7777
142.202.240.93:8888
147.135.165.29:8808
149.56.30.19:8808
154.17.167.74:7707
154.194.50.163:6606
157.20.182.6:4443
158.220.83.114:6606
158.220.83.114:7707
162.244.210.243:6606
162.244.210.243:7707
162.244.210.243:8808
162.244.210.92:6606
162.244.210.92:7707
162.244.210.92:8808
162.244.210.96:6606
162.244.210.96:7707
162.244.210.96:8808
163.5.64.209:6000
163.5.64.209:7000
163.5.64.209:8000
168.119.211.236:116
168.119.211.236:117
168.119.211.236:119
172.81.60.16:443
178.73.192.10:2000
179.13.4.37:8020
185.196.11.252:1338
185.196.11.252:1999
185.212.47.40:1998
185.212.47.40:2000
185.212.47.40:20000
185.212.47.40:5000
185.212.47.40:5555
185.212.47.40:8888
185.241.208.213:8080
185.62.86.134:555
186.137.33.82:2113
192.250.225.3:5020
192.250.225.3:5600
192.250.226.28:7066
193.26.115.74:6606
193.26.115.74:7707
193.26.115.74:8808
194.26.192.194:6666
194.26.192.194:9999
194.26.192.34:222
195.3.223.146:6667
195.3.223.146:6668
207.174.26.100:5505
207.32.218.51:8080
213.195.117.131:4001
213.195.117.131:4002
213.195.117.131:5003
213.195.117.131:6606
213.195.117.131:7707
213.195.117.131:8808
213.252.247.202:555
213.252.247.202:8808
38.180.92.22:2222
38.180.92.22:3333
38.180.92.22:5555
41.216.188.58:8808
45.126.209.49:5555
45.126.209.67:6606
45.126.209.67:8808
45.8.146.124:2004
45.88.186.241:4848
45.88.186.241:7707
45.88.186.241:8808
46.4.37.212:82
51.195.76.65:6606
51.195.76.65:7707
51.195.76.65:8808
51.77.113.177:222
51.77.113.177:2222
51.77.113.177:6606
51.77.113.177:7707
51.77.113.177:8808
51.77.113.177:888
51.77.113.177:8888
51.81.105.250:6606
51.81.105.250:7707
51.89.207.240:8088
54.39.216.104:555
54.39.216.104:5555
54.39.216.104:777
54.39.216.104:7777
61.14.233.130:6606
61.14.233.130:7707
61.14.233.130:8808
66.225.254.182:443
66.225.254.182:6606
66.225.254.182:7707
66.225.254.182:8808
66.225.254.222:6606
66.225.254.222:7707
66.225.254.222:8808
93.123.39.166:2222
94.130.130.51:116
94.130.130.51:117
94.156.69.169:4444
94.156.69.169:5555
94.156.69.169:6006
94.156.69.169:6606
94.156.69.169:6666
94.156.69.169:7707
94.156.69.169:7777
94.156.69.169:8008
94.156.69.169:8808
94.156.8.181:7777
94.156.8.181:8888
94.156.8.54:9999
95.216.41.33:83

# Reference: https://x.com/karol_paciorek/status/1802255896355000653

12.202.180.114:8797
ghdsasync.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c067efbc87b2ada250df9e72f9daad58f3789fda430cfa38817fc17c4358ac0e/detection

106.54.204.119:5050

# Reference: https://www.virustotal.com/gui/file/b3228db9bbc763295df17ec8c46d2a68bb6bba6f3300251ad0d90006b10cd979/detection

110.42.255.125:5050

# Reference: https://x.com/k3yp0d/status/1802636686238638088
# Reference: https://perception-point.io/blog/operation-red-deer/
# Reference: https://www.virustotal.com/gui/file/2a27a38de7465dbbfcf49f70cba4c348af659fb2d2623c7c7756334bc548960c/detection

149.102.147.106:550
149.102.147.106:90
194.26.192.174:222
45.80.158.65:2005
salah2.webredirect.org

# Reference: https://x.com/ShanHolo/status/1802993175637696869
# Reference: https://www.virustotal.com/gui/file/fb7138752fb4c7bce1d21471f820f05ef71ed77d1f761f4c56baca036b8d646b/detection
# Reference: https://www.virustotal.com/gui/file/ee78fefba7a8a09c433a3d6a41e130f04a39b946e0334460d8d4f0456bb3aeab/detection
# Reference: https://www.virustotal.com/gui/file/a921f5b1086e398f226a6e4d0720eec65548deae54e5c93f083b482f757ddd6b/detection
# Reference: https://www.virustotal.com/gui/file/97af53988ade69e98cad451478796dcaaa01aae88175f959bb084218123a4202/detection
# Reference: https://www.virustotal.com/gui/file/7eef14dbead999058d4128a195c533d0a016de055ac2364a87a131a677c18e40/detection

http://89.213.177.87
89.213.177.87:443

# Reference: https://x.com/K_N1kolenko/status/1803380619587535355

72.5.43.15:4449
80.76.49.148:4545

# Reference: https://asec.ahnlab.com/en/66790/
# Reference: https://www.virustotal.com/gui/file/e4358dfec6b848ffd5cf195a4055a3619c47432170281da3617c7110ec8e9e72/detection
# Reference: https://www.virustotal.com/gui/file/55f047455519bc3cd96322361a66cd3667293f50811afe16c553382fa443465c/detection

118.41.52.88:3255
119.201.129.13:3255
121.181.165.56:3255

# Reference: https://x.com/K_N1kolenko/status/1803687246203138405

123.56.8.218:9215
2.58.56.168:4449

# Reference: https://www.virustotal.com/gui/file/a595fea24e86e504bc4e5936979f51b6376e5bec1fd7ba25be00eddb067805eb/detection

160.154.253.51:3615

# Reference: https://www.virustotal.com/gui/file/1b43831c91e21c1d2b8854f0d871d0770473132cf0c4f6e9e82152f96f60049b/detection

160.154.253.51:8204
endgame.sytes.net

# Reference: https://x.com/K_N1kolenko/status/1805833957214241211

1.26.179.43:8848
1.31.93.59:8848
110.6.28.25:8848
110.6.31.1:8848
124.67.198.80:8848
194.55.186.121:1313
94.156.8.65:8080

# Reference: https://x.com/K_N1kolenko/status/1806200263536947587

86.208.62.200:4449
93.123.39.250:31145

# Reference: https://x.com/banthisguy9349/status/1806367283746332812
# Reference: https://x.com/NDA0E/status/1806371737522552833

104.243.47.93:222
172.93.111.165:6666

# Reference: https://www.virustotal.com/gui/file/bb3f2ff46e9dae66cf62c6e7606a66d02b65abc8dac96e96acd554ebf6fd40ad/detection

136.243.111.71:5500
services-line2.freeddns.org

# Reference: https://www.virustotal.com/gui/file/18e58d0adbdcb4dd150e75f6580e612afc92da61bdeaf32d768e4393a1ebafe0/detection

85.100.179.157:20000
88.246.94.229:20000
charle.loseyourip.com
ultra.webredirect.org
webextension.accesscam.org

# Reference: https://www.virustotal.com/gui/file/da8cbc01230c7de6230f933355c8db5c5ec8b0d4df8b0fe2b293477a99332ade/detection

147.185.221.20:45478
during-goto.gl.at.ply.gg

# Reference: https://x.com/K_N1kolenko/status/1806586425044804026

194.55.186.155:2424
94.156.79.137:5650

# Reference: https://x.com/ShanHolo/status/1806608159491924450
# Reference: https://www.virustotal.com/gui/file/e35692b4f8b054ac141f02c5eafadf49340f89a51aea1aecc163460516b8dfb4/detection

136.243.111.71:155

# Reference: https://x.com/80vul/status/1807059491340333475

35.194.215.14:111
35.194.215.14:5985
35.194.215.14:85

# Reference: https://www.virustotal.com/gui/file/44e26831198bfdcdcc8e8dfb22cb3c2dac765435fd8e10f83a8a73319efd6e33/detection

94.232.249.111:6606
94.232.249.111:7707
94.232.249.111:8808

# Reference: https://x.com/K_N1kolenko/status/1807648901589074375

216.250.252.142:4449
45.40.96.164:3232
47.242.70.176:8848
5.180.155.164:2020

# Reference: https://www.virustotal.com/gui/file/000bfb90323a9ed3927b5a1d691fab2e920070bf78745f003d5a82e695eaaa97/detection

147.185.221.20:31102
it-postage.gl.at.ply.gg

# Reference: https://x.com/banthisguy9349/status/1808888209306251349

http://104.223.22.86
http://212.70.149.205
http://23.26.76.239
http://23.94.126.49
http://38.22.104.227
http://51.89.34.245
http://66.225.254.182

# Reference: https://x.com/ScumBots/status/1808685459188453390

101.99.92.203:4449

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-07-06)

http://197.0.49.10
http://41.62.90.108
128.90.113.125:9999
128.90.113.88:9999
128.90.128.115:9999
136.243.111.71:20000
136.243.111.71:20001
142.11.201.122:8713
142.11.201.123:8713
142.11.201.126:8713
147.189.170.37:7777
154.12.229.73:1994
157.20.182.5:9898
163.5.112.100:6606
163.5.112.100:7707
163.5.112.100:8808
172.111.150.131:2000
172.111.150.139:2000
172.111.150.142:2000
172.232.164.13:6606
172.232.164.13:8808
178.73.218.22:2000
185.104.195.215:2005
185.216.70.112:7777
185.241.208.181:9090
191.93.113.10:9003
193.26.115.30:8808
195.174.240.3:25
20.199.8.16:1726
213.195.117.131:5000
34.126.174.34:20000
34.126.174.34:2001
34.126.174.34:3000
34.126.174.34:3002
34.126.174.34:888
45.66.231.254:4444
45.66.231.254:5555
45.66.231.254:6006
45.66.231.254:7777
45.66.231.254:8008
46.246.6.14:2000
46.246.84.10:2000
51.81.24.83:3333
54.255.147.4:6000
81.19.137.226:2024
85.117.242.77:8848
90.112.70.19:8080
93.123.85.133:1337
94.156.64.188:5555
94.156.64.188:6006
94.156.64.188:7777
94.156.64.188:8008
94.156.69.27:6606
94.156.69.27:7707
94.156.69.27:8808
s1mpl3.simple-url.com

# Reference: https://x.com/lontze7/status/1810171725373383158

http://207.32.218.10
207.32.218.10:443

# Reference: https://app.validin.com/detail?find=xt.png&type=dom&ref_id=de06224bc55#tab=host_pairs_v2
# Reference: https://www.virustotal.com/gui/ip-address/207.32.219.59/detection
# Reference: https://www.virustotal.com/gui/file/610fcb9d69b7f1f3ae6302bcd761b92ec3a7b8334694a05674cbe2c017a2caa5/detection

http://207.32.219.59
207.32.219.59:443
207.32.219.59:999

# Reference: https://asec.ahnlab.com/en/67861/
# Reference: https://www.virustotal.com/gui/file/b8f1fe93386003e82a148e0efd52759bc3be7bc7088537f6d031faec54870fb3/detection

157.20.182.5:36365
booosisnhead.ddns.net
stevenhead.ddns.net

# Reference: https://x.com/ScumBots/status/1811378434624393516

207.32.217.25:6606
207.32.217.25:7707
207.32.217.25:8808
khalidhost.loseyourip.com

# Reference: https://x.com/K_N1kolenko/status/1810917401279574290

138.201.226.58:4449
15.235.151.228:8848

# Reference: https://www.virustotal.com/gui/file/9f60cdba09c697e1277f56435afaa9a7922e62a53d87f44d2cf1eeef2eacbaf8/detection

193.26.115.78:7077
newwork.ath.cx
newwork.webredirect.org

# Reference: https://www.virustotal.com/gui/file/c6c9ebaffa00c12062f244fab1e0919ce8e4904ca7f1501595d7e002b426c5f7/detection
# Reference: https://www.virustotal.com/gui/file/8892f78d9929116bfd47ddcf9814dc91ec0640ea8e9eece9e5adc78722e34ef6/detection

khalid.dnsdojo.org

# Reference: https://www.virustotal.com/gui/file/4bcbe93bd355b824252d1f51f12d4c9c9063b8d316e84d9bb84530228dcfcbf8/detection
# Reference: https://www.virustotal.com/gui/file/98c208ad12bf758a390cc7a69004d69a8c172708e26f4c259580fa40168b306e/detection

45.138.16.251:6666
45.138.16.251:81
elsa3eed.ath.cx

# Reference: https://www.virustotal.com/gui/file/3ef5ae6a142303afb66b2fb9d376a0304874666bcdb3f9dc3f6224ec6eaf5b40/detection

http://91.92.248.36
91.92.248.36:6210
maggiorallic.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv

http://104.243.32.103
http://172.245.20.196
http://185.18.222.24
http://194.233.73.183
http://197.0.103.174
http://23.94.197.108
http://79.110.49.135
103.195.100.175:6666
104.238.222.104:6606
104.243.34.3:6668
104.243.34.3:6669
108.174.200.80:222
108.174.200.80:7707
109.228.40.86:1433
128.90.106.157:9999
128.90.106.58:9999
128.90.106.59:9999
128.90.113.228:9999
128.90.113.26:9999
128.90.113.3:9999
128.90.128.201:9999
128.90.128.218:9999
128.90.128.88:9999
128.90.129.55:9999
128.90.129.74:9999
128.90.129.79:9999
128.90.129.85:9999
136.243.151.123:200
14.230.105.105:8080
142.11.201.122:8714
142.11.201.124:8713
142.11.201.125:8713
142.11.201.125:8714
144.126.151.185:2004
144.126.151.185:2005
149.56.30.19:6606
149.56.30.19:7707
151.106.34.110:7707
154.12.229.73:1995
154.12.229.73:2000
154.12.229.73:2002
154.12.229.73:2005
156.195.234.60:222
157.20.182.5:4443
157.20.182.8:9898
157.66.25.16:8888
158.220.83.114:8808
161.97.151.222:113
172.111.150.141:2000
172.111.150.143:2000
172.245.20.196:2003
172.245.20.196:2004
172.245.20.196:222
172.245.20.196:8080
172.94.111.21:8888
173.208.162.39:20000
173.208.162.39:3000
173.208.162.39:888
173.208.162.39:999
176.111.174.140:8808
178.156.8.185:4002
178.156.8.185:5001
178.156.8.185:6000
178.16.141.152:443
178.73.192.19:2000
179.243.0.223:9441
179.243.0.223:9442
179.243.0.223:9443
179.243.0.223:9999
185.104.195.215:2003
185.18.222.24:443
185.208.158.113:8010
185.216.70.112:8888
185.240.104.231:25565
185.241.208.181:2020
185.62.86.134:333
187.24.12.84:9999
187.24.4.91:9999
188.126.90.4:2000
188.126.90.7:2000
188.218.202.7:7707
192.227.190.133:7777
192.227.190.133:8888
192.227.190.133:9999
192.250.226.28:4800
192.250.226.28:7077
193.201.9.183:8808
193.23.161.147:7777
193.26.115.132:6606
193.26.115.132:7707
193.26.115.139:8888
193.26.115.222:6606
193.26.115.222:6666
193.26.115.222:7707
193.26.115.222:8808
193.26.115.226:6606
193.26.115.226:7707
193.26.115.22:4444
193.26.115.22:6606
193.26.115.22:7707
193.26.115.22:8088
193.26.115.22:8808
193.26.115.22:9999
193.26.115.34:6606
193.26.115.34:7707
193.26.115.34:8808
193.26.115.78:5555
193.26.115.78:6666
193.26.115.78:7707
193.26.115.78:8080
193.26.115.78:8888
193.26.115.78:9999
193.26.115.85:6606
193.26.115.85:7707
193.26.115.85:8808
194.26.192.132:6666
194.26.192.194:8088
194.26.192.214:8808
194.26.192.34:444
194.26.192.59:4444
194.26.192.59:5555
194.26.192.59:6666
194.26.192.59:7707
194.26.192.59:7777
194.59.30.113:4609
194.62.157.160:8888
196.65.181.213:4444
198.58.123.40:5505
198.58.123.40:6606
2.58.56.39:2000
2.58.56.39:4444
2.58.56.39:7777
2.58.56.39:8888
2.58.56.39:9999
2.89.135.29:888
207.174.26.115:5505
207.174.26.69:5505
207.174.26.70:5505
207.244.238.106:7707
207.32.219.81:8808
209.145.56.0:1113
209.145.56.0:1114
213.195.119.157:4002
213.195.119.157:5000
213.195.119.157:5001
213.195.119.190:4002
213.195.119.190:5000
213.195.119.190:5001
213.195.119.190:6001
213.195.120.40:5000
213.195.120.40:5001
216.225.202.59:2005
23.26.108.141:8888
23.94.126.49:6606
23.94.126.49:7707
23.94.126.49:8808
23.94.197.108:8080
31.124.151.250:9000
34.45.75.65:888
34.83.210.13:6606
37.230.62.29:443
4.246.230.34:2000
45.126.209.221:81
45.126.209.221:82
45.138.16.66:9090
45.32.169.187:2000
45.66.231.69:4444
45.66.231.69:6006
45.66.231.69:7777
45.66.231.69:8008
45.80.158.42:6001
45.83.31.19:6606
45.83.31.19:7707
45.83.31.19:8808
45.83.31.19:8888
45.83.31.241:4444
45.83.31.241:6606
45.83.31.241:7707
45.83.31.241:7777
45.83.31.241:8808
45.83.31.253:7707
45.88.186.147:6606
45.88.186.147:7707
45.88.186.147:8808
45.88.186.151:6606
45.88.186.151:7707
45.88.186.151:8808
45.88.186.168:7707
45.88.186.168:8888
45.88.186.168:9999
45.88.186.203:6606
45.88.186.203:7707
45.88.186.203:8808
45.88.186.213:6606
45.88.186.213:7707
45.88.186.213:8808
45.88.186.228:6606
45.88.186.228:7707
45.88.186.228:8808
45.88.186.43:6606
45.88.186.43:7707
45.88.186.43:8808
45.88.186.63:7707
45.88.186.63:8808
46.183.25.108:443
46.246.12.3:2000
46.246.12.8:2000
46.246.14.14:2000
46.246.4.15:2000
46.246.4.17:2000
46.246.4.4:2000
46.246.6.20:2000
46.246.6.21:2000
46.246.80.20:2000
46.246.80.22:2000
46.246.86.16:2000
47.121.120.18:6606
47.129.39.120:6606
47.238.53.31:8888
5.34.182.173:8808
5.42.105.59:6606
51.161.104.86:777
51.254.67.181:6666
51.68.30.114:6606
52.12.49.46:2000
54.39.216.118:5050
57.128.136.230:9090
64.188.26.202:1604
74.208.107.116:8443
77.105.161.171:8808
82.165.74.190:6606
82.165.74.190:7707
83.147.55.53:8808
91.92.255.114:7707
91.92.255.79:4444
91.92.255.79:6006
91.92.255.79:6606
91.92.255.79:6666
91.92.255.79:7707
91.92.255.79:7777
91.92.255.79:8008
91.92.255.79:8808
93.242.156.76:51125
94.130.162.223:666
94.156.68.100:5555
94.156.68.100:6006
94.156.68.100:6606
94.156.68.100:6666
94.156.68.100:7707
94.156.68.100:7777
94.156.68.100:8008
94.156.68.100:8808
94.156.68.10:6606
94.156.68.10:7707
94.156.68.10:8808
94.156.68.118:6006
94.156.68.118:6606
94.156.68.118:7707
94.156.68.118:8008
94.156.68.118:8808
94.156.68.59:8808
94.156.8.54:2222
94.156.8.54:4444
94.228.166.40:7707
95.98.144.201:2222

# Reference: https://x.com/K_N1kolenko/status/1812729790153060719

149.88.68.93:4449
2.56.245.243:7777
45.83.246.140:3232
54.153.17.157:14445

# Reference: https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software
# Reference: https://www.virustotal.com/gui/ip-address/64.94.84.200/relations
# Reference: https://www.virustotal.com/gui/file/3abdcdaf35d27527fe642e94cf0b33b72267e1f05fa8d947d3c6f9bd4e79f63c/detection
# Reference: https://www.virustotal.com/gui/file/11be386867f47cf17cd8f556efe4a89ba46084cbb13f608bae5591ed75532dcf/detection

http://104.238.34.204
http://216.245.184.105
pretoria24.top
rosetta.cn
rosetta.top
rosettahome.cn
rosettahome.top
rzegzwre.top

# Reference: https://x.com/malwrhunterteam/status/1815314302233887188
# Reference: https://www.virustotal.com/gui/file/bb957ba522861a3d00e340f2cceb051d19046bb4fc6a0bcf03a6942c1a60c809/detection
# Reference: https://www.virustotal.com/gui/file/ae37daf1ed803957ad1c9775be7796e8a5eeed47ec840c479aaf14b4906aa4f2/detection
# Reference: https://www.virustotal.com/gui/file/51553e1373d3c97cf6f4c4aaf49fb3602adae02f7df245c4c98be467c687ed3a/detection
# Reference: https://www.virustotal.com/gui/file/3f9dce25ab9db240fe97438eba1882e13f0f7cd3ffbf4c6151035980d3e792f5/detection

128.90.59.154:6161
128.90.59.185:6161
xsesx.duckdns.org

# Reference: https://x.com/K_N1kolenko/status/1815649563270688897

141.98.7.91:7771
217.15.160.54:8848
27.124.45.70:8848

# Reference: https://x.com/malwrhunterteam/status/1816093946059120803
# Reference: https://www.virustotal.com/gui/file/961ce7460021cc08a288b9c950f890b0c3f4f975638f29ff8ef712ea5598201c/detection

nkprotect.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-07-26)

102.72.3.145:1111
147.185.221.16:2035
147.185.221.19:2035
2.58.80.130:6606
2.58.80.130:7707
2.58.80.130:8808
37.130.98.195:1604
4.233.220.67:6670
45.132.107.72:4449
45.132.107.72:8090
45.138.16.215:3232
45.148.244.13:1604
50.18.145.13:14445
89.213.56.62:4449
scar77747.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1817956577162510622
# Reference: https://www.virustotal.com/gui/file/c0885fb20ec6822ecf51e73751f0192f09f0e747ca20f9b75458222bc4c685e5/detection
# Reference: https://www.virustotal.com/gui/file/7ca2ea6fe909eba4e36a7c8bcdc3593160088dffa65a4ddf845f397e6c513ea2/detection
# Reference: https://www.virustotal.com/gui/file/15a6914f80e47de6d4aae8a90c124435ff8e05e8b6077a6c0cd4be4ee11b64d9/detection

85.209.133.142:1420
85.209.133.142:1488
riu.one
qa.riu.one

# Reference: https://www.virustotal.com/gui/file/86d3e077adb81ff6aff73b71363a7bd62d8817e617b6878bbb67849bc05d0ab1/detection

37.120.239.54:2211

# Reference: https://www.virustotal.com/gui/file/de3fd1673c2ad1ab4b44ee5434a70240ae43722b82a86add6cac1bc22414a34b/detection

85.192.63.68:8245

# Reference: https://x.com/RacWatchin8872/status/1818232911784550539
# Reference: https://tria.ge/240729-y2bt7asgpf/behavioral2
# Reference: https://tria.ge/240730-mfmtsa1fma/behavioral2
# Reference: https://www.virustotal.com/gui/file/41ae3eb86359c776ac1b40faf1eb43eb7d874cbf233444aa3af554257d64e62a/detection

104.243.37.35:222
199.127.63.32:6666
abdallah07.ddns.net
backwork07.ddns.net

# Reference: https://www.virustotal.com/gui/file/6edbed1b167849bf9808b2288299949fd931495836ee3c756d3c724e3d8e9ead/detection

8.218.154.78:8443
xianggangip.oss-cn-hongkong.aliyuncs.com

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-03)

http://34.136.20.17
http://45.141.151.163
103.195.100.105:100
103.195.100.105:113
103.195.100.105:222
103.195.100.105:8808
105.158.34.226:4444
105.72.0.59:64
108.174.200.80:6606
108.61.192.110:8808
110.42.66.74:8808
113.169.210.19:8080
13.60.33.38:60120
144.126.149.221:77
144.91.79.54:32769
147.135.165.29:6666
147.185.221.19:59786
147.185.221.20:36797
147.185.221.20:60349
15.188.86.159:2000
154.12.229.73:1992
157.20.182.8:8067
157.20.182.8:852
160.177.63.69:4444
163.5.64.209:7707
173.44.139.179:8000
173.44.139.179:8080
173.44.139.179:8191
176.111.174.140:6606
176.111.174.140:7707
176.174.54.18:4449
177.255.84.124:4041
177.255.84.124:7040
178.215.236.100:1852
185.104.195.215:7070
185.104.195.215:8808
185.216.214.217:5858
185.241.208.181:3030
187.24.11.141:9999
192.228.105.2:7707
193.23.160.13:7707
193.26.115.132:8808
193.26.115.226:8808
193.26.115.22:2222
193.26.115.22:8888
193.26.115.34:888
193.26.115.34:8888
193.26.115.78:4444
193.26.115.78:6606
193.26.115.78:8808
194.26.192.194:6606
194.26.192.202:1010
194.26.192.214:6606
194.26.192.214:7707
194.55.186.129:5000
194.62.157.160:4444
194.62.157.160:9999
198.23.227.140:1901
198.23.227.140:8000
198.23.227.140:9090
198.23.227.175:1901
198.23.227.175:8000
198.23.227.175:9090
2.58.56.39:5555
2.58.56.39:6666
20.82.141.111:6576
207.174.26.115:7707
23.94.197.108:6606
23.94.197.108:7707
23.94.197.108:8808
41.142.19.167:4444
41.249.239.195:4444
41.43.215.72:2003
45.139.198.242:6606
45.141.151.163:4449
45.80.158.42:8808
45.83.31.19:6666
45.83.31.19:7777
45.83.31.253:6606
45.83.31.253:8808
45.88.186.63:6606
45.90.13.137:7707
5.252.74.251:8808
64.188.9.173:1526
84.44.148.177:4782
85.28.47.123:7707
93.242.156.76:51123
94.156.64.156:8000
94.156.68.100:4444
94.156.68.118:4444
94.156.68.118:5555
94.156.68.118:7777
94.156.68.59:6606
94.156.68.59:7707
94.232.249.204:6606
94.232.249.204:6660
94.232.249.204:7707
94.232.249.204:8808
95.142.46.3:4449
95.142.46.3:7000

# Reference: https://x.com/banthisguy9349/status/1820096535981691337
# Reference: https://app.validin.com/detail?find=o7lab%20Security%20Whitehat%20Blog&type=raw&ref_id=3380ec169f6#tab=host_pairs_v2
# Reference: https://www.virustotal.com/gui/file/e24dd26925db61391a279370f6ee22e4d35ea0a13ca88ae7dae5a8def177832e/detection
# Reference: https://www.virustotal.com/gui/file/7ce2d225442252064d744be1c38e9c1572dd355bbbaf7fa411ce79e41288dfca/detection
# Reference: https://www.virustotal.com/gui/file/736575d7277732b652edade1e21e8614755935b24ba6b032c2a831748a006ac4/detection

http://142.171.23.18
http://45.89.247.62
194.55.186.129:5000
94.156.69.242:1337
94.156.69.242:4449
94.156.69.242:7777
o7lab.me
o7labs.top
prizes.biz
underground-cheat.xyz
blue.o7lab.me
server.underground-cheat.com
server.underground-cheat.xyz
thruster.financetop.privo.net

# Reference: https://x.com/raghav127001/status/1820237011761926208
# Reference: https://www.virustotal.com/gui/file/abdf746e4c16ddc86d74533bd0e4d724ab4f45e81f0139a03c00bfb152139aab/detection

87.89.82.13:1337
namz.read-books.org

# Reference: https://tria.ge/240806-qtmygsvanf/behavioral1

anothonesevenfivesecsned.ddns.net

# Reference: https://www.virustotal.com/gui/file/2a396766fa969c0034d88c3b3d7f048c3e2807b6e185bf81b6e1b5e2af0fd165/detection

91.92.241.190:6606
91.92.241.190:7707
91.92.241.190:8808
salan1.webredirect.org

# Reference: https://x.com/banthisguy9349/status/1821871423368953936
# Reference: https://www.virustotal.com/gui/file/0b63d48fadc191ad675eb56b7d618aa8eb2e8968b9602c41eff49dcff7fc052e/detection

bmexcellentfocus.net
nc.bmexcellentfocus.net

# Reference: https://www.virustotal.com/gui/file/985239f8b609384593ddf4ccb5310eac3cad3dd7779d6d3355b3f46541d2fd14/detection

213.159.74.80:14143

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-08-10)

http://34.30.200.104
103.174.191.71:6606
103.174.191.71:7707
103.174.191.71:8808
103.195.100.105:116
103.195.100.105:119
103.195.100.105:6606
103.195.100.105:7707
103.195.102.21:2222
103.195.102.21:4444
104.238.222.104:7707
104.238.222.104:8808
104.243.37.24:6666
138.128.247.216:1231
14.237.71.174:8080
154.12.229.73:1337
154.216.20.190:4449
154.216.20.242:4449
154.216.20.242:5000
163.5.112.122:6606
163.5.112.122:7707
163.5.112.122:8808
163.5.112.78:6606
163.5.112.78:7707
163.5.112.78:8808
172.96.172.158:8888
173.208.162.39:3001
173.44.139.179:8090
173.44.139.179:8099
173.44.139.179:8880
181.131.217.255:1524
194.156.88.2:222
194.26.192.59:6606
194.26.192.59:8808
196.206.75.48:4444
196.64.255.65:4444
196.65.175.15:4444
2.58.56.193:222
2.58.56.193:5555
20.19.33.124:1125
31.220.85.74:8808
34.154.67.14:6606
34.30.200.104:60
34.30.200.104:81
45.126.209.221:83
45.66.231.149:6606
45.66.231.149:7707
45.66.231.149:8808
45.66.231.202:7777
45.66.231.217:4444
45.66.231.217:6006
45.66.231.217:6606
45.66.231.217:6666
45.66.231.217:7707
45.66.231.217:7777
45.66.231.217:8008
45.66.231.217:8808
45.80.158.42:5001
46.246.14.10:2000
5.252.165.55:1986
62.60.210.205:10000
66.179.254.54:8808
78.161.52.128:20000
78.161.52.128:8808
78.161.52.128:888
91.92.243.191:5401
91.92.246.91:7777
94.156.69.242:5000
vmi1946577.contaboserver.net

# Reference: https://www.virustotal.com/gui/file/0fa269be03146fff09c0ed89d794dc3c141f9e60a5c1e83c432a022294e2a19d/detection
# Reference: https://www.virustotal.com/gui/file/dc2d68253a4a4ea14e4abf2216d780ed1d54f32547a156496581174e2e1f013e/detection

91.92.243.101:6606
91.92.243.101:7707
91.92.243.101:8808
drasticqq.zapto.org

# Reference: https://www.virustotal.com/gui/file/cb92050fe9d71b8a850b65229ea0d2a4c4c2761245f2915cfdf48ccf28acf451/detection
# Reference: https://www.virustotal.com/gui/file/cb92050fe9d71b8a850b65229ea0d2a4c4c2761245f2915cfdf48ccf28acf451/detection

107.173.62.136:6644
181.141.8.140:6644
888manotools.duckdns.org

# Reference: https://www.virustotal.com/gui/file/09fa650f618080d0d0a934302c896f4d17c5cfd96199c73c197ba5cca0fc1bd9/detection
# Reference: https://www.virustotal.com/gui/file/d04bd140e96d286f8769a38420ea1136f9a52ee7ae8da7f1ce19982ae1055b5b/detection
# Reference: https://www.virustotal.com/gui/file/f84f4d3f03f23f0437407b23a95553917dd0c38335a3deac098a0bb63a961c84/detection

107.173.62.21:6606
107.173.62.21:7707
107.173.62.21:8808
173.249.196.196:6606
173.249.196.196:7707
173.249.196.196:8808
multitaskerx32.duckdns.org
ndpalacabeza.duckdns.org
/loader/uploads/Ovxnztupybj.png
/Ovxnztupybj.png

# Reference: https://x.com/K_N1kolenko/status/1822951281448640667

154.221.20.129:8080
3.120.176.240:8848
45.32.157.174:1337
82.45.178.145:1337

# Reference: https://www.virustotal.com/gui/file/b7b215211636bce8abde21c537e455cb05d0e010148f51dd022bc55acdfcb160/detection

179.14.168.79:1990
16dejulio2020.duckdns.org

# Reference: https://www.virustotal.com/gui/file/00784c7c4c9d7d84b2d1b81d05f06663ad4ab69104ce84e43efb6d45687d5475/detection

bookreading2024.net

# Reference: https://www.virustotal.com/gui/file/56ccf81ed97f04a364b92c272c933aacdc1c3bc92f4f92ef8e8e8c6500bc5546/detection

206.53.55.147:1004
salah4.webredirect.org

# Reference: https://x.com/banthisguy9349/status/1824832570011328863

109.199.101.109:443
149.102.147.106:443
154.216.20.112:443
185.150.190.160:443
206.53.55.147:443
23.94.126.49:443
51.81.30.54:666
/DDkFuG3qWJdaZoc4qrzpg.txt
/Dddoxxx.jpg
/HOtbZNroLdCOlkmC.jpg
/MiyLdAnAfs.jpg
/Q8ks7fS084FaHjcHtiDMwiDAX.txt
/ojzxjopybsmvtkuv.txt

# Reference: https://www.virustotal.com/gui/file/54ea368d620e9725254bbbe65acc48fc56b36c7cc468e52a8dcb1c84015bf325/detection

109.199.101.109:1002
word2.webredirect.org

# Reference: https://www.virustotal.com/gui/file/0cc59c7a224ace617aeb365684f5272fd07723c2ae0deacb2c8909521559756b/detection

23.94.126.49:6606
23.94.126.49:7707
23.94.126.49:777
23.94.126.49:8808
jackboyrx.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0ee1a4bfda6573e96c5e5be149a31fc7cdcf700b973a438f1a9431530e5ad56f/detection

154.216.20.112:555
hema2024.from-ut.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-08-18)

http://45.126.209.221
104.238.189.204:2424
104.238.189.204:4444
105.156.60.187:4444
105.156.61.62:4444
142.202.240.141:6606
154.216.18.213:6606
154.216.20.112:7777
154.216.20.112:8808
154.216.20.112:8888
160.179.65.105:4444
160.179.66.190:4444
163.5.32.129:7707
172.96.172.158:2222
172.96.172.158:5555
172.96.172.158:6666
172.96.172.158:7707
173.44.139.179:9090
178.73.192.14:2000
179.241.191.175:9999
181.137.113.195:2021
187.24.1.114:9999
192.159.99.43:7707
2.58.56.92:7777
216.107.136.24:7777
23.95.106.22:35153
41.142.192.11:4444
41.142.192.236:4444
41.249.56.199:4444
45.66.231.130:6606
45.66.231.130:7707
45.66.231.130:8808
45.66.231.241:7777
45.88.186.244:6606
45.88.186.244:7707
45.88.186.244:8808
45.94.31.119:111
45.94.31.119:222
45.94.31.120:111
45.94.31.120:222
46.246.12.21:2000
46.246.6.15:2000
46.246.84.19:2000
62.60.210.205:2086
69.197.145.38:888
82.165.74.190:8808
94.156.69.198:4444
94.156.69.198:6006
94.156.69.198:6606
94.156.69.198:6666
94.156.69.198:7777
94.156.69.198:8008

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-18)

156.195.155.193:2004
156.195.159.197:2004
187.24.64.197:9999
192.210.229.8:8880
196.64.246.160:4444
196.65.171.214:4444

# Reference: https://www.virustotal.com/gui/file/0af0b4bffa67145e4e5ecd2321bb7790e9c14ed802a7984798fc7c00b6763207/detection

45.148.244.112:7702

# Reference: https://www.virustotal.com/gui/file/96830a2a4a61ba8263513f4a76c620f1da22a12fb4eb9324f18128404c9170bb/detection

23.94.207.116:1177
nova.sytes.net

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-08-24)

104.243.37.126:4444
104.243.47.235:443
107.178.105.137:6606
128.90.106.105:9999
128.90.106.219:9999
128.90.113.100:9999
142.44.252.8:222
147.189.168.167:4444
147.189.170.37:7707
154.216.20.112:9999
154.216.20.29:8808
163.5.32.72:7707
172.111.150.137:2000
173.44.139.179:1901
176.31.147.216:6745
179.13.4.53:8082
192.210.229.8:8000
194.26.192.121:2000
194.26.192.121:7777
198.23.227.140:8881
2.58.56.157:6606
2.58.56.157:7707
2.58.56.157:8808
2.58.56.157:9909
2.58.56.92:6606
2.58.56.92:7707
2.58.56.92:8808
45.94.31.119:5555
45.94.31.119:6606
45.94.31.119:7707
45.94.31.119:777
45.94.31.119:8808
46.246.6.4:2000
69.197.145.38:20000
69.197.145.38:3000
69.197.145.38:999

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-08-25)

http://2.59.134.73
103.195.100.105:202
107.178.105.137:8808
23.95.106.22:7790
45.55.194.173:9090
62.113.117.95:4449
80.240.28.67:3826
80.240.28.67:3827
kenesrakishevinfo.com

# Reference: https://www.virustotal.com/gui/file/0b9189931f5ff0ebcbfe32c05ae62b645b5a9dffe3d5fc6af3effbf218d0b4c3/detection

185.29.11.28:9983
floor-contemporary-genius-accommodation.trycloudflare.com

# Reference: https://x.com/JAMESWT_MHT/status/1828191158045901013
# Reference: https://app.any.run/tasks/0434cf44-9e95-4808-aa13-4620e4fabaf2
# Reference: https://app.any.run/tasks/1f006b3a-1147-472c-85db-c9ab3016d4d8
# Reference: https://www.virustotal.com/gui/file/39c4d2c738925df996e66aa13c3db2c58e81f2bcd8b7c0c312ace0562b13b322/detection
# Reference: https://www.virustotal.com/gui/file/b3ebae9c04c8ab1c5aee3c6733fd02bd67117d7028666c71f385dbb2fce426ff/detection
# Reference: https://www.virustotal.com/gui/file/da9d6b0a69c4c406914b1c5b7e1c395c6c2e9bd55d67f07fa54e2c8930d6bc0d/detection

173.249.196.110:2020
181.235.10.116:2020
enviasept.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1828387904361533611
# Reference: https://www.virustotal.com/gui/file/59beb9bd5fd9ef67e6b90313622aee0e41568befa1cfb7f08aa88f4d0fbabc69/detection

148.113.165.11:3090

# Reference: https://x.com/RacWatchin8872/status/1829163583986643429
# Reference: https://x.com/g0njxa/status/1829177645348860120

/vvTBswN.php

# Reference: https://www.virustotal.com/gui/file/8dd63124c53ad2539f0a8442d5f7dbe0b582f84f6d40ca725e77b1cf2fd9f140/detection

91.109.190.5:2019

# Reference: https://x.com/K_N1kolenko/status/1830555300589449255

146.103.40.243:4449
154.216.20.204:1602
157.20.182.193:881
167.88.165.20:4444
198.98.58.93:999

# Reference: https://x.com/K_N1kolenko/status/1831980364199596121

157.20.182.18:4449
198.23.219.104:7001
204.12.203.92:4449
213.238.177.243:8848
95.179.246.167:1024

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-07)

http://5.180.106.132
103.164.226.125:2222
103.195.102.21:2266
104.243.37.177:443
104.243.37.177:6606
104.243.37.177:7707
104.243.37.177:8808
104.243.47.56:4444
107.175.31.172:8808
108.61.177.169:4444
128.90.102.146:5155
128.90.102.146:9441
128.90.103.16:9999
128.90.106.199:9999
128.90.122.41:9999
128.90.123.215:9999
141.98.154.54:8808
147.189.174.48:6666
149.102.147.106:60
154.12.242.122:8808
154.216.17.231:2222
154.216.17.231:4444
154.216.17.231:7777
154.216.20.112:6666
154.216.20.29:5454
163.172.125.253:82
163.172.125.253:83
164.92.232.138:9927
164.92.232.138:9928
173.44.139.179:8881
178.73.218.17:2000
185.104.195.215:7707
185.174.101.88:7707
188.218.110.233:7707
188.218.98.93:7707
192.250.226.28:8401
193.26.115.159:6606
193.26.115.159:6666
193.26.115.159:7707
193.26.115.159:8808
193.26.115.70:6606
193.26.115.70:7707
193.26.115.70:8808
194.26.192.222:222
194.26.192.222:4444
194.26.192.222:555
194.26.192.222:5555
194.26.192.222:6606
194.26.192.222:6666
194.26.192.222:7707
194.26.192.222:8808
194.26.192.74:4444
194.26.192.74:555
194.26.192.74:5555
195.3.223.146:6969
207.231.111.82:301
207.32.218.21:6666
45.202.35.12:6606
45.202.35.12:7707
45.202.35.12:8808
45.83.31.241:100
45.83.31.66:6006
45.88.186.113:7077
45.88.186.169:7077
45.88.186.218:7077
45.88.186.244:7077
46.246.84.6:2000
51.254.67.181:6606
51.254.67.181:7707
51.254.67.181:8808
64.188.9.172:5090
64.188.9.177:5080
66.154.113.81:6606
66.154.113.81:7707
66.154.113.81:8808
88.170.194.154:40000
88.201.9.34:443
89.39.106.35:1331

# Reference: https://www.virustotal.com/gui/file/6bb2386101837fd4e8a32018f2d8ec5bbd646bef9a5513783f782fe2ae1ff3e0/detection
# Reference: https://www.virustotal.com/gui/file/2e63b012bb3fa9df55bdcef31185577686fe71756580ac2f2fa23f6e9b82c687/detection

179.13.0.188:3000
179.13.0.188:4000
179.13.0.19:3000
179.13.0.19:4000
179.13.2.131:3000
179.13.2.131:4000
trabajo25.duckdns.org

# Reference: https://www.virustotal.com/gui/file/425e3e4f280f19e1de7ced375ab0b31dbd2ffe49ed2684ecb140918d662d58ff/detection

194.147.140.241:5552
y20.ddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-09-08)

103.195.102.21:2233
198.23.197.108:7707
20.109.46.176:8080
64.23.232.116:7812
21562-36559.bacloud.info
asynctechlino.duckdns.org
danieltorrenegra5020.con-ip.com
deadpoolstart2025.con-ip.com
editorials.duckdns.org
fernandocuellar909080.con-ip.com
fernandoesquiveldominio.con-ip.com
fttuvgt.ddnsfree.com
mail.er-lach.eu
modsmasync.duckdns.org
momehvenom.duckdns.org
nanarchym.duckdns.org
v57018.php-friends.de
vulcano10.duckdns.org

# Reference: https://x.com/K_N1kolenko/status/1833018771436413396

45.131.109.206:4449
85.17.106.240:707
tenfreehse.dynuddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-09-09)

104.243.35.72:8888
146.235.38.234:8225
157.20.182.8:8888
188.190.193.62:4449
192.129.178.59:8713
198.71.58.46:8000
198.71.58.46:888
64.188.9.175:3007
88.119.175.153:5555
88.119.175.153:6666

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-09-14)

http://124.156.206.217
http://163.172.125.253
103.195.100.105:57
103.198.26.95:8000
104.243.34.3:2002
128.90.123.33:9999
136.175.8.35:8080
142.202.240.39:8088
142.202.240.72:4444
142.202.240.72:6006
142.202.240.72:8008
144.126.151.185:2006
156.244.14.14:8080
163.172.125.253:81
165.227.81.186:4444
172.111.189.20:2000
178.215.236.114:2222
178.215.236.114:4444
192.129.178.58:8713
192.129.178.60:8713
192.129.178.61:8713
192.129.178.62:8713
198.23.227.175:8090
2.58.85.196:2323
23.95.106.22:6756
31.220.85.74:7707
45.77.112.205:8000
45.88.186.211:4444
45.88.186.211:6006
45.88.186.211:6606
45.88.186.211:7707
45.88.186.211:8008
45.88.186.211:8808
45.88.186.211:8888
45.88.186.61:7077
45.89.247.62:7777
46.246.4.13:2000
46.246.80.10:2000
86.38.225.234:9091
88.119.175.153:7777
88.119.175.153:8888

# Reference: https://x.com/Racco42/status/1835588779509199035
# Reference: https://app.any.run/tasks/87a918fc-f5f0-46f3-92fc-5f1a10dc91eb
# Reference: https://www.virustotal.com/gui/file/e90a2422a138f3033f7bbaea5ec42f4e44e67ee1bbf1f8f439bf5a2b43cd1d21/detection
# Reference: https://www.virustotal.com/gui/file/169ac835fb39875b99786bfd826c482807fb92a8630897c75db6d562cbdd2d6f/detection
# Reference: https://www.virustotal.com/gui/file/5baa818d0b2d658a26691715da4953a584acf69d053b3dbd5bff68379e8d748c/detection

144.202.36.158:2107
149.28.100.37:2107
207.246.71.153:2107
45.77.72.186:2107
juanjuan20231.kozow.com

# Reference: https://x.com/malwrhunterteam/status/1835584557334089904
# Reference: https://www.virustotal.com/gui/file/2c295492de80df3a89ee60ae665b4209455aafe8574e044ff4f4ebe205e5ba15/detection

193.26.115.48:7077
45.88.186.223:777
mohfat7y.freeddns.org
workingzoon.work.gd

# Reference: https://www.virustotal.com/gui/file/2b867ff217653a0ae8a7cdc35b7596e5cc9493a8ad140f04ddd4180a6440b027/detection

147.185.221.22:27881

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-09-22)

105.154.29.81:8000
105.159.143.49:8000
109.199.101.109:1001
128.90.122.238:9999
128.90.123.30:9999
128.90.123.9:9999
163.172.125.253:84
172.111.189.21:2000
172.212.97.180:6606
178.215.236.114:8888
191.93.114.27:9003
191.96.235.192:5555
193.26.115.102:6606
193.26.115.102:7707
193.26.115.102:8808
216.107.136.76:7777
23.95.106.22:28351
38.165.1.3:39315
41.141.146.213:8000
41.141.147.188:8000
41.250.25.231:8000
45.126.209.19:22
45.126.209.19:2222
45.126.209.19:4444
45.126.209.52:5555
45.126.209.52:6666
45.202.35.100:6606
45.202.35.100:7707
45.202.35.100:8808
45.77.72.102:2727
46.246.82.8:2000
5.83.48.5:6001
51.89.207.240:4343
57.128.132.198:4049
64.188.9.175:9200
77.105.161.6:8000
88.119.175.153:6606
88.119.175.153:7707
88.119.175.153:8808
89.117.23.22:6606
93.123.85.247:7777
93.123.85.247:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-09-22)

103.252.93.30:4449
154.216.17.155:7707
154.216.17.155:8808
191.96.235.192:7777
198.23.227.140:8090
34.145.18.233:7707
34.31.210.192:8808
5.226.137.132:4449
85.198.108.36:7667
163-172-125-253.rev.poneytelecom.eu
ansj.duckdns.org
asyn8097.duckdns.org
delonuevomision.con-ip.com
govpet.mysynology.net
timez0.duckdns.org

# Reference: https://x.com/K_N1kolenko/status/1839216071150121271

148.113.165.11:3236

# Reference: https://x.com/RacWatchin8872/status/1839253450288198121
# Reference: https://app.any.run/tasks/fd329952-711e-4351-ab6b-a6c6205cdbee

kareemovic11.duckdns.org

# Reference: https://x.com/threatcat_ch/status/1839177437374022109
# Reference: https://www.virustotal.com/gui/file/5d5b4f259ef3b3d20f6ef1a63def6dee9326efe2b7b7b7e474008aa978f1f19b/detection

185.91.69.119:56001

# Reference: https://www.virustotal.com/gui/file/943671d4114a0fed608e7c43bc2cf5443a121a3100875eb818693c67d011ce61/detection

45.135.232.38:52350
64.44.156.35:52350
asmby.duckdns.org

# Reference: https://x.com/K_N1kolenko/status/1842206015732801663

45.84.199.218:1604
8.140.196.172:42606
84.46.250.60:4449

# Reference: https://www.virustotal.com/gui/file/c1cbd79697153da1dd0cad7e8a1267459db4f0710d00a13d2f1638989ba221ef/detection

24.152.38.77:8848
winddows.duckdns.org

# Reference: https://x.com/0xmh1/status/1843249014764118457
# Reference: https://www.virustotal.com/gui/file/b032a4909919e85a0a6dbd4a953173cb60c81ae5462f7dd0cfc0370d3d831ade/detection

179.43.180.122:56001

# Reference: https://www.virustotal.com/gui/file/b5d77f3e884b0f4fa1bfeb40a9f976293d2bfbb316dbc91b04d2277ada464d02/detection

45.66.231.87:7211
nasyiahgamping.com

# Reference: https://www.virustotal.com/gui/file/841c4c804c8c10b19da50f463caebe94ba1dee6956dbd59ceefee615417ea8b8/detection

185.106.123.198:6606
185.106.123.198:7707
185.106.123.198:8808
420cloud.duckdns.org
cloudhost420.duckdns.org
cloudhost420.sytes.net

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-10-13)

http://1.239.98.205
http://109.199.104.52
101.99.92.100:21
101.99.92.100:4899
103.195.100.105:1919
104.243.47.56:8888
104.255.175.7:8808
105.154.15.219:8000
128.90.102.94:5155
128.90.103.145:9999
128.90.103.9:9999
128.90.122.7:9999
134.19.179.179:19125
136.175.8.59:9999
142.202.242.182:5555
142.202.242.182:6666
142.202.242.182:7707
142.202.242.182:7777
142.202.242.182:8888
142.202.242.182:9999
144.126.141.126:2000
144.126.149.221:7777
144.126.151.240:2002
144.126.151.240:2003
144.76.68.248:8888
154.12.229.73:1999
154.12.242.122:7707
154.216.17.231:8888
154.216.18.171:8808
156.195.154.23:222
157.173.123.3:4443
160.176.88.73:8000
172.111.189.22:2000
172.93.101.18:7707
172.94.108.143:7784
173.212.199.134:13001
176.96.137.133:4242
178.156.8.15:5001
178.156.8.15:6001
178.73.192.16:2000
181.235.10.77:2017
181.235.6.202:2017
191.96.166.66:7777
191.96.166.66:8888
191.96.166.66:9999
191.96.235.192:6606
191.96.235.192:7707
192.210.229.11:445
192.210.229.8:443
192.210.229.8:445
193.26.115.159:50
193.26.115.8:8080
193.26.115.98:6606
193.26.115.98:7707
193.26.115.98:8808
198.58.98.151:6606
20.51.109.14:8888
20.51.109.14:9999
207.32.217.176:6666
207.32.217.180:6606
207.32.217.187:8888
207.32.217.187:9999
207.32.217.252:6606
207.32.217.27:6606
207.32.217.9:6666
207.32.218.100:8888
207.32.218.46:6666
207.32.218.46:8888
209.145.50.29:7777
209.145.50.29:8888
209.222.98.197:443
34.145.18.233:8808
38.240.36.127:7707
38.242.236.116:6606
41.141.181.109:8000
41.43.63.40:2003
45.126.209.19:8808
45.126.209.238:8888
45.32.163.234:8000
45.83.31.47:4444
45.83.31.47:6606
45.83.31.47:8808
45.83.31.53:8080
45.88.186.177:6606
45.88.186.177:7707
45.88.186.177:8808
45.88.186.202:7077
45.88.186.68:7077
45.88.186.85:7077
46.246.86.13:2000
49.232.228.35:8888
51.38.109.144:6606
51.38.109.144:7707
51.38.109.144:8808
51.81.24.83:6606
51.81.24.83:7707
51.81.24.83:8808
64.176.183.172:8808
66.179.188.124:888
66.179.189.167:888
66.179.208.55:888
74.208.164.130:444
74.208.249.138:6606
77.59.137.82:4444
85.206.172.156:333
88.119.175.153:4444
88.119.175.153:9999

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-10-13)

http://176.96.138.247
136.175.8.59:8888
154.216.17.207:1188
154.216.17.207:7707
154.216.17.207:8808
154.216.18.236:7777
154.216.20.112:5555
156.195.154.23:2003
172.111.252.205:4444
178.156.8.15:6002
185.106.92.86:4040
185.196.10.235:4449
185.196.10.98:4444
185.196.9.174:7777
191.96.235.192:6666
192.210.229.11:443
192.210.229.11:8000
192.210.229.11:9090
192.210.229.8:8080
192.210.229.8:9090
193.26.115.8:8808
194.26.192.222:111
198.23.197.108:6606
198.23.197.108:8808
198.23.227.175:4655
45.126.209.19:6606
45.126.209.19:7707
45.83.31.47:7707
47.238.55.14:4449
66.179.188.124:8000
72.11.142.133:4449
77.91.102.202:4444
79.137.199.150:4449
89.23.113.10:7777
91.92.250.207:6606
91.92.250.207:7707
91.92.250.207:8808
nf-account.com
tzten257.top
ansss2608.duckdns.org
dczas.duckdns.org
windows-cam.casacam.net
winsrr14.duckdns.org
xspeed.freemyip.com

# Reference: https://x.com/malwrhunterteam/status/1846476306327720289
# Reference: https://www.virustotal.com/gui/file/3ca4eae0f394cc0d920fa27fd22cf22c2fa7337fe633fd54db7348eddbd9f691/detection
# Reference: https://www.virustotal.com/gui/file/c971e493d53d331ce884aa2380207080aecd9ae84309639b13a759c32a1215e9/detection
# Reference: https://www.virustotal.com/gui/file/0f9e8c9c6f7fd9ae5fbfd58019ae359db215692dab871af16e951b3c9ad413b7/detection

193.26.115.161:7077
193.26.115.68:60027
comcast-zone.gleeze.com
madostock.loseyourip.com
megamart.mywire.org
newencrypt.giize.com

# Reference: https://x.com/Racco42/status/1847003262152482860
# Reference: https://app.any.run/tasks/3640e7b2-627f-411c-a75c-3c3e952f8b43

190.9.223.135:1415

# Reference: https://x.com/banthisguy9349/status/1847169708140683540
# Reference: https://www.virustotal.com/gui/file/ea6776496baaaa60c2825e976eeec430330246f54ad0d09ba0b05f64c19eb9da/detection
# Reference: https://www.virustotal.com/gui/file/d03a4b34d81c0dec8c4cdbc11ad70646bd2e5e62643569c326f4dac9bdf5f4b8/detection
# Reference: https://www.virustotal.com/gui/file/4a81d32d170e24d97baa57977ba8a2c3a792bb0c9b61e9d121bbef0baf8bb8f9/detection
# Reference: https://www.virustotal.com/gui/file/48d56a035480076931ec3b80a9df7321f1ddd31b6d3f92206656b7b6fbb1cbb8/detection

45.83.31.104:7077
marcoworking.freeddns.org

# Reference: https://www.virustotal.com/gui/file/39be0d9e62066bd79cbce3416f41776c8e36146cf8f729af61bbb49c800c13f4/detection

ads-remover.duckdns.org
shellwriter.com

# Reference: https://x.com/K_N1kolenko/status/1846140635700466062

147.185.221.18:525310
157.20.182.17:4449
217.195.195.46:1604
38.156.0.162:1001
43.128.62.113:8848
45.77.40.234:22580

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2024-10-20)

http://165.227.81.186
103.56.113.221:1723
104.243.40.137:6605
104.243.47.56:5555
105.188.114.89:4444
125.113.0.208:6699
128.90.106.50:9999
128.90.113.192:9999
142.202.242.182:2812
144.126.151.240:2004
146.59.161.5:7829
148.135.76.59:8888
149.56.30.19:7000
154.12.229.73:1997
157.20.182.183:4449
157.20.182.8:4442
178.156.8.15:6000
181.215.205.147:6606
191.93.112.73:9003
191.96.235.192:8808
193.124.205.51:7777
198.154.99.162:6606
198.154.99.162:6607
198.154.99.162:6608
198.154.99.162:6609
198.154.99.162:6610
198.154.99.162:6611
198.154.99.162:6612
198.154.99.162:6613
198.154.99.162:6614
198.154.99.162:6615
198.154.99.162:6616
198.154.99.162:6617
198.154.99.162:6618
198.154.99.162:6619
198.154.99.162:6620
198.154.99.162:6621
198.154.99.162:6622
198.154.99.162:6623
198.154.99.162:6624
198.154.99.162:6625
198.154.99.162:6626
198.154.99.162:6627
198.154.99.162:6628
198.154.99.162:6629
198.154.99.162:6630
198.154.99.162:6631
198.154.99.162:6632
198.154.99.162:6633
198.154.99.162:6634
198.154.99.162:6635
198.154.99.162:6636
198.154.99.162:6637
198.154.99.162:6638
198.154.99.162:6639
198.154.99.162:6640
208.91.189.69:6606
209-222-98-197.cprapid.com
23.26.108.141:7707
34.145.18.233:6606
41.251.208.176:8080
41.43.194.246:4444
46.246.12.10:2000
46.253.4.252:6606
54.38.151.134:7707
64.188.9.172:8888
64.188.9.172:9999
66.179.240.24:888
82.115.223.212:7777
82.115.223.212:8888
82.115.223.212:9999
82.216.163.11:443
87.106.72.122:2005
91.107.210.50:6606
91.107.210.50:7707
91.107.210.50:8808
ip-11.net-82-216-163.suresnes3.rev.numericable.fr
musing-hermann.101-99-92-100.plesk.page
twofact.ddns.net

# Reference: https://www.virustotal.com/gui/file/1714c7d7ddf0d127813104ef4322738e405988ceaa646dcb4103f49f30fcc9dc/detection

80.76.51.32:8588

# Reference: https://www.virustotal.com/gui/file/81d9449bbcbf0ec741da434f54edac3745d611553a3f76e62809a9cc5440b021/detection

80.76.51.32:62336

# Reference: https://x.com/banthisguy9349/status/1849792179939533246
# Reference: https://www.virustotal.com/gui/file/e04bc2c23f7bea169e08ec1a4a38cd840aae9f1217b227a8a0ab05cd5f1a3196/detection

172.236.29.219:8080
172.236.29.219:8808

# Reference: https://x.com/RacWatchin8872/status/1854579674887729395
# Reference: https://tria.ge/241107-vwkncsypcm/behavioral2

111.90.143.143:3232
111.90.143.248:3232
111.90.143.248:4449
skills-genes-flex-darwin.trycloudflare.com

# Reference: https://x.com/lontze7/status/1854878302109892814
# Reference: https://x.com/RacWatchin8872/status/1854891809807151344
# Reference: https://app.validin.com/detail?find=asegurar.vbs&type=dom&ref_id=0d0be108061#tab=host_pairs
# Reference: https://app.validin.com/detail?find=segura.vbs&type=dom&ref_id=0d0be108061#tab=host_pairs

coemprsasltda.pro
21oct.duckdns.org
sostregd.duckdns.org
sremc.duckdns.org
wins14feb.duckdns.org
wins.coemprsasltda.pro

# Reference: https://x.com/malwrhunterteam/status/1855330328417546422
# Reference: https://www.virustotal.com/gui/file/49b3b5ed8b4bab226241223f2004d96cd7975d62375dfbffbfe2212c1e4d52f8/detection

67.207.188.125:6606
67.207.188.125:7707
67.207.188.125:8808
adrsxpjm0rga0n.de
go2.adrsxpjm0rga0n.de

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-30day.csv (# 2024-11-10)

http://107.173.58.12
http://111.90.140.83
http://157.173.195.46
http://34.70.255.193
103.186.117.76:6606
103.186.117.76:7707
103.186.117.76:8808
104.243.38.34:8888
104.255.174.9:8000
104.255.174.9:8088
111.90.140.83:443
128.90.102.115:9999
128.90.103.230:9999
128.90.103.99:9999
128.90.106.215:9999
128.90.106.249:9999
128.90.113.118:9999
128.90.113.157:9999
128.90.128.166:9999
128.90.129.125:9999
128.90.129.238:9999
128.90.141.244:7070
140.82.52.246:1604
144.202.38.111:2000
154.12.253.45:8088
157.173.195.46:8888
172.233.177.224:8000
172.235.128.191:8000
172.93.101.39:4444
172.93.101.39:8888
173.249.202.39:443
176.96.138.110:4608
179.13.10.157:8082
181.235.132.44:8887
185.241.208.217:4001
185.241.208.88:111
185.241.208.88:222
185.241.208.88:2222
185.241.208.88:4444
185.38.142.240:1940
185.38.142.240:1962
185.49.126.52:8808
188.218.255.105:7707
191.93.117.49:9003
191.96.207.223:8888
192.3.95.164:8080
192.3.95.227:8080
194.190.152.111:7854
196.74.238.102:8080
213.176.67.24:8888
213.176.67.24:9999
216.151.164.102:443
23.160.168.167:8080
31.59.131.84:2000
37.114.41.179:6606
4.255.224.214:4444
41.249.160.126:8080
45.137.21.15:6606
45.143.199.184:8088
45.88.186.69:7707
45.88.186.69:8808
45.93.9.248:4500
46.246.6.16:2000
5.196.186.185:5001
5.196.186.185:8008
5.89.219.20:7707
51.222.21.29:222
51.222.21.29:2222
51.222.21.29:555
51.222.21.29:5555
51.222.21.29:777
51.222.21.29:7777
51.89.207.236:4048
51.89.207.240:4048
64.188.9.164:5080
66.179.243.219:443
66.179.243.219:8888
66.179.243.34:888
67.217.240.33:443
67.217.240.34:443
67.217.242.14:888
67.217.244.177:443
67.217.244.178:443
74.48.83.22:8888
74.48.83.22:9999
77.220.213.58:6606
77.69.107.217:8888
78.161.46.79:20000
78.161.46.79:222
78.161.46.79:3002
78.161.46.79:3005
78.161.46.79:5050
78.161.46.79:888
78.161.6.8:222
85.7.223.113:9090
87.120.114.144:222
87.120.114.144:2222
88.209.248.69:6606
89.39.106.35:1414
93.123.109.157:7777
95.179.194.63:8808

# Reference: https://www.virustotal.com/gui/file/c6c72806ec39a174351500bd7f3ca235550a83b9a03538cf2e47f914c6013e24/detection

219.248.40.33:8848

# Reference: https://www.virustotal.com/gui/file/1abdb053479fd561bc7bf95de8b98104cab4762b2b84f7340b67c0dae52fae66/detection

136.243.179.5:650
minlsteres.linkpc.net

# Reference: https://x.com/JAMESWT_MHT/status/1857685914459210138
# Reference: https://app.any.run/tasks/9f28524e-9d3e-47db-8911-bfde07e620d8
# Reference: https://www.virustotal.com/gui/ip-address/191.93.117.49/relations
# Reference: https://www.virustotal.com/gui/file/904c0fe0f29e8a2d4e26f7087dbbb95c1d926340e80b93399583aa865f5a6860/detection
# Reference: https://www.virustotal.com/gui/file/09a0cf7158d3869f792543c5eb64d567f9c01b3cea28547f460fa88197e464f8/detection

0611wins.duckdns.org
12novwins.duckdns.org
3010wins.duckdns.org
7012oj.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1857692980900982994
# Reference: https://www.virustotal.com/gui/file/01ad5238f803563f1635fdadfef47f97c0c2c8e0c90111b625a248d44f9017f9/detection

i0004.clarodrive.com
powerupsnew.dynuddns.com

# Reference: https://x.com/JAMESWT_MHT/status/1857821931514347908
# Reference: https://app.any.run/tasks/e5a76bfb-058f-4511-bb31-8dc3571ef8be

154.216.17.175:7070
ghanarchydn.duckdns.org
fit-retired-athletics-marathon.trycloudflare.com
previews-belgium-achieved-driving.trycloudflare.com

# Reference: https://x.com/JAMESWT_MHT/status/1857798237693862233
# Reference: https://www.virustotal.com/gui/file/b9a69d93f042ba4bd16df5e8768e445fda2ed2ec0084352f43111347c0928729/detection

172.233.187.199:7474
172.235.135.74:5252
172.235.135.74:7474

# Reference: https://x.com/JAMESWT_MHT/status/1858421663894737400
# Reference: https://www.virustotal.com/gui/file/adc29eb24db484b14101ce4ab0e8eeda1586009dd65f980e596c8fa45703678c/detection

139.162.100.28:8000
enviodolares24.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1859187800928616611
# Reference: https://www.virustotal.com/gui/file/1503447c30588583377509f44b075e99019a59899ca8e2a4b36a6602b39d4dc7/detection

167.114.47.186:56001

# Reference: https://x.com/malwrhunterteam/status/1859280130511655235
# Reference: https://www.virustotal.com/gui/file/4b8474a72a587841c45aaa30d00b7f5335cb69d0fc748ceb8adb244932bdf845/detection

191.93.117.49:9003
19nov2024.duckdns.org

# Reference: https://www.virustotal.com/gui/file/846375b7cbfa9c6b6ef170e1f42e62fe359d58ea69912b1de53d2999dee226b4/detection

163.172.125.253:800

# Reference: https://www.virustotal.com/gui/file/31f50eda5a542daad800246c8c8824650f1523bde4c3e944acda96c10fe3b0f7/detection

65.21.198.54:850

# Reference: https://tria.ge/241122-b13vys1phs/behavioral2
# Reference: https://www.virustotal.com/gui/file/981db65a918db89fba166dc5b9063d873ca4a2528cf9d56e8bf893fd53b98ba0/detection

65.21.198.54:63107
65.21.198.54:63108
65.21.198.54:63115
65.21.198.54:62488

# Reference: https://x.com/karol_paciorek/status/1859954097908256877

136.243.151.123:7702
136.243.179.5:32
65.21.198.54:600

# Reference: https://x.com/cyberfeeddigest/status/1860079815040348322
# Reference: https://www.virustotal.com/gui/file/3442a9e4f21d14a478076694bf1dd44268e950262270e7637936c05657531462/detection

158.220.83.114:1005
samsalah1.freeddns.org

# Reference: https://x.com/RacWatchin8872/status/1860356538503733473
# Reference: https://app.any.run/tasks/0a336523-d6de-4d30-860c-37287a9ced56
# Reference: https://app.any.run/tasks/13911dd7-ec24-4b3f-a2f0-0aa2bd8234c1

192.121.82.93:4099
192.121.82.93:5801
logitraceworld.org
jimcovington.duckdns.org
s1.hopto.org
sansay.servesarcasm.com
zaid.hopto.org
barry-physics-replace-endangered.trycloudflare.com
casinos-closed-paxil-enabled.trycloudflare.com
holder-apartments-face-matthew.trycloudflare.com

# Reference: https://www.virustotal.com/gui/file/d4f4d3196d92b306f65ba4f1f90ec73403803530a58196b48db38210e3e3047d/detection

128.90.141.116:6161
ducksex.ddnsfree.com

# Reference: https://x.com/JAMESWT_MHT/status/1861101857495552378
# Reference: https://app.any.run/tasks/519aedb1-dd44-44c1-923e-6c13ef186bcf
# Reference: https://www.virustotal.com/gui/file/499cad8ea8d4afa46c6864e33c229dc54542fe7ed44a0fdaffa0deffe8677dc5/detection

104.37.175.232:7716
192.30.241.106:56001

# Reference: https://www.virustotal.com/gui/file/32ccf9351cb267284738c1828fe20d3c876566fdc4c73f613b8f6df50d71905a/detection

45.66.231.89:6171
xscapezo.capetown

# Reference: https://x.com/malwrhunterteam/status/1861038954931220483
# Reference: https://www.virustotal.com/gui/file/a3c5fae44d28838794657b38a0c619516bae0805da4cb9004d5178204a670f6c/detection

31.13.224.69:8120

# Reference: https://x.com/RacWatchin8872/status/1862119006041264199
# Reference: https://app.any.run/tasks/4871f41c-1118-4936-aaa3-9fc777529d4e
# Reference: https://www.virustotal.com/gui/file/84b1476e3f582b757c6aea49c621c676ede660b451d25022742dbbddd16fedc1/detection
# Reference: https://www.virustotal.com/gui/file/8a984491558f624bf313baf8453d547c0f714822058a2aca540f64dc78e4078f/detection

103.195.103.63:222

# Reference: https://x.com/malwrhunterteam/status/1862465014692536790
# Reference: https://www.virustotal.com/gui/file/87eefc3270fefac96226245ab6d36360e379caea5e93060082ec31dcc8b823ed/detection

139.99.188.124:56001

# Reference: https://www.virustotal.com/gui/file/b19856bcce19bf81749b4293d2cd8cb5e7be78419e730c3f5c50a0564c340022/detection
# Reference: https://www.virustotal.com/gui/file/4f4ae94ab54dd5d75fb362ef61db9f94efde100303275bb5fc674e9f450e1215/detection

192.169.69.26:8797
pdhasync.duckdns.org

# Reference: https://www.virustotal.com/gui/ip-address/12.202.180.114/relations

anachymom.duckdns.org
asyncmoment.duckdns.org
dhanachy.duckdns.org

# Reference: https://x.com/banthisguy9349/status/1849721368931086442
# Reference: https://x.com/JAMESWT_MHT/status/1863903647165214859
# Reference: https://www.virustotal.com/gui/file/3ce21ef0e54daaa882322073dfd9b136e8b0a2eba8172fb83c1e934c74ed60ec/detection
# Reference: https://www.virustotal.com/gui/file/2bf40a88c866b16124039495791b99cd71ddf5f1c8decea75d18e8400b52b6ea/detection
# Reference: https://www.virustotal.com/gui/file/26f21a80a6bc8fac55d3137d541116b500b37bab7e9e01432d7b515396aa6dcd/detection
# Reference: https://www.virustotal.com/gui/file/8620fa4c62bd53e5b70aa10e6205f1ceffcd49bd7ca3b01cbe8f539273dd6695/detection
# Reference: https://www.virustotal.com/gui/file/5969d816e92654b77aed224db471e2c0f06d004d12885324cb9bb9b3e06776df/detection
# Reference: https://www.virustotal.com/gui/file/5969d816e92654b77aed224db471e2c0f06d004d12885324cb9bb9b3e06776df/detection
# Reference: https://www.virustotal.com/gui/file/8cff7f991f38a735a829c6aeb8d1482e76eba84c4ad1c4492a34d1b88a972cba/detection
# Reference: https://www.virustotal.com/gui/file/6ef23d5f69695cd8c9381e416928ca10e33a0b927c451399ab439eb64007a5ec/detection
# Reference: https://www.virustotal.com/gui/file/3ba67ff051ccbe3e60a5e3299efc94b852b2edcad367e362eec201731b51b2fe/detection
# Reference: https://www.virustotal.com/gui/file/25db2614bacd5fab235fae0dcf994833603604ed37173152c47f288733fa8418/detection

154.216.16.111:7957
154.216.17.175:3044
154.216.17.175:7070
154.216.17.175:8331
154.216.17.175:8930
154.216.18.99:9135
51.89.201.2:5878
57.128.129.22:5824
20fit-retired-athletics-marathon.trycloudflare.com
absolutely-joy-instantly-violence.trycloudflare.com
goninvoicceme.shop
icq-hang-toe-specific.trycloudflare.com
invoiceposs.shop
kendychop.shop
kinggamminginvoicfin.cyou
kinggamminginvoicfin.icu
kinggamminginvoicfin.shop
kmaybelsrka.art
kmaybelsrka.biz
kmaybelsrka.cfd
kmaybelsrka.club
kmaybelsrka.cyou
kmaybelsrka.sbs
kmaybelsrka.xyz
nvrecipingpayrhnmusic.icu
partinvshipppjbb.click
partinvshipppjbb.xyz
payhostmsa.shop
prtmscaup.cfd
prtmscaup.click
prtmscaup.cyou
prtmscaup.my
prtmscaup.sbs
prtmscaup.xyz
sscannnedinnvoicepayycasrting.shop
trackmyshiptng.site

# Reference: https://x.com/Root0ne/status/1863682768481169457
# Reference: https://tria.ge/241202-yzsd6azrgw

31.220.90.137:8848

# Reference: https://www.virustotal.com/gui/file/db975def99c421044202e851271136fe6d7e16ec8e2af4fcdd419aab92e9ccdc/detection

31.220.90.137:6606
31.220.90.137:7707
31.220.90.137:8808

# Reference: https://x.com/1ZRR4H/status/1864486678129258641
# Reference: https://www.virustotal.com/gui/file/c7a46fb4e1691e3b8712cb595bc25672dfb77570166cc2d2cba02cf2f9e7b728/detection
# Reference: https://www.virustotal.com/gui/file/aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b/detection
# Reference: https://www.virustotal.com/gui/file/4b4e5745d6e7c73c1713ba35982593ae81b514c1f7c707cf56ac244bea057df9/detection

http://77.105.161.126
181.131.217.244:3056
181.131.217.244:4365

# Reference: https://x.com/SecurityAura/status/1865203792309825919
# Reference: https://x.com/RussianPanda9xx/status/1865229252947329269
# Reference: https://www.forcepoint.com/blog/x-labs/asyncrat-python-trycloudflare-malware
# Reference: https://www.virustotal.com/gui/file/ac1cdf679fee71bc931f1bd4f1b5be00736715503bc83cd9223c4767d0aa9e86/detection
# Reference: https://www.virustotal.com/gui/file/0bac72a2d9815739af75107a0dd795fdc9669ee2dad645934bb7480ee91e68c9/detection

12.187.175.72:6757
83.136.208.180:5515
83.136.209.53:2610
cjmsc4dfl1ed7eb485ad6ahelix-pflanzen.de
msc4dfl1ed7eb485ad6ahelixpflanzen.de
be-broadband-wp-canon.trycloudflare.com
travel-scholar-an-equity.trycloudflare.com

# Reference: https://x.com/JAMESWT_MHT/status/1866545663112319181
# Reference: https://app.any.run/tasks/56b42abc-37d5-4fba-b2e0-22076cb29097

162.213.210.250:6499
7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app

# Reference: https://x.com/JAMESWT_MHT/status/1869299429058195749
# Reference: https://www.virustotal.com/gui/ip-address/147.45.49.155/relations
# Reference: https://app.any.run/tasks/8f2eab86-bb01-4e05-8f6d-67c6ec63e7c1

http://139.99.188.124
http://89.23.103.232
tiffany-careers.com

# Reference: https://x.com/K_N1kolenko/status/1870043853794799709

148.163.102.170:4473
51.161.12.215:4449

# Reference: https://x.com/banthisguy9349/status/1873309771572683097

104.219.215.160:4449
104.219.215.160:8008
104.236.39.42:6606
104.236.39.42:7707
104.236.39.42:8808
147.185.221.18:63974
147.185.221.24:33931
147.185.221.24:6606
147.185.221.24:7707
147.185.221.24:8808
213.136.90.188:4449
213.136.90.188:7000
51.89.44.68:8848
87.120.113.125:2101
87.120.113.125:55644
above-recognize.gl.at.ply.gg
bahautopilotusatzfeder.xyz
dofucks.com
domain13.ddns.net
egypt2.camdvr.org
eichstaett.duckdns.org
fahrzeugtechnik24zusatzfeder.de
heheyanel.ddns.net
jt8iyre.localto.net
loans-merchant.gl.at.ply.gg
newstartagain.servequake.com
newstartagain50.duckdns.org
private115.duckdns.org
renver.duckdns.org
run-neither.gl.at.ply.gg
sat-bowling.gl.at.ply.gg
sk.servemp3.com
testloggbot23-37268.portmap.host
treppen.duckdns.org

# Reference: https://x.com/JAMESWT_MHT/status/1874365729832870023
# Reference: https://x.com/JAMESWT_MHT/status/1874886761803063364
# Reference: https://app.validin.com/detail?type=raw&find=Booking.com+-+Partner+Hub#tab=host_pairs (# 2025-01-04)
# Reference: https://www.virustotal.com/gui/file/e35d7ef701e2a95c6a9f13e379aeb8aac96dd99573e02d87daee3dd120322bce/detection
# Reference: https://www.virustotal.com/gui/file/5d8b55532cda3855a8211e70366648a22ef5193dd36931fa61e3393290c2ada9/detection

http://147.45.198.116
http://147.45.44.131
http://185.149.146.164
157.20.182.177:4449
attenderoom43991.world
roomsvisitors18492.world
roomsvisitor73730.world
roomsvisitors82831.world
roomsvisitor849391.world
roomsvisitor9492.world

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-02)

http://103.67.196.247
http://185.130.249.74
http://185.133.248.219
http://192.3.95.164
http://192.3.95.227
http://193.26.115.44
http://194.163.138.50
http://195.179.227.207
http://198.23.227.140
http://198.23.227.175
http://216.122.187.138
http://34.132.116.88
http://34.171.178.23
http://34.173.47.212
http://66.179.240.177
http://82.64.156.123
http://88.209.248.128
http://89.117.21.203
103.195.100.236:6606
103.195.100.236:7707
103.195.100.236:8808
103.195.100.237:6606
103.195.100.237:8808
103.195.101.209:6666
104.243.40.137:8807
104.243.47.79:443
104.243.47.84:8808
105.157.200.249:8080
107.173.229.136:2222
108.165.101.156:6606
108.165.101.156:7707
108.165.101.156:8808
108.174.194.58:7707
109.199.101.109:1004
116.203.178.175:5555
128.90.103.201:9999
128.90.103.204:9999
128.90.106.145:9999
128.90.113.113:9999
128.90.113.216:9999
128.90.113.29:9999
128.90.113.94:9999
128.90.122.109:9999
128.90.122.151:6666
128.90.122.151:9999
128.90.122.99:6666
128.90.123.136:9999
128.90.123.29:9999
128.90.123.85:9999
128.90.59.155:7070
130.51.20.126:6699
138.68.225.19:5800
141.94.145.65:6606
141.94.145.65:8808
141.94.145.71:7707
141.98.11.206:8000
142.11.201.34:8097
142.11.201.35:8097
142.11.201.36:8097
142.11.201.37:8097
142.11.201.38:8097
144.126.149.221:6606
144.126.149.221:8808
147.135.231.50:6606
149.102.147.106:6606
149.102.147.106:70
149.102.147.106:7707
149.102.147.106:8808
152.44.36.206:8000
156.195.247.146:222
156.233.225.47:9999
158.220.124.155:6606
158.220.124.155:8808
160.179.195.197:8080
162.216.243.15:7707
163.172.125.253:100
164.132.5.117:6606
167.114.145.155:7707
172.111.245.34:9907
172.111.245.35:9907
172.111.245.99:9907
172.177.170.23:7707
172.233.13.159:8000
172.233.189.137:8000
172.233.190.205:8000
172.93.101.18:6606
172.93.110.112:6666
172.94.104.3:81
172.94.9.136:7070
172.96.172.180:4444
172.96.172.180:8888
176.123.1.88:4444
176.126.114.68:1025
176.218.135.181:4444
178.73.192.9:2000
179.13.5.17:8020
181.41.200.196:10000
181.71.227.87:2022
181.73.105.95:8080
185.130.249.74:443
185.150.191.119:443
185.150.191.119:4444
185.150.191.119:8888
185.16.38.41:6667
185.196.9.200:7707
185.208.156.146:9999
185.241.208.111:6606
185.241.208.111:7707
185.241.208.111:8808
185.241.208.88:5555
185.241.208.88:6606
185.241.208.88:6666
185.241.208.88:8808
185.49.126.134:6606
185.49.126.13:7707
185.49.126.166:77
185.49.126.217:6606
185.49.126.32:6606
185.49.126.50:6606
185.49.126.64:6606
186.169.49.64:11102
186.169.65.176:11102
191.91.176.72:3000
191.91.177.119:8020
191.96.207.136:6606
191.96.207.188:2002
191.96.207.188:2003
191.96.207.188:2004
191.96.207.188:6606
191.96.207.188:7707
191.96.207.188:8808
191.96.207.198:6606
191.96.207.198:7707
191.96.207.198:8808
191.96.207.241:8888
192.241.182.184:8000
192.3.238.130:8888
193.26.115.117:8080
193.26.115.178:6606
193.26.115.178:7707
193.26.115.178:8808
193.26.115.87:6606
193.26.115.87:7707
193.26.115.87:8808
193.34.212.115:444
193.83.7.1:4444
194.11.246.69:6606
194.11.246.69:7707
194.11.246.69:8808
194.164.96.240:444
194.26.192.165:222
194.26.192.165:2222
194.26.192.165:444
194.26.192.165:4444
194.26.192.165:6606
194.26.192.165:7707
194.26.192.165:777
194.26.192.165:8808
195.250.25.144:6000
195.26.241.253:7707
195.26.255.81:1996
195.26.255.81:2106
195.26.255.81:6606
195.26.255.81:77
195.26.255.81:7707
195.26.255.81:7777
195.26.255.81:8808
196.70.89.122:8080
196.70.94.53:8080
196.89.211.151:8080
198.23.227.140:4655
198.23.227.140:7710
198.23.227.175:7710
198.244.206.8:222
198.58.98.151:7707
198.58.98.151:8808
2.56.179.212:4445
2.58.56.211:111
2.58.56.76:6606
20.77.26.137:8080
205.234.181.134:6000
205.234.181.134:8000
205.234.181.134:8088
207.244.238.106:8808
207.32.217.167:888
207.32.217.185:4444
207.32.217.185:8008
209.222.98.197:8888
212.23.222.206:9000
213.170.135.202:888
216.172.103.34:8090
217.195.197.243:1604
23.94.126.198:7707
23.95.106.22:50500
23.95.106.22:9804
3.145.156.44:7707
31.13.224.34:7777
34.142.188.154:81
34.27.129.112:2000
34.70.255.193:67
35.224.99.235:2000
37.114.41.179:7707
37.114.41.179:8808
38.242.146.249:443
38.242.146.249:90
38.242.146.249:9090
38.69.12.163:2020
45.126.209.223:6666
45.135.232.38:52450
45.147.46.188:1604
45.149.241.239:1987
45.152.149.15:6606
45.152.149.15:7707
45.152.149.15:8808
45.152.149.34:6606
45.152.149.70:6606
45.152.149.70:7707
45.152.149.70:8808
45.155.220.109:7707
45.202.35.100:333
45.202.35.12:333
45.202.35.203:7707
45.202.35.203:8808
45.88.186.180:7707
45.88.186.180:8808
45.88.186.55:9090
45.94.31.13:7001
46.109.233.210:7707
46.246.80.26:2000
46.246.82.5:2000
51.77.113.178:888
51.89.240.14:1010
62.133.61.124:443
64.188.9.175:3008
64.225.27.237:8808
66.55.75.118:8000
67.203.7.131:6606
67.217.247.180:443
69.166.230.200:4444
69.166.230.200:6006
69.166.230.200:6606
69.166.230.200:7707
69.166.230.200:7777
69.166.230.200:8008
69.166.230.200:8888
69.166.230.99:7707
69.174.100.131:6606
69.48.201.20:443
69.48.204.228:443
69.48.204.229:443
70.104.186.131:4444
78.135.85.202:6606
78.161.2.252:888
78.161.43.154:2004
78.161.43.154:888
78.161.58.156:888
78.162.164.147:222
78.164.29.133:20000
78.164.29.133:2003
78.171.102.136:20000
78.171.102.136:2003
78.179.63.102:20000
78.179.63.102:2003
78.179.63.102:2004
78.179.63.102:888
80.76.51.101:7707
81.214.76.68:20000
81.214.76.68:2003
81.214.76.68:2004
81.214.76.68:3001
81.214.76.68:3002
81.214.76.68:3003
81.214.76.68:3004
81.214.76.68:888
83.147.53.93:7707
83.147.54.112:9090
83.147.54.173:8808
85.103.207.206:2004
85.108.110.41:2003
85.108.110.41:888
85.31.47.143:7777
87.120.114.144:555
87.120.116.99:6667
87.120.117.113:6606
87.120.117.113:7707
87.120.117.113:8808
87.120.117.69:6606
88.201.69.136:443
88.228.139.187:20000
88.228.139.187:2003
88.228.139.187:2004
88.228.139.187:888
88.232.118.41:2003
88.252.160.206:2003
88.252.172.73:2003
91.191.213.118:8088
91.223.3.156:8808
93.233.127.42:51124
94.156.177.244:8888
95.214.177.250:25566
95.214.55.223:443
95.214.55.223:4444
95.214.55.223:8888
95.216.203.122:6606

# Reference: https://x.com/banthisguy9349/status/1875650527104790783

147.185.221.16:44574
191.93.117.49:9003
192.169.69.26:9003
holadic06.duckdns.org
holadic16.duckdns.org
impact-leeds.gl.at.ply.gg

# Reference: https://www.virustotal.com/gui/file/b80439662138467b0e233dcad6ffafbe5b8d53f0d54a591019f9c8202b0812c3/detection

87.120.125.47:6606
87.120.125.47:7707
87.120.125.47:8808

# Reference: https://www.virustotal.com/gui/file/9adf6aa3a5569f9d094f585ff18b64d5bdf60940a1f8887f4c492f6e2c13edb4/detection

216.9.224.157:6606
216.9.224.157:7707
216.9.224.157:8808

# Reference: https://app.validin.com/detail?type=raw&find=Booking.com+-+Partner+Hub#tab=host_pairs (# 2025-01-05)

attenderooms30984.world
attenderooms882128.world
attendesrooms899334.world
attendesroomsrdf-4857429.world
rooms19821.world
rooms24.world
rooms3882.world
rooms432435.world
rooms44232.world
rooms491943.world
rooms66642.world
rooms77443.world
rooms77743.world
rooms788371.world
rooms81812.world
rooms82131.world
rooms8812.world
rooms88123.world
rooms8831.world
rooms8838.world
rooms94239.world
rooms944823.world
rooms99813.world
rooms998371.world
roomsattende882148.world
roomsattende900024.world
roomsattende99231.world
roomsattende99291.world
roomsvisiotos0084.world
roomsvisitor202409.world
roomsvisitor202514.world
roomsvisitor202515.world
roomsvisitor9934224.world
roomsvisitors2002541.world
roomsvisitors987673.world
roomsvisitors9991.world
roomsvisitors99923.world
rooomvisitors88283.world
visitors1124.world
visitors1291.world
visitors14824.world
visitors21235.world
visitors2448.world
visitors2948.world
visitors31254.world
visitors49913.world
visitors5448.world
visitors82831.world
visitors8381.world
visitors88248.world
visitors9213.world
visitors948.world
visitors99192.world
visitors99282.world
visitors99292.world
visitors9991.world
visitors99981.world
visitors99991.world
visitorsrooms012537.world

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-05)

104.243.34.54:8808
128.90.113.89:9999
144.126.149.221:7707
150.241.83.250:443
157.20.182.8:1337
178.215.224.100:443
185.49.126.47:6606
45.138.16.236:5050
69.166.230.200:8808
69.166.230.98:6606

# Reference: https://x.com/James_inthe_box/status/1877367837821673861
# Reference: https://www.virustotal.com/gui/ip-address/154.216.17.175/relations

154.216.17.175:8030
funfagamlkdreceipgroup.top
invrecipingpayrhnmusic.icu
jsnybsafva.biz
jsnybsafva.me
kmaybelsrka.homes
kmaybelsrka.my
unionfisrmas.shop
superior-somalia-bs-leisure.trycloudflare.com

# Reference: https://x.com/salmanvsf/status/1879434787506757634
# Reference: https://urlscan.io/search/#hash%3A96e34d83ad7bbb7ecf150ea8dac6544f9ab2a6fc7bd40d8300cf6d4cd7679dd2
# Reference: https://github.com/salmanvss/ThreatIntelFeeds/blob/main/MultiRAT

154.216.17.175:5030
aliatoengenharia.com.br
alljsnybsafva.living
aminoroc.org
brainlysolutions.com
caringforyousupport.com.au
cbholdings.mw
collegerp.org.in
desbullariamos.sa.com
dev.inolab.org
fosuasauthentic.com
foundersedition.lk
gaby20.org
garfieldthecat.tech
happyfeeds.co.in
harfir.org
hebrewrootsassembly.org
iderif.org
jcjeck.jundy.org
johnsonholdings.us
listafrica.org
motoruniverse.com
movingcompanymesa.org
promptful.biz
pub-5708ccd63e154830b51d27cb5c1180e0.r2.dev
pub-8471d69f0b5940b88ba145861836244b.r2.dev
pub-b49ed37a138d4273bb24e6ebbcb21c84.r2.dev
pub-f7808fef1de942f693af4beb1b04ee03.r2.dev
rtigasen.us
scan-interpreted-roman-glad.trycloudflare.com
truthisdivine.edu.lk
vbccorretoradeseguros.com.br
vmorservices.org

# Reference: https://x.com/K_N1kolenko/status/1880187740895211830

157.20.182.24:4449
98.66.170.99:1024

# Reference: https://www.virustotal.com/gui/file/2fbeb35402b8e7d05d2d1265de6b4645878698193024fa2c8e8e5ad86fb637e4/detection

62.122.184.98:56001

# Reference: https://x.com/salmanvsf/status/1881935936315158656

154.216.18.226:5014
45.202.32.77:5014
75.2.115.196:5014
aresmutfakfss.com
jsnybsafva.art
jsnybsafva.cfd
jsnybsafva.click
jsnybsafva.cv
jsnybsafva.cyou
jsnybsafva.info
jsnybsafva.my
jsnybsafva.one
jsnybsafva.sbs
jsnybsafva.shop
tallebudgeranetball.org

# Reference: https://x.com/DaveLikesMalwre/status/1882918253699441056
# Reference: https://www.virustotal.com/gui/ip-address/193.143.1.95/relations

193.143.1.95:8648
athusa.ceo
dbasopma.cfd
dbasopma.icu
dbasopma.it.com
dbasopma.lol
dbasopma.sbs
dbasopma.shop
dbasopma.xyz
jkbrtyinv.name
jpinvrkp.cfd
jpinvrkp.click
jpinvrkp.cyou
jpinvrkp.homes
jpinvrkp.my
jpinvrkp.sbs
jpinvrkp.xyz

# Reference: https://x.com/DaveLikesMalwre/status/1882553733655023782
# Reference: https://app.any.run/tasks/b349092f-49c8-4674-838b-2a917675d673
# Reference: https://www.virustotal.com/gui/file/f99e1bee78eb050abfa014e9d141f8bb0a23455e02306243cc0491aa3474b067/detection

208.76.223.60:8080
blueaxon.net
zenocore.net

# Reference: https://x.com/K_N1kolenko/status/1882767050764120095

148.113.165.11:4040
162.250.127.123:4449
172.94.14.88:4449
85.31.47.59:8848

# Reference: https://www.virustotal.com/gui/file/8c8cb9468ccfb7f43a5cdfcfdc626d66e953a5f106564f2b2176149582e5752b/detection

66.63.187.234:56001
fbcdns.org

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-01-25)

http://104.243.47.45
http://172.178.66.209
http://173.44.139.179
http://45.125.66.30
http://54.87.32.39
http://69.197.174.36
http://74.120.121.82
102.32.117.96:8808
103.195.100.105:111
103.195.101.225:6606
103.229.81.203:8808
104.243.35.175:6666
104.243.35.241:8808
104.243.46.129:5555
107.155.93.118:8808
107.178.103.143:8808
108.165.237.230:8808
108.174.194.58:8808
108.181.168.187:8808
109.199.101.109:70
109.248.151.159:1005
116.100.113.150:8808
116.108.99.192:8808
118.70.175.199:8808
128.90.102.218:8808
128.90.103.11:9999
128.90.106.188:9999
128.90.106.224:8808
128.90.113.104:9999
128.90.113.97:9001
128.90.113.97:9999
128.90.122.110:9999
128.90.122.153:8808
128.90.122.163:5555
128.90.122.163:8808
128.90.122.198:5555
128.90.122.198:8808
128.90.122.198:9999
128.90.122.59:5555
128.90.122.59:8808
128.90.122.59:9999
130.195.222.156:4444
141.95.114.228:8808
141.95.114.241:6606
141.95.114.243:7707
141.95.114.243:8808
141.95.114.244:6606
141.95.114.244:7707
141.95.114.244:8808
142.202.189.201:2404
147.124.212.147:443
149.126.95.29:8808
151.80.89.232:7707
154.12.253.45:8808
154.127.53.246:5353
154.194.50.10:7000
154.216.19.186:7707
154.216.19.54:7707
154.216.19.54:8808
157.20.182.16:1414
157.254.165.150:8808
157.254.165.19:8808
157.254.236.207:8808
157.254.237.148:8808
158.220.83.114:1000
162.19.243.94:8080
163.172.60.235:6606
163.172.60.235:7707
163.172.60.235:8808
163.5.112.189:8808
163.5.160.181:8808
163.5.169.248:1000
163.5.32.100:8808
167.114.145.155:8808
167.172.213.164:8808
171.226.86.170:8808
172.232.170.66:7707
172.94.9.68:1994
172.94.91.110:7784
172.96.172.172:5555
176.126.114.68:8808
178.208.169.59:7070
178.215.224.100:8808
178.33.203.34:8808
179.13.3.202:8081
179.13.4.98:8808
181.131.216.206:8050
185.101.104.3:6606
185.101.104.3:7707
185.101.104.3:8808
185.133.248.219:8808
185.150.191.82:6606
185.150.191.82:7707
185.150.191.82:8808
185.16.38.41:2004
185.16.38.41:4017
185.16.38.84:20000
185.16.38.84:2003
185.16.38.84:2004
185.161.209.25:8808
185.206.148.210:888
185.208.159.166:8807
185.49.126.27:6606
186.169.53.160:11102
186.169.53.160:11103
188.127.247.213:6606
188.127.247.213:8808
190.102.40.205:8808
191.96.207.241:7707
191.96.207.55:6606
191.96.207.55:7707
191.96.207.55:8808
191.96.207.63:6606
191.96.76.69:8808
192.241.128.20:8808
192.3.238.130:6606
192.3.238.130:7707
192.3.238.130:8808
193.142.146.42:8808
193.143.1.72:443
193.26.115.159:100
193.26.115.159:7777
193.83.228.180:4444
194.213.3.100:888
194.26.192.99:8808
195.26.245.113:8808
195.3.223.146:1194
198.167.193.90:8808
198.23.158.69:8808
198.244.224.197:8808
199.127.62.165:4444
199.204.161.36:8808
2.37.186.106:8808
204.10.193.56:8808
207.231.104.150:8808
207.244.251.113:7707
207.32.218.157:8808
208.91.189.202:8808
213.142.159.59:1605
213.32.110.136:2222
213.32.110.136:888
23.175.50.116:8808
23.254.226.214:8808
23.26.108.93:1999
23.94.126.198:5555
23.94.126.198:8808
23.94.148.26:8808
23.95.106.22:20205
24.152.36.142:8808
27.64.99.119:8808
31.13.224.194:8808
31.58.169.105:6606
31.58.169.105:7707
31.58.169.105:8808
31.58.169.151:6606
31.58.169.151:7707
31.58.169.151:8808
31.58.169.195:6606
31.58.169.195:7707
31.58.169.195:8808
34.135.109.202:8808
34.162.254.35:8808
34.59.116.243:8808
34.94.65.212:8808
38.240.39.223:8808
45.126.208.175:8808
45.138.16.236:5001
45.138.16.236:5006
45.138.16.236:8808
45.149.241.217:8808
45.149.241.239:3002
45.154.98.121:8808
45.154.98.181:444
45.154.98.181:7777
45.154.98.181:888
45.154.98.181:8888
45.154.98.25:7001
45.154.98.25:8444
45.200.148.89:8808
45.202.35.19:6606
45.202.35.19:7707
45.202.35.19:8808
45.58.126.14:5555
45.59.104.27:8808
45.83.31.62:7000
45.83.31.62:8808
45.88.186.49:6606
45.88.186.49:7707
45.88.186.49:8808
45.88.186.86:7077
45.95.233.86:8808
5.12.213.37:8808
5.253.59.249:8808
50.114.240.164:8808
50.114.240.56:6606
51.79.171.171:7707
51.81.105.250:2600
51.89.190.24:8808
54.39.233.82:8808
54.39.233.87:8808
62.146.226.225:8808
66.165.227.66:8808
66.225.254.143:8808
66.55.74.235:8000
69.166.230.200:5555
69.166.230.99:6606
69.166.230.99:8808
69.197.145.69:443
69.48.204.228:6606
69.48.204.228:8808
69.48.204.229:6606
69.48.204.229:7707
69.48.204.229:8808
71.77.229.216:2222
80.76.51.66:6666
81.214.76.68:1000
81.214.76.68:1003
81.214.76.68:3000
83.136.208.202:6745
83.147.55.90:8808
84.247.162.141:443
84.247.162.141:8808
84.32.231.185:4444
84.38.133.193:8808
85.235.74.79:8808
85.239.237.148:1998
85.239.237.148:7777
85.31.47.104:6606
85.31.47.139:6606
85.31.47.139:7707
85.31.47.139:8808
85.31.47.149:6606
85.31.47.149:7707
85.31.47.149:8808
85.31.47.208:222
85.31.47.208:2222
85.31.47.208:444
85.31.47.208:4444
85.31.47.208:7777
85.31.47.56:7777
85.31.47.75:1967
85.31.47.80:222
87.120.112.98:8808
87.120.113.143:888
87.120.116.169:6606
87.120.116.169:7707
87.120.116.169:8808
87.120.117.89:8808
87.120.125.230:7581
87.120.125.253:222
87.120.125.253:2222
87.120.125.253:4444
87.120.125.253:7777
88.243.168.51:1000
88.243.168.51:1009
88.243.168.51:1010
88.243.168.51:20000
88.243.168.51:2003
88.243.168.51:2004
88.243.168.51:2008
88.243.168.51:3000
88.243.168.51:8808
88.243.168.51:888
88.8.171.104:8808
89.23.103.43:6606
89.23.103.43:7707
89.23.103.43:8808
91.191.213.118:6606
91.191.213.118:7000
91.191.213.118:7707
91.191.213.118:8808
93.115.35.106:9090
94.154.35.80:8880
94.156.167.42:7777
94.72.118.139:8808
95.211.182.120:1967
95.214.54.164:7707
95.216.85.167:8808

# Reference: https://x.com/JAMESWT_MHT/status/1884932953974702298
# Reference: https://www.virustotal.com/gui/file/63b8889c35a96bd8377456d5218809148a111fb1d79d84a18903ac37d0a49047/detection

156.253.250.62:5000
94.154.35.145:6666
69nk69.linkpc.net

# Reference: https://www.virustotal.com/gui/file/c73164d91bc07cd812b7897f7660ce5dba9b28dc2452569b8e94389008c7a393/detection

199.247.0.169:4449

# Reference: https://www.forcepoint.com/blog/x-labs/asyncrat-reloaded-python-trycloudflare-malware
# Reference: https://www.virustotal.com/gui/file/9342d8595d54a570f21b793ffbbfc95975f7b3b2457c2e6d659e26fa62ce2980/detection
# Reference: https://www.virustotal.com/gui/file/e89f1dbcce9ac901b4acc0ff53e46aa8b3c77302ba52471145e467232a6b0cc1/detection
# Reference: https://www.virustotal.com/gui/file/b3cb39eab84725f74d648d2b11e9bd7e2b8ed68eab53f531715876042792872b/detection
# Reference: https://www.virustotal.com/gui/file/2985c84595079f66bfea12da232c8a39d05154c416644caa0e76c562eeffa3d6/detection

62.60.190.141:3232
62.60.190.141:4056
62.60.190.196:4449
62.60.190.196:8000
inventory-card-thumbzilla-ip.trycloudflare.com
mercy-synopsis-notify-motels.trycloudflare.com
sufficiently-points-est-minimize.trycloudflare.com

# Reference: https://www.virustotal.com/gui/file/038c96a02627b159cf27cf05c2925750ba4c4135c03e4f564fc41ddf7cd5bdd2/detection

contract-bouquet-risk-filed.trycloudflare.com

# Reference: https://www.virustotal.com/gui/file/051f4b808bcd6e0c1b1ca6e19cafdeb211cd2db6ea952edffd29bbbbafa5bc67/detection

welsh-js-reggae-hits.trycloudflare.com

# Reference: https://www.virustotal.com/gui/file/0500fad5db9bf8ffc3724f58b977eb9ed4aea466311ab7d3a0c8601f3b7f35e2/detection

muscle-european-entering-bigger.trycloudflare.com

# Reference: https://x.com/skocherhan/status/1889230125746766042

45.126.209.2:8808

# Reference: https://www.virustotal.com/gui/file/b80ff63a5e595195b867c061340c4ef744bc2a270535f574cdce33b57bf40d12/detection

102.129.155.154:50693
fluff.ddnsgeek.com

# Reference: https://www.virustotal.com/gui/file/cb700ed576eca52a6acbc6d17e5c921e56547543c821bfcf233fa0bfb77c64d8/detection

37.120.208.36:50888

# Reference: https://www.virustotal.com/gui/file/cb2ab90a0fd524a46ea8a5e60507e3476f5516fb9706e9698aabc79ae286806d/detection

172.111.218.112:50693

# Reference: https://www.virustotal.com/gui/file/a42e163bb903d7af8b2fefb4c2c8625442a3c29cadfd5770429d9d51d1031e6a/detection

37.120.208.36:50693
8.7.198.46:50693
93.46.8.90:50693

# Reference: https://www.virustotal.com/gui/file/4934adb67e7ed678e78a54a6a20efd4a29e4a57d0179a623bfd6aa7dbd35e9a7/detection

172.111.218.82:50693

# Reference: https://www.virustotal.com/gui/file/61efc2a286aa772d5776da4245dec3008aecf9b74c599cefbaab0eb3bdbb81e4

daninopati0212940.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3fccd21f03fce74947b69047d73ea1d050577b989cbf44fec58f8ff83e8b056c

z6b7awkv2.localto.net

# Reference: https://www.virustotal.com/gui/file/9c0de4497eaa83331042b40726e1884ea9450de842b0d6344f9be4b2a8b6be22

hola2025enero.duckdns.org

# Reference: https://www.virustotal.com/gui/file/480d252fe44b734acbd5e5415f0e4f63da750a9da9d23d2b4d576c66a09a57d3

185.65.135.184:4449

# Reference: https://www.virustotal.com/gui/file/475e683e7e89edab8e8fcd5cf54f0412d4baa963326766d3e311a5bdb3c91088

dccccccccctarrrr.duckdns.org

# Reference: https://www.virustotal.com/gui/file/79e7f04b18cd690be9da51f2598912f771b65d840202c86e59e2c2c1776ae8bf

109.248.151.166:8848
109.248.151.166:9948
coolingbrin.sytes.net

# Reference: https://www.virustotal.com/gui/file/6f04b5d8e804dad7719e6255eacf8836dce2df08346faef67e959554b6ea3099

86.195.3.155:36174

# Reference: https://www.virustotal.com/gui/file/8eb730555a07ebbf3054518d70bbd48394957ee15c9f7adc9cc4921fa1a84ed4

zunteer.zzux.com

# Reference: https://www.virustotal.com/gui/file/38a5e80c29409be6c8f1b22a0ba33ccfb6d6ea42af4ad0c92061c0797adcc6e1

pctrabajonuevo2.casacam.net

# Reference: https://www.virustotal.com/gui/file/8519b3e6375f496c45aecf664aacb065252c8dded53bd9e20596c8e0a8b7936f

185.120.89.121:6606
185.120.89.121:7707
185.120.89.121:8808
185.120.89.121:1111
185.120.89.121:7700
185.120.89.121:1604

# Reference: https://www.virustotal.com/gui/file/66bd493bed1aa511f01ed89b3682f39831d9f9c3baf045714bca5abe68df3a31

80.64.174.13:8848

# Reference: https://www.virustotal.com/gui/file/01229f20bfea81957d74992f34a576be602d3625cdbbd3633768454d83448a74

corporation.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/ff14347f24bae34e4b0981247be21bdce6a798bf8c03be0bed212b44bf4d1367

147.185.221.24:43018
147.185.221.24:421

# Reference: https://www.virustotal.com/gui/file/6e29814679785d06b9b8fb774c6768a606fb3991baa9a76a7f1b784697cb3103

79.198.229.109:6606

# Reference: https://www.virustotal.com/gui/file/7f206b7326ec47ec6303cc17d35f9a3aa8af87736b64a0440e2f7bbb208302e2

efpytldav.localto.net

# Reference: https://www.virustotal.com/gui/file/e98711b5928923e5b3497f36b48b14a087667d313c04939205b55ef71011377d

driiftandsliide.freemyip.com

# Reference: https://www.virustotal.com/gui/file/a4396b54c0e272c4309262d18e14d674bce8c0c2d45bd6036ee48a8e4da7d94b

195.88.218.126:2404

# Reference: https://www.virustotal.com/gui/file/1bea7c8a7315ae7916a1399e05595409b98f26eb11b5b585b1e1904a480a7dbe

admin.ddnsguru.com

# Reference: https://www.virustotal.com/gui/file/9d78eb7e467278512e6fae271c2f76a22da3f711da5e9b16d367ccda20505bdf

20.123.216.50:6606
20.123.216.50:7707
20.123.216.50:8808

# Reference: https://www.virustotal.com/gui/file/a5d2404e99e62f93715db22c16bf143479ff5889eee4c4731a41e4fd4b1a1955

updatewindowsdrivers.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c9c55879b6693e0968d259a180690284564be8ac0b482d21128c64792c62b97c

soulis.ddns.net

# Reference: https://www.virustotal.com/gui/file/03f3ccd645372422449f93a5e353f4613a200eff7ce5f792e48a62ca4aacd144

14.5.159.234:6606
14.5.159.234:7707
14.5.159.234:8808

# Reference: https://www.virustotal.com/gui/file/59930c83d569e7df4d5ec1b7e6689ba19dcb988c2686ca0589a15f40e30e945d

103.140.251.156:4449

# Reference: https://www.virustotal.com/gui/file/6e8a585b7fe69816dd387defa7ca1a3e058124cb23d9bb3aefa703620d28f47d

201.19.66.3:4449

# Reference: https://www.virustotal.com/gui/file/6ed4b0e18e1f8fd6cf0e8106c397b71cfb3c18298445da2b460f1eca6b41682f

94.103.125.36:1337

# Reference: https://www.virustotal.com/gui/file/0b59015ceb8923ea9a3ca362d8339ad8a1ed368165e446a385f4f3bbba7c53e1

mxrecords145.ddns.net

# Reference: https://www.virustotal.com/gui/file/77fc7e85046431ddb8949e26c334dfdbbcdaa13a4ef2cd026176ef2285c168aa

quin.ydns.eu
185.38.142.240:1962
185.38.142.240:1940

# Reference: https://www.virustotal.com/gui/file/67b85573bbea828d1bd0883171ee7c151fec3ac961b47d182285b0dfa3fd43d6

bernardodc27.duckdns.org

# Reference: https://www.virustotal.com/gui/file/53c0bdc20170dae8a8cfd80cd0ca2050169dffb6a18073e7a53fcead6007db56

82.5.16.100:6606
82.5.16.100:7707
82.5.16.100:1604

# Reference: https://www.virustotal.com/gui/file/9cf2d5680422268191f8f5c6b829576483b85d85c4ee004215c8ca03f59f6a6e

vgamopfyl.localto.net

# Reference: https://www.virustotal.com/gui/file/68164fac3b5707340d3f506ab6b9c7505b3190b833b4347ee99d14ff6e4119dc

138.68.81.155:9416

# Reference: https://www.virustotal.com/gui/file/5d07ad572a6a37d07d0b7ca990087960ad8850d7cfc56b8c7270c826c70fb56b

159.100.19.137:7707

# Reference: https://www.virustotal.com/gui/file/822d16bec2ebbe30bcb5edafc50e9b880fc17dc79b2c5d4894ed85fa0af6fa3a

lora1.varpourtec.com

# Reference: https://www.virustotal.com/gui/file/d786bddf47f3b482cf35bd58847599007864c16342d29342e4e5cb56a1852425

hpdndbnb.duckdns.org
gpmaw.duckdns.org
sbdndbnb.duckdns.org
xxxanonymous147.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d66d176a9c0a2ab158272b77a9567c26aebb20c6a006c2a50ea69a5ca6d3df61

45.154.98.87:8453

# Reference: https://www.virustotal.com/gui/file/c37e5f819dfc179eec4dcb5b40d599043c12143eef76f5dc30aababef6634637

opal.wtf
temp.opal.wtf

# Reference: https://www.virustotal.com/gui/file/db953eb1c9f1139a3fc18d8e81bdc1a58e2c460876df008c2abbbb0e44a08c8e

95.130.172.231:1604

# Reference: https://www.virustotal.com/gui/file/8812cd1b61dd388d8650229570c6320e6a02d820d3cbf4f443b075541d2a5b91

185.172.175.125:5000

# Reference: https://www.virustotal.com/gui/file/8208f177189e9d5b09ef88218f434caff3d1e991b9e672bb4ef72b008b474505

Nightmare15.strangled.net
lastofdr51.mywire.org

# Reference: https://www.virustotal.com/gui/file/521aebf8d36328cd45320ee2fd34c0d0abe0083b91a3a7d95898ca01bcc4d57c

105.100.184.221:38672

# Reference: https://www.virustotal.com/gui/file/07bf133f22af5657296dd843256fc53782b47903b4d4ff0e4c4d6e48b649f7ae

216.131.114.25:4449
94.176.251.230:4449

# Reference: https://www.virustotal.com/gui/file/9fc9b137345c1b9380f27acbb4b730a1b5779199fbcb7a89e45691d6ea0e8322

sefargic.ddns.net

# Reference: https://www.virustotal.com/gui/file/23cb7100d2735cbb026bdffb315342b546fb3d30f6ca6b04d753cf30c0af498c

wxoct0znb.localto.net

# Reference: https://www.virustotal.com/gui/file/627d1ab1c109a29569c2e05322d7c0cdbd1812969c932a66a00d9d9d065f68af

sillyrat.duckdns.org

# Reference: https://www.virustotal.com/gui/file/79a23e29085113b45b0f15563b1884dd9c62eb89903898c253bdd111c99478b3

discotek.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d79416a475f66f1da2aedf24251c0677f24d6103a3346da901c996350bb6c94b

closecaption.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d979d7193ef9924bc91dda07ba7bb9e6cba5919ffb618997617465fc5cbda053

46.183.223.55:22355

# Reference: https://www.virustotal.com/gui/file/4ea299cdab31dfd53acf2c0fb27bc833d44a2e74125120bde4e32ba321712452

138.68.81.155:3629

# Reference: https://www.virustotal.com/gui/file/b9217caf1a56ebb0555888ad084d2f2abd78c1709cf4ded94e2f0779455e1e93

138.124.58.209:9999

# Reference: https://www.virustotal.com/gui/file/0223191d6e3e3bc1f6e6b21cd8b05a850eacc0d41a60b0e1b373208ad0544629

al3nzi1.ddns.net

# Reference: https://www.virustotal.com/gui/file/483c012383756e9cdfd2f9582c5dfe64dc46078b233a3da6d7bf6b6b58178d65

gfsgvbxcv.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0a6a6f0e918a8006263ded46b0f59a9329e5a5e90e48bc445c85c4c6ab728484

spydt.ddns.net

# Reference: https://www.virustotal.com/gui/file/1c78411bbff6330df4be117113ab83fed1830747070434c362b132c82a367346

lo4t20cbd.localto.net

# Reference: https://www.virustotal.com/gui/file/25686e1d9cd98840a2b407f64153114fc79014bf6b60a505c3ff26794ddd02c7

routed.ddns.net

# Reference: https://www.virustotal.com/gui/file/2fee4e907cd7c48451d63a92a2002d64ac006445a1f6b8e0314f37bdc40f7823

57.129.65.114:4449

# Reference: https://www.virustotal.com/gui/file/a9209bdbd956d22b0e11261bdf0a5fb7896ad417d9f4698f654eca4396c2cb3b

nano.nortonxen.xyz

# Reference: https://www.virustotal.com/gui/file/71ca53bb1d956d054fb9e6873d8a1011d48d26f7e71559437cc7fc21558616f1

violenr.duckdns.org

# Reference: https://www.virustotal.com/gui/file/c8efffa3ca654683d7e9c0d70acd9e634137fd5ef2d8eab58da69dbd2eeffdca

97.84.236.65:4449
97.84.236.65:1111

# Reference: https://www.virustotal.com/gui/file/1326378d89b103caaa3823f19fbe56bf01604c2530f22a0e3b33c7a417dfdbfa

83.250.165.180:6606
83.250.165.180:7707
83.250.165.180:8808
83.250.165.180:8888
83.250.165.180:4449
83.250.165.180:5552

# Reference: https://www.virustotal.com/gui/file/edd24c30683dada8fff1467c2c6b82af1e4d084286130a06e836d8d2d5c38513

172.178.66.209:1001
172.178.66.209:7707

# Reference: https://www.virustotal.com/gui/file/105717ef3faf7237e0b56e2f9cac8c127a38aedd086ca043c1af1d49f293e311

karalarbaglar.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e67a4948fcc309ce41626b3d5fe8457549f78e9f2977353022847dcf3d3d1aa9

nohop1998.ddns.net

# Reference: https://www.virustotal.com/gui/file/0031da4d41173e3451287435436aae1249e50d929b671fd1d117743ef4114b18

dapppzmmfdsf.ddns.net

# Reference: https://www.virustotal.com/gui/file/5c3794ebbf18a66dce6ab873a77bf8bcc263649f3854e6efcfeb414176628de4

159.100.19.137:8808

# Reference: https://www.virustotal.com/gui/file/458807fae1ffa0818d90d84d0e5b90bfbcba1fe2f8c7e496e1d63c821c2e387a

143.198.150.161:4448

# Reference: https://www.virustotal.com/gui/file/7e028b2c8a839a3a8249b0ba9755cba8bf86b811ad5adeac40d409f41470ed89

lafamille.ddns.net

# Reference: https://www.virustotal.com/gui/file/7e6dd25f1287c461a4695d04c68c0aa1f517fa097cac9145181682659046a8d5

sendandendco.dynu.net

# Reference: https://www.virustotal.com/gui/file/b7aff47603348cbccc7fda4edb42ab27a5d11d1f5a41431cc4219f83f791aec4

2201.mysynology.net

# Reference: https://www.virustotal.com/gui/file/da0f02ff0f11de8f8b429a41bb82e488436c66142b97168b0def9867db23d808

45.76.50.199:6606
45.76.50.199:7707
45.76.50.199:8808

# Reference: https://www.virustotal.com/gui/file/361d7c479186ed1a1d4e81fede342351cd8658205dae89003abd9ca0e9a8f695

tripplescompound.dynuddns.net

# Reference: https://www.virustotal.com/gui/file/812ca6e25008598db72f5deacbf0ac9ab573e1dbf442ede02041a293966ea207

dsffdsfd.ddns.net

# Reference: https://www.virustotal.com/gui/file/2a0c73578dd2c87e8a68ecc935a682ee93afdb47451e2cd8916ab1fa05034c62

95.167.151.253:7707

# Reference: https://www.virustotal.com/gui/file/4c6da0ef2a8ad35499ccb9bc5b20ae82f76a7714315ff0977bcd9e7661aea93f

choomai.ddns.net
mabaolong.duckdns.org

# Reference: https://www.virustotal.com/gui/file/dda8f21074d9169df8d8857d999b60a5759537e7a575a6c405ebbd8b04c32979

pgdlszu4n.localto.net

# Reference: https://www.virustotal.com/gui/file/b72d854a93a284668b73e9c7452be13656bd2dfe708e05216678f3c6b0f09794

222.254.63.166:6606
222.254.63.166:7707
222.254.63.166:8808
222.254.63.166:8818
14.162.56.222:6606
14.162.56.222:7707
14.162.56.222:8808
14.162.56.222:8818

# Reference: https://www.virustotal.com/gui/file/795cdbb86ae190f02eeebce7c7adef57f0b28eb7c1689b88a748c9aa04060c14

45.200.148.105:2422

# Reference: https://www.virustotal.com/gui/file/d0435cd60df09800f1f3a585a87c1309a54646fdb095781f6a6f7290535369df

24.ip.gl.ply.gg

# Reference: https://www.virustotal.com/gui/file/875c77cf66729c84b1d91cd23c5d40334a4c822fa4303138e858214f652e3ddb

powdlaunm.localto.net

# Reference: https://www.virustotal.com/gui/file/c130a66d2d3540b201ecb553732992dd3a8906a4baeff7b694910f22de3e90a5

85.235.74.64:8848

# Reference: https://www.virustotal.com/gui/file/bba0e51b546fc32428243f5a845fdc77f731afbd4fa3796fc208d5eb515885d5

letsago.freemyip.com

# Reference: https://www.virustotal.com/gui/file/c21d5260724431efae12aed5c03db01393364cff677cd37f0d2ecae16a840ece

86.246.123.49:4545

# Reference: https://www.virustotal.com/gui/file/c18c44daf036132179aede5564b5bbc5c084098810d59c1faa887bed8808071c

95.216.52.21:7575

# Reference: https://www.virustotal.com/gui/file/2e20fbdc19ba991a2a2598fd40f930db404febc474b1f15f979e7ccfbc789d4c

pctrabajonuevo.casacam.net

# Reference: https://www.virustotal.com/gui/file/e80b97f2282f8648316418a062c184fafd0ba2f75ca6f018d9774871db564bc8

fi1.localto.net

# Reference: https://www.virustotal.com/gui/file/2a746bfe6cc7409d820b7efd69997d280c094c53a26a863c9a2a9b3dadc64ea5

l0cphgzgx.localto.net

# Reference: https://www.virustotal.com/gui/file/440fc9039749ecbaa4b8a511c1cc7c140be49173b4618854b198b56f6f5def99

holadic23.duckdns.org

# Reference: https://www.virustotal.com/gui/file/3e76598b8086857c38e2016dc729fa4879136e46b6f5962ff0b042ef35666b50

85.235.74.64:8808

# Reference: https://www.virustotal.com/gui/file/3934bf1a26e8e41236cc287f72e7dc934600c16518e5ff72e39d95f9681113bc

SoportesDelRadicado.casacam.net

# Reference: https://www.virustotal.com/gui/file/e8a82e05192895ad353e55a023a131ce3ef03d363f079a0a86f238b82a7c9d1b

testing.cryptodory.online

# Reference: https://www.virustotal.com/gui/file/fe45acb74cee8d154ffdcc3e7a5969b44fc556a24b09a2f44b536993b1ab7162

zunteer.bounceme.net

# Reference: https://www.virustotal.com/gui/file/7bb046bb513f61bb2f038262e0355f239b0daefc081619cb51039bf0cf796033

31.57.243.64:6606
31.57.243.64:7707
31.57.243.64:8808

# Reference: https://www.virustotal.com/gui/file/8984e5f0d0594360656c2dc828d1ad7be3908120c68c4e6e5c790072b0af6455

148.113.165.11:4040

# Reference: https://www.virustotal.com/gui/file/4ba96b5a4d64c0541576a5c3a79441947c17a11e7e3028a8f662a2169e6e0f39

89.208.113.167:9999

# Reference: https://www.virustotal.com/gui/file/2f39f699434d9b35a17ae4aa9ae24049ea240bc6fe918c207d51ac00b5aaf18a

172.94.14.88:4449

# Reference: https://www.virustotal.com/gui/file/05d798868420c23414fb4cb9874f17372651225c36a06946b8470161933b16ed

6sbh1vn47.localto.net

# Reference: https://www.virustotal.com/gui/file/57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247

2.56.109.146:4449

# Reference: https://www.virustotal.com/gui/file/1659db1c128cc72c1d5db8ec73a93cc89cc684f00a4c2b83b76fef32af45fe07

letsgetdigging.hopto.org

# Reference: https://www.virustotal.com/gui/file/0005734def9d7b56e97311f84dfbaf9e0e0576afb3a6c64aa98c8e456a583913

2.59.162.144:2000

# Reference: https://www.virustotal.com/gui/file/167e132958fcb684d1f20732338c1126bdfa6caa9c29770cc653dd68e68a080a

majoranon.ddns.net

# Reference: https://www.virustotal.com/gui/file/ff98728bb7bfa7fdd9f1da1f6b45fe64fb46b4bd7fef58634fad01d3b37ec155

193.161.193.99:52920
193.161.193.99:3333

# Reference: https://www.virustotal.com/gui/file/7f1a8d01c90dcd7375094bbe804bb648dffc59d58ea485b43649b473fb8af398

103.45.66.106:56003
103.45.66.106:56004
103.45.66.106:56005

# Reference: https://www.virustotal.com/gui/file/59dea1d9ba7f4f2d28d3193ad81f5053504e120a157f915b5ab3c6ef7f602f05

winupdate.linkpc.net
peakypinkers.duckdns.org

# Reference: https://www.virustotal.com/gui/file/4a3ef961dcc567c117b5b604648253dbd43880ad9932426a8d81d6abff5ff106

213.142.159.59:1605

# Reference: https://www.virustotal.com/gui/file/cbc0fb3276d3040a8f6ab41ab0ce9b620ad3eb4eae8b59640a82017917c3fb8a

85.31.47.59:8848

# Reference: https://www.virustotal.com/gui/file/fd10eeaff94d27c0bcc1cc1d3d544d523d336d316b7ae5fd09b528d0879560a7

93.123.109.39:4449

# Reference: https://www.virustotal.com/gui/file/39e9de563fb308499965ea8c138875b302565d8747c0efb68b9a357f33d6670b

162.250.127.123:4449

# Reference: https://www.virustotal.com/gui/file/5d084015f7795b44e176d48b5d9f12ddaab0db2fefbe1e60ef926855c67191e8

193.161.193.99:33214

# Reference: https://www.virustotal.com/gui/file/aac8b376454ff9e0596c000a236f1f5bcca1ccadd597ace02e36610e6f49ca88

syria3.ddnsfree.com

# Reference: https://www.virustotal.com/gui/file/ce1ad9dfeb60757f263df6d391db41202c7722cd412e4cf9f0e21ba17c5db238

marklandis.ddns.net

# Reference: https://www.virustotal.com/gui/file/6267bd1c0e79b10a86b2a07f213fb19b4ed32cd6cd9c723dff8f17025acafb2f

25.ip.gl.ply.gg

# Reference: https://www.virustotal.com/gui/file/33900d8aacf1d6d2d93c1851a4f27b2ec2d841b97d6550208ee537dc27ee6e9c

195.26.241.171:4449
195.26.241.171:5353

# Reference: https://www.virustotal.com/gui/file/6a3246d84a7dc156a06120f0d4373661743d748de6109575473adcf5071d6419

193.161.193.99:49446

# Reference: https://www.virustotal.com/gui/file/1bbc8b0a6809596eb4d2540975af348fc9b07fd832e4461671d3f65d8f9f8dbc

147.185.221.251:18020

# Reference: https://www.virustotal.com/gui/file/546760dd7e0f5d6f2e46d42c275e9b00a1bcb59e6146b43cd0b2d3a8b8ee0f73

98.66.170.99:1024

# Reference: https://www.virustotal.com/gui/file/62f8cfee286a706856ebe02b176db9169ae776c6609c23016868887ea6b0ab98

163.172.125.253:333

# Reference: https://www.virustotal.com/gui/file/a562085b69257c57d26a31829317a1064ec1749266699393de5dcfd3a19cf8cb

woolingbrin.sytes.net
87.120.121.160:8747
87.120.121.160:7477

# Reference: https://www.virustotal.com/gui/file/cb14f3b98ae1f82e9847a1abb9a18ec11da11c33ee8b64a356ad14e9c0452dc3

134.122.183.155:31214

# Reference: https://www.virustotal.com/gui/file/87927528e6b2f242190828e6951260e068ba16ab6250adbcba190ef8ad459a5a

drpras.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b875598478872e91797af75764bef4c8489574fdef5f782ca960de7eda843780

dcrat2013.duckdns.org

# Reference: https://www.virustotal.com/gui/file/6c4aff551902c406ab8e01ed1b12ed853c62210fc1063d87a9eaf122d891d871

88.167.109.19:35000

# Reference: https://www.virustotal.com/gui/file/38b38fae71245915c932a8c51ed0926b5b1f77800fdf55fa9519ec9b15185326

rwqeto4ga.localto.net

# Reference: https://www.virustotal.com/gui/file/88ddf04406650345e5587783e3deee74be768fef366b4cb0a5924c8ee53f5dca

carloscaicedo405020.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0dde3da849f17f8b2d89bf2ff9d18d4b02585d5951d730fa91df77e123d44a8b

147.185.221.251:8070

# Reference: https://www.virustotal.com/gui/file/e252fea558e7445ba71b5e3b284201f151a7fd85bdbab1c03f25b2758b9d455b

envi020251.duckdns.org

# Reference: https://www.virustotal.com/gui/file/57376a7ec745a40f662ce995d0180867e7fafec8b7b4dc3f2043a6cc526211bd

86.176.113.167:9112

# Reference: https://www.virustotal.com/gui/file/4a3ea714d09ab2703771f02f94cbeb7e9499c319e0aec7b23645fd143835d35a

89.84.63.139:6606

# Reference: https://www.virustotal.com/gui/file/0d27c3fd2bd9a18177a99dd071cf55908298120370fd0ef4e102c3ddeea9169a

52.12.198.198:19843

# Reference: https://www.virustotal.com/gui/file/2a8277aee2d29352aa27fb6a1f40f0e6127f7064fa7eb53bfa56cd5877cd37e3

154.216.17.202:4449

# Reference: https://www.virustotal.com/gui/file/8a3749068e30b15f941d9fda6ec5b53bf596fbb4c12faf08a768f223308ce097

45.141.151.245:1604

# Reference: https://www.virustotal.com/gui/file/10ba8983674ddac8bec9f45401066b4886ecd6c8ff718becbf1f764256a02982

govpet.mysynology.net

# Reference: https://www.virustotal.com/gui/file/bb5dfccb663bc21c35e3daf3b84df947f064ef47760ba6a4611a570193a03517

torrentmovie.store

# Reference: https://www.virustotal.com/gui/file/c2a4957c26526d93e5aab735392c00efff50b59985e1ba141e0cb02f1d3071b5

27.124.6.137:13651

# Reference: https://www.virustotal.com/gui/file/d5c633cb5c685f6822e2023fee22de7e36e6fc761fb02f2286891649a2d41919

103.189.202.166:7707

# Reference: https://www.virustotal.com/gui/file/4e62abb1e27644784576d415c4d4ab2d726611d87c91ae432991acc8f7a5ca7a

windowsdrivers.duckdns.org

# Reference: https://www.virustotal.com/gui/file/e54321374450428e2950c31380e8f60afbaa6d611c6c8b95d3976b63aea37f7e

185.146.88.217:1024

# Reference: https://www.virustotal.com/gui/file/fa32ea24d1a6041be009ad0c59ce61f3d00e0588700c709c0222ecd8c38c3753

driveswindows.duckdns.org

# Reference: https://www.virustotal.com/gui/file/4e41fd5005a2f050b89eeb88bd6d8d4462ece6fa9331934303139e77cea7cfa5

212.64.199.77:1605

# Reference: https://www.virustotal.com/gui/file/1b0be562bf434314a8d784f0228b72b07fcb4c090c6f06fb16ba6c5af4147b02

w98snw73idknf486g37d9ijn3u.duckdns.org

# Reference: https://www.virustotal.com/gui/file/546d2fb1d84c9efb2519c9c3ecd2120b8ec341868b36196c4cc17ee6bc9046f8

147.185.221.23:19506

# Reference: https://www.virustotal.com/gui/file/7517bcffd7064976be548b3e17bc70609b3b3dd34d3414df8267b71ae09531dd

37.30.52.243:6606
37.30.52.243:7707
37.30.52.243:8808

# Reference: https://www.virustotal.com/gui/file/7c36dc83a1a70ffebd7d4fcff5c713b67e657280e2ad9600625a0202f38404ce

95.216.85.167:7707
95.216.85.167:8808
95.216.85.167:6606

# Reference: https://www.virustotal.com/gui/file/e140c3449292b123889f6a425151f17706ba704dde65c560de99d732840b31ee

fr8ltcyjf.localto.net

# Reference: https://www.virustotal.com/gui/file/79dc8950dc9dfdb935f3581a39f02faaec845daf4cd3cddb51141f5a6d7356d8

0z2fyyf.localto.net

# Reference: https://www.virustotal.com/gui/file/e67e8f5f71cfaec60eddeb02cb472d50f2cb9769629e78d5575fb172b9eee3ea

103.78.0.119:3232

# Reference: https://www.virustotal.com/gui/file/f6adf51b39113fca2d7e6e307ab861ead23174ef6d3d67b6179c0746fde1caed

91.92.249.72:4449

# Reference: https://www.virustotal.com/gui/file/fcfa019e7f832183a09b8badb842562d8138875fd51f833758086b80ec7951ec

getocoins.com

# Reference: https://www.virustotal.com/gui/file/0bb560a3de9032a34f50ffaf900d69a060ff858295fca93f2e00c99de4f5317f

carloscaicedo4050202.duckdns.org

# Reference: https://www.virustotal.com/gui/file/f0a261718aad68135f049b482ca23659c1adb15f80b0a62fa3e9fb5b29465a98

86.246.123.49:4449

# Reference: https://www.virustotal.com/gui/file/7cbc6a4f26aeadd1ff1cc0bd9b6f3db9b439e1ba2ac6b26502306b91df43a6cf

diciembreee.ydns.eu

# Reference: https://www.virustotal.com/gui/file/96b4c913a72de0b22573377f84b282e643d8fdf6978d977b31a65231288d3abc

vic11.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d2437b57823eca9310c5b925f4510203847efca7ca3ae0b504444934e1ef9639

cococovid202420242024.duckdns.org

# Reference: https://www.virustotal.com/gui/file/96ff1915944c8c70841a458e320c2f75a020912488dae6a541843d3dd073cbb5

185.254.28.125:1337

# Reference: https://www.virustotal.com/gui/file/241e0b0c4ddca36d0f87d7502317af56c6a5a09ebd444680079b1d13e7931f3d

213.14.158.35:1604

# Reference: https://www.virustotal.com/gui/file/bc14f7046844c82d227dc8470763804a0b99e3ca5db6fb5c17083722aa103056

ywsfalsysy.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b3a132854380095953d70375218bf5af33d44d6c83ff660b09eade79cfbcdf79

95.105.52.228:7777

# Reference: https://www.virustotal.com/gui/file/52a5d336f243bc7df797bf55de1a8344923cfcaa151a0f70d33adb9e78607f6a

transfermone.dynuddns.com
familyfriend.dynu.net

# Reference: https://www.virustotal.com/gui/file/32c810f169a80b2db4673c130f8437f352f381614dea6db7a12c97bf0351643a

73.237.81.57:6606
73.237.81.57:7707
73.237.81.57:8808
73.237.81.57:3389

# Reference: https://www.virustotal.com/gui/file/beffa3ab7abb320dfe41d8fbe86d2cc3ef1b10a03ebd07b8bcb8a1b8457ff6a2

176.96.131.47:4449

# Reference: https://www.virustotal.com/gui/file/0de2df2a273d06be5483fcc5b469eb794a30b591f84361776f44f7b4ced854b8/detection

wrestling-parent-gif-interstate.trycloudflare.com

# Reference: https://x.com/malwrhunterteam/status/1890304679893926279
# Reference: https://www.virustotal.com/gui/file/f65acbf690892d75bf4cbf841d8b39710d318c25d5cf814d7eafcd299206ac74/detection

157.20.182.8:9992
digitalservice.ddnsguru.com

# Reference: https://www.virustotal.com/gui/file/72fbd1ff51ffe29a6f39597ad502a8d2d27d78c89a0aa05d2c53e4e2e8184dc1/detection

check-for-status.cc
chillyhiss.update-checker-status.cc

# Reference: https://www.virustotal.com/gui/file/328b91615be5586165361502eb40a9014d538d5ef00a7a0a17f934d2e7cde869/detection

181.141.10.122:7707
pfwpifjwifksdfwjrfojnefoksorf5.duckdns.org

# Reference: https://www.virustotal.com/gui/file/0e41c5537dd336afb767dc020dcebeb61b06c575657f9a88de4fcb2438dafb1f/detection

94.156.166.240:8808

# Reference: https://x.com/DaveLikesMalwre/status/1892271857761427667
# Reference: https://app.any.run/tasks/e72bda57-1f6a-46d4-be4b-def567b23676
# Reference: https://www.virustotal.com/gui/file/cc7e71f79b82007b13ebed7bd1e9d7e4f583a3b1cf0cd2bac92c124cc3809610/detection
# Reference: https://www.virustotal.com/gui/file/c48de72e3d33017a1573ea1a470aa3098a8eb3a533f08127be53a44698fb8582/detection

128.90.103.206:9001
128.90.106.102:2018
128.90.122.182:9001
45.40.96.159:8080
cdt2025.ddns.net

# Reference: https://x.com/malwrhunterteam/status/1892270312361787695
# Reference: https://www.virustotal.com/gui/file/4287b4ac97bf3626de77a95ad2ed1bb896afee11f49b5ab58597d6fba12daf9d/detection

179.13.0.133:6606
179.13.0.133:7707
179.13.0.133:8808
94.154.35.80:8668
salv123.com
bypatrokcer.duckdns.org
bypatrokcerbk.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-02-20)

http://178.212.32.33
http://38.242.146.249
http://45.138.16.50
http://72.10.160.170
http://74.204.137.48
http://94.113.123.153
100.37.20.232:4872
101.99.76.120:7707
101.99.91.31:3982
103.141.69.160:6606
103.141.69.160:8808
103.145.50.68:8080
103.195.101.225:8808
103.83.164.33:4449
103.83.164.33:8000
104.194.132.138:111
104.194.132.138:7001
104.234.204.211:8808
104.234.205.134:8088
104.234.205.134:8808
104.238.189.71:1992
105.100.250.154:39687
105.101.179.171:38672
105.101.189.52:38394
107.170.60.30:4000
107.170.60.30:5010
107.170.60.30:6000
107.170.60.30:7000
107.170.60.30:8000
107.170.60.30:8088
107.170.60.30:8808
107.173.62.67:8808
107.175.101.134:7707
107.175.202.140:4449
107.175.202.158:25565
107.175.202.158:6606
107.175.48.5:8808
107.178.106.141:2468
107.178.106.141:6606
107.178.106.141:7707
107.178.106.141:8808
107.208.148.72:1492
108.181.174.200:8808
108.61.217.60:8888
109.248.151.171:63393
109.248.151.187:49181
113.219.237.106:8848
118.107.40.222:7415
118.99.98.155:10549
120.156.150.101:8080
122.179.205.60:8848
123.249.104.74:4449
123.99.198.130:13792
123.99.198.130:5418
123.99.198.130:5419
128.90.102.127:5000
128.90.102.97:5000
128.90.102.97:9909
128.90.102.97:9999
128.90.103.206:2000
128.90.103.206:5000
128.90.103.206:9999
128.90.113.141:5000
128.90.122.182:5000
128.90.122.65:5000
128.90.122.65:8808
128.90.122.69:2000
128.90.122.69:8808
128.90.122.69:9999
128.90.123.117:5000
128.90.123.218:2000
128.90.123.218:5000
128.90.123.223:5000
128.90.123.223:9999
128.90.123.94:9999
128.90.123.96:5000
128.90.128.199:8808
128.90.128.54:8808
13.211.229.208:8808
130.195.222.141:4444
134.122.128.89:1234
134.122.128.91:1234
134.122.128.93:1234
134.122.189.27:56003
134.122.189.29:56003
134.122.189.39:56003
135.148.12.122:7077
135.148.89.85:7077
136.0.157.45:8808
136.0.3.250:4449
138.68.81.155:2301
141.144.239.133:22
141.144.239.133:30058
141.144.239.133:6606
141.144.239.133:7707
141.144.239.133:8808
141.95.84.40:6465
143.198.82.194:8808
144.126.149.221:0077
144.172.92.114:3000
146.103.11.125:6606
146.103.11.125:7707
146.103.11.125:8808
146.103.11.139:6606
146.103.11.139:7707
146.103.11.139:8808
146.70.113.148:4444
146.70.158.209:5555
147.124.210.158:4449
147.185.221.16:56793
147.185.221.17:37531
147.185.221.18:5050
147.185.221.19:25944
147.185.221.19:28126
147.185.221.19:29253
147.185.221.19:38630
147.185.221.19:42550
147.185.221.19:43234
147.185.221.19:45994
147.185.221.19:51939
147.185.221.19:52033
147.185.221.19:54226
147.185.221.19:8000
147.185.221.19:9090
147.185.221.205:4449
147.185.221.205:52809
147.185.221.20:1083
147.185.221.20:22308
147.185.221.20:29034
147.185.221.20:46193
147.185.221.20:49151
147.185.221.20:9912
147.185.221.21:33927
147.185.221.21:448
147.185.221.21:46268
147.185.221.21:5552
147.185.221.21:60519
147.185.221.21:8848
147.185.221.225:54312
147.185.221.22:16160
147.185.221.22:40680
147.185.221.22:444
147.185.221.22:63702
147.185.221.23:28959
147.185.221.23:35540
147.185.221.23:54025
147.185.221.23:6606
147.185.221.23:8808
147.185.221.241:14954
147.185.221.245:56924
147.185.221.24:11061
147.185.221.24:1337
147.185.221.24:26550
147.185.221.24:40668
147.185.221.24:6902
147.185.221.25:14000
147.185.221.25:3604
147.185.221.25:36411
147.185.221.25:40021
147.185.221.25:46315
147.185.221.26:1125
148.113.139.241:5500
149.102.147.106:1000
149.102.147.106:5505
149.143.127.81:7707
149.22.238.141:4449
149.22.238.141:53
149.22.238.141:7000
149.248.79.87:4440
149.248.79.87:4446
149.28.115.180:7788
149.28.150.93:3299
149.28.150.93:9203
149.88.73.200:8856
152.70.113.69:24329
154.12.240.75:8808
154.12.253.45:6606
154.216.16.111:8808
154.216.20.182:8000
156.245.19.167:3956
157.20.182.102:4449
157.97.11.134:8080
158.220.83.114:1001
158.220.83.114:1002
161.10.153.176:7575
162.238.154.3:4449
162.244.210.40:8808
163.5.112.227:8808
163.5.169.248:8808
163.5.169.43:222
163.5.169.43:2222
163.5.169.43:888
163.5.169.43:8888
163.5.210.118:6667
163.5.210.32:7001
163.5.210.97:8808
163.5.32.125:8808
163.5.32.127:8808
163.5.32.231:8808
167.172.135.43:8808
168.119.119.140:6606
168.119.119.140:7707
172.111.137.100:3890
172.111.137.101:3890
172.191.149.124:8808
172.81.132.46:8080
172.93.218.10:8808
172.96.172.183:8808
173.212.229.31:6606
174.95.254.210:8808
176.111.221.97:8808
176.65.137.182:4449
176.65.137.89:8808
176.65.138.184:3939
176.65.141.101:7707
176.65.141.101:8808
176.65.141.235:4449
176.65.142.245:8808
176.65.142.65:8808
176.65.144.125:1504
176.65.144.125:8808
176.65.144.125:8888
176.65.144.162:8808
176.65.144.164:5222
176.65.144.19:8808
176.65.144.205:8808
176.65.144.60:2000
176.65.144.60:8808
176.67.81.11:443
177.22.115.185:13153
178.128.29.38:8808
178.208.169.232:8808
178.212.32.33:6606
178.215.224.247:2222
178.215.224.247:4444
178.215.224.248:4444
178.215.224.50:2525
179.13.5.14:8808
179.13.9.42:8808
179.43.139.194:4449
18.231.223.127:4449
181.41.194.91:6004
181.41.200.226:4000
181.73.20.67:8080
185.126.34.129:6004
185.19.85.183:55001
185.196.9.225:6606
185.196.9.225:7707
185.196.9.225:8808
185.205.210.59:4444
185.208.156.153:1856
185.208.159.240:56001
185.214.10.79:8808
185.248.101.170:1366
185.254.96.154:1111
185.254.96.154:4449
185.49.126.166:2004
185.49.126.166:6606
185.49.126.166:7707
185.49.126.166:8808
185.49.126.235:1999
185.49.126.235:2004
185.49.126.235:6606
185.49.126.235:7707
185.49.126.235:8808
185.49.126.245:6606
185.49.126.245:7707
185.49.126.245:8808
185.49.126.27:7707
185.49.126.27:8808
185.49.126.52:6606
185.49.126.52:7707
186.169.52.131:8092
186.169.60.145:11103
186.30.179.127:8080
187.18.72.113:1177
187.18.72.113:21053
187.18.72.113:4449
188.126.90.10:9002
188.127.231.164:8808
188.127.240.186:7771
188.127.254.108:4444
188.127.254.108:5555
188.127.254.108:7777
188.127.254.108:8008
189.14.62.242:21053
189.14.62.242:4449
190.104.116.8:6606
190.104.116.8:7707
191.101.157.122:35870
191.101.209.39:7707
191.96.166.74:8808
191.96.207.168:2004
191.96.207.168:6606
191.96.207.168:7707
191.96.207.168:8808
191.96.207.172:6606
191.96.207.172:7707
191.96.207.172:8808
191.96.207.227:8888
191.96.207.70:6606
191.96.207.70:7707
191.96.207.70:777
191.96.207.70:8808
191.96.207.75:2004
191.96.207.75:6606
191.96.207.75:7707
191.96.207.75:8808
191.96.207.98:6606
192.151.243.230:54612
192.238.134.81:8848
192.238.134.82:8848
192.252.186.220:3534
192.3.189.150:6606
192.3.189.150:7707
192.3.189.150:8808
192.3.238.130:5555
192.30.241.106:49754
192.30.241.106:56002
192.30.241.217:8808
193.142.146.179:8808
193.143.1.72:8808
193.143.1.72:9090
193.161.193.99:32954
193.161.193.99:3334
193.161.193.99:35558
193.161.193.99:36206
193.161.193.99:41111
193.161.193.99:44454
193.161.193.99:4448
193.161.193.99:53068
193.161.193.99:53757
193.161.193.99:56266
193.233.255.79:8080
193.26.115.107:6606
193.26.115.238:8088
193.26.115.48:8000
193.26.115.52:7707
193.26.115.52:8808
193.38.248.56:8808
193.57.137.78:5555
193.83.1.168:4444
194.110.13.70:1111
194.147.140.169:3307
194.163.171.47:9292
194.32.149.186:8848
194.33.191.195:4449
194.33.191.246:6606
194.44.26.124:7707
194.5.97.229:1195
194.59.30.85:8808
194.9.6.96:4449
194.9.6.96:8665
195.177.94.190:6818
195.177.94.190:7000
195.177.94.54:4449
195.177.95.232:443
195.177.95.232:8808
195.177.95.232:9090
195.211.190.122:6606
195.211.190.122:7707
195.211.190.122:8808
195.26.245.113:6606
195.26.245.113:7707
195.3.223.146:20000
195.3.223.146:4442
195.3.223.146:5553
195.3.223.146:6666
195.88.218.76:6606
196.251.116.95:444
196.251.116.95:4444
196.251.116.95:5555
196.251.116.95:7777
196.251.118.49:8808
196.87.121.175:6606
196.87.121.175:8808
197.153.136.106:8808
198.167.193.42:8808
198.167.200.74:8808
198.167.210.62:6606
198.167.210.62:8808
198.167.215.35:8808
198.167.216.74:8808
198.23.158.69:6606
198.244.224.197:6606
198.244.224.197:7707
198.44.128.113:8808
199.204.161.37:8808
199.204.161.38:8808
199.204.161.39:8808
2.58.56.218:6606
2.58.56.218:7707
2.58.56.218:8808
2.58.56.94:111
2.58.56.94:555
2.58.56.94:6606
2.58.56.94:7001
2.58.56.94:8444
20.161.64.148:1604
20.161.64.148:7707
20.161.64.148:8808
20.203.173.201:58110
20.224.66.176:4784
20.36.20.111:1604
205.172.57.134:8808
205.234.181.253:4444
205.234.181.253:8008
205.234.181.3:8808
206.238.220.237:4449
207.148.2.31:3604
207.148.2.31:4449
207.231.111.82:306
207.244.238.106:6606
207.32.217.253:6606
207.32.217.253:7707
207.32.217.253:8808
209.46.127.181:444
209.46.127.25:888
210.53.210.53:1177
212.162.155.84:8808
213.32.110.136:8808
213.32.110.136:8888
216.173.112.219:8808
216.189.134.79:6606
217.105.23.4:4449
217.105.23.4:7000
217.215.65.213:6606
217.215.65.213:7707
23.175.50.116:7707
23.175.50.140:6606
23.175.50.140:7707
23.175.50.140:8808
23.254.226.86:8808
23.88.104.194:4982
23.94.126.207:1999
23.94.126.207:2004
23.94.126.207:6606
23.94.126.207:7707
23.94.126.207:8808
24.167.114.213:7707
26.119.255.204:25868
26.129.198.185:6606
27.124.4.150:51311
3.142.167.54:4449
3.142.167.54:600
3.142.167.54:800
31.13.224.69:49731
31.57.135.113:4199
31.57.166.130:6606
31.57.166.130:7707
31.57.166.130:8808
31.57.166.52:6606
31.57.166.52:7707
31.57.166.52:8808
31.58.169.102:6606
31.58.169.102:7707
31.58.169.102:8808
34.174.254.138:8808
34.58.66.17:4483
34.66.204.146:443
34.70.24.145:8808
34.92.223.98:4449
37.112.34.178:1070
38.128.251.50:47792
38.180.9.93:8848
38.255.37.248:7000
38.255.37.248:8245
38.255.37.248:8808
38.69.12.186:7707
38.69.12.186:8808
38.85.247.159:8808
38.85.247.35:8808
43.154.203.129:8848
45.125.66.195:8808
45.125.66.29:8808
45.125.66.29:9090
45.131.65.216:4449
45.133.180.154:8808
45.137.194.110:5555
45.137.198.159:7777
45.138.16.143:8808
45.138.16.43:8808
45.138.16.50:4000
45.138.16.50:6000
45.14.114.90:443
45.147.7.149:1337
45.147.7.149:6606
45.147.7.149:7707
45.147.7.149:8808
45.149.241.39:222
45.149.241.39:2222
45.149.241.39:4444
45.149.241.39:7777
45.149.241.44:222
45.149.241.44:2222
45.149.241.44:4444
45.149.241.44:7777
45.154.98.160:8808
45.154.98.68:222
45.154.98.68:2222
45.154.98.68:444
45.154.98.68:4444
45.154.98.68:5555
45.154.98.68:6606
45.154.98.68:7001
45.154.98.68:7707
45.154.98.68:8444
45.154.98.68:8808
45.154.98.68:888
45.154.98.68:8888
45.202.32.101:8000
45.40.96.159:8808
45.62.170.251:5353
45.76.177.203:8808
45.81.23.27:4444
45.87.173.96:2404
45.88.186.26:6606
45.88.186.26:7707
45.88.186.26:8808
45.88.91.31:3232
45.94.31.215:6606
45.94.31.215:8808
46.109.223.91:55389
46.183.223.84:920
47.242.232.240:8808
49.205.66.5:4449
5.34.125.39:5552
50.114.115.207:6606
50.114.115.207:7707
50.114.115.207:8808
51.254.53.24:16388
51.38.119.232:6606
51.38.119.232:7707
51.38.119.232:8808
51.38.119.240:6606
51.38.119.240:7707
51.38.119.240:8808
51.38.119.244:6606
51.38.119.244:7707
51.38.119.244:8808
51.89.158.68:222
51.89.158.68:2222
51.89.158.68:6606
51.89.158.68:7707
51.89.158.68:8808
52.28.112.211:12371
54.153.18.222:8808
54.196.199.243:8808
62.146.226.225:6606
62.146.226.225:7707
62.182.85.200:6606
62.182.85.200:7707
62.182.85.200:8808
62.60.190.196:3232
65.108.24.107:14701
65.109.115.25:6000
66.66.146.74:333
66.66.146.74:4449
68.168.223.115:47816
69.166.230.200:2345
69.167.28.183:8808
69.48.202.241:443
69.48.202.241:8808
71.93.221.109:6606
72.10.160.170:20953
74.103.211.105:9999
74.204.137.48:4449
75.70.202.105:8808
77.100.63.251:5631
77.90.44.21:7127
78.108.218.247:222
78.108.218.247:2222
78.108.218.247:888
78.108.218.247:8888
78.161.46.248:1000
78.161.46.248:20000
78.161.46.248:2003
78.161.46.248:2004
78.161.46.248:3000
78.161.46.248:5500
78.161.46.248:75
78.161.46.248:8808
78.161.46.248:888
78.179.128.55:1000
78.179.128.55:20000
78.179.128.55:2003
78.179.128.55:2004
78.179.128.55:3000
78.179.128.55:5500
78.179.128.55:75
78.179.128.55:8808
78.179.128.55:888
78.84.239.187:8808
80.240.26.220:8808
81.10.39.58:7077
81.10.39.58:8888
81.207.35.43:6606
81.207.35.43:7707
81.79.156.77:7707
82.13.154.169:4446
83.168.107.194:22
83.168.69.7:22
83.168.69.7:30058
83.168.69.7:6606
83.168.69.7:7707
83.168.69.7:8808
83.229.86.210:4449
83.38.30.219:1606
83.38.30.219:3333
84.151.6.26:8808
84.247.162.141:90
84.247.162.141:9090
85.209.128.208:4449
85.209.128.225:7777
85.209.133.130:3232
85.215.243.238:7707
85.239.232.11:5555
85.239.232.11:6666
85.239.232.214:6666
85.239.232.226:6666
85.31.47.104:111
85.31.47.104:555
85.31.47.31:1860
87.120.113.125:6606
87.120.114.165:1337
87.120.116.117:6606
87.120.116.117:7707
87.120.125.185:6606
87.120.127.122:222
87.120.127.122:2222
87.120.127.122:444
87.120.127.122:4444
87.120.127.122:7777
87.120.127.195:222
87.120.127.195:2222
87.120.127.195:444
87.120.127.195:4444
87.120.127.195:7777
87.120.127.37:7707
87.120.254.143:8888
87.204.61.28:4449
88.173.32.153:8081
88.175.86.67:16388
89.117.17.182:6606
89.23.96.61:9823
89.248.161.41:6001
89.248.161.41:6003
89.248.161.41:6005
89.44.9.226:4444
90.49.19.120:4782
91.151.89.109:8808
91.151.94.60:7707
91.151.94.60:8808
91.193.75.169:4782
91.211.247.160:8808
91.92.240.191:2025
91.92.240.191:4449
91.92.242.59:4449
91.92.246.67:4782
91.92.246.67:4788
91.92.246.67:4792
91.92.246.67:4793
91.92.247.224:7707
91.92.247.224:8808
91.92.250.7:4449
91.92.255.37:6666
92.219.119.99:6606
92.219.119.99:7707
92.219.119.99:8808
93.123.109.202:4444
93.123.109.202:7777
93.123.109.235:8747
93.144.177.185:8808
94.103.183.9:8808
94.113.123.153:8848
94.154.35.80:6660
94.154.35.80:7770
94.156.105.136:222
94.156.105.136:2222
94.156.105.136:444
94.156.105.136:4444
94.156.105.136:5555
94.156.105.136:7777
94.156.105.138:222
94.156.105.138:2222
94.156.105.138:444
94.156.105.138:4444
94.156.105.138:7777
94.156.166.213:1700
94.156.167.72:8808
94.156.69.160:2020
94.156.79.107:4443
94.156.8.123:6606
94.156.8.123:8808
94.232.249.235:13001
94.232.249.235:4449
94.72.118.139:6606
94.72.118.139:7707
95.49.247.223:6606
95.49.247.223:8808
95.49.40.112:8848
99.83.12.91:2600
99.83.12.91:3232
99.83.12.91:8808
0qwlz4z2lsuqq1e55brko.duckdns.org
10a6-88-230-120-156.ngrok-free.app
11111111111111111111111111111111111111112ewdsacafa-32954.portmap.host
2025blessed.dynuddns.com
3x3.casacam.net
a3madssy1.linkpc.net
aets.duckdns.org
amyer.mywire.org
amyer2.accesscam.org
ansyfa17feb.duckdns.org
asygo.duckdns.org
asyncyam.twilightparadox.com
ayrt2.duckdns.org
bertel5.duckdns.org
bisaorcc.moreisxao.click
breakingthroughs.freemyip.com
bunnymax.bounceme.net
bunnymax2.dynathome.net
cell-state.gl.at.ply.gg
chyanarc.twilightparadox.com
click-plymouth.gl.at.ply.gg
clinakleee-44561.portmap.host
coinbasecrashout.ddns.net
cool-brake.gl.at.ply.gg
corexcxxx-58114.portmap.host
d-mac.gl.at.ply.gg
d43b-88-230-120-156.ngrok-free.app
dawsdfs-61841.portmap.host
dcglos.duckdns.org
deadpoolstart2026.duckdns.org
deadpoolstart2035.duckdns.org
deadpoolstart2036.duckdns.org
deadpoolstart2037.duckdns.org
dgfsdfsdfsdf-60631.portmap.host
dsdgsdfhg-32257.portmap.host
dwasfsyfsfsd-31741.portmap.host
eg3x6.giize.com
eg4x4.casacam.net
egypt302.casacam.net
enerowins29.duckdns.org
fisher1.loseyourip.com
franclouis882.duckdns.org
francoislouis712.duckdns.org
ftp.qurvegraphics.com
grahthousand-64131.portmap.host
great-wherever.gl.at.ply.gg
gshvenomgb.twilightparadox.com
gvdfhwrt-24202.portmap.host
hiimout.duckdns.org
j4bgkks2.giize.com
kmdsanarchy.duckdns.org
krakensxx.duckdns.org
krakensxx007.duckdns.org
letter-organisms.gl.at.ply.gg
man3x5.ooguy.com
masterpoldo02.kozow.com
minto1.kozow.com
minto1.publicvm.com
minto1237.duckdns.org
montate.duckdns.org
necessary-spirits.gl.at.ply.gg
nfasyn.duckdns.org
ngoklene.duckdns.org
nope-it-30183.portmap.host
nowmnew.loseyourip.com
onecheat-63877.portmap.host
onllne-cltadelle-lv.abyssalempress.com
otrodia8912.gleeze.com
pasto2025.duckdns.org
payment-rivers.gl.at.ply.gg
pirulito25.duckdns.org
public-anyway.gl.at.ply.gg
release-diseases.gl.at.ply.gg
rhgdsg-46696.portmap.host
rtasyn.duckdns.org
saleselma.freemyip.com
seratospm.giize.com
sfsdtgeds-34641.portmap.host
shewaswalking.ddns.net
supersender.top
t1ckets-35220.portmap.host
test20250107salv.duckdns.org
the-attractions.gl.at.ply.gg
travelingwealth.duckdns.org
understanding-described.gl.at.ply.gg
vpn741424698.softether.net
win-octo-55210.duckdns.org
x0jlj7s1ibdosewoq029prs9.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1892503516205195697
# Reference: https://app.validin.com/detail?find=amromohamed1988.hotmail.com&type=dom&ref_id=3fe06b518df#tab=dns (# 2025-02-21)
# Reference: https://www.virustotal.com/gui/file/eb6705a4ac3eb29b94932ac00c17940e8321149701e17e1aa416640919a40ad4/detection
# Reference: https://www.virustotal.com/gui/file/cfa49317955569600d257fc012b9bcc90d45a84e90b68e297ace5cffe170f260/detection

196.251.84.39:23500
196.251.84.39:23501
e-signaturecloud.tech
jntl.shop
jntlman.mooo.com
lmmira.duckdns.org
mrmrdns.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1894147528972468478
# Reference: https://www.virustotal.com/gui/file/fb98c0e8dccab7fda59884315e58c6d5d02973afacd0bcefa0815a0b4120a525/detection

178.156.128.182:25658

# Reference: https://x.com/malwrhunterteam/status/1894517988277080132
# Reference: https://www.virustotal.com/gui/file/569abed215074edb9ba9b451f7834c27eb905c04e15941b2dd3a03bcef70e89d/detection

195.211.190.61:1001

# Reference: https://raw.githubusercontent.com/cert-orangecyberdefense/cti/refs/heads/main/blue_stylthon/iocs

bajiahcberu222.com
blockchainnportfolio.com
covenantofchrist.com
diatruiest.com
existors.com
fcriindia.com
gamingtimensks.shop
intlpsb.org
ledgeronbill.com
managecaldsdlivery.online
overboardlogist.org
payingreceiptingnowsho.shop
proudwood.com
puduppariyaramscb.com
rtuqueis.us
shopfiy.org
timebasebsan.shop
turkmedchem.org
vcuadronan.info

# Reference: https://x.com/malwrhunterteam/status/1895380254602211378
# Reference: https://www.virustotal.com/gui/file/6182fd8a87b1a05506683c2b3ab5072759ba07e4f35d01a22cfdeac99b50817f/detection

147.185.221.26:5039

# Reference: https://x.com/malwrhunterteam/status/1896470524353781791
# Reference: https://www.virustotal.com/gui/file/a3c5e59fb5c6c97696306757354ea5879bfb0154517b92a089207cbd2bd66367/detection

195.177.94.136:6469

# Reference: https://x.com/skocherhan/status/1897138529257333025
# Reference: https://www.virustotal.com/gui/file/22902e9ae3ea57228591708ab8c5a9aceab8c281293aaefb6ba6351796933e72/detection
# Reference: https://www.virustotal.com/gui/file/28c7fc690da8b555b312935a4f2e651627fb6faf6047fc0a6717fe65c0aec1d5/detection
# Reference: https://www.virustotal.com/gui/file/c0bc583216e6995826174d6cefa52d7b7eaae2ff29cd0ffeb1699c962c2e00f8/detection
# Reference: https://www.virustotal.com/gui/file/d00dbfba44c4909e2c4c3e482900dbc2d14ae7df9d0a4c9a8d80a67b3858241c/detection

172.81.133.157:6606
172.81.133.157:7707
172.81.133.157:8808

# Reference: https://x.com/malwrhunterteam/status/1897259764729720839
# Reference: https://www.virustotal.com/gui/file/efc09d4380483145573ac4f1a2b4fe308e9bd4378bffbc44efd00739d2e055a7/detection
# Reference: https://www.virustotal.com/gui/file/dce7213526e308a4decd939c5caa83de1f67b7a9f82fd6cee0e6a8bfc008b430/detection
# Reference: https://www.virustotal.com/gui/file/82fc4d9ffed1c41c3ed7794561360c11a5cf19ba252db21cd417e7c504686824/detection

http://193.34.77.163
193.34.77.163:3434

# Reference: https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/desert-dexter-attacks-on-middle-eastern-countries

dick2024.ddnsfree.com
fuck1up.freeddns.org
lovlysexy.freeddns.org
pdflove.ddnsfree.com
sex2024.freeddns.org
sexzsex1.ddnsfree.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-03-15)

http://185.143.243.46
http://196.251.70.104
http://196.251.84.194
http://197.48.74.234
http://45.152.113.234
http://45.59.104.62
101.109.253.53:8808
102.41.55.187:5505
103.17.38.43:3232
103.17.38.43:4449
103.17.38.43:7707
103.228.37.177:8080
103.91.78.251:8808
104.161.36.40:6606
104.161.36.40:7707
104.161.36.40:8808
104.161.43.108:7707
104.161.43.108:8808
104.219.236.202:6606
104.219.236.202:7707
104.219.236.202:8808
104.245.240.121:443
104.245.240.121:8808
104.245.240.121:9090
104.245.240.30:443
104.245.240.30:8808
104.245.240.30:9090
107.155.93.118:6606
107.178.103.149:4444
107.178.103.149:6606
107.178.103.149:7707
107.178.103.149:8808
109.199.101.109:1005
109.199.101.109:1006
115.77.122.212:8808
119.42.149.26:4449
128.90.102.227:2000
128.90.102.227:5000
128.90.102.236:2000
128.90.102.236:8808
128.90.103.34:2000
128.90.103.34:5000
128.90.103.34:9999
128.90.106.143:8808
128.90.106.148:2000
128.90.106.254:2000
128.90.108.156:2000
128.90.108.156:9999
128.90.108.196:2000
128.90.113.16:9999
128.90.113.240:2000
128.90.113.43:2000
128.90.113.43:5000
128.90.113.43:8808
128.90.113.56:2000
128.90.113.56:4000
128.90.122.181:2000
128.90.122.181:5000
128.90.122.181:9999
128.90.122.201:2000
128.90.122.201:5000
128.90.122.218:4000
128.90.123.17:5000
128.90.123.17:8808
128.90.123.183:5000
128.90.123.183:8808
128.90.123.191:9999
128.90.123.198:4000
128.90.123.198:8808
136.243.111.71:85
14.226.87.219:8808
142.93.67.8:8000
142.93.67.8:8088
142.93.67.8:8808
144.172.113.109:8808
144.172.98.53:8808
145.239.200.144:222
145.239.200.144:2222
145.239.200.144:8808
147.185.221.26:16035
147.185.221.26:99
151.67.43.151:8080
152.67.63.88:8808
154.12.224.140:8808
154.12.229.73:1996
154.12.229.73:6606
154.12.229.73:7707
156.245.19.195:3956
156.245.19.215:3956
157.173.195.46:1888
157.20.182.12:4443
157.20.182.12:4444
157.254.236.150:8808
158.220.83.114:1007
160.191.245.154:9999
160.30.19.247:8888
161.97.101.53:1000
161.97.101.53:2000
161.97.101.53:2001
161.97.101.53:2003
161.97.101.53:2004
161.97.101.53:8808
163.172.125.253:401
163.5.112.109:8808
163.5.112.25:8808
163.5.32.71:444
164.92.163.239:3898
166.88.90.22:6606
166.88.90.22:7707
166.88.90.22:8808
167.172.135.43:6606
167.71.51.222:3595
172.111.137.98:3890
172.111.162.203:8080
172.111.162.219:443
172.111.162.219:8080
172.111.198.20:8808
172.81.133.115:8808
172.86.117.154:8808
172.94.111.98:8888
173.212.240.188:2003
174.26.204.152:4545
174.26.204.152:6606
174.26.204.152:7707
174.26.204.152:8808
176.65.140.206:8888
176.65.140.64:8808
176.65.141.162:10997
176.65.141.245:7707
176.65.141.245:7777
176.65.141.245:8808
176.65.142.132:8808
176.65.142.245:888
176.65.142.74:4448
176.65.142.74:4449
176.65.144.103:8808
176.65.144.125:6606
176.65.144.125:7707
176.65.144.19:6606
176.65.144.19:7707
176.65.144.28:6606
176.65.144.28:7707
176.65.144.28:8808
176.65.144.32:6606
176.65.144.32:7707
176.65.144.32:8808
176.65.144.60:6606
176.65.144.60:7707
178.73.218.7:8888
179.13.0.63:8808
179.13.2.158:8081
179.13.5.203:8020
181.235.13.95:11102
181.235.15.22:3000
185.133.248.219:6606
185.143.243.46:103
185.156.175.43:10997
185.189.112.27:10997
185.196.10.66:4449
185.208.156.169:6502
185.224.0.191:7707
185.224.0.191:8808
185.241.208.107:100
185.241.208.107:4444
185.241.208.107:7777
185.241.208.107:8808
185.241.208.132:8808
185.241.208.247:8080
185.241.208.51:8808
185.246.113.191:8808
186.169.85.81:11102
186.169.87.220:3030
186.169.89.221:11103
186.169.90.226:3030
186.169.94.13:11103
188.127.254.108:6606
188.127.254.108:7707
188.127.254.108:8808
188.127.254.108:8888
188.216.196.144:8808
190.111.98.121:6606
190.111.98.121:7707
190.111.98.121:7949
190.111.98.121:8808
192.227.246.70:1089
193.142.146.179:6606
193.142.146.179:7707
193.142.146.42:6606
193.142.146.42:7707
193.161.193.99:35044
193.26.115.165:7077
193.26.115.188:7077
193.26.115.52:6606
193.26.115.69:9090
194.238.29.164:25
194.238.29.164:8808
194.59.30.173:8808
195.206.234.29:8808
195.206.234.36:8808
195.211.191.181:4449
195.58.58.58:222
195.58.58.58:2222
195.58.58.58:6606
195.58.58.58:7707
195.58.58.58:8808
195.58.58.58:888
195.58.58.58:8888
196.251.113.41:6606
196.251.113.41:7707
196.251.113.41:8808
196.251.118.95:8888
196.251.70.104:1005
196.251.70.104:8808
196.251.70.156:8808
196.251.70.51:8808
196.251.70.67:8808
196.251.71.168:8888
196.251.71.169:8888
196.251.71.200:8808
196.251.71.233:8888
196.251.71.233:9999
196.251.71.246:6606
196.251.71.246:7707
196.251.71.246:8808
196.251.72.206:8888
196.251.72.5:4444
196.251.72.5:7777
196.251.73.189:7777
196.251.81.165:8808
196.251.81.222:7581
196.251.83.37:3000
196.251.83.37:8888
196.251.83.66:8808
196.251.84.188:8808
196.251.84.194:4444
196.251.84.194:8080
196.251.84.215:8808
196.251.85.154:3000
196.251.85.154:8888
196.251.85.237:7707
196.251.85.237:8808
196.251.85.45:7777
196.251.87.10:6606
196.251.87.10:7707
196.251.87.10:8808
196.251.90.23:8808
196.74.233.171:8808
197.48.105.157:5505
197.48.74.234:5505
197.48.74.234:6606
197.48.74.234:8888
198.23.158.69:7707
198.244.216.42:8808
2.58.85.204:8808
20.206.204.9:4449
20.229.103.183:5000
204.10.161.147:4955
205.234.181.17:7000
207.231.111.146:1996
207.231.111.146:2106
207.231.111.146:6606
207.231.111.146:6666
207.231.111.146:7707
207.231.111.146:7777
207.231.111.146:8808
209.38.69.65:8080
209.38.69.65:8888
212.102.53.88:27133
212.129.34.197:8808
212.23.222.206:8808
217.64.148.159:50037
23.94.207.135:6606
23.94.207.135:8808
3.124.67.191:16165
31.57.166.120:8888
31.57.166.130:9999
34.132.199.158:2000
34.226.192.45:8808
37.1.214.24:2004
37.120.151.102:4444
37.150.21.234:2121
38.18.228.187:5353
38.60.255.218:8808
38.68.49.150:6606
38.68.49.150:7707
38.68.49.150:8808
45.125.66.29:6606
45.138.16.143:6606
45.138.16.143:7707
45.138.16.189:7707
45.154.98.68:777
45.55.35.48:34197
45.59.104.62:443
45.62.170.90:443
45.66.248.181:8808
45.81.23.31:4444
45.88.186.35:4449
45.9.148.226:8808
45.92.1.25:6606
45.92.1.25:7707
45.92.1.25:8808
45.94.31.215:7707
46.246.82.12:1000
46.246.82.12:3000
46.246.82.16:8888
46.246.86.8:8888
46.246.86.8:9999
47.88.33.97:8808
5.181.3.38:8808
5.231.26.84:8808
5.253.247.7:4114
51.161.213.152:8808
51.195.231.115:222
51.195.231.115:2222
51.195.231.115:8808
51.195.231.115:888
51.195.231.120:222
51.195.231.120:2222
51.195.231.120:6606
51.195.231.120:7707
51.195.231.120:8808
51.195.231.120:888
51.38.106.133:8808
51.38.109.145:8808
51.89.190.23:6606
51.89.190.23:7707
51.89.190.23:888
51.89.190.24:222
51.89.190.24:2222
51.89.190.24:6606
51.89.190.24:7707
51.89.190.24:888
57.128.134.229:443
57.128.134.229:6606
57.128.134.229:7707
57.128.134.229:8808
64.52.80.165:443
64.52.80.165:4444
64.52.80.165:8080
65.109.115.25:500
65.109.115.25:5000
66.94.116.48:8808
66.94.116.48:9999
69.48.202.241:6606
69.48.202.241:7707
70.93.72.15:5631
74.120.121.26:2502
74.50.120.106:1998
74.50.120.106:2000
74.50.120.106:5000
74.50.120.106:8080
74.50.120.106:8808
74.50.120.106:8888
74.50.120.69:1998
74.50.120.69:2000
74.50.120.69:2003
74.50.120.69:2004
74.50.120.69:2005
74.50.120.69:8808
78.161.46.248:3001
78.161.46.248:8822
81.19.131.153:50037
84.154.119.178:4449
84.38.129.34:3369
85.239.245.157:8888
86.38.225.152:808
86.38.225.152:8808
89.117.109.238:8808
91.199.42.124:6606
93.71.184.136:8808
94.156.177.244:8808
95.129.234.24:2004
95.129.234.24:8808
95.214.55.246:20000
95.214.55.246:2022
95.214.55.246:6667
98.83.120.7:8808
17bzzla6.kozow.com
17bzzla60.ddnsgeek.com
aliweq.ddnsgeek.com
anhphux4-26369.portmap.host
ashleyasync.duckdns.org
bendecido2.ydns.eu
bendecido3.ydns.eu
bigasyt.giize.com
billionairebankz.duckdns.org
billionairewealthz.duckdns.org
bogota2025pz.duckdns.org
budget-major.gl.at.ply.gg
bwj9h6dmc.kozow.com
cipiripi84.airdns.org
danamente.duckdns.org
darwin151czsk-60643.portmap.host
dinero12.giize.com
egypishan.webredirect.org
elpoder2025vz.duckdns.org
envio-18-2.duckdns.org
feb18.freeddns.org
ftdx.camdvr.org
gz-sakura.xyz
hellonew2025.kozow.com
hhhhjkjkjkg-50583.portmap.host
jaber.work.gd
jaberer.giize.com
kenanachy.duckdns.org
king.vmhost.network
lakikishop.duckdns.org
llechematerna02.kozow.com
lolaalvar0006-21146.portmap.io
luchod.duckdns.org
maryvenom19.duckdns.org
mhmad1.accesscam.org
mhmad1.work.gd
mhmad4.accesscam.org
mlwoe.gleeze.com
mocaac.webredirect.org
mst555-h63x-l-windows.sbs
mustafa4.work.gd
myasyncrat.ddns.net
n1barby.camdvr.org
nbarby.duckdns.org
nbarby.linkpc.net
nbarby.loseyourip.com
newcli.bumbleshrimp.com
onlines.ooguy.com
polgen.kozow.com
polgen.linkpc.net
privat24x.com
rc7-41750.portmap.host
rexcbhg.webredirect.org
romariolopez.duckdns.org
sahil395.bumbleshrimp.com
sebastiancorrea905040.duckdns.org
supercellcalls.com
t1cket-32617.portmap.host
tagol51982-62186.portmap.host
tattat.ooguy.com
tips-suggestion.gl.at.ply.gg
tricodersbankz.freemyip.com
tubeydoo-51012.portmap.host
underhell-backup.duckdns.org
vf5qZiznc.theworkpc.com
went-startup.gl.at.ply.gg
winupdatern0012174.duckdns.org
wpzvlds.gleeze.com

# Reference: https://x.com/malwrhunterteam/status/1900818097495269407
# Reference: https://www.virustotal.com/gui/file/a8584564cd857eefd954f208699b4639cc2f67e20c598844f2fd6546e1ab1404/detection
# Reference: https://www.virustotal.com/gui/file/81a57d9a354f1ce6ed196439fa5e133fa238efa22f4b7baf75da4359135ed508/detection

83.147.240.230:9999

# Reference: https://x.com/K_N1kolenko/status/1900499347239817377

146.19.191.210:4449
148.113.214.176:8848
156.229.233.3:8848
185.236.228.10:4449
206.237.6.182:8848
216.122.187.45:4449
45.95.18.173:4449

# Reference: https://x.com/malwrhunterteam/status/1901591162437111977
# Reference: https://www.virustotal.com/gui/file/0e1a3522db4a32e7620159b72df2693f40c8aeeaa9cd8c280eab2221067bb042/detection

194.26.192.251:1878

# Reference: https://x.com/skocherhan/status/1901793345648624083
# Reference: https://www.virustotal.com/gui/file/a6e66db91105a3cbc35698e44836795540d548e02247bfdb983a089aee4edde8/detection

116.250.190.209:4567
176.65.144.14:8000

# Reference: https://www.virustotal.com/gui/file/48d666c405eabc45921c2d3371b257b4531e41c0827a51a19f3745a1833238b5/detection

2.58.170.176:56001

# Reference: https://x.com/JAMESWT_MHT/status/1901731017607508069
# Reference: https://app.validin.com/detail?find=Please%20verify%20that%20you%27re%20a%20human&type=raw&ref_id=3a3764204fb#tab=host_pairs (# 2025-03-19)
# Reference: https://app.validin.com/detail?find=b5903cdd0f6c15ebaa7891d70f1145b1&type=hash#tab=host_pairs (# 2025-03-19)
# Reference: https://app.validin.com/detail?find=193.149.185.126&type=ip4&ref_id=2ed8fc8eb5a#tab=resolutions (# 2025-04-25)
# Reference: https://app.validin.com/detail?find=45.93.20.225&type=ip4&ref_id=2ed8fc8eb5a#tab=resolutions (# 2025-04-25)
# Reference: https://www.virustotal.com/gui/file/3a0ba8a4e8553286cf73130122e43121e491daa117e5d861951175ba654f84fb/detection

185.7.214.3:56001
book-robotcapture1767.com
bookedrefillcapt671.com
booking-aprilnotifications499201.com
booking-aprilreviewsids9575512.com
booking-capmarchreview-09940034.com
booking-cappanel-05999305.com
booking-caprooms-35400232.com
booking-captcha-00094213.com
booking-captcha-009503995.com
booking-captcpanel-89953445.com
booking-capthca-re29587612.com
booking-complaint-96890493.com
booking-confviewdoc-969650043.com
booking-customerfrserv-onlineboock.com
booking-human-verif101959003.com
booking-human-verif5899035.com
booking-identity-re29587612.com
booking-march-racapy09705432.com
booking-marchcap-05988493.com
booking-marchreserv5921558.com
booking-marchreview2595123.com
booking-marchreviews2851.com
booking-recapmarch-94389454.com
booking-recaptcha-id95244878.com
booking-recapth-march-95832455.com
booking-recapturemarch-95038239.com
booking-recaptverify-id02985542.com
booking-refid743.com
booking-rescapture29584.com
booking-rescapture958221.com
booking-reservationinfosid0251356.com
booking-reservationinfosid0251358.com
booking-robocapanel-id19843.com
booking-robocaptcheck29512.com
booking-verify99083505.com
bookinghotel-recapctha94883.com
booklng-aprilagreementdevep04.com
siteminder-0904954.com
verification-captcha-2958421.cfd
etrendtwist.com

# Reference: https://x.com/skocherhan/status/1902412544955858954
# Reference: https://www.virustotal.com/gui/file/00f0c2f3687ab8bf0990084d1e3af62246005c32084fa598aca1d65bdc0740c9/detection

5.75.234.8:5050

# Reference: https://x.com/malwrhunterteam/status/1902809308896825427
# Reference: https://www.virustotal.com/gui/file/c17f9786c4c2f98f653b49fab87b4c4eb042eadd992a7f25a74d17cbf4f35a8e/detection

62.210.222.225:85

# Reference: https://x.com/K_N1kolenko/status/1902698534291333438

103.176.110.184:4449
157.20.182.66:4449
212.64.201.61:4449

# Reference: https://x.com/smica83/status/1903741228325146779
# Reference: https://www.virustotal.com/gui/file/2c64d33211789ed637f93cbb9a5dd4cf6fa998841bcd5146718906f22b9a7651/detection

184.146.88.49:8080

# Reference: https://x.com/AgidCert/status/1904552268927541599
# Reference: https://cert-agid.gov.it/wp-content/uploads/2025/03/asyncrat-pec-25-03-2025.json

khaleejlife.com
khalismarket.com
khalissmart.com
khanandkids.com
kharagny.com
khemtittravel.com
khidmapluspro.com
khojees.com
khoratek.com
kidsboon.com
kidsfreesip.com
kidspiritliving.com
kidthingy.com
kikikosmetiks.com
kikiwear.com
killerlingerie.com
kimopress.com
kindafree.com
kinder-nation.com
kinder-nutrition.com
kingcakeaday.com
kingdomentrepreneurincubator.com
kingdomglobalsvcscarpetcleaners.com
kinglawo.com
kingopay.com
kinkfits.com
kinoflo2.com
kirawoods.com
kismetinsaat.com
kisstutorials.com
kisuites.com
kjintlafricanmarket.com
kknovelty.com
klamathfallsclones.com
klamertcustomhomes.com
klaretaal.com
kldtrading.com
klimtal.com
kmaxleathers.com
knowyourdaddy.com
koikards.com
kolkatathunderbolts.com
komikofilms.com
komotonekobox.com
kondeycoralgarden.com
konshow882.com
konstantinosioannidis.com
kootenaiindustrialsuites.com
kooters.com
kplowplow.com
kpopshopee.com
kravebrewhouse.com
krisztinascreams.com
kroughlaw.com
krozerco.com
kschoener.com
ksdfdev.com
ksshirts.com
kstarnew.com
kubiedoo.com
kuduworx.com
kumarshailesh.com
kungfuhighlandpark.com
kunleamoo.com
kunokhar.com
kutubshop.com
kwwholdings.com
kyleesmith88.com
kymgable.com
labdealz.com
labordistrict.com
labwaterpurificationsystems.com
ladygrit.com
ladyjblog.com
lakelandbuildingservices.com
lakeorionplumbing.com
lakesidepoolsandspasaz.com
lakestcharles.com
lalbhatia.com
laleurre.com
lancedanielsconcrete.com
land-experts.com
landscaperbeaverton-or.com
landscaperbridgewaternj.com
landscapesantamariaca.com
lankahealthinfo.com
lapaauca.com
laptopexporter.com
lascites.com
lasix40mg500.com
latamcor.com
latermoney.com
laurelandhardyimages.com
laurelandhardylaughtoons.com
laurencebouy-sophrologue.com
lavandagardenia.com
lavoltus.com
lawbirdy.com
laziedud.com
lazyverse.com
lazywbarn.com
lbcircus.com
ldvbeats.com
le-brush.com
leadsandsalesfunnelsystem.com
learnbetterwithai.com
learnersbschool.com
learningcurveapp.com
learningworkstoday.com
leavefree.com
lebworthy.com
legalaat.com
legalcryptocasinos.com
legalghid.com
legaltechinalgeria.com
lenderless.com
lentesxmayor.com
lethekarma.com
letherox.com
leveragingyourhomesequity.com
leveyphotography.com
sweetcalmcbdbloodsugargummies.com
sweetworldinc.com
tarablara.com
tarasaraswati.com
task-board.com
taughtbyapro.com
tdl4llc.com
techiesaavy.com
teknogentsia.com
termiteshelp.com
terpenaid.com
terramiahampton.com
terrypounds.com
texasboatandrvstorage.com
texiola.com
textocar.com
thaicucdao.com
thailand2023.com
thearenaalliance.com
thecoffeemat.com
thecoolestaccompany.com
thedetailingspecialists.com
thediscoape.com
thefinalwarrior.com
thefuturecannotbetrusted.com
thegroundingofgroup6.com
theinvestingnetwork.com
thekaffeinekiller.com
thelazydayz.com
dhyt77wt6nejou3j3b3fd8nh8hvt6me6x8yburw.terramiahampton.com

# Reference: https://www.virustotal.com/gui/file/c081dcb1ca9b9ad0f308606d544a859597ead9653e4cd71f7c5cc0b248f3f81c/detection
# Reference: https://www.virustotal.com/gui/file/a595ace755944f092e6d48168b760be8d5bc6b8447bea2accd97b19fe548703b/detection

103.54.153.122:56001

# Reference: https://x.com/malwrhunterteam/status/1908239138240815498
# Reference: https://www.virustotal.com/gui/file/4b9c7b27687d675e916726f1ad790c03c58815974f0c1a525ab15fa018be1f10/detection

101.99.94.33:4449

# Reference: https://www.virustotal.com/gui/file/78b1123a1335c699f3781cc973528e56315086dbaa5a45e5cbef3eb21106806f/detection

91.223.3.141:56001

# Reference: https://x.com/skocherhan/status/1911605400387957244

34.214.252.65:3001
35.82.100.193:3001
44.239.80.32:3001
52.36.92.121:3001
52.90.28.240:3001
54.174.238.10:3001

# Reference: https://x.com/TLP_R3D/status/1912162318982488519
# Reference: https://www.virustotal.com/gui/file/bd3db35de8078184822ca8742025e6742deed410880360fd1361ec0ddc339067/detection

firevpn.xyz
ssh.firevpn.xyz

# Reference: https://x.com/malwrhunterteam/status/1912054750310281290
# Reference: https://www.virustotal.com/gui/file/efdac24fbd0a8397511c998d4a6a1a5db291e34b4a2f59b208ae334450e75d95/detection

191.96.166.73:60131

# Reference: https://x.com/malwrhunterteam/status/1912423179483488592
# Reference: https://www.virustotal.com/gui/file/2be63cd21ab5712247311c7c399ad7b479c884d53a8f2a39c8ba20b3cb450c42/detection

108.165.64.160:6606
108.165.64.160:7707
108.165.64.160:8808
mohsar.ddns.net

# Reference: https://x.com/JAMESWT_WT/status/1909650178803650581
# Reference: https://app.validin.com/detail?find=92.255.85.89&type=ip4&ref_id=f9d975f656c#tab=resolutions (# 2025-04-18)

add-recpte.click
bobkngsiggn.com
book-capt.com
bookcpche.com
booker-auth.com
bookgetlisting.click
bookingconfirmatorr.com
bookinghhs.com
bookmanagereq.com
bookpart.click
bookreqlisting.com
bookviewmain24.com
bookviewmanage.click
captchviews.click
capte-req.click
cpt-en.com
cpt-exmple.com
cptc-book.click
cpte-csv.click
cpte-expl.com
cpte-sch.click
cpte-x.click
cpteform.click
cpth-book.com
cpth-next.com
cpth-process.com
cpth-warn.click
cpthdoestcomp.com
cpthe-srch.click
cpthevrf.click
next-cpth.com
re-capte.cfd
re-cpte.click
re-cpthe.click
recapte.click
rekaphcentre.site
tintmanrmx.blogspot.com
zerrocostygfypj.blogspot.com

# Reference: https://www.virustotal.com/gui/file/e806146737ae32960d44a53d1e90713b01536e0c40a1ee1595f3611d3a93556c/detection

46.39.253.217:4040

# Reference: https://x.com/JAMESWT_WT/status/1914630573605245429
# Reference: https://www.virustotal.com/gui/file/8f3f7f67474624a20f502301d9337eccae4189ecd7bc797eadafc3423091070e/detection

128.90.123.76:5155
128.90.123.76:5536
45.165.1.52:2020
45.165.1.52:2021
45.165.1.52:5155
45.165.1.52:6606
45.165.1.52:7707
45.165.1.52:8808
aula01.ddns.net
aula012.accesscam.org
bart2025.duckdns.org

# Reference: https://x.com/malwrhunterteam/status/1914654265940885675
# Reference: https://www.virustotal.com/gui/file/ba870803979d2ecabb6e00bd54d6c88eb7be24e8c50be8fd066d39d1d947c022/detection
# Reference: https://www.virustotal.com/gui/file/2b1fe1aca2e4897bfe2fc51b1798831274e2f508f0888ed7dbf2f84e2369e337/detection
# Reference: https://www.virustotal.com/gui/file/041aac3842b806ea541f042cb8b56cd416c622fea1fdc41038dccfa46d5731ed/detection

45.81.23.27:6606
45.81.23.27:7707
45.81.23.27:8808

# Reference: https://www.virustotal.com/gui/file/4304be1255765a86184303a05a8d991d42e4189204070863abdbab4b746cecdb/detection

185.149.232.197:56001

# Reference: https://blog.sekoia.io/detecting-multi-stage-infection-chains-madness/

asen9400jun.duckdns.org
dec9402xwo.duckdns.org
dec9402xwoo.duckdns.org
dec9402xwor.duckdns.org
hvnjune8500.duckdns.org
marc5858asyn.duckdns.org
marccc9402xrw.duckdns.org
phvnmarch8787.duckdns.org
robvbs8500.duckdns.org
xrw9402july.duckdns.org
xw9402may.duckdns.org
xwjun7250.duckdns.org
players-time-corresponding-th.trycloudflare.com
spaces-corner-notices-battery.trycloudflare.com
xi-if-grows-valued.trycloudflare.com

# Reference: https://x.com/JAMESWT_WT/status/1915094944571703781
# Reference: https://app.validin.com/detail?find=185.7.214.3&type=ip4&ref_id=badce3686f4#tab=resolutions
# Reference: https://app.any.run/tasks/09192e18-d415-44c7-b49e-e5fb9ae801e4

micromissingservice86checksup.com
micromissingservicex86checksup.com
micromissingservicx86checksup.com
microx86serviceiternalsreq.com
aselbisiklet.com
atalsweetsbd.com
bayraketiketi.com
demoihost.com
dna-muraifarm.com
flexprotech.com
grupo-positivo.com
kivayatechnologies.com
lasecmw.com
msessbd.com
penawarhippotherapy.com
pipoltv.com
satoki.com
smscameroun.com
unclesamholidays.com

# Reference: https://x.com/malwrhunterteam/status/1915653547657437381
# Reference: https://www.virustotal.com/gui/file/fbb014f894dd98bce80273a04b023c30077a91332bf09be1b6c6d0d5b2400759/detection

23.227.167.188:9009
khayry1.ftpaccess.cc
khayry2.ftpaccess.cc
khayry3.ftpaccess.cc

# Reference: https://www.virustotal.com/gui/file/a3f589c6d291a5eca372c2b3c4863e996678801913f4cc9d6ba8be2696139686/detection

206.53.55.8:6060
37.49.230.203:1330
37.49.230.203:6060
37.49.230.203:6606
37.49.230.203:7707
37.49.230.203:8808
salahxxx.dynalias.org

# Reference: https://www.virustotal.com/gui/file/a4baf364aaec67138ef155516d792655a05d7dadcf740fe9543ab258248aad6c/detection

157.20.182.6:1931
pureworkcom.dynuddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-05-04)

102.41.58.213:5505
103.125.217.116:4449
103.181.34.178:8080
103.195.102.3:2000
103.20.102.131:8848
103.229.81.203:6606
103.229.81.203:7707
104.161.20.86:8808
104.168.56.76:3371
104.168.7.12:50572
104.219.236.159:7707
104.243.47.80:8808
104.245.106.30:6606
104.245.106.30:7707
104.245.106.30:8808
104.245.240.66:6661
104.245.240.66:6662
104.245.241.254:8808
104.245.241.254:90
104.245.241.254:9090
107.150.0.56:8808
108.181.218.70:8808
109.120.137.57:8808
109.120.137.79:401
115.79.198.51:6000
12.221.146.138:5858
124.198.131.141:8808
124.198.131.216:4444
128.90.103.245:8808
128.90.103.83:8808
128.90.106.101:4000
128.90.106.101:8808
128.90.106.149:2000
128.90.106.149:4000
128.90.106.149:8808
128.90.106.163:2000
128.90.106.163:4000
128.90.106.163:8808
128.90.106.169:2000
128.90.106.169:4000
128.90.106.169:8808
128.90.106.183:2000
128.90.106.183:8808
128.90.106.191:2000
128.90.106.191:4000
128.90.106.191:8808
128.90.106.201:4000
128.90.106.203:2000
128.90.106.203:4000
128.90.106.203:8808
128.90.106.213:2000
128.90.106.213:4000
128.90.106.241:2000
128.90.106.241:4000
128.90.106.84:2000
128.90.106.84:4000
128.90.106.84:8808
128.90.106.94:8808
128.90.113.107:2000
128.90.113.107:4000
128.90.113.107:8808
128.90.113.116:2000
128.90.113.117:8808
128.90.113.158:2000
128.90.113.158:4000
128.90.113.158:8808
128.90.113.170:2000
128.90.113.170:4000
128.90.113.184:4000
128.90.113.185:2000
128.90.113.185:4000
128.90.113.185:8808
128.90.113.194:2000
128.90.113.204:8808
128.90.113.235:8808
128.90.113.250:2000
128.90.113.25:4000
128.90.113.25:8808
128.90.113.26:2000
128.90.113.26:4000
128.90.113.26:8808
128.90.113.30:2000
128.90.113.30:8808
128.90.113.67:2000
128.90.113.71:4000
128.90.113.71:8808
128.90.113.83:2000
128.90.123.28:8808
131.32.43.243:28938
131.32.43.243:4449
132.145.75.68:2665
132.145.75.68:2885
132.145.75.68:3965
132.145.75.68:5450
135.125.27.216:6745
139.224.164.225:8848
139.59.167.14:23500
139.59.240.97:4449
14.237.50.14:8080
140.245.98.236:6007
141.98.11.26:7707
141.98.11.26:8808
141.98.112.241:7070
142.202.242.184:8808
143.244.46.148:55016
144.172.92.114:6606
144.172.92.114:7707
144.172.92.114:8808
144.202.42.37:2000
145.239.209.53:222
146.70.137.90:3000
146.70.143.185:4869
147.185.221.18:62592
147.185.221.21:27180
147.185.221.22:41812
147.185.221.23:31345
147.185.221.25:45714
147.185.221.26:28568
147.185.221.26:4449
147.185.221.26:64072
147.185.221.26:7000
147.185.221.27:12362
147.185.221.27:3368
147.185.221.27:5050
147.185.221.27:51048
148.251.43.15:7707
15.168.20.99:8808
151.242.63.186:8808
151.243.81.87:4400
152.204.236.49:9999
154.211.90.252:443
154.211.90.65:443
154.29.79.7:6606
154.38.185.247:2022
155.138.241.220:8888
155.2.192.59:7707
156.229.233.180:8808
156.245.11.12:3955
157.20.182.31:7777
157.20.182.31:8888
157.20.182.6:1337
157.20.182.6:9992
157.254.223.99:7000
157.254.237.166:7077
157.66.26.144:8888
157.66.26.148:8888
157.66.26.88:8888
158.220.83.114:61551
158.220.83.114:63874
159.100.18.123:5555
160.202.133.163:8808
160.250.134.185:6606
161.97.101.53:1337
161.97.101.53:1996
161.97.113.198:1963
162.212.154.8:4444
162.212.154.8:8808
162.216.240.8:8808
162.243.12.113:23400
163.172.125.253:300
163.172.125.253:400
163.172.125.253:405
163.172.125.253:406
163.172.125.253:408
163.172.125.253:411
163.5.160.106:972
163.5.210.172:8808
163.5.32.183:8808
164.152.167.246:3009
164.92.194.184:2298
164.92.194.184:8213
167.172.135.43:2202
167.172.135.43:7707
167.86.116.179:8808
172.111.139.42:4444
172.111.151.97:69
172.111.151.97:81
172.111.163.162:2983
172.111.244.211:9907
172.111.245.67:9907
172.111.245.69:9907
172.81.135.14:7077
172.86.104.42:6606
172.86.104.42:7707
172.86.104.42:8808
172.86.70.97:4782
172.86.70.97:6606
172.86.70.97:7707
172.86.70.97:8808
173.44.139.179:7272
176.10.107.180:6606
176.10.107.180:7707
176.10.107.180:8808
176.143.53.10:7000
176.199.254.126:4449
176.202.47.224:3236
176.65.134.103:8808
176.65.134.111:8808
176.65.134.178:8848
176.65.134.81:8808
176.65.140.206:8808
176.65.140.52:8808
176.65.140.52:8888
176.65.141.184:6606
176.65.141.184:7707
176.65.141.184:8808
176.65.141.49:6606
176.65.141.49:7707
176.65.141.49:8808
176.65.141.56:6606
176.65.141.56:7707
176.65.141.56:8808
176.65.141.74:7707
176.65.141.74:8808
176.65.141.98:6606
176.65.141.98:7707
176.65.141.98:8808
176.65.142.113:6606
176.65.142.113:7707
176.65.142.113:8808
176.65.142.132:6606
176.65.142.132:7707
176.65.142.187:6606
176.65.142.187:7707
176.65.142.187:8808
176.65.142.245:6606
176.65.142.245:7707
176.65.142.245:963
176.65.142.65:6606
176.65.142.65:7707
176.65.142.73:6606
176.65.142.73:7707
176.65.142.73:8808
176.65.142.74:3371
176.65.142.86:6606
176.65.143.159:6606
176.65.143.159:7707
176.65.143.159:7777
176.65.143.159:8808
176.65.143.240:6745
176.65.144.103:6606
176.65.144.103:7707
176.65.144.125:6666
176.65.144.162:5222
176.65.144.165:6606
176.65.144.165:7707
176.65.144.165:8808
176.65.144.19:8848
176.65.144.32:4444
176.65.144.32:6006
176.65.144.32:6666
176.65.144.32:7777
176.65.144.32:8008
176.65.144.32:8888
176.65.144.34:6606
176.65.144.34:7707
176.65.144.34:8808
176.65.144.52:6606
176.65.144.52:7707
176.65.144.52:8808
176.65.144.60:6666
176.65.144.95:6606
176.65.144.95:7707
176.65.144.95:8808
176.65.148.208:8808
176.98.41.187:443
178.117.80.225:3998
179.13.10.232:8081
18.163.130.237:443
18.166.104.119:443
18.167.254.207:443
18.197.94.4:6606
184.174.20.211:8808
185.177.239.206:6606
185.177.239.206:7707
185.177.239.206:8808
185.196.9.158:8806
185.206.148.210:444
185.208.156.169:6503
185.208.156.169:6505
185.208.158.139:8000
185.208.158.47:6606
185.208.158.47:7707
185.208.158.47:8808
185.234.72.186:6606
185.236.231.140:4242
185.241.208.176:6606
185.241.208.176:7707
185.241.208.176:8808
185.246.113.247:10788
185.246.113.247:8088
185.254.28.197:8808
185.29.9.38:1007
185.39.17.70:8848
185.49.126.81:8808
185.62.87.191:444
185.7.214.181:1414
185.72.9.141:5000
185.93.89.137:8888
185.94.29.209:8080
186.169.81.137:9999
186.169.89.162:9999
187.63.105.68:8808
188.126.90.18:1000
188.126.90.18:3000
188.126.90.65:7031
188.216.158.169:8808
188.218.201.194:8808
188.218.81.203:8808
188.240.81.233:3131
191.93.113.197:8000
191.93.113.197:9000
192.159.99.105:8808
192.159.99.106:8808
192.159.99.119:8000
192.159.99.47:7771
192.227.220.27:8808
192.238.206.6:8847
192.3.238.130:7777
193.106.196.57:3131
193.106.196.57:4449
193.186.4.244:8808
193.233.254.124:8808
193.25.215.45:8808
193.26.115.130:7077
193.26.115.218:6606
193.26.115.218:7707
193.26.115.218:8808
193.29.225.237:8808
193.42.36.133:2000
193.42.36.133:2002
193.42.36.133:2003
193.42.36.133:2004
193.42.36.133:8808
194.105.5.109:8808
194.105.5.199:4449
194.219.181.40:3030
194.26.192.102:6606
194.26.192.102:7707
194.26.192.102:8808
194.26.192.213:7077
194.26.192.232:7077
194.26.192.251:7077
194.59.30.194:6606
194.59.30.194:7707
194.59.30.194:8808
195.186.208.193:5858
195.206.234.29:6606
195.206.234.29:7707
195.206.234.36:6606
195.206.234.36:7707
195.206.234.37:6606
195.206.234.37:7707
195.206.234.37:8808
195.211.191.54:2983
195.26.251.89:7000
195.3.223.146:4445
195.88.218.126:3232
196.251.115.136:8808
196.251.115.136:8888
196.251.115.31:5555
196.251.115.31:7777
196.251.115.31:8808
196.251.115.33:6606
196.251.115.33:7707
196.251.115.33:8808
196.251.115.43:8808
196.251.116.112:222
196.251.116.112:2222
196.251.116.112:4444
196.251.116.112:555
196.251.116.112:5555
196.251.116.112:7777
196.251.116.112:888
196.251.116.112:8888
196.251.116.115:5555
196.251.116.122:6606
196.251.116.122:7707
196.251.116.122:8808
196.251.116.122:8888
196.251.116.129:5555
196.251.116.129:6606
196.251.116.129:7707
196.251.116.129:7777
196.251.116.129:8808
196.251.116.131:6606
196.251.116.131:7707
196.251.116.131:8808
196.251.116.152:222
196.251.116.152:2222
196.251.116.152:444
196.251.116.152:4444
196.251.116.152:5555
196.251.116.152:7777
196.251.116.152:888
196.251.116.152:8888
196.251.116.155:21
196.251.116.155:443
196.251.116.155:53
196.251.116.155:6606
196.251.116.155:7707
196.251.116.155:8080
196.251.116.155:8443
196.251.116.155:8808
196.251.116.155:8883
196.251.116.155:993
196.251.116.155:995
196.251.116.165:6606
196.251.116.165:7707
196.251.116.165:8808
196.251.116.216:6606
196.251.116.216:7707
196.251.116.216:8808
196.251.116.68:1000
196.251.116.68:6606
196.251.116.68:7707
196.251.116.68:8808
196.251.117.108:8444
196.251.117.108:8808
196.251.117.108:8888
196.251.117.67:8808
196.251.118.128:8808
196.251.118.95:6606
196.251.118.95:7707
196.251.118.95:8444
196.251.118.95:8808
196.251.69.103:8888
196.251.69.124:6606
196.251.69.124:7707
196.251.69.124:8808
196.251.69.138:222
196.251.69.138:2222
196.251.69.138:444
196.251.69.138:4444
196.251.69.138:555
196.251.69.138:5555
196.251.69.138:777
196.251.69.138:7777
196.251.69.138:888
196.251.69.138:8888
196.251.69.26:222
196.251.69.26:2222
196.251.69.26:8808
196.251.69.26:888
196.251.70.104:6606
196.251.70.104:7707
196.251.70.104:888
196.251.70.240:5555
196.251.70.240:6606
196.251.70.240:7707
196.251.70.240:7777
196.251.70.240:8808
196.251.72.213:4444
196.251.72.213:5555
196.251.72.213:6606
196.251.72.213:7707
196.251.72.213:7777
196.251.72.213:8808
196.251.72.5:1080
196.251.72.5:143
196.251.72.5:21
196.251.72.5:443
196.251.72.5:5555
196.251.72.5:6606
196.251.72.5:7707
196.251.72.5:8080
196.251.72.5:8808
196.251.73.189:1080
196.251.73.189:143
196.251.73.189:21
196.251.73.189:443
196.251.73.189:4444
196.251.73.189:50
196.251.73.189:6606
196.251.73.189:7707
196.251.73.189:8080
196.251.73.189:8808
196.251.73.58:2443
196.251.81.249:6606
196.251.81.249:7707
196.251.81.249:8808
196.251.81.25:5345
196.251.81.96:8808
196.251.83.223:7777
196.251.83.223:8808
196.251.84.194:1080
196.251.84.194:110
196.251.84.194:137
196.251.84.194:138
196.251.84.194:143
196.251.84.194:1433
196.251.84.194:21
196.251.84.194:22
196.251.84.194:2222
196.251.84.194:23
196.251.84.194:27017
196.251.84.194:31337
196.251.84.194:3306
196.251.84.194:4242
196.251.84.194:443
196.251.84.194:4433
196.251.84.194:7777
196.251.84.194:8443
196.251.84.194:8808
196.251.84.194:8883
196.251.84.194:993
196.251.84.194:995
196.251.84.194:9999
196.251.84.29:8848
196.251.84.4:8808
196.251.86.182:4449
196.251.87.112:8808
196.251.89.167:100
196.251.89.167:6900
196.251.90.23:6900
196.251.92.3:8808
197.48.124.155:5505
198.23.227.140:8801
198.23.227.175:8017
198.23.227.175:8801
198.50.248.232:6606
198.50.248.232:8808
199.231.167.54:7707
199.231.167.54:8808
2.37.187.46:8808
2.56.245.216:4608
2.56.59.227:8081
2.56.59.227:8082
2.56.59.227:8083
2.58.56.164:10143
2.58.56.179:2035
201.14.241.58:1120
202.146.218.85:1145
204.10.161.147:5009
204.12.245.163:85
204.77.9.25:8808
206.123.138.186:1080
206.123.138.205:6606
206.123.138.205:7707
206.123.138.205:8808
206.123.150.254:9907
206.238.196.130:443
206.71.149.182:8808
206.72.206.244:8808
207.180.205.17:999
207.231.111.146:0007
207.231.111.146:0077
207.244.247.213:972
209.126.11.215:8808
209.25.141.16:3837
209.38.69.65:5050
209.38.69.65:8000
209.38.69.65:8008
213.209.143.57:8888
213.209.150.19:22001
216.170.123.10:5557
217.64.149.171:8990
23.160.168.165:7097
23.227.167.188:7707
23.227.167.188:8808
23.254.211.137:8808
23.88.108.193:4449
23.94.126.113:8808
23.95.106.22:5505
23.95.106.22:8808
23.95.106.22:9969
23.95.162.53:8808
23.95.162.53:888
24.152.36.216:4000
24.48.172.200:443
26.68.29.70:6606
26.68.29.70:7707
26.68.29.70:8808
3.25.125.234:4782
3.27.107.48:4782
3.27.199.84:9182
3.8.181.229:8808
3.8.78.144:8808
31.163.204.210:7707
31.223.72.70:1604
31.57.166.49:8808
31.57.77.233:6606
31.57.77.233:7707
31.57.77.233:8808
31.58.169.119:8808
31.7.60.114:8808
34.173.63.153:963
34.58.196.177:2000
35.179.154.120:8808
37.120.155.36:3434
37.156.46.83:25
37.27.249.115:8808
37.48.64.102:4950
38.146.27.84:8808
38.22.17.18:8808
38.242.243.204:8808
38.255.57.7:6606
38.255.57.7:7707
38.255.57.7:8808
38.69.8.179:443
41.233.14.164:5505
43.154.151.220:4438
43.154.151.220:8848
45.10.154.125:8808
45.119.211.12:7077
45.119.211.13:7077
45.133.247.28:6606
45.133.247.28:7707
45.137.70.108:6125
45.138.16.100:8808
45.141.233.154:555
45.141.233.154:6606
45.141.233.154:7000
45.141.233.154:7707
45.141.233.154:8080
45.141.233.154:8808
45.141.233.166:9998
45.143.97.92:1000
45.147.7.149:8080
45.15.156.15:3000
45.152.113.234:77
45.152.149.12:8808
45.152.149.7:8808
45.154.98.68:7777
45.154.98.72:222
45.154.98.72:7001
45.154.98.72:8808
45.200.51.116:16521
45.200.51.123:16521
45.200.51.134:16521
45.200.51.138:16521
45.200.51.96:16521
45.207.39.7:6666
45.207.58.182:8009
45.81.115.40:1951
45.81.23.47:1777
45.81.23.47:1888
45.81.23.48:1777
45.81.23.48:1888
45.81.23.63:443
45.81.23.64:443
45.88.186.113:6606
45.88.186.113:7707
45.88.186.113:8808
45.88.186.144:7077
45.88.186.159:6606
45.88.186.159:7707
45.88.186.159:8808
45.88.186.198:7077
45.88.186.48:6606
45.88.186.48:7707
45.88.186.85:6606
45.88.186.85:7707
45.88.186.85:8808
45.88.91.75:8808
45.92.1.25:5001
46.101.236.176:4727
46.105.147.139:2222
46.105.147.139:888
46.109.0.125:8808
46.109.38.223:8808
46.183.220.52:6200
46.246.12.65:2703
46.246.4.12:1000
46.246.80.8:1000
46.246.82.67:7031
47.121.120.18:7707
47.121.120.18:8808
47.236.115.38:443
47.236.115.38:6606
47.236.115.38:7707
47.236.115.38:8808
47.92.222.219:8808
47.92.223.52:5986
5.175.234.3:6606
5.175.234.3:7707
5.175.234.3:8808
5.180.155.240:8808
5.252.101.251:7707
5.252.101.251:8808
5.252.153.103:7000
5.78.134.229:8808
50.215.42.61:8808
51.175.8.79:4444
51.195.224.157:5858
51.222.185.197:7707
51.222.185.197:8808
51.89.190.23:222
51.89.204.162:4657
51.89.242.58:8808
57.128.70.240:4449
62.85.76.32:8808
64.23.174.180:8080
65.19.178.73:8808
66.175.239.156:2244
66.175.239.156:443
66.179.209.30:444
66.179.94.187:443
66.55.77.28:443
66.55.77.28:8080
66.63.187.252:8808
66.63.187.252:9090
67.211.208.99:56001
68.168.220.76:8808
68.168.223.95:49666
68.168.223.95:56001
68.168.223.95:56003
69.197.174.136:4449
72.167.40.98:7777
72.167.40.98:8808
74.120.121.126:8808
74.201.216.45:6606
74.201.216.45:7707
74.201.216.45:8808
74.248.137.135:6666
78.108.216.225:420
78.164.223.72:1000
78.164.223.72:20000
78.164.223.72:2003
78.164.223.72:2004
78.164.223.72:2026
78.164.223.72:222
78.164.223.72:3000
78.164.223.72:3001
78.164.223.72:444
78.164.223.72:8808
78.164.223.72:888
78.171.42.106:1000
78.171.42.106:1002
78.171.42.106:20000
78.171.42.106:2003
78.171.42.106:2004
78.171.42.106:2009
78.171.42.106:3000
78.171.42.106:3001
78.171.42.106:59
78.171.42.106:8808
78.171.42.106:888
78.84.255.121:8808
80.180.123.169:1016
81.10.39.58:8088
81.10.39.58:9999
81.17.24.234:6606
81.17.24.234:7707
81.17.24.234:8808
81.191.183.151:4782
81.198.113.138:8808
82.223.48.201:1433
82.223.48.201:6606
82.223.48.201:7707
82.223.48.201:8808
82.66.202.142:8808
82.68.20.104:6606
82.68.20.104:7707
82.68.20.104:8808
84.200.205.74:2004
84.32.231.72:8808
85.192.56.180:4449
85.217.170.214:7777
85.235.74.114:8848
86.104.252.23:1080
86.48.19.90:8808
86.93.183.135:4449
87.121.79.75:4449
87.16.31.128:4444
88.240.210.241:8808
89.102.235.213:6606
89.102.235.213:7707
89.102.235.213:8808
89.117.21.203:7777
89.40.31.130:1010
89.47.113.71:8808
89.47.113.83:8808
89.87.219.180:1122
91.235.234.50:8808
92.255.57.221:1414
92.255.85.2:1414
94.154.173.50:8808
94.154.35.80:8808
94.156.177.241:8808
94.26.90.242:8808
94.26.90.81:4441
95.129.234.24:3333
95.129.234.5:8808
95.217.34.113:69
98.217.73.238:8808
1618meritking.com
2004scape.com
5461458.ddns.net
7sipxslhd.localto.net
9xuj2tcnm.localto.net
a36e-78-175-182-33.ngrok-free.app
according-asks.gl.at.ply.gg
agency-failure.gl.at.ply.gg
alex3143-23501.portmap.io
aliomar.ooguy.com
almhm231.ddnsgeek.com
anlarilblspureuk.duckdns.org
ansy1303.duckdns.org
ansy1703.duckdns.org
ansy27.duckdns.org
ansy5marzo.duckdns.org
are-typing.gl.at.ply.gg
asdasdasdf-28668.portmap.host
assaa.freeddns.org
async1177.duckdns.org
asynck31.duckdns.org
asyncratlog.duckdns.org
asynjerry.duckdns.org
asynk02.duckdns.org
australiamd2000.duckdns.org
beautiful-faraday.94-156-177-241.plesk.page
blue-r.gl.at.ply.gg
born-pupils.gl.at.ply.gg
businesses-exposure.gl.at.ply.gg
cases-rica.gl.at.ply.gg
categories-survivors.gl.at.ply.gg
control.wolm.life
corporation-handhelds.gl.at.ply.gg
cryptoghost.zapto.org
daansayajintj.ddns.net
dadfsfsdfasdfasddfgssdfaafsd-63495.portmap.host
deadpoolstart2051.duckdns.org
denemescprittt.com
district-cells.gl.at.ply.gg
djs-ernst.with.playit.plus
ec2-18-166-104-119.ap-east-1.compute.amazonaws.com
ec2-18-167-254-207.ap-east-1.compute.amazonaws.com
engineering-groups.gl.at.ply.gg
envio10-04-25.duckdns.org
envio20-03.duckdns.org
envio25-03.duckdns.org
envio25-3.duckdns.org
envio266.duckdns.org
extr6.duckdns.org
family-advertisements.gl.at.ply.gg
father-ever.gl.at.ply.gg
felina-26545.portmap.host
fowenep407-49551.portmap.io
fueteeee.ddnsfree.com
gaddammmn-27388.portmap.host
gameto.ath.cx
get-rick.gl.at.ply.gg
go.gets-it.net
goru-heruo.site
gotoaa.sytes.net
gvhiz06dl.localto.net
harveyhudson-59734.portmap.io
hayc.kozow.com
health-eddie.gl.at.ply.gg
hghdhsdbxcvb.duckdns.org
holefo2785-22820.portmap.host
holguin12.duckdns.org
housing-never.gl.at.ply.gg
http://172.111.151.97
http://176.202.47.224
http://196.251.116.131
http://196.251.116.155
http://196.251.116.68
http://196.251.72.5
http://196.251.73.189
http://38.69.8.179
http://5.175.136.65
http://94.156.177.241
http://95.217.34.113
iafinitd18jw3jdvhy4nhv.duckdns.org
ip66-175-239-156.pbiaas.com
ip87-106-116-156.pbiaas.com
johnanthonylifestyle.com
joined-cork.gl.at.ply.gg
kasicamondan.mentality.cloud
lammersville.ddns.net
learning-layer.gl.at.ply.gg
levodsf.ddns.net
m-blocking.gl.at.ply.gg
mark009.kozow.com
masteir.mywire.org
maxbusinessclub.duckdns.org
medoohh22.duckdns.org
medooo.ddnsgeek.com
microdns2025bk.duckdns.org
minimum-registry.gl.at.ply.gg
moahmed2002.mywire.org
mooonskj.ddns.net
mrhelwans.giize.com
mscorp.click
nams.ddnsfree.com
naphax.duckdns.org
newservice.duckdns.org
oficioselemental.duckdns.org
okok0.linkpc.net
omar1232.kozow.com
omar342.giize.com
onion366-38169.portmap.host
opakk.hopto.org
paisesbajos12.casacam.net
pctrbajosas1.casacam.net
proposed-madagascar.gl.at.ply.gg
puka1.ddnsfree.com
puka1.work.gd
purestform20.duckdns.org
purpleb.kozow.com
q32o084df.duckdns.org
quizzical-golick.94-156-177-241.plesk.page
ramadan-kareem.duckdns.org
ramdan.mywire.org
rdsfaanachy.duckdns.org
real3232afa.duckdns.org
rhrexa.duckdns.org
rnmlz-95-88-102-149.a.free.pinggy.link
rnxck-95-88-102-149.a.free.pinggy.link
rootedkrypto-29674.portmap.host
roxtroxshop.duckdns.org
sami2.myftp.biz
sdjdnsajnc-61234.portmap.host
securealisveris.com
sk1d.org
skin-madness.gl.at.ply.gg
specialw.is-found.org
static.113.34.217.95.clients.your-server.de
sulumansorumsuz.duckdns.org
taoh081018.zapto.org
theochar.ddns.net
trgfvc.duckdns.org
triada-sport.ru
u871378.nvpn.so
umarmira055.duckdns.org
umran1.loseyourip.com
valerianobritoieufsasd.duckdns.org
vibesforreal.com
welpthatsagg.dns.navy
windowsdrivers.accesscam.org
xihanyi.e2.luyouxia.net
xn--bz-hep-p9af.shop
xptmue1si.localto.net
xvic8.publicvm.com
zeldr1s-44130.portmap.host

# Reference: https://www.virustotal.com/gui/file/f3bfd62f6eb91179a14f9361e1c997a39147ce35839f69988fa00154b92de258/detection

64.44.83.138:7788
ansy4abril.duckdns.org

# Reference: https://www.fortinet.com/blog/threat-research/multilayered-email-attack-how-a-pdf-invoice-and-geofencing-led-to-rat-malware
# Reference: https://www.virustotal.com/gui/file/9184ff2cdd05fcaf111db23123479c845b2ece2fedccc2524b2de592f9980876/detection

130.51.20.126:2101
130.51.20.126:55644

# Reference: https://x.com/malwrhunterteam/status/1921113258565521515
# Reference: https://www.virustotal.com/gui/file/9515dac6a4ff603dec56b68d9644ce438a76273199fa5723b52cb25dda396c59/detection

176.65.139.51:56001

# Reference: https://x.com/ShanHolo/status/1921860087196319854
# Reference: https://www.virustotal.com/gui/file/2e4946037fca9285d9d51af7c2d2e1aa7ad036e9437cf5a43d55f44a968ad613/detection

154.197.69.150:4449
wnxz.site
ztbx.wnxz.site

# Reference: https://x.com/JAMESWT_WT/status/1922194176327745825
# Reference: https://app.any.run/tasks/c55103b4-f32e-418e-a313-5a94a9acd8ba
# Reference: https://www.virustotal.com/gui/ip-address/109.69.62.228/relations
# Reference: https://www.virustotal.com/gui/ip-address/62.60.227.65/relations
# Reference: https://www.joesandbox.com/analysis/1688631/0/html

109.69.62.228:7777

# Reference: https://www.virustotal.com/gui/file/27dfd348770175a7d1f8b4f588775f6de9078d94efe23ad992067e352122197c/detection

147.135.244.43:40003

# Reference: https://www.virustotal.com/gui/file/1ec6804445908b820bc37868ac63b115e97c08106918bc48005c6ef528a7faca/detection

147.185.221.28:2248
28.ip.gl.ply.gg

# Reference: https://x.com/skocherhan/status/1924814510436618495
# Reference: https://www.virustotal.com/gui/file/9d2eb97d89a1d979bf2a57aedf8c1ff77cd934895d890fc45686d547ca0faf11/detection
# Reference: https://www.virustotal.com/gui/file/a2c9001d18712461d7b4c93578c881df3fb795dfcd80755bcd1ec686ec8457a2/detection

45.144.53.137:39111
45.144.53.137:49301
45.144.53.137:56001
update-software.us
updatefilescdn.b-cdn.net

# Reference: https://x.com/skocherhan/status/1926170864724107555
# Reference: https://www.virustotal.com/gui/file/5865e0cd40a0ae90b7626ac54b8e5a0838301eaf452fe4688f2378d711f168cc/detection

128.90.113.123:5556
all.ddnskey.com
babuinocdt2025.ddns.net
babuinocdt2025.duckdns.org
bundaleleba2025.accesscam.org
bundaleleba2025.ddns.net
cdtmaestrodabahia.duckdns.org
ondamalucacdt.ddns.net
ondamalucacdt.duckdns.org
skynetx2025.accesscam.org
skynetx2025.ddns.net

# Reference: https://x.com/malwrhunterteam/status/1927316061147300132
# Reference: https://www.virustotal.com/gui/file/4455ded5290611948e96f95172b5c8ff64227007824937af3cfeeb9dca003f19/detection

178.128.97.207:4449

# Reference: https://x.com/skocherhan/status/1927121152863830289

12.187.175.72:6745
kjdgsb.duckdns.org
lender-router-exclusively-fraction.trycloudflare.com

# Reference: https://x.com/JAMESWT_WT/status/1927613987123810684
# Reference: https://www.virustotal.com/gui/file/b8baec1c89e90b2d9a0f2932525c51eebcfef34bfd2aa08e86995beec5e419f3/detection

147.124.223.218:6614
async.uhdengine.com

# Reference: https://www.virustotal.com/gui/file/6ae1b3a083f0369cc4e3ef84faae3725866ea071f826c7222103a54ee3b5bfc2/detection

147.124.223.218:6148
dirtywormy.duckdns.org

# Reference: https://x.com/blackorbird/status/1927989991226986916
# Reference: https://cloud.google.com/blog/topics/threat-intelligence/cybercriminals-weaponize-fake-ai-websites
# Reference: https://www.virustotal.com/gui/file/e663c1ba289d890a74e33c7e99f872c9a7b63e385a6a4af10a856d5226c9a822/detection
# Reference: https://www.virustotal.com/gui/file/dcb1e9c6b066c2169928ae64e82343a250261f198eb5d091fd7928b69ed135d3/detection
# Reference: https://www.virustotal.com/gui/file/8d2c9c2b5af31e0e74185a82a816d3d019a0470a7ad8f5c1b40611aa1fd275cc/detection

171.231.30.26:56001
strokes.zapto.org

# Reference: https://www.virustotal.com/gui/file/12ec8012b34cf052973a6661849c1c3f390eaab20b427a4c60ed18a3fa8cc56c/detection

176.65.141.36:56001
rattynews.com
rcglobo.duckdns.org

# Reference: https://x.com/JAMESWT_WT/status/1928694893930496493
# Reference: https://www.virustotal.com/gui/file/64dd46594e72b40d3c87275b1d394c6be6f145ee4529e7c62a68e4b6a586ffaf/detection

94.131.97.51:2025

# Reference: https://x.com/malwrhunterteam/status/1929471177438699990
# Reference: https://www.virustotal.com/gui/file/debad014f89140c0e4ad214e0b175afd7dcc7de172e968843baf43c9b6f6ea25/detection

185.244.29.181:1604
babayagareborn.net

# Reference: https://x.com/1ZRR4H/status/1929667976539631715
# Reference: https://www.virustotal.com/gui/file/76f69eda4404d2b34e8c169dc5caff15db494cba09bb837ecfeab11c430131db/detection

bart2003.ddns.net
snowzin.accesscam.org
snowzin.ddns.net
docs2025.com.br
docs2027.com
docs2030.com

# Reference: https://www.virustotal.com/gui/file/bf41a04766f961d02240a62d338d0ccc37726cf4b03e571de5e61c78233f4b6c/detection

161.97.151.222:6662
caomasa.zapto.org
1caomasa.zapto.org
2caomasa.zapto.org

# Reference: https://x.com/smica83/status/1930561440701632774
# Reference: https://tria.ge/250605-lp25dsvrt6/behavioral1

51.195.211.236:9728
krakep.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-00-05)

http://103.45.68.150
http://107.172.61.133
http://185.224.128.90
http://196.251.117.147
http://37.114.41.201
http://45.81.23.113
http://51.154.3.234
1.2.1.4:6606
1.2.1.4:7707
101.70.156.105:9998
101.99.91.150:6000
103.17.36.45:7707
103.17.38.42:7707
103.17.38.45:7707
103.17.38.46:7707
103.174.190.90:1234
103.190.81.180:8808
103.20.102.151:8848
103.27.225.199:2021
104.193.195.142:23500
104.234.37.137:3232
104.238.23.6:3232
104.243.33.122:8808
104.243.46.66:1002
104.245.106.179:7077
105.158.101.244:333
105.184.10.222:8808
107.150.0.244:26339
107.172.61.133:6661
107.172.61.133:8000
107.172.61.133:8080
108.171.194.154:3009
110.42.61.91:8995
115.190.82.210:6606
115.190.82.210:7707
115.190.82.210:8808
116.99.233.218:8808
118.25.191.72:8848
120.50.23.50:7707
120.53.15.200:8808
124.198.131.141:6606
124.198.131.141:7707
124.198.131.216:7707
124.198.131.216:8808
124.198.132.132:8808
124.198.132.143:8000
128.90.106.147:2000
128.90.106.147:4000
128.90.106.188:4000
128.90.106.235:4000
128.90.106.235:5000
128.90.106.235:8808
128.90.106.57:4000
128.90.106.57:5000
128.90.106.57:8808
128.90.106.83:2000
128.90.113.109:2000
128.90.113.109:5000
128.90.113.123:4000
128.90.113.162:2000
128.90.113.162:4000
128.90.113.162:5000
128.90.113.162:8808
128.90.113.180:1018
128.90.113.180:2000
128.90.113.180:4000
128.90.113.180:5000
128.90.113.180:8808
128.90.113.220:8808
128.90.113.22:4000
128.90.113.22:5000
128.90.113.22:8808
128.90.113.30:4000
128.90.113.42:2000
128.90.113.42:4000
128.90.113.42:8808
128.90.113.56:8808
128.90.113.86:2000
128.90.113.86:5000
128.90.113.94:4000
128.90.113.94:8808
128.90.115.247:5000
128.90.122.247:8808
13.50.248.158:8808
13.53.182.212:3939
13.60.99.34:67
136.0.157.130:8808
136.144.165.163:4449
138.199.162.81:1961
141.134.187.129:3389
144.172.104.135:6606
144.172.104.135:7707
144.172.104.135:8808
144.172.84.45:3000
146.70.83.218:4000
147.185.221.26:30496
147.185.221.26:6666
147.185.221.27:19862
147.185.221.27:25036
147.185.221.27:38046
147.185.221.27:8000
147.185.221.27:9586
147.185.221.28:11330
147.185.221.28:26001
147.185.221.28:5000
147.185.221.28:62829
147.189.168.117:8808
148.178.16.22:6666
151.242.41.114:1337
151.242.41.114:1400
151.242.41.114:6606
151.242.41.114:7707
151.242.41.114:8808
154.197.69.148:4449
154.29.79.7:4449
154.38.185.247:2004
155.94.155.21:1992
158.178.201.63:2740
159.100.18.123:6666
16.170.170.176:8808
16.170.235.24:25565
163.172.125.253:407
164.68.120.30:1000
165.140.202.227:8808
166.88.185.21:8808
167.114.215.75:4444
167.71.56.116:1644
167.71.56.116:22518
172.111.151.97:57
172.111.151.97:68
172.111.151.97:82
172.111.184.15:8085
172.111.245.3:9907
172.81.134.123:8808
172.81.135.7:8000
172.94.101.65:8088
172.94.101.65:8808
172.94.126.27:8808
172.94.13.184:7016
176.222.63.24:4449
176.65.134.77:4444
176.65.134.77:7777
176.65.134.77:8008
176.65.134.77:8765
176.65.134.77:8808
176.65.134.77:8888
176.65.134.80:4447
176.65.137.186:9878
176.65.140.31:8808
176.65.141.111:6606
176.65.141.152:5028
176.65.141.216:6606
176.65.141.216:7707
176.65.141.216:8808
176.65.141.225:6606
176.65.141.225:7707
176.65.141.225:8808
176.65.142.189:6606
176.65.142.189:7707
176.65.142.189:8808
176.65.142.198:6606
176.65.142.198:7707
176.65.142.198:8808
176.65.142.228:6606
176.65.142.228:7707
176.65.142.228:8808
176.65.142.234:6874
176.65.143.147:8808
176.65.144.121:4449
176.65.144.125:2500
176.65.144.125:5222
176.65.144.125:7777
176.65.144.188:1888
176.65.144.60:1960
176.65.144.95:888
177.182.223.119:6606
177.182.223.119:8808
178.73.192.3:2703
178.83.80.11:8100
179.116.100.236:8808
179.13.1.144:8082
179.13.7.0:8020
18.171.159.181:8808
181.174.104.190:4444
184.90.251.249:1337
184.90.251.249:4455
185.149.24.178:8808
185.165.241.219:4449
185.165.241.219:45
185.170.154.231:4449
185.196.9.158:6689
185.208.156.153:1857
185.208.156.153:1858
185.208.156.253:6000
185.27.134.137:21
185.27.134.137:7547
185.49.126.59:5552
185.93.69.20:4449
185.94.29.209:6606
185.94.29.209:7707
185.94.29.209:8808
186.169.63.68:9999
186.169.82.245:9999
186.169.92.72:9999
188.153.68.15:8808
188.153.68.162:8808
188.153.77.112:8808
188.218.201.194:6606
188.218.241.148:8808
191.93.117.96:9000
192.142.0.51:8080
192.159.99.123:8808
192.159.99.164:3000
192.188.88.248:8808
192.227.220.27:6606
192.227.220.27:7707
192.3.191.162:49556
193.106.196.240:4449
193.124.205.63:4449
193.161.193.99:2020
193.161.193.99:21812
193.161.193.99:48805
193.161.193.99:60064
193.187.91.99:51027
193.187.91.99:61078
193.23.218.167:6546
193.23.218.167:8848
193.26.115.106:4782
193.26.115.106:6606
193.26.115.106:7707
193.26.115.106:8808
193.26.115.229:6606
193.26.115.229:7707
193.26.115.229:8808
193.32.249.160:54926
193.32.249.160:6606
193.32.249.160:7707
193.32.249.160:8080
193.32.249.160:8808
194.140.115.26:6606
194.140.115.26:7707
194.140.115.26:8808
194.213.3.100:8000
194.26.192.19:6606
194.26.192.19:7707
194.26.192.19:8080
194.26.192.19:8808
194.59.31.28:5552
194.59.31.81:5552
196.251.114.11:222
196.251.114.11:8808
196.251.114.11:888
196.251.114.13:8808
196.251.114.17:8808
196.251.114.17:8888
196.251.115.13:2024
196.251.115.232:7777
196.251.115.240:8808
196.251.116.59:222
196.251.116.59:2222
196.251.116.59:444
196.251.116.59:4444
196.251.116.59:7777
196.251.116.59:888
196.251.116.59:8888
196.251.117.147:8808
196.251.117.82:8808
196.251.118.253:6606
196.251.118.253:7707
196.251.118.253:8808
196.251.118.41:4447
196.251.118.41:6606
196.251.118.41:7707
196.251.118.41:8808
196.251.71.144:6606
196.251.71.144:7707
196.251.71.144:8808
196.251.71.236:222
196.251.71.236:2222
196.251.71.236:4444
196.251.71.236:5555
196.251.71.236:7777
196.251.71.236:888
196.251.71.236:8888
196.251.72.252:6606
196.251.72.252:7707
196.251.72.252:8808
196.251.73.133:5555
196.251.73.133:7777
196.251.73.254:8085
196.251.73.254:8507
196.251.80.4:4449
196.251.80.51:8808
196.251.84.63:8088
196.251.85.241:4440
196.251.86.13:6606
196.251.86.13:7707
196.251.86.13:8808
196.251.86.174:6606
196.251.86.65:8808
196.251.87.67:4444
196.251.87.67:6606
196.251.87.67:7777
196.251.87.67:8808
196.251.88.153:6609
198.135.48.135:8808
2.182.198.185:4444
2.56.246.114:3389
2.56.246.114:8848
200.223.103.60:4449
205.234.144.127:6606
205.234.144.127:7707
205.234.144.127:8808
206.206.77.63:6606
206.206.77.63:7707
206.206.77.63:8808
206.238.115.155:443
206.238.115.155:6606
206.238.115.155:7707
206.238.115.155:8443
206.238.115.155:8808
209.145.53.198:4449
213.199.55.247:8808
213.209.143.23:8888
213.209.143.36:1337
213.209.143.36:4442
213.209.143.36:4444
213.209.143.36:6665
213.209.143.37:1337
213.209.143.37:4442
213.209.143.37:4444
213.209.143.37:6665
213.209.143.43:1414
213.209.143.43:8888
213.209.143.50:1414
213.209.143.51:8888
213.209.150.210:8882
213.252.246.65:2666
216.244.84.181:6666
217.195.153.81:50001
217.79.251.234:6606
217.79.251.234:7707
217.79.251.234:8088
217.79.251.234:8808
23.158.232.33:3840
23.27.168.102:2212
23.95.106.22:11240
23.95.173.124:8443
24.152.36.216:2000
24.152.36.216:5000
26.252.73.241:6606
26.252.73.241:7707
26.252.73.241:8808
3.215.185.215:6001
3.215.185.215:7001
3.215.185.215:8001
3.215.185.215:8808
3.239.212.84:8808
3.8.127.11:8808
3.8.141.103:6606
3.8.141.103:7707
3.8.141.103:8808
31.208.149.53:4449
31.208.149.53:8844
31.57.102.46:8808
31.57.77.144:8808
31.58.91.75:1604
31.59.137.13:9000
35.158.159.254:17816
35.179.154.120:8001
37.114.41.201:443
37.114.41.201:4449
38.247.14.167:1337
38.255.54.174:5050
38.60.204.176:56001
45.132.74.212:8808
45.133.180.138:6432
45.133.180.154:56001
45.133.180.154:56002
45.133.180.154:56003
45.141.233.114:2006
45.141.233.120:23001
45.141.233.129:10001
45.143.199.221:7000
45.143.199.221:8808
45.145.41.229:3240
45.190.102.144:4449
45.190.102.144:4782
45.80.158.171:7077
45.80.158.171:8808
45.80.158.24:4449
45.81.23.48:47001
45.87.174.206:3232
46.153.191.198:1166
46.183.223.84:928
46.246.84.12:2703
5.180.105.158:8808
5.231.26.93:6606
5.231.26.93:7707
5.231.26.93:8808
51.161.34.207:8808
51.79.202.24:8808
52.28.112.211:19115
62.146.226.225:8088
62.60.191.175:3232
62.85.4.239:8808
65.108.77.73:3899
66.113.31.17:21
66.63.187.252:6606
68.160.153.2:4444
68.160.153.2:5565
70.93.125.101:1910
70.93.125.101:6606
70.93.125.101:7707
70.93.125.101:8808
73.114.241.65:6606
73.114.241.65:7707
73.114.241.65:8080
73.114.241.65:8808
74.208.205.138:8808
78.172.238.54:8808
78.175.189.137:1000
78.175.189.137:222
78.175.189.137:3000
78.175.189.137:674
78.175.189.137:8808
78.175.189.137:888
79.110.49.72:8808
79.127.246.68:23451
79.127.246.68:32452
80.64.16.35:6606
80.64.16.35:7707
80.64.16.35:8808
80.64.18.173:8848
81.10.39.58:7777
81.10.54.124:6969
81.109.5.62:4449
81.207.119.250:443
81.207.119.250:5000
81.207.119.250:6606
81.207.119.250:7707
81.207.119.250:8808
82.153.241.186:8808
82.6.188.15:4449
83.244.71.247:4444
84.9.38.196:6606
84.9.38.196:8808
85.203.4.56:1834
85.203.4.56:4449
85.215.107.125:1231
87.110.19.86:8808
87.121.103.228:3785
87.121.103.228:4449
88.198.32.173:4449
88.229.2.85:111
88.229.2.85:222
88.229.2.85:6606
88.229.2.85:8808
88.229.2.85:888
88.237.19.77:1000
88.237.19.77:1002
88.237.19.77:2027
88.237.19.77:222
88.237.19.77:3000
88.237.19.77:3001
88.237.19.77:3003
88.237.19.77:3010
88.237.19.77:444
88.237.19.77:8808
88.237.19.77:888
89.23.100.148:7777
91.215.202.4:4449
91.215.202.4:81
92.118.56.54:4498
92.118.56.54:9007
94.101.128.110:8808
94.26.90.245:8808
94.26.90.69:8808
94.54.4.95:1111
95.129.234.24:7707
98.84.132.102:4000
0kydwb3k6.localto.net
3osch20.duckdns.org
agasyaworld.serveminecraft.net
aid-admission.gl.at.ply.gg
ansy20ff.duckdns.org
ayudahumanitaria20252025petro.duckdns.org
b95bca55387d2a9ba0d7.webredirect.org
backup-tlscom.sytes.net
become-solution.gl.at.ply.gg
beinebendwirkungen1234-58092.portmap.io
bendito2025.dynuddns.com
biz-buradayiiz.shop
block-monthly.gl.at.ply.gg
bush-suits.gl.at.ply.gg
camilorestrepo905070.duckdns.org
cdt2024.ddns.net
cdtdias2025.ddns.net
character-answered.gl.at.ply.gg
collection-math.gl.at.ply.gg
dazzling-dhawan.94-156-177-241.plesk.page
dckawss.duckdns.org
delamanodedios7.dynuddns.com
department-vista.gl.at.ply.gg
eduardocaballero5070.duckdns.org
emobotnet.duckdns.org
emreizol.com
envio07.duckdns.org
envio1515.duckdns.org
envio1616.duckdns.org
envio26-005.duckdns.org
envio28.duckdns.org
envionwantrax2024.kozow.com
everyone-lit.gl.at.ply.gg
farids.casacam.net
fees-settled.gl.at.ply.gg
fetdmpg7z.localto.net
fff.qwe888.xyz
figure-football.gl.at.ply.gg
find-foul.gl.at.ply.gg
friendlyman69.ddns.net
gabby16bittest-61314.portmap.io
genius22015-33944.portmap.io
genius22015-45242.portmap.io
genz.hopto.org
hkomv94te.localto.net
hold-asy.duckdns.org
homedns1.ddns.net
huge-assignments.gl.at.ply.gg
indosystm.3utilities.com
intelligent-rubin.94-156-177-241.plesk.page
ip66-179-94-187.pbiaas.com
island-climate.gl.at.ply.gg
jamesrockky.ydns.eu
january-proposal.gl.at.ply.gg
jkpod.duckdns.org
jksncb.duckdns.org
jun-changing.gl.at.ply.gg
kakakatee33.work.gd
kdhsna.duckdns.org
keryanarch.duckdns.org
kpnoq8eil.localto.net
kriptic.duckdns.org
lassi681-33233.portmap.io
lassicheck.duckdns.org
lindo1.dynuddns.com
loan-can.gl.at.ply.gg
magic-telecom.ddns.net
magical-lumiere.94-156-177-241.plesk.page
makes-girl.gl.at.ply.gg
marsh3131.duckdns.org
membership-med.gl.at.ply.gg
memonicmaniac.hopto.org
microsofte.zapto.org
mikerus69.duckdns.org
my-premises.gl.at.ply.gg
naiem.giize.com
naomedeletecarai.duckdns.org
nawaf619-63560.portmap.io
note-russia.gl.at.ply.gg
nuevoenvio2024.kozow.com
oby2349.giize.com
oct-estimation.gl.at.ply.gg
plausa.camdvr.org
px01nathan.duckdns.org
qaonfen4x.localto.net
rather-connection.gl.at.ply.gg
ratrat2-22436.portmap.io
ratrat2-24712.portmap.io
ratrat2-64586.portmap.io
resources-queen.gl.at.ply.gg
retardz.duckdns.org
riches20.kozow.com
rxrphar.duckdns.org
said-closure.gl.at.ply.gg
sajib22.freeddns.org
security-skating.gl.at.ply.gg
shop.xuebimc.com
start-publisher.gl.at.ply.gg
testinggs.work.gd
thus-aerospace.gl.at.ply.gg
ujkds.duckdns.org
uzoymek.work.gd
uzoymek25.mywire.org
vaitomarnoanel.webredirect.org
wakomi5046-28036.portmap.io
wefdfdfdffgdfgf-23752.portmap.io
xleee90.duckdns.org
xn--indirm-gunu-3zb.shop
zuvisck-48805.portmap.io

# Reference: https://www.virustotal.com/gui/file/862b746426fb445bd7a60982d28530eff79c427427939995c9921aa144da6346/detection

94.124.15.40:3333
skystoner.duckdns.org

# Reference: https://www.virustotal.com/gui/file/d577ebf1aad30ef1aa55d63d5dff0fa9353348370fec9520f60fb091a91797b6/detection

94.124.15.40:8888

# Reference: https://x.com/JAMESWT_WT/status/1931026029579063564
# Reference: https://x.com/JAMESWT_WT/status/1944817032161120389
# Reference: https://x.com/JAMESWT_WT/status/1950480775373308031
# Reference: https://www.virustotal.com/gui/ip-address/45.134.26.74/relations
# Reference:https://app.any.run/tasks/d07815ce-7130-46f1-98d6-c1a320e5cd2e

45.134.26.74:56001
metsions861.com
micromissingservice86checksup.com
micromissingservicex86checksup.com
micromissingservicx86checksup.com
minesqvoretqsma.com
qoiwexsoftamicros821.cloud
qoiwexsoftamicros821.com
qoiwexsoftamicros821.info
summiteriqosconvietnt.com
summiteriqosconvietnt.net
summiteriqosconvietnt.org
sunsetvismarketsoliocosca.com
superiormagazinecos.com
supervisorconstamarts.com
xqomascervisas.com

# Reference: https://x.com/malwrhunterteam/status/1931251410512855086
# Reference: https://www.virustotal.com/gui/file/eda3793a195c84600898c219941c36d88bb2e625d0051bc1cdcc7becee9d8ce1/detection

103.166.185.228:56001

# Reference: https://www.virustotal.com/gui/file/84fa10e4dfacbe7b902e54eb1d3f6cdd5b642c2214312248b66dfe6b915c9afb/detection

192.30.139.187:56001

# Reference: https://x.com/JAMESWT_WT/status/1932341419076682223
# Reference: https://x.com/skocherhan/status/1938293083839381878
# Reference: https://app.validin.com/detail?find=0ba24b7dce1a8df1c16058b4b0bf3aa6&type=hash&ref_id=8ee9c66f44e#tab=host_pairs (# 2025-06-26)

176.46.157.24:7777
185.156.72.59:7777
185.156.72.77:56001
bookpartcen.com
capbeinmepart.com
capforbein.com
cptchverf.com
dappradr-8dd.com
enbridgegas.gr.com
govtax-gateway.com
humbokpa.com
humacep.com
humachopa.com
informahot.com
mail-renewflix.com
mail1-renewflix.com
mail2-renewflix.com
mail3-dappradar.com
mail3-renewflix.com
mail4-renewflix.com
mail5-renewflix.com
mintchain.icu
nflix-secure.com
wait-load-page.com
/gtrn975/bryjf.exe

# Reference: https://censys.com/blog/unmasking-the-infrastructure-of-a-spearphishing-campaign

213.199.55.238:5555
45.133.180.26:3010
envio104.duckdns.org
envio11-04.duckdns.org
envio3-04.duckdns.org
envio31.duckdns.org
purelogs2025.duckdns.org

# Reference: https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/
# Reference: https://www.virustotal.com/gui/file/3978c3559c88cf7745e79a4f5da4910e7ed9edf353ba3e44c02077485c319192/detection
# Reference: https://www.virustotal.com/gui/file/670be5b8c7fcd6e2920a4929fcaa380b1b0750bfa27336991a483c0c0221236a/detection

185.234.247.8:6606
185.234.247.8:7707
185.234.247.8:8808
microads.top

# Reference: https://x.com/K_N1kolenko/status/1933502436599087444

116.203.56.216:6186
154.201.91.246:4449
80.30.72.196:44000

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-05-14)

http://172.111.162.219
115.76.200.35:8808
124.198.132.186:4444
124.198.132.186:6006
124.198.132.186:6606
124.198.132.186:7707
124.198.132.186:8008
124.198.132.186:8808
124.198.132.186:8888
124.198.132.30:8808
128.90.113.135:1018
128.90.113.17:8808
128.90.113.219:1018
128.90.113.219:4000
128.90.113.219:8808
128.90.113.229:1018
128.90.113.229:5000
128.90.113.239:1018
128.90.113.239:8808
128.90.113.240:5000
13.72.250.0:6606
13.72.250.0:8080
13.72.250.0:8808
134.199.200.232:8808
144.172.85.50:3000
144.91.92.251:8808
147.124.215.2:7000
152.53.250.86:8808
154.12.229.73:8808
154.12.253.45:7077
172.81.134.11:8808
173.249.29.108:9000
18.116.72.245:81
185.149.120.38:8808
185.208.156.169:6506
185.81.115.9:8888
185.82.73.108:8808
192.159.99.207:8808
193.26.115.210:3000
193.83.7.3:4444
196.251.116.138:7777
196.251.66.21:222
196.251.66.21:4444
196.251.66.21:888
196.251.70.106:8808
196.251.72.112:5222
196.251.72.112:7777
196.251.72.112:8888
196.251.80.13:7777
196.251.88.18:8808
2.56.109.21:1604
206.238.220.35:8808
209.126.83.54:8808
212.23.222.32:8808
213.209.143.110:8888
213.209.143.170:1337
213.209.143.170:4442
213.209.143.170:4443
213.209.143.170:4444
23.26.108.141:6606
23.26.108.141:8808
23.95.106.22:8437
31.57.33.26:8808
45.10.161.80:4444
45.138.16.131:9999
45.138.16.192:6606
45.138.16.192:7707
45.138.16.192:8808
45.141.215.201:8808
45.80.158.115:8808
45.81.23.46:8888
51.195.211.236:8808
63.133.222.220:2222
78.161.6.158:1000
78.161.6.158:222
78.161.6.158:3000
78.161.6.158:8808
78.161.6.158:888
78.175.189.137:444
88.252.167.136:888
88.252.167.136:9999
89.117.21.203:8888
93.149.216.26:8808
94.156.177.121:9000

# Reference: https://x.com/skocherhan/status/1935553186753831349
# Reference: https://www.virustotal.com/gui/file/7d456591b3b176659d07388d817e50242adc7efd84cbfd8e905a159cc7bf5b57/detection
# Reference: https://www.virustotal.com/gui/file/862a377c1bccdef578ecfcba19a4c03b8ffbf5a4bd181288859e1d6358caf59d/detection

181.71.216.106:6568
reconciliacion6meses4.duckdns.org

# Reference: https://www.virustotal.com/gui/file/145289accb8c684e583ca3d99532d64d0a6a40142062e648c65ffd8da070c4c9/detection

139.99.85.213:56001
ip213.ip-139-99-85.net

# Reference: https://x.com/smica83/status/1937778401668190332
# Reference: https://tria.ge/250625-h721kahq2t/behavioral1
# Reference: https://www.virustotal.com/gui/file/8b3a7c75789b65d17e3897442f7f51842e8052133736eac4f0a9a15cc4fb1fb7/detection

172.93.128.151:3010
1515152025altaf20252025.duckdns.org

# Reference: https://x.com/JAMESWT_WT/status/1938192577171263774
# Reference: https://app.any.run/tasks/6b2b75ce-21d7-4a22-809c-f71e2403c4bc

185.156.72.25:6565

# Reference: https://x.com/K_N1kolenko/status/1938553564609085547

173.44.141.174:4449
18.192.93.86:12374
185.169.54.63:8848
23.139.132.42:4449
51.79.209.14:4449
94.154.35.80:7487

# Reference: https://www.virustotal.com/gui/file/a27dd45f8b6d9bcc2c1cd1408047cfc3daf5e1968966da7189d540b9ae5f363f/detection

104.207.138.98:6606
104.207.138.98:7707
104.207.138.98:8808

# Reference: https://x.com/K_N1kolenko/status/1941098905485389845

144.172.87.191:1337
185.38.142.16:4449
202.95.1.68:8848
49.235.64.155:4449
93.177.102.241:31

# Reference: https://app.validin.com/detail?find=%2FCN%3DWIN-HM6FI4VOIEP&type=raw#tab=host_pairs (# 2025-07-05)

196.251.112.104:3389
196.251.112.151:3389
196.251.112.157:3389
196.251.112.166:3389
196.251.112.229:3389
196.251.112.43:3389
196.251.112.51:3389
196.251.113.160:3389
196.251.113.190:3389
196.251.113.26:3389
196.251.113.58:3389
196.251.113.71:3389
196.251.113.79:3389
196.251.113.92:3389
196.251.114.11:3389
196.251.114.21:3389
196.251.114.30:3389
196.251.114.35:3389
196.251.114.36:3389
196.251.114.48:3389
196.251.114.5:3389
196.251.114.76:3389
196.251.114.9:3389
196.251.115.105:3389
196.251.115.122:3389
196.251.115.152:3389
196.251.115.20:3389
196.251.115.214:3389
196.251.115.225:3389
196.251.115.25:3389
196.251.115.35:3389
196.251.115.39:3389
196.251.115.42:3389
196.251.115.53:3389
196.251.115.59:3389
196.251.115.7:3389
196.251.116.102:3389
196.251.116.119:3389
196.251.116.155:3389
196.251.116.157:3389
196.251.116.159:3389
196.251.116.162:3389
196.251.116.163:3389
196.251.116.175:3389
196.251.116.182:3389
196.251.116.189:3389
196.251.116.18:3389
196.251.116.191:3389
196.251.116.193:3389
196.251.116.196:3389
196.251.116.205:3389
196.251.116.223:3389
196.251.116.224:3389
196.251.116.228:3389
196.251.116.22:3389
196.251.116.232:3389
196.251.116.32:3389
196.251.116.34:3389
196.251.116.38:3389
196.251.116.53:3389
196.251.116.62:3389
196.251.116.97:3389
196.251.117.100:3389
196.251.117.101:3389
196.251.117.127:3389
196.251.117.146:3389
196.251.117.163:3389
196.251.117.164:3389
196.251.117.187:3389
196.251.117.197:3389
196.251.117.198:3389
196.251.117.199:3389
196.251.117.200:3389
196.251.117.201:3389
196.251.117.202:3389
196.251.117.203:3389
196.251.117.205:3389
196.251.117.209:3389
196.251.117.210:3389
196.251.117.211:3389
196.251.117.21:3389
196.251.117.221:3389
196.251.117.231:3389
196.251.117.44:3389
196.251.117.45:3389
196.251.117.52:3389
196.251.117.60:3389
196.251.117.65:3389
196.251.117.68:3389
196.251.117.92:3389
196.251.118.102:3389
196.251.118.113:3389
196.251.118.115:3389
196.251.118.119:3389
196.251.118.121:3389
196.251.118.13:3389
196.251.118.166:3389
196.251.118.172:3389
196.251.118.213:3389
196.251.118.22:3389
196.251.118.230:3389
196.251.118.235:3389
196.251.118.239:3389
196.251.118.242:3389
196.251.118.250:3389
196.251.118.42:3389
196.251.118.43:3389
196.251.118.44:3389
196.251.118.48:3389
196.251.118.4:3389
196.251.118.58:3389
196.251.118.59:3389
196.251.118.72:3389
196.251.66.117:3389
196.251.66.120:3389
196.251.66.135:3389
196.251.66.140:3389
196.251.66.143:3389
196.251.66.155:3389
196.251.66.174:3389
196.251.66.200:3389
196.251.66.203:3389
196.251.66.216:3389
196.251.66.217:3389
196.251.66.230:3389
196.251.66.23:3389
196.251.66.30:3389
196.251.66.34:3389
196.251.66.36:3389
196.251.66.50:3389
196.251.66.51:3389
196.251.66.56:3389
196.251.66.57:3389
196.251.66.6:3389
196.251.66.83:3389
196.251.66.8:3389
196.251.67.137:3389
196.251.67.63:3389
196.251.67.77:3389
196.251.69.103:3389
196.251.69.10:3389
196.251.69.11:3389
196.251.69.133:3389
196.251.69.142:3389
196.251.69.152:3389
196.251.69.161:3389
196.251.69.165:3389
196.251.69.16:3389
196.251.69.172:3389
196.251.69.187:3389
196.251.69.193:3389
196.251.69.201:3389
196.251.69.208:3389
196.251.69.22:3389
196.251.69.235:3389
196.251.69.242:3389
196.251.69.245:3389
196.251.69.246:3389
196.251.69.29:3389
196.251.69.30:3389
196.251.69.47:3389
196.251.69.4:3389
196.251.69.50:3389
196.251.69.51:3389
196.251.69.55:3389
196.251.69.59:3389
196.251.69.5:3389
196.251.69.60:3389
196.251.69.64:3389
196.251.69.95:3389
196.251.70.114:3389
196.251.70.11:3389
196.251.70.132:3389
196.251.70.134:3389
196.251.70.137:3389
196.251.70.142:3389
196.251.70.147:3389
196.251.70.14:3389
196.251.70.154:3389
196.251.70.155:3389
196.251.70.161:3389
196.251.70.178:3389
196.251.70.179:3389
196.251.70.202:3389
196.251.70.21:3389
196.251.70.223:3389
196.251.70.233:3389
196.251.70.235:3389
196.251.70.23:3389
196.251.70.254:3389
196.251.70.2:3389
196.251.70.40:3389
196.251.70.60:3389
196.251.70.67:3389
196.251.70.6:3389
196.251.70.73:3389
196.251.70.74:3389
196.251.70.77:3389
196.251.70.95:3389
196.251.70.99:3389
196.251.71.103:3389
196.251.71.108:3389
196.251.71.111:3389
196.251.71.117:3389
196.251.71.124:3389
196.251.71.130:3389
196.251.71.148:3389
196.251.71.153:3389
196.251.71.161:3389
196.251.71.166:3389
196.251.71.174:3389
196.251.71.17:3389
196.251.71.184:3389
196.251.71.187:3389
196.251.71.190:3389
196.251.71.198:3389
196.251.71.202:3389
196.251.71.20:3389
196.251.71.226:3389
196.251.71.238:3389
196.251.71.249:3389
196.251.71.253:3389
196.251.71.254:3389
196.251.71.26:3389
196.251.71.27:3389
196.251.71.34:3389
196.251.71.36:3389
196.251.71.38:3389
196.251.71.39:3389
196.251.71.49:3389
196.251.71.52:3389
196.251.71.54:3389
196.251.71.77:3389
196.251.71.83:3389
196.251.71.85:3389
196.251.71.88:3389
196.251.71.90:3389
196.251.71.91:3389
196.251.71.94:3389
196.251.71.99:3389
196.251.72.117:3389
196.251.72.122:3389
196.251.72.125:3389
196.251.72.12:3389
196.251.72.134:3389
196.251.72.136:3389
196.251.72.140:3389
196.251.72.146:3389
196.251.72.166:3389
196.251.72.167:3389
196.251.72.179:3389
196.251.72.190:3389
196.251.72.193:3389
196.251.72.197:3389
196.251.72.198:3389
196.251.72.199:3389
196.251.72.19:3389
196.251.72.204:3389
196.251.72.20:3389
196.251.72.211:3389
196.251.72.213:3389
196.251.72.218:3389
196.251.72.223:3389
196.251.72.22:3389
196.251.72.237:3389
196.251.72.238:3389
196.251.72.251:3389
196.251.72.253:3389
196.251.72.27:3389
196.251.72.36:3389
196.251.72.39:3389
196.251.72.41:3389
196.251.72.46:3389
196.251.72.48:3389
196.251.72.53:3389
196.251.72.60:3389
196.251.72.71:3389
196.251.72.72:3389
196.251.72.74:3389
196.251.72.78:3389
196.251.72.84:3389
196.251.72.88:3389
196.251.72.94:3389
196.251.73.126:3389
196.251.73.134:3389
196.251.73.146:3389
196.251.73.148:3389
196.251.73.149:3389
196.251.73.162:3389
196.251.73.169:3389
196.251.73.170:3389
196.251.73.186:3389
196.251.73.189:3389
196.251.73.193:3389
196.251.73.20:3389
196.251.73.211:3389
196.251.73.221:3389
196.251.73.235:3389
196.251.73.240:3389
196.251.73.246:3389
196.251.73.253:3389
196.251.73.25:3389
196.251.73.32:3389
196.251.73.36:3389
196.251.73.37:3389
196.251.73.55:3389
196.251.73.56:3389
196.251.73.60:3389
196.251.73.65:3389
196.251.73.6:3389
196.251.73.70:3389
196.251.73.80:3389
196.251.73.90:3389
196.251.73.95:3389
196.251.80.100:3389
196.251.80.102:3389
196.251.80.112:3389
196.251.80.114:3389
196.251.80.117:3389
196.251.80.137:3389
196.251.80.138:3389
196.251.80.13:3389
196.251.80.144:3389
196.251.80.145:3389
196.251.80.153:3389
196.251.80.163:3389
196.251.80.170:3389
196.251.80.171:3389
196.251.80.206:3389
196.251.80.216:3389
196.251.80.220:3389
196.251.80.237:3389
196.251.80.244:3389
196.251.80.253:3389
196.251.80.32:3389
196.251.80.33:3389
196.251.80.40:3389
196.251.80.45:3389
196.251.80.53:3389
196.251.80.68:3389
196.251.80.75:3389
196.251.80.84:3389
196.251.80.93:3389
196.251.81.114:3389
196.251.81.117:3389
196.251.81.142:3389
196.251.81.145:3389
196.251.81.148:3389
196.251.81.152:3389
196.251.81.158:3389
196.251.81.164:3389
196.251.81.167:3389
196.251.81.16:3389
196.251.81.171:3389
196.251.81.178:3389
196.251.81.180:3389
196.251.81.189:3389
196.251.81.193:3389
196.251.81.205:3389
196.251.81.210:3389
196.251.81.216:3389
196.251.81.21:3389
196.251.81.245:3389
196.251.81.254:3389
196.251.81.28:3389
196.251.81.32:3389
196.251.81.33:3389
196.251.81.35:3389
196.251.81.44:3389
196.251.81.51:3389
196.251.81.52:3389
196.251.81.60:3389
196.251.81.61:3389
196.251.81.62:3389
196.251.81.6:3389
196.251.81.80:3389
196.251.81.86:3389
196.251.81.90:3389
196.251.81.96:3389
196.251.81.99:3389
196.251.83.111:3389
196.251.83.123:3389
196.251.83.134:3389
196.251.83.141:3389
196.251.83.149:3389
196.251.83.153:3389
196.251.83.155:3389
196.251.83.161:3389
196.251.83.163:3389
196.251.83.165:3389
196.251.83.166:3389
196.251.83.17:3389
196.251.83.182:3389
196.251.83.185:3389
196.251.83.187:3389
196.251.83.18:3389
196.251.83.214:3389
196.251.83.223:3389
196.251.83.225:3389
196.251.83.231:3389
196.251.83.23:3389
196.251.83.30:3389
196.251.83.31:3389
196.251.83.35:3389
196.251.83.39:3389
196.251.83.44:3389
196.251.83.48:3389
196.251.83.56:3389
196.251.83.63:3389
196.251.83.68:3389
196.251.83.70:3389
196.251.83.71:3389
196.251.83.85:3389
196.251.83.95:3389
196.251.84.100:3389
196.251.84.103:3389
196.251.84.104:3389
196.251.84.10:3389
196.251.84.112:3389
196.251.84.116:3389
196.251.84.11:3389
196.251.84.143:3389
196.251.84.144:3389
196.251.84.147:3389
196.251.84.155:3389
196.251.84.158:3389
196.251.84.159:3389
196.251.84.161:3389
196.251.84.167:3389
196.251.84.169:3389
196.251.84.170:3389
196.251.84.171:3389
196.251.84.177:3389
196.251.84.180:3389
196.251.84.198:3389
196.251.84.206:3389
196.251.84.213:3389
196.251.84.216:3389
196.251.84.25:3389
196.251.84.39:3389
196.251.84.45:3389
196.251.84.59:3389
196.251.84.61:3389
196.251.84.65:3389
196.251.84.82:3389
196.251.84.9:3389
196.251.85.101:3389
196.251.85.118:3389
196.251.85.127:3389
196.251.85.140:3389
196.251.85.147:3389
196.251.85.184:3389
196.251.85.190:3389
196.251.85.192:3389
196.251.85.194:3389
196.251.85.215:3389
196.251.85.216:3389
196.251.85.223:3389
196.251.85.224:3389
196.251.85.229:3389
196.251.85.230:3389
196.251.85.234:3389
196.251.85.23:3389
196.251.85.240:3389
196.251.85.244:3389
196.251.85.251:3389
196.251.85.2:3389
196.251.85.37:3389
196.251.85.48:3389
196.251.85.52:3389
196.251.85.56:3389
196.251.85.84:3389
196.251.85.85:3389
196.251.85.8:3389
196.251.85.91:3389
196.251.86.100:3389
196.251.86.103:3389
196.251.86.105:3389
196.251.86.107:3389
196.251.86.112:3389
196.251.86.115:3389
196.251.86.127:3389
196.251.86.142:3389
196.251.86.154:3389
196.251.86.159:3389
196.251.86.15:3389
196.251.86.189:3389
196.251.86.192:3389
196.251.86.194:3389
196.251.86.195:3389
196.251.86.197:3389
196.251.86.202:3389
196.251.86.209:3389
196.251.86.216:3389
196.251.86.217:3389
196.251.86.22:3389
196.251.86.235:3389
196.251.86.245:3389
196.251.86.250:3389
196.251.86.252:3389
196.251.86.253:3389
196.251.86.43:3389
196.251.86.44:3389
196.251.86.46:3389
196.251.86.50:3389
196.251.86.56:3389
196.251.86.59:3389
196.251.86.60:3389
196.251.86.66:3389
196.251.86.67:3389
196.251.86.74:3389
196.251.86.75:3389
196.251.86.76:3389
196.251.86.77:3389
196.251.86.81:3389
196.251.86.83:3389
196.251.86.84:3389
196.251.86.85:3389
196.251.86.94:3389
196.251.86.98:3389
196.251.87.115:3389
196.251.87.123:3389
196.251.87.136:3389
196.251.87.140:3389
196.251.87.149:3389
196.251.87.151:3389
196.251.87.154:3389
196.251.87.155:3389
196.251.87.156:3389
196.251.87.158:3389
196.251.87.162:3389
196.251.87.168:3389
196.251.87.171:3389
196.251.87.172:3389
196.251.87.194:3389
196.251.87.19:3389
196.251.87.201:3389
196.251.87.202:3389
196.251.87.212:3389
196.251.87.221:3389
196.251.87.228:3389
196.251.87.231:3389
196.251.87.37:3389
196.251.87.41:3389
196.251.87.43:3389
196.251.87.46:3389
196.251.87.49:3389
196.251.87.52:3389
196.251.87.53:3389
196.251.87.56:3389
196.251.87.57:3389
196.251.87.69:3389
196.251.87.6:3389
196.251.87.9:3389
196.251.88.108:3389
196.251.88.110:3389
196.251.88.111:3389
196.251.88.113:3389
196.251.88.138:3389
196.251.88.163:3389
196.251.88.17:3389
196.251.88.20:3389
196.251.88.26:3389
196.251.88.27:3389
196.251.88.2:3389
196.251.88.49:3389
196.251.88.56:3389
196.251.88.67:3389
196.251.88.69:3389
196.251.88.7:3389
196.251.88.8:3389
196.251.89.100:3389
196.251.89.117:3389
196.251.89.127:3389
196.251.89.141:3389
196.251.89.147:3389
196.251.89.151:3389
196.251.89.155:3389
196.251.89.23:3389
196.251.89.84:3389
196.251.90.101:3389
196.251.90.182:3389
196.251.90.213:3389
196.251.90.32:3389
196.251.90.62:3389
196.251.90.92:3389
196.251.91.25:3389
196.251.91.37:3389
196.251.92.114:3389
196.251.92.138:3389
196.251.92.142:3389
196.251.92.35:3389
196.251.92.41:3389
196.251.92.45:3389
196.251.92.46:3389
196.251.92.47:3389
196.251.92.55:3389
196.251.92.59:3389
196.251.92.71:3389
196.251.92.85:3389
196.251.92.89:3389
196.251.92.8:3389
196.251.92.91:3389
196.251.92.92:3389
196.251.93.183:3389
196.251.93.35:3389
91.92.242.245:3389
91.92.243.101:3389
91.92.244.112:3389
91.92.249.110:3389
93.123.109.150:3389
93.123.109.153:3389

# Reference: https://x.com/skocherhan/status/1942334069615796531
# Reference: https://www.virustotal.com/gui/file/cbeaf0c9f54d0d8b31a292a704a1ec53a3e37fca197cfff76f1d578b156d81de/detection

http://217.138.194.181
217.138.194.181:56003

# Reference: https://x.com/blackorbird/status/1943536808438173973
# Reference: https://mp.weixin.qq.com/s/xn313WWNi7rln-WfwFgE5w

162.216.240.8:6606
162.216.240.8:7707

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-07-13)

http://103.190.107.26
http://155.4.128.20
http://196.251.113.10
http://196.251.70.71
http://196.251.85.119
http://202.55.135.163
http://211.185.216.13
http://3.68.213.74
101.182.12.32:1703
103.190.107.26:2222
103.190.107.26:443
103.195.103.149:4449
103.215.78.152:4449
103.237.92.182:443
103.245.236.239:8808
104.1.253.104:7707
104.1.253.104:8808
104.219.234.42:8088
104.243.254.19:8081
104.245.104.22:7077
104.250.169.197:8808
104.250.172.146:8808
104.250.172.30:8808
104.36.83.230:8808
107.175.88.38:8000
108.181.218.61:3333
109.189.200.42:55667
109.189.200.42:6606
109.189.200.42:7707
109.189.200.42:8808
110.42.59.58:1280
116.203.56.216:4444
118.195.235.103:8808
119.152.232.82:7779
12.202.180.102:8797
124.198.132.191:1520
124.198.132.213:9999
124.198.132.28:8808
124.198.132.30:6606
124.198.132.30:7707
128.90.106.111:4000
128.90.106.191:5000
128.90.106.224:4000
128.90.106.48:4000
128.90.106.48:5000
128.90.106.71:2000
128.90.106.71:5000
128.90.106.75:2000
128.90.113.126:2000
128.90.113.126:4000
128.90.113.126:5000
128.90.113.135:8808
128.90.113.149:5000
128.90.113.151:2000
128.90.113.155:5000
128.90.113.155:8808
128.90.113.160:1018
128.90.113.160:5000
128.90.113.160:8808
128.90.113.179:1018
128.90.113.179:5000
128.90.113.179:8808
128.90.113.219:2000
128.90.113.219:5000
128.90.113.220:2000
128.90.113.220:5000
128.90.113.223:2000
128.90.113.223:4000
128.90.113.223:5000
128.90.113.223:8808
128.90.113.229:2000
128.90.113.229:2021
128.90.113.229:4000
128.90.113.240:1018
128.90.113.240:4000
128.90.113.253:2000
128.90.113.253:4000
128.90.113.253:5000
128.90.113.73:1018
128.90.113.73:2000
128.90.113.73:5000
128.90.113.73:8808
128.90.113.82:8808
128.90.113.94:1018
128.90.113.94:5000
128.90.115.156:2000
128.90.115.156:5000
134.122.183.217:8808
134.199.192.237:8808
134.199.200.232:23401
134.199.200.232:23500
135.181.8.126:4449
137.188.231.92:4449
137.188.231.92:7764
138.68.79.95:36781
146.70.149.155:8808
147.124.216.223:7707
147.185.221.21:28494
147.185.221.25:34654
147.185.221.29:12469
147.185.221.29:13232
147.185.221.29:17662
147.185.221.29:47243
147.185.221.29:54412
147.185.221.29:55619
147.185.221.29:61935
147.185.221.29:6606
147.185.221.29:7707
147.185.221.29:8778
147.185.221.29:8808
151.242.58.40:8808
151.242.58.75:8808
151.242.63.172:8808
154.176.146.81:1177
154.194.35.243:8301
155.4.128.20:4449
155.94.155.214:8849
157.20.182.23:1337
157.20.182.24:1337
159.223.193.191:8808
16.171.147.206:8808
16.171.61.189:8808
161.35.56.185:4449
161.35.56.185:7716
163.5.210.49:8808
164.68.120.30:2222
164.68.120.30:2414
165.22.224.250:11088
165.50.8.95:7772
167.71.219.232:8808
172.111.139.159:8081
172.111.150.118:8808
172.111.151.97:8808
172.245.205.105:1500
172.81.130.46:8808
172.94.19.36:8808
172.94.96.108:5222
172.94.96.108:6606
172.94.96.108:7707
172.94.96.108:7777
172.94.96.108:8808
172.94.96.108:8888
172.94.96.143:6606
172.94.96.143:7707
172.94.96.143:8808
172.94.96.144:6606
172.94.96.144:7707
172.94.96.144:8808
172.94.96.209:6606
172.94.96.209:7707
172.94.96.209:8808
173.249.29.108:1452
173.249.29.108:4212
174.107.222.28:4449
174.107.222.28:8888
176.98.8.51:9600
179.13.0.54:8082
179.52.210.122:4444
179.52.210.122:9944
18.118.247.255:8808
18.183.72.243:6606
18.183.72.243:7707
18.183.72.243:8808
18.194.217.129:20001
181.131.217.63:6090
181.131.218.182:5080
181.131.218.182:8050
184.190.169.22:4083
185.174.101.81:8808
185.18.222.241:6606
185.18.222.241:7707
185.18.222.241:8808
185.196.10.251:8808
185.196.9.158:4501
185.196.9.158:4502
185.196.9.158:4503
185.196.9.158:4594
185.241.208.187:102
185.241.208.96:8088
185.55.240.111:4449
185.62.87.191:555
185.82.73.108:6606
185.82.73.108:7707
186.169.87.191:4000
191.93.118.254:8848
191.93.118.254:9000
191.96.207.250:5969
192.142.0.51:4444
192.142.0.51:8808
192.52.242.57:4449
193.161.193.99:39140
193.161.193.99:41439
193.161.193.99:4455
193.161.193.99:47747
193.161.193.99:61587
193.164.6.92:3002
193.26.115.138:4449
193.31.28.142:6606
193.31.28.142:8808
193.5.65.154:5505
193.5.65.154:6606
193.5.65.154:7707
194.180.48.186:4444
194.37.81.104:4449
194.59.31.128:8808
194.62.165.224:443
195.182.25.58:9999
195.3.223.146:5551
196.251.113.10:1000
196.251.115.135:3232
196.251.115.143:8808
196.251.115.156:1000
196.251.115.202:8808
196.251.115.253:9906
196.251.115.59:8088
196.251.115.59:8808
196.251.116.134:8808
196.251.116.62:222
196.251.116.62:2222
196.251.116.62:444
196.251.116.62:4444
196.251.116.62:5555
196.251.116.62:7777
196.251.116.62:888
196.251.116.62:8888
196.251.66.21:2222
196.251.66.21:8888
196.251.69.242:8088
196.251.69.242:8808
196.251.69.34:8000
196.251.70.71:1000
196.251.70.71:555
196.251.70.71:6606
196.251.70.71:7000
196.251.70.71:7707
196.251.70.71:8808
196.251.71.166:8808
196.251.71.36:7777
196.251.72.112:8808
196.251.72.21:7777
196.251.83.225:222
196.251.83.225:2222
196.251.83.225:444
196.251.83.225:4444
196.251.83.225:7777
196.251.83.225:888
196.251.83.225:8888
196.251.84.202:8808
196.251.85.119:1000
196.251.85.119:2222
196.251.85.119:7000
196.251.85.119:8808
196.251.85.119:888
196.251.86.82:2004
196.251.86.88:7000
196.251.87.133:7000
196.251.88.108:1337
196.251.88.108:9898
196.251.88.110:1337
196.251.88.110:9898
196.251.88.113:1337
196.251.88.20:8088
196.251.88.20:8808
196.251.88.247:5672
198.23.227.140:5252
198.55.98.155:8809
206.123.128.50:8808
206.123.132.18:5555
206.123.145.195:8808
206.233.249.153:555
206.81.18.4:5443
207.231.105.51:400
208.91.189.183:42422
209.200.252.21:53
213.142.151.94:6606
213.142.151.94:7707
213.142.151.94:8808
213.209.143.188:1337
213.209.143.37:4443
216.9.225.221:23029
216.9.225.221:8304
217.195.153.81:50000
23.105.131.227:1111
23.111.147.162:6606
23.111.147.162:7707
23.111.147.162:8088
23.111.147.162:8808
24.152.38.198:8808
31.57.219.19:4449
31.57.219.224:44000
31.57.38.93:4449
35.194.89.202:143
43.242.33.156:8808
43.242.33.163:8808
43.242.33.167:8808
45.126.208.210:4449
45.138.16.131:4444
45.138.16.131:8888
45.138.16.246:6606
45.138.16.246:7707
45.138.16.246:8088
45.138.16.246:8808
45.141.233.114:2005
45.141.233.202:6458
45.204.195.74:8808
45.204.211.49:8880
45.241.185.111:1711
45.74.10.16:8808
45.74.10.38:5222
45.87.120.8:8847
45.87.120.8:8848
45.88.91.254:7707
45.94.31.84:8808
46.109.238.252:8808
47.251.102.141:3306
5.189.21.45:6606
5.189.21.45:8808
50.114.203.173:4449
50.18.107.175:8808
56.228.27.244:5672
64.23.129.58:49670
65.17.181.119:8808
66.179.92.184:443
66.225.254.246:8808
66.63.187.79:1337
66.63.187.89:1337
68.183.98.89:3316
68.183.98.89:4449
68.183.98.89:7769
73.143.8.226:8808
74.141.229.91:8808
74.208.123.9:443
75.69.164.4:6606
75.69.164.4:8808
77.90.153.204:7000
77.90.153.204:8080
77.90.153.204:8808
78.161.14.229:1000
78.161.14.229:222
78.161.14.229:3000
78.161.14.229:3001
78.161.14.229:3030
78.161.14.229:444
78.161.14.229:8808
78.161.14.229:888
78.161.14.229:9999
78.162.57.179:222
78.162.57.179:3000
78.162.57.179:3001
78.162.57.179:444
78.162.57.179:8808
78.162.57.179:888
78.162.57.179:9999
79.110.49.56:8808
79.215.181.187:55667
79.215.181.187:6606
79.215.181.187:7707
79.215.181.187:8808
79.215.191.81:55667
79.215.191.81:6606
79.215.191.81:7707
79.215.191.81:8808
8.148.239.70:4449
8.149.137.211:4449
8.149.137.211:8808
8.212.56.13:4449
81.10.39.58:8881
82.205.83.111:1099
82.24.200.99:4449
83.244.71.247:2003
83.249.230.189:443
84.203.197.221:3232
85.209.128.39:7070
87.121.105.130:1337
87.121.105.130:8848
88.229.27.40:1000
88.229.27.40:222
88.229.27.40:3000
88.229.27.40:4040
88.229.27.40:8808
88.229.27.40:888
88.229.27.40:9999
88.252.167.136:1000
88.252.167.136:1002
88.252.167.136:222
88.252.167.136:3000
88.252.167.136:8808
89.23.97.34:9000
89.23.97.45:8808
89.248.173.136:8848
92.118.56.54:5552
93.115.35.146:4000
93.204.217.10:51124
94.130.241.163:8808
94.180.178.106:3456
94.31.108.120:6606
94.31.108.120:7707
94.31.108.120:8808
95.129.235.106:8888
95.214.55.246:8484
95.216.115.242:32000
95.216.115.242:34000
95.216.115.242:35000
95.216.115.242:4449
98.142.247.5:8808
1ri7zwh3k.localto.net
2305133156.a1.luyouxia.net
296azure-64092.portmap.io
3389.iis7.com
3389.iis7.net
alexmoro.duckdns.org
almghamrh073.ddns.net
andersondavid4070.duckdns.org
andrescasablanca9030.duckdns.org
andresvalderrama4070.duckdns.org
ansy10jun.duckdns.org
antonioguerrero4050.duckdns.org
armandoquiroz7020.duckdns.org
armandovillareal504010.duckdns.org
asegurar2octubre.duckdns.org
asegurar3octubre.duckdns.org
asy5858a.duckdns.org
asy5858b.duckdns.org
asy5858c.duckdns.org
asy5858d.duckdns.org
bendicionesdios.dynuddns.net
c83-249-230-189.bredband.tele2.se
camilohernandez20301.duckdns.org
camilorestrepo9050702.duckdns.org
camilotorrenegra9080.duckdns.org
carlosfernandez401020.duckdns.org
carlosmendoza504070.duckdns.org
carlossantrich9080.duckdns.org
carlosurrutia805020.duckdns.org
carlosurrutia8050202.duckdns.org
carlosvillalba9040.duckdns.org
carolina-mother.gl.at.ply.gg
chadwhiteford.theworkpc.com
cieloo2.duckdns.org
conhostlogsdown.sytes.net
conhostlogsdown1.sytes.net
conhostlogsdown2.sytes.net
connecetwise.com
danger2026.duckdns.org
dc070925.duckdns.org
dczip.duckdns.org
dczip3.duckdns.org
dczip7.duckdns.org
deadpoolstart2060.duckdns.org
deadpoolstart2061.duckdns.org
dgost2.duckdns.org
dgost5.duckdns.org
dnse2542.duckdns.org
doncu2030.duckdns.org
envio01.ddns.net
envio25100255.duckdns.org
envio26-05.duckdns.org
envioo20020.duckdns.org
exper.mywire.org
foncar.duckdns.org
francia2028.duckdns.org
franciscodaza3090.duckdns.org
germancastillo9050.duckdns.org
gomezgomez.duckdns.org
gowanow189-20805.portmap.io
gustavovalencia9070.duckdns.org
hamster-exchange.top
hot-filing.gl.at.ply.gg
inc-stake.gl.at.ply.gg
included-integration.gl.at.ply.gg
includes-contents.gl.at.ply.gg
injtest.ooguy.com
island-towns.gl.at.ply.gg
issouchat.freeboxos.fr
iyrdadxx.ddns.net
jaimefernandez203040.duckdns.org
janachye.duckdns.org
jasyncdg.duckdns.org
javiersandoval9030.duckdns.org
jcapi.xboxwl.com
josemansory980.4cloud.click
kbsapm.duckdns.org
kingdom-nu.gl.at.ply.gg
lasyusex.duckdns.org
mailing-iv.gl.at.ply.gg
mariocar1406.duckdns.org
maxo.4cloud.click
mexko.ddns.net
miguelurrutia7040.duckdns.org
minecraftsl.work.gd
mistico2032.duckdns.org
namit-37666.portmap.io
news-previous.gl.at.ply.gg
noneeds.dynuddns.com
now-latin.gl.at.ply.gg
nuevboprogreso.duckdns.org
otherwise-puzzle.gl.at.ply.gg
picemo1569-41439.portmap.io
playing-cialis.gl.at.ply.gg
ratlordvc.ddns.net
return-min.gl.at.ply.gg
ruthasync.duckdns.org
sandraverdecia708091.duckdns.org
santiagotrujillo9010.duckdns.org
sdashboard.ddns-ip.net
securityhealthmonitor.duckdns.org
securityhealthmonitorgiize.duckdns.org
securityhealthsystray.accesscam.org
securityhealthsystray.duckdns.org
securityhealthsystray.ydns.eu
securityhealthsystrays.duckdns.org
send9214.duckdns.org
sendiadad.duckdns.org
sergiovalderrama2040.duckdns.org
servicesdrivres1.duckdns.org
shripzone.bumbleshrimp.com
soskaxasy.duckdns.org
sotoxic.ddns.net
ssatech.online
subasyncratlog.duckdns.org
tax-warrior.gl.at.ply.gg
testermania.theworkpc.com
top-inform.gl.at.ply.gg
trinidadtobago5020.duckdns.org
tueisolmkc.duckdns.org
unique-heard.gl.at.ply.gg
unit-sap.gl.at.ply.gg
velisariosantiago7080.duckdns.org
verfycash.com
waillyrx5.com
windowsupdatetoasticon.issmarterthanyou.com
wmieventlogonlinehelp.duckdns.org
wmieventlogonlinehelp.ydns.eu
zip.mysynology.net
zombiedomain.sytes.net
zuiopppkurban.sytes.net

# Reference: https://x.com/JAMESWT_WT/status/1945010308004684281
# Reference: https://app.any.run/tasks/3deb10bd-7504-4b85-9373-573c84589e32
# Reference: https://www.virustotal.com/gui/file/26d959a657224d1457ffc86c8a1baabe517d623a4076bafdbe0975f1af3d4cb3/detection
# Reference: https://www.virustotal.com/gui/file/a2d1f717b39428fd47b3e2b9c01577e1b0528bbedccbf3749edd3ded4341760d/detection

45.134.26.74:56002
45.134.26.74:56003
bknpnt.com
otmuqi.com
cryptotabber.com

# Reference: https://x.com/blackorbird/status/1945500903655756070
# Reference: https://mp.weixin.qq.com/s/mixmfrOTV57UDf9guqjdRQ

101.99.91.150:5555
101.99.91.150:6606
101.99.91.150:7707
101.99.91.150:7777
101.99.91.150:8808
103.17.38.43:5555
103.17.38.43:6606
103.17.38.43:7777
103.17.38.43:8808
103.181.34.178:5555
103.181.34.178:6606
103.181.34.178:7707
103.181.34.178:7777
103.181.34.178:8808
103.190.107.26:5555
103.190.107.26:6606
103.190.107.26:7707
103.190.107.26:7777
103.190.107.26:8808
103.190.81.180:5555
103.190.81.180:6606
103.190.81.180:7707
103.190.81.180:7777
103.229.81.203:5555
103.229.81.203:7777
103.237.92.182:5555
103.237.92.182:6606
103.237.92.182:7707
103.237.92.182:7777
103.237.92.182:8808
103.245.236.239:5555
103.245.236.239:6606
103.245.236.239:7707
103.245.236.239:7777
104.1.253.104:5555
104.1.253.104:6606
104.1.253.104:7777
104.168.7.12:5555
104.168.7.12:6606
104.168.7.12:7707
104.168.7.12:7777
104.168.7.12:8808
104.193.195.142:5555
104.193.195.142:6606
104.193.195.142:7707
104.193.195.142:7777
104.193.195.142:8808
104.234.37.137:5555
104.234.37.137:6606
104.234.37.137:7707
104.234.37.137:7777
104.234.37.137:8808
104.245.106.179:5555
104.245.106.179:6606
104.245.106.179:7707
104.245.106.179:7777
104.245.106.179:8808
104.250.169.197:5555
104.250.169.197:6606
104.250.169.197:7707
104.250.169.197:7777
104.250.172.30:5555
104.250.172.30:6606
104.250.172.30:7707
104.250.172.30:7777
107.150.0.244:5555
107.150.0.244:6606
107.150.0.244:7707
107.150.0.244:7777
107.150.0.244:8808
107.150.0.56:5555
107.150.0.56:6606
107.150.0.56:7707
107.150.0.56:7777
107.155.113.90:5555
107.155.113.90:6606
107.155.113.90:7707
107.155.113.90:7777
107.155.113.90:8808
107.172.61.133:5555
107.172.61.133:6606
107.172.61.133:7707
107.172.61.133:7777
107.172.61.133:8808
107.175.130.18:5555
107.175.130.18:6606
107.175.130.18:7707
107.175.130.18:7777
107.175.130.18:8808
107.175.31.172:5555
107.175.31.172:7777
107.175.48.5:5555
107.175.48.5:6606
107.175.48.5:7707
107.175.48.5:7777
107.175.88.38:5555
107.175.88.38:6606
107.175.88.38:7707
107.175.88.38:7777
107.175.88.38:8808
108.171.194.154:5555
108.171.194.154:6606
108.171.194.154:7707
108.171.194.154:7777
108.171.194.154:8808
108.181.218.61:5555
108.181.218.61:6606
108.181.218.61:7707
108.181.218.61:7777
108.181.218.61:8808
109.120.137.57:5555
109.120.137.57:6606
109.120.137.57:7707
109.120.137.57:7777
109.199.104.52:5555
109.199.104.52:6606
109.199.104.52:7707
109.199.104.52:7777
109.199.104.52:8808
115.190.82.210:5555
115.190.82.210:7777
115.75.66.68:5555
115.75.66.68:7777
115.76.200.35:5555
115.76.200.35:6606
115.76.200.35:7707
115.76.200.35:7777
115.79.198.51:5555
115.79.198.51:6606
115.79.198.51:7707
115.79.198.51:7777
115.79.198.51:8808
115.92.155.19:5555
115.92.155.19:6606
115.92.155.19:7707
115.92.155.19:7777
115.92.155.19:8808
116.99.233.218:5555
116.99.233.218:6606
116.99.233.218:7707
116.99.233.218:7777
12.187.175.72:5555
12.187.175.72:6606
12.187.175.72:7707
12.187.175.72:7777
12.187.175.72:8808
12.202.180.114:5555
12.202.180.114:6606
12.202.180.114:7707
12.202.180.114:7777
12.202.180.114:8808
12.221.146.138:5555
12.221.146.138:6606
12.221.146.138:7707
12.221.146.138:7777
12.221.146.138:8808
120.53.15.200:5555
120.53.15.200:6606
120.53.15.200:7707
120.53.15.200:7777
122.51.233.106:5555
122.51.233.106:6606
122.51.233.106:7707
122.51.233.106:7777
122.51.233.106:8808
124.198.131.141:5555
124.198.131.141:7777
124.198.131.200:5555
124.198.131.200:6606
124.198.131.200:7707
124.198.131.200:7777
124.198.131.200:8808
124.198.131.20:5555
124.198.131.20:6606
124.198.131.20:7707
124.198.131.20:7777
124.198.131.20:8808
124.198.131.216:5555
124.198.131.216:6606
124.198.131.216:7777
124.198.131.44:5555
124.198.131.44:6606
124.198.131.44:7707
124.198.131.44:7777
124.198.131.44:8808
124.198.132.132:5555
124.198.132.132:6606
124.198.132.132:7707
124.198.132.132:7777
124.198.132.143:5555
124.198.132.143:6606
124.198.132.143:7707
124.198.132.143:7777
124.198.132.143:8808
124.198.132.186:5555
124.198.132.186:7777
124.198.132.213:5555
124.198.132.213:6606
124.198.132.213:7707
124.198.132.213:7777
124.198.132.213:8808
124.198.132.234:5555
124.198.132.234:6606
124.198.132.234:7707
124.198.132.234:7777
124.198.132.234:8808
124.198.132.28:5555
124.198.132.28:6606
124.198.132.28:7707
124.198.132.28:7777
124.198.132.30:5555
124.198.132.30:7777
128.90.106.114:5555
128.90.106.114:6606
128.90.106.114:7707
128.90.106.114:7777
128.90.106.114:8808
128.90.106.147:5555
128.90.106.147:6606
128.90.106.147:7707
128.90.106.147:7777
128.90.106.147:8808
128.90.106.191:5555
128.90.106.191:6606
128.90.106.191:7707
128.90.106.191:7777
128.90.106.213:5555
128.90.106.213:6606
128.90.106.213:7707
128.90.106.213:7777
128.90.106.213:8808
128.90.106.241:5555
128.90.106.241:6606
128.90.106.241:7707
128.90.106.241:7777
128.90.106.241:8808
128.90.106.75:5555
128.90.106.75:6606
128.90.106.75:7707
128.90.106.75:7777
128.90.106.75:8808
128.90.113.126:5555
128.90.113.126:6606
128.90.113.126:7707
128.90.113.126:7777
128.90.113.126:8808
128.90.113.135:5555
128.90.113.135:6606
128.90.113.135:7707
128.90.113.135:7777
128.90.113.149:5555
128.90.113.149:6606
128.90.113.149:7707
128.90.113.149:7777
128.90.113.149:8808
128.90.113.151:5555
128.90.113.151:6606
128.90.113.151:7707
128.90.113.151:7777
128.90.113.151:8808
128.90.113.155:5555
128.90.113.155:6606
128.90.113.155:7707
128.90.113.155:7777
128.90.113.162:5555
128.90.113.162:6606
128.90.113.162:7707
128.90.113.162:7777
128.90.113.179:5555
128.90.113.179:6606
128.90.113.179:7707
128.90.113.179:7777
128.90.113.17:5555
128.90.113.17:6606
128.90.113.17:7707
128.90.113.17:7777
128.90.113.184:5555
128.90.113.184:6606
128.90.113.184:7707
128.90.113.184:7777
128.90.113.184:8808
128.90.113.219:5555
128.90.113.219:6606
128.90.113.219:7707
128.90.113.219:7777
128.90.113.220:5555
128.90.113.220:6606
128.90.113.220:7707
128.90.113.220:7777
128.90.113.223:5555
128.90.113.223:6606
128.90.113.223:7707
128.90.113.223:7777
128.90.113.22:5555
128.90.113.22:6606
128.90.113.22:7707
128.90.113.22:7777
128.90.113.239:5555
128.90.113.239:6606
128.90.113.239:7707
128.90.113.239:7777
128.90.113.26:5555
128.90.113.26:6606
128.90.113.26:7707
128.90.113.26:7777
128.90.113.30:5555
128.90.113.30:6606
128.90.113.30:7707
128.90.113.30:7777
128.90.113.42:5555
128.90.113.42:6606
128.90.113.42:7707
128.90.113.42:7777
128.90.113.56:5555
128.90.113.56:6606
128.90.113.56:7707
128.90.113.56:7777
128.90.113.72:5555
128.90.113.72:6606
128.90.113.72:7707
128.90.113.72:7777
128.90.113.72:8808
128.90.113.86:5555
128.90.113.86:6606
128.90.113.86:7707
128.90.113.86:7777
128.90.113.86:8808
128.90.113.94:5555
128.90.113.94:6606
128.90.113.94:7707
128.90.113.94:7777
128.90.115.247:5555
128.90.115.247:6606
128.90.115.247:7707
128.90.115.247:7777
128.90.115.247:8808
128.90.122.247:5555
128.90.122.247:6606
128.90.122.247:7707
128.90.122.247:7777
128.90.159.174:5555
128.90.159.174:6606
128.90.159.174:7707
128.90.159.174:7777
128.90.159.174:8808
13.202.226.61:5555
13.202.226.61:6606
13.202.226.61:7707
13.202.226.61:7777
13.202.226.61:8808
13.41.224.200:5555
13.41.224.200:6606
13.41.224.200:7707
13.41.224.200:7777
13.41.224.200:8808
13.50.248.158:5555
13.50.248.158:6606
13.50.248.158:7707
13.50.248.158:7777
13.60.99.34:5555
13.60.99.34:6606
13.60.99.34:7707
13.60.99.34:7777
13.60.99.34:8808
134.199.200.232:5555
134.199.200.232:6606
134.199.200.232:7707
134.199.200.232:7777
136.0.157.130:5555
136.0.157.130:6606
136.0.157.130:7707
136.0.157.130:7777
136.243.80.115:5555
136.243.80.115:6606
136.243.80.115:7707
136.243.80.115:7777
136.243.80.115:8808
141.98.11.26:5555
141.98.11.26:6606
141.98.11.26:7777
141.98.154.54:5555
141.98.154.54:6606
141.98.154.54:7707
141.98.154.54:7777
144.126.149.221:5555
144.172.104.135:5555
144.172.104.135:7777
144.172.85.50:5555
144.172.85.50:6606
144.172.85.50:7707
144.172.85.50:7777
144.172.85.50:8808
144.172.92.114:5555
144.172.92.114:7777
144.91.92.251:5555
144.91.92.251:6606
144.91.92.251:7707
144.91.92.251:7777
146.70.137.90:5555
146.70.137.90:6606
146.70.137.90:7707
146.70.137.90:7777
146.70.137.90:8808
147.124.212.147:5555
147.124.212.147:6606
147.124.212.147:7707
147.124.212.147:7777
147.124.212.147:8808
147.124.215.2:5555
147.124.215.2:6606
147.124.215.2:7707
147.124.215.2:7777
147.124.215.2:8808
147.124.223.218:5555
147.124.223.218:6606
147.124.223.218:7707
147.124.223.218:7777
147.124.223.218:8808
147.185.221.28:5555
147.185.221.28:6606
147.185.221.28:7707
147.185.221.28:7777
147.185.221.28:8808
147.185.221.29:5555
147.185.221.29:7777
147.93.146.129:5555
147.93.146.129:6606
147.93.146.129:7707
147.93.146.129:7777
147.93.146.129:8808
148.251.43.15:5555
148.251.43.15:6606
148.251.43.15:7777
148.251.43.15:8808
149.102.147.106:5555
149.102.147.106:7777
151.242.58.75:5555
151.242.58.75:6606
151.242.58.75:7707
151.242.58.75:7777
152.168.22.197:5555
152.168.22.197:6606
152.168.22.197:7707
152.168.22.197:7777
152.168.22.197:8808
155.2.192.168:5555
155.2.192.168:6606
155.2.192.168:7707
155.2.192.168:7777
155.2.192.168:8808
155.2.192.59:5555
155.2.192.59:6606
155.2.192.59:7777
155.2.192.59:8808
157.173.197.177:5555
157.173.197.177:7777
157.20.182.16:5555
157.20.182.16:6606
157.20.182.16:7707
157.20.182.16:7777
157.20.182.16:8808
157.20.182.24:5555
157.20.182.24:6606
157.20.182.24:7707
157.20.182.24:7777
157.20.182.24:8808
157.20.182.6:5555
157.20.182.6:6606
157.20.182.6:7707
157.20.182.6:7777
157.20.182.6:8808
158.220.83.114:5555
158.220.83.114:7777
158.220.96.15:5555
158.220.96.15:6606
158.220.96.15:7707
158.220.96.15:7777
158.220.96.15:8808
159.100.18.123:6606
159.100.18.123:7707
159.100.18.123:7777
159.100.18.123:8808
159.223.193.191:5555
159.223.193.191:6606
159.223.193.191:7707
159.223.193.191:7777
16.170.170.176:5555
16.170.170.176:6606
16.170.170.176:7707
16.170.170.176:7777
16.171.147.206:5555
16.171.147.206:6606
16.171.147.206:7707
16.171.147.206:7777
16.171.61.189:5555
16.171.61.189:6606
16.171.61.189:7707
16.171.61.189:7777
161.35.18.98:5555
161.35.18.98:6606
161.35.18.98:7707
161.35.18.98:7777
161.35.18.98:8808
161.97.151.222:5555
161.97.151.222:6606
161.97.151.222:7707
161.97.151.222:7777
161.97.151.222:8808
161.97.68.73:5555
161.97.68.73:6606
161.97.68.73:7707
161.97.68.73:7777
161.97.68.73:8808
162.216.241.228:5555
162.216.241.228:6606
162.216.241.228:7707
162.216.241.228:7777
162.216.241.228:8808
162.243.12.113:5555
162.243.12.113:6606
162.243.12.113:7707
162.243.12.113:7777
162.243.12.113:8808
162.246.185.77:5555
162.246.185.77:6606
162.246.185.77:7707
162.246.185.77:7777
162.246.185.77:8808
163.172.125.253:5555
163.172.125.253:6606
163.172.125.253:7707
163.172.125.253:7777
163.172.125.253:8808
163.5.160.120:5555
163.5.160.120:6606
163.5.160.120:7707
163.5.160.120:7777
163.5.160.120:8808
163.5.210.49:5555
163.5.210.49:6606
163.5.210.49:7707
163.5.210.49:7777
164.68.120.30:5555
164.68.120.30:6606
164.68.120.30:7707
164.68.120.30:7777
164.68.120.30:8808
167.114.215.75:5555
167.114.215.75:6606
167.114.215.75:7707
167.114.215.75:7777
167.114.215.75:8808
167.172.135.43:5555
167.172.135.43:7777
167.71.219.232:5555
167.71.219.232:6606
167.71.219.232:7707
167.71.219.232:7777
167.86.116.179:5555
167.86.116.179:6606
167.86.116.179:7707
167.86.116.179:7777
171.250.25.191:5555
171.250.25.191:6606
171.250.25.191:7707
171.250.25.191:7777
171.250.25.191:8808
171.5.115.239:5555
171.5.115.239:6606
171.5.115.239:7707
171.5.115.239:7777
171.5.115.239:8808
172.111.135.226:5555
172.111.135.226:6606
172.111.135.226:7707
172.111.135.226:7777
172.111.135.226:8808
172.111.150.118:5555
172.111.150.118:6606
172.111.150.118:7707
172.111.150.118:7777
172.111.150.74:5555
172.111.150.74:6606
172.111.150.74:7707
172.111.150.74:7777
172.111.150.74:8808
172.111.151.97:5555
172.111.151.97:6606
172.111.151.97:7707
172.111.151.97:7777
172.111.245.66:5555
172.111.245.66:6606
172.111.245.66:7707
172.111.245.66:7777
172.111.245.66:8808
172.191.149.124:5555
172.191.149.124:6606
172.191.149.124:7707
172.191.149.124:7777
172.81.134.11:5555
172.81.134.11:6606
172.81.134.11:7707
172.81.134.11:7777
172.81.134.123:5555
172.81.134.123:6606
172.81.134.123:7707
172.81.134.123:7777
172.81.135.7:5555
172.81.135.7:6606
172.81.135.7:7707
172.81.135.7:7777
172.81.135.7:8808
172.93.128.151:5555
172.93.128.151:6606
172.93.128.151:7707
172.93.128.151:7777
172.93.128.151:8808
172.94.126.27:5555
172.94.126.27:6606
172.94.126.27:7707
172.94.126.27:7777
172.94.19.36:5555
172.94.19.36:6606
172.94.19.36:7707
172.94.19.36:7777
172.94.6.99:5555
172.94.6.99:6606
172.94.6.99:7707
172.94.6.99:7777
172.94.6.99:8808
172.94.91.110:5555
172.94.91.110:6606
172.94.91.110:7707
172.94.91.110:7777
172.94.91.110:8808
172.94.96.108:5555
172.94.96.143:5555
172.94.96.143:7777
172.94.96.144:5555
172.94.96.144:7777
172.94.96.209:5555
172.94.96.209:7777
173.208.156.209:5555
173.208.156.209:6606
173.208.156.209:7707
173.208.156.209:7777
173.208.156.209:8808
173.212.229.31:5555
173.212.229.31:7707
173.212.229.31:7777
173.212.229.31:8808
173.238.144.207:5555
173.238.144.207:6606
173.238.144.207:7777
173.238.144.207:8808
173.249.29.108:5555
173.249.29.108:6606
173.249.29.108:7707
173.249.29.108:7777
173.249.29.108:8808
173.44.139.179:5555
173.44.139.179:6606
173.44.139.179:7707
173.44.139.179:7777
173.44.139.179:8808
176.143.53.10:5555
176.143.53.10:6606
176.143.53.10:7707
176.143.53.10:7777
176.143.53.10:8808
176.65.134.103:5555
176.65.134.103:6606
176.65.134.103:7707
176.65.134.103:7777
176.65.134.128:5555
176.65.134.128:6606
176.65.134.128:7707
176.65.134.128:7777
176.65.134.128:8808
176.65.134.77:5555
176.65.134.77:6606
176.65.134.77:7707
176.65.134.81:5555
176.65.134.81:6606
176.65.134.81:7707
176.65.134.81:7777
176.65.137.186:5555
176.65.137.186:6606
176.65.137.186:7707
176.65.137.186:7777
176.65.137.186:8808
176.65.140.20:5555
176.65.140.20:6606
176.65.140.20:7707
176.65.140.20:7777
176.65.140.20:8808
176.65.140.31:5555
176.65.140.31:6606
176.65.140.31:7707
176.65.140.31:7777
176.65.141.111:5555
176.65.141.111:7707
176.65.141.111:7777
176.65.141.111:8808
176.65.141.162:5555
176.65.141.162:6606
176.65.141.162:7707
176.65.141.162:7777
176.65.141.162:8808
176.65.141.216:5555
176.65.141.216:7777
176.65.141.225:5555
176.65.141.225:7777
176.65.141.49:5555
176.65.141.49:7777
176.65.141.56:5555
176.65.141.56:7777
176.65.141.98:5555
176.65.141.98:7777
176.65.142.113:5555
176.65.142.113:7777
176.65.142.187:5555
176.65.142.187:7777
176.65.142.189:5555
176.65.142.189:7777
176.65.142.228:5555
176.65.142.228:7777
176.65.142.73:5555
176.65.142.73:7777
176.65.142.74:5555
176.65.142.74:6606
176.65.142.74:7707
176.65.142.74:7777
176.65.142.74:8808
176.65.143.147:5555
176.65.143.147:6606
176.65.143.147:7707
176.65.143.147:7777
176.65.143.240:5555
176.65.143.240:6606
176.65.143.240:7707
176.65.143.240:7777
176.65.143.240:8808
176.65.144.125:5555
176.65.144.162:5555
176.65.144.162:6606
176.65.144.162:7707
176.65.144.162:7777
176.65.144.28:5555
176.65.144.28:7777
176.65.144.32:5555
176.65.144.34:5555
176.65.144.34:7777
176.65.144.52:5555
176.65.144.52:7777
176.65.144.60:5555
176.65.144.60:7777
176.65.144.95:5555
176.65.144.95:7777
177.255.84.173:5555
177.255.84.173:6606
177.255.84.173:7707
177.255.84.173:7777
177.255.84.173:8808
178.251.107.74:5555
178.251.107.74:6606
178.251.107.74:7707
178.251.107.74:7777
178.251.107.74:8808
178.73.218.7:5555
178.73.218.7:6606
178.73.218.7:7707
178.73.218.7:7777
178.73.218.7:8808
178.83.80.11:5555
178.83.80.11:6606
178.83.80.11:7707
178.83.80.11:7777
178.83.80.11:8808
179.13.1.144:5555
179.13.1.144:6606
179.13.1.144:7707
179.13.1.144:7777
179.13.1.144:8808
179.13.10.232:5555
179.13.10.232:6606
179.13.10.232:7707
179.13.10.232:7777
179.13.10.232:8808
179.13.7.0:5555
179.13.7.0:6606
179.13.7.0:7707
179.13.7.0:7777
179.13.7.0:8808
179.14.13.169:5555
179.14.13.169:6606
179.14.13.169:7707
179.14.13.169:7777
179.14.13.169:8808
18.116.72.245:5555
18.116.72.245:6606
18.116.72.245:7707
18.116.72.245:7777
18.116.72.245:8808
18.141.106.224:5555
18.141.106.224:6606
18.141.106.224:7707
18.141.106.224:7777
18.141.106.224:8808
18.157.68.73:5555
18.157.68.73:6606
18.157.68.73:7707
18.157.68.73:7777
18.157.68.73:8808
18.167.254.207:5555
18.167.254.207:6606
18.167.254.207:7707
18.167.254.207:7777
18.167.254.207:8808
18.171.159.181:5555
18.171.159.181:6606
18.171.159.181:7707
18.171.159.181:7777
18.183.72.243:5555
18.183.72.243:7777
18.197.239.5:5555
18.197.239.5:6606
18.197.239.5:7707
18.197.239.5:7777
18.197.239.5:8808
18.197.94.4:5555
18.197.94.4:7707
18.197.94.4:7777
18.197.94.4:8808
181.131.216.154:5555
181.131.216.154:6606
181.131.216.154:7707
181.131.216.154:7777
181.131.216.154:8808
181.131.217.135:5555
181.131.217.135:6606
181.131.217.135:7707
181.131.217.135:7777
181.131.217.135:8808
181.131.217.63:5555
181.131.217.63:6606
181.131.217.63:7707
181.131.217.63:7777
181.131.217.63:8808
181.235.10.54:5555
181.235.10.54:6606
181.235.10.54:7707
181.235.10.54:7777
181.235.10.54:8808
181.235.8.208:5555
181.235.8.208:6606
181.235.8.208:7707
181.235.8.208:7777
181.235.8.208:8808
185.149.120.38:5555
185.149.120.38:6606
185.149.120.38:7707
185.149.120.38:7777
185.149.24.178:5555
185.149.24.178:6606
185.149.24.178:7707
185.149.24.178:7777
185.16.38.38:5555
185.16.38.38:7777
185.174.101.81:5555
185.174.101.81:6606
185.174.101.81:7707
185.174.101.81:7777
185.177.239.206:5555
185.177.239.206:7777
185.18.222.241:5555
185.18.222.241:7777
185.187.235.215:5555
185.187.235.215:6606
185.187.235.215:7707
185.187.235.215:7777
185.187.235.215:8808
185.196.8.109:5555
185.196.8.109:6606
185.196.8.109:7707
185.196.8.109:7777
185.196.8.109:8808
185.196.9.158:5555
185.196.9.158:6606
185.196.9.158:7707
185.196.9.158:7777
185.196.9.158:8808
185.196.9.68:5555
185.196.9.68:6606
185.196.9.68:7707
185.196.9.68:7777
185.196.9.68:8808
185.206.148.210:5555
185.206.148.210:6606
185.206.148.210:7707
185.206.148.210:7777
185.206.148.210:8808
185.208.156.153:5555
185.208.156.153:6606
185.208.156.153:7707
185.208.156.153:7777
185.208.156.153:8808
185.208.156.169:5555
185.208.156.169:6606
185.208.156.169:7707
185.208.156.169:7777
185.208.156.169:8808
185.208.158.139:5555
185.208.158.139:6606
185.208.158.139:7707
185.208.158.139:7777
185.208.158.139:8808
185.208.158.201:5555
185.208.158.201:6606
185.208.158.201:7707
185.208.158.201:7777
185.208.158.201:8808
185.224.128.90:5555
185.224.128.90:6606
185.224.128.90:7707
185.224.128.90:7777
185.224.128.90:8808
185.241.208.187:5555
185.241.208.187:6606
185.241.208.187:7707
185.241.208.187:8808
185.241.208.247:5555
185.241.208.247:6606
185.241.208.247:7707
185.241.208.247:7777
185.241.208.247:8808
185.62.87.191:5555
185.62.87.191:6606
185.62.87.191:7707
185.62.87.191:7777
185.62.87.191:8808
185.81.115.9:5555
185.81.115.9:6606
185.81.115.9:7707
185.81.115.9:7777
185.81.115.9:8808
185.82.73.108:5555
185.82.73.108:7777
186.169.34.84:5555
186.169.34.84:6606
186.169.34.84:7707
186.169.34.84:7777
186.169.34.84:8808
186.169.87.191:5555
186.169.87.191:6606
186.169.87.191:7707
186.169.87.191:7777
186.169.87.191:8808
186.169.90.132:5555
186.169.90.132:6606
186.169.90.132:7707
186.169.90.132:7777
186.169.90.132:8808
188.126.90.3:5555
188.126.90.3:6606
188.126.90.3:7707
188.126.90.3:7777
188.126.90.3:8808
188.126.90.65:5555
188.126.90.65:6606
188.126.90.65:7707
188.126.90.65:7777
188.126.90.65:8808
188.153.77.112:5555
188.153.77.112:6606
188.153.77.112:7707
188.153.77.112:7777
188.218.201.194:5555
188.218.201.194:7707
188.218.201.194:7777
188.218.241.148:5555
188.218.241.148:6606
188.218.241.148:7707
188.218.241.148:7777
191.88.254.211:5555
191.88.254.211:6606
191.88.254.211:7707
191.88.254.211:7777
191.88.254.211:8808
191.89.242.47:5555
191.89.242.47:6606
191.89.242.47:7707
191.89.242.47:7777
191.89.242.47:8808
191.93.113.197:5555
191.93.113.197:6606
191.93.113.197:7707
191.93.113.197:7777
191.93.113.197:8808
191.93.117.96:5555
191.93.117.96:6606
191.93.117.96:7707
191.93.117.96:7777
191.93.117.96:8808
191.93.118.254:5555
191.93.118.254:6606
191.93.118.254:7707
191.93.118.254:7777
191.93.118.254:8808
192.142.0.51:5555
192.142.0.51:6606
192.142.0.51:7707
192.142.0.51:7777
192.159.99.105:5555
192.159.99.105:6606
192.159.99.105:7707
192.159.99.105:7777
192.159.99.123:5555
192.159.99.123:6606
192.159.99.123:7707
192.159.99.123:7777
192.159.99.164:5555
192.159.99.164:6606
192.159.99.164:7707
192.159.99.164:7777
192.159.99.164:8808
192.188.88.248:5555
192.188.88.248:7707
192.188.88.248:7777
192.227.220.27:5555
192.227.220.27:7777
192.241.128.20:5555
192.241.128.20:6606
192.241.128.20:7707
192.241.128.20:7777
193.142.146.179:5555
193.142.146.179:7777
193.142.146.42:5555
193.142.146.42:7777
193.26.115.106:5555
193.26.115.106:7777
193.26.115.130:5555
193.26.115.130:6606
193.26.115.130:7707
193.26.115.130:7777
193.26.115.130:8808
193.26.115.165:5555
193.26.115.165:6606
193.26.115.165:7707
193.26.115.165:7777
193.26.115.165:8808
193.26.115.204:5555
193.26.115.204:6606
193.26.115.204:7707
193.26.115.204:7777
193.26.115.204:8808
193.26.115.229:5555
193.26.115.229:7777
193.31.28.142:5555
193.31.28.142:7707
193.31.28.142:7777
194.213.3.100:5555
194.213.3.100:7777
194.26.192.102:5555
194.26.192.102:7777
194.26.192.19:5555
194.26.192.19:7777
194.26.192.232:5555
194.26.192.232:6606
194.26.192.232:7707
194.26.192.232:7777
194.26.192.232:8808
194.59.30.217:5555
194.59.30.217:6606
194.59.30.217:7707
194.59.30.217:7777
194.59.30.217:8808
194.59.31.128:5555
194.59.31.128:6606
194.59.31.128:7707
194.59.31.128:7777
194.59.31.28:5555
194.59.31.28:6606
194.59.31.28:7707
194.59.31.28:7777
194.59.31.28:8808
195.206.234.29:5555
195.206.234.29:7777
195.206.234.36:5555
195.206.234.36:7777
195.3.223.146:5555
195.3.223.146:6606
195.3.223.146:7707
195.3.223.146:7777
195.3.223.146:8808
195.66.215.248:5555
195.66.215.248:6606
195.66.215.248:7707
195.66.215.248:7777
195.66.215.248:8808
196.251.113.10:5555
196.251.113.10:6606
196.251.113.10:7707
196.251.113.10:7777
196.251.113.10:8808
196.251.114.11:5555
196.251.114.11:6606
196.251.114.11:7707
196.251.114.11:7777
196.251.114.13:5555
196.251.114.13:6606
196.251.114.13:7707
196.251.114.13:7777
196.251.114.17:5555
196.251.114.17:6606
196.251.114.17:7707
196.251.114.17:7777
196.251.115.232:5555
196.251.115.232:6606
196.251.115.232:7707
196.251.115.232:8808
196.251.115.240:5555
196.251.115.240:6606
196.251.115.240:7707
196.251.115.240:7777
196.251.115.33:5555
196.251.115.33:7777
196.251.115.59:5555
196.251.115.59:6606
196.251.115.59:7707
196.251.115.59:7777
196.251.116.115:6606
196.251.116.115:7707
196.251.116.115:7777
196.251.116.115:8808
196.251.116.134:5555
196.251.116.134:6606
196.251.116.134:7707
196.251.116.134:7777
196.251.116.138:5555
196.251.116.138:6606
196.251.116.138:7707
196.251.116.138:8808
196.251.116.152:6606
196.251.116.152:7707
196.251.116.152:8808
196.251.116.216:5555
196.251.116.216:7777
196.251.116.42:5555
196.251.116.42:6606
196.251.116.42:7707
196.251.116.42:7777
196.251.116.42:8808
196.251.116.59:5555
196.251.116.59:6606
196.251.116.59:7707
196.251.116.59:8808
196.251.116.62:6606
196.251.116.62:7707
196.251.116.62:8808
196.251.116.68:5555
196.251.116.68:7777
196.251.117.107:5555
196.251.117.107:6606
196.251.117.107:7707
196.251.117.107:7777
196.251.117.107:8808
196.251.117.147:5555
196.251.117.147:6606
196.251.117.147:7707
196.251.117.147:7777
196.251.117.82:5555
196.251.117.82:6606
196.251.117.82:7707
196.251.117.82:7777
196.251.118.128:5555
196.251.118.128:6606
196.251.118.128:7707
196.251.118.128:7777
196.251.118.250:5555
196.251.118.250:6606
196.251.118.250:7707
196.251.118.250:7777
196.251.118.250:8808
196.251.118.253:5555
196.251.118.253:7777
196.251.66.21:5555
196.251.66.21:6606
196.251.66.21:7707
196.251.66.21:7777
196.251.66.21:8808
196.251.69.242:5555
196.251.69.242:6606
196.251.69.242:7707
196.251.69.242:7777
196.251.69.34:5555
196.251.69.34:6606
196.251.69.34:7707
196.251.69.34:7777
196.251.69.34:8808
196.251.70.106:5555
196.251.70.106:6606
196.251.70.106:7707
196.251.70.106:7777
196.251.70.71:5555
196.251.70.71:7777
196.251.71.144:5555
196.251.71.144:7777
196.251.71.166:5555
196.251.71.166:6606
196.251.71.166:7707
196.251.71.166:7777
196.251.71.236:6606
196.251.71.236:7707
196.251.71.236:8808
196.251.72.112:5555
196.251.72.112:6606
196.251.72.112:7707
196.251.72.252:5555
196.251.72.252:7777
196.251.73.133:6606
196.251.73.133:7707
196.251.73.133:8808
196.251.73.254:5555
196.251.73.254:6606
196.251.73.254:7707
196.251.73.254:7777
196.251.73.254:8808
196.251.80.13:5555
196.251.80.13:6606
196.251.80.13:7707
196.251.80.13:8808
196.251.80.51:5555
196.251.80.51:6606
196.251.80.51:7707
196.251.80.51:7777
196.251.83.225:5555
196.251.83.225:6606
196.251.83.225:7707
196.251.83.225:8808
196.251.84.202:5555
196.251.84.202:6606
196.251.84.202:7707
196.251.84.202:7777
196.251.84.63:5555
196.251.84.63:6606
196.251.84.63:7707
196.251.84.63:7777
196.251.84.63:8808
196.251.85.119:5555
196.251.85.119:6606
196.251.85.119:7707
196.251.85.119:7777
196.251.86.13:5555
196.251.86.13:7777
196.251.86.174:5555
196.251.86.174:7707
196.251.86.174:7777
196.251.86.174:8808
196.251.86.65:5555
196.251.86.65:6606
196.251.86.65:7707
196.251.86.65:7777
196.251.86.82:5555
196.251.86.82:6606
196.251.86.82:7707
196.251.86.82:7777
196.251.86.82:8808
196.251.86.88:5555
196.251.86.88:6606
196.251.86.88:7707
196.251.86.88:7777
196.251.86.88:8808
196.251.88.110:5555
196.251.88.110:6606
196.251.88.110:7707
196.251.88.110:7777
196.251.88.110:8808
196.251.88.113:5555
196.251.88.113:6606
196.251.88.113:7707
196.251.88.113:7777
196.251.88.113:8808
196.251.88.18:5555
196.251.88.18:6606
196.251.88.18:7707
196.251.88.18:7777
196.251.88.20:5555
196.251.88.20:6606
196.251.88.20:7707
196.251.88.20:7777
198.135.48.135:5555
198.135.48.135:6606
198.135.48.135:7707
198.135.48.135:7777
198.23.158.69:5555
198.23.158.69:7777
198.23.227.140:5555
198.23.227.140:6606
198.23.227.140:7707
198.23.227.140:7777
198.23.227.140:8808
198.23.227.175:5555
198.23.227.175:6606
198.23.227.175:7707
198.23.227.175:7777
198.23.227.175:8808
198.55.98.155:5555
198.55.98.155:6606
198.55.98.155:7707
198.55.98.155:7777
198.55.98.155:8808
202.55.135.163:5555
202.55.135.163:6606
202.55.135.163:7707
202.55.135.163:7777
202.55.135.163:8808
205.234.144.127:5555
205.234.144.127:7777
206.123.128.50:5555
206.123.128.50:6606
206.123.128.50:7707
206.123.128.50:7777
206.123.145.195:5555
206.123.145.195:6606
206.123.145.195:7707
206.123.145.195:7777
206.238.115.155:5555
206.238.115.155:7777
206.238.220.35:5555
206.238.220.35:6606
206.238.220.35:7707
206.238.220.35:7777
206.72.206.244:5555
206.72.206.244:6606
206.72.206.244:7707
206.72.206.244:7777
207.231.104.139:5555
207.231.104.139:6606
207.231.104.139:7707
207.231.104.139:7777
207.231.104.139:8808
207.231.104.152:5555
207.231.104.152:6606
207.231.104.152:7707
207.231.104.152:7777
207.231.104.152:8808
207.231.107.147:5555
207.231.107.147:6606
207.231.107.147:7707
207.231.107.147:7777
207.231.107.147:8808
207.231.109.232:5555
207.231.109.232:6606
207.231.109.232:7707
207.231.109.232:7777
207.231.109.232:8808
207.231.111.146:5555
208.91.189.183:5555
208.91.189.183:6606
208.91.189.183:7707
208.91.189.183:7777
208.91.189.183:8808
209.126.11.215:5555
209.126.11.215:6606
209.126.11.215:7707
209.126.11.215:7777
209.126.83.54:5555
209.126.83.54:6606
209.126.83.54:7707
209.126.83.54:7777
209.145.50.29:5555
209.145.50.29:6606
209.145.50.29:7707
209.145.50.29:8808
209.200.252.21:5555
209.200.252.21:6606
209.200.252.21:7707
209.200.252.21:7777
209.200.252.21:8808
211.185.216.13:5555
211.185.216.13:6606
211.185.216.13:7707
211.185.216.13:7777
211.185.216.13:8808
212.23.222.206:5555
212.23.222.206:6606
212.23.222.206:7707
212.23.222.206:7777
212.23.222.32:5555
212.23.222.32:6606
212.23.222.32:7707
212.23.222.32:7777
213.199.55.247:5555
213.199.55.247:6606
213.199.55.247:7707
213.199.55.247:7777
213.209.143.110:5555
213.209.143.110:6606
213.209.143.110:7707
213.209.143.110:7777
213.209.143.110:8808
213.209.143.170:5555
213.209.143.170:6606
213.209.143.170:7707
213.209.143.170:7777
213.209.143.170:8808
213.209.143.23:5555
213.209.143.23:6606
213.209.143.23:7707
213.209.143.23:7777
213.209.143.23:8808
213.209.143.36:5555
213.209.143.36:6606
213.209.143.36:7707
213.209.143.36:7777
213.209.143.36:8808
213.209.143.37:5555
213.209.143.37:6606
213.209.143.37:7707
213.209.143.37:7777
213.209.143.37:8808
213.209.143.43:5555
213.209.143.43:6606
213.209.143.43:7707
213.209.143.43:7777
213.209.143.43:8808
213.209.143.50:5555
213.209.143.50:6606
213.209.143.50:7707
213.209.143.50:7777
213.209.143.50:8808
213.209.143.51:5555
213.209.143.51:6606
213.209.143.51:7707
213.209.143.51:7777
213.209.143.51:8808
213.209.143.57:5555
213.209.143.57:6606
213.209.143.57:7707
213.209.143.57:7777
213.209.143.57:8808
216.107.136.216:5555
216.107.136.216:6606
216.107.136.216:7707
216.107.136.216:7777
216.107.136.216:8808
217.79.251.234:5555
217.79.251.234:7777
23.111.147.162:5555
23.111.147.162:7777
23.254.211.137:5555
23.254.211.137:6606
23.254.211.137:7707
23.254.211.137:7777
23.26.108.141:5555
23.26.108.141:7777
23.27.168.102:5555
23.27.168.102:6606
23.27.168.102:7707
23.27.168.102:7777
23.27.168.102:8808
23.95.106.22:5555
23.95.106.22:6606
23.95.106.22:7707
23.95.106.22:7777
24.152.38.198:5555
24.152.38.198:6606
24.152.38.198:7707
24.152.38.198:7777
3.1.16.19:5555
3.1.16.19:6606
3.1.16.19:7707
3.1.16.19:7777
3.1.16.19:8808
3.126.224.214:5555
3.126.224.214:6606
3.126.224.214:7707
3.126.224.214:7777
3.126.224.214:8808
3.137.123.63:5555
3.137.123.63:6606
3.137.123.63:7707
3.137.123.63:7777
3.137.123.63:8808
3.16.105.95:5555
3.16.105.95:6606
3.16.105.95:7707
3.16.105.95:7777
3.16.105.95:8808
3.215.185.215:5555
3.215.185.215:6606
3.215.185.215:7707
3.215.185.215:7777
3.239.212.84:5555
3.239.212.84:6606
3.239.212.84:7707
3.239.212.84:7777
3.64.216.89:5555
3.64.216.89:6606
3.64.216.89:7707
3.64.216.89:7777
3.64.216.89:8808
3.68.171.119:5555
3.68.171.119:6606
3.68.171.119:7707
3.68.171.119:7777
3.68.171.119:8808
3.68.56.232:5555
3.68.56.232:6606
3.68.56.232:7707
3.68.56.232:7777
3.68.56.232:8808
3.8.127.11:5555
3.8.127.11:6606
3.8.127.11:7707
3.8.127.11:7777
3.8.141.103:5555
3.8.141.103:7777
3.8.78.144:5555
3.8.78.144:6606
3.8.78.144:7707
3.8.78.144:7777
31.163.204.210:5555
31.163.204.210:6606
31.163.204.210:7777
31.163.204.210:8808
31.57.102.46:5555
31.57.102.46:6606
31.57.102.46:7707
31.57.102.46:7777
31.57.77.144:5555
31.57.77.144:6606
31.57.77.144:7707
31.57.77.144:7777
35.157.111.131:5555
35.157.111.131:6606
35.157.111.131:7707
35.157.111.131:7777
35.157.111.131:8808
37.27.249.115:5555
37.27.249.115:6606
37.27.249.115:7707
37.27.249.115:7777
38.242.236.116:5555
38.54.29.174:5555
38.54.29.174:6606
38.54.29.174:7707
38.54.29.174:7777
38.54.29.174:8808
43.162.113.239:5555
43.162.113.239:6606
43.162.113.239:7707
43.162.113.239:7777
43.162.113.239:8808
45.132.74.212:5555
45.132.74.212:6606
45.132.74.212:7707
45.132.74.212:7777
45.133.180.154:5555
45.133.180.154:6606
45.133.180.154:7707
45.133.180.154:7777
45.138.16.100:5555
45.138.16.100:6606
45.138.16.100:7707
45.138.16.100:7777
45.138.16.131:5555
45.138.16.131:7777
45.138.16.192:5555
45.138.16.192:7777
45.138.16.246:5555
45.138.16.246:7777
45.138.16.71:5555
45.138.16.71:6606
45.138.16.71:7707
45.138.16.71:7777
45.141.215.201:5555
45.141.215.201:6606
45.141.215.201:7707
45.141.215.201:7777
45.141.233.120:5555
45.141.233.120:6606
45.141.233.120:7707
45.141.233.120:7777
45.141.233.120:8808
45.141.233.125:5555
45.141.233.125:6606
45.141.233.125:7707
45.141.233.125:7777
45.141.233.125:8808
45.141.233.129:5555
45.141.233.129:6606
45.141.233.129:7707
45.141.233.129:7777
45.141.233.129:8808
45.141.233.154:5555
45.141.233.154:7777
45.241.182.130:5555
45.241.182.130:6606
45.241.182.130:7707
45.241.182.130:7777
45.241.182.130:8808
45.241.185.111:5555
45.241.185.111:6606
45.241.185.111:7707
45.241.185.111:7777
45.241.185.111:8808
45.55.35.48:5555
45.55.35.48:6606
45.55.35.48:7707
45.55.35.48:7777
45.55.35.48:8808
45.74.10.16:5555
45.74.10.16:6606
45.74.10.16:7707
45.74.10.16:7777
45.74.10.38:5555
45.74.10.38:6606
45.74.10.38:7707
45.74.10.38:7777
45.74.10.38:8808
45.74.16.71:5555
45.74.16.71:6606
45.74.16.71:7707
45.74.16.71:7777
45.74.16.71:8808
45.74.16.89:5555
45.74.16.89:6606
45.74.16.89:7707
45.74.16.89:7777
45.74.16.89:8808
45.74.34.32:5555
45.74.34.32:6606
45.74.34.32:7707
45.74.34.32:7777
45.74.34.32:8808
45.80.158.115:5555
45.80.158.115:6606
45.80.158.115:7707
45.80.158.115:7777
45.80.158.171:5555
45.80.158.171:6606
45.80.158.171:7707
45.80.158.171:7777
45.81.23.113:5555
45.81.23.113:6606
45.81.23.113:7707
45.81.23.113:7777
45.81.23.113:8808
45.81.23.27:5555
45.81.23.27:7777
45.81.23.43:5555
45.81.23.43:6606
45.81.23.43:7707
45.81.23.43:7777
45.81.23.43:8808
45.81.23.46:5555
45.81.23.46:6606
45.81.23.46:7707
45.81.23.46:7777
45.81.23.46:8808
45.81.23.47:5555
45.81.23.47:6606
45.81.23.47:7707
45.81.23.47:7777
45.81.23.47:8808
45.81.23.48:5555
45.81.23.48:6606
45.81.23.48:7707
45.81.23.48:7777
45.81.23.48:8808
45.83.28.42:5555
45.83.28.42:6606
45.83.28.42:7707
45.83.28.42:7777
45.83.28.42:8808
45.88.186.144:5555
45.88.186.144:6606
45.88.186.144:7707
45.88.186.144:7777
45.88.186.144:8808
45.88.186.158:5555
45.88.186.158:6606
45.88.186.158:7707
45.88.186.158:7777
45.88.186.158:8808
45.88.186.85:5555
45.88.186.85:7777
45.94.31.84:5555
45.94.31.84:6606
45.94.31.84:7707
45.94.31.84:7777
46.101.236.176:5555
46.101.236.176:6606
46.101.236.176:7707
46.101.236.176:7777
46.101.236.176:8808
46.246.12.3:5555
46.246.12.3:6606
46.246.12.3:7707
46.246.12.3:7777
46.246.12.3:8808
46.246.12.5:5555
46.246.12.5:6606
46.246.12.5:7707
46.246.12.5:7777
46.246.12.5:8808
46.246.12.6:5555
46.246.12.6:6606
46.246.12.6:7707
46.246.12.6:7777
46.246.12.6:8808
46.246.14.3:5555
46.246.14.3:6606
46.246.14.3:7707
46.246.14.3:7777
46.246.14.3:8808
46.246.4.9:5555
46.246.4.9:6606
46.246.4.9:7707
46.246.4.9:7777
46.246.4.9:8808
46.246.6.8:5555
46.246.6.8:6606
46.246.6.8:7707
46.246.6.8:7777
46.246.6.8:8808
46.246.82.12:5555
46.246.82.12:6606
46.246.82.12:7707
46.246.82.12:7777
46.246.82.12:8808
46.246.82.17:5555
46.246.82.17:6606
46.246.82.17:7707
46.246.82.17:7777
46.246.82.17:8808
47.92.222.219:5555
47.92.222.219:6606
47.92.222.219:7707
47.92.222.219:7777
49.49.186.119:5555
49.49.186.119:6606
49.49.186.119:7707
49.49.186.119:7777
49.49.186.119:8808
5.180.105.158:5555
5.180.105.158:6606
5.180.105.158:7707
5.180.105.158:7777
5.189.21.45:5555
5.189.21.45:7707
5.189.21.45:7777
5.22.215.155:5555
5.22.215.155:6606
5.22.215.155:7707
5.22.215.155:7777
5.22.215.155:8808
5.231.220.47:5555
5.231.220.47:6606
5.231.220.47:7707
5.231.220.47:7777
5.231.220.47:8808
5.231.220.79:5555
5.231.220.79:6606
5.231.220.79:7707
5.231.220.79:7777
5.231.220.79:8808
5.252.153.103:5555
5.252.153.103:6606
5.252.153.103:7707
5.252.153.103:7777
5.252.153.103:8808
5.9.255.98:5555
5.9.255.98:6606
5.9.255.98:7707
5.9.255.98:7777
5.9.255.98:8808
50.18.107.175:5555
50.18.107.175:6606
50.18.107.175:7707
50.18.107.175:7777
51.195.211.236:5555
51.195.211.236:6606
51.195.211.236:7707
51.195.211.236:7777
51.79.202.24:5555
51.79.202.24:6606
51.79.202.24:7707
51.79.202.24:7777
52.59.168.141:5555
52.59.168.141:6606
52.59.168.141:7707
52.59.168.141:7777
52.59.168.141:8808
54.169.93.143:5555
54.169.93.143:6606
54.169.93.143:7707
54.169.93.143:7777
54.169.93.143:8808
54.206.10.6:5555
54.206.10.6:6606
54.206.10.6:7707
54.206.10.6:7777
54.206.10.6:8808
62.146.226.225:5555
62.146.226.225:7777
62.85.4.239:5555
62.85.4.239:6606
62.85.4.239:7707
62.85.4.239:7777
63.133.222.220:5555
63.133.222.220:6606
63.133.222.220:7707
63.133.222.220:7777
63.133.222.220:8808
66.179.94.187:5555
66.179.94.187:6606
66.179.94.187:7707
66.179.94.187:7777
66.179.94.187:8808
66.225.254.246:5555
66.225.254.246:6606
66.225.254.246:7707
66.225.254.246:7777
66.63.187.252:5555
66.63.187.252:7707
66.63.187.252:7777
66.94.109.58:5555
66.94.109.58:7777
68.168.220.76:5555
68.168.220.76:6606
68.168.220.76:7707
68.168.220.76:7777
73.143.8.226:5555
73.143.8.226:6606
73.143.8.226:7707
73.143.8.226:7777
74.208.123.9:5555
74.208.123.9:6606
74.208.123.9:7707
74.208.123.9:7777
74.208.123.9:8808
75.69.164.4:5555
75.69.164.4:7707
75.69.164.4:7777
77.90.153.204:5555
77.90.153.204:6606
77.90.153.204:7707
77.90.153.204:7777
78.161.14.229:5555
78.161.14.229:6606
78.161.14.229:7707
78.161.14.229:7777
78.161.6.158:5555
78.161.6.158:6606
78.161.6.158:7707
78.161.6.158:7777
78.162.57.179:5555
78.162.57.179:6606
78.162.57.179:7707
78.162.57.179:7777
78.164.223.72:5555
78.164.223.72:6606
78.164.223.72:7707
78.164.223.72:7777
78.175.189.137:5555
78.175.189.137:6606
78.175.189.137:7707
78.175.189.137:7777
79.110.49.135:5555
79.110.49.135:6606
79.110.49.135:7707
79.110.49.135:7777
79.110.49.135:8808
79.110.49.56:5555
79.110.49.56:6606
79.110.49.56:7707
79.110.49.56:7777
8.149.137.211:5555
8.149.137.211:6606
8.149.137.211:7707
8.149.137.211:7777
80.76.49.117:5555
80.76.49.117:6606
80.76.49.117:7707
80.76.49.117:7777
80.76.49.117:8808
80.76.49.176:5555
80.76.49.176:6606
80.76.49.176:7707
80.76.49.176:7777
80.76.49.176:8808
80.76.49.78:5555
80.76.49.78:6606
80.76.49.78:7707
80.76.49.78:7777
80.76.49.78:8808
81.10.39.58:5555
81.10.39.58:6606
81.10.39.58:7707
81.10.39.58:8808
81.17.24.234:5555
81.17.24.234:7777
81.198.47.160:5555
81.198.47.160:6606
81.198.47.160:7707
81.198.47.160:7777
81.198.47.160:8808
82.165.74.190:5555
82.165.74.190:7777
82.223.48.201:5555
82.223.48.201:7777
82.65.19.134:5555
82.65.19.134:6606
82.65.19.134:7707
82.65.19.134:7777
82.65.19.134:8808
82.66.202.142:5555
82.66.202.142:6606
82.66.202.142:7707
82.66.202.142:7777
83.244.71.247:5555
83.244.71.247:6606
83.244.71.247:7707
83.244.71.247:7777
83.244.71.247:8808
85.209.128.39:5555
85.209.128.39:6606
85.209.128.39:7707
85.209.128.39:7777
85.209.128.39:8808
85.215.107.125:5555
85.215.107.125:6606
85.215.107.125:7707
85.215.107.125:7777
85.215.107.125:8808
85.215.243.238:5555
85.215.243.238:6606
85.215.243.238:7777
85.215.243.238:8808
85.239.237.148:5555
85.239.237.148:6606
85.239.237.148:7707
85.239.237.148:8808
86.104.252.23:5555
86.104.252.23:6606
86.104.252.23:7707
86.104.252.23:7777
86.104.252.23:8808
86.54.42.116:5555
86.54.42.116:6606
86.54.42.116:7707
86.54.42.116:7777
86.54.42.116:8808
87.110.19.86:5555
87.110.19.86:6606
87.110.19.86:7707
87.110.19.86:7777
87.248.157.71:5555
87.248.157.71:6606
87.248.157.71:7707
87.248.157.71:7777
87.248.157.71:8808
88.218.0.77:5555
88.218.0.77:6606
88.218.0.77:7707
88.218.0.77:7777
88.218.0.77:8808
88.229.2.85:5555
88.229.2.85:7707
88.229.2.85:7777
88.229.27.40:5555
88.229.27.40:6606
88.229.27.40:7707
88.229.27.40:7777
88.237.19.77:5555
88.237.19.77:6606
88.237.19.77:7707
88.237.19.77:7777
88.252.167.136:5555
88.252.167.136:6606
88.252.167.136:7707
88.252.167.136:7777
89.23.100.148:5555
89.23.100.148:6606
89.23.100.148:7707
89.23.100.148:8808
89.23.97.45:5555
89.23.97.45:6606
89.23.97.45:7707
89.23.97.45:7777
89.87.219.180:5555
89.87.219.180:6606
89.87.219.180:7707
89.87.219.180:7777
89.87.219.180:8808
91.191.213.118:5555
91.191.213.118:7777
91.214.78.192:5555
91.214.78.192:6606
91.214.78.192:7707
91.214.78.192:7777
91.214.78.192:8808
92.118.56.54:5555
92.118.56.54:6606
92.118.56.54:7707
92.118.56.54:7777
92.118.56.54:8808
93.149.216.26:5555
93.149.216.26:6606
93.149.216.26:7707
93.149.216.26:7777
93.204.217.10:5555
93.204.217.10:6606
93.204.217.10:7707
93.204.217.10:7777
93.204.217.10:8808
94.154.35.80:5555
94.154.35.80:6606
94.154.35.80:7707
94.154.35.80:7777
94.156.177.121:5555
94.156.177.121:6606
94.156.177.121:7707
94.156.177.121:7777
94.156.177.121:8808
94.156.177.241:5555
94.156.177.241:6606
94.156.177.241:7707
94.156.177.241:7777
94.26.90.242:5555
94.26.90.242:6606
94.26.90.242:7707
94.26.90.242:7777
94.26.90.245:5555
94.26.90.245:6606
94.26.90.245:7707
94.26.90.245:7777
94.26.90.69:5555
94.26.90.69:6606
94.26.90.69:7707
94.26.90.69:7777
95.129.234.24:5555
95.129.234.24:6606
95.129.234.24:7777
95.129.234.5:5555
95.129.234.5:6606
95.129.234.5:7707
95.129.234.5:7777
95.214.55.246:5555
95.214.55.246:6606
95.214.55.246:7707
95.214.55.246:7777
95.214.55.246:8808
95.215.108.19:5555
95.215.108.19:6606
95.215.108.19:7707
95.215.108.19:7777
95.215.108.19:8808
98.142.247.3:5555
98.142.247.3:6606
98.142.247.3:7707
98.142.247.3:7777
98.142.247.3:8808
98.142.247.5:5555
98.142.247.5:6606
98.142.247.5:7707
98.142.247.5:7777
98.217.73.238:5555
98.217.73.238:6606
98.217.73.238:7707
98.217.73.238:7777

# Reference: https://x.com/K_N1kolenko/status/1948709845449773073

167.160.161.247:6666
212.22.82.36:4449
66.63.187.164:6666

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-07-26)

http://207.231.111.84
http://34.53.68.244
http://45.155.126.158
http://45.74.8.89
http://45.81.23.42
http://45.81.23.43
115.77.9.121:8808
124.198.132.230:8808
124.198.132.250:6606
124.198.132.250:7707
124.198.132.250:8808
128.90.106.135:2000
128.90.106.93:2000
128.90.106.93:8808
128.90.108.241:5000
128.90.113.125:8808
142.202.191.184:9999
157.254.165.199:888
171.250.25.244:8808
172.111.151.97:75
172.111.248.130:8808
172.111.248.132:8808
172.81.62.139:9999
172.94.1.232:81
172.94.126.28:81
172.94.9.85:8808
177.255.88.14:8082
181.131.217.24:8808
185.196.10.29:8808
185.208.158.241:8808
185.234.72.160:8808
185.49.126.83:9999
185.73.114.229:3389
185.73.114.229:8808
186.169.76.124:4000
186.190.211.108:446
186.190.211.108:8732
186.190.211.108:8808
190.70.120.31:8808
192.159.99.164:2000
195.206.234.19:8808
195.3.223.146:4444
196.251.69.242:4444
196.251.69.242:8888
198.23.227.140:8181
23.111.147.162:4212
23.94.171.142:8580
34.23.44.248:8808
37.120.153.102:8808
45.74.10.38:5444
45.74.8.89:82
45.74.8.89:83
45.81.23.42:1888
45.81.23.42:443
45.81.23.42:444
45.81.23.42:4444
45.81.23.43:1888
45.81.23.43:443
45.81.23.43:444
45.81.23.43:4444
46.183.223.75:6709
46.4.162.13:3389
65.21.85.133:81
77.93.142.238:81
85.102.13.26:3000
85.102.13.26:9999
85.107.57.112:8808
87.106.235.201:8808
92.249.61.30:8808
94.156.177.121:9999
95.216.78.61:8808

# Reference: https://www.virustotal.com/gui/ip-address/176.46.152.46/community

176.46.152.46:6606
176.46.152.46:7707
176.46.152.46:8808

# Reference: https://tria.ge/250728-msdrmsdl8y
# Reference: https://www.virustotal.com/gui/file/70ff8fd71ca4fe310b6a59c1a2cd3b41f860901942c32ac93b032f16824c2c65/detection

87.120.186.37:27469

# Reference: https://x.com/ElementalX2/status/1950412627076939836
# Reference: https://www.virustotal.com/gui/file/4ac9c95f15caf44c684ee02b58f784039336ff7e054df05124c3d6115ca04eba/detection
# Reference: https://www.virustotal.com/gui/file/d3b99f48209ddd30b123ff1706f86b5d40fc2cf0b54cd3bddf3178ce5092ece8/detection

http://15.235.134.131
51.79.195.166:56001
15.235.134.131:8000
15.235.134.131:8080

# Reference: https://x.com/1ZRR4H/status/1952753043088252945
# Reference: https://www.virustotal.com/gui/file/fc4285714edf2de902b3c5b6e878b9f458d9d7a8245f76fecd5c3efb40b9960a/detection
# Reference: https://www.virustotal.com/gui/file/dd36ccb034444d9c94afba45ff1f14b3852c12390820be810dc3bbe46abcf0be/detection

191.93.118.254:9000
trabajo2025.lovestoblog.com
shellexperiencehost.ydns.eu

# Reference: https://x.com/BlinkzSec/status/1953081900312010931
# Reference: https://www.virustotal.com/gui/file/c548e61c9225bf3bd03a4b3430794f98fd20dd527a5f2bf87f458ab842effd66/detection
# Reference: https://www.virustotal.com/gui/file/5d613f9c4d6a16c613c8ae3930701c9a4c3c0a9bce738d361d944d050363348f/detection

154.216.157.172:56001
175.196.233.48:8080
206.233.128.212:18888

# Reference: https://x.com/smica83/status/1953337395845177742
# Reference: https://tria.ge/250807-gmw35sxvew/behavioral1

216.70.72.152:4449
grupdev.bet
bc0c40.ddnsking.com

# Reference: https://x.com/smica83/status/1953714427993219098
# Reference: https://x.com/skocherhan/status/1953806051431662007
# Reference: https://tria.ge/250808-hm7qbacj7s/behavioral1
# Reference: https://www.virustotal.com/gui/file/5cce3b1c6b0b3a57ade8eac7e66c929c3c9edfe42589399fd83dd19ef59a4cc9/detection

91.98.25.254:4449

# Reference: https://www.virustotal.com/gui/file/8b418cf06a701c0eb580b0dce5af78e006037c5ee89611a9966786e649ce9289/detection

37.120.208.36:50689
fluffy.ddnsguru.com

# Reference: https://www.virustotal.com/gui/file/5b26a53f7bb11c13765d349c2b835779bd1009a592f7a586726a42f8645b9234/detection

192.145.124.4:55351
getterlong.hopto.org

# Reference: https://www.virustotal.com/gui/file/8371730952d8c34590641c98e3395abeec8cf541527c6090b2737cc25dd5d0ce/detection

89.238.176.6:55351

# Reference: https://x.com/JAMESWT_WT/status/1958791720696442915
# Reference: https://app.any.run/tasks/531740ae-2028-460a-8f72-5619340584c6
# Reference: https://www.virustotal.com/gui/file/394815e0810e98475a7426328e00f07a580ed25cc3ccc004d88d6dff2ebcd094/detection
# Reference: https://www.virustotal.com/gui/file/52edd70eaccfa789abf02f7a9964610c72c74ba9ac405404356ac6152becf601/detection

94.156.181.191:8888
bkxfv.com
bookvrfsd.com
bxvfc.com
mxvfb.com
nbkxf.com

# Reference: https://www.virustotal.com/gui/file/181ee39752f0cc3e6c39dfb2ff2659c83e5be830dfb3a01e61e2f758d1b824d2/detection

34.41.139.193:8888

# Reference: https://www.virustotal.com/gui/file/ed1dfd2e913e1c53d9f9ab5b418f84e0f401abfdf8e3349e1fcfc98663dcb23f/detection
# Reference: https://www.virustotal.com/gui/file/59afee68c53a871b7491abefe4e660b54b8aee1b3e4781b2aaf46c8b6af82708/detection

156.241.134.49:443
156.241.134.49:6443
wuwu6.cfd

# Reference: https://www.virustotal.com/gui/file/8e7fc600665668aa482351af7679bc64c91342c119c0f9e0b805c28223328af6/detection

ansy2307.duckdns.org

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-08-24)

http://157.173.197.177
http://196.251.115.244
http://35.222.14.165
http://88.183.123.104
http://93.127.128.145
http://95.217.57.151
103.116.52.102:4449
103.116.52.102:9999
105.157.227.159:81
115.43.18.20:6606
115.43.18.20:7707
115.43.18.20:8808
115.43.18.20:9999
116.108.103.88:8808
124.198.131.94:7707
124.198.132.19:9999
124.198.132.230:6606
124.198.132.230:7707
128.90.106.114:2000
128.90.106.114:5000
128.90.113.96:8808
13.51.238.255:6606
142.202.189.89:6677
146.90.81.215:7514
147.185.221.29:5154
147.185.221.30:29431
147.185.221.30:33985
147.185.221.30:4449
147.185.221.30:50076
147.185.221.30:53530
147.185.221.31:1912
147.185.221.31:4559
148.113.165.11:2525
149.102.147.106:2020
151.243.254.37:8808
154.205.147.108:6606
154.205.147.108:7707
154.205.147.108:8808
155.94.155.194:8808
155.94.155.240:6403
156.241.134.49:443
156.241.134.49:6443
157.173.197.177:8080
157.180.14.207:1600
160.176.103.2:81
160.191.244.103:6582
161.97.68.73:3328
162.243.204.23:8808
164.68.120.30:2000
164.68.120.30:2002
164.68.120.30:2003
164.68.120.30:2004
164.68.120.30:3000
164.68.120.30:3001
164.68.120.30:4000
164.68.120.30:444
164.68.120.30:888
164.68.120.30:8888
164.68.120.30:9999
171.250.25.56:8808
1718dc.4cloud.click
172.111.151.97:39177
172.111.151.97:61
172.93.128.151:3011
172.94.1.232:444
172.94.126.28:82
172.94.59.38:1000
172.94.59.38:3000
174.57.4.60:6606
176.108.240.162:3080
176.46.158.54:8848
178.73.218.3:2703
181.131.217.56:8050
181.235.10.10:8020
185.167.61.249:6606
185.167.61.249:7707
185.167.61.249:8808
185.196.10.204:4001
185.196.10.204:5002
185.196.10.204:8808
185.208.159.208:3000
185.208.159.71:1000
185.208.159.71:20000
185.208.159.71:222
185.208.159.71:3000
185.208.159.71:3001
185.208.159.71:305
185.208.159.71:8808
185.208.159.71:888
185.208.159.71:9999
185.227.110.173:139
185.227.110.173:3389
185.227.110.173:6606
185.233.164.156:4449
185.236.76.20:1553
185.236.76.20:6606
185.236.76.20:7707
185.236.76.20:8808
185.241.208.136:8080
185.242.5.90:8525
185.246.113.246:1604
185.49.126.83:8808
185.73.114.229:443
186.169.48.221:7645
186.169.49.224:8020
186.169.63.216:5020
186.169.80.55:4000
186.169.87.13:4000
186.190.211.108:8080
191.91.178.101:8082
191.96.207.101:8808
192.159.99.244:8000
193.161.193.99:24634
193.161.193.99:48581
193.27.90.71:443
194.26.192.143:7077
194.59.31.27:6565
195.177.94.100:8808
196.251.114.106:1894
196.251.115.244:8808
196.251.69.242:9999
196.251.69.90:8808
196.251.71.245:8808
196.251.72.103:8808
196.251.72.200:4000
196.251.73.176:4242
196.251.80.112:65500
196.251.83.162:1000
196.251.83.162:8808
196.251.85.116:5000
196.251.88.20:7077
196.251.88.245:2021
196.251.88.252:14148
196.251.88.252:19803
2.133.116.61:5643
2.58.56.187:443
2.58.56.233:2005
2.58.56.233:8877
201.14.19.106:10001
201.14.19.106:102
201.14.19.106:10259
201.14.19.106:10274
201.14.19.106:10803
201.14.19.106:1194
201.14.19.106:1200
201.14.19.106:12000
201.14.19.106:1224
201.14.19.106:12412
201.14.19.106:12851
201.14.19.106:12979
201.14.19.106:1311
201.14.19.106:13197
201.14.19.106:16992
201.14.19.106:1801
201.14.19.106:18012
201.14.19.106:18246
201.14.19.106:1961
201.14.19.106:1962
201.14.19.106:1963
201.14.19.106:20528
201.14.19.106:23046
201.14.19.106:2403
201.14.19.106:2628
201.14.19.106:27017
201.14.19.106:2762
201.14.19.106:28003
201.14.19.106:28555
201.14.19.106:31659
201.14.19.106:32296
201.14.19.106:32446
201.14.19.106:3299
201.14.19.106:3389
201.14.19.106:33931
201.14.19.106:34913
201.14.19.106:37979
201.14.19.106:38608
201.14.19.106:39397
201.14.19.106:427
201.14.19.106:4343
201.14.19.106:4445
201.14.19.106:46093
201.14.19.106:49755
201.14.19.106:50791
201.14.19.106:51050
201.14.19.106:51767
201.14.19.106:5222
201.14.19.106:52421
201.14.19.106:52736
201.14.19.106:53335
201.14.19.106:5672
201.14.19.106:57416
201.14.19.106:587
201.14.19.106:5901
201.14.19.106:5903
201.14.19.106:5938
201.14.19.106:59709
201.14.19.106:5986
201.14.19.106:6007
201.14.19.106:60190
201.14.19.106:62857
201.14.19.106:631
201.14.19.106:636
201.14.19.106:65135
201.14.19.106:6836
201.14.19.106:6854
201.14.19.106:789
201.14.19.106:8088
201.14.19.106:8460
201.14.19.106:88
201.14.19.106:8888
201.14.19.106:9000
201.14.19.106:9201
201.14.19.106:9300
201.14.19.106:9305
201.14.19.106:9601
201.14.19.106:995
202.55.135.163:443
202.55.135.163:8080
203.159.90.52:8808
206.123.131.164:50161
207.231.111.84:79
207.231.111.84:81
207.231.111.84:92
209.38.84.133:8808
209.46.127.65:443
213.14.158.35:1605
216.250.250.224:443
217.162.127.233:4782
21dc2025.duckdns.org
24.152.36.198:8808
3.149.190.172:8808
31.57.147.29:7000
35.188.118.135:8808
35.199.35.25:8808
37.114.50.118:4449
43.242.203.4:8848
45.129.199.234:8080
45.130.133.44:9049
45.133.180.154:6080
45.138.16.131:6666
45.141.215.208:8808
45.143.11.193:7707
45.143.11.193:7777
45.143.11.193:8808
45.153.34.148:8808
45.155.54.140:443
45.74.6.161:8808
45.74.6.236:8808
45.74.8.89:101
45.74.8.89:102
45.74.8.89:403
45.74.8.89:81
45.77.188.10:8888
45.80.158.122:7077
45.81.113.141:1604
46.246.12.3:2703
46.246.14.2:7045
46.246.14.5:2703
46.246.4.24:7045
46.246.4.3:4068
46.246.4.7:7045
46.246.80.15:2703
46.246.82.14:7045
46.246.82.18:2703
46.4.162.13:443
46.4.76.229:29758
47.229.177.58:6606
47.229.177.58:8808
47.238.124.68:443
49.232.228.35:8808
5.226.191.18:6606
5.226.191.18:7707
5.226.191.18:8808
5.226.191.22:6606
5.226.191.22:7707
5.226.191.22:8808
5.249.165.61:8797
51.143.139.83:4444
51.161.32.62:3232
51.79.188.35:2222
65.17.181.119:4981
66.63.187.252:333
70.106.203.136:1024
70.106.203.136:6606
70.106.203.136:7707
70.106.203.136:8989
72.5.43.198:3301
74.50.94.54:8808
74.81.45.64:8080
76.186.153.50:8080
76.186.153.50:8808
77.90.16.122:443
78.162.57.179:1000
78.162.57.179:306
78.181.216.57:222
78.181.216.57:3000
78.57.7.2:6606
78.57.7.2:7707
78.57.7.2:8808
79.110.49.49:6565
80.253.246.79:8808
83.143.112.163:1244
83.177.148.201:4400
83.177.148.201:6606
83.177.148.201:7707
83.177.148.201:8808
84.200.73.108:8808
85.107.57.112:888
85.192.63.194:8848
86.52.147.40:666
88.183.123.104:4449
88.247.16.132:1604
89.78.109.244:8848
94.101.128.110:6606
94.101.128.110:7707
94.154.35.73:9000
94.154.35.73:9999
94.26.90.245:5222
95.217.57.151:100
95.217.57.151:102
95.217.57.151:81
95.217.57.151:82
2025takby.duckdns.org
4mxlrhcab.localto.net
anasofia.duckdns.org
ansy2307.duckdns.org
ansy25jul.duckdns.org
ansyjul28.duckdns.org
ansyjul29.duckdns.org
apis.verifiedaccesssecure.icu
asegurar.mysynology.net
asegurarpuerdi2296.casacam.net
bbvlljwwd.localto.net
blockchain-projects.com
blofin.live
boxyong.ydns.eu
cell-dated.gl.at.ply.gg
center-mpeg.gl.at.ply.gg
choncho1.kozow.com
cloedjw.duckdns.org
comments-jay.gl.at.ply.gg
computernewb.com
corepulsesync.ydns.eu
dcgast.duckdns.org
detalles12.duckdns.org
dfbgvswrtegf.com
diomdes1212.duckdns.org
diome152511.duckdns.org
diomedesdiaz.kozow.com
ealmaz.freeddns.org
ealmaz.loseyourip.com
english-trackbacks.gl.at.ply.gg
envio211.duckdns.org
enviodiomdes.kozow.com
enviodiomdesdiaz11.duckdns.org
envios25.duckdns.org
faho-24634.portmap.host
favsouds.duckdns.org
fc.verifiedaccesssecure.icu
fokamoland.stufftoread.com
hjanarchydg.duckdns.org
host0.blockchain-projects.com
host0.quoteconsumers.biz
host0.tryfancify.com
hsnajdjkpas.duckdns.org
inspector.gl.at.ply.gg
installlgrand1001-53258.portmap.host
introduction-hello.gl.at.ply.gg
itredirect.merseine.com
jdpg1sudz.localto.net
jobs-religions.gl.at.ply.gg
jskeywon.duckdns.org
jvenysa.duckdns.org
kalelsianox.twilightparadox.com
kallichox22.duckdns.org
kb34vsd.duckdns.org
kingsddns.kozow.com
kk09.duckdns.org
kosdlscbf.duckdns.org
ksj43ts.duckdns.org
kuynfgdasync.duckdns.org
legacysystemsettings.is-an-engineer.com
loeisd.duckdns.org
luisd444.duckdns.org
marten1.freeddns.org
marten1.loseyourip.com
memoryhighan.com
mohxmaya.top
mosasil583-48581.portmap.host
muadsd.mywire.org
nuevos777.duckdns.org
obyconnect.work.gd
obyonlinez.ydns.eu
odbconnect.work.gd
oficios2026.duckdns.org
oktorre1.duckdns.org
opjdsavenom.duckdns.org
pabla102102.kozow.com
parischor.duckdns.org
play.verifiedaccesssecure.icu
private.dynuddns.net
quoteconsumer.net
rdlaw.mywire.org
reservamarina0011.duckdns.org
rla.lessentoerisme.be
rovider.net
s2gj9tonn.localto.net
salpdf.duckdns.org
satybsa.duckdns.org
sell-underlying.gl.at.ply.gg
server.weex-marketing.com
shyweb.duckdns.org
slvbx0pkq.localto.net
soportesenviojulio.casacam.net
soxsox1.twilightparadox.com
static.13.162.4.46.clients.your-server.de
svhosted.duckdns.org
thing-ob.gl.at.ply.gg
tryfancify.com
tvsanarch.duckdns.org
ulkum.duckdns.org
umar33myddns.rocks
v4lcs-58756.portmap.io
vaulted-47334.portmap.host
venomfhd.duckdns.org
ventasio.info
vicesmile.loseyourip.com
web.colour.fund
web.vdh-solutions.be
wertyhfg.duckdns.org
windowsdefenderservice.duckdns.org
yehnsops.duckdns.org
yehsnop.duckdns.org
yfasynwv.duckdns.org
ygfbasync.duckdns.org
ysdgana.duckdns.org
z10nx711111111-61801.portmap.host
zoo33.myddns.rocks
/yunus12343/sada-sada/

# Reference: https://x.com/K_N1kolenko/status/1960302943678185590

124.198.132.242:4449
176.98.185.42:4449
216.122.187.96:4449
45.88.91.252:2026

# Reference: https://x.com/smica83/status/1961335218293363076
# Reference: https://www.virustotal.com/gui/file/a502bc1a44411a03abb26532bdf132f8b8c680905df00a1065825f9060556f47/detection

43.250.173.154:56001

# Reference: https://x.com/FalconFeedsio/status/1962494410471739490
# Reference: https://www.virustotal.com/gui/file/369d1ca3f38d3963baeb94a57982232843372e6e6f6e45880347efff30e6fcdc/detection

193.161.193.99:42134
lookup2-42134.portmap.host

# Reference: https://www.virustotal.com/gui/file/d3505d814ac244a71bc63ad010ea5436594bb5e2ee19b55ebeb40217282cfa4f/detection

179.13.2.154:2143
nuecodc2143env.duckdns.org

# Reference: https://x.com/smica83/status/1963705777564090546
# Reference: https://www.virustotal.com/gui/file/b933b86aa7cd2e2a2debbbfb7ee0d0e70d078030d334ba49cd254bf7cb1ff38c/detection

124.198.132.14:6667
cokektedeasa2323.icu
pcvmwarefastfoddtheking.dynuddns.net
ubunuttestforlin.dynuddns.net

# Reference: https://x.com/smica83/status/1964972745588088890
# Reference: https://www.virustotal.com/gui/file/a9bae7be18185639138509da43744978d90d25542efd858d4c94c811c11f524f/detection

45.74.8.89:3601
45.74.8.89:3602
hone32.work.gd
mora1987.work.gd

# Reference: https://www.virustotal.com/gui/ip-address/45.74.8.89/relations

microsoft-download.ddnsfree.com
microsoft84.casacam.net
windows64bit.giize.com

# Reference: https://x.com/skocherhan/status/1964983443999301881
# Reference: https://www.virustotal.com/gui/file/6b6bd291a42f02c1d98ad8abafd88f17e3633ccdbf2e5484855d2eaca0053cd3/detection

172.81.60.199:1020
172.81.60.199:1177
172.81.60.199:301
172.81.60.199:302
172.81.60.199:6606
172.81.60.199:7707
172.81.60.199:8808
vpsdns.casacam.net

# Reference: https://x.com/skocherhan/status/1964974507409453472

kaan34.accesscam.org
mierwos.loseyourip.com
morad.mywire.org
samierm.loseyourip.com
screenconecctserv.giize.com
thailand-bittorrent.mywire.org

# Reference: https://x.com/skocherhan/status/1964977311377453373

ghost-tsushima.com

# Reference: https://x.com/petikvx/status/1964411199610917184
# Reference: https://app.any.run/tasks/ee101738-302f-4470-b1ef-abce70d17d36

88.180.186.193:32768

# Reference: https://x.com/malwrhunterteam/status/1965025070365220946
# Reference: https://www.virustotal.com/gui/file/e3a44cb80cdb955c23e48e1e3ab3d21dc3189b6a7617662c02bfa9635417841c/detection

192.252.181.65:56001

# Reference: https://x.com/JAMESWT_WT/status/1965852489431101746
# Reference: https://www.virustotal.com/gui/ip-address/83.217.208.77/relations
# Reference: https://app.any.run/tasks/699ff313-cac1-4b6b-ab9a-3e3783de5501
# Reference: https://www.virustotal.com/gui/file/a1e372b7cbc5abd7616dda42766f923d542d0cffeb54150d8b46c94381631f5f/detection
# Reference: https://www.virustotal.com/gui/file/aebc86eed763d1bc5b4c9dbc0602b6314563424c67537bb485c4ae05b81053b1/detection

62.60.227.18:3333
angelairs.com
dfsdsfsdfsa.cfd
lkfsdjdls.lol
lkjasdfljsda.icu
safdgdsgsd.cfd

# Reference: https://x.com/K_N1kolenko/status/1966452130471960806

38.69.10.233:4449
5.252.155.178:4449

# Reference: https://x.com/Fact_Finder03/status/1967492941402054930

23.160.168.165:7998

# Reference: https://www.virustotal.com/gui/ip-address/128.90.141.74/relations
# Reference: https://www.virustotal.com/gui/file/2ac88f22494e42fa017b326850e617c90281296070a818f2a581f60557badcea/detection

128.90.141.74:6161
atcaak.ydns.eu

# Reference: https://x.com/BlinkzSec/status/1968351293799567604
# Reference: https://tria.ge/250917-tlkpyazjw5

http://185.208.158.56
185.208.158.56:6606
185.208.158.56:7707
185.208.158.56:8808

# Reference: https://www.virustotal.com/gui/file/0d80b13224e1bcb11f6bc81c72a301bffd9444a14faa6f16c7fd0297b9538291/detection

detail-booking.com.br
invejoso.ddns.net
nogh.me
plantillhas.com
vendasdesistes.com.br

# Reference: https://www.virustotal.com/gui/file/3df07c70dabdce17b45591fa0d0dfff644a772c77ddf9365bead13d5a8c063ea/detection

128.90.113.233:9071
iglesia.linkpc.net

# Reference: https://www.virustotal.com/gui/file/0ac95a0d9cce1ea9a9582b85f4a87512336b4fd3b2db08da5b7dd091a5a8cc98/detection

128.90.106.133:9071
miloquilla.linkpc.net

# Reference: https://x.com/K_N1kolenko/status/1968959558610477531

104.194.154.39:6000
178.16.54.45:8848
178.16.55.70:4449

# Reference: https://www.virustotal.com/gui/file/eea4569153120d2dc79523b4d9294470312b8edd64b07c254999e05cec2c0690/detection
# Reference: https://www.virustotal.com/gui/file/6947dc1c5a2bc28eb7dc2ef49f3ee0b3565a22a9f4b4d5f1c6ce5e63387cf63d/detection

178.16.53.106:2323
krusty-krab.duckdns.org

# Reference: https://x.com/BlinkzSec/status/1969106475697029274
# Reference: https://www.virustotal.com/gui/file/b35387d0187ab84c977a565fe07f76abc142151dad003ae74b77758533b8da5f/detection

http://185.125.50.27

# Reference: https://hunt.io/blog/asyncrat-screenconnect-open-directory-campaigns
# Reference: https://www.virustotal.com/gui/file/52d7b42bb5a9771e2430dbad8b9d3e1f1f7bf2a3e549e9f6b1e323fb38d198ed/detection
# Reference: https://www.virustotal.com/gui/file/9d7f6acf5b2bfe1b8c44fdbb600f795960fcef9853728ef3975d2756957adae7/detection

176.65.139.119:443
176.65.139.119:5050
78.161.14.229:753
78.162.57.179:753
88.229.27.40:753

# Reference: https://x.com/JAMESWT_WT/status/1969978128270491924
# Reference: https://app.any.run/tasks/015b0bb7-c223-4b40-a114-8eb510298a3f

194.87.238.216:7777

# Reference: https://x.com/skocherhan/status/1970065326336553047
# Reference: https://www.virustotal.com/gui/file/61db9f343f29b3e55dfcbce369adc446c09129c4b468619775bf81e0a92680f0/detection

185.107.74.169:56001
193.233.113.228:56001
213.171.5.199:8888
64.188.91.221:8085

# Reference: https://github.com/km3dg3/IOCs/blob/main/2025-09-22%20%7C%20DcRAT%20&%20zgRAT%20%20%7C%20Booking

45.150.34.18:56001
45.150.34.18:56002
45.150.34.18:56003
85.192.49.90:56001
85.192.49.90:56002
85.192.49.90:56003
85.192.49.90:56004
85.192.49.90:56005
track-flow.cloud

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/refs/heads/master/feeds/unverified/IPPortC2s-90day.csv (# 2025-10-05)

http://164.68.120.30
http://196.251.83.162
http://20.84.121.210
http://72.176.170.113
102.219.210.202:8090
103.190.107.178:8080
103.239.66.81:8808
104.223.26.169:8808
104.243.37.233:8088
104.243.37.233:8808
108.181.218.151:8808
109.199.98.37:8888
121.43.104.214:8808
124.198.132.129:7707
124.198.132.228:6677
128.90.106.139:8808
128.90.106.233:5505
128.90.113.141:8808
128.90.113.211:8808
128.90.113.7:8808
142.202.191.92:9999
143.244.40.20:8808
144.172.91.39:8808
149.56.66.137:8808
151.242.41.102:50000
157.20.182.23:9992
157.20.182.24:9992
157.230.173.109:443
157.230.173.109:8808
157.254.165.140:22532
157.254.236.23:8808
158.94.208.163:8808
158.94.208.206:2600
158.94.208.206:5222
158.94.208.206:7001
158.94.208.206:8808
161.97.68.73:3329
162.243.204.23:6606
162.243.204.23:7707
163.5.149.115:2323
164.68.120.30:1004
164.68.120.30:1006
164.68.120.30:1009
164.68.120.30:111
164.68.120.30:2007
164.68.120.30:20200
164.68.120.30:3006
167.114.215.77:8808
172.111.151.97:5500
172.111.151.97:62
172.111.151.97:65
172.111.151.97:71
172.111.151.97:73
172.111.163.197:8808
172.111.169.162:8808
172.111.169.164:8808
172.111.169.165:8808
172.93.231.231:8580
172.94.1.232:190
172.94.59.38:222
176.46.152.47:6606
178.19.236.179:33333
179.13.4.196:8081
181.235.14.141:4000
185.107.74.47:8808
185.196.10.204:4002
185.196.11.105:9999
185.196.11.223:1000
185.196.11.223:1003
185.196.11.223:111
185.196.11.223:3000
185.196.11.223:3007
185.196.11.223:305
185.196.11.223:777
185.196.11.223:888
185.196.11.223:9999
185.196.9.158:4504
185.208.156.153:1860
185.208.159.206:8808
185.231.227.244:7707
185.231.227.245:7707
185.231.227.245:8808
185.62.87.191:1411
186.190.211.108:7707
190.255.85.13:4000
192.159.99.181:8808
192.253.240.13:82
194.59.31.23:8808
195.177.94.58:8808
196.251.114.28:2004
196.251.115.23:8808
196.251.117.135:8808
196.251.118.243:8808
196.251.73.186:1994
196.251.73.238:8808
196.251.87.24:8808
198.23.210.51:8808
199.244.48.235:8808
20.84.121.210:8808
206.123.145.132:8808
206.82.9.243:1177
206.82.9.243:3000
206.82.9.243:8080
206.82.9.243:8808
206.82.9.243:9999
209.74.72.239:8443
209.74.72.239:888
212.11.64.126:4001
212.11.64.126:5001
212.11.64.126:5006
212.11.64.126:8808
213.176.18.51:9999
216.126.236.79:8808
217.160.241.22:1231
23.111.147.162:7077
23.26.76.160:1010
38.242.230.250:8808
38.242.236.116:1137
38.255.34.84:3307
38.54.13.61:8808
43.153.68.198:6606
43.225.157.146:8808
45.11.180.123:8808
45.138.16.160:7707
45.141.215.69:222
45.141.215.69:444
45.141.215.69:4444
45.141.215.69:888
45.141.215.69:8888
45.154.98.127:4448
45.156.87.82:8000
45.74.6.168:5508
45.74.6.168:8808
45.74.8.8:1001
45.74.8.8:1002
45.74.8.8:101
45.74.8.8:102
45.74.8.8:81
45.74.8.8:82
45.74.8.8:83
45.74.8.8:85
45.81.113.246:8080
45.81.113.90:4444
45.81.23.27:443
46.100.93.142:8808
46.246.12.12:7087
46.246.80.18:1000
46.246.86.16:2703
46.4.113.39:8808
5.144.176.117:6707
5.249.165.108:42422
50.114.203.169:2125
50.114.203.44:443
50.85.81.41:1401
51.68.176.6:8808
54.39.30.228:8808
64.44.159.16:8808
64.52.80.8:8808
67.210.97.27:8808
69.61.31.237:8808
69.88.157.4:4444
72.176.170.113:443
72.176.170.113:8808
74.208.153.167:443
78.56.171.137:8808
80.76.49.223:8808
80.91.223.136:8808
84.200.73.108:6606
86.54.42.17:8808
89.169.12.238:8808
91.92.241.142:8808
91.92.242.223:3000
91.92.242.223:4000
91.92.242.223:5000
94.249.167.167:8808
94.249.236.169:8808
95.214.55.246:2035
95.214.55.246:2303
95.214.55.246:2525
96.62.214.246:6606

# Reference: https://threatfox.abuse.ch/browse/malware/win.asyncrat/ (# 2025-10-05)

103.116.246.210:6606
103.116.246.210:7707
103.116.246.210:8808
103.38.83.75:4449
103.45.128.22:4449
104.243.46.66:1003
107.150.0.5:8848
108.171.192.131:3011
114.29.253.214:9632
114.66.59.242:8848
134.122.129.227:5558
144.172.103.202:6666
147.185.221.17:31288
147.185.221.17:44490
147.185.221.211:18765
147.185.221.211:6606
147.185.221.211:7707
147.185.221.211:8808
147.185.221.31:13718
147.185.221.31:2197
147.185.221.31:31553
147.185.221.31:36105
147.185.221.31:4449
147.185.221.31:54023
147.185.221.31:6606
147.185.221.31:7707
147.185.221.31:8808
147.30.206.125:6606
147.30.206.125:7707
147.30.206.125:8808
158.94.208.190:1604
172.94.59.38:888
173.44.141.3:8080
176.202.9.84:11101
176.202.9.84:1234
176.202.9.84:21340
176.202.9.84:21752
176.202.9.84:22522
176.202.9.84:27475
176.202.9.84:34606
176.202.9.84:445
176.202.9.84:47009
176.202.9.84:48736
176.202.9.84:57633
176.202.9.84:6008
176.202.9.84:60472
176.202.9.84:7434
176.202.9.84:8081
176.202.9.84:81
176.202.9.84:9000
176.202.9.84:9200
176.202.9.84:9301
176.202.9.84:995
176.212.148.7:4449
176.212.148.7:60379
178.16.53.7:6606
178.16.53.7:7707
178.16.53.7:8808
178.16.54.163:6458
178.16.54.163:8678
178.16.54.163:9854
178.208.169.181:6161
18.228.82.60:15427
181.131.217.56:5080
185.196.10.204:5001
185.196.10.204:5006
185.196.11.223:222
185.208.156.169:6501
185.208.159.71:111
185.208.159.71:444
185.209.23.134:1337
185.209.23.134:8848
185.231.227.244:8808
185.234.72.31:8888
188.218.110.200:1337
192.159.99.13:7777
193.161.193.99:38827
193.161.193.99:61871
194.59.31.186:4449
196.251.114.28:1234
196.251.114.28:2003
196.251.118.105:9003
196.251.83.209:9003
196.251.84.224:5055
198.23.227.140:7701
199.244.48.235:6606
199.244.48.235:7707
209.25.141.223:4449
209.25.141.223:60379
216.245.184.240:6606
216.245.184.240:7707
216.245.184.240:8808
31.57.97.62:4449
37.0.14.200:5033
45.138.16.160:6606
45.141.215.69:2222
45.141.233.202:8678
45.141.233.202:9854
45.141.86.87:1080
45.74.8.89:1001
45.74.8.89:305
45.74.8.89:306
45.74.8.89:307
45.74.8.89:407
46.246.12.5:1000
46.246.4.11:2703
46.246.4.6:2703
46.4.113.39:6606
46.4.113.39:7707
47.107.83.138:4449
5.36.103.229:4782
5.36.103.229:6606
5.36.150.43:4782
5.36.150.43:6606
5.36.156.114:4782
5.36.156.114:6606
5.37.165.100:4782
5.37.165.100:6606
5.37.179.6:4782
5.37.179.6:6606
50.114.203.169:11877
56.125.17.57:16802
67.164.135.13:8848
69.88.157.4:443
72.225.16.220:8000
72.43.19.202:8000
77.83.37.76:1912
77.83.37.76:6606
77.83.37.76:7707
77.83.37.76:8808
78.71.115.65:30125
80.143.166.3:55667
80.7.62.25:8808
80.78.23.232:1274
80.85.156.117:4449
82.23.254.235:44714
82.23.254.235:8080
82.76.154.254:6606
82.76.154.254:7707
82.76.154.254:8808
83.136.210.163:7077
83.215.154.72:7707
84.200.81.5:1604
84.38.129.34:3366
84.38.129.34:4449
86.238.210.203:6606
86.238.210.203:7707
86.238.210.203:8808
88.235.98.224:81
89.169.12.238:6606
89.169.12.238:7707
91.92.242.20:8848
94.103.125.231:2626
94.154.32.14:2505
95.217.57.151:83
95.63.117.184:36105
95.63.117.184:4449
2025.cnmnmb.top
2209sep25.duckdns.org
4802jkshdp.duckdns.org
5mcars.io
74yanadh.duckdns.org
989jsdbty.duckdns.org
aamcik.duckdns.org
adamblackie12312312-62714.portmap.host
aiopal.giize.com
alexsv2.duckdns.org
alskaskao44242.dynuddns.com
americanos2000.duckdns.org
aseguramayodc.casacam.net
asgasg.duckdns.org
association-og.gl.at.ply.gg
asyaugusth5858.duckdns.org
asyjuly5858.duckdns.org
async01.ddns.net
atlas115.ddns.net
balamand.net
bc652bc05761.ngrok-free.app
brucebaner2029.duckdns.org
calero921.duckdns.org
cawoslix-52222.portmap.host
chromeupdater.ddns.net
clashbred999-32728.portmap.host
cnmnmb.top
cyberwashere.is-a-lawyer.com
daddadasd-29521.portmap.host
dasilva.ydns.eu
dcgast3.duckdns.org
dcgast9.duckdns.org
dcgazt.duckdns.org
dcgerts.duckdns.org
dcgretts.duckdns.org
dcgrettz.duckdns.org
dcgrezzt.duckdns.org
dckis.duckdns.org
dcoctubre15.duckdns.org
dctask8000.ydns.eu
deals-vista.gl.at.ply.gg
dns.njalla.pl
dns.njalla.si
done-indians.gl.at.ply.gg
dontstopme01.ddns.net
dontstopme02.ddns.net
dontstopme03.ddns.net
dontstopme04.ddns.net
dontstopme05.ddns.net
dontstopme06.ddns.net
dontstopme07.ddns.net
envi02-10.duckdns.org
envio08.duckdns.org
envio1-10.duckdns.org
envio1009.duckdns.org
envio1111.duckdns.org
envio15.duckdns.org
enviosenvios8899.duckdns.org
furioso1.duckdns.org
healthmonitorupdate.ydns.eu
host0.tikmaps.com
host4.thebookcult.com
january-sitemap.gl.at.ply.gg
jasonstatham777.dynuddns.com
kikiik3.dynuddns.net
komicalkalo-46737.portmap.host
lexypaster.ddns.net
loritoexpresss.dynuddns.com
mail.valorschoolsupplies.com
mail.wholesalecharitysupply.com
maravillas12.duckdns.org
medellin2027.duckdns.org
medellin7777.duckdns.org
microsoft-spencer.gl.at.ply.gg
most-la.gl.at.ply.gg
netbiosinterface.ydns.eu
nike.ovh
noseasapo.ydns.eu
nuz8o8.88933.vip
oldone888d.casacam.net
omfg131313.dynuddns.com
paddymaddy.ddnsfree.com
people.webredirect.org
primenewserviceogfirewall.dynuddns.com
rathellaniggas-54052.portmap.host
ratrithee.ddns.net
replays-63019.portmap.host
rusia20206.duckdns.org
s0.z100.vip
server.tikmaps.com
shelbus99-30583.portmap.host
social-vpdf.com
southern201-28469.portmap.host
startmenuexperiencehost.ydns.eu
startmenuexperiencehostw.ydns.eu
tirat1ck-28292.portmap.host
track-marble.gl.at.ply.gg
up2025.ydns.eu
v7rpejh04.localto.net
valorschoolsupplies.com
voice-offensive.gl.at.ply.gg
wholesalecharitysupply.com
windowsupdateserver.ddnsgeek.com
wolverinlogan2025.duckdns.org
xperiencehostwindows.ydns.eu
ysan40kdhs.duckdns.org

# Reference: https://x.com/smica83/status/1973725828052914233
# Reference: https://www.virustotal.com/gui/file/2a24e3e8f154bd277281ea6f0296aeab380d197a409083b8bdde58d7878b19b9/detection
# BANNER_0_HASH-HOST=fcb70ef4d0987e41d303edb053ad385e

ngfkjfy.icu
tjthjd.icu
ihmmkvkaiwnilneauhfn.supabase.co
yyjkskopdckknlrflfkz.supabase.co

# Reference: https://x.com/K_N1kolenko/status/1975815835160592516

178.16.53.10:4782
178.16.54.37:19602
85.90.199.17:4449
95.216.115.242:8585

# Reference: https://www.virustotal.com/gui/file/066db948deb641e2ac00141af157ec691c40149527bff795b01fed691d23ffef/detection

45.136.68.15:4449

# Reference: https://x.com/ShadowOpCode/status/1975848109231247683
# Reference: https://app.any.run/tasks/e2d145ad-cc46-42e6-95ca-8b247d793cf6
# Reference: https://www.virustotal.com/gui/file/278fd81cd1d5aa205e358bc152ec971b021138b7c645175e959b3f3774d827c6/detection

147.185.221.229:18785
full-bahrain.gl.at.ply.gg

# Reference: https://www.virustotal.com/gui/file/a4e36bad09168d58b7b574aa4a47c261963749e1bbe1d3cb032559f5b3c16970/detection
# Reference: https://www.virustotal.com/gui/file/eed83778df90b5ce4c948f4d74b0b79fb43dafe0a6ec8dcb0bd7c2468494ce4b/detection

185.62.87.191:444
185.62.87.191:555
38.54.13.244:1411
38.54.13.244:333
eladhamas.con-ip.com
