# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: gorillabotnet, moobot, muhstik, nosviak4, flodric, aisuru

# Reference: https://www.virustotal.com/#/ip-address/77.87.77.250

/izuku.sh
/izuku.arc
/izuku.arm
/izuku.arm4
/izuku.armv4l
/izuku.arm5
/izuku.arm5n
/izuku.arm6
/izuku.arm7
/izuku.i586
/izuku.i686
/izuku.dbg
/izuku.mips
/izuku.mips64
/izuku.m68k
/izuku.mpsl
/izuku.ppc
/izuku.spc
/izuku.sparc
/izuku.sh4
/izuku.x86
/izuku.x32
/izuku.x64
/izuku.x86_64

# Reference: https://blog.paranoidpenguin.net/2018/08/hakaied-with-love-from-telecom-egypt/

/hakai.arc
/hakai.arm
/hakai.arm4
/hakai.armv4l
/hakai.arm5
/hakai.arm5n
/hakai.arm6
/hakai.arm7
/hakai.dbg
/hakai.i586
/hakai.i686
/hakai.mips
/hakai.mips64
/hakai.mpsl
/hakai.m68k
/hakai.ppc
/hakai.spc
/hakai.sparc
/hakai.sh4
/hakai.x86_64

# Reference: https://researchcenter.paloaltonetworks.com/2018/07/unit42-finds-new-mirai-gafgyt-iotlinux-botnet-campaigns/

/okane.arc
/okane.arm
/okane.arm4
/okane.armv4l
/okane.arm5
/okane.arm5n
/okane.arm6
/okane.arm7
/okane.i486
/okane.i586
/okane.i686
/okane.dbg
/okane.m68k
/okane.mips
/okane.mips64
/okane.mpsl
/okane.ppc
/okane.ppc440fp
/okane.sh4
/okane.spc
/okane.sparc
/okane.x86
/okane.x32
/okane.x64
/okane.x86_64

# Reference: https://www.bleepingcomputer.com/news/security/mirai-iot-malware-uses-aboriginal-linux-to-target-multiple-platforms/

/sora.arc
/sora.arm
/sora.arm4
/sora.armv4l
/sora.arm5
/sora.arm5n
/sora.arm6
/sora.arm7
/sora.dbg
/sora.mips
/sora.mips64
/sora.mpsl
/sora.m68k
/sora.ppc
/sora.sh4
/sora.spc
/sora.sparc
/sora.x86
/sora.x32
/sora.x64
/sora.x86_64

# Reference: https://www.hindawi.com/journals/scn/2018/7178164/lst16/
# Reference: https://otx.alienvault.com/pulse/6053a8f9141fd3dd1337c02a

/mirai.arc
/mirai.arm
/mirai.arm4
/mirai.arm4l
/mirai.arm4t
/mirai.arm4tl
/mirai.arm4tll
/mirai.armv4l
/mirai.arm5
/mirai.arm5l
/mirai.arm5n
/mirai.arm6
/mirai.arm64
/mirai.arm6l
/mirai.arm7
/mirai.arm7l
/mirai.arm8
/mirai.armv4
/mirai.armv4l
/mirai.armv5l
/mirai.armv6
/mirai.armv61
/mirai.armv6l
/mirai.armv7l
/mirai.dbg
/mirai.exploit
/mirai.i4
/mirai.i486
/mirai.i586
/mirai.i6
/mirai.i686
/mirai.kill
/mirai.m68
/mirai.m68k
/mirai.mips
/mirai.mips64
/mirai.mipsel
/mirai.mipsl
/mirai.mpsl
/mirai.nvm
/mirai.nvm2
/mirai.pcc
/mirai.pcc2
/mirai.powerpc
/mirai.powerpc-440fp
/mirai.powerppc
/mirai.ppc
/mirai.ppc2
/mirai.ppc440
/mirai.ppc440fp
/mirai.root
/mirai.root32
/mirai.sh
/mirai.sh4
/mirai.sparc
/mirai.spc
/mirai.ssh4
/mirai.x32
/mirai.x64
/mirai.x86
/mirai.x86_32
/mirai.x86_64

# Reference: https://www.virustotal.com/en/ip-address/209.141.55.13/information/
# Reference: https://twitter.com/i/moments/1046121581393543168

/Extendo.arc
/Extendo.arm
/Extendo.arm4
/Extendo.armv4l
/Extendo.arm5
/Extendo.arm5n
/Extendo.arm6
/Extendo.arm7
/Extendo.dbg
/Extendo.m68k
/Extendo.mips
/Extendo.mips64
/Extendo.mipsl
/Extendo.m68k
/Extendo.ppc
/Extendo.sh4
/Extendo.spc
/Extendo.sparc
/Extendo.x86
/Extendo.x32
/Extendo.x64
/Extendo.x86_64
/8UsA.sh
/zaky.sh

# Reference: https://twitter.com/bad_packets/status/1036415216718733312

/seraph.arc
/seraph.arm
/seraph.arm4
/seraph.armv4l
/seraph.arm5
/seraph.arm5n
/seraph.arm6
/seraph.arm7
/seraph.dbg
/seraph.i586
/seraph.i686
/seraph.m68k
/seraph.mips
/seraph.mips64
/seraph.mpsl
/seraph.ppc
/seraph.sh
/seraph.sh4
/seraph.spc
/seraph.sparc
/seraph.x32
/seraph.x86
/seraph.x64
/seraph.x86_64

# Reference: https://twitter.com/bad_packets/status/1038620066873409536
# Reference: https://twitter.com/SugitaMuchi/status/1083983657684021248

/apep.arc
/apep.arm
/apep.arm4
/apep.armv4l
/apep.arm5
/apep.arm5n
/apep.arm6
/apep.arm7
/apep.dbg
/apep.i586
/apep.i686
/apep.m68k
/apep.mips
/apep.mips64
/apep.mpsl
/apep.ppc
/apep.sh
/apep.sh4
/apep.spc
/apep.sparc
/apep.x86
/apep.x32
/apep.x64
/apep.x86_64
/arc.b
/arm.b
/arm4.b
/armv4l.b
/arm5.b
/arm5n.b
/arm6.b
/arm7.b
/dbg.b
/i586.b
/i686.b
/m68k.b
/mips.b
/mips64.b
/mpsl.b
/ppc.b
/sh4.b
/spc.b
/sparc.b
/x32.b
/x64.b
/x86_64.b

# Reference: https://researchcenter.paloaltonetworks.com/2018/09/unit42-multi-exploit-iotlinux-botnets-mirai-gafgyt-target-apache-struts-sonicwall/

l.ocalhost.host
/sonicwall

# Reference: https://twitter.com/bad_packets/status/1043273974560448514

/ultron.armv4l
/ultron.armv5l
/ultron.armv6l
/ultron.i586
/ultron.i686
/ultron.m68k
/ultron.mips
/ultron.mipsel
/ultron.mipseln
/ultron.powerpc
/ultron.powerpc440fp
/ultron.sh4
/ultron.sparc
/ultron.x86_64
/ultronfinal.armv4l
/ultronfinal.armv5l
/ultronfinal.armv6l
/ultronfinal.i586
/ultronfinal.i686
/ultronfinal.m68k
/ultronfinal.mips
/ultronfinal.mipsel
/ultronfinal.mipseln
/ultronfinal.powerpc
/ultronfinal.powerpc440fp
/ultronfinal.sh4
/ultronfinal.sparc
/ultronfinal.x86_64
/ultron-syn.sh

# Reference: https://twitter.com/bad_packets/status/1043404764027838464
# Reference: https://twitter.com/_odisseus/status/1151420268893618176

/hoho.arm
/hoho.arm5
/hoho.arm5.1
/hoho.arm6
/hoho.arm7
/hoho.m68k
/hoho.mips
/hoho.mpsl
/hoho.ppc
/hoho.sh4
/hoho.spc
/hoho.x86

# Reference: https://twitter.com/bad_packets/status/1032494091290832896

/.shinka.mips
/.shinka.mpsl

# Reference: https://twitter.com/bad_packets/status/1029608234569453569

/init0
/sals

# Reference: https://twitter.com/Ajouini99/status/1046898647764545536
# Reference: https://www.virustotal.com/gui/file/23fd6c6aadfabddf7eb84a1032a38db4b3891433f04c4856e54a7ab91367c23e/detection

/Boatnet.arm4
/Boatnet.arm5
/Boatnet.arm6
/Boatnet.arm7
/Boatnet.m68k
/Boatnet.mips
/Boatnet.mpsl
/Boatnet.ppc
/Boatnet.sh4
/Boatnet.spc
/Boatnet.x86
/Boatnet.x86_64
/hiddenbin/

# Generic trail from MT heuristic detection

/sefa.arm
/sefa.arm5
/sefa.arm6
/sefa.arm7
/sefa.i586
/sefa.i686
/sefa.m68k
/sefa.mips
/sefa.mpsl
/sefa.ppc
/sefa.ppc440
/sefa.sh4
/sefa.spc
/sefa.x86

# Reference: https://twitter.com/bad_packets/status/1051616610035806209

/oxy.arm
/oxy.arm5
/oxy.arm6
/oxy.arm7
/oxy.i586
/oxy.i686
/oxy.m68k
/oxy.mips
/oxy.mpsl
/oxy.ppc
/oxy.ppc440
/oxy.sh4
/oxy.spc
/oxy.x86

# Reference: https://twitter.com/ulexec/status/1051959861964169217
# Reference: https://twitter.com/0xrb/status/1160055482846867456

34.67.138.200:1791
/dark.arc
/dark.arm
/dark.arm4
/dark.arm4l
/dark.arm4t
/dark.arm4tl
/dark.arm4tll
/dark.armv4l
/dark.arm5
/dark.arm5n
/dark.arm6
/dark.arm64
/dark.arm7
/dark.dbg
/dark.i4
/dark.i486
/dark.i586
/dark.i686
/dark.kill
/dark.m68k
/dark.mips
/dark.mips64
/dark.mpsl
/dark.mipsel
/dark.ppc
/dark.ppc2
/dark.ppc440
/dark.powerppc
/dark.root
/dark.root32
/dark.sh4
/dark.ssh4
/dark.spc
/dark.sparc
/dark.srv
/dark.x32
/dark.x64
/dark.x86
/dark.x86_32
/dark.x86_64

# Reference: https://twitter.com/VessOnSecurity/status/1053591992888950784

/arm.yakuza
/arm5.yakuza
/arm6.yakuza
/arm7.yakuza
/dbg.yakuza
/i586.yakuza
/i686.yakuza
/m68k.yakuza
/mips.yakuza
/mpsl.yakuza
/ppc.yakuza
/ppc440.yakuza
/sh4.yakuza
/spc.yakuza
/srv.yakuza
/x86.yakuza

# Reference: https://twitter.com/VessOnSecurity/status/1051226957118103560

/gemini.arm
/gemini.arm5
/gemini.arm6
/gemini.arm7
/gemini.dbg
/gemini.i586
/gemini.i686
/gemini.m68k
/gemini.mips
/gemini.mpsl
/gemini.ppc
/gemini.ppc440
/gemini.sh4
/gemini.spc
/gemini.srv
/gemini.x86

# Reference: https://twitter.com/VessOnSecurity/status/1036375414141345793

/arc.Akiru
/arm.Akiru
/arm4.Akiru
/armv4l.Akiru
/arm5.Akiru
/arm6.Akiru
/arm7.Akiru
/dbg.Akiru
/i586.Akiru
/i686.Akiru
/m68k.Akiru
/mips.Akiru
/mips64.Akiru
/mpsl.Akiru
/ppc.Akiru
/ppc440.Akiru
/sh4.Akiru
/spc.Akiru
/sparc.Akiru
/srv.Akiru
/x86.Akiru
/x64.Akiru
/x32.Akiru
/x86_64.Akiru

# Reference: https://twitter.com/VessOnSecurity/status/1031653320467927046

/BleedStreet.arc
/BleedStreet.arm
/BleedStreet.arm4
/BleedStreet.armv4l
/BleedStreet.arm5
/BleedStreet.arm6
/BleedStreet.arm7
/BleedStreet.dbg
/BleedStreet.i586
/BleedStreet.i686
/BleedStreet.m68k
/BleedStreet.mips
/BleedStreet.mips64
/BleedStreet.mpsl
/BleedStreet.ppc
/BleedStreet.ppc440
/BleedStreet.sh4
/BleedStreet.spc
/BleedStreet.sparc
/BleedStreet.srv
/BleedStreet.x86
/BleedStreet.x64
/BleedStreet.x32
/BleedStreet.x86_64

# Reference: https://twitter.com/xxdesmus/status/1053440011289280512

/jiren.arc
/jiren.arm
/jiren.armv4l
/jiren.arm4
/jiren.arm5
/jiren.arm5n
/jiren.arm6
/jiren.arm7
/jiren.dbg
/jiren.i586
/jiren.i686
/jiren.m68k
/jiren.mips
/jiren.mips64
/jiren.mpsl
/jiren.ppc
/jiren.sh
/jiren.sh4
/jiren.spc
/jiren.sparc
/jiren.x86
/jiren.x64
/jiren.x86_64
/jiren.x32

# Reference: https://otx.alienvault.com/pulse/5a7878488a342f781764803b

cloudflarecock.club
fghdfth.club
fuckthefeds.tk
hightechcrime.club
imadaddy.us
malwaremustive.club
mirai.ao
neuvostoliitto.tk
traplife.ru

# Reference: http://vxcube.com/recent-threats-ioc/5a505721a39bb533af5137ed/detail

0x01.nexusiotsolutions.net
0x01.preload.su
0x90.bid
1eryxnva.glibc.org
aced.ga
air.sinushost.biz
akuma.pw
alhctuyy.tk
asapvpns.club
aspectleaks.xyz
back.uu8889.com
bakiiszwart.tk
base.monello.tk
bbase.monello.tk
bcnc.changeme.com
bc.nexusiotsolutions.net
bfrxznyisbestie.ml
bfyfa.fun
bhromofreah.top
bigboats.club
bigboatz.us
bkush.ml
blacklister.nl
bloodwars.ws
blueandsausesfries.us
bnexusiotsolutions.net
boatnet.xyz
boat.racoon.ml
booters.ml
botnet.remaiten.org
botnetsale.tk
bounty.bigbotpein.ru
bwww.scotsa.pw
ccc.snicker.ir
central.glibc.org
cked.4horsemen.pw
cktzoh.xyz
cmdmirai.tk
cnc111.ml
cnc.bigbandsinmyvault.tk
cnc.bigbotpein.ru
cncbot.cnbot.space
cncbot.ddns.net
cnc.changeme.com
cnc.linux.lol
cnc.mirai.com
cnc.nutsz.club
cnc.skidsec.org
cnc.smokemethallday.tk
cnc.spamtech.win
cnc.teammalefic.pw
cnc.tonguepunchfartbox.life
cnc.urgay.cf
cnc.vdskge7as.xyz
cnc.voxlobid.tk
c.nexusiotsolutions.net
cn.uvgczsuidrtg.com
conwangg.de
cool.kingdomplugin.nl
coolxr.info
cottoncandyloverscute.website
crazyclothes.store
dankstresser.tk
dannyexe.xyz
ddosattacks.tk
deathlives.ddns.net
d.hi8520.com
dportsmirai.tk
dssgasrea.club
eccc.bulletpool.ru
ertwer.vdskge7as.xyz
featured.cf
fedtraps.cf
ffvfvcnc.changeme.com
frost.botnet.hackedfiles.pw
frxznyisbestie.ml
ftp.xenonbooter.xyz
fyfa.fun
gangsters.cf
gndfgdd.club
gnikllort.com
gotnulled.ga
greekhelios21.tk
happyf33t.nl
hello.bigpuller.cf
hoaxnet.ddns.net
hromofreah.top
ikbensupercool.nl
iktufopjou.nl
infecteverywhere.online
int.aerx.io
internetgangster.tk
internetpolice.ga
internetpolice.ml
internetpolice.tk
iotmirai.tk
isalinux.intercomonline.com
kagbe.nl
kormirai.ddns.net
kringelstan.net
kush.ml
leakedfiles.org
legendarysprx.pw
linuxsecuritys.com
lol665.tk
lol.godlynet.cf
mail.harikatha.com
majikku.us
miraibotnet.ml
miraibotnet.online
miraihoneypot.tk
mirainet.ml
mirainet.tk
mm.haxornah.top
moanmybins.ml
modems.pw
myacerusername.hopto.org
mymiraiserver.hopto.org
mypawnshop.men
nageboorte.ga
naotogoyamamcc.asuscomm.com
net.nageboorte.nl
neuvostoliitto.ml
neuvostoliitto.tk
nexusaquariums.ir
nnn.shenron.pw
nullserversmirai.tk
offlineservers.tk
online.upmirai.club
onyxreppingoat.cf
panel.miraibotnet.eu
powa.daddyhackingteam.com
power4you.ddns.net
predoxing.tk
purgeblood.duckdns.org
putintrump.cf
putintrump.tk
pvpcloud.us
pyfulthag0d.pw
q5f2k0evy7go2rax9m4g.ru
reppin.tk
rofl.leakvortex.pro
rootyi.site
runscape.cf
rw595phpt4kk538s.botanik.gq
s0.3eu.ru
santasbigcandycane.cx
sbnmcd.org
sepinsftw.tk
serveranywhere.cf
serveranywhere.ga
serversrus.club
sevenp.top
smithre.top
ssh.gammaboat.us
swatnetiphone.tk
swatnetsucks.tk
swinginwithme.ru
swizzthegod.us
thebigbadbotnet.tk
thonder.club
totalbooter.us
truepower.club
ttymirai.tk
unix.tk
upfiles.online
uryjsdrfg.club
vap3.ddns.net
wheresmirai.tk
winter.winterboot.net
ghoststresser.pw
newel.se
scotsa.pw
trapboat.club
yzykar.ddns.net
zammanaakis.link
zetastress.net

# Reference: https://twitter.com/bad_packets/status/1053873672824356866

/Botnet.arm4
/Botnet.arm5
/Botnet.arm6
/Botnet.arm7
/Botnet.dbg
/Botnet.m68k
/Botnet.mips
/Botnet.mpsl
/Botnet.ppc
/Botnet.sh4
/Botnet.sparc
/Botnet.x86
/Botnet.x86_32
/Botnet.x86_64
/hakai.arm4
/hakai.arm5
/hakai.arm6
/hakai.arm7
/hakai.dbg
/hakai.m68k
/hakai.mips
/hakai.mpsl
/hakai.ppc
/hakai.sh4
/hakai.sparc
/hakai.x86
/hakai.x86_32
/hakai.x86_64
/sensi1.sh

# From MT heur detection

/neko.sh

# Reference: https://twitter.com/SugitaMuchi/status/1062330928205156352

/kowai.arm
/kowai.arm5
/kowai.arm6
/kowai.arm7
/kowai.m68k
/kowai.mips
/kowai.mpsl
/kowai.ppc
/kowai.sh4
/kowai.spc
/kowai.x86

# Reference: https://twitter.com/ankit_anubhav/status/1069907888368484353
# Reference: https://twitter.com/0xrb/status/1098513464480264192

/arm.light
/arm5.light
/arm6.light
/arm7.light
/m68k.light
/mips.light
/mpsl.light
/ppc.light
/sh4.light
/spc.light
/x86.light

# Reference: https://twitter.com/SugitaMuchi/status/1063754561339322368

/shinto
/shinto.arm
/shinto.arm4
/shinto.armv4l
/shinto.arm5
/shinto.arm5n
/shinto.arm6
/shinto.arm7
/shinto.dbg
/shinto.i586
/shinto.i686
/shinto.m68k
/shinto.mips
/shinto.mpsl
/shinto.ppc
/shinto.sh4
/shinto.spc
/shinto.sparc
/shinto.x32
/shinto.x86
/shinto.x64
/shinto.x86_64

# Reference: https://telekomsecurity.github.io/2018/07/adb-botnet.html

rippr.cc
/adbs
/i586.bot.le
/i686.bot.le
/arm.bot.le
/arm7.bot.le
/mips.bot.be
/mipsel.bot.le
/x86_64.bot.le

# Reference: https://twitter.com/bad_packets/status/1106343623996538880
# Reference: https://twitter.com/IAM__Network/status/1097163771116744704

/josho.arc
/josho.arm
/josho.arm4
/josho.arm4l
/josho.arm4t
/josho.arm4tl
/josho.arm4tll
/josho.armv4l
/josho.arm5
/josho.arm5n
/josho.arm6
/josho.arm64
/josho.arm7
/josho.arm8
/josho.dbg
/josho.exploit
/josho.i4
/josho.i486
/josho.i586
/josho.i686
/josho.kill
/josho.m68k
/josho.mips
/josho.mips64
/josho.mpsl
/josho.mipsel
/josho.ppc
/josho.ppc2
/josho.ppc440
/josho.powerppc
/josho.root
/josho.root32
/josho.sh4
/josho.ssh4
/josho.spc
/josho.sparc
/josho.x32
/josho.x64
/josho.x86
/josho.x86_32
/josho.x86_64

# Reference: https://twitter.com/bad_packets/status/1105882282626150401

/frosty.arc
/frosty.arm
/frosty.arm4
/frosty.armv4l
/frosty.arm5
/frosty.arm5n
/frosty.arm6
/frosty.arm7
/frosty.dbg
/frosty.i586
/frosty.i686
/frosty.m68k
/frosty.mips
/frosty.mips64
/frosty.mpsl
/frosty.ppc
/frosty.sh4
/frosty.spc
/frosty.sparc
/frosty.x32
/frosty.x86
/frosty.x64
/frosty.x86_64

# Reference: https://twitter.com/bad_packets/status/1105281977173729280

/time.arc
/time.arm
/time.arm4
/time.armv4l
/time.arm5
/time.arm5n
/time.arm6
/time.arm7
/time.dbg
/time.i586
/time.i686
/time.m68k
/time.mips
/time.mips64
/time.mpsl
/time.ppc
/time.sh4
/time.spc
/time.sparc
/time.x32
/time.x86
/time.x64
/time.x86_64

# Reference: https://twitter.com/bad_packets/status/1104487572015788032

/a.sh
/ai.arc
/ai.arm
/ai.arm4
/ai.armv4l
/ai.arm5
/ai.arm5n
/ai.arm6
/ai.arm7
/ai.dbg
/ai.i586
/ai.i686
/ai.m68k
/ai.mips
/ai.mips64
/ai.mpsl
/ai.ppc
/ai.sh4
/ai.spc
/ai.sparc
/ai.x32
/ai.x86
/ai.x64
/ai.x86_64
/dsl2750b
/jno.arc
/jno.arm
/jno.arm4
/jno.armv4l
/jno.arm5
/jno.arm5n
/jno.arm6
/jno.arm7
/jno.dbg
/jno.i586
/jno.i686
/jno.m68k
/jno.mips
/jno.mips64
/jno.mpsl
/jno.ppc
/jno.sh4
/jno.spc
/jno.sparc
/jno.x32
/jno.x86
/jno.x64
/jno.x86_64
/rbot.arc
/rbot.arm
/rbot.arm4
/rbot.armv4l
/rbot.arm5
/rbot.arm5n
/rbot.arm6
/rbot.arm7
/rbot.dbg
/rbot.i586
/rbot.i686
/rbot.m68k
/rbot.mips
/rbot.mips64
/rbot.mpsl
/rbot.ppc
/rbot.sh4
/rbot.spc
/rbot.sparc
/rbot.x32
/rbot.x86
/rbot.x64
/rbot.x86_64
/snwrite

# Reference: https://twitter.com/360Netlab/status/1102425923381587968

/estella.arc
/estella.arm
/estella.arm4
/estella.armv4l
/estella.arm5
/estella.arm5n
/estella.arm6
/estella.arm7
/estella.dbg
/estella.i586
/estella.i686
/estella.m68k
/estella.mips
/estella.mips64
/estella.mpsl
/estella.ppc
/estella.sh4
/estella.spc
/estella.sparc
/estella.x32
/estella.x86
/estella.x64
/estella.x86_64
/ricco.arc
/ricco.arm
/ricco.arm4
/ricco.armv4l
/ricco.arm5
/ricco.arm5n
/ricco.arm6
/ricco.arm7
/ricco.dbg
/ricco.i586
/ricco.i686
/ricco.m68k
/ricco.mips
/ricco.mips64
/ricco.mpsl
/ricco.ppc
/ricco.sh4
/ricco.spc
/ricco.sparc
/ricco.x32
/ricco.x86
/ricco.x64
/ricco.x86_64

# Reference: https://twitter.com/bad_packets/status/1104255547702800384

/xxx.arc
/xxx.arm
/xxx.arm4
/xxx.armv4l
/xxx.arm5
/xxx.arm5n
/xxx.arm6
/xxx.arm7
/xxx.dbg
/xxx.i586
/xxx.i686
/xxx.m68k
/xxx.mips
/xxx.mips64
/xxx.mpsl
/xxx.ppc
/xxx.sh4
/xxx.spc
/xxx.sparc
/xxx.x86
/xxx.x32
/xxx.x64
/xxx.x86_64

# Reference: https://twitter.com/bad_packets/status/1107179579393740801

/set.arc
/set.arm
/set.arm4
/set.armv4l
/set.arm5
/set.arm5n
/set.arm6
/set.arm7
/set.dbg
/set.i586
/set.i686
/set.m68k
/set.mips
/set.mips64
/set.mpsl
/set.ppc
/set.sh4
/set.spc
/set.sparc
/set.x32
/set.x86
/set.x64
/set.x86_64
/Solstice.arc
/Solstice.arm
/Solstice.arm4
/Solstice.armv4l
/Solstice.arm5
/Solstice.arm5n
/Solstice.arm6
/Solstice.arm7
/Solstice.dbg
/Solstice.i586
/Solstice.i686
/Solstice.m68k
/Solstice.mips
/Solstice.mips64
/Solstice.mpsl
/Solstice.ppc
/Solstice.sh4
/Solstice.spc
/Solstice.sparc
/Solstice.x32
/Solstice.x86
/Solstice.x64
/Solstice.x86_64

# Reference: https://twitter.com/bad_packets/status/1103024034495619072
# Reference: https://twitter.com/0xrb/status/1102806642071003141

/cayo1
/cayo10
/cayo11
/cayo12
/cayo13
/cayo2
/cayo3
/cayo4
/cayo5
/cayo6
/cayo7
/cayo8
/cayo9

# Reference: https://twitter.com/bad_packets/status/1107030028162719744

/Demon.arc
/Demon.arm
/Demon.arm4
/Demon.armv4l
/Demon.arm5
/Demon.arm5n
/Demon.arm6
/Demon.arm7
/Demon.dbg
/Demon.i586
/Demon.i686
/Demon.m68k
/Demon.mips
/Demon.mips64
/Demon.mpsl
/Demon.ppc
/Demon.sh4
/Demon.spc
/Demon.sparc
/Demon.x32
/Demon.x86
/Demon.x64
/Demon.x86_64

# Reference: https://twitter.com/bad_packets/status/1103032616964415488

/Meraki.arc
/Meraki.arm
/Meraki.arm4
/Meraki.armv4l
/Meraki.arm5
/Meraki.arm5n
/Meraki.arm6
/Meraki.arm7
/Meraki.dbg
/Meraki.i586
/Meraki.i686
/Meraki.m68k
/Meraki.mips
/Meraki.mips64
/Meraki.mpsl
/Meraki.ppc
/Meraki.sh4
/Meraki.spc
/Meraki.sparc
/Meraki.x32
/Meraki.x86
/Meraki.x64
/Meraki.x86_64

# Reference: https://twitter.com/0xrb/status/1098513464480264192

/0kami.arc
/0kami.arm
/0kami.arm4
/0kami.armv4l
/0kami.arm5
/0kami.arm5n
/0kami.arm6
/0kami.arm7
/0kami.dbg
/0kami.i586
/0kami.i686
/0kami.m68k
/0kami.mips
/0kami.mips64
/0kami.mpsl
/0kami.ppc
/0kami.sh4
/0kami.sparc
/0kami.x32
/0kami.x86
/0kami.x64
/0kami.x86_64
/Okami.arc
/Okami.arm
/Okami.arm4
/Okami.arm5
/Okami.arm5n
/Okami.arm6
/Okami.arm7
/Okami.dbg
/Okami.i586
/Okami.i686
/Okami.m68k
/Okami.mips
/Okami.mips64
/Okami.mpsl
/Okami.ppc
/Okami.sh4
/Okami.spc
/Okami.sparc
/Okami.x86
/Okami.x32
/Okami.x64
/Okami.x86_64

# Reference: https://twitter.com/bad_packets/status/1091781818854957056

/Tsunami.arc
/Tsunami.arm
/Tsunami.arm4
/Tsunami.armv4l
/Tsunami.arm5
/Tsunami.arm5n
/Tsunami.arm6
/Tsunami.arm7
/Tsunami.dbg
/Tsunami.i586
/Tsunami.i686
/Tsunami.m68k
/Tsunami.mips
/Tsunami.mips64
/Tsunami.mpsl
/Tsunami.ppc
/Tsunami.sh4
/Tsunami.sparc
/Tsunami.spc
/Tsunami.x86
/Tsunami.x32
/Tsunami.x64
/Tsunami.x86_64
/Yowai.arc
/Yowai.arm
/Yowai.arm4
/Yowai.armv4l
/Yowai.arm5
/Yowai.arm5n
/Yowai.arm6
/Yowai.arm7
/Yowai.dbg
/Yowai.i586
/Yowai.i686
/Yowai.m68k
/Yowai.mips
/Yowai.mips64
/Yowai.mpsl
/Yowai.ppc
/Yowai.sh4
/Yowai.sparc
/Yowai.spc
/Yowai.x32
/Yowai.x86
/Yowai.x64
/Yowai.x86_64

# Reference: https://twitter.com/bad_packets/status/1090099611887235073

ngv2.duckdns.org

# Reference: https://twitter.com/bad_packets/status/1085423672515616769

/kalon.arc
/kalon.arm
/kalon.arm4
/kalon.armv4l
/kalon.arm5
/kalon.arm6
/kalon.arm7
/kalon.dbg
/kalon.i586
/kalon.i686
/kalon.m68k
/kalon.mips
/kalon.mips64
/kalon.mpsl
/kalon.ppc
/kalon.sh4
/kalon.sparc
/kalon.spc
/kalon.x86
/kalon.x32
/kalon.x64
/kalon.x86_64

# Reference: https://twitter.com/bad_packets/status/1079244007824183296
# Reference: https://twitter.com/gorimpthon/status/1074581436416581632
# Reference: https://twitter.com/0xrb/status/1103216803969359873

/rift.arc
/rift.arm
/rift.arm4
/rift.armv4l
/rift.arm5
/rift.arm5n
/rift.arm6
/rift.arm7
/rift.dbg
/rift.i486
/rift.i586
/rift.i686
/rift.m68k
/rift.mips
/rift.mips64
/rift.mpsl
/rift.ppc
/rift.ppc-440fp
/rift.sh4
/rift.sparc
/rift.spc
/rift.x86
/rift.x32
/rift.x64
/rift.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1107503086052888576

/despise.arc
/despise.arm
/despise.arm4
/despise.armv4l
/despise.arm5
/despise.arm5n
/despise.arm6
/despise.arm7
/despise.dbg
/despise.i586
/despise.i686
/despise.m68k
/despise.mips
/despise.mips64
/despise.mpsl
/despise.ppc
/despise.sh4
/despise.sparc
/despise.spc
/despise.x86
/despise.x32
/despise.x64
/despise.x86_64

# Reference: https://otx.alienvault.com/pulse/5c8fa03c1bff9c0896577b9b
# Reference: https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
# Reference: https://www.virustotal.com/gui/domain/epicrustserver.cf/relations

128.244.98.74:2332
128.244.98.74:3933
133.51.27.211:2332
133.51.27.211:3933
133.51.27.211:8080
133.51.27.211:8081
133.51.27.211:8083
133.51.27.211:8181
139.203.22.68:2332
139.203.22.68:3933
147.133.138.130:2332
147.133.138.130:3933
147.133.138.130:8080
147.133.138.130:8081
147.133.138.130:8083
147.133.138.130:8181
149.58.122.219:2332
149.58.122.219:3933
149.58.122.219:8080
149.58.122.219:8081
149.58.122.219:8083
149.58.122.219:8181
155.169.205.198:2332
155.169.205.198:3933
155.169.205.198:8080
155.169.205.198:8081
155.169.205.198:8083
155.169.205.198:8181
155.223.168.208:2332
155.223.168.208:3933
194.25.244.166:2332
194.25.244.166:3933
210.234.205.181:2332
210.234.205.181:3933
211.242.104.162:2332
211.242.104.162:3933
213.135.165.173:2332
213.135.165.173:3933
213.245.229.13:2332
213.245.229.13:3933
222.227.222.211:2332
222.227.222.211:3933
50.63.202.11:2332
50.63.202.11:3933
50.63.202.11:8080
50.63.202.11:8081
50.63.202.11:8083
50.63.202.11:8181
65.107.9.195:2332
65.107.9.195:3933
67.19.37.226:2332
67.19.37.226:3933
70.192.147.153:2332
70.192.147.153:3933
71.5.86.197:2332
71.5.86.197:3933
79.51.97.203:2332
79.51.97.203:3933
85.135.168.75:2332
85.135.168.75:3933
85.135.168.75:8080
85.135.168.75:8081
85.135.168.75:8083
85.135.168.75:8181
epicrustserver.cf
/clean.arc
/clean.arm
/clean.arm4
/clean.armv4l
/clean.arm5
/clean.arm5n
/clean.arm6
/clean.arm7
/clean.dbg
/clean.i586
/clean.i686
/clean.m68k
/clean.x86
/clean.x86_64
/clean.x32
/clean.x64
/clean.mips
/clean.mpsl
/clean.ppc
/clean.sh4
/clean.spc
/clean.sparc
/eeppinen.arc
/eeppinen.arm
/eeppinen.arm4
/eeppinen.armv4l
/eeppinen.arm5
/eeppinen.arm5n
/eeppinen.arm6
/eeppinen.arm7
/eeppinen.dbg
/eeppinen.i586
/eeppinen.i686
/eeppinen.m68k
/eeppinen.ppc
/eeppinen.sh4
/eeppinen.sparc
/eeppinen.spc
/eeppinen.x86
/eeppinen.x86_64
/eeppinen.x32
/eeppinen.x64
/wgetbin.sh

# Reference: https://twitter.com/bad_packets/status/1108198117944418304

/shiina.sh
/shiina1.sh
/shiina.arc
/shiina.arm
/shiina.arm4
/shiina.armv4l
/shiina.arm5
/shiina.arm5n
/shiina.arm6
/shiina.arm7
/shiina.dbg
/shiina.i586
/shiina.i686
/shiina.m68k
/shiina.mips
/shiina.mips64
/shiina.mpsl
/shiina.ppc
/shiina.sh4
/shiina.spc
/shiina.sparc
/shiina.x32
/shiina.x64
/shiina.x86
/shiina.x86_64

# Reference: https://twitter.com/x42x5a/status/1108443839013052416

/le.arc.bot
/le.arcle-hs38.bot
/le.arm.bot
/le.arm4.bot
/le.arm4l.bot
/le.arm4t.bot
/le.arm4tl.bot
/le.arm4tll.bot
/le.arm5.bot
/le.arm5l.bot
/le.arm5n.bot
/le.arm6.bot
/le.arm64.bot
/le.arm6l.bot
/le.arm7.bot
/le.arm7l.bot
/le.arm8.bot
/le.armv4.bot
/le.armv4l.bot
/le.armv5l.bot
/le.armv6.bot
/le.armv61.bot
/le.armv6l.bot
/le.armv7l.bot
/le.dbg.bot
/le.exploit.bot
/le.i4.bot
/le.i486.bot
/le.i586.bot
/le.i6.bot
/le.i686.bot
/le.kill.bot
/le.m68.bot
/le.m68k.bot
/le.mips.bot
/le.mips64.bot
/le.mipseb.bot
/le.mipsel.bot
/le.mpsl.bot
/le.pcc.bot
/le.powerpc-440fp.bot
/le.powerpc.bot
/le.powerppc.bot
/le.pp-c.bot
/le.ppc.bot
/le.ppc2.bot
/le.ppc440.bot
/le.ppc440fp.bot
/le.root.bot
/le.root32.bot
/le.sh.bot
/le.sh4.bot
/le.sparc.bot
/le.spc.bot
/le.ssh4.bot
/le.x32.bot
/le.x32_64.bot
/le.x64.bot
/le.x86.bot
/le.x86_32.bot
/le.x86_64.bot

# Reference: https://twitter.com/bad_packets/status/1107183598484897792

vampwrotesatori.cf

# Reference: https://twitter.com/bad_packets/status/1108853601168850944

/ARES1.sh
/tmp.arc
/tmp.arm
/tmp.arm4
/tmp.armv4l
/tmp.arm5
/tmp.arm5n
/tmp.arm6
/tmp.arm7
/tmp.dbg
/tmp.i586
/tmp.i686
/tmp.m68k
/tmp.mips
/tmp.mips64
/tmp.mpsl
/tmp.ppc
/tmp.sh4
/tmp.spc
/tmp.sparc
/tmp.x32
/tmp.x64
/tmp.x86
/tmp.x86_64

# Reference: https://twitter.com/bad_packets/status/1109720375951151104

/sbot.arc
/sbot.arm
/sbot.arm4
/sbot.armv4l
/sbot.arm5
/sbot.arm5n
/sbot.arm6
/sbot.arm7
/sbot.dbg
/sbot.i586
/sbot.i686
/sbot.m68k
/sbot.mips
/sbot.mips64
/sbot.mpsl
/sbot.ppc
/sbot.sh4
/sbot.spc
/sbot.sparc
/sbot.x32
/sbot.x64
/sbot.x86
/sbot.x86_64

# Reference: https://twitter.com/malwaremustd1e/status/1074213727791017985

senpai.site
/miori.arc
/miori.arm
/miori.arm4
/miori.armv4l
/miori.arm5
/miori.arm5n
/miori.arm6
/miori.arm7
/miori.dbg
/miori.i586
/miori.i686
/miori.m68k
/miori.mips
/miori.mips64
/miori.mpsl
/miori.ppc
/miori.sh4
/miori.spc
/miori.sparc
/miori.x32
/miori.x64
/miori.x86
/miori.x86_64

# Reference: https://twitter.com/0xrb/status/1107900627693125632

/8UsA1.sh
/bot.arc
/bot.arm
/bot.arm4
/bot.armv4l
/bot.arm5
/bot.arm5n
/bot.arm6
/bot.arm7
/bot.dbg
/bot.i586
/bot.i686
/bot.m68k
/bot.mips
/bot.mips64
/bot.mpsl
/bot.ppc
/bot.sh4
/bot.spc
/bot.sparc
/bot.x32
/bot.x64
/bot.x86
/bot.x86_64

# Reference: https://twitter.com/0xrb/status/1106913710323331074

/messiahbins.sh

# Reference: https://twitter.com/0xrb/status/1108630159635156992

/Nazi.arc
/Nazi.arm
/Nazi.arm4
/Nazi.armv4l
/Nazi.arm5
/Nazi.arm5n
/Nazi.arm6
/Nazi.arm7
/Nazi.dbg
/Nazi.i586
/Nazi.i686
/Nazi.m68k
/Nazi.mips
/Nazi.mips64
/Nazi.mpsl
/Nazi.ppc
/Nazi.sh4
/Nazi.spc
/Nazi.sparc
/Nazi.x32
/Nazi.x64
/Nazi.x86
/Nazi.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1107773193731756032
# Reference: https://twitter.com/bad_packets/status/1134692367133335553

62.210.207.229:89
/owari.arc
/owari.arm
/owari.arm4
/owari.armv4l
/owari.arm5
/owari.arm5n
/owari.arm6
/owari.arm7
/owari.dbg
/owari.i586
/owari.i686
/owari.m68k
/owari.mips
/owari.mips64
/owari.mpsl
/owari.ppc
/owari.root
/owari.root32
/owari.sh4
/owari.spc
/owari.sparc
/owari.x32
/owari.x64
/owari.x86
/owari.x86_64
/netis

# Reference: https://twitter.com/0xrb/status/1107897430048034816

/air.arc
/air.arm
/air.arm4
/air.armv4l
/air.arm5
/air.arm5n
/air.arm6
/air.arm7
/air.dbg
/air.i586
/air.i686
/air.m68k
/air.mips
/air.mips64
/air.mpsl
/air.ppc
/air.sh4
/air.spc
/air.sparc
/air.x32
/air.x64
/air.x86
/air.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1107772353289682944

/September.arc
/September.arm
/September.arm4
/September.armv4l
/September.arm5
/September.arm5n
/September.arm6
/September.arm7
/September.dbg
/September.i586
/September.i686
/September.m68k
/September.mips
/September.mips64
/September.mpsl
/September.ppc
/September.sh4
/September.spc
/September.sparc
/September.x32
/September.x64
/September.x86
/September.x86_64

# Reference: https://twitter.com/0xrb/status/1107592182100189184

/Pemex1.sh
/loligang.arc
/loligang.arm
/loligang.arm4
/loligang.armv4l
/loligang.arm5
/loligang.arm5n
/loligang.arm6
/loligang.arm7
/loligang.dbg
/loligang.i586
/loligang.i686
/loligang.m68k
/loligang.mips
/loligang.mips64
/loligang.mpsl
/loligang.ppc
/loligang.sh4
/loligang.spc
/loligang.sparc
/loligang.x32
/loligang.x64
/loligang.x86
/loligang.x86_64

# Reference: https://twitter.com/0xrb/status/1106796078450593798

/hdawd.arc
/hdawd.arm
/hdawd.arm4
/hdawd.armv4l
/hdawd.arm5
/hdawd.arm5n
/hdawd.arm6
/hdawd.arm7
/hdawd.dbg
/hdawd.i586
/hdawd.i686
/hdawd.m68k
/hdawd.mips
/hdawd.mips64
/hdawd.mpsl
/hdawd.ppc
/hdawd.sh4
/hdawd.spc
/hdawd.sparc
/hdawd.x32
/hdawd.x64
/hdawd.x86
/hdawd.x86_64

# Reference: https://twitter.com/ulexec/status/1065155269028708352

/adb.arc
/adb.arm
/adb.arm4
/adb.armv4l
/adb.arm5
/adb.arm5n
/adb.arm6
/adb.arm7
/adb.dbg
/adb.i586
/adb.i686
/adb.m68k
/adb.mips
/adb.mips64
/adb.mpsl
/adb.ppc
/adb.sh4
/adb.spc
/adb.sparc
/adb.x32
/adb.x64
/adb.x86
/adb.x86_64

# Reference: https://twitter.com/ulexec/status/1063798453799653376

/dank.arc
/dank.arm
/dank.arm4
/dank.armv4l
/dank.arm5
/dank.arm5n
/dank.arm6
/dank.arm7
/dank.dbg
/dank.i586
/dank.i686
/dank.m68k
/dank.mips
/dank.mips64
/dank.mpsl
/dank.ppc
/dank.sh4
/dank.spc
/dank.sparc
/dank.x32
/dank.x64
/dank.x86
/dank.x86_64

# Reference: https://twitter.com/executemalware/status/1006957509528162304
# Reference: https://twitter.com/0xrb/status/1093420116639768576

/gay.arc
/gay.arm
/gay.arm4
/gay.arm4tl
/gay.armv4l
/gay.arm5
/gay.arm5n
/gay.arm6
/gay.arm7
/gay.dbg
/gay.i586
/gay.i686
/gay.m68k
/gay.mips
/gay.mips64
/gay.mpsl
/gay.ppc
/gay.sh4
/gay.spc
/gay.sparc
/gay.x32
/gay.x64
/gay.x86
/gay.x86_64

# Reference: https://twitter.com/bad_packets/status/1110025683093196801

/k1ra1.arc
/k1ra1.arm
/k1ra1.arm4
/k1ra1.armv4l
/k1ra1.arm5
/k1ra1.arm5n
/k1ra1.arm6
/k1ra1.arm7
/k1ra1.dbg
/k1ra1.i586
/k1ra1.i686
/k1ra1.m68k
/k1ra1.mips
/k1ra1.mips64
/k1ra1.mpsl
/k1ra1.ppc
/k1ra1.sh4
/k1ra1.spc
/k1ra1.sparc
/k1ra1.x32
/k1ra1.x64
/k1ra1.x86
/k1ra1.x86_64
/kirai.arc
/kirai.arm
/kirai.arm4
/kirai.armv4l
/kirai.arm5
/kirai.arm5n
/kirai.arm6
/kirai.arm7
/kirai.dbg
/kirai.i586
/kirai.i686
/kirai.m68k
/kirai.mips
/kirai.mips64
/kirai.mpsl
/kirai.ppc
/kirai.sh4
/kirai.spc
/kirai.sparc
/kirai.x32
/kirai.x64
/kirai.x86
/kirai.x86_64

# Reference: https://twitter.com/bad_packets/status/1111524886919307264

/unstable.arc
/unstable.arm
/unstable.arm4
/unstable.armv4l
/unstable.arm5
/unstable.arm5n
/unstable.arm6
/unstable.arm7
/unstable.dbg
/unstable.i586
/unstable.i686
/unstable.m68k
/unstable.mips
/unstable.mips64
/unstable.mpsl
/unstable.ppc
/unstable.sh4
/unstable.spc
/unstable.sparc
/unstable.x32
/unstable.x64
/unstable.x86
/unstable.x86_64

# Reference: https://twitter.com/bad_packets/status/1111777543869194240

/Trickle.arc
/Trickle.arm
/Trickle.arm4
/Trickle.armv4l
/Trickle.arm5
/Trickle.arm5n
/Trickle.arm6
/Trickle.arm7
/Trickle.dbg
/Trickle.i586
/Trickle.i686
/Trickle.m68k
/Trickle.mips
/Trickle.mips64
/Trickle.mpsl
/Trickle.ppc
/Trickle.sh4
/Trickle.spc
/Trickle.sparc
/Trickle.x32
/Trickle.x64
/Trickle.x86
/Trickle.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1089187830369181696

/honchoz.arc
/honchoz.arm
/honchoz.arm4
/honchoz.armv4l
/honchoz.arm5
/honchoz.arm5n
/honchoz.arm6
/honchoz.arm7
/honchoz.dbg
/honchoz.i586
/honchoz.i686
/honchoz.m68k
/honchoz.mips
/honchoz.mips64
/honchoz.mpsl
/honchoz.ppc
/honchoz.sh4
/honchoz.spc
/honchoz.sparc
/honchoz.x32
/honchoz.x64
/honchoz.x86
/honchoz.x86_64
/headhoncho.arc
/headhoncho.arm
/headhoncho.arm4
/headhoncho.armv4l
/headhoncho.arm5
/headhoncho.arm5n
/headhoncho.arm6
/headhoncho.arm7
/headhoncho.dbg
/headhoncho.i586
/headhoncho.i686
/headhoncho.m68k
/headhoncho.mips
/headhoncho.mips64
/headhoncho.mpsl
/headhoncho.ppc
/headhoncho.sh4
/headhoncho.spc
/headhoncho.sparc
/headhoncho.x32
/headhoncho.x64
/headhoncho.x86
/headhoncho.x86_64
/dwabniduawdbwad/

# Reference: https://twitter.com/SugitaMuchi/status/1087128158149591040

/beefy
/qlu.arc
/qlu.arm
/qlu.arm4
/qlu.armv4l
/qlu.arm5
/qlu.arm5n
/qlu.arm6
/qlu.arm7
/qlu.dbg
/qlu.i586
/qlu.i686
/qlu.m68k
/qlu.mips
/qlu.mips64
/qlu.mpsl
/qlu.ppc
/qlu.sh4
/qlu.spc
/qlu.sparc
/qlu.x32
/qlu.x64
/qlu.x86
/qlu.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1087113481671692288

/Oasis.arc
/Oasis.arm
/Oasis.arm4
/Oasis.armv4l
/Oasis.arm5
/Oasis.arm5n
/Oasis.arm6
/Oasis.arm7
/Oasis.dbg
/Oasis.i586
/Oasis.i686
/Oasis.m68k
/Oasis.mips
/Oasis.mips64
/Oasis.mpsl
/Oasis.ppc
/Oasis.sh4
/Oasis.spc
/Oasis.sparc
/Oasis.x32
/Oasis.x64
/Oasis.x86
/Oasis.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1087112232398290945

/hades.arc
/hades.arm
/hades.arm4
/hades.armv4l
/hades.arm5
/hades.arm5n
/hades.arm6
/hades.arm7
/hades.dbg
/hades.i586
/hades.i686
/hades.m68k
/hades.mips
/hades.mips64
/hades.mpsl
/hades.ppc
/hades.sh4
/hades.spc
/hades.sparc
/hades.x32
/hades.x64
/hades.x86
/hades.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1084938640482914304
/a.arc
/a.arm
/a.arm4
/a.armv4l
/a.arm5
/a.arm5n
/a.arm6
/a.arm7
/a.dbg
/a.i586
/a.i686
/a.m68k
/a.mips
/a.mips64
/a.mpsl
/a.ppc
/a.sh4
/a.spc
/a.sparc
/a.x32
/a.x64
/a.x86
/a.x86_64
/furasshu.arc
/furasshu.arm
/furasshu.arm4
/furasshu.armv4l
/furasshu.arm5
/furasshu.arm5n
/furasshu.arm6
/furasshu.arm7
/furasshu.dbg
/furasshu.i586
/furasshu.i686
/furasshu.kill
/furasshu.m68k
/furasshu.mips
/furasshu.mips64
/furasshu.mpsl
/furasshu.ppc
/furasshu.sh4
/furasshu.spc
/furasshu.sparc
/furasshu.x32
/furasshu.x64
/furasshu.x86
/furasshu.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1084936992268283904

/Mushi.arc
/Mushi.arm
/Mushi.arm4
/Mushi.armv4l
/Mushi.arm5
/Mushi.arm5n
/Mushi.arm6
/Mushi.arm7
/Mushi.dbg
/Mushi.i586
/Mushi.i686
/Mushi.m68k
/Mushi.mips
/Mushi.mips64
/Mushi.mpsl
/Mushi.ppc
/Mushi.sh4
/Mushi.spc
/Mushi.sparc
/Mushi.x32
/Mushi.x64
/Mushi.x86
/Mushi.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1083983657684021248

/Damien.arc
/Damien.arm
/Damien.arm4
/Damien.armv4l
/Damien.arm5
/Damien.arm5n
/Damien.arm6
/Damien.arm7
/Damien.dbg
/Damien.i586
/Damien.i686
/Damien.m68k
/Damien.mips
/Damien.mips64
/Damien.mpsl
/Damien.ppc
/Damien.sh4
/Damien.spc
/Damien.sparc
/Damien.x32
/Damien.x64
/Damien.x86
/Damien.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1076706974027341824

/arc.fgt
/arm.fgt
/arm4.fgt
/armv4l.fgt
/arm5.fgt
/arm5n.fgt
/arm6.fgt
/arm7.fgt
/dbg.fgt
/i586.fgt
/i686.fgt
/m68k.fgt
/mips.fgt
/mips64.fgt
/mpsl.fgt
/ppc.fgt
/sh4.fgt
/spc.fgt
/sparc.fgt
/x32.fgt
/x64.fgt
/x86.fgt
/x86_64.fgt
/fucking.arc
/fucking.arm
/fucking.arm4
/fucking.armv4l
/fucking.arm5
/fucking.arm5n
/fucking.arm6
/fucking.arm7
/fucking.dbg
/fucking.i586
/fucking.i686
/fucking.m68k
/fucking.mips
/fucking.mips64
/fucking.mpsl
/fucking.ppc
/fucking.sh4
/fucking.spc
/fucking.sparc
/fucking.x32
/fucking.x64
/fucking.x86
/fucking.x86_64
/x86hua

# Reference: https://twitter.com/SugitaMuchi/status/1076275952923987968

/Shine.arc
/Shine.arm
/Shine.arm4
/Shine.armv4l
/Shine.arm5
/Shine.arm5n
/Shine.arm6
/Shine.arm7
/Shine.dbg
/Shine.i586
/Shine.i686
/Shine.m68k
/Shine.mips
/Shine.mips64
/Shine.mpsl
/Shine.ppc
/Shine.sh4
/Shine.spc
/Shine.sparc
/Shine.x32
/Shine.x64
/Shine.x86
/Shine.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1076060597362380800

/kyton.arc
/kyton.arm
/kyton.arm4
/kyton.armv4l
/kyton.arm5
/kyton.arm5n
/kyton.arm6
/kyton.arm7
/kyton.dbg
/kyton.i586
/kyton.i686
/kyton.m68k
/kyton.mips
/kyton.mips64
/kyton.mpsl
/kyton.ppc
/kyton.sh4
/kyton.spc
/kyton.sparc
/kyton.x32
/kyton.x64
/kyton.x86
/kyton.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1072979237445849090

/TrioSec.arc
/TrioSec.arm
/TrioSec.arm4
/TrioSec.armv4l
/TrioSec.arm5
/TrioSec.arm5n
/TrioSec.arm6
/TrioSec.arm7
/TrioSec.dbg
/TrioSec.i586
/TrioSec.i686
/TrioSec.m68k
/TrioSec.mips
/TrioSec.mips64
/TrioSec.mpsl
/TrioSec.ppc
/TrioSec.sh4
/TrioSec.spc
/TrioSec.sparc
/TrioSec.x32
/TrioSec.x64
/TrioSec.x86
/TrioSec.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1072663518900563969

/cloudi.arc
/cloudi.arm
/cloudi.arm4
/cloudi.armv4l
/cloudi.arm5
/cloudi.arm5n
/cloudi.arm6
/cloudi.arm7
/cloudi.dbg
/cloudi.i586
/cloudi.i686
/cloudi.m68k
/cloudi.mips
/cloudi.mips64
/cloudi.mpsl
/cloudi.ppc
/cloudi.sh4
/cloudi.spc
/cloudi.sparc
/cloudi.x32
/cloudi.x64
/cloudi.x86
/cloudi.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1071904311871889413

/snowy.arc
/snowy.arm
/snowy.arm4
/snowy.armv4l
/snowy.arm5
/snowy.arm5n
/snowy.arm6
/snowy.arm7
/snowy.dbg
/snowy.i586
/snowy.i686
/snowy.m68k
/snowy.mips
/snowy.mips64
/snowy.mpsl
/snowy.ppc
/snowy.sh4
/snowy.spc
/snowy.sparc
/snowy.x32
/snowy.x64
/snowy.x86
/snowy.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1071635025018286080

/polo.arc
/polo.arm
/polo.arm4
/polo.armv4l
/polo.arm5
/polo.arm5n
/polo.arm6
/polo.arm7
/polo.dbg
/polo.i586
/polo.i686
/polo.m68k
/polo.mips
/polo.mips64
/polo.mpsl
/polo.ppc
/polo.sh4
/polo.spc
/polo.sparc
/polo.x32
/polo.x64
/polo.x86
/polo.x86_64
/arc.f
/arm.f
/arm4.f
/armv4l.f
/arm5.f
/arm5n.f
/arm6.f
/arm7.f
/dbg.f
/i586.f
/i686.f
/m68k.f
/mips.f
/mips64.f
/mpsl.f
/ppc.f
/sh4.f
/spc.f
/sparc.f
/x32.f
/x64.f
/x86_64.f

# Reference: https://twitter.com/SugitaMuchi/status/1066849595425079296

/hentai.arc
/hentai.arm
/hentai.arm4
/hentai.armv4l
/hentai.arm5
/hentai.arm5n
/hentai.arm6
/hentai.arm7
/hentai.dbg
/hentai.i586
/hentai.i686
/hentai.m68k
/hentai.mips
/hentai.mips64
/hentai.mpsl
/hentai.ppc
/hentai.sh4
/hentai.spc
/hentai.sparc
/hentai.x32
/hentai.x64
/hentai.x86
/hentai.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1067550048538386432

/PhantomATM.arc
/PhantomATM.arm
/PhantomATM.arm4
/PhantomATM.armv4l
/PhantomATM.arm5
/PhantomATM.arm5n
/PhantomATM.arm6
/PhantomATM.arm7
/PhantomATM.dbg
/PhantomATM.i586
/PhantomATM.i686
/PhantomATM.m68k
/PhantomATM.mips
/PhantomATM.mips64
/PhantomATM.mpsl
/PhantomATM.ppc
/PhantomATM.sh4
/PhantomATM.spc
/PhantomATM.sparc
/PhantomATM.x32
/PhantomATM.x64
/PhantomATM.x86
/PhantomATM.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1067926544021020673

/paimon.arc
/paimon.arm
/paimon.arm4
/paimon.armv4l
/paimon.arm5
/paimon.arm5n
/paimon.arm6
/paimon.arm7
/paimon.dbg
/paimon.i586
/paimon.i686
/paimon.m68k
/paimon.mips
/paimon.mips64
/paimon.mpsl
/paimon.ppc
/paimon.sh4
/paimon.spc
/paimon.sparc
/paimon.x32
/paimon.x64
/paimon.x86
/paimon.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1068489061357117440

/n.arc
/n.arm
/n.arm4
/n.armv4l
/n.arm5
/n.arm5n
/n.arm6
/n.arm7
/n.dbg
/n.i586
/n.i686
/n.m68k
/n.mips
/n.mips64
/n.mpsl
/n.ppc
/n.sh4
/n.spc
/n.sparc
/n.x32
/n.x64
/n.x86
/n.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1068648068294168576
# Reference: https://twitter.com/0xrb/status/1098108996089565184

/shaolin.arc
/shaolin.arm
/shaolin.arm4
/shaolin.armv4l
/shaolin.arm5
/shaolin.arm5n
/shaolin.arm6
/shaolin.arm7
/shaolin.dbg
/shaolin.i586
/shaolin.i686
/shaolin.kill
/shaolin.m68k
/shaolin.mips
/shaolin.mips64
/shaolin.mpsl
/shaolin.ppc
/shaolin.sh4
/shaolin.spc
/shaolin.sparc
/shaolin.x32
/shaolin.x64
/shaolin.x86
/shaolin.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1068649952572669952

/kakeii.arc
/kakeii.arm
/kakeii.arm4
/kakeii.armv4l
/kakeii.arm5
/kakeii.arm5n
/kakeii.arm6
/kakeii.arm7
/kakeii.dbg
/kakeii.i586
/kakeii.i686
/kakeii.m68k
/kakeii.mips
/kakeii.mips64
/kakeii.mpsl
/kakeii.ppc
/kakeii.sh4
/kakeii.spc
/kakeii.sparc
/kakeii.x32
/kakeii.x64
/kakeii.x86
/kakeii.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1069066626195120128

/DEMONS.arc
/DEMONS.arm
/DEMONS.arm4
/DEMONS.armv4l
/DEMONS.arm5
/DEMONS.arm5n
/DEMONS.arm6
/DEMONS.arm7
/DEMONS.dbg
/DEMONS.i586
/DEMONS.i686
/DEMONS.m68k
/DEMONS.mips
/DEMONS.mips64
/DEMONS.mpsl
/DEMONS.ppc
/DEMONS.sh4
/DEMONS.spc
/DEMONS.sparc
/DEMONS.x32
/DEMONS.x64
/DEMONS.x86
/DEMONS.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1069792879818620928

/masuta.arc
/masuta.arm
/masuta.arm4
/masuta.armv4l
/masuta.arm5
/masuta.arm5n
/masuta.arm6
/masuta.arm7
/masuta.dbg
/masuta.i586
/masuta.i686
/masuta.m68k
/masuta.mips
/masuta.mips64
/masuta.mpsl
/masuta.ppc
/masuta.sh4
/masuta.spc
/masuta.sparc
/masuta.x32
/masuta.x64
/masuta.x86
/masuta.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1069794101405507585

/exploit.arc
/exploit.arm
/exploit.arm4
/exploit.armv4l
/exploit.arm5
/exploit.arm5n
/exploit.arm6
/exploit.arm7
/exploit.dbg
/exploit.i586
/exploit.i686
/exploit.m68k
/exploit.mips
/exploit.mips64
/exploit.mpsl
/exploit.ppc
/exploit.sh4
/exploit.spc
/exploit.sparc
/exploit.x32
/exploit.x64
/exploit.x86
/exploit.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1070292886661488641
# Reference: https://twitter.com/bad_packets/status/1164293462943862785

/arc.Tsunami
/arm.Tsunami
/arm4.Tsunami
/arm4l.Tsunami
/arm4t.Tsunami
/arm4tl.Tsunami
/arm4tll.Tsunami
/armv4l.Tsunami
/arm5.Tsunami
/arm5n.Tsunami
/arm6.Tsunami
/arm64.Tsunami
/arm7.Tsunami
/dbg.Tsunami
/i4.Tsunami
/i486.Tsunami
/i586.Tsunami
/i686.Tsunami
/kill.Tsunami
/m68k.Tsunami
/mips.Tsunami
/mips64.Tsunami
/mpsl.Tsunami
/mipsel.Tsunami
/ppc.Tsunami
/ppc2.Tsunami
/ppc440.Tsunami
/powerppc.Tsunami
/root.Tsunami
/root32.Tsunami
/sh4.Tsunami
/ssh4.Tsunami
/spc.Tsunami
/sparc.Tsunami
/x32.Tsunami
/x64.Tsunami
/x86.Tsunami
/x86_32.Tsunami
/x86_64.Tsunami

# Reference: https://twitter.com/SugitaMuchi/status/1070817589226434560

/kato.arc
/kato.arm
/kato.arm4
/kato.armv4l
/kato.arm5
/kato.arm5n
/kato.arm6
/kato.arm7
/kato.dbg
/kato.i586
/kato.i686
/kato.m68k
/kato.mips
/kato.mips64
/kato.mpsl
/kato.ppc
/kato.sh4
/kato.spc
/kato.sparc
/kato.x32
/kato.x64
/kato.x86
/kato.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1071375809842036737

/Horizon.arc
/Horizon.arm
/Horizon.arm4
/Horizon.armv4l
/Horizon.arm5
/Horizon.arm5n
/Horizon.arm6
/Horizon.arm7
/Horizon.dbg
/Horizon.i586
/Horizon.i686
/Horizon.m68k
/Horizon.mips
/Horizon.mips64
/Horizon.mpsl
/Horizon.ppc
/Horizon.sh4
/Horizon.spc
/Horizon.sparc
/Horizon.x32
/Horizon.x64
/Horizon.x86
/Horizon.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1077015447281647617

/Cobra.arc
/Cobra.arm
/Cobra.arm4
/Cobra.armv4l
/Cobra.arm5
/Cobra.arm5n
/Cobra.arm6
/Cobra.arm7
/Cobra.dbg
/Cobra.i586
/Cobra.i686
/Cobra.m68k
/Cobra.mips
/Cobra.mips64
/Cobra.mpsl
/Cobra.ppc
/Cobra.sh4
/Cobra.spc
/Cobra.sparc
/Cobra.x32
/Cobra.x64
/Cobra.x86
/Cobra.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1077098773703061504

/Azuja.arc
/Azuja.arm
/Azuja.arm4
/Azuja.armv4l
/Azuja.arm5
/Azuja.arm5n
/Azuja.arm6
/Azuja.arm7
/Azuja.dbg
/Azuja.i586
/Azuja.i686
/Azuja.m68k
/Azuja.mips
/Azuja.mips64
/Azuja.mpsl
/Azuja.ppc
/Azuja.sh4
/Azuja.spc
/Azuja.sparc
/Azuja.x32
/Azuja.x64
/Azuja.x86
/Azuja.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1077692159535411203

/Lanisha.arc
/Lanisha.arm
/Lanisha.arm4
/Lanisha.armv4l
/Lanisha.arm5
/Lanisha.arm5n
/Lanisha.arm6
/Lanisha.arm7
/Lanisha.dbg
/Lanisha.i586
/Lanisha.i686
/Lanisha.m68k
/Lanisha.mips
/Lanisha.mips64
/Lanisha.mpsl
/Lanisha.ppc
/Lanisha.sh4
/Lanisha.spc
/Lanisha.sparc
/Lanisha.x32
/Lanisha.x64
/Lanisha.x86
/Lanisha.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1077695005873954816

/Karu.arc
/Karu.arm
/Karu.arm4
/Karu.armv4l
/Karu.arm5
/Karu.arm5n
/Karu.arm6
/Karu.arm7
/Karu.dbg
/Karu.i586
/Karu.i686
/Karu.m68k
/Karu.mips
/Karu.mips64
/Karu.mpsl
/Karu.ppc
/Karu.sh4
/Karu.spc
/Karu.sparc
/Karu.x32
/Karu.x64
/Karu.x86
/Karu.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1078213601217863681

/kazen.arc
/kazen.arm
/kazen.arm4
/kazen.armv4l
/kazen.arm5
/kazen.arm5n
/kazen.arm6
/kazen.arm7
/kazen.dbg
/kazen.i586
/kazen.i686
/kazen.m68k
/kazen.mips
/kazen.mips64
/kazen.mpsl
/kazen.ppc
/kazen.sh4
/kazen.spc
/kazen.sparc
/kazen.x32
/kazen.x64
/kazen.x86
/kazen.x86_64
/s-kazen.arc
/s-kazen.arm
/s-kazen.arm4
/s-kazen.armv4l
/s-kazen.arm5
/s-kazen.arm5n
/s-kazen.arm6
/s-kazen.arm7
/s-kazen.dbg
/s-kazen.i586
/s-kazen.i686
/s-kazen.m68k
/s-kazen.mips
/s-kazen.mips64
/s-kazen.mpsl
/s-kazen.ppc
/s-kazen.sh4
/s-kazen.spc
/s-kazen.sparc
/s-kazen.x32
/s-kazen.x64
/s-kazen.x86
/s-kazen.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1081559402082009092

/301.arc
/301.arm
/301.arm4
/301.armv4l
/301.arm5
/301.arm5n
/301.arm6
/301.arm7
/301.dbg
/301.i586
/301.i686
/301.m68k
/301.mips
/301.mips64
/301.mpsl
/301.ppc
/301.sh4
/301.spc
/301.sparc
/301.x32
/301.x64
/301.x86
/301.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1081779020037902337

/Solar.arc
/Solar.arm
/Solar.arm4
/Solar.armv4l
/Solar.arm5
/Solar.arm5n
/Solar.arm6
/Solar.arm7
/Solar.dbg
/Solar.i586
/Solar.i686
/Solar.m68k
/Solar.mips
/Solar.mips64
/Solar.mpsl
/Solar.ppc
/Solar.sh4
/Solar.spc
/Solar.sparc
/Solar.x32
/Solar.x64
/Solar.x86
/Solar.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1081788732154437632

/penthouse.arc
/penthouse.arm
/penthouse.arm4
/penthouse.armv4l
/penthouse.arm5
/penthouse.arm5n
/penthouse.arm6
/penthouse.arm7
/penthouse.dbg
/penthouse.i586
/penthouse.i686
/penthouse.m68k
/penthouse.mips
/penthouse.mips64
/penthouse.mpsl
/penthouse.ppc
/penthouse.sh4
/penthouse.spc
/penthouse.sparc
/penthouse.x32
/penthouse.x64
/penthouse.x86
/penthouse.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1082403079230709761

/ptype.arc
/ptype.arm
/ptype.arm4
/ptype.armv4l
/ptype.arm5
/ptype.arm5n
/ptype.arm6
/ptype.arm7
/ptype.dbg
/ptype.i586
/ptype.i686
/ptype.m68k
/ptype.mips
/ptype.mips64
/ptype.mpsl
/ptype.ppc
/ptype.sh4
/ptype.spc
/ptype.sparc
/ptype.x32
/ptype.x64
/ptype.x86
/ptype.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1083487810298929153

/yakuza.arc
/yakuza.arm
/yakuza.arm4
/yakuza.armv4l
/yakuza.arm5
/yakuza.arm5n
/yakuza.arm6
/yakuza.arm7
/yakuza.dbg
/yakuza.i586
/yakuza.i686
/yakuza.m68k
/yakuza.mips
/yakuza.mips64
/yakuza.mpsl
/yakuza.ppc
/yakuza.sh4
/yakuza.spc
/yakuza.sparc
/yakuza.x32
/yakuza.x64
/yakuza.x86
/yakuza.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1083489293186752512
# Reference: https://twitter.com/VessOnSecurity/status/1138765917528166401

/Freya.arc
/Freya.arm
/Freya.arm4
/Freya.armv4l
/Freya.arm5
/Freya.arm5n
/Freya.arm6
/Freya.arm7
/Freya.dbg
/Freya.i586
/Freya.i686
/Freya.m68k
/Freya.mips
/Freya.mips64
/Freya.mpsl
/Freya.ppc
/Freya.sh4
/Freya.spc
/Freya.sparc
/Freya.x32
/Freya.x64
/Freya.x86
/Freya.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1083490463749832706

/aisha.arc
/aisha.arm
/aisha.arm4
/aisha.armv4l
/aisha.arm5
/aisha.arm5n
/aisha.arm6
/aisha.arm7
/aisha.dbg
/aisha.i586
/aisha.i686
/aisha.m68k
/aisha.mips
/aisha.mips64
/aisha.mpsl
/aisha.ppc
/aisha.sh4
/aisha.spc
/aisha.sparc
/aisha.x32
/aisha.x64
/aisha.x86
/aisha.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1090839291998003202

/kowei.arc
/kowei.arm
/kowei.arm4
/kowei.armv4l
/kowei.arm5
/kowei.arm5n
/kowei.arm6
/kowei.arm7
/kowei.dbg
/kowei.i586
/kowei.i686
/kowei.m68k
/kowei.mips
/kowei.mips64
/kowei.mpsl
/kowei.ppc
/kowei.sh4
/kowei.spc
/kowei.sparc
/kowei.x32
/kowei.x64
/kowei.x86
/kowei.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1091096902764916736

/Cakle.arc
/Cakle.arm
/Cakle.arm4
/Cakle.armv4l
/Cakle.arm5
/Cakle.arm5n
/Cakle.arm6
/Cakle.arm7
/Cakle.dbg
/Cakle.i586
/Cakle.i686
/Cakle.m68k
/Cakle.mips
/Cakle.mips64
/Cakle.mpsl
/Cakle.ppc
/Cakle.sh4
/Cakle.spc
/Cakle.sparc
/Cakle.x32
/Cakle.x64
/Cakle.x86
/Cakle.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1091518821578432512

/blackc.arc
/blackc.arm
/blackc.arm4
/blackc.armv4l
/blackc.arm5
/blackc.arm5n
/blackc.arm6
/blackc.arm7
/blackc.dbg
/blackc.i586
/blackc.i686
/blackc.m68k
/blackc.mips
/blackc.mips64
/blackc.mpsl
/blackc.ppc
/blackc.sh4
/blackc.spc
/blackc.sparc
/blackc.x32
/blackc.x64
/blackc.x86

# Reference: https://twitter.com/SugitaMuchi/status/1091978407691223040

/Shatter.arc
/Shatter.arm
/Shatter.arm4
/Shatter.armv4l
/Shatter.arm5
/Shatter.arm5n
/Shatter.arm6
/Shatter.arm7
/Shatter.dbg
/Shatter.i586
/Shatter.i686
/Shatter.m68k
/Shatter.mips
/Shatter.mips64
/Shatter.mpsl
/Shatter.ppc
/Shatter.sh4
/Shatter.spc
/Shatter.sparc
/Shatter.x32
/Shatter.x64
/Shatter.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104522236646481920

/Slamed.arc
/Slamed.arm
/Slamed.arm4
/Slamed.armv4l
/Slamed.arm5
/Slamed.arm5n
/Slamed.arm6
/Slamed.arm7
/Slamed.dbg
/Slamed.i586
/Slamed.i686
/Slamed.m68k
/Slamed.mips
/Slamed.mips64
/Slamed.mpsl
/Slamed.ppc
/Slamed.sh4
/Slamed.spc
/Slamed.sparc
/Slamed.x32
/Slamed.x64
/Slamed.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104524755263139840

/orenji.arc
/orenji.arm
/orenji.arm4
/orenji.arm4l
/orenji.arm4t
/orenji.armv4l
/orenji.arm5
/orenji.arm5n
/orenji.arm6
/orenji.arm7
/orenji.dbg
/orenji.i486
/orenji.i586
/orenji.i686
/orenji.m68k
/orenji.mips
/orenji.mips64
/orenji.mpsl
/orenji.mipsel
/orenji.ppc
/orenji.ppc440
/orenji.root
/orenji.sh
/orenji.sh4
/orenji.spc
/orenji.sparc
/orenji.x32
/orenji.x64
/orenji.x86
/orenji.x86_32
/orenji.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1104552453100331013

/Ares.arc
/Ares.arm
/Ares.arm4
/Ares.armv4l
/Ares.arm5
/Ares.arm5n
/Ares.arm6
/Ares.arm7
/Ares.dbg
/Ares.i586
/Ares.i686
/Ares.m68k
/Ares.mips
/Ares.mips64
/Ares.mpsl
/Ares.ppc
/Ares.sh4
/Ares.spc
/Ares.sparc
/Ares.x32
/Ares.x64
/Ares.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104633777702092800

/onryo.arc
/onryo.arm
/onryo.arm4
/onryo.armv4l
/onryo.arm5
/onryo.arm5n
/onryo.arm6
/onryo.arm7
/onryo.dbg
/onryo.i586
/onryo.i686
/onryo.m68k
/onryo.mips
/onryo.mips64
/onryo.mpsl
/onryo.ppc
/onryo.sh4
/onryo.spc
/onryo.sparc
/onryo.x32
/onryo.x64
/onryo.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104871959072976897

/Eros.arc
/Eros.arm
/Eros.arm4
/Eros.armv4l
/Eros.arm5
/Eros.arm5n
/Eros.arm6
/Eros.arm7
/Eros.dbg
/Eros.i586
/Eros.i686
/Eros.m68k
/Eros.mips
/Eros.mips64
/Eros.mpsl
/Eros.ppc
/Eros.sh4
/Eros.spc
/Eros.sparc
/Eros.x32
/Eros.x64
/Eros.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104914512900050944

/DENIAL.arc
/DENIAL.arm
/DENIAL.arm4
/DENIAL.armv4l
/DENIAL.arm5
/DENIAL.arm5n
/DENIAL.arm6
/DENIAL.arm7
/DENIAL.dbg
/DENIAL.i586
/DENIAL.i686
/DENIAL.m68k
/DENIAL.mips
/DENIAL.mips64
/DENIAL.mpsl
/DENIAL.ppc
/DENIAL.sh4
/DENIAL.spc
/DENIAL.sparc
/DENIAL.x32
/DENIAL.x64
/DENIAL.x86

# Reference: https://twitter.com/SugitaMuchi/status/1104915308765097985

/arc.bot
/arm.bot
/arm4.bot
/armv4l.bot
/arm5.bot
/arm5n.bot
/arm6.bot
/arm7.bot
/dbg.bot
/i586.bot
/i686.bot
/m68k.bot
/mips.bot
/mips64.bot
/mpsl.bot
/ppc.bot
/sh4.bot
/spc.bot
/sparc.bot
/x32.bot
/x64.bot
/x86_64.bot

# Reference: https://twitter.com/SugitaMuchi/status/1106194795876147200

/Khaos.arc
/Khaos.arm
/Khaos.arm4
/Khaos.armv4l
/Khaos.arm5
/Khaos.arm5n
/Khaos.arm6
/Khaos.arm7
/Khaos.dbg
/Khaos.i586
/Khaos.i686
/Khaos.m68k
/Khaos.mips
/Khaos.mips64
/Khaos.mpsl
/Khaos.ppc
/Khaos.sh4
/Khaos.spc
/Khaos.sparc
/Khaos.x32
/Khaos.x64
/Khaos.x86

# Reference: https://twitter.com/1IoTa3/status/1089402171689484289

/jirenv2.sh

# Reference: https://twitter.com/SugitaMuchi/status/1107774813534183424

/haarch64
/haarch64be
/harcle-750d
/harcle-hs38
/hm68k-68xxx
/hmicroblazebe
/hmicroblazeel
/hnios2
/hopenrisc
/hsh-sh4
/rootOwO

# Reference: https://twitter.com/SugitaMuchi/status/1106322774560145408

/tron.arc
/tron.arm
/tron.arm4
/tron.armv4l
/tron.arm5
/tron.arm5n
/tron.arm6
/tron.arm7
/tron.dbg
/tron.i486
/tron.i586
/tron.i686
/tron.m68k
/tron.mips
/tron.mips64
/tron.mpsl
/tron.ppc
/tron.sh4
/tron.spc
/tron.sparc
/tron.x32
/tron.x64
/tron.x86

# Reference: https://twitter.com/0xrb/status/1098654743491239944

/loliv4.arc
/loliv4.arm
/loliv4.arm4
/loliv4.armv4l
/loliv4.arm5
/loliv4.arm5n
/loliv4.arm6
/loliv4.arm7
/loliv4.dbg
/loliv4.i486
/loliv4.i586
/loliv4.i686
/loliv4.m68k
/loliv4.mips
/loliv4.mips64
/loliv4.mpsl
/loliv4.ppc
/loliv4.sh4
/loliv4.spc
/loliv4.sparc
/loliv4.x32
/loliv4.x64
/loliv4.x86

# Reference: https://twitter.com/gorimpthon/status/1077435493061541889

/egg.arc
/egg.arm
/egg.arm4
/egg.armv4l
/egg.arm5
/egg.arm5n
/egg.arm6
/egg.arm7
/egg.dbg
/egg.i486
/egg.i586
/egg.i686
/egg.m68k
/egg.mips
/egg.mips64
/egg.mpsl
/egg.ppc
/egg.sh4
/egg.spc
/egg.sparc
/egg.x32
/egg.x64
/egg.x86

# Reference: https://twitter.com/SugitaMuchi/status/1075161057121918977

/WatchDog.arc
/WatchDog.arm
/WatchDog.arm4
/WatchDog.arm4l
/WatchDog.arm4t
/WatchDog.armv4l
/WatchDog.arm5
/WatchDog.arm5n
/WatchDog.arm6
/WatchDog.arm7
/WatchDog.dbg
/WatchDog.i486
/WatchDog.i586
/WatchDog.i686
/WatchDog.m68k
/WatchDog.mips
/WatchDog.mips64
/WatchDog.mpsl
/WatchDog.ppc
/WatchDog.sh4
/WatchDog.spc
/WatchDog.sparc
/WatchDog.x32
/WatchDog.x64
/WatchDog.x86

# Reference: https://twitter.com/gorimpthon/status/1074581436416581632

/airlink.sh

# Reference: https://twitter.com/w0lfvan/status/1074795109915484160

/telnet.arc
/telnet.arm
/telnet.arm4
/telnet.arm4l
/telnet.arm4t
/telnet.armv4l
/telnet.arm5
/telnet.arm5n
/telnet.arm6
/telnet.arm7
/telnet.dbg
/telnet.i486
/telnet.i586
/telnet.i686
/telnet.m68k
/telnet.mips
/telnet.mips64
/telnet.mpsl
/telnet.ppc
/telnet.sh4
/telnet.spc
/telnet.sparc
/telnet.x32
/telnet.x64
/telnet.x86

# Reference: https://twitter.com/w0lfvan/status/1072635199157100550

/tsuki.arc
/tsuki.arm
/tsuki.arm4
/tsuki.arm4l
/tsuki.arm4t
/tsuki.armv4l
/tsuki.arm5
/tsuki.arm5n
/tsuki.arm6
/tsuki.arm7
/tsuki.dbg
/tsuki.i486
/tsuki.i586
/tsuki.i686
/tsuki.m68k
/tsuki.mips
/tsuki.mips64
/tsuki.mpsl
/tsuki.ppc
/tsuki.sh4
/tsuki.spc
/tsuki.sparc
/tsuki.x32
/tsuki.x64
/tsuki.x86

# Reference: https://twitter.com/SugitaMuchi/status/1069718639429902336

/crushi.arc
/crushi.arm
/crushi.arm4
/crushi.arm4l
/crushi.arm4t
/crushi.armv4l
/crushi.arm5
/crushi.arm5n
/crushi.arm6
/crushi.arm7
/crushi.dbg
/crushi.i486
/crushi.i586
/crushi.i686
/crushi.m68k
/crushi.mips
/crushi.mips64
/crushi.mpsl
/crushi.ppc
/crushi.sh4
/crushi.spc
/crushi.sparc
/crushi.x32
/crushi.x64
/crushi.x86

# Reference: https://twitter.com/SugitaMuchi/status/1069717302063452160

/Trinity.arc
/Trinity.arm
/Trinity.arm4
/Trinity.arm4l
/Trinity.arm4t
/Trinity.armv4l
/Trinity.arm5
/Trinity.arm5n
/Trinity.arm6
/Trinity.arm7
/Trinity.dbg
/Trinity.i486
/Trinity.i586
/Trinity.i686
/Trinity.m68k
/Trinity.mips
/Trinity.mips64
/Trinity.mpsl
/Trinity.ppc
/Trinity.ppc440
/Trinity.sh4
/Trinity.spc
/Trinity.sparc
/Trinity.x32
/Trinity.x64
/Trinity.x86

# Reference: https://twitter.com/w0lfvan/status/1069208800815665152

/sector.arc
/sector.arm
/sector.arm4
/sector.arm4l
/sector.arm4t
/sector.armv4l
/sector.arm5
/sector.arm5n
/sector.arm6
/sector.arm7
/sector.dbg
/sector.i486
/sector.i586
/sector.i686
/sector.m68k
/sector.mips
/sector.mips64
/sector.mpsl
/sector.ppc
/sector.ppc440
/sector.sh4
/sector.spc
/sector.sparc
/sector.x32
/sector.x64
/sector.x86

# Reference: https://twitter.com/SugitaMuchi/status/1066835439326089216

/Nikkah.arc
/Nikkah.arm
/Nikkah.arm4
/Nikkah.arm4l
/Nikkah.arm4t
/Nikkah.armv4l
/Nikkah.arm5
/Nikkah.arm5n
/Nikkah.arm6
/Nikkah.arm7
/Nikkah.dbg
/Nikkah.i486
/Nikkah.i586
/Nikkah.i686
/Nikkah.m68k
/Nikkah.mips
/Nikkah.mips64
/Nikkah.mpsl
/Nikkah.ppc
/Nikkah.ppc440
/Nikkah.sh4
/Nikkah.spc
/Nikkah.sparc
/Nikkah.x32
/Nikkah.x64
/Nikkah.x86

# Reference: https://twitter.com/ankit_anubhav/status/1065156254526595072
# Reference: https://blog.netlab.360.com/warning-satori-a-new-mirai-variant-is-spreading-in-worm-style-on-port-37215-and-52869-en/
# Reference: https://www.hybrid-analysis.com/sample/f9a4c6857bb3a4feebb232c54e6ecffd3742ce598b48e975d675b38232b8e30e?environmentId=300

95.211.123.69:7645
network.bigbotpein.com
control.almashosting.ru
/okiru.arc
/okiru.arm
/okiru.arm4
/okiru.arm4l
/okiru.arm4t
/okiru.arm4tl
/okiru.armv4l
/okiru.arm5
/okiru.arm5n
/okiru.armv5l
/okiru.arm6
/okiru.armv6l
/okiru.arm7
/okiru.armv7l
/okiru.dbg
/okiru.i486
/okiru.i586
/okiru.i686
/okiru.m68k
/okiru.mips
/okiru.mips64
/okiru.mipsel
/okiru.mpsl
/okiru.ppc
/okiru.ppc440
/okiru.powerppc
/okiru.root
/okiru.sh
/okiru.sh4
/okiru.spc
/okiru.sparc
/okiru.superh
/okiru.x32
/okiru.x64
/okiru.x86
/okiru.x86_32
/okiru.x86_64
/cryptonite.arc
/cryptonite.arm
/cryptonite.arm4
/cryptonite.arm4l
/cryptonite.arm4t
/cryptonite.arm4tl
/cryptonite.armv4l
/cryptonite.arm5
/cryptonite.arm5n
/cryptonite.armv5l
/cryptonite.arm6
/cryptonite.armv6l
/cryptonite.arm7
/cryptonite.armv7l
/cryptonite.dbg
/cryptonite.i486
/cryptonite.i586
/cryptonite.i686
/cryptonite.m68k
/cryptonite.mips
/cryptonite.mips64
/cryptonite.mipsel
/cryptonite.mpsl
/cryptonite.ppc
/cryptonite.ppc440
/cryptonite.powerppc
/cryptonite.root
/cryptonite.sh
/cryptonite.sh4
/cryptonite.spc
/cryptonite.sparc
/cryptonite.x32
/cryptonite.x64
/cryptonite.x86
/cryptonite.x86_32
/cryptonite.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1064724293206999040

/Nikka.arc
/Nikka.arm
/Nikka.arm4
/Nikka.arm4l
/Nikka.arm4t
/Nikka.armv4l
/Nikka.arm5
/Nikka.arm5n
/Nikka.arm6
/Nikka.arm7
/Nikka.dbg
/Nikka.i486
/Nikka.i586
/Nikka.i686
/Nikka.m68k
/Nikka.mips
/Nikka.mips64
/Nikka.mpsl
/Nikka.ppc
/Nikka.ppc440
/Nikka.sh4
/Nikka.spc
/Nikka.sparc
/Nikka.x32
/Nikka.x64
/Nikka.x86

# Reference: https://twitter.com/SugitaMuchi/status/1064295597388136449

/larry.arc
/larry.arm
/larry.arm4
/larry.arm4l
/larry.arm4t
/larry.armv4l
/larry.arm5
/larry.arm5n
/larry.arm6
/larry.arm7
/larry.dbg
/larry.i486
/larry.i586
/larry.i686
/larry.m68k
/larry.mips
/larry.mips64
/larry.mpsl
/larry.ppc
/larry.ppc440
/larry.root
/larry.sh4
/larry.spc
/larry.sparc
/larry.x32
/larry.x64
/larry.x86
/lry.arc
/lry.arm
/lry.arm4
/lry.arm4l
/lry.arm4t
/lry.armv4l
/lry.arm5
/lry.arm5n
/lry.arm6
/lry.arm7
/lry.dbg
/lry.i486
/lry.i586
/lry.i686
/lry.m68k
/lry.mips
/lry.mips64
/lry.mpsl
/lry.ppc
/lry.ppc440
/lry.root
/lry.sh4
/lry.spc
/lry.sparc
/lry.x32
/lry.x64
/lry.x86
/lry.x86_32
/lry.x86_64
/x86huawei

# Reference: https://twitter.com/SugitaMuchi/status/1063962452323328000

/kwari.arc
/kwari.arm
/kwari.arm4
/kwari.arm4l
/kwari.arm4t
/kwari.armv4l
/kwari.arm5
/kwari.arm5n
/kwari.arm6
/kwari.arm7
/kwari.dbg
/kwari.i486
/kwari.i586
/kwari.i686
/kwari.m68k
/kwari.mips
/kwari.mips64
/kwari.mpsl
/kwari.ppc
/kwari.ppc440
/kwari.root
/kwari.sh4
/kwari.spc
/kwari.sparc
/kwari.x32
/kwari.x64
/kwari.x86
/kwari.x86_32
/kwari.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1063282314799542272

/hax.arc
/hax.arm
/hax.arm4
/hax.arm4l
/hax.arm4t
/hax.armv4l
/hax.arm5
/hax.arm5n
/hax.arm6
/hax.arm7
/hax.dbg
/hax.i486
/hax.i586
/hax.i686
/hax.m68k
/hax.mips
/hax.mips64
/hax.mpsl
/hax.ppc
/hax.ppc440
/hax.root
/hax.sh4
/hax.spc
/hax.sparc
/hax.x32
/hax.x64
/hax.x86
/hax.x86_32
/hax.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1063085934109851648

/VPNFilter.arc
/VPNFilter.arm
/VPNFilter.arm4
/VPNFilter.arm4l
/VPNFilter.arm4t
/VPNFilter.armv4l
/VPNFilter.arm5
/VPNFilter.arm5n
/VPNFilter.arm6
/VPNFilter.arm7
/VPNFilter.dbg
/VPNFilter.i486
/VPNFilter.i586
/VPNFilter.i686
/VPNFilter.m68k
/VPNFilter.mips
/VPNFilter.mips64
/VPNFilter.mpsl
/VPNFilter.ppc
/VPNFilter.ppc440
/VPNFilter.root
/VPNFilter.sh4
/VPNFilter.spc
/VPNFilter.sparc
/VPNFilter.x32
/VPNFilter.x64
/VPNFilter.x86
/VPNFilter.x86_32
/VPNFilter.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1062528904563281920

/ombra.arc
/ombra.arm
/ombra.arm4
/ombra.arm4l
/ombra.arm4t
/ombra.armv4l
/ombra.arm5
/ombra.arm5n
/ombra.arm6
/ombra.arm7
/ombra.dbg
/ombra.i486
/ombra.i586
/ombra.i686
/ombra.m68k
/ombra.mips
/ombra.mips64
/ombra.mpsl
/ombra.ppc
/ombra.ppc440
/ombra.root
/ombra.sh4
/ombra.spc
/ombra.sparc
/ombra.x32
/ombra.x64
/ombra.x86
/ombra.x86_32
/ombra.x86_64

# Reference: https://twitter.com/SugitaMuchi/status/1062523363195637760

/tnx12.arc
/tnx12.arm
/tnx12.arm4
/tnx12.arm4l
/tnx12.arm4t
/tnx12.armv4l
/tnx12.arm5
/tnx12.arm5n
/tnx12.arm6
/tnx12.arm7
/tnx12.dbg
/tnx12.i486
/tnx12.i586
/tnx12.i686
/tnx12.m68k
/tnx12.mips
/tnx12.mips64
/tnx12.mpsl
/tnx12.ppc
/tnx12.ppc440
/tnx12.root
/tnx12.sh4
/tnx12.spc
/tnx12.sparc
/tnx12.x32
/tnx12.x64
/tnx12.x86
/tnx12.x86_32
/tnx12.x86_64
/tnx12015.sh

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-iot-malware-updated-with-mining-and-backdoor-commands-targets-wemo-devices/
# Reference: https://blogs.akamai.com/sitr/2019/06/latest-echobot-26-infection-vectors.html

/ECHOBOT.arc
/ECHOBOT.arm
/ECHOBOT.arm4
/ECHOBOT.arm4l
/ECHOBOT.arm4t
/ECHOBOT.armv4l
/ECHOBOT.arm5
/ECHOBOT.arm5n
/ECHOBOT.arm6
/ECHOBOT.arm7
/ECHOBOT.dbg
/ECHOBOT.i486
/ECHOBOT.i586
/ECHOBOT.i686
/ECHOBOT.m68k
/ECHOBOT.mips
/ECHOBOT.mips64
/ECHOBOT.mpsl
/ECHOBOT.mipsel
/ECHOBOT.ppc
/ECHOBOT.ppc440
/ECHOBOT.root
/ECHOBOT.sh
/ECHOBOT.sh4
/ECHOBOT.spc
/ECHOBOT.sparc
/ECHOBOT.x32
/ECHOBOT.x64
/ECHOBOT.x86
/ECHOBOT.x86_32
/ECHOBOT.x86_64
/ECHOBOT1.sh
/UqHDZbqr9S.sh

# Reference: https://twitter.com/_odisseus/status/1114055047221006336

/Suicide_Binaries.sh
/Suicide_ntpd
/Suicide_sshd
/Suicide_openssh
/Suicide_bash
/Suicide_tftp
/Suicide_wget
/Suicide_cron
/Suicide_ftp
/Suicide_pftp
/Suicide_sh

# Reference: https://perchsecurity.com/perch-news/threat-report-sunday-february-3rd-2019/ (Mirai-based Cayosin variation)

hostnamepxssy.club
/cock.arc
/cock.arm
/cock.arm4
/cock.arm4l
/cock.arm4t
/cock.armv4l
/cock.arm5
/cock.arm5n
/cock.arm6
/cock.arm7
/cock.dbg
/cock.i486
/cock.i586
/cock.i686
/cock.m68k
/cock.mips
/cock.mips64
/cock.mpsl
/cock.ppc
/cock.ppc440
/cock.root
/cock.sh
/cock.sh4
/cock.spc
/cock.sparc
/cock.x32
/cock.x64
/cock.x86
/cock.x86_32
/cock.x86_64

# Reference: https://imgur.com/a/4YxuSfV (Mirai-based Cayosin variation)

hakaiboatnet.pw

# Reference: https://twitter.com/bad_packets/status/1115117347537215488

/shenzi.arc
/shenzi.arm
/shenzi.arm4
/shenzi.arm4l
/shenzi.arm4t
/shenzi.armv4l
/shenzi.arm5
/shenzi.arm5n
/shenzi.arm6
/shenzi.arm7
/shenzi.dbg
/shenzi.i486
/shenzi.i586
/shenzi.i686
/shenzi.m68k
/shenzi.mips
/shenzi.mips64
/shenzi.mpsl
/shenzi.ppc
/shenzi.ppc440
/shenzi.root
/shenzi.sh
/shenzi.sh4
/shenzi.spc
/shenzi.sparc
/shenzi.x32
/shenzi.x64
/shenzi.x86
/shenzi.x86_32
/shenzi.x86_64

# Reference: https://unit42.paloaltonetworks.com/mirai-compiled-for-new-processor-surfaces/
# Reference: https://twitter.com/bad_packets/status/1128029491010269184

/haarch64
/haarch64be
/harm4
/harm5
/harm6
/harm7
/hm68k
/hm68k-68xxx
/hmips
/hmips64
/hmipsl
/hmpsl
# /hppc
/hsh4
/hspc
/hx86
/hx64
/hx86-64-core-i7
/hx86-core2
/hx86-i486
/hx86-i586
/hx86-i686

# Reference: https://twitter.com/bad_packets/status/1115508643246399488
# Reference: https://twitter.com/0xrb/status/1114065129392431104

/ronin.dlink
/ronin.arc
/ronin.arm
/ronin.arm4
/ronin.arm4l
/ronin.arm4t
/ronin.armv4l
/ronin.arm5
/ronin.arm5n
/ronin.arm6
/ronin.arm7
/ronin.dbg
/ronin.i486
/ronin.i586
/ronin.i686
/ronin.m68k
/ronin.mips
/ronin.mips64
/ronin.mpsl
/ronin.mipsel
/ronin.ppc
/ronin.ppc440
/ronin.root
/ronin.sh
/ronin.sh4
/ronin.spc
/ronin.sparc
/ronin.x32
/ronin.x64
/ronin.x86
/ronin.x86_32
/ronin.x86_64

# Reference: https://twitter.com/bad_packets/status/1114705254195519489

/akira.arc
/akira.arm
/akira.arm4
/akira.arm4l
/akira.arm4t
/akira.armv4l
/akira.arm5
/akira.arm5n
/akira.arm6
/akira.arm7
/akira.dbg
/akira.i486
/akira.i586
/akira.i686
/akira.m68k
/akira.mips
/akira.mips64
/akira.mpsl
/akira.ppc
/akira.ppc440
/akira.root
/akira.sh
/akira.sh4
/akira.spc
/akira.sparc
/akira.x32
/akira.x64
/akira.x86
/akira.x86_32
/akira.x86_64

# Reference: https://twitter.com/Artilllerie/status/1115556048243437568
# Reference: https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf

cnc.subby.xyz
scan.subby.xyz
51.68.214.116:3301

# Reference: https://twitter.com/zom3y3/status/1115481065701830657

149.255.36.139:1747
/bl.arc
/bl.arm
/bl.arm4
/bl.arm4l
/bl.arm4t
/bl.armv4l
/bl.arm5
/bl.arm5n
/bl.arm6
/bl.arm7
/bl.dbg
/bl.i486
/bl.i586
/bl.i686
/bl.m68k
/bl.mips
/bl.mips64
/bl.mpsl
/bl.ppc
/bl.ppc440
/bl.root
/bl.sh
/bl.sh4
/bl.spc
/bl.sparc
/bl.x32
/bl.x64
/bl.x86
/bl.x86_32
/bl.x86_64

# Reference: https://twitter.com/0xrb/status/1116988853812903936

/synbin.sh
/synbotpp.arc
/synbotpp.arm
/synbotpp.arm4
/synbotpp.arm4l
/synbotpp.arm4t
/synbotpp.armv4l
/synbotpp.arm5
/synbotpp.arm5n
/synbotpp.arm6
/synbotpp.arm7
/synbotpp.dbg
/synbotpp.i486
/synbotpp.i586
/synbotpp.i6
/synbotpp.i686
/synbotpp.m68k
/synbotpp.mips
/synbotpp.mips64
/synbotpp.mpsl
/synbotpp.mipsel
/synbotpp.ppc
/synbotpp.ppc440
/synbotpp.root
/synbotpp.sh
/synbotpp.sh4
/synbotpp.spc
/synbotpp.sparc
/synbotpp.x32
/synbotpp.x64
/synbotpp.x86
/synbotpp.x86_32
/synbotpp.x86_64

# Reference: https://twitter.com/0xrb/status/1116896431468699648

/Vanish.arc
/Vanish.arm
/Vanish.arm4
/Vanish.arm4l
/Vanish.arm4t
/Vanish.armv4l
/Vanish.arm5
/Vanish.arm5n
/Vanish.arm6
/Vanish.arm7
/Vanish.dbg
/Vanish.i486
/Vanish.i586
/Vanish.i686
/Vanish.m68k
/Vanish.mips
/Vanish.mips64
/Vanish.mpsl
/Vanish.mipsel
/Vanish.ppc
/Vanish.ppc440
/Vanish.root
/Vanish.sh
/Vanish.sh4
/Vanish.spc
/Vanish.sparc
/Vanish.x32
/Vanish.x64
/Vanish.x86
/Vanish.x86_32
/Vanish.x86_64

# Reference: https://twitter.com/0xrb/status/1115913590450589696

104.168.140.207:9375
/g0dm0d333.arc
/g0dm0d333.arm
/g0dm0d333.arm4
/g0dm0d333.arm4l
/g0dm0d333.arm4t
/g0dm0d333.armv4l
/g0dm0d333.arm5
/g0dm0d333.arm5n
/g0dm0d333.arm6
/g0dm0d333.arm7
/g0dm0d333.dbg
/g0dm0d333.i486
/g0dm0d333.i586
/g0dm0d333.i686
/g0dm0d333.m68k
/g0dm0d333.mips
/g0dm0d333.mips64
/g0dm0d333.mpsl
/g0dm0d333.mipsel
/g0dm0d333.ppc
/g0dm0d333.ppc440
/g0dm0d333.root
/g0dm0d333.sh
/g0dm0d333.sh4
/g0dm0d333.spc
/g0dm0d333.sparc
/g0dm0d333.x32
/g0dm0d333.x64
/g0dm0d333.x86
/g0dm0d333.x86_32
/g0dm0d333.x86_64

# Reference: https://twitter.com/executemalware/status/1009842279924813826

/mirai-ssh.arc
/mirai-ssh.arm
/mirai-ssh.arm4
/mirai-ssh.arm4l
/mirai-ssh.arm4t
/mirai-ssh.armv4l
/mirai-ssh.arm5
/mirai-ssh.arm5n
/mirai-ssh.arm6
/mirai-ssh.arm7
/mirai-ssh.dbg
/mirai-ssh.i486
/mirai-ssh.i586
/mirai-ssh.i686
/mirai-ssh.m68k
/mirai-ssh.mips
/mirai-ssh.mips64
/mirai-ssh.mpsl
/mirai-ssh.mipsel
/mirai-ssh.ppc
/mirai-ssh.ppc440
/mirai-ssh.root
/mirai-ssh.sh
/mirai-ssh.sh4
/mirai-ssh.spc
/mirai-ssh.sparc
/mirai-ssh.x32
/mirai-ssh.x64
/mirai-ssh.x86
/mirai-ssh.x86_32
/mirai-ssh.x86_64

# Reference: https://twitter.com/GranetMan/status/831622173068509185

/dlr.arc
/dlr.arm
/dlr.arm4
/dlr.arm4l
/dlr.arm4t
/dlr.armv4l
/dlr.arm5
/dlr.arm5n
/dlr.arm6
/dlr.arm7
/dlr.dbg
/dlr.i486
/dlr.i586
/dlr.i686
/dlr.m68k
/dlr.mips
/dlr.mips64
/dlr.mpsl
/dlr.mipsel
/dlr.ppc
/dlr.ppc440
/dlr.root
/dlr.sh
/dlr.sh4
/dlr.spc
/dlr.sparc
/dlr.x32
/dlr.x64
/dlr.x86
/dlr.x86_32
/dlr.x86_64

# Reference: https://twitter.com/bad_packets/status/1117596904768987136

love.thotiana.live
/kek.arc
/kek.arm
/kek.arm4
/kek.arm4l
/kek.arm4t
/kek.armv4l
/kek.arm5
/kek.arm5n
/kek.arm6
/kek.arm7
/kek.dbg
/kek.i486
/kek.i586
/kek.i686
/kek.m68k
/kek.mips
/kek.mips64
/kek.mpsl
/kek.mipsel
/kek.ppc
/kek.ppc440
/kek.root
/kek.sh
/kek.sh4
/kek.spc
/kek.sparc
/kek.x32
/kek.x64
/kek.x86
/kek.x86_32
/kek.x86_64

# Reference: https://twitter.com/0xrb/status/1118418257671680001

/ZuoIdj.arc
/ZuoIdj.arm
/ZuoIdj.arm4
/ZuoIdj.arm4l
/ZuoIdj.arm4t
/ZuoIdj.armv4l
/ZuoIdj.arm5
/ZuoIdj.arm5n
/ZuoIdj.arm6
/ZuoIdj.arm7
/ZuoIdj.dbg
/ZuoIdj.i486
/ZuoIdj.i586
/ZuoIdj.i686
/ZuoIdj.m68k
/ZuoIdj.mips
/ZuoIdj.mips64
/ZuoIdj.mpsl
/ZuoIdj.mipsel
/ZuoIdj.ppc
/ZuoIdj.ppc440
/ZuoIdj.root
/ZuoIdj.sh
/ZuoIdj.sh4
/ZuoIdj.spc
/ZuoIdj.sparc
/ZuoIdj.x32
/ZuoIdj.x64
/ZuoIdj.x86
/ZuoIdj.x86_32
/ZuoIdj.x86_64

# Reference: https://twitter.com/0xrb/status/1118400700545929216

/liunx.arc
/liunx.arm
/liunx.arm4
/liunx.arm4l
/liunx.arm4t
/liunx.armv4l
/liunx.arm5
/liunx.arm5n
/liunx.arm6
/liunx.arm7
/liunx.dbg
/liunx.i486
/liunx.i586
/liunx.i686
/liunx.m68k
/liunx.mips
/liunx.mips64
/liunx.mpsl
/liunx.mipsel
/liunx.ppc
/liunx.ppc440
/liunx.root
/liunx.sh
/liunx.sh4
/liunx.spc
/liunx.sparc
/liunx.x32
/liunx.x64
/liunx.x86
/liunx.x86_32
/liunx.x86_64

# Reference: https://twitter.com/0xrb/status/1115923901710602240

/gadfe.arc
/gadfe.arm
/gadfe.arm4
/gadfe.arm4l
/gadfe.arm4t
/gadfe.armv4l
/gadfe.arm5
/gadfe.arm5n
/gadfe.arm6
/gadfe.arm7
/gadfe.dbg
/gadfe.i486
/gadfe.i586
/gadfe.i686
/gadfe.m68k
/gadfe.mips
/gadfe.mips64
/gadfe.mpsl
/gadfe.mipsel
/gadfe.ppc
/gadfe.ppc440
/gadfe.root
/gadfe.sh
/gadfe.sh4
/gadfe.spc
/gadfe.sparc
/gadfe.x32
/gadfe.x64
/gadfe.x86
/gadfe.x86_32
/gadfe.x86_64
/gafdse.arc
/gafdse.arm
/gafdse.arm4
/gafdse.arm4l
/gafdse.arm4t
/gafdse.armv4l
/gafdse.arm5
/gafdse.arm5n
/gafdse.arm6
/gafdse.arm7
/gafdse.dbg
/gafdse.i486
/gafdse.i586
/gafdse.i686
/gafdse.m68k
/gafdse.mips
/gafdse.mips64
/gafdse.mpsl
/gafdse.mipsel
/gafdse.ppc
/gafdse.ppc440
/gafdse.root
/gafdse.sh
/gafdse.sh4
/gafdse.spc
/gafdse.sparc
/gafdse.x32
/gafdse.x64
/gafdse.x86
/gafdse.x86_32
/gafdse.x86_64
/gaefds.arc
/gaefds.arm
/gaefds.arm4
/gaefds.arm4l
/gaefds.arm4t
/gaefds.armv4l
/gaefds.arm5
/gaefds.arm5n
/gaefds.arm6
/gaefds.arm7
/gaefds.dbg
/gaefds.i486
/gaefds.i586
/gaefds.i686
/gaefds.m68k
/gaefds.mips
/gaefds.mips64
/gaefds.mpsl
/gaefds.mipsel
/gaefds.ppc
/gaefds.ppc440
/gaefds.root
/gaefds.sh
/gaefds.sh4
/gaefds.spc
/gaefds.sparc
/gaefds.x32
/gaefds.x64
/gaefds.x86
/gaefds.x86_32
/gaefds.x86_64
/sdfza.arc
/sdfza.arm
/sdfza.arm4
/sdfza.arm4l
/sdfza.arm4t
/sdfza.armv4l
/sdfza.arm5
/sdfza.arm5n
/sdfza.arm6
/sdfza.arm7
/sdfza.dbg
/sdfza.i486
/sdfza.i586
/sdfza.i686
/sdfza.m68k
/sdfza.mips
/sdfza.mips64
/sdfza.mpsl
/sdfza.mipsel
/sdfza.ppc
/sdfza.ppc440
/sdfza.root
/sdfza.sh
/sdfza.sh4
/sdfza.spc
/sdfza.sparc
/sdfza.x32
/sdfza.x64
/sdfza.x86
/sdfza.x86_32
/sdfza.x86_64
/yafsda.arc
/yafsda.arm
/yafsda.arm4
/yafsda.arm4l
/yafsda.arm4t
/yafsda.armv4l
/yafsda.arm5
/yafsda.arm5n
/yafsda.arm6
/yafsda.arm7
/yafsda.dbg
/yafsda.i486
/yafsda.i586
/yafsda.i686
/yafsda.m68k
/yafsda.mips
/yafsda.mips64
/yafsda.mpsl
/yafsda.mipsel
/yafsda.ppc
/yafsda.ppc440
/yafsda.root
/yafsda.sh
/yafsda.sh4
/yafsda.spc
/yafsda.sparc
/yafsda.x32
/yafsda.x64
/yafsda.x86
/yafsda.x86_32
/yafsda.x86_64
/yaksddfs.arc
/yaksddfs.arm
/yaksddfs.arm4
/yaksddfs.arm4l
/yaksddfs.arm4t
/yaksddfs.armv4l
/yaksddfs.arm5
/yaksddfs.arm5n
/yaksddfs.arm6
/yaksddfs.arm7
/yaksddfs.dbg
/yaksddfs.i486
/yaksddfs.i586
/yaksddfs.i686
/yaksddfs.m68k
/yaksddfs.mips
/yaksddfs.mips64
/yaksddfs.mpsl
/yaksddfs.mipsel
/yaksddfs.ppc
/yaksddfs.ppc440
/yaksddfs.root
/yaksddfs.sh
/yaksddfs.sh4
/yaksddfs.spc
/yaksddfs.sparc
/yaksddfs.x32
/yaksddfs.x64
/yaksddfs.x86
/yaksddfs.x86_32
/yaksddfs.x86_64
/yasddfa.arc
/yasddfa.arm
/yasddfa.arm4
/yasddfa.arm4l
/yasddfa.arm4t
/yasddfa.armv4l
/yasddfa.arm5
/yasddfa.arm5n
/yasddfa.arm6
/yasddfa.arm7
/yasddfa.dbg
/yasddfa.i486
/yasddfa.i586
/yasddfa.i686
/yasddfa.m68k
/yasddfa.mips
/yasddfa.mips64
/yasddfa.mpsl
/yasddfa.mipsel
/yasddfa.ppc
/yasddfa.ppc440
/yasddfa.root
/yasddfa.sh
/yasddfa.sh4
/yasddfa.spc
/yasddfa.sparc
/yasddfa.x32
/yasddfa.x64
/yasddfa.x86
/yasddfa.x86_32
/yasddfa.x86_64
/ysdfd.arc
/ysdfd.arm
/ysdfd.arm4
/ysdfd.arm4l
/ysdfd.arm4t
/ysdfd.armv4l
/ysdfd.arm5
/ysdfd.arm5n
/ysdfd.arm6
/ysdfd.arm7
/ysdfd.dbg
/ysdfd.i486
/ysdfd.i586
/ysdfd.i686
/ysdfd.m68k
/ysdfd.mips
/ysdfd.mips64
/ysdfd.mpsl
/ysdfd.mipsel
/ysdfd.ppc
/ysdfd.ppc440
/ysdfd.root
/ysdfd.sh
/ysdfd.sh4
/ysdfd.spc
/ysdfd.sparc
/ysdfd.x32
/ysdfd.x64
/ysdfd.x86
/ysdfd.x86_32
/ysdfd.x86_64
/yafdza.arc
/yafdza.arm
/yafdza.arm4
/yafdza.arm4l
/yafdza.arm4t
/yafdza.armv4l
/yafdza.arm5
/yafdza.arm5n
/yafdza.arm6
/yafdza.arm7
/yafdza.dbg
/yafdza.i486
/yafdza.i586
/yafdza.i686
/yafdza.m68k
/yafdza.mips
/yafdza.mips64
/yafdza.mpsl
/yafdza.mipsel
/yafdza.ppc
/yafdza.ppc440
/yafdza.root
/yafdza.sh
/yafdza.sh4
/yafdza.spc
/yafdza.sparc
/yafdza.x32
/yafdza.x64
/yafdza.x86
/yafdza.x86_32
/yafdza.x86_64

# Reference: https://twitter.com/0xrb/status/1114055819400699904

/pussy.sh
/legion.arc
/legion.arm
/legion.arm4
/legion.arm4l
/legion.arm4t
/legion.armv4l
/legion.arm5
/legion.arm5n
/legion.arm6
/legion.arm7
/legion.dbg
/legion.i486
/legion.i586
/legion.i686
/legion.m68k
/legion.mips
/legion.mips64
/legion.mpsl
/legion.mipsel
/legion.ppc
/legion.ppc440
/legion.root
/legion.sh
/legion.sh4
/legion.spc
/legion.sparc
/legion.x32
/legion.x64
/legion.x86
/legion.x86_32
/legion.x86_64

# Reference: https://twitter.com/0xrb/status/1114051759536627713

/Kiexi.arc
/Kiexi.arm
/Kiexi.arm4
/Kiexi.arm4l
/Kiexi.arm4t
/Kiexi.armv4l
/Kiexi.arm5
/Kiexi.arm5n
/Kiexi.arm6
/Kiexi.arm7
/Kiexi.dbg
/Kiexi.i486
/Kiexi.i586
/Kiexi.i686
/Kiexi.m68k
/Kiexi.mips
/Kiexi.mips64
/Kiexi.mpsl
/Kiexi.mipsel
/Kiexi.ppc
/Kiexi.ppc440
/Kiexi.root
/Kiexi.sh
/Kiexi.sh4
/Kiexi.spc
/Kiexi.sparc
/Kiexi.x32
/Kiexi.x64
/Kiexi.x86
/Kiexi.x86_32
/Kiexi.x86_64

# Reference: https://twitter.com/0xrb/status/1113496589354639361

/Matrix.arc
/Matrix.arm
/Matrix.arm4
/Matrix.arm4l
/Matrix.arm4t
/Matrix.armv4l
/Matrix.arm5
/Matrix.arm5n
/Matrix.arm6
/Matrix.arm7
/Matrix.dbg
/Matrix.i486
/Matrix.i586
/Matrix.i686
/Matrix.m68k
/Matrix.mips
/Matrix.mips64
/Matrix.mpsl
/Matrix.mipsel
/Matrix.ppc
/Matrix.ppc440
/Matrix.root
/Matrix.sh
/Matrix.sh4
/Matrix.spc
/Matrix.sparc
/Matrix.x32
/Matrix.x64
/Matrix.x86
/Matrix.x86_32
/Matrix.x86_64

# Reference: https://twitter.com/0xrb/status/1113132492008099845

/arc.orenji
/arm.orenji
/arm4.orenji
/armv4l.orenji
/arm5.orenji
/arm5n.orenji
/arm6.orenji
/arm7.orenji
/dbg.orenji
/i586.orenji
/i686.orenji
/m68k.orenji
/mips.orenji
/mips64.orenji
/mpsl.orenji
/ppc.orenji
/sh4.orenji
/spc.orenji
/sparc.orenji
/x32.orenji
/x64.orenji
/x86_64.orenji

# Reference: https://twitter.com/0xrb/status/1108635699325136896

/momentum.arc
/momentum.arm
/momentum.arm4
/momentum.arm4l
/momentum.arm4t
/momentum.armv4l
/momentum.arm5
/momentum.arm5n
/momentum.armv5l
/momentum.arm6
/momentum.armv6l
/momentum.arm7
/momentum.dbg
/momentum.i486
/momentum.i586
/momentum.i686
/momentum.m68k
/momentum.mips
/momentum.mips64
/momentum.mpsl
/momentum.mipsel
/momentum.ppc
/momentum.powerpc
/momentum.ppc440
/momentum.root
/momentum.sh
/momentum.sh4
/momentum.spc
/momentum.sparc
/momentum.x32
/momentum.x64
/momentum.x86
/momentum.x86_32
/momentum.x86_64

# Reference: https://twitter.com/0xrb/status/1108293858113277952

/FARE.arc
/FARE.arm
/FARE.arm4
/FARE.arm4l
/FARE.arm4t
/FARE.armv4l
/FARE.arm5
/FARE.arm5n
/FARE.arm6
/FARE.arm7
/FARE.dbg
/FARE.i486
/FARE.i586
/FARE.i686
/FARE.m68k
/FARE.mips
/FARE.mips64
/FARE.mpsl
/FARE.mipsel
/FARE.ppc
/FARE.ppc440
/FARE.root
/FARE.sh
/FARE.sh4
/FARE.spc
/FARE.sparc
/FARE.x32
/FARE.x64
/FARE.x86
/FARE.x86_32
/FARE.x86_64

# Reference: https://twitter.com/0xrb/status/1108048782468501504

/kito.arc
/kito.arm
/kito.arm4
/kito.arm4l
/kito.arm4t
/kito.armv4l
/kito.arm5
/kito.arm5n
/kito.arm6
/kito.arm7
/kito.dbg
/kito.i486
/kito.i586
/kito.i686
/kito.m68k
/kito.mips
/kito.mips64
/kito.mpsl
/kito.mipsel
/kito.ppc
/kito.ppc440
/kito.root
/kito.sh
/kito.sh4
/kito.spc
/kito.sparc
/kito.x32
/kito.x64
/kito.x86
/kito.x86_32
/kito.x86_64

# Reference: https://twitter.com/0xrb/status/1108045008320581632

/sunless.arc
/sunless.arm
/sunless.arm4
/sunless.arm4l
/sunless.arm4t
/sunless.armv4l
/sunless.arm5
/sunless.arm5n
/sunless.arm6
/sunless.arm7
/sunless.dbg
/sunless.i486
/sunless.i586
/sunless.i686
/sunless.m68k
/sunless.mips
/sunless.mips64
/sunless.mpsl
/sunless.mipsel
/sunless.ppc
/sunless.ppc440
/sunless.root
/sunless.sh
/sunless.sh4
/sunless.spc
/sunless.sparc
/sunless.x32
/sunless.x64
/sunless.x86
/sunless.x86_32
/sunless.x86_64

# Reference: https://twitter.com/ankit_anubhav/status/1107934291558916099

/fish.arc
/fish.arm
/fish.arm4
/fish.arm4l
/fish.arm4t
/fish.armv4l
/fish.arm5
/fish.arm5n
/fish.arm6
/fish.arm7
/fish.dbg
/fish.i486
/fish.i586
/fish.i686
/fish.m68k
/fish.mips
/fish.mips64
/fish.mpsl
/fish.mipsel
/fish.ppc
/fish.ppc440
/fish.root
/fish.sh
/fish.sh4
/fish.spc
/fish.sparc
/fish.x32
/fish.x64
/fish.x86
/fish.x86_32
/fish.x86_64

# Reference: https://twitter.com/0xrb/status/1107842666673381378

/WW3V1SRC.arc
/WW3V1SRC.arm
/WW3V1SRC.arm4
/WW3V1SRC.arm4l
/WW3V1SRC.arm4t
/WW3V1SRC.armv4l
/WW3V1SRC.arm5
/WW3V1SRC.arm5n
/WW3V1SRC.arm6
/WW3V1SRC.arm7
/WW3V1SRC.dbg
/WW3V1SRC.i486
/WW3V1SRC.i586
/WW3V1SRC.i686
/WW3V1SRC.m68k
/WW3V1SRC.mips
/WW3V1SRC.mips64
/WW3V1SRC.mpsl
/WW3V1SRC.mipsel
/WW3V1SRC.ppc
/WW3V1SRC.ppc440
/WW3V1SRC.root
/WW3V1SRC.sh
/WW3V1SRC.sh4
/WW3V1SRC.spc
/WW3V1SRC.sparc
/WW3V1SRC.x32
/WW3V1SRC.x64
/WW3V1SRC.x86
/WW3V1SRC.x86_32
/WW3V1SRC.x86_64

# Reference: https://twitter.com/0xrb/status/1107838407353528320

/njs.arc
/njs.arm
/njs.arm4
/njs.arm4l
/njs.arm4t
/njs.armv4l
/njs.arm5
/njs.arm5n
/njs.arm6
/njs.arm7
/njs.dbg
/njs.i486
/njs.i586
/njs.i686
/njs.m68k
/njs.mips
/njs.mips64
/njs.mpsl
/njs.mipsel
/njs.ppc
/njs.ppc440
/njs.root
/njs.sh
/njs.sh4
/njs.spc
/njs.sparc
/njs.x32
/njs.x64
/njs.x86
/njs.x86_32
/njs.x86_64

# Reference: https://twitter.com/0xrb/status/1107836003056869376

/thisissh

# Reference: https://twitter.com/0xrb/status/1106473339055497217

/qarc
/qarm
/qarm4
/qarm4l
/qarm4t
/qarmv4l
/qarm5
/qarm5n
/qarm6
/qarm7
/qdbg
/qi486
/qi586
/qi686
/qm68k
/qmips
/qmips64
/qmpsl
/qmipsel
/qppc
/qppc440
/qroot
/qsh
/qsh4
/qspc
/qsparc
/qx32
/qx64
/qx86
/qx86_32
/qx86_64
/hua

# Reference: https://twitter.com/0xrb/status/1105656726026637312

/rebirth.arc
/rebirth.arm
/rebirth.arm4
/rebirth.arm4l
/rebirth.arm4t
/rebirth.armv4l
/rebirth.arm5
/rebirth.arm5n
/rebirth.arm6
/rebirth.arm7
/rebirth.dbg
/rebirth.i486
/rebirth.i586
/rebirth.i686
/rebirth.m68k
/rebirth.mips
/rebirth.mips64
/rebirth.mpsl
/rebirth.mipsel
/rebirth.ppc
/rebirth.ppc440
/rebirth.root
/rebirth.sh
/rebirth.sh4
/rebirth.spc
/rebirth.sparc
/rebirth.x32
/rebirth.x64
/rebirth.x86
/rebirth.x86_32
/rebirth.x86_64

# Reference: https://twitter.com/0xrb/status/1105421139621208064

/tuna.arc
/tuna.arm
/tuna.arm4
/tuna.arm4l
/tuna.arm4t
/tuna.armv4l
/tuna.arm5
/tuna.arm5n
/tuna.arm6
/tuna.arm7
/tuna.dbg
/tuna.i486
/tuna.i586
/tuna.i686
/tuna.m68k
/tuna.mips
/tuna.mips64
/tuna.mpsl
/tuna.mipsel
/tuna.ppc
/tuna.ppc440
/tuna.root
/tuna.sh
/tuna.sh4
/tuna.spc
/tuna.sparc
/tuna.x32
/tuna.x64
/tuna.x86
/tuna.x86_32
/tuna.x86_64

# Reference: https://twitter.com/0xrb/status/1105414365971247104

/daku.arc
/daku.arm
/daku.arm4
/daku.arm4l
/daku.arm4t
/daku.armv4l
/daku.arm5
/daku.arm5n
/daku.arm6
/daku.arm7
/daku.rm7
/daku.dbg
/daku.i486
/daku.i586
/daku.i686
/daku.m68k
/daku.mips
/daku.mips64
/daku.mpsl
/daku.mipsel
/daku.ppc
/daku.ppc440
/daku.root
/daku.sh
/daku.sh4
/daku.spc
/daku.sparc
/daku.x32
/daku.x64
/daku.x86
/daku.x86_32
/daku.x86_64

# Reference: https://twitter.com/0xrb/status/1105094830034690050

/guguru.arc
/guguru.arm
/guguru.arm4
/guguru.arm4l
/guguru.arm4t
/guguru.armv4l
/guguru.arm5
/guguru.arm5n
/guguru.arm6
/guguru.arm7
/guguru.dbg
/guguru.i486
/guguru.i586
/guguru.i686
/guguru.m68k
/guguru.mips
/guguru.mips64
/guguru.mpsl
/guguru.mipsel
/guguru.ppc
/guguru.ppc440
/guguru.root
/guguru.sh
/guguru.sh4
/guguru.spc
/guguru.sparc
/guguru.x32
/guguru.x64
/guguru.x86
/guguru.x86_32
/guguru.x86_64

# Reference: https://twitter.com/0xrb/status/1102830637365387264

/lessie.arc
/lessie.arm
/lessie.arm4
/lessie.arm4l
/lessie.arm4t
/lessie.armv4l
/lessie.arm5
/lessie.arm5n
/lessie.arm6
/lessie.arm7
/lessie.dbg
/lessie.i486
/lessie.i586
/lessie.i686
/lessie.m68k
/lessie.mips
/lessie.mips64
/lessie.mpsl
/lessie.mipsel
/lessie.ppc
/lessie.ppc440
/lessie.root
/lessie.sh
/lessie.sh4
/lessie.spc
/lessie.sparc
/lessie.x32
/lessie.x64
/lessie.x86
/lessie.x86_32
/lessie.x86_64

# Reference: https://twitter.com/0xrb/status/1102457417856630785

/big.arc
/big.arm
/big.arm4
/big.arm4l
/big.arm4t
/big.arm4tl
/big.armv4l
/big.arm5
/big.arm5n
/big.arm6
/big.arm7
/big.dbg
/big.i486
/big.i586
/big.i686
/big.m68
/big.m68k
/big.mips
/big.mips64
/big.mpsl
/big.mipsel
/big.ppc
/big.ppc440
/big.root
/big.sh
/big.sh4
/big.spc
/big.sparc
/big.x32
/big.x64
/big.x86
/big.x86_32
/big.x86_64

# Reference: https://twitter.com/0xrb/status/1102401391887290369

/senpai.arc
/senpai.arm
/senpai.arm4
/senpai.arm4l
/senpai.arm4t
/senpai.armv4l
/senpai.arm5
/senpai.arm5n
/senpai.arm6
/senpai.arm7
/senpai.dbg
/senpai.i486
/senpai.i586
/senpai.i686
/senpai.m68k
/senpai.mips
/senpai.mips64
/senpai.mpsl
/senpai.mipsel
/senpai.ppc
/senpai.ppc440
/senpai.root
/senpai.sh
/senpai.sh4
/senpai.spc
/senpai.sparc
/senpai.x32
/senpai.x64
/senpai.x86
/senpai.x86_32
/senpai.x86_64

# Reference: https://twitter.com/0xrb/status/1100657286354153472

/xd.arc
/xd.arm
/xd.arm4
/xd.arm4l
/xd.arm4t
/xd.armv4l
/xd.arm5
/xd.arm5n
/xd.arm6
/xd.arm7
/xd.dbg
/xd.i486
/xd.i586
/xd.i686
/xd.m68k
/xd.mips
/xd.mips64
/xd.mpsl
/xd.mipsel
/xd.ppc
/xd.ppc440
/xd.root
/xd.sh
/xd.sh4
/xd.spc
/xd.sparc
/xd.x32
/xd.x64
/xd.x86
/xd.x86_32
/xd.x86_64

# Reference: https://twitter.com/0xrb/status/1100325987294695427

/comethazine.arc
/comethazine.arm
/comethazine.arm4
/comethazine.arm4l
/comethazine.arm4t
/comethazine.armv4l
/comethazine.arm5
/comethazine.arm5n
/comethazine.arm6
/comethazine.arm7
/comethazine.dbg
/comethazine.i486
/comethazine.i586
/comethazine.i686
/comethazine.m68k
/comethazine.mips
/comethazine.mips64
/comethazine.mpsl
/comethazine.mipsel
/comethazine.ppc
/comethazine.ppc440
/comethazine.root
/comethazine.sh
/comethazine.sh4
/comethazine.spc
/comethazine.sparc
/comethazine.x32
/comethazine.x64
/comethazine.x86
/comethazine.x86_32
/comethazine.x86_64

# Reference: https://twitter.com/0xrb/status/1100323162665799680

/shinobi.arc
/shinobi.arm
/shinobi.arm4
/shinobi.arm4l
/shinobi.arm4t
/shinobi.armv4l
/shinobi.arm5
/shinobi.arm5n
/shinobi.arm6
/shinobi.arm7
/shinobi.dbg
/shinobi.i486
/shinobi.i586
/shinobi.i686
/shinobi.m68k
/shinobi.mips
/shinobi.mips64
/shinobi.mpsl
/shinobi.mipsel
/shinobi.ppc
/shinobi.ppc440
/shinobi.root
/shinobi.sh
/shinobi.sh4
/shinobi.spc
/shinobi.sparc
/shinobi.x32
/shinobi.x64
/shinobi.x86
/shinobi.x86_32
/shinobi.x86_64

# Reference: https://twitter.com/0xrb/status/1098644363545059329

/mana.arc
/mana.arm
/mana.arm4
/mana.arm4l
/mana.arm4t
/mana.armv4l
/mana.arm5
/mana.arm5n
/mana.arm6
/mana.arm7
/mana.dbg
/mana.i486
/mana.i586
/mana.i686
/mana.m68k
/mana.mips
/mana.mips64
/mana.mpsl
/mana.mipsel
/mana.ppc
/mana.ppc440
/mana.root
/mana.sh
/mana.sh4
/mana.spc
/mana.sparc
/mana.x32
/mana.x64
/mana.x86
/mana.x86_32
/mana.x86_64

# Reference: https://twitter.com/0xrb/status/1098279273222365184

/xova.arc
/xova.arm
/xova.arm4
/xova.arm4l
/xova.arm4t
/xova.armv4l
/xova.arm5
/xova.arm5n
/xova.arm6
/xova.arm7
/xova.dbg
/xova.i486
/xova.i586
/xova.i686
/xova.m68k
/xova.mips
/xova.mips64
/xova.mpsl
/xova.mipsel
/xova.ppc
/xova.ppc440
/xova.root
/xova.sh
/xova.sh4
/xova.spc
/xova.sparc
/xova.x32
/xova.x64
/xova.x86
/xova.x86_32
/xova.x86_64

# Reference: https://twitter.com/0xrb/status/1098102422541500417

/Akiru.arc
/Akiru.arm
/Akiru.arm4
/Akiru.arm4l
/Akiru.arm4t
/Akiru.armv4l
/Akiru.arm5
/Akiru.arm5n
/Akiru.arm6
/Akiru.arm7
/Akiru.dbg
/Akiru.i486
/Akiru.i586
/Akiru.i686
/Akiru.m68k
/Akiru.mips
/Akiru.mips64
/Akiru.mpsl
/Akiru.mipsel
/Akiru.ppc
/Akiru.ppc440
/Akiru.root
/Akiru.sh
/Akiru.sh4
/Akiru.spc
/Akiru.sparc
/Akiru.x32
/Akiru.x64
/Akiru.x86
/Akiru.x86_32
/Akiru.x86_64

# Reference: https://twitter.com/0xrb/status/1097865113716117508

/storm.arc
/storm.arm
/storm.arm4
/storm.arm4l
/storm.arm4t
/storm.armv4l
/storm.arm5
/storm.arm5n
/storm.arm6
/storm.arm7
/storm.dbg
/storm.i486
/storm.i586
/storm.i686
/storm.m68k
/storm.mips
/storm.mips64
/storm.mpsl
/storm.mipsel
/storm.ppc
/storm.ppc440
/storm.root
/storm.sh
/storm.sh4
/storm.spc
/storm.sparc
/storm.x32
/storm.x64
/storm.x86
/storm.x86_32
/storm.x86_64

# Reference: https://twitter.com/0xrb/status/1097799680514236416

/HeFoundMyBinsKYS.arc
/HeFoundMyBinsKYS.arm
/HeFoundMyBinsKYS.arm4
/HeFoundMyBinsKYS.arm4l
/HeFoundMyBinsKYS.arm4t
/HeFoundMyBinsKYS.armv4l
/HeFoundMyBinsKYS.arm5
/HeFoundMyBinsKYS.arm5n
/HeFoundMyBinsKYS.arm6
/HeFoundMyBinsKYS.arm7
/HeFoundMyBinsKYS.dbg
/HeFoundMyBinsKYS.i486
/HeFoundMyBinsKYS.i586
/HeFoundMyBinsKYS.i686
/HeFoundMyBinsKYS.m68k
/HeFoundMyBinsKYS.mips
/HeFoundMyBinsKYS.mips64
/HeFoundMyBinsKYS.mpsl
/HeFoundMyBinsKYS.mipsel
/HeFoundMyBinsKYS.ppc
/HeFoundMyBinsKYS.ppc440
/HeFoundMyBinsKYS.root
/HeFoundMyBinsKYS.sh
/HeFoundMyBinsKYS.sh4
/HeFoundMyBinsKYS.spc
/HeFoundMyBinsKYS.sparc
/HeFoundMyBinsKYS.x32
/HeFoundMyBinsKYS.x64
/HeFoundMyBinsKYS.x86
/HeFoundMyBinsKYS.x86_32
/HeFoundMyBinsKYS.x86_64

# Reference: https://twitter.com/0xrb/status/1097392217243582464

/xbox.arc
/xbox.arm
/xbox.arm4
/xbox.arm4l
/xbox.arm4t
/xbox.armv4l
/xbox.arm5
/xbox.arm5n
/xbox.arm6
/xbox.arm7
/xbox.dbg
/xbox.i486
/xbox.i586
/xbox.i686
/xbox.m68k
/xbox.mips
/xbox.mips64
/xbox.mpsl
/xbox.mipsel
/xbox.ppc
/xbox.ppc440
/xbox.root
/xbox.sh
/xbox.sh4
/xbox.spc
/xbox.sparc
/xbox.x32
/xbox.x64
/xbox.x86
/xbox.x86_32
/xbox.x86_64

# Reference: https://twitter.com/0xrb/status/1096453342849654786

/Corona.arc
/Corona.arm
/Corona.arm4
/Corona.arm4l
/Corona.arm4t
/Corona.armv4l
/Corona.arm5
/Corona.arm5n
/Corona.arm6
/Corona.arm7
/Corona.dbg
/Corona.i486
/Corona.i586
/Corona.i686
/Corona.m68k
/Corona.mips
/Corona.mips64
/Corona.mpsl
/Corona.mipsel
/Corona.ppc
/Corona.ppc440
/Corona.root
/Corona.sh
/Corona.sh4
/Corona.spc
/Corona.sparc
/Corona.x32
/Corona.x64
/Corona.x86
/Corona.x86_32
/Corona.x86_64

# Reference: https://twitter.com/0xrb/status/1096446545094995974

/Amakano.arc
/Amakano.arm
/Amakano.arm4
/Amakano.arm4l
/Amakano.arm4t
/Amakano.armv4l
/Amakano.arm5
/Amakano.arm5n
/Amakano.arm6
/Amakano.arm7
/Amakano.dbg
/Amakano.i486
/Amakano.i586
/Amakano.i686
/Amakano.m68k
/Amakano.mips
/Amakano.mips64
/Amakano.mpsl
/Amakano.mipsel
/Amakano.ppc
/Amakano.ppc440
/Amakano.root
/Amakano.sh
/Amakano.sh4
/Amakano.spc
/Amakano.sparc
/Amakano.x32
/Amakano.x64
/Amakano.x86
/Amakano.x86_32
/Amakano.x86_64

# Reference: https://twitter.com/0xrb/status/1095983535855300608

/kdawa.arc
/kdawa.arm
/kdawa.arm4
/kdawa.arm4l
/kdawa.arm4t
/kdawa.armv4l
/kdawa.arm5
/kdawa.arm5n
/kdawa.arm6
/kdawa.arm7
/kdawa.dbg
/kdawa.i486
/kdawa.i586
/kdawa.i686
/kdawa.m68k
/kdawa.mips
/kdawa.mips64
/kdawa.mpsl
/kdawa.mipsel
/kdawa.ppc
/kdawa.ppc440
/kdawa.root
/kdawa.sh
/kdawa.sh4
/kdawa.spc
/kdawa.sparc
/kdawa.x32
/kdawa.x64
/kdawa.x86
/kdawa.x86_32
/kdawa.x86_64

# Reference: https://twitter.com/0xrb/status/1095933631099396096

/Unbound.arc
/Unbound.arm
/Unbound.arm4
/Unbound.arm4l
/Unbound.arm4t
/Unbound.armv4l
/Unbound.arm5
/Unbound.arm5n
/Unbound.arm6
/Unbound.arm7
/Unbound.dbg
/Unbound.i486
/Unbound.i586
/Unbound.i686
/Unbound.m68k
/Unbound.mips
/Unbound.mips64
/Unbound.mpsl
/Unbound.mipsel
/Unbound.ppc
/Unbound.ppc440
/Unbound.root
/Unbound.sh
/Unbound.sh4
/Unbound.spc
/Unbound.sparc
/Unbound.x32
/Unbound.x64
/Unbound.x86
/Unbound.x86_32
/Unbound.x86_64

# Reference: https://twitter.com/0xrb/status/1095739193907646464

/KowaiB3.arc
/KowaiB3.arm
/KowaiB3.arm4
/KowaiB3.arm4l
/KowaiB3.arm4t
/KowaiB3.armv4l
/KowaiB3.arm5
/KowaiB3.arm5n
/KowaiB3.arm6
/KowaiB3.arm7
/KowaiB3.dbg
/KowaiB3.i486
/KowaiB3.i586
/KowaiB3.i686
/KowaiB3.m68k
/KowaiB3.mips
/KowaiB3.mips64
/KowaiB3.mpsl
/KowaiB3.mipsel
/KowaiB3.ppc
/KowaiB3.ppc440
/KowaiB3.root
/KowaiB3.sh
/KowaiB3.sh4
/KowaiB3.spc
/KowaiB3.sparc
/KowaiB3.x32
/KowaiB3.x64
/KowaiB3.x86
/KowaiB3.x86_32
/KowaiB3.x86_64

# Reference: https://twitter.com/0xrb/status/1095342906724933636

/Omni.arc
/Omni.arm
/Omni.arm4
/Omni.arm4l
/Omni.arm4t
/Omni.armv4l
/Omni.arm5
/Omni.arm5n
/Omni.arm6
/Omni.arm7
/Omni.dbg
/Omni.i486
/Omni.i586
/Omni.i686
/Omni.m68k
/Omni.mips
/Omni.mips64
/Omni.mpsl
/Omni.mipsel
/Omni.ppc
/Omni.ppc440
/Omni.root
/Omni.sh
/Omni.sh4
/Omni.spc
/Omni.sparc
/Omni.x32
/Omni.x64
/Omni.x86
/Omni.x86_32
/Omni.x86_64

# Reference: https://twitter.com/0xrb/status/1094879391966932992
# Reference: https://twitter.com/bad_packets/status/1188553450876850176

34.94.100.213:1338
34.94.100.213:31337
jarry.online
/arc.idopoc
/arm.idopoc
/arm4.idopoc
/armv4l.idopoc
/arm5.idopoc
/arm5n.idopoc
/arm6.idopoc
/arm7.idopoc
/arm8.idopoc
/dbg.idopoc
/i586.idopoc
/i686.idopoc
/m68k.idopoc
/mips.idopoc
/mips64.idopoc
/mpsl.idopoc
/ppc.idopoc
/sh4.idopoc
/spc.idopoc
/sparc.idopoc
/x32.idopoc
/x86.idopoc
/x64.idopoc
/x86_32.idopoc
/x86_64.idopoc

# Reference: https://twitter.com/0xrb/status/1094591450522808326

/blecc.arc
/blecc.arm
/blecc.arm4
/blecc.arm4l
/blecc.arm4t
/blecc.arm4tl
/blecc.armv4l
/blecc.arm5
/blecc.arm5n
/blecc.arm6
/blecc.arm7
/blecc.dbg
/blecc.i486
/blecc.i586
/blecc.i686
/blecc.m68k
/blecc.mips
/blecc.mips64
/blecc.mpsl
/blecc.ppc
/blecc.ppc440
/blecc.powerppc
/blecc.root
/blecc.sh
/blecc.sh4
/blecc.spc
/blecc.sparc
/blecc.x32
/blecc.x64
/blecc.x86
/blecc.x86_32
/blecc.x86_64

# Reference: https://twitter.com/0xrb/status/1093736400275496960

/saskia.arc
/saskia.arm
/saskia.arm4
/saskia.arm4l
/saskia.arm4t
/saskia.arm4tl
/saskia.armv4l
/saskia.arm5
/saskia.arm5n
/saskia.arm6
/saskia.arm7
/saskia.dbg
/saskia.i486
/saskia.i586
/saskia.i686
/saskia.m68k
/saskia.mips
/saskia.mips64
/saskia.mpsl
/saskia.ppc
/saskia.ppc440
/saskia.powerppc
/saskia.root
/saskia.sh
/saskia.sh4
/saskia.spc
/saskia.sparc
/saskia.x32
/saskia.x64
/saskia.x86
/saskia.x86_32
/saskia.x86_64

# Reference: https://twitter.com/0xrb/status/1093399430189858816

/ssh2.arc
/ssh2.arm
/ssh2.arm4
/ssh2.arm4l
/ssh2.arm4t
/ssh2.arm4tl
/ssh2.armv4l
/ssh2.arm5
/ssh2.arm5n
/ssh2.arm6
/ssh2.arm7
/ssh2.dbg
/ssh2.i486
/ssh2.i586
/ssh2.i686
/ssh2.m68k
/ssh2.mips
/ssh2.mips64
/ssh2.mpsl
/ssh2.ppc
/ssh2.ppc440
/ssh2.powerppc
/ssh2.root
/ssh2.sh
/ssh2.sh4
/ssh2.spc
/ssh2.sparc
/ssh2.x32
/ssh2.x64
/ssh2.x86
/ssh2.x86_32
/ssh2.x86_64

# Reference: https://twitter.com/0xrb/status/1092324076599705600

/avengers.arc
/avengers.arm
/avengers.arm4
/avengers.arm4l
/avengers.arm4t
/avengers.arm4tl
/avengers.armv4l
/avengers.arm5
/avengers.arm5n
/avengers.arm6
/avengers.arm7
/avengers.dbg
/avengers.i486
/avengers.i586
/avengers.i686
/avengers.m68k
/avengers.mips
/avengers.mips64
/avengers.mpsl
/avengers.ppc
/avengers.ppc440
/avengers.powerppc
/avengers.root
/avengers.sh
/avengers.sh4
/avengers.spc
/avengers.sparc
/avengers.x32
/avengers.x64
/avengers.x86
/avengers.x86_32
/avengers.x86_64
/os.arc
/os.arm
/os.arm4
/os.arm4l
/os.arm4t
/os.arm4tl
/os.armv4l
/os.arm5
/os.arm5n
/os.arm6
/os.arm7
/os.dbg
/os.i486
/os.i586
/os.i686
/os.m68k
/os.mips
/os.mips64
/os.mpsl
/os.ppc
/os.ppc440
/os.powerppc
/os.root
/os.sh
/os.sh4
/os.spc
/os.sparc
/os.x32
/os.x64
/os.x86
/os.x86_32
/os.x86_64

# Reference: https://twitter.com/0xrb/status/1089780667259379713

/nisha.arc
/nisha.arm
/nisha.arm4
/nisha.arm4l
/nisha.arm4t
/nisha.arm4tl
/nisha.armv4l
/nisha.arm5
/nisha.arm5n
/nisha.arm6
/nisha.arm7
/nisha.dbg
/nisha.i486
/nisha.i586
/nisha.i686
/nisha.m68k
/nisha.mips
/nisha.mips64
/nisha.mpsl
/nisha.ppc
/nisha.ppc440
/nisha.powerppc
/nisha.root
/nisha.sh
/nisha.sh4
/nisha.spc
/nisha.sparc
/nisha.x32
/nisha.x64
/nisha.x86
/nisha.x86_32
/nisha.x86_64

# Reference: https://twitter.com/0xrb/status/1089578349284990978

/Skyfall.arc
/Skyfall.arm
/Skyfall.arm4
/Skyfall.arm4l
/Skyfall.arm4t
/Skyfall.arm4tl
/Skyfall.armv4l
/Skyfall.arm5
/Skyfall.arm5n
/Skyfall.arm6
/Skyfall.arm7
/Skyfall.dbg
/Skyfall.i486
/Skyfall.i586
/Skyfall.i686
/Skyfall.m68k
/Skyfall.mips
/Skyfall.mips64
/Skyfall.mpsl
/Skyfall.ppc
/Skyfall.ppc440
/Skyfall.powerppc
/Skyfall.root
/Skyfall.sh
/Skyfall.sh4
/Skyfall.spc
/Skyfall.sparc
/Skyfall.x32
/Skyfall.x64
/Skyfall.x86
/Skyfall.x86_32
/Skyfall.x86_64

# Reference: https://twitter.com/0xrb/status/1089525340949696512

/final.arc
/final.arm
/final.arm4
/final.arm4l
/final.arm4t
/final.arm4tl
/final.armv4l
/final.arm5
/final.arm5n
/final.arm6
/final.arm7
/final.dbg
/final.i486
/final.i586
/final.i686
/final.m68k
/final.mips
/final.mips64
/final.mpsl
/final.ppc
/final.ppc440
/final.powerppc
/final.root
/final.sh
/final.sh4
/final.spc
/final.sparc
/final.x32
/final.x64
/final.x86
/final.x86_32
/final.x86_64

# Reference: https://twitter.com/0xrb/status/1088325073994272768

/maticsdickishuge.arc
/maticsdickishuge.arm
/maticsdickishuge.arm4
/maticsdickishuge.arm4l
/maticsdickishuge.arm4t
/maticsdickishuge.arm4tl
/maticsdickishuge.armv4l
/maticsdickishuge.arm5
/maticsdickishuge.arm5n
/maticsdickishuge.arm6
/maticsdickishuge.arm7
/maticsdickishuge.dbg
/maticsdickishuge.i486
/maticsdickishuge.i586
/maticsdickishuge.i686
/maticsdickishuge.m68k
/maticsdickishuge.mips
/maticsdickishuge.mips64
/maticsdickishuge.mpsl
/maticsdickishuge.ppc
/maticsdickishuge.ppc440
/maticsdickishuge.powerppc
/maticsdickishuge.root
/maticsdickishuge.sh
/maticsdickishuge.sh4
/maticsdickishuge.spc
/maticsdickishuge.sparc
/maticsdickishuge.x32
/maticsdickishuge.x64
/maticsdickishuge.x86
/maticsdickishuge.x86_32
/maticsdickishuge.x86_64

# Reference: https://twitter.com/0xrb/status/1118934478418788353

/arc.daddyscum
/arm.daddyscum
/arm4.daddyscum
/armv4l.daddyscum
/arm5.daddyscum
/arm5n.daddyscum
/arm6.daddyscum
/arm7.daddyscum
/dbg.daddyscum
/i486.daddyscum
/i586.daddyscum
/i686.daddyscum
/m68k.daddyscum
/mips.daddyscum
/mips64.daddyscum
/mpsl.daddyscum
/ppc.daddyscum
/sh4.daddyscum
/spc.daddyscum
/sparc.daddyscum
/x32.daddyscum
/x64.daddyscum
/x86_64.daddyscum

# Reference: https://twitter.com/0xrb/status/1119280360783790082

157.230.43.191:45
/slav.arc
/slav.arm
/slav.arm4
/slav.arm4l
/slav.arm4t
/slav.arm4tl
/slav.armv4l
/slav.arm5
/slav.arm5n
/slav.arm6
/slav.arm7
/slav.dbg
/slav.i486
/slav.i586
/slav.i686
/slav.m68k
/slav.mips
/slav.mips64
/slav.mpsl
/slav.ppc
/slav.ppc440
/slav.powerppc
/slav.root
/slav.sh
/slav.sh4
/slav.spc
/slav.sparc
/slav.x32
/slav.x64
/slav.x86
/slav.x86_32
/slav.x86_64

# Reference: https://twitter.com/0xrb/status/1119288042156711938

77.73.70.235:6859

# Reference: https://twitter.com/0xrb/status/1117364213259931648

176.223.135.216:6859

# Reference: https://twitter.com/0xrb/status/1119428954350391296

51.68.214.116:8372

# Reference: https://twitter.com/0xrb/status/1119278432729407488

199.48.164.49:15412
/dayz.arc
/dayz.arm
/dayz.arm4
/dayz.arm4l
/dayz.arm4t
/dayz.arm4tl
/dayz.armv4l
/dayz.arm5
/dayz.arm5n
/dayz.arm6
/dayz.arm7
/dayz.dbg
/dayz.i486
/dayz.i586
/dayz.i686
/dayz.m68k
/dayz.mips
/dayz.mips64
/dayz.mpsl
/dayz.ppc
/dayz.ppc440
/dayz.powerppc
/dayz.root
/dayz.sh
/dayz.sh4
/dayz.spc
/dayz.sparc
/dayz.x32
/dayz.x64
/dayz.x86
/dayz.x86_32
/dayz.x86_64

# Reference: https://twitter.com/bad_packets/status/1120437110174097408

/ak.arc
/ak.arm
/ak.arm4
/ak.arm4l
/ak.arm4t
/ak.arm4tl
/ak.armv4l
/ak.arm5
/ak.arm5n
/ak.arm6
/ak.arm7
/ak.dbg
/ak.i486
/ak.i586
/ak.i686
/ak.m68k
/ak.mips
/ak.mips64
/ak.mpsl
/ak.ppc
/ak.ppc440
/ak.powerppc
/ak.root
/ak.sh
/ak.sh4
/ak.spc
/ak.sparc
/ak.x32
/ak.x64
/ak.x86
/ak.x86_32
/ak.x86_64
/BigAlma.arc
/BigAlma.arm
/BigAlma.arm4
/BigAlma.arm4l
/BigAlma.arm4t
/BigAlma.arm4tl
/BigAlma.armv4l
/BigAlma.arm5
/BigAlma.arm5n
/BigAlma.arm6
/BigAlma.arm7
/BigAlma.dbg
/BigAlma.i486
/BigAlma.i586
/BigAlma.i686
/BigAlma.m68k
/BigAlma.mips
/BigAlma.mips64
/BigAlma.mpsl
/BigAlma.ppc
/BigAlma.ppc440
/BigAlma.powerppc
/BigAlma.root
/BigAlma.sh
/BigAlma.sh4
/BigAlma.spc
/BigAlma.sparc
/BigAlma.x32
/BigAlma.x64
/BigAlma.x86
/BigAlma.x86_32
/BigAlma.x86_64

# Reference: https://twitter.com/smii_mondher/status/1120819533013573632
# Reference: https://twitter.com/0xrb/status/1121079666545188865

104.248.139.242:1024
/UnHAnaAW.arc
/UnHAnaAW.arm
/UnHAnaAW.arm4
/UnHAnaAW.arm4l
/UnHAnaAW.arm4t
/UnHAnaAW.arm4tl
/UnHAnaAW.armv4l
/UnHAnaAW.arm5
/UnHAnaAW.arm5n
/UnHAnaAW.arm6
/UnHAnaAW.arm7
/UnHAnaAW.dbg
/UnHAnaAW.i486
/UnHAnaAW.i586
/UnHAnaAW.i686
/UnHAnaAW.m68k
/UnHAnaAW.mips
/UnHAnaAW.mips64
/UnHAnaAW.mpsl
/UnHAnaAW.ppc
/UnHAnaAW.ppc440
/UnHAnaAW.powerppc
/UnHAnaAW.root
/UnHAnaAW.sh
/UnHAnaAW.sh4
/UnHAnaAW.spc
/UnHAnaAW.sparc
/UnHAnaAW.x32
/UnHAnaAW.x64
/UnHAnaAW.x86
/UnHAnaAW.x86_32
/UnHAnaAW.x86_64

# Reference: https://twitter.com/smii_mondher/status/1102272670626922496

/turbo.arc
/turbo.arm
/turbo.arm4
/turbo.arm4l
/turbo.arm4t
/turbo.arm4tl
/turbo.armv4l
/turbo.arm5
/turbo.arm5n
/turbo.arm6
/turbo.arm7
/turbo.dbg
/turbo.i486
/turbo.i586
/turbo.i686
/turbo.m68k
/turbo.mips
/turbo.mips64
/turbo.mpsl
/turbo.ppc
/turbo.ppc440
/turbo.powerppc
/turbo.root
/turbo.sh
/turbo.sh4
/turbo.spc
/turbo.sparc
/turbo.x32
/turbo.x64
/turbo.x86
/turbo.x86_32
/turbo.x86_64

# Reference: https://twitter.com/smii_mondher/status/1096711602236284928

/woah.arc
/woah.arm
/woah.arm4
/woah.arm4l
/woah.arm4t
/woah.arm4tl
/woah.armv4l
/woah.arm5
/woah.arm5n
/woah.arm6
/woah.arm7
/woah.dbg
/woah.i486
/woah.i586
/woah.i686
/woah.m68k
/woah.mips
/woah.mips64
/woah.mpsl
/woah.ppc
/woah.ppc440
/woah.powerppc
/woah.root
/woah.sh
/woah.sh4
/woah.spc
/woah.sparc
/woah.x32
/woah.x64
/woah.x86
/woah.x86_32
/woah.x86_64

# Reference: https://twitter.com/smii_mondher/status/1095759431336374272

/kadjw.arc
/kadjw.arm
/kadjw.arm4
/kadjw.arm4l
/kadjw.arm4t
/kadjw.arm4tl
/kadjw.armv4l
/kadjw.arm5
/kadjw.arm5n
/kadjw.arm6
/kadjw.arm7
/kadjw.dbg
/kadjw.i486
/kadjw.i586
/kadjw.i686
/kadjw.m68k
/kadjw.mips
/kadjw.mips64
/kadjw.mpsl
/kadjw.ppc
/kadjw.ppc440
/kadjw.powerppc
/kadjw.root
/kadjw.sh
/kadjw.sh4
/kadjw.spc
/kadjw.sparc
/kadjw.x32
/kadjw.x64
/kadjw.x86
/kadjw.x86_32
/kadjw.x86_64

# Reference: https://twitter.com/smii_mondher/status/1092404485434036225

/hitoarc
/hitoarm
/hitoarm4
/hitoarm4l
/hitoarm4t
/hitoarm4tl
/hitoarmv4l
/hitoarm5
/hitoarm5n
/hitoarm6
/hitoarm7
/hitodbg
/hitoi486
/hitoi586
/hitoi686
/hitom68k
/hitomips
/hitomips64
/hitompsl
/hitoppc
/hitoppc440
/hitopowerppc
/hitoroot
/hitosh
/hitosh4
/hitospc
/hitosparc
/hitox32
/hitox64
/hitox86
/hitox86_32
/hitox86_64

# Reference: https://twitter.com/smii_mondher/status/1061935757168967681

/khvirc.arc
/khvirc.arm
/khvirc.arm4
/khvirc.arm4l
/khvirc.arm4t
/khvirc.arm4tl
/khvirc.armv4l
/khvirc.arm5
/khvirc.arm5n
/khvirc.arm6
/khvirc.arm7
/khvirc.dbg
/khvirc.i486
/khvirc.i586
/khvirc.i686
/khvirc.m68k
/khvirc.mips
/khvirc.mips64
/khvirc.mpsl
/khvirc.ppc
/khvirc.ppc440
/khvirc.powerppc
/khvirc.root
/khvirc.sh
/khvirc.sh4
/khvirc.spc
/khvirc.sparc
/khvirc.x32
/khvirc.x64
/khvirc.x86
/khvirc.x86_32
/khvirc.x86_64

# Reference: https://twitter.com/smii_mondher/status/1061348717087911936
# Reference: https://twitter.com/0xrb/status/1122180975633420288

37.49.225.78:1994
/jiren.sh
/kittyhaxz.sh
/arc.Eros
/arm.Eros
/arm4.Eros
/arm4t.Eros
/arm4l.Eros
/arm4tl.Eros
/armv4l.Eros
/arm5.Eros
/arm5n.Eros
/arm6.Eros
/arm7.Eros
/dbg.Eros
/i586.Eros
/i686.Eros
/m68k.Eros
/mips.Eros
/mips64.Eros
/mpsl.Eros
/ppc.Eros
/sh4.Eros
/spc.Eros
/sparc.Eros
/x32.Eros
/x64.Eros
/x86.Eros
/x86_64.Eros
/arc.bushido
/arm.bushido
/arm4.bushido
/arm4l.bushido
/arm4t.bushido
/arm4tl.bushido
/armv4l.bushido
/arm5.bushido
/arm5n.bushido
/arm6.bushido
/arm7.bushido
/dbg.bushido
/i586.bushido
/i686.bushido
/m68k.bushido
/mips.bushido
/mips64.bushido
/mpsl.bushido
/ppc.bushido
/sh4.bushido
/spc.bushido
/sparc.bushido
/x32.bushido
/x64.bushido
/x86.bushido
/x86_64.bushido
/qtx.arc
/qtx.arm
/qtx.arm4
/qtx.arm4l
/qtx.arm4t
/qtx.arm4tl
/qtx.armv4l
/qtx.arm5
/qtx.arm5n
/qtx.arm6
/qtx.arm7
/qtx.dbg
/qtx.i486
/qtx.i586
/qtx.i686
/qtx.m68k
/qtx.mips
/qtx.mips64
/qtx.mpsl
/qtx.ppc
/qtx.ppc440
/qtx.powerppc
/qtx.root
/qtx.sh
/qtx.sh4
/qtx.spc
/qtx.sparc
/qtx.x32
/qtx.x64
/qtx.x86
/qtx.x86_32
/qtx.x86_64
/KHz.arc
/KHz.arm
/KHz.arm4
/KHz.arm4l
/KHz.arm4t
/KHz.arm4tl
/KHz.armv4l
/KHz.arm5
/KHz.arm5n
/KHz.arm6
/KHz.arm7
/KHz.dbg
/KHz.i486
/KHz.i586
/KHz.i686
/KHz.m68k
/KHz.mips
/KHz.mips64
/KHz.mpsl
/KHz.ppc
/KHz.ppc440
/KHz.powerppc
/KHz.root
/KHz.sh
/KHz.sh4
/KHz.spc
/KHz.sparc
/KHz.x32
/KHz.x64
/KHz.x86
/KHz.x86_32
/KHz.x86_64
/otaku.arc
/otaku.arm
/otaku.arm4
/otaku.arm4l
/otaku.arm4t
/otaku.arm4tl
/otaku.armv4l
/otaku.arm5
/otaku.arm5n
/otaku.arm6
/otaku.arm7
/otaku.dbg
/otaku.i486
/otaku.i586
/otaku.i686
/otaku.m68k
/otaku.mips
/otaku.mips64
/otaku.mpsl
/otaku.ppc
/otaku.ppc440
/otaku.powerppc
/otaku.root
/otaku.sh
/otaku.sh4
/otaku.spc
/otaku.sparc
/otaku.x32
/otaku.x64
/otaku.x86
/otaku.x86_32
/otaku.x86_64
/.b.arc
/.b.arm
/.b.arm4
/.b.arm4l
/.b.arm4t
/.b.arm4tl
/.b.armv4l
/.b.arm5
/.b.arm5n
/.b.arm6
/.b.arm7
/.b.dbg
/.b.i486
/.b.i586
/.b.i686
/.b.m68k
/.b.mips
/.b.mips64
/.b.mpsl
/.b.ppc
/.b.ppc440
/.b.powerppc
/.b.root
/.b.sh
/.b.sh4
/.b.spc
/.b.sparc
/.b.x32
/.b.x64
/.b.x86
/.b.x86_32
/.b.x86_64
/8arc8
/8arm8
/8arm48
/8arm4l8
/8arm4t8
/8arm4tl8
/8armv4l8
/8arm58
/8arm5n8
/8arm68
/8arm78
/8dbg8
/8i4868
/8i5868
/8i6868
/8m68k8
/8mips8
/8mips648
/8mpsl8
/8ppc8
/8ppc4408
/8powerppc8
/8root8
/8sh8
/8sh48
/8spc8
/8sparc8
/8x328
/8x648
/8x868
/8x86_328
/8x86_648

# Reference: https://twitter.com/smii_mondher/status/1037269776635256832

/Cult.arc
/Cult.arm
/Cult.arm4
/Cult.arm4l
/Cult.arm4t
/Cult.arm4tl
/Cult.armv4l
/Cult.arm5
/Cult.arm5n
/Cult.arm6
/Cult.arm7
/Cult.dbg
/Cult.i486
/Cult.i586
/Cult.i686
/Cult.m68k
/Cult.mips
/Cult.mips64
/Cult.mpsl
/Cult.ppc
/Cult.ppc440
/Cult.powerppc
/Cult.root
/Cult.sh
/Cult.sh4
/Cult.spc
/Cult.sparc
/Cult.x32
/Cult.x64
/Cult.x86
/Cult.x86_32
/Cult.x86_64
/dcloud.arc
/dcloud.arm
/dcloud.arm4
/dcloud.arm4l
/dcloud.arm4t
/dcloud.arm4tl
/dcloud.armv4l
/dcloud.arm5
/dcloud.arm5n
/dcloud.arm6
/dcloud.arm7
/dcloud.dbg
/dcloud.i486
/dcloud.i586
/dcloud.i686
/dcloud.m68k
/dcloud.mips
/dcloud.mips64
/dcloud.mpsl
/dcloud.ppc
/dcloud.ppc440
/dcloud.powerppc
/dcloud.root
/dcloud.sh
/dcloud.sh4
/dcloud.spc
/dcloud.sparc
/dcloud.x32
/dcloud.x64
/dcloud.x86
/dcloud.x86_32
/dcloud.x86_64
/kaizen.arc
/kaizen.arm
/kaizen.arm4
/kaizen.arm4l
/kaizen.arm4t
/kaizen.arm4tl
/kaizen.armv4l
/kaizen.arm5
/kaizen.arm5n
/kaizen.arm6
/kaizen.arm7
/kaizen.dbg
/kaizen.i486
/kaizen.i586
/kaizen.i686
/kaizen.m68k
/kaizen.mips
/kaizen.mips64
/kaizen.mpsl
/kaizen.ppc
/kaizen.ppc440
/kaizen.powerppc
/kaizen.root
/kaizen.sh
/kaizen.sh4
/kaizen.spc
/kaizen.sparc
/kaizen.x32
/kaizen.x64
/kaizen.x86
/kaizen.x86_32
/kaizen.x86_64
/Katrina.arc
/Katrina.arm
/Katrina.arm4
/Katrina.arm4l
/Katrina.arm4t
/Katrina.arm4tl
/Katrina.armv4l
/Katrina.arm5
/Katrina.arm5n
/Katrina.arm6
/Katrina.arm7
/Katrina.dbg
/Katrina.i486
/Katrina.i586
/Katrina.i686
/Katrina.m68k
/Katrina.mips
/Katrina.mips64
/Katrina.mpsl
/Katrina.ppc
/Katrina.ppc440
/Katrina.powerppc
/Katrina.root
/Katrina.sh
/Katrina.sh4
/Katrina.spc
/Katrina.sparc
/Katrina.x32
/Katrina.x64
/Katrina.x86
/Katrina.x86_32
/Katrina.x86_64
/ket.arc
/ket.arm
/ket.arm4
/ket.arm4l
/ket.arm4t
/ket.arm4tl
/ket.armv4l
/ket.arm5
/ket.arm5n
/ket.arm6
/ket.arm7
/ket.dbg
/ket.i486
/ket.i586
/ket.i686
/ket.m68k
/ket.mips
/ket.mips64
/ket.mpsl
/ket.ppc
/ket.ppc440
/ket.powerppc
/ket.root
/ket.sh
/ket.sh4
/ket.spc
/ket.sparc
/ket.x32
/ket.x64
/ket.x86
/ket.x86_32
/ket.x86_64
/Saikin.arc
/Saikin.arm
/Saikin.arm4
/Saikin.arm4l
/Saikin.arm4t
/Saikin.arm4tl
/Saikin.armv4l
/Saikin.arm5
/Saikin.arm5n
/Saikin.arm6
/Saikin.arm7
/Saikin.dbg
/Saikin.i486
/Saikin.i586
/Saikin.i686
/Saikin.m68k
/Saikin.mips
/Saikin.mips64
/Saikin.mpsl
/Saikin.ppc
/Saikin.ppc440
/Saikin.powerppc
/Saikin.root
/Saikin.sh
/Saikin.sh4
/Saikin.spc
/Saikin.sparc
/Saikin.x32
/Saikin.x64
/Saikin.x86
/Saikin.x86_32
/Saikin.x86_64
/shinoa.arc
/shinoa.arm
/shinoa.arm4
/shinoa.arm4l
/shinoa.arm4t
/shinoa.arm4tl
/shinoa.armv4l
/shinoa.arm5
/shinoa.arm5n
/shinoa.arm6
/shinoa.arm7
/shinoa.dbg
/shinoa.i486
/shinoa.i586
/shinoa.i686
/shinoa.m68k
/shinoa.mips
/shinoa.mips64
/shinoa.mpsl
/shinoa.ppc
/shinoa.ppc440
/shinoa.powerppc
/shinoa.root
/shinoa.sh
/shinoa.sh4
/shinoa.spc
/shinoa.sparc
/shinoa.x32
/shinoa.x64
/shinoa.x86
/shinoa.x86_32
/shinoa.x86_64
/void.arc
/void.arm
/void.arm4
/void.arm4l
/void.arm4t
/void.arm4tl
/void.armv4l
/void.arm5
/void.arm5n
/void.arm6
/void.arm7
/void.dbg
/void.i486
/void.i586
/void.i686
/void.m68k
/void.mips
/void.mips64
/void.mpsl
/void.ppc
/void.ppc440
/void.powerppc
/void.root
/void.sh
/void.sh4
/void.spc
/void.sparc
/void.x32
/void.x64
/void.x86
/void.x86_32
/void.x86_64
/bigsus.arc
/bigsus.arm
/bigsus.arm4
/bigsus.arm4l
/bigsus.arm4t
/bigsus.arm4tl
/bigsus.armv4l
/bigsus.arm5
/bigsus.arm5n
/bigsus.arm6
/bigsus.arm7
/bigsus.dbg
/bigsus.i486
/bigsus.i586
/bigsus.i686
/bigsus.m68k
/bigsus.mips
/bigsus.mips64
/bigsus.mpsl
/bigsus.ppc
/bigsus.ppc440
/bigsus.powerppc
/bigsus.root
/bigsus.sh
/bigsus.sh4
/bigsus.spc
/bigsus.sparc
/bigsus.x32
/bigsus.x64
/bigsus.x86
/bigsus.x86_32
/bigsus.x86_64
/wicked.arc
/wicked.arm
/wicked.arm4
/wicked.arm4l
/wicked.arm4t
/wicked.arm4tl
/wicked.armv4l
/wicked.arm5
/wicked.arm5n
/wicked.arm6
/wicked.arm7
/wicked.dbg
/wicked.i486
/wicked.i586
/wicked.i686
/wicked.m68k
/wicked.mips
/wicked.mips64
/wicked.mpsl
/wicked.ppc
/wicked.ppc440
/wicked.powerppc
/wicked.root
/wicked.sh
/wicked.sh4
/wicked.spc
/wicked.sparc
/wicked.x32
/wicked.x64
/wicked.x86
/wicked.x86_32
/wicked.x86_64

# Reference: https://twitter.com/ankit_anubhav/status/1036554280851763200

/kenjiro.arc
/kenjiro.arm
/kenjiro.arm4
/kenjiro.arm4l
/kenjiro.arm4t
/kenjiro.arm4tl
/kenjiro.armv4l
/kenjiro.arm5
/kenjiro.arm5n
/kenjiro.arm6
/kenjiro.arm7
/kenjiro.dbg
/kenjiro.i486
/kenjiro.i586
/kenjiro.i686
/kenjiro.m68k
/kenjiro.mips
/kenjiro.mips64
/kenjiro.mpsl
/kenjiro.ppc
/kenjiro.ppc440
/kenjiro.powerppc
/kenjiro.root
/kenjiro.sh
/kenjiro.sh4
/kenjiro.spc
/kenjiro.sparc
/kenjiro.x32
/kenjiro.x64
/kenjiro.x86
/kenjiro.x86_32
/kenjiro.x86_64

# Reference: https://twitter.com/smii_mondher/status/969139428508790784

/besuto.arc
/besuto.arm
/besuto.arm4
/besuto.arm4l
/besuto.arm4t
/besuto.arm4tl
/besuto.armv4l
/besuto.arm5
/besuto.arm5n
/besuto.arm6
/besuto.arm7
/besuto.dbg
/besuto.i486
/besuto.i586
/besuto.i686
/besuto.m68k
/besuto.mips
/besuto.mips64
/besuto.mpsl
/besuto.ppc
/besuto.ppc440
/besuto.powerppc
/besuto.root
/besuto.sh
/besuto.sh4
/besuto.spc
/besuto.sparc
/besuto.x32
/besuto.x64
/besuto.x86
/besuto.x86_32
/besuto.x86_64

# Reference: https://twitter.com/360Netlab/status/963625133436006400

/arc.shell
/arm.shell
/arm4.shell
/arm4l.shell
/arm4t.shell
/arm4tl.shell
/armv4l.shell
/arm5.shell
/arm5n.shell
/arm6.shell
/arm7.shell
/dbg.shell
/i586.shell
/i686.shell
/m68k.shell
/mips.shell
/mips64.shell
/mpsl.shell
/ppc.shell
/sh4.shell
/spc.shell
/sparc.shell
/x32.shell
/x64.shell
/x86.shell
/x86_64.shell

# Reference: https://twitter.com/smii_mondher/status/962028744486502401

/arc.satori
/arm.satori
/arm4.satori
/arm4l.satori
/arm4t.satori
/arm4tl.satori
/armv4l.satori
/arm5.satori
/arm5n.satori
/arm6.satori
/arm7.satori
/dbg.satori
/i586.satori
/i686.satori
/m68k.satori
/mips.satori
/mips64.satori
/mpsl.satori
/ppc.satori
/sh4.satori
/spc.satori
/sparc.satori
/x32.satori
/x64.satori
/x86.satori
/x86_64.satori

# Reference: https://twitter.com/smii_mondher/status/958632104765554688

/jennifer.arc
/jennifer.arm
/jennifer.arm4
/jennifer.arm4l
/jennifer.arm4t
/jennifer.arm4tl
/jennifer.armv4l
/jennifer.arm5
/jennifer.arm5n
/jennifer.arm6
/jennifer.arm7
/jennifer.dbg
/jennifer.i486
/jennifer.i586
/jennifer.i686
/jennifer.m68k
/jennifer.mips
/jennifer.mips64
/jennifer.mpsl
/jennifer.ppc
/jennifer.ppc440
/jennifer.powerppc
/jennifer.root
/jennifer.sh
/jennifer.sh4
/jennifer.spc
/jennifer.sparc
/jennifer.x32
/jennifer.x64
/jennifer.x86
/jennifer.x86_32
/jennifer.x86_64

# Reference: https://twitter.com/0xrb/status/1121673907256213505
# Reference: https://twitter.com/0xrb/status/1121678039010570242

80.211.75.183:9375
/Zehir.sh
/Zehir1.sh
/z3hir.arc
/z3hir.arm
/z3hir.arm4
/z3hir.arm4l
/z3hir.arm4t
/z3hir.arm4tl
/z3hir.armv4l
/z3hir.arm5
/z3hir.arm5n
/z3hir.arm6
/z3hir.arm7
/z3hir.dbg
/z3hir.i486
/z3hir.i586
/z3hir.i686
/z3hir.m68k
/z3hir.mips
/z3hir.mips64
/z3hir.mpsl
/z3hir.ppc
/z3hir.ppc440
/z3hir.powerppc
/z3hir.root
/z3hir.sh
/z3hir.sh4
/z3hir.spc
/z3hir.sparc
/z3hir.x32
/z3hir.x64
/z3hir.x86
/z3hir.x86_32
/z3hir.x86_64

# Reference: https://twitter.com/bad_packets/status/1121669080522477570

/ntpdd.arc
/ntpdd.arm
/ntpdd.arm4
/ntpdd.arm4l
/ntpdd.arm4t
/ntpdd.arm4tl
/ntpdd.armv4l
/ntpdd.arm5
/ntpdd.arm5n
/ntpdd.arm6
/ntpdd.arm7
/ntpdd.dbg
/ntpdd.i486
/ntpdd.i586
/ntpdd.i686
/ntpdd.m68k
/ntpdd.mips
/ntpdd.mips64
/ntpdd.mpsl
/ntpdd.ppc
/ntpdd.ppc440
/ntpdd.powerppc
/ntpdd.root
/ntpdd.sh
/ntpdd.sh4
/ntpdd.spc
/ntpdd.sparc
/ntpdd.x32
/ntpdd.x64
/ntpdd.x86
/ntpdd.x86_32
/ntpdd.x86_64

# Reference: https://twitter.com/0xrb/status/1121697929947832320

/lessie1.sh
/goahead.arc
/goahead.arm
/goahead.arm4
/goahead.arm4l
/goahead.arm4t
/goahead.arm4tl
/goahead.armv4l
/goahead.arm5
/goahead.arm5n
/goahead.arm6
/goahead.arm7
/goahead.dbg
/goahead.i486
/goahead.i586
/goahead.i686
/goahead.m68k
/goahead.mips
/goahead.mips64
/goahead.mpsl
/goahead.ppc
/goahead.ppc440
/goahead.powerppc
/goahead.root
/goahead.sh
/goahead.sh4
/goahead.spc
/goahead.sparc
/goahead.x32
/goahead.x64
/goahead.x86
/goahead.x86_32
/goahead.x86_64
/hootoo.arc
/hootoo.arm
/hootoo.arm4
/hootoo.arm4l
/hootoo.arm4t
/hootoo.arm4tl
/hootoo.armv4l
/hootoo.arm5
/hootoo.arm5n
/hootoo.arm6
/hootoo.arm7
/hootoo.dbg
/hootoo.i486
/hootoo.i586
/hootoo.i686
/hootoo.m68k
/hootoo.mips
/hootoo.mips64
/hootoo.mpsl
/hootoo.ppc
/hootoo.ppc440
/hootoo.powerppc
/hootoo.root
/hootoo.sh
/hootoo.sh4
/hootoo.spc
/hootoo.sparc
/hootoo.x32
/hootoo.x64
/hootoo.x86
/hootoo.x86_32
/hootoo.x86_64
/rtek.arc
/rtek.arm
/rtek.arm4
/rtek.arm4l
/rtek.arm4t
/rtek.arm4tl
/rtek.armv4l
/rtek.arm5
/rtek.arm5n
/rtek.arm6
/rtek.arm7
/rtek.dbg
/rtek.i486
/rtek.i586
/rtek.i686
/rtek.m68k
/rtek.mips
/rtek.mips64
/rtek.mpsl
/rtek.ppc
/rtek.ppc440
/rtek.powerppc
/rtek.root
/rtek.sh
/rtek.sh4
/rtek.spc
/rtek.sparc
/rtek.x32
/rtek.x64
/rtek.x86
/rtek.x86_32
/rtek.x86_64
/spp.arc
/spp.arm
/spp.arm4
/spp.arm4l
/spp.arm4t
/spp.arm4tl
/spp.armv4l
/spp.arm5
/spp.arm5n
/spp.arm6
/spp.arm7
/spp.dbg
/spp.i486
/spp.i586
/spp.i686
/spp.m68k
/spp.mips
/spp.mips64
/spp.mpsl
/spp.ppc
/spp.ppc440
/spp.powerppc
/spp.root
/spp.sh
/spp.sh4
/spp.spc
/spp.sparc
/spp.x32
/spp.x64
/spp.x86
/spp.x86_32
/spp.x86_64
/uchttpd.arc
/uchttpd.arm
/uchttpd.arm4
/uchttpd.arm4l
/uchttpd.arm4t
/uchttpd.arm4tl
/uchttpd.armv4l
/uchttpd.arm5
/uchttpd.arm5n
/uchttpd.arm6
/uchttpd.arm7
/uchttpd.dbg
/uchttpd.i486
/uchttpd.i586
/uchttpd.i686
/uchttpd.m68k
/uchttpd.mips
/uchttpd.mips64
/uchttpd.mpsl
/uchttpd.ppc
/uchttpd.ppc440
/uchttpd.powerppc
/uchttpd.root
/uchttpd.sh
/uchttpd.sh4
/uchttpd.spc
/uchttpd.sparc
/uchttpd.x32
/uchttpd.x64
/uchttpd.x86
/uchttpd.x86_32
/uchttpd.x86_64

# Reference: https://twitter.com/0xrb/status/1121820943972593665
# Reference: https://twitter.com/0xrb/status/1121831829298769920

/Yowai1.sh
/maouji1.sh
/maouji.arc
/maouji.arm
/maouji.arm4
/maouji.arm4l
/maouji.arm4t
/maouji.arm4tl
/maouji.armv4l
/maouji.arm5
/maouji.arm5n
/maouji.arm6
/maouji.arm7
/maouji.dbg
/maouji.i486
/maouji.i586
/maouji.i686
/maouji.m68k
/maouji.mips
/maouji.mips64
/maouji.mpsl
/maouji.ppc
/maouji.ppc440
/maouji.powerppc
/maouji.root
/maouji.sh
/maouji.sh4
/maouji.spc
/maouji.sparc
/maouji.x32
/maouji.x64
/maouji.x86
/maouji.x86_32
/maouji.x86_64

# Reference: https://twitter.com/0xrb/status/1121815166348218368

185.244.25.173:6996
/Fibre.arc
/Fibre.arm
/Fibre.arm4
/Fibre.arm4l
/Fibre.arm4t
/Fibre.arm4tl
/Fibre.armv4l
/Fibre.arm5
/Fibre.arm5n
/Fibre.arm6
/Fibre.arm7
/Fibre.dbg
/Fibre.i486
/Fibre.i586
/Fibre.i686
/Fibre.m68k
/Fibre.mips
/Fibre.mips64
/Fibre.mpsl
/Fibre.ppc
/Fibre.ppc440
/Fibre.powerppc
/Fibre.root
/Fibre.sh
/Fibre.sh4
/Fibre.spc
/Fibre.sparc
/Fibre.x32
/Fibre.x64
/Fibre.x86
/Fibre.x86_32
/Fibre.x86_64

# Reference: https://twitter.com/bad_packets/status/1122017887076507653
# Reference: https://twitter.com/0xrb/status/1122040829109886976
# Reference: https://twitter.com/bad_packets/status/1122046441256415232

/mpps
5.180.40.102:89
180.40.102.89:89
1vex.cn

# Reference: https://twitter.com/0xrb/status/1122057859259195393

/c4tch_m3_if_y0u_c4n.arc
/c4tch_m3_if_y0u_c4n.arm
/c4tch_m3_if_y0u_c4n.arm4
/c4tch_m3_if_y0u_c4n.arm4l
/c4tch_m3_if_y0u_c4n.arm4t
/c4tch_m3_if_y0u_c4n.arm4tl
/c4tch_m3_if_y0u_c4n.armv4l
/c4tch_m3_if_y0u_c4n.arm5
/c4tch_m3_if_y0u_c4n.arm5n
/c4tch_m3_if_y0u_c4n.arm6
/c4tch_m3_if_y0u_c4n.arm7
/c4tch_m3_if_y0u_c4n.dbg
/c4tch_m3_if_y0u_c4n.i486
/c4tch_m3_if_y0u_c4n.i586
/c4tch_m3_if_y0u_c4n.i686
/c4tch_m3_if_y0u_c4n.m68k
/c4tch_m3_if_y0u_c4n.mips
/c4tch_m3_if_y0u_c4n.mips64
/c4tch_m3_if_y0u_c4n.mpsl
/c4tch_m3_if_y0u_c4n.ppc
/c4tch_m3_if_y0u_c4n.ppc440
/c4tch_m3_if_y0u_c4n.powerppc
/c4tch_m3_if_y0u_c4n.root
/c4tch_m3_if_y0u_c4n.sh
/c4tch_m3_if_y0u_c4n.sh4
/c4tch_m3_if_y0u_c4n.spc
/c4tch_m3_if_y0u_c4n.sparc
/c4tch_m3_if_y0u_c4n.x32
/c4tch_m3_if_y0u_c4n.x64
/c4tch_m3_if_y0u_c4n.x86
/c4tch_m3_if_y0u_c4n.x86_32
/c4tch_m3_if_y0u_c4n.x86_64

# Reference: https://twitter.com/0xrb/status/1122087783739166720

/uint35.sh
/ako.arc
/ako.arm
/ako.arm4
/ako.arm4l
/ako.arm4t
/ako.arm4tl
/ako.armv4l
/ako.arm5
/ako.arm5n
/ako.arm6
/ako.arm7
/ako.dbg
/ako.i486
/ako.i586
/ako.i686
/ako.m68k
/ako.mips
/ako.mips64
/ako.mpsl
/ako.ppc
/ako.ppc440
/ako.powerppc
/ako.root
/ako.sh
/ako.sh4
/ako.spc
/ako.sparc
/ako.x32
/ako.x64
/ako.x86
/ako.x86_32
/ako.x86_64

# Reference: https://twitter.com/smii_mondher/status/1122583415667273728

/hx86_64

# Reference: https://twitter.com/0xrb/status/1122755177033768961

/sasuke.arc
/sasuke.arm
/sasuke.arm4
/sasuke.arm4l
/sasuke.arm4t
/sasuke.arm4tl
/sasuke.armv4l
/sasuke.arm5
/sasuke.arm5n
/sasuke.arm6
/sasuke.arm7
/sasuke.dbg
/sasuke.i486
/sasuke.i586
/sasuke.i686
/sasuke.m68k
/sasuke.mips
/sasuke.mips64
/sasuke.mpsl
/sasuke.ppc
/sasuke.ppc440
/sasuke.powerppc
/sasuke.root
/sasuke.sh
/sasuke.sh4
/sasuke.spc
/sasuke.sparc
/sasuke.x32
/sasuke.x64
/sasuke.x86
/sasuke.x86_32
/sasuke.x86_64
163.172.154.119:3771

# Reference: https://twitter.com/0xrb/status/1122728648996298752

/arc.akira
/arm.akira
/arm4.akira
/arm4l.akira
/arm4t.akira
/arm4tl.akira
/armv4l.akira
/arm5.akira
/arm5n.akira
/arm6.akira
/arm7.akira
/dbg.akira
/i486.akira
/i586.akira
/i686.akira
/m68k.akira
/mips.akira
/mips64.akira
/mpsl.akira
/ppc.akira
/ppc440.akira
/powerppc.akira
/root.akira
/sh.akira
/sh4.akira
/spc.akira
/sparc.akira
/x32.akira
/x64.akira
/x86.akira
/x86_32.akira
/x86_64.akira
/arc.akira.ak
/arm.akira.ak
/arm4.akira.ak
/arm4l.akira.ak
/arm4t.akira.ak
/arm4tl.akira.ak
/armv4l.akira.ak
/arm5.akira.ak
/arm5n.akira.ak
/arm6.akira.ak
/arm7.akira.ak
/dbg.akira.ak
/i486.akira.ak
/i586.akira.ak
/i686.akira.ak
/m68k.akira.ak
/mips.akira.ak
/mips64.akira.ak
/mpsl.akira.ak
/ppc.akira.ak
/ppc440.akira.ak
/powerppc.akira.ak
/root.akira.ak
/sh.akira.ak
/sh4.akira.ak
/spc.akira.ak
/sparc.akira.ak
/x32.akira.ak
/x64.akira.ak
/x86.akira.ak
/x86_32.akira.ak
/x86_64.akira.ak
185.244.25.199:1791

# Reference: https://twitter.com/0xrb/status/1123162337974734848

185.172.110.226:65535

# Reference: https://twitter.com/0xrb/status/1123149312689491973

23.19.58.91:6075

# Reference: https://twitter.com/UrBogan/status/1124765311729750016

/jaknet.arc
/jaknet.arm
/jaknet.arm4
/jaknet.arm4l
/jaknet.arm4t
/jaknet.arm4tl
/jaknet.armv4l
/jaknet.arm5
/jaknet.arm5n
/jaknet.arm6
/jaknet.arm7
/jaknet.dbg
/jaknet.i486
/jaknet.i586
/jaknet.i686
/jaknet.m68k
/jaknet.mips
/jaknet.mips64
/jaknet.mpsl
/jaknet.ppc
/jaknet.ppc440
/jaknet.powerppc
/jaknet.root
/jaknet.sh
/jaknet.sh4
/jaknet.spc
/jaknet.sparc
/jaknet.x32
/jaknet.x64
/jaknet.x86
/jaknet.x86_32
/jaknet.x86_64

# Reference: https://twitter.com/UrBogan/status/1061633676688019456

/loli.arc
/loli.arm
/loli.arm4
/loli.arm4l
/loli.arm4t
/loli.arm4tl
/loli.armv4l
/loli.arm5
/loli.arm5n
/loli.arm6
/loli.arm7
/loli.dbg
/loli.i486
/loli.i586
/loli.i686
/loli.m68k
/loli.mips
/loli.mips64
/loli.mpsl
/loli.ppc
/loli.ppc440
/loli.powerppc
/loli.root
/loli.sh
/loli.sh4
/loli.spc
/loli.sparc
/loli.x32
/loli.x64
/loli.x86
/loli.x86_32
/loli.x86_64
/loli.huawei
/loli.zte

# Reference: https://twitter.com/rommeljoven17/status/1125966892697415680

/gobot.arc
/gobot.arm
/gobot.arm4
/gobot.arm4l
/gobot.arm4t
/gobot.arm4tl
/gobot.armv4l
/gobot.arm5
/gobot.arm5n
/gobot.arm6
/gobot.arm64
/gobot.arm7
/gobot.dbg
/gobot.i486
/gobot.i586
/gobot.i686
/gobot.m68k
/gobot.mips
/gobot.mips64
/gobot.mipsl
/gobot.mpsl
/gobot.ppc
/gobot.ppc440
/gobot.powerppc
/gobot.root
/gobot.sh
/gobot.sh4
/gobot.spc
/gobot.sparc
/gobot.x32
/gobot.x64
/gobot.x86
/gobot.x86_32
/gobot.x86_64
/gobot.bsd
/gobot.exe
/gobot.mac

# Reference: https://twitter.com/rommeljoven17/status/1036430038894166016

/Gai.arc
/Gai.arm
/Gai.arm4
/Gai.arm4l
/Gai.arm4t
/Gai.arm4tl
/Gai.armv4l
/Gai.arm5
/Gai.arm5n
/Gai.arm6
/Gai.arm64
/Gai.arm7
/Gai.dbg
/Gai.i486
/Gai.i586
/Gai.i686
/Gai.m68k
/Gai.mips
/Gai.mips64
/Gai.mpsl
/Gai.ppc
/Gai.ppc440
/Gai.powerppc
/Gai.root
/Gai.sh
/Gai.sh4
/Gai.spc
/Gai.sparc
/Gai.x32
/Gai.x64
/Gai.x86
/Gai.x86_32
/Gai.x86_64

# Reference: https://twitter.com/_odisseus/status/1128971465074855936

/un1on.sh
/yuh.arc
/yuh.arm
/yuh.arm4
/yuh.arm4l
/yuh.arm4t
/yuh.arm4tl
/yuh.arm4tll
/yuh.armv4l
/yuh.arm5
/yuh.arm5n
/yuh.arm6
/yuh.arm64
/yuh.arm7
/yuh.dbg
/yuh.i4
/yuh.i486
/yuh.i586
/yuh.i686
/yuh.m68k
/yuh.mips
/yuh.mips64
/yuh.mpsl
/yuh.mipsel
/yuh.ppc
/yuh.ppc2
/yuh.ppc440
/yuh.powerppc
/yuh.root
/yuh.sh
/yuh.sh4
/yuh.ssh4
/yuh.spc
/yuh.sparc
/yuh.x32
/yuh.x64
/yuh.x86
/yuh.x86_32
/yuh.x86_64

# Reference: https://twitter.com/bad_packets/status/1130361720239665152

/arc.akirag
/arm.akirag
/arm4.akirag
/arm4l.akirag
/arm4t.akirag
/arm4tl.akirag
/armv4l.akirag
/arm5.akirag
/arm5n.akirag
/arm6.akirag
/arm7.akirag
/dbg.akirag
/i486.akirag
/i586.akirag
/i686.akirag
/m68k.akirag
/mips.akirag
/mips64.akirag
/mpsl.akirag
/ppc.akirag
/sh4.akirag
/spc.akirag
/sparc.akirag
/x32.akirag
/x64.akirag
/x86.akirag
/x86_64.akirag

# Reference: https://www.stratosphereips.org/blog/2019/5/17/iot-malware-analysis-series-a-mirai-variant-in-ctu-iot-malware-capture-49-1

 134.209.72.171:4554

# Reference: https://twitter.com/bad_packets/status/1130574485008949249

/sorai.arc
/sorai.arm
/sorai.arm4
/sorai.arm4l
/sorai.arm4t
/sorai.arm4tl
/sorai.arm4tll
/sorai.armv4l
/sorai.arm5
/sorai.arm5n
/sorai.arm6
/sorai.arm64
/sorai.arm7
/sorai.dbg
/sorai.i4
/sorai.i486
/sorai.i586
/sorai.i686
/sorai.m68k
/sorai.mips
/sorai.mips64
/sorai.mpsl
/sorai.mipsel
/sorai.ppc
/sorai.ppc2
/sorai.ppc440
/sorai.powerppc
/sorai.root
/sorai.sh
/sorai.sh4
/sorai.ssh4
/sorai.spc
/sorai.sparc
/sorai.x32
/sorai.x64
/sorai.x86
/sorai.x86_32
/sorai.x86_64

# Reference: https://otx.alienvault.com/pulse/5ce6ae4b1c699501802c814c

32.235.102.123:1337
ililililililililil.hopto.org

# Reference: https://twitter.com/VessOnSecurity/status/1130611319961509889

/oka.arc
/oka.arm
/oka.arm4
/oka.arm4l
/oka.arm4t
/oka.arm4tl
/oka.arm4tll
/oka.armv4l
/oka.arm5
/oka.arm5n
/oka.arm6
/oka.arm64
/oka.arm7
/oka.dbg
/oka.i4
/oka.i486
/oka.i586
/oka.i686
/oka.m68k
/oka.mips
/oka.mips64
/oka.mpsl
/oka.mipsel
/oka.ppc
/oka.ppc2
/oka.ppc440
/oka.powerppc
/oka.root
/oka.sh
/oka.sh4
/oka.ssh4
/oka.spc
/oka.sparc
/oka.x32
/oka.x64
/oka.x86
/oka.x86_32
/oka.x86_64
/LordAlma.arc
/LordAlma.arm
/LordAlma.arm4
/LordAlma.arm4l
/LordAlma.arm4t
/LordAlma.arm4tl
/LordAlma.arm4tll
/LordAlma.armv4l
/LordAlma.arm5
/LordAlma.arm5n
/LordAlma.arm6
/LordAlma.arm64
/LordAlma.arm7
/LordAlma.dbg
/LordAlma.i4
/LordAlma.i486
/LordAlma.i586
/LordAlma.i686
/LordAlma.m68k
/LordAlma.mips
/LordAlma.mips64
/LordAlma.mpsl
/LordAlma.mipsel
/LordAlma.ppc
/LordAlma.ppc2
/LordAlma.ppc440
/LordAlma.powerppc
/LordAlma.root
/LordAlma.sh
/LordAlma.sh4
/LordAlma.ssh4
/LordAlma.spc
/LordAlma.sparc
/LordAlma.x32
/LordAlma.x64
/LordAlma.x86
/LordAlma.x86_32
/LordAlma.x86_64

# Reference: https://twitter.com/bad_packets/status/1132010592061890560

/Dito.arc
/Dito.arm
/Dito.arm4
/Dito.arm4l
/Dito.arm4t
/Dito.arm4tl
/Dito.arm4tll
/Dito.armv4l
/Dito.arm5
/Dito.arm5n
/Dito.arm6
/Dito.arm64
/Dito.arm7
/Dito.dbg
/Dito.i4
/Dito.i486
/Dito.i586
/Dito.i686
/Dito.m68k
/Dito.mips
/Dito.mips64
/Dito.mpsl
/Dito.mipsel
/Dito.ppc
/Dito.ppc2
/Dito.ppc440
/Dito.powerppc
/Dito.root
/Dito.sh
/Dito.sh4
/Dito.ssh4
/Dito.spc
/Dito.sparc
/Dito.x32
/Dito.x64
/Dito.x86
/Dito.x86_32
/Dito.x86_64

# Reference: https://twitter.com/_odisseus/status/1132952263826259968

/garc
/garm
/garm4
/garm4l
/garm4t
/garm4tl
/garm4tll
/garmv4l
/garm5
/garm5n
/garm6
/garm64
/garm7
/gi486
/gi586
/gi686
/gm68k
/gmips
/gmips64
/gmipsel
/gmpsl
/gppc
/gppc2
/gpowerppc
/gspc
/gxtensa
/gsh-sh4
/gsh4
/gx86
/gx86-64-core-i7
/gx86-core2
/gx86-i686
/ugei1
/ugei2
/ugei3
/ugei4
/ugei5
/ugei6

# Reference: https://twitter.com/ankit_anubhav/status/1132974251194011648

/Faker.arc
/Faker.arm
/Faker.arm4
/Faker.arm4l
/Faker.arm4t
/Faker.arm4tl
/Faker.arm4tll
/Faker.armv4l
/Faker.arm5
/Faker.arm5n
/Faker.arm6
/Faker.arm64
/Faker.arm7
/Faker.dbg
/Faker.i4
/Faker.i486
/Faker.i586
/Faker.i686
/Faker.m68k
/Faker.mips
/Faker.mips64
/Faker.mpsl
/Faker.mipsel
/Faker.ppc
/Faker.ppc2
/Faker.ppc440
/Faker.powerppc
/Faker.root
/Faker.sh
/Faker.sh4
/Faker.ssh4
/Faker.spc
/Faker.sparc
/Faker.x32
/Faker.x64
/Faker.x86
/Faker.x86_32
/Faker.x86_64

# Reference: https://twitter.com/0xrb/status/1133055807572959232

122.10.82.239:5022

# Reference: https://twitter.com/VessOnSecurity/status/1133323732108402691

/daddyscum.arc
/daddyscum.arm
/daddyscum.arm4
/daddyscum.arm4l
/daddyscum.arm4t
/daddyscum.arm4tl
/daddyscum.arm4tll
/daddyscum.armv4l
/daddyscum.arm5
/daddyscum.arm5n
/daddyscum.arm6
/daddyscum.arm64
/daddyscum.arm7
/daddyscum.dbg
/daddyscum.i4
/daddyscum.i486
/daddyscum.i586
/daddyscum.i686
/daddyscum.m68k
/daddyscum.mips
/daddyscum.mips64
/daddyscum.mpsl
/daddyscum.mipsel
/daddyscum.ppc
/daddyscum.ppc2
/daddyscum.ppc440
/daddyscum.powerppc
/daddyscum.root
/daddyscum.sh
/daddyscum.sh4
/daddyscum.ssh4
/daddyscum.spc
/daddyscum.sparc
/daddyscum.x32
/daddyscum.x64
/daddyscum.x86
/daddyscum.x86_32
/daddyscum.x86_64
/GenAI.arc
/GenAI.arm
/GenAI.arm4
/GenAI.arm4l
/GenAI.arm4t
/GenAI.arm4tl
/GenAI.arm4tll
/GenAI.armv4l
/GenAI.arm5
/GenAI.arm5n
/GenAI.arm6
/GenAI.arm64
/GenAI.arm7
/GenAI.dbg
/GenAI.i4
/GenAI.i486
/GenAI.i586
/GenAI.i686
/GenAI.m68k
/GenAI.mips
/GenAI.mips64
/GenAI.mpsl
/GenAI.mipsel
/GenAI.ppc
/GenAI.ppc2
/GenAI.ppc440
/GenAI.powerppc
/GenAI.root
/GenAI.sh
/GenAI.sh4
/GenAI.ssh4
/GenAI.spc
/GenAI.sparc
/GenAI.x32
/GenAI.x64
/GenAI.x86
/GenAI.x86_32
/GenAI.x86_64
/Orage.arc
/Orage.arm
/Orage.arm4
/Orage.arm4l
/Orage.arm4t
/Orage.arm4tl
/Orage.arm4tll
/Orage.armv4l
/Orage.arm5
/Orage.arm5n
/Orage.arm6
/Orage.arm64
/Orage.arm7
/Orage.dbg
/Orage.i4
/Orage.i486
/Orage.i586
/Orage.i686
/Orage.m68k
/Orage.mips
/Orage.mips64
/Orage.mpsl
/Orage.mipsel
/Orage.ppc
/Orage.ppc2
/Orage.ppc440
/Orage.powerppc
/Orage.root
/Orage.sh
/Orage.sh4
/Orage.ssh4
/Orage.spc
/Orage.sparc
/Orage.x32
/Orage.x64
/Orage.x86
/Orage.x86_32
/Orage.x86_64
/Trouble.arc
/Trouble.arm
/Trouble.arm4
/Trouble.arm4l
/Trouble.arm4t
/Trouble.arm4tl
/Trouble.arm4tll
/Trouble.armv4l
/Trouble.arm5
/Trouble.arm5n
/Trouble.arm6
/Trouble.arm64
/Trouble.arm7
/Trouble.dbg
/Trouble.i4
/Trouble.i486
/Trouble.i586
/Trouble.i686
/Trouble.m68k
/Trouble.mips
/Trouble.mips64
/Trouble.mpsl
/Trouble.mipsel
/Trouble.ppc
/Trouble.ppc2
/Trouble.ppc440
/Trouble.powerppc
/Trouble.root
/Trouble.sh
/Trouble.sh4
/Trouble.ssh4
/Trouble.spc
/Trouble.sparc
/Trouble.x32
/Trouble.x64
/Trouble.x86
/Trouble.x86_32
/Trouble.x86_64

# Reference: https://blog.netlab.360.com/new-mirai-variant-with-dga/

tr069.online
tr069.support
tr069.tech
zugzwang.me

# Reference: https://twitter.com/bad_packets/status/1134904673289162752

/_-255.Net.arc
/_-255.Net.arm
/_-255.Net.arm4
/_-255.Net.arm4l
/_-255.Net.arm4t
/_-255.Net.arm4tl
/_-255.Net.arm4tll
/_-255.Net.armv4l
/_-255.Net.arm5
/_-255.Net.arm5n
/_-255.Net.arm6
/_-255.Net.arm64
/_-255.Net.arm7
/_-255.Net.dbg
/_-255.Net.i4
/_-255.Net.i486
/_-255.Net.i586
/_-255.Net.i686
/_-255.Net.m68k
/_-255.Net.mips
/_-255.Net.mips64
/_-255.Net.mpsl
/_-255.Net.mipsel
/_-255.Net.ppc
/_-255.Net.ppc2
/_-255.Net.ppc440
/_-255.Net.powerppc
/_-255.Net.root
/_-255.Net.root32
/_-255.Net.sh
/_-255.Net.sh4
/_-255.Net.ssh4
/_-255.Net.spc
/_-255.Net.sparc
/_-255.Net.x32
/_-255.Net.x64
/_-255.Net.x86
/_-255.Net.x86_32
/_-255.Net.x86_64

# Reference: https://twitter.com/bad_packets/status/1135250671798611975

/bigPussi.arc
/bigPussi.arm
/bigPussi.arm4
/bigPussi.arm4l
/bigPussi.arm4t
/bigPussi.arm4tl
/bigPussi.arm4tll
/bigPussi.armv4l
/bigPussi.arm5
/bigPussi.arm5n
/bigPussi.arm6
/bigPussi.arm64
/bigPussi.arm7
/bigPussi.dbg
/bigPussi.i4
/bigPussi.i486
/bigPussi.i586
/bigPussi.i686
/bigPussi.m68k
/bigPussi.mips
/bigPussi.mips64
/bigPussi.mpsl
/bigPussi.mipsel
/bigPussi.ppc
/bigPussi.ppc2
/bigPussi.ppc440
/bigPussi.powerppc
/bigPussi.root
/bigPussi.root32
/bigPussi.sh
/bigPussi.sh4
/bigPussi.ssh4
/bigPussi.spc
/bigPussi.sparc
/bigPussi.x32
/bigPussi.x64
/bigPussi.x86
/bigPussi.x86_32
/bigPussi.x86_64
/spc.spc

# Reference: https://twitter.com/liuya0904/status/1135390856150544384

185.244.25.166:5484

# Reference: https://twitter.com/0xrb/status/1135869164239769601

cnc.yiffgallery.xyz
185.244.25.173:6996

# Reference: https://unit42.paloaltonetworks.com/new-mirai-variant-adds-8-new-exploits-targets-additional-iot-devices/
# Reference: https://otx.alienvault.com/pulse/5cfa66ced7bc379b04017f36

akuma.pw
akumaiotsolutions.pw

# Reference: https://twitter.com/bad_packets/status/1138177432870014976

/orphic.arc
/orphic.arm
/orphic.arm4
/orphic.arm4l
/orphic.arm4t
/orphic.arm4tl
/orphic.arm4tll
/orphic.armv4l
/orphic.arm5
/orphic.arm5n
/orphic.arm6
/orphic.arm64
/orphic.arm7
/orphic.dbg
/orphic.i4
/orphic.i486
/orphic.i586
/orphic.i686
/orphic.kill
/orphic.m68k
/orphic.mips
/orphic.mips64
/orphic.mpsl
/orphic.mipsel
/orphic.ppc
/orphic.ppc2
/orphic.ppc440
/orphic.powerppc
/orphic.root
/orphic.root32
/orphic.sh
/orphic.sh4
/orphic.ssh4
/orphic.spc
/orphic.sparc
/orphic.x32
/orphic.x64
/orphic.x86
/orphic.x86_32
/orphic.x86_64

# Reference: https://twitter.com/MasafumiNegishi/status/1138345529190969344

185.244.25.148:2

# Reference: https://twitter.com/0xrb/status/1139413477297029120

185.244.25.164:3456
/myth.arc
/myth.arm
/myth.arm4
/myth.arm4l
/myth.arm4t
/myth.arm4tl
/myth.arm4tll
/myth.armv4l
/myth.arm5
/myth.arm5n
/myth.arm6
/myth.arm64
/myth.arm7
/myth.dbg
/myth.i4
/myth.i486
/myth.i586
/myth.i686
/myth.kill
/myth.m68k
/myth.mips
/myth.mips64
/myth.mpsl
/myth.mipsel
/myth.ppc
/myth.ppc2
/myth.ppc440
/myth.powerppc
/myth.root
/myth.root32
/myth.sh
/myth.sh4
/myth.ssh4
/myth.spc
/myth.sparc
/myth.x32
/myth.x64
/myth.x86
/myth.x86_32
/myth.x86_64
/myth1.sh
/doxarc
/doxarm
/doxarm4
/doxarm4l
/doxarm4t
/doxarm4tl
/doxarm4tll
/doxarmv4l
/doxarm5
/doxarm5n
/doxarm6
/doxarm64
/doxarm7
/doxdbg
/doxi4
/doxi486
/doxi586
/doxi686
/doxkill
/doxm68k
/doxmips
/doxmips64
/doxmpsl
/doxmipsel
/doxppc
/doxppc2
/doxppc440
/doxpowerppc
/doxroot
/doxroot32
/doxsh
/doxsh4
/doxssh4
/doxspc
/doxsparc
/doxx32
/doxx64
/doxx86
/doxx86_32
/doxx86_64

# Reference: https://twitter.com/VessOnSecurity/status/1139243241210093571

/okazzx.arc
/okazzx.arm
/okazzx.arm4
/okazzx.arm4l
/okazzx.arm4t
/okazzx.arm4tl
/okazzx.arm4tll
/okazzx.armv4l
/okazzx.arm5
/okazzx.arm5n
/okazzx.arm6
/okazzx.arm64
/okazzx.arm7
/okazzx.dbg
/okazzx.i4
/okazzx.i486
/okazzx.i586
/okazzx.i686
/okazzx.kill
/okazzx.m68k
/okazzx.mips
/okazzx.mips64
/okazzx.mpsl
/okazzx.mipsel
/okazzx.ppc
/okazzx.ppc2
/okazzx.ppc440
/okazzx.powerppc
/okazzx.root
/okazzx.root32
/okazzx.sh
/okazzx.sh4
/okazzx.ssh4
/okazzx.spc
/okazzx.sparc
/okazzx.x32
/okazzx.x64
/okazzx.x86
/okazzx.x86_32
/okazzx.x86_64
/obaris.arc
/obaris.arm
/obaris.arm4
/obaris.arm4l
/obaris.arm4t
/obaris.arm4tl
/obaris.arm4tll
/obaris.armv4l
/obaris.arm5
/obaris.arm5n
/obaris.arm6
/obaris.arm64
/obaris.arm7
/obaris.dbg
/obaris.i4
/obaris.i486
/obaris.i586
/obaris.i686
/obaris.kill
/obaris.m68k
/obaris.mips
/obaris.mips64
/obaris.mpsl
/obaris.mipsel
/obaris.ppc
/obaris.ppc2
/obaris.ppc440
/obaris.powerppc
/obaris.root
/obaris.root32
/obaris.sh
/obaris.sh4
/obaris.ssh4
/obaris.spc
/obaris.sparc
/obaris.x32
/obaris.x64
/obaris.x86
/obaris.x86_32
/obaris.x86_64

# Reference: https://twitter.com/bad_packets/status/1141078356273688576

68.183.151.62:8372

# Reference: https://twitter.com/bad_packets/status/1140899261766352897

185.244.25.157:5034

# Reference: https://twitter.com/bad_packets/status/1140728797823557632

188.165.179.9:358
188.165.179.9:666

# Reference: https://twitter.com/ankit_anubhav/status/1140621062197014529 (# Andypandy)
# Reference: https://twitter.com/bad_packets/status/1139265052341522432
# Reference: https://twitter.com/DomainTools/status/1139274018693869568

http://104.244.76.15
cnc.ddoshard.com
miningv2.duckdns.org

# Reference: https://www.virustotal.com/gui/ip-address/193.70.26.48/relations

cncv2.duckdns.org

# Reference: https://www.virustotal.com/gui/ip-address/209.141.55.73/relations

pstkgpo.us

# Reference: https://twitter.com/ankit_anubhav/status/1140623068844322816
# Reference: https://twitter.com/nicter_jp/status/1141179278723186688

94.156.77.36:45815
masterbogachev.com

# Reference: https://twitter.com/MasafumiNegishi/status/1138345529190969344

185.244.25.148:2

# Reference: https://twitter.com/bad_packets/status/1141284920238563328

/arc.xeno.ak
/arm.xeno.ak
/arm4.xeno.ak
/arm4l.xeno.ak
/arm4t.xeno.ak
/arm4tl.xeno.ak
/armv4l.xeno.ak
/arm5.xeno.ak
/arm5n.xeno.ak
/arm6.xeno.ak
/arm64.xeno.ak
/arm7.xeno.ak
/dbg.xeno.ak
/i486.xeno.ak
/i586.xeno.ak
/i686.xeno.ak
/m68k.xeno.ak
/mips.xeno.ak
/mips64.xeno.ak
/mpsl.xeno.ak
/mipsel.xeno.ak
/ppc.xeno.ak
/ppc440.xeno.ak
/powerppc.xeno.ak
/sh4.xeno.ak
/spc.xeno.ak
/sparc.xeno.ak
/x32.xeno.ak
/x64.xeno.ak
/x86.xeno.ak
/x86_32.xeno.ak
/x86_64.xeno.ak

# Reference: https://twitter.com/bad_packets/status/1141584871812292608

91.134.120.5:1024

# Reference: https://twitter.com/bad_packets/status/1141849087588753408

/SinixV4.arc
/SinixV4.arm
/SinixV4.arm4
/SinixV4.arm4l
/SinixV4.arm4t
/SinixV4.arm4tl
/SinixV4.arm4tll
/SinixV4.armv4l
/SinixV4.arm5
/SinixV4.arm5n
/SinixV4.arm6
/SinixV4.arm64
/SinixV4.arm7
/SinixV4.dbg
/SinixV4.i4
/SinixV4.i486
/SinixV4.i586
/SinixV4.i686
/SinixV4.kill
/SinixV4.m68k
/SinixV4.mips
/SinixV4.mips64
/SinixV4.mpsl
/SinixV4.mipsel
/SinixV4.ppc
/SinixV4.ppc2
/SinixV4.ppc440
/SinixV4.powerppc
/SinixV4.root
/SinixV4.root32
/SinixV4.sh
/SinixV4.sh4
/SinixV4.ssh4
/SinixV4.spc
/SinixV4.sparc
/SinixV4.x32
/SinixV4.x64
/SinixV4.x86
/SinixV4.x86_32
/SinixV4.x86_64

# Reference: https://twitter.com/bad_packets/status/1142545722367066112

79.137.123.208:555

# Reference: https://twitter.com/bad_packets/status/1142693343496794113

ardp.hldns.ru

# Reference: https://twitter.com/bad_packets/status/1140726096440287233

68.183.55.5:9375

# Reference: https://twitter.com/bad_packets/status/1142600441919750144

104.248.93.159:8372

# Reference: https://twitter.com/MasafumiNegishi/status/1143712813400989697

185.244.25.241:38344

# Reference: https://twitter.com/VessOnSecurity/status/1143903930474213377

198.98.51.104:2737
198.98.51.104:6743
198.98.51.104:8764
198.98.51.104:9182

# Reference: https://www.bleepingcomputer.com/news/security/botnet-uses-ssh-and-adb-to-create-android-cryptomining-army/

198.98.51.104:282

# Reference: https://twitter.com/bad_packets/status/1144154367500550145
# Reference: https://twitter.com/bad_packets/status/1146592416016695296

103.83.157.41:5301
103.83.157.46:5301

# Reference: https://twitter.com/bad_packets/status/1145995657200558080

198.98.59.176:3301

# Reference: https://twitter.com/bad_packets/status/1145985623607533569

198.98.59.176:52869

# Reference: https://twitter.com/bad_packets/status/1146216554943528961

185.172.110.226:1791

# Reference: https://twitter.com/bad_packets/status/1146920735891283968

/skatamayna.arc
/skatamayna.arm
/skatamayna.arm4
/skatamayna.arm4l
/skatamayna.arm4t
/skatamayna.arm4tl
/skatamayna.arm4tll
/skatamayna.armv4l
/skatamayna.arm5
/skatamayna.arm5n
/skatamayna.arm6
/skatamayna.arm64
/skatamayna.arm7
/skatamayna.dbg
/skatamayna.i4
/skatamayna.i486
/skatamayna.i586
/skatamayna.i686
/skatamayna.kill
/skatamayna.m68k
/skatamayna.mips
/skatamayna.mips64
/skatamayna.mpsl
/skatamayna.mipsel
/skatamayna.ppc
/skatamayna.ppc2
/skatamayna.ppc440
/skatamayna.powerppc
/skatamayna.root
/skatamayna.root32
/skatamayna.sh
/skatamayna.sh4
/skatamayna.ssh4
/skatamayna.spc
/skatamayna.sparc
/skatamayna.x32
/skatamayna.x64
/skatamayna.x86
/skatamayna.x86_32
/skatamayna.x86_64

# Reference: https://twitter.com/bad_packets/status/1146887589128892416

159.89.143.217:2269

# Reference: https://twitter.com/bad_packets/status/1147627138817748993

185.172.110.224:65533

# Reference: https://twitter.com/bad_packets/status/1147981572361994240

91.92.109.123:33677

# Reference: https://twitter.com/bad_packets/status/1147984025660751872

185.244.25.157:5034

# Reference: https://twitter.com/bad_packets/status/1148770798565380096

185.172.110.224:65532

# Reference: https://twitter.com/bad_packets/status/1148855521891405824

176.31.78.54:45587
/5743.arc
/5743.arm
/5743.arm4
/5743.arm4l
/5743.arm4t
/5743.arm4tl
/5743.arm4tll
/5743.armv4l
/5743.arm5
/5743.arm5n
/5743.arm6
/5743.arm64
/5743.arm7
/5743.dbg
/5743.i4
/5743.i486
/5743.i586
/5743.i686
/5743.kill
/5743.m68k
/5743.mips
/5743.mips64
/5743.mpsl
/5743.mipsel
/5743.ppc
/5743.ppc2
/5743.ppc440
/5743.powerppc
/5743.root
/5743.root32
/5743.sh4
/5743.ssh4
/5743.spc
/5743.sparc
/5743.x32
/5743.x64
/5743.x86
/5743.x86_32
/5743.x86_64

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/new-miori-variant-uses-unique-protocol-to-communicate-with-cc/
# Reference: https://otx.alienvault.com/pulse/5d2633a3f254f2f806764db4

185.244.39.74:10019
185.244.39.74:25346

# Reference: https://twitter.com/bad_packets/status/1149474648939061248

x.autistichorse.club
/hhh.arc
/hhh.arm
/hhh.arm4
/hhh.arm4l
/hhh.arm4t
/hhh.arm4tl
/hhh.arm4tll
/hhh.armv4l
/hhh.arm5
/hhh.arm5n
/hhh.arm6
/hhh.arm64
/hhh.arm7
/hhh.dbg
/hhh.i4
/hhh.i486
/hhh.i586
/hhh.i686
/hhh.kill
/hhh.m68k
/hhh.mips
/hhh.mips64
/hhh.mpsl
/hhh.mipsel
/hhh.ppc
/hhh.ppc2
/hhh.ppc440
/hhh.powerppc
/hhh.root
/hhh.root32
/hhh.sh4
/hhh.ssh4
/hhh.spc
/hhh.sparc
/hhh.x32
/hhh.x64
/hhh.x86
/hhh.x86_32
/hhh.x86_64

# Reference: https://twitter.com/bad_packets/status/1149409640813228032

209.141.56.142:37215

# Reference: https://twitter.com/bad_packets/status/1149050383165034496

89.190.159.178:85

# Reference: https://twitter.com/MasafumiNegishi/status/1149556214017118209

198.98.60.48:34567

# Reference: https://twitter.com/0xrb/status/1149941169914142720

/dsec.arc
/dsec.arm
/dsec.arm4
/dsec.arm4l
/dsec.arm4t
/dsec.arm4tl
/dsec.arm4tll
/dsec.armv4l
/dsec.arm5
/dsec.arm5n
/dsec.arm6
/dsec.arm64
/dsec.arm7
/dsec.dbg
/dsec.i4
/dsec.i486
/dsec.i586
/dsec.i686
/dsec.kill
/dsec.m68k
/dsec.mips
/dsec.mips64
/dsec.mpsl
/dsec.mipsel
/dsec.ppc
/dsec.ppc2
/dsec.ppc440
/dsec.powerppc
/dsec.root
/dsec.root32
/dsec.sh4
/dsec.ssh4
/dsec.spc
/dsec.sparc
/dsec.x32
/dsec.x64
/dsec.x86
/dsec.x86_32
/dsec.x86_64

# Reference: https://twitter.com/bad_packets/status/1149797441396285441

194.99.22.138:5301

# Reference: https://twitter.com/bad_packets/status/1150504925937356800

169.239.128.18:5301

# Reference: https://twitter.com/huiwangeth/status/1150733027162517504

n1gger.com

# Reference: https://twitter.com/0xrb/status/1150761561654382592

220.79.34.109:2018

# Reference: https://twitter.com/bad_packets/status/1151004639610855425

192.236.162.197:4426

# Reference: https://twitter.com/bad_packets/status/1150999027237867521

/Votan.arc
/Votan.arm
/Votan.arm4
/Votan.arm4l
/Votan.arm4t
/Votan.arm4tl
/Votan.arm4tll
/Votan.armv4l
/Votan.arm5
/Votan.arm5n
/Votan.arm6
/Votan.arm64
/Votan.arm7
/Votan.dbg
/Votan.i4
/Votan.i486
/Votan.i586
/Votan.i686
/Votan.kill
/Votan.m68k
/Votan.mips
/Votan.mips64
/Votan.mpsl
/Votan.mipsel
/Votan.ppc
/Votan.ppc2
/Votan.ppc440
/Votan.powerppc
/Votan.root
/Votan.root32
/Votan.sh4
/Votan.ssh4
/Votan.spc
/Votan.sparc
/Votan.x32
/Votan.x64
/Votan.x86
/Votan.x86_32
/Votan.x86_64
178.62.78.110:25565

# Reference: https://twitter.com/bad_packets/status/1151694013554028550

89.248.174.198:9999

# Reference: https://twitter.com/bad_packets/status/1152164106285092865

/ok.arc
/ok.arm
/ok.arm4
/ok.arm4l
/ok.arm4t
/ok.arm4tl
/ok.arm4tll
/ok.armv4l
/ok.arm5
/ok.arm5n
/ok.arm6
/ok.arm64
/ok.arm7
/ok.dbg
/ok.i4
/ok.i486
/ok.i586
/ok.i686
/ok.kill
/ok.m68k
/ok.mips
/ok.mips64
/ok.mpsl
/ok.mipsel
/ok.ppc
/ok.ppc2
/ok.ppc440
/ok.powerppc
/ok.root
/ok.root32
/ok.sh4
/ok.ssh4
/ok.spc
/ok.sparc
/ok.x32
/ok.x64
/ok.x86
/ok.x86_32
/ok.x86_64

# Reference: https://twitter.com/bad_packets/status/1152319067350421504

51.91.202.137:5301

# Reference: https://twitter.com/VessOnSecurity/status/1152538162704670721

/r4z0r.arc
/r4z0r.arm
/r4z0r.arm4
/r4z0r.arm4l
/r4z0r.arm4t
/r4z0r.arm4tl
/r4z0r.arm4tll
/r4z0r.armv4l
/r4z0r.arm5
/r4z0r.arm5n
/r4z0r.arm6
/r4z0r.arm64
/r4z0r.arm7
/r4z0r.dbg
/r4z0r.i4
/r4z0r.i486
/r4z0r.i586
/r4z0r.i686
/r4z0r.kill
/r4z0r.m68k
/r4z0r.mips
/r4z0r.mips64
/r4z0r.mpsl
/r4z0r.mipsel
/r4z0r.ppc
/r4z0r.ppc2
/r4z0r.ppc440
/r4z0r.powerppc
/r4z0r.root
/r4z0r.root32
/r4z0r.sh4
/r4z0r.ssh4
/r4z0r.spc
/r4z0r.sparc
/r4z0r.x32
/r4z0r.x64
/r4z0r.x86
/r4z0r.x86_32
/r4z0r.x86_64

# Reference: https://twitter.com/bad_packets/status/1152839425245642752

/ab.arc
/ab.arm
/ab.arm4
/ab.arm4l
/ab.arm4t
/ab.arm4tl
/ab.arm4tll
/ab.arm5
/ab.arm5n
/ab.arm6
/ab.arm64
/ab.arm7
/ab.armv4l
/ab.dbg
/ab.i4
/ab.i486
/ab.i586
/ab.i686
/ab.kill
/ab.m68k
/ab.mips
/ab.mips64
/ab.mipsel
/ab.mpsl
/ab.powerppc
/ab.ppc
/ab.ppc2
/ab.ppc440
/ab.root
/ab.root32
/ab.sh4
/ab.sparc
/ab.spc
/ab.ssh4
/ab.x32
/ab.x64
/ab.x86
/ab.x86_32
/ab.x86_64

# Reference: https://twitter.com/bad_packets/status/1153089384884736000

/u.arc
/u.arm
/u.arm4
/u.arm4l
/u.arm4t
/u.arm4tl
/u.arm4tll
/u.armv4l
/u.arm5
/u.arm5n
/u.arm6
/u.arm64
/u.arm7
/u.dbg
/u.i4
/u.i486
/u.i586
/u.i686
/u.kill
/u.m68k
/u.mips
/u.mips64
/u.mpsl
/u.mipsel
/u.ppc
/u.ppc2
/u.ppc440
/u.powerppc
/u.root
/u.root32
/u.sh4
/u.ssh4
/u.spc
/u.sparc
/u.x32
/u.x64
/u.x86
/u.x86_32
/u.x86_64
ch.silynigr.xyz
80.211.9.40:495

# Reference: https://twitter.com/bad_packets/status/1152689410229620736

/dude.arc
/dude.arm
/dude.arm4
/dude.arm4l
/dude.arm4t
/dude.arm4tl
/dude.arm4tll
/dude.armv4l
/dude.arm5
/dude.arm5n
/dude.arm6
/dude.arm64
/dude.arm7
/dude.dbg
/dude.i4
/dude.i486
/dude.i586
/dude.i686
/dude.kill
/dude.m68k
/dude.mips
/dude.mips64
/dude.mpsl
/dude.mipsel
/dude.ppc
/dude.ppc2
/dude.ppc440
/dude.powerppc
/dude.root
/dude.root32
/dude.sh4
/dude.ssh4
/dude.spc
/dude.sparc
/dude.x32
/dude.x64
/dude.x86
/dude.x86_32
/dude.x86_64
195.231.6.216:48

# Reference: https://twitter.com/bad_packets/status/1153833810032599043

87.120.37.148:38
/autism.arc
/autism.arm
/autism.arm4
/autism.arm4l
/autism.arm4t
/autism.arm4tl
/autism.arm4tll
/autism.armv4l
/autism.arm5
/autism.arm5n
/autism.arm6
/autism.arm64
/autism.arm7
/autism.dbg
/autism.i4
/autism.i486
/autism.i586
/autism.i686
/autism.kill
/autism.m68k
/autism.mips
/autism.mips64
/autism.mpsl
/autism.mipsel
/autism.ppc
/autism.ppc2
/autism.ppc440
/autism.powerppc
/autism.root
/autism.root32
/autism.sh4
/autism.ssh4
/autism.spc
/autism.sparc
/autism.x32
/autism.x64
/autism.x86
/autism.x86_32
/autism.x86_64
/hisil.arc
/hisil.arm
/hisil.arm4
/hisil.arm4l
/hisil.arm4t
/hisil.arm4tl
/hisil.arm4tll
/hisil.armv4l
/hisil.arm5
/hisil.arm5n
/hisil.arm6
/hisil.arm64
/hisil.arm7
/hisil.dbg
/hisil.i4
/hisil.i486
/hisil.i586
/hisil.i686
/hisil.kill
/hisil.m68k
/hisil.mips
/hisil.mips64
/hisil.mpsl
/hisil.mipsel
/hisil.ppc
/hisil.ppc2
/hisil.ppc440
/hisil.powerppc
/hisil.root
/hisil.root32
/hisil.sh4
/hisil.ssh4
/hisil.spc
/hisil.sparc
/hisil.x32
/hisil.x64
/hisil.x86
/hisil.x86_32
/hisil.x86_64

# Reference: https://twitter.com/bad_packets/status/1153956016695812098

104.168.215.139:5301

# Reference: https://twitter.com/bad_packets/status/1154971543857799168

142.11.238.236:34

# Reference: https://twitter.com/bad_packets/status/1154853477664751617

185.246.152.89:37212

# Reference: https://twitter.com/bad_packets/status/1153936032947040256
# Reference: https://twitter.com/bad_packets/status/1154999493781123072

185.172.110.224:70
185.172.110.224:77

# Reference: https://twitter.com/bad_packets/status/1155025248493817856

165.22.209.154:26663

# Reference: https://twitter.com/bad_packets/status/1156495926178922496

103.1.186.118:44
103.1.186.118:6949

# Reference: https://twitter.com/0xrb/status/1156804860345384960

/amen.arc
/amen.arm
/amen.arm4
/amen.arm4l
/amen.arm4t
/amen.arm4tl
/amen.arm4tll
/amen.armv4l
/amen.arm5
/amen.arm5n
/amen.arm6
/amen.arm64
/amen.arm7
/amen.dbg
/amen.i4
/amen.i486
/amen.i586
/amen.i686
/amen.kill
/amen.m68k
/amen.mips
/amen.mips64
/amen.mpsl
/amen.mipsel
/amen.ppc
/amen.ppc2
/amen.ppc440
/amen.powerppc
/amen.root
/amen.root32
/amen.sh4
/amen.ssh4
/amen.spc
/amen.sparc
/amen.x32
/amen.x64
/amen.x86
/amen.x86_32
/amen.x86_64

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/keeping-a-hidden-identity-mirai-ccs-in-tor-network/
# Reference: https://otx.alienvault.com/pulse/5d42ef25d68039678206ae45

/t.arc
/t.arm
/t.arm4
/t.arm4l
/t.arm4t
/t.arm4tl
/t.arm4tll
/t.armv4l
/t.arm5
/t.arm5n
/t.arm6
/t.arm64
/t.arm7
/t.dbg
/t.i4
/t.i486
/t.i586
/t.i686
/t.kill
/t.m68k
/t.mips
/t.mips64
/t.mpsl
/t.mipsel
/t.ppc
/t.ppc2
/t.ppc440
/t.powerppc
/t.root
/t.root32
/t.sh4
/t.ssh4
/t.spc
/t.sparc
/t.x32
/t.x64
/t.x86
/t.x86_32
/t.x86_64
nd3rwzslqhxibkl7.onion

# Reference: https://twitter.com/bad_packets/status/1157139943841386503

185.244.150.111:38344

# Reference: https://twitter.com/huiwangeth/status/1157206905015525377

tyx35qmt7pni4pdg.onion

# Reference: https://twitter.com/bad_packets/status/1156294314122551297

159.89.41.188:5301

# Reference: https://twitter.com/bad_packets/status/1157867496961011712

185.172.110.224:79
185.172.110.224:993

# Reference: https://twitter.com/0xrb/status/1157825274790076416

45.129.3.130:1994

# Reference: https://twitter.com/0xrb/status/1157875749577056256

40.89.161.108:1791

# Reference: https://twitter.com/bad_packets/status/1157734891510833152

185.244.25.181:9375

# Reference: https://twitter.com/0xrb/status/1157544700053581824

5.104.110.2:88
67.216.204.113:8000

# Reference: https://twitter.com/bad_packets/status/1157125722223202305

147.135.116.64:45
/Hilix.arc
/Hilix.arm
/Hilix.arm4
/Hilix.arm4l
/Hilix.arm4t
/Hilix.arm4tl
/Hilix.arm4tll
/Hilix.armv4l
/Hilix.arm5
/Hilix.arm5n
/Hilix.arm6
/Hilix.arm64
/Hilix.arm7
/Hilix.dbg
/Hilix.i4
/Hilix.i486
/Hilix.i586
/Hilix.i686
/Hilix.kill
/Hilix.m68k
/Hilix.mips
/Hilix.mips64
/Hilix.mpsl
/Hilix.mipsel
/Hilix.ppc
/Hilix.ppc2
/Hilix.ppc440
/Hilix.powerppc
/Hilix.root
/Hilix.root32
/Hilix.sh4
/Hilix.ssh4
/Hilix.spc
/Hilix.sparc
/Hilix.x32
/Hilix.x64
/Hilix.x86
/Hilix.x86_32
/Hilix.x86_64

# Reference: https://twitter.com/MasafumiNegishi/status/1158588492248567808

ujnffkp4b2s33fyh.onion

# Reference: https://twitter.com/bad_packets/status/1158639154835513345

158.255.5.216:8915

# Reference: https://twitter.com/MasafumiNegishi/status/1159289331279773696

dbkjbueuvmf5hh7z.onion

# Reference: https://twitter.com/bad_packets/status/1159566694160801792

185.244.25.185:1312
185.244.25.185:3912
185.244.25.185:43195

# Reference: https://twitter.com/bad_packets/status/1159604474668732416

185.172.110.224:11751

# Reference: https://twitter.com/bad_packets/status/1159579228108492800

91.92.66.192:63236

# Reference: https://twitter.com/0xrb/status/1160083082000515072

142.11.240.29:9506
/ankit.arc
/ankit.arm
/ankit.arm4
/ankit.arm4l
/ankit.arm4t
/ankit.arm4tl
/ankit.arm4tll
/ankit.armv4l
/ankit.arm5
/ankit.arm5n
/ankit.arm6
/ankit.arm64
/ankit.arm7
/ankit.dbg
/ankit.i4
/ankit.i486
/ankit.i586
/ankit.i686
/ankit.kill
/ankit.m68k
/ankit.mips
/ankit.mips64
/ankit.mpsl
/ankit.mipsel
/ankit.ppc
/ankit.ppc2
/ankit.ppc440
/ankit.powerppc
/ankit.root
/ankit.root32
/ankit.sh4
/ankit.ssh4
/ankit.spc
/ankit.sparc
/ankit.x32
/ankit.x64
/ankit.x86
/ankit.x86_32
/ankit.x86_64
/slump.arc
/slump.arm
/slump.arm4
/slump.arm4l
/slump.arm4t
/slump.arm4tl
/slump.arm4tll
/slump.armv4l
/slump.arm5
/slump.arm5n
/slump.arm6
/slump.arm64
/slump.arm7
/slump.dbg
/slump.i4
/slump.i486
/slump.i586
/slump.i686
/slump.kill
/slump.m68k
/slump.mips
/slump.mips64
/slump.mpsl
/slump.mipsel
/slump.ppc
/slump.ppc2
/slump.ppc440
/slump.powerppc
/slump.root
/slump.root32
/slump.sh4
/slump.ssh4
/slump.spc
/slump.sparc
/slump.x32
/slump.x64
/slump.x86
/slump.x86_32
/slump.x86_64

# Reference: https://twitter.com/bad_packets/status/1160129296301559808

40.89.175.73:1280
40.89.175.73:44460
/distortion.arc
/distortion.arm
/distortion.arm4
/distortion.arm4l
/distortion.arm4t
/distortion.arm4tl
/distortion.arm4tll
/distortion.armv4l
/distortion.arm5
/distortion.arm5n
/distortion.arm6
/distortion.arm64
/distortion.arm7
/distortion.dbg
/distortion.i4
/distortion.i486
/distortion.i586
/distortion.i686
/distortion.kill
/distortion.m68k
/distortion.mips
/distortion.mips64
/distortion.mpsl
/distortion.mipsel
/distortion.ppc
/distortion.ppc2
/distortion.ppc440
/distortion.powerppc
/distortion.root
/distortion.root32
/distortion.sh4
/distortion.ssh4
/distortion.spc
/distortion.sparc
/distortion.x32
/distortion.x64
/distortion.x86
/distortion.x86_32
/distortion.x86_64

# Reference: https://twitter.com/c2nner/status/1160144595013033985

51.81.20.98:1791
54.36.138.190:9375

# Reference: https://twitter.com/bad_packets/status/1160269665626554368

167.71.128.164:1337
167.71.128.164:3663
tronified.pw

# Reference: https://twitter.com/bad_packets/status/1160419048200392704

23.254.204.46:5301
23.254.204.46:9545

# Reference: https://twitter.com/0xrb/status/1160513921809129472

40.89.175.73:1280

# Reference: https://documents.trendmicro.com/assets/pdf/APPENDIX_Back-to-Back%20Campaigns.pdf
# Reference: https://otx.alienvault.com/pulse/5d52a56c0ef61fbaa08d0745

/arc.neko
/arm.neko
/arm4.neko
/arm4l.neko
/arm4t.neko
/arm4tl.neko
/arm4tll.neko
/armv4l.neko
/arm5.neko
/arm5n.neko
/arm6.neko
/arm64.neko
/arm7.neko
/dbg.neko
/i4.neko
/i486.neko
/i586.neko
/i686.neko
/kill.neko
/m68k.neko
/mips.neko
/mips64.neko
/mpsl.neko
/mipsel.neko
/ppc.neko
/ppc2.neko
/ppc440.neko
/powerppc.neko
/root.neko
/root32.neko
/sh4.neko
/ssh4.neko
/spc.neko
/sparc.neko
/x32.neko
/x64.neko
/x86.neko
/x86_32.neko
/x86_64.neko
/neko.arc
/neko.arm
/neko.arm4
/neko.arm4l
/neko.arm4t
/neko.arm4tl
/neko.arm4tll
/neko.armv4l
/neko.arm5
/neko.arm5n
/neko.arm6
/neko.arm64
/neko.arm7
/neko.dbg
/neko.i4
/neko.i486
/neko.i586
/neko.i686
/neko.kill
/neko.m68k
/neko.mips
/neko.mips64
/neko.mpsl
/neko.mipsel
/neko.ppc
/neko.ppc2
/neko.ppc440
/neko.powerppc
/neko.root
/neko.root32
/neko.sh4
/neko.ssh4
/neko.spc
/neko.sparc
/neko.x32
/neko.x64
/neko.x86
/neko.x86_32
/neko.x86_64

# Reference: https://twitter.com/bad_packets/status/1161164632104456193

31.13.195.49:79
31.13.195.49:6968

# Reference: https://twitter.com/bad_packets/status/1161459553528975360

142.44.251.105:11751
142.44.251.105:65535

# Reference: https://twitter.com/MasafumiNegishi/status/1161526802638090245

31.13.195.56:23013

# Reference: https://twitter.com/0xrb/status/1161590785596243969

shiina.mashiro.ml
18.222.226.29:42022

# Reference: https://twitter.com/0xrb/status/1161583769360293888

40.114.13.117:1791

# Reference: https://twitter.com/0xrb/status/1157975083014483969

35.193.34.171:1791
/eternal.arc
/eternal.arm
/eternal.arm4
/eternal.arm4l
/eternal.arm4t
/eternal.arm4tl
/eternal.arm4tll
/eternal.armv4l
/eternal.arm5
/eternal.arm5n
/eternal.arm6
/eternal.arm64
/eternal.arm7
/eternal.dbg
/eternal.exploit
/eternal.i4
/eternal.i486
/eternal.i586
/eternal.i686
/eternal.kill
/eternal.m68k
/eternal.mips
/eternal.mips64
/eternal.mpsl
/eternal.mipsel
/eternal.ppc
/eternal.ppc2
/eternal.ppc440
/eternal.powerppc
/eternal.root
/eternal.root32
/eternal.sh4
/eternal.ssh4
/eternal.spc
/eternal.sparc
/eternal.x32
/eternal.x64
/eternal.x86
/eternal.x86_32
/eternal.x86_64

# Reference: https://twitter.com/bad_packets/status/1161722520233340928
# Reference: https://twitter.com/0xrb/status/1162955576927670272

179.43.149.189:2470
server1.zenithnetworxs.com
/aarch64be.cloudbot
/arcle-750d.cloudbot
/arcle-hs38.cloudbot
/arc.cloudbot
/arm.cloudbot
/arm4.cloudbot
/arm4l.cloudbot
/arm4t.cloudbot
/arm4tl.cloudbot
/arm4tll.cloudbot
/armv4l.cloudbot
/arm5.cloudbot
/arm5n.cloudbot
/arm6.cloudbot
/arm64.cloudbot
/arm7.cloudbot
/dbg.cloudbot
/exploit.cloudbot
/fritzbox.cloudbot
/haarch64.cloudbot
/hnios2.cloudbot
/hopenrisc.cloudbot
/hriscv64.cloudbot
/i4.cloudbot
/i486.cloudbot
/i586.cloudbot
/i686.cloudbot
/kill.cloudbot
/linksys.cloudbot
/m68k.cloudbot
/m68k-68xxx.cloudbot
/microblazebe.cloudbot
/microblazeel.cloudbot
/mips.cloudbot
/mips2.cloudbot
/mips64.cloudbot
/mpsl.cloudbot
/mipsel.cloudbot
/ppc.cloudbot
/ppc2.cloudbot
/ppc440.cloudbot
/powerppc.cloudbot
/root.cloudbot
/root32.cloudbot
/sh-sh4.cloudbot
/sh4.cloudbot
/ssh4.cloudbot
/spc.cloudbot
/sparc.cloudbot
/x32.cloudbot
/x64.cloudbot
/x86.cloudbot
/x86_32.cloudbot
/x86_64.cloudbot
/xtensa.cloudbot
/cloudbot.aarch64be
/cloudbot.arc
/cloudbot.arcle-750d
/cloudbot.arcle-hs38
/cloudbot.arm
/cloudbot.arm4
/cloudbot.arm4l
/cloudbot.arm4t
/cloudbot.arm4tl
/cloudbot.arm4tll
/cloudbot.armv4l
/cloudbot.arm5
/cloudbot.arm5n
/cloudbot.arm6
/cloudbot.arm64
/cloudbot.arm7
/cloudbot.dbg
/cloudbot.exploit
/cloudbot.fritzbox
/cloudbot.haarch64
/cloudbot.hnios2
/cloudbot.hopenrisc
/cloudbot.hriscv64
/cloudbot.i4
/cloudbot.i486
/cloudbot.i586
/cloudbot.i686
/cloudbot.kill
/cloudbot.linksys
/cloudbot.m68k
/cloudbot.m68k-68xxx
/cloudbot.microblazebe
/cloudbot.microblazeel
/cloudbot.mips
/cloudbot.mips2
/cloudbot.mips64
/cloudbot.mpsl
/cloudbot.mipsel
/cloudbot.ppc
/cloudbot.ppc2
/cloudbot.ppc440
/cloudbot.powerppc
/cloudbot.root
/cloudbot.root32
/cloudbot.sh-sh4
/cloudbot.sh4
/cloudbot.ssh4
/cloudbot.spc
/cloudbot.sparc
/cloudbot.x32
/cloudbot.x64
/cloudbot.x86
/cloudbot.x86_32
/cloudbot.x86_64
/cloudbot.xtensa

# Reference: https://twitter.com/bad_packets/status/1161780674644156416

213.139.205.242:35668
213.139.205.242:455

# Reference: https://twitter.com/0xrb/status/1162053859180609536

40.89.172.209:1280
/dstrtn.arc
/dstrtn.arm
/dstrtn.arm4
/dstrtn.arm4l
/dstrtn.arm4t
/dstrtn.arm4tl
/dstrtn.arm4tll
/dstrtn.armv4l
/dstrtn.arm5
/dstrtn.arm5n
/dstrtn.arm6
/dstrtn.arm64
/dstrtn.arm7
/dstrtn.dbg
/dstrtn.exploit
/dstrtn.i4
/dstrtn.i486
/dstrtn.i586
/dstrtn.i686
/dstrtn.kill
/dstrtn.m68k
/dstrtn.mips
/dstrtn.mips64
/dstrtn.mpsl
/dstrtn.mipsel
/dstrtn.ppc
/dstrtn.ppc2
/dstrtn.ppc440
/dstrtn.powerppc
/dstrtn.root
/dstrtn.root32
/dstrtn.sh4
/dstrtn.ssh4
/dstrtn.spc
/dstrtn.sparc
/dstrtn.x32
/dstrtn.x64
/dstrtn.x86
/dstrtn.x86_32
/dstrtn.x86_64

# Reference: https://twitter.com/bad_packets/status/1162230113829654528

45.95.147.26:6968
45.95.147.26:79
switchnets.net

# Reference: https://twitter.com/0xrb/status/1162423882730446848

3.15.158.164:42022
shiina.mashiro.cf

# Reference: https://twitter.com/bad_packets/status/1162612382968844289

51.91.202.137:12345
51.91.202.137:8811

# Reference: https://twitter.com/bad_packets/status/1162885040839114752

198.98.62.146:23
198.98.62.146:91

# Reference: https://twitter.com/bad_packets/status/1162167149764329472

164.68.116.122:1337
164.68.116.122:65535

# Reference: https://twitter.com/0xrb/status/1163726289921953793

134.209.117.22:360
/Messiah.arc
/Messiah.arm
/Messiah.arm4
/Messiah.arm4l
/Messiah.arm4t
/Messiah.arm4tl
/Messiah.arm4tll
/Messiah.armv4l
/Messiah.arm5
/Messiah.arm5n
/Messiah.arm6
/Messiah.arm64
/Messiah.arm7
/Messiah.dbg
/Messiah.exploit
/Messiah.i4
/Messiah.i486
/Messiah.i586
/Messiah.i686
/Messiah.kill
/Messiah.m68k
/Messiah.mips
/Messiah.mips64
/Messiah.mpsl
/Messiah.mipsel
/Messiah.ppc
/Messiah.ppc2
/Messiah.ppc440
/Messiah.powerppc
/Messiah.root
/Messiah.root32
/Messiah.sh4
/Messiah.ssh4
/Messiah.spc
/Messiah.sparc
/Messiah.x32
/Messiah.x64
/Messiah.x86
/Messiah.x86_32
/Messiah.x86_64

# Reference: https://twitter.com/bad_packets/status/1164030835533549570

199.195.253.85:2323
199.195.253.85:10444
199.195.253.85:64334

# Reference: https://twitter.com/bad_packets/status/1164776376676675585

185.244.39.124:5555
185.244.39.124:10019

# Reference: https://twitter.com/nmatte90/status/1159740413445648384

/d.arc
/d.arm
/d.arm4
/d.arm4l
/d.arm4t
/d.arm4tl
/d.arm4tll
/d.armv4l
/d.arm5
/d.arm5n
/d.arm6
/d.arm64
/d.arm7
/d.dbg
/d.exploit
/d.i4
/d.i486
/d.i586
/d.i686
/d.kill
/d.m68k
/d.mips
/d.mips64
/d.mpsl
/d.mipsel
/d.ppc
/d.ppc2
/d.ppc440
/d.powerppc
/d.root
/d.root32
/d.sh4
/d.ssh4
/d.spc
/d.sparc
/d.x32
/d.x64
/d.x86
/d.x86_32
/d.x86_64

# Reference: https://twitter.com/nmatte90/status/1146721042645377024

/tronxwouvi.arc
/tronxwouvi.arm
/tronxwouvi.arm4
/tronxwouvi.arm4l
/tronxwouvi.arm4t
/tronxwouvi.arm4tl
/tronxwouvi.arm4tll
/tronxwouvi.armv4l
/tronxwouvi.arm5
/tronxwouvi.arm5n
/tronxwouvi.arm6
/tronxwouvi.arm64
/tronxwouvi.arm7
/tronxwouvi.dbg
/tronxwouvi.exploit
/tronxwouvi.i4
/tronxwouvi.i486
/tronxwouvi.i586
/tronxwouvi.i686
/tronxwouvi.kill
/tronxwouvi.m68k
/tronxwouvi.mips
/tronxwouvi.mips64
/tronxwouvi.mpsl
/tronxwouvi.mipsel
/tronxwouvi.ppc
/tronxwouvi.ppc2
/tronxwouvi.ppc440
/tronxwouvi.powerppc
/tronxwouvi.root
/tronxwouvi.root32
/tronxwouvi.sh4
/tronxwouvi.ssh4
/tronxwouvi.spc
/tronxwouvi.sparc
/tronxwouvi.x32
/tronxwouvi.x64
/tronxwouvi.x86
/tronxwouvi.x86_32
/tronxwouvi.x86_64

# Reference: https://twitter.com/nmatte90/status/1084475351089270784
# Reference: https://www.virustotal.com/gui/file/58bb77c25378cd7c57fad9f1ce98f38a8629d48018a597e78d46d38b862833a0/detection

solarpanels.com

# Reference: https://twitter.com/MasafumiNegishi/status/1165116187480481792

raiseyourdongers.pw

# Reference: https://twitter.com/bad_packets/status/1164791286265602050

185.244.25.73:81
185.244.25.73:6996
/a-r.m-4.SNOOPY
/a-r.m-5.SNOOPY
/a-r.m-6.SNOOPY
/a-r.m-7.SNOOPY
/i-4.8-6.SNOOPY
/i-5.8-6.SNOOPY
/i-6.8-6.SNOOPY
/m-6.8-k.SNOOPY
/m-i.p-s.SNOOPY
/m-p.s-l.SNOOPY
/p-p.c-.SNOOPY
/s-h.4-.SNOOPY
/x-3.2-.SNOOPY
/x-6.4-.SNOOPY
/x-8.6-.SNOOPY

# Reference: https://twitter.com/bad_packets/status/1165120433462493186

147.135.124.113:396
147.135.124.113:455
147.135.124.113:3465

# Reference: https://twitter.com/MasafumiNegishi/status/1165551089820684288

51.81.20.95:41301

# Reference: https://twitter.com/bad_packets/status/1166580475093245952

199.19.225.2:1024
199.19.225.2:1982

# Reference: https://twitter.com/bad_packets/status/1167336978041303040

80.82.65.213:123
80.82.65.213:9060
80.82.65.213:37420
cc.stresser.cc

# Reference: https://twitter.com/bad_packets/status/1168735334969958400

206.72.206.82:36496
206.72.206.82:8372

# Reference: https://twitter.com/0xrb/status/1168803616309702657

35.188.134.193:1791
/calamityarc
/calamityarm
/calamityarm4
/calamityarm4l
/calamityarm4t
/calamityarm4tl
/calamityarm4tll
/calamityarmv4l
/calamityarm5
/calamityarm5n
/calamityarm6
/calamityarm64
/calamityarm7
/calamitydbg
/calamityexploit
/calamityi4
/calamityi486
/calamityi586
/calamityi686
/calamitykill
/calamitym68k
/calamitymips
/calamitymips64
/calamitympsl
/calamitymipsel
/calamityppc
/calamityppc2
/calamityppc440
/calamitypowerppc
/calamityroot
/calamityroot32
/calamitysh
/calamitysh4
/calamityssh4
/calamityspc
/calamitysparc
/calamityx32
/calamityx64
/calamityx86
/calamityx86_32
/calamityx86_64
/calamity.arc
/calamity.arm
/calamity.arm4
/calamity.arm4l
/calamity.arm4t
/calamity.arm4tl
/calamity.arm4tll
/calamity.armv4l
/calamity.arm5
/calamity.arm5n
/calamity.arm6
/calamity.arm64
/calamity.arm7
/calamity.dbg
/calamity.exploit
/calamity.i4
/calamity.i486
/calamity.i586
/calamity.i686
/calamity.kill
/calamity.m68k
/calamity.mips
/calamity.mips64
/calamity.mpsl
/calamity.mipsel
/calamity.ppc
/calamity.ppc2
/calamity.ppc440
/calamity.powerppc
/calamity.root
/calamity.root32
/calamity.sh
/calamity.sh4
/calamity.ssh4
/calamity.spc
/calamity.sparc
/calamity.x32
/calamity.x64
/calamity.x86
/calamity.x86_32
/calamity.x86_64

# Reference: https://twitter.com/bad_packets/status/1169143015132356610

31.13.195.116:34567
31.13.195.116:64756
anunna.club

# Reference: https://twitter.com/bad_packets/status/1169511241305378817

31.13.195.65:79
switchnets.net

# Reference: https://twitter.com/bad_packets/status/1169840035048255491

50.115.162.6:23
50.115.162.6:4352

# Reference: https://twitter.com/_odisseus/status/1170967330203062272

142.11.194.239:666
142.11.253.29:45
185.164.72.149:9375
185.214.10.172:45
185.244.25.72:1791
185.7.78.31:1024
192.119.111.12:45
205.185.118.152:81
51.79.84.171:81
89.35.39.74:1092

# Reference: https://twitter.com/bad_packets/status/1172386690779865090

104.168.199.188:42069
104.168.199.188:46216

# Reference: https://twitter.com/0xrb/status/1173842132236300289

34.90.45.71:2700

# Reference: https:/twitter.com/bad_packets/status/1174566758545362944
# Reference: https://www.virustotal.com/gui/file/c75e48f5e9ae2d5514941558a57d7f440c6e825ecd0c40e9fba7cd007950046f/detection

188.209.52.11:43210

# Reference: https://twitter.com/bad_packets/status/1175485090970791939

142.11.210.231:1791
142.11.210.231:21769

# Reference: https://twitter.com/0xrb/status/1175783280789995535

botnetisharam.com

# Reference: https://twitter.com/bad_packets/status/1177330150356045826

185.244.25.122:55667
185.244.25.122:62333
/203Xmi39S.arc
/203Xmi39S.arm
/203Xmi39S.arm4
/203Xmi39S.arm4l
/203Xmi39S.arm4t
/203Xmi39S.arm4tl
/203Xmi39S.arm4tll
/203Xmi39S.armv4l
/203Xmi39S.arm5
/203Xmi39S.arm5n
/203Xmi39S.arm6
/203Xmi39S.arm64
/203Xmi39S.arm7
/203Xmi39S.dbg
/203Xmi39S.exploit
/203Xmi39S.i4
/203Xmi39S.i486
/203Xmi39S.i586
/203Xmi39S.i686
/203Xmi39S.kill
/203Xmi39S.m68k
/203Xmi39S.mips
/203Xmi39S.mips64
/203Xmi39S.mpsl
/203Xmi39S.mipsel
/203Xmi39S.ppc
/203Xmi39S.ppc2
/203Xmi39S.ppc440
/203Xmi39S.powerppc
/203Xmi39S.root
/203Xmi39S.root32
/203Xmi39S.sh4
/203Xmi39S.ssh4
/203Xmi39S.spc
/203Xmi39S.sparc
/203Xmi39S.x32
/203Xmi39S.x64
/203Xmi39S.x86
/203Xmi39S.x86_32
/203Xmi39S.x86_64

# Reference: https://twitter.com/VessOnSecurity/status/1177562345494732800

/xs.arc
/xs.arm
/xs.arm4
/xs.arm4l
/xs.arm4t
/xs.arm4tl
/xs.arm4tll
/xs.armv4l
/xs.arm5
/xs.arm5n
/xs.arm6
/xs.arm64
/xs.arm7
/xs.dbg
/xs.exploit
/xs.i4
/xs.i486
/xs.i586
/xs.i686
/xs.kill
/xs.m68k
/xs.mips
/xs.mips64
/xs.mpsl
/xs.mipsel
/xs.ppc
/xs.ppc2
/xs.ppc440
/xs.powerppc
/xs.root
/xs.root32
/xs.sh4
/xs.ssh4
/xs.spc
/xs.sparc
/xs.x32
/xs.x64
/xs.x86
/xs.x86_32
/xs.x86_64
/xenith.arc
/xenith.arm
/xenith.arm4
/xenith.arm4l
/xenith.arm4t
/xenith.arm4tl
/xenith.arm4tll
/xenith.armv4l
/xenith.arm5
/xenith.arm5n
/xenith.arm6
/xenith.arm64
/xenith.arm7
/xenith.dbg
/xenith.exploit
/xenith.i4
/xenith.i486
/xenith.i586
/xenith.i686
/xenith.kill
/xenith.m68k
/xenith.mips
/xenith.mips64
/xenith.mpsl
/xenith.mipsel
/xenith.ppc
/xenith.ppc2
/xenith.ppc440
/xenith.powerppc
/xenith.root
/xenith.root32
/xenith.sh4
/xenith.ssh4
/xenith.spc
/xenith.sparc
/xenith.x32
/xenith.x64
/xenith.x86
/xenith.x86_32
/xenith.x86_64
/Yosemite.arc
/Yosemite.arm
/Yosemite.arm4
/Yosemite.arm4l
/Yosemite.arm4t
/Yosemite.arm4tl
/Yosemite.arm4tll
/Yosemite.armv4l
/Yosemite.arm5
/Yosemite.arm5n
/Yosemite.arm6
/Yosemite.arm64
/Yosemite.arm7
/Yosemite.dbg
/Yosemite.exploit
/Yosemite.i4
/Yosemite.i486
/Yosemite.i586
/Yosemite.i686
/Yosemite.kill
/Yosemite.m68k
/Yosemite.mips
/Yosemite.mips64
/Yosemite.mpsl
/Yosemite.mipsel
/Yosemite.ppc
/Yosemite.ppc2
/Yosemite.ppc440
/Yosemite.powerppc
/Yosemite.root
/Yosemite.root32
/Yosemite.sh4
/Yosemite.ssh4
/Yosemite.spc
/Yosemite.sparc
/Yosemite.x32
/Yosemite.x64
/Yosemite.x86
/Yosemite.x86_32
/Yosemite.x86_64
/kungfu.arc
/kungfu.arm
/kungfu.arm4
/kungfu.arm4l
/kungfu.arm4t
/kungfu.arm4tl
/kungfu.arm4tll
/kungfu.armv4l
/kungfu.arm5
/kungfu.arm5n
/kungfu.arm6
/kungfu.arm64
/kungfu.arm7
/kungfu.dbg
/kungfu.exploit
/kungfu.i4
/kungfu.i486
/kungfu.i586
/kungfu.i686
/kungfu.kill
/kungfu.m68k
/kungfu.mips
/kungfu.mips64
/kungfu.mpsl
/kungfu.mipsel
/kungfu.ppc
/kungfu.ppc2
/kungfu.ppc440
/kungfu.powerppc
/kungfu.root
/kungfu.root32
/kungfu.sh4
/kungfu.ssh4
/kungfu.spc
/kungfu.sparc
/kungfu.x32
/kungfu.x64
/kungfu.x86
/kungfu.x86_32
/kungfu.x86_64
/4_20_gang.arc
/4_20_gang.arm
/4_20_gang.arm4
/4_20_gang.arm4l
/4_20_gang.arm4t
/4_20_gang.arm4tl
/4_20_gang.arm4tll
/4_20_gang.armv4l
/4_20_gang.arm5
/4_20_gang.arm5n
/4_20_gang.arm6
/4_20_gang.arm64
/4_20_gang.arm7
/4_20_gang.dbg
/4_20_gang.exploit
/4_20_gang.i4
/4_20_gang.i486
/4_20_gang.i586
/4_20_gang.i686
/4_20_gang.kill
/4_20_gang.m68k
/4_20_gang.mips
/4_20_gang.mips64
/4_20_gang.mpsl
/4_20_gang.mipsel
/4_20_gang.ppc
/4_20_gang.ppc2
/4_20_gang.ppc440
/4_20_gang.powerppc
/4_20_gang.root
/4_20_gang.root32
/4_20_gang.sh4
/4_20_gang.ssh4
/4_20_gang.spc
/4_20_gang.sparc
/4_20_gang.x32
/4_20_gang.x64
/4_20_gang.x86
/4_20_gang.x86_32
/4_20_gang.x86_64
/Fourloko.arc
/Fourloko.arm
/Fourloko.arm4
/Fourloko.arm4l
/Fourloko.arm4t
/Fourloko.arm4tl
/Fourloko.arm4tll
/Fourloko.armv4l
/Fourloko.arm5
/Fourloko.arm5n
/Fourloko.arm6
/Fourloko.arm64
/Fourloko.arm7
/Fourloko.dbg
/Fourloko.exploit
/Fourloko.i4
/Fourloko.i486
/Fourloko.i586
/Fourloko.i686
/Fourloko.kill
/Fourloko.m68k
/Fourloko.mips
/Fourloko.mips64
/Fourloko.mpsl
/Fourloko.mipsel
/Fourloko.ppc
/Fourloko.ppc2
/Fourloko.ppc440
/Fourloko.powerppc
/Fourloko.root
/Fourloko.root32
/Fourloko.sh4
/Fourloko.ssh4
/Fourloko.spc
/Fourloko.sparc
/Fourloko.x32
/Fourloko.x64
/Fourloko.x86
/Fourloko.x86_32
/Fourloko.x86_64

# Reference: https://blog.netlab.360.com/the-botnet-cluster-on-185-244-25-0-24-en/

sisuugde7gzpef2d.onion
/kuojin.arc
/kuojin.arm
/kuojin.arm4
/kuojin.arm4l
/kuojin.arm4t
/kuojin.arm4tl
/kuojin.arm4tll
/kuojin.armv4l
/kuojin.arm5
/kuojin.arm5n
/kuojin.arm6
/kuojin.arm64
/kuojin.arm7
/kuojin.dbg
/kuojin.exploit
/kuojin.i4
/kuojin.i486
/kuojin.i586
/kuojin.i686
/kuojin.kill
/kuojin.m68k
/kuojin.mips
/kuojin.mips64
/kuojin.mpsl
/kuojin.mipsel
/kuojin.ppc
/kuojin.ppc2
/kuojin.ppc440
/kuojin.powerppc
/kuojin.root
/kuojin.root32
/kuojin.sh4
/kuojin.ssh4
/kuojin.spc
/kuojin.sparc
/kuojin.x32
/kuojin.x64
/kuojin.x86
/kuojin.x86_32
/kuojin.x86_64
/arc.handymanny
/arm.handymanny
/arm4.handymanny
/arm4l.handymanny
/arm4t.handymanny
/arm4tl.handymanny
/arm4tll.handymanny
/armv4l.handymanny
/arm5.handymanny
/arm5n.handymanny
/arm6.handymanny
/arm64.handymanny
/arm7.handymanny
/dbg.handymanny
/exploit.handymanny
/i4.handymanny
/i486.handymanny
/i586.handymanny
/i686.handymanny
/kill.handymanny
/m68k.handymanny
/mips.handymanny
/mips64.handymanny
/mpsl.handymanny
/mipsel.handymanny
/ppc.handymanny
/ppc440.handymanny
/powerppc.handymanny
/root.handymanny
/root32.handymanny
/sh4.handymanny
/spc.handymanny
/sparc.handymanny
/x32.handymanny
/x64.handymanny
/x86.handymanny
/x86_32.handymanny
/x86_64.handymanny

# Reference: https://twitter.com/bad_packets/status/1177855406149816320
# Reference: https://twitter.com/bad_packets/status/1179484377018961922

64.44.40.242:1024
64.44.40.242:1982
64.44.40.242:34712
64.44.40.242:45

# Reference: https://twitter.com/bad_packets/status/1159344580510146561

185.35.138.156:655

# Reference: https://securelist.com/new-wave-of-mirai-attacking-home-routers/76791/
# Reference: https://twitter.com/MalwareConfig/status/1180888733542993925
# Reference: https://malwareconfig.com/config/238a67e6f9b129680b618a3c579a8c6c
# Reference: https://wander.science/projects/traffic-analysis/semi-active-honeypot/tr69/tr69-commands.txt

binpt.pw
jgop.org
kciap.pw
mziep.pw
securityupdates.us
srrys.pw
timeserver.host
tr069.pw
vizxv.pw
p.ocalhost.host
ocalhost.host

# Reference: https://twitter.com/mjbv/status/1180493072083369984

/taramisu4.arc
/taramisu4.arm
/taramisu4.arm4
/taramisu4.arm4l
/taramisu4.arm4t
/taramisu4.arm4tl
/taramisu4.arm4tll
/taramisu4.armv4l
/taramisu4.arm5
/taramisu4.arm5n
/taramisu4.arm6
/taramisu4.arm64
/taramisu4.arm7
/taramisu4.dbg
/taramisu4.exploit
/taramisu4.i4
/taramisu4.i486
/taramisu4.i586
/taramisu4.i686
/taramisu4.kill
/taramisu4.m68k
/taramisu4.mips
/taramisu4.mips64
/taramisu4.mpsl
/taramisu4.mipsel
/taramisu4.ppc
/taramisu4.ppc2
/taramisu4.ppc440
/taramisu4.powerppc
/taramisu4.root
/taramisu4.root32
/taramisu4.sh4
/taramisu4.ssh4
/taramisu4.spc
/taramisu4.sparc
/taramisu4.x32
/taramisu4.x64
/taramisu4.x86
/taramisu4.x86_32
/taramisu4.x86_64

# Reference: https://twitter.com/mjbv/status/1180187125226098688

/UwUAkashicO.arc
/UwUAkashicO.arm
/UwUAkashicO.arm4
/UwUAkashicO.arm4l
/UwUAkashicO.arm4t
/UwUAkashicO.arm4tl
/UwUAkashicO.arm4tll
/UwUAkashicO.armv4l
/UwUAkashicO.arm5
/UwUAkashicO.arm5n
/UwUAkashicO.arm6
/UwUAkashicO.arm64
/UwUAkashicO.arm7
/UwUAkashicO.dbg
/UwUAkashicO.exploit
/UwUAkashicO.i4
/UwUAkashicO.i486
/UwUAkashicO.i586
/UwUAkashicO.i686
/UwUAkashicO.kill
/UwUAkashicO.m68k
/UwUAkashicO.mips
/UwUAkashicO.mips64
/UwUAkashicO.mpsl
/UwUAkashicO.mipsel
/UwUAkashicO.ppc
/UwUAkashicO.ppc2
/UwUAkashicO.ppc440
/UwUAkashicO.powerppc
/UwUAkashicO.root
/UwUAkashicO.root32
/UwUAkashicO.sh4
/UwUAkashicO.ssh4
/UwUAkashicO.spc
/UwUAkashicO.sparc
/UwUAkashicO.x32
/UwUAkashicO.x64
/UwUAkashicO.x86
/UwUAkashicO.x86_32
/UwUAkashicO.x86_64

# Reference: https://twitter.com/mjbv/status/1179717303061110785

/wolf.arc
/wolf.arm
/wolf.arm4
/wolf.arm4l
/wolf.arm4t
/wolf.arm4tl
/wolf.arm4tll
/wolf.armv4l
/wolf.arm5
/wolf.arm5n
/wolf.arm6
/wolf.arm64
/wolf.arm7
/wolf.dbg
/wolf.exploit
/wolf.i4
/wolf.i486
/wolf.i586
/wolf.i686
/wolf.kill
/wolf.m68k
/wolf.mips
/wolf.mips64
/wolf.mpsl
/wolf.mipsel
/wolf.ppc
/wolf.ppc2
/wolf.ppc440
/wolf.powerppc
/wolf.root
/wolf.root32
/wolf.sh4
/wolf.ssh4
/wolf.spc
/wolf.sparc
/wolf.x32
/wolf.x64
/wolf.x86
/wolf.x86_32
/wolf.x86_64

# Reference: https://twitter.com/mjbv/status/1180608179710939136

/layer.arc
/layer.arm
/layer.arm4
/layer.arm4l
/layer.arm4t
/layer.arm4tl
/layer.arm4tll
/layer.armv4l
/layer.arm5
/layer.arm5n
/layer.arm6
/layer.arm64
/layer.arm7
/layer.dbg
/layer.exploit
/layer.i4
/layer.i486
/layer.i586
/layer.i686
/layer.kill
/layer.m68k
/layer.mips
/layer.mips64
/layer.mpsl
/layer.mipsel
/layer.ppc
/layer.ppc2
/layer.ppc440
/layer.powerppc
/layer.root
/layer.root32
/layer.sh4
/layer.ssh4
/layer.spc
/layer.sparc
/layer.x32
/layer.x64
/layer.x86
/layer.x86_32
/layer.x86_64

# Reference: https://twitter.com/0xrb/status/1181806574165098496

51.91.123.232:49627
/animehq.arc
/animehq.arm
/animehq.arm4
/animehq.arm4l
/animehq.arm4t
/animehq.arm4tl
/animehq.arm4tll
/animehq.armv4l
/animehq.arm5
/animehq.arm5n
/animehq.arm6
/animehq.arm64
/animehq.arm7
/animehq.dbg
/animehq.exploit
/animehq.i4
/animehq.i486
/animehq.i586
/animehq.i686
/animehq.kill
/animehq.m68k
/animehq.mips
/animehq.mips64
/animehq.mpsl
/animehq.mipsel
/animehq.ppc
/animehq.ppc2
/animehq.ppc440
/animehq.powerppc
/animehq.root
/animehq.root32
/animehq.sh4
/animehq.ssh4
/animehq.spc
/animehq.sparc
/animehq.x32
/animehq.x64
/animehq.x86
/animehq.x86_32
/animehq.x86_64

# Reference: https://twitter.com/0xrb/status/1181803862404894720

51.91.111.198:8760

# Reference: https://twitter.com/mjbv/status/1181924723514589194

/pandora.arc
/pandora.arm
/pandora.arm4
/pandora.arm4l
/pandora.arm4t
/pandora.arm4tl
/pandora.arm4tll
/pandora.armv4l
/pandora.arm5
/pandora.arm5n
/pandora.arm6
/pandora.arm64
/pandora.arm7
/pandora.dbg
/pandora.exploit
/pandora.i4
/pandora.i486
/pandora.i586
/pandora.i686
/pandora.kill
/pandora.m68k
/pandora.mips
/pandora.mips64
/pandora.mpsl
/pandora.mipsel
/pandora.ppc
/pandora.ppc2
/pandora.ppc440
/pandora.powerppc
/pandora.root
/pandora.root32
/pandora.sh4
/pandora.ssh4
/pandora.spc
/pandora.sparc
/pandora.x32
/pandora.x64
/pandora.x86
/pandora.x86_32
/pandora.x86_64

# Reference: https://twitter.com/_odisseus/status/1182198538010337280

/fortnite.arc
/fortnite.arm
/fortnite.arm4
/fortnite.arm4l
/fortnite.arm4t
/fortnite.arm4tl
/fortnite.arm4tll
/fortnite.armv4l
/fortnite.arm5
/fortnite.arm5n
/fortnite.arm6
/fortnite.arm64
/fortnite.arm7
/fortnite.dbg
/fortnite.exploit
/fortnite.i4
/fortnite.i486
/fortnite.i586
/fortnite.i686
/fortnite.kill
/fortnite.m68k
/fortnite.mips
/fortnite.mips64
/fortnite.mpsl
/fortnite.mipsel
/fortnite.ppc
/fortnite.ppc2
/fortnite.ppc440
/fortnite.powerppc
/fortnite.root
/fortnite.root32
/fortnite.sh4
/fortnite.ssh4
/fortnite.spc
/fortnite.sparc
/fortnite.x32
/fortnite.x64
/fortnite.x86
/fortnite.x86_32
/fortnite.x86_64
/ouija_a.rc
/ouija_a.rm
/ouija_a.rm4
/ouija_a.rm4l
/ouija_a.rm4t
/ouija_a.rm4tl
/ouijaa.rm4tll
/ouija_a.rmv4l
/ouija_a.rm5
/ouija_a.rm5n
/ouija_a.rm6
/ouija_a.rm64
/ouija_a.rm7
/ouija_d.bg
/ouija_e.xploit
/ouija_i.486
/ouija_i.586
/ouija_i.686
/ouija_m.68k
/ouija_m.ips
/ouija_m.ips64
/ouija_m.psl
/ouija_m.ipsel
/ouija_p.pc
/ouija_p.pc2
/ouija_p.pc440
/ouija_p.owerppc
/ouija_r.oot
/ouija_r.oot32
/ouija_s.h4
/ouija_s.sh4
/ouija_s.pc
/ouija_s.parc
/ouija_x.32
/ouija_x.64
/ouija_x.86
/ouija_x.86_32
/ouija_x.86_64

# Reference: https://twitter.com/zom3y3/status/1182869169164783616

93.174.93.178:31337

# Reference: https://twitter.com/0xrb/status/1184042533468262400

/cloud.arc
/cloud.arm
/cloud.arm4
/cloud.arm4l
/cloud.arm4t
/cloud.arm4tl
/cloud.arm4tll
/cloud.armv4l
/cloud.arm5
/cloud.arm5n
/cloud.arm6
/cloud.arm64
/cloud.arm7
/cloud.dbg
/cloud.exploit
/cloud.i4
/cloud.i486
/cloud.i586
/cloud.i686
/cloud.kill
/cloud.m68k
/cloud.mips
/cloud.mips64
/cloud.mpsl
/cloud.mipsel
/cloud.ppc
/cloud.ppc2
/cloud.ppc440
/cloud.powerppc
/cloud.root
/cloud.root32
/cloud.sh4
/cloud.ssh4
/cloud.spc
/cloud.sparc
/cloud.x32
/cloud.x64
/cloud.x86
/cloud.x86_32
/cloud.x86_64
/federal.arc
/federal.arm
/federal.arm4
/federal.arm4l
/federal.arm4t
/federal.arm4tl
/federal.arm4tll
/federal.armv4l
/federal.arm5
/federal.arm5n
/federal.arm6
/federal.arm64
/federal.arm7
/federal.dbg
/federal.exploit
/federal.i4
/federal.i486
/federal.i586
/federal.i686
/federal.kill
/federal.m68k
/federal.mips
/federal.mips64
/federal.mpsl
/federal.mipsel
/federal.ppc
/federal.ppc2
/federal.ppc440
/federal.powerppc
/federal.root
/federal.root32
/federal.sh4
/federal.ssh4
/federal.spc
/federal.sparc
/federal.x32
/federal.x64
/federal.x86
/federal.x86_32
/federal.x86_64
/onbdkyurs.arc
/onbdkyurs.arm
/onbdkyurs.arm4
/onbdkyurs.arm4l
/onbdkyurs.arm4t
/onbdkyurs.arm4tl
/onbdkyurs.arm4tll
/onbdkyurs.armv4l
/onbdkyurs.arm5
/onbdkyurs.arm5n
/onbdkyurs.arm6
/onbdkyurs.arm64
/onbdkyurs.arm7
/onbdkyurs.dbg
/onbdkyurs.exploit
/onbdkyurs.i4
/onbdkyurs.i486
/onbdkyurs.i586
/onbdkyurs.i686
/onbdkyurs.kill
/onbdkyurs.m68k
/onbdkyurs.mips
/onbdkyurs.mips64
/onbdkyurs.mpsl
/onbdkyurs.mipsel
/onbdkyurs.ppc
/onbdkyurs.ppc2
/onbdkyurs.ppc440
/onbdkyurs.powerppc
/onbdkyurs.root
/onbdkyurs.root32
/onbdkyurs.sh4
/onbdkyurs.ssh4
/onbdkyurs.spc
/onbdkyurs.sparc
/onbdkyurs.x32
/onbdkyurs.x64
/onbdkyurs.x86
/onbdkyurs.x86_32
/onbdkyurs.x86_64
/typpaostur.arc
/typpaostur.arm
/typpaostur.arm4
/typpaostur.arm4l
/typpaostur.arm4t
/typpaostur.arm4tl
/typpaostur.arm4tll
/typpaostur.arm5
/typpaostur.arm5l
/typpaostur.arm5n
/typpaostur.arm6
/typpaostur.arm64
/typpaostur.arm6l
/typpaostur.arm7
/typpaostur.arm7l
/typpaostur.arm8
/typpaostur.armv4
/typpaostur.armv4l
/typpaostur.armv5l
/typpaostur.armv6
/typpaostur.armv61
/typpaostur.armv6l
/typpaostur.armv7l
/typpaostur.dbg
/typpaostur.exploit
/typpaostur.i4
/typpaostur.i486
/typpaostur.i586
/typpaostur.i6
/typpaostur.i686
/typpaostur.kill
/typpaostur.m68
/typpaostur.m68k
/typpaostur.mips
/typpaostur.mips64
/typpaostur.mipsel
/typpaostur.mpsl
/typpaostur.pcc
/typpaostur.powerpc
/typpaostur.powerpc-440fp
/typpaostur.powerppc
/typpaostur.ppc
/typpaostur.ppc2
/typpaostur.ppc440
/typpaostur.ppc440fp
/typpaostur.root
/typpaostur.root32
/typpaostur.sh
/typpaostur.sh4
/typpaostur.sparc
/typpaostur.spc
/typpaostur.ssh4
/typpaostur.x32
/typpaostur.x64
/typpaostur.x86
/typpaostur.x86_32
/typpaostur.x86_64

# Reference: https://twitter.com/0xrb/status/1184356822154502144

185.158.248.87:1791

# Reference: https://twitter.com/0xrb/status/1184506773358538753

/blxntz.arc
/blxntz.arm
/blxntz.arm4
/blxntz.arm4l
/blxntz.arm4t
/blxntz.arm4tl
/blxntz.arm4tll
/blxntz.armv4l
/blxntz.arm5
/blxntz.arm5n
/blxntz.arm6
/blxntz.arm64
/blxntz.arm7
/blxntz.dbg
/blxntz.exploit
/blxntz.i4
/blxntz.i486
/blxntz.i586
/blxntz.i686
/blxntz.kill
/blxntz.m68k
/blxntz.mips
/blxntz.mips64
/blxntz.mpsl
/blxntz.mipsel
/blxntz.ppc
/blxntz.ppc2
/blxntz.ppc440
/blxntz.powerppc
/blxntz.root
/blxntz.root32
/blxntz.sh4
/blxntz.ssh4
/blxntz.spc
/blxntz.sparc
/blxntz.x32
/blxntz.x64
/blxntz.x86
/blxntz.x86_32
/blxntz.x86_64
/test.arc
/test.arm
/test.arm4
/test.arm4l
/test.arm4t
/test.arm4tl
/test.arm4tll
/test.armv4l
/test.arm5
/test.arm5n
/test.arm6
/test.arm64
/test.arm7
/test.dbg
/test.exploit
/test.i4
/test.i486
/test.i586
/test.i686
/test.kill
/test.m68k
/test.mips
/test.mips64
/test.mpsl
/test.mipsel
/test.ppc
/test.ppc2
/test.ppc440
/test.powerppc
/test.root
/test.root32
/test.sh4
/test.ssh4
/test.spc
/test.sparc
/test.x32
/test.x64
/test.x86
/test.x86_32
/test.x86_64
/updating.arc
/updating.arm
/updating.arm4
/updating.arm4l
/updating.arm4t
/updating.arm4tl
/updating.arm4tll
/updating.armv4l
/updating.arm5
/updating.arm5n
/updating.arm6
/updating.arm64
/updating.arm7
/updating.dbg
/updating.exploit
/updating.i4
/updating.i486
/updating.i586
/updating.i686
/updating.kill
/updating.m68k
/updating.mips
/updating.mips64
/updating.mpsl
/updating.mipsel
/updating.ppc
/updating.ppc2
/updating.ppc440
/updating.powerppc
/updating.root
/updating.root32
/updating.sh4
/updating.ssh4
/updating.spc
/updating.sparc
/updating.x32
/updating.x64
/updating.x86
/updating.x86_32
/updating.x86_64

# Reference: https://twitter.com/0xrb/status/1184534416397389825

/selfrep.arc
/selfrep.arm
/selfrep.arm4
/selfrep.arm4l
/selfrep.arm4t
/selfrep.arm4tl
/selfrep.arm4tll
/selfrep.armv4l
/selfrep.arm5
/selfrep.arm5n
/selfrep.arm6
/selfrep.arm64
/selfrep.arm7
/selfrep.dbg
/selfrep.exploit
/selfrep.i4
/selfrep.i486
/selfrep.i586
/selfrep.i686
/selfrep.kill
/selfrep.m68k
/selfrep.mips
/selfrep.mips64
/selfrep.mpsl
/selfrep.mipsel
/selfrep.ppc
/selfrep.ppc2
/selfrep.ppc440
/selfrep.powerppc
/selfrep.root
/selfrep.root32
/selfrep.sh4
/selfrep.ssh4
/selfrep.spc
/selfrep.sparc
/selfrep.x32
/selfrep.x64
/selfrep.x86
/selfrep.x86_32
/selfrep.x86_64

# Reference: https://twitter.com/bad_packets/status/1186533002483884033

145.239.212.59:8080
145.239.212.59:43210
/linux.arc
/linux.arm
/linux.arm4
/linux.arm4l
/linux.arm4t
/linux.arm4tl
/linux.arm4tll
/linux.armv4l
/linux.arm5
/linux.arm5n
/linux.arm6
/linux.arm64
/linux.arm7
/linux.arm8
/linux.dbg
/linux.exploit
/linux.i4
/linux.i486
/linux.i586
/linux.i686
/linux.kill
/linux.m68k
/linux.mips
/linux.mips64
/linux.mpsl
/linux.mipsel
/linux.ppc
/linux.ppc2
/linux.ppc440
/linux.powerppc
/linux.root
/linux.root32
/linux.sh4
/linux.ssh4
/linux.spc
/linux.sparc
/linux.x32
/linux.x64
/linux.x86
/linux.x86_32
/linux.x86_64

# Reference: https://twitter.com/bad_packets/status/1186874026796281856

193.19.119.165:4201

# Reference: https://twitter.com/bad_packets/status/1187172876903862273

5.252.193.53:4201

# Reference: https://twitter.com/mjbv/status/1187371930040635393

/layerrrrrrrr.arc
/layerrrrrrrr.arm
/layerrrrrrrr.arm4
/layerrrrrrrr.arm4l
/layerrrrrrrr.arm4t
/layerrrrrrrr.arm4tl
/layerrrrrrrr.arm4tll
/layerrrrrrrr.armv4l
/layerrrrrrrr.arm5
/layerrrrrrrr.arm5n
/layerrrrrrrr.arm6
/layerrrrrrrr.arm64
/layerrrrrrrr.arm7
/layerrrrrrrr.arm8
/layerrrrrrrr.dbg
/layerrrrrrrr.exploit
/layerrrrrrrr.i4
/layerrrrrrrr.i486
/layerrrrrrrr.i586
/layerrrrrrrr.i686
/layerrrrrrrr.kill
/layerrrrrrrr.m68k
/layerrrrrrrr.mips
/layerrrrrrrr.mips64
/layerrrrrrrr.mpsl
/layerrrrrrrr.mipsel
/layerrrrrrrr.ppc
/layerrrrrrrr.ppc2
/layerrrrrrrr.ppc440
/layerrrrrrrr.powerppc
/layerrrrrrrr.root
/layerrrrrrrr.root32
/layerrrrrrrr.sh4
/layerrrrrrrr.ssh4
/layerrrrrrrr.spc
/layerrrrrrrr.sparc
/layerrrrrrrr.x32
/layerrrrrrrr.x64
/layerrrrrrrr.x86
/layerrrrrrrr.x86_32
/layerrrrrrrr.x86_64

# Reference: https://twitter.com/bad_packets/status/1188285300407029761

142.11.227.208:81
142.11.227.208:21769
/PacketsxTsunami.arc
/PacketsxTsunami.arm
/PacketsxTsunami.arm4
/PacketsxTsunami.arm4l
/PacketsxTsunami.arm4t
/PacketsxTsunami.arm4tl
/PacketsxTsunami.arm4tll
/PacketsxTsunami.armv4l
/PacketsxTsunami.arm5
/PacketsxTsunami.arm5n
/PacketsxTsunami.arm6
/PacketsxTsunami.arm64
/PacketsxTsunami.arm7
/PacketsxTsunami.arm8
/PacketsxTsunami.dbg
/PacketsxTsunami.exploit
/PacketsxTsunami.i4
/PacketsxTsunami.i486
/PacketsxTsunami.i586
/PacketsxTsunami.i686
/PacketsxTsunami.kill
/PacketsxTsunami.m68k
/PacketsxTsunami.mips
/PacketsxTsunami.mips64
/PacketsxTsunami.mpsl
/PacketsxTsunami.mipsel
/PacketsxTsunami.ppc
/PacketsxTsunami.ppc2
/PacketsxTsunami.ppc440
/PacketsxTsunami.powerppc
/PacketsxTsunami.root
/PacketsxTsunami.root32
/PacketsxTsunami.sh4
/PacketsxTsunami.ssh4
/PacketsxTsunami.spc
/PacketsxTsunami.sparc
/PacketsxTsunami.x32
/PacketsxTsunami.x64
/PacketsxTsunami.x86
/PacketsxTsunami.x86_32
/PacketsxTsunami.x86_64

# Reference: https://twitter.com/bad_packets/status/1188545158330994688

190.2.156.118:19992
190.2.156.118:26663

# Reference: https://twitter.com/bad_packets/status/1189597327297695744
# Reference: https://twitter.com/0xrb/status/1191047992192557056

35.236.44.15:1338
35.236.44.15:31337
35.236.111.58:1338
35.236.111.58:31337

# Reference: https://twitter.com/bad_packets/status/1189303080153690113
# Reference: https://twitter.com/huiwangeth/status/1194831544101113857

5.206.227.65:61002
5.206.227.65:6592
5.206.227.65:6593

# Reference: https://unit42.paloaltonetworks.com/home-small-office-wireless-routers-exploited-to-attack-gaming-servers/
# Reference: https://otx.alienvault.com/pulse/5dbaf1d8346dc64b7498801a

185.172.110.224:80
185.172.110.224:993

# Reference: https://twitter.com/0xrb/status/1189922842185351170

134.209.87.59:9812
/hyena.arc
/hyena.arm
/hyena.arm4
/hyena.arm4l
/hyena.arm4t
/hyena.arm4tl
/hyena.arm4tll
/hyena.armv4l
/hyena.arm5
/hyena.arm5n
/hyena.arm6
/hyena.arm64
/hyena.arm7
/hyena.arm8
/hyena.dbg
/hyena.exploit
/hyena.i4
/hyena.i486
/hyena.i586
/hyena.i686
/hyena.kill
/hyena.m68k
/hyena.mips
/hyena.mips64
/hyena.mpsl
/hyena.mipsel
/hyena.ppc
/hyena.ppc2
/hyena.ppc440
/hyena.powerppc
/hyena.root
/hyena.root32
/hyena.sh4
/hyena.ssh4
/hyena.spc
/hyena.sparc
/hyena.x32
/hyena.x64
/hyena.x86
/hyena.x86_32
/hyena.x86_64

# Reference: https://twitter.com/bad_packets/status/1190142325529436160

89.35.39.74:1092
89.35.39.74:1920

# Reference: https://twitter.com/bad_packets/status/1190368205245538305

2.56.8.157:748
2.56.8.157:1742

# Reference: https://twitter.com/bad_packets/status/1190447880487596032

192.99.154.217:1026
192.99.154.217:1366

# Reference: https://blog.radware.com/security/2018/02/jenx-los-calvos-de-san-calvicie/

80.82.70.202:127
skids.sancalvicie.com

# Reference: https://twitter.com/bad_packets/status/1190795126269825024

/fbot.aarch64
/fbot.arc
/fbot.arm
/fbot.arm4
/fbot.arm4l
/fbot.arm4t
/fbot.arm4tl
/fbot.arm4tll
/fbot.armv4l
/fbot.arm5
/fbot.arm5n
/fbot.arm6
/fbot.arm64
/fbot.arm7
/fbot.arm8
/fbot.dbg
/fbot.exploit
/fbot.i4
/fbot.i486
/fbot.i586
/fbot.i686
/fbot.kill
/fbot.m68k
/fbot.mips
/fbot.mips64
/fbot.mpsl
/fbot.mipsel
/fbot.ppc
/fbot.ppc2
/fbot.ppc440
/fbot.powerppc
/fbot.root
/fbot.root32
/fbot.sh4
/fbot.ssh4
/fbot.spc
/fbot.sparc
/fbot.x32
/fbot.x64
/fbot.x86
/fbot.x86_32
/fbot.x86_64

# Reference: https://blog.netlab.360.com/the-new-developments-of-the-fbot-en/

ukrainianhorseriding.com

# Reference: https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/

musl.lib
ukrainianhorseriding.com
/adbs2

# Reference: https://twitter.com/zom3y3/status/1105754947746856960

/adb_scan

# Reference: https://twitter.com/zom3y3/status/1103920635447635969

alice.ukrainianhorseriding.com
185.248.101.60:6592

# Reference: https://twitter.com/360Netlab/status/1097458737189552128

xabolfpzbz.ukrainianhorseriding.com
185.61.138.13:6592

# Reference: https://twitter.com/_odisseus/status/1194570666873364480
# Reference: https://pastebin.com/xEvgupqi

/Ayedz.aarch64
/Ayedz.arc
/Ayedz.arm
/Ayedz.arm4
/Ayedz.arm4l
/Ayedz.arm4t
/Ayedz.arm4tl
/Ayedz.arm4tll
/Ayedz.armv4l
/Ayedz.arm5
/Ayedz.arm5n
/Ayedz.arm6
/Ayedz.arm64
/Ayedz.arm7
/Ayedz.arm8
/Ayedz.dbg
/Ayedz.exploit
/Ayedz.i4
/Ayedz.i486
/Ayedz.i586
/Ayedz.i686
/Ayedz.kill
/Ayedz.m68k
/Ayedz.mips
/Ayedz.mips64
/Ayedz.mpsl
/Ayedz.mipsel
/Ayedz.ppc
/Ayedz.ppc2
/Ayedz.ppc440
/Ayedz.powerppc
/Ayedz.root
/Ayedz.root32
/Ayedz.sh4
/Ayedz.ssh4
/Ayedz.spc
/Ayedz.sparc
/Ayedz.x32
/Ayedz.x64
/Ayedz.x86
/Ayedz.x86_32
/Ayedz.x86_64
/ESEW4BXS.aarch64
/ESEW4BXS.arc
/ESEW4BXS.arm
/ESEW4BXS.arm4
/ESEW4BXS.arm4l
/ESEW4BXS.arm4t
/ESEW4BXS.arm4tl
/ESEW4BXS.arm4tll
/ESEW4BXS.armv4l
/ESEW4BXS.arm5
/ESEW4BXS.arm5n
/ESEW4BXS.arm6
/ESEW4BXS.arm64
/ESEW4BXS.arm7
/ESEW4BXS.arm8
/ESEW4BXS.dbg
/ESEW4BXS.exploit
/ESEW4BXS.i4
/ESEW4BXS.i486
/ESEW4BXS.i586
/ESEW4BXS.i686
/ESEW4BXS.kill
/ESEW4BXS.m68k
/ESEW4BXS.mips
/ESEW4BXS.mips64
/ESEW4BXS.mpsl
/ESEW4BXS.mipsel
/ESEW4BXS.ppc
/ESEW4BXS.ppc2
/ESEW4BXS.ppc440
/ESEW4BXS.powerppc
/ESEW4BXS.root
/ESEW4BXS.root32
/ESEW4BXS.sh4
/ESEW4BXS.ssh4
/ESEW4BXS.spc
/ESEW4BXS.sparc
/ESEW4BXS.x32
/ESEW4BXS.x64
/ESEW4BXS.x86
/ESEW4BXS.x86_32
/ESEW4BXS.x86_64
/FederalVPN.aarch64
/FederalVPN.arc
/FederalVPN.arm
/FederalVPN.arm4
/FederalVPN.arm4l
/FederalVPN.arm4t
/FederalVPN.arm4tl
/FederalVPN.arm4tll
/FederalVPN.armv4l
/FederalVPN.arm5
/FederalVPN.arm5n
/FederalVPN.arm6
/FederalVPN.arm64
/FederalVPN.arm7
/FederalVPN.arm8
/FederalVPN.dbg
/FederalVPN.exploit
/FederalVPN.i4
/FederalVPN.i486
/FederalVPN.i586
/FederalVPN.i686
/FederalVPN.kill
/FederalVPN.m68k
/FederalVPN.mips
/FederalVPN.mips64
/FederalVPN.mpsl
/FederalVPN.mipsel
/FederalVPN.ppc
/FederalVPN.ppc2
/FederalVPN.ppc440
/FederalVPN.powerppc
/FederalVPN.root
/FederalVPN.root32
/FederalVPN.sh4
/FederalVPN.ssh4
/FederalVPN.spc
/FederalVPN.sparc
/FederalVPN.x32
/FederalVPN.x64
/FederalVPN.x86
/FederalVPN.x86_32
/FederalVPN.x86_64
/shibui.aarch64
/shibui.arc
/shibui.arm
/shibui.arm4
/shibui.arm4l
/shibui.arm4t
/shibui.arm4tl
/shibui.arm4tll
/shibui.armv4l
/shibui.arm5
/shibui.arm5n
/shibui.arm6
/shibui.arm64
/shibui.arm7
/shibui.arm8
/shibui.dbg
/shibui.exploit
/shibui.i4
/shibui.i486
/shibui.i586
/shibui.i686
/shibui.kill
/shibui.m68k
/shibui.mips
/shibui.mips64
/shibui.mpsl
/shibui.mipsel
/shibui.ppc
/shibui.ppc2
/shibui.ppc440
/shibui.powerppc
/shibui.root
/shibui.root32
/shibui.sh4
/shibui.ssh4
/shibui.spc
/shibui.sparc
/shibui.x32
/shibui.x64
/shibui.x86
/shibui.x86_32
/shibui.x86_64
/system_file.aarch64
/system_file.arc
/system_file.arm
/system_file.arm4
/system_file.arm4l
/system_file.arm4t
/system_file.arm4tl
/system_file.arm4tll
/system_file.armv4l
/system_file.arm5
/system_file.arm5n
/system_file.arm6
/system_file.arm64
/system_file.arm7
/system_file.arm8
/system_file.dbg
/system_file.exploit
/system_file.i4
/system_file.i486
/system_file.i586
/system_file.i686
/system_file.kill
/system_file.m68k
/system_file.mips
/system_file.mips64
/system_file.mpsl
/system_file.mipsel
/system_file.ppc
/system_file.ppc2
/system_file.ppc440
/system_file.powerppc
/system_file.root
/system_file.root32
/system_file.sh4
/system_file.ssh4
/system_file.spc
/system_file.sparc
/system_file.x32
/system_file.x64
/system_file.x86
/system_file.x86_32
/system_file.x86_64
/vcimanagement.aarch64
/vcimanagement.arc
/vcimanagement.arm
/vcimanagement.arm4
/vcimanagement.arm4l
/vcimanagement.arm4t
/vcimanagement.arm4tl
/vcimanagement.arm4tll
/vcimanagement.armv4l
/vcimanagement.arm5
/vcimanagement.arm5n
/vcimanagement.arm6
/vcimanagement.arm64
/vcimanagement.arm7
/vcimanagement.arm8
/vcimanagement.dbg
/vcimanagement.exploit
/vcimanagement.i4
/vcimanagement.i486
/vcimanagement.i586
/vcimanagement.i686
/vcimanagement.kill
/vcimanagement.m68k
/vcimanagement.mips
/vcimanagement.mips64
/vcimanagement.mpsl
/vcimanagement.mipsel
/vcimanagement.ppc
/vcimanagement.ppc2
/vcimanagement.ppc440
/vcimanagement.powerppc
/vcimanagement.root
/vcimanagement.root32
/vcimanagement.sh4
/vcimanagement.ssh4
/vcimanagement.spc
/vcimanagement.sparc
/vcimanagement.x32
/vcimanagement.x64
/vcimanagement.x86
/vcimanagement.x86_32
/vcimanagement.x86_64

# Reference: https://twitter.com/360Netlab/status/961206650144247809

c.rippr.me

# Reference: https://twitter.com/mjbv/status/1186781178604466177
# Reference: https://twitter.com/bad_packets/status/1196184723187367937

208.73.204.202:17012
208.73.204.202:9670
/packets.arc
/packets.arm
/packets.arm4
/packets.arm4l
/packets.arm4t
/packets.arm4tl
/packets.arm4tll
/packets.armv4l
/packets.arm5
/packets.arm5n
/packets.arm6
/packets.arm64
/packets.arm7
/packets.arm8
/packets.dbg
/packets.exploit
/packets.i4
/packets.i486
/packets.i586
/packets.i686
/packets.kill
/packets.m68k
/packets.mips
/packets.mips64
/packets.mpsl
/packets.mipsel
/packets.ppc
/packets.ppc2
/packets.ppc440
/packets.powerppc
/packets.root
/packets.root32
/packets.sh4
/packets.ssh4
/packets.spc
/packets.sparc
/packets.x32
/packets.x64
/packets.x86
/packets.x86_32
/packets.x86_64

# Reference: https://twitter.com/bad_packets/status/1197364637307564033

194.15.36.41:20
194.15.36.41:88

# Reference: https://twitter.com/bad_packets/status/1198667902150250496

185.112.249.39:1024
185.112.249.39:1982

# Reference: https://pastebin.com/rnHdzfHy

/81c4603681c46036.arc
/81c4603681c46036.arm
/81c4603681c46036.arm4
/81c4603681c46036.arm4l
/81c4603681c46036.arm4t
/81c4603681c46036.arm4tl
/81c4603681c46036.arm4tll
/81c4603681c46036.armv4
/81c4603681c46036.armv4l
/81c4603681c46036.arm5
/81c4603681c46036.arm5n
/81c4603681c46036.arm6
/81c4603681c46036.arm64
/81c4603681c46036.arm7
/81c4603681c46036.arm8
/81c4603681c46036.dbg
/81c4603681c46036.exploit
/81c4603681c46036.i4
/81c4603681c46036.i486
/81c4603681c46036.i586
/81c4603681c46036.i686
/81c4603681c46036.kill
/81c4603681c46036.m68k
/81c4603681c46036.mips
/81c4603681c46036.mips64
/81c4603681c46036.mpsl
/81c4603681c46036.mipsel
/81c4603681c46036.pcc
/81c4603681c46036.ppc
/81c4603681c46036.ppc2
/81c4603681c46036.ppc440
/81c4603681c46036.ppc440fp
/81c4603681c46036.powerpc
/81c4603681c46036.powerppc
/81c4603681c46036.root
/81c4603681c46036.root32
/81c4603681c46036.sh4
/81c4603681c46036.ssh4
/81c4603681c46036.spc
/81c4603681c46036.sparc
/81c4603681c46036.x32
/81c4603681c46036.x64
/81c4603681c46036.x86
/81c4603681c46036.x86_32
/81c4603681c46036.x86_64
/akumanyu.arc
/akumanyu.arm
/akumanyu.arm4
/akumanyu.arm4l
/akumanyu.arm4t
/akumanyu.arm4tl
/akumanyu.arm4tll
/akumanyu.armv4
/akumanyu.armv4l
/akumanyu.arm5
/akumanyu.arm5n
/akumanyu.arm6
/akumanyu.arm64
/akumanyu.arm7
/akumanyu.arm8
/akumanyu.dbg
/akumanyu.exploit
/akumanyu.i4
/akumanyu.i486
/akumanyu.i586
/akumanyu.i686
/akumanyu.kill
/akumanyu.m68k
/akumanyu.mips
/akumanyu.mips64
/akumanyu.mpsl
/akumanyu.mipsel
/akumanyu.pcc
/akumanyu.ppc
/akumanyu.ppc2
/akumanyu.ppc440
/akumanyu.ppc440fp
/akumanyu.powerpc
/akumanyu.powerppc
/akumanyu.root
/akumanyu.root32
/akumanyu.sh4
/akumanyu.ssh4
/akumanyu.spc
/akumanyu.sparc
/akumanyu.x32
/akumanyu.x64
/akumanyu.x86
/akumanyu.x86_32
/akumanyu.x86_64
/amnyu.arc
/amnyu.arm
/amnyu.arm4
/amnyu.arm4l
/amnyu.arm4t
/amnyu.arm4tl
/amnyu.arm4tll
/amnyu.armv4
/amnyu.armv4l
/amnyu.arm5
/amnyu.arm5n
/amnyu.arm6
/amnyu.arm64
/amnyu.arm7
/amnyu.arm8
/amnyu.dbg
/amnyu.exploit
/amnyu.i4
/amnyu.i486
/amnyu.i586
/amnyu.i686
/amnyu.kill
/amnyu.m68k
/amnyu.mips
/amnyu.mips64
/amnyu.mpsl
/amnyu.mipsel
/amnyu.pcc
/amnyu.ppc
/amnyu.ppc2
/amnyu.ppc440
/amnyu.ppc440fp
/amnyu.powerpc
/amnyu.powerppc
/amnyu.root
/amnyu.root32
/amnyu.sh4
/amnyu.ssh4
/amnyu.spc
/amnyu.sparc
/amnyu.x32
/amnyu.x64
/amnyu.x86
/amnyu.x86_32
/amnyu.x86_64
/asdfg.arc
/asdfg.arm
/asdfg.arm4
/asdfg.arm4l
/asdfg.arm4t
/asdfg.arm4tl
/asdfg.arm4tll
/asdfg.armv4
/asdfg.armv4l
/asdfg.arm5
/asdfg.arm5n
/asdfg.arm6
/asdfg.arm64
/asdfg.arm7
/asdfg.arm8
/asdfg.dbg
/asdfg.exploit
/asdfg.i4
/asdfg.i486
/asdfg.i586
/asdfg.i686
/asdfg.kill
/asdfg.m68k
/asdfg.mips
/asdfg.mips64
/asdfg.mpsl
/asdfg.mipsel
/asdfg.pcc
/asdfg.ppc
/asdfg.ppc2
/asdfg.ppc440
/asdfg.ppc440fp
/asdfg.powerpc
/asdfg.powerppc
/asdfg.root
/asdfg.root32
/asdfg.sh4
/asdfg.ssh4
/asdfg.spc
/asdfg.sparc
/asdfg.x32
/asdfg.x64
/asdfg.x86
/asdfg.x86_32
/asdfg.x86_64
/asuna.arc
/asuna.arm
/asuna.arm4
/asuna.arm4l
/asuna.arm4t
/asuna.arm4tl
/asuna.arm4tll
/asuna.armv4
/asuna.armv4l
/asuna.arm5
/asuna.arm5n
/asuna.arm6
/asuna.arm64
/asuna.arm7
/asuna.arm8
/asuna.dbg
/asuna.exploit
/asuna.i4
/asuna.i486
/asuna.i586
/asuna.i686
/asuna.kill
/asuna.m68k
/asuna.mips
/asuna.mips64
/asuna.mpsl
/asuna.mipsel
/asuna.pcc
/asuna.ppc
/asuna.ppc2
/asuna.ppc440
/asuna.ppc440fp
/asuna.powerpc
/asuna.powerppc
/asuna.root
/asuna.root32
/asuna.sh4
/asuna.ssh4
/asuna.spc
/asuna.sparc
/asuna.x32
/asuna.x64
/asuna.x86
/asuna.x86_32
/asuna.x86_64
/boot.arc
/boot.arm
/boot.arm4
/boot.arm4l
/boot.arm4t
/boot.arm4tl
/boot.arm4tll
/boot.armv4
/boot.armv4l
/boot.arm5
/boot.arm5n
/boot.arm6
/boot.arm64
/boot.arm7
/boot.arm8
/boot.dbg
/boot.exploit
/boot.i4
/boot.i486
/boot.i586
/boot.i686
/boot.kill
/boot.m68k
/boot.mips
/boot.mips64
/boot.mpsl
/boot.mipsel
/boot.pcc
/boot.ppc
/boot.ppc2
/boot.ppc440
/boot.ppc440fp
/boot.powerpc
/boot.powerppc
/boot.root
/boot.root32
/boot.sh4
/boot.ssh4
/boot.spc
/boot.sparc
/boot.x32
/boot.x64
/boot.x86
/boot.x86_32
/boot.x86_64
/camili.arc
/camili.arm
/camili.arm4
/camili.arm4l
/camili.arm4t
/camili.arm4tl
/camili.arm4tll
/camili.armv4
/camili.armv4l
/camili.arm5
/camili.arm5n
/camili.arm6
/camili.arm64
/camili.arm7
/camili.arm8
/camili.dbg
/camili.exploit
/camili.i4
/camili.i486
/camili.i586
/camili.i686
/camili.kill
/camili.m68k
/camili.mips
/camili.mips64
/camili.mpsl
/camili.mipsel
/camili.pcc
/camili.ppc
/camili.ppc2
/camili.ppc440
/camili.ppc440fp
/camili.powerpc
/camili.powerppc
/camili.root
/camili.root32
/camili.sh4
/camili.ssh4
/camili.spc
/camili.sparc
/camili.x32
/camili.x64
/camili.x86
/camili.x86_32
/camili.x86_64
/friend.arc
/friend.arm
/friend.arm4
/friend.arm4l
/friend.arm4t
/friend.arm4tl
/friend.arm4tll
/friend.armv4
/friend.armv4l
/friend.arm5
/friend.arm5n
/friend.arm6
/friend.arm64
/friend.arm7
/friend.arm8
/friend.dbg
/friend.exploit
/friend.i4
/friend.i486
/friend.i586
/friend.i686
/friend.kill
/friend.m68k
/friend.mips
/friend.mips64
/friend.mpsl
/friend.mipsel
/friend.pcc
/friend.ppc
/friend.ppc2
/friend.ppc440
/friend.ppc440fp
/friend.powerpc
/friend.powerppc
/friend.root
/friend.root32
/friend.sh4
/friend.ssh4
/friend.spc
/friend.sparc
/friend.x32
/friend.x64
/friend.x86
/friend.x86_32
/friend.x86_64
/fyfa.arc
/fyfa.arm
/fyfa.arm4
/fyfa.arm4l
/fyfa.arm4t
/fyfa.arm4tl
/fyfa.arm4tll
/fyfa.armv4
/fyfa.armv4l
/fyfa.arm5
/fyfa.arm5n
/fyfa.arm6
/fyfa.arm64
/fyfa.arm7
/fyfa.arm8
/fyfa.dbg
/fyfa.exploit
/fyfa.i4
/fyfa.i486
/fyfa.i586
/fyfa.i686
/fyfa.kill
/fyfa.m68k
/fyfa.mips
/fyfa.mips64
/fyfa.mpsl
/fyfa.mipsel
/fyfa.pcc
/fyfa.ppc
/fyfa.ppc2
/fyfa.ppc440
/fyfa.ppc440fp
/fyfa.powerpc
/fyfa.powerppc
/fyfa.root
/fyfa.root32
/fyfa.sh4
/fyfa.ssh4
/fyfa.spc
/fyfa.sparc
/fyfa.x32
/fyfa.x64
/fyfa.x86
/fyfa.x86_32
/fyfa.x86_64
/gnome.arc
/gnome.arm
/gnome.arm4
/gnome.arm4l
/gnome.arm4t
/gnome.arm4tl
/gnome.arm4tll
/gnome.armv4
/gnome.armv4l
/gnome.arm5
/gnome.arm5n
/gnome.arm6
/gnome.arm64
/gnome.arm7
/gnome.arm8
/gnome.dbg
/gnome.exploit
/gnome.i4
/gnome.i486
/gnome.i586
/gnome.i686
/gnome.kill
/gnome.m68k
/gnome.mips
/gnome.mips64
/gnome.mpsl
/gnome.mipsel
/gnome.pcc
/gnome.ppc
/gnome.ppc2
/gnome.ppc440
/gnome.ppc440fp
/gnome.powerpc
/gnome.powerppc
/gnome.root
/gnome.root32
/gnome.sh4
/gnome.ssh4
/gnome.spc
/gnome.sparc
/gnome.x32
/gnome.x64
/gnome.x86
/gnome.x86_32
/gnome.x86_64
/lavertele.arc
/lavertele.arm
/lavertele.arm4
/lavertele.arm4l
/lavertele.arm4t
/lavertele.arm4tl
/lavertele.arm4tll
/lavertele.armv4
/lavertele.armv4l
/lavertele.arm5
/lavertele.arm5n
/lavertele.arm6
/lavertele.arm64
/lavertele.arm7
/lavertele.arm8
/lavertele.dbg
/lavertele.exploit
/lavertele.i4
/lavertele.i486
/lavertele.i586
/lavertele.i686
/lavertele.kill
/lavertele.m68k
/lavertele.mips
/lavertele.mips64
/lavertele.mpsl
/lavertele.mipsel
/lavertele.pcc
/lavertele.ppc
/lavertele.ppc2
/lavertele.ppc440
/lavertele.ppc440fp
/lavertele.powerpc
/lavertele.powerppc
/lavertele.root
/lavertele.root32
/lavertele.sh4
/lavertele.ssh4
/lavertele.spc
/lavertele.sparc
/lavertele.x32
/lavertele.x64
/lavertele.x86
/lavertele.x86_32
/lavertele.x86_64
/lavertelent.arc
/lavertelent.arm
/lavertelent.arm4
/lavertelent.arm4l
/lavertelent.arm4t
/lavertelent.arm4tl
/lavertelent.arm4tll
/lavertelent.armv4
/lavertelent.armv4l
/lavertelent.arm5
/lavertelent.arm5n
/lavertelent.arm6
/lavertelent.arm64
/lavertelent.arm7
/lavertelent.arm8
/lavertelent.dbg
/lavertelent.exploit
/lavertelent.i4
/lavertelent.i486
/lavertelent.i586
/lavertelent.i686
/lavertelent.kill
/lavertelent.m68k
/lavertelent.mips
/lavertelent.mips64
/lavertelent.mpsl
/lavertelent.mipsel
/lavertelent.pcc
/lavertelent.ppc
/lavertelent.ppc2
/lavertelent.ppc440
/lavertelent.ppc440fp
/lavertelent.powerpc
/lavertelent.powerppc
/lavertelent.root
/lavertelent.root32
/lavertelent.sh4
/lavertelent.ssh4
/lavertelent.spc
/lavertelent.sparc
/lavertelent.x32
/lavertelent.x64
/lavertelent.x86
/lavertelent.x86_32
/lavertelent.x86_64
/miraint.arc
/miraint.arm
/miraint.arm4
/miraint.arm4l
/miraint.arm4t
/miraint.arm4tl
/miraint.arm4tll
/miraint.armv4
/miraint.armv4l
/miraint.arm5
/miraint.arm5n
/miraint.arm6
/miraint.arm64
/miraint.arm7
/miraint.arm8
/miraint.dbg
/miraint.exploit
/miraint.i4
/miraint.i486
/miraint.i586
/miraint.i686
/miraint.kill
/miraint.m68k
/miraint.mips
/miraint.mips64
/miraint.mpsl
/miraint.mipsel
/miraint.pcc
/miraint.ppc
/miraint.ppc2
/miraint.ppc440
/miraint.ppc440fp
/miraint.powerpc
/miraint.powerppc
/miraint.root
/miraint.root32
/miraint.sh4
/miraint.ssh4
/miraint.spc
/miraint.sparc
/miraint.x32
/miraint.x64
/miraint.x86
/miraint.x86_32
/miraint.x86_64
/mm.arc
/mm.arm
/mm.arm4
/mm.arm4l
/mm.arm4t
/mm.arm4tl
/mm.arm4tll
/mm.armv4
/mm.armv4l
/mm.arm5
/mm.arm5n
/mm.arm6
/mm.arm64
/mm.arm7
/mm.arm8
/mm.dbg
/mm.exploit
/mm.i4
/mm.i486
/mm.i586
/mm.i686
/mm.kill
/mm.m68k
/mm.mips
/mm.mips64
/mm.mpsl
/mm.mipsel
/mm.pcc
/mm.ppc
/mm.ppc2
/mm.ppc440
/mm.ppc440fp
/mm.powerpc
/mm.powerppc
/mm.root
/mm.root32
/mm.sh4
/mm.ssh4
/mm.spc
/mm.sparc
/mm.x32
/mm.x64
/mm.x86
/mm.x86_32
/mm.x86_64
/orion.arc
/orion.arm
/orion.arm4
/orion.arm4l
/orion.arm4t
/orion.arm4tl
/orion.arm4tll
/orion.armv4
/orion.armv4l
/orion.arm5
/orion.arm5n
/orion.arm6
/orion.arm64
/orion.arm7
/orion.arm8
/orion.dbg
/orion.exploit
/orion.i4
/orion.i486
/orion.i586
/orion.i686
/orion.kill
/orion.m68k
/orion.mips
/orion.mips64
/orion.mpsl
/orion.mipsel
/orion.pcc
/orion.ppc
/orion.ppc2
/orion.ppc440
/orion.ppc440fp
/orion.powerpc
/orion.powerppc
/orion.root
/orion.root32
/orion.sh4
/orion.ssh4
/orion.spc
/orion.sparc
/orion.x32
/orion.x64
/orion.x86
/orion.x86_32
/orion.x86_64
/pein.arc
/pein.arm
/pein.arm4
/pein.arm4l
/pein.arm4t
/pein.arm4tl
/pein.arm4tll
/pein.armv4
/pein.armv4l
/pein.arm5
/pein.arm5n
/pein.arm6
/pein.arm64
/pein.arm7
/pein.arm8
/pein.dbg
/pein.exploit
/pein.i4
/pein.i486
/pein.i586
/pein.i686
/pein.kill
/pein.m68k
/pein.mips
/pein.mips64
/pein.mpsl
/pein.mipsel
/pein.pcc
/pein.ppc
/pein.ppc2
/pein.ppc440
/pein.ppc440fp
/pein.powerpc
/pein.powerppc
/pein.root
/pein.root32
/pein.sh4
/pein.ssh4
/pein.spc
/pein.sparc
/pein.x32
/pein.x64
/pein.x86
/pein.x86_32
/pein.x86_64
/putinhelper.arc
/putinhelper.arm
/putinhelper.arm4
/putinhelper.arm4l
/putinhelper.arm4t
/putinhelper.arm4tl
/putinhelper.arm4tll
/putinhelper.armv4
/putinhelper.armv4l
/putinhelper.arm5
/putinhelper.arm5n
/putinhelper.arm6
/putinhelper.arm64
/putinhelper.arm7
/putinhelper.arm8
/putinhelper.dbg
/putinhelper.exploit
/putinhelper.i4
/putinhelper.i486
/putinhelper.i586
/putinhelper.i686
/putinhelper.kill
/putinhelper.m68k
/putinhelper.mips
/putinhelper.mips64
/putinhelper.mpsl
/putinhelper.mipsel
/putinhelper.pcc
/putinhelper.ppc
/putinhelper.ppc2
/putinhelper.ppc440
/putinhelper.ppc440fp
/putinhelper.powerpc
/putinhelper.powerppc
/putinhelper.root
/putinhelper.root32
/putinhelper.sh4
/putinhelper.ssh4
/putinhelper.spc
/putinhelper.sparc
/putinhelper.x32
/putinhelper.x64
/putinhelper.x86
/putinhelper.x86_32
/putinhelper.x86_64
/rash.arc
/rash.arm
/rash.arm4
/rash.arm4l
/rash.arm4t
/rash.arm4tl
/rash.arm4tll
/rash.armv4
/rash.armv4l
/rash.arm5
/rash.arm5n
/rash.arm6
/rash.arm64
/rash.arm7
/rash.arm8
/rash.dbg
/rash.exploit
/rash.i4
/rash.i486
/rash.i586
/rash.i686
/rash.kill
/rash.m68k
/rash.mips
/rash.mips64
/rash.mpsl
/rash.mipsel
/rash.pcc
/rash.ppc
/rash.ppc2
/rash.ppc440
/rash.ppc440fp
/rash.powerpc
/rash.powerppc
/rash.root
/rash.root32
/rash.sh4
/rash.ssh4
/rash.spc
/rash.sparc
/rash.x32
/rash.x64
/rash.x86
/rash.x86_32
/rash.x86_64
/rekai.arc
/rekai.arm
/rekai.arm4
/rekai.arm4l
/rekai.arm4t
/rekai.arm4tl
/rekai.arm4tll
/rekai.armv4
/rekai.armv4l
/rekai.arm5
/rekai.arm5n
/rekai.arm6
/rekai.arm64
/rekai.arm7
/rekai.arm8
/rekai.dbg
/rekai.exploit
/rekai.i4
/rekai.i486
/rekai.i586
/rekai.i686
/rekai.kill
/rekai.m68k
/rekai.mips
/rekai.mips64
/rekai.mpsl
/rekai.mipsel
/rekai.pcc
/rekai.ppc
/rekai.ppc2
/rekai.ppc440
/rekai.ppc440fp
/rekai.powerpc
/rekai.powerppc
/rekai.root
/rekai.root32
/rekai.sh4
/rekai.ssh4
/rekai.spc
/rekai.sparc
/rekai.x32
/rekai.x64
/rekai.x86
/rekai.x86_32
/rekai.x86_64
/satori.arc
/satori.arm
/satori.arm4
/satori.arm4l
/satori.arm4t
/satori.arm4tl
/satori.arm4tll
/satori.armv4
/satori.armv4l
/satori.arm5
/satori.arm5n
/satori.arm6
/satori.arm64
/satori.arm7
/satori.arm8
/satori.dbg
/satori.exploit
/satori.i4
/satori.i486
/satori.i586
/satori.i686
/satori.kill
/satori.m68k
/satori.mips
/satori.mips64
/satori.mpsl
/satori.mipsel
/satori.pcc
/satori.ppc
/satori.ppc2
/satori.ppc440
/satori.ppc440fp
/satori.powerpc
/satori.powerppc
/satori.root
/satori.root32
/satori.sh4
/satori.ssh4
/satori.spc
/satori.sparc
/satori.x32
/satori.x64
/satori.x86
/satori.x86_32
/satori.x86_64
/scythe.arc
/scythe.arm
/scythe.arm4
/scythe.arm4l
/scythe.arm4t
/scythe.arm4tl
/scythe.arm4tll
/scythe.armv4
/scythe.armv4l
/scythe.arm5
/scythe.arm5n
/scythe.arm6
/scythe.arm64
/scythe.arm7
/scythe.arm8
/scythe.dbg
/scythe.exploit
/scythe.i4
/scythe.i486
/scythe.i586
/scythe.i686
/scythe.kill
/scythe.m68k
/scythe.mips
/scythe.mips64
/scythe.mpsl
/scythe.mipsel
/scythe.pcc
/scythe.ppc
/scythe.ppc2
/scythe.ppc440
/scythe.ppc440fp
/scythe.powerpc
/scythe.powerppc
/scythe.root
/scythe.root32
/scythe.sh4
/scythe.ssh4
/scythe.spc
/scythe.sparc
/scythe.x32
/scythe.x64
/scythe.x86
/scythe.x86_32
/scythe.x86_64
/sugit.arc
/sugit.arm
/sugit.arm4
/sugit.arm4l
/sugit.arm4t
/sugit.arm4tl
/sugit.arm4tll
/sugit.armv4
/sugit.armv4l
/sugit.arm5
/sugit.arm5n
/sugit.arm6
/sugit.arm64
/sugit.arm7
/sugit.arm8
/sugit.dbg
/sugit.exploit
/sugit.i4
/sugit.i486
/sugit.i586
/sugit.i686
/sugit.kill
/sugit.m68k
/sugit.mips
/sugit.mips64
/sugit.mpsl
/sugit.mipsel
/sugit.pcc
/sugit.ppc
/sugit.ppc2
/sugit.ppc440
/sugit.ppc440fp
/sugit.powerpc
/sugit.powerppc
/sugit.root
/sugit.root32
/sugit.sh4
/sugit.ssh4
/sugit.spc
/sugit.sparc
/sugit.x32
/sugit.x64
/sugit.x86
/sugit.x86_32
/sugit.x86_64
/synbot.arc
/synbot.arm
/synbot.arm4
/synbot.arm4l
/synbot.arm4t
/synbot.arm4tl
/synbot.arm4tll
/synbot.armv4
/synbot.armv4l
/synbot.arm5
/synbot.arm5n
/synbot.arm6
/synbot.arm64
/synbot.arm7
/synbot.arm8
/synbot.dbg
/synbot.exploit
/synbot.i4
/synbot.i486
/synbot.i586
/synbot.i686
/synbot.kill
/synbot.m68k
/synbot.mips
/synbot.mips64
/synbot.mpsl
/synbot.mipsel
/synbot.pcc
/synbot.ppc
/synbot.ppc2
/synbot.ppc440
/synbot.ppc440fp
/synbot.powerpc
/synbot.powerppc
/synbot.root
/synbot.root32
/synbot.sh4
/synbot.ssh4
/synbot.spc
/synbot.sparc
/synbot.x32
/synbot.x64
/synbot.x86
/synbot.x86_32
/synbot.x86_64
/Tenshi.arc
/Tenshi.arm
/Tenshi.arm4
/Tenshi.arm4l
/Tenshi.arm4t
/Tenshi.arm4tl
/Tenshi.arm4tll
/Tenshi.armv4
/Tenshi.armv4l
/Tenshi.arm5
/Tenshi.arm5n
/Tenshi.arm6
/Tenshi.arm64
/Tenshi.arm7
/Tenshi.arm8
/Tenshi.dbg
/Tenshi.exploit
/Tenshi.i4
/Tenshi.i486
/Tenshi.i586
/Tenshi.i686
/Tenshi.kill
/Tenshi.m68k
/Tenshi.mips
/Tenshi.mips64
/Tenshi.mpsl
/Tenshi.mipsel
/Tenshi.pcc
/Tenshi.ppc
/Tenshi.ppc2
/Tenshi.ppc440
/Tenshi.ppc440fp
/Tenshi.powerpc
/Tenshi.powerppc
/Tenshi.root
/Tenshi.root32
/Tenshi.sh4
/Tenshi.ssh4
/Tenshi.spc
/Tenshi.sparc
/Tenshi.x32
/Tenshi.x64
/Tenshi.x86
/Tenshi.x86_32
/Tenshi.x86_64
/tveth.arc
/tveth.arm
/tveth.arm4
/tveth.arm4l
/tveth.arm4t
/tveth.arm4tl
/tveth.arm4tll
/tveth.armv4
/tveth.armv4l
/tveth.arm5
/tveth.arm5n
/tveth.arm6
/tveth.arm64
/tveth.arm7
/tveth.arm8
/tveth.dbg
/tveth.exploit
/tveth.i4
/tveth.i486
/tveth.i586
/tveth.i686
/tveth.kill
/tveth.m68k
/tveth.mips
/tveth.mips64
/tveth.mpsl
/tveth.mipsel
/tveth.pcc
/tveth.ppc
/tveth.ppc2
/tveth.ppc440
/tveth.ppc440fp
/tveth.powerpc
/tveth.powerppc
/tveth.root
/tveth.root32
/tveth.sh4
/tveth.ssh4
/tveth.spc
/tveth.sparc
/tveth.x32
/tveth.x64
/tveth.x86
/tveth.x86_32
/tveth.x86_64
/usb.arc
/usb.arm
/usb.arm4
/usb.arm4l
/usb.arm4t
/usb.arm4tl
/usb.arm4tll
/usb.armv4
/usb.armv4l
/usb.arm5
/usb.arm5n
/usb.arm6
/usb.arm64
/usb.arm7
/usb.arm8
/usb.dbg
/usb.exploit
/usb.i4
/usb.i486
/usb.i586
/usb.i686
/usb.kill
/usb.m68k
/usb.mips
/usb.mips64
/usb.mpsl
/usb.mipsel
/usb.pcc
/usb.ppc
/usb.ppc2
/usb.ppc440
/usb.ppc440fp
/usb.powerpc
/usb.powerppc
/usb.root
/usb.root32
/usb.sh4
/usb.ssh4
/usb.spc
/usb.sparc
/usb.x32
/usb.x64
/usb.x86
/usb.x86_32
/usb.x86_64
/usb_bus.arc
/usb_bus.arm
/usb_bus.arm4
/usb_bus.arm4l
/usb_bus.arm4t
/usb_bus.arm4tl
/usb_bus.arm4tll
/usb_bus.armv4
/usb_bus.armv4l
/usb_bus.arm5
/usb_bus.arm5n
/usb_bus.arm6
/usb_bus.arm64
/usb_bus.arm7
/usb_bus.arm8
/usb_bus.dbg
/usb_bus.exploit
/usb_bus.i4
/usb_bus.i486
/usb_bus.i586
/usb_bus.i686
/usb_bus.kill
/usb_bus.m68k
/usb_bus.mips
/usb_bus.mips64
/usb_bus.mpsl
/usb_bus.mipsel
/usb_bus.pcc
/usb_bus.ppc
/usb_bus.ppc2
/usb_bus.ppc440
/usb_bus.ppc440fp
/usb_bus.powerpc
/usb_bus.powerppc
/usb_bus.root
/usb_bus.root32
/usb_bus.sh4
/usb_bus.ssh4
/usb_bus.spc
/usb_bus.sparc
/usb_bus.x32
/usb_bus.x64
/usb_bus.x86
/usb_bus.x86_32
/usb_bus.x86_64
/wget_line.arc
/wget_line.arm
/wget_line.arm4
/wget_line.arm4l
/wget_line.arm4t
/wget_line.arm4tl
/wget_line.arm4tll
/wget_line.armv4
/wget_line.armv4l
/wget_line.arm5
/wget_line.arm5n
/wget_line.arm6
/wget_line.arm64
/wget_line.arm7
/wget_line.arm8
/wget_line.dbg
/wget_line.exploit
/wget_line.i4
/wget_line.i486
/wget_line.i586
/wget_line.i686
/wget_line.kill
/wget_line.m68k
/wget_line.mips
/wget_line.mips64
/wget_line.mpsl
/wget_line.mipsel
/wget_line.pcc
/wget_line.ppc
/wget_line.ppc2
/wget_line.ppc440
/wget_line.ppc440fp
/wget_line.powerpc
/wget_line.powerppc
/wget_line.root
/wget_line.root32
/wget_line.sh4
/wget_line.ssh4
/wget_line.spc
/wget_line.sparc
/wget_line.x32
/wget_line.x64
/wget_line.x86
/wget_line.x86_32
/wget_line.x86_64

# Reference: https://twitter.com/bad_packets/status/1200122847982546944

/H34RT.arc
/H34RT.arm
/H34RT.arm4
/H34RT.arm4l
/H34RT.arm4t
/H34RT.arm4tl
/H34RT.arm4tll
/H34RT.armv4
/H34RT.armv4l
/H34RT.arm5
/H34RT.arm5n
/H34RT.arm6
/H34RT.arm64
/H34RT.arm7
/H34RT.arm8
/H34RT.dbg
/H34RT.exploit
/H34RT.i4
/H34RT.i486
/H34RT.i586
/H34RT.i686
/H34RT.kill
/H34RT.m68k
/H34RT.mips
/H34RT.mips64
/H34RT.mpsl
/H34RT.mipsel
/H34RT.pcc
/H34RT.ppc
/H34RT.ppc2
/H34RT.ppc440
/H34RT.ppc440fp
/H34RT.powerpc
/H34RT.powerppc
/H34RT.root
/H34RT.root32
/H34RT.sh4
/H34RT.ssh4
/H34RT.spc
/H34RT.sparc
/H34RT.x32
/H34RT.x64
/H34RT.x86
/H34RT.x86_32
/H34RT.x86_64

# Reference: https://twitter.com/bad_packets/status/1200671462396325888

23.254.224.153:34712
23.254.224.153:45
/Oblivion.arc
/Oblivion.arm
/Oblivion.arm4
/Oblivion.arm4l
/Oblivion.arm4t
/Oblivion.arm4tl
/Oblivion.arm4tll
/Oblivion.armv4
/Oblivion.armv4l
/Oblivion.arm5
/Oblivion.arm5n
/Oblivion.arm6
/Oblivion.arm64
/Oblivion.arm7
/Oblivion.arm8
/Oblivion.dbg
/Oblivion.exploit
/Oblivion.i4
/Oblivion.i486
/Oblivion.i586
/Oblivion.i686
/Oblivion.kill
/Oblivion.m68k
/Oblivion.mips
/Oblivion.mips64
/Oblivion.mpsl
/Oblivion.mipsel
/Oblivion.pcc
/Oblivion.ppc
/Oblivion.ppc2
/Oblivion.ppc440
/Oblivion.ppc440fp
/Oblivion.powerpc
/Oblivion.powerppc
/Oblivion.root
/Oblivion.root32
/Oblivion.sh4
/Oblivion.ssh4
/Oblivion.spc
/Oblivion.sparc
/Oblivion.x32
/Oblivion.x64
/Oblivion.x86
/Oblivion.x86_32
/Oblivion.x86_64

# Reference: https://twitter.com/0xrb/status/1202467361074241536

/fx19.arc
/fx19.arm
/fx19.arm4
/fx19.arm4l
/fx19.arm4t
/fx19.arm4tl
/fx19.arm4tll
/fx19.armv4
/fx19.armv4l
/fx19.arm5
/fx19.arm5n
/fx19.arm6
/fx19.arm64
/fx19.arm7
/fx19.arm8
/fx19.dbg
/fx19.exploit
/fx19.i4
/fx19.i486
/fx19.i586
/fx19.i686
/fx19.kill
/fx19.m68k
/fx19.mips
/fx19.mips64
/fx19.mpsl
/fx19.mipsel
/fx19.pcc
/fx19.ppc
/fx19.ppc2
/fx19.ppc440
/fx19.ppc440fp
/fx19.powerpc
/fx19.powerppc
/fx19.root
/fx19.root32
/fx19.sh4
/fx19.ssh4
/fx19.spc
/fx19.sparc
/fx19.x32
/fx19.x64
/fx19.x86
/fx19.x86_32
/fx19.x86_64
/henkieT.arc
/henkieT.arm
/henkieT.arm4
/henkieT.arm4l
/henkieT.arm4t
/henkieT.arm4tl
/henkieT.arm4tll
/henkieT.armv4
/henkieT.armv4l
/henkieT.arm5
/henkieT.arm5n
/henkieT.arm6
/henkieT.arm64
/henkieT.arm7
/henkieT.arm8
/henkieT.dbg
/henkieT.exploit
/henkieT.i4
/henkieT.i486
/henkieT.i586
/henkieT.i686
/henkieT.kill
/henkieT.m68k
/henkieT.mips
/henkieT.mips64
/henkieT.mpsl
/henkieT.mipsel
/henkieT.pcc
/henkieT.ppc
/henkieT.ppc2
/henkieT.ppc440
/henkieT.ppc440fp
/henkieT.powerpc
/henkieT.powerppc
/henkieT.root
/henkieT.root32
/henkieT.sh4
/henkieT.ssh4
/henkieT.spc
/henkieT.sparc
/henkieT.x32
/henkieT.x64
/henkieT.x86
/henkieT.x86_32
/henkieT.x86_64

# Reference: https://twitter.com/bad_packets/status/1204565215267831808

46.166.151.200:1212
46.166.151.200:122

# Reference: https://twitter.com/DGAFeedAlerts/status/1207121631681957895

bpmsfckfkrpr.support

# Reference: https://twitter.com/bad_packets/status/1209574268746399744

180.128.246.131:1676
180.128.246.131:420

# Reference: https://twitter.com/bad_packets/status/1210050652283359232

165.22.193.111:39284
165.22.193.111:9375

# Reference: https://twitter.com/bad_packets/status/1210292227810852864

198.211.59.149:2001
/badpacketsareniggers.arc
/badpacketsareniggers.arm
/badpacketsareniggers.arm4
/badpacketsareniggers.arm4l
/badpacketsareniggers.arm4t
/badpacketsareniggers.arm4tl
/badpacketsareniggers.arm4tll
/badpacketsareniggers.armv4
/badpacketsareniggers.armv4l
/badpacketsareniggers.arm5
/badpacketsareniggers.arm5n
/badpacketsareniggers.arm6
/badpacketsareniggers.arm64
/badpacketsareniggers.arm7
/badpacketsareniggers.arm8
/badpacketsareniggers.dbg
/badpacketsareniggers.exploit
/badpacketsareniggers.i4
/badpacketsareniggers.i486
/badpacketsareniggers.i586
/badpacketsareniggers.i686
/badpacketsareniggers.kill
/badpacketsareniggers.m68k
/badpacketsareniggers.mips
/badpacketsareniggers.mips64
/badpacketsareniggers.mpsl
/badpacketsareniggers.mipsel
/badpacketsareniggers.pcc
/badpacketsareniggers.ppc
/badpacketsareniggers.ppc2
/badpacketsareniggers.ppc440
/badpacketsareniggers.ppc440fp
/badpacketsareniggers.powerpc
/badpacketsareniggers.powerppc
/badpacketsareniggers.root
/badpacketsareniggers.root32
/badpacketsareniggers.sh4
/badpacketsareniggers.ssh4
/badpacketsareniggers.spc
/badpacketsareniggers.sparc
/badpacketsareniggers.x32
/badpacketsareniggers.x64
/badpacketsareniggers.x86
/badpacketsareniggers.x86_32
/badpacketsareniggers.x86_64
/mybotnettrash.arc
/mybotnettrash.arm
/mybotnettrash.arm4
/mybotnettrash.arm4l
/mybotnettrash.arm4t
/mybotnettrash.arm4tl
/mybotnettrash.arm4tll
/mybotnettrash.armv4
/mybotnettrash.armv4l
/mybotnettrash.arm5
/mybotnettrash.arm5n
/mybotnettrash.arm6
/mybotnettrash.arm64
/mybotnettrash.arm7
/mybotnettrash.arm8
/mybotnettrash.dbg
/mybotnettrash.exploit
/mybotnettrash.i4
/mybotnettrash.i486
/mybotnettrash.i586
/mybotnettrash.i686
/mybotnettrash.kill
/mybotnettrash.m68k
/mybotnettrash.mips
/mybotnettrash.mips64
/mybotnettrash.mpsl
/mybotnettrash.mipsel
/mybotnettrash.pcc
/mybotnettrash.ppc
/mybotnettrash.ppc2
/mybotnettrash.ppc440
/mybotnettrash.ppc440fp
/mybotnettrash.powerpc
/mybotnettrash.powerppc
/mybotnettrash.root
/mybotnettrash.root32
/mybotnettrash.sh4
/mybotnettrash.ssh4
/mybotnettrash.spc
/mybotnettrash.sparc
/mybotnettrash.x32
/mybotnettrash.x64
/mybotnettrash.x86
/mybotnettrash.x86_32
/mybotnettrash.x86_64

# Reference: https://twitter.com/bad_packets/status/1210439634758426624

185.172.110.204:7498

# Reference: https://twitter.com/DGAFeedAlerts/status/1210730720257179649

aojpocslpwsu.support

# Reference: https://twitter.com/bad_packets/status/1211001473548484608

185.242.104.13:64064
185.242.104.13:666
/yama.arc
/yama.arm
/yama.arm4
/yama.arm4l
/yama.arm4t
/yama.arm4tl
/yama.arm4tll
/yama.armv4
/yama.armv4l
/yama.arm5
/yama.arm5n
/yama.arm6
/yama.arm64
/yama.arm7
/yama.arm8
/yama.dbg
/yama.exploit
/yama.i4
/yama.i486
/yama.i586
/yama.i686
/yama.kill
/yama.m68k
/yama.mips
/yama.mips64
/yama.mpsl
/yama.mipsel
/yama.pcc
/yama.ppc
/yama.ppc2
/yama.ppc440
/yama.ppc440fp
/yama.powerpc
/yama.powerppc
/yama.root
/yama.root32
/yama.sh4
/yama.ssh4
/yama.spc
/yama.sparc
/yama.x32
/yama.x64
/yama.x86
/yama.x86_32
/yama.x86_64

# Reference: https://twitter.com/bad_packets/status/1211127588648697857

176.123.4.234:56473
udptcp.packetsv4.tk

# Reference: https://twitter.com/VessOnSecurity/status/1211223343543848960

hoho4christmastrees.duckdns.org
/arc.cbot
/arm.cbot
/arm4.cbot
/arm4l.cbot
/arm4t.cbot
/arm4tl.cbot
/arm4tll.cbot
/armv4.cbot
/armv4l.cbot
/arm5.cbot
/arm5n.cbot
/arm6.cbot
/arm64.cbot
/arm7.cbot
/arm8.cbot
/dbg.cbot
/exploit.cbot
/i4.cbot
/i486.cbot
/i586.cbot
/i686.cbot
/kill.cbot
/m68k.cbot
/mips.cbot
/mips64.cbot
/mpsl.cbot
/mipsel.cbot
/pcc.cbot
/ppc.cbot
/ppc2.cbot
/ppc440.cbot
/ppc440fp.cbot
/powerpc.cbot
/powerppc.cbot
/root.cbot
/root32.cbot
/sh4.cbot
/ssh4.cbot
/spc.cbot
/sparc.cbot
/x32.cbot
/x64.cbot
/x86.cbot
/x86_32.cbot
/x86_64.cbot
/cbot.arc
/cbot.arm
/cbot.arm4
/cbot.arm4l
/cbot.arm4t
/cbot.arm4tl
/cbot.arm4tll
/cbot.armv4
/cbot.armv4l
/cbot.arm5
/cbot.arm5n
/cbot.arm6
/cbot.arm64
/cbot.arm7
/cbot.arm8
/cbot.dbg
/cbot.exploit
/cbot.i4
/cbot.i486
/cbot.i586
/cbot.i686
/cbot.kill
/cbot.m68k
/cbot.mips
/cbot.mips64
/cbot.mpsl
/cbot.mipsel
/cbot.pcc
/cbot.ppc
/cbot.ppc2
/cbot.ppc440
/cbot.ppc440fp
/cbot.powerpc
/cbot.powerppc
/cbot.root
/cbot.root32
/cbot.sh4
/cbot.ssh4
/cbot.spc
/cbot.sparc
/cbot.x32
/cbot.x64
/cbot.x86
/cbot.x86_32
/cbot.x86_64

# Reference: https://twitter.com/huiwangeth/status/1211520165541826560

185.61.137.172:51235

# Reference: https://twitter.com/DGAFeedAlerts/status/1213266745370271745

fxdgbaifiqhs.support

# Reference: https://twitter.com/bad_packets/status/1214701789649354752

45.148.10.160:34712
45.148.10.160:45

# Reference: https://labs.bitdefender.com/2020/01/hold-my-beer-mirai-spinoff-named-liquorbot-incorporates-cryptomining/
# Reference: https://otx.alienvault.com/pulse/5e1603c3f3a01bdd02a678ed

ardp.hldns.ru
bpsuck.hldns.ru
systemservice.hldns.ru
wpceservice.hldns.ru
/wloli.arc
/wloli.arm
/wloli.arm4
/wloli.arm4l
/wloli.arm4t
/wloli.arm4tl
/wloli.arm4tll
/wloli.armv4
/wloli.armv4l
/wloli.arm5
/wloli.arm5n
/wloli.arm6
/wloli.arm64
/wloli.arm7
/wloli.arm8
/wloli.dbg
/wloli.exploit
/wloli.i4
/wloli.i486
/wloli.i586
/wloli.i686
/wloli.kill
/wloli.m68k
/wloli.mips
/wloli.mips64
/wloli.mpsl
/wloli.mipsel
/wloli.pcc
/wloli.ppc
/wloli.ppc2
/wloli.ppc440
/wloli.ppc440fp
/wloli.powerpc
/wloli.powerppc
/wloli.root
/wloli.root32
/wloli.sh4
/wloli.ssh4
/wloli.spc
/wloli.sparc
/wloli.x32
/wloli.x64
/wloli.x86
/wloli.x86_32
/wloli.x86_64

# Reference: https://twitter.com/VessOnSecurity/status/1216725079784087557

retardbot.duckdns.org
/arc.retardbot
/arm.retardbot
/arm4.retardbot
/arm4l.retardbot
/arm4t.retardbot
/arm4tl.retardbot
/arm4tll.retardbot
/armv4l.retardbot
/arm5.retardbot
/arm5n.retardbot
/arm6.retardbot
/arm64.retardbot
/arm7.retardbot
/arm8.retardbot
/dbg.retardbot
/i4.retardbot
/i486.retardbot
/i586.retardbot
/i686.retardbot
/exploit.retardbot
/kill.retardbot
/m68k.retardbot
/mips.retardbot
/mips64.retardbot
/mpsl.retardbot
/mipsel.retardbot
/pcc.retardbot
/ppc.retardbot
/ppc2.retardbot
/ppc440.retardbot
/ppc440fp.retardbot
/powerppc.retardbot
/root.retardbot
/root32.retardbot
/sh4.retardbot
/ssh4.retardbot
/spc.retardbot
/sparc.retardbot
/x32.retardbot
/x64.retardbot
/x86.retardbot
/x86_32.retardbot
/x86_64.retardbot
/retardbot.arc
/retardbot.arm
/retardbot.arm4
/retardbot.arm4l
/retardbot.arm4t
/retardbot.arm4tl
/retardbot.arm4tll
/retardbot.armv4l
/retardbot.arm5
/retardbot.arm5n
/retardbot.arm6
/retardbot.arm64
/retardbot.arm7
/retardbot.arm8
/retardbot.dbg
/retardbot.i4
/retardbot.i486
/retardbot.i586
/retardbot.i686
/retardbot.exploit
/retardbot.kill
/retardbot.m68k
/retardbot.mips
/retardbot.mips64
/retardbot.mpsl
/retardbot.mipsel
/retardbot.pcc
/retardbot.ppc
/retardbot.ppc2
/retardbot.ppc440
/retardbot.ppc440fp
/retardbot.powerppc
/retardbot.root
/retardbot.root32
/retardbot.sh4
/retardbot.ssh4
/retardbot.spc
/retardbot.sparc
/retardbot.x32
/retardbot.x64
/retardbot.x86
/retardbot.x86_32
/retardbot.x86_64

# Reference: https://twitter.com/bad_packets/status/1218735720497500160

198.23.238.235:666
/kttp.arc
/kttp.arm
/kttp.arm4
/kttp.arm4l
/kttp.arm4t
/kttp.arm4tl
/kttp.arm4tll
/kttp.armv4l
/kttp.arm5
/kttp.arm5n
/kttp.arm6
/kttp.arm64
/kttp.arm7
/kttp.arm8
/kttp.dbg
/kttp.i4
/kttp.i486
/kttp.i586
/kttp.i686
/kttp.exploit
/kttp.kill
/kttp.m68k
/kttp.mips
/kttp.mips64
/kttp.mpsl
/kttp.mipsel
/kttp.pcc
/kttp.ppc
/kttp.ppc2
/kttp.ppc440
/kttp.ppc440fp
/kttp.powerppc
/kttp.root
/kttp.root32
/kttp.sh4
/kttp.ssh4
/kttp.spc
/kttp.sparc
/kttp.x32
/kttp.x64
/kttp.x86
/kttp.x86_32
/kttp.x86_64

# Reference: https://twitter.com/bad_packets/status/1219160404431011842

91.208.184.118:65535
/enigmatic.arc
/enigmatic.arm
/enigmatic.arm4
/enigmatic.arm4l
/enigmatic.arm4t
/enigmatic.arm4tl
/enigmatic.arm4tll
/enigmatic.armv4l
/enigmatic.arm5
/enigmatic.arm5n
/enigmatic.arm6
/enigmatic.arm64
/enigmatic.arm7
/enigmatic.arm8
/enigmatic.dbg
/enigmatic.i4
/enigmatic.i486
/enigmatic.i586
/enigmatic.i686
/enigmatic.exploit
/enigmatic.kill
/enigmatic.m68k
/enigmatic.mips
/enigmatic.mips64
/enigmatic.mpsl
/enigmatic.mipsel
/enigmatic.pcc
/enigmatic.ppc
/enigmatic.ppc2
/enigmatic.ppc440
/enigmatic.ppc440fp
/enigmatic.powerppc
/enigmatic.root
/enigmatic.root32
/enigmatic.sh4
/enigmatic.ssh4
/enigmatic.spc
/enigmatic.sparc
/enigmatic.x32
/enigmatic.x64
/enigmatic.x86
/enigmatic.x86_32
/enigmatic.x86_64

# Reference: https://twitter.com/0xrb/status/1219948735892881410

147.135.99.103:9375
/3ngine.arc
/3ngine.arm
/3ngine.arm4
/3ngine.arm4l
/3ngine.arm4t
/3ngine.arm4tl
/3ngine.arm4tll
/3ngine.armv4l
/3ngine.arm5
/3ngine.arm5n
/3ngine.arm6
/3ngine.arm64
/3ngine.arm7
/3ngine.arm8
/3ngine.dbg
/3ngine.i4
/3ngine.i486
/3ngine.i586
/3ngine.i686
/3ngine.exploit
/3ngine.kill
/3ngine.m68k
/3ngine.mips
/3ngine.mips64
/3ngine.mpsl
/3ngine.mipsel
/3ngine.pcc
/3ngine.ppc
/3ngine.ppc2
/3ngine.ppc440
/3ngine.ppc440fp
/3ngine.powerppc
/3ngine.root
/3ngine.root32
/3ngine.sh4
/3ngine.ssh4
/3ngine.spc
/3ngine.sparc
/3ngine.x32
/3ngine.x64
/3ngine.x86
/3ngine.x86_32
/3ngine.x86_64

# Reference: https://twitter.com/0xrb/status/1219942866031525888

205.185.122.174:1024
/ChainAnti.arc
/ChainAnti.arm
/ChainAnti.arm4
/ChainAnti.arm4l
/ChainAnti.arm4t
/ChainAnti.arm4tl
/ChainAnti.arm4tll
/ChainAnti.armv4l
/ChainAnti.arm5
/ChainAnti.arm5n
/ChainAnti.arm6
/ChainAnti.arm64
/ChainAnti.arm7
/ChainAnti.arm8
/ChainAnti.dbg
/ChainAnti.i4
/ChainAnti.i486
/ChainAnti.i586
/ChainAnti.i686
/ChainAnti.exploit
/ChainAnti.kill
/ChainAnti.m68k
/ChainAnti.mips
/ChainAnti.mips64
/ChainAnti.mpsl
/ChainAnti.mipsel
/ChainAnti.pcc
/ChainAnti.ppc
/ChainAnti.ppc2
/ChainAnti.ppc440
/ChainAnti.ppc440fp
/ChainAnti.powerppc
/ChainAnti.root
/ChainAnti.root32
/ChainAnti.sh4
/ChainAnti.ssh4
/ChainAnti.spc
/ChainAnti.sparc
/ChainAnti.x32
/ChainAnti.x64
/ChainAnti.x86
/ChainAnti.x86_32
/ChainAnti.x86_64

# Reference: https://twitter.com/bad_packets/status/1220231950889189376

89.34.27.57:34529
89.34.27.57:8348
/arc.okuma
/arm.okuma
/arm4.okuma
/arm4l.okuma
/arm4t.okuma
/arm4tl.okuma
/arm4tll.okuma
/armv4.okuma
/armv4l.okuma
/arm5.okuma
/arm5n.okuma
/arm6.okuma
/arm64.okuma
/arm7.okuma
/arm8.okuma
/dbg.okuma
/exploit.okuma
/i4.okuma
/i486.okuma
/i586.okuma
/i686.okuma
/kill.okuma
/m68k.okuma
/mips.okuma
/mips64.okuma
/mpsl.okuma
/mipsel.okuma
/pcc.okuma
/ppc.okuma
/ppc2.okuma
/ppc440.okuma
/ppc440fp.okuma
/powerpc.okuma
/powerppc.okuma
/root.okuma
/root32.okuma
/sh4.okuma
/ssh4.okuma
/spc.okuma
/sparc.okuma
/x32.okuma
/x64.okuma
/x86.okuma
/x86_32.okuma
/x86_64.okuma
/okuma.arc
/okuma.arm
/okuma.arm4
/okuma.arm4l
/okuma.arm4t
/okuma.arm4tl
/okuma.arm4tll
/okuma.armv4
/okuma.armv4l
/okuma.arm5
/okuma.arm5n
/okuma.arm6
/okuma.arm64
/okuma.arm7
/okuma.arm8
/okuma.dbg
/okuma.exploit
/okuma.i4
/okuma.i486
/okuma.i586
/okuma.i686
/okuma.kill
/okuma.m68k
/okuma.mips
/okuma.mips64
/okuma.mpsl
/okuma.mipsel
/okuma.pcc
/okuma.ppc
/okuma.ppc2
/okuma.ppc440
/okuma.ppc440fp
/okuma.powerpc
/okuma.powerppc
/okuma.root
/okuma.root32
/okuma.sh4
/okuma.ssh4
/okuma.spc
/okuma.sparc
/okuma.x32
/okuma.x64
/okuma.x86
/okuma.x86_32
/okuma.x86_64

# Reference: https://twitter.com/0xrb/status/1219946554951254016

217.182.38.147:1791

# Reference: https://twitter.com/0xrb/status/1220270618827841536

45.148.10.181:50884
zxcxffyttygbbgfgf12121bot.duckdns.org
/arc.qw69
/arm.qw69
/arm4.qw69
/arm4l.qw69
/arm4t.qw69
/arm4tl.qw69
/arm4tll.qw69
/armv4.qw69
/armv4l.qw69
/arm5.qw69
/arm5n.qw69
/arm6.qw69
/arm64.qw69
/arm7.qw69
/arm8.qw69
/dbg.qw69
/exploit.qw69
/i4.qw69
/i486.qw69
/i586.qw69
/i686.qw69
/kill.qw69
/m68k.qw69
/mips.qw69
/mips64.qw69
/mpsl.qw69
/mipsel.qw69
/pcc.qw69
/ppc.qw69
/ppc2.qw69
/ppc440.qw69
/ppc440fp.qw69
/powerpc.qw69
/powerppc.qw69
/root.qw69
/root32.qw69
/sh4.qw69
/ssh4.qw69
/spc.qw69
/sparc.qw69
/x32.qw69
/x64.qw69
/x86.qw69
/x86_32.qw69
/x86_64.qw69
/qw69.arc
/qw69.arm
/qw69.arm4
/qw69.arm4l
/qw69.arm4t
/qw69.arm4tl
/qw69.arm4tll
/qw69.armv4
/qw69.armv4l
/qw69.arm5
/qw69.arm5n
/qw69.arm6
/qw69.arm64
/qw69.arm7
/qw69.arm8
/qw69.dbg
/qw69.exploit
/qw69.i4
/qw69.i486
/qw69.i586
/qw69.i686
/qw69.kill
/qw69.m68k
/qw69.mips
/qw69.mips64
/qw69.mpsl
/qw69.mipsel
/qw69.pcc
/qw69.ppc
/qw69.ppc2
/qw69.ppc440
/qw69.ppc440fp
/qw69.powerpc
/qw69.powerppc
/qw69.root
/qw69.root32
/qw69.sh4
/qw69.ssh4
/qw69.spc
/qw69.sparc
/qw69.x32
/qw69.x64
/qw69.x86
/qw69.x86_32
/qw69.x86_64

# Reference: https://twitter.com/0xrb/status/1220627438524174337

188.166.36.43:50717
/arc.s0s13
/arm.s0s13
/arm4.s0s13
/arm4l.s0s13
/arm4t.s0s13
/arm4tl.s0s13
/arm4tll.s0s13
/armv4.s0s13
/armv4l.s0s13
/arm5.s0s13
/arm5n.s0s13
/arm6.s0s13
/arm64.s0s13
/arm7.s0s13
/arm8.s0s13
/dbg.s0s13
/exploit.s0s13
/i4.s0s13
/i486.s0s13
/i586.s0s13
/i686.s0s13
/kill.s0s13
/m68k.s0s13
/mips.s0s13
/mips64.s0s13
/mpsl.s0s13
/mipsel.s0s13
/pcc.s0s13
/ppc.s0s13
/ppc2.s0s13
/ppc440.s0s13
/ppc440fp.s0s13
/powerpc.s0s13
/powerppc.s0s13
/root.s0s13
/root32.s0s13
/sh4.s0s13
/ssh4.s0s13
/spc.s0s13
/sparc.s0s13
/x32.s0s13
/x64.s0s13
/x86.s0s13
/x86_32.s0s13
/x86_64.s0s13
/s0s13.arc
/s0s13.arm
/s0s13.arm4
/s0s13.arm4l
/s0s13.arm4t
/s0s13.arm4tl
/s0s13.arm4tll
/s0s13.armv4
/s0s13.armv4l
/s0s13.arm5
/s0s13.arm5n
/s0s13.arm6
/s0s13.arm64
/s0s13.arm7
/s0s13.arm8
/s0s13.dbg
/s0s13.exploit
/s0s13.i4
/s0s13.i486
/s0s13.i586
/s0s13.i686
/s0s13.kill
/s0s13.m68k
/s0s13.mips
/s0s13.mips64
/s0s13.mpsl
/s0s13.mipsel
/s0s13.pcc
/s0s13.ppc
/s0s13.ppc2
/s0s13.ppc440
/s0s13.ppc440fp
/s0s13.powerpc
/s0s13.powerppc
/s0s13.root
/s0s13.root32
/s0s13.sh4
/s0s13.ssh4
/s0s13.spc
/s0s13.sparc
/s0s13.x32
/s0s13.x64
/s0s13.x86
/s0s13.x86_32
/s0s13.x86_64

# Reference: https://www.virustotal.com/gui/ip-address/37.49.231.104/relations

cnc.astrovpn.xyz
scan.astrovpn.xyz
/arc.lmfao293reuj239jrf234rft34jt
/arm.lmfao293reuj239jrf234rft34jt
/arm4.lmfao293reuj239jrf234rft34jt
/arm4l.lmfao293reuj239jrf234rft34jt
/arm4t.lmfao293reuj239jrf234rft34jt
/arm4tl.lmfao293reuj239jrf234rft34jt
/arm4tll.lmfao293reuj239jrf234rft34jt
/armv4.lmfao293reuj239jrf234rft34jt
/armv4l.lmfao293reuj239jrf234rft34jt
/arm5.lmfao293reuj239jrf234rft34jt
/arm5n.lmfao293reuj239jrf234rft34jt
/arm6.lmfao293reuj239jrf234rft34jt
/arm64.lmfao293reuj239jrf234rft34jt
/arm7.lmfao293reuj239jrf234rft34jt
/arm8.lmfao293reuj239jrf234rft34jt
/dbg.lmfao293reuj239jrf234rft34jt
/exploit.lmfao293reuj239jrf234rft34jt
/i4.lmfao293reuj239jrf234rft34jt
/i486.lmfao293reuj239jrf234rft34jt
/i586.lmfao293reuj239jrf234rft34jt
/i686.lmfao293reuj239jrf234rft34jt
/kill.lmfao293reuj239jrf234rft34jt
/m68k.lmfao293reuj239jrf234rft34jt
/mips.lmfao293reuj239jrf234rft34jt
/mips64.lmfao293reuj239jrf234rft34jt
/mpsl.lmfao293reuj239jrf234rft34jt
/mipsel.lmfao293reuj239jrf234rft34jt
/pcc.lmfao293reuj239jrf234rft34jt
/ppc.lmfao293reuj239jrf234rft34jt
/ppc2.lmfao293reuj239jrf234rft34jt
/ppc440.lmfao293reuj239jrf234rft34jt
/ppc440fp.lmfao293reuj239jrf234rft34jt
/powerpc.lmfao293reuj239jrf234rft34jt
/powerppc.lmfao293reuj239jrf234rft34jt
/root.lmfao293reuj239jrf234rft34jt
/root32.lmfao293reuj239jrf234rft34jt
/sh4.lmfao293reuj239jrf234rft34jt
/ssh4.lmfao293reuj239jrf234rft34jt
/spc.lmfao293reuj239jrf234rft34jt
/sparc.lmfao293reuj239jrf234rft34jt
/x32.lmfao293reuj239jrf234rft34jt
/x64.lmfao293reuj239jrf234rft34jt
/x86.lmfao293reuj239jrf234rft34jt
/x86_32.lmfao293reuj239jrf234rft34jt
/x86_64.lmfao293reuj239jrf234rft34jt
/lmfao293reuj239jrf234rft34jt.arc
/lmfao293reuj239jrf234rft34jt.arm
/lmfao293reuj239jrf234rft34jt.arm4
/lmfao293reuj239jrf234rft34jt.arm4l
/lmfao293reuj239jrf234rft34jt.arm4t
/lmfao293reuj239jrf234rft34jt.arm4tl
/lmfao293reuj239jrf234rft34jt.arm4tll
/lmfao293reuj239jrf234rft34jt.armv4
/lmfao293reuj239jrf234rft34jt.armv4l
/lmfao293reuj239jrf234rft34jt.arm5
/lmfao293reuj239jrf234rft34jt.arm5n
/lmfao293reuj239jrf234rft34jt.arm6
/lmfao293reuj239jrf234rft34jt.arm64
/lmfao293reuj239jrf234rft34jt.arm7
/lmfao293reuj239jrf234rft34jt.arm8
/lmfao293reuj239jrf234rft34jt.dbg
/lmfao293reuj239jrf234rft34jt.exploit
/lmfao293reuj239jrf234rft34jt.i4
/lmfao293reuj239jrf234rft34jt.i486
/lmfao293reuj239jrf234rft34jt.i586
/lmfao293reuj239jrf234rft34jt.i686
/lmfao293reuj239jrf234rft34jt.kill
/lmfao293reuj239jrf234rft34jt.m68k
/lmfao293reuj239jrf234rft34jt.mips
/lmfao293reuj239jrf234rft34jt.mips64
/lmfao293reuj239jrf234rft34jt.mpsl
/lmfao293reuj239jrf234rft34jt.mipsel
/lmfao293reuj239jrf234rft34jt.pcc
/lmfao293reuj239jrf234rft34jt.ppc
/lmfao293reuj239jrf234rft34jt.ppc2
/lmfao293reuj239jrf234rft34jt.ppc440
/lmfao293reuj239jrf234rft34jt.ppc440fp
/lmfao293reuj239jrf234rft34jt.powerpc
/lmfao293reuj239jrf234rft34jt.powerppc
/lmfao293reuj239jrf234rft34jt.root
/lmfao293reuj239jrf234rft34jt.root32
/lmfao293reuj239jrf234rft34jt.sh4
/lmfao293reuj239jrf234rft34jt.ssh4
/lmfao293reuj239jrf234rft34jt.spc
/lmfao293reuj239jrf234rft34jt.sparc
/lmfao293reuj239jrf234rft34jt.x32
/lmfao293reuj239jrf234rft34jt.x64
/lmfao293reuj239jrf234rft34jt.x86
/lmfao293reuj239jrf234rft34jt.x86_32
/lmfao293reuj239jrf234rft34jt.x86_64

# Reference: https://www.virustotal.com/gui/domain/fksdjfaksj321cnc.mybiadboats.xyz/relations
# Reference: https://www.virustotal.com/gui/ip-address/45.148.10.92/relations

mybiadboats.xyz
fksdjfaksj321bots.mybiadboats.xyz
fksdjfaksj321cnc.mybiadboats.xyz
/arc.5531sx3
/arm.5531sx3
/arm4.5531sx3
/arm4l.5531sx3
/arm4t.5531sx3
/arm4tl.5531sx3
/arm4tll.5531sx3
/armv4.5531sx3
/armv4l.5531sx3
/arm5.5531sx3
/arm5n.5531sx3
/arm6.5531sx3
/arm64.5531sx3
/arm7.5531sx3
/arm8.5531sx3
/dbg.5531sx3
/exploit.5531sx3
/i4.5531sx3
/i486.5531sx3
/i586.5531sx3
/i686.5531sx3
/kill.5531sx3
/m68k.5531sx3
/mips.5531sx3
/mips64.5531sx3
/mpsl.5531sx3
/mipsel.5531sx3
/pcc.5531sx3
/ppc.5531sx3
/ppc2.5531sx3
/ppc440.5531sx3
/ppc440fp.5531sx3
/powerpc.5531sx3
/powerppc.5531sx3
/root.5531sx3
/root32.5531sx3
/sh4.5531sx3
/ssh4.5531sx3
/spc.5531sx3
/sparc.5531sx3
/x32.5531sx3
/x64.5531sx3
/x86.5531sx3
/x86_32.5531sx3
/x86_64.5531sx3
/5531sx3.arc
/5531sx3.arm
/5531sx3.arm4
/5531sx3.arm4l
/5531sx3.arm4t
/5531sx3.arm4tl
/5531sx3.arm4tll
/5531sx3.armv4
/5531sx3.armv4l
/5531sx3.arm5
/5531sx3.arm5n
/5531sx3.arm6
/5531sx3.arm64
/5531sx3.arm7
/5531sx3.arm8
/5531sx3.dbg
/5531sx3.exploit
/5531sx3.i4
/5531sx3.i486
/5531sx3.i586
/5531sx3.i686
/5531sx3.kill
/5531sx3.m68k
/5531sx3.mips
/5531sx3.mips64
/5531sx3.mpsl
/5531sx3.mipsel
/5531sx3.pcc
/5531sx3.ppc
/5531sx3.ppc2
/5531sx3.ppc440
/5531sx3.ppc440fp
/5531sx3.powerpc
/5531sx3.powerppc
/5531sx3.root
/5531sx3.root32
/5531sx3.sh4
/5531sx3.ssh4
/5531sx3.spc
/5531sx3.sparc
/5531sx3.x32
/5531sx3.x64
/5531sx3.x86
/5531sx3.x86_32
/5531sx3.x86_64

# Reference: https://twitter.com/bad_packets/status/1224062212236382208

207.154.212.220:5301
207.154.212.220:9545
/Stanleyy.arc
/Stanleyy.arm
/Stanleyy.arm4
/Stanleyy.arm4l
/Stanleyy.arm4t
/Stanleyy.arm4tl
/Stanleyy.arm4tll
/Stanleyy.armv4
/Stanleyy.armv4l
/Stanleyy.arm5
/Stanleyy.arm5l
/Stanleyy.arm5n
/Stanleyy.armv5
/Stanleyy.armv5l
/Stanleyy.arm6
/Stanleyy.arm6l
/Stanleyy.arm64
/Stanleyy.armv6
/Stanleyy.armv6l
/Stanleyy.armv61
/Stanleyy.arm7
/Stanleyy.arm7l
/Stanleyy.armv7
/Stanleyy.armv7l
/Stanleyy.arm8
/Stanleyy.armv8
/Stanleyy.dbg
/Stanleyy.exploit
/Stanleyy.i4
/Stanleyy.i6
/Stanleyy.i486
/Stanleyy.i586
/Stanleyy.i686
/Stanleyy.kill
/Stanleyy.m68
/Stanleyy.m68k
/Stanleyy.mips
/Stanleyy.mips64
/Stanleyy.mpsl
/Stanleyy.mipsel
/Stanleyy.pcc
/Stanleyy.ppc
/Stanleyy.ppc2
/Stanleyy.ppc440
/Stanleyy.ppc440fp
/Stanleyy.powerpc
/Stanleyy.powerppc
/Stanleyy.powerpc-440fp
/Stanleyy.root
/Stanleyy.root32
/Stanleyy.sh
/Stanleyy.sh4
/Stanleyy.ssh4
/Stanleyy.spc
/Stanleyy.sparc
/Stanleyy.x32
/Stanleyy.x64
/Stanleyy.x86
/Stanleyy.x86_32
/Stanleyy.x86_64

# Reference: https://twitter.com/bad_packets/status/1221641018262470657

206.81.1.189:39284
206.81.1.189:9375
/b3astmode.arc
/b3astmode.arm
/b3astmode.arm4
/b3astmode.arm4l
/b3astmode.arm4t
/b3astmode.arm4tl
/b3astmode.arm4tll
/b3astmode.armv4
/b3astmode.armv4l
/b3astmode.arm5
/b3astmode.arm5l
/b3astmode.arm5n
/b3astmode.armv5
/b3astmode.armv5l
/b3astmode.arm6
/b3astmode.arm6l
/b3astmode.arm64
/b3astmode.armv6
/b3astmode.armv6l
/b3astmode.armv61
/b3astmode.arm7
/b3astmode.arm7l
/b3astmode.armv7
/b3astmode.armv7l
/b3astmode.arm8
/b3astmode.armv8
/b3astmode.dbg
/b3astmode.exploit
/b3astmode.i4
/b3astmode.i6
/b3astmode.i486
/b3astmode.i586
/b3astmode.i686
/b3astmode.kill
/b3astmode.m68
/b3astmode.m68k
/b3astmode.mips
/b3astmode.mips64
/b3astmode.mpsl
/b3astmode.mipsel
/b3astmode.pcc
/b3astmode.ppc
/b3astmode.ppc2
/b3astmode.ppc440
/b3astmode.ppc440fp
/b3astmode.powerpc
/b3astmode.powerppc
/b3astmode.powerpc-440fp
/b3astmode.root
/b3astmode.root32
/b3astmode.sh
/b3astmode.sh4
/b3astmode.ssh4
/b3astmode.spc
/b3astmode.sparc
/b3astmode.x32
/b3astmode.x64
/b3astmode.x86
/b3astmode.x86_32
/b3astmode.x86_64

# Reference: https://twitter.com/0xrb/status/1224245436015230976
# Reference: https://twitter.com/0xrb/status/1224243105970323457
# Reference: https://twitter.com/0xrb/status/1224246687129993221

159.89.143.222:9375
204.48.21.31:9375
217.182.38.147:1111
/a-r.m-4.GHOUL
/a-r.m-5.GHOUL
/a-r.m-6.GHOUL
/a-r.m-7.GHOUL
/i-4.8-6.GHOUL
/i-5.8-6.GHOUL
/i-6.8-6.GHOUL
/m-6.8-k.GHOUL
/m-i.p-s.GHOUL
/m-p.s-l.GHOUL
/p-p.c-.GHOUL
/s-h.4-.GHOUL
/x-3.2-.GHOUL
/x-6.4-.GHOUL
/x-8.6-.GHOUL

# Reference: https://twitter.com/0xrb/status/1224250204875939840/photo/1

/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm4
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm4l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm4t
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm4tl
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm4tll
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv4
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv4l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm5
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm5l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm5n
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv5
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv5l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm6
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm6l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm64
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv6
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv6l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv61
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm7
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm7l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv7
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv7l
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.arm8
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.armv8
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.dbg
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.exploit
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.i4
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.i6
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.i486
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.i586
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.i686
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.kill
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.m68
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.m68k
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.mips
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.mips64
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.mpsl
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.mipsel
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.pcc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.ppc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.ppc2
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.ppc440
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.ppc440fp
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.powerpc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.powerppc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.powerpc-440fp
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.root
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.root32
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.sh
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.sh4
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.ssh4
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.spc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.sparc
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.x32
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.x64
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.x86
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.x86_32
/djmfjlkdsnfjksefjkdafjdfjksdafjdsafjdfbjkdsbfdsflkaddjkafbadlfdbakfdabnakjfnjkdafkdajfldafjk.x86_64
/Gh0ul.arc
/Gh0ul.arm
/Gh0ul.arm4
/Gh0ul.arm4l
/Gh0ul.arm4t
/Gh0ul.arm4tl
/Gh0ul.arm4tll
/Gh0ul.armv4
/Gh0ul.armv4l
/Gh0ul.arm5
/Gh0ul.arm5l
/Gh0ul.arm5n
/Gh0ul.armv5
/Gh0ul.armv5l
/Gh0ul.arm6
/Gh0ul.arm6l
/Gh0ul.arm64
/Gh0ul.armv6
/Gh0ul.armv6l
/Gh0ul.armv61
/Gh0ul.arm7
/Gh0ul.arm7l
/Gh0ul.armv7
/Gh0ul.armv7l
/Gh0ul.arm8
/Gh0ul.armv8
/Gh0ul.dbg
/Gh0ul.exploit
/Gh0ul.i4
/Gh0ul.i6
/Gh0ul.i486
/Gh0ul.i586
/Gh0ul.i686
/Gh0ul.kill
/Gh0ul.m68
/Gh0ul.m68k
/Gh0ul.mips
/Gh0ul.mips64
/Gh0ul.mpsl
/Gh0ul.mipsel
/Gh0ul.pcc
/Gh0ul.ppc
/Gh0ul.ppc2
/Gh0ul.ppc440
/Gh0ul.ppc440fp
/Gh0ul.powerpc
/Gh0ul.powerppc
/Gh0ul.powerpc-440fp
/Gh0ul.root
/Gh0ul.root32
/Gh0ul.sh
/Gh0ul.sh4
/Gh0ul.ssh4
/Gh0ul.spc
/Gh0ul.sparc
/Gh0ul.x32
/Gh0ul.x64
/Gh0ul.x86
/Gh0ul.x86_32
/Gh0ul.x86_64
/helios.arc
/helios.arm
/helios.arm4
/helios.arm4l
/helios.arm4t
/helios.arm4tl
/helios.arm4tll
/helios.armv4
/helios.armv4l
/helios.arm5
/helios.arm5l
/helios.arm5n
/helios.armv5
/helios.armv5l
/helios.arm6
/helios.arm6l
/helios.arm64
/helios.armv6
/helios.armv6l
/helios.armv61
/helios.arm7
/helios.arm7l
/helios.armv7
/helios.armv7l
/helios.arm8
/helios.armv8
/helios.dbg
/helios.exploit
/helios.i4
/helios.i6
/helios.i486
/helios.i586
/helios.i686
/helios.kill
/helios.m68
/helios.m68k
/helios.mips
/helios.mips64
/helios.mpsl
/helios.mipsel
/helios.pcc
/helios.ppc
/helios.ppc2
/helios.ppc440
/helios.ppc440fp
/helios.powerpc
/helios.powerppc
/helios.powerpc-440fp
/helios.root
/helios.root32
/helios.sh
/helios.sh4
/helios.ssh4
/helios.spc
/helios.sparc
/helios.x32
/helios.x64
/helios.x86
/helios.x86_32
/helios.x86_64
/kiga.arc
/kiga.arm
/kiga.arm4
/kiga.arm4l
/kiga.arm4t
/kiga.arm4tl
/kiga.arm4tll
/kiga.armv4
/kiga.armv4l
/kiga.arm5
/kiga.arm5l
/kiga.arm5n
/kiga.armv5
/kiga.armv5l
/kiga.arm6
/kiga.arm6l
/kiga.arm64
/kiga.armv6
/kiga.armv6l
/kiga.armv61
/kiga.arm7
/kiga.arm7l
/kiga.armv7
/kiga.armv7l
/kiga.arm8
/kiga.armv8
/kiga.dbg
/kiga.exploit
/kiga.i4
/kiga.i6
/kiga.i486
/kiga.i586
/kiga.i686
/kiga.kill
/kiga.m68
/kiga.m68k
/kiga.mips
/kiga.mips64
/kiga.mpsl
/kiga.mipsel
/kiga.pcc
/kiga.ppc
/kiga.ppc2
/kiga.ppc440
/kiga.ppc440fp
/kiga.powerpc
/kiga.powerppc
/kiga.powerpc-440fp
/kiga.root
/kiga.root32
/kiga.sh
/kiga.sh4
/kiga.ssh4
/kiga.spc
/kiga.sparc
/kiga.x32
/kiga.x64
/kiga.x86
/kiga.x86_32
/kiga.x86_64
/z2s234.arc
/z2s234.arm
/z2s234.arm4
/z2s234.arm4l
/z2s234.arm4t
/z2s234.arm4tl
/z2s234.arm4tll
/z2s234.armv4
/z2s234.armv4l
/z2s234.arm5
/z2s234.arm5l
/z2s234.arm5n
/z2s234.armv5
/z2s234.armv5l
/z2s234.arm6
/z2s234.arm6l
/z2s234.arm64
/z2s234.armv6
/z2s234.armv6l
/z2s234.armv61
/z2s234.arm7
/z2s234.arm7l
/z2s234.armv7
/z2s234.armv7l
/z2s234.arm8
/z2s234.armv8
/z2s234.dbg
/z2s234.exploit
/z2s234.i4
/z2s234.i6
/z2s234.i486
/z2s234.i586
/z2s234.i686
/z2s234.kill
/z2s234.m68
/z2s234.m68k
/z2s234.mips
/z2s234.mips64
/z2s234.mpsl
/z2s234.mipsel
/z2s234.pcc
/z2s234.ppc
/z2s234.ppc2
/z2s234.ppc440
/z2s234.ppc440fp
/z2s234.powerpc
/z2s234.powerppc
/z2s234.powerpc-440fp
/z2s234.root
/z2s234.root32
/z2s234.sh
/z2s234.sh4
/z2s234.ssh4
/z2s234.spc
/z2s234.sparc
/z2s234.x32
/z2s234.x64
/z2s234.x86
/z2s234.x86_32
/z2s234.x86_64

# Reference: https://twitter.com/DGAFeedAlerts/status/1224516139742646272

sdoplblbefwm.support

# Reference: https://www.virustotal.com/gui/domain/scan.casualaffinity.net/relations

# scan.casualaffinity.net

# Reference: https://www.virustotal.com/gui/domain/niggacumyafacenet.xyz/relations

# jhasdjahsdjasfkdaskdfasbot.niggacumyafacenet.xyz
# jhasdjahsdjasfkdaskdfascnc.niggacumyafacenet.xyz

/z0r0.arc
/z0r0.arm
/z0r0.arm4
/z0r0.arm4l
/z0r0.arm4t
/z0r0.arm4tl
/z0r0.arm4tll
/z0r0.armv4
/z0r0.armv4l
/z0r0.arm5
/z0r0.arm5l
/z0r0.arm5n
/z0r0.armv5
/z0r0.armv5l
/z0r0.arm6
/z0r0.arm6l
/z0r0.arm64
/z0r0.armv6
/z0r0.armv6l
/z0r0.armv61
/z0r0.arm7
/z0r0.arm7l
/z0r0.armv7
/z0r0.armv7l
/z0r0.arm8
/z0r0.armv8
/z0r0.dbg
/z0r0.exploit
/z0r0.i4
/z0r0.i6
/z0r0.i486
/z0r0.i586
/z0r0.i686
/z0r0.kill
/z0r0.m68
/z0r0.m68k
/z0r0.mips
/z0r0.mips64
/z0r0.mpsl
/z0r0.mipsel
/z0r0.pcc
/z0r0.ppc
/z0r0.ppc2
/z0r0.ppc440
/z0r0.ppc440fp
/z0r0.powerpc
/z0r0.powerppc
/z0r0.powerpc-440fp
/z0r0.root
/z0r0.root32
/z0r0.sh
/z0r0.sh4
/z0r0.ssh4
/z0r0.spc
/z0r0.sparc
/z0r0.x32
/z0r0.x64
/z0r0.x86
/z0r0.x86_32
/z0r0.x86_64

# Reference: https://twitter.com/bad_packets/status/1226403767198707712

/puzzle.arc
/puzzle.arm
/puzzle.arm4
/puzzle.arm4l
/puzzle.arm4t
/puzzle.arm4tl
/puzzle.arm4tll
/puzzle.armv4
/puzzle.armv4l
/puzzle.arm5
/puzzle.arm5l
/puzzle.arm5n
/puzzle.armv5
/puzzle.armv5l
/puzzle.arm6
/puzzle.arm6l
/puzzle.arm64
/puzzle.armv6
/puzzle.armv6l
/puzzle.armv61
/puzzle.arm7
/puzzle.arm7l
/puzzle.armv7
/puzzle.armv7l
/puzzle.arm8
/puzzle.armv8
/puzzle.dbg
/puzzle.exploit
/puzzle.i4
/puzzle.i6
/puzzle.i486
/puzzle.i586
/puzzle.i686
/puzzle.kill
/puzzle.m68
/puzzle.m68k
/puzzle.mips
/puzzle.mips64
/puzzle.mpsl
/puzzle.mipsel
/puzzle.pcc
/puzzle.ppc
/puzzle.ppc2
/puzzle.ppc440
/puzzle.ppc440fp
/puzzle.powerpc
/puzzle.powerppc
/puzzle.powerpc-440fp
/puzzle.root
/puzzle.root32
/puzzle.sh
/puzzle.sh4
/puzzle.ssh4
/puzzle.spc
/puzzle.sparc
/puzzle.x32
/puzzle.x64
/puzzle.x86
/puzzle.x86_32
/puzzle.x86_64

# Reference: https://twitter.com/bad_packets/status/1227309221244493825

178.128.183.31:24136
178.128.183.31:38565

# Reference: https://twitter.com/bad_packets/status/1227352199128211457

190.115.18.86:6323
190.115.18.86:8744

# Reference: https://twitter.com/bad_packets/status/1228733630194696197

51.79.70.163:3455
51.79.70.163:64537
breadsecurity.xyz
/Bread.arc
/Bread.arm
/Bread.arm4
/Bread.arm4l
/Bread.arm4t
/Bread.arm4tl
/Bread.arm4tll
/Bread.armv4
/Bread.armv4l
/Bread.arm5
/Bread.arm5l
/Bread.arm5n
/Bread.armv5
/Bread.armv5l
/Bread.arm6
/Bread.arm6l
/Bread.arm64
/Bread.armv6
/Bread.armv6l
/Bread.armv61
/Bread.arm7
/Bread.arm7l
/Bread.armv7
/Bread.armv7l
/Bread.arm8
/Bread.armv8
/Bread.dbg
/Bread.exploit
/Bread.i4
/Bread.i6
/Bread.i486
/Bread.i586
/Bread.i686
/Bread.kill
/Bread.m68
/Bread.m68k
/Bread.mips
/Bread.mips64
/Bread.mpsl
/Bread.mipsel
/Bread.pcc
/Bread.ppc
/Bread.ppc2
/Bread.ppc440
/Bread.ppc440fp
/Bread.powerpc
/Bread.powerppc
/Bread.powerpc-440fp
/Bread.root
/Bread.root32
/Bread.sh
/Bread.sh4
/Bread.ssh4
/Bread.spc
/Bread.sparc
/Bread.x32
/Bread.x64
/Bread.x86
/Bread.x86_32
/Bread.x86_64

# Reference: https://twitter.com/bad_packets/status/1229607800273113088

/kinam.arc
/kinam.arm
/kinam.arm4
/kinam.arm4l
/kinam.arm4t
/kinam.arm4tl
/kinam.arm4tll
/kinam.armv4
/kinam.armv4l
/kinam.arm5
/kinam.arm5l
/kinam.arm5n
/kinam.armv5
/kinam.armv5l
/kinam.arm6
/kinam.arm6l
/kinam.arm64
/kinam.armv6
/kinam.armv6l
/kinam.armv61
/kinam.arm7
/kinam.arm7l
/kinam.armv7
/kinam.armv7l
/kinam.arm8
/kinam.armv8
/kinam.dbg
/kinam.exploit
/kinam.i4
/kinam.i6
/kinam.i486
/kinam.i586
/kinam.i686
/kinam.kill
/kinam.m68
/kinam.m68k
/kinam.mips
/kinam.mips64
/kinam.mpsl
/kinam.mipsel
/kinam.pcc
/kinam.ppc
/kinam.ppc2
/kinam.ppc440
/kinam.ppc440fp
/kinam.powerpc
/kinam.powerppc
/kinam.powerpc-440fp
/kinam.root
/kinam.root32
/kinam.sh
/kinam.sh4
/kinam.ssh4
/kinam.spc
/kinam.sparc
/kinam.x32
/kinam.x64
/kinam.x86
/kinam.x86_32
/kinam.x86_64

# Reference: https://twitter.com/DGAFeedAlerts/status/1231386452732399616

xxxcujgnxiap.online

# Reference: https://twitter.com/DGAFeedAlerts/status/1231748397599744001

vudcifwrwoox.support

# Reference: https://twitter.com/malwaremustd1e/status/1231676771415674881
# Reference: https://www.virustotal.com/gui/ip-address/194.180.224.13/relations
# Reference: https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day-en/

194.180.224.1:80
l2d6beb7.justinstalledpanel.com
nlocalhost.wordtheminer.com
wor.wordtheminer.com

# Reference: https://twitter.com/bad_packets/status/1231796550441033728

167.172.251.116:9506
167.172.251.116:9621

# Reference: https://twitter.com/bad_packets/status/1231753032708186112

104.155.220.235:18819
104.155.220.235:40666

# Reference: https://twitter.com/bad_packets/status/1232209066836889600

/l1ch4.arc
/l1ch4.arm
/l1ch4.arm4
/l1ch4.arm4l
/l1ch4.arm4t
/l1ch4.arm4tl
/l1ch4.arm4tll
/l1ch4.armv4
/l1ch4.armv4l
/l1ch4.arm5
/l1ch4.arm5l
/l1ch4.arm5n
/l1ch4.armv5
/l1ch4.armv5l
/l1ch4.arm6
/l1ch4.arm6l
/l1ch4.arm64
/l1ch4.armv6
/l1ch4.armv6l
/l1ch4.armv61
/l1ch4.arm7
/l1ch4.arm7l
/l1ch4.armv7
/l1ch4.armv7l
/l1ch4.arm8
/l1ch4.armv8
/l1ch4.dbg
/l1ch4.exploit
/l1ch4.i4
/l1ch4.i6
/l1ch4.i486
/l1ch4.i586
/l1ch4.i686
/l1ch4.kill
/l1ch4.m68
/l1ch4.m68k
/l1ch4.mips
/l1ch4.mips64
/l1ch4.mpsl
/l1ch4.mipsel
/l1ch4.pcc
/l1ch4.ppc
/l1ch4.ppc2
/l1ch4.ppc440
/l1ch4.ppc440fp
/l1ch4.powerpc
/l1ch4.powerppc
/l1ch4.powerpc-440fp
/l1ch4.root
/l1ch4.root32
/l1ch4.sh
/l1ch4.sh4
/l1ch4.ssh4
/l1ch4.spc
/l1ch4.sparc
/l1ch4.x32
/l1ch4.x64
/l1ch4.x86
/l1ch4.x86_32
/l1ch4.x86_64

# Reference: https://twitter.com/0xrb/status/1232959818177998848

/d4mnasdasd4mn.arc
/d4mnasdasd4mn.arm
/d4mnasdasd4mn.arm4
/d4mnasdasd4mn.arm4l
/d4mnasdasd4mn.arm4t
/d4mnasdasd4mn.arm4tl
/d4mnasdasd4mn.arm4tll
/d4mnasdasd4mn.armv4
/d4mnasdasd4mn.armv4l
/d4mnasdasd4mn.arm5
/d4mnasdasd4mn.arm5l
/d4mnasdasd4mn.arm5n
/d4mnasdasd4mn.armv5
/d4mnasdasd4mn.armv5l
/d4mnasdasd4mn.arm6
/d4mnasdasd4mn.arm6l
/d4mnasdasd4mn.arm64
/d4mnasdasd4mn.armv6
/d4mnasdasd4mn.armv6l
/d4mnasdasd4mn.armv61
/d4mnasdasd4mn.arm7
/d4mnasdasd4mn.arm7l
/d4mnasdasd4mn.armv7
/d4mnasdasd4mn.armv7l
/d4mnasdasd4mn.arm8
/d4mnasdasd4mn.armv8
/d4mnasdasd4mn.dbg
/d4mnasdasd4mn.exploit
/d4mnasdasd4mn.i4
/d4mnasdasd4mn.i6
/d4mnasdasd4mn.i486
/d4mnasdasd4mn.i586
/d4mnasdasd4mn.i686
/d4mnasdasd4mn.kill
/d4mnasdasd4mn.m68
/d4mnasdasd4mn.m68k
/d4mnasdasd4mn.mips
/d4mnasdasd4mn.mips64
/d4mnasdasd4mn.mpsl
/d4mnasdasd4mn.mipsel
/d4mnasdasd4mn.pcc
/d4mnasdasd4mn.ppc
/d4mnasdasd4mn.ppc2
/d4mnasdasd4mn.ppc440
/d4mnasdasd4mn.ppc440fp
/d4mnasdasd4mn.powerpc
/d4mnasdasd4mn.powerppc
/d4mnasdasd4mn.powerpc-440fp
/d4mnasdasd4mn.root
/d4mnasdasd4mn.root32
/d4mnasdasd4mn.sh
/d4mnasdasd4mn.sh4
/d4mnasdasd4mn.ssh4
/d4mnasdasd4mn.spc
/d4mnasdasd4mn.sparc
/d4mnasdasd4mn.x32
/d4mnasdasd4mn.x64
/d4mnasdasd4mn.x86
/d4mnasdasd4mn.x86_32
/d4mnasdasd4mn.x86_64
/gh0st0a1s0as2d12.arc
/gh0st0a1s0as2d12.arm
/gh0st0a1s0as2d12.arm4
/gh0st0a1s0as2d12.arm4l
/gh0st0a1s0as2d12.arm4t
/gh0st0a1s0as2d12.arm4tl
/gh0st0a1s0as2d12.arm4tll
/gh0st0a1s0as2d12.armv4
/gh0st0a1s0as2d12.armv4l
/gh0st0a1s0as2d12.arm5
/gh0st0a1s0as2d12.arm5l
/gh0st0a1s0as2d12.arm5n
/gh0st0a1s0as2d12.armv5
/gh0st0a1s0as2d12.armv5l
/gh0st0a1s0as2d12.arm6
/gh0st0a1s0as2d12.arm6l
/gh0st0a1s0as2d12.arm64
/gh0st0a1s0as2d12.armv6
/gh0st0a1s0as2d12.armv6l
/gh0st0a1s0as2d12.armv61
/gh0st0a1s0as2d12.arm7
/gh0st0a1s0as2d12.arm7l
/gh0st0a1s0as2d12.armv7
/gh0st0a1s0as2d12.armv7l
/gh0st0a1s0as2d12.arm8
/gh0st0a1s0as2d12.armv8
/gh0st0a1s0as2d12.dbg
/gh0st0a1s0as2d12.exploit
/gh0st0a1s0as2d12.i4
/gh0st0a1s0as2d12.i6
/gh0st0a1s0as2d12.i486
/gh0st0a1s0as2d12.i586
/gh0st0a1s0as2d12.i686
/gh0st0a1s0as2d12.kill
/gh0st0a1s0as2d12.m68
/gh0st0a1s0as2d12.m68k
/gh0st0a1s0as2d12.mips
/gh0st0a1s0as2d12.mips64
/gh0st0a1s0as2d12.mpsl
/gh0st0a1s0as2d12.mipsel
/gh0st0a1s0as2d12.pcc
/gh0st0a1s0as2d12.ppc
/gh0st0a1s0as2d12.ppc2
/gh0st0a1s0as2d12.ppc440
/gh0st0a1s0as2d12.ppc440fp
/gh0st0a1s0as2d12.powerpc
/gh0st0a1s0as2d12.powerppc
/gh0st0a1s0as2d12.powerpc-440fp
/gh0st0a1s0as2d12.root
/gh0st0a1s0as2d12.root32
/gh0st0a1s0as2d12.sh
/gh0st0a1s0as2d12.sh4
/gh0st0a1s0as2d12.ssh4
/gh0st0a1s0as2d12.spc
/gh0st0a1s0as2d12.sparc
/gh0st0a1s0as2d12.x32
/gh0st0a1s0as2d12.x64
/gh0st0a1s0as2d12.x86
/gh0st0a1s0as2d12.x86_32
/gh0st0a1s0as2d12.x86_64
/jeksseeessss.arc
/jeksseeessss.arm
/jeksseeessss.arm4
/jeksseeessss.arm4l
/jeksseeessss.arm4t
/jeksseeessss.arm4tl
/jeksseeessss.arm4tll
/jeksseeessss.armv4
/jeksseeessss.armv4l
/jeksseeessss.arm5
/jeksseeessss.arm5l
/jeksseeessss.arm5n
/jeksseeessss.armv5
/jeksseeessss.armv5l
/jeksseeessss.arm6
/jeksseeessss.arm6l
/jeksseeessss.arm64
/jeksseeessss.armv6
/jeksseeessss.armv6l
/jeksseeessss.armv61
/jeksseeessss.arm7
/jeksseeessss.arm7l
/jeksseeessss.armv7
/jeksseeessss.armv7l
/jeksseeessss.arm8
/jeksseeessss.armv8
/jeksseeessss.dbg
/jeksseeessss.exploit
/jeksseeessss.i4
/jeksseeessss.i6
/jeksseeessss.i486
/jeksseeessss.i586
/jeksseeessss.i686
/jeksseeessss.kill
/jeksseeessss.m68
/jeksseeessss.m68k
/jeksseeessss.mips
/jeksseeessss.mips64
/jeksseeessss.mpsl
/jeksseeessss.mipsel
/jeksseeessss.pcc
/jeksseeessss.ppc
/jeksseeessss.ppc2
/jeksseeessss.ppc440
/jeksseeessss.ppc440fp
/jeksseeessss.powerpc
/jeksseeessss.powerppc
/jeksseeessss.powerpc-440fp
/jeksseeessss.root
/jeksseeessss.root32
/jeksseeessss.sh
/jeksseeessss.sh4
/jeksseeessss.ssh4
/jeksseeessss.spc
/jeksseeessss.sparc
/jeksseeessss.x32
/jeksseeessss.x64
/jeksseeessss.x86
/jeksseeessss.x86_32
/jeksseeessss.x86_64
/nomn0m.arc
/nomn0m.arm
/nomn0m.arm4
/nomn0m.arm4l
/nomn0m.arm4t
/nomn0m.arm4tl
/nomn0m.arm4tll
/nomn0m.armv4
/nomn0m.armv4l
/nomn0m.arm5
/nomn0m.arm5l
/nomn0m.arm5n
/nomn0m.armv5
/nomn0m.armv5l
/nomn0m.arm6
/nomn0m.arm6l
/nomn0m.arm64
/nomn0m.armv6
/nomn0m.armv6l
/nomn0m.armv61
/nomn0m.arm7
/nomn0m.arm7l
/nomn0m.armv7
/nomn0m.armv7l
/nomn0m.arm8
/nomn0m.armv8
/nomn0m.dbg
/nomn0m.exploit
/nomn0m.i4
/nomn0m.i6
/nomn0m.i486
/nomn0m.i586
/nomn0m.i686
/nomn0m.kill
/nomn0m.m68
/nomn0m.m68k
/nomn0m.mips
/nomn0m.mips64
/nomn0m.mpsl
/nomn0m.mipsel
/nomn0m.pcc
/nomn0m.ppc
/nomn0m.ppc2
/nomn0m.ppc440
/nomn0m.ppc440fp
/nomn0m.powerpc
/nomn0m.powerppc
/nomn0m.powerpc-440fp
/nomn0m.root
/nomn0m.root32
/nomn0m.sh
/nomn0m.sh4
/nomn0m.ssh4
/nomn0m.spc
/nomn0m.sparc
/nomn0m.x32
/nomn0m.x64
/nomn0m.x86
/nomn0m.x86_32
/nomn0m.x86_64
/RHOMBUS.arc
/RHOMBUS.arm
/RHOMBUS.arm4
/RHOMBUS.arm4l
/RHOMBUS.arm4t
/RHOMBUS.arm4tl
/RHOMBUS.arm4tll
/RHOMBUS.armv4
/RHOMBUS.armv4l
/RHOMBUS.arm5
/RHOMBUS.arm5l
/RHOMBUS.arm5n
/RHOMBUS.armv5
/RHOMBUS.armv5l
/RHOMBUS.arm6
/RHOMBUS.arm6l
/RHOMBUS.arm64
/RHOMBUS.armv6
/RHOMBUS.armv6l
/RHOMBUS.armv61
/RHOMBUS.arm7
/RHOMBUS.arm7l
/RHOMBUS.armv7
/RHOMBUS.armv7l
/RHOMBUS.arm8
/RHOMBUS.armv8
/RHOMBUS.dbg
/RHOMBUS.exploit
/RHOMBUS.i4
/RHOMBUS.i6
/RHOMBUS.i486
/RHOMBUS.i586
/RHOMBUS.i686
/RHOMBUS.kill
/RHOMBUS.m68
/RHOMBUS.m68k
/RHOMBUS.mips
/RHOMBUS.mips64
/RHOMBUS.mpsl
/RHOMBUS.mipsel
/RHOMBUS.pcc
/RHOMBUS.ppc
/RHOMBUS.ppc2
/RHOMBUS.ppc440
/RHOMBUS.ppc440fp
/RHOMBUS.powerpc
/RHOMBUS.powerppc
/RHOMBUS.powerpc-440fp
/RHOMBUS.root
/RHOMBUS.root32
/RHOMBUS.sh
/RHOMBUS.sh4
/RHOMBUS.ssh4
/RHOMBUS.spc
/RHOMBUS.sparc
/RHOMBUS.x32
/RHOMBUS.x64
/RHOMBUS.x86
/RHOMBUS.x86_32
/RHOMBUS.x86_64

# Reference: https://www.virustotal.com/gui/file/b982276458a85cd3dd7c8aa6cb4bbb2d4885b385053f92395a99abbfb0e43784/detection
# Reference: https://twitter.com/malwaremustd1e/status/1233134899130822656
# Reference: https://www.virustotal.com/gui/domain/cf0.pw/relations
# Reference: https://www.stratosphereips.org/blog/2020/4/29/rhombus-a-new-iot-malware

209.126.69.167:2020
209.126.69.167:4634
cf0.pw

# Reference: https://twitter.com/bad_packets/status/1233226684196773888

45.148.10.194:24136
45.148.10.194:38565

# Reference: https://twitter.com/JayTHL/status/1234492869160980485

/scanner.arc
/scanner.arm
/scanner.arm4
/scanner.arm4l
/scanner.arm4t
/scanner.arm4tl
/scanner.arm4tll
/scanner.armv4
/scanner.armv4l
/scanner.arm5
/scanner.arm5l
/scanner.arm5n
/scanner.armv5
/scanner.armv5l
/scanner.arm6
/scanner.arm6l
/scanner.arm64
/scanner.armv6
/scanner.armv6l
/scanner.armv61
/scanner.arm7
/scanner.arm7l
/scanner.armv7
/scanner.armv7l
/scanner.arm8
/scanner.armv8
/scanner.dbg
/scanner.exploit
/scanner.i4
/scanner.i6
/scanner.i486
/scanner.i586
/scanner.i686
/scanner.kill
/scanner.m68
/scanner.m68k
/scanner.mips
/scanner.mips64
/scanner.mpsl
/scanner.mipsel
/scanner.pcc
/scanner.ppc
/scanner.ppc2
/scanner.ppc440
/scanner.ppc440fp
/scanner.powerpc
/scanner.powerppc
/scanner.powerpc-440fp
/scanner.root
/scanner.root32
/scanner.sh
/scanner.sh4
/scanner.ssh4
/scanner.spc
/scanner.sparc
/scanner.x32
/scanner.x64
/scanner.x86
/scanner.x86_32
/scanner.x86_64

# Reference: https://twitter.com/JayTHL/status/1234493569186050051

/19.arc
/19.arm
/19.arm4
/19.arm4l
/19.arm4t
/19.arm4tl
/19.arm4tll
/19.armv4
/19.armv4l
/19.arm5
/19.arm5l
/19.arm5n
/19.armv5
/19.armv5l
/19.arm6
/19.arm6l
/19.arm64
/19.armv6
/19.armv6l
/19.armv61
/19.arm7
/19.arm7l
/19.armv7
/19.armv7l
/19.arm8
/19.armv8
/19.dbg
/19.exploit
/19.i4
/19.i6
/19.i486
/19.i586
/19.i686
/19.kill
/19.m68
/19.m68k
/19.mips
/19.mips64
/19.mpsl
/19.mipsel
/19.pcc
/19.ppc
/19.ppc2
/19.ppc440
/19.ppc440fp
/19.powerpc
/19.powerppc
/19.powerpc-440fp
/19.root
/19.root32
/19.sh
/19.sh4
/19.ssh4
/19.spc
/19.sparc
/19.x32
/19.x64
/19.x86
/19.x86_32
/19.x86_64

# Reference: https://twitter.com/bad_packets/status/1235113588840230912

5.39.217.219:7
5.39.217.219:936

# Reference: https://twitter.com/bad_packets/status/1235414095286824961

/1vs2dv.arc
/1vs2dv.arm
/1vs2dv.arm4
/1vs2dv.arm4l
/1vs2dv.arm4t
/1vs2dv.arm4tl
/1vs2dv.arm4tll
/1vs2dv.arm5
/1vs2dv.arm5l
/1vs2dv.arm5n
/1vs2dv.arm6
/1vs2dv.arm64
/1vs2dv.arm6l
/1vs2dv.arm7
/1vs2dv.arm7l
/1vs2dv.arm8
/1vs2dv.armv4
/1vs2dv.armv4l
/1vs2dv.armv5
/1vs2dv.armv5l
/1vs2dv.armv6
/1vs2dv.armv61
/1vs2dv.armv6l
/1vs2dv.armv7
/1vs2dv.armv7l
/1vs2dv.armv8
/1vs2dv.dbg
/1vs2dv.exploit
/1vs2dv.i4
/1vs2dv.i486
/1vs2dv.i586
/1vs2dv.i6
/1vs2dv.i686
/1vs2dv.kill
/1vs2dv.m68
/1vs2dv.m68k
/1vs2dv.mips
/1vs2dv.mips64
/1vs2dv.mipsel
/1vs2dv.mpsl
/1vs2dv.pcc
/1vs2dv.powerpc
/1vs2dv.powerpc-440fp
/1vs2dv.powerppc
/1vs2dv.ppc
/1vs2dv.ppc2
/1vs2dv.ppc440
/1vs2dv.ppc440fp
/1vs2dv.root
/1vs2dv.root32
/1vs2dv.sh
/1vs2dv.sh4
/1vs2dv.sparc
/1vs2dv.spc
/1vs2dv.ssh4
/1vs2dv.x32
/1vs2dv.x64
/1vs2dv.x86
/1vs2dv.x86_32
/1vs2dv.x86_64

# Reference: https://twitter.com/0xrb/status/1236919702833618946/photo/1

/arc_Sly
/arm_Sly
/arm4_Sly
/arm4l_Sly
/arm4t_Sly
/arm4tl_Sly
/arm4tll_Sly
/armv4_Sly
/armv4l_Sly
/arm5_Sly
/arm5l_Sly
/arm5n_Sly
/armv5l_Sly
/arm6_Sly
/arm6l_Sly
/armv6_Sly
/armv6l_Sly
/armv61_Sly
/arm64_Sly
/arm7_Sly
/arm7l_Sly
/armv7l_Sly
/arm8_Sly
/dbg_Sly
/exploit_Sly
/i4_Sly
/i6_Sly
/i486_Sly
/i586_Sly
/i686_Sly
/kill_Sly
/m68_Sly
/m68k_Sly
/mips_Sly
/mips64_Sly
/mpsl_Sly
/mipsel_Sly
/pcc_Sly
/ppc_Sly
/ppc2_Sly
/ppc440_Sly
/ppc440fp_Sly
/powerpc_Sly
/powerppc_Sly
/powerpc-440fp_Sly
/root_Sly
/root32_Sly
/sh_Sly
/sh4_Sly
/ssh4_Sly
/spc_Sly
/sparc_Sly
/x32_Sly
/x64_Sly
/x86_Sly
/x86_32_Sly
/x86_64_Sly
/Sly_arc
/Sly_arm
/Sly_arm4
/Sly_arm4l
/Sly_arm4t
/Sly_arm4tl
/Sly_arm4tll
/Sly_armv4
/Sly_armv4l
/Sly_arm5
/Sly_arm5l
/Sly_arm5n
/Sly_armv5l
/Sly_arm6
/Sly_arm6l
/Sly_arm64
/Sly_armv6
/Sly_armv6l
/Sly_armv61
/Sly_arm7
/Sly_arm7l
/Sly_armv7l
/Sly_arm8
/Sly_dbg
/Sly_exploit
/Sly_i4
/Sly_i6
/Sly_i486
/Sly_i586
/Sly_i686
/Sly_kill
/Sly_m68
/Sly_m68k
/Sly_mips
/Sly_mips64
/Sly_mpsl
/Sly_mipsel
/Sly_pcc
/Sly_ppc
/Sly_ppc2
/Sly_ppc440
/Sly_ppc440fp
/Sly_powerpc
/Sly_powerppc
/Sly_powerpc-440fp
/Sly_root
/Sly_root32
/Sly_sh
/Sly_sh4
/Sly_ssh4
/Sly_spc
/Sly_sparc
/Sly_x32
/Sly_x64
/Sly_x86
/Sly_x86_32
/Sly_x86_64
/arc.GHOUL
/arm.GHOUL
/arm4.GHOUL
/arm4l.GHOUL
/arm4t.GHOUL
/arm4tl.GHOUL
/arm4tll.GHOUL
/armv4.GHOUL
/armv4l.GHOUL
/arm5.GHOUL
/arm5l.GHOUL
/arm5n.GHOUL
/armv5l.GHOUL
/arm6.GHOUL
/arm6l.GHOUL
/armv6.GHOUL
/armv6l.GHOUL
/armv61.GHOUL
/arm64.GHOUL
/arm7.GHOUL
/arm7l.GHOUL
/armv7l.GHOUL
/arm8.GHOUL
/dbg.GHOUL
/exploit.GHOUL
/i4.GHOUL
/i6.GHOUL
/i486.GHOUL
/i586.GHOUL
/i686.GHOUL
/kill.GHOUL
/m68.GHOUL
/m68k.GHOUL
/mips.GHOUL
/mips64.GHOUL
/mpsl.GHOUL
/mipsel.GHOUL
/pcc.GHOUL
/ppc.GHOUL
/ppc2.GHOUL
/ppc440.GHOUL
/ppc440fp.GHOUL
/powerpc.GHOUL
/powerppc.GHOUL
/powerpc-440fp.GHOUL
/root.GHOUL
/root32.GHOUL
/sh.GHOUL
/sh4.GHOUL
/ssh4.GHOUL
/spc.GHOUL
/sparc.GHOUL
/x32.GHOUL
/x64.GHOUL
/x86.GHOUL
/x86_32.GHOUL
/x86_64.GHOUL
/GHOUL.arc
/GHOUL.arm
/GHOUL.arm4
/GHOUL.arm4l
/GHOUL.arm4t
/GHOUL.arm4tl
/GHOUL.arm4tll
/GHOUL.armv4
/GHOUL.armv4l
/GHOUL.arm5
/GHOUL.arm5l
/GHOUL.arm5n
/GHOUL.armv5l
/GHOUL.arm6
/GHOUL.arm6l
/GHOUL.arm64
/GHOUL.armv6
/GHOUL.armv6l
/GHOUL.armv61
/GHOUL.arm7
/GHOUL.arm7l
/GHOUL.armv7l
/GHOUL.arm8
/GHOUL.dbg
/GHOUL.exploit
/GHOUL.i4
/GHOUL.i6
/GHOUL.i486
/GHOUL.i586
/GHOUL.i686
/GHOUL.kill
/GHOUL.m68
/GHOUL.m68k
/GHOUL.mips
/GHOUL.mips64
/GHOUL.mpsl
/GHOUL.mipsel
/GHOUL.pcc
/GHOUL.ppc
/GHOUL.ppc2
/GHOUL.ppc440
/GHOUL.ppc440fp
/GHOUL.powerpc
/GHOUL.powerppc
/GHOUL.powerpc-440fp
/GHOUL.root
/GHOUL.root32
/GHOUL.sh
/GHOUL.sh4
/GHOUL.ssh4
/GHOUL.spc
/GHOUL.sparc
/GHOUL.x32
/GHOUL.x64
/GHOUL.x86
/GHOUL.x86_32
/GHOUL.x86_64
/arc.scheckiey
/arm.scheckiey
/arm4.scheckiey
/arm4l.scheckiey
/arm4t.scheckiey
/arm4tl.scheckiey
/arm4tll.scheckiey
/armv4.scheckiey
/armv4l.scheckiey
/arm5.scheckiey
/arm5l.scheckiey
/arm5n.scheckiey
/armv5l.scheckiey
/arm6.scheckiey
/arm6l.scheckiey
/armv6.scheckiey
/armv6l.scheckiey
/armv61.scheckiey
/arm64.scheckiey
/arm7.scheckiey
/arm7l.scheckiey
/armv7l.scheckiey
/arm8.scheckiey
/dbg.scheckiey
/exploit.scheckiey
/i4.scheckiey
/i6.scheckiey
/i486.scheckiey
/i586.scheckiey
/i686.scheckiey
/kill.scheckiey
/m68.scheckiey
/m68k.scheckiey
/mips.scheckiey
/mips64.scheckiey
/mpsl.scheckiey
/mipsel.scheckiey
/pcc.scheckiey
/ppc.scheckiey
/ppc2.scheckiey
/ppc440.scheckiey
/ppc440fp.scheckiey
/powerpc.scheckiey
/powerppc.scheckiey
/powerpc-440fp.scheckiey
/root.scheckiey
/root32.scheckiey
/sh.scheckiey
/sh4.scheckiey
/ssh4.scheckiey
/spc.scheckiey
/sparc.scheckiey
/x32.scheckiey
/x64.scheckiey
/x86.scheckiey
/x86_32.scheckiey
/x86_64.scheckiey
/scheckiey.arc
/scheckiey.arm
/scheckiey.arm4
/scheckiey.arm4l
/scheckiey.arm4t
/scheckiey.arm4tl
/scheckiey.arm4tll
/scheckiey.armv4
/scheckiey.armv4l
/scheckiey.arm5
/scheckiey.arm5l
/scheckiey.arm5n
/scheckiey.armv5l
/scheckiey.arm6
/scheckiey.arm6l
/scheckiey.arm64
/scheckiey.armv6
/scheckiey.armv6l
/scheckiey.armv61
/scheckiey.arm7
/scheckiey.arm7l
/scheckiey.armv7l
/scheckiey.arm8
/scheckiey.dbg
/scheckiey.exploit
/scheckiey.i4
/scheckiey.i6
/scheckiey.i486
/scheckiey.i586
/scheckiey.i686
/scheckiey.kill
/scheckiey.m68
/scheckiey.m68k
/scheckiey.mips
/scheckiey.mips64
/scheckiey.mpsl
/scheckiey.mipsel
/scheckiey.pcc
/scheckiey.ppc
/scheckiey.ppc2
/scheckiey.ppc440
/scheckiey.ppc440fp
/scheckiey.powerpc
/scheckiey.powerppc
/scheckiey.powerpc-440fp
/scheckiey.root
/scheckiey.root32
/scheckiey.sh
/scheckiey.sh4
/scheckiey.ssh4
/scheckiey.spc
/scheckiey.sparc
/scheckiey.x32
/scheckiey.x64
/scheckiey.x86
/scheckiey.x86_32
/scheckiey.x86_64
/arc.0s1s12
/arm.0s1s12
/arm4.0s1s12
/arm4l.0s1s12
/arm4t.0s1s12
/arm4tl.0s1s12
/arm4tll.0s1s12
/armv4.0s1s12
/armv4l.0s1s12
/arm5.0s1s12
/arm5l.0s1s12
/arm5n.0s1s12
/armv5l.0s1s12
/arm6.0s1s12
/arm6l.0s1s12
/armv6.0s1s12
/armv6l.0s1s12
/armv61.0s1s12
/arm64.0s1s12
/arm7.0s1s12
/arm7l.0s1s12
/armv7l.0s1s12
/arm8.0s1s12
/dbg.0s1s12
/exploit.0s1s12
/i4.0s1s12
/i6.0s1s12
/i486.0s1s12
/i586.0s1s12
/i686.0s1s12
/kill.0s1s12
/m68.0s1s12
/m68k.0s1s12
/mips.0s1s12
/mips64.0s1s12
/mpsl.0s1s12
/mipsel.0s1s12
/pcc.0s1s12
/ppc.0s1s12
/ppc2.0s1s12
/ppc440.0s1s12
/ppc440fp.0s1s12
/powerpc.0s1s12
/powerppc.0s1s12
/powerpc-440fp.0s1s12
/root.0s1s12
/root32.0s1s12
/sh.0s1s12
/sh4.0s1s12
/ssh4.0s1s12
/spc.0s1s12
/sparc.0s1s12
/x32.0s1s12
/x64.0s1s12
/x86.0s1s12
/x86_32.0s1s12
/x86_64.0s1s12
/0s1s12.arc
/0s1s12.arm
/0s1s12.arm4
/0s1s12.arm4l
/0s1s12.arm4t
/0s1s12.arm4tl
/0s1s12.arm4tll
/0s1s12.armv4
/0s1s12.armv4l
/0s1s12.arm5
/0s1s12.arm5l
/0s1s12.arm5n
/0s1s12.armv5l
/0s1s12.arm6
/0s1s12.arm6l
/0s1s12.arm64
/0s1s12.armv6
/0s1s12.armv6l
/0s1s12.armv61
/0s1s12.arm7
/0s1s12.arm7l
/0s1s12.armv7l
/0s1s12.arm8
/0s1s12.dbg
/0s1s12.exploit
/0s1s12.i4
/0s1s12.i6
/0s1s12.i486
/0s1s12.i586
/0s1s12.i686
/0s1s12.kill
/0s1s12.m68
/0s1s12.m68k
/0s1s12.mips
/0s1s12.mips64
/0s1s12.mpsl
/0s1s12.mipsel
/0s1s12.pcc
/0s1s12.ppc
/0s1s12.ppc2
/0s1s12.ppc440
/0s1s12.ppc440fp
/0s1s12.powerpc
/0s1s12.powerppc
/0s1s12.powerpc-440fp
/0s1s12.root
/0s1s12.root32
/0s1s12.sh
/0s1s12.sh4
/0s1s12.ssh4
/0s1s12.spc
/0s1s12.sparc
/0s1s12.x32
/0s1s12.x64
/0s1s12.x86
/0s1s12.x86_32
/0s1s12.x86_64
/arc.YGlux
/arm.YGlux
/arm4.YGlux
/arm4l.YGlux
/arm4t.YGlux
/arm4tl.YGlux
/arm4tll.YGlux
/armv4.YGlux
/armv4l.YGlux
/arm5.YGlux
/arm5l.YGlux
/arm5n.YGlux
/armv5l.YGlux
/arm6.YGlux
/arm6l.YGlux
/armv6.YGlux
/armv6l.YGlux
/armv61.YGlux
/arm64.YGlux
/arm7.YGlux
/arm7l.YGlux
/armv7l.YGlux
/arm8.YGlux
/dbg.YGlux
/exploit.YGlux
/i4.YGlux
/i6.YGlux
/i486.YGlux
/i586.YGlux
/i686.YGlux
/kill.YGlux
/m68.YGlux
/m68k.YGlux
/mips.YGlux
/mips64.YGlux
/mpsl.YGlux
/mipsel.YGlux
/pcc.YGlux
/ppc.YGlux
/ppc2.YGlux
/ppc440.YGlux
/ppc440fp.YGlux
/powerpc.YGlux
/powerppc.YGlux
/powerpc-440fp.YGlux
/root.YGlux
/root32.YGlux
/sh.YGlux
/sh4.YGlux
/ssh4.YGlux
/spc.YGlux
/sparc.YGlux
/x32.YGlux
/x64.YGlux
/x86.YGlux
/x86_32.YGlux
/x86_64.YGlux
/YGlux.arc
/YGlux.arm
/YGlux.arm4
/YGlux.arm4l
/YGlux.arm4t
/YGlux.arm4tl
/YGlux.arm4tll
/YGlux.armv4
/YGlux.armv4l
/YGlux.arm5
/YGlux.arm5l
/YGlux.arm5n
/YGlux.armv5l
/YGlux.arm6
/YGlux.arm6l
/YGlux.arm64
/YGlux.armv6
/YGlux.armv6l
/YGlux.armv61
/YGlux.arm7
/YGlux.arm7l
/YGlux.armv7l
/YGlux.arm8
/YGlux.dbg
/YGlux.exploit
/YGlux.i4
/YGlux.i6
/YGlux.i486
/YGlux.i586
/YGlux.i686
/YGlux.kill
/YGlux.m68
/YGlux.m68k
/YGlux.mips
/YGlux.mips64
/YGlux.mpsl
/YGlux.mipsel
/YGlux.pcc
/YGlux.ppc
/YGlux.ppc2
/YGlux.ppc440
/YGlux.ppc440fp
/YGlux.powerpc
/YGlux.powerppc
/YGlux.powerpc-440fp
/YGlux.root
/YGlux.root32
/YGlux.sh
/YGlux.sh4
/YGlux.ssh4
/YGlux.spc
/YGlux.sparc
/YGlux.x32
/YGlux.x64
/YGlux.x86
/YGlux.x86_32
/YGlux.x86_64
/arc.gang123isgodloluaintgettingthesebinslikedammwtf
/arm.gang123isgodloluaintgettingthesebinslikedammwtf
/arm4.gang123isgodloluaintgettingthesebinslikedammwtf
/arm4l.gang123isgodloluaintgettingthesebinslikedammwtf
/arm4t.gang123isgodloluaintgettingthesebinslikedammwtf
/arm4tl.gang123isgodloluaintgettingthesebinslikedammwtf
/arm4tll.gang123isgodloluaintgettingthesebinslikedammwtf
/armv4.gang123isgodloluaintgettingthesebinslikedammwtf
/armv4l.gang123isgodloluaintgettingthesebinslikedammwtf
/arm5.gang123isgodloluaintgettingthesebinslikedammwtf
/arm5l.gang123isgodloluaintgettingthesebinslikedammwtf
/arm5n.gang123isgodloluaintgettingthesebinslikedammwtf
/armv5l.gang123isgodloluaintgettingthesebinslikedammwtf
/arm6.gang123isgodloluaintgettingthesebinslikedammwtf
/arm6l.gang123isgodloluaintgettingthesebinslikedammwtf
/armv6.gang123isgodloluaintgettingthesebinslikedammwtf
/armv6l.gang123isgodloluaintgettingthesebinslikedammwtf
/armv61.gang123isgodloluaintgettingthesebinslikedammwtf
/arm64.gang123isgodloluaintgettingthesebinslikedammwtf
/arm7.gang123isgodloluaintgettingthesebinslikedammwtf
/arm7l.gang123isgodloluaintgettingthesebinslikedammwtf
/armv7l.gang123isgodloluaintgettingthesebinslikedammwtf
/arm8.gang123isgodloluaintgettingthesebinslikedammwtf
/dbg.gang123isgodloluaintgettingthesebinslikedammwtf
/exploit.gang123isgodloluaintgettingthesebinslikedammwtf
/i4.gang123isgodloluaintgettingthesebinslikedammwtf
/i6.gang123isgodloluaintgettingthesebinslikedammwtf
/i486.gang123isgodloluaintgettingthesebinslikedammwtf
/i586.gang123isgodloluaintgettingthesebinslikedammwtf
/i686.gang123isgodloluaintgettingthesebinslikedammwtf
/kill.gang123isgodloluaintgettingthesebinslikedammwtf
/m68.gang123isgodloluaintgettingthesebinslikedammwtf
/m68k.gang123isgodloluaintgettingthesebinslikedammwtf
/mips.gang123isgodloluaintgettingthesebinslikedammwtf
/mips64.gang123isgodloluaintgettingthesebinslikedammwtf
/mpsl.gang123isgodloluaintgettingthesebinslikedammwtf
/mipsel.gang123isgodloluaintgettingthesebinslikedammwtf
/pcc.gang123isgodloluaintgettingthesebinslikedammwtf
/ppc.gang123isgodloluaintgettingthesebinslikedammwtf
/ppc2.gang123isgodloluaintgettingthesebinslikedammwtf
/ppc440.gang123isgodloluaintgettingthesebinslikedammwtf
/ppc440fp.gang123isgodloluaintgettingthesebinslikedammwtf
/powerpc.gang123isgodloluaintgettingthesebinslikedammwtf
/powerppc.gang123isgodloluaintgettingthesebinslikedammwtf
/powerpc-440fp.gang123isgodloluaintgettingthesebinslikedammwtf
/root.gang123isgodloluaintgettingthesebinslikedammwtf
/root32.gang123isgodloluaintgettingthesebinslikedammwtf
/sh.gang123isgodloluaintgettingthesebinslikedammwtf
/sh4.gang123isgodloluaintgettingthesebinslikedammwtf
/ssh4.gang123isgodloluaintgettingthesebinslikedammwtf
/spc.gang123isgodloluaintgettingthesebinslikedammwtf
/sparc.gang123isgodloluaintgettingthesebinslikedammwtf
/x32.gang123isgodloluaintgettingthesebinslikedammwtf
/x64.gang123isgodloluaintgettingthesebinslikedammwtf
/x86.gang123isgodloluaintgettingthesebinslikedammwtf
/x86_32.gang123isgodloluaintgettingthesebinslikedammwtf
/x86_64.gang123isgodloluaintgettingthesebinslikedammwtf
/gang123isgodloluaintgettingthesebinslikedammwtf.arc
/gang123isgodloluaintgettingthesebinslikedammwtf.arm
/gang123isgodloluaintgettingthesebinslikedammwtf.arm4
/gang123isgodloluaintgettingthesebinslikedammwtf.arm4l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm4t
/gang123isgodloluaintgettingthesebinslikedammwtf.arm4tl
/gang123isgodloluaintgettingthesebinslikedammwtf.arm4tll
/gang123isgodloluaintgettingthesebinslikedammwtf.armv4
/gang123isgodloluaintgettingthesebinslikedammwtf.armv4l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm5
/gang123isgodloluaintgettingthesebinslikedammwtf.arm5l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm5n
/gang123isgodloluaintgettingthesebinslikedammwtf.armv5l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm6
/gang123isgodloluaintgettingthesebinslikedammwtf.arm6l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm64
/gang123isgodloluaintgettingthesebinslikedammwtf.armv6
/gang123isgodloluaintgettingthesebinslikedammwtf.armv6l
/gang123isgodloluaintgettingthesebinslikedammwtf.armv61
/gang123isgodloluaintgettingthesebinslikedammwtf.arm7
/gang123isgodloluaintgettingthesebinslikedammwtf.arm7l
/gang123isgodloluaintgettingthesebinslikedammwtf.armv7l
/gang123isgodloluaintgettingthesebinslikedammwtf.arm8
/gang123isgodloluaintgettingthesebinslikedammwtf.dbg
/gang123isgodloluaintgettingthesebinslikedammwtf.exploit
/gang123isgodloluaintgettingthesebinslikedammwtf.i4
/gang123isgodloluaintgettingthesebinslikedammwtf.i6
/gang123isgodloluaintgettingthesebinslikedammwtf.i486
/gang123isgodloluaintgettingthesebinslikedammwtf.i586
/gang123isgodloluaintgettingthesebinslikedammwtf.i686
/gang123isgodloluaintgettingthesebinslikedammwtf.kill
/gang123isgodloluaintgettingthesebinslikedammwtf.m68
/gang123isgodloluaintgettingthesebinslikedammwtf.m68k
/gang123isgodloluaintgettingthesebinslikedammwtf.mips
/gang123isgodloluaintgettingthesebinslikedammwtf.mips64
/gang123isgodloluaintgettingthesebinslikedammwtf.mpsl
/gang123isgodloluaintgettingthesebinslikedammwtf.mipsel
/gang123isgodloluaintgettingthesebinslikedammwtf.pcc
/gang123isgodloluaintgettingthesebinslikedammwtf.ppc
/gang123isgodloluaintgettingthesebinslikedammwtf.ppc2
/gang123isgodloluaintgettingthesebinslikedammwtf.ppc440
/gang123isgodloluaintgettingthesebinslikedammwtf.ppc440fp
/gang123isgodloluaintgettingthesebinslikedammwtf.powerpc
/gang123isgodloluaintgettingthesebinslikedammwtf.powerppc
/gang123isgodloluaintgettingthesebinslikedammwtf.powerpc-440fp
/gang123isgodloluaintgettingthesebinslikedammwtf.root
/gang123isgodloluaintgettingthesebinslikedammwtf.root32
/gang123isgodloluaintgettingthesebinslikedammwtf.sh
/gang123isgodloluaintgettingthesebinslikedammwtf.sh4
/gang123isgodloluaintgettingthesebinslikedammwtf.ssh4
/gang123isgodloluaintgettingthesebinslikedammwtf.spc
/gang123isgodloluaintgettingthesebinslikedammwtf.sparc
/gang123isgodloluaintgettingthesebinslikedammwtf.x32
/gang123isgodloluaintgettingthesebinslikedammwtf.x64
/gang123isgodloluaintgettingthesebinslikedammwtf.x86
/gang123isgodloluaintgettingthesebinslikedammwtf.x86_32
/gang123isgodloluaintgettingthesebinslikedammwtf.x86_64
/arc.h04sm4d
/arm.h04sm4d
/arm4.h04sm4d
/arm4l.h04sm4d
/arm4t.h04sm4d
/arm4tl.h04sm4d
/arm4tll.h04sm4d
/armv4.h04sm4d
/armv4l.h04sm4d
/arm5.h04sm4d
/arm5l.h04sm4d
/arm5n.h04sm4d
/armv5l.h04sm4d
/arm6.h04sm4d
/arm6l.h04sm4d
/armv6.h04sm4d
/armv6l.h04sm4d
/armv61.h04sm4d
/arm64.h04sm4d
/arm7.h04sm4d
/arm7l.h04sm4d
/armv7l.h04sm4d
/arm8.h04sm4d
/dbg.h04sm4d
/exploit.h04sm4d
/i4.h04sm4d
/i6.h04sm4d
/i486.h04sm4d
/i586.h04sm4d
/i686.h04sm4d
/kill.h04sm4d
/m68.h04sm4d
/m68k.h04sm4d
/mips.h04sm4d
/mips64.h04sm4d
/mpsl.h04sm4d
/mipsel.h04sm4d
/pcc.h04sm4d
/ppc.h04sm4d
/ppc2.h04sm4d
/ppc440.h04sm4d
/ppc440fp.h04sm4d
/powerpc.h04sm4d
/powerppc.h04sm4d
/powerpc-440fp.h04sm4d
/root.h04sm4d
/root32.h04sm4d
/sh.h04sm4d
/sh4.h04sm4d
/ssh4.h04sm4d
/spc.h04sm4d
/sparc.h04sm4d
/x32.h04sm4d
/x64.h04sm4d
/x86.h04sm4d
/x86_32.h04sm4d
/x86_64.h04sm4d
/h04sm4d.arc
/h04sm4d.arm
/h04sm4d.arm4
/h04sm4d.arm4l
/h04sm4d.arm4t
/h04sm4d.arm4tl
/h04sm4d.arm4tll
/h04sm4d.armv4
/h04sm4d.armv4l
/h04sm4d.arm5
/h04sm4d.arm5l
/h04sm4d.arm5n
/h04sm4d.armv5l
/h04sm4d.arm6
/h04sm4d.arm6l
/h04sm4d.arm64
/h04sm4d.armv6
/h04sm4d.armv6l
/h04sm4d.armv61
/h04sm4d.arm7
/h04sm4d.arm7l
/h04sm4d.armv7l
/h04sm4d.arm8
/h04sm4d.dbg
/h04sm4d.exploit
/h04sm4d.i4
/h04sm4d.i6
/h04sm4d.i486
/h04sm4d.i586
/h04sm4d.i686
/h04sm4d.kill
/h04sm4d.m68
/h04sm4d.m68k
/h04sm4d.mips
/h04sm4d.mips64
/h04sm4d.mpsl
/h04sm4d.mipsel
/h04sm4d.pcc
/h04sm4d.ppc
/h04sm4d.ppc2
/h04sm4d.ppc440
/h04sm4d.ppc440fp
/h04sm4d.powerpc
/h04sm4d.powerppc
/h04sm4d.powerpc-440fp
/h04sm4d.root
/h04sm4d.root32
/h04sm4d.sh
/h04sm4d.sh4
/h04sm4d.ssh4
/h04sm4d.spc
/h04sm4d.sparc
/h04sm4d.x32
/h04sm4d.x64
/h04sm4d.x86
/h04sm4d.x86_32
/h04sm4d.x86_64

# Reference: https://twitter.com/bad_packets/status/1237992087871574016

/arc.Kira
/arm.Kira
/arm4.Kira
/arm4l.Kira
/arm4t.Kira
/arm4tl.Kira
/arm4tll.Kira
/armv4.Kira
/armv4l.Kira
/arm5.Kira
/arm5l.Kira
/arm5n.Kira
/armv5l.Kira
/arm6.Kira
/arm6l.Kira
/armv6.Kira
/armv6l.Kira
/armv61.Kira
/arm64.Kira
/arm7.Kira
/arm7l.Kira
/armv7l.Kira
/arm8.Kira
/dbg.Kira
/exploit.Kira
/i4.Kira
/i6.Kira
/i486.Kira
/i586.Kira
/i686.Kira
/kill.Kira
/m68.Kira
/m68k.Kira
/mips.Kira
/mips64.Kira
/mpsl.Kira
/mipsel.Kira
/pcc.Kira
/ppc.Kira
/ppc2.Kira
/ppc440.Kira
/ppc440fp.Kira
/powerpc.Kira
/powerppc.Kira
/powerpc-440fp.Kira
/root.Kira
/root32.Kira
/sh.Kira
/sh4.Kira
/ssh4.Kira
/spc.Kira
/sparc.Kira
/x32.Kira
/x64.Kira
/x86.Kira
/x86_32.Kira
/x86_64.Kira
/Kira.arc
/Kira.arm
/Kira.arm4
/Kira.arm4l
/Kira.arm4t
/Kira.arm4tl
/Kira.arm4tll
/Kira.armv4
/Kira.armv4l
/Kira.arm5
/Kira.arm5l
/Kira.arm5n
/Kira.armv5l
/Kira.arm6
/Kira.arm6l
/Kira.arm64
/Kira.armv6
/Kira.armv6l
/Kira.armv61
/Kira.arm7
/Kira.arm7l
/Kira.armv7l
/Kira.arm8
/Kira.dbg
/Kira.exploit
/Kira.i4
/Kira.i6
/Kira.i486
/Kira.i586
/Kira.i686
/Kira.kill
/Kira.m68
/Kira.m68k
/Kira.mips
/Kira.mips64
/Kira.mpsl
/Kira.mipsel
/Kira.pcc
/Kira.ppc
/Kira.ppc2
/Kira.ppc440
/Kira.ppc440fp
/Kira.powerpc
/Kira.powerppc
/Kira.powerpc-440fp
/Kira.root
/Kira.root32
/Kira.sh
/Kira.sh4
/Kira.ssh4
/Kira.spc
/Kira.sparc
/Kira.x32
/Kira.x64
/Kira.x86
/Kira.x86_32
/Kira.x86_64

# Reference: https://twitter.com/0xrb/status/1237983250129154048

/arc.forehead
/arm.forehead
/arm4.forehead
/arm4l.forehead
/arm4t.forehead
/arm4tl.forehead
/arm4tll.forehead
/armv4.forehead
/armv4l.forehead
/arm5.forehead
/arm5l.forehead
/arm5n.forehead
/armv5l.forehead
/arm6.forehead
/arm6l.forehead
/armv6.forehead
/armv6l.forehead
/armv61.forehead
/arm64.forehead
/arm7.forehead
/arm7l.forehead
/armv7l.forehead
/arm8.forehead
/dbg.forehead
/exploit.forehead
/i4.forehead
/i6.forehead
/i486.forehead
/i586.forehead
/i686.forehead
/kill.forehead
/m68.forehead
/m68k.forehead
/mips.forehead
/mips64.forehead
/mpsl.forehead
/mipsel.forehead
/pcc.forehead
/ppc.forehead
/ppc2.forehead
/ppc440.forehead
/ppc440fp.forehead
/powerpc.forehead
/powerppc.forehead
/powerpc-440fp.forehead
/root.forehead
/root32.forehead
/sh.forehead
/sh4.forehead
/ssh4.forehead
/spc.forehead
/sparc.forehead
/x32.forehead
/x64.forehead
/x86.forehead
/x86_32.forehead
/x86_64.forehead
/forehead.arc
/forehead.arm
/forehead.arm4
/forehead.arm4l
/forehead.arm4t
/forehead.arm4tl
/forehead.arm4tll
/forehead.armv4
/forehead.armv4l
/forehead.arm5
/forehead.arm5l
/forehead.arm5n
/forehead.armv5l
/forehead.arm6
/forehead.arm6l
/forehead.arm64
/forehead.armv6
/forehead.armv6l
/forehead.armv61
/forehead.arm7
/forehead.arm7l
/forehead.armv7l
/forehead.arm8
/forehead.dbg
/forehead.exploit
/forehead.i4
/forehead.i6
/forehead.i486
/forehead.i586
/forehead.i686
/forehead.kill
/forehead.m68
/forehead.m68k
/forehead.mips
/forehead.mips64
/forehead.mpsl
/forehead.mipsel
/forehead.pcc
/forehead.ppc
/forehead.ppc2
/forehead.ppc440
/forehead.ppc440fp
/forehead.powerpc
/forehead.powerppc
/forehead.powerpc-440fp
/forehead.root
/forehead.root32
/forehead.sh
/forehead.sh4
/forehead.ssh4
/forehead.spc
/forehead.sparc
/forehead.x32
/forehead.x64
/forehead.x86
/forehead.x86_32
/forehead.x86_64

# Reference: https://unit42.paloaltonetworks.com/new-mirai-variant-mukashi/
# Reference: https://www.virustotal.com/gui/ip-address/45.84.196.75/relations

45.84.196.75:34834
45.84.196.75:4864
/arc.corona
/arm.corona
/arm4.corona
/arm4l.corona
/arm4t.corona
/arm4tl.corona
/arm4tll.corona
/arm5.corona
/arm5l.corona
/arm5n.corona
/arm6.corona
/arm64.corona
/arm6l.corona
/arm7.corona
/arm7l.corona
/arm8.corona
/armv4.corona
/armv4l.corona
/armv5l.corona
/armv6.corona
/armv61.corona
/armv6l.corona
/armv7l.corona
/dbg.corona
/exploit.corona
/i4.corona
/i486.corona
/i586.corona
/i6.corona
/i686.corona
/kill.corona
/m68.corona
/m68k.corona
/mips.corona
/mips64.corona
/mipsel.corona
/mpsl.corona
/pcc.corona
/powerpc-440fp.corona
/powerpc.corona
/powerppc.corona
/ppc.corona
/ppc2.corona
/ppc440.corona
/ppc440fp.corona
/root.corona
/root32.corona
/sh.corona
/sh4.corona
/sparc.corona
/spc.corona
/ssh4.corona
/x32.corona
/x64.corona
/x86.corona
/x86_32.corona
/x86_64.corona
/arc.kawaii
/arm.kawaii
/arm4.kawaii
/arm4l.kawaii
/arm4t.kawaii
/arm4tl.kawaii
/arm4tll.kawaii
/arm5.kawaii
/arm5l.kawaii
/arm5n.kawaii
/arm6.kawaii
/arm64.kawaii
/arm6l.kawaii
/arm7.kawaii
/arm7l.kawaii
/arm8.kawaii
/armv4.kawaii
/armv4l.kawaii
/armv5l.kawaii
/armv6.kawaii
/armv61.kawaii
/armv6l.kawaii
/armv7l.kawaii
/dbg.kawaii
/exploit.kawaii
/i4.kawaii
/i486.kawaii
/i586.kawaii
/i6.kawaii
/i686.kawaii
/kill.kawaii
/m68.kawaii
/m68k.kawaii
/mips.kawaii
/mips64.kawaii
/mipsel.kawaii
/mpsl.kawaii
/pcc.kawaii
/powerpc.kawaii
/powerpc-440fp.kawaii
/powerppc.kawaii
/ppc.kawaii
/ppc2.kawaii
/ppc440.kawaii
/ppc440fp.kawaii
/root.kawaii
/root32.kawaii
/sh.kawaii
/sh4.kawaii
/sparc.kawaii
/spc.kawaii
/ssh4.kawaii
/x32.kawaii
/x64.kawaii
/x86.kawaii
/x86_32.kawaii
/x86_64.kawaii
/kawaii.arc
/kawaii.arm
/kawaii.arm4
/kawaii.arm4l
/kawaii.arm4t
/kawaii.arm4tl
/kawaii.arm4tll
/kawaii.armv4
/kawaii.armv4l
/kawaii.arm5
/kawaii.arm5l
/kawaii.arm5n
/kawaii.armv5l
/kawaii.arm6
/kawaii.arm6l
/kawaii.arm64
/kawaii.armv6
/kawaii.armv6l
/kawaii.armv61
/kawaii.arm7
/kawaii.arm7l
/kawaii.armv7l
/kawaii.arm8
/kawaii.dbg
/kawaii.exploit
/kawaii.i4
/kawaii.i6
/kawaii.i486
/kawaii.i586
/kawaii.i686
/kawaii.kill
/kawaii.m68
/kawaii.m68k
/kawaii.mips
/kawaii.mips64
/kawaii.mpsl
/kawaii.mipsel
/kawaii.pcc
/kawaii.ppc
/kawaii.ppc2
/kawaii.ppc440
/kawaii.ppc440fp
/kawaii.powerpc
/kawaii.powerppc
/kawaii.powerpc-440fp
/kawaii.root
/kawaii.root32
/kawaii.sh
/kawaii.sh4
/kawaii.ssh4
/kawaii.spc
/kawaii.sparc
/kawaii.x32
/kawaii.x64
/kawaii.x86
/kawaii.x86_32
/kawaii.x86_64

# Reference: https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day-en/

45.10.90.89:61002

# Reference: https://twitter.com/bad_packets/status/1242518187788226560

lol.tf
/eRrlQF1.botnet
/arc.botnet
/arm.botnet
/arm4.botnet
/arm4l.botnet
/arm4t.botnet
/arm4tl.botnet
/arm4tll.botnet
/arm5.botnet
/arm5l.botnet
/arm5n.botnet
/arm6.botnet
/arm64.botnet
/arm6l.botnet
/arm7.botnet
/arm7l.botnet
/arm8.botnet
/armv4.botnet
/armv4l.botnet
/armv5l.botnet
/armv6.botnet
/armv61.botnet
/armv6l.botnet
/armv7l.botnet
/dbg.botnet
/exploit.botnet
/i4.botnet
/i486.botnet
/i586.botnet
/i6.botnet
/i686.botnet
/kill.botnet
/m68.botnet
/m68k.botnet
/mips.botnet
/mips64.botnet
/mipsel.botnet
/mpsl.botnet
/pcc.botnet
/powerpc-440fp.botnet
/powerpc.botnet
/powerppc.botnet
/ppc.botnet
/ppc2.botnet
/ppc440.botnet
/ppc440fp.botnet
/root.botnet
/root32.botnet
/sh.botnet
/sh4.botnet
/sparc.botnet
/spc.botnet
/ssh4.botnet
/x32.botnet
/x64.botnet
/x86.botnet
/x86_32.botnet
/x86_64.botnet

# Reference: https://twitter.com/0xrb/status/1242719928848797698

/bomba.arc
/bomba.arm
/bomba.arm4
/bomba.arm4l
/bomba.arm4t
/bomba.arm4tl
/bomba.arm4tll
/bomba.arm5
/bomba.arm5l
/bomba.arm5n
/bomba.arm6
/bomba.arm64
/bomba.arm6l
/bomba.arm7
/bomba.arm7l
/bomba.arm8
/bomba.armv4
/bomba.armv4l
/bomba.armv5l
/bomba.armv6
/bomba.armv61
/bomba.armv6l
/bomba.armv7l
/bomba.dbg
/bomba.exploit
/bomba.i4
/bomba.i486
/bomba.i586
/bomba.i6
/bomba.i686
/bomba.kill
/bomba.m68
/bomba.m68k
/bomba.mips
/bomba.mips64
/bomba.mipsel
/bomba.mpsl
/bomba.pcc
/bomba.powerpc
/bomba.powerpc-440fp
/bomba.powerppc
/bomba.ppc
/bomba.ppc2
/bomba.ppc440
/bomba.ppc440fp
/bomba.root
/bomba.root32
/bomba.sh
/bomba.sh4
/bomba.sparc
/bomba.spc
/bomba.ssh4
/bomba.x32
/bomba.x64
/bomba.x86
/bomba.x86_32
/bomba.x86_64
/covid.arc
/covid.arm
/covid.arm4
/covid.arm4l
/covid.arm4t
/covid.arm4tl
/covid.arm4tll
/covid.arm5
/covid.arm5l
/covid.arm5n
/covid.arm6
/covid.arm64
/covid.arm6l
/covid.arm7
/covid.arm7l
/covid.arm8
/covid.armv4
/covid.armv4l
/covid.armv5l
/covid.armv6
/covid.armv61
/covid.armv6l
/covid.armv7l
/covid.dbg
/covid.exploit
/covid.i4
/covid.i486
/covid.i586
/covid.i6
/covid.i686
/covid.kill
/covid.m68
/covid.m68k
/covid.mips
/covid.mips64
/covid.mipsel
/covid.mpsl
/covid.pcc
/covid.powerpc
/covid.powerpc-440fp
/covid.powerppc
/covid.ppc
/covid.ppc2
/covid.ppc440
/covid.ppc440fp
/covid.root
/covid.root32
/covid.sh
/covid.sh4
/covid.sparc
/covid.spc
/covid.ssh4
/covid.x32
/covid.x64
/covid.x86
/covid.x86_32
/covid.x86_64
/jKira.arc
/jKira.arm
/jKira.arm4
/jKira.arm4l
/jKira.arm4t
/jKira.arm4tl
/jKira.arm4tll
/jKira.arm5
/jKira.arm5l
/jKira.arm5n
/jKira.arm6
/jKira.arm64
/jKira.arm6l
/jKira.arm7
/jKira.arm7l
/jKira.arm8
/jKira.armv4
/jKira.armv4l
/jKira.armv5l
/jKira.armv6
/jKira.armv61
/jKira.armv6l
/jKira.armv7l
/jKira.dbg
/jKira.exploit
/jKira.i4
/jKira.i486
/jKira.i586
/jKira.i6
/jKira.i686
/jKira.kill
/jKira.m68
/jKira.m68k
/jKira.mips
/jKira.mips64
/jKira.mipsel
/jKira.mpsl
/jKira.pcc
/jKira.powerpc
/jKira.powerpc-440fp
/jKira.powerppc
/jKira.ppc
/jKira.ppc2
/jKira.ppc440
/jKira.ppc440fp
/jKira.root
/jKira.root32
/jKira.sh
/jKira.sh4
/jKira.sparc
/jKira.spc
/jKira.ssh4
/jKira.x32
/jKira.x64
/jKira.x86
/jKira.x86_32
/jKira.x86_64
/suckukinjereeeettttttt.arc
/suckukinjereeeettttttt.arm
/suckukinjereeeettttttt.arm4
/suckukinjereeeettttttt.arm4l
/suckukinjereeeettttttt.arm4t
/suckukinjereeeettttttt.arm4tl
/suckukinjereeeettttttt.arm4tll
/suckukinjereeeettttttt.arm5
/suckukinjereeeettttttt.arm5l
/suckukinjereeeettttttt.arm5n
/suckukinjereeeettttttt.arm6
/suckukinjereeeettttttt.arm64
/suckukinjereeeettttttt.arm6l
/suckukinjereeeettttttt.arm7
/suckukinjereeeettttttt.arm7l
/suckukinjereeeettttttt.arm8
/suckukinjereeeettttttt.armv4
/suckukinjereeeettttttt.armv4l
/suckukinjereeeettttttt.armv5l
/suckukinjereeeettttttt.armv6
/suckukinjereeeettttttt.armv61
/suckukinjereeeettttttt.armv6l
/suckukinjereeeettttttt.armv7l
/suckukinjereeeettttttt.dbg
/suckukinjereeeettttttt.exploit
/suckukinjereeeettttttt.i4
/suckukinjereeeettttttt.i486
/suckukinjereeeettttttt.i586
/suckukinjereeeettttttt.i6
/suckukinjereeeettttttt.i686
/suckukinjereeeettttttt.kill
/suckukinjereeeettttttt.m68
/suckukinjereeeettttttt.m68k
/suckukinjereeeettttttt.mips
/suckukinjereeeettttttt.mips64
/suckukinjereeeettttttt.mipsel
/suckukinjereeeettttttt.mpsl
/suckukinjereeeettttttt.pcc
/suckukinjereeeettttttt.powerpc
/suckukinjereeeettttttt.powerpc-440fp
/suckukinjereeeettttttt.powerppc
/suckukinjereeeettttttt.ppc
/suckukinjereeeettttttt.ppc2
/suckukinjereeeettttttt.ppc440
/suckukinjereeeettttttt.ppc440fp
/suckukinjereeeettttttt.root
/suckukinjereeeettttttt.root32
/suckukinjereeeettttttt.sh
/suckukinjereeeettttttt.sh4
/suckukinjereeeettttttt.sparc
/suckukinjereeeettttttt.spc
/suckukinjereeeettttttt.ssh4
/suckukinjereeeettttttt.x32
/suckukinjereeeettttttt.x64
/suckukinjereeeettttttt.x86
/suckukinjereeeettttttt.x86_32
/suckukinjereeeettttttt.x86_64
/tbox.arc
/tbox.arm
/tbox.arm4
/tbox.arm4l
/tbox.arm4t
/tbox.arm4tl
/tbox.arm4tll
/tbox.arm5
/tbox.arm5l
/tbox.arm5n
/tbox.arm6
/tbox.arm64
/tbox.arm6l
/tbox.arm7
/tbox.arm7l
/tbox.arm8
/tbox.armv4
/tbox.armv4l
/tbox.armv5l
/tbox.armv6
/tbox.armv61
/tbox.armv6l
/tbox.armv7l
/tbox.dbg
/tbox.exploit
/tbox.i4
/tbox.i486
/tbox.i586
/tbox.i6
/tbox.i686
/tbox.kill
/tbox.m68
/tbox.m68k
/tbox.mips
/tbox.mips64
/tbox.mipsel
/tbox.mpsl
/tbox.pcc
/tbox.powerpc
/tbox.powerpc-440fp
/tbox.powerppc
/tbox.ppc
/tbox.ppc2
/tbox.ppc440
/tbox.ppc440fp
/tbox.root
/tbox.root32
/tbox.sh
/tbox.sh4
/tbox.sparc
/tbox.spc
/tbox.ssh4
/tbox.x32
/tbox.x64
/tbox.x86
/tbox.x86_32
/tbox.x86_64

# Reference: https://twitter.com/JayTHL/status/1242890029564858375

/nemesis.arc
/nemesis.arm
/nemesis.arm4
/nemesis.arm4l
/nemesis.arm4t
/nemesis.arm4tl
/nemesis.arm4tll
/nemesis.arm5
/nemesis.arm5l
/nemesis.arm5n
/nemesis.arm6
/nemesis.arm64
/nemesis.arm6l
/nemesis.arm7
/nemesis.arm7l
/nemesis.arm8
/nemesis.armv4
/nemesis.armv4l
/nemesis.armv5l
/nemesis.armv6
/nemesis.armv61
/nemesis.armv6l
/nemesis.armv7l
/nemesis.dbg
/nemesis.exploit
/nemesis.i4
/nemesis.i486
/nemesis.i586
/nemesis.i6
/nemesis.i686
/nemesis.kill
/nemesis.m68
/nemesis.m68k
/nemesis.mips
/nemesis.mips64
/nemesis.mipsel
/nemesis.mpsl
/nemesis.pcc
/nemesis.powerpc
/nemesis.powerpc-440fp
/nemesis.powerppc
/nemesis.ppc
/nemesis.ppc2
/nemesis.ppc440
/nemesis.ppc440fp
/nemesis.root
/nemesis.root32
/nemesis.sh
/nemesis.sh4
/nemesis.sparc
/nemesis.spc
/nemesis.ssh4
/nemesis.x32
/nemesis.x64
/nemesis.x86
/nemesis.x86_32
/nemesis.x86_64

# Reference: https://twitter.com/JayTHL/status/1243295553359884288

/a-r.m-4.GOOGLE
/a-r.m-5.GOOGLE
/a-r.m-6.GOOGLE
/a-r.m-7.GOOGLE
/i-4.8-6.GOOGLE
/i-5.8-6.GOOGLE
/i-6.8-6.GOOGLE
/m-6.8-k.GOOGLE
/m-i.p-s.GOOGLE
/m-p.s-l.GOOGLE
/p-p.c-.GOOGLE
/s-h.4-.GOOGLE
/x-3.2-.GOOGLE
/x-6.4-.GOOGLE
/x-8.6-.GOOGLE

# Reference: https://twitter.com/JayTHL/status/1243187653878657024
# Reference: https://pastebin.com/raw/jstA73mH
# Reference: https://tria.ge/220104-a4twsafeh8/behavioral1

54.37.79.0:666
/arc.keen.onion.1337
/arcle-hs38.keen.onion.1337
/arm.keen.onion.1337
/arm4.keen.onion.1337
/arm4l.keen.onion.1337
/arm4t.keen.onion.1337
/arm4tl.keen.onion.1337
/arm4tll.keen.onion.1337
/arm5.keen.onion.1337
/arm5l.keen.onion.1337
/arm5n.keen.onion.1337
/arm6.keen.onion.1337
/arm64.keen.onion.1337
/arm6l.keen.onion.1337
/arm7.keen.onion.1337
/arm7l.keen.onion.1337
/arm8.keen.onion.1337
/armv4.keen.onion.1337
/armv4l.keen.onion.1337
/armv5l.keen.onion.1337
/armv6.keen.onion.1337
/armv61.keen.onion.1337
/armv6l.keen.onion.1337
/armv7l.keen.onion.1337
/dbg.keen.onion.1337
/exploit.keen.onion.1337
/i4.keen.onion.1337
/i486.keen.onion.1337
/i586.keen.onion.1337
/i6.keen.onion.1337
/i686.keen.onion.1337
/kill.keen.onion.1337
/m68.keen.onion.1337
/m68k.keen.onion.1337
/mips.keen.onion.1337
/mips64.keen.onion.1337
/mipseb.keen.onion.1337
/mipsel.keen.onion.1337
/mpsl.keen.onion.1337
/pcc.keen.onion.1337
/powerpc.keen.onion.1337
/powerpc-440fp.keen.onion.1337
/powerppc.keen.onion.1337
/ppc.keen.onion.1337
/pp-c.keen.onion.1337
/ppc2.keen.onion.1337
/ppc440.keen.onion.1337
/ppc440fp.keen.onion.1337
/root.keen.onion.1337
/root32.keen.onion.1337
/sh.keen.onion.1337
/sh4.keen.onion.1337
/sparc.keen.onion.1337
/spc.keen.onion.1337
/ssh4.keen.onion.1337
/x32.keen.onion.1337
/x32_64.keen.onion.1337
/x64.keen.onion.1337
/x86.keen.onion.1337
/x86_32.keen.onion.1337
/x86_64.keen.onion.1337
/zte.keen.onion.1337
/SBIDIOT/
/EkSgbins.sh

# Reference: https://twitter.com/0xrb/status/1243439096086663168

cnc.uzavs.online
/arc.AthenaM
/arm.AthenaM
/arm4.AthenaM
/arm4l.AthenaM
/arm4t.AthenaM
/arm4tl.AthenaM
/arm4tll.AthenaM
/arm5.AthenaM
/arm5l.AthenaM
/arm5n.AthenaM
/arm6.AthenaM
/arm64.AthenaM
/arm6l.AthenaM
/arm7.AthenaM
/arm7l.AthenaM
/arm8.AthenaM
/armv4.AthenaM
/armv4l.AthenaM
/armv5l.AthenaM
/armv6.AthenaM
/armv61.AthenaM
/armv6l.AthenaM
/armv7l.AthenaM
/dbg.AthenaM
/exploit.AthenaM
/i4.AthenaM
/i486.AthenaM
/i586.AthenaM
/i6.AthenaM
/i686.AthenaM
/kill.AthenaM
/m68.AthenaM
/m68k.AthenaM
/mips.AthenaM
/mips64.AthenaM
/mipsel.AthenaM
/mpsl.AthenaM
/pcc.AthenaM
/powerpc-440fp.AthenaM
/powerpc.AthenaM
/powerppc.AthenaM
/ppc.AthenaM
/ppc2.AthenaM
/ppc440.AthenaM
/ppc440fp.AthenaM
/root.AthenaM
/root32.AthenaM
/sh.AthenaM
/sh4.AthenaM
/sparc.AthenaM
/spc.AthenaM
/ssh4.AthenaM
/x32.AthenaM
/x64.AthenaM
/x86.AthenaM
/x86_32.AthenaM
/x86_64.AthenaM
/AthenaM.arc
/AthenaM.arm
/AthenaM.arm4
/AthenaM.arm4l
/AthenaM.arm4t
/AthenaM.arm4tl
/AthenaM.arm4tll
/AthenaM.arm5
/AthenaM.arm5l
/AthenaM.arm5n
/AthenaM.arm6
/AthenaM.arm64
/AthenaM.arm6l
/AthenaM.arm7
/AthenaM.arm7l
/AthenaM.arm8
/AthenaM.armv4
/AthenaM.armv4l
/AthenaM.armv5l
/AthenaM.armv6
/AthenaM.armv61
/AthenaM.armv6l
/AthenaM.armv7l
/AthenaM.dbg
/AthenaM.exploit
/AthenaM.i4
/AthenaM.i486
/AthenaM.i586
/AthenaM.i6
/AthenaM.i686
/AthenaM.kill
/AthenaM.m68
/AthenaM.m68k
/AthenaM.mips
/AthenaM.mips64
/AthenaM.mipsel
/AthenaM.mpsl
/AthenaM.pcc
/AthenaM.powerpc
/AthenaM.powerpc-440fp
/AthenaM.powerppc
/AthenaM.ppc
/AthenaM.ppc2
/AthenaM.ppc440
/AthenaM.ppc440fp
/AthenaM.root
/AthenaM.root32
/AthenaM.sh
/AthenaM.sh4
/AthenaM.sparc
/AthenaM.spc
/AthenaM.ssh4
/AthenaM.x32
/AthenaM.x64
/AthenaM.x86
/AthenaM.x86_32
/AthenaM.x86_64
/arc.BackTrack
/arm.BackTrack
/arm4.BackTrack
/arm4l.BackTrack
/arm4t.BackTrack
/arm4tl.BackTrack
/arm4tll.BackTrack
/arm5.BackTrack
/arm5l.BackTrack
/arm5n.BackTrack
/arm6.BackTrack
/arm64.BackTrack
/arm6l.BackTrack
/arm7.BackTrack
/arm7l.BackTrack
/arm8.BackTrack
/armv4.BackTrack
/armv4l.BackTrack
/armv5l.BackTrack
/armv6.BackTrack
/armv61.BackTrack
/armv6l.BackTrack
/armv7l.BackTrack
/dbg.BackTrack
/exploit.BackTrack
/i4.BackTrack
/i486.BackTrack
/i586.BackTrack
/i6.BackTrack
/i686.BackTrack
/kill.BackTrack
/m68.BackTrack
/m68k.BackTrack
/mips.BackTrack
/mips64.BackTrack
/mipsel.BackTrack
/mpsl.BackTrack
/pcc.BackTrack
/powerpc-440fp.BackTrack
/powerpc.BackTrack
/powerppc.BackTrack
/ppc.BackTrack
/ppc2.BackTrack
/ppc440.BackTrack
/ppc440fp.BackTrack
/root.BackTrack
/root32.BackTrack
/sh.BackTrack
/sh4.BackTrack
/sparc.BackTrack
/spc.BackTrack
/ssh4.BackTrack
/x32.BackTrack
/x64.BackTrack
/x86.BackTrack
/x86_32.BackTrack
/x86_64.BackTrack
/BackTrack.arc
/BackTrack.arm
/BackTrack.arm4
/BackTrack.arm4l
/BackTrack.arm4t
/BackTrack.arm4tl
/BackTrack.arm4tll
/BackTrack.arm5
/BackTrack.arm5l
/BackTrack.arm5n
/BackTrack.arm6
/BackTrack.arm64
/BackTrack.arm6l
/BackTrack.arm7
/BackTrack.arm7l
/BackTrack.arm8
/BackTrack.armv4
/BackTrack.armv4l
/BackTrack.armv5l
/BackTrack.armv6
/BackTrack.armv61
/BackTrack.armv6l
/BackTrack.armv7l
/BackTrack.dbg
/BackTrack.exploit
/BackTrack.i4
/BackTrack.i486
/BackTrack.i586
/BackTrack.i6
/BackTrack.i686
/BackTrack.kill
/BackTrack.m68
/BackTrack.m68k
/BackTrack.mips
/BackTrack.mips64
/BackTrack.mipsel
/BackTrack.mpsl
/BackTrack.pcc
/BackTrack.powerpc
/BackTrack.powerpc-440fp
/BackTrack.powerppc
/BackTrack.ppc
/BackTrack.ppc2
/BackTrack.ppc440
/BackTrack.ppc440fp
/BackTrack.root
/BackTrack.root32
/BackTrack.sh
/BackTrack.sh4
/BackTrack.sparc
/BackTrack.spc
/BackTrack.ssh4
/BackTrack.x32
/BackTrack.x64
/BackTrack.x86
/BackTrack.x86_32
/BackTrack.x86_64
/arc.kbot
/arm.kbot
/arm4.kbot
/arm4l.kbot
/arm4t.kbot
/arm4tl.kbot
/arm4tll.kbot
/arm5.kbot
/arm5l.kbot
/arm5n.kbot
/arm6.kbot
/arm64.kbot
/arm6l.kbot
/arm7.kbot
/arm7l.kbot
/arm8.kbot
/armv4.kbot
/armv4l.kbot
/armv5l.kbot
/armv6.kbot
/armv61.kbot
/armv6l.kbot
/armv7l.kbot
/dbg.kbot
/exploit.kbot
/i4.kbot
/i486.kbot
/i586.kbot
/i6.kbot
/i686.kbot
/kill.kbot
/m68.kbot
/m68k.kbot
/mips.kbot
/mips64.kbot
/mipsel.kbot
/mpsl.kbot
/pcc.kbot
/powerpc-440fp.kbot
/powerpc.kbot
/powerppc.kbot
/ppc.kbot
/ppc2.kbot
/ppc440.kbot
/ppc440fp.kbot
/root.kbot
/root32.kbot
/sh.kbot
/sh4.kbot
/sparc.kbot
/spc.kbot
/ssh4.kbot
/x32.kbot
/x64.kbot
/x86.kbot
/x86_32.kbot
/x86_64.kbot
/kbot.arc
/kbot.arm
/kbot.arm4
/kbot.arm4l
/kbot.arm4t
/kbot.arm4tl
/kbot.arm4tll
/kbot.arm5
/kbot.arm5l
/kbot.arm5n
/kbot.arm6
/kbot.arm64
/kbot.arm6l
/kbot.arm7
/kbot.arm7l
/kbot.arm8
/kbot.armv4
/kbot.armv4l
/kbot.armv5l
/kbot.armv6
/kbot.armv61
/kbot.armv6l
/kbot.armv7l
/kbot.dbg
/kbot.exploit
/kbot.i4
/kbot.i486
/kbot.i586
/kbot.i6
/kbot.i686
/kbot.kill
/kbot.m68
/kbot.m68k
/kbot.mips
/kbot.mips64
/kbot.mipsel
/kbot.mpsl
/kbot.pcc
/kbot.powerpc
/kbot.powerpc-440fp
/kbot.powerppc
/kbot.ppc
/kbot.ppc2
/kbot.ppc440
/kbot.ppc440fp
/kbot.root
/kbot.root32
/kbot.sh
/kbot.sh4
/kbot.sparc
/kbot.spc
/kbot.ssh4
/kbot.x32
/kbot.x64
/kbot.x86
/kbot.x86_32
/kbot.x86_64
/arc.MiraiVariant
/arm.MiraiVariant
/arm4.MiraiVariant
/arm4l.MiraiVariant
/arm4t.MiraiVariant
/arm4tl.MiraiVariant
/arm4tll.MiraiVariant
/arm5.MiraiVariant
/arm5l.MiraiVariant
/arm5n.MiraiVariant
/arm6.MiraiVariant
/arm64.MiraiVariant
/arm6l.MiraiVariant
/arm7.MiraiVariant
/arm7l.MiraiVariant
/arm8.MiraiVariant
/armv4.MiraiVariant
/armv4l.MiraiVariant
/armv5l.MiraiVariant
/armv6.MiraiVariant
/armv61.MiraiVariant
/armv6l.MiraiVariant
/armv7l.MiraiVariant
/dbg.MiraiVariant
/exploit.MiraiVariant
/i4.MiraiVariant
/i486.MiraiVariant
/i586.MiraiVariant
/i6.MiraiVariant
/i686.MiraiVariant
/kill.MiraiVariant
/m68.MiraiVariant
/m68k.MiraiVariant
/mips.MiraiVariant
/mips64.MiraiVariant
/mipsel.MiraiVariant
/mpsl.MiraiVariant
/pcc.MiraiVariant
/powerpc-440fp.MiraiVariant
/powerpc.MiraiVariant
/powerppc.MiraiVariant
/ppc.MiraiVariant
/ppc2.MiraiVariant
/ppc440.MiraiVariant
/ppc440fp.MiraiVariant
/root.MiraiVariant
/root32.MiraiVariant
/sh.MiraiVariant
/sh4.MiraiVariant
/sparc.MiraiVariant
/spc.MiraiVariant
/ssh4.MiraiVariant
/x32.MiraiVariant
/x64.MiraiVariant
/x86.MiraiVariant
/x86_32.MiraiVariant
/x86_64.MiraiVariant
/MiraiVariant.arc
/MiraiVariant.arm
/MiraiVariant.arm4
/MiraiVariant.arm4l
/MiraiVariant.arm4t
/MiraiVariant.arm4tl
/MiraiVariant.arm4tll
/MiraiVariant.arm5
/MiraiVariant.arm5l
/MiraiVariant.arm5n
/MiraiVariant.arm6
/MiraiVariant.arm64
/MiraiVariant.arm6l
/MiraiVariant.arm7
/MiraiVariant.arm7l
/MiraiVariant.arm8
/MiraiVariant.armv4
/MiraiVariant.armv4l
/MiraiVariant.armv5l
/MiraiVariant.armv6
/MiraiVariant.armv61
/MiraiVariant.armv6l
/MiraiVariant.armv7l
/MiraiVariant.dbg
/MiraiVariant.exploit
/MiraiVariant.i4
/MiraiVariant.i486
/MiraiVariant.i586
/MiraiVariant.i6
/MiraiVariant.i686
/MiraiVariant.kill
/MiraiVariant.m68
/MiraiVariant.m68k
/MiraiVariant.mips
/MiraiVariant.mips64
/MiraiVariant.mipsel
/MiraiVariant.mpsl
/MiraiVariant.pcc
/MiraiVariant.powerpc
/MiraiVariant.powerpc-440fp
/MiraiVariant.powerppc
/MiraiVariant.ppc
/MiraiVariant.ppc2
/MiraiVariant.ppc440
/MiraiVariant.ppc440fp
/MiraiVariant.root
/MiraiVariant.root32
/MiraiVariant.sh
/MiraiVariant.sh4
/MiraiVariant.sparc
/MiraiVariant.spc
/MiraiVariant.ssh4
/MiraiVariant.x32
/MiraiVariant.x64
/MiraiVariant.x86
/MiraiVariant.x86_32
/MiraiVariant.x86_64
/arc.rapethemipcams
/arm.rapethemipcams
/arm4.rapethemipcams
/arm4l.rapethemipcams
/arm4t.rapethemipcams
/arm4tl.rapethemipcams
/arm4tll.rapethemipcams
/arm5.rapethemipcams
/arm5l.rapethemipcams
/arm5n.rapethemipcams
/arm6.rapethemipcams
/arm64.rapethemipcams
/arm6l.rapethemipcams
/arm7.rapethemipcams
/arm7l.rapethemipcams
/arm8.rapethemipcams
/armv4.rapethemipcams
/armv4l.rapethemipcams
/armv5l.rapethemipcams
/armv6.rapethemipcams
/armv61.rapethemipcams
/armv6l.rapethemipcams
/armv7l.rapethemipcams
/dbg.rapethemipcams
/exploit.rapethemipcams
/i4.rapethemipcams
/i486.rapethemipcams
/i586.rapethemipcams
/i6.rapethemipcams
/i686.rapethemipcams
/kill.rapethemipcams
/m68.rapethemipcams
/m68k.rapethemipcams
/mips.rapethemipcams
/mips64.rapethemipcams
/mipsel.rapethemipcams
/mpsl.rapethemipcams
/pcc.rapethemipcams
/powerpc-440fp.rapethemipcams
/powerpc.rapethemipcams
/powerppc.rapethemipcams
/ppc.rapethemipcams
/ppc2.rapethemipcams
/ppc440.rapethemipcams
/ppc440fp.rapethemipcams
/root.rapethemipcams
/root32.rapethemipcams
/sh.rapethemipcams
/sh4.rapethemipcams
/sparc.rapethemipcams
/spc.rapethemipcams
/ssh4.rapethemipcams
/x32.rapethemipcams
/x64.rapethemipcams
/x86.rapethemipcams
/x86_32.rapethemipcams
/x86_64.rapethemipcams
/rapethemipcams.arc
/rapethemipcams.arm
/rapethemipcams.arm4
/rapethemipcams.arm4l
/rapethemipcams.arm4t
/rapethemipcams.arm4tl
/rapethemipcams.arm4tll
/rapethemipcams.arm5
/rapethemipcams.arm5l
/rapethemipcams.arm5n
/rapethemipcams.arm6
/rapethemipcams.arm64
/rapethemipcams.arm6l
/rapethemipcams.arm7
/rapethemipcams.arm7l
/rapethemipcams.arm8
/rapethemipcams.armv4
/rapethemipcams.armv4l
/rapethemipcams.armv5l
/rapethemipcams.armv6
/rapethemipcams.armv61
/rapethemipcams.armv6l
/rapethemipcams.armv7l
/rapethemipcams.dbg
/rapethemipcams.exploit
/rapethemipcams.i4
/rapethemipcams.i486
/rapethemipcams.i586
/rapethemipcams.i6
/rapethemipcams.i686
/rapethemipcams.kill
/rapethemipcams.m68
/rapethemipcams.m68k
/rapethemipcams.mips
/rapethemipcams.mips64
/rapethemipcams.mipsel
/rapethemipcams.mpsl
/rapethemipcams.pcc
/rapethemipcams.powerpc
/rapethemipcams.powerpc-440fp
/rapethemipcams.powerppc
/rapethemipcams.ppc
/rapethemipcams.ppc2
/rapethemipcams.ppc440
/rapethemipcams.ppc440fp
/rapethemipcams.root
/rapethemipcams.root32
/rapethemipcams.sh
/rapethemipcams.sh4
/rapethemipcams.sparc
/rapethemipcams.spc
/rapethemipcams.ssh4
/rapethemipcams.x32
/rapethemipcams.x64
/rapethemipcams.x86
/rapethemipcams.x86_32
/rapethemipcams.x86_64
/arc.typpaostur
/arm.typpaostur
/arm4.typpaostur
/arm4l.typpaostur
/arm4t.typpaostur
/arm4tl.typpaostur
/arm4tll.typpaostur
/arm5.typpaostur
/arm5l.typpaostur
/arm5n.typpaostur
/arm6.typpaostur
/arm64.typpaostur
/arm6l.typpaostur
/arm7.typpaostur
/arm7l.typpaostur
/arm8.typpaostur
/armv4.typpaostur
/armv4l.typpaostur
/armv5l.typpaostur
/armv6.typpaostur
/armv61.typpaostur
/armv6l.typpaostur
/armv7l.typpaostur
/dbg.typpaostur
/exploit.typpaostur
/i4.typpaostur
/i486.typpaostur
/i586.typpaostur
/i6.typpaostur
/i686.typpaostur
/kill.typpaostur
/m68.typpaostur
/m68k.typpaostur
/mips.typpaostur
/mips64.typpaostur
/mipsel.typpaostur
/mpsl.typpaostur
/pcc.typpaostur
/powerpc-440fp.typpaostur
/powerpc.typpaostur
/powerppc.typpaostur
/ppc.typpaostur
/ppc2.typpaostur
/ppc440.typpaostur
/ppc440fp.typpaostur
/root.typpaostur
/root32.typpaostur
/sh.typpaostur
/sh4.typpaostur
/sparc.typpaostur
/spc.typpaostur
/ssh4.typpaostur
/x32.typpaostur
/x64.typpaostur
/x86.typpaostur
/x86_32.typpaostur
/x86_64.typpaostur

# Reference: https://www.virustotal.com/gui/ip-address/216.198.66.107/relations

216.198.66.107:2213
/arc.switchbladesq
/arm.switchbladesq
/arm4.switchbladesq
/arm4l.switchbladesq
/arm4t.switchbladesq
/arm4tl.switchbladesq
/arm4tll.switchbladesq
/arm5.switchbladesq
/arm5l.switchbladesq
/arm5n.switchbladesq
/arm6.switchbladesq
/arm64.switchbladesq
/arm6l.switchbladesq
/arm7.switchbladesq
/arm7l.switchbladesq
/arm8.switchbladesq
/armv4.switchbladesq
/armv4l.switchbladesq
/armv5l.switchbladesq
/armv6.switchbladesq
/armv61.switchbladesq
/armv6l.switchbladesq
/armv7l.switchbladesq
/dbg.switchbladesq
/exploit.switchbladesq
/i4.switchbladesq
/i486.switchbladesq
/i586.switchbladesq
/i6.switchbladesq
/i686.switchbladesq
/kill.switchbladesq
/m68.switchbladesq
/m68k.switchbladesq
/mips.switchbladesq
/mips64.switchbladesq
/mipsel.switchbladesq
/mpsl.switchbladesq
/pcc.switchbladesq
/powerpc-440fp.switchbladesq
/powerpc.switchbladesq
/powerppc.switchbladesq
/ppc.switchbladesq
/ppc2.switchbladesq
/ppc440.switchbladesq
/ppc440fp.switchbladesq
/root.switchbladesq
/root32.switchbladesq
/sh.switchbladesq
/sh4.switchbladesq
/sparc.switchbladesq
/spc.switchbladesq
/ssh4.switchbladesq
/x32.switchbladesq
/x64.switchbladesq
/x86.switchbladesq
/x86_32.switchbladesq
/x86_64.switchbladesq
/switchbladesq.arc
/switchbladesq.arm
/switchbladesq.arm4
/switchbladesq.arm4l
/switchbladesq.arm4t
/switchbladesq.arm4tl
/switchbladesq.arm4tll
/switchbladesq.arm5
/switchbladesq.arm5l
/switchbladesq.arm5n
/switchbladesq.arm6
/switchbladesq.arm64
/switchbladesq.arm6l
/switchbladesq.arm7
/switchbladesq.arm7l
/switchbladesq.arm8
/switchbladesq.armv4
/switchbladesq.armv4l
/switchbladesq.armv5l
/switchbladesq.armv6
/switchbladesq.armv61
/switchbladesq.armv6l
/switchbladesq.armv7l
/switchbladesq.dbg
/switchbladesq.exploit
/switchbladesq.i4
/switchbladesq.i486
/switchbladesq.i586
/switchbladesq.i6
/switchbladesq.i686
/switchbladesq.kill
/switchbladesq.m68
/switchbladesq.m68k
/switchbladesq.mips
/switchbladesq.mips64
/switchbladesq.mipsel
/switchbladesq.mpsl
/switchbladesq.pcc
/switchbladesq.powerpc
/switchbladesq.powerpc-440fp
/switchbladesq.powerppc
/switchbladesq.ppc
/switchbladesq.ppc2
/switchbladesq.ppc440
/switchbladesq.ppc440fp
/switchbladesq.root
/switchbladesq.root32
/switchbladesq.sh
/switchbladesq.sh4
/switchbladesq.sparc
/switchbladesq.spc
/switchbladesq.ssh4
/switchbladesq.x32
/switchbladesq.x64
/switchbladesq.x86
/switchbladesq.x86_32
/switchbladesq.x86_64

# Reference: https://www.virustotal.com/gui/domain/a.deadnig.ga/relations

a.deadnig.ga
/arc.booty
/arm.booty
/arm4.booty
/arm4l.booty
/arm4t.booty
/arm4tl.booty
/arm4tll.booty
/arm5.booty
/arm5l.booty
/arm5n.booty
/arm6.booty
/arm64.booty
/arm6l.booty
/arm7.booty
/arm7l.booty
/arm8.booty
/armv4.booty
/armv4l.booty
/armv5l.booty
/armv6.booty
/armv61.booty
/armv6l.booty
/armv7l.booty
/dbg.booty
/exploit.booty
/i4.booty
/i486.booty
/i586.booty
/i6.booty
/i686.booty
/kill.booty
/m68.booty
/m68k.booty
/mips.booty
/mips64.booty
/mipsel.booty
/mpsl.booty
/pcc.booty
/powerpc-440fp.booty
/powerpc.booty
/powerppc.booty
/ppc.booty
/ppc2.booty
/ppc440.booty
/ppc440fp.booty
/root.booty
/root32.booty
/sh.booty
/sh4.booty
/sparc.booty
/spc.booty
/ssh4.booty
/x32.booty
/x64.booty
/x86.booty
/x86_32.booty
/x86_64.booty
/booty.arc
/booty.arm
/booty.arm4
/booty.arm4l
/booty.arm4t
/booty.arm4tl
/booty.arm4tll
/booty.arm5
/booty.arm5l
/booty.arm5n
/booty.arm6
/booty.arm64
/booty.arm6l
/booty.arm7
/booty.arm7l
/booty.arm8
/booty.armv4
/booty.armv4l
/booty.armv5l
/booty.armv6
/booty.armv61
/booty.armv6l
/booty.armv7l
/booty.dbg
/booty.exploit
/booty.i4
/booty.i486
/booty.i586
/booty.i6
/booty.i686
/booty.kill
/booty.m68
/booty.m68k
/booty.mips
/booty.mips64
/booty.mipsel
/booty.mpsl
/booty.pcc
/booty.powerpc
/booty.powerpc-440fp
/booty.powerppc
/booty.ppc
/booty.ppc2
/booty.ppc440
/booty.ppc440fp
/booty.root
/booty.root32
/booty.sh
/booty.sh4
/booty.sparc
/booty.spc
/booty.ssh4
/booty.x32
/booty.x64
/booty.x86
/booty.x86_32
/booty.x86_64
/arc.rispek
/arm.rispek
/arm4.rispek
/arm4l.rispek
/arm4t.rispek
/arm4tl.rispek
/arm4tll.rispek
/arm5.rispek
/arm5l.rispek
/arm5n.rispek
/arm6.rispek
/arm64.rispek
/arm6l.rispek
/arm7.rispek
/arm7l.rispek
/arm8.rispek
/armv4.rispek
/armv4l.rispek
/armv5l.rispek
/armv6.rispek
/armv61.rispek
/armv6l.rispek
/armv7l.rispek
/dbg.rispek
/exploit.rispek
/i4.rispek
/i486.rispek
/i586.rispek
/i6.rispek
/i686.rispek
/kill.rispek
/m68.rispek
/m68k.rispek
/mips.rispek
/mips64.rispek
/mipsel.rispek
/mpsl.rispek
/pcc.rispek
/powerpc-440fp.rispek
/powerpc.rispek
/powerppc.rispek
/ppc.rispek
/ppc2.rispek
/ppc440.rispek
/ppc440fp.rispek
/root.rispek
/root32.rispek
/sh.rispek
/sh4.rispek
/sparc.rispek
/spc.rispek
/ssh4.rispek
/x32.rispek
/x64.rispek
/x86.rispek
/x86_32.rispek
/x86_64.rispek
/rispek.arc
/rispek.arm
/rispek.arm4
/rispek.arm4l
/rispek.arm4t
/rispek.arm4tl
/rispek.arm4tll
/rispek.arm5
/rispek.arm5l
/rispek.arm5n
/rispek.arm6
/rispek.arm64
/rispek.arm6l
/rispek.arm7
/rispek.arm7l
/rispek.arm8
/rispek.armv4
/rispek.armv4l
/rispek.armv5l
/rispek.armv6
/rispek.armv61
/rispek.armv6l
/rispek.armv7l
/rispek.dbg
/rispek.exploit
/rispek.i4
/rispek.i486
/rispek.i586
/rispek.i6
/rispek.i686
/rispek.kill
/rispek.m68
/rispek.m68k
/rispek.mips
/rispek.mips64
/rispek.mipsel
/rispek.mpsl
/rispek.pcc
/rispek.powerpc
/rispek.powerpc-440fp
/rispek.powerppc
/rispek.ppc
/rispek.ppc2
/rispek.ppc440
/rispek.ppc440fp
/rispek.root
/rispek.root32
/rispek.sh
/rispek.sh4
/rispek.sparc
/rispek.spc
/rispek.ssh4
/rispek.x32
/rispek.x64
/rispek.x86
/rispek.x86_32
/rispek.x86_64
/muck.sh

# Reference: https://twitter.com/bad_packets/status/1245063093463347200
# Reference: https://www.virustotal.com/gui/domain/hoaxcalls.pw/relations
# Reference: https://www.virustotal.com/gui/ip-address/178.32.148.5/relations
# Reference: https://unit42.paloaltonetworks.com/new-hoaxcalls-ddos-botnet/

178.32.148.5:1337
18.185.109.135:1337
hoaxcalls.pw
/arc.polaris
/arm.polaris
/arm4.polaris
/arm4l.polaris
/arm4t.polaris
/arm4tl.polaris
/arm4tll.polaris
/arm5.polaris
/arm5l.polaris
/arm5n.polaris
/arm6.polaris
/arm64.polaris
/arm6l.polaris
/arm7.polaris
/arm7l.polaris
/arm8.polaris
/armv4.polaris
/armv4l.polaris
/armv5l.polaris
/armv6.polaris
/armv61.polaris
/armv6l.polaris
/armv7l.polaris
/dbg.polaris
/exploit.polaris
/i4.polaris
/i486.polaris
/i586.polaris
/i6.polaris
/i686.polaris
/kill.polaris
/m68.polaris
/m68k.polaris
/mips.polaris
/mips64.polaris
/mipsel.polaris
/mpsl.polaris
/pcc.polaris
/powerpc-440fp.polaris
/powerpc.polaris
/powerppc.polaris
/ppc.polaris
/ppc2.polaris
/ppc440.polaris
/ppc440fp.polaris
/root.polaris
/root32.polaris
/sh.polaris
/sh4.polaris
/sparc.polaris
/spc.polaris
/ssh4.polaris
/x32.polaris
/x64.polaris
/x86.polaris
/x86_32.polaris
/x86_64.polaris
/polaris.arc
/polaris.arm
/polaris.arm4
/polaris.arm4l
/polaris.arm4t
/polaris.arm4tl
/polaris.arm4tll
/polaris.arm5
/polaris.arm5l
/polaris.arm5n
/polaris.arm6
/polaris.arm64
/polaris.arm6l
/polaris.arm7
/polaris.arm7l
/polaris.arm8
/polaris.armv4
/polaris.armv4l
/polaris.armv5l
/polaris.armv6
/polaris.armv61
/polaris.armv6l
/polaris.armv7l
/polaris.dbg
/polaris.exploit
/polaris.i4
/polaris.i486
/polaris.i586
/polaris.i6
/polaris.i686
/polaris.kill
/polaris.m68
/polaris.m68k
/polaris.mips
/polaris.mips64
/polaris.mipsel
/polaris.mpsl
/polaris.pcc
/polaris.powerpc
/polaris.powerpc-440fp
/polaris.powerppc
/polaris.ppc
/polaris.ppc2
/polaris.ppc440
/polaris.ppc440fp
/polaris.root
/polaris.root32
/polaris.sh
/polaris.sh4
/polaris.sparc
/polaris.spc
/polaris.ssh4
/polaris.x32
/polaris.x64
/polaris.x86
/polaris.x86_32
/polaris.x86_64

# Reference: https://www.virustotal.com/gui/ip-address/164.132.92.168/relations

http://164.132.92.168
164.132.92.168:6479
ip168.ip-164-132-92.eu
/arc.viktor
/arm.viktor
/arm4.viktor
/arm4l.viktor
/arm4t.viktor
/arm4tl.viktor
/arm4tll.viktor
/arm5.viktor
/arm5l.viktor
/arm5n.viktor
/arm6.viktor
/arm64.viktor
/arm6l.viktor
/arm7.viktor
/arm7l.viktor
/arm8.viktor
/armv4.viktor
/armv4l.viktor
/armv5l.viktor
/armv6.viktor
/armv61.viktor
/armv6l.viktor
/armv7l.viktor
/dbg.viktor
/exploit.viktor
/i4.viktor
/i486.viktor
/i586.viktor
/i6.viktor
/i686.viktor
/kill.viktor
/m68.viktor
/m68k.viktor
/mips.viktor
/mips64.viktor
/mipsel.viktor
/mpsl.viktor
/pcc.viktor
/powerpc-440fp.viktor
/powerpc.viktor
/powerppc.viktor
/ppc.viktor
/ppc2.viktor
/ppc440.viktor
/ppc440fp.viktor
/root.viktor
/root32.viktor
/sh.viktor
/sh4.viktor
/sparc.viktor
/spc.viktor
/ssh4.viktor
/x32.viktor
/x64.viktor
/x86.viktor
/x86_32.viktor
/x86_64.viktor
/viktor.arc
/viktor.arm
/viktor.arm4
/viktor.arm4l
/viktor.arm4t
/viktor.arm4tl
/viktor.arm4tll
/viktor.arm5
/viktor.arm5l
/viktor.arm5n
/viktor.arm6
/viktor.arm64
/viktor.arm6l
/viktor.arm7
/viktor.arm7l
/viktor.arm8
/viktor.armv4
/viktor.armv4l
/viktor.armv5l
/viktor.armv6
/viktor.armv61
/viktor.armv6l
/viktor.armv7l
/viktor.dbg
/viktor.exploit
/viktor.i4
/viktor.i486
/viktor.i586
/viktor.i6
/viktor.i686
/viktor.kill
/viktor.m68
/viktor.m68k
/viktor.mips
/viktor.mips64
/viktor.mipsel
/viktor.mpsl
/viktor.pcc
/viktor.powerpc
/viktor.powerpc-440fp
/viktor.powerppc
/viktor.ppc
/viktor.ppc2
/viktor.ppc440
/viktor.ppc440fp
/viktor.root
/viktor.root32
/viktor.sh
/viktor.sh4
/viktor.sparc
/viktor.spc
/viktor.ssh4
/viktor.x32
/viktor.x64
/viktor.x86
/viktor.x86_32
/viktor.x86_64

# Reference: https://twitter.com/makflwana/status/1247443970298281986

/botnet.xtensa
/xtensa.botnet

# Reference: https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf
# Reference: https://otx.alienvault.com/pulse/5e8e02757be85bbebeeaf137

190.115.18.144:13000
thiccnigga.me

# Reference: https://twitter.com/0xrb/status/1251500117892329472

/arc.asdfghjkl
/arm.asdfghjkl
/arm4.asdfghjkl
/arm4l.asdfghjkl
/arm4t.asdfghjkl
/arm4tl.asdfghjkl
/arm4tll.asdfghjkl
/arm5.asdfghjkl
/arm5l.asdfghjkl
/arm5n.asdfghjkl
/arm6.asdfghjkl
/arm64.asdfghjkl
/arm6l.asdfghjkl
/arm7.asdfghjkl
/arm7l.asdfghjkl
/arm8.asdfghjkl
/armv4.asdfghjkl
/armv4l.asdfghjkl
/armv5l.asdfghjkl
/armv6.asdfghjkl
/armv61.asdfghjkl
/armv6l.asdfghjkl
/armv7l.asdfghjkl
/dbg.asdfghjkl
/exploit.asdfghjkl
/i4.asdfghjkl
/i486.asdfghjkl
/i586.asdfghjkl
/i6.asdfghjkl
/i686.asdfghjkl
/kill.asdfghjkl
/m68.asdfghjkl
/m68k.asdfghjkl
/mips.asdfghjkl
/mips64.asdfghjkl
/mipsel.asdfghjkl
/mpsl.asdfghjkl
/pcc.asdfghjkl
/powerpc-440fp.asdfghjkl
/powerpc.asdfghjkl
/powerppc.asdfghjkl
/ppc.asdfghjkl
/ppc2.asdfghjkl
/ppc440.asdfghjkl
/ppc440fp.asdfghjkl
/root.asdfghjkl
/root32.asdfghjkl
/sh.asdfghjkl
/sh4.asdfghjkl
/sparc.asdfghjkl
/spc.asdfghjkl
/ssh4.asdfghjkl
/x32.asdfghjkl
/x64.asdfghjkl
/x86.asdfghjkl
/x86_32.asdfghjkl
/x86_64.asdfghjkl
/asdfghjkl.arc
/asdfghjkl.arm
/asdfghjkl.arm4
/asdfghjkl.arm4l
/asdfghjkl.arm4t
/asdfghjkl.arm4tl
/asdfghjkl.arm4tll
/asdfghjkl.arm5
/asdfghjkl.arm5l
/asdfghjkl.arm5n
/asdfghjkl.arm6
/asdfghjkl.arm64
/asdfghjkl.arm6l
/asdfghjkl.arm7
/asdfghjkl.arm7l
/asdfghjkl.arm8
/asdfghjkl.armv4
/asdfghjkl.armv4l
/asdfghjkl.armv5l
/asdfghjkl.armv6
/asdfghjkl.armv61
/asdfghjkl.armv6l
/asdfghjkl.armv7l
/asdfghjkl.dbg
/asdfghjkl.exploit
/asdfghjkl.i4
/asdfghjkl.i486
/asdfghjkl.i586
/asdfghjkl.i6
/asdfghjkl.i686
/asdfghjkl.kill
/asdfghjkl.m68
/asdfghjkl.m68k
/asdfghjkl.mips
/asdfghjkl.mips64
/asdfghjkl.mipsel
/asdfghjkl.mpsl
/asdfghjkl.pcc
/asdfghjkl.powerpc
/asdfghjkl.powerpc-440fp
/asdfghjkl.powerppc
/asdfghjkl.ppc
/asdfghjkl.ppc2
/asdfghjkl.ppc440
/asdfghjkl.ppc440fp
/asdfghjkl.root
/asdfghjkl.root32
/asdfghjkl.sh
/asdfghjkl.sh4
/asdfghjkl.sparc
/asdfghjkl.spc
/asdfghjkl.ssh4
/asdfghjkl.x32
/asdfghjkl.x64
/asdfghjkl.x86
/asdfghjkl.x86_32
/asdfghjkl.x86_64
/arc.Faithful
/arm.Faithful
/arm4.Faithful
/arm4l.Faithful
/arm4t.Faithful
/arm4tl.Faithful
/arm4tll.Faithful
/arm5.Faithful
/arm5l.Faithful
/arm5n.Faithful
/arm6.Faithful
/arm64.Faithful
/arm6l.Faithful
/arm7.Faithful
/arm7l.Faithful
/arm8.Faithful
/armv4.Faithful
/armv4l.Faithful
/armv5l.Faithful
/armv6.Faithful
/armv61.Faithful
/armv6l.Faithful
/armv7l.Faithful
/dbg.Faithful
/exploit.Faithful
/i4.Faithful
/i486.Faithful
/i586.Faithful
/i6.Faithful
/i686.Faithful
/kill.Faithful
/m68.Faithful
/m68k.Faithful
/mips.Faithful
/mips64.Faithful
/mipsel.Faithful
/mpsl.Faithful
/pcc.Faithful
/powerpc-440fp.Faithful
/powerpc.Faithful
/powerppc.Faithful
/ppc.Faithful
/ppc2.Faithful
/ppc440.Faithful
/ppc440fp.Faithful
/root.Faithful
/root32.Faithful
/sh.Faithful
/sh4.Faithful
/sparc.Faithful
/spc.Faithful
/ssh4.Faithful
/x32.Faithful
/x64.Faithful
/x86.Faithful
/x86_32.Faithful
/x86_64.Faithful
/Faithful.arc
/Faithful.arm
/Faithful.arm4
/Faithful.arm4l
/Faithful.arm4t
/Faithful.arm4tl
/Faithful.arm4tll
/Faithful.arm5
/Faithful.arm5l
/Faithful.arm5n
/Faithful.arm6
/Faithful.arm64
/Faithful.arm6l
/Faithful.arm7
/Faithful.arm7l
/Faithful.arm8
/Faithful.armv4
/Faithful.armv4l
/Faithful.armv5l
/Faithful.armv6
/Faithful.armv61
/Faithful.armv6l
/Faithful.armv7l
/Faithful.dbg
/Faithful.exploit
/Faithful.i4
/Faithful.i486
/Faithful.i586
/Faithful.i6
/Faithful.i686
/Faithful.kill
/Faithful.m68
/Faithful.m68k
/Faithful.mips
/Faithful.mips64
/Faithful.mipsel
/Faithful.mpsl
/Faithful.pcc
/Faithful.powerpc
/Faithful.powerpc-440fp
/Faithful.powerppc
/Faithful.ppc
/Faithful.ppc2
/Faithful.ppc440
/Faithful.ppc440fp
/Faithful.root
/Faithful.root32
/Faithful.sh
/Faithful.sh4
/Faithful.sparc
/Faithful.spc
/Faithful.ssh4
/Faithful.x32
/Faithful.x64
/Faithful.x86
/Faithful.x86_32
/Faithful.x86_64
/arc.gucci
/arm.gucci
/arm4.gucci
/arm4l.gucci
/arm4t.gucci
/arm4tl.gucci
/arm4tll.gucci
/arm5.gucci
/arm5l.gucci
/arm5n.gucci
/arm6.gucci
/arm64.gucci
/arm6l.gucci
/arm7.gucci
/arm7l.gucci
/arm8.gucci
/armv4.gucci
/armv4l.gucci
/armv5l.gucci
/armv6.gucci
/armv61.gucci
/armv6l.gucci
/armv7l.gucci
/dbg.gucci
/exploit.gucci
/i4.gucci
/i486.gucci
/i586.gucci
/i6.gucci
/i686.gucci
/kill.gucci
/m68.gucci
/m68k.gucci
/mips.gucci
/mips64.gucci
/mipsel.gucci
/mpsl.gucci
/pcc.gucci
/powerpc-440fp.gucci
/powerpc.gucci
/powerppc.gucci
/ppc.gucci
/ppc2.gucci
/ppc440.gucci
/ppc440fp.gucci
/root.gucci
/root32.gucci
/sh.gucci
/sh4.gucci
/sparc.gucci
/spc.gucci
/ssh4.gucci
/x32.gucci
/x64.gucci
/x86.gucci
/x86_32.gucci
/x86_64.gucci
/gucci.arc
/gucci.arm
/gucci.arm4
/gucci.arm4l
/gucci.arm4t
/gucci.arm4tl
/gucci.arm4tll
/gucci.arm5
/gucci.arm5l
/gucci.arm5n
/gucci.arm6
/gucci.arm64
/gucci.arm6l
/gucci.arm7
/gucci.arm7l
/gucci.arm8
/gucci.armv4
/gucci.armv4l
/gucci.armv5l
/gucci.armv6
/gucci.armv61
/gucci.armv6l
/gucci.armv7l
/gucci.dbg
/gucci.exploit
/gucci.i4
/gucci.i486
/gucci.i586
/gucci.i6
/gucci.i686
/gucci.kill
/gucci.m68
/gucci.m68k
/gucci.mips
/gucci.mips64
/gucci.mipsel
/gucci.mpsl
/gucci.pcc
/gucci.powerpc
/gucci.powerpc-440fp
/gucci.powerppc
/gucci.ppc
/gucci.ppc2
/gucci.ppc440
/gucci.ppc440fp
/gucci.root
/gucci.root32
/gucci.sh
/gucci.sh4
/gucci.sparc
/gucci.spc
/gucci.ssh4
/gucci.x32
/gucci.x64
/gucci.x86
/gucci.x86_32
/gucci.x86_64
/arc.whoareyou
/arm.whoareyou
/arm4.whoareyou
/arm4l.whoareyou
/arm4t.whoareyou
/arm4tl.whoareyou
/arm4tll.whoareyou
/arm5.whoareyou
/arm5l.whoareyou
/arm5n.whoareyou
/arm6.whoareyou
/arm64.whoareyou
/arm6l.whoareyou
/arm7.whoareyou
/arm7l.whoareyou
/arm8.whoareyou
/armv4.whoareyou
/armv4l.whoareyou
/armv5l.whoareyou
/armv6.whoareyou
/armv61.whoareyou
/armv6l.whoareyou
/armv7l.whoareyou
/dbg.whoareyou
/exploit.whoareyou
/i4.whoareyou
/i486.whoareyou
/i586.whoareyou
/i6.whoareyou
/i686.whoareyou
/kill.whoareyou
/m68.whoareyou
/m68k.whoareyou
/mips.whoareyou
/mips64.whoareyou
/mipsel.whoareyou
/mpsl.whoareyou
/pcc.whoareyou
/powerpc-440fp.whoareyou
/powerpc.whoareyou
/powerppc.whoareyou
/ppc.whoareyou
/ppc2.whoareyou
/ppc440.whoareyou
/ppc440fp.whoareyou
/root.whoareyou
/root32.whoareyou
/sh.whoareyou
/sh4.whoareyou
/sparc.whoareyou
/spc.whoareyou
/ssh4.whoareyou
/x32.whoareyou
/x64.whoareyou
/x86.whoareyou
/x86_32.whoareyou
/x86_64.whoareyou
/whoareyou.arc
/whoareyou.arm
/whoareyou.arm4
/whoareyou.arm4l
/whoareyou.arm4t
/whoareyou.arm4tl
/whoareyou.arm4tll
/whoareyou.arm5
/whoareyou.arm5l
/whoareyou.arm5n
/whoareyou.arm6
/whoareyou.arm64
/whoareyou.arm6l
/whoareyou.arm7
/whoareyou.arm7l
/whoareyou.arm8
/whoareyou.armv4
/whoareyou.armv4l
/whoareyou.armv5l
/whoareyou.armv6
/whoareyou.armv61
/whoareyou.armv6l
/whoareyou.armv7l
/whoareyou.dbg
/whoareyou.exploit
/whoareyou.i4
/whoareyou.i486
/whoareyou.i586
/whoareyou.i6
/whoareyou.i686
/whoareyou.kill
/whoareyou.m68
/whoareyou.m68k
/whoareyou.mips
/whoareyou.mips64
/whoareyou.mipsel
/whoareyou.mpsl
/whoareyou.pcc
/whoareyou.powerpc
/whoareyou.powerpc-440fp
/whoareyou.powerppc
/whoareyou.ppc
/whoareyou.ppc2
/whoareyou.ppc440
/whoareyou.ppc440fp
/whoareyou.root
/whoareyou.root32
/whoareyou.sh
/whoareyou.sh4
/whoareyou.sparc
/whoareyou.spc
/whoareyou.ssh4
/whoareyou.x32
/whoareyou.x64
/whoareyou.x86
/whoareyou.x86_32
/whoareyou.x86_64
/arc.malware
/arm.malware
/arm4.malware
/arm4l.malware
/arm4t.malware
/arm4tl.malware
/arm4tll.malware
/arm5.malware
/arm5l.malware
/arm5n.malware
/arm6.malware
/arm64.malware
/arm6l.malware
/arm7.malware
/arm7l.malware
/arm8.malware
/armv4.malware
/armv4l.malware
/armv5l.malware
/armv6.malware
/armv61.malware
/armv6l.malware
/armv7l.malware
/dbg.malware
/exploit.malware
/i4.malware
/i486.malware
/i586.malware
/i6.malware
/i686.malware
/kill.malware
/m68.malware
/m68k.malware
/mips.malware
/mips64.malware
/mipsel.malware
/mpsl.malware
/pcc.malware
/powerpc-440fp.malware
/powerpc.malware
/powerppc.malware
/ppc.malware
/ppc2.malware
/ppc440.malware
/ppc440fp.malware
/root.malware
/root32.malware
/sh.malware
/sh4.malware
/sparc.malware
/spc.malware
/ssh4.malware
/x32.malware
/x64.malware
/x86.malware
/x86_32.malware
/x86_64.malware
/malware.arc
/malware.arm
/malware.arm4
/malware.arm4l
/malware.arm4t
/malware.arm4tl
/malware.arm4tll
/malware.arm5
/malware.arm5l
/malware.arm5n
/malware.arm6
/malware.arm64
/malware.arm6l
/malware.arm7
/malware.arm7l
/malware.arm8
/malware.armv4
/malware.armv4l
/malware.armv5l
/malware.armv6
/malware.armv61
/malware.armv6l
/malware.armv7l
/malware.dbg
/malware.exploit
/malware.i4
/malware.i486
/malware.i586
/malware.i6
/malware.i686
/malware.kill
/malware.m68
/malware.m68k
/malware.mips
/malware.mips64
/malware.mipsel
/malware.mpsl
/malware.pcc
/malware.powerpc
/malware.powerpc-440fp
/malware.powerppc
/malware.ppc
/malware.ppc2
/malware.ppc440
/malware.ppc440fp
/malware.root
/malware.root32
/malware.sh
/malware.sh4
/malware.sparc
/malware.spc
/malware.ssh4
/malware.x32
/malware.x64
/malware.x86
/malware.x86_32
/malware.x86_64
/AB4g5/
/ABCDEFGHIJKLMNOPQRSTUVWXYZ/
/awiotiwhiogoihahogahoi/
/beastmode/
/dirdir000/
/Faith_Bins/
/kc-botnet/
/lmaoWTF/

# Reference: https://twitter.com/bad_packets/status/1251993553238032384

/arc.more
/arm.more
/arm4.more
/arm4l.more
/arm4t.more
/arm4tl.more
/arm4tll.more
/arm5.more
/arm5l.more
/arm5n.more
/arm6.more
/arm64.more
/arm6l.more
/arm7.more
/arm7l.more
/arm8.more
/armv4.more
/armv4l.more
/armv5l.more
/armv6.more
/armv61.more
/armv6l.more
/armv7l.more
/dbg.more
/exploit.more
/i4.more
/i486.more
/i586.more
/i6.more
/i686.more
/kill.more
/m68.more
/m68k.more
/mips.more
/mips64.more
/mipsel.more
/mpsl.more
/pcc.more
/powerpc-440fp.more
/powerpc.more
/powerppc.more
/ppc.more
/ppc2.more
/ppc440.more
/ppc440fp.more
/root.more
/root32.more
/sh.more
/sh4.more
/sparc.more
/spc.more
/ssh4.more
/x32.more
/x64.more
/x86.more
/x86_32.more
/x86_64.more
/more.arc
/more.arm
/more.arm4
/more.arm4l
/more.arm4t
/more.arm4tl
/more.arm4tll
/more.arm5
/more.arm5l
/more.arm5n
/more.arm6
/more.arm64
/more.arm6l
/more.arm7
/more.arm7l
/more.arm8
/more.armv4
/more.armv4l
/more.armv5l
/more.armv6
/more.armv61
/more.armv6l
/more.armv7l
/more.dbg
/more.exploit
/more.i4
/more.i486
/more.i586
/more.i6
/more.i686
/more.kill
/more.m68
/more.m68k
/more.mips
/more.mips64
/more.mipsel
/more.mpsl
/more.pcc
/more.powerpc
/more.powerpc-440fp
/more.powerppc
/more.ppc
/more.ppc2
/more.ppc440
/more.ppc440fp
/more.root
/more.root32
/more.sh
/more.sh4
/more.sparc
/more.spc
/more.ssh4
/more.x32
/more.x64
/more.x86
/more.x86_32
/more.x86_64

# Reference: https://twitter.com/JayTHL/status/1252236963857354760

/Pandoras_Box/
/zehir/
/botz
/arc.anarchy
/arm.anarchy
/arm4.anarchy
/arm4l.anarchy
/arm4t.anarchy
/arm4tl.anarchy
/arm4tll.anarchy
/arm5.anarchy
/arm5l.anarchy
/arm5n.anarchy
/arm6.anarchy
/arm64.anarchy
/arm6l.anarchy
/arm7.anarchy
/arm7l.anarchy
/arm8.anarchy
/armv4.anarchy
/armv4l.anarchy
/armv5l.anarchy
/armv6.anarchy
/armv61.anarchy
/armv6l.anarchy
/armv7l.anarchy
/dbg.anarchy
/exploit.anarchy
/i4.anarchy
/i486.anarchy
/i586.anarchy
/i6.anarchy
/i686.anarchy
/kill.anarchy
/m68.anarchy
/m68k.anarchy
/mips.anarchy
/mips64.anarchy
/mipsel.anarchy
/mpsl.anarchy
/pcc.anarchy
/powerpc-440fp.anarchy
/powerpc.anarchy
/powerppc.anarchy
/ppc.anarchy
/ppc2.anarchy
/ppc440.anarchy
/ppc440fp.anarchy
/root.anarchy
/root32.anarchy
/sh.anarchy
/sh4.anarchy
/sparc.anarchy
/spc.anarchy
/ssh4.anarchy
/x32.anarchy
/x64.anarchy
/x86.anarchy
/x86_32.anarchy
/x86_64.anarchy
/anarchy.arc
/anarchy.arm
/anarchy.arm4
/anarchy.arm4l
/anarchy.arm4t
/anarchy.arm4tl
/anarchy.arm4tll
/anarchy.arm5
/anarchy.arm5l
/anarchy.arm5n
/anarchy.arm6
/anarchy.arm64
/anarchy.arm6l
/anarchy.arm7
/anarchy.arm7l
/anarchy.arm8
/anarchy.armv4
/anarchy.armv4l
/anarchy.armv5l
/anarchy.armv6
/anarchy.armv61
/anarchy.armv6l
/anarchy.armv7l
/anarchy.dbg
/anarchy.exploit
/anarchy.i4
/anarchy.i486
/anarchy.i586
/anarchy.i6
/anarchy.i686
/anarchy.kill
/anarchy.m68
/anarchy.m68k
/anarchy.mips
/anarchy.mips64
/anarchy.mipsel
/anarchy.mpsl
/anarchy.pcc
/anarchy.powerpc
/anarchy.powerpc-440fp
/anarchy.powerppc
/anarchy.ppc
/anarchy.ppc2
/anarchy.ppc440
/anarchy.ppc440fp
/anarchy.root
/anarchy.root32
/anarchy.sh
/anarchy.sh4
/anarchy.sparc
/anarchy.spc
/anarchy.ssh4
/anarchy.x32
/anarchy.x64
/anarchy.x86
/anarchy.x86_32
/anarchy.x86_64
/arc.leon
/arm.leon
/arm4.leon
/arm4l.leon
/arm4t.leon
/arm4tl.leon
/arm4tll.leon
/arm5.leon
/arm5l.leon
/arm5n.leon
/arm6.leon
/arm64.leon
/arm6l.leon
/arm7.leon
/arm7l.leon
/arm8.leon
/armv4.leon
/armv4l.leon
/armv5l.leon
/armv6.leon
/armv61.leon
/armv6l.leon
/armv7l.leon
/dbg.leon
/exploit.leon
/i4.leon
/i486.leon
/i586.leon
/i6.leon
/i686.leon
/kill.leon
/m68.leon
/m68k.leon
/mips.leon
/mips64.leon
/mipsel.leon
/mpsl.leon
/pcc.leon
/powerpc-440fp.leon
/powerpc.leon
/powerppc.leon
/ppc.leon
/ppc2.leon
/ppc440.leon
/ppc440fp.leon
/root.leon
/root32.leon
/sh.leon
/sh4.leon
/sparc.leon
/spc.leon
/ssh4.leon
/x32.leon
/x64.leon
/x86.leon
/x86_32.leon
/x86_64.leon
/leon.arc
/leon.arm
/leon.arm4
/leon.arm4l
/leon.arm4t
/leon.arm4tl
/leon.arm4tll
/leon.arm5
/leon.arm5l
/leon.arm5n
/leon.arm6
/leon.arm64
/leon.arm6l
/leon.arm7
/leon.arm7l
/leon.arm8
/leon.armv4
/leon.armv4l
/leon.armv5l
/leon.armv6
/leon.armv61
/leon.armv6l
/leon.armv7l
/leon.dbg
/leon.exploit
/leon.i4
/leon.i486
/leon.i586
/leon.i6
/leon.i686
/leon.kill
/leon.m68
/leon.m68k
/leon.mips
/leon.mips64
/leon.mipsel
/leon.mpsl
/leon.pcc
/leon.powerpc
/leon.powerpc-440fp
/leon.powerppc
/leon.ppc
/leon.ppc2
/leon.ppc440
/leon.ppc440fp
/leon.root
/leon.root32
/leon.sh
/leon.sh4
/leon.sparc
/leon.spc
/leon.ssh4
/leon.x32
/leon.x64
/leon.x86
/leon.x86_32
/leon.x86_64
/arc.systemUpdate
/arm.systemUpdate
/arm4.systemUpdate
/arm4l.systemUpdate
/arm4t.systemUpdate
/arm4tl.systemUpdate
/arm4tll.systemUpdate
/arm5.systemUpdate
/arm5l.systemUpdate
/arm5n.systemUpdate
/arm6.systemUpdate
/arm64.systemUpdate
/arm6l.systemUpdate
/arm7.systemUpdate
/arm7l.systemUpdate
/arm8.systemUpdate
/armv4.systemUpdate
/armv4l.systemUpdate
/armv5l.systemUpdate
/armv6.systemUpdate
/armv61.systemUpdate
/armv6l.systemUpdate
/armv7l.systemUpdate
/dbg.systemUpdate
/exploit.systemUpdate
/i4.systemUpdate
/i486.systemUpdate
/i586.systemUpdate
/i6.systemUpdate
/i686.systemUpdate
/kill.systemUpdate
/m68.systemUpdate
/m68k.systemUpdate
/mips.systemUpdate
/mips64.systemUpdate
/mipsel.systemUpdate
/mpsl.systemUpdate
/pcc.systemUpdate
/powerpc-440fp.systemUpdate
/powerpc.systemUpdate
/powerppc.systemUpdate
/ppc.systemUpdate
/ppc2.systemUpdate
/ppc440.systemUpdate
/ppc440fp.systemUpdate
/root.systemUpdate
/root32.systemUpdate
/sh.systemUpdate
/sh4.systemUpdate
/sparc.systemUpdate
/spc.systemUpdate
/ssh4.systemUpdate
/x32.systemUpdate
/x64.systemUpdate
/x86.systemUpdate
/x86_32.systemUpdate
/x86_64.systemUpdate
/systemUpdate.arc
/systemUpdate.arm
/systemUpdate.arm4
/systemUpdate.arm4l
/systemUpdate.arm4t
/systemUpdate.arm4tl
/systemUpdate.arm4tll
/systemUpdate.arm5
/systemUpdate.arm5l
/systemUpdate.arm5n
/systemUpdate.arm6
/systemUpdate.arm64
/systemUpdate.arm6l
/systemUpdate.arm7
/systemUpdate.arm7l
/systemUpdate.arm8
/systemUpdate.armv4
/systemUpdate.armv4l
/systemUpdate.armv5l
/systemUpdate.armv6
/systemUpdate.armv61
/systemUpdate.armv6l
/systemUpdate.armv7l
/systemUpdate.dbg
/systemUpdate.exploit
/systemUpdate.i4
/systemUpdate.i486
/systemUpdate.i586
/systemUpdate.i6
/systemUpdate.i686
/systemUpdate.kill
/systemUpdate.m68
/systemUpdate.m68k
/systemUpdate.mips
/systemUpdate.mips64
/systemUpdate.mipsel
/systemUpdate.mpsl
/systemUpdate.pcc
/systemUpdate.powerpc
/systemUpdate.powerpc-440fp
/systemUpdate.powerppc
/systemUpdate.ppc
/systemUpdate.ppc2
/systemUpdate.ppc440
/systemUpdate.ppc440fp
/systemUpdate.root
/systemUpdate.root32
/systemUpdate.sh
/systemUpdate.sh4
/systemUpdate.sparc
/systemUpdate.spc
/systemUpdate.ssh4
/systemUpdate.x32
/systemUpdate.x64
/systemUpdate.x86
/systemUpdate.x86_32
/systemUpdate.x86_64

# Reference: https://twitter.com/0xrb/status/1252309205425385474

/arc.Slsmodsd
/arm.Slsmodsd
/arm4.Slsmodsd
/arm4l.Slsmodsd
/arm4t.Slsmodsd
/arm4tl.Slsmodsd
/arm4tll.Slsmodsd
/arm5.Slsmodsd
/arm5l.Slsmodsd
/arm5n.Slsmodsd
/arm6.Slsmodsd
/arm64.Slsmodsd
/arm6l.Slsmodsd
/arm7.Slsmodsd
/arm7l.Slsmodsd
/arm8.Slsmodsd
/armv4.Slsmodsd
/armv4l.Slsmodsd
/armv5l.Slsmodsd
/armv6.Slsmodsd
/armv61.Slsmodsd
/armv6l.Slsmodsd
/armv7l.Slsmodsd
/dbg.Slsmodsd
/exploit.Slsmodsd
/i4.Slsmodsd
/i486.Slsmodsd
/i586.Slsmodsd
/i6.Slsmodsd
/i686.Slsmodsd
/kill.Slsmodsd
/m68.Slsmodsd
/m68k.Slsmodsd
/mips.Slsmodsd
/mips64.Slsmodsd
/mipsel.Slsmodsd
/mpsl.Slsmodsd
/pcc.Slsmodsd
/powerpc-440fp.Slsmodsd
/powerpc.Slsmodsd
/powerppc.Slsmodsd
/ppc.Slsmodsd
/ppc2.Slsmodsd
/ppc440.Slsmodsd
/ppc440fp.Slsmodsd
/root.Slsmodsd
/root32.Slsmodsd
/sh.Slsmodsd
/sh4.Slsmodsd
/sparc.Slsmodsd
/spc.Slsmodsd
/ssh4.Slsmodsd
/x32.Slsmodsd
/x64.Slsmodsd
/x86.Slsmodsd
/x86_32.Slsmodsd
/x86_64.Slsmodsd
/Slsmodsd.arc
/Slsmodsd.arm
/Slsmodsd.arm4
/Slsmodsd.arm4l
/Slsmodsd.arm4t
/Slsmodsd.arm4tl
/Slsmodsd.arm4tll
/Slsmodsd.arm5
/Slsmodsd.arm5l
/Slsmodsd.arm5n
/Slsmodsd.arm6
/Slsmodsd.arm64
/Slsmodsd.arm6l
/Slsmodsd.arm7
/Slsmodsd.arm7l
/Slsmodsd.arm8
/Slsmodsd.armv4
/Slsmodsd.armv4l
/Slsmodsd.armv5l
/Slsmodsd.armv6
/Slsmodsd.armv61
/Slsmodsd.armv6l
/Slsmodsd.armv7l
/Slsmodsd.dbg
/Slsmodsd.exploit
/Slsmodsd.i4
/Slsmodsd.i486
/Slsmodsd.i586
/Slsmodsd.i6
/Slsmodsd.i686
/Slsmodsd.kill
/Slsmodsd.m68
/Slsmodsd.m68k
/Slsmodsd.mips
/Slsmodsd.mips64
/Slsmodsd.mipsel
/Slsmodsd.mpsl
/Slsmodsd.pcc
/Slsmodsd.powerpc
/Slsmodsd.powerpc-440fp
/Slsmodsd.powerppc
/Slsmodsd.ppc
/Slsmodsd.ppc2
/Slsmodsd.ppc440
/Slsmodsd.ppc440fp
/Slsmodsd.root
/Slsmodsd.root32
/Slsmodsd.sh
/Slsmodsd.sh4
/Slsmodsd.sparc
/Slsmodsd.spc
/Slsmodsd.ssh4
/Slsmodsd.x32
/Slsmodsd.x64
/Slsmodsd.x86
/Slsmodsd.x86_32
/Slsmodsd.x86_64

# Reference: https://blog.netlab.360.com/the-leethozer-botnet-en/

37.49.226.171:31337
vbrxmrhrjnnouvjf.onion
w6gr2jqz3eag4ksi.onion

# Reference: https://www.virustotal.com/gui/file/ab0c24ce177af3f88944cad61048f6e441910dfab6d40fee8eabb4dc55de0661/detection

25.10.6.20:5555
25.10.6.20:54618
proxy.2u0apcm6ylhdy7s.com

# Reference: https://www.virustotal.com/gui/file/c9821c9f4277a4e35e20d794a7342d68033c1935bc0b6671f9a637a05604012e/detection

73.135.244.56:5555

# Reference: https://www.virustotal.com/gui/file/6d21a2269fdde733b4051e423af38b4d79cbe98aff518a2c0da2f17e7a315259/detection

100.206.219.177:5555
122.68.148.220:54618
122.68.148.220:5555

# Reference: https://www.virustotal.com/gui/file/cbbef96f21fc3673ec09415284720532e92f938f06211237ac727b15942c0125/detection

102.123.21.72:54618
102.123.21.72:5555
119.66.216.173:5555

# Reference: https://twitter.com/0xrb/status/1254829660573057026

192.236.161.6:1312

# Reference: https://twitter.com/bad_packets/status/1255216622605946883
# Reference: https://twitter.com/bad_packets/status/1261458827049762818

45.14.151.249:1920
45.14.151.249:3099
45.14.151.249:9090

# Reference: https://twitter.com/bad_packets/status/1227484002921041922

37.49.226.137:9375
37.49.226.137:39284

# Reference: https://twitter.com/bad_packets/status/1215763198688681984

68.183.219.115:28194
68.183.219.115:52921
/arc.IpvLye
/arm.IpvLye
/arm4.IpvLye
/arm4l.IpvLye
/arm4t.IpvLye
/arm4tl.IpvLye
/arm4tll.IpvLye
/arm5.IpvLye
/arm5l.IpvLye
/arm5n.IpvLye
/arm6.IpvLye
/arm64.IpvLye
/arm6l.IpvLye
/arm7.IpvLye
/arm7l.IpvLye
/arm8.IpvLye
/armv4.IpvLye
/armv4l.IpvLye
/armv5l.IpvLye
/armv6.IpvLye
/armv61.IpvLye
/armv6l.IpvLye
/armv7l.IpvLye
/dbg.IpvLye
/exploit.IpvLye
/i4.IpvLye
/i486.IpvLye
/i586.IpvLye
/i6.IpvLye
/i686.IpvLye
/kill.IpvLye
/m68.IpvLye
/m68k.IpvLye
/mips.IpvLye
/mips64.IpvLye
/mipsel.IpvLye
/mpsl.IpvLye
/pcc.IpvLye
/powerpc-440fp.IpvLye
/powerpc.IpvLye
/powerppc.IpvLye
/ppc.IpvLye
/ppc2.IpvLye
/ppc440.IpvLye
/ppc440fp.IpvLye
/root.IpvLye
/root32.IpvLye
/sh.IpvLye
/sh4.IpvLye
/sparc.IpvLye
/spc.IpvLye
/ssh4.IpvLye
/x32.IpvLye
/x64.IpvLye
/x86.IpvLye
/x86_32.IpvLye
/x86_64.IpvLye
/IpvLye.arc
/IpvLye.arm
/IpvLye.arm4
/IpvLye.arm4l
/IpvLye.arm4t
/IpvLye.arm4tl
/IpvLye.arm4tll
/IpvLye.arm5
/IpvLye.arm5l
/IpvLye.arm5n
/IpvLye.arm6
/IpvLye.arm64
/IpvLye.arm6l
/IpvLye.arm7
/IpvLye.arm7l
/IpvLye.arm8
/IpvLye.armv4
/IpvLye.armv4l
/IpvLye.armv5l
/IpvLye.armv6
/IpvLye.armv61
/IpvLye.armv6l
/IpvLye.armv7l
/IpvLye.dbg
/IpvLye.exploit
/IpvLye.i4
/IpvLye.i486
/IpvLye.i586
/IpvLye.i6
/IpvLye.i686
/IpvLye.kill
/IpvLye.m68
/IpvLye.m68k
/IpvLye.mips
/IpvLye.mips64
/IpvLye.mipsel
/IpvLye.mpsl
/IpvLye.pcc
/IpvLye.powerpc
/IpvLye.powerpc-440fp
/IpvLye.powerppc
/IpvLye.ppc
/IpvLye.ppc2
/IpvLye.ppc440
/IpvLye.ppc440fp
/IpvLye.root
/IpvLye.root32
/IpvLye.sh
/IpvLye.sh4
/IpvLye.sparc
/IpvLye.spc
/IpvLye.ssh4
/IpvLye.x32
/IpvLye.x64
/IpvLye.x86
/IpvLye.x86_32
/IpvLye.x86_64
/QpasYU/

# Reference: https://twitter.com/bad_packets/status/1210334931924086784

104.168.149.5:2001

# Reference: https://twitter.com/bad_packets/status/1180361965564121088

85.204.116.49:131
85.204.116.49:3143
prismware.ml

# Reference: https://twitter.com/bad_packets/status/1176352901746180101

45.95.168.161:26662
45.95.168.161:46664
45.95.168.161:56378

# Reference: https://www.virustotal.com/gui/ip-address/188.209.52.11/relations

namecheap-webmail.com
tgqbfcmfphxyq.xyz

# Reference: https://twitter.com/bad_packets/status/1166229707446050817

142.11.217.116:5301

# Reference: https://twitter.com/bad_packets/status/1155600305540587521

51.91.202.137:9999

# Reference: https://twitter.com/bad_packets/status/1154260530061725696

185.172.110.203:1024

# Reference: https://twitter.com/bad_packets/status/1154125599755005952

67.205.169.73:1791

# Reference: https://twitter.com/bad_packets/status/1153120432117055489

185.244.25.134:1791

# Reference: https://twitter.com/bad_packets/status/1152032061407940608

46.246.38.178:1791

# Reference: https://twitter.com/bad_packets/status/1151381642008649728

192.236.162.197:1791

# Reference: https://twitter.com/bad_packets/status/1147447606156517377

188.166.87.227:5301

# Reference: https://twitter.com/bad_packets/status/1146926925929074689

128.199.235.119:81

# Reference: https://twitter.com/0xrb/status/1257277263025893377

192.236.146.53:1691
211.137.225.76:53007
/as12a0s/
/itooamgay/
/swrgiuhguhwrguiwetu/

# Reference: https://twitter.com/DGAFeedAlerts/status/1257372531046191104

euviovpeqqsu.support

# Reference: https://twitter.com/DGAFeedAlerts/status/1257538858469769219

efuwlkmirpie.online

# Reference: https://twitter.com/mjbv/status/1261228371817771008
# Reference: https://www.virustotal.com/gui/domain/saoascnc.duckdns.org/relations

192.236.176.143:37215
192.236.176.143:58666
saoascnc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/b9b8a824168f96e9fbfb2d92d41d2704b0f413e5a0df637b026ec171e31694a8/detection

193.237.151.237:37215
193.237.151.237:58666

# Reference: https://www.virustotal.com/gui/file/9b62e40d0770e573eb1771d52a64ed471a9c7677f4cb4011ca6091f30f4fb038/detection

50.134.108.219:37215
50.134.108.219:58666

# Reference: https://www.virustotal.com/gui/file/7bdfe25eb983ea5d13d871c690369579b94d8615ed580ba55f0c9d07b1419916/detection 

217.32.184.17:37215
217.32.184.17:58666

# Reference: https://www.virustotal.com/gui/file/6b92ce27889a1c8caf02d61a5da9257159697cfb344f901392ef914d5d1e3228/detection

197.20.252.14:37215
197.20.252.14:58666

# Reference: https://www.virustotal.com/gui/file/e79fc3d76876524e94de9cf8090907abbb9e395aa401a9a1ed93d63200a774fd/detection

197.211.215.168:37215
197.211.215.168:58666

# Reference: https://www.virustotal.com/gui/file/d22c8793c00d104d397432a39168189a8bdedda97b6ad90f69f66dd90cc02b6f/detection

2.128.139.158:37215
2.128.139.158:58666

# Reference: https://www.virustotal.com/gui/file/bf9d9015640514ed85af83520ffa2c905626c5c15af7a7944a595916fd6d8f83/detection

124.142.175.62:37215
124.142.175.62:58666

# Reference: https://www.virustotal.com/gui/file/8c8c54043812936a13f0da1bed7fca295b98a8a88f525c98fed2c0d473064b25/detection

17.134.222.250:37215
17.134.222.250:58666

# Reference: https://www.virustotal.com/gui/file/3bc59c90a798255164669130b81019ca2726a244c30b103459709918a2dc732e/detection

142.123.244.201:37215
142.123.244.201:58666

# Reference: https://www.virustotal.com/gui/file/2c52ad0196da9dc8d484d81203bce5a85bda26868a8c810cf0e09a31cd1202b7/detection

88.181.145.203:37215
88.181.145.203:58666

# Reference: https://www.virustotal.com/gui/file/89fbdce685a0a6d63babb59339dbff0be68830e5b5b77a6221d6f4fd9a12a8dc/detection

197.220.4.203:37215
197.220.4.203:58666

# Reference: https://www.virustotal.com/gui/file/0d2d5f494b8a0f4f52923a962d23d90f19fbe82ec3020ff088862a79f54e3ef4/detection

75.216.182.106:37215
75.216.182.106:58666

# Reference: https://www.virustotal.com/gui/file/40154d33b36d2ee884f989cf70dcdbcdafd06a023bb013851eb36e9a543bae2d/detection

197.187.43.242:37215
197.187.43.242:58666

# Reference: https://www.virustotal.com/gui/file/e4abca3958055aa76f3337bdb56b6f7ac50cb24ca5f290068092f275a4da7487/detection

161.116.77.158:37215
161.116.77.158:58666

# Reference: https://www.virustotal.com/gui/file/7882e58a07cd61e9686cd69552a5021dfe7ccd3c4e5c162bc817da99cd715487/detection

136.162.221.196:37215
136.162.221.196:58666

# Reference: https://www.virustotal.com/gui/file/a61ef7d749e3d91b91d32fd4ba73dc675cccc3bacd1c153d1a1432ee78a580aa/detection

197.200.75.82:37215
197.200.75.82:58666

# Reference: https://www.virustotal.com/gui/file/e533fddd1278c8cfadaa39fe98e7ac6ff00d9ecdc979ecee27bc4c9feb95f5bd/detection

20.214.186.199:37215
20.214.186.199:58666

# Reference: https://www.virustotal.com/gui/file/fcf0871f70c5652ff6914fff74cbc8d851151230dfdfd03055010b46b5e630e5/detection

197.17.185.59:37215
197.17.185.59:58666

# Reference: https://www.virustotal.com/gui/file/7708a88aab442710759513b2e3297a93447aea770e3a6a8757517e81ba5af5d1/detection

125.42.85.48:37215
125.42.85.48:58666

# Reference: https://www.virustotal.com/gui/file/5a2563debdaeb62a18aadbc1d78f9dccc8111716d76bd8b9f95444702c75424b/detection

197.45.1.102:37215
197.45.1.102:58666

# Reference: https://www.virustotal.com/gui/file/21ab3b17239c6b152eee79ab8be1fadc140dee85887102d67b6ebb9c2109c9c1/detection

197.125.173.78:37215
197.125.173.78:58666

# Reference: https://www.virustotal.com/gui/file/ebf7bd700fb100a14a5893363ce703ad745a546c872eaf986c016eea843d1ee2/detection

209.168.243.134:37215
209.168.243.134:58666

# Reference: https://www.virustotal.com/gui/file/fce06b359367298a7e708ddd39a8ad210901438898aa06c877e23613aee00ac2/detection

201.112.67.184:37215
201.112.67.184:58666

# Reference: https://www.virustotal.com/gui/file/f76d76dc1857dbae93a59c30c3132b92f0acced1ecc8bf497463d095f1b55fc1/detection

197.142.15.17:37215
197.142.15.17:58666

# Reference: https://www.virustotal.com/gui/file/9466a43a53257f7df2e1b918353d54db9e1c1e6a2a38ba8016436529bd7744dc/detection

197.209.36.175:37215
197.209.36.175:58666

# Reference: https://www.virustotal.com/gui/file/3d5b2e46a11898537ac51c8c03aec50350119ebcfebf1e92868b007c2c8c3636/detection

59.169.193.112:37215
59.169.193.112:58666

# Reference: https://www.virustotal.com/gui/file/90caa6e2dd1307672bc462d9183d30fee42b566e870fd8928679c872d9c4414e/detection

117.113.251.250:37215
117.113.251.250:58666

# Reference: https://twitter.com/mjbv/status/1261382403341250560
# Reference: https://www.virustotal.com/gui/ip-address/185.158.249.80/relations

185.158.249.80:61214
/arc.reap
/arm.reap
/arm4.reap
/arm4l.reap
/arm4t.reap
/arm4tl.reap
/arm4tll.reap
/arm5.reap
/arm5l.reap
/arm5n.reap
/arm6.reap
/arm64.reap
/arm6l.reap
/arm7.reap
/arm7l.reap
/arm8.reap
/armv4.reap
/armv4l.reap
/armv5l.reap
/armv6.reap
/armv61.reap
/armv6l.reap
/armv7l.reap
/dbg.reap
/exploit.reap
/i4.reap
/i486.reap
/i586.reap
/i6.reap
/i686.reap
/kill.reap
/m68.reap
/m68k.reap
/mips.reap
/mips64.reap
/mipsel.reap
/mpsl.reap
/pcc.reap
/powerpc-440fp.reap
/powerpc.reap
/powerppc.reap
/ppc.reap
/ppc2.reap
/ppc440.reap
/ppc440fp.reap
/root.reap
/root32.reap
/sh.reap
/sh4.reap
/sparc.reap
/spc.reap
/ssh4.reap
/x32.reap
/x64.reap
/x86.reap
/x86_32.reap
/x86_64.reap
/reap.arc
/reap.arm
/reap.arm4
/reap.arm4l
/reap.arm4t
/reap.arm4tl
/reap.arm4tll
/reap.arm5
/reap.arm5l
/reap.arm5n
/reap.arm6
/reap.arm64
/reap.arm6l
/reap.arm7
/reap.arm7l
/reap.arm8
/reap.armv4
/reap.armv4l
/reap.armv5l
/reap.armv6
/reap.armv61
/reap.armv6l
/reap.armv7l
/reap.dbg
/reap.exploit
/reap.i4
/reap.i486
/reap.i586
/reap.i6
/reap.i686
/reap.kill
/reap.m68
/reap.m68k
/reap.mips
/reap.mips64
/reap.mipsel
/reap.mpsl
/reap.pcc
/reap.powerpc
/reap.powerpc-440fp
/reap.powerppc
/reap.ppc
/reap.ppc2
/reap.ppc440
/reap.ppc440fp
/reap.root
/reap.root32
/reap.sh
/reap.sh4
/reap.sparc
/reap.spc
/reap.ssh4
/reap.x32
/reap.x64
/reap.x86
/reap.x86_32
/reap.x86_64

# Reference: https://twitter.com/mjbv/status/1261732399748198401

45.95.168.175:58666

# Reference: https://twitter.com/mjbv/status/1262411907430076416

64.227.57.139:1791

# Reference: https://twitter.com/mjbv/status/1262419353586348033

194.147.34.79:9993

# Reference: https://twitter.com/DGAFeedAlerts/status/1262447515921723395

wowldwtcpowb.tech

# Reference: https://twitter.com/0xrb/status/1262738213472317442

/arc.infn
/arm.infn
/arm4.infn
/arm4l.infn
/arm4t.infn
/arm4tl.infn
/arm4tll.infn
/arm5.infn
/arm5l.infn
/arm5n.infn
/arm6.infn
/arm64.infn
/arm6l.infn
/arm7.infn
/arm7l.infn
/arm8.infn
/armv4.infn
/armv4l.infn
/armv5l.infn
/armv6.infn
/armv61.infn
/armv6l.infn
/armv7l.infn
/dbg.infn
/exploit.infn
/i4.infn
/i486.infn
/i586.infn
/i6.infn
/i686.infn
/kill.infn
/m68.infn
/m68k.infn
/mips.infn
/mips64.infn
/mipsel.infn
/mpsl.infn
/pcc.infn
/powerpc-440fp.infn
/powerpc.infn
/powerppc.infn
/ppc.infn
/ppc2.infn
/ppc440.infn
/ppc440fp.infn
/root.infn
/root32.infn
/sh.infn
/sh4.infn
/sparc.infn
/spc.infn
/ssh4.infn
/x32.infn
/x64.infn
/x86.infn
/x86_32.infn
/x86_64.infn
/infn.arc
/infn.arm
/infn.arm4
/infn.arm4l
/infn.arm4t
/infn.arm4tl
/infn.arm4tll
/infn.arm5
/infn.arm5l
/infn.arm5n
/infn.arm6
/infn.arm64
/infn.arm6l
/infn.arm7
/infn.arm7l
/infn.arm8
/infn.armv4
/infn.armv4l
/infn.armv5l
/infn.armv6
/infn.armv61
/infn.armv6l
/infn.armv7l
/infn.dbg
/infn.exploit
/infn.i4
/infn.i486
/infn.i586
/infn.i6
/infn.i686
/infn.kill
/infn.m68
/infn.m68k
/infn.mips
/infn.mips64
/infn.mipsel
/infn.mpsl
/infn.pcc
/infn.powerpc
/infn.powerpc-440fp
/infn.powerppc
/infn.ppc
/infn.ppc2
/infn.ppc440
/infn.ppc440fp
/infn.root
/infn.root32
/infn.sh
/infn.sh4
/infn.sparc
/infn.spc
/infn.ssh4
/infn.x32
/infn.x64
/infn.x86
/infn.x86_32
/infn.x86_64
/5311qjmikurawepedalnqmashrabotatuk61119123c/
/GbotTelnet/
/HORNY1/

# Reference: https://twitter.com/mjbv/status/1263144457265872897

45.14.224.204:34241

# Reference: https://pastebin.com/hLYWkUcD

15.164.214.61:8888
/arc.110v3107n37
/arm.110v3107n37
/arm4.110v3107n37
/arm4l.110v3107n37
/arm4t.110v3107n37
/arm4tl.110v3107n37
/arm4tll.110v3107n37
/arm5.110v3107n37
/arm5l.110v3107n37
/arm5n.110v3107n37
/arm6.110v3107n37
/arm64.110v3107n37
/arm6l.110v3107n37
/arm7.110v3107n37
/arm7l.110v3107n37
/arm8.110v3107n37
/armv4.110v3107n37
/armv4l.110v3107n37
/armv5l.110v3107n37
/armv6.110v3107n37
/armv61.110v3107n37
/armv6l.110v3107n37
/armv7l.110v3107n37
/dbg.110v3107n37
/exploit.110v3107n37
/i4.110v3107n37
/i486.110v3107n37
/i586.110v3107n37
/i6.110v3107n37
/i686.110v3107n37
/kill.110v3107n37
/m68.110v3107n37
/m68k.110v3107n37
/mips.110v3107n37
/mips64.110v3107n37
/mipsel.110v3107n37
/mpsl.110v3107n37
/pcc.110v3107n37
/powerpc-440fp.110v3107n37
/powerpc.110v3107n37
/powerppc.110v3107n37
/ppc.110v3107n37
/ppc2.110v3107n37
/ppc440.110v3107n37
/ppc440fp.110v3107n37
/root.110v3107n37
/root32.110v3107n37
/sh.110v3107n37
/sh4.110v3107n37
/sparc.110v3107n37
/spc.110v3107n37
/ssh4.110v3107n37
/x32.110v3107n37
/x64.110v3107n37
/x86.110v3107n37
/x86_32.110v3107n37
/x86_64.110v3107n37
/110v3107n37.arc
/110v3107n37.arm
/110v3107n37.arm4
/110v3107n37.arm4l
/110v3107n37.arm4t
/110v3107n37.arm4tl
/110v3107n37.arm4tll
/110v3107n37.arm5
/110v3107n37.arm5l
/110v3107n37.arm5n
/110v3107n37.arm6
/110v3107n37.arm64
/110v3107n37.arm6l
/110v3107n37.arm7
/110v3107n37.arm7l
/110v3107n37.arm8
/110v3107n37.armv4
/110v3107n37.armv4l
/110v3107n37.armv5l
/110v3107n37.armv6
/110v3107n37.armv61
/110v3107n37.armv6l
/110v3107n37.armv7l
/110v3107n37.dbg
/110v3107n37.exploit
/110v3107n37.i4
/110v3107n37.i486
/110v3107n37.i586
/110v3107n37.i6
/110v3107n37.i686
/110v3107n37.kill
/110v3107n37.m68
/110v3107n37.m68k
/110v3107n37.mips
/110v3107n37.mips64
/110v3107n37.mipsel
/110v3107n37.mpsl
/110v3107n37.pcc
/110v3107n37.powerpc
/110v3107n37.powerpc-440fp
/110v3107n37.powerppc
/110v3107n37.ppc
/110v3107n37.ppc2
/110v3107n37.ppc440
/110v3107n37.ppc440fp
/110v3107n37.root
/110v3107n37.root32
/110v3107n37.sh
/110v3107n37.sh4
/110v3107n37.sparc
/110v3107n37.spc
/110v3107n37.ssh4
/110v3107n37.x32
/110v3107n37.x64
/110v3107n37.x86
/110v3107n37.x86_32
/110v3107n37.x86_64
/arc.limit
/arm.limit
/arm4.limit
/arm4l.limit
/arm4t.limit
/arm4tl.limit
/arm4tll.limit
/arm5.limit
/arm5l.limit
/arm5n.limit
/arm6.limit
/arm64.limit
/arm6l.limit
/arm7.limit
/arm7l.limit
/arm8.limit
/armv4.limit
/armv4l.limit
/armv5l.limit
/armv6.limit
/armv61.limit
/armv6l.limit
/armv7l.limit
/dbg.limit
/exploit.limit
/i4.limit
/i486.limit
/i586.limit
/i6.limit
/i686.limit
/kill.limit
/m68.limit
/m68k.limit
/mips.limit
/mips64.limit
/mipsel.limit
/mpsl.limit
/pcc.limit
/powerpc-440fp.limit
/powerpc.limit
/powerppc.limit
/ppc.limit
/ppc2.limit
/ppc440.limit
/ppc440fp.limit
/root.limit
/root32.limit
/sh.limit
/sh4.limit
/sparc.limit
/spc.limit
/ssh4.limit
/x32.limit
/x64.limit
/x86.limit
/x86_32.limit
/x86_64.limit
/limit.arc
/limit.arm
/limit.arm4
/limit.arm4l
/limit.arm4t
/limit.arm4tl
/limit.arm4tll
/limit.arm5
/limit.arm5l
/limit.arm5n
/limit.arm6
/limit.arm64
/limit.arm6l
/limit.arm7
/limit.arm7l
/limit.arm8
/limit.armv4
/limit.armv4l
/limit.armv5l
/limit.armv6
/limit.armv61
/limit.armv6l
/limit.armv7l
/limit.dbg
/limit.exploit
/limit.i4
/limit.i486
/limit.i586
/limit.i6
/limit.i686
/limit.kill
/limit.m68
/limit.m68k
/limit.mips
/limit.mips64
/limit.mipsel
/limit.mpsl
/limit.pcc
/limit.powerpc
/limit.powerpc-440fp
/limit.powerppc
/limit.ppc
/limit.ppc2
/limit.ppc440
/limit.ppc440fp
/limit.root
/limit.root32
/limit.sh
/limit.sh4
/limit.sparc
/limit.spc
/limit.ssh4
/limit.x32
/limit.x64
/limit.x86
/limit.x86_32
/limit.x86_64
/iotbins/

# Reference: https://pastebin.com/raw/pcwTAeFY

/arc.Tnxl
/arm.Tnxl
/arm4.Tnxl
/arm4l.Tnxl
/arm4t.Tnxl
/arm4tl.Tnxl
/arm4tll.Tnxl
/arm5.Tnxl
/arm5l.Tnxl
/arm5n.Tnxl
/arm6.Tnxl
/arm64.Tnxl
/arm6l.Tnxl
/arm7.Tnxl
/arm7l.Tnxl
/arm8.Tnxl
/armv4.Tnxl
/armv4l.Tnxl
/armv5l.Tnxl
/armv6.Tnxl
/armv61.Tnxl
/armv6l.Tnxl
/armv7l.Tnxl
/dbg.Tnxl
/exploit.Tnxl
/i4.Tnxl
/i486.Tnxl
/i586.Tnxl
/i6.Tnxl
/i686.Tnxl
/kill.Tnxl
/m68.Tnxl
/m68k.Tnxl
/mips.Tnxl
/mips64.Tnxl
/mipsel.Tnxl
/mpsl.Tnxl
/pcc.Tnxl
/powerpc-440fp.Tnxl
/powerpc.Tnxl
/powerppc.Tnxl
/ppc.Tnxl
/ppc2.Tnxl
/ppc440.Tnxl
/ppc440fp.Tnxl
/root.Tnxl
/root32.Tnxl
/sh.Tnxl
/sh4.Tnxl
/sparc.Tnxl
/spc.Tnxl
/ssh4.Tnxl
/x32.Tnxl
/x64.Tnxl
/x86.Tnxl
/x86_32.Tnxl
/x86_64.Tnxl
/Tnxl.arc
/Tnxl.arm
/Tnxl.arm4
/Tnxl.arm4l
/Tnxl.arm4t
/Tnxl.arm4tl
/Tnxl.arm4tll
/Tnxl.arm5
/Tnxl.arm5l
/Tnxl.arm5n
/Tnxl.arm6
/Tnxl.arm64
/Tnxl.arm6l
/Tnxl.arm7
/Tnxl.arm7l
/Tnxl.arm8
/Tnxl.armv4
/Tnxl.armv4l
/Tnxl.armv5l
/Tnxl.armv6
/Tnxl.armv61
/Tnxl.armv6l
/Tnxl.armv7l
/Tnxl.dbg
/Tnxl.exploit
/Tnxl.i4
/Tnxl.i486
/Tnxl.i586
/Tnxl.i6
/Tnxl.i686
/Tnxl.kill
/Tnxl.m68
/Tnxl.m68k
/Tnxl.mips
/Tnxl.mips64
/Tnxl.mipsel
/Tnxl.mpsl
/Tnxl.pcc
/Tnxl.powerpc
/Tnxl.powerpc-440fp
/Tnxl.powerppc
/Tnxl.ppc
/Tnxl.ppc2
/Tnxl.ppc440
/Tnxl.ppc440fp
/Tnxl.root
/Tnxl.root32
/Tnxl.sh
/Tnxl.sh4
/Tnxl.sparc
/Tnxl.spc
/Tnxl.ssh4
/Tnxl.x32
/Tnxl.x64
/Tnxl.x86
/Tnxl.x86_32
/Tnxl.x86_64
/Tnxl_Bins/

# Reference: https://twitter.com/bad_packets/status/1263934728912146432

138.197.144.166:23
138.197.144.166:666

# Reference: https://twitter.com/0xrb/status/1268100424449396738
# Reference: https://pastebin.com/N9ncvY5L

27.122.56.147:8888
/0x1x1x1x21212121.arc
/0x1x1x1x21212121.arm
/0x1x1x1x21212121.arm4
/0x1x1x1x21212121.arm4l
/0x1x1x1x21212121.arm4t
/0x1x1x1x21212121.arm4tl
/0x1x1x1x21212121.arm4tll
/0x1x1x1x21212121.arm5
/0x1x1x1x21212121.arm5l
/0x1x1x1x21212121.arm5n
/0x1x1x1x21212121.arm6
/0x1x1x1x21212121.arm64
/0x1x1x1x21212121.arm6l
/0x1x1x1x21212121.arm7
/0x1x1x1x21212121.arm7l
/0x1x1x1x21212121.arm8
/0x1x1x1x21212121.armv4
/0x1x1x1x21212121.armv4l
/0x1x1x1x21212121.armv5l
/0x1x1x1x21212121.armv6
/0x1x1x1x21212121.armv61
/0x1x1x1x21212121.armv6l
/0x1x1x1x21212121.armv7l
/0x1x1x1x21212121.dbg
/0x1x1x1x21212121.exploit
/0x1x1x1x21212121.i4
/0x1x1x1x21212121.i486
/0x1x1x1x21212121.i586
/0x1x1x1x21212121.i6
/0x1x1x1x21212121.i686
/0x1x1x1x21212121.kill
/0x1x1x1x21212121.m68
/0x1x1x1x21212121.m68k
/0x1x1x1x21212121.mips
/0x1x1x1x21212121.mips64
/0x1x1x1x21212121.mipsel
/0x1x1x1x21212121.mpsl
/0x1x1x1x21212121.pcc
/0x1x1x1x21212121.powerpc
/0x1x1x1x21212121.powerpc-440fp
/0x1x1x1x21212121.powerppc
/0x1x1x1x21212121.ppc
/0x1x1x1x21212121.ppc2
/0x1x1x1x21212121.ppc440
/0x1x1x1x21212121.ppc440fp
/0x1x1x1x21212121.root
/0x1x1x1x21212121.root32
/0x1x1x1x21212121.sh
/0x1x1x1x21212121.sh4
/0x1x1x1x21212121.sparc
/0x1x1x1x21212121.spc
/0x1x1x1x21212121.ssh4
/0x1x1x1x21212121.x32
/0x1x1x1x21212121.x64
/0x1x1x1x21212121.x86
/0x1x1x1x21212121.x86_32
/0x1x1x1x21212121.x86_64
/g0dlike.arc
/g0dlike.arm
/g0dlike.arm4
/g0dlike.arm4l
/g0dlike.arm4t
/g0dlike.arm4tl
/g0dlike.arm4tll
/g0dlike.arm5
/g0dlike.arm5l
/g0dlike.arm5n
/g0dlike.arm6
/g0dlike.arm64
/g0dlike.arm6l
/g0dlike.arm7
/g0dlike.arm7l
/g0dlike.arm8
/g0dlike.armv4
/g0dlike.armv4l
/g0dlike.armv5l
/g0dlike.armv6
/g0dlike.armv61
/g0dlike.armv6l
/g0dlike.armv7l
/g0dlike.dbg
/g0dlike.exploit
/g0dlike.i4
/g0dlike.i486
/g0dlike.i586
/g0dlike.i6
/g0dlike.i686
/g0dlike.kill
/g0dlike.m68
/g0dlike.m68k
/g0dlike.mips
/g0dlike.mips64
/g0dlike.mipsel
/g0dlike.mpsl
/g0dlike.pcc
/g0dlike.powerpc
/g0dlike.powerpc-440fp
/g0dlike.powerppc
/g0dlike.ppc
/g0dlike.ppc2
/g0dlike.ppc440
/g0dlike.ppc440fp
/g0dlike.root
/g0dlike.root32
/g0dlike.sh
/g0dlike.sh4
/g0dlike.sparc
/g0dlike.spc
/g0dlike.ssh4
/g0dlike.x32
/g0dlike.x64
/g0dlike.x86
/g0dlike.x86_32
/g0dlike.x86_64
/sa0asbins.arc
/sa0asbins.arm
/sa0asbins.arm4
/sa0asbins.arm4l
/sa0asbins.arm4t
/sa0asbins.arm4tl
/sa0asbins.arm4tll
/sa0asbins.arm5
/sa0asbins.arm5l
/sa0asbins.arm5n
/sa0asbins.arm6
/sa0asbins.arm64
/sa0asbins.arm6l
/sa0asbins.arm7
/sa0asbins.arm7l
/sa0asbins.arm8
/sa0asbins.armv4
/sa0asbins.armv4l
/sa0asbins.armv5l
/sa0asbins.armv6
/sa0asbins.armv61
/sa0asbins.armv6l
/sa0asbins.armv7l
/sa0asbins.dbg
/sa0asbins.exploit
/sa0asbins.i4
/sa0asbins.i486
/sa0asbins.i586
/sa0asbins.i6
/sa0asbins.i686
/sa0asbins.kill
/sa0asbins.m68
/sa0asbins.m68k
/sa0asbins.mips
/sa0asbins.mips64
/sa0asbins.mipsel
/sa0asbins.mpsl
/sa0asbins.pcc
/sa0asbins.powerpc
/sa0asbins.powerpc-440fp
/sa0asbins.powerppc
/sa0asbins.ppc
/sa0asbins.ppc2
/sa0asbins.ppc440
/sa0asbins.ppc440fp
/sa0asbins.root
/sa0asbins.root32
/sa0asbins.sh
/sa0asbins.sh4
/sa0asbins.sparc
/sa0asbins.spc
/sa0asbins.ssh4
/sa0asbins.x32
/sa0asbins.x64
/sa0asbins.x86
/sa0asbins.x86_32
/sa0asbins.x86_64
/testingSVR88292.arc
/testingSVR88292.arm
/testingSVR88292.arm4
/testingSVR88292.arm4l
/testingSVR88292.arm4t
/testingSVR88292.arm4tl
/testingSVR88292.arm4tll
/testingSVR88292.arm5
/testingSVR88292.arm5l
/testingSVR88292.arm5n
/testingSVR88292.arm6
/testingSVR88292.arm64
/testingSVR88292.arm6l
/testingSVR88292.arm7
/testingSVR88292.arm7l
/testingSVR88292.arm8
/testingSVR88292.armv4
/testingSVR88292.armv4l
/testingSVR88292.armv5l
/testingSVR88292.armv6
/testingSVR88292.armv61
/testingSVR88292.armv6l
/testingSVR88292.armv7l
/testingSVR88292.dbg
/testingSVR88292.exploit
/testingSVR88292.i4
/testingSVR88292.i486
/testingSVR88292.i586
/testingSVR88292.i6
/testingSVR88292.i686
/testingSVR88292.kill
/testingSVR88292.m68
/testingSVR88292.m68k
/testingSVR88292.mips
/testingSVR88292.mips64
/testingSVR88292.mipsel
/testingSVR88292.mpsl
/testingSVR88292.pcc
/testingSVR88292.powerpc
/testingSVR88292.powerpc-440fp
/testingSVR88292.powerppc
/testingSVR88292.ppc
/testingSVR88292.ppc2
/testingSVR88292.ppc440
/testingSVR88292.ppc440fp
/testingSVR88292.root
/testingSVR88292.root32
/testingSVR88292.sh
/testingSVR88292.sh4
/testingSVR88292.sparc
/testingSVR88292.spc
/testingSVR88292.ssh4
/testingSVR88292.x32
/testingSVR88292.x64
/testingSVR88292.x86
/testingSVR88292.x86_32
/testingSVR88292.x86_64
/000jaknet000/
/n_Bins/

# Reference: https://github.com/unixfreaxjp/malwaremustdie/blob/master/etc/IoTBotnetISPAbuse202005.md

/GGWP.sh
/Irisbins.sh
/Joker.sh
/Pemex.sh
/SnOoPy.sh
/g0away.sh
/kyelbins.sh
/nasubins.sh
/oofbins.sh
/sensi.sh
/shoxbins.sh
/sora.sh
/vsUerS.sh
/yebins.sh
/yoyobins.sh

# Reference: https://twitter.com/tolisec/status/1269948415724736515
# Reference: https://pastebin.com/DpeMCgrL

172.245.8.9:3884
37.49.224.209:5959
45.143.220.246:1027
45.95.168.156:45
45.95.169.1:5959

# Reference: https://twitter.com/bad_packets/status/1270789161012744192

85.204.116.87:131
85.204.116.87:16850

# Reference: https://twitter.com/bad_packets/status/1266125300888297473

94.102.63.52:9102

# Reference: https://twitter.com/bad_packets/status/1271153910841925633

37.49.224.183:50821
37.49.224.183:58666

# Reference: https://twitter.com/VessOnSecurity/status/1271184863283077120

/CentralIntelligenceAgency.arc
/CentralIntelligenceAgency.arm
/CentralIntelligenceAgency.arm4
/CentralIntelligenceAgency.arm4l
/CentralIntelligenceAgency.arm4t
/CentralIntelligenceAgency.arm4tl
/CentralIntelligenceAgency.arm4tll
/CentralIntelligenceAgency.arm5
/CentralIntelligenceAgency.arm5l
/CentralIntelligenceAgency.arm5n
/CentralIntelligenceAgency.arm6
/CentralIntelligenceAgency.arm64
/CentralIntelligenceAgency.arm6l
/CentralIntelligenceAgency.arm7
/CentralIntelligenceAgency.arm7l
/CentralIntelligenceAgency.arm8
/CentralIntelligenceAgency.armv4
/CentralIntelligenceAgency.armv4l
/CentralIntelligenceAgency.armv5l
/CentralIntelligenceAgency.armv6
/CentralIntelligenceAgency.armv61
/CentralIntelligenceAgency.armv6l
/CentralIntelligenceAgency.armv7l
/CentralIntelligenceAgency.dbg
/CentralIntelligenceAgency.exploit
/CentralIntelligenceAgency.i4
/CentralIntelligenceAgency.i486
/CentralIntelligenceAgency.i586
/CentralIntelligenceAgency.i6
/CentralIntelligenceAgency.i686
/CentralIntelligenceAgency.kill
/CentralIntelligenceAgency.m68
/CentralIntelligenceAgency.m68k
/CentralIntelligenceAgency.mips
/CentralIntelligenceAgency.mips64
/CentralIntelligenceAgency.mipsel
/CentralIntelligenceAgency.mpsl
/CentralIntelligenceAgency.pcc
/CentralIntelligenceAgency.powerpc
/CentralIntelligenceAgency.powerpc-440fp
/CentralIntelligenceAgency.powerppc
/CentralIntelligenceAgency.ppc
/CentralIntelligenceAgency.ppc2
/CentralIntelligenceAgency.ppc440
/CentralIntelligenceAgency.ppc440fp
/CentralIntelligenceAgency.root
/CentralIntelligenceAgency.root32
/CentralIntelligenceAgency.sh
/CentralIntelligenceAgency.sh4
/CentralIntelligenceAgency.sparc
/CentralIntelligenceAgency.spc
/CentralIntelligenceAgency.ssh4
/CentralIntelligenceAgency.x32
/CentralIntelligenceAgency.x64
/CentralIntelligenceAgency.x86
/CentralIntelligenceAgency.x86_32
/CentralIntelligenceAgency.x86_64

# Reference: https://twitter.com/hypoweb/status/1272939520443346944
# Reference: https://www.virustotal.com/gui/domain/qweqwe.com/relations

qweqwe.com

# Reference: https://urlhaus.abuse.ch/url/392907/

/Meth.arc
/Meth.arm
/Meth.arm4
/Meth.arm4l
/Meth.arm4t
/Meth.arm4tl
/Meth.arm4tll
/Meth.arm5
/Meth.arm5l
/Meth.arm5n
/Meth.arm6
/Meth.arm64
/Meth.arm6l
/Meth.arm7
/Meth.arm7l
/Meth.arm8
/Meth.armv4
/Meth.armv4l
/Meth.armv5l
/Meth.armv6
/Meth.armv61
/Meth.armv6l
/Meth.armv7l
/Meth.dbg
/Meth.exploit
/Meth.i4
/Meth.i486
/Meth.i586
/Meth.i6
/Meth.i686
/Meth.kill
/Meth.m68
/Meth.m68k
/Meth.mips
/Meth.mips64
/Meth.mipsel
/Meth.mpsl
/Meth.pcc
/Meth.powerpc
/Meth.powerpc-440fp
/Meth.powerppc
/Meth.ppc
/Meth.ppc2
/Meth.ppc440
/Meth.ppc440fp
/Meth.root
/Meth.root32
/Meth.sh
/Meth.sh4
/Meth.sparc
/Meth.spc
/Meth.ssh4
/Meth.x32
/Meth.x64
/Meth.x86
/Meth.x86_32
/Meth.x86_64
/YaO2uFOvUG8LV1y5NY1aCHmr1WdBLjcjiVD6aRRAWDL6oNY29J88y0nrXxaHBmTLEYC9yB56gBn95pco8kCbldVsHmjNQk8JTaC/

# Reference: https://urlhaus.abuse.ch/url/392839/
# Reference: https://pastebin.com/jEjPXTTN

/M3tH.arc
/M3tH.arm
/M3tH.arm4
/M3tH.arm4l
/M3tH.arm4t
/M3tH.arm4tl
/M3tH.arm4tll
/M3tH.arm5
/M3tH.arm5l
/M3tH.arm5n
/M3tH.arm6
/M3tH.arm64
/M3tH.arm6l
/M3tH.arm7
/M3tH.arm7l
/M3tH.arm8
/M3tH.armv4
/M3tH.armv4l
/M3tH.armv5l
/M3tH.armv6
/M3tH.armv61
/M3tH.armv6l
/M3tH.armv7l
/M3tH.dbg
/M3tH.exploit
/M3tH.i4
/M3tH.i486
/M3tH.i586
/M3tH.i6
/M3tH.i686
/M3tH.kill
/M3tH.m68
/M3tH.m68k
/M3tH.mips
/M3tH.mips64
/M3tH.mipsel
/M3tH.mpsl
/M3tH.pcc
/M3tH.powerpc
/M3tH.powerpc-440fp
/M3tH.powerppc
/M3tH.ppc
/M3tH.ppc2
/M3tH.ppc440
/M3tH.ppc440fp
/M3tH.root
/M3tH.root32
/M3tH.sh
/M3tH.sh4
/M3tH.sparc
/M3tH.spc
/M3tH.ssh4
/M3tH.x32
/M3tH.x64
/M3tH.x86
/M3tH.x86_32
/M3tH.x86_64
/0xxx0xxxasdajshdsajhkgdja/
/sa0UGVOZIpAoQTtcR1KLEkN2x/

# Reference: https://twitter.com/0xrb/status/1273495537912692738

104.168.143.15:1312

# Reference: https://www.f5.com/labs/articles/threat-intelligence/mirai-is-attacking-again-so-were-outing-its-hilarious-explicit-c-c-hostnames

0x01.nexusiotsolutions.net
0x01.preload.su
0x90.bid
1eryxnva.glibc.org
aced.ga
air.sinushost.biz
akuma.pw
alhctuyy.tk
asapvpns.club
aspectleaks.xyz
back.uu8889.com
bakiiszwart.tk
base.monello.tk
bbase.monello.tk
bc.nexusiotsolutions.net
bcnc.changeme.com
bfrxznyisbestie.ml
bfyfa.fun
bhromofreah.top
bigboats.club
bigboatz.us
bkush.ml
blacklister.nl
bloodwars.ws
blueandsausesfries.us
bnexusiotsolutions.net
boat.racoon.ml
boatnet.xyz
booters.ml
botnet.remaiten.org
botnetsale.tk
bounty.bigbotpein.ru
bscotsa.pw
c.nexusiotsolutions.net
ccc.snicker.ir
central.glibc.org
cmdmirai.tk
cn.uvgczsuidrtg.com
cnbot.space
cnc.bigbandsinmyvault.tk
cnc.bigbotpein.ru
cnc.changeme.com
cnc.linux.lol
cnc.mirai.com
cnc.nutsz.club
cnc.skidsec.org
cnc.smokemethallday.tk
cnc.spamtech.win
cnc.teammalefic.pw
cnc.tonguepunchfartbox.life
cnc.urgay.cf
cnc.vdskge7as.xyz
cnc.voxlobid.tk
cnc111.ml
cncbot.cnbot.space
cncbot.ddns.net
conwangg.de
cool.kingdomplugin.nl
coolxr.info
cottoncandyloverscute.website
crazyclothes.store
d.hi8520.com
dankstresser.tk
dannyexe.xyz
ddosattacks.tk
deathlives.ddns.net
dportsmirai.tk
dssgasrea.club
eccc.bulletpool.ru
ertwer.vdskge7as.xyz
fFvFVcnc.changeme.com
featured.cf
fedtraps.cf
frost.botnet.hackedfiles.pw
frxznyisbestie.ml
ftp.xenonbooter.xyz
fucktzoh.xyz
fyfa.fun
gammaboat.us
gangsters.cf
ghoststresser.pw
gndfgdd.club
gnikllort.com
gotnulled.ga
greekhelios21.tk
happyf33t.nl
harikatha.com
hello.bigpuller.cf
hoaxnet.ddns.net
horsecocked.4horsemen.pw
hotelcasa.nl
hromofreah.top
ikbensupercool.nl
iktufopjou.nl
infecteverywhere.online
int.aerx.io
internetgangster.tk
internetpolice.ga
internetpolice.ml
internetpolice.tk
iotmirai.tk
isalinux.intercomonline.com
kagbe.nl
kingdomplugin.nl
kormirai.ddns.net
kringelstan.net
kush.ml
leakedfiles.org
legendarysprx.pw
linux.lol
linuxsecuritys.com
lol.godlynet.cf
lol665.tk
lolzsecsshittymirai.tk
majikku.us
miraibotnet.eu
miraibotnet.ml
miraibotnet.online
miraihoneypot.tk
mirainet.ml
mirainet.tk
mm.haxornah.top
moanmybins.ml
modems.pw
monello.tk
myacerusername.hopto.org
mymiraiserver.hopto.org
mypawnshop.men
nageboorte.ga
naotogoyamamcc.asuscomm.com
net.nageboorte.nl
neuvostoliitto.ml
neuvostoliitto.tk
newel.se
nexusaquariums.ir
nexusiotsolutions.net
nnn.shenron.pw
nullserversmirai.tk
nutsz.club
offlineservers.tk
online.upmirai.club
onyxreppingoat.cf
powa.daddyhackingteam.com
power4you.ddns.net
predoxing.tk
purgeblood.duckdns.org
puti.csgo
putintrump.cf
putintrump.tk
pvpcloud.us
pyfulthag0d.pw
q5f2k0evy7go2rax9m4g.ru
reppin.tk
rofl.leakvortex.pro
rootyi.site
runscape.cf
rw595phpt4kk538s.botanik.gq
s0.3eu.ru
santasbigcandycane.cx
sbnmcd.org
scotsa.pw
sepinsftw.tk
serveranywhere.cf
serveranywhere.ga
serversrus.club
sevenp.top
skidsec.org
smithre.top
smokemethallday.tk
snicker.ir
spamtech.win
ssh.gammaboat.us
swatnetiphone.tk
swatnetsucks.tk
swinginwithme.ru
swizzthegod.us
teammalefic.pw
test.cnc
thebigbadbotnet.tk
thonder.club
tonguepunchfartbox.life
totalbooter.us
trapboat.club
truepower.club
unix.tk
upfiles.online
urgay.cf
uryjsdrfg.club
vap3.ddns.net
vdskge7as.xyz
voxlobid.tk
wheresmirai.tk
winter.winterboot.net
yzykar.ddns.net
zammanaakis.link
zetastress.net

# Reference: https://www.virusbulletin.com/virusbulletin/2018/12/vb2018-paper-tracking-mirai-variants/

aandy.cf
aandy.xyz
askjasghasg.ru
cnc.aandy.xyz
cnc.ttoww.com

# Reference: https://twitter.com/huiwangeth/status/1275650252947800065
# Reference: https://www.virustotal.com/gui/file/f60b29cfb7eab3aeb391f46e94d4d8efadde5498583a2f5c71bd8212d8ae92da/detection

/fetch.arc
/fetch.arm
/fetch.arm4
/fetch.arm4l
/fetch.arm4t
/fetch.arm4tl
/fetch.arm4tll
/fetch.arm5
/fetch.arm5l
/fetch.arm5n
/fetch.arm6
/fetch.arm64
/fetch.arm6l
/fetch.arm7
/fetch.arm7l
/fetch.arm8
/fetch.armv4
/fetch.armv4l
/fetch.armv5l
/fetch.armv6
/fetch.armv61
/fetch.armv6l
/fetch.armv7l
/fetch.dbg
/fetch.exploit
/fetch.i4
/fetch.i486
/fetch.i586
/fetch.i6
/fetch.i686
/fetch.kill
/fetch.m68
/fetch.m68k
/fetch.mips
/fetch.mips64
/fetch.mipsel
/fetch.mpsl
/fetch.pcc
/fetch.powerpc
/fetch.powerpc-440fp
/fetch.powerppc
/fetch.ppc
/fetch.ppc2
/fetch.ppc440
/fetch.ppc440fp
/fetch.root
/fetch.root32
/fetch.sh
/fetch.sh4
/fetch.sparc
/fetch.spc
/fetch.ssh4
/fetch.x32
/fetch.x64
/fetch.x86
/fetch.x86_32
/fetch.x86_64
dotheneedfull.xyz

# Reference: https://blacklist.cyberthreatcoalition.org/vetted/url.txt

81.17.16.122:34343
81.17.16.122:44783
/666.arc
/666.arm
/666.arm4
/666.arm4l
/666.arm4t
/666.arm4tl
/666.arm4tll
/666.arm5
/666.arm5l
/666.arm5n
/666.arm6
/666.arm64
/666.arm6l
/666.arm7
/666.arm7l
/666.arm8
/666.armv4
/666.armv4l
/666.armv5l
/666.armv6
/666.armv61
/666.armv6l
/666.armv7l
/666.dbg
/666.exploit
/666.i4
/666.i486
/666.i586
/666.i6
/666.i686
/666.kill
/666.m68
/666.m68k
/666.mips
/666.mips64
/666.mipsel
/666.mpsl
/666.pcc
/666.powerpc
/666.powerpc-440fp
/666.powerppc
/666.ppc
/666.ppc2
/666.ppc440
/666.ppc440fp
/666.root
/666.root32
/666.sh
/666.sh4
/666.sparc
/666.spc
/666.ssh4
/666.x32
/666.x64
/666.x86
/666.x86_32
/666.x86_64
/888fff999.arc
/888fff999.arm
/888fff999.arm4
/888fff999.arm4l
/888fff999.arm4t
/888fff999.arm4tl
/888fff999.arm4tll
/888fff999.arm5
/888fff999.arm5l
/888fff999.arm5n
/888fff999.arm6
/888fff999.arm64
/888fff999.arm6l
/888fff999.arm7
/888fff999.arm7l
/888fff999.arm8
/888fff999.armv4
/888fff999.armv4l
/888fff999.armv5l
/888fff999.armv6
/888fff999.armv61
/888fff999.armv6l
/888fff999.armv7l
/888fff999.dbg
/888fff999.exploit
/888fff999.i4
/888fff999.i486
/888fff999.i586
/888fff999.i6
/888fff999.i686
/888fff999.kill
/888fff999.m68
/888fff999.m68k
/888fff999.mips
/888fff999.mips64
/888fff999.mipsel
/888fff999.mpsl
/888fff999.pcc
/888fff999.powerpc
/888fff999.powerpc-440fp
/888fff999.powerppc
/888fff999.ppc
/888fff999.ppc2
/888fff999.ppc440
/888fff999.ppc440fp
/888fff999.root
/888fff999.root32
/888fff999.sh
/888fff999.sh4
/888fff999.sparc
/888fff999.spc
/888fff999.ssh4
/888fff999.x32
/888fff999.x64
/888fff999.x86
/888fff999.x86_32
/888fff999.x86_64
/4LSI.arc
/4LSI.arm
/4LSI.arm4
/4LSI.arm4l
/4LSI.arm4t
/4LSI.arm4tl
/4LSI.arm4tll
/4LSI.arm5
/4LSI.arm5l
/4LSI.arm5n
/4LSI.arm6
/4LSI.arm64
/4LSI.arm6l
/4LSI.arm7
/4LSI.arm7l
/4LSI.arm8
/4LSI.armv4
/4LSI.armv4l
/4LSI.armv5l
/4LSI.armv6
/4LSI.armv61
/4LSI.armv6l
/4LSI.armv7l
/4LSI.dbg
/4LSI.exploit
/4LSI.i4
/4LSI.i486
/4LSI.i586
/4LSI.i6
/4LSI.i686
/4LSI.kill
/4LSI.m68
/4LSI.m68k
/4LSI.mips
/4LSI.mips64
/4LSI.mipsel
/4LSI.mpsl
/4LSI.pcc
/4LSI.powerpc
/4LSI.powerpc-440fp
/4LSI.powerppc
/4LSI.ppc
/4LSI.ppc2
/4LSI.ppc440
/4LSI.ppc440fp
/4LSI.root
/4LSI.root32
/4LSI.sh
/4LSI.sh4
/4LSI.sparc
/4LSI.spc
/4LSI.ssh4
/4LSI.x32
/4LSI.x64
/4LSI.x86
/4LSI.x86_32
/4LSI.x86_64
/a7mad.arc
/a7mad.arm
/a7mad.arm4
/a7mad.arm4l
/a7mad.arm4t
/a7mad.arm4tl
/a7mad.arm4tll
/a7mad.arm5
/a7mad.arm5l
/a7mad.arm5n
/a7mad.arm6
/a7mad.arm64
/a7mad.arm6l
/a7mad.arm7
/a7mad.arm7l
/a7mad.arm8
/a7mad.armv4
/a7mad.armv4l
/a7mad.armv5l
/a7mad.armv6
/a7mad.armv61
/a7mad.armv6l
/a7mad.armv7l
/a7mad.dbg
/a7mad.exploit
/a7mad.i4
/a7mad.i486
/a7mad.i586
/a7mad.i6
/a7mad.i686
/a7mad.kill
/a7mad.m68
/a7mad.m68k
/a7mad.mips
/a7mad.mips64
/a7mad.mipsel
/a7mad.mpsl
/a7mad.pcc
/a7mad.powerpc
/a7mad.powerpc-440fp
/a7mad.powerppc
/a7mad.ppc
/a7mad.ppc2
/a7mad.ppc440
/a7mad.ppc440fp
/a7mad.root
/a7mad.root32
/a7mad.sh
/a7mad.sh4
/a7mad.sparc
/a7mad.spc
/a7mad.ssh4
/a7mad.x32
/a7mad.x64
/a7mad.x86
/a7mad.x86_32
/a7mad.x86_64
/aisuru.arc
/aisuru.arm
/aisuru.arm4
/aisuru.arm4l
/aisuru.arm4t
/aisuru.arm4tl
/aisuru.arm4tll
/aisuru.arm5
/aisuru.arm5l
/aisuru.arm5n
/aisuru.arm6
/aisuru.arm64
/aisuru.arm6l
/aisuru.arm7
/aisuru.arm7l
/aisuru.arm8
/aisuru.armv4
/aisuru.armv4l
/aisuru.armv5l
/aisuru.armv6
/aisuru.armv61
/aisuru.armv6l
/aisuru.armv7l
/aisuru.dbg
/aisuru.exploit
/aisuru.i4
/aisuru.i486
/aisuru.i586
/aisuru.i6
/aisuru.i686
/aisuru.kill
/aisuru.m68
/aisuru.m68k
/aisuru.mips
/aisuru.mips64
/aisuru.mipsel
/aisuru.mpsl
/aisuru.pcc
/aisuru.powerpc
/aisuru.powerpc-440fp
/aisuru.powerppc
/aisuru.ppc
/aisuru.ppc2
/aisuru.ppc440
/aisuru.ppc440fp
/aisuru.root
/aisuru.root32
/aisuru.sh
/aisuru.sh4
/aisuru.sparc
/aisuru.spc
/aisuru.ssh4
/aisuru.x32
/aisuru.x64
/aisuru.x86
/aisuru.x86_32
/aisuru.x86_64
/Arceus.arc
/Arceus.arm
/Arceus.arm4
/Arceus.arm4l
/Arceus.arm4t
/Arceus.arm4tl
/Arceus.arm4tll
/Arceus.arm5
/Arceus.arm5l
/Arceus.arm5n
/Arceus.arm6
/Arceus.arm64
/Arceus.arm6l
/Arceus.arm7
/Arceus.arm7l
/Arceus.arm8
/Arceus.armv4
/Arceus.armv4l
/Arceus.armv5l
/Arceus.armv6
/Arceus.armv61
/Arceus.armv6l
/Arceus.armv7l
/Arceus.dbg
/Arceus.exploit
/Arceus.i4
/Arceus.i486
/Arceus.i586
/Arceus.i6
/Arceus.i686
/Arceus.kill
/Arceus.m68
/Arceus.m68k
/Arceus.mips
/Arceus.mips64
/Arceus.mipsel
/Arceus.mpsl
/Arceus.pcc
/Arceus.powerpc
/Arceus.powerpc-440fp
/Arceus.powerppc
/Arceus.ppc
/Arceus.ppc2
/Arceus.ppc440
/Arceus.ppc440fp
/Arceus.root
/Arceus.root32
/Arceus.sh
/Arceus.sh4
/Arceus.sparc
/Arceus.spc
/Arceus.ssh4
/Arceus.x32
/Arceus.x64
/Arceus.x86
/Arceus.x86_32
/Arceus.x86_64
/Athena.arc
/Athena.arm
/Athena.arm4
/Athena.arm4l
/Athena.arm4t
/Athena.arm4tl
/Athena.arm4tll
/Athena.arm5
/Athena.arm5l
/Athena.arm5n
/Athena.arm6
/Athena.arm64
/Athena.arm6l
/Athena.arm7
/Athena.arm7l
/Athena.arm8
/Athena.armv4
/Athena.armv4l
/Athena.armv5l
/Athena.armv6
/Athena.armv61
/Athena.armv6l
/Athena.armv7l
/Athena.dbg
/Athena.exploit
/Athena.i4
/Athena.i486
/Athena.i586
/Athena.i6
/Athena.i686
/Athena.kill
/Athena.m68
/Athena.m68k
/Athena.mips
/Athena.mips64
/Athena.mipsel
/Athena.mpsl
/Athena.pcc
/Athena.powerpc
/Athena.powerpc-440fp
/Athena.powerppc
/Athena.ppc
/Athena.ppc2
/Athena.ppc440
/Athena.ppc440fp
/Athena.root
/Athena.root32
/Athena.sh
/Athena.sh4
/Athena.sparc
/Athena.spc
/Athena.ssh4
/Athena.x32
/Athena.x64
/Athena.x86
/Athena.x86_32
/Athena.x86_64
/atomic.arc
/atomic.arm
/atomic.arm4
/atomic.arm4l
/atomic.arm4t
/atomic.arm4tl
/atomic.arm4tll
/atomic.arm5
/atomic.arm5l
/atomic.arm5n
/atomic.arm6
/atomic.arm64
/atomic.arm6l
/atomic.arm7
/atomic.arm7l
/atomic.arm8
/atomic.armv4
/atomic.armv4l
/atomic.armv5l
/atomic.armv6
/atomic.armv61
/atomic.armv6l
/atomic.armv7l
/atomic.dbg
/atomic.exploit
/atomic.i4
/atomic.i486
/atomic.i586
/atomic.i6
/atomic.i686
/atomic.kill
/atomic.m68
/atomic.m68k
/atomic.mips
/atomic.mips64
/atomic.mipsel
/atomic.mpsl
/atomic.pcc
/atomic.powerpc
/atomic.powerpc-440fp
/atomic.powerppc
/atomic.ppc
/atomic.ppc2
/atomic.ppc440
/atomic.ppc440fp
/atomic.root
/atomic.root32
/atomic.sh
/atomic.sh4
/atomic.sparc
/atomic.spc
/atomic.ssh4
/atomic.x32
/atomic.x64
/atomic.x86
/atomic.x86_32
/atomic.x86_64
/b00m19.arc
/b00m19.arm
/b00m19.arm4
/b00m19.arm4l
/b00m19.arm4t
/b00m19.arm4tl
/b00m19.arm4tll
/b00m19.arm5
/b00m19.arm5l
/b00m19.arm5n
/b00m19.arm6
/b00m19.arm64
/b00m19.arm6l
/b00m19.arm7
/b00m19.arm7l
/b00m19.arm8
/b00m19.armv4
/b00m19.armv4l
/b00m19.armv5l
/b00m19.armv6
/b00m19.armv61
/b00m19.armv6l
/b00m19.armv7l
/b00m19.dbg
/b00m19.exploit
/b00m19.i4
/b00m19.i486
/b00m19.i586
/b00m19.i6
/b00m19.i686
/b00m19.kill
/b00m19.m68
/b00m19.m68k
/b00m19.mips
/b00m19.mips64
/b00m19.mipsel
/b00m19.mpsl
/b00m19.pcc
/b00m19.powerpc
/b00m19.powerpc-440fp
/b00m19.powerppc
/b00m19.ppc
/b00m19.ppc2
/b00m19.ppc440
/b00m19.ppc440fp
/b00m19.root
/b00m19.root32
/b00m19.sh
/b00m19.sh4
/b00m19.sparc
/b00m19.spc
/b00m19.ssh4
/b00m19.x32
/b00m19.x64
/b00m19.x86
/b00m19.x86_32
/b00m19.x86_64
/boot64ntarc
/boot64ntarm
/boot64ntarm4
/boot64ntarm4l
/boot64ntarm4t
/boot64ntarm4tl
/boot64ntarm4tll
/boot64ntarm5
/boot64ntarm5l
/boot64ntarm5n
/boot64ntarm6
/boot64ntarm64
/boot64ntarm6l
/boot64ntarm7
/boot64ntarm7l
/boot64ntarm8
/boot64ntarmv4
/boot64ntarmv4l
/boot64ntarmv5l
/boot64ntarmv6
/boot64ntarmv61
/boot64ntarmv6l
/boot64ntarmv7l
/boot64ntdbg
/boot64ntexploit
/boot64nti4
/boot64nti486
/boot64nti586
/boot64nti6
/boot64nti686
/boot64ntkill
/boot64ntm68
/boot64ntm68k
/boot64ntmips
/boot64ntmips64
/boot64ntmipsel
/boot64ntmpsl
/boot64ntpcc
/boot64ntpowerpc
/boot64ntpowerpc-440fp
/boot64ntpowerppc
/boot64ntppc
/boot64ntppc2
/boot64ntppc440
/boot64ntppc440fp
/boot64ntroot
/boot64ntroot32
/boot64ntsh
/boot64ntsh4
/boot64ntsparc
/boot64ntspc
/boot64ntssh4
/boot64ntx32
/boot64ntx64
/boot64ntx86
/boot64ntx86_32
/boot64ntx86_64
/buiodawbdawbuiopdw.arc
/buiodawbdawbuiopdw.arm
/buiodawbdawbuiopdw.arm4
/buiodawbdawbuiopdw.arm4l
/buiodawbdawbuiopdw.arm4t
/buiodawbdawbuiopdw.arm4tl
/buiodawbdawbuiopdw.arm4tll
/buiodawbdawbuiopdw.arm5
/buiodawbdawbuiopdw.arm5l
/buiodawbdawbuiopdw.arm5n
/buiodawbdawbuiopdw.arm6
/buiodawbdawbuiopdw.arm64
/buiodawbdawbuiopdw.arm6l
/buiodawbdawbuiopdw.arm7
/buiodawbdawbuiopdw.arm7l
/buiodawbdawbuiopdw.arm8
/buiodawbdawbuiopdw.armv4
/buiodawbdawbuiopdw.armv4l
/buiodawbdawbuiopdw.armv5l
/buiodawbdawbuiopdw.armv6
/buiodawbdawbuiopdw.armv61
/buiodawbdawbuiopdw.armv6l
/buiodawbdawbuiopdw.armv7l
/buiodawbdawbuiopdw.dbg
/buiodawbdawbuiopdw.exploit
/buiodawbdawbuiopdw.i4
/buiodawbdawbuiopdw.i486
/buiodawbdawbuiopdw.i586
/buiodawbdawbuiopdw.i6
/buiodawbdawbuiopdw.i686
/buiodawbdawbuiopdw.kill
/buiodawbdawbuiopdw.m68
/buiodawbdawbuiopdw.m68k
/buiodawbdawbuiopdw.mips
/buiodawbdawbuiopdw.mips64
/buiodawbdawbuiopdw.mipsel
/buiodawbdawbuiopdw.mpsl
/buiodawbdawbuiopdw.pcc
/buiodawbdawbuiopdw.powerpc
/buiodawbdawbuiopdw.powerpc-440fp
/buiodawbdawbuiopdw.powerppc
/buiodawbdawbuiopdw.ppc
/buiodawbdawbuiopdw.ppc2
/buiodawbdawbuiopdw.ppc440
/buiodawbdawbuiopdw.ppc440fp
/buiodawbdawbuiopdw.root
/buiodawbdawbuiopdw.root32
/buiodawbdawbuiopdw.sh
/buiodawbdawbuiopdw.sh4
/buiodawbdawbuiopdw.sparc
/buiodawbdawbuiopdw.spc
/buiodawbdawbuiopdw.ssh4
/buiodawbdawbuiopdw.x32
/buiodawbdawbuiopdw.x64
/buiodawbdawbuiopdw.x86
/buiodawbdawbuiopdw.x86_32
/buiodawbdawbuiopdw.x86_64
/ch1n4.arc
/ch1n4.arm
/ch1n4.arm4
/ch1n4.arm4l
/ch1n4.arm4t
/ch1n4.arm4tl
/ch1n4.arm4tll
/ch1n4.arm5
/ch1n4.arm5l
/ch1n4.arm5n
/ch1n4.arm6
/ch1n4.arm64
/ch1n4.arm6l
/ch1n4.arm7
/ch1n4.arm7l
/ch1n4.arm8
/ch1n4.armv4
/ch1n4.armv4l
/ch1n4.armv5l
/ch1n4.armv6
/ch1n4.armv61
/ch1n4.armv6l
/ch1n4.armv7l
/ch1n4.dbg
/ch1n4.exploit
/ch1n4.i4
/ch1n4.i486
/ch1n4.i586
/ch1n4.i6
/ch1n4.i686
/ch1n4.kill
/ch1n4.m68
/ch1n4.m68k
/ch1n4.mips
/ch1n4.mips64
/ch1n4.mipsel
/ch1n4.mpsl
/ch1n4.pcc
/ch1n4.powerpc
/ch1n4.powerpc-440fp
/ch1n4.powerppc
/ch1n4.ppc
/ch1n4.ppc2
/ch1n4.ppc440
/ch1n4.ppc440fp
/ch1n4.root
/ch1n4.root32
/ch1n4.sh
/ch1n4.sh4
/ch1n4.sparc
/ch1n4.spc
/ch1n4.ssh4
/ch1n4.x32
/ch1n4.x64
/ch1n4.x86
/ch1n4.x86_32
/ch1n4.x86_64
/d3m0n.arc
/d3m0n.arm
/d3m0n.arm4
/d3m0n.arm4l
/d3m0n.arm4t
/d3m0n.arm4tl
/d3m0n.arm4tll
/d3m0n.arm5
/d3m0n.arm5l
/d3m0n.arm5n
/d3m0n.arm6
/d3m0n.arm64
/d3m0n.arm6l
/d3m0n.arm7
/d3m0n.arm7l
/d3m0n.arm8
/d3m0n.armv4
/d3m0n.armv4l
/d3m0n.armv5l
/d3m0n.armv6
/d3m0n.armv61
/d3m0n.armv6l
/d3m0n.armv7l
/d3m0n.dbg
/d3m0n.exploit
/d3m0n.i4
/d3m0n.i486
/d3m0n.i586
/d3m0n.i6
/d3m0n.i686
/d3m0n.kill
/d3m0n.m68
/d3m0n.m68k
/d3m0n.mips
/d3m0n.mips64
/d3m0n.mipsel
/d3m0n.mpsl
/d3m0n.pcc
/d3m0n.powerpc
/d3m0n.powerpc-440fp
/d3m0n.powerppc
/d3m0n.ppc
/d3m0n.ppc2
/d3m0n.ppc440
/d3m0n.ppc440fp
/d3m0n.root
/d3m0n.root32
/d3m0n.sh
/d3m0n.sh4
/d3m0n.sparc
/d3m0n.spc
/d3m0n.ssh4
/d3m0n.x32
/d3m0n.x64
/d3m0n.x86
/d3m0n.x86_32
/d3m0n.x86_64
/Drank.arc
/Drank.arm
/Drank.arm4
/Drank.arm4l
/Drank.arm4t
/Drank.arm4tl
/Drank.arm4tll
/Drank.arm5
/Drank.arm5l
/Drank.arm5n
/Drank.arm6
/Drank.arm64
/Drank.arm6l
/Drank.arm7
/Drank.arm7l
/Drank.arm8
/Drank.armv4
/Drank.armv4l
/Drank.armv5l
/Drank.armv6
/Drank.armv61
/Drank.armv6l
/Drank.armv7l
/Drank.dbg
/Drank.exploit
/Drank.i4
/Drank.i486
/Drank.i586
/Drank.i6
/Drank.i686
/Drank.kill
/Drank.m68
/Drank.m68k
/Drank.mips
/Drank.mips64
/Drank.mipsel
/Drank.mpsl
/Drank.pcc
/Drank.powerpc
/Drank.powerpc-440fp
/Drank.powerppc
/Drank.ppc
/Drank.ppc2
/Drank.ppc440
/Drank.ppc440fp
/Drank.root
/Drank.root32
/Drank.sh
/Drank.sh4
/Drank.sparc
/Drank.spc
/Drank.ssh4
/Drank.x32
/Drank.x64
/Drank.x86
/Drank.x86_32
/Drank.x86_64
/ekupmyarc
/ekupmyarm
/ekupmyarm4
/ekupmyarm4l
/ekupmyarm4t
/ekupmyarm4tl
/ekupmyarm4tll
/ekupmyarm5
/ekupmyarm5l
/ekupmyarm5n
/ekupmyarm6
/ekupmyarm64
/ekupmyarm6l
/ekupmyarm7
/ekupmyarm7l
/ekupmyarm8
/ekupmyarmv4
/ekupmyarmv4l
/ekupmyarmv5l
/ekupmyarmv6
/ekupmyarmv61
/ekupmyarmv6l
/ekupmyarmv7l
/ekupmydbg
/ekupmyexploit
/ekupmyi4
/ekupmyi486
/ekupmyi586
/ekupmyi6
/ekupmyi686
/ekupmykill
/ekupmym68
/ekupmym68k
/ekupmymips
/ekupmymips64
/ekupmymipsel
/ekupmympsl
/ekupmypcc
/ekupmypowerpc
/ekupmypowerpc-440fp
/ekupmypowerppc
/ekupmyppc
/ekupmyppc2
/ekupmyppc440
/ekupmyppc440fp
/ekupmyroot
/ekupmyroot32
/ekupmysh
/ekupmysh4
/ekupmysparc
/ekupmyspc
/ekupmyssh4
/ekupmyx32
/ekupmyx64
/ekupmyx86
/ekupmyx86_32
/ekupmyx86_64
/qazwsxedcrfvtgbyhnujmikolp.arc
/qazwsxedcrfvtgbyhnujmikolp.arm
/qazwsxedcrfvtgbyhnujmikolp.arm4
/qazwsxedcrfvtgbyhnujmikolp.arm4l
/qazwsxedcrfvtgbyhnujmikolp.arm4t
/qazwsxedcrfvtgbyhnujmikolp.arm4tl
/qazwsxedcrfvtgbyhnujmikolp.arm4tll
/qazwsxedcrfvtgbyhnujmikolp.arm5
/qazwsxedcrfvtgbyhnujmikolp.arm5l
/qazwsxedcrfvtgbyhnujmikolp.arm5n
/qazwsxedcrfvtgbyhnujmikolp.arm6
/qazwsxedcrfvtgbyhnujmikolp.arm64
/qazwsxedcrfvtgbyhnujmikolp.arm6l
/qazwsxedcrfvtgbyhnujmikolp.arm7
/qazwsxedcrfvtgbyhnujmikolp.arm7l
/qazwsxedcrfvtgbyhnujmikolp.arm8
/qazwsxedcrfvtgbyhnujmikolp.armv4
/qazwsxedcrfvtgbyhnujmikolp.armv4l
/qazwsxedcrfvtgbyhnujmikolp.armv5l
/qazwsxedcrfvtgbyhnujmikolp.armv6
/qazwsxedcrfvtgbyhnujmikolp.armv61
/qazwsxedcrfvtgbyhnujmikolp.armv6l
/qazwsxedcrfvtgbyhnujmikolp.armv7l
/qazwsxedcrfvtgbyhnujmikolp.dbg
/qazwsxedcrfvtgbyhnujmikolp.exploit
/qazwsxedcrfvtgbyhnujmikolp.i4
/qazwsxedcrfvtgbyhnujmikolp.i486
/qazwsxedcrfvtgbyhnujmikolp.i586
/qazwsxedcrfvtgbyhnujmikolp.i6
/qazwsxedcrfvtgbyhnujmikolp.i686
/qazwsxedcrfvtgbyhnujmikolp.kill
/qazwsxedcrfvtgbyhnujmikolp.m68
/qazwsxedcrfvtgbyhnujmikolp.m68k
/qazwsxedcrfvtgbyhnujmikolp.mips
/qazwsxedcrfvtgbyhnujmikolp.mips64
/qazwsxedcrfvtgbyhnujmikolp.mipsel
/qazwsxedcrfvtgbyhnujmikolp.mpsl
/qazwsxedcrfvtgbyhnujmikolp.pcc
/qazwsxedcrfvtgbyhnujmikolp.powerpc
/qazwsxedcrfvtgbyhnujmikolp.powerpc-440fp
/qazwsxedcrfvtgbyhnujmikolp.powerppc
/qazwsxedcrfvtgbyhnujmikolp.ppc
/qazwsxedcrfvtgbyhnujmikolp.ppc2
/qazwsxedcrfvtgbyhnujmikolp.ppc440
/qazwsxedcrfvtgbyhnujmikolp.ppc440fp
/qazwsxedcrfvtgbyhnujmikolp.root
/qazwsxedcrfvtgbyhnujmikolp.root32
/qazwsxedcrfvtgbyhnujmikolp.sh
/qazwsxedcrfvtgbyhnujmikolp.sh4
/qazwsxedcrfvtgbyhnujmikolp.sparc
/qazwsxedcrfvtgbyhnujmikolp.spc
/qazwsxedcrfvtgbyhnujmikolp.ssh4
/qazwsxedcrfvtgbyhnujmikolp.x32
/qazwsxedcrfvtgbyhnujmikolp.x64
/qazwsxedcrfvtgbyhnujmikolp.x86
/qazwsxedcrfvtgbyhnujmikolp.x86_32
/qazwsxedcrfvtgbyhnujmikolp.x86_64
/gooxla.arc
/gooxla.arm
/gooxla.arm4
/gooxla.arm4l
/gooxla.arm4t
/gooxla.arm4tl
/gooxla.arm4tll
/gooxla.arm5
/gooxla.arm5l
/gooxla.arm5n
/gooxla.arm6
/gooxla.arm64
/gooxla.arm6l
/gooxla.arm7
/gooxla.arm7l
/gooxla.arm8
/gooxla.armv4
/gooxla.armv4l
/gooxla.armv5l
/gooxla.armv6
/gooxla.armv61
/gooxla.armv6l
/gooxla.armv7l
/gooxla.dbg
/gooxla.exploit
/gooxla.i4
/gooxla.i486
/gooxla.i586
/gooxla.i6
/gooxla.i686
/gooxla.kill
/gooxla.m68
/gooxla.m68k
/gooxla.mips
/gooxla.mips64
/gooxla.mipsel
/gooxla.mpsl
/gooxla.pcc
/gooxla.powerpc
/gooxla.powerpc-440fp
/gooxla.powerppc
/gooxla.ppc
/gooxla.ppc2
/gooxla.ppc440
/gooxla.ppc440fp
/gooxla.root
/gooxla.root32
/gooxla.sh
/gooxla.sh4
/gooxla.sparc
/gooxla.spc
/gooxla.ssh4
/gooxla.x32
/gooxla.x64
/gooxla.x86
/gooxla.x86_32
/gooxla.x86_64
/Gummy.arc
/Gummy.arm
/Gummy.arm4
/Gummy.arm4l
/Gummy.arm4t
/Gummy.arm4tl
/Gummy.arm4tll
/Gummy.arm5
/Gummy.arm5l
/Gummy.arm5n
/Gummy.arm6
/Gummy.arm64
/Gummy.arm6l
/Gummy.arm7
/Gummy.arm7l
/Gummy.arm8
/Gummy.armv4
/Gummy.armv4l
/Gummy.armv5l
/Gummy.armv6
/Gummy.armv61
/Gummy.armv6l
/Gummy.armv7l
/Gummy.dbg
/Gummy.exploit
/Gummy.i4
/Gummy.i486
/Gummy.i586
/Gummy.i6
/Gummy.i686
/Gummy.kill
/Gummy.m68
/Gummy.m68k
/Gummy.mips
/Gummy.mips64
/Gummy.mipsel
/Gummy.mpsl
/Gummy.pcc
/Gummy.powerpc
/Gummy.powerpc-440fp
/Gummy.powerppc
/Gummy.ppc
/Gummy.ppc2
/Gummy.ppc440
/Gummy.ppc440fp
/Gummy.root
/Gummy.root32
/Gummy.sh
/Gummy.sh4
/Gummy.sparc
/Gummy.spc
/Gummy.ssh4
/Gummy.x32
/Gummy.x64
/Gummy.x86
/Gummy.x86_32
/Gummy.x86_64
/HTTPXOP2PRTY.arc
/HTTPXOP2PRTY.arm
/HTTPXOP2PRTY.arm4
/HTTPXOP2PRTY.arm4l
/HTTPXOP2PRTY.arm4t
/HTTPXOP2PRTY.arm4tl
/HTTPXOP2PRTY.arm4tll
/HTTPXOP2PRTY.arm5
/HTTPXOP2PRTY.arm5l
/HTTPXOP2PRTY.arm5n
/HTTPXOP2PRTY.arm6
/HTTPXOP2PRTY.arm64
/HTTPXOP2PRTY.arm6l
/HTTPXOP2PRTY.arm7
/HTTPXOP2PRTY.arm7l
/HTTPXOP2PRTY.arm8
/HTTPXOP2PRTY.armv4
/HTTPXOP2PRTY.armv4l
/HTTPXOP2PRTY.armv5l
/HTTPXOP2PRTY.armv6
/HTTPXOP2PRTY.armv61
/HTTPXOP2PRTY.armv6l
/HTTPXOP2PRTY.armv7l
/HTTPXOP2PRTY.dbg
/HTTPXOP2PRTY.exploit
/HTTPXOP2PRTY.i4
/HTTPXOP2PRTY.i486
/HTTPXOP2PRTY.i586
/HTTPXOP2PRTY.i6
/HTTPXOP2PRTY.i686
/HTTPXOP2PRTY.kill
/HTTPXOP2PRTY.m68
/HTTPXOP2PRTY.m68k
/HTTPXOP2PRTY.mips
/HTTPXOP2PRTY.mips64
/HTTPXOP2PRTY.mipsel
/HTTPXOP2PRTY.mpsl
/HTTPXOP2PRTY.pcc
/HTTPXOP2PRTY.powerpc
/HTTPXOP2PRTY.powerpc-440fp
/HTTPXOP2PRTY.powerppc
/HTTPXOP2PRTY.ppc
/HTTPXOP2PRTY.ppc2
/HTTPXOP2PRTY.ppc440
/HTTPXOP2PRTY.ppc440fp
/HTTPXOP2PRTY.root
/HTTPXOP2PRTY.root32
/HTTPXOP2PRTY.sh
/HTTPXOP2PRTY.sh4
/HTTPXOP2PRTY.sparc
/HTTPXOP2PRTY.spc
/HTTPXOP2PRTY.ssh4
/HTTPXOP2PRTY.x32
/HTTPXOP2PRTY.x64
/HTTPXOP2PRTY.x86
/HTTPXOP2PRTY.x86_32
/HTTPXOP2PRTY.x86_64
/fearlesshitter.arc
/fearlesshitter.arm
/fearlesshitter.arm4
/fearlesshitter.arm4l
/fearlesshitter.arm4t
/fearlesshitter.arm4tl
/fearlesshitter.arm4tll
/fearlesshitter.arm5
/fearlesshitter.arm5l
/fearlesshitter.arm5n
/fearlesshitter.arm6
/fearlesshitter.arm64
/fearlesshitter.arm6l
/fearlesshitter.arm7
/fearlesshitter.arm7l
/fearlesshitter.arm8
/fearlesshitter.armv4
/fearlesshitter.armv4l
/fearlesshitter.armv5l
/fearlesshitter.armv6
/fearlesshitter.armv61
/fearlesshitter.armv6l
/fearlesshitter.armv7l
/fearlesshitter.dbg
/fearlesshitter.exploit
/fearlesshitter.i4
/fearlesshitter.i486
/fearlesshitter.i586
/fearlesshitter.i6
/fearlesshitter.i686
/fearlesshitter.kill
/fearlesshitter.m68
/fearlesshitter.m68k
/fearlesshitter.mips
/fearlesshitter.mips64
/fearlesshitter.mipsel
/fearlesshitter.mpsl
/fearlesshitter.pcc
/fearlesshitter.powerpc
/fearlesshitter.powerpc-440fp
/fearlesshitter.powerppc
/fearlesshitter.ppc
/fearlesshitter.ppc2
/fearlesshitter.ppc440
/fearlesshitter.ppc440fp
/fearlesshitter.root
/fearlesshitter.root32
/fearlesshitter.sh
/fearlesshitter.sh4
/fearlesshitter.sparc
/fearlesshitter.spc
/fearlesshitter.ssh4
/fearlesshitter.x32
/fearlesshitter.x64
/fearlesshitter.x86
/fearlesshitter.x86_32
/fearlesshitter.x86_64
/jew.arc
/jew.arm
/jew.arm4
/jew.arm4l
/jew.arm4t
/jew.arm4tl
/jew.arm4tll
/jew.arm5
/jew.arm5l
/jew.arm5n
/jew.arm6
/jew.arm64
/jew.arm6l
/jew.arm7
/jew.arm7l
/jew.arm8
/jew.armv4
/jew.armv4l
/jew.armv5l
/jew.armv6
/jew.armv61
/jew.armv6l
/jew.armv7l
/jew.dbg
/jew.exploit
/jew.i4
/jew.i486
/jew.i586
/jew.i6
/jew.i686
/jew.kill
/jew.m68
/jew.m68k
/jew.mips
/jew.mips64
/jew.mipsel
/jew.mpsl
/jew.pcc
/jew.powerpc
/jew.powerpc-440fp
/jew.powerppc
/jew.ppc
/jew.ppc2
/jew.ppc440
/jew.ppc440fp
/jew.root
/jew.root32
/jew.sh
/jew.sh4
/jew.sparc
/jew.spc
/jew.ssh4
/jew.x32
/jew.x64
/jew.x86
/jew.x86_32
/jew.x86_64
/jigoku.arc
/jigoku.arm
/jigoku.arm4
/jigoku.arm4l
/jigoku.arm4t
/jigoku.arm4tl
/jigoku.arm4tll
/jigoku.arm5
/jigoku.arm5l
/jigoku.arm5n
/jigoku.arm6
/jigoku.arm64
/jigoku.arm6l
/jigoku.arm7
/jigoku.arm7l
/jigoku.arm8
/jigoku.armv4
/jigoku.armv4l
/jigoku.armv5l
/jigoku.armv6
/jigoku.armv61
/jigoku.armv6l
/jigoku.armv7l
/jigoku.dbg
/jigoku.exploit
/jigoku.i4
/jigoku.i486
/jigoku.i586
/jigoku.i6
/jigoku.i686
/jigoku.kill
/jigoku.m68
/jigoku.m68k
/jigoku.mips
/jigoku.mips64
/jigoku.mipsel
/jigoku.mpsl
/jigoku.pcc
/jigoku.powerpc
/jigoku.powerpc-440fp
/jigoku.powerppc
/jigoku.ppc
/jigoku.ppc2
/jigoku.ppc440
/jigoku.ppc440fp
/jigoku.root
/jigoku.root32
/jigoku.sh
/jigoku.sh4
/jigoku.sparc
/jigoku.spc
/jigoku.ssh4
/jigoku.x32
/jigoku.x64
/jigoku.x86
/jigoku.x86_32
/jigoku.x86_64
/KigaNet.arc
/KigaNet.arm
/KigaNet.arm4
/KigaNet.arm4l
/KigaNet.arm4t
/KigaNet.arm4tl
/KigaNet.arm4tll
/KigaNet.arm5
/KigaNet.arm5l
/KigaNet.arm5n
/KigaNet.arm6
/KigaNet.arm64
/KigaNet.arm6l
/KigaNet.arm7
/KigaNet.arm7l
/KigaNet.arm8
/KigaNet.armv4
/KigaNet.armv4l
/KigaNet.armv5l
/KigaNet.armv6
/KigaNet.armv61
/KigaNet.armv6l
/KigaNet.armv7l
/KigaNet.dbg
/KigaNet.exploit
/KigaNet.i4
/KigaNet.i486
/KigaNet.i586
/KigaNet.i6
/KigaNet.i686
/KigaNet.kill
/KigaNet.m68
/KigaNet.m68k
/KigaNet.mips
/KigaNet.mips64
/KigaNet.mipsel
/KigaNet.mpsl
/KigaNet.pcc
/KigaNet.powerpc
/KigaNet.powerpc-440fp
/KigaNet.powerppc
/KigaNet.ppc
/KigaNet.ppc2
/KigaNet.ppc440
/KigaNet.ppc440fp
/KigaNet.root
/KigaNet.root32
/KigaNet.sh
/KigaNet.sh4
/KigaNet.sparc
/KigaNet.spc
/KigaNet.ssh4
/KigaNet.x32
/KigaNet.x64
/KigaNet.x86
/KigaNet.x86_32
/KigaNet.x86_64
/ksp4nk.arc
/ksp4nk.arm
/ksp4nk.arm4
/ksp4nk.arm4l
/ksp4nk.arm4t
/ksp4nk.arm4tl
/ksp4nk.arm4tll
/ksp4nk.arm5
/ksp4nk.arm5l
/ksp4nk.arm5n
/ksp4nk.arm6
/ksp4nk.arm64
/ksp4nk.arm6l
/ksp4nk.arm7
/ksp4nk.arm7l
/ksp4nk.arm8
/ksp4nk.armv4
/ksp4nk.armv4l
/ksp4nk.armv5l
/ksp4nk.armv6
/ksp4nk.armv61
/ksp4nk.armv6l
/ksp4nk.armv7l
/ksp4nk.dbg
/ksp4nk.exploit
/ksp4nk.i4
/ksp4nk.i486
/ksp4nk.i586
/ksp4nk.i6
/ksp4nk.i686
/ksp4nk.kill
/ksp4nk.m68
/ksp4nk.m68k
/ksp4nk.mips
/ksp4nk.mips64
/ksp4nk.mipsel
/ksp4nk.mpsl
/ksp4nk.pcc
/ksp4nk.powerpc
/ksp4nk.powerpc-440fp
/ksp4nk.powerppc
/ksp4nk.ppc
/ksp4nk.ppc2
/ksp4nk.ppc440
/ksp4nk.ppc440fp
/ksp4nk.root
/ksp4nk.root32
/ksp4nk.sh
/ksp4nk.sh4
/ksp4nk.sparc
/ksp4nk.spc
/ksp4nk.ssh4
/ksp4nk.x32
/ksp4nk.x64
/ksp4nk.x86
/ksp4nk.x86_32
/ksp4nk.x86_64
/log.arc
/log.arm
/log.arm4
/log.arm4l
/log.arm4t
/log.arm4tl
/log.arm4tll
/log.arm5
/log.arm5l
/log.arm5n
/log.arm6
/log.arm64
/log.arm6l
/log.arm7
/log.arm7l
/log.arm8
/log.armv4
/log.armv4l
/log.armv5l
/log.armv6
/log.armv61
/log.armv6l
/log.armv7l
/log.dbg
/log.exploit
/log.i4
/log.i486
/log.i586
/log.i6
/log.i686
/log.kill
/log.m68
/log.m68k
/log.mips
/log.mips64
/log.mipsel
/log.mpsl
/log.pcc
/log.powerpc
/log.powerpc-440fp
/log.powerppc
/log.ppc
/log.ppc2
/log.ppc440
/log.ppc440fp
/log.root
/log.root32
/log.sh
/log.sh4
/log.sparc
/log.spc
/log.ssh4
/log.x32
/log.x64
/log.x86
/log.x86_32
/log.x86_64
/meerkat.arc
/meerkat.arm
/meerkat.arm4
/meerkat.arm4l
/meerkat.arm4t
/meerkat.arm4tl
/meerkat.arm4tll
/meerkat.arm5
/meerkat.arm5l
/meerkat.arm5n
/meerkat.arm6
/meerkat.arm64
/meerkat.arm6l
/meerkat.arm7
/meerkat.arm7l
/meerkat.arm8
/meerkat.armv4
/meerkat.armv4l
/meerkat.armv5l
/meerkat.armv6
/meerkat.armv61
/meerkat.armv6l
/meerkat.armv7l
/meerkat.dbg
/meerkat.exploit
/meerkat.i4
/meerkat.i486
/meerkat.i586
/meerkat.i6
/meerkat.i686
/meerkat.kill
/meerkat.m68
/meerkat.m68k
/meerkat.mips
/meerkat.mips64
/meerkat.mipsel
/meerkat.mpsl
/meerkat.pcc
/meerkat.powerpc
/meerkat.powerpc-440fp
/meerkat.powerppc
/meerkat.ppc
/meerkat.ppc2
/meerkat.ppc440
/meerkat.ppc440fp
/meerkat.root
/meerkat.root32
/meerkat.sh
/meerkat.sh4
/meerkat.sparc
/meerkat.spc
/meerkat.ssh4
/meerkat.x32
/meerkat.x64
/meerkat.x86
/meerkat.x86_32
/meerkat.x86_64
/meliodic.arc
/meliodic.arm
/meliodic.arm4
/meliodic.arm4l
/meliodic.arm4t
/meliodic.arm4tl
/meliodic.arm4tll
/meliodic.arm5
/meliodic.arm5l
/meliodic.arm5n
/meliodic.arm6
/meliodic.arm64
/meliodic.arm6l
/meliodic.arm7
/meliodic.arm7l
/meliodic.arm8
/meliodic.armv4
/meliodic.armv4l
/meliodic.armv5l
/meliodic.armv6
/meliodic.armv61
/meliodic.armv6l
/meliodic.armv7l
/meliodic.dbg
/meliodic.exploit
/meliodic.i4
/meliodic.i486
/meliodic.i586
/meliodic.i6
/meliodic.i686
/meliodic.kill
/meliodic.m68
/meliodic.m68k
/meliodic.mips
/meliodic.mips64
/meliodic.mipsel
/meliodic.mpsl
/meliodic.pcc
/meliodic.powerpc
/meliodic.powerpc-440fp
/meliodic.powerppc
/meliodic.ppc
/meliodic.ppc2
/meliodic.ppc440
/meliodic.ppc440fp
/meliodic.root
/meliodic.root32
/meliodic.sh
/meliodic.sh4
/meliodic.sparc
/meliodic.spc
/meliodic.ssh4
/meliodic.x32
/meliodic.x64
/meliodic.x86
/meliodic.x86_32
/meliodic.x86_64
/mtndewez.arc
/mtndewez.arm
/mtndewez.arm4
/mtndewez.arm4l
/mtndewez.arm4t
/mtndewez.arm4tl
/mtndewez.arm4tll
/mtndewez.arm5
/mtndewez.arm5l
/mtndewez.arm5n
/mtndewez.arm6
/mtndewez.arm64
/mtndewez.arm6l
/mtndewez.arm7
/mtndewez.arm7l
/mtndewez.arm8
/mtndewez.armv4
/mtndewez.armv4l
/mtndewez.armv5l
/mtndewez.armv6
/mtndewez.armv61
/mtndewez.armv6l
/mtndewez.armv7l
/mtndewez.dbg
/mtndewez.exploit
/mtndewez.i4
/mtndewez.i486
/mtndewez.i586
/mtndewez.i6
/mtndewez.i686
/mtndewez.kill
/mtndewez.m68
/mtndewez.m68k
/mtndewez.mips
/mtndewez.mips64
/mtndewez.mipsel
/mtndewez.mpsl
/mtndewez.pcc
/mtndewez.powerpc
/mtndewez.powerpc-440fp
/mtndewez.powerppc
/mtndewez.ppc
/mtndewez.ppc2
/mtndewez.ppc440
/mtndewez.ppc440fp
/mtndewez.root
/mtndewez.root32
/mtndewez.sh
/mtndewez.sh4
/mtndewez.sparc
/mtndewez.spc
/mtndewez.ssh4
/mtndewez.x32
/mtndewez.x64
/mtndewez.x86
/mtndewez.x86_32
/mtndewez.x86_64
/nig.arc
/nig.arm
/nig.arm4
/nig.arm4l
/nig.arm4t
/nig.arm4tl
/nig.arm4tll
/nig.arm5
/nig.arm5l
/nig.arm5n
/nig.arm6
/nig.arm64
/nig.arm6l
/nig.arm7
/nig.arm7l
/nig.arm8
/nig.armv4
/nig.armv4l
/nig.armv5l
/nig.armv6
/nig.armv61
/nig.armv6l
/nig.armv7l
/nig.dbg
/nig.exploit
/nig.i4
/nig.i486
/nig.i586
/nig.i6
/nig.i686
/nig.kill
/nig.m68
/nig.m68k
/nig.mips
/nig.mips64
/nig.mipsel
/nig.mpsl
/nig.pcc
/nig.powerpc
/nig.powerpc-440fp
/nig.powerppc
/nig.ppc
/nig.ppc2
/nig.ppc440
/nig.ppc440fp
/nig.root
/nig.root32
/nig.sh
/nig.sh4
/nig.sparc
/nig.spc
/nig.ssh4
/nig.x32
/nig.x64
/nig.x86
/nig.x86_32
/nig.x86_64
/NordVPN.arc
/NordVPN.arm
/NordVPN.arm4
/NordVPN.arm4l
/NordVPN.arm4t
/NordVPN.arm4tl
/NordVPN.arm4tll
/NordVPN.arm5
/NordVPN.arm5l
/NordVPN.arm5n
/NordVPN.arm6
/NordVPN.arm64
/NordVPN.arm6l
/NordVPN.arm7
/NordVPN.arm7l
/NordVPN.arm8
/NordVPN.armv4
/NordVPN.armv4l
/NordVPN.armv5l
/NordVPN.armv6
/NordVPN.armv61
/NordVPN.armv6l
/NordVPN.armv7l
/NordVPN.dbg
/NordVPN.exploit
/NordVPN.i4
/NordVPN.i486
/NordVPN.i586
/NordVPN.i6
/NordVPN.i686
/NordVPN.kill
/NordVPN.m68
/NordVPN.m68k
/NordVPN.mips
/NordVPN.mips64
/NordVPN.mipsel
/NordVPN.mpsl
/NordVPN.pcc
/NordVPN.powerpc
/NordVPN.powerpc-440fp
/NordVPN.powerppc
/NordVPN.ppc
/NordVPN.ppc2
/NordVPN.ppc440
/NordVPN.ppc440fp
/NordVPN.root
/NordVPN.root32
/NordVPN.sh
/NordVPN.sh4
/NordVPN.sparc
/NordVPN.spc
/NordVPN.ssh4
/NordVPN.x32
/NordVPN.x64
/NordVPN.x86
/NordVPN.x86_32
/NordVPN.x86_64
/ns_ntpdd.arc
/ns_ntpdd.arm
/ns_ntpdd.arm4
/ns_ntpdd.arm4l
/ns_ntpdd.arm4t
/ns_ntpdd.arm4tl
/ns_ntpdd.arm4tll
/ns_ntpdd.arm5
/ns_ntpdd.arm5l
/ns_ntpdd.arm5n
/ns_ntpdd.arm6
/ns_ntpdd.arm64
/ns_ntpdd.arm6l
/ns_ntpdd.arm7
/ns_ntpdd.arm7l
/ns_ntpdd.arm8
/ns_ntpdd.armv4
/ns_ntpdd.armv4l
/ns_ntpdd.armv5l
/ns_ntpdd.armv6
/ns_ntpdd.armv61
/ns_ntpdd.armv6l
/ns_ntpdd.armv7l
/ns_ntpdd.dbg
/ns_ntpdd.exploit
/ns_ntpdd.i4
/ns_ntpdd.i486
/ns_ntpdd.i586
/ns_ntpdd.i6
/ns_ntpdd.i686
/ns_ntpdd.kill
/ns_ntpdd.m68
/ns_ntpdd.m68k
/ns_ntpdd.mips
/ns_ntpdd.mips64
/ns_ntpdd.mipsel
/ns_ntpdd.mpsl
/ns_ntpdd.pcc
/ns_ntpdd.powerpc
/ns_ntpdd.powerpc-440fp
/ns_ntpdd.powerppc
/ns_ntpdd.ppc
/ns_ntpdd.ppc2
/ns_ntpdd.ppc440
/ns_ntpdd.ppc440fp
/ns_ntpdd.root
/ns_ntpdd.root32
/ns_ntpdd.sh
/ns_ntpdd.sh4
/ns_ntpdd.sparc
/ns_ntpdd.spc
/ns_ntpdd.ssh4
/ns_ntpdd.x32
/ns_ntpdd.x64
/ns_ntpdd.x86
/ns_ntpdd.x86_32
/ns_ntpdd.x86_64
/nuclear.arc
/nuclear.arm
/nuclear.arm4
/nuclear.arm4l
/nuclear.arm4t
/nuclear.arm4tl
/nuclear.arm4tll
/nuclear.arm5
/nuclear.arm5l
/nuclear.arm5n
/nuclear.arm6
/nuclear.arm64
/nuclear.arm6l
/nuclear.arm7
/nuclear.arm7l
/nuclear.arm8
/nuclear.armv4
/nuclear.armv4l
/nuclear.armv5l
/nuclear.armv6
/nuclear.armv61
/nuclear.armv6l
/nuclear.armv7l
/nuclear.dbg
/nuclear.exploit
/nuclear.i4
/nuclear.i486
/nuclear.i586
/nuclear.i6
/nuclear.i686
/nuclear.kill
/nuclear.m68
/nuclear.m68k
/nuclear.mips
/nuclear.mips64
/nuclear.mipsel
/nuclear.mpsl
/nuclear.pcc
/nuclear.powerpc
/nuclear.powerpc-440fp
/nuclear.powerppc
/nuclear.ppc
/nuclear.ppc2
/nuclear.ppc440
/nuclear.ppc440fp
/nuclear.root
/nuclear.root32
/nuclear.sh
/nuclear.sh4
/nuclear.sparc
/nuclear.spc
/nuclear.ssh4
/nuclear.x32
/nuclear.x64
/nuclear.x86
/nuclear.x86_32
/nuclear.x86_64
/null3d.arc
/null3d.arm
/null3d.arm4
/null3d.arm4l
/null3d.arm4t
/null3d.arm4tl
/null3d.arm4tll
/null3d.arm5
/null3d.arm5l
/null3d.arm5n
/null3d.arm6
/null3d.arm64
/null3d.arm6l
/null3d.arm7
/null3d.arm7l
/null3d.arm8
/null3d.armv4
/null3d.armv4l
/null3d.armv5l
/null3d.armv6
/null3d.armv61
/null3d.armv6l
/null3d.armv7l
/null3d.dbg
/null3d.exploit
/null3d.i4
/null3d.i486
/null3d.i586
/null3d.i6
/null3d.i686
/null3d.kill
/null3d.m68
/null3d.m68k
/null3d.mips
/null3d.mips64
/null3d.mipsel
/null3d.mpsl
/null3d.pcc
/null3d.powerpc
/null3d.powerpc-440fp
/null3d.powerppc
/null3d.ppc
/null3d.ppc2
/null3d.ppc440
/null3d.ppc440fp
/null3d.root
/null3d.root32
/null3d.sh
/null3d.sh4
/null3d.sparc
/null3d.spc
/null3d.ssh4
/null3d.x32
/null3d.x64
/null3d.x86
/null3d.x86_32
/null3d.x86_64
/pandorum.arc
/pandorum.arm
/pandorum.arm4
/pandorum.arm4l
/pandorum.arm4t
/pandorum.arm4tl
/pandorum.arm4tll
/pandorum.arm5
/pandorum.arm5l
/pandorum.arm5n
/pandorum.arm6
/pandorum.arm64
/pandorum.arm6l
/pandorum.arm7
/pandorum.arm7l
/pandorum.arm8
/pandorum.armv4
/pandorum.armv4l
/pandorum.armv5l
/pandorum.armv6
/pandorum.armv61
/pandorum.armv6l
/pandorum.armv7l
/pandorum.dbg
/pandorum.exploit
/pandorum.i4
/pandorum.i486
/pandorum.i586
/pandorum.i6
/pandorum.i686
/pandorum.kill
/pandorum.m68
/pandorum.m68k
/pandorum.mips
/pandorum.mips64
/pandorum.mipsel
/pandorum.mpsl
/pandorum.pcc
/pandorum.powerpc
/pandorum.powerpc-440fp
/pandorum.powerppc
/pandorum.ppc
/pandorum.ppc2
/pandorum.ppc440
/pandorum.ppc440fp
/pandorum.root
/pandorum.root32
/pandorum.sh
/pandorum.sh4
/pandorum.sparc
/pandorum.spc
/pandorum.ssh4
/pandorum.x32
/pandorum.x64
/pandorum.x86
/pandorum.x86_32
/pandorum.x86_64
/removesectioncomment.arc
/removesectioncomment.arm
/removesectioncomment.arm4
/removesectioncomment.arm4l
/removesectioncomment.arm4t
/removesectioncomment.arm4tl
/removesectioncomment.arm4tll
/removesectioncomment.arm5
/removesectioncomment.arm5l
/removesectioncomment.arm5n
/removesectioncomment.arm6
/removesectioncomment.arm64
/removesectioncomment.arm6l
/removesectioncomment.arm7
/removesectioncomment.arm7l
/removesectioncomment.arm8
/removesectioncomment.armv4
/removesectioncomment.armv4l
/removesectioncomment.armv5l
/removesectioncomment.armv6
/removesectioncomment.armv61
/removesectioncomment.armv6l
/removesectioncomment.armv7l
/removesectioncomment.dbg
/removesectioncomment.exploit
/removesectioncomment.i4
/removesectioncomment.i486
/removesectioncomment.i586
/removesectioncomment.i6
/removesectioncomment.i686
/removesectioncomment.kill
/removesectioncomment.m68
/removesectioncomment.m68k
/removesectioncomment.mips
/removesectioncomment.mips64
/removesectioncomment.mipsel
/removesectioncomment.mpsl
/removesectioncomment.pcc
/removesectioncomment.powerpc
/removesectioncomment.powerpc-440fp
/removesectioncomment.powerppc
/removesectioncomment.ppc
/removesectioncomment.ppc2
/removesectioncomment.ppc440
/removesectioncomment.ppc440fp
/removesectioncomment.root
/removesectioncomment.root32
/removesectioncomment.sh
/removesectioncomment.sh4
/removesectioncomment.sparc
/removesectioncomment.spc
/removesectioncomment.ssh4
/removesectioncomment.x32
/removesectioncomment.x64
/removesectioncomment.x86
/removesectioncomment.x86_32
/removesectioncomment.x86_64
/SCNSERV3292292.arc
/SCNSERV3292292.arm
/SCNSERV3292292.arm4
/SCNSERV3292292.arm4l
/SCNSERV3292292.arm4t
/SCNSERV3292292.arm4tl
/SCNSERV3292292.arm4tll
/SCNSERV3292292.arm5
/SCNSERV3292292.arm5l
/SCNSERV3292292.arm5n
/SCNSERV3292292.arm6
/SCNSERV3292292.arm64
/SCNSERV3292292.arm6l
/SCNSERV3292292.arm7
/SCNSERV3292292.arm7l
/SCNSERV3292292.arm8
/SCNSERV3292292.armv4
/SCNSERV3292292.armv4l
/SCNSERV3292292.armv5l
/SCNSERV3292292.armv6
/SCNSERV3292292.armv61
/SCNSERV3292292.armv6l
/SCNSERV3292292.armv7l
/SCNSERV3292292.dbg
/SCNSERV3292292.exploit
/SCNSERV3292292.i4
/SCNSERV3292292.i486
/SCNSERV3292292.i586
/SCNSERV3292292.i6
/SCNSERV3292292.i686
/SCNSERV3292292.kill
/SCNSERV3292292.m68
/SCNSERV3292292.m68k
/SCNSERV3292292.mips
/SCNSERV3292292.mips64
/SCNSERV3292292.mipsel
/SCNSERV3292292.mpsl
/SCNSERV3292292.pcc
/SCNSERV3292292.powerpc
/SCNSERV3292292.powerpc-440fp
/SCNSERV3292292.powerppc
/SCNSERV3292292.ppc
/SCNSERV3292292.ppc2
/SCNSERV3292292.ppc440
/SCNSERV3292292.ppc440fp
/SCNSERV3292292.root
/SCNSERV3292292.root32
/SCNSERV3292292.sh
/SCNSERV3292292.sh4
/SCNSERV3292292.sparc
/SCNSERV3292292.spc
/SCNSERV3292292.ssh4
/SCNSERV3292292.x32
/SCNSERV3292292.x64
/SCNSERV3292292.x86
/SCNSERV3292292.x86_32
/SCNSERV3292292.x86_64
/Scylla.arc
/Scylla.arm
/Scylla.arm4
/Scylla.arm4l
/Scylla.arm4t
/Scylla.arm4tl
/Scylla.arm4tll
/Scylla.arm5
/Scylla.arm5l
/Scylla.arm5n
/Scylla.arm6
/Scylla.arm64
/Scylla.arm6l
/Scylla.arm7
/Scylla.arm7l
/Scylla.arm8
/Scylla.armv4
/Scylla.armv4l
/Scylla.armv5l
/Scylla.armv6
/Scylla.armv61
/Scylla.armv6l
/Scylla.armv7l
/Scylla.dbg
/Scylla.exploit
/Scylla.i4
/Scylla.i486
/Scylla.i586
/Scylla.i6
/Scylla.i686
/Scylla.kill
/Scylla.m68
/Scylla.m68k
/Scylla.mips
/Scylla.mips64
/Scylla.mipsel
/Scylla.mpsl
/Scylla.pcc
/Scylla.powerpc
/Scylla.powerpc-440fp
/Scylla.powerppc
/Scylla.ppc
/Scylla.ppc2
/Scylla.ppc440
/Scylla.ppc440fp
/Scylla.root
/Scylla.root32
/Scylla.sh
/Scylla.sh4
/Scylla.sparc
/Scylla.spc
/Scylla.ssh4
/Scylla.x32
/Scylla.x64
/Scylla.x86
/Scylla.x86_32
/Scylla.x86_64
/Senpai-aarch64-2010-2020-Love-010111010
/Senpai-arcle_750d-2010-2020-Love-010111010
/Senpai-armv4eb-2010-2020-Love-010111010
/Senpai-i586-2010-2020-Love-010111010
/Senpai-i686-2010-2020-Love-010111010
/Senpai-m68k-2010-2020-Love-010111010
/Senpai-m68k_68xxx-2010-2020-Love-010111010
/Senpai-microblazebe-2010-2020-Love-010111010
/Senpai-microblazeel-2010-2020-Love-010111010
/Senpai-mips-2010-2020-Love-010111010
/Senpai-nios2-2010-2020-Love-010111010
/Senpai-powerpc-2010-2020-Love-010111010
/Senpai-powerpc-440fp-2010-2020-Love-010111010
/Senpai-sh4-2010-2020-Love-010111010
/Senpai-sh_sh4-2010-2020-Love-010111010
/Senpai-sparc-2010-2020-Love-010111010
/Senpai-x86_64-2010-2020-Love-010111010
/Senpai-x86_64_core_i7-2010-2020-Love-010111010
/Senpai-x86_i686-2010-2020-Love-010111010
/senpai-armv7l-2010-2020-love-010111010
/smartfridgeshitnigga.arc
/smartfridgeshitnigga.arm
/smartfridgeshitnigga.arm4
/smartfridgeshitnigga.arm4l
/smartfridgeshitnigga.arm4t
/smartfridgeshitnigga.arm4tl
/smartfridgeshitnigga.arm4tll
/smartfridgeshitnigga.arm5
/smartfridgeshitnigga.arm5l
/smartfridgeshitnigga.arm5n
/smartfridgeshitnigga.arm6
/smartfridgeshitnigga.arm64
/smartfridgeshitnigga.arm6l
/smartfridgeshitnigga.arm7
/smartfridgeshitnigga.arm7l
/smartfridgeshitnigga.arm8
/smartfridgeshitnigga.armv4
/smartfridgeshitnigga.armv4l
/smartfridgeshitnigga.armv5l
/smartfridgeshitnigga.armv6
/smartfridgeshitnigga.armv61
/smartfridgeshitnigga.armv6l
/smartfridgeshitnigga.armv7l
/smartfridgeshitnigga.dbg
/smartfridgeshitnigga.exploit
/smartfridgeshitnigga.i4
/smartfridgeshitnigga.i486
/smartfridgeshitnigga.i586
/smartfridgeshitnigga.i6
/smartfridgeshitnigga.i686
/smartfridgeshitnigga.kill
/smartfridgeshitnigga.m68
/smartfridgeshitnigga.m68k
/smartfridgeshitnigga.mips
/smartfridgeshitnigga.mips64
/smartfridgeshitnigga.mipsel
/smartfridgeshitnigga.mpsl
/smartfridgeshitnigga.pcc
/smartfridgeshitnigga.powerpc
/smartfridgeshitnigga.powerpc-440fp
/smartfridgeshitnigga.powerppc
/smartfridgeshitnigga.ppc
/smartfridgeshitnigga.ppc2
/smartfridgeshitnigga.ppc440
/smartfridgeshitnigga.ppc440fp
/smartfridgeshitnigga.root
/smartfridgeshitnigga.root32
/smartfridgeshitnigga.sh
/smartfridgeshitnigga.sh4
/smartfridgeshitnigga.sparc
/smartfridgeshitnigga.spc
/smartfridgeshitnigga.ssh4
/smartfridgeshitnigga.x32
/smartfridgeshitnigga.x64
/smartfridgeshitnigga.x86
/smartfridgeshitnigga.x86_32
/smartfridgeshitnigga.x86_64
/smtpd.arc
/smtpd.arm
/smtpd.arm4
/smtpd.arm4l
/smtpd.arm4t
/smtpd.arm4tl
/smtpd.arm4tll
/smtpd.arm5
/smtpd.arm5l
/smtpd.arm5n
/smtpd.arm6
/smtpd.arm64
/smtpd.arm6l
/smtpd.arm7
/smtpd.arm7l
/smtpd.arm8
/smtpd.armv4
/smtpd.armv4l
/smtpd.armv5l
/smtpd.armv6
/smtpd.armv61
/smtpd.armv6l
/smtpd.armv7l
/smtpd.dbg
/smtpd.exploit
/smtpd.i4
/smtpd.i486
/smtpd.i586
/smtpd.i6
/smtpd.i686
/smtpd.kill
/smtpd.m68
/smtpd.m68k
/smtpd.mips
/smtpd.mips64
/smtpd.mipsel
/smtpd.mpsl
/smtpd.pcc
/smtpd.powerpc
/smtpd.powerpc-440fp
/smtpd.powerppc
/smtpd.ppc
/smtpd.ppc2
/smtpd.ppc440
/smtpd.ppc440fp
/smtpd.root
/smtpd.root32
/smtpd.sh
/smtpd.sh4
/smtpd.sparc
/smtpd.spc
/smtpd.ssh4
/smtpd.x32
/smtpd.x64
/smtpd.x86
/smtpd.x86_32
/smtpd.x86_64
/Snoopy.arc
/Snoopy.arm
/Snoopy.arm4
/Snoopy.arm4l
/Snoopy.arm4t
/Snoopy.arm4tl
/Snoopy.arm4tll
/Snoopy.arm5
/Snoopy.arm5l
/Snoopy.arm5n
/Snoopy.arm6
/Snoopy.arm64
/Snoopy.arm6l
/Snoopy.arm7
/Snoopy.arm7l
/Snoopy.arm8
/Snoopy.armv4
/Snoopy.armv4l
/Snoopy.armv5l
/Snoopy.armv6
/Snoopy.armv61
/Snoopy.armv6l
/Snoopy.armv7l
/Snoopy.dbg
/Snoopy.exploit
/Snoopy.i4
/Snoopy.i486
/Snoopy.i586
/Snoopy.i6
/Snoopy.i686
/Snoopy.kill
/Snoopy.m68
/Snoopy.m68k
/Snoopy.mips
/Snoopy.mips64
/Snoopy.mipsel
/Snoopy.mpsl
/Snoopy.pcc
/Snoopy.powerpc
/Snoopy.powerpc-440fp
/Snoopy.powerppc
/Snoopy.ppc
/Snoopy.ppc2
/Snoopy.ppc440
/Snoopy.ppc440fp
/Snoopy.root
/Snoopy.root32
/Snoopy.sh
/Snoopy.sh4
/Snoopy.sparc
/Snoopy.spc
/Snoopy.ssh4
/Snoopy.x32
/Snoopy.x64
/Snoopy.x86
/Snoopy.x86_32
/Snoopy.x86_64
/string.arc
/string.arm
/string.arm4
/string.arm4l
/string.arm4t
/string.arm4tl
/string.arm4tll
/string.arm5
/string.arm5l
/string.arm5n
/string.arm6
/string.arm64
/string.arm6l
/string.arm7
/string.arm7l
/string.arm8
/string.armv4
/string.armv4l
/string.armv5l
/string.armv6
/string.armv61
/string.armv6l
/string.armv7l
/string.dbg
/string.exploit
/string.i4
/string.i486
/string.i586
/string.i6
/string.i686
/string.kill
/string.m68
/string.m68k
/string.mips
/string.mips64
/string.mipsel
/string.mpsl
/string.pcc
/string.powerpc
/string.powerpc-440fp
/string.powerppc
/string.ppc
/string.ppc2
/string.ppc440
/string.ppc440fp
/string.root
/string.root32
/string.sh
/string.sh4
/string.sparc
/string.spc
/string.ssh4
/string.x32
/string.x64
/string.x86
/string.x86_32
/string.x86_64
/SubZero.arc
/SubZero.arm
/SubZero.arm4
/SubZero.arm4l
/SubZero.arm4t
/SubZero.arm4tl
/SubZero.arm4tll
/SubZero.arm5
/SubZero.arm5l
/SubZero.arm5n
/SubZero.arm6
/SubZero.arm64
/SubZero.arm6l
/SubZero.arm7
/SubZero.arm7l
/SubZero.arm8
/SubZero.armv4
/SubZero.armv4l
/SubZero.armv5l
/SubZero.armv6
/SubZero.armv61
/SubZero.armv6l
/SubZero.armv7l
/SubZero.dbg
/SubZero.exploit
/SubZero.i4
/SubZero.i486
/SubZero.i586
/SubZero.i6
/SubZero.i686
/SubZero.kill
/SubZero.m68
/SubZero.m68k
/SubZero.mips
/SubZero.mips64
/SubZero.mipsel
/SubZero.mpsl
/SubZero.pcc
/SubZero.powerpc
/SubZero.powerpc-440fp
/SubZero.powerppc
/SubZero.ppc
/SubZero.ppc2
/SubZero.ppc440
/SubZero.ppc440fp
/SubZero.root
/SubZero.root32
/SubZero.sh
/SubZero.sh4
/SubZero.sparc
/SubZero.spc
/SubZero.ssh4
/SubZero.x32
/SubZero.x64
/SubZero.x86
/SubZero.x86_32
/SubZero.x86_64
/Thotty.arc
/Thotty.arm
/Thotty.arm4
/Thotty.arm4l
/Thotty.arm4t
/Thotty.arm4tl
/Thotty.arm4tll
/Thotty.arm5
/Thotty.arm5l
/Thotty.arm5n
/Thotty.arm6
/Thotty.arm64
/Thotty.arm6l
/Thotty.arm7
/Thotty.arm7l
/Thotty.arm8
/Thotty.armv4
/Thotty.armv4l
/Thotty.armv5l
/Thotty.armv6
/Thotty.armv61
/Thotty.armv6l
/Thotty.armv7l
/Thotty.dbg
/Thotty.exploit
/Thotty.i4
/Thotty.i486
/Thotty.i586
/Thotty.i6
/Thotty.i686
/Thotty.kill
/Thotty.m68
/Thotty.m68k
/Thotty.mips
/Thotty.mips64
/Thotty.mipsel
/Thotty.mpsl
/Thotty.pcc
/Thotty.powerpc
/Thotty.powerpc-440fp
/Thotty.powerppc
/Thotty.ppc
/Thotty.ppc2
/Thotty.ppc440
/Thotty.ppc440fp
/Thotty.root
/Thotty.root32
/Thotty.sh
/Thotty.sh4
/Thotty.sparc
/Thotty.spc
/Thotty.ssh4
/Thotty.x32
/Thotty.x64
/Thotty.x86
/Thotty.x86_32
/Thotty.x86_64
/uranium.arc
/uranium.arm
/uranium.arm4
/uranium.arm4l
/uranium.arm4t
/uranium.arm4tl
/uranium.arm4tll
/uranium.arm5
/uranium.arm5l
/uranium.arm5n
/uranium.arm6
/uranium.arm64
/uranium.arm6l
/uranium.arm7
/uranium.arm7l
/uranium.arm8
/uranium.armv4
/uranium.armv4l
/uranium.armv5l
/uranium.armv6
/uranium.armv61
/uranium.armv6l
/uranium.armv7l
/uranium.dbg
/uranium.exploit
/uranium.i4
/uranium.i486
/uranium.i586
/uranium.i6
/uranium.i686
/uranium.kill
/uranium.m68
/uranium.m68k
/uranium.mips
/uranium.mips64
/uranium.mipsel
/uranium.mpsl
/uranium.pcc
/uranium.powerpc
/uranium.powerpc-440fp
/uranium.powerppc
/uranium.ppc
/uranium.ppc2
/uranium.ppc440
/uranium.ppc440fp
/uranium.root
/uranium.root32
/uranium.sh
/uranium.sh4
/uranium.sparc
/uranium.spc
/uranium.ssh4
/uranium.x32
/uranium.x64
/uranium.x86
/uranium.x86_32
/uranium.x86_64
/whrgjwrgjwrg2463563563564.arc
/whrgjwrgjwrg2463563563564.arm
/whrgjwrgjwrg2463563563564.arm4
/whrgjwrgjwrg2463563563564.arm4l
/whrgjwrgjwrg2463563563564.arm4t
/whrgjwrgjwrg2463563563564.arm4tl
/whrgjwrgjwrg2463563563564.arm4tll
/whrgjwrgjwrg2463563563564.arm5
/whrgjwrgjwrg2463563563564.arm5l
/whrgjwrgjwrg2463563563564.arm5n
/whrgjwrgjwrg2463563563564.arm6
/whrgjwrgjwrg2463563563564.arm64
/whrgjwrgjwrg2463563563564.arm6l
/whrgjwrgjwrg2463563563564.arm7
/whrgjwrgjwrg2463563563564.arm7l
/whrgjwrgjwrg2463563563564.arm8
/whrgjwrgjwrg2463563563564.armv4
/whrgjwrgjwrg2463563563564.armv4l
/whrgjwrgjwrg2463563563564.armv5l
/whrgjwrgjwrg2463563563564.armv6
/whrgjwrgjwrg2463563563564.armv61
/whrgjwrgjwrg2463563563564.armv6l
/whrgjwrgjwrg2463563563564.armv7l
/whrgjwrgjwrg2463563563564.dbg
/whrgjwrgjwrg2463563563564.exploit
/whrgjwrgjwrg2463563563564.i4
/whrgjwrgjwrg2463563563564.i486
/whrgjwrgjwrg2463563563564.i586
/whrgjwrgjwrg2463563563564.i6
/whrgjwrgjwrg2463563563564.i686
/whrgjwrgjwrg2463563563564.kill
/whrgjwrgjwrg2463563563564.m68
/whrgjwrgjwrg2463563563564.m68k
/whrgjwrgjwrg2463563563564.mips
/whrgjwrgjwrg2463563563564.mips64
/whrgjwrgjwrg2463563563564.mipsel
/whrgjwrgjwrg2463563563564.mpsl
/whrgjwrgjwrg2463563563564.pcc
/whrgjwrgjwrg2463563563564.powerpc
/whrgjwrgjwrg2463563563564.powerpc-440fp
/whrgjwrgjwrg2463563563564.powerppc
/whrgjwrgjwrg2463563563564.ppc
/whrgjwrgjwrg2463563563564.ppc2
/whrgjwrgjwrg2463563563564.ppc440
/whrgjwrgjwrg2463563563564.ppc440fp
/whrgjwrgjwrg2463563563564.root
/whrgjwrgjwrg2463563563564.root32
/whrgjwrgjwrg2463563563564.sh
/whrgjwrgjwrg2463563563564.sh4
/whrgjwrgjwrg2463563563564.sparc
/whrgjwrgjwrg2463563563564.spc
/whrgjwrgjwrg2463563563564.ssh4
/whrgjwrgjwrg2463563563564.x32
/whrgjwrgjwrg2463563563564.x64
/whrgjwrgjwrg2463563563564.x86
/whrgjwrgjwrg2463563563564.x86_32
/whrgjwrgjwrg2463563563564.x86_64
/XIe20-xD.arc
/XIe20-xD.arm
/XIe20-xD.arm4
/XIe20-xD.arm4l
/XIe20-xD.arm4t
/XIe20-xD.arm4tl
/XIe20-xD.arm4tll
/XIe20-xD.arm5
/XIe20-xD.arm5l
/XIe20-xD.arm5n
/XIe20-xD.arm6
/XIe20-xD.arm64
/XIe20-xD.arm6l
/XIe20-xD.arm7
/XIe20-xD.arm7l
/XIe20-xD.arm8
/XIe20-xD.armv4
/XIe20-xD.armv4l
/XIe20-xD.armv5l
/XIe20-xD.armv6
/XIe20-xD.armv61
/XIe20-xD.armv6l
/XIe20-xD.armv7l
/XIe20-xD.dbg
/XIe20-xD.exploit
/XIe20-xD.i4
/XIe20-xD.i486
/XIe20-xD.i586
/XIe20-xD.i6
/XIe20-xD.i686
/XIe20-xD.kill
/XIe20-xD.m68
/XIe20-xD.m68k
/XIe20-xD.mips
/XIe20-xD.mips64
/XIe20-xD.mipsel
/XIe20-xD.mpsl
/XIe20-xD.pcc
/XIe20-xD.powerpc
/XIe20-xD.powerpc-440fp
/XIe20-xD.powerppc
/XIe20-xD.ppc
/XIe20-xD.ppc2
/XIe20-xD.ppc440
/XIe20-xD.ppc440fp
/XIe20-xD.root
/XIe20-xD.root32
/XIe20-xD.sh
/XIe20-xD.sh4
/XIe20-xD.sparc
/XIe20-xD.spc
/XIe20-xD.ssh4
/XIe20-xD.x32
/XIe20-xD.x64
/XIe20-xD.x86
/XIe20-xD.x86_32
/XIe20-xD.x86_64
9.wolfiot.xyz
c.wolfiot.xyz
hwsrv-675710.hostwindsdns.com
hwsrv-720737.hostwindsdns.com
jocuri.trophygaming.net
kankalarnetwork.duckdns.org
magic-living.com
scan.casualaffinity.net
v9orbit.ddns.net
vstress.pw
/ds8yg8wbaja2/
/gh0sssttluuckyy/
/ISelfrepCarsNShit/
/s84j93nd3ht03w33dt/
/servicesd000/
/servicesDATA00000/
/slr41ce7sE741/
/hoho4christmastrees/
/p0t4t0dir/
/PaulRohKi-nam/
/x0ox0ox0oxDefault/
/xz888000/
/yesabotnetbin/

# Reference: https://twitter.com/bad_packets/status/1276921635895824386

194.15.36.47:5034
194.15.36.47:59314

# Reference: https://www.virustotal.com/gui/file/85ecfbee636339743a93b105dac3ee197b61bbed6332d0fb7292f31283f0c708/detection

185.172.111.212:1283
185.172.111.212:2323
185.172.111.212:80

# Reference: https://urlhaus.abuse.ch/downloads/text_recent/

/ad.arc
/ad.arm
/ad.arm4
/ad.arm4l
/ad.arm4t
/ad.arm4tl
/ad.arm4tll
/ad.arm5
/ad.arm5l
/ad.arm5n
/ad.arm6
/ad.arm64
/ad.arm6l
/ad.arm7
/ad.arm7l
/ad.arm8
/ad.armv4
/ad.armv4l
/ad.armv5l
/ad.armv6
/ad.armv61
/ad.armv6l
/ad.armv7l
/ad.dbg
/ad.exploit
/ad.i4
/ad.i486
/ad.i586
/ad.i6
/ad.i686
/ad.kill
/ad.m68
/ad.m68k
/ad.mips
/ad.mips64
/ad.mipsel
/ad.mpsl
/ad.pcc
/ad.powerpc
/ad.powerpc-440fp
/ad.powerppc
/ad.ppc
/ad.ppc2
/ad.ppc440
/ad.ppc440fp
/ad.root
/ad.root32
/ad.sh
/ad.sh4
/ad.sparc
/ad.spc
/ad.ssh4
/ad.x32
/ad.x64
/ad.x86
/ad.x86_32
/ad.x86_64
/invictus.arc
/invictus.arm
/invictus.arm4
/invictus.arm4l
/invictus.arm4t
/invictus.arm4tl
/invictus.arm4tll
/invictus.arm5
/invictus.arm5l
/invictus.arm5n
/invictus.arm6
/invictus.arm64
/invictus.arm6l
/invictus.arm7
/invictus.arm7l
/invictus.arm8
/invictus.armv4
/invictus.armv4l
/invictus.armv5l
/invictus.armv6
/invictus.armv61
/invictus.armv6l
/invictus.armv7l
/invictus.dbg
/invictus.exploit
/invictus.i4
/invictus.i486
/invictus.i586
/invictus.i6
/invictus.i686
/invictus.kill
/invictus.m68
/invictus.m68k
/invictus.mips
/invictus.mips64
/invictus.mipsel
/invictus.mpsl
/invictus.pcc
/invictus.powerpc
/invictus.powerpc-440fp
/invictus.powerppc
/invictus.ppc
/invictus.ppc2
/invictus.ppc440
/invictus.ppc440fp
/invictus.root
/invictus.root32
/invictus.sh
/invictus.sh4
/invictus.sparc
/invictus.spc
/invictus.ssh4
/invictus.x32
/invictus.x64
/invictus.x86
/invictus.x86_32
/invictus.x86_64
/makask.arc
/makask.arm
/makask.arm4
/makask.arm4l
/makask.arm4t
/makask.arm4tl
/makask.arm4tll
/makask.arm5
/makask.arm5l
/makask.arm5n
/makask.arm6
/makask.arm64
/makask.arm6l
/makask.arm7
/makask.arm7l
/makask.arm8
/makask.armv4
/makask.armv4l
/makask.armv5l
/makask.armv6
/makask.armv61
/makask.armv6l
/makask.armv7l
/makask.dbg
/makask.exploit
/makask.i4
/makask.i486
/makask.i586
/makask.i6
/makask.i686
/makask.kill
/makask.m68
/makask.m68k
/makask.mips
/makask.mips64
/makask.mipsel
/makask.mpsl
/makask.pcc
/makask.powerpc
/makask.powerpc-440fp
/makask.powerppc
/makask.ppc
/makask.ppc2
/makask.ppc440
/makask.ppc440fp
/makask.root
/makask.root32
/makask.sh
/makask.sh4
/makask.sparc
/makask.spc
/makask.ssh4
/makask.x32
/makask.x64
/makask.x86
/makask.x86_32
/makask.x86_64

# Reference: https://twitter.com/FewAtoms/status/1279458304125616129

/FederalAgency.arc
/FederalAgency.arm
/FederalAgency.arm4
/FederalAgency.arm4l
/FederalAgency.arm4t
/FederalAgency.arm4tl
/FederalAgency.arm4tll
/FederalAgency.arm5
/FederalAgency.arm5l
/FederalAgency.arm5n
/FederalAgency.arm6
/FederalAgency.arm64
/FederalAgency.arm6l
/FederalAgency.arm7
/FederalAgency.arm7l
/FederalAgency.arm8
/FederalAgency.armv4
/FederalAgency.armv4l
/FederalAgency.armv5l
/FederalAgency.armv6
/FederalAgency.armv61
/FederalAgency.armv6l
/FederalAgency.armv7l
/FederalAgency.dbg
/FederalAgency.exploit
/FederalAgency.i4
/FederalAgency.i486
/FederalAgency.i586
/FederalAgency.i6
/FederalAgency.i686
/FederalAgency.kill
/FederalAgency.m68
/FederalAgency.m68k
/FederalAgency.mips
/FederalAgency.mips64
/FederalAgency.mipsel
/FederalAgency.mpsl
/FederalAgency.pcc
/FederalAgency.powerpc
/FederalAgency.powerpc-440fp
/FederalAgency.powerppc
/FederalAgency.ppc
/FederalAgency.ppc2
/FederalAgency.ppc440
/FederalAgency.ppc440fp
/FederalAgency.root
/FederalAgency.root32
/FederalAgency.sh
/FederalAgency.sh4
/FederalAgency.sparc
/FederalAgency.spc
/FederalAgency.ssh4
/FederalAgency.x32
/FederalAgency.x64
/FederalAgency.x86
/FederalAgency.x86_32
/FederalAgency.x86_64
/fbi.gov.arc
/fbi.gov.arm
/fbi.gov.arm4
/fbi.gov.arm4l
/fbi.gov.arm4t
/fbi.gov.arm4tl
/fbi.gov.arm4tll
/fbi.gov.arm5
/fbi.gov.arm5l
/fbi.gov.arm5n
/fbi.gov.arm6
/fbi.gov.arm64
/fbi.gov.arm6l
/fbi.gov.arm7
/fbi.gov.arm7l
/fbi.gov.arm8
/fbi.gov.armv4
/fbi.gov.armv4l
/fbi.gov.armv5l
/fbi.gov.armv6
/fbi.gov.armv61
/fbi.gov.armv6l
/fbi.gov.armv7l
/fbi.gov.dbg
/fbi.gov.exploit
/fbi.gov.i4
/fbi.gov.i486
/fbi.gov.i586
/fbi.gov.i6
/fbi.gov.i686
/fbi.gov.kill
/fbi.gov.m68
/fbi.gov.m68k
/fbi.gov.mips
/fbi.gov.mips64
/fbi.gov.mipsel
/fbi.gov.mpsl
/fbi.gov.pcc
/fbi.gov.powerpc
/fbi.gov.powerpc-440fp
/fbi.gov.powerppc
/fbi.gov.ppc
/fbi.gov.ppc2
/fbi.gov.ppc440
/fbi.gov.ppc440fp
/fbi.gov.root
/fbi.gov.root32
/fbi.gov.sh
/fbi.gov.sh4
/fbi.gov.sparc
/fbi.gov.spc
/fbi.gov.ssh4
/fbi.gov.x32
/fbi.gov.x64
/fbi.gov.x86
/fbi.gov.x86_32
/fbi.gov.x86_64

# Reference: https://twitter.com/bad_packets/status/1279611256547143680

/ttint.arc
/ttint.arm
/ttint.arm4
/ttint.arm4l
/ttint.arm4t
/ttint.arm4tl
/ttint.arm4tll
/ttint.arm5
/ttint.arm5el
/ttint.arm5l
/ttint.arm5n
/ttint.arm6
/ttint.arm64
/ttint.arm6l
/ttint.arm7
/ttint.arm7l
/ttint.arm8
/ttint.armv4
/ttint.armv4l
/ttint.armv5l
/ttint.armv6
/ttint.armv61
/ttint.armv6l
/ttint.armv7l
/ttint.dbg
/ttint.exploit
/ttint.i4
/ttint.i486
/ttint.i586
/ttint.i6
/ttint.i686
/ttint.kill
/ttint.m68
/ttint.m68k
/ttint.mips
/ttint.mips64
/ttint.mipseb
/ttint.mipsel
/ttint.mpsl
/ttint.pcc
/ttint.powerpc
/ttint.powerpc-440fp
/ttint.powerppc
/ttint.ppc
/ttint.ppc2
/ttint.ppc440
/ttint.ppc440fp
/ttint.root
/ttint.root32
/ttint.sh
/ttint.sh4
/ttint.sparc
/ttint.spc
/ttint.ssh4
/ttint.x32
/ttint.x64
/ttint.x86
/ttint.x86_32
/ttint.x86_64

# Reference: https://twitter.com/bad_packets/status/1279986441385172993
# Reference: https://otx.alienvault.com/pulse/5f034f9b9e99f7d878531c42

103.224.82.85:8000
185.172.111.233:999
http://217.12.199.179
http://45.77.28.70
panel.devilsden.net

# Reference: https://www.virustotal.com/gui/domain/saoascnc.duckdns.org/relations

saoascnc.duckdns.org

# Reference: https://www.virustotal.com/gui/file/76875aa0a079816e43d5741b4d0f5e3facc1b5a3fee0ec1933a10e6faa813974/detection

177.160.103.220:37215
177.160.103.220:58666

# Reference: https://www.virustotal.com/gui/file/b9b8a824168f96e9fbfb2d92d41d2704b0f413e5a0df637b026ec171e31694a8/detection

193.237.151.237:37215
193.237.151.237:58666

# Reference: https://www.virustotal.com/gui/file/9b62e40d0770e573eb1771d52a64ed471a9c7677f4cb4011ca6091f30f4fb038/detection

50.134.108.219:37215
50.134.108.219:58666

# Reference: https://www.virustotal.com/gui/file/7bdfe25eb983ea5d13d871c690369579b94d8615ed580ba55f0c9d07b1419916/detection
# Reference: https://www.virustotal.com/gui/file/e76a87a6a31b32b3d4dea93792a4091dc06309ab9df957bdca95dea3d4cf5b9f/detection
# Reference: https://www.virustotal.com/gui/file/fac58a65429a5e56b135c3c808ebe3f72b2e802099026c97a58cdb62b07af463/detection

217.32.184.17:5555
217.32.184.17:8080
217.32.184.17:8088
217.32.184.17:9080
217.32.184.17:37215
217.32.184.17:55555
217.32.184.17:58666

# Reference: https://www.virustotal.com/gui/file/6b92ce27889a1c8caf02d61a5da9257159697cfb344f901392ef914d5d1e3228/detection

197.20.252.14:37215
197.20.252.14:58666

# Reference: https://www.virustotal.com/gui/file/e79fc3d76876524e94de9cf8090907abbb9e395aa401a9a1ed93d63200a774fd/detection

197.211.215.168:37215
197.211.215.168:58666

# Reference: https://www.virustotal.com/gui/file/d22c8793c00d104d397432a39168189a8bdedda97b6ad90f69f66dd90cc02b6f/detection

2.128.139.158:37215
2.128.139.158:58666

# Reference: https://www.virustotal.com/gui/file/4dd5be931474fc2d5d171685f097ebdbe678c9f0dde1e83bfb1beddcd2c9a611/detection

2.145.113.76:37215
2.145.113.76:58666

# Reference: https://www.virustotal.com/gui/file/bf9d9015640514ed85af83520ffa2c905626c5c15af7a7944a595916fd6d8f83/detection

124.142.175.62:37215
124.142.175.62:58666

# Reference: https://www.virustotal.com/gui/file/8c8c54043812936a13f0da1bed7fca295b98a8a88f525c98fed2c0d473064b25/detection

17.134.222.250:37215
17.134.222.250:58666

# Reference: https://www.virustotal.com/gui/file/3bc59c90a798255164669130b81019ca2726a244c30b103459709918a2dc732e/detection

142.123.244.201:37215
142.123.244.201:58666

# Reference: https://www.virustotal.com/gui/file/2c52ad0196da9dc8d484d81203bce5a85bda26868a8c810cf0e09a31cd1202b7/detection

88.181.145.203:37215
88.181.145.203:58666

# Reference: https://www.virustotal.com/gui/file/89fbdce685a0a6d63babb59339dbff0be68830e5b5b77a6221d6f4fd9a12a8dc/detection

197.220.4.203:37215
197.220.4.203:58666

# Reference: https://www.virustotal.com/gui/file/0d2d5f494b8a0f4f52923a962d23d90f19fbe82ec3020ff088862a79f54e3ef4/detection

75.216.182.106:37215
75.216.182.106:58666

# Reference: https://www.virustotal.com/gui/file/40154d33b36d2ee884f989cf70dcdbcdafd06a023bb013851eb36e9a543bae2d/detection

197.187.43.242:37215
197.187.43.242:58666

# Reference: https://www.virustotal.com/gui/file/e4abca3958055aa76f3337bdb56b6f7ac50cb24ca5f290068092f275a4da7487/detection

161.116.77.158:37215
161.116.77.158:58666

# Reference: https://www.virustotal.com/gui/file/7882e58a07cd61e9686cd69552a5021dfe7ccd3c4e5c162bc817da99cd715487/detection

136.162.221.196:37215
136.162.221.196:58666

# Reference: https://www.virustotal.com/gui/file/a61ef7d749e3d91b91d32fd4ba73dc675cccc3bacd1c153d1a1432ee78a580aa/detection

197.200.75.82:37215
197.200.75.82:58666

# Reference: https://www.virustotal.com/gui/file/e533fddd1278c8cfadaa39fe98e7ac6ff00d9ecdc979ecee27bc4c9feb95f5bd/detection

20.214.186.199:37215
20.214.186.199:58666

# Reference: https://www.virustotal.com/gui/file/fcf0871f70c5652ff6914fff74cbc8d851151230dfdfd03055010b46b5e630e5/detection

197.17.185.59:37215
197.17.185.59:58666

# Reference: https://www.virustotal.com/gui/file/d3acc130fbfffd1901579daad56d4f24fc127bd2a550428aa83f72e17de6b59f/detection

78.0.72.243:37215
78.0.72.243:58666

# Reference: https://www.virustotal.com/gui/file/7708a88aab442710759513b2e3297a93447aea770e3a6a8757517e81ba5af5d1/detection

125.42.85.48:37215
125.42.85.48:58666

# Reference: https://www.virustotal.com/gui/file/5a2563debdaeb62a18aadbc1d78f9dccc8111716d76bd8b9f95444702c75424b/detection

197.45.1.102:37215
197.45.1.102:58666

# Reference: https://www.virustotal.com/gui/file/21ab3b17239c6b152eee79ab8be1fadc140dee85887102d67b6ebb9c2109c9c1/detection

197.125.173.78:37215
197.125.173.78:58666

# Reference: https://www.virustotal.com/gui/file/ebf7bd700fb100a14a5893363ce703ad745a546c872eaf986c016eea843d1ee2/detection
# Reference: https://www.virustotal.com/gui/file/1807dc98fdee9fde4a6020ed2943a0bed9fa8031643ebe4fa9495ef2b3506d40/detection

209.168.243.134:5555
209.168.243.134:8088
209.168.243.134:37215
209.168.243.134:55555
209.168.243.134:58666

# Reference: https://www.virustotal.com/gui/file/fce06b359367298a7e708ddd39a8ad210901438898aa06c877e23613aee00ac2/detection

201.112.67.184:37215
201.112.67.184:58666

# Reference: https://www.virustotal.com/gui/file/f76d76dc1857dbae93a59c30c3132b92f0acced1ecc8bf497463d095f1b55fc1/detection

197.142.15.17:37215
197.142.15.17:58666

# Reference: https://www.virustotal.com/gui/file/9466a43a53257f7df2e1b918353d54db9e1c1e6a2a38ba8016436529bd7744dc/detection

197.209.36.175:37215
197.209.36.175:58666

# Reference: https://www.virustotal.com/gui/file/3d5b2e46a11898537ac51c8c03aec50350119ebcfebf1e92868b007c2c8c3636/detection

59.169.193.112:37215
59.169.193.112:58666

# Reference: https://www.virustotal.com/gui/file/90caa6e2dd1307672bc462d9183d30fee42b566e870fd8928679c872d9c4414e/detection

117.113.251.250:37215
117.113.251.250:58666

# Reference: https://www.virustotal.com/gui/file/7554a1de437ecabeb81f47b0a0f8d85805139f49b783becab48edb136ed19388/detection

14.147.246.171:37215
14.147.246.171:58666

# Reference: https://www.virustotal.com/gui/file/26bd86f6dd2669bdf9f60b09c7254127ea8c4d69954859ccd5d14af14e85708b/detection

204.147.67.136:37215
204.147.67.136:58666

# Reference: https://www.virustotal.com/gui/file/53eb1aefc0e8459f215893b71fbb1b5e1ca0722d57ace243e9cf943ed33dbb0e/detection

71.250.167.178:37215
71.250.167.178:58666

# Reference: https://www.virustotal.com/gui/file/2845c4fee5e9329eb4900eb9f17565cb244b4f7f0b3d068481d702e5f8c7ddba/detection

117.185.160.106:37215
117.185.160.106:58666

# Reference: https://www.virustotal.com/gui/file/53829633be309e93ebeddf8c009044a3ac508b13976fa9197ad7be23ddbebe34/detection

197.58.4.137:37215
197.58.4.137:58666

# Reference: https://www.virustotal.com/gui/file/3ce0a846216b09640067c62995dd32f90a76a3d4adf43ecb62fab923db892f8e/detection

197.49.211.83:37215
197.49.211.83:58666

# Reference: https://www.virustotal.com/gui/file/3a5f44928cb3041391d093a64d9105e4fc29be99ec057e3f600f9526cfeab49f/detection

171.246.82.132:37215
171.246.82.132:58666

# Reference: https://www.virustotal.com/gui/file/9ff7b832df8186899a2fb6c10aa906a17170a5a12cd130abd6f281b6fb14a860/detection

197.96.138.251:37215
197.96.138.251:58666

# Reference: https://www.virustotal.com/gui/file/b7c78864ae0414f16958aff4523216df03ff69ccbddc3f3cffe621fc0d96b591/detection

197.88.11.55:37215
197.88.11.55:58666

# Reference: https://www.virustotal.com/gui/file/9870ebed293a8fba0f59288d01a44b62ccba3613943967b4399f1abee861a85b/detection

197.70.163.239:37215
197.70.163.239:58666

# Reference: https://www.virustotal.com/gui/file/37af81449ae062c4dbb9334b5d9a21312d19ad7812a7334e4bd61a99ad1f57ab/detection

197.32.139.81:37215
197.32.139.81:58666

# Reference: https://www.virustotal.com/gui/file/ff399cbc39a0330834704e745c6ebeae621b416d495ba9661108350189b0b5cd/detection

197.199.232.87:37215
197.199.232.87:58666

# Reference: https://www.virustotal.com/gui/file/04da68d47d3b83fc8088f678f89ab4a9cf135f36beb9d2bfd12a932ea04fb1e1/detection

197.13.151.96:37215
197.13.151.96:58666

# Reference: https://www.virustotal.com/gui/file/3c9850932eeca9963391d38f0239d54628d19973150f9d55184e804f092096fb/detection

197.191.131.73:37215
197.191.131.73:58666

# Reference: https://www.virustotal.com/gui/file/123bc5637e362238931fa45a225abbaa4aa1d745dc977d1e4edadb822c8f8be8/detection

42.126.17.148:37215
42.126.17.148:58666

# Reference: https://www.virustotal.com/gui/file/3f8003f2a2222123ac0055979972a69cb8b43e578149f79a18629e5ff96b0e5a/detection

197.111.155.229:37215
197.111.155.229:58666

# Reference: https://www.virustotal.com/gui/file/72d84c12aa275c566d7f1d26290dd55e2c9f5df67d2503d2dbe9e757eb35aa3b/detection

99.177.72.95:37215
99.177.72.95:58666

# Reference: https://www.virustotal.com/gui/file/afdcd6c34334e951b090cae26d0192fc3743bfa0208119980be8ed913e39527c/detection

32.234.66.5:37215
32.234.66.5:58666

# Reference: https://www.virustotal.com/gui/file/404e00c57d96defd21258eb37a111e2c48d38ec90fe5c3d5bef73c6a6e505e44/detection

197.122.123.26:37215
197.122.123.26:58666

# Reference: https://www.virustotal.com/gui/file/e3e93afc77470568a41241b768044f18973a45230f081949891923cc5cee0952/detection

197.138.79.198:37215
197.138.79.198:58666

# Reference: https://www.virustotal.com/gui/file/cbcd7248122664cd7762308adf09360c6bae1e097df24d82a1e09d797e786769/detection

223.62.231.162:37215
223.62.231.162:58666

# Reference: https://www.virustotal.com/gui/file/99734626f69167ec0e616158ff76f2b48a4f1b9d1c1d6cd94f15279e25dcab56/detection

97.236.1.119:37215
97.236.1.119:58666

# Reference: https://www.virustotal.com/gui/file/8582e2ba24d913e3668a59dd54907e1efdedcf61adc331186e02b3ee2f08d03f/detection

162.89.244.166:37215
162.89.244.166:58666

# Reference: https://www.virustotal.com/gui/file/f04422756c09fbe827b13de89589257b31efdc18d1c8a51ff27998d416fafa47/detection

111.228.135.81:37215
111.228.135.81:58666

# Reference: https://www.virustotal.com/gui/file/93d615fb131af3e3d4fc1978053537038ff959a06edbf0fafe064fb9dc7afc3c/detection

137.145.167.7:37215
137.145.167.7:58666

# Reference: https://www.virustotal.com/gui/file/5c0677c28a709af414aa3f68144c366ac08b96d8a46c1fd2891ab0962a1b7b9e/detection

188.199.231.96:37215
188.199.231.96:58666

# Reference: https://www.virustotal.com/gui/file/167dcc26edcb9bcf5f8891e5e7cd6ab97716c7123355280f32f9d336468a4028/detection

183.54.156.69:37215
183.54.156.69:58666

# Reference: https://www.virustotal.com/gui/file/c44b211a51f25196b2fc1312f1d93f73f8db3b6ae8e3a642a39b4cba342c4130/detection

197.142.109.197:37215
197.142.109.197:58666

# Reference: https://www.virustotal.com/gui/file/82e3bbb14c418ebd7aac5a178d1701dbb318ae44dc56b752356920153e3bd8c3/detection

173.131.21.229:37215
173.131.21.229:58666

# Reference: https://www.virustotal.com/gui/file/30915b862ec0c1f586b581f174d0f913902f79179c97ac8b460fbc7c134d4bd9/detection

209.75.118.5:37215
209.75.118.5:58666

# Reference: https://www.virustotal.com/gui/file/cda11fdb9ae6bf3c826334b3c5854c74cb037f1e131c1b083a2d6499d49f516d/detection

198.126.188.125:37215
198.126.188.125:58666

# Reference: https://www.virustotal.com/gui/file/94ac9c5f2757b6c95e9f1b3a40b3b47ca88f69479c05ae38b22b9bf5ae73e90e/detection

217.211.195.38:37215
217.211.195.38:58666

# Reference: https://www.virustotal.com/gui/file/b503e083bfe8a0a96818874615b679f54c2243ee6608d4371f2db73d3012aa0e/detection

197.228.90.28:37215
197.228.90.28:58666

# Reference: https://www.virustotal.com/gui/file/b9bff3c121ef9591e65f5a9575b3032f82fad9b733c317864160643fc0227beb/detection

96.133.253.250:37215
96.133.253.250:58666

# Reference: https://www.virustotal.com/gui/file/359cd80681519f612648a579ab9e0ad5258c3f027ea9a5b20377bea6ef87a5cc/detection

51.94.88.35:37215
51.94.88.35:58666

# Reference: https://www.virustotal.com/gui/file/caa0e8aef5b7459fd6b96346e50d2d94e5c0ee42bd83f134f85324c8f8629414/detection

90.246.53.159:37215
90.246.53.159:58666

# Reference: https://www.virustotal.com/gui/file/040aa2081c3b1ad863812054322ccb461ebf75ad35fa2d775a26ac457623f565/detection

20.209.187.197:37215
20.209.187.197:58666

# Reference: https://www.virustotal.com/gui/file/e26a3c2b353227ae758d75d0d71f44dc46809726499ef9ef08525b2fa67f89d9/detection

197.197.140.145:37215
197.197.140.145:58666

# Reference: https://www.virustotal.com/gui/file/64615e729ace7441b2a7e6764798fd8a464e57aee1c0593dcdd3a982b6396733/detection

193.63.10.150:37215
193.63.10.150:58666

# Reference: https://www.virustotal.com/gui/file/c6c63421f126e31ca648a55f35ffaede1fe4139722a214ba0f797ac95fa8bb65/detection

163.212.197.222:37215
163.212.197.222:58666

# Reference: https://www.virustotal.com/gui/file/ffdb84277124311fd124cfcd4671b47c7c6cc734e3b7c2baae1a6b0669dc6ff0/detection

176.65.55.201:37215
176.65.55.201:58666

# Reference: https://www.virustotal.com/gui/file/3fa62b668822897e5ca11dcc6570360e1268b4d04a8aa13d340def30d963fdd8/detection

197.95.109.251:37215
197.95.109.251:58666

# Reference: https://www.virustotal.com/gui/file/93cfcd62f5bf873452295b3ef4b00adcf1d3addc542e931b11cc9156b41a8984/detection

133.23.125.34:37215
133.23.125.34:58666
194.28.75.154:37215
194.28.75.154:58666

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/new-mirai-variant-expands-arsenal-exploits-cve-2020-10173/
# Reference: https://otx.alienvault.com/pulse/5f0b68c987f1df5694e7d91b

methcnc.duckdns.org
methscan.duckdns.org

# Reference: https://www.virustotal.com/gui/file/993ec96e0354f3fc9a669701513d601cc0201ad4dd93fdad72f4ba10bb26c080/detection

218.218.149.18:37215
218.218.149.18:58666

# Reference: https://www.virustotal.com/gui/file/5898861b8c89b9971fc6dd6ec1546fffa908eda78bb546e4ec22ecdba6386e48/detection

35.94.170.88:5555
35.94.170.88:8088
35.94.170.88:9080
35.94.170.88:37215
35.94.170.88:58666
65.168.115.134:5555
65.168.115.134:8088
65.168.115.134:9080
65.168.115.134:37215
65.168.115.134:58666

# Reference: https://www.virustotal.com/gui/file/16c0cd375bc2a84ccbf01c15685c0380c2400995f628a78d7b58bbe17d43dd72/detection

108.139.95.106:5555
108.139.95.106:8088
108.139.95.106:9080
108.139.95.106:37215
108.139.95.106:58666

# Reference: https://www.virustotal.com/gui/file/a9576574d307b0616e0e00821aabdaa7f70133643f8737da57f6774749674a5d/detection

45.35.33.196:37215
45.35.33.196:58666

# Reference: https://www.virustotal.com/gui/file/393a319078e1ccf242364f812b8d0caeadd9e7f31a0502fd073675fe89a72e36/detection

178.72.192.58:1723
178.72.192.58:5555
178.72.192.58:8088
178.72.192.58:9080
178.72.192.58:37215
178.72.192.58:58666

# Reference: https://www.virustotal.com/gui/file/54c91af07090f05e702e8b1eedad637c8fb0845544cfef21c359e945e3591a5d/detection

169.219.187.52:1723
169.219.187.52:5555
169.219.187.52:8088
169.219.187.52:9080
169.219.187.52:37215
169.219.187.52:55555
169.219.187.52:58666

# Reference: https://www.virustotal.com/gui/file/f035980019a91dbccc73a7cc08a4dc945ececf332180c88b4d1f26bc966cb6ad/detection

124.178.97.103:55555
124.178.97.103:8081
124.178.97.103:8080
124.178.97.103:8088
124.178.97.103:52869
124.178.97.103:9080

# Reference: https://www.virustotal.com/gui/file/67b5db6faaea69e4148b548b16f94d14989bebc800c9f1165aef8d435d5c0e0b/detection

187.161.214.191:8080
187.161.214.191:9080
187.161.214.191:52869
187.161.214.191:88

# Reference: https://www.virustotal.com/gui/file/5673e7862deb2dff17dfef3662d72db22c476c7daad88ff512ff09f0c8ec0b04/detection

66.175.85.112:55555
66.175.85.112:8088
66.175.85.112:9080

# Reference: https://www.virustotal.com/gui/file/dfc44d53155d6b3556bd238494ac928dddd9d2762db46b5a8d0c6afc3bc5950b/detection

69.220.33.110:8080
69.220.33.110:88
69.220.33.110:37215
69.220.33.110:52869
69.220.33.110:58666

# Reference: https://www.virustotal.com/gui/file/0167a0027d3fe37c1c2c92fbdc58b6d3f4458c396bd11e08c73669906820280c/detection

95.68.88.157:8080
95.68.88.157:5555
95.68.88.157:9080
95.68.88.157:37215
95.68.88.157:52869
95.68.88.157:58666

# Reference: https://www.virustotal.com/gui/file/25db87c76dfbbafa0fe1b2c3a8f3392904e6708022b8ad9a3c30a12324de2b77/detection

186.136.128.125:1723
186.136.128.125:5555
186.136.128.125:8088
186.136.128.125:9080
186.136.128.125:37215
186.136.128.125:52869
186.136.128.125:55555

# Reference: https://twitter.com/albertzsigovits/status/1282668879962157056

/LEANONDECK.arc
/LEANONDECK.arm
/LEANONDECK.arm4
/LEANONDECK.arm4l
/LEANONDECK.arm4t
/LEANONDECK.arm4tl
/LEANONDECK.arm4tll
/LEANONDECK.arm5
/LEANONDECK.arm5l
/LEANONDECK.arm5n
/LEANONDECK.arm6
/LEANONDECK.arm64
/LEANONDECK.arm6l
/LEANONDECK.arm7
/LEANONDECK.arm7l
/LEANONDECK.arm8
/LEANONDECK.armv4
/LEANONDECK.armv4l
/LEANONDECK.armv5l
/LEANONDECK.armv6
/LEANONDECK.armv61
/LEANONDECK.armv6l
/LEANONDECK.armv7l
/LEANONDECK.dbg
/LEANONDECK.exploit
/LEANONDECK.i4
/LEANONDECK.i486
/LEANONDECK.i586
/LEANONDECK.i6
/LEANONDECK.i686
/LEANONDECK.kill
/LEANONDECK.m68
/LEANONDECK.m68k
/LEANONDECK.mips
/LEANONDECK.mips64
/LEANONDECK.mipseb
/LEANONDECK.mipsel
/LEANONDECK.mpsl
/LEANONDECK.pcc
/LEANONDECK.powerpc
/LEANONDECK.powerpc-440fp
/LEANONDECK.powerppc
/LEANONDECK.ppc
/LEANONDECK.ppc2
/LEANONDECK.ppc440
/LEANONDECK.ppc440fp
/LEANONDECK.root
/LEANONDECK.root32
/LEANONDECK.sh
/LEANONDECK.sh4
/LEANONDECK.sparc
/LEANONDECK.spc
/LEANONDECK.ssh4
/LEANONDECK.x32
/LEANONDECK.x64
/LEANONDECK.x86
/LEANONDECK.x86_32
/LEANONDECK.x86_64

# Reference: https://twitter.com/albertzsigovits/status/1283340442659151872

ev0lve.cf

# Reference: https://twitter.com/bad_packets/status/1285272610519969792

185.172.111.181:34712
185.172.111.181:45

# Reference: https://twitter.com/0xrb/status/1285482038506647553
# Reference: https://twitter.com/hackingump1/status/1288748204121567232

/FuckinToaster.arc
/FuckinToaster.arm
/FuckinToaster.arm4
/FuckinToaster.arm4l
/FuckinToaster.arm4t
/FuckinToaster.arm4tl
/FuckinToaster.arm4tll
/FuckinToaster.arm5
/FuckinToaster.arm5l
/FuckinToaster.arm5n
/FuckinToaster.arm6
/FuckinToaster.arm64
/FuckinToaster.arm6l
/FuckinToaster.arm7
/FuckinToaster.arm7l
/FuckinToaster.arm8
/FuckinToaster.armv4
/FuckinToaster.armv4l
/FuckinToaster.armv5l
/FuckinToaster.armv6
/FuckinToaster.armv61
/FuckinToaster.armv6l
/FuckinToaster.armv7l
/FuckinToaster.dbg
/FuckinToaster.exploit
/FuckinToaster.i4
/FuckinToaster.i486
/FuckinToaster.i586
/FuckinToaster.i6
/FuckinToaster.i686
/FuckinToaster.kill
/FuckinToaster.m68
/FuckinToaster.m68k
/FuckinToaster.mips
/FuckinToaster.mips64
/FuckinToaster.mipseb
/FuckinToaster.mipsel
/FuckinToaster.mpsl
/FuckinToaster.pcc
/FuckinToaster.powerpc
/FuckinToaster.powerpc-440fp
/FuckinToaster.powerppc
/FuckinToaster.ppc
/FuckinToaster.ppc2
/FuckinToaster.ppc440
/FuckinToaster.ppc440fp
/FuckinToaster.root
/FuckinToaster.root32
/FuckinToaster.sh
/FuckinToaster.sh4
/FuckinToaster.sparc
/FuckinToaster.spc
/FuckinToaster.ssh4
/FuckinToaster.x32
/FuckinToaster.x64
/FuckinToaster.x86
/FuckinToaster.x86_32
/FuckinToaster.x86_64
/FuckMalwareResearchers/

# Reference: https://blacklist.cyberthreatcoalition.org/vetted/url.txt

/fuk.arc
/fuk.arm
/fuk.arm4
/fuk.arm4l
/fuk.arm4t
/fuk.arm4tl
/fuk.arm4tll
/fuk.arm5
/fuk.arm5l
/fuk.arm5n
/fuk.arm6
/fuk.arm64
/fuk.arm6l
/fuk.arm7
/fuk.arm7l
/fuk.arm8
/fuk.armv4
/fuk.armv4l
/fuk.armv5l
/fuk.armv6
/fuk.armv61
/fuk.armv6l
/fuk.armv7l
/fuk.dbg
/fuk.exploit
/fuk.i4
/fuk.i486
/fuk.i586
/fuk.i6
/fuk.i686
/fuk.kill
/fuk.m68
/fuk.m68k
/fuk.mips
/fuk.mips64
/fuk.mipseb
/fuk.mipsel
/fuk.mpsl
/fuk.pcc
/fuk.powerpc
/fuk.powerpc-440fp
/fuk.powerppc
/fuk.ppc
/fuk.ppc2
/fuk.ppc440
/fuk.ppc440fp
/fuk.root
/fuk.root32
/fuk.sh
/fuk.sh4
/fuk.sparc
/fuk.spc
/fuk.ssh4
/fuk.x32
/fuk.x64
/fuk.x86
/fuk.x86_32
/fuk.x86_64
/fuk4
/fuk4t
/fuk5
/fuk6

# Reference: https://twitter.com/0xrb/status/1287636469708812289

/netlab360.arc
/netlab360.arm
/netlab360.arm4
/netlab360.arm4l
/netlab360.arm4t
/netlab360.arm4tl
/netlab360.arm4tll
/netlab360.arm5
/netlab360.arm5l
/netlab360.arm5n
/netlab360.arm6
/netlab360.arm64
/netlab360.arm6l
/netlab360.arm7
/netlab360.arm7l
/netlab360.arm8
/netlab360.armv4
/netlab360.armv4l
/netlab360.armv5l
/netlab360.armv6
/netlab360.armv61
/netlab360.armv6l
/netlab360.armv7l
/netlab360.dbg
/netlab360.exploit
/netlab360.i4
/netlab360.i486
/netlab360.i586
/netlab360.i6
/netlab360.i686
/netlab360.kill
/netlab360.m68
/netlab360.m68k
/netlab360.mips
/netlab360.mips64
/netlab360.mipseb
/netlab360.mipsel
/netlab360.mpsl
/netlab360.pcc
/netlab360.powerpc
/netlab360.powerpc-440fp
/netlab360.powerppc
/netlab360.ppc
/netlab360.ppc2
/netlab360.ppc440
/netlab360.ppc440fp
/netlab360.root
/netlab360.root32
/netlab360.sh
/netlab360.sh4
/netlab360.sparc
/netlab360.spc
/netlab360.ssh4
/netlab360.x32
/netlab360.x64
/netlab360.x86
/netlab360.x86_32
/netlab360.x86_64

# Reference: https://twitter.com/malwrhunterteam/status/1288075002613506049

/fuckyou.arc
/fuckyou.arm
/fuckyou.arm4
/fuckyou.arm4l
/fuckyou.arm4t
/fuckyou.arm4tl
/fuckyou.arm4tll
/fuckyou.arm5
/fuckyou.arm5l
/fuckyou.arm5n
/fuckyou.arm6
/fuckyou.arm64
/fuckyou.arm6l
/fuckyou.arm7
/fuckyou.arm7l
/fuckyou.arm8
/fuckyou.armv4
/fuckyou.armv4l
/fuckyou.armv5l
/fuckyou.armv6
/fuckyou.armv61
/fuckyou.armv6l
/fuckyou.armv7l
/fuckyou.dbg
/fuckyou.exploit
/fuckyou.i4
/fuckyou.i486
/fuckyou.i586
/fuckyou.i6
/fuckyou.i686
/fuckyou.kill
/fuckyou.m68
/fuckyou.m68k
/fuckyou.mips
/fuckyou.mips64
/fuckyou.mipseb
/fuckyou.mipsel
/fuckyou.mpsl
/fuckyou.pcc
/fuckyou.powerpc
/fuckyou.powerpc-440fp
/fuckyou.powerppc
/fuckyou.ppc
/fuckyou.ppc2
/fuckyou.ppc440
/fuckyou.ppc440fp
/fuckyou.root
/fuckyou.root32
/fuckyou.sh
/fuckyou.sh4
/fuckyou.sparc
/fuckyou.spc
/fuckyou.ssh4
/fuckyou.x32
/fuckyou.x64
/fuckyou.x86
/fuckyou.x86_32
/fuckyou.x86_64
/heyurlhause/

# Reference: https://twitter.com/albertzsigovits/status/1288837528355770368
# Reference: https://www.virustotal.com/gui/file/a05fce78e8ef42179c0b0a2acc6d27d418adc9b12ad10f3122d1f89d93926650/detection

64.227.45.23:9001
scan.aykashi.xyz

# Reference: https://twitter.com/bad_packets/status/1289825208073777153

/OneDrive.arc
/OneDrive.arm
/OneDrive.arm4
/OneDrive.arm4l
/OneDrive.arm4t
/OneDrive.arm4tl
/OneDrive.arm4tll
/OneDrive.arm5
/OneDrive.arm5l
/OneDrive.arm5n
/OneDrive.arm6
/OneDrive.arm64
/OneDrive.arm6l
/OneDrive.arm7
/OneDrive.arm7l
/OneDrive.arm8
/OneDrive.armv4
/OneDrive.armv4l
/OneDrive.armv5l
/OneDrive.armv6
/OneDrive.armv61
/OneDrive.armv6l
/OneDrive.armv7l
/OneDrive.dbg
/OneDrive.exploit
/OneDrive.i4
/OneDrive.i486
/OneDrive.i586
/OneDrive.i6
/OneDrive.i686
/OneDrive.kill
/OneDrive.m68
/OneDrive.m68k
/OneDrive.mips
/OneDrive.mips64
/OneDrive.mipseb
/OneDrive.mipsel
/OneDrive.mpsl
/OneDrive.pcc
/OneDrive.powerpc
/OneDrive.powerpc-440fp
/OneDrive.powerppc
/OneDrive.ppc
/OneDrive.ppc2
/OneDrive.ppc440
/OneDrive.ppc440fp
/OneDrive.root
/OneDrive.root32
/OneDrive.sh
/OneDrive.sh4
/OneDrive.sparc
/OneDrive.spc
/OneDrive.ssh4
/OneDrive.x32
/OneDrive.x64
/OneDrive.x86
/OneDrive.x86_32
/OneDrive.x86_64
/Testing.arc
/Testing.arm
/Testing.arm4
/Testing.arm4l
/Testing.arm4t
/Testing.arm4tl
/Testing.arm4tll
/Testing.arm5
/Testing.arm5l
/Testing.arm5n
/Testing.arm6
/Testing.arm64
/Testing.arm6l
/Testing.arm7
/Testing.arm7l
/Testing.arm8
/Testing.armv4
/Testing.armv4l
/Testing.armv5l
/Testing.armv6
/Testing.armv61
/Testing.armv6l
/Testing.armv7l
/Testing.dbg
/Testing.exploit
/Testing.i4
/Testing.i486
/Testing.i586
/Testing.i6
/Testing.i686
/Testing.kill
/Testing.m68
/Testing.m68k
/Testing.mips
/Testing.mips64
/Testing.mipseb
/Testing.mipsel
/Testing.mpsl
/Testing.pcc
/Testing.powerpc
/Testing.powerpc-440fp
/Testing.powerppc
/Testing.ppc
/Testing.ppc2
/Testing.ppc440
/Testing.ppc440fp
/Testing.root
/Testing.root32
/Testing.sh
/Testing.sh4
/Testing.sparc
/Testing.spc
/Testing.ssh4
/Testing.x32
/Testing.x64
/Testing.x86
/Testing.x86_32
/Testing.x86_64

# Reference: https://twitter.com/bad_packets/status/1290761195348058112

/aTBaTEh1U2NWRXpBY2lqNTVqSzFSQT09.sh
/aVdUbENMQ0RieUFpbmZqSVFydUdJUT09.sh

# Reference: https://twitter.com/hypoweb/status/1291607461456048129

/arc.HOPEIDONTTHITTHEurlhausabuseLOL
/arm.HOPEIDONTTHITTHEurlhausabuseLOL
/arm4.HOPEIDONTTHITTHEurlhausabuseLOL
/arm4l.HOPEIDONTTHITTHEurlhausabuseLOL
/arm4t.HOPEIDONTTHITTHEurlhausabuseLOL
/arm4tl.HOPEIDONTTHITTHEurlhausabuseLOL
/arm4tll.HOPEIDONTTHITTHEurlhausabuseLOL
/arm5.HOPEIDONTTHITTHEurlhausabuseLOL
/arm5l.HOPEIDONTTHITTHEurlhausabuseLOL
/arm5n.HOPEIDONTTHITTHEurlhausabuseLOL
/arm6.HOPEIDONTTHITTHEurlhausabuseLOL
/arm64.HOPEIDONTTHITTHEurlhausabuseLOL
/arm6l.HOPEIDONTTHITTHEurlhausabuseLOL
/arm7.HOPEIDONTTHITTHEurlhausabuseLOL
/arm7l.HOPEIDONTTHITTHEurlhausabuseLOL
/arm8.HOPEIDONTTHITTHEurlhausabuseLOL
/armv4.HOPEIDONTTHITTHEurlhausabuseLOL
/armv4l.HOPEIDONTTHITTHEurlhausabuseLOL
/armv5l.HOPEIDONTTHITTHEurlhausabuseLOL
/armv6.HOPEIDONTTHITTHEurlhausabuseLOL
/armv61.HOPEIDONTTHITTHEurlhausabuseLOL
/armv6l.HOPEIDONTTHITTHEurlhausabuseLOL
/armv7l.HOPEIDONTTHITTHEurlhausabuseLOL
/dbg.HOPEIDONTTHITTHEurlhausabuseLOL
/exploit.HOPEIDONTTHITTHEurlhausabuseLOL
/i4.HOPEIDONTTHITTHEurlhausabuseLOL
/i486.HOPEIDONTTHITTHEurlhausabuseLOL
/i586.HOPEIDONTTHITTHEurlhausabuseLOL
/i6.HOPEIDONTTHITTHEurlhausabuseLOL
/i686.HOPEIDONTTHITTHEurlhausabuseLOL
/kill.HOPEIDONTTHITTHEurlhausabuseLOL
/m68.HOPEIDONTTHITTHEurlhausabuseLOL
/m68k.HOPEIDONTTHITTHEurlhausabuseLOL
/mips.HOPEIDONTTHITTHEurlhausabuseLOL
/mips64.HOPEIDONTTHITTHEurlhausabuseLOL
/mipsel.HOPEIDONTTHITTHEurlhausabuseLOL
/mpsl.HOPEIDONTTHITTHEurlhausabuseLOL
/pcc.HOPEIDONTTHITTHEurlhausabuseLOL
/powerpc-440fp.HOPEIDONTTHITTHEurlhausabuseLOL
/powerpc.HOPEIDONTTHITTHEurlhausabuseLOL
/powerppc.HOPEIDONTTHITTHEurlhausabuseLOL
/ppc.HOPEIDONTTHITTHEurlhausabuseLOL
/ppc2.HOPEIDONTTHITTHEurlhausabuseLOL
/ppc440.HOPEIDONTTHITTHEurlhausabuseLOL
/ppc440fp.HOPEIDONTTHITTHEurlhausabuseLOL
/root.HOPEIDONTTHITTHEurlhausabuseLOL
/root32.HOPEIDONTTHITTHEurlhausabuseLOL
/sh.HOPEIDONTTHITTHEurlhausabuseLOL
/sh4.HOPEIDONTTHITTHEurlhausabuseLOL
/sparc.HOPEIDONTTHITTHEurlhausabuseLOL
/spc.HOPEIDONTTHITTHEurlhausabuseLOL
/ssh4.HOPEIDONTTHITTHEurlhausabuseLOL
/x32.HOPEIDONTTHITTHEurlhausabuseLOL
/x64.HOPEIDONTTHITTHEurlhausabuseLOL
/x86.HOPEIDONTTHITTHEurlhausabuseLOL
/x86_32.HOPEIDONTTHITTHEurlhausabuseLOL
/x86_64.HOPEIDONTTHITTHEurlhausabuseLOL
/HOPEIDONTTHITTHEurlhausabuseLOL/

# Reference: https://twitter.com/0xrb/status/1293852159000211458

/ADfafg.arc
/ADfafg.arm
/ADfafg.arm4
/ADfafg.arm4l
/ADfafg.arm4t
/ADfafg.arm4tl
/ADfafg.arm4tll
/ADfafg.arm5
/ADfafg.arm5l
/ADfafg.arm5n
/ADfafg.arm6
/ADfafg.arm64
/ADfafg.arm6l
/ADfafg.arm7
/ADfafg.arm7l
/ADfafg.arm8
/ADfafg.armv4
/ADfafg.armv4l
/ADfafg.armv5l
/ADfafg.armv6
/ADfafg.armv61
/ADfafg.armv6l
/ADfafg.armv7l
/ADfafg.dbg
/ADfafg.exploit
/ADfafg.i4
/ADfafg.i486
/ADfafg.i586
/ADfafg.i6
/ADfafg.i686
/ADfafg.kill
/ADfafg.m68
/ADfafg.m68k
/ADfafg.mips
/ADfafg.mips64
/ADfafg.mipseb
/ADfafg.mipsel
/ADfafg.mpsl
/ADfafg.pcc
/ADfafg.powerpc
/ADfafg.powerpc-440fp
/ADfafg.powerppc
/ADfafg.ppc
/ADfafg.ppc2
/ADfafg.ppc440
/ADfafg.ppc440fp
/ADfafg.root
/ADfafg.root32
/ADfafg.sh
/ADfafg.sh4
/ADfafg.sparc
/ADfafg.spc
/ADfafg.ssh4
/ADfafg.x32
/ADfafg.x64
/ADfafg.x86
/ADfafg.x86_32
/ADfafg.x86_64
/al3x.arc
/al3x.arm
/al3x.arm4
/al3x.arm4l
/al3x.arm4t
/al3x.arm4tl
/al3x.arm4tll
/al3x.arm5
/al3x.arm5l
/al3x.arm5n
/al3x.arm6
/al3x.arm64
/al3x.arm6l
/al3x.arm7
/al3x.arm7l
/al3x.arm8
/al3x.armv4
/al3x.armv4l
/al3x.armv5l
/al3x.armv6
/al3x.armv61
/al3x.armv6l
/al3x.armv7l
/al3x.dbg
/al3x.exploit
/al3x.i4
/al3x.i486
/al3x.i586
/al3x.i6
/al3x.i686
/al3x.kill
/al3x.m68
/al3x.m68k
/al3x.mips
/al3x.mips64
/al3x.mipseb
/al3x.mipsel
/al3x.mpsl
/al3x.pcc
/al3x.powerpc
/al3x.powerpc-440fp
/al3x.powerppc
/al3x.ppc
/al3x.ppc2
/al3x.ppc440
/al3x.ppc440fp
/al3x.root
/al3x.root32
/al3x.sh
/al3x.sh4
/al3x.sparc
/al3x.spc
/al3x.ssh4
/al3x.x32
/al3x.x64
/al3x.x86
/al3x.x86_32
/al3x.x86_64
/ChanHell.arc
/ChanHell.arm
/ChanHell.arm4
/ChanHell.arm4l
/ChanHell.arm4t
/ChanHell.arm4tl
/ChanHell.arm4tll
/ChanHell.arm5
/ChanHell.arm5l
/ChanHell.arm5n
/ChanHell.arm6
/ChanHell.arm64
/ChanHell.arm6l
/ChanHell.arm7
/ChanHell.arm7l
/ChanHell.arm8
/ChanHell.armv4
/ChanHell.armv4l
/ChanHell.armv5l
/ChanHell.armv6
/ChanHell.armv61
/ChanHell.armv6l
/ChanHell.armv7l
/ChanHell.dbg
/ChanHell.exploit
/ChanHell.i4
/ChanHell.i486
/ChanHell.i586
/ChanHell.i6
/ChanHell.i686
/ChanHell.kill
/ChanHell.m68
/ChanHell.m68k
/ChanHell.mips
/ChanHell.mips64
/ChanHell.mipseb
/ChanHell.mipsel
/ChanHell.mpsl
/ChanHell.pcc
/ChanHell.powerpc
/ChanHell.powerpc-440fp
/ChanHell.powerppc
/ChanHell.ppc
/ChanHell.ppc2
/ChanHell.ppc440
/ChanHell.ppc440fp
/ChanHell.root
/ChanHell.root32
/ChanHell.sh
/ChanHell.sh4
/ChanHell.sparc
/ChanHell.spc
/ChanHell.ssh4
/ChanHell.x32
/ChanHell.x64
/ChanHell.x86
/ChanHell.x86_32
/ChanHell.x86_64
/pwnNet.arc
/pwnNet.arm
/pwnNet.arm4
/pwnNet.arm4l
/pwnNet.arm4t
/pwnNet.arm4tl
/pwnNet.arm4tll
/pwnNet.arm5
/pwnNet.arm5l
/pwnNet.arm5n
/pwnNet.arm6
/pwnNet.arm64
/pwnNet.arm6l
/pwnNet.arm7
/pwnNet.arm7l
/pwnNet.arm8
/pwnNet.armv4
/pwnNet.armv4l
/pwnNet.armv5l
/pwnNet.armv6
/pwnNet.armv61
/pwnNet.armv6l
/pwnNet.armv7l
/pwnNet.dbg
/pwnNet.exploit
/pwnNet.i4
/pwnNet.i486
/pwnNet.i586
/pwnNet.i6
/pwnNet.i686
/pwnNet.kill
/pwnNet.m68
/pwnNet.m68k
/pwnNet.mips
/pwnNet.mips64
/pwnNet.mipseb
/pwnNet.mipsel
/pwnNet.mpsl
/pwnNet.pcc
/pwnNet.powerpc
/pwnNet.powerpc-440fp
/pwnNet.powerppc
/pwnNet.ppc
/pwnNet.ppc2
/pwnNet.ppc440
/pwnNet.ppc440fp
/pwnNet.root
/pwnNet.root32
/pwnNet.sh
/pwnNet.sh4
/pwnNet.sparc
/pwnNet.spc
/pwnNet.ssh4
/pwnNet.x32
/pwnNet.x64
/pwnNet.x86
/pwnNet.x86_32
/pwnNet.x86_64
/aaa1aaa/
/ch4n010a2a2126/
/uih7U8JY7Of7Y8O9d6t68IT67R8y76t7823tg8weuq/
/z0z0z/

# Reference: https://twitter.com/VessOnSecurity/status/1293910244813283332

/solokey.arc
/solokey.arm
/solokey.arm4
/solokey.arm4l
/solokey.arm4t
/solokey.arm4tl
/solokey.arm4tll
/solokey.arm5
/solokey.arm5l
/solokey.arm5n
/solokey.arm6
/solokey.arm64
/solokey.arm6l
/solokey.arm7
/solokey.arm7l
/solokey.arm8
/solokey.armv4
/solokey.armv4l
/solokey.armv5l
/solokey.armv6
/solokey.armv61
/solokey.armv6l
/solokey.armv7l
/solokey.dbg
/solokey.exploit
/solokey.i4
/solokey.i486
/solokey.i586
/solokey.i6
/solokey.i686
/solokey.kill
/solokey.m68
/solokey.m68k
/solokey.mips
/solokey.mips64
/solokey.mipseb
/solokey.mipsel
/solokey.mpsl
/solokey.pcc
/solokey.powerpc
/solokey.powerpc-440fp
/solokey.powerppc
/solokey.ppc
/solokey.ppc2
/solokey.ppc440
/solokey.ppc440fp
/solokey.root
/solokey.root32
/solokey.sh
/solokey.sh4
/solokey.sparc
/solokey.spc
/solokey.ssh4
/solokey.x32
/solokey.x64
/solokey.x86
/solokey.x86_32
/solokey.x86_64

# Reference: https://twitter.com/bad_packets/status/1294698654444339202
# Reference: https://twitter.com/malwrhunterteam/status/1298603169539330049

/zbetcheckin.arc
/zbetcheckin.arm
/zbetcheckin.arm4
/zbetcheckin.arm4l
/zbetcheckin.arm4t
/zbetcheckin.arm4tl
/zbetcheckin.arm4tll
/zbetcheckin.arm5
/zbetcheckin.arm5l
/zbetcheckin.arm5n
/zbetcheckin.arm6
/zbetcheckin.arm64
/zbetcheckin.arm6l
/zbetcheckin.arm7
/zbetcheckin.arm7l
/zbetcheckin.arm8
/zbetcheckin.armv4
/zbetcheckin.armv4l
/zbetcheckin.armv5l
/zbetcheckin.armv6
/zbetcheckin.armv61
/zbetcheckin.armv6l
/zbetcheckin.armv7l
/zbetcheckin.dbg
/zbetcheckin.exploit
/zbetcheckin.i4
/zbetcheckin.i486
/zbetcheckin.i586
/zbetcheckin.i6
/zbetcheckin.i686
/zbetcheckin.kill
/zbetcheckin.m68
/zbetcheckin.m68k
/zbetcheckin.mips
/zbetcheckin.mips64
/zbetcheckin.mipseb
/zbetcheckin.mipsel
/zbetcheckin.mpsl
/zbetcheckin.pcc
/zbetcheckin.powerpc
/zbetcheckin.powerpc-440fp
/zbetcheckin.powerppc
/zbetcheckin.ppc
/zbetcheckin.ppc2
/zbetcheckin.ppc440
/zbetcheckin.ppc440fp
/zbetcheckin.root
/zbetcheckin.root32
/zbetcheckin.sh
/zbetcheckin.sh4
/zbetcheckin.sparc
/zbetcheckin.spc
/zbetcheckin.ssh4
/zbetcheckin.x32
/zbetcheckin.x64
/zbetcheckin.x86
/zbetcheckin.x86_32
/zbetcheckin.x86_64
/HOPEIDONTHITTHEurlhausabuseLOL/

# Reference: https://www.virustotal.com/gui/file/9728392a42a4299f51443221faf1596023db9535b76bf1ae3425acfbdb372046/detection

103.65.209.140:37215
103.65.209.140:59666
18.102.82.173:37215
18.102.82.173:59666
217.32.184.17:37215
217.32.184.17:59666
jajajaja123.ddns.net

# Reference: https://www.virustotal.com/gui/file/959e0e7b4bc663d1ab870d73239720600c5064f8deea0b99f58aa12a9d384cb2/detection

159.180.213.186:37215
159.180.213.186:45999

# Reference: https://www.virustotal.com/gui/file/eb132308cbc76920f4a852ceb1fe9f15a2cab6ce358bcf7ac4f0e43c54a84201/detection

50.149.223.179:37215
50.149.223.179:45999

# Reference: https://www.virustotal.com/gui/file/602ae6c5134447e0f24812107980c10426be10866d7feb283cb9e47452d9c63a/detection

173.29.70.70:37215
173.29.70.70:45999

# Reference: https://www.virustotal.com/gui/file/767684df00bbbb8c700f566e1ad79423e54c46f8856c43baa6f7aac8d55d3bc6/detection

197.198.190.203:37215
197.198.190.203:45999

# Reference: https://www.virustotal.com/gui/file/a908ab88203d8e5a0dfa677cef2b8d73257e29babdd9e4d7defeaa8518af55a2/detection

197.114.154.118:37215
197.114.154.118:45999
85.39.222.14:37215
85.39.222.14:45999

# Reference: https://www.virustotal.com/gui/file/628d60c799e50791f2bf4c74e6cd85893b8c16cb6b5c9f12c38519687a2a3dac/detection

193.145.238.49:37215
193.145.238.49:45999

# Reference: https://unit42.paloaltonetworks.com/cve-2020-17496/ (# CVE-2019-16759, CVE-2020-17496, CVE-2020-10987, CVE-2020-10173, CVE-2020-1937, CVE-2020-5902)
# Reference: https://otx.alienvault.com/pulse/5f515222d9db96d212a2ba7c

http://178.170.117.50
66.7.149.161:6667

# Reference: https://twitter.com/smii_mondher/status/1306329537815490564
# Reference: https://www.virustotal.com/gui/ip-address/193.169.254.116/detection

http://193.169.254.116

# Reference: https://pastebin.com/Y55Sv7Z6
# Reference: https://www.virustotal.com/gui/domain/kreatr00t3d.site/relations

kreatr00t3d.site
cnc.kreatr00t3d.site
scan.kreatr00t3d.site
/dayum0x1a5sfd15as1fa.arc
/dayum0x1a5sfd15as1fa.arm
/dayum0x1a5sfd15as1fa.arm4
/dayum0x1a5sfd15as1fa.arm4l
/dayum0x1a5sfd15as1fa.arm4t
/dayum0x1a5sfd15as1fa.arm4tl
/dayum0x1a5sfd15as1fa.arm4tll
/dayum0x1a5sfd15as1fa.arm5
/dayum0x1a5sfd15as1fa.arm5l
/dayum0x1a5sfd15as1fa.arm5n
/dayum0x1a5sfd15as1fa.arm6
/dayum0x1a5sfd15as1fa.arm64
/dayum0x1a5sfd15as1fa.arm6l
/dayum0x1a5sfd15as1fa.arm7
/dayum0x1a5sfd15as1fa.arm7l
/dayum0x1a5sfd15as1fa.arm8
/dayum0x1a5sfd15as1fa.armv4
/dayum0x1a5sfd15as1fa.armv4l
/dayum0x1a5sfd15as1fa.armv5l
/dayum0x1a5sfd15as1fa.armv6
/dayum0x1a5sfd15as1fa.armv61
/dayum0x1a5sfd15as1fa.armv6l
/dayum0x1a5sfd15as1fa.armv7l
/dayum0x1a5sfd15as1fa.dbg
/dayum0x1a5sfd15as1fa.exploit
/dayum0x1a5sfd15as1fa.i4
/dayum0x1a5sfd15as1fa.i486
/dayum0x1a5sfd15as1fa.i586
/dayum0x1a5sfd15as1fa.i6
/dayum0x1a5sfd15as1fa.i686
/dayum0x1a5sfd15as1fa.kill
/dayum0x1a5sfd15as1fa.m68
/dayum0x1a5sfd15as1fa.m68k
/dayum0x1a5sfd15as1fa.mips
/dayum0x1a5sfd15as1fa.mips64
/dayum0x1a5sfd15as1fa.mipseb
/dayum0x1a5sfd15as1fa.mipsel
/dayum0x1a5sfd15as1fa.mpsl
/dayum0x1a5sfd15as1fa.pcc
/dayum0x1a5sfd15as1fa.powerpc
/dayum0x1a5sfd15as1fa.powerpc-440fp
/dayum0x1a5sfd15as1fa.powerppc
/dayum0x1a5sfd15as1fa.ppc
/dayum0x1a5sfd15as1fa.ppc2
/dayum0x1a5sfd15as1fa.ppc440
/dayum0x1a5sfd15as1fa.ppc440fp
/dayum0x1a5sfd15as1fa.root
/dayum0x1a5sfd15as1fa.root32
/dayum0x1a5sfd15as1fa.sh
/dayum0x1a5sfd15as1fa.sh4
/dayum0x1a5sfd15as1fa.sparc
/dayum0x1a5sfd15as1fa.spc
/dayum0x1a5sfd15as1fa.ssh4
/dayum0x1a5sfd15as1fa.x32
/dayum0x1a5sfd15as1fa.x64
/dayum0x1a5sfd15as1fa.x86
/dayum0x1a5sfd15as1fa.x86_32
/dayum0x1a5sfd15as1fa.x86_64
/Mercury.arc
/Mercury.arm
/Mercury.arm4
/Mercury.arm4l
/Mercury.arm4t
/Mercury.arm4tl
/Mercury.arm4tll
/Mercury.arm5
/Mercury.arm5l
/Mercury.arm5n
/Mercury.arm6
/Mercury.arm64
/Mercury.arm6l
/Mercury.arm7
/Mercury.arm7l
/Mercury.arm8
/Mercury.armv4
/Mercury.armv4l
/Mercury.armv5l
/Mercury.armv6
/Mercury.armv61
/Mercury.armv6l
/Mercury.armv7l
/Mercury.dbg
/Mercury.exploit
/Mercury.i4
/Mercury.i486
/Mercury.i586
/Mercury.i6
/Mercury.i686
/Mercury.kill
/Mercury.m68
/Mercury.m68k
/Mercury.mips
/Mercury.mips64
/Mercury.mipseb
/Mercury.mipsel
/Mercury.mpsl
/Mercury.pcc
/Mercury.powerpc
/Mercury.powerpc-440fp
/Mercury.powerppc
/Mercury.ppc
/Mercury.ppc2
/Mercury.ppc440
/Mercury.ppc440fp
/Mercury.root
/Mercury.root32
/Mercury.sh
/Mercury.sh4
/Mercury.sparc
/Mercury.spc
/Mercury.ssh4
/Mercury.x32
/Mercury.x64
/Mercury.x86
/Mercury.x86_32
/Mercury.x86_64
/Mercury1.arc
/Mercury1.arm
/Mercury1.arm4
/Mercury1.arm4l
/Mercury1.arm4t
/Mercury1.arm4tl
/Mercury1.arm4tll
/Mercury1.arm5
/Mercury1.arm5l
/Mercury1.arm5n
/Mercury1.arm6
/Mercury1.arm64
/Mercury1.arm6l
/Mercury1.arm7
/Mercury1.arm7l
/Mercury1.arm8
/Mercury1.armv4
/Mercury1.armv4l
/Mercury1.armv5l
/Mercury1.armv6
/Mercury1.armv61
/Mercury1.armv6l
/Mercury1.armv7l
/Mercury1.dbg
/Mercury1.exploit
/Mercury1.i4
/Mercury1.i486
/Mercury1.i586
/Mercury1.i6
/Mercury1.i686
/Mercury1.kill
/Mercury1.m68
/Mercury1.m68k
/Mercury1.mips
/Mercury1.mips64
/Mercury1.mipseb
/Mercury1.mipsel
/Mercury1.mpsl
/Mercury1.pcc
/Mercury1.powerpc
/Mercury1.powerpc-440fp
/Mercury1.powerppc
/Mercury1.ppc
/Mercury1.ppc2
/Mercury1.ppc440
/Mercury1.ppc440fp
/Mercury1.root
/Mercury1.root32
/Mercury1.sh
/Mercury1.sh4
/Mercury1.sparc
/Mercury1.spc
/Mercury1.ssh4
/Mercury1.x32
/Mercury1.x64
/Mercury1.x86
/Mercury1.x86_32
/Mercury1.x86_64
/nigga.arc
/nigga.arm
/nigga.arm4
/nigga.arm4l
/nigga.arm4t
/nigga.arm4tl
/nigga.arm4tll
/nigga.arm5
/nigga.arm5l
/nigga.arm5n
/nigga.arm6
/nigga.arm64
/nigga.arm6l
/nigga.arm7
/nigga.arm7l
/nigga.arm8
/nigga.armv4
/nigga.armv4l
/nigga.armv5l
/nigga.armv6
/nigga.armv61
/nigga.armv6l
/nigga.armv7l
/nigga.dbg
/nigga.exploit
/nigga.i4
/nigga.i486
/nigga.i586
/nigga.i6
/nigga.i686
/nigga.kill
/nigga.m68
/nigga.m68k
/nigga.mips
/nigga.mips64
/nigga.mipseb
/nigga.mipsel
/nigga.mpsl
/nigga.pcc
/nigga.powerpc
/nigga.powerpc-440fp
/nigga.powerppc
/nigga.ppc
/nigga.ppc2
/nigga.ppc440
/nigga.ppc440fp
/nigga.root
/nigga.root32
/nigga.sh
/nigga.sh4
/nigga.sparc
/nigga.spc
/nigga.ssh4
/nigga.x32
/nigga.x64
/nigga.x86
/nigga.x86_32
/nigga.x86_64
/vlastic.arc
/vlastic.arm
/vlastic.arm4
/vlastic.arm4l
/vlastic.arm4t
/vlastic.arm4tl
/vlastic.arm4tll
/vlastic.arm5
/vlastic.arm5l
/vlastic.arm5n
/vlastic.arm6
/vlastic.arm64
/vlastic.arm6l
/vlastic.arm7
/vlastic.arm7l
/vlastic.arm8
/vlastic.armv4
/vlastic.armv4l
/vlastic.armv5l
/vlastic.armv6
/vlastic.armv61
/vlastic.armv6l
/vlastic.armv7l
/vlastic.dbg
/vlastic.exploit
/vlastic.i4
/vlastic.i486
/vlastic.i586
/vlastic.i6
/vlastic.i686
/vlastic.kill
/vlastic.m68
/vlastic.m68k
/vlastic.mips
/vlastic.mips64
/vlastic.mipseb
/vlastic.mipsel
/vlastic.mpsl
/vlastic.pcc
/vlastic.powerpc
/vlastic.powerpc-440fp
/vlastic.powerppc
/vlastic.ppc
/vlastic.ppc2
/vlastic.ppc440
/vlastic.ppc440fp
/vlastic.root
/vlastic.root32
/vlastic.sh
/vlastic.sh4
/vlastic.sparc
/vlastic.spc
/vlastic.ssh4
/vlastic.x32
/vlastic.x64
/vlastic.x86
/vlastic.x86_32
/vlastic.x86_64

# Reference: https://blog.netlab.360.com/ttint-an-iot-rat-uses-two-0-days-to-spread/
# Reference: https://otx.alienvault.com/pulse/5f74a03fb74e50e9ad2a40bd

34.92.139.186:5001
back.notepod2.com
cnc.notepod2.com
q9uvveypib.notepod2.com
uhyg8v.notepod2.com
notepod2.com

# Reference: https://twitter.com/bad_packets/status/1311822756271415298

192.210.214.51:36457
192.210.214.51:55665
/Astra.arc
/Astra.arm
/Astra.arm4
/Astra.arm4l
/Astra.arm4t
/Astra.arm4tl
/Astra.arm4tll
/Astra.arm5
/Astra.arm5l
/Astra.arm5n
/Astra.arm6
/Astra.arm64
/Astra.arm6l
/Astra.arm7
/Astra.arm7l
/Astra.arm8
/Astra.armv4
/Astra.armv4l
/Astra.armv5l
/Astra.armv6
/Astra.armv61
/Astra.armv6l
/Astra.armv7l
/Astra.dbg
/Astra.exploit
/Astra.i4
/Astra.i486
/Astra.i586
/Astra.i6
/Astra.i686
/Astra.kill
/Astra.m68
/Astra.m68k
/Astra.mips
/Astra.mips64
/Astra.mipseb
/Astra.mipsel
/Astra.mpsl
/Astra.pcc
/Astra.powerpc
/Astra.powerpc-440fp
/Astra.powerppc
/Astra.ppc
/Astra.ppc2
/Astra.ppc440
/Astra.ppc440fp
/Astra.root
/Astra.root32
/Astra.sh
/Astra.sh4
/Astra.sparc
/Astra.spc
/Astra.ssh4
/Astra.x32
/Astra.x64
/Astra.x86
/Astra.x86_32
/Astra.x86_64

# Reference: https://pastebin.com/REr0nF4b

/flux.arc
/flux.arm
/flux.arm4
/flux.arm4l
/flux.arm4t
/flux.arm4tl
/flux.arm4tll
/flux.arm5
/flux.arm5l
/flux.arm5n
/flux.arm6
/flux.arm64
/flux.arm6l
/flux.arm7
/flux.arm7l
/flux.arm8
/flux.armv4
/flux.armv4l
/flux.armv5l
/flux.armv6
/flux.armv61
/flux.armv6l
/flux.armv7l
/flux.dbg
/flux.exploit
/flux.i4
/flux.i486
/flux.i586
/flux.i6
/flux.i686
/flux.kill
/flux.m68
/flux.m68k
/flux.mips
/flux.mips64
/flux.mipseb
/flux.mipsel
/flux.mpsl
/flux.pcc
/flux.powerpc
/flux.powerpc-440fp
/flux.powerppc
/flux.ppc
/flux.ppc2
/flux.ppc440
/flux.ppc440fp
/flux.root
/flux.root32
/flux.sh
/flux.sh4
/flux.sparc
/flux.spc
/flux.ssh4
/flux.x32
/flux.x64
/flux.x86
/flux.x86_32
/flux.x86_64
/katana_updated.arc
/katana_updated.arm
/katana_updated.arm4
/katana_updated.arm4l
/katana_updated.arm4t
/katana_updated.arm4tl
/katana_updated.arm4tll
/katana_updated.arm5
/katana_updated.arm5l
/katana_updated.arm5n
/katana_updated.arm6
/katana_updated.arm64
/katana_updated.arm6l
/katana_updated.arm7
/katana_updated.arm7l
/katana_updated.arm8
/katana_updated.armv4
/katana_updated.armv4l
/katana_updated.armv5l
/katana_updated.armv6
/katana_updated.armv61
/katana_updated.armv6l
/katana_updated.armv7l
/katana_updated.dbg
/katana_updated.exploit
/katana_updated.i4
/katana_updated.i486
/katana_updated.i586
/katana_updated.i6
/katana_updated.i686
/katana_updated.kill
/katana_updated.m68
/katana_updated.m68k
/katana_updated.mips
/katana_updated.mips64
/katana_updated.mipseb
/katana_updated.mipsel
/katana_updated.mpsl
/katana_updated.pcc
/katana_updated.powerpc
/katana_updated.powerpc-440fp
/katana_updated.powerppc
/katana_updated.ppc
/katana_updated.ppc2
/katana_updated.ppc440
/katana_updated.ppc440fp
/katana_updated.root
/katana_updated.root32
/katana_updated.sh
/katana_updated.sh4
/katana_updated.sparc
/katana_updated.spc
/katana_updated.ssh4
/katana_updated.x32
/katana_updated.x64
/katana_updated.x86
/katana_updated.x86_32
/katana_updated.x86_64
/lolk.arc
/lolk.arm
/lolk.arm4
/lolk.arm4l
/lolk.arm4t
/lolk.arm4tl
/lolk.arm4tll
/lolk.arm5
/lolk.arm5l
/lolk.arm5n
/lolk.arm6
/lolk.arm64
/lolk.arm6l
/lolk.arm7
/lolk.arm7l
/lolk.arm8
/lolk.armv4
/lolk.armv4l
/lolk.armv5l
/lolk.armv6
/lolk.armv61
/lolk.armv6l
/lolk.armv7l
/lolk.dbg
/lolk.exploit
/lolk.i4
/lolk.i486
/lolk.i586
/lolk.i6
/lolk.i686
/lolk.kill
/lolk.m68
/lolk.m68k
/lolk.mips
/lolk.mips64
/lolk.mipseb
/lolk.mipsel
/lolk.mpsl
/lolk.pcc
/lolk.powerpc
/lolk.powerpc-440fp
/lolk.powerppc
/lolk.ppc
/lolk.ppc2
/lolk.ppc440
/lolk.ppc440fp
/lolk.root
/lolk.root32
/lolk.sh
/lolk.sh4
/lolk.sparc
/lolk.spc
/lolk.ssh4
/lolk.x32
/lolk.x64
/lolk.x86
/lolk.x86_32
/lolk.x86_64
/nostalgia.arc
/nostalgia.arm
/nostalgia.arm4
/nostalgia.arm4l
/nostalgia.arm4t
/nostalgia.arm4tl
/nostalgia.arm4tll
/nostalgia.arm5
/nostalgia.arm5l
/nostalgia.arm5n
/nostalgia.arm6
/nostalgia.arm64
/nostalgia.arm6l
/nostalgia.arm7
/nostalgia.arm7l
/nostalgia.arm8
/nostalgia.armv4
/nostalgia.armv4l
/nostalgia.armv5l
/nostalgia.armv6
/nostalgia.armv61
/nostalgia.armv6l
/nostalgia.armv7l
/nostalgia.dbg
/nostalgia.exploit
/nostalgia.i4
/nostalgia.i486
/nostalgia.i586
/nostalgia.i6
/nostalgia.i686
/nostalgia.kill
/nostalgia.m68
/nostalgia.m68k
/nostalgia.mips
/nostalgia.mips64
/nostalgia.mipseb
/nostalgia.mipsel
/nostalgia.mpsl
/nostalgia.pcc
/nostalgia.powerpc
/nostalgia.powerpc-440fp
/nostalgia.powerppc
/nostalgia.ppc
/nostalgia.ppc2
/nostalgia.ppc440
/nostalgia.ppc440fp
/nostalgia.root
/nostalgia.root32
/nostalgia.sh
/nostalgia.sh4
/nostalgia.sparc
/nostalgia.spc
/nostalgia.ssh4
/nostalgia.x32
/nostalgia.x64
/nostalgia.x86
/nostalgia.x86_32
/nostalgia.x86_64
/S4YBOT/
/YoutubeVegaSec/

# Reference: https://prod-blog.avira.com/new-mirai-variant-exploits-unauthenticated-remote-code-execution-in-the-web-interface-of-tea-latex-1-0

/arc.deathh
/arm.deathh
/arm4.deathh
/arm4l.deathh
/arm4t.deathh
/arm4tl.deathh
/arm4tll.deathh
/arm5.deathh
/arm5l.deathh
/arm5n.deathh
/arm6.deathh
/arm64.deathh
/arm6l.deathh
/arm7.deathh
/arm7l.deathh
/arm8.deathh
/armv4.deathh
/armv4l.deathh
/armv5l.deathh
/armv6.deathh
/armv61.deathh
/armv6l.deathh
/armv7l.deathh
/dbg.deathh
/exploit.deathh
/i4.deathh
/i486.deathh
/i586.deathh
/i6.deathh
/i686.deathh
/kill.deathh
/m68.deathh
/m68k.deathh
/mips.deathh
/mips64.deathh
/mipsel.deathh
/mpsl.deathh
/pcc.deathh
/powerpc-440fp.deathh
/powerpc.deathh
/powerppc.deathh
/ppc.deathh
/ppc2.deathh
/ppc440.deathh
/ppc440fp.deathh
/root.deathh
/root32.deathh
/sh.deathh
/sh4.deathh
/sparc.deathh
/spc.deathh
/ssh4.deathh
/x32.deathh
/x64.deathh
/x86.deathh
/x86_32.deathh
/x86_64.deathh

# Reference: https://www.virustotal.com/gui/file/ad32c703ff90eff49a2acf0d044385825dfefe2f0844ab1f4d205491609e4473/detection
# Reference: https://www.virustotal.com/gui/file/b5b4bc152ffeb67234686799a020c12ab54ba4f2306afe1ad458ee1d3e6bf0e8/detection

1.68.2.2:908
152.247.92.184:908
155.138.203.46:908
185.163.47.189:908
189.121.232.17:908
48.105.223.146:908
69.166.231.29:908
74.204.42.231:908
81.223.20.189:908

# Reference: https://www.virustotal.com/gui/file/17c61e4d63e9bef584a6895ccac0613a43e862cd49e817b98927ca50172dac17/detection

/xb.arc
/xb.arm
/xb.arm4
/xb.arm4l
/xb.arm4t
/xb.arm4tl
/xb.arm4tll
/xb.arm5
/xb.arm5l
/xb.arm5n
/xb.arm6
/xb.arm64
/xb.arm6l
/xb.arm7
/xb.arm7l
/xb.arm8
/xb.armv4
/xb.armv4l
/xb.armv5l
/xb.armv6
/xb.armv61
/xb.armv6l
/xb.armv7l
/xb.dbg
/xb.exploit
/xb.i4
/xb.i486
/xb.i586
/xb.i6
/xb.i686
/xb.kill
/xb.m68
/xb.m68k
/xb.mips
/xb.mips64
/xb.mipseb
/xb.mipsel
/xb.mpsl
/xb.pcc
/xb.powerpc
/xb.powerpc-440fp
/xb.powerppc
/xb.ppc
/xb.ppc2
/xb.ppc440
/xb.ppc440fp
/xb.root
/xb.root32
/xb.sh
/xb.sh4
/xb.sparc
/xb.spc
/xb.ssh4
/xb.x32
/xb.x64
/xb.x86
/xb.x86_32
/xb.x86_64

# Reference: https://unit42.paloaltonetworks.com/iot-vulnerabilities-mirai-payloads/
# Reference: https://www.virustotal.com/gui/domain/moo.2u0apcm6ylhdy7s.com/relations
# Reference: https://www.virustotal.com/gui/domain/proxy.2u0apcm6ylhdy7s.com/relations
# Reference: https://www.virustotal.com/gui/file/04114bd136941811e355df28e9b2eeaa941a04b61b185fd214a4c54daa171e1c/detection

hxarasxg.hxarasxg.xyz
lol.thezone.vip
moo.2u0apcm6ylhdy7s.com
proxy.2u0apcm6ylhdy7s.com
xyz.hxarasxg.xyz

# Reference: https://www.virustotal.com/gui/file/7f1b5c6a4f6f359f86d1583b803fd4ba96e21c2918aa364526ad2445ec47f1e0/detection
# Reference: https://www.virustotal.com/gui/file/dded381c07e78587b61435f69d30a24d30b31b4306bd34f6441c69c45d5bb7a6/detection

139.127.13.112:21843
139.127.13.112:5555
149.211.215.6:21843
149.211.215.6:5555
159.238.163.205:21843
159.238.163.205:5555

# Reference: https://www.virustotal.com/gui/file/28bc81da421bc4851dfe638fbf03f13d158826061d8ff116a9d9a0bcdb152fe6/detection

133.138.191.247:21843
133.138.191.247:8080
133.138.191.247:8081
133.138.191.247:8083
71.192.192.7:21843
133.138.191.247:81
71.192.192.7:8080
71.192.192.7:8081
71.192.192.7:8083
71.192.192.7:81

# Reference: https://www.virustotal.com/gui/file/842b7ffada42b06bcba6289cdedc55d3a4d7b92e05e68289395062ec7a1f35b0/detection

201.190.0.238:22843
201.190.0.238:5555

# Reference: https://www.virustotal.com/gui/file/5a0879989c860bb5365669e8f75e45970758ecf11932adf7f5ef87d1bb051d9a/detection

153.168.179.134:21843
153.168.179.134:5555
192.17.109.179:21843
192.17.109.179:5555

# Reference: https://www.virustotal.com/gui/file/8288187596ef9b707bcf25c7788d88b50fd2c19445ff59537c18dfb48edaddc6/detection

12.171.49.86:21843
12.171.49.86:5555
4.230.197.244:21843
4.230.197.244:5555

# Reference: https://www.virustotal.com/gui/file/044322b9aad8334a4b658596d1762493ece6db8cd5b673ef043dc0ed8c86103e/detection

202.28.124.17:21843
202.28.124.17:8000
202.28.124.17:8080
202.28.124.17:81
202.28.124.17:88
31.194.219.6:21843
31.194.219.6:8000
31.194.219.6:8080
31.194.219.6:81
31.194.219.6:88

# Reference: https://www.virustotal.com/gui/file/ab0c24ce177af3f88944cad61048f6e441910dfab6d40fee8eabb4dc55de0661/detection

25.10.6.20:54618
25.10.6.20:5555

# Reference: https://www.virustotal.com/gui/file/c9821c9f4277a4e35e20d794a7342d68033c1935bc0b6671f9a637a05604012e/detection

73.135.244.56:54618
73.135.244.56:5555

# Reference: https://www.virustotal.com/gui/file/6d21a2269fdde733b4051e423af38b4d79cbe98aff518a2c0da2f17e7a315259/detection

100.206.219.177:54618
100.206.219.177:5555
122.68.148.220:54618
122.68.148.220:5555

# Reference: https://www.virustotal.com/gui/file/cbbef96f21fc3673ec09415284720532e92f938f06211237ac727b15942c0125/detection

102.123.21.72:54618
102.123.21.72:5555
119.66.216.173:54618
119.66.216.173:5555

# Reference: https://www.virustotal.com/gui/file/8191fb29ea40fed9fe2bf2cdef3d663e36bc758269be3feaa8454e0950f822de/detection

186.93.232.166:54618
186.93.232.166:5555

# Reference: https://www.virustotal.com/gui/file/59b1ca2d47af1d5b60b84c3a9d6a64a09b7340864b9e90247466d7f91ed53b84/detection

20.68.36.251:28314
20.68.36.251:8080
69.29.208.137:28314
69.29.208.137:8080

# Reference: https://www.virustotal.com/gui/file/d5d5488ae9c80558cc4634ce6d51837d82347fd48d1a665e606dcfbfdf638b7b/detection

176.172.36.124:28314
176.172.36.124:5555
139.253.8.63:28314
139.253.8.63:5555

# Reference: https://www.virustotal.com/gui/file/4e3f7832a105a00f1b8b2056ae83dc34f8a28717a61a331dd3b11bee107d42b5/detection

145.55.237.216:54618
145.55.237.216:5555
146.216.152.147:54618
146.216.152.147:5555

# Reference: https://twitter.com/VessOnSecurity/status/1317019753123319808
# Reference: https://twitter.com/0xrb/status/1318075195920318469
# Reference: https://www.virustotal.com/gui/domain/bot.warzone.to/relations
# Reference: https://pastebin.com/Z3q8AcNu

/0xVegak4t4n4.arc
/0xVegak4t4n4.arm
/0xVegak4t4n4.arm4
/0xVegak4t4n4.arm4l
/0xVegak4t4n4.arm4t
/0xVegak4t4n4.arm4tl
/0xVegak4t4n4.arm4tll
/0xVegak4t4n4.arm5
/0xVegak4t4n4.arm5l
/0xVegak4t4n4.arm5n
/0xVegak4t4n4.arm6
/0xVegak4t4n4.arm64
/0xVegak4t4n4.arm6l
/0xVegak4t4n4.arm7
/0xVegak4t4n4.arm7l
/0xVegak4t4n4.arm8
/0xVegak4t4n4.armv4
/0xVegak4t4n4.armv4l
/0xVegak4t4n4.armv5l
/0xVegak4t4n4.armv6
/0xVegak4t4n4.armv61
/0xVegak4t4n4.armv6l
/0xVegak4t4n4.armv7l
/0xVegak4t4n4.dbg
/0xVegak4t4n4.exploit
/0xVegak4t4n4.i4
/0xVegak4t4n4.i486
/0xVegak4t4n4.i586
/0xVegak4t4n4.i6
/0xVegak4t4n4.i686
/0xVegak4t4n4.kill
/0xVegak4t4n4.m68
/0xVegak4t4n4.m68k
/0xVegak4t4n4.mips
/0xVegak4t4n4.mips64
/0xVegak4t4n4.mipseb
/0xVegak4t4n4.mipsel
/0xVegak4t4n4.mpsl
/0xVegak4t4n4.pcc
/0xVegak4t4n4.powerpc
/0xVegak4t4n4.powerpc-440fp
/0xVegak4t4n4.powerppc
/0xVegak4t4n4.ppc
/0xVegak4t4n4.ppc2
/0xVegak4t4n4.ppc440
/0xVegak4t4n4.ppc440fp
/0xVegak4t4n4.root
/0xVegak4t4n4.root32
/0xVegak4t4n4.sh
/0xVegak4t4n4.sh4
/0xVegak4t4n4.sparc
/0xVegak4t4n4.spc
/0xVegak4t4n4.ssh4
/0xVegak4t4n4.x32
/0xVegak4t4n4.x64
/0xVegak4t4n4.x86
/0xVegak4t4n4.x86_32
/0xVegak4t4n4.x86_64
/1isequal9.arc
/1isequal9.arm
/1isequal9.arm4
/1isequal9.arm4l
/1isequal9.arm4t
/1isequal9.arm4tl
/1isequal9.arm4tll
/1isequal9.arm5
/1isequal9.arm5l
/1isequal9.arm5n
/1isequal9.arm6
/1isequal9.arm64
/1isequal9.arm6l
/1isequal9.arm7
/1isequal9.arm7l
/1isequal9.arm8
/1isequal9.armv4
/1isequal9.armv4l
/1isequal9.armv5l
/1isequal9.armv6
/1isequal9.armv61
/1isequal9.armv6l
/1isequal9.armv7l
/1isequal9.dbg
/1isequal9.exploit
/1isequal9.i4
/1isequal9.i486
/1isequal9.i586
/1isequal9.i6
/1isequal9.i686
/1isequal9.kill
/1isequal9.m68
/1isequal9.m68k
/1isequal9.mips
/1isequal9.mips64
/1isequal9.mipseb
/1isequal9.mipsel
/1isequal9.mpsl
/1isequal9.pcc
/1isequal9.powerpc
/1isequal9.powerpc-440fp
/1isequal9.powerppc
/1isequal9.ppc
/1isequal9.ppc2
/1isequal9.ppc440
/1isequal9.ppc440fp
/1isequal9.root
/1isequal9.root32
/1isequal9.sh
/1isequal9.sh4
/1isequal9.sparc
/1isequal9.spc
/1isequal9.ssh4
/1isequal9.x32
/1isequal9.x64
/1isequal9.x86
/1isequal9.x86_32
/1isequal9.x86_64
/7rtya.arc
/7rtya.arm
/7rtya.arm4
/7rtya.arm4l
/7rtya.arm4t
/7rtya.arm4tl
/7rtya.arm4tll
/7rtya.arm5
/7rtya.arm5l
/7rtya.arm5n
/7rtya.arm6
/7rtya.arm64
/7rtya.arm6l
/7rtya.arm7
/7rtya.arm7l
/7rtya.arm8
/7rtya.armv4
/7rtya.armv4l
/7rtya.armv5l
/7rtya.armv6
/7rtya.armv61
/7rtya.armv6l
/7rtya.armv7l
/7rtya.dbg
/7rtya.exploit
/7rtya.i4
/7rtya.i486
/7rtya.i586
/7rtya.i6
/7rtya.i686
/7rtya.kill
/7rtya.m68
/7rtya.m68k
/7rtya.mips
/7rtya.mips64
/7rtya.mipseb
/7rtya.mipsel
/7rtya.mpsl
/7rtya.pcc
/7rtya.powerpc
/7rtya.powerpc-440fp
/7rtya.powerppc
/7rtya.ppc
/7rtya.ppc2
/7rtya.ppc440
/7rtya.ppc440fp
/7rtya.root
/7rtya.root32
/7rtya.sh
/7rtya.sh4
/7rtya.sparc
/7rtya.spc
/7rtya.ssh4
/7rtya.x32
/7rtya.x64
/7rtya.x86
/7rtya.x86_32
/7rtya.x86_64
/8isnotequalto9.arc
/8isnotequalto9.arm
/8isnotequalto9.arm4
/8isnotequalto9.arm4l
/8isnotequalto9.arm4t
/8isnotequalto9.arm4tl
/8isnotequalto9.arm4tll
/8isnotequalto9.arm5
/8isnotequalto9.arm5l
/8isnotequalto9.arm5n
/8isnotequalto9.arm6
/8isnotequalto9.arm64
/8isnotequalto9.arm6l
/8isnotequalto9.arm7
/8isnotequalto9.arm7l
/8isnotequalto9.arm8
/8isnotequalto9.armv4
/8isnotequalto9.armv4l
/8isnotequalto9.armv5l
/8isnotequalto9.armv6
/8isnotequalto9.armv61
/8isnotequalto9.armv6l
/8isnotequalto9.armv7l
/8isnotequalto9.dbg
/8isnotequalto9.exploit
/8isnotequalto9.i4
/8isnotequalto9.i486
/8isnotequalto9.i586
/8isnotequalto9.i6
/8isnotequalto9.i686
/8isnotequalto9.kill
/8isnotequalto9.m68
/8isnotequalto9.m68k
/8isnotequalto9.mips
/8isnotequalto9.mips64
/8isnotequalto9.mipseb
/8isnotequalto9.mipsel
/8isnotequalto9.mpsl
/8isnotequalto9.pcc
/8isnotequalto9.powerpc
/8isnotequalto9.powerpc-440fp
/8isnotequalto9.powerppc
/8isnotequalto9.ppc
/8isnotequalto9.ppc2
/8isnotequalto9.ppc440
/8isnotequalto9.ppc440fp
/8isnotequalto9.root
/8isnotequalto9.root32
/8isnotequalto9.sh
/8isnotequalto9.sh4
/8isnotequalto9.sparc
/8isnotequalto9.spc
/8isnotequalto9.ssh4
/8isnotequalto9.x32
/8isnotequalto9.x64
/8isnotequalto9.x86
/8isnotequalto9.x86_32
/8isnotequalto9.x86_64
/azhure.arc
/azhure.arm
/azhure.arm4
/azhure.arm4l
/azhure.arm4t
/azhure.arm4tl
/azhure.arm4tll
/azhure.arm5
/azhure.arm5l
/azhure.arm5n
/azhure.arm6
/azhure.arm64
/azhure.arm6l
/azhure.arm7
/azhure.arm7l
/azhure.arm8
/azhure.armv4
/azhure.armv4l
/azhure.armv5l
/azhure.armv6
/azhure.armv61
/azhure.armv6l
/azhure.armv7l
/azhure.dbg
/azhure.exploit
/azhure.i4
/azhure.i486
/azhure.i586
/azhure.i6
/azhure.i686
/azhure.kill
/azhure.m68
/azhure.m68k
/azhure.mips
/azhure.mips64
/azhure.mipseb
/azhure.mipsel
/azhure.mpsl
/azhure.pcc
/azhure.powerpc
/azhure.powerpc-440fp
/azhure.powerppc
/azhure.ppc
/azhure.ppc2
/azhure.ppc440
/azhure.ppc440fp
/azhure.root
/azhure.root32
/azhure.sh
/azhure.sh4
/azhure.sparc
/azhure.spc
/azhure.ssh4
/azhure.x32
/azhure.x64
/azhure.x86
/azhure.x86_32
/azhure.x86_64
/H3LLN3Tarc
/H3LLN3Tarm
/H3LLN3Tarm4
/H3LLN3Tarm4l
/H3LLN3Tarm4t
/H3LLN3Tarm4tl
/H3LLN3Tarm4tll
/H3LLN3Tarm5
/H3LLN3Tarm5l
/H3LLN3Tarm5n
/H3LLN3Tarm6
/H3LLN3Tarm64
/H3LLN3Tarm6l
/H3LLN3Tarm7
/H3LLN3Tarm7l
/H3LLN3Tarm8
/H3LLN3Tarmv4
/H3LLN3Tarmv4l
/H3LLN3Tarmv5l
/H3LLN3Tarmv6
/H3LLN3Tarmv61
/H3LLN3Tarmv6l
/H3LLN3Tarmv7l
/H3LLN3Tdbg
/H3LLN3Texploit
/H3LLN3Ti4
/H3LLN3Ti486
/H3LLN3Ti586
/H3LLN3Ti6
/H3LLN3Ti686
/H3LLN3Tkill
/H3LLN3Tm68
/H3LLN3Tm68k
/H3LLN3Tmips
/H3LLN3Tmips64
/H3LLN3Tmipseb
/H3LLN3Tmipsel
/H3LLN3Tmpsl
/H3LLN3Tpcc
/H3LLN3Tpowerpc
/H3LLN3Tpowerpc-440fp
/H3LLN3Tpowerppc
/H3LLN3Tppc
/H3LLN3Tppc2
/H3LLN3Tppc440
/H3LLN3Tppc440fp
/H3LLN3Troot
/H3LLN3Troot32
/H3LLN3Tsh
/H3LLN3Tsh4
/H3LLN3Tsparc
/H3LLN3Tspc
/H3LLN3Tssh4
/H3LLN3Tx32
/H3LLN3Tx64
/H3LLN3Tx86
/H3LLN3Tx86_32
/H3LLN3Tx86_64
/JuffHell.arc
/JuffHell.arm
/JuffHell.arm4
/JuffHell.arm4l
/JuffHell.arm4t
/JuffHell.arm4tl
/JuffHell.arm4tll
/JuffHell.arm5
/JuffHell.arm5l
/JuffHell.arm5n
/JuffHell.arm6
/JuffHell.arm64
/JuffHell.arm6l
/JuffHell.arm7
/JuffHell.arm7l
/JuffHell.arm8
/JuffHell.armv4
/JuffHell.armv4l
/JuffHell.armv5l
/JuffHell.armv6
/JuffHell.armv61
/JuffHell.armv6l
/JuffHell.armv7l
/JuffHell.dbg
/JuffHell.exploit
/JuffHell.i4
/JuffHell.i486
/JuffHell.i586
/JuffHell.i6
/JuffHell.i686
/JuffHell.kill
/JuffHell.m68
/JuffHell.m68k
/JuffHell.mips
/JuffHell.mips64
/JuffHell.mipseb
/JuffHell.mipsel
/JuffHell.mpsl
/JuffHell.pcc
/JuffHell.powerpc
/JuffHell.powerpc-440fp
/JuffHell.powerppc
/JuffHell.ppc
/JuffHell.ppc2
/JuffHell.ppc440
/JuffHell.ppc440fp
/JuffHell.root
/JuffHell.root32
/JuffHell.sh
/JuffHell.sh4
/JuffHell.sparc
/JuffHell.spc
/JuffHell.ssh4
/JuffHell.x32
/JuffHell.x64
/JuffHell.x86
/JuffHell.x86_32
/JuffHell.x86_64
/PleaseSub.arc
/PleaseSub.arm
/PleaseSub.arm4
/PleaseSub.arm4l
/PleaseSub.arm4t
/PleaseSub.arm4tl
/PleaseSub.arm4tll
/PleaseSub.arm5
/PleaseSub.arm5l
/PleaseSub.arm5n
/PleaseSub.arm6
/PleaseSub.arm64
/PleaseSub.arm6l
/PleaseSub.arm7
/PleaseSub.arm7l
/PleaseSub.arm8
/PleaseSub.armv4
/PleaseSub.armv4l
/PleaseSub.armv5l
/PleaseSub.armv6
/PleaseSub.armv61
/PleaseSub.armv6l
/PleaseSub.armv7l
/PleaseSub.dbg
/PleaseSub.exploit
/PleaseSub.i4
/PleaseSub.i486
/PleaseSub.i586
/PleaseSub.i6
/PleaseSub.i686
/PleaseSub.kill
/PleaseSub.m68
/PleaseSub.m68k
/PleaseSub.mips
/PleaseSub.mips64
/PleaseSub.mipseb
/PleaseSub.mipsel
/PleaseSub.mpsl
/PleaseSub.pcc
/PleaseSub.powerpc
/PleaseSub.powerpc-440fp
/PleaseSub.powerppc
/PleaseSub.ppc
/PleaseSub.ppc2
/PleaseSub.ppc440
/PleaseSub.ppc440fp
/PleaseSub.root
/PleaseSub.root32
/PleaseSub.sh
/PleaseSub.sh4
/PleaseSub.sparc
/PleaseSub.spc
/PleaseSub.ssh4
/PleaseSub.x32
/PleaseSub.x64
/PleaseSub.x86
/PleaseSub.x86_32
/PleaseSub.x86_64
/s4y.arc
/s4y.arm
/s4y.arm4
/s4y.arm4l
/s4y.arm4t
/s4y.arm4tl
/s4y.arm4tll
/s4y.arm5
/s4y.arm5l
/s4y.arm5n
/s4y.arm6
/s4y.arm64
/s4y.arm6l
/s4y.arm7
/s4y.arm7l
/s4y.arm8
/s4y.armv4
/s4y.armv4l
/s4y.armv5l
/s4y.armv6
/s4y.armv61
/s4y.armv6l
/s4y.armv7l
/s4y.dbg
/s4y.exploit
/s4y.i4
/s4y.i486
/s4y.i586
/s4y.i6
/s4y.i686
/s4y.kill
/s4y.m68
/s4y.m68k
/s4y.mips
/s4y.mips64
/s4y.mipseb
/s4y.mipsel
/s4y.mpsl
/s4y.pcc
/s4y.powerpc
/s4y.powerpc-440fp
/s4y.powerppc
/s4y.ppc
/s4y.ppc2
/s4y.ppc440
/s4y.ppc440fp
/s4y.root
/s4y.root32
/s4y.sh
/s4y.sh4
/s4y.sparc
/s4y.spc
/s4y.ssh4
/s4y.x32
/s4y.x64
/s4y.x86
/s4y.x86_32
/s4y.x86_64
/t0xic.arc
/t0xic.arm
/t0xic.arm4
/t0xic.arm4l
/t0xic.arm4t
/t0xic.arm4tl
/t0xic.arm4tll
/t0xic.arm5
/t0xic.arm5l
/t0xic.arm5n
/t0xic.arm6
/t0xic.arm64
/t0xic.arm6l
/t0xic.arm7
/t0xic.arm7l
/t0xic.arm8
/t0xic.armv4
/t0xic.armv4l
/t0xic.armv5l
/t0xic.armv6
/t0xic.armv61
/t0xic.armv6l
/t0xic.armv7l
/t0xic.dbg
/t0xic.exploit
/t0xic.i4
/t0xic.i486
/t0xic.i586
/t0xic.i6
/t0xic.i686
/t0xic.kill
/t0xic.m68
/t0xic.m68k
/t0xic.mips
/t0xic.mips64
/t0xic.mipseb
/t0xic.mipsel
/t0xic.mpsl
/t0xic.pcc
/t0xic.powerpc
/t0xic.powerpc-440fp
/t0xic.powerppc
/t0xic.ppc
/t0xic.ppc2
/t0xic.ppc440
/t0xic.ppc440fp
/t0xic.root
/t0xic.root32
/t0xic.sh
/t0xic.sh4
/t0xic.sparc
/t0xic.spc
/t0xic.ssh4
/t0xic.x32
/t0xic.x64
/t0xic.x86
/t0xic.x86_32
/t0xic.x86_64
/warzone.arc
/warzone.arm
/warzone.arm4
/warzone.arm4l
/warzone.arm4t
/warzone.arm4tl
/warzone.arm4tll
/warzone.arm5
/warzone.arm5l
/warzone.arm5n
/warzone.arm6
/warzone.arm64
/warzone.arm6l
/warzone.arm7
/warzone.arm7l
/warzone.arm8
/warzone.armv4
/warzone.armv4l
/warzone.armv5l
/warzone.armv6
/warzone.armv61
/warzone.armv6l
/warzone.armv7l
/warzone.dbg
/warzone.exploit
/warzone.i4
/warzone.i486
/warzone.i586
/warzone.i6
/warzone.i686
/warzone.kill
/warzone.m68
/warzone.m68k
/warzone.mips
/warzone.mips64
/warzone.mipseb
/warzone.mipsel
/warzone.mpsl
/warzone.pcc
/warzone.powerpc
/warzone.powerpc-440fp
/warzone.powerppc
/warzone.ppc
/warzone.ppc2
/warzone.ppc440
/warzone.ppc440fp
/warzone.root
/warzone.root32
/warzone.sh
/warzone.sh4
/warzone.sparc
/warzone.spc
/warzone.ssh4
/warzone.x32
/warzone.x64
/warzone.x86
/warzone.x86_32
/warzone.x86_64
bot.warzone.to
/centos2139r209ru120934r123jhr908213jh4r09213/
/Please-Subscribe-To-My-YT-Channel-VegaSec/
/PleaseSub_to_YouTube-VegaSec/
/subscribetomy_youtube_channel_vegasec/
/Yoooooooutuuuuuuube-VegaSec/

# Reference: https://twitter.com/bad_packets/status/1317219274293792768

5.252.194.137:51847
5.252.194.137:56412

# Reference: https://www.virustotal.com/gui/file/248373fe08db828b8fa37a061ceeb51c73fa2d4baba7c3cf9a4255b395481314/detection

45.95.168.162:2074

# Reference: https://twitter.com/bad_packets/status/1320117450357133312

5.253.84.197:666
5.253.84.197:6660
5.253.84.197:9999

# Reference: https://twitter.com/malwrhunterteam/status/1321810467728359425

/hypoweb.arc
/hypoweb.arm
/hypoweb.arm4
/hypoweb.arm4l
/hypoweb.arm4t
/hypoweb.arm4tl
/hypoweb.arm4tll
/hypoweb.arm5
/hypoweb.arm5l
/hypoweb.arm5n
/hypoweb.arm6
/hypoweb.arm64
/hypoweb.arm6l
/hypoweb.arm7
/hypoweb.arm7l
/hypoweb.arm8
/hypoweb.armv4
/hypoweb.armv4l
/hypoweb.armv5l
/hypoweb.armv6
/hypoweb.armv61
/hypoweb.armv6l
/hypoweb.armv7l
/hypoweb.dbg
/hypoweb.exploit
/hypoweb.i4
/hypoweb.i486
/hypoweb.i586
/hypoweb.i6
/hypoweb.i686
/hypoweb.kill
/hypoweb.m68
/hypoweb.m68k
/hypoweb.mips
/hypoweb.mips64
/hypoweb.mipseb
/hypoweb.mipsel
/hypoweb.mpsl
/hypoweb.pcc
/hypoweb.powerpc
/hypoweb.powerpc-440fp
/hypoweb.powerppc
/hypoweb.ppc
/hypoweb.ppc2
/hypoweb.ppc440
/hypoweb.ppc440fp
/hypoweb.root
/hypoweb.root32
/hypoweb.sh
/hypoweb.sh4
/hypoweb.sparc
/hypoweb.spc
/hypoweb.ssh4
/hypoweb.x32
/hypoweb.x64
/hypoweb.x86
/hypoweb.x86_32
/hypoweb.x86_64

# Reference: https://www.virustotal.com/gui/file/93ab81f96ee7eb97acda77a34d8d99a11e4469041ddd09ca2f88bcee42186fd7/detection

77.170.123.192:81

# Reference: https://malwareconfig.com/config/c8f35ded44139ae098546576939c42a4
# Reference: https://www.virustotal.com/gui/domain/bigbots.cc/relations
# Reference: https://www.virustotal.com/gui/file/f5d296ace78582403c8678a0517bb78d95ba81300c71e1be6d2d10d4401dcd21/detection
# Reference: https://www.virustotal.com/gui/file/1e2fc4ae25acfcf1de36a83ea30fc613d70064fb5a0ea39fca6cea93572f0dae/detection

bigbots.cc
bot.bigbots.cc
cnc.bigbots.cc
cnc1.bigbots.cc
botnet.goelites.cc

# Reference: https://www.virustotal.com/gui/file/359f8f15064bd490269bc061e28539cf96e006f4db145a9e0bc7a9512ba75fb3/detection

152.89.239.197:14107

# Reference: https://www.virustotal.com/gui/file/a253a92625f17ddea9d4338f0ed089e068a664d158d934ca6d1cd6635f342dc3/detection
# Reference: https://www.virustotal.com/gui/file/960132e546bdf812bb31cc8f72481052ab53d55b2affca62b89a71066c4b549d/detection

152.89.239.197:2323
152.89.239.197:25809

# Reference: https://unit42.paloaltonetworks.com/muhstik-botnet-exploits-the-latest-weblogic-vulnerability-for-cryptomining-and-ddos-attacks/
# Reference: https://www.virustotal.com/gui/file/e538026c0aa97deb2952afde3f8521be53ffb9ead6b6c349d6cd26942f609335/detection

http://165.227.78.159

# Reference: https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/
# Reference: https://otx.alienvault.com/pulse/5e2872f76ff2c00a49a60433

http://159.89.156.190
s.shadow.mods.net
y.fd6fq54s6df541q23sdxfg.eu

# Reference: https://www.lacework.com/meet-muhstik-iot-botnet-infecting-cloud-servers/
# Reference: https://github.com/lacework/lacework-labs/blob/master/blog/muhstik_indicators.csv
# Reference: https://otx.alienvault.com/pulse/5fac084160045cf3e322288b

de-zahlung.eu
deutschland-zahlung.eu
deutschland-zahlung.net
shadow-mods.net

# Reference: https://tolisec.com/active-iot-botnets-11-11-20/
# Reference: https://www.virustotal.com/gui/file/31b258676b9414bac1b7d1e49ef4ad1f/detection
# Reference: https://www.virustotal.com/gui/file/b73ceb52f8ec04f3a89ea524645d1ba0/detection
# Reference: https://www.virustotal.com/gui/file/bb907142b24c1a6aaa28b557baefdbb3/detection
# Reference: https://www.virustotal.com/gui/file/dc6db4547dd72eb688ba79e8605de3db/detection
# Reference: https://www.virustotal.com/gui/file/2ee7797e373b57710fd8437b2ade5246/detection
# Reference: https://www.virustotal.com/gui/file/ae00a6373156e09728cabcfc4cda372d/detection
# Reference: https://www.virustotal.com/gui/file/4876700c786bc07c8d28cd99e92460649119ff31ceb71a576c3a6cebfa6ac1b0/detection

104.248.120.130:34241
107.173.176.123:1024
120.177.65.68:2323
120.177.65.68:53547
142.11.242.17:666
206.166.251.223:25009
37.49.230.196:53547
37.49.230.208:5555
cnc.destiny2beyondlight.ml
cyberium.cc
/DAYUMitsKKKAAATTTAAANNNAAA.arc
/DAYUMitsKKKAAATTTAAANNNAAA.arm
/DAYUMitsKKKAAATTTAAANNNAAA.arm4
/DAYUMitsKKKAAATTTAAANNNAAA.arm4l
/DAYUMitsKKKAAATTTAAANNNAAA.arm4t
/DAYUMitsKKKAAATTTAAANNNAAA.arm4tl
/DAYUMitsKKKAAATTTAAANNNAAA.arm4tll
/DAYUMitsKKKAAATTTAAANNNAAA.arm5
/DAYUMitsKKKAAATTTAAANNNAAA.arm5l
/DAYUMitsKKKAAATTTAAANNNAAA.arm5n
/DAYUMitsKKKAAATTTAAANNNAAA.arm6
/DAYUMitsKKKAAATTTAAANNNAAA.arm64
/DAYUMitsKKKAAATTTAAANNNAAA.arm6l
/DAYUMitsKKKAAATTTAAANNNAAA.arm7
/DAYUMitsKKKAAATTTAAANNNAAA.arm7l
/DAYUMitsKKKAAATTTAAANNNAAA.arm8
/DAYUMitsKKKAAATTTAAANNNAAA.armv4
/DAYUMitsKKKAAATTTAAANNNAAA.armv4l
/DAYUMitsKKKAAATTTAAANNNAAA.armv5l
/DAYUMitsKKKAAATTTAAANNNAAA.armv6
/DAYUMitsKKKAAATTTAAANNNAAA.armv61
/DAYUMitsKKKAAATTTAAANNNAAA.armv6l
/DAYUMitsKKKAAATTTAAANNNAAA.armv7l
/DAYUMitsKKKAAATTTAAANNNAAA.dbg
/DAYUMitsKKKAAATTTAAANNNAAA.exploit
/DAYUMitsKKKAAATTTAAANNNAAA.i4
/DAYUMitsKKKAAATTTAAANNNAAA.i486
/DAYUMitsKKKAAATTTAAANNNAAA.i586
/DAYUMitsKKKAAATTTAAANNNAAA.i6
/DAYUMitsKKKAAATTTAAANNNAAA.i686
/DAYUMitsKKKAAATTTAAANNNAAA.kill
/DAYUMitsKKKAAATTTAAANNNAAA.m68
/DAYUMitsKKKAAATTTAAANNNAAA.m68k
/DAYUMitsKKKAAATTTAAANNNAAA.mips
/DAYUMitsKKKAAATTTAAANNNAAA.mips64
/DAYUMitsKKKAAATTTAAANNNAAA.mipseb
/DAYUMitsKKKAAATTTAAANNNAAA.mipsel
/DAYUMitsKKKAAATTTAAANNNAAA.mpsl
/DAYUMitsKKKAAATTTAAANNNAAA.pcc
/DAYUMitsKKKAAATTTAAANNNAAA.powerpc
/DAYUMitsKKKAAATTTAAANNNAAA.powerpc-440fp
/DAYUMitsKKKAAATTTAAANNNAAA.powerppc
/DAYUMitsKKKAAATTTAAANNNAAA.ppc
/DAYUMitsKKKAAATTTAAANNNAAA.ppc2
/DAYUMitsKKKAAATTTAAANNNAAA.ppc440
/DAYUMitsKKKAAATTTAAANNNAAA.ppc440fp
/DAYUMitsKKKAAATTTAAANNNAAA.root
/DAYUMitsKKKAAATTTAAANNNAAA.root32
/DAYUMitsKKKAAATTTAAANNNAAA.sh
/DAYUMitsKKKAAATTTAAANNNAAA.sh4
/DAYUMitsKKKAAATTTAAANNNAAA.sparc
/DAYUMitsKKKAAATTTAAANNNAAA.spc
/DAYUMitsKKKAAATTTAAANNNAAA.ssh4
/DAYUMitsKKKAAATTTAAANNNAAA.x32
/DAYUMitsKKKAAATTTAAANNNAAA.x64
/DAYUMitsKKKAAATTTAAANNNAAA.x86
/DAYUMitsKKKAAATTTAAANNNAAA.x86_32
/DAYUMitsKKKAAATTTAAANNNAAA.x86_64
/333Sao999Sao666/

# Reference: https://tolisec.com/active-iot-botnets-22-10-2020/
# Reference: https://www.virustotal.com/gui/file/9a3545da771f1855cf3da51167d8c93c/detection
# Reference: https://www.virustotal.com/gui/file/100ed2a62ddd9ec6096f14b9117b26c2/detection
# Reference: https://www.virustotal.com/gui/file/6bf9c3ab7e1f8e1ebbbda3e7d8682d23/detection
# Reference: https://www.virustotal.com/gui/file/0f2f4d29c538c468032a60a606c2b4ba/detection
# Reference: https://www.virustotal.com/gui/file/3573b95be87bee9c3f66056e9cd07cbd/detection
# Reference: https://www.virustotal.com/gui/file/3f8565d12803d06e5dfcadb24afc331c/detection
# Reference: https://www.virustotal.com/gui/file/c36f57d0a4ea105c8cc23314650b4b2b/detection
# Reference: https://www.virustotal.com/gui/file/3cd6a127cd46e050d7c5424937d4669a/detection
# Reference: https://www.virustotal.com/gui/file/b60c0bead153982539fefaae5b32702b/detection
# Reference: https://www.virustotal.com/gui/file/b592c677fda7c6ab800c22ca9ac8cfa0/detection
# Reference: https://www.virustotal.com/gui/file/5a4047340aa818fbea0083111bd0e515/detection

172.245.154.151:1272
2.57.122.107:1791
206.126.81.107:48529
206.126.81.140:63645
23.95.9.144:45
37.46.150.64:1791
37.49.225.116:10001
45.14.224.170:40666
45.61.136.13:25761
45.84.196.141:9506
45.95.168.114:666
cnchellnet.duckdns.org

# Reference: https://twitter.com/malwrhunterteam/status/1308338603748143104

/tolisec.arc
/tolisec.arm
/tolisec.arm4
/tolisec.arm4l
/tolisec.arm4t
/tolisec.arm4tl
/tolisec.arm4tll
/tolisec.arm5
/tolisec.arm5l
/tolisec.arm5n
/tolisec.arm6
/tolisec.arm64
/tolisec.arm6l
/tolisec.arm7
/tolisec.arm7l
/tolisec.arm8
/tolisec.armv4
/tolisec.armv4l
/tolisec.armv5l
/tolisec.armv6
/tolisec.armv61
/tolisec.armv6l
/tolisec.armv7l
/tolisec.dbg
/tolisec.exploit
/tolisec.i4
/tolisec.i486
/tolisec.i586
/tolisec.i6
/tolisec.i686
/tolisec.kill
/tolisec.m68
/tolisec.m68k
/tolisec.mips
/tolisec.mips64
/tolisec.mipseb
/tolisec.mipsel
/tolisec.mpsl
/tolisec.pcc
/tolisec.powerpc
/tolisec.powerpc-440fp
/tolisec.powerppc
/tolisec.ppc
/tolisec.ppc2
/tolisec.ppc440
/tolisec.ppc440fp
/tolisec.root
/tolisec.root32
/tolisec.sh
/tolisec.sh4
/tolisec.sparc
/tolisec.spc
/tolisec.ssh4
/tolisec.x32
/tolisec.x64
/tolisec.x86
/tolisec.x86_32
/tolisec.x86_64

# Reference: https://www.virustotal.com/gui/file/431080d355e9a5dc4bfdcdd738e823c26ecc638f42ba285f06db87893d226dfb/detection

66.78.194.204:2323
66.78.194.204:26
66.78.194.204:4700
66.78.194.204:9000
66.78.194.204:9001
snoopy.cyberium.cc

# Reference: https://www.virustotal.com/gui/file/e231fc9e669e5ea5c1842f888c3a83cf307c4af0d9e3df92194a08f6a2dea4ec/detection

165.37.197.225:2323
165.37.197.225:26
165.37.197.225:4700
165.37.197.225:9000
165.37.197.225:9001

# Reference: https://www.virustotal.com/gui/file/fe5f3beac939684dc634056c34a6e9321ed191f74bc286c05c07d434b8a300ed/detection

19.215.59.129:2323
19.215.59.129:4705
19.215.59.129:9000
19.215.59.129:9001

# Reference: https://www.virustotal.com/gui/file/6b364613c4643dd9dbbda94b380f01efd7c30b535f910bb358e0cd4e9396825d/detection

39.133.15.156:2323

# Reference: https://www.virustotal.com/gui/file/b468f9f2d705a422034a38db20a22abeeb3d8b07f7092e1dca26fe4567b28f6d/detection

99.189.97.199:2323

# Reference: https://www.virustotal.com/gui/file/1b0a2e9c62df314d42e9da960301debeb9fd01f355c51c8af4ca00113b6fe5e3/detection

102.78.255.97:2323
102.78.255.97:4705

# Reference: https://www.virustotal.com/gui/file/4e179b5f43b1956b21c21ab589e88f86c7ac3b770007ce4f45983720f1574562/detection

170.172.239.143:2323
170.172.239.143:4705
170.172.239.143:8089

# Reference: https://www.virustotal.com/gui/file/bf3406ad9a705da025d153a3f8cb10eb29fb7d861bc8060ab3bbb11e9fd6df11/detection

51.187.179.246:4705
51.187.179.246:60001

# Reference: https://www.virustotal.com/gui/file/4ec2c609358ee522457c429196a0368b546cd3fde4fa70971ba3db65d5ca0adb/detection

66.48.173.112:4705

# Reference: https://www.virustotal.com/gui/file/3e091d307e122f975f406f2affb04890891e51cb694845b3bc6152a07a992545/detection

47.175.82.228:2323
47.175.82.228:4707

# Reference: https://www.virustotal.com/gui/file/2600c26a88f6279098d437b8c9d577aaa305b4c5cb3af41f52bf71072b018de6/detection

141.215.72.199:2323
174.185.42.198:2323
175.69.201.42:2323
175.69.201.42:4707
33.243.204.0:2323
34.80.74.112:2323
36.210.116.196:2323
39.233.207.137:2323
39.233.207.137:4707
53.67.60.155:2323
53.67.60.155:4707
59.46.44.157:2323
59.46.44.157:4707

# Reference: https://www.virustotal.com/gui/file/26f326be6c1f35d5d20c8e27315c07b8d1d3982a26de80f44d5a926910b6adf4/detection

gcc.cyberium.cc

# Reference: https://www.virustotal.com/gui/file/0ff1385e82b616f4a73cb1f8304af4354f20f73d8b66529518d3edde3ca33c00/detection
# Reference: https://www.virustotal.com/gui/file/c7910b885ffd45977da536d5cc557ec8af21f802f9d9bb8eaf347b58ff66f546/detection
# Reference: https://www.virustotal.com/gui/file/b1a2a59c3fd900cbc5a260803a0b493f00062bc1d73fecb93964c4387d0cbecc/detection
# Reference: https://www.virustotal.com/gui/file/353afd0a40cfa08a5c28ad9a42ee6414948cea787ee4d33580cbe576ff007322/detection

108.251.87.78:9530
132.84.208.85:9530
84.240.92.48:9530
park.cyberium.cc

# Reference: https://www.virustotal.com/gui/file/b08064c8ea0eeceddc19b4550cb224cb73da17dda94b4d2fb2fff5e3f21df421/detection

100.137.79.20:2323
123.162.225.235:2323
123.162.225.235:44628
128.243.215.120:2323
34.121.39.185:2323
34.121.39.185:44628

# Reference: https://www.virustotal.com/gui/file/de1b69cfe1a8672a71262a2bbadeb4f9ef612f85d0776f3e598642f5bd17b28b/detection

117.145.78.28:2323
117.145.78.28:44628
157.28.1.158:2323
157.28.1.158:44628
131.104.206.84:2323
147.217.173.209:2323
147.217.173.209:44628

# Reference: https://www.virustotal.com/gui/file/76c9f4f6161cdc58dd312a946e48d19a6ef59b222dc67263b5015a595661b574/detection

181.137.142.28:2323
181.137.142.28:44628
205.10.193.209:2323
14.47.251.224:2323
92.29.239.156:2323
65.202.2.127:2323
65.202.2.127:44628

# Reference: https://www.virustotal.com/gui/file/d82e3d1877e280e28337bfdf989c91f33404a0f1d40009617801f52411776aeb/detection

12.129.251.56:2323
12.129.251.56:44628
126.254.2.205:2323
126.254.2.205:44628
153.168.179.134:2323
153.168.179.134:44628
172.78.241.214:2323
172.78.241.214:44628
209.169.130.124:2323
209.169.130.124:44628

# Reference: https://www.virustotal.com/gui/file/77b6a0477384a0af3a9fa8d5f03c0d06f4ed9a70af37d7f6f8de1747227515bd/detection

20.249.79.20:2323
156.115.192.216:2323
156.115.192.216:44628
180.60.117.11:2323
140.175.241.47:2323
161.145.194.124:2323

# Reference: https://www.virustotal.com/gui/file/d0c280bcac142c49eed685bdddd935abb1430a4621b2ff4a88fbb6ab3110ed19/detection

25.241.178.61:44629

# Reference: https://www.virustotal.com/gui/file/54f3ab6db8a6d2f64d1b84fd577281d3cdfe8f3cfd5bbbf11f7b4a9bd6208b81/detection

156.78.18.114:44629
194.48.177.97:44629

# Reference: https://www.virustotal.com/gui/file/d178b3c9f01829f56ec244849d36c0194786b709513abf8ffc878bdb672052f9/detection

hh.cyberium.cc

# Reference: https://twitter.com/CujoaiLabs/status/1362759627620941827
# Reference: https://www.virustotal.com/gui/file/c623dc1441cb79dd8214ece3c7e4f020f32472cc27a07beca4169c902a58fe9c/detection
# Reference: https://www.virustotal.com/gui/file/4c2b37d64a2fc48ef15ac40a8338c604a2b9365bb6f8fd91182b186ec923b54c/detection
# Reference: https://www.virustotal.com/gui/file/5f553f8730ec98f57961d25478c8fa5b4adefcaa72eb0fb8795b5a717a7fcb9c/detection
# Reference: https://www.virustotal.com/gui/file/a50817c6c9b799d24d16670430364ca017f57ff82b03d82345b2591ea98a0ed5/detection
# Reference: https://www.virustotal.com/gui/file/52196a805880d39c865b41f58b794099d9e9fc226f14d43214829014e4c22473/detection
# Reference: https://www.virustotal.com/gui/file/addc2df224615966a8e238677eb27c71a4aa6220874dc607840af766ede9750c/detection

120.235.85.170:37002
151.158.105.139:37002
152.42.119.110:37002
166.24.150.205:37003
175.95.46.201:37003
214.97.129.41:37002
71.103.185.220:37002
wo.cyberium.cc
/proval.arc
/proval.arm
/proval.arm4
/proval.arm4l
/proval.arm4t
/proval.arm4tl
/proval.arm4tll
/proval.arm5
/proval.arm5l
/proval.arm5n
/proval.arm6
/proval.arm64
/proval.arm6l
/proval.arm7
/proval.arm7l
/proval.arm8
/proval.armv4
/proval.armv4l
/proval.armv5l
/proval.armv6
/proval.armv61
/proval.armv6l
/proval.armv7l
/proval.dbg
/proval.exploit
/proval.i4
/proval.i486
/proval.i586
/proval.i6
/proval.i686
/proval.kill
/proval.m68
/proval.m68k
/proval.mips
/proval.mips64
/proval.mipseb
/proval.mipsel
/proval.mpsl
/proval.pcc
/proval.powerpc
/proval.powerpc-440fp
/proval.powerppc
/proval.ppc
/proval.ppc2
/proval.ppc440
/proval.ppc440fp
/proval.root
/proval.root32
/proval.sh
/proval.sh4
/proval.sparc
/proval.spc
/proval.ssh4
/proval.x32
/proval.x64
/proval.x86
/proval.x86_32
/proval.x86_64
/HOPEIDONTHITURLHAUSE/

# Reference: https://www.virustotal.com/gui/file/e2277ba1412d178e0c5621523b0d1d968ad335c9f6f32bb9061dfdbe474b479e/detection
# Reference: https://www.virustotal.com/gui/file/2f05ba5476cbd131623e12d881dfc4edc76ca65cb61310caa67939328e46189b/detection
# Reference: https://www.virustotal.com/gui/file/93cad96d212c412dd949494a6d5f239a79c735ef9e716d307d07d0f7d193f0b3/detection
# Reference: https://www.virustotal.com/gui/file/2ffb5591dbb3aaed77d71a3d6f2fef29ce7d7242f5df218081b817016bff364e/detection
# Reference: https://www.virustotal.com/gui/file/129884bf28c5d41a35c6fdeb87a32399fa0c098e909510939faf9a7187260513/detection
# Reference: https://www.virustotal.com/gui/file/289a8d286e4ff08f0c583a98d26d1783764d53b45b462252c222b93acda0c233/detection
# Reference: https://www.virustotal.com/gui/file/148bfa40a80fc97a5d78e2aba64980e5ecc215fe6db50b941c9cd1a0573979e8/detection
# Reference: https://www.virustotal.com/gui/file/e8a51ba26c9a6ca6fc942b96aa0ca5e583b987bf316d5f2e4dd649e6d875df39/detection
# Reference: https://www.virustotal.com/gui/file/ba1a8e4c73173210f118a36134058c425b1710af4bbbc517f915144df79e998c/detection

132.1.30.57:2323
132.1.30.57:25009
132.135.253.182:2323
132.135.253.182:25009
143.231.185.45:2323
143.231.185.45:25009
178.198.51.200:2323
178.198.51.200:25009
220.97.236.12:2323
220.97.236.12:25009
37.205.66.2:2323
37.205.66.2:25009
55.160.120.53:2323
55.160.120.53:25009
63.116.139.255:2323
63.116.139.255:25009
74.39.226.252:2323
74.39.226.252:25009
ns.cyberium.cc

# Reference: https://www.virustotal.com/gui/file/3f5f015f919a2341d4da292a7db859e5c607e4f3e4a06db189b6548ef68c27fe/detection

185.244.25.181:81

# Reference: https://www.virustotal.com/gui/file/a3278015e1605ef349623dafb18d7ad3665b270a5b4359c66d9aa71031a0e20c/detection

185.244.25.181:26663

# Reference: https://tolisec.com/active-iot-botnets-25-03-2020/
# Reference: https://www.virustotal.com/gui/file/bd658214918e4228f4ed07875d4830f3/detection
# Reference: https://www.virustotal.com/gui/file/bd658214918e4228f4ed07875d4830f3/detection
# Reference: https://www.virustotal.com/gui/file/8a7dafd2218ccdfa511e94f3e6dc9a59/detection
# Reference: https://www.virustotal.com/gui/file/2398c7305b819ef61411eac52463f862/detection
# Reference: https://www.virustotal.com/gui/file/8b8e4fb04a87013b153f683b1149dd3c/detection
# Reference: https://www.virustotal.com/gui/file/26a9dce3e8d3a6fa963e1cc101b60a36/detection
# Reference: https://www.virustotal.com/gui/file/8ad99e518fbaf1219f06e762db906ec3/detection
# Reference: https://www.virustotal.com/gui/file/9ca091d3104fb56e63493394e50e8e07/detection
# Reference: https://www.virustotal.com/gui/file/1d924d0b3d22fc86f3e6c0918f2f0e7b/detection
# Reference: https://www.virustotal.com/gui/file/bd658214918e4228f4ed07875d4830f3/detection
# Reference: https://www.virustotal.com/gui/file/8a7dafd2218ccdfa511e94f3e6dc9a59/detection
# Reference: https://www.virustotal.com/gui/file/2398c7305b819ef61411eac52463f862/detection
# Reference: https://www.virustotal.com/gui/file/8b8e4fb04a87013b153f683b1149dd3c/detection
# Reference: https://www.virustotal.com/gui/file/26a9dce3e8d3a6fa963e1cc101b60a36/detection
# Reference: https://www.virustotal.com/gui/file/8ad99e518fbaf1219f06e762db906ec3/detection
# Reference: https://www.virustotal.com/gui/file/9ca091d3104fb56e63493394e50e8e07/detection
# Reference: https://www.virustotal.com/gui/file/1d924d0b3d22fc86f3e6c0918f2f0e7b/detection
# Reference: https://www.virustotal.com/gui/file/525bfe4227d4dcb27b5cd274e9bb5494/detection
# Reference: https://www.virustotal.com/gui/file/03f788b565da0f154b5c506fba5b589e/detection
# Reference: https://www.virustotal.com/gui/file/abcada52e64e74c5c869152055579b3a/detection
# Reference: https://www.virustotal.com/gui/file/8f2ded85594258546e6a9f62e7477d99/detection
# Reference: https://www.virustotal.com/gui/file/ea5e33d4d6a81858255ce1def8205674/detection

104.248.86.127:9506
134.122.112.236:45
139.162.189.173:9506
159.89.54.236:9375
172.86.75.173:6909
192.236.155.159:7498
45.55.33.143:45
67.207.93.206:65513
95.217.146.225:9506

# Reference: https://tolisec.com/active-iot-botnets-10-04-2020/
# Reference: https://www.virustotal.com/gui/file/a89335c965355e33e10c8f779a00a7d5/detection
# Reference: https://www.virustotal.com/gui/file/f53749eaeea48dc1720cfca6f5b4e932/detection
# Reference: https://www.virustotal.com/gui/file/06a6abf63963606a28d5fb1e4bedc72d/detection
# Reference: https://www.virustotal.com/gui/file/c6dcbd3557fe11841599427da833d63c/detection

104.238.235.186:5034
142.93.197.100:45
165.227.51.77:666
45.14.224.22:21795

# Reference: https://tolisec.com/active-iot-botnets-12-05-2020/
# Reference: https://www.virustotal.com/gui/file/5a7fd559adc15c89086592427b8b8d2c/detection
# Reference: https://www.virustotal.com/gui/file/9d08d96c6aa72932a0cc2e449c82fae8/detection
# Reference: https://www.virustotal.com/gui/file/b55f2f5c805b04858ae7fad8ac137d42/detection
# Reference: https://www.virustotal.com/gui/file/fdd8089262c3bbc4216085cf5a235c6c/detection
# Reference: https://www.virustotal.com/gui/file/91b8be51f982cad32050265ad9795c8e/detection
# Reference: https://www.virustotal.com/gui/file/fd1c236ef8051b3e11d4f9c45cf2f37e/detection
# Reference: https://www.virustotal.com/gui/file/76bb394c91b530311c830e5559ca0e99/detection
# Reference: https://www.virustotal.com/gui/file/35509e2c5a70cfc114222cb63d5a720a/detection
# Reference: https://www.virustotal.com/gui/file/1ce7ad62f9a5414f9101c8e6d25a6eba/detection
# Reference: https://www.virustotal.com/gui/file/d4feb8904af8f5517f88125dd8797b95/detection
# Reference: https://www.virustotal.com/gui/file/09f530994d19bad5fb57f27b346b241cb3718e906c751d4c802a6402aa75f847/detection

159.89.150.193:666
172.245.52.231:59666
192.236.160.162:58666
45.135.134.190:1791
45.32.179.8:9375
45.95.168.81:45
82.118.242.107:60004
96.30.193.26:8089
cnc.luxstresser.xyz

# Reference: https://tolisec.com/active-iot-botnets-18-05-2020/
# Reference: https://www.virustotal.com/gui/file/31cdb290056ccabca8d82176cbfb7b52/detection
# Reference: https://www.virustotal.com/gui/file/8b9eddbf2b90f15ad2b224b22fd8bc45/detection
# Reference: https://www.virustotal.com/gui/file/593e30dc2349334691e964a3934040ce/detection
# Reference: https://www.virustotal.com/gui/file/28323e9d1fa9dad0b07710aeab3f2be2/detection
# Reference: https://www.virustotal.com/gui/file/cfd9ee5b7dc7a79270565ef6a3351802/detection
# Reference: https://www.virustotal.com/gui/file/6df592143855b39753708ae44ddd8543/detection
# Reference: https://www.virustotal.com/gui/file/d7bf73af57300a78a18d942a6a915506/detection

192.236.146.53:4708
23.254.209.220:17012
37.49.226.221:6969
37.49.226.35:2074
45.95.168.169:65508
64.227.57.139:1791

# Reference: https://tolisec.com/active-iot-botnets-08-06-2020/
# Reference: https://www.virustotal.com/gui/file/4b6bb12f19c0952af041148e1378c0fc/detection
# Reference: https://www.virustotal.com/gui/file/c98713fa1be1f7b1ab2a0b325c9dd92c/detection
# Reference: https://www.virustotal.com/gui/file/8622a79f8fd279945074e3322f4619c4/detection
# Reference: https://www.virustotal.com/gui/file/b72e7857b7fedf7d6c962da17ea012ad/detection
# Reference: https://www.virustotal.com/gui/file/8c35339cd030daa159e7cbffa83ac22e/detection

172.245.8.9:3884
37.49.224.209:5959
45.143.220.246:1027
45.95.168.156:45
45.95.169.1:5959

# Reference: https://twitter.com/peterkruse/status/1328660451111161861

23.94.136.101:1543

# Reference: https://blog.netlab.360.com/another-lilin-dvr-0-day-being-used-to-spread-mirai-en/
# Reference: https://otx.alienvault.com/pulse/5fc9287d6df7201a94b8b861

2.57.122.167:5858

# Reference: https://twitter.com/0xrb/status/1339459142172299264

103.42.214.181:50505
/429329839912839018dhas8hd.arc
/429329839912839018dhas8hd.arcle-hs38
/429329839912839018dhas8hd.arm
/429329839912839018dhas8hd.arm4
/429329839912839018dhas8hd.arm4l
/429329839912839018dhas8hd.arm4t
/429329839912839018dhas8hd.arm4tl
/429329839912839018dhas8hd.arm4tll
/429329839912839018dhas8hd.arm5
/429329839912839018dhas8hd.arm5l
/429329839912839018dhas8hd.arm5n
/429329839912839018dhas8hd.arm6
/429329839912839018dhas8hd.arm64
/429329839912839018dhas8hd.arm6l
/429329839912839018dhas8hd.arm7
/429329839912839018dhas8hd.arm7l
/429329839912839018dhas8hd.arm8
/429329839912839018dhas8hd.armv4
/429329839912839018dhas8hd.armv4l
/429329839912839018dhas8hd.armv5l
/429329839912839018dhas8hd.armv6
/429329839912839018dhas8hd.armv61
/429329839912839018dhas8hd.armv6l
/429329839912839018dhas8hd.armv7l
/429329839912839018dhas8hd.dbg
/429329839912839018dhas8hd.exploit
/429329839912839018dhas8hd.i4
/429329839912839018dhas8hd.i486
/429329839912839018dhas8hd.i586
/429329839912839018dhas8hd.i6
/429329839912839018dhas8hd.i686
/429329839912839018dhas8hd.kill
/429329839912839018dhas8hd.m68
/429329839912839018dhas8hd.m68k
/429329839912839018dhas8hd.mips
/429329839912839018dhas8hd.mips64
/429329839912839018dhas8hd.mipseb
/429329839912839018dhas8hd.mipsel
/429329839912839018dhas8hd.mpsl
/429329839912839018dhas8hd.pcc
/429329839912839018dhas8hd.powerpc
/429329839912839018dhas8hd.powerpc-440fp
/429329839912839018dhas8hd.powerppc
/429329839912839018dhas8hd.ppc
/429329839912839018dhas8hd.ppc2
/429329839912839018dhas8hd.ppc440
/429329839912839018dhas8hd.ppc440fp
/429329839912839018dhas8hd.root
/429329839912839018dhas8hd.root32
/429329839912839018dhas8hd.sh
/429329839912839018dhas8hd.sh4
/429329839912839018dhas8hd.sparc
/429329839912839018dhas8hd.spc
/429329839912839018dhas8hd.ssh4
/429329839912839018dhas8hd.x32
/429329839912839018dhas8hd.x64
/429329839912839018dhas8hd.x86
/429329839912839018dhas8hd.x86_32
/429329839912839018dhas8hd.x86_64
/8z9z5x2aq931vs5431df33245v1651jm1556x.arc
/8z9z5x2aq931vs5431df33245v1651jm1556x.arcle-hs38
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm4
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm4l
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm4t
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm4tl
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm4tll
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm5
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm5l
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm5n
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm6
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm64
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm6l
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm7
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm7l
/8z9z5x2aq931vs5431df33245v1651jm1556x.arm8
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv4
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv4l
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv5l
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv6
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv61
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv6l
/8z9z5x2aq931vs5431df33245v1651jm1556x.armv7l
/8z9z5x2aq931vs5431df33245v1651jm1556x.dbg
/8z9z5x2aq931vs5431df33245v1651jm1556x.exploit
/8z9z5x2aq931vs5431df33245v1651jm1556x.i4
/8z9z5x2aq931vs5431df33245v1651jm1556x.i486
/8z9z5x2aq931vs5431df33245v1651jm1556x.i586
/8z9z5x2aq931vs5431df33245v1651jm1556x.i6
/8z9z5x2aq931vs5431df33245v1651jm1556x.i686
/8z9z5x2aq931vs5431df33245v1651jm1556x.kill
/8z9z5x2aq931vs5431df33245v1651jm1556x.m68
/8z9z5x2aq931vs5431df33245v1651jm1556x.m68k
/8z9z5x2aq931vs5431df33245v1651jm1556x.mips
/8z9z5x2aq931vs5431df33245v1651jm1556x.mips64
/8z9z5x2aq931vs5431df33245v1651jm1556x.mipseb
/8z9z5x2aq931vs5431df33245v1651jm1556x.mipsel
/8z9z5x2aq931vs5431df33245v1651jm1556x.mpsl
/8z9z5x2aq931vs5431df33245v1651jm1556x.pcc
/8z9z5x2aq931vs5431df33245v1651jm1556x.powerpc
/8z9z5x2aq931vs5431df33245v1651jm1556x.powerpc-440fp
/8z9z5x2aq931vs5431df33245v1651jm1556x.powerppc
/8z9z5x2aq931vs5431df33245v1651jm1556x.ppc
/8z9z5x2aq931vs5431df33245v1651jm1556x.ppc2
/8z9z5x2aq931vs5431df33245v1651jm1556x.ppc440
/8z9z5x2aq931vs5431df33245v1651jm1556x.ppc440fp
/8z9z5x2aq931vs5431df33245v1651jm1556x.root
/8z9z5x2aq931vs5431df33245v1651jm1556x.root32
/8z9z5x2aq931vs5431df33245v1651jm1556x.sh
/8z9z5x2aq931vs5431df33245v1651jm1556x.sh4
/8z9z5x2aq931vs5431df33245v1651jm1556x.sparc
/8z9z5x2aq931vs5431df33245v1651jm1556x.spc
/8z9z5x2aq931vs5431df33245v1651jm1556x.ssh4
/8z9z5x2aq931vs5431df33245v1651jm1556x.x32
/8z9z5x2aq931vs5431df33245v1651jm1556x.x64
/8z9z5x2aq931vs5431df33245v1651jm1556x.x86
/8z9z5x2aq931vs5431df33245v1651jm1556x.x86_32
/8z9z5x2aq931vs5431df33245v1651jm1556x.x86_64
/oni1.arc
/oni1.arcle-hs38
/oni1.arm
/oni1.arm4
/oni1.arm4l
/oni1.arm4t
/oni1.arm4tl
/oni1.arm4tll
/oni1.arm5
/oni1.arm5l
/oni1.arm5n
/oni1.arm6
/oni1.arm64
/oni1.arm6l
/oni1.arm7
/oni1.arm7l
/oni1.arm8
/oni1.armv4
/oni1.armv4l
/oni1.armv5l
/oni1.armv6
/oni1.armv61
/oni1.armv6l
/oni1.armv7l
/oni1.dbg
/oni1.exploit
/oni1.i4
/oni1.i486
/oni1.i586
/oni1.i6
/oni1.i686
/oni1.kill
/oni1.m68
/oni1.m68k
/oni1.mips
/oni1.mips64
/oni1.mipseb
/oni1.mipsel
/oni1.mpsl
/oni1.pcc
/oni1.powerpc
/oni1.powerpc-440fp
/oni1.powerppc
/oni1.ppc
/oni1.ppc2
/oni1.ppc440
/oni1.ppc440fp
/oni1.root
/oni1.root32
/oni1.sh
/oni1.sh4
/oni1.sparc
/oni1.spc
/oni1.ssh4
/oni1.x32
/oni1.x64
/oni1.x86
/oni1.x86_32
/oni1.x86_64
/1az01dc/
/429329839912839018dhas8hd/

# Reference: https://twitter.com/SolutionsXnotes/status/1252890403310678018

boatnet.us

# Reference: https://www.virustotal.com/gui/file/a4819baf2a16fdb4245de541bdff9f0d0b496721dd51d13bdd2aa55d4f6fe19b/detection
# Reference: https://www.virustotal.com/gui/file/a22d085d651d9db6cb0c6feff6a7bdbb9e0a788423ab5ec5fc15d1e0822b83d2/detection
# Reference: https://www.virustotal.com/gui/file/a1eba028065bc4ab687b6d478a86a359939593c5d7a882dd70e18e4c3180e5ed/detection

119.224.78.71:9506
12.131.52.123:9506
141.245.129.208:9506
142.105.199.63:9506
194.180.224.112:2323
194.180.224.112:33076
194.180.224.112:33635
194.180.224.112:39017
194.180.224.112:39914
194.180.224.112:40046
194.180.224.112:41021
194.180.224.112:42154
194.180.224.112:43168
194.180.224.112:47729
194.180.224.112:47751
194.180.224.112:47889
194.180.224.112:48557
194.180.224.112:48620
194.180.224.112:49314
194.180.224.112:53898
194.180.224.112:57962
194.180.224.112:59902
194.180.224.112:6281
194.180.224.112:9506
43.62.234.74:9506

# Reference: https://twitter.com/0xrb/status/1345970855692566530

/caligula.arc
/caligula.arcle-hs38
/caligula.arm
/caligula.arm4
/caligula.arm4l
/caligula.arm4t
/caligula.arm4tl
/caligula.arm4tll
/caligula.arm5
/caligula.arm5l
/caligula.arm5n
/caligula.arm6
/caligula.arm64
/caligula.arm6l
/caligula.arm7
/caligula.arm7l
/caligula.arm8
/caligula.armv4
/caligula.armv4l
/caligula.armv5l
/caligula.armv6
/caligula.armv61
/caligula.armv6l
/caligula.armv7l
/caligula.dbg
/caligula.exploit
/caligula.i4
/caligula.i486
/caligula.i586
/caligula.i6
/caligula.i686
/caligula.kill
/caligula.m68
/caligula.m68k
/caligula.mips
/caligula.mips64
/caligula.mipseb
/caligula.mipsel
/caligula.mpsl
/caligula.pcc
/caligula.powerpc
/caligula.powerpc-440fp
/caligula.powerppc
/caligula.ppc
/caligula.ppc2
/caligula.ppc440
/caligula.ppc440fp
/caligula.root
/caligula.root32
/caligula.sh
/caligula.sh4
/caligula.sparc
/caligula.spc
/caligula.ssh4
/caligula.x32
/caligula.x64
/caligula.x86
/caligula.x86_32
/caligula.x86_64

# Reference: https://twitter.com/r3dbU7z/status/1346566617614979073

/drp.arc
/drp.arcle-hs38
/drp.arm
/drp.arm4
/drp.arm4l
/drp.arm4t
/drp.arm4tl
/drp.arm4tll
/drp.arm5
/drp.arm5l
/drp.arm5n
/drp.arm6
/drp.arm64
/drp.arm6l
/drp.arm7
/drp.arm7l
/drp.arm8
/drp.armv4
/drp.armv4l
/drp.armv5l
/drp.armv6
/drp.armv61
/drp.armv6l
/drp.armv7l
/drp.dbg
/drp.exploit
/drp.i4
/drp.i486
/drp.i586
/drp.i6
/drp.i686
/drp.kill
/drp.m68
/drp.m68k
/drp.mips
/drp.mips64
/drp.mipseb
/drp.mipsel
/drp.mpsl
/drp.pcc
/drp.powerpc
/drp.powerpc-440fp
/drp.powerppc
/drp.ppc
/drp.ppc2
/drp.ppc440
/drp.ppc440fp
/drp.root
/drp.root32
/drp.sh
/drp.sh4
/drp.sparc
/drp.spc
/drp.ssh4
/drp.x32
/drp.x64
/drp.x86
/drp.x86_32
/drp.x86_64

# Reference: https://www.virustotal.com/gui/file/cba1ffef3091328c86676e525f6f097f1e8ac6ecfbbd5070639b866af23acf43/detection

163.219.86.46:9506
35.196.86.130:9506
37.46.150.86:9506

# Reference: https://www.virustotal.com/gui/file/83038e3b739022bab80b1b1b5ed4806166ce84099cb5fbb4b490ea269321f16e/detection

37.46.150.86:444

# Reference: https://www.virustotal.com/gui/file/afa11fe5bfd84487b331e60c097f321fd3eaf4274c8dd561189da5f04173b061/detection

185.80.129.5:1791

# Reference: https://www.virustotal.com/gui/file/d52224837a3a1fc33b8d89b22c05bba408243a5a897fa026fbd0f0be4614cbab/detection

192.28.172.40:36518
216.50.114.228:36518
76.81.137.181:36518
smlpp.monster

# Reference: https://www.virustotal.com/gui/file/c8aeb927cd1b897a9c31199f33a6df9f297707bed1aa0e66d167270f1fde6ff5/detection

159.65.8.143:7654
159.65.8.143:7685

# Reference: https://twitter.com/r3dbU7z/status/1351962998961803264

/luftwafee.arc
/luftwafee.arcle-hs38
/luftwafee.arm
/luftwafee.arm4
/luftwafee.arm4l
/luftwafee.arm4t
/luftwafee.arm4tl
/luftwafee.arm4tll
/luftwafee.arm5
/luftwafee.arm5l
/luftwafee.arm5n
/luftwafee.arm6
/luftwafee.arm64
/luftwafee.arm6l
/luftwafee.arm7
/luftwafee.arm7l
/luftwafee.arm8
/luftwafee.armv4
/luftwafee.armv4l
/luftwafee.armv5l
/luftwafee.armv6
/luftwafee.armv61
/luftwafee.armv6l
/luftwafee.armv7l
/luftwafee.dbg
/luftwafee.exploit
/luftwafee.i4
/luftwafee.i486
/luftwafee.i586
/luftwafee.i6
/luftwafee.i686
/luftwafee.kill
/luftwafee.m68
/luftwafee.m68k
/luftwafee.mips
/luftwafee.mips64
/luftwafee.mipseb
/luftwafee.mipsel
/luftwafee.mpsl
/luftwafee.pcc
/luftwafee.powerpc
/luftwafee.powerpc-440fp
/luftwafee.powerppc
/luftwafee.ppc
/luftwafee.ppc2
/luftwafee.ppc440
/luftwafee.ppc440fp
/luftwafee.root
/luftwafee.root32
/luftwafee.sh
/luftwafee.sh4
/luftwafee.sparc
/luftwafee.spc
/luftwafee.ssh4
/luftwafee.x32
/luftwafee.x64
/luftwafee.x86
/luftwafee.x86_32
/luftwafee.x86_64

# Reference: https://twitter.com/0xrb/status/1361560701454585857

/AJhkewbfwefWEFarc
/AJhkewbfwefWEFarcle-hs38
/AJhkewbfwefWEFarm
/AJhkewbfwefWEFarm4
/AJhkewbfwefWEFarm4l
/AJhkewbfwefWEFarm4t
/AJhkewbfwefWEFarm4tl
/AJhkewbfwefWEFarm4tll
/AJhkewbfwefWEFarm5
/AJhkewbfwefWEFarm5l
/AJhkewbfwefWEFarm5n
/AJhkewbfwefWEFarm6
/AJhkewbfwefWEFarm64
/AJhkewbfwefWEFarm6l
/AJhkewbfwefWEFarm7
/AJhkewbfwefWEFarm7l
/AJhkewbfwefWEFarm8
/AJhkewbfwefWEFarmv4
/AJhkewbfwefWEFarmv4l
/AJhkewbfwefWEFarmv5l
/AJhkewbfwefWEFarmv6
/AJhkewbfwefWEFarmv61
/AJhkewbfwefWEFarmv6l
/AJhkewbfwefWEFarmv7l
/AJhkewbfwefWEFdbg
/AJhkewbfwefWEFexploit
/AJhkewbfwefWEFi4
/AJhkewbfwefWEFi486
/AJhkewbfwefWEFi586
/AJhkewbfwefWEFi6
/AJhkewbfwefWEFi686
/AJhkewbfwefWEFkill
/AJhkewbfwefWEFm68
/AJhkewbfwefWEFm68k
/AJhkewbfwefWEFmips
/AJhkewbfwefWEFmips64
/AJhkewbfwefWEFmipseb
/AJhkewbfwefWEFmipsel
/AJhkewbfwefWEFmpsl
/AJhkewbfwefWEFpcc
/AJhkewbfwefWEFpowerpc
/AJhkewbfwefWEFpowerpc-440fp
/AJhkewbfwefWEFpowerppc
/AJhkewbfwefWEFppc
/AJhkewbfwefWEFpp-c
/AJhkewbfwefWEFppc2
/AJhkewbfwefWEFppc440
/AJhkewbfwefWEFppc440fp
/AJhkewbfwefWEFroot
/AJhkewbfwefWEFroot32
/AJhkewbfwefWEFsh
/AJhkewbfwefWEFsh4
/AJhkewbfwefWEFsparc
/AJhkewbfwefWEFspc
/AJhkewbfwefWEFssh4
/AJhkewbfwefWEFx32
/AJhkewbfwefWEFx32_64
/AJhkewbfwefWEFx64
/AJhkewbfwefWEFx86
/AJhkewbfwefWEFx86_32
/AJhkewbfwefWEFx86_64
/hinatasocute.arc
/hinatasocute.arcle-hs38
/hinatasocute.arm
/hinatasocute.arm4
/hinatasocute.arm4l
/hinatasocute.arm4t
/hinatasocute.arm4tl
/hinatasocute.arm4tll
/hinatasocute.arm5
/hinatasocute.arm5l
/hinatasocute.arm5n
/hinatasocute.arm6
/hinatasocute.arm64
/hinatasocute.arm6l
/hinatasocute.arm7
/hinatasocute.arm7l
/hinatasocute.arm8
/hinatasocute.armv4
/hinatasocute.armv4l
/hinatasocute.armv5l
/hinatasocute.armv6
/hinatasocute.armv61
/hinatasocute.armv6l
/hinatasocute.armv7l
/hinatasocute.dbg
/hinatasocute.exploit
/hinatasocute.i4
/hinatasocute.i486
/hinatasocute.i586
/hinatasocute.i6
/hinatasocute.i686
/hinatasocute.kill
/hinatasocute.m68
/hinatasocute.m68k
/hinatasocute.mips
/hinatasocute.mips64
/hinatasocute.mipseb
/hinatasocute.mipsel
/hinatasocute.mpsl
/hinatasocute.pcc
/hinatasocute.powerpc
/hinatasocute.powerpc-440fp
/hinatasocute.powerppc
/hinatasocute.ppc
/hinatasocute.pp-c
/hinatasocute.ppc2
/hinatasocute.ppc440
/hinatasocute.ppc440fp
/hinatasocute.root
/hinatasocute.root32
/hinatasocute.sh
/hinatasocute.sh4
/hinatasocute.sparc
/hinatasocute.spc
/hinatasocute.ssh4
/hinatasocute.x32
/hinatasocute.x32_64
/hinatasocute.x64
/hinatasocute.x86
/hinatasocute.x86_32
/hinatasocute.x86_64
/kurdentz.arc
/kurdentz.arcle-hs38
/kurdentz.arm
/kurdentz.arm4
/kurdentz.arm4l
/kurdentz.arm4t
/kurdentz.arm4tl
/kurdentz.arm4tll
/kurdentz.arm5
/kurdentz.arm5l
/kurdentz.arm5n
/kurdentz.arm6
/kurdentz.arm64
/kurdentz.arm6l
/kurdentz.arm7
/kurdentz.arm7l
/kurdentz.arm8
/kurdentz.armv4
/kurdentz.armv4l
/kurdentz.armv5l
/kurdentz.armv6
/kurdentz.armv61
/kurdentz.armv6l
/kurdentz.armv7l
/kurdentz.dbg
/kurdentz.exploit
/kurdentz.i4
/kurdentz.i486
/kurdentz.i586
/kurdentz.i6
/kurdentz.i686
/kurdentz.kill
/kurdentz.m68
/kurdentz.m68k
/kurdentz.mips
/kurdentz.mips64
/kurdentz.mipseb
/kurdentz.mipsel
/kurdentz.mpsl
/kurdentz.pcc
/kurdentz.powerpc
/kurdentz.powerpc-440fp
/kurdentz.powerppc
/kurdentz.ppc
/kurdentz.pp-c
/kurdentz.ppc2
/kurdentz.ppc440
/kurdentz.ppc440fp
/kurdentz.root
/kurdentz.root32
/kurdentz.sh
/kurdentz.sh4
/kurdentz.sparc
/kurdentz.spc
/kurdentz.ssh4
/kurdentz.x32
/kurdentz.x32_64
/kurdentz.x64
/kurdentz.x86
/kurdentz.x86_32
/kurdentz.x86_64
/pxSd.arc
/pxSd.arcle-hs38
/pxSd.arm
/pxSd.arm4
/pxSd.arm4l
/pxSd.arm4t
/pxSd.arm4tl
/pxSd.arm4tll
/pxSd.arm5
/pxSd.arm5l
/pxSd.arm5n
/pxSd.arm6
/pxSd.arm64
/pxSd.arm6l
/pxSd.arm7
/pxSd.arm7l
/pxSd.arm8
/pxSd.armv4
/pxSd.armv4l
/pxSd.armv5l
/pxSd.armv6
/pxSd.armv61
/pxSd.armv6l
/pxSd.armv7l
/pxSd.dbg
/pxSd.exploit
/pxSd.i4
/pxSd.i486
/pxSd.i586
/pxSd.i6
/pxSd.i686
/pxSd.kill
/pxSd.m68
/pxSd.m68k
/pxSd.mips
/pxSd.mips64
/pxSd.mipseb
/pxSd.mipsel
/pxSd.mpsl
/pxSd.pcc
/pxSd.powerpc
/pxSd.powerpc-440fp
/pxSd.powerppc
/pxSd.ppc
/pxSd.pp-c
/pxSd.ppc2
/pxSd.ppc440
/pxSd.ppc440fp
/pxSd.root
/pxSd.root32
/pxSd.sh
/pxSd.sh4
/pxSd.sparc
/pxSd.spc
/pxSd.ssh4
/pxSd.x32
/pxSd.x32_64
/pxSd.x64
/pxSd.x86
/pxSd.x86_32
/pxSd.x86_64
/suk.out.arc
/suk.out.arcle-hs38
/suk.out.arm
/suk.out.arm4
/suk.out.arm4l
/suk.out.arm4t
/suk.out.arm4tl
/suk.out.arm4tll
/suk.out.arm5
/suk.out.arm5l
/suk.out.arm5n
/suk.out.arm6
/suk.out.arm64
/suk.out.arm6l
/suk.out.arm7
/suk.out.arm7l
/suk.out.arm8
/suk.out.armv4
/suk.out.armv4l
/suk.out.armv5l
/suk.out.armv6
/suk.out.armv61
/suk.out.armv6l
/suk.out.armv7l
/suk.out.dbg
/suk.out.exploit
/suk.out.i4
/suk.out.i486
/suk.out.i586
/suk.out.i6
/suk.out.i686
/suk.out.kill
/suk.out.m68
/suk.out.m68k
/suk.out.mips
/suk.out.mips64
/suk.out.mipseb
/suk.out.mipsel
/suk.out.mpsl
/suk.out.pcc
/suk.out.powerpc
/suk.out.powerpc-440fp
/suk.out.powerppc
/suk.out.ppc
/suk.out.pp-c
/suk.out.ppc2
/suk.out.ppc440
/suk.out.ppc440fp
/suk.out.root
/suk.out.root32
/suk.out.sh
/suk.out.sh4
/suk.out.sparc
/suk.out.spc
/suk.out.ssh4
/suk.out.x32
/suk.out.x32_64
/suk.out.x64
/suk.out.x86
/suk.out.x86_32
/suk.out.x86_64
/UR0ABotnet.arc
/UR0ABotnet.arcle-hs38
/UR0ABotnet.arm
/UR0ABotnet.arm4
/UR0ABotnet.arm4l
/UR0ABotnet.arm4t
/UR0ABotnet.arm4tl
/UR0ABotnet.arm4tll
/UR0ABotnet.arm5
/UR0ABotnet.arm5l
/UR0ABotnet.arm5n
/UR0ABotnet.arm6
/UR0ABotnet.arm64
/UR0ABotnet.arm6l
/UR0ABotnet.arm7
/UR0ABotnet.arm7l
/UR0ABotnet.arm8
/UR0ABotnet.armv4
/UR0ABotnet.armv4l
/UR0ABotnet.armv5l
/UR0ABotnet.armv6
/UR0ABotnet.armv61
/UR0ABotnet.armv6l
/UR0ABotnet.armv7l
/UR0ABotnet.dbg
/UR0ABotnet.exploit
/UR0ABotnet.i4
/UR0ABotnet.i486
/UR0ABotnet.i586
/UR0ABotnet.i6
/UR0ABotnet.i686
/UR0ABotnet.kill
/UR0ABotnet.m68
/UR0ABotnet.m68k
/UR0ABotnet.mips
/UR0ABotnet.mips64
/UR0ABotnet.mipseb
/UR0ABotnet.mipsel
/UR0ABotnet.mpsl
/UR0ABotnet.pcc
/UR0ABotnet.powerpc
/UR0ABotnet.powerpc-440fp
/UR0ABotnet.powerppc
/UR0ABotnet.ppc
/UR0ABotnet.pp-c
/UR0ABotnet.ppc2
/UR0ABotnet.ppc440
/UR0ABotnet.ppc440fp
/UR0ABotnet.root
/UR0ABotnet.root32
/UR0ABotnet.sh
/UR0ABotnet.sh4
/UR0ABotnet.sparc
/UR0ABotnet.spc
/UR0ABotnet.ssh4
/UR0ABotnet.x32
/UR0ABotnet.x32_64
/UR0ABotnet.x64
/UR0ABotnet.x86
/UR0ABotnet.x86_32
/UR0ABotnet.x86_64
/LpKDJb/
/PolezKdhq/

# Reference: https://www.virustotal.com/gui/file/b7d7f88cc72a3cdbef96c3ea503d9bc694ba0280a88347d87a9d5a4e98be0244/detection

189.69.107.176:8281
51.222.110.60:8080
kranskerstuff.kozow.com
/Xlsbs0db3p0ps
/Xlsbs0db3p0sl
/Xlsbs0db3p086
/Xlsbs0db3p0m4
/Xlsbs0db3p0m5
/Xlsbs0db3p0m6
/Xlsbs0db3p0m7
/Xlsbs0db3p0pc
/Xlsbs0db3p08k

# Reference: https://twitter.com/VessOnSecurity/status/1362906047346847744

/juantech.arc
/juantech.arcle-hs38
/juantech.arm
/juantech.arm4
/juantech.arm4l
/juantech.arm4t
/juantech.arm4tl
/juantech.arm4tll
/juantech.arm5
/juantech.arm5l
/juantech.arm5n
/juantech.arm6
/juantech.arm64
/juantech.arm6l
/juantech.arm7
/juantech.arm7l
/juantech.arm8
/juantech.armv4
/juantech.armv4l
/juantech.armv5l
/juantech.armv6
/juantech.armv61
/juantech.armv6l
/juantech.armv7l
/juantech.dbg
/juantech.exploit
/juantech.i4
/juantech.i486
/juantech.i586
/juantech.i6
/juantech.i686
/juantech.kill
/juantech.m68
/juantech.m68k
/juantech.mips
/juantech.mips64
/juantech.mipseb
/juantech.mipsel
/juantech.mpsl
/juantech.pcc
/juantech.powerpc
/juantech.powerpc-440fp
/juantech.powerppc
/juantech.ppc
/juantech.pp-c
/juantech.ppc2
/juantech.ppc440
/juantech.ppc440fp
/juantech.root
/juantech.root32
/juantech.sh
/juantech.sh4
/juantech.sparc
/juantech.spc
/juantech.ssh4
/juantech.x32
/juantech.x32_64
/juantech.x64
/juantech.x86
/juantech.x86_32
/juantech.x86_64
/lolol.arc
/lolol.arcle-hs38
/lolol.arm
/lolol.arm4
/lolol.arm4l
/lolol.arm4t
/lolol.arm4tl
/lolol.arm4tll
/lolol.arm5
/lolol.arm5l
/lolol.arm5n
/lolol.arm6
/lolol.arm64
/lolol.arm6l
/lolol.arm7
/lolol.arm7l
/lolol.arm8
/lolol.armv4
/lolol.armv4l
/lolol.armv5l
/lolol.armv6
/lolol.armv61
/lolol.armv6l
/lolol.armv7l
/lolol.dbg
/lolol.exploit
/lolol.i4
/lolol.i486
/lolol.i586
/lolol.i6
/lolol.i686
/lolol.kill
/lolol.m68
/lolol.m68k
/lolol.mips
/lolol.mips64
/lolol.mipseb
/lolol.mipsel
/lolol.mpsl
/lolol.pcc
/lolol.powerpc
/lolol.powerpc-440fp
/lolol.powerppc
/lolol.ppc
/lolol.pp-c
/lolol.ppc2
/lolol.ppc440
/lolol.ppc440fp
/lolol.root
/lolol.root32
/lolol.sh
/lolol.sh4
/lolol.sparc
/lolol.spc
/lolol.ssh4
/lolol.x32
/lolol.x32_64
/lolol.x64
/lolol.x86
/lolol.x86_32
/lolol.x86_64

# Reference: https://twitter.com/xuy1202/status/1364520461044903937

/PornHub.arc
/PornHub.arcle-hs38
/PornHub.arm
/PornHub.arm4
/PornHub.arm4l
/PornHub.arm4t
/PornHub.arm4tl
/PornHub.arm4tll
/PornHub.arm5
/PornHub.arm5l
/PornHub.arm5n
/PornHub.arm6
/PornHub.arm64
/PornHub.arm6l
/PornHub.arm7
/PornHub.arm7l
/PornHub.arm8
/PornHub.armv4
/PornHub.armv4l
/PornHub.armv5l
/PornHub.armv6
/PornHub.armv61
/PornHub.armv6l
/PornHub.armv7l
/PornHub.dbg
/PornHub.exploit
/PornHub.i4
/PornHub.i486
/PornHub.i586
/PornHub.i6
/PornHub.i686
/PornHub.kill
/PornHub.m68
/PornHub.m68k
/PornHub.mips
/PornHub.mips64
/PornHub.mipseb
/PornHub.mipsel
/PornHub.mpsl
/PornHub.pcc
/PornHub.powerpc
/PornHub.powerpc-440fp
/PornHub.powerppc
/PornHub.ppc
/PornHub.pp-c
/PornHub.ppc2
/PornHub.ppc440
/PornHub.ppc440fp
/PornHub.root
/PornHub.root32
/PornHub.sh
/PornHub.sh4
/PornHub.sparc
/PornHub.spc
/PornHub.ssh4
/PornHub.x32
/PornHub.x32_64
/PornHub.x64
/PornHub.x86
/PornHub.x86_32
/PornHub.x86_64

# Reference: https://blog.netlab.360.com/necro/

aspjobjreorejborer.com
/mirai.arcexport
/mirai.arcle-hs38export
/mirai.armexport
/mirai.arm4export
/mirai.arm4lexport
/mirai.arm4texport
/mirai.arm4tlexport
/mirai.arm4tllexport
/mirai.arm5export
/mirai.arm5lexport
/mirai.arm5nexport
/mirai.arm6export
/mirai.arm64export
/mirai.arm6lexport
/mirai.arm7export
/mirai.arm7lexport
/mirai.arm8export
/mirai.armv4export
/mirai.armv4lexport
/mirai.armv5lexport
/mirai.armv6export
/mirai.armv61export
/mirai.armv6lexport
/mirai.armv7lexport
/mirai.dbgexport
/mirai.exploitexport
/mirai.i4export
/mirai.i486export
/mirai.i586export
/mirai.i6export
/mirai.i686export
/mirai.killexport
/mirai.m68export
/mirai.m68kexport
/mirai.mipsexport
/mirai.mips64export
/mirai.mipsebexport
/mirai.mipselexport
/mirai.mpslexport
/mirai.pccexport
/mirai.powerpcexport
/mirai.powerpc-440fpexport
/mirai.powerppcexport
/mirai.ppcexport
/mirai.pp-cexport
/mirai.ppc2export
/mirai.ppc440export
/mirai.ppc440fpexport
/mirai.rootexport
/mirai.root32export
/mirai.shexport
/mirai.sh4export
/mirai.sparcexport
/mirai.spcexport
/mirai.ssh4export
/mirai.x32export
/mirai.x32_64export
/mirai.x64export
/mirai.x86export
/mirai.x86_32export
/mirai.x86_64export
/necr0.py

# Reference: https://twitter.com/r3dbU7z/status/1364545491984343040
# Reference: https://blog.netlab.360.com/gafgtyt_tor-and-necro-are-on-the-move-again/
# Reference: https://otx.alienvault.com/pulse/60425b0ab6820770fa97dae3

/IObeENwjarc
/IObeENwjarcle-hs38
/IObeENwjarm
/IObeENwjarm4
/IObeENwjarm4l
/IObeENwjarm4t
/IObeENwjarm4tl
/IObeENwjarm4tll
/IObeENwjarm5
/IObeENwjarm5l
/IObeENwjarm5n
/IObeENwjarm6
/IObeENwjarm64
/IObeENwjarm6l
/IObeENwjarm7
/IObeENwjarm7l
/IObeENwjarm8
/IObeENwjarmv4
/IObeENwjarmv4l
/IObeENwjarmv5l
/IObeENwjarmv6
/IObeENwjarmv61
/IObeENwjarmv6l
/IObeENwjarmv7l
/IObeENwjbsd
/IObeENwjdbg
/IObeENwjexploit
/IObeENwji4
/IObeENwji486
/IObeENwji586
/IObeENwji6
/IObeENwji686
/IObeENwjkill
/IObeENwjm68
/IObeENwjm68k
/IObeENwjmips
/IObeENwjmips64
/IObeENwjmipseb
/IObeENwjmipsel
/IObeENwjmpsl
/IObeENwjpcc
/IObeENwjpowerpc
/IObeENwjpowerpc-440fp
/IObeENwjpowerppc
/IObeENwjpp-c
/IObeENwjppc
/IObeENwjppc2
/IObeENwjppc440
/IObeENwjppc440fp
/IObeENwjroot
/IObeENwjroot32
/IObeENwjsh
/IObeENwjsh4
/IObeENwjsparc
/IObeENwjspc
/IObeENwjssh4
/IObeENwjx32
/IObeENwjx32_64
/IObeENwjx64
/IObeENwjx86
/IObeENwjx86_32
/IObeENwjx86_64
/lPxdChtp3zarc
/lPxdChtp3zarcle-hs38
/lPxdChtp3zarm
/lPxdChtp3zarm4
/lPxdChtp3zarm4l
/lPxdChtp3zarm4t
/lPxdChtp3zarm4tl
/lPxdChtp3zarm4tll
/lPxdChtp3zarm5
/lPxdChtp3zarm5l
/lPxdChtp3zarm5n
/lPxdChtp3zarm6
/lPxdChtp3zarm64
/lPxdChtp3zarm6l
/lPxdChtp3zarm7
/lPxdChtp3zarm7l
/lPxdChtp3zarm8
/lPxdChtp3zarmv4
/lPxdChtp3zarmv4l
/lPxdChtp3zarmv5l
/lPxdChtp3zarmv6
/lPxdChtp3zarmv61
/lPxdChtp3zarmv6l
/lPxdChtp3zarmv7l
/lPxdChtp3zbsd
/lPxdChtp3zdbg
/lPxdChtp3zexploit
/lPxdChtp3zi4
/lPxdChtp3zi486
/lPxdChtp3zi586
/lPxdChtp3zi6
/lPxdChtp3zi686
/lPxdChtp3zkill
/lPxdChtp3zm68
/lPxdChtp3zm68k
/lPxdChtp3zmips
/lPxdChtp3zmips64
/lPxdChtp3zmipseb
/lPxdChtp3zmipsel
/lPxdChtp3zmpsl
/lPxdChtp3zpcc
/lPxdChtp3zpowerpc
/lPxdChtp3zpowerpc-440fp
/lPxdChtp3zpowerppc
/lPxdChtp3zpp-c
/lPxdChtp3zppc
/lPxdChtp3zppc2
/lPxdChtp3zppc-440fp
/lPxdChtp3zppc440
/lPxdChtp3zppc440fp
/lPxdChtp3zroot
/lPxdChtp3zroot32
/lPxdChtp3zsh
/lPxdChtp3zsh4
/lPxdChtp3zsparc
/lPxdChtp3zspc
/lPxdChtp3zssh4
/lPxdChtp3zx32
/lPxdChtp3zx32_64
/lPxdChtp3zx64
/lPxdChtp3zx86
/lPxdChtp3zx86_32
/lPxdChtp3zx86_64
/S1eJ3/

# Reference: https://twitter.com/LGEmpathy/status/1366321018340478976

/x-8.6-.GHOUL
/x-8.6-.ISIS
/x-8.6-.KINO
/x-8.6-.Sakura
/x-8.6-.Servers420
/puto.arc
/puto.arcle-hs38
/puto.arm
/puto.arm4
/puto.arm4l
/puto.arm4t
/puto.arm4tl
/puto.arm4tll
/puto.arm5
/puto.arm5l
/puto.arm5n
/puto.arm6
/puto.arm64
/puto.arm6l
/puto.arm7
/puto.arm7l
/puto.arm8
/puto.armv4
/puto.armv4l
/puto.armv5l
/puto.armv6
/puto.armv61
/puto.armv6l
/puto.armv7l
/puto.dbg
/puto.exploit
/puto.i4
/puto.i486
/puto.i586
/puto.i6
/puto.i686
/puto.kill
/puto.m68
/puto.m68k
/puto.mips
/puto.mips64
/puto.mipseb
/puto.mipsel
/puto.mpsl
/puto.pcc
/puto.powerpc
/puto.powerpc-440fp
/puto.powerppc
/puto.ppc
/puto.pp-c
/puto.ppc2
/puto.ppc440
/puto.ppc440fp
/puto.root
/puto.root32
/puto.sh
/puto.sh4
/puto.sparc
/puto.spc
/puto.ssh4
/puto.x32
/puto.x32_64
/puto.x64
/puto.x86
/puto.x86_32
/puto.x86_64
/world.arc
/world.arcle-hs38
/world.arm
/world.arm4
/world.arm4l
/world.arm4t
/world.arm4tl
/world.arm4tll
/world.arm5
/world.arm5l
/world.arm5n
/world.arm6
/world.arm64
/world.arm6l
/world.arm7
/world.arm7l
/world.arm8
/world.armv4
/world.armv4l
/world.armv5l
/world.armv6
/world.armv61
/world.armv6l
/world.armv7l
/world.dbg
/world.exploit
/world.i4
/world.i486
/world.i586
/world.i6
/world.i686
/world.kill
/world.m68
/world.m68k
/world.mips
/world.mips64
/world.mipseb
/world.mipsel
/world.mpsl
/world.pcc
/world.powerpc
/world.powerpc-440fp
/world.powerppc
/world.ppc
/world.pp-c
/world.ppc2
/world.ppc440
/world.ppc440fp
/world.root
/world.root32
/world.sh
/world.sh4
/world.sparc
/world.spc
/world.ssh4
/world.x32
/world.x32_64
/world.x64
/world.x86
/world.x86_32
/world.x86_64
/aGVsbG8K/

# Reference: https://www.virustotal.com/gui/file/22818ae75823ee5807d5d220500eb9d5829927d57e10ce87312d1c22843fb407/detection

198.23.238.203:5684

# Reference: https://www.virustotal.com/gui/file/710491b557d615a53831a326be1db8afa646c2b426c65f49a5cc982e53c1ad85/detection

83.166.241.216:49343

# Reference: https://twitter.com/malwrhunterteam/status/1566860788060622848
# Reference: https://blog.netlab.360.com/new_threat_zhtrap_botnet_en/
# Reference: https://otx.alienvault.com/pulse/604bcd7fe31c2632fb89a994
# Reference: https://www.virustotal.com/gui/file/f8cfe0ee3cd0ec5e09211a22df7dbf0875d23c9c80cc6583814d01c446428825/detection

107.189.30.190:1282
107.189.30.190:2231
139.99.134.95:9095
142.93.247.244:9050
144.217.243.21:9095
147.135.208.44:9095
167.114.185.33:9095
198.245.53.58:9095
35.224.206.221:9217
46.101.61.9:9050
51.178.54.234:9095
51.79.157.89:9095
66.70.188.235:9095
0xdeadbeef.tw
2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
h5vwy6o32sdcsa5xurde35dqw5sf3cdsoeewqqxmhoyzsvar4u6ooead.onion
oemojwe5loscudytzfo273nkdvalf7mumctwcm42zyutoo6tpfjsphyd.onion

# Reference: https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/
# Reference: https://otx.alienvault.com/pulse/6128ab83dd6afb43c954bcd9

iotlmao.xyz
lmaoiot.xyz
/nbrute.arc
/nbrute.arcle-hs38
/nbrute.arm
/nbrute.arm4
/nbrute.arm4l
/nbrute.arm4t
/nbrute.arm4tl
/nbrute.arm4tll
/nbrute.arm5
/nbrute.arm5l
/nbrute.arm5n
/nbrute.arm6
/nbrute.arm64
/nbrute.arm6l
/nbrute.arm7
/nbrute.arm7l
/nbrute.arm8
/nbrute.armv4
/nbrute.armv4l
/nbrute.armv5l
/nbrute.armv6
/nbrute.armv61
/nbrute.armv6l
/nbrute.armv7l
/nbrute.dbg
/nbrute.exploit
/nbrute.i4
/nbrute.i486
/nbrute.i586
/nbrute.i6
/nbrute.i686
/nbrute.kill
/nbrute.m68
/nbrute.m68k
/nbrute.mips
/nbrute.mips64
/nbrute.mipseb
/nbrute.mipsel
/nbrute.mpsl
/nbrute.pcc
/nbrute.powerpc
/nbrute.powerpc-440fp
/nbrute.powerppc
/nbrute.ppc
/nbrute.pp-c
/nbrute.ppc2
/nbrute.ppc440
/nbrute.ppc440fp
/nbrute.root
/nbrute.root32
/nbrute.sh
/nbrute.sh4
/nbrute.sparc
/nbrute.spc
/nbrute.ssh4
/nbrute.x32
/nbrute.x32_64
/nbrute.x64
/nbrute.x86
/nbrute.x86_32
/nbrute.x86_64

# Reference: https://twitter.com/TheDFIRReport/status/1384282544695177221

/a-r.m-4.fuckme
/a-r.m-5.fuckme
/a-r.m-6.fuckme
/a-r.m-7.fuckme
/i-3.8-6.fuckme
/i-4.8-6.fuckme
/i-5.8-6.fuckme
/i-6.8-6.fuckme
/m-6.8-k.fuckme
/m-i.p-s.fuckme
/m-p.s-l.fuckme
/p-p.c-.fuckme
/s-h.4-.fuckme
/x-3.2-.fuckme
/x-8.6-.fuckme
/imightbegay.sh

# Reference: https://twitter.com/0xrb/status/1387016807496577024

/94VG.arc
/94VG.arcle-hs38
/94VG.arm
/94VG.arm4
/94VG.arm4l
/94VG.arm4t
/94VG.arm4tl
/94VG.arm4tll
/94VG.arm5
/94VG.arm5l
/94VG.arm5n
/94VG.arm6
/94VG.arm64
/94VG.arm6l
/94VG.arm7
/94VG.arm7l
/94VG.arm8
/94VG.armv4
/94VG.armv4l
/94VG.armv5l
/94VG.armv6
/94VG.armv61
/94VG.armv6l
/94VG.armv7l
/94VG.dbg
/94VG.exploit
/94VG.i4
/94VG.i486
/94VG.i586
/94VG.i6
/94VG.i686
/94VG.kill
/94VG.m68
/94VG.m68k
/94VG.mips
/94VG.mips64
/94VG.mipseb
/94VG.mipsel
/94VG.mpsl
/94VG.pcc
/94VG.powerpc
/94VG.powerpc-440fp
/94VG.powerppc
/94VG.ppc
/94VG.pp-c
/94VG.ppc2
/94VG.ppc440
/94VG.ppc440fp
/94VG.root
/94VG.root32
/94VG.sh
/94VG.sh4
/94VG.sparc
/94VG.spc
/94VG.ssh4
/94VG.x32
/94VG.x32_64
/94VG.x64
/94VG.x86
/94VG.x86_32
/94VG.x86_64
/Acidbins.arc
/Acidbins.arcle-hs38
/Acidbins.arm
/Acidbins.arm4
/Acidbins.arm4l
/Acidbins.arm4t
/Acidbins.arm4tl
/Acidbins.arm4tll
/Acidbins.arm5
/Acidbins.arm5l
/Acidbins.arm5n
/Acidbins.arm6
/Acidbins.arm64
/Acidbins.arm6l
/Acidbins.arm7
/Acidbins.arm7l
/Acidbins.arm8
/Acidbins.armv4
/Acidbins.armv4l
/Acidbins.armv5l
/Acidbins.armv6
/Acidbins.armv61
/Acidbins.armv6l
/Acidbins.armv7l
/Acidbins.dbg
/Acidbins.exploit
/Acidbins.i4
/Acidbins.i486
/Acidbins.i586
/Acidbins.i6
/Acidbins.i686
/Acidbins.kill
/Acidbins.m68
/Acidbins.m68k
/Acidbins.mips
/Acidbins.mips64
/Acidbins.mipseb
/Acidbins.mipsel
/Acidbins.mpsl
/Acidbins.pcc
/Acidbins.powerpc
/Acidbins.powerpc-440fp
/Acidbins.powerppc
/Acidbins.ppc
/Acidbins.pp-c
/Acidbins.ppc2
/Acidbins.ppc440
/Acidbins.ppc440fp
/Acidbins.root
/Acidbins.root32
/Acidbins.sh
/Acidbins.sh4
/Acidbins.sparc
/Acidbins.spc
/Acidbins.ssh4
/Acidbins.x32
/Acidbins.x32_64
/Acidbins.x64
/Acidbins.x86
/Acidbins.x86_32
/Acidbins.x86_64
/Beastmode.arc
/Beastmode.arcle-hs38
/Beastmode.arm
/Beastmode.arm4
/Beastmode.arm4l
/Beastmode.arm4t
/Beastmode.arm4tl
/Beastmode.arm4tll
/Beastmode.arm5
/Beastmode.arm5l
/Beastmode.arm5n
/Beastmode.arm6
/Beastmode.arm64
/Beastmode.arm6l
/Beastmode.arm7
/Beastmode.arm7l
/Beastmode.arm8
/Beastmode.armv4
/Beastmode.armv4l
/Beastmode.armv5l
/Beastmode.armv6
/Beastmode.armv61
/Beastmode.armv6l
/Beastmode.armv7l
/Beastmode.dbg
/Beastmode.exploit
/Beastmode.i4
/Beastmode.i486
/Beastmode.i586
/Beastmode.i6
/Beastmode.i686
/Beastmode.kill
/Beastmode.m68
/Beastmode.m68k
/Beastmode.mips
/Beastmode.mips64
/Beastmode.mipseb
/Beastmode.mipsel
/Beastmode.mpsl
/Beastmode.pcc
/Beastmode.powerpc
/Beastmode.powerpc-440fp
/Beastmode.powerppc
/Beastmode.ppc
/Beastmode.pp-c
/Beastmode.ppc2
/Beastmode.ppc440
/Beastmode.ppc440fp
/Beastmode.root
/Beastmode.root32
/Beastmode.sh
/Beastmode.sh4
/Beastmode.sparc
/Beastmode.spc
/Beastmode.ssh4
/Beastmode.x32
/Beastmode.x32_64
/Beastmode.x64
/Beastmode.x86
/Beastmode.x86_32
/Beastmode.x86_64
/Beastmode1.arc
/Beastmode1.arcle-hs38
/Beastmode1.arm
/Beastmode1.arm4
/Beastmode1.arm4l
/Beastmode1.arm4t
/Beastmode1.arm4tl
/Beastmode1.arm4tll
/Beastmode1.arm5
/Beastmode1.arm5l
/Beastmode1.arm5n
/Beastmode1.arm6
/Beastmode1.arm64
/Beastmode1.arm6l
/Beastmode1.arm7
/Beastmode1.arm7l
/Beastmode1.arm8
/Beastmode1.armv4
/Beastmode1.armv4l
/Beastmode1.armv5l
/Beastmode1.armv6
/Beastmode1.armv61
/Beastmode1.armv6l
/Beastmode1.armv7l
/Beastmode1.dbg
/Beastmode1.exploit
/Beastmode1.i4
/Beastmode1.i486
/Beastmode1.i586
/Beastmode1.i6
/Beastmode1.i686
/Beastmode1.kill
/Beastmode1.m68
/Beastmode1.m68k
/Beastmode1.mips
/Beastmode1.mips64
/Beastmode1.mipseb
/Beastmode1.mipsel
/Beastmode1.mpsl
/Beastmode1.pcc
/Beastmode1.powerpc
/Beastmode1.powerpc-440fp
/Beastmode1.powerppc
/Beastmode1.ppc
/Beastmode1.pp-c
/Beastmode1.ppc2
/Beastmode1.ppc440
/Beastmode1.ppc440fp
/Beastmode1.root
/Beastmode1.root32
/Beastmode1.sh
/Beastmode1.sh4
/Beastmode1.sparc
/Beastmode1.spc
/Beastmode1.ssh4
/Beastmode1.x32
/Beastmode1.x32_64
/Beastmode1.x64
/Beastmode1.x86
/Beastmode1.x86_32
/Beastmode1.x86_64
/Ciabins.arc
/Ciabins.arcle-hs38
/Ciabins.arm
/Ciabins.arm4
/Ciabins.arm4l
/Ciabins.arm4t
/Ciabins.arm4tl
/Ciabins.arm4tll
/Ciabins.arm5
/Ciabins.arm5l
/Ciabins.arm5n
/Ciabins.arm6
/Ciabins.arm64
/Ciabins.arm6l
/Ciabins.arm7
/Ciabins.arm7l
/Ciabins.arm8
/Ciabins.armv4
/Ciabins.armv4l
/Ciabins.armv5l
/Ciabins.armv6
/Ciabins.armv61
/Ciabins.armv6l
/Ciabins.armv7l
/Ciabins.dbg
/Ciabins.exploit
/Ciabins.i4
/Ciabins.i486
/Ciabins.i586
/Ciabins.i6
/Ciabins.i686
/Ciabins.kill
/Ciabins.m68
/Ciabins.m68k
/Ciabins.mips
/Ciabins.mips64
/Ciabins.mipseb
/Ciabins.mipsel
/Ciabins.mpsl
/Ciabins.pcc
/Ciabins.powerpc
/Ciabins.powerpc-440fp
/Ciabins.powerppc
/Ciabins.ppc
/Ciabins.pp-c
/Ciabins.ppc2
/Ciabins.ppc440
/Ciabins.ppc440fp
/Ciabins.root
/Ciabins.root32
/Ciabins.sh
/Ciabins.sh4
/Ciabins.sparc
/Ciabins.spc
/Ciabins.ssh4
/Ciabins.x32
/Ciabins.x32_64
/Ciabins.x64
/Ciabins.x86
/Ciabins.x86_32
/Ciabins.x86_64
/netlab601.arc
/netlab601.arcle-hs38
/netlab601.arm
/netlab601.arm4
/netlab601.arm4l
/netlab601.arm4t
/netlab601.arm4tl
/netlab601.arm4tll
/netlab601.arm5
/netlab601.arm5l
/netlab601.arm5n
/netlab601.arm6
/netlab601.arm64
/netlab601.arm6l
/netlab601.arm7
/netlab601.arm7l
/netlab601.arm8
/netlab601.armv4
/netlab601.armv4l
/netlab601.armv5l
/netlab601.armv6
/netlab601.armv61
/netlab601.armv6l
/netlab601.armv7l
/netlab601.dbg
/netlab601.exploit
/netlab601.i4
/netlab601.i486
/netlab601.i586
/netlab601.i6
/netlab601.i686
/netlab601.kill
/netlab601.m68
/netlab601.m68k
/netlab601.mips
/netlab601.mips64
/netlab601.mipseb
/netlab601.mipsel
/netlab601.mpsl
/netlab601.pcc
/netlab601.powerpc
/netlab601.powerpc-440fp
/netlab601.powerppc
/netlab601.ppc
/netlab601.pp-c
/netlab601.ppc2
/netlab601.ppc440
/netlab601.ppc440fp
/netlab601.root
/netlab601.root32
/netlab601.sh
/netlab601.sh4
/netlab601.sparc
/netlab601.spc
/netlab601.ssh4
/netlab601.x32
/netlab601.x32_64
/netlab601.x64
/netlab601.x86
/netlab601.x86_32
/netlab601.x86_64
/networkrip.arc
/networkrip.arcle-hs38
/networkrip.arm
/networkrip.arm4
/networkrip.arm4l
/networkrip.arm4t
/networkrip.arm4tl
/networkrip.arm4tll
/networkrip.arm5
/networkrip.arm5l
/networkrip.arm5n
/networkrip.arm6
/networkrip.arm64
/networkrip.arm6l
/networkrip.arm7
/networkrip.arm7l
/networkrip.arm8
/networkrip.armv4
/networkrip.armv4l
/networkrip.armv5l
/networkrip.armv6
/networkrip.armv61
/networkrip.armv6l
/networkrip.armv7l
/networkrip.dbg
/networkrip.exploit
/networkrip.i4
/networkrip.i486
/networkrip.i586
/networkrip.i6
/networkrip.i686
/networkrip.kill
/networkrip.m68
/networkrip.m68k
/networkrip.mips
/networkrip.mips64
/networkrip.mipseb
/networkrip.mipsel
/networkrip.mpsl
/networkrip.pcc
/networkrip.powerpc
/networkrip.powerpc-440fp
/networkrip.powerppc
/networkrip.ppc
/networkrip.pp-c
/networkrip.ppc2
/networkrip.ppc440
/networkrip.ppc440fp
/networkrip.root
/networkrip.root32
/networkrip.sh
/networkrip.sh4
/networkrip.sparc
/networkrip.spc
/networkrip.ssh4
/networkrip.x32
/networkrip.x32_64
/networkrip.x64
/networkrip.x86
/networkrip.x86_32
/networkrip.x86_64
/Sakura.arc
/Sakura.arcle-hs38
/Sakura.arm
/Sakura.arm4
/Sakura.arm4l
/Sakura.arm4t
/Sakura.arm4tl
/Sakura.arm4tll
/Sakura.arm5
/Sakura.arm5l
/Sakura.arm5n
/Sakura.arm6
/Sakura.arm64
/Sakura.arm6l
/Sakura.arm7
/Sakura.arm7l
/Sakura.arm8
/Sakura.armv4
/Sakura.armv4l
/Sakura.armv5l
/Sakura.armv6
/Sakura.armv61
/Sakura.armv6l
/Sakura.armv7l
/Sakura.dbg
/Sakura.exploit
/Sakura.i4
/Sakura.i486
/Sakura.i586
/Sakura.i6
/Sakura.i686
/Sakura.kill
/Sakura.m68
/Sakura.m68k
/Sakura.mips
/Sakura.mips64
/Sakura.mipseb
/Sakura.mipsel
/Sakura.mpsl
/Sakura.pcc
/Sakura.powerpc
/Sakura.powerpc-440fp
/Sakura.powerppc
/Sakura.ppc
/Sakura.pp-c
/Sakura.ppc2
/Sakura.ppc440
/Sakura.ppc440fp
/Sakura.root
/Sakura.root32
/Sakura.sh
/Sakura.sh4
/Sakura.sparc
/Sakura.spc
/Sakura.ssh4
/Sakura.x32
/Sakura.x32_64
/Sakura.x64
/Sakura.x86
/Sakura.x86_32
/Sakura.x86_64
/trynagetmybinsfucker98575.arc
/trynagetmybinsfucker98575.arcle-hs38
/trynagetmybinsfucker98575.arm
/trynagetmybinsfucker98575.arm4
/trynagetmybinsfucker98575.arm4l
/trynagetmybinsfucker98575.arm4t
/trynagetmybinsfucker98575.arm4tl
/trynagetmybinsfucker98575.arm4tll
/trynagetmybinsfucker98575.arm5
/trynagetmybinsfucker98575.arm5l
/trynagetmybinsfucker98575.arm5n
/trynagetmybinsfucker98575.arm6
/trynagetmybinsfucker98575.arm64
/trynagetmybinsfucker98575.arm6l
/trynagetmybinsfucker98575.arm7
/trynagetmybinsfucker98575.arm7l
/trynagetmybinsfucker98575.arm8
/trynagetmybinsfucker98575.armv4
/trynagetmybinsfucker98575.armv4l
/trynagetmybinsfucker98575.armv5l
/trynagetmybinsfucker98575.armv6
/trynagetmybinsfucker98575.armv61
/trynagetmybinsfucker98575.armv6l
/trynagetmybinsfucker98575.armv7l
/trynagetmybinsfucker98575.dbg
/trynagetmybinsfucker98575.exploit
/trynagetmybinsfucker98575.i4
/trynagetmybinsfucker98575.i486
/trynagetmybinsfucker98575.i586
/trynagetmybinsfucker98575.i6
/trynagetmybinsfucker98575.i686
/trynagetmybinsfucker98575.kill
/trynagetmybinsfucker98575.m68
/trynagetmybinsfucker98575.m68k
/trynagetmybinsfucker98575.mips
/trynagetmybinsfucker98575.mips64
/trynagetmybinsfucker98575.mipseb
/trynagetmybinsfucker98575.mipsel
/trynagetmybinsfucker98575.mpsl
/trynagetmybinsfucker98575.pcc
/trynagetmybinsfucker98575.powerpc
/trynagetmybinsfucker98575.powerpc-440fp
/trynagetmybinsfucker98575.powerppc
/trynagetmybinsfucker98575.ppc
/trynagetmybinsfucker98575.pp-c
/trynagetmybinsfucker98575.ppc2
/trynagetmybinsfucker98575.ppc440
/trynagetmybinsfucker98575.ppc440fp
/trynagetmybinsfucker98575.root
/trynagetmybinsfucker98575.root32
/trynagetmybinsfucker98575.sh
/trynagetmybinsfucker98575.sh4
/trynagetmybinsfucker98575.sparc
/trynagetmybinsfucker98575.spc
/trynagetmybinsfucker98575.ssh4
/trynagetmybinsfucker98575.x32
/trynagetmybinsfucker98575.x32_64
/trynagetmybinsfucker98575.x64
/trynagetmybinsfucker98575.x86
/trynagetmybinsfucker98575.x86_32
/trynagetmybinsfucker98575.x86_64
/.x/0sh
/.x/1sh
/.x/2sh
/.x/3sh
/.x/4sh
/.x/5sh
/.x/6sh
/.x/7sh
/.x/8sh
/.x/9sh
/katanaslice/
/kbotv1/

# Reference: https://twitter.com/r3dbU7z/status/1387043676380041227

/@a@r@c
/@a@r@c@l@e@-@h@s@3@8
/@a@r@m
/@a@r@m4
/@a@r@m@4@l
/@a@r@m4@t
/@a@r@m4@t@l
/@a@r@m4t@l@l
/@a@r@m@5
/@a@r@m@5@l
/@a@r@m@5@n
/@a@r@m@6
/@a@r@m@6@4
/@a@r@m@6@l
/@a@r@m@7
/@a@r@m@7@l
/@a@r@m@8
/@a@r@m@v@4
/@a@r@m@v@4@l
/@a@r@m@v@5@l
/@a@r@m@v@6
/@a@r@mv@6@1
/@a@r@m@v@6@l
/@a@r@m@v@7@l
/@d@b@g
/@e@x@p@l@o@i@t
/@i@4
/@i4@8@6
/@i@5@8@6
/@i@6
/@i@6@8@6
/@k@i@l@l
/@m@6@8
/@m@6@8@k
/@m@i@p@s
/@m@i@p@s@6@4
/@m@i@p@s@e@b
/@m@i@p@s@e@l
/@m@p@s@l
/@p@c@c
/@p@o@w@e@r@p@c
/@p@o@w@e@r@p@c@-@4@4@0@f@p
/@p@o@w@e@r@p@p@c
/@p@p@c
/@p@p@-@c
/@p@p@c@2
/@p@p@c@4@4@0
/@p@p@c@4@4@0@f@p
/@r@o@o@t
/@r@o@o@t@3@2
/@s@h
/@s@h@4
/@s@p@a@r@c
/@s@p@c
/@s@s@h@4
/@x@3@2
/@x@3@2@_@6@4
/@x@6@4
/@x@8@6
/@x@8@6@_@3@2
/@x@8@6@_@6@4

# Reference: https://twitter.com/liuya0904/status/1387405981533892608

/sys.arc
/sys.arcle-hs38
/sys.arm
/sys.arm4
/sys.arm4l
/sys.arm4t
/sys.arm4tl
/sys.arm4tll
/sys.arm5
/sys.arm5l
/sys.arm5n
/sys.arm6
/sys.arm64
/sys.arm6l
/sys.arm7
/sys.arm7l
/sys.arm8
/sys.armv4
/sys.armv4l
/sys.armv5l
/sys.armv6
/sys.armv61
/sys.armv6l
/sys.armv7l
/sys.dbg
/sys.exploit
/sys.i4
/sys.i486
/sys.i586
/sys.i6
/sys.i686
/sys.kill
/sys.m68
/sys.m68k
/sys.mips
/sys.mips64
/sys.mipseb
/sys.mipsel
/sys.mpsl
/sys.pcc
/sys.powerpc
/sys.powerpc-440fp
/sys.powerppc
/sys.ppc
/sys.pp-c
/sys.ppc2
/sys.ppc440
/sys.ppc440fp
/sys.root
/sys.root32
/sys.sh
/sys.sh4
/sys.sparc
/sys.spc
/sys.ssh4
/sys.x32
/sys.x32_64
/sys.x64
/sys.x86
/sys.x86_32
/sys.x86_64

# Reference: https://twitter.com/michalmalik/status/1387899434885910531
# Reference: https://www.virustotal.com/gui/file/9877bc77f19656aaf04ec98f5e88fc88b9986facfaca02c91033fe575b28a1de/detection

75.119.157.188:77

# Reference: https://twitter.com/r3dbU7z/status/1387371207096422403

/sexbot.arc
/sexbot.arcle-hs38
/sexbot.arm
/sexbot.arm4
/sexbot.arm4l
/sexbot.arm4t
/sexbot.arm4tl
/sexbot.arm4tll
/sexbot.arm5
/sexbot.arm5l
/sexbot.arm5n
/sexbot.arm6
/sexbot.arm64
/sexbot.arm6l
/sexbot.arm7
/sexbot.arm7l
/sexbot.arm8
/sexbot.armv4
/sexbot.armv4l
/sexbot.armv5l
/sexbot.armv6
/sexbot.armv61
/sexbot.armv6l
/sexbot.armv7l
/sexbot.dbg
/sexbot.exploit
/sexbot.i4
/sexbot.i486
/sexbot.i586
/sexbot.i6
/sexbot.i686
/sexbot.kill
/sexbot.m68
/sexbot.m68k
/sexbot.mips
/sexbot.mips64
/sexbot.mipseb
/sexbot.mipsel
/sexbot.mpsl
/sexbot.pcc
/sexbot.powerpc
/sexbot.powerpc-440fp
/sexbot.powerppc
/sexbot.ppc
/sexbot.pp-c
/sexbot.ppc2
/sexbot.ppc440
/sexbot.ppc440fp
/sexbot.root
/sexbot.root32
/sexbot.sh
/sexbot.sh4
/sexbot.sparc
/sexbot.spc
/sexbot.ssh4
/sexbot.x32
/sexbot.x32_64
/sexbot.x64
/sexbot.x86
/sexbot.x86_32
/sexbot.x86_64

# Reference: https://twitter.com/r3dbU7z/status/1389755683009175553

12dx.duckdns.org
13scan.duckdns.org
/KKveTTgaAAsecNNaaaa.arc
/KKveTTgaAAsecNNaaaa.arcle-hs38
/KKveTTgaAAsecNNaaaa.arm
/KKveTTgaAAsecNNaaaa.arm4
/KKveTTgaAAsecNNaaaa.arm4l
/KKveTTgaAAsecNNaaaa.arm4t
/KKveTTgaAAsecNNaaaa.arm4tl
/KKveTTgaAAsecNNaaaa.arm4tll
/KKveTTgaAAsecNNaaaa.arm5
/KKveTTgaAAsecNNaaaa.arm5l
/KKveTTgaAAsecNNaaaa.arm5n
/KKveTTgaAAsecNNaaaa.arm6
/KKveTTgaAAsecNNaaaa.arm64
/KKveTTgaAAsecNNaaaa.arm6l
/KKveTTgaAAsecNNaaaa.arm7
/KKveTTgaAAsecNNaaaa.arm7l
/KKveTTgaAAsecNNaaaa.arm8
/KKveTTgaAAsecNNaaaa.armv4
/KKveTTgaAAsecNNaaaa.armv4l
/KKveTTgaAAsecNNaaaa.armv5l
/KKveTTgaAAsecNNaaaa.armv6
/KKveTTgaAAsecNNaaaa.armv61
/KKveTTgaAAsecNNaaaa.armv6l
/KKveTTgaAAsecNNaaaa.armv7l
/KKveTTgaAAsecNNaaaa.dbg
/KKveTTgaAAsecNNaaaa.exploit
/KKveTTgaAAsecNNaaaa.i4
/KKveTTgaAAsecNNaaaa.i486
/KKveTTgaAAsecNNaaaa.i586
/KKveTTgaAAsecNNaaaa.i6
/KKveTTgaAAsecNNaaaa.i686
/KKveTTgaAAsecNNaaaa.kill
/KKveTTgaAAsecNNaaaa.m68
/KKveTTgaAAsecNNaaaa.m68k
/KKveTTgaAAsecNNaaaa.mips
/KKveTTgaAAsecNNaaaa.mips64
/KKveTTgaAAsecNNaaaa.mipseb
/KKveTTgaAAsecNNaaaa.mipsel
/KKveTTgaAAsecNNaaaa.mpsl
/KKveTTgaAAsecNNaaaa.pcc
/KKveTTgaAAsecNNaaaa.powerpc
/KKveTTgaAAsecNNaaaa.powerpc-440fp
/KKveTTgaAAsecNNaaaa.powerppc
/KKveTTgaAAsecNNaaaa.ppc
/KKveTTgaAAsecNNaaaa.pp-c
/KKveTTgaAAsecNNaaaa.ppc2
/KKveTTgaAAsecNNaaaa.ppc440
/KKveTTgaAAsecNNaaaa.ppc440fp
/KKveTTgaAAsecNNaaaa.root
/KKveTTgaAAsecNNaaaa.root32
/KKveTTgaAAsecNNaaaa.sh
/KKveTTgaAAsecNNaaaa.sh4
/KKveTTgaAAsecNNaaaa.sparc
/KKveTTgaAAsecNNaaaa.spc
/KKveTTgaAAsecNNaaaa.ssh4
/KKveTTgaAAsecNNaaaa.x32
/KKveTTgaAAsecNNaaaa.x32_64
/KKveTTgaAAsecNNaaaa.x64
/KKveTTgaAAsecNNaaaa.x86
/KKveTTgaAAsecNNaaaa.x86_32
/KKveTTgaAAsecNNaaaa.x86_64

# Reference: https://www.virustotal.com/gui/file/2cfb12cdd15814967c2899d02c20b77735e64883750f909b2d578d0634976c7c/detection

175.153.16.107:23
175.153.16.107:2323
175.153.16.107:52869
175.153.16.107:5418
175.153.16.107:8080

# Reference: https://www.virustotal.com/gui/file/6ec7ea0e067e09b612ff560ecda8471ca925102d2870ba062e1122bd4672852d/detection

170.31.203.74:23
170.31.203.74:2323
170.31.203.74:52869
170.31.203.74:5418
170.31.203.74:8080

# Reference: https://www.virustotal.com/gui/file/2e384f5d79017dd5b600b2a27e25bb85e56376afc6a7d18a58b3a62fa680ce02/detection

126.95.249.26:23
126.95.249.26:2323
126.95.249.26:36063

# Reference: https://www.virustotal.com/gui/file/1b6c42879b45cbe4417d7922a1247699279e8a1817c86696b109cfa4c48dea85/detection

206.78.239.143:23
206.78.239.143:2323
206.78.239.143:36063

# Reference: https://www.virustotal.com/gui/file/26037e06149bf2d241ab03cc4166a7e688e5f6c5e798d50c533e5b24b0bda3cd/detection

14.141.236.143:23
14.141.236.143:2323
14.141.236.143:36063

# Reference: https://www.virustotal.com/gui/file/9391531825fbdf39b8682870d1afc91ec8d03edb634df92b426cfdd296c126b3/detection

116.15.150.89:37215
116.15.150.89:36063

# Reference: https://www.virustotal.com/gui/file/d3cda4e42767e727ce240938f886e796951fe9bcc73a7a59f69cd3394e78a018/detection

124.55.206.62:23
124.55.206.62:37215
217.32.184.99:23
217.32.184.99:37215

# Reference: https://www.virustotal.com/gui/file/e6702389165aa1e4859fc380eef3a699c8c31e57ddd1c6f014d299dc0859c855/detection

117.154.167.218:23
117.154.167.218:2323
117.154.167.218:36063

# Reference: https://www.virustotal.com/gui/file/fe91343a13ef9bcad6e1e3a3ff4dbd11bc33676b6ba8511dd026b57c2ff10199/detection
# Reference: https://www.virustotal.com/gui/file/7c2101c124d0d6c1b555ac2da1082f40df13d4466b654cb540c24622c3cb1cba/detection
# Reference: https://www.virustotal.com/gui/file/59d322c8e85b815019d8ebc79f4b30c937dc5f67ec4939d9e8e901152ce7cbaf/detection
# Reference: https://www.virustotal.com/gui/file/6f496bfaa128c17ee69052a411670b54984e887325ec507d09bc5c141f0c2f87/detection
# Reference: https://www.virustotal.com/gui/file/78b6d223f22ed8bf2b628b308eed80a641d415c8a73fdb31994607f3e5e1b570/detection
# Reference: https://www.virustotal.com/gui/file/8e890d30b75a78750788b8d98054f0cf19ac3d2296307c2e7392c1b89c782bc8/detection

169.100.80.59:36063
169.174.78.238:36063
178.21.194.250:36063
178.98.207.229:36063
178.49.244.166:36063
218.236.135.145:36063
happyschool76.duckdns.org

# Reference: https://twitter.com/K_N1kolenko/status/1390550102843043840

/Redacted.arc
/Redacted.arcle-hs38
/Redacted.arm
/Redacted.arm4
/Redacted.arm4l
/Redacted.arm4t
/Redacted.arm4tl
/Redacted.arm4tll
/Redacted.arm5
/Redacted.arm5l
/Redacted.arm5n
/Redacted.arm6
/Redacted.arm64
/Redacted.arm6l
/Redacted.arm7
/Redacted.arm7l
/Redacted.arm8
/Redacted.armv4
/Redacted.armv4l
/Redacted.armv5l
/Redacted.armv6
/Redacted.armv61
/Redacted.armv6l
/Redacted.armv7l
/Redacted.dbg
/Redacted.exploit
/Redacted.i4
/Redacted.i486
/Redacted.i586
/Redacted.i6
/Redacted.i686
/Redacted.kill
/Redacted.m68
/Redacted.m68k
/Redacted.mips
/Redacted.mips64
/Redacted.mipseb
/Redacted.mipsel
/Redacted.mpsl
/Redacted.pcc
/Redacted.powerpc
/Redacted.powerpc-440fp
/Redacted.powerppc
/Redacted.ppc
/Redacted.pp-c
/Redacted.ppc2
/Redacted.ppc440
/Redacted.ppc440fp
/Redacted.root
/Redacted.root32
/Redacted.sh
/Redacted.sh4
/Redacted.sparc
/Redacted.spc
/Redacted.ssh4
/Redacted.x32
/Redacted.x32_64
/Redacted.x64
/Redacted.x86
/Redacted.x86_32
/Redacted.x86_64
/KEKGetMyBinsDumbCunt/

# Reference: https://www.virustotal.com/gui/file/5b932cfa1f205e7f5d1b5325d26be90c6b60f89e3782249b58e9a51e06374300/detection

192.227.185.106:2890

# Reference: https://www.virustotal.com/gui/file/41b3c5d5c1a73f1ec391adc39cce002c971c5faf44fb35e8d486c8430a51e435/detection

192.227.185.106:4290

# Reference: https://www.virustotal.com/gui/file/8887da7a6cf261fbf71d7c74f1894bc15d6b6e2bd3089a0504d2018daa8ee026/detection

192.227.185.106:9787

# Reference: https://www.virustotal.com/gui/file/ee8d2c23b0b37f5dd2dc96103d8c22c333bf448398acade445c8fe10bb3759cd/detection

192.227.185.106:9785

# Reference: https://www.virustotal.com/gui/file/f2009e171c02afe469dd211d3a64fb1c87bf81b45f13d55d5a0818bcdc0646dc/detection

192.227.185.106:7828

# Reference: https://www.virustotal.com/gui/file/40785560195b5a41c8cd4270e082f4ef50d724d6cd125d6bf93c23d45fd6d412/detection

192.227.185.106:9128

# Reference: https://www.virustotal.com/gui/file/8aa7866ca987eeea2571f5f03bec3798498d688f80a9bf49a5cd6c8c8d9dcf24/detection

192.227.185.106:7829

# Reference: https://www.virustotal.com/gui/file/46b10b7df86d853dee030605d8d7a1e6add4c738aad98dafb0508df5baa8987f/detection

192.227.185.106:9128

# Reference: https://www.virustotal.com/gui/file/6f54e2af1a1eda0e613497c5f26166e8fd741e5e4ffac9a7094652f397124d38/detection

192.227.185.106:9129

# Reference: https://www.virustotal.com/gui/file/462e2f61e7f0bebab04f3afe7b759d4644d4113e811e62c93a059f00554820f2/detection

192.227.185.106:7124

# Reference: https://twitter.com/r3dbU7z/status/1399932207238725632
# Reference: https://twitter.com/0xrb/status/1399957284919250944
# Reference: https://urlhaus.abuse.ch/host/205.185.126.254/
# Reference: https://www.virustotal.com/gui/file/9987128044dfac2085917e5de008c73e6bfd255003ddb624a56b936ba735ef4e/detection
# Reference: https://www.virustotal.com/gui/file/ed4e8715e4e14b99f49818ba36df286d94f591be14e34fbdce3284d77e349175/detection

http://205.185.126.254
205.185.126.254:1227
205.185.126.254:23
205.185.126.254:2323
205.185.126.254:443
205.185.126.254:5634
/crsfi.arc
/crsfi.arcle-hs38
/crsfi.arm
/crsfi.arm4
/crsfi.arm4l
/crsfi.arm4t
/crsfi.arm4tl
/crsfi.arm4tll
/crsfi.arm5
/crsfi.arm5l
/crsfi.arm5n
/crsfi.arm6
/crsfi.arm64
/crsfi.arm6l
/crsfi.arm7
/crsfi.arm7l
/crsfi.arm8
/crsfi.armv4
/crsfi.armv4l
/crsfi.armv5l
/crsfi.armv6
/crsfi.armv61
/crsfi.armv6l
/crsfi.armv7l
/crsfi.dbg
/crsfi.exploit
/crsfi.i4
/crsfi.i486
/crsfi.i586
/crsfi.i6
/crsfi.i686
/crsfi.kill
/crsfi.m68
/crsfi.m68k
/crsfi.mips
/crsfi.mips_64
/crsfi.mips64
/crsfi.mipseb
/crsfi.mipsel
/crsfi.mpsl
/crsfi.pcc
/crsfi.powerpc
/crsfi.powerpc-440fp
/crsfi.powerppc
/crsfi.ppc
/crsfi.pp-c
/crsfi.ppc2
/crsfi.ppc440
/crsfi.ppc440fp
/crsfi.root
/crsfi.root32
/crsfi.sh
/crsfi.sh4
/crsfi.sparc
/crsfi.spc
/crsfi.ssh4
/crsfi.x32
/crsfi.x32_64
/crsfi.x64
/crsfi.x86
/crsfi.x86_32
/crsfi.x86_64
/eckdee.arc
/eckdee.arcle-hs38
/eckdee.arm
/eckdee.arm4
/eckdee.arm4l
/eckdee.arm4t
/eckdee.arm4tl
/eckdee.arm4tll
/eckdee.arm5
/eckdee.arm5l
/eckdee.arm5n
/eckdee.arm6
/eckdee.arm64
/eckdee.arm6l
/eckdee.arm7
/eckdee.arm7l
/eckdee.arm8
/eckdee.armv4
/eckdee.armv4l
/eckdee.armv5l
/eckdee.armv6
/eckdee.armv61
/eckdee.armv6l
/eckdee.armv7l
/eckdee.dbg
/eckdee.exploit
/eckdee.i4
/eckdee.i486
/eckdee.i586
/eckdee.i6
/eckdee.i686
/eckdee.kill
/eckdee.m68
/eckdee.m68k
/eckdee.mips
/eckdee.mips_64
/eckdee.mips64
/eckdee.mipseb
/eckdee.mipsel
/eckdee.mpsl
/eckdee.pcc
/eckdee.powerpc
/eckdee.powerpc-440fp
/eckdee.powerppc
/eckdee.ppc
/eckdee.pp-c
/eckdee.ppc2
/eckdee.ppc440
/eckdee.ppc440fp
/eckdee.root
/eckdee.root32
/eckdee.sh
/eckdee.sh4
/eckdee.sparc
/eckdee.spc
/eckdee.ssh4
/eckdee.x32
/eckdee.x32_64
/eckdee.x64
/eckdee.x86
/eckdee.x86_32
/eckdee.x86_64
/exxsdee.arc
/exxsdee.arcle-hs38
/exxsdee.arm
/exxsdee.arm4
/exxsdee.arm4l
/exxsdee.arm4t
/exxsdee.arm4tl
/exxsdee.arm4tll
/exxsdee.arm5
/exxsdee.arm5l
/exxsdee.arm5n
/exxsdee.arm6
/exxsdee.arm64
/exxsdee.arm6l
/exxsdee.arm7
/exxsdee.arm7l
/exxsdee.arm8
/exxsdee.armv4
/exxsdee.armv4l
/exxsdee.armv5l
/exxsdee.armv6
/exxsdee.armv61
/exxsdee.armv6l
/exxsdee.armv7l
/exxsdee.dbg
/exxsdee.exploit
/exxsdee.i4
/exxsdee.i486
/exxsdee.i586
/exxsdee.i6
/exxsdee.i686
/exxsdee.kill
/exxsdee.m68
/exxsdee.m68k
/exxsdee.mips
/exxsdee.mips_64
/exxsdee.mips64
/exxsdee.mipseb
/exxsdee.mipsel
/exxsdee.mpsl
/exxsdee.pcc
/exxsdee.powerpc
/exxsdee.powerpc-440fp
/exxsdee.powerppc
/exxsdee.ppc
/exxsdee.pp-c
/exxsdee.ppc2
/exxsdee.ppc440
/exxsdee.ppc440fp
/exxsdee.root
/exxsdee.root32
/exxsdee.sh
/exxsdee.sh4
/exxsdee.sparc
/exxsdee.spc
/exxsdee.ssh4
/exxsdee.x32
/exxsdee.x32_64
/exxsdee.x64
/exxsdee.x86
/exxsdee.x86_32
/exxsdee.x86_64
/nbot.arc
/nbot.arcle-hs38
/nbot.arm
/nbot.arm4
/nbot.arm4l
/nbot.arm4t
/nbot.arm4tl
/nbot.arm4tll
/nbot.arm5
/nbot.arm5l
/nbot.arm5n
/nbot.arm6
/nbot.arm64
/nbot.arm6l
/nbot.arm7
/nbot.arm7l
/nbot.arm8
/nbot.armv4
/nbot.armv4l
/nbot.armv5l
/nbot.armv6
/nbot.armv61
/nbot.armv6l
/nbot.armv7l
/nbot.dbg
/nbot.exploit
/nbot.i4
/nbot.i486
/nbot.i586
/nbot.i6
/nbot.i686
/nbot.kill
/nbot.m68
/nbot.m68k
/nbot.mips
/nbot.mips_64
/nbot.mips64
/nbot.mipseb
/nbot.mipsel
/nbot.mpsl
/nbot.pcc
/nbot.powerpc
/nbot.powerpc-440fp
/nbot.powerppc
/nbot.ppc
/nbot.pp-c
/nbot.ppc2
/nbot.ppc440
/nbot.ppc440fp
/nbot.root
/nbot.root32
/nbot.sh
/nbot.sh4
/nbot.sparc
/nbot.spc
/nbot.ssh4
/nbot.x32
/nbot.x32_64
/nbot.x64
/nbot.x86
/nbot.x86_32
/nbot.x86_64

# Reference: https://www.virustotal.com/gui/file/24f0da8845b9eef85899bd62a9c519e71a0f08a5e71cc6ec5739e7b10fc7a86c/detection

modem.pw

# Reference: https://twitter.com/LGEmpathy/status/1404321271106600961

/a-r.m-4.Fourloko
/a-r.m-5.Fourloko
/a-r.m-6.Fourloko
/a-r.m-7.Fourloko
/i-4.8-6.Fourloko
/i-5.8-6.Fourloko
/i-6.8-6.Fourloko
/m-6.8-k.Fourloko
/m-i.p-s.Fourloko
/m-p.s-l.Fourloko
/p-p.c-.Fourloko
/s-h.4-.Fourloko
/x-3.2-.Fourloko
/x-6.4-.Fourloko
/x-8.6-.Fourloko
/Ace.arc
/Ace.arcle-hs38
/Ace.arm
/Ace.arm4
/Ace.arm4l
/Ace.arm4t
/Ace.arm4tl
/Ace.arm4tll
/Ace.arm5
/Ace.arm5l
/Ace.arm5n
/Ace.arm6
/Ace.arm64
/Ace.arm6l
/Ace.arm7
/Ace.arm7l
/Ace.arm8
/Ace.armv4
/Ace.armv4l
/Ace.armv5l
/Ace.armv6
/Ace.armv61
/Ace.armv6l
/Ace.armv7l
/Ace.dbg
/Ace.exploit
/Ace.i4
/Ace.i486
/Ace.i586
/Ace.i6
/Ace.i686
/Ace.kill
/Ace.m68
/Ace.m68k
/Ace.mips
/Ace.mips64
/Ace.mipseb
/Ace.mipsel
/Ace.mpsl
/Ace.pcc
/Ace.powerpc
/Ace.powerpc-440fp
/Ace.powerppc
/Ace.ppc
/Ace.pp-c
/Ace.ppc2
/Ace.ppc440
/Ace.ppc440fp
/Ace.root
/Ace.root32
/Ace.sh
/Ace.sh4
/Ace.sparc
/Ace.spc
/Ace.ssh4
/Ace.x32
/Ace.x32_64
/Ace.x64
/Ace.x86
/Ace.x86_32
/Ace.x86_64
/b4ngl4d3shS3N941.arc
/b4ngl4d3shS3N941.arcle-hs38
/b4ngl4d3shS3N941.arm
/b4ngl4d3shS3N941.arm4
/b4ngl4d3shS3N941.arm4l
/b4ngl4d3shS3N941.arm4t
/b4ngl4d3shS3N941.arm4tl
/b4ngl4d3shS3N941.arm4tll
/b4ngl4d3shS3N941.arm5
/b4ngl4d3shS3N941.arm5l
/b4ngl4d3shS3N941.arm5n
/b4ngl4d3shS3N941.arm6
/b4ngl4d3shS3N941.arm64
/b4ngl4d3shS3N941.arm6l
/b4ngl4d3shS3N941.arm7
/b4ngl4d3shS3N941.arm7l
/b4ngl4d3shS3N941.arm8
/b4ngl4d3shS3N941.armv4
/b4ngl4d3shS3N941.armv4l
/b4ngl4d3shS3N941.armv5l
/b4ngl4d3shS3N941.armv6
/b4ngl4d3shS3N941.armv61
/b4ngl4d3shS3N941.armv6l
/b4ngl4d3shS3N941.armv7l
/b4ngl4d3shS3N941.dbg
/b4ngl4d3shS3N941.exploit
/b4ngl4d3shS3N941.i4
/b4ngl4d3shS3N941.i486
/b4ngl4d3shS3N941.i586
/b4ngl4d3shS3N941.i6
/b4ngl4d3shS3N941.i686
/b4ngl4d3shS3N941.kill
/b4ngl4d3shS3N941.m68
/b4ngl4d3shS3N941.m68k
/b4ngl4d3shS3N941.mips
/b4ngl4d3shS3N941.mips64
/b4ngl4d3shS3N941.mipseb
/b4ngl4d3shS3N941.mipsel
/b4ngl4d3shS3N941.mpsl
/b4ngl4d3shS3N941.pcc
/b4ngl4d3shS3N941.powerpc
/b4ngl4d3shS3N941.powerpc-440fp
/b4ngl4d3shS3N941.powerppc
/b4ngl4d3shS3N941.ppc
/b4ngl4d3shS3N941.pp-c
/b4ngl4d3shS3N941.ppc2
/b4ngl4d3shS3N941.ppc440
/b4ngl4d3shS3N941.ppc440fp
/b4ngl4d3shS3N941.root
/b4ngl4d3shS3N941.root32
/b4ngl4d3shS3N941.sh
/b4ngl4d3shS3N941.sh4
/b4ngl4d3shS3N941.sparc
/b4ngl4d3shS3N941.spc
/b4ngl4d3shS3N941.ssh4
/b4ngl4d3shS3N941.x32
/b4ngl4d3shS3N941.x32_64
/b4ngl4d3shS3N941.x64
/b4ngl4d3shS3N941.x86
/b4ngl4d3shS3N941.x86_32
/b4ngl4d3shS3N941.x86_64
/boss.arc
/boss.arcle-hs38
/boss.arm
/boss.arm4
/boss.arm4l
/boss.arm4t
/boss.arm4tl
/boss.arm4tll
/boss.arm5
/boss.arm5l
/boss.arm5n
/boss.arm6
/boss.arm64
/boss.arm6l
/boss.arm7
/boss.arm7l
/boss.arm8
/boss.armv4
/boss.armv4l
/boss.armv5l
/boss.armv6
/boss.armv61
/boss.armv6l
/boss.armv7l
/boss.dbg
/boss.exploit
/boss.i4
/boss.i486
/boss.i586
/boss.i6
/boss.i686
/boss.kill
/boss.m68
/boss.m68k
/boss.mips
/boss.mips64
/boss.mipseb
/boss.mipsel
/boss.mpsl
/boss.pcc
/boss.powerpc
/boss.powerpc-440fp
/boss.powerppc
/boss.ppc
/boss.pp-c
/boss.ppc2
/boss.ppc440
/boss.ppc440fp
/boss.root
/boss.root32
/boss.sh
/boss.sh4
/boss.sparc
/boss.spc
/boss.ssh4
/boss.x32
/boss.x32_64
/boss.x64
/boss.x86
/boss.x86_32
/boss.x86_64
/buiodawbuiopdw.arc
/buiodawbuiopdw.arcle-hs38
/buiodawbuiopdw.arm
/buiodawbuiopdw.arm4
/buiodawbuiopdw.arm4l
/buiodawbuiopdw.arm4t
/buiodawbuiopdw.arm4tl
/buiodawbuiopdw.arm4tll
/buiodawbuiopdw.arm5
/buiodawbuiopdw.arm5l
/buiodawbuiopdw.arm5n
/buiodawbuiopdw.arm6
/buiodawbuiopdw.arm64
/buiodawbuiopdw.arm6l
/buiodawbuiopdw.arm7
/buiodawbuiopdw.arm7l
/buiodawbuiopdw.arm8
/buiodawbuiopdw.armv4
/buiodawbuiopdw.armv4l
/buiodawbuiopdw.armv5l
/buiodawbuiopdw.armv6
/buiodawbuiopdw.armv61
/buiodawbuiopdw.armv6l
/buiodawbuiopdw.armv7l
/buiodawbuiopdw.dbg
/buiodawbuiopdw.exploit
/buiodawbuiopdw.i4
/buiodawbuiopdw.i486
/buiodawbuiopdw.i586
/buiodawbuiopdw.i6
/buiodawbuiopdw.i686
/buiodawbuiopdw.kill
/buiodawbuiopdw.m68
/buiodawbuiopdw.m68k
/buiodawbuiopdw.mips
/buiodawbuiopdw.mips64
/buiodawbuiopdw.mipseb
/buiodawbuiopdw.mipsel
/buiodawbuiopdw.mpsl
/buiodawbuiopdw.pcc
/buiodawbuiopdw.powerpc
/buiodawbuiopdw.powerpc-440fp
/buiodawbuiopdw.powerppc
/buiodawbuiopdw.ppc
/buiodawbuiopdw.pp-c
/buiodawbuiopdw.ppc2
/buiodawbuiopdw.ppc440
/buiodawbuiopdw.ppc440fp
/buiodawbuiopdw.root
/buiodawbuiopdw.root32
/buiodawbuiopdw.sh
/buiodawbuiopdw.sh4
/buiodawbuiopdw.sparc
/buiodawbuiopdw.spc
/buiodawbuiopdw.ssh4
/buiodawbuiopdw.x32
/buiodawbuiopdw.x32_64
/buiodawbuiopdw.x64
/buiodawbuiopdw.x86
/buiodawbuiopdw.x86_32
/buiodawbuiopdw.x86_64
/controller.arc
/controller.arcle-hs38
/controller.arm
/controller.arm4
/controller.arm4l
/controller.arm4t
/controller.arm4tl
/controller.arm4tll
/controller.arm5
/controller.arm5l
/controller.arm5n
/controller.arm6
/controller.arm64
/controller.arm6l
/controller.arm7
/controller.arm7l
/controller.arm8
/controller.armv4
/controller.armv4l
/controller.armv5l
/controller.armv6
/controller.armv61
/controller.armv6l
/controller.armv7l
/controller.dbg
/controller.exploit
/controller.i4
/controller.i486
/controller.i586
/controller.i6
/controller.i686
/controller.kill
/controller.m68
/controller.m68k
/controller.mips
/controller.mips64
/controller.mipseb
/controller.mipsel
/controller.mpsl
/controller.pcc
/controller.powerpc
/controller.powerpc-440fp
/controller.powerppc
/controller.ppc
/controller.pp-c
/controller.ppc2
/controller.ppc440
/controller.ppc440fp
/controller.root
/controller.root32
/controller.sh
/controller.sh4
/controller.sparc
/controller.spc
/controller.ssh4
/controller.x32
/controller.x32_64
/controller.x64
/controller.x86
/controller.x86_32
/controller.x86_64
/cutie.arc
/cutie.arcle-hs38
/cutie.arm
/cutie.arm4
/cutie.arm4l
/cutie.arm4t
/cutie.arm4tl
/cutie.arm4tll
/cutie.arm5
/cutie.arm5l
/cutie.arm5n
/cutie.arm6
/cutie.arm64
/cutie.arm6l
/cutie.arm7
/cutie.arm7l
/cutie.arm8
/cutie.armv4
/cutie.armv4l
/cutie.armv5l
/cutie.armv6
/cutie.armv61
/cutie.armv6l
/cutie.armv7l
/cutie.dbg
/cutie.exploit
/cutie.i4
/cutie.i486
/cutie.i586
/cutie.i6
/cutie.i686
/cutie.kill
/cutie.m68
/cutie.m68k
/cutie.mips
/cutie.mips64
/cutie.mipseb
/cutie.mipsel
/cutie.mpsl
/cutie.pcc
/cutie.powerpc
/cutie.powerpc-440fp
/cutie.powerppc
/cutie.ppc
/cutie.pp-c
/cutie.ppc2
/cutie.ppc440
/cutie.ppc440fp
/cutie.root
/cutie.root32
/cutie.sh
/cutie.sh4
/cutie.sparc
/cutie.spc
/cutie.ssh4
/cutie.x32
/cutie.x32_64
/cutie.x64
/cutie.x86
/cutie.x86_32
/cutie.x86_64
/f.arc
/f.arcle-hs38
/f.arm
/f.arm4
/f.arm4l
/f.arm4t
/f.arm4tl
/f.arm4tll
/f.arm5
/f.arm5l
/f.arm5n
/f.arm6
/f.arm64
/f.arm6l
/f.arm7
/f.arm7l
/f.arm8
/f.armv4
/f.armv4l
/f.armv5l
/f.armv6
/f.armv61
/f.armv6l
/f.armv7l
/f.dbg
/f.exploit
/f.i4
/f.i486
/f.i586
/f.i6
/f.i686
/f.kill
/f.m68
/f.m68k
/f.mips
/f.mips64
/f.mipseb
/f.mipsel
/f.mpsl
/f.pcc
/f.powerpc
/f.powerpc-440fp
/f.powerppc
/f.ppc
/f.pp-c
/f.ppc2
/f.ppc440
/f.ppc440fp
/f.root
/f.root32
/f.sh
/f.sh4
/f.sparc
/f.spc
/f.ssh4
/f.x32
/f.x32_64
/f.x64
/f.x86
/f.x86_32
/f.x86_64
/ns.arc
/ns.arcle-hs38
/ns.arm
/ns.arm4
/ns.arm4l
/ns.arm4t
/ns.arm4tl
/ns.arm4tll
/ns.arm5
/ns.arm5l
/ns.arm5n
/ns.arm6
/ns.arm64
/ns.arm6l
/ns.arm7
/ns.arm7l
/ns.arm8
/ns.armv4
/ns.armv4l
/ns.armv5l
/ns.armv6
/ns.armv61
/ns.armv6l
/ns.armv7l
/ns.dbg
/ns.exploit
/ns.i4
/ns.i486
/ns.i586
/ns.i6
/ns.i686
/ns.kill
/ns.m68
/ns.m68k
/ns.mips
/ns.mips64
/ns.mipseb
/ns.mipsel
/ns.mpsl
/ns.pcc
/ns.powerpc
/ns.powerpc-440fp
/ns.powerppc
/ns.ppc
/ns.pp-c
/ns.ppc2
/ns.ppc440
/ns.ppc440fp
/ns.root
/ns.root32
/ns.sh
/ns.sh4
/ns.sparc
/ns.spc
/ns.ssh4
/ns.x32
/ns.x32_64
/ns.x64
/ns.x86
/ns.x86_32
/ns.x86_64
/PriorityNigger.arc
/PriorityNigger.arcle-hs38
/PriorityNigger.arm
/PriorityNigger.arm4
/PriorityNigger.arm4l
/PriorityNigger.arm4t
/PriorityNigger.arm4tl
/PriorityNigger.arm4tll
/PriorityNigger.arm5
/PriorityNigger.arm5l
/PriorityNigger.arm5n
/PriorityNigger.arm6
/PriorityNigger.arm64
/PriorityNigger.arm6l
/PriorityNigger.arm7
/PriorityNigger.arm7l
/PriorityNigger.arm8
/PriorityNigger.armv4
/PriorityNigger.armv4l
/PriorityNigger.armv5l
/PriorityNigger.armv6
/PriorityNigger.armv61
/PriorityNigger.armv6l
/PriorityNigger.armv7l
/PriorityNigger.dbg
/PriorityNigger.exploit
/PriorityNigger.i4
/PriorityNigger.i486
/PriorityNigger.i586
/PriorityNigger.i6
/PriorityNigger.i686
/PriorityNigger.kill
/PriorityNigger.m68
/PriorityNigger.m68k
/PriorityNigger.mips
/PriorityNigger.mips64
/PriorityNigger.mipseb
/PriorityNigger.mipsel
/PriorityNigger.mpsl
/PriorityNigger.pcc
/PriorityNigger.powerpc
/PriorityNigger.powerpc-440fp
/PriorityNigger.powerppc
/PriorityNigger.ppc
/PriorityNigger.pp-c
/PriorityNigger.ppc2
/PriorityNigger.ppc440
/PriorityNigger.ppc440fp
/PriorityNigger.root
/PriorityNigger.root32
/PriorityNigger.sh
/PriorityNigger.sh4
/PriorityNigger.sparc
/PriorityNigger.spc
/PriorityNigger.ssh4
/PriorityNigger.x32
/PriorityNigger.x32_64
/PriorityNigger.x64
/PriorityNigger.x86
/PriorityNigger.x86_32
/PriorityNigger.x86_64
/.apache2update/
/.billgates/
/.ultraesgrima/
/ayosuckyomum/
/pedalcheta/

# Reference: https://twitter.com/r3dbU7z/status/1408542260233441284
# Reference: https://www.virustotal.com/gui/file/8a44ae92e6edd27493253129c7e456d2307c077e8e2e4e482fd1e4cd0c87648c/detection
# Reference: https://www.virustotal.com/gui/file/5cee0abbfccdacd9bc5d68b5a340c071e2bf9f9121ef1fc80908b45e65cb205b/detection
# Reference: https://www.virustotal.com/gui/file/c7e08dfdf986c34db373bafdee6479c83100f7395e3dbc1b72c8cdba189e9beb/detection

170.187.225.184:1234
194.233.162.215:1234
45.79.161.124:1234
medusabotnet.com

# Reference: https://twitter.com/elfdigest/status/1410205893497589767
# Reference: https://elfdigest.com/brief/e4281244d0903aee0324ffd0c5ec02fae0dd2cfaaa669781ee684ac688cbd060

205.185.126.254:5714

# Reference: https://twitter.com/elfdigest/status/1410205561568870401
# Reference: https://elfdigest.com/brief/85d7aa235c4d50c29969f5a01712ab0d10cc0a18bb67d76495b7295713c5fec1

107.172.205.126:37009

# Reference: https://twitter.com/elfdigest/status/1407367322105417743
# Reference: https://elfdigest.com/brief/c388b465ab8633223dc634f90ea52c042efec072d29123f02852e591ac43ef05

96.8.121.112:81

# Reference: https://elfdigest.com/brief/d3de77487e13ee5e46b58832c1991d45f54fbe91e9ce048ff736eef0dc560b74
# Reference: https://twitter.com/elfdigest/status/1407368300980473865

117.201.204.72:49050
212.129.33.59:6881
59.93.26.81:51048

# Reference: https://blog.netlab.360.com/mirai_ptea-botnet-is-exploiting-undisclosed-kguard-dvr-vulnerability/
# Reference: https://otx.alienvault.com/pulse/60dd73dbb971862c99d0ac16

6amdku2uhly2esj7.onion
atxajrovi4lvd2zj.onion
bc6z3gtu6b3r5tce.onion
cgsmxjjnuickasbu.onion
gsmxjjnuickasbuatxajrovi4lvd2zjuejivzrb3vobuoezbc6z3gtu6b3r5tce.onion
m2336dttvcygloiv.onion
rkz2f5u57cvs3kdt.onion
uejivzrb3vobuoez.onion

# Reference: https://elfdigest.com/brief/df13c541419d99c04006064ebccbe07d153999e48765257dbbc8107b65a48e39

152.89.239.160:39497

# Reference: https://elfdigest.com/brief/ffc38298a16bc5e56e1114d6038d9e57e1ddfbaeb6a35f482fca3577f55776ac

156.96.156.220:45

# Reference: https://elfdigest.com/brief/05893abdcbf54b7375bb5f60b623ca1fe7ec1a061b80187e741cf64a900583e5

136.144.41.164:1

# Reference: https://elfdigest.com/brief/9108777b9b73f9382602ea8ab92b9c7d04aefad401d6430279ec66afe965832e

136.144.41.168:59666
scamanje.stresserit.pro

# Reference: https://www.virustotal.com/gui/file/a08aa3ee1777ce98aab091ed3274635b358de8ad4814a6d4334e42c168177847/detection
# Reference: https://www.virustotal.com/gui/file/b8585ba6ac1262db1a3e985217370b85e0b49860dc175d8622c0f5115f50039f/detection
# Reference: https://www.virustotal.com/gui/file/25a061ab35590014402f0ce14a9355e849923d407d1f5f7622bd88075e51d3a1/detection

167.107.182.16:37215
197.98.111.25:37215
65.21.107.147:37215
botnet.stresserit.pro

# Reference: https://twitter.com/malwareforme/status/1412549190178250754

/lmao123.arc
/lmao123.arcle-hs38
/lmao123.arm
/lmao123.arm4
/lmao123.arm4l
/lmao123.arm4t
/lmao123.arm4tl
/lmao123.arm4tll
/lmao123.arm5
/lmao123.arm5l
/lmao123.arm5n
/lmao123.arm6
/lmao123.arm64
/lmao123.arm6l
/lmao123.arm7
/lmao123.arm7l
/lmao123.arm8
/lmao123.armv4
/lmao123.armv4l
/lmao123.armv5l
/lmao123.armv6
/lmao123.armv61
/lmao123.armv6l
/lmao123.armv7l
/lmao123.dbg
/lmao123.exploit
/lmao123.i4
/lmao123.i486
/lmao123.i586
/lmao123.i6
/lmao123.i686
/lmao123.kill
/lmao123.m68
/lmao123.m68k
/lmao123.mips
/lmao123.mips64
/lmao123.mipseb
/lmao123.mipsel
/lmao123.mpsl
/lmao123.pcc
/lmao123.powerpc
/lmao123.powerpc-440fp
/lmao123.powerppc
/lmao123.ppc
/lmao123.pp-c
/lmao123.ppc2
/lmao123.ppc440
/lmao123.ppc440fp
/lmao123.root
/lmao123.root32
/lmao123.sh
/lmao123.sh4
/lmao123.sparc
/lmao123.spc
/lmao123.ssh4
/lmao123.x32
/lmao123.x32_64
/lmao123.x64
/lmao123.x86
/lmao123.x86_32
/lmao123.x86_64
/Smash-That-Like-Button/

# Reference: https://twitter.com/smii_mondher/status/1124005570980327424

/lilzae.arc
/lilzae.arcle-hs38
/lilzae.arm
/lilzae.arm4
/lilzae.arm4l
/lilzae.arm4t
/lilzae.arm4tl
/lilzae.arm4tll
/lilzae.arm5
/lilzae.arm5l
/lilzae.arm5n
/lilzae.arm6
/lilzae.arm64
/lilzae.arm6l
/lilzae.arm7
/lilzae.arm7l
/lilzae.arm8
/lilzae.armv4
/lilzae.armv4l
/lilzae.armv5l
/lilzae.armv6
/lilzae.armv61
/lilzae.armv6l
/lilzae.armv7l
/lilzae.dbg
/lilzae.exploit
/lilzae.i4
/lilzae.i486
/lilzae.i586
/lilzae.i6
/lilzae.i686
/lilzae.kill
/lilzae.m68
/lilzae.m68k
/lilzae.mips
/lilzae.mips64
/lilzae.mipseb
/lilzae.mipsel
/lilzae.mpsl
/lilzae.pcc
/lilzae.powerpc
/lilzae.powerpc-440fp
/lilzae.powerppc
/lilzae.ppc
/lilzae.pp-c
/lilzae.ppc2
/lilzae.ppc440
/lilzae.ppc440fp
/lilzae.root
/lilzae.root32
/lilzae.sh
/lilzae.sh4
/lilzae.sparc
/lilzae.spc
/lilzae.ssh4
/lilzae.x32
/lilzae.x32_64
/lilzae.x64
/lilzae.x86
/lilzae.x86_32
/lilzae.x86_64
/updater-0x666.arc
/updater-0x666.arcle-hs38
/updater-0x666.arm
/updater-0x666.arm4
/updater-0x666.arm4l
/updater-0x666.arm4t
/updater-0x666.arm4tl
/updater-0x666.arm4tll
/updater-0x666.arm5
/updater-0x666.arm5l
/updater-0x666.arm5n
/updater-0x666.arm6
/updater-0x666.arm64
/updater-0x666.arm6l
/updater-0x666.arm7
/updater-0x666.arm7l
/updater-0x666.arm8
/updater-0x666.armv4
/updater-0x666.armv4l
/updater-0x666.armv5l
/updater-0x666.armv6
/updater-0x666.armv61
/updater-0x666.armv6l
/updater-0x666.armv7l
/updater-0x666.dbg
/updater-0x666.exploit
/updater-0x666.i4
/updater-0x666.i486
/updater-0x666.i586
/updater-0x666.i6
/updater-0x666.i686
/updater-0x666.kill
/updater-0x666.m68
/updater-0x666.m68k
/updater-0x666.mips
/updater-0x666.mips64
/updater-0x666.mipseb
/updater-0x666.mipsel
/updater-0x666.mpsl
/updater-0x666.pcc
/updater-0x666.powerpc
/updater-0x666.powerpc-440fp
/updater-0x666.powerppc
/updater-0x666.ppc
/updater-0x666.pp-c
/updater-0x666.ppc2
/updater-0x666.ppc440
/updater-0x666.ppc440fp
/updater-0x666.root
/updater-0x666.root32
/updater-0x666.sh
/updater-0x666.sh4
/updater-0x666.sparc
/updater-0x666.spc
/updater-0x666.ssh4
/updater-0x666.x32
/updater-0x666.x32_64
/updater-0x666.x64
/updater-0x666.x86
/updater-0x666.x86_32
/updater-0x666.x86_64
/system-update-0239r02o23fjkf2/

# Reference: https://twitter.com/Artilllerie/status/1423177794339721224

/Mclovin_Pornhub_Virus.exe.arc
/Mclovin_Pornhub_Virus.exe.arcle-hs38
/Mclovin_Pornhub_Virus.exe.arm
/Mclovin_Pornhub_Virus.exe.arm4
/Mclovin_Pornhub_Virus.exe.arm4l
/Mclovin_Pornhub_Virus.exe.arm4t
/Mclovin_Pornhub_Virus.exe.arm4tl
/Mclovin_Pornhub_Virus.exe.arm4tll
/Mclovin_Pornhub_Virus.exe.arm5
/Mclovin_Pornhub_Virus.exe.arm5l
/Mclovin_Pornhub_Virus.exe.arm5n
/Mclovin_Pornhub_Virus.exe.arm6
/Mclovin_Pornhub_Virus.exe.arm64
/Mclovin_Pornhub_Virus.exe.arm6l
/Mclovin_Pornhub_Virus.exe.arm7
/Mclovin_Pornhub_Virus.exe.arm7l
/Mclovin_Pornhub_Virus.exe.arm8
/Mclovin_Pornhub_Virus.exe.armv4
/Mclovin_Pornhub_Virus.exe.armv4l
/Mclovin_Pornhub_Virus.exe.armv5l
/Mclovin_Pornhub_Virus.exe.armv6
/Mclovin_Pornhub_Virus.exe.armv61
/Mclovin_Pornhub_Virus.exe.armv6l
/Mclovin_Pornhub_Virus.exe.armv7l
/Mclovin_Pornhub_Virus.exe.dbg
/Mclovin_Pornhub_Virus.exe.exploit
/Mclovin_Pornhub_Virus.exe.i4
/Mclovin_Pornhub_Virus.exe.i486
/Mclovin_Pornhub_Virus.exe.i586
/Mclovin_Pornhub_Virus.exe.i6
/Mclovin_Pornhub_Virus.exe.i686
/Mclovin_Pornhub_Virus.exe.kill
/Mclovin_Pornhub_Virus.exe.m68
/Mclovin_Pornhub_Virus.exe.m68k
/Mclovin_Pornhub_Virus.exe.mips
/Mclovin_Pornhub_Virus.exe.mips64
/Mclovin_Pornhub_Virus.exe.mipseb
/Mclovin_Pornhub_Virus.exe.mipsel
/Mclovin_Pornhub_Virus.exe.mpsl
/Mclovin_Pornhub_Virus.exe.pcc
/Mclovin_Pornhub_Virus.exe.powerpc
/Mclovin_Pornhub_Virus.exe.powerpc-440fp
/Mclovin_Pornhub_Virus.exe.powerppc
/Mclovin_Pornhub_Virus.exe.ppc
/Mclovin_Pornhub_Virus.exe.pp-c
/Mclovin_Pornhub_Virus.exe.ppc2
/Mclovin_Pornhub_Virus.exe.ppc440
/Mclovin_Pornhub_Virus.exe.ppc440fp
/Mclovin_Pornhub_Virus.exe.root
/Mclovin_Pornhub_Virus.exe.root32
/Mclovin_Pornhub_Virus.exe.sh
/Mclovin_Pornhub_Virus.exe.sh4
/Mclovin_Pornhub_Virus.exe.sparc
/Mclovin_Pornhub_Virus.exe.spc
/Mclovin_Pornhub_Virus.exe.ssh4
/Mclovin_Pornhub_Virus.exe.x32
/Mclovin_Pornhub_Virus.exe.x32_64
/Mclovin_Pornhub_Virus.exe.x64
/Mclovin_Pornhub_Virus.exe.x86
/Mclovin_Pornhub_Virus.exe.x86_32
/Mclovin_Pornhub_Virus.exe.x86_64

# Reference: https://www.virustotal.com/gui/file/7f9e6366da837517e4bb484423793e5c5a916849f01de1a6a9c169ca58b64f81/detection

185.212.47.235:23
185.212.47.235:81

# Reference: https://www.virustotal.com/gui/ip-address/107.189.1.185/relations

/infs.arc
/infs.arcle-hs38
/infs.arm
/infs.arm4
/infs.arm4l
/infs.arm4t
/infs.arm4tl
/infs.arm4tll
/infs.arm5
/infs.arm5l
/infs.arm5n
/infs.arm6
/infs.arm64
/infs.arm6l
/infs.arm7
/infs.arm7l
/infs.arm8
/infs.armv4
/infs.armv4l
/infs.armv5l
/infs.armv6
/infs.armv61
/infs.armv6l
/infs.armv7l
/infs.dbg
/infs.exploit
/infs.i4
/infs.i486
/infs.i586
/infs.i6
/infs.i686
/infs.kill
/infs.m68
/infs.m68k
/infs.mips
/infs.mips64
/infs.mipseb
/infs.mipsel
/infs.mpsl
/infs.pcc
/infs.powerpc
/infs.powerpc-440fp
/infs.powerppc
/infs.ppc
/infs.pp-c
/infs.ppc2
/infs.ppc440
/infs.ppc440fp
/infs.root
/infs.root32
/infs.sh
/infs.sh4
/infs.sparc
/infs.spc
/infs.ssh4
/infs.x32
/infs.x32_64
/infs.x64
/infs.x86
/infs.x86_32
/infs.x86_64

# Reference: https://www.virustotal.com/gui/file/fa1be914982a111f999fee0ed612d94ba9d0792257ee54c41acba3c2126e35ab/behavior/Tencent%20HABO

107.189.1.185:9331
130.7.212.244:2323
130.7.212.244:9331
32.164.109.217:2323
firewalla1337.cc
bots.firewalla1337.cc
bots1.firewalla1337.cc
ptr_s_bots1.firewalla1337.cc
scan.firewalla1337.cc
scan1.firewalla1337.cc

# Reference: https://www.virustotal.com/gui/file/c7ec33c5301b9b2508cb336dac86657ee418af67ebf3614e458974f3590fac4e/detection

156.96.156.212:2323
156.96.156.212:55650
202.49.244.166:2323
202.49.244.166:55650
213.228.33.213:2323
213.228.33.213:55650
arcticboatz.cz

# Reference: https://www.virustotal.com/gui/ip-address/20.151.141.34/relations

20.151.141.34:1312

# Reference: https://twitter.com/malwarejar/status/1463082586377437188

156.96.62.207:55650
51.79.160.198:46573
zerobytes.cc
life.zerobytes.cc

# Reference: https://twitter.com/r3dbU7z/status/1455211001289363471
# Reference: https://www.virustotal.com/gui/file/e02f486cb4144deff8b6e26ea1ef7e53161ab84367919d7cf226acb7522b2b88

31.133.0.49:99

# Reference: https://www.virustotal.com/gui/file/51b3bb993656f4023da50fd0ece2e69942ee73c3946a2fcb6d6d080f1790a497/detection

http://185.130.104.171
185.130.104.171:23
185.130.104.171:7723

# Reference: https://www.virustotal.com/gui/file/c8cf2838057bb9cbe83be670a900e1de9921eac7ed76bfd5d1875ec06a4adf14/detection

http://185.130.104.180

# Reference: https://www.virustotal.com/gui/file/c02c95c3615811e574779ea332c0dc23254040d7682390be41b4b356cd156af0/detection

http://37.0.11.231
/zerowbins.arc
/zerowbins.arm
/zerowbins.arm4
/zerowbins.arm4l
/zerowbins.arm4t
/zerowbins.arm4tl
/zerowbins.arm4tll
/zerowbins.arm5
/zerowbins.arm5l
/zerowbins.arm5n
/zerowbins.arm6
/zerowbins.arm64
/zerowbins.arm6l
/zerowbins.arm7
/zerowbins.arm7l
/zerowbins.arm8
/zerowbins.armv4
/zerowbins.armv4l
/zerowbins.armv5l
/zerowbins.armv6
/zerowbins.armv61
/zerowbins.armv6l
/zerowbins.armv7l
/zerowbins.dbg
/zerowbins.exploit
/zerowbins.i4
/zerowbins.i486
/zerowbins.i586
/zerowbins.i6
/zerowbins.i686
/zerowbins.kill
/zerowbins.m68
/zerowbins.m68k
/zerowbins.mips
/zerowbins.mips64
/zerowbins.mipseb
/zerowbins.mipsel
/zerowbins.mpsl
/zerowbins.pcc
/zerowbins.powerpc
/zerowbins.powerpc-440fp
/zerowbins.powerppc
/zerowbins.ppc
/zerowbins.ppc2
/zerowbins.ppc440
/zerowbins.ppc440fp
/zerowbins.root
/zerowbins.root32
/zerowbins.sh
/zerowbins.sh4
/zerowbins.sparc
/zerowbins.spc
/zerowbins.ssh4
/zerowbins.x32
/zerowbins.x64
/zerowbins.x86
/zerowbins.x86_32
/zerowbins.x86_64

# Reference: https://twitter.com/zom3y3/status/1469508032887414784

45.130.229.168:9999

# Reference: https://twitter.com/1ZRR4H/status/1470175445308129280

45.83.193.150:9999

# Reference: https://blog.netlab.360.com/wei-xie-kuai-xun-log4jlou-dong-yi-jing-bei-yong-lai-zu-jian-botnet-zhen-dui-linuxshe-bei/
# Reference: https://www.virustotal.com/gui/file/8052f5cc4dfa9a8b4f67280a746acbc099319b9391e3b495a27d08fb5f08db81/detection
# Reference: https://www.virustotal.com/gui/file/776c341504769aa67af7efc5acc66c338dab5684a8579134d3f23165c7abcc00/detection
# Reference: https://www.virustotal.com/gui/file/2b794cc70cb33c9b3ae7384157ecb78b54aaddc72f4f9cf90b4a4ce4e6cf8984/detection

nazi.uy
log.exposedbotnets.ru
bvprzqhoz7j2ltin.onion.ws
bvprzqhoz7j2ltin.onion.ly
bvprzqhoz7j2ltin.tor2web.su
/wp-content/themes/twentyseventeen/ldm
/wp-content/themes/twentythirteen/m8

# Reference: https://www.fortinet.com/blog/threat-research/manga-aka-dark-mirai-based-campaign-targets-new-tp-link-router-rce-vulnerability

/eh.arc
/eh.arm
/eh.arm4
/eh.arm4l
/eh.arm4t
/eh.arm4tl
/eh.arm4tll
/eh.arm5
/eh.arm5l
/eh.arm5n
/eh.arm6
/eh.arm64
/eh.arm6l
/eh.arm7
/eh.arm7l
/eh.arm8
/eh.armv4
/eh.armv4l
/eh.armv5l
/eh.armv6
/eh.armv61
/eh.armv6l
/eh.armv7l
/eh.dbg
/eh.exploit
/eh.i4
/eh.i486
/eh.i586
/eh.i6
/eh.i686
/eh.kill
/eh.m68
/eh.m68k
/eh.mips
/eh.mips64
/eh.mipseb
/eh.mipsel
/eh.mpsl
/eh.pcc
/eh.powerpc
/eh.powerpc-440fp
/eh.powerppc
/eh.ppc
/eh.ppc2
/eh.ppc440
/eh.ppc440fp
/eh.root
/eh.root32
/eh.sh
/eh.sh4
/eh.sparc
/eh.spc
/eh.ssh4
/eh.x32
/eh.x64
/eh.x86
/eh.x86_32
/eh.x86_64
/eh.86_64
/tshit.arc
/tshit.arm
/tshit.arm4
/tshit.arm4l
/tshit.arm4t
/tshit.arm4tl
/tshit.arm4tll
/tshit.arm5
/tshit.arm5l
/tshit.arm5n
/tshit.arm6
/tshit.arm64
/tshit.arm6l
/tshit.arm7
/tshit.arm7l
/tshit.arm8
/tshit.armv4
/tshit.armv4l
/tshit.armv5l
/tshit.armv6
/tshit.armv61
/tshit.armv6l
/tshit.armv7l
/tshit.dbg
/tshit.exploit
/tshit.i4
/tshit.i486
/tshit.i586
/tshit.i6
/tshit.i686
/tshit.kill
/tshit.m68
/tshit.m68k
/tshit.mips
/tshit.mips64
/tshit.mipseb
/tshit.mipsel
/tshit.mpsl
/tshit.pcc
/tshit.powerpc
/tshit.powerpc-440fp
/tshit.powerppc
/tshit.ppc
/tshit.ppc2
/tshit.ppc440
/tshit.ppc440fp
/tshit.root
/tshit.root32
/tshit.sh
/tshit.sh4
/tshit.sparc
/tshit.spc
/tshit.ssh4
/tshit.x32
/tshit.x64
/tshit.x86
/tshit.x86_32
/tshit.x86_64

# Reference: https://twitter.com/bad_packets/status/1471196468908228614

http://152.67.63.150
skyofsaints.duckdns.org

# Reference: https://twitter.com/tolisec/status/1472963158742556674

http://152.67.63.150
207.154.205.223:25565

# Reference: https://www.virustotal.com/gui/file/18225aa660386627cb41f0392b00fc6b8f0a1007cee413dfd95e3809880a8fc2/detection

139.180.189.50:8080

# Reference: https://twitter.com/rmceoin/status/1470782140254240774

137.184.174.180:8082

# Reference: https://threatfox.abuse.ch/browse/tag/log4j/

209.141.61.220:5555

# Reference: https://twitter.com/VessOnSecurity/status/1475054167597199360

http://135.148.130.60
http://18.222.122.221
http://209.141.46.114

# Reference: https://www.virustotal.com/gui/file/fb2d545cbd463b10b987f7ce9dcb2e08fddeed2157a6b32f7ad6c556a2088b18/detection

http://209.141.46.249

# Reference: https://twitter.com/bad_packets/status/1477056560585056258

http://2.58.149.206

# Reference: https://github.com/ti-research-io/ti/blob/main/mirai_ddos_victims/2021-12-30-mirai_ddos_victims.json

54.39.125.97:1312

# Reference: https://github.com/ti-research-io/ti/blob/main/mirai_ddos_victims/2021-12-31-mirai_ddos_victims.json

23.94.138.57:34241

# Reference: https://www.virustotal.com/gui/file/e4e73d2da80cfd16278979ef39d2c54b65b8a48ab0be7fff1c9b44057ceb5f96/detection

45.14.224.204:576

# Reference: https://www.virustotal.com/gui/file/d944629af481568b2076489cf958a6f5eb38c5694ecaff2f0490c0613bd8dc5f/detection

45.14.224.200:8080

# Reference: https://www.virustotal.com/gui/file/7a0652fc29279eb69aff4c8c16da2528e8a882abb53c9b8106da22cf90f2451c/detection

46.12.180.98:26
46.12.180.98:2323
46.12.180.98:37215
46.12.180.98:8080

# Reference: https://www.virustotal.com/gui/file/83a266395b2ea1ccab80807f123b6827a6a0729f42a4acfc64e8e199dc876d62/detection

45.14.224.197:1791

# Reference: https://www.virustotal.com/gui/file/8d436e48380a0914ccef593c73afe191b41e24963d1888cf9aba995ac8d0aed2/detection

45.14.224.197:65500
45.14.224.197:8080
45.14.224.197:8081
72.140.59.5:2323
72.140.59.5:52869

# Reference: https://www.virustotal.com/gui/file/93a313621fc6c9428cf6abf1aa95015aeca609c7a7baf5ad2190a4d034c51555/detection

189.139.119.113:2323
189.139.119.113:52869
189.139.119.113:8080
45.14.224.197:1723
45.14.224.197:65500
72.191.138.138:1723
72.191.138.138:2323
72.191.138.138:65500
72.191.138.138:8081

# Reference: https://www.virustotal.com/gui/file/18fdfb3074a237f3984204d3545bdda8de9d592927d11deaaf3c5a5dcacd4505/detection

218.147.18.97:2323
218.147.18.97:5555
218.147.18.97:55555
218.147.18.97:8080
41.209.3.132:37215
45.14.224.197:65500
45.14.224.197:8080
45.14.224.197:8081

# Reference: https://twitter.com/honeymoon_ioc/status/1479571648906891265

209.141.53.74:9832

# Reference: https://twitter.com/abuse_ch/status/1481702702878969860
# Reference: https://blog.netlab.360.com/public-cloud-threat-intelligence-202112/
# Reference: https://otx.alienvault.com/pulse/61ea977759cc28216fa93688

http://46.161.52.37
46.161.52.37:59666
saturnbotnet.net

# Reference: https://twitter.com/bad_packets/status/1479542624792956930

/lshboot

# Reference: https://www.virustotal.com/gui/file/8ef25c52041ed8e03868b3626ecd829cd4cc354f1e9a79d84d3a3179f292a7a3/detection

194.156.98.190:23
194.156.98.190:26663

# Reference: https://twitter.com/r3dbU7z/status/1482315719845068801

beanx99.xyz
/pop.arc
/pop.arcle-hs38
/pop.arm
/pop.arm4
/pop.arm4l
/pop.arm4t
/pop.arm4tl
/pop.arm4tll
/pop.arm5
/pop.arm5l
/pop.arm5n
/pop.arm6
/pop.arm64
/pop.arm6l
/pop.arm7
/pop.arm7l
/pop.arm8
/pop.armv4
/pop.armv4l
/pop.armv5l
/pop.armv6
/pop.armv61
/pop.armv6l
/pop.armv7l
/pop.dbg
/pop.exploit
/pop.i4
/pop.i486
/pop.i586
/pop.i6
/pop.i686
/pop.kill
/pop.m68
/pop.m68k
/pop.mips
/pop.mips64
/pop.mipseb
/pop.mipsel
/pop.mpsl
/pop.pcc
/pop.powerpc
/pop.powerpc-440fp
/pop.powerppc
/pop.ppc
/pop.pp-c
/pop.ppc2
/pop.ppc440
/pop.ppc440fp
/pop.root
/pop.root32
/pop.sh
/pop.sh4
/pop.sparc
/pop.spc
/pop.ssh4
/pop.x32
/pop.x32_64
/pop.x64
/pop.x86
/pop.x86_32
/pop.x86_64
/thesearemybins/

# Reference: https://threatfox.abuse.ch/ioc/315788/

96.8.121.110:60420

# Reference: https://threatfox.abuse.ch/ioc/315753/

209.182.218.163:9506

# Reference: https://twitter.com/r3dbU7z/status/1487112708042510343
# Reference: https://www.virustotal.com/gui/file/d313a21736c87b24aa4c0fd6fe512040e0c078b587214d600f6ff64adac2fc48/detection

http://151.236.38.234
151.236.38.234:745
/ffwgrgrgfg
/ffwgrgrgfg1
/ffwgrgrgfg2
/ffwgrgrgfg3
/ffwgrgrgfg4
/ffwgrgrgfg5
/ffwgrgrgfg6
/ffwgrgrgfg7
/ffwgrgrgfg8
/ffwgrgrgfg9
/ffwgrgrgfg10
/ffwgrgrgfg11
/ffwgrgrgfg12
/ffwgrgrgfg13
/ffwgrgrgfg14
/ffwgrgrgfg15
/ffwgrgrgfg16
/ffwgrgrgfg17
/ffwgrgrgfg18
/ffwgrgrgfg19

# Reference: https://twitter.com/CujoaiLabs/status/1488147305077301252
# Reference: https://urlhaus.abuse.ch/host/62.197.136.231/

/Yofukashi.arc
/Yofukashi.arcle-hs38
/Yofukashi.arm
/Yofukashi.arm4
/Yofukashi.arm4l
/Yofukashi.arm4t
/Yofukashi.arm4tl
/Yofukashi.arm4tll
/Yofukashi.arm5
/Yofukashi.arm5l
/Yofukashi.arm5n
/Yofukashi.arm6
/Yofukashi.arm64
/Yofukashi.arm6l
/Yofukashi.arm7
/Yofukashi.arm7l
/Yofukashi.arm8
/Yofukashi.armv4
/Yofukashi.armv4l
/Yofukashi.armv5l
/Yofukashi.armv6
/Yofukashi.armv61
/Yofukashi.armv6l
/Yofukashi.armv7l
/Yofukashi.curl.sh
/Yofukashi.dbg
/Yofukashi.go
/Yofukashi.exploit
/Yofukashi.i4
/Yofukashi.i486
/Yofukashi.i586
/Yofukashi.i6
/Yofukashi.i686
/Yofukashi.kill
/Yofukashi.m68
/Yofukashi.m68k
/Yofukashi.mips
/Yofukashi.mips64
/Yofukashi.mipseb
/Yofukashi.mipsel
/Yofukashi.mpsl
/Yofukashi.pcc
/Yofukashi.powerpc
/Yofukashi.powerpc-440fp
/Yofukashi.powerppc
/Yofukashi.ppc
/Yofukashi.pp-c
/Yofukashi.ppc2
/Yofukashi.ppc440
/Yofukashi.ppc440fp
/Yofukashi.root
/Yofukashi.root32
/Yofukashi.sh
/Yofukashi.sh4
/Yofukashi.sparc
/Yofukashi.spc
/Yofukashi.ssh4
/Yofukashi.x32
/Yofukashi.x32_64
/Yofukashi.x64
/Yofukashi.x86
/Yofukashi.x86_32
/Yofukashi.x86_64
/Yofukashi.x86_64.dbg
/Yofukashi.x86_64.root

# Reference: https://www.virustotal.com/gui/file/1c5c971e2264d4870f243bf1f3124c70137c267b59bfd914ea1ace767362611b/detection

http://185.243.56.167
185.243.56.167:2021
qpalzmcnvbv.xyz
asdpoiabnsobgagibaosibasdbiasdaoo.qpalzmcnvbv.xyz
pasdnon.qpalzmcnvbv.xyz

# Reference: https://twitter.com/honeymoon_ioc/status/1488445220119359493
# Reference: https://urlhaus.abuse.ch/host/185.243.56.167/
# Reference: https://www.virustotal.com/gui/domain/pasdnon.qpalzmcnvbv.xyz/relations

/bot_arc_eb
/bot_arcbot-hs38_eb
/bot_arm_eb
/bot_arm4_eb
/bot_arm4l_eb
/bot_arm4t_eb
/bot_arm4tl_eb
/bot_arm4tll_eb
/bot_arm5_eb
/bot_arm5l_eb
/bot_arm5n_eb
/bot_arm6_eb
/bot_arm64_eb
/bot_arm6l_eb
/bot_arm7_eb
/bot_arm7l_eb
/bot_arm8_eb
/bot_armv4_eb
/bot_armv4l_eb
/bot_armv5l_eb
/bot_armv6_eb
/bot_armv61_eb
/bot_armv6l_eb
/bot_armv7l_eb
/bot_dbg_eb
/bot_exploit_eb
/bot_386_eb
/bot_i4_eb
/bot_i486_eb
/bot_i586_eb
/bot_i6_eb
/bot_i686_eb
/bot_kill_eb
/bot_m68_eb
/bot_m68k_eb
/bot_mips_eb
/bot_mips64_eb
/bot_mipseb_eb
/bot_mipsel_eb
/bot_mpsl_eb
/bot_pcc_eb
/bot_powerpc_eb
/bot_powerpc-440fp_eb
/bot_powerppc_eb
/bot_ppc_eb
/bot_pp-c_eb
/bot_ppc2_eb
/bot_ppc440_eb
/bot_ppc440fp_eb
/bot_root_eb
/bot_root32_eb
/bot_sh_eb
/bot_sh4_eb
/bot_sparc_eb
/bot_spc_eb
/bot_ssh4_eb
/bot_x32_eb
/bot_x32_64_eb
/bot_x64_eb
/bot_x86_eb
/bot_x86_32_eb
/bot_x86_64_eb
/bot_arc_el
/bot_arcbot-hs38_el
/bot_arm_el
/bot_arm4_el
/bot_arm4l_el
/bot_arm4t_el
/bot_arm4tl_el
/bot_arm4tll_el
/bot_arm5_el
/bot_arm5l_el
/bot_arm5n_el
/bot_arm6_el
/bot_arm64_el
/bot_arm6l_el
/bot_arm7_el
/bot_arm7l_el
/bot_arm8_el
/bot_armv4_el
/bot_armv4l_el
/bot_armv5l_el
/bot_armv6_el
/bot_armv61_el
/bot_armv6l_el
/bot_armv7l_el
/bot_dbg_el
/bot_exploit_el
/bot_386_el
/bot_i4_el
/bot_i486_el
/bot_i586_el
/bot_i6_el
/bot_i686_el
/bot_kill_el
/bot_m68_el
/bot_m68k_el
/bot_mips_el
/bot_mips64_el
/bot_mipseb_el
/bot_mipsel_el
/bot_mpsl_el
/bot_pcc_el
/bot_powerpc_el
/bot_powerpc-440fp_el
/bot_powerppc_el
/bot_ppc_el
/bot_pp-c_el
/bot_ppc2_el
/bot_ppc440_el
/bot_ppc440fp_el
/bot_root_el
/bot_root32_el
/bot_sh_el
/bot_sh4_el
/bot_sparc_el
/bot_spc_el
/bot_ssh4_el
/bot_x32_el
/bot_x32_64_el
/bot_x64_el
/bot_x86_el
/bot_x86_32_el
/bot_x86_64_el

# Reference: https://twitter.com/honeymoon_ioc/status/1488784883069640706
# Reference: https://tria.ge/220202-jmak9ahgb9/behavioral1

37.0.11.157:1302
/uYtea.arc
/uYtea.arcuYtea-hs38
/uYtea.arm
/uYtea.arm4
/uYtea.arm4l
/uYtea.arm4t
/uYtea.arm4tl
/uYtea.arm4tll
/uYtea.arm5
/uYtea.arm5l
/uYtea.arm5n
/uYtea.arm6
/uYtea.arm64
/uYtea.arm6l
/uYtea.arm7
/uYtea.arm7l
/uYtea.arm8
/uYtea.armv4
/uYtea.armv4l
/uYtea.armv5l
/uYtea.armv6
/uYtea.armv61
/uYtea.armv6l
/uYtea.armv7l
/uYtea.dbg
/uYtea.exploit
/uYtea.i4
/uYtea.i486
/uYtea.i586
/uYtea.i6
/uYtea.i686
/uYtea.kill
/uYtea.m68
/uYtea.m68k
/uYtea.mips
/uYtea.mips64
/uYtea.mipseb
/uYtea.mipsel
/uYtea.mpsl
/uYtea.pcc
/uYtea.powerpc
/uYtea.powerpc-440fp
/uYtea.powerppc
/uYtea.ppc
/uYtea.pp-c
/uYtea.ppc2
/uYtea.ppc440
/uYtea.ppc440fp
/uYtea.root
/uYtea.root32
/uYtea.sh
/uYtea.sh4
/uYtea.sparc
/uYtea.spc
/uYtea.ssh4
/uYtea.x32
/uYtea.x32_64
/uYtea.x64
/uYtea.x86
/uYtea.x86_32
/uYtea.x86_64

# Reference: https://twitter.com/SI_FalconTeam/status/1489530113293266945

103.45.65.191:6576
/spoofhosting

# Reference: https://twitter.com/r3dbU7z/status/1490653662603055105
# Reference: https://twitter.com/r3dbU7z/status/1490672121592389642

http://209.141.48.191
2.56.244.121:20346

# Reference: https://twitter.com/bad_packets/status/1490771034093461506

http://62.171.150.168
62.171.150.168:21
62.171.150.168:5034
joostjansen.ml
net.joostjansen.ml

# Reference: https://blog.netlab.360.com/rimasuta-spread-with-ruijie-0day-en/

http://2.56.244.121
http://2.56.244.157
http://91.211.88.220
http://91.211.89.242
http://91.211.91.56
pnjc66nasxdomwlyqo32d4ft43pooo7s4yuom3gn2gr5bmcpw7lgq4qd.onion
rg7t465nvnnzugdbdqdg3yf2pypssynb4wxavgghb4me2lecnw23ivyd.onion
t5pmcdgiipaznhuexh2usvojfixqzudnizgzeyihsyu7e5rehj7bfkad.onion
uf7ejrtdd6vvrsobk6rtsuicwogqyf6g72s55qop2kvpt7r4wfui6fqd.onion
vmdm5jrmksizpt6f7trsno6od7xcfs6hzywah46eaju72jkfvqbqdcqd.onion
wrabajewouypwxdsq4rxn7heb3k53ihoogik46ji6o7gj65yeo33reqd.onion
/awfLWTOmgxTX
/bwgFHtUOGJcv
/gkTHLPZAAsmP
/IAqecfTrQwQF
/iZXPWXshhRRt
/KaoJHwKMBiAJ
/mIoCinspKSkE
/OOGRLHgUnshR
/PszBtRNfnzBO
/qSdYKoxbZakW
/SywXQrWdNIrM
/tuPuSSbAxXIW
/vkvTxquhFCGV
/vnlWcwcBunwk
/VqIXrFxAGpPD
/yhZyIAclbmhD
/zEkFejmPQeVR

# Reference: https://twitter.com/TeamDreier/status/1492205845937102852

159.223.49.12:6668
/tiger.arc
/tiger.arcle-hs38
/tiger.arm
/tiger.arm4
/tiger.arm4l
/tiger.arm4t
/tiger.arm4tl
/tiger.arm4tll
/tiger.arm5
/tiger.arm5l
/tiger.arm5n
/tiger.arm6
/tiger.arm64
/tiger.arm6l
/tiger.arm7
/tiger.arm7l
/tiger.arm8
/tiger.armv4
/tiger.armv4l
/tiger.armv5l
/tiger.armv6
/tiger.armv61
/tiger.armv6l
/tiger.armv7l
/tiger.dbg
/tiger.exploit
/tiger.i4
/tiger.i486
/tiger.i586
/tiger.i6
/tiger.i686
/tiger.kill
/tiger.m68
/tiger.m68k
/tiger.mips
/tiger.mips64
/tiger.mipseb
/tiger.mipsel
/tiger.mpsl
/tiger.pcc
/tiger.powerpc
/tiger.powerpc-440fp
/tiger.powerppc
/tiger.ppc
/tiger.pp-c
/tiger.ppc2
/tiger.ppc440
/tiger.ppc440fp
/tiger.root
/tiger.root32
/tiger.sh
/tiger.sh4
/tiger.sparc
/tiger.spc
/tiger.ssh4
/tiger.x32
/tiger.x32_64
/tiger.x64
/tiger.x86
/tiger.x86_32
/tiger.x86_64

# Reference: https://www.virustotal.com/gui/file/096e1f631f7ca72fa8176cae6258a77fcbe4ecd471e9b295eb8fb1c41ca681f9/detection

http://46.186.223.57
46.186.223.57:23
46.186.223.57:2323
46.186.223.57:3975
methlacnc.duckdns.org

# Reference: https://twitter.com/bad_packets/status/1493872304987664384

5.182.211.5:44115
5.182.211.5:60195
/ohsitsvegawellrip.arc
/ohsitsvegawellrip.arcle-hs38
/ohsitsvegawellrip.arm
/ohsitsvegawellrip.arm4
/ohsitsvegawellrip.arm4l
/ohsitsvegawellrip.arm4t
/ohsitsvegawellrip.arm4tl
/ohsitsvegawellrip.arm4tll
/ohsitsvegawellrip.arm5
/ohsitsvegawellrip.arm5l
/ohsitsvegawellrip.arm5n
/ohsitsvegawellrip.arm6
/ohsitsvegawellrip.arm64
/ohsitsvegawellrip.arm6l
/ohsitsvegawellrip.arm7
/ohsitsvegawellrip.arm7l
/ohsitsvegawellrip.arm8
/ohsitsvegawellrip.armv4
/ohsitsvegawellrip.armv4l
/ohsitsvegawellrip.armv5l
/ohsitsvegawellrip.armv6
/ohsitsvegawellrip.armv61
/ohsitsvegawellrip.armv6l
/ohsitsvegawellrip.armv7l
/ohsitsvegawellrip.dbg
/ohsitsvegawellrip.exploit
/ohsitsvegawellrip.i4
/ohsitsvegawellrip.i486
/ohsitsvegawellrip.i586
/ohsitsvegawellrip.i6
/ohsitsvegawellrip.i686
/ohsitsvegawellrip.kill
/ohsitsvegawellrip.m68
/ohsitsvegawellrip.m68k
/ohsitsvegawellrip.mips
/ohsitsvegawellrip.mips64
/ohsitsvegawellrip.mipseb
/ohsitsvegawellrip.mipsel
/ohsitsvegawellrip.mpsl
/ohsitsvegawellrip.pcc
/ohsitsvegawellrip.powerpc
/ohsitsvegawellrip.powerpc-440fp
/ohsitsvegawellrip.powerppc
/ohsitsvegawellrip.ppc
/ohsitsvegawellrip.pp-c
/ohsitsvegawellrip.ppc2
/ohsitsvegawellrip.ppc440
/ohsitsvegawellrip.ppc440fp
/ohsitsvegawellrip.root
/ohsitsvegawellrip.root32
/ohsitsvegawellrip.sh
/ohsitsvegawellrip.sh4
/ohsitsvegawellrip.sparc
/ohsitsvegawellrip.spc
/ohsitsvegawellrip.ssh4
/ohsitsvegawellrip.x32
/ohsitsvegawellrip.x32_64
/ohsitsvegawellrip.x64
/ohsitsvegawellrip.x86
/ohsitsvegawellrip.x86_32
/ohsitsvegawellrip.x86_64

# Reference: https://twitter.com/bad_packets/status/1496723487116840966

192.3.117.132:384
192.3.117.132:4040
192.3.117.132:4077

# Reference: https://twitter.com/bad_packets/status/1496939621506158592

103.136.43.126:5034
103.136.43.126:59314

# Reference: https://twitter.com/bad_packets/status/1497672880389165059

107.172.89.142:45526

# Reference: https://otx.alienvault.com/pulse/61894367200f8ce537dda952 (# botenago)

/x86_64bot.arc
/x86_64bot.arcle-hs38
/x86_64bot.arm
/x86_64bot.arm4
/x86_64bot.arm4l
/x86_64bot.arm4t
/x86_64bot.arm4tl
/x86_64bot.arm4tll
/x86_64bot.arm5
/x86_64bot.arm5l
/x86_64bot.arm5n
/x86_64bot.arm6
/x86_64bot.arm64
/x86_64bot.arm6l
/x86_64bot.arm7
/x86_64bot.arm7l
/x86_64bot.arm8
/x86_64bot.armv4
/x86_64bot.armv4l
/x86_64bot.armv5l
/x86_64bot.armv6
/x86_64bot.armv61
/x86_64bot.armv6l
/x86_64bot.armv7l
/x86_64bot.dbg
/x86_64bot.exploit
/x86_64bot.i4
/x86_64bot.i486
/x86_64bot.i586
/x86_64bot.i6
/x86_64bot.i686
/x86_64bot.kill
/x86_64bot.m68
/x86_64bot.m68k
/x86_64bot.mips
/x86_64bot.mips64
/x86_64bot.mipseb
/x86_64bot.mipsel
/x86_64bot.mpsl
/x86_64bot.pcc
/x86_64bot.powerpc
/x86_64bot.powerpc-440fp
/x86_64bot.powerppc
/x86_64bot.ppc
/x86_64bot.pp-c
/x86_64bot.ppc2
/x86_64bot.ppc440
/x86_64bot.ppc440fp
/x86_64bot.root
/x86_64bot.root32
/x86_64bot.sh
/x86_64bot.sh4
/x86_64bot.sparc
/x86_64bot.spc
/x86_64bot.ssh4
/x86_64bot.x32
/x86_64bot.x32_64
/x86_64bot.x64
/x86_64bot.x86
/x86_64bot.x86_32
/x86_64bot.x86_64

# Reference: https://blog.netlab.360.com/what-our-honeypot-sees-just-one-day-after-the-spring4shell-advisory-en/

46.175.146.159:16772

# Reference: https://twitter.com/elfdigest/status/1510265775436840966

212.192.241.70:3074

# Reference: https://twitter.com/1ZRR4H/status/1510296543429120002
# Reference: https://www.virustotal.com/gui/ip-address/178.128.151.67/relations

sidhgbruqginlafw.zapto.org
vbyphnnymdjnsiau.3utilities.com
/czbdLGdMZtEyFlGqVPGn/

# Reference: https://www.lacework.com/blog/mirai-goes-stealth-tls-iot-malware/
# Reference: https://otx.alienvault.com/pulse/6156ce402e1de0029c9f2b94

5fly.io
destinyexp.com
forsola.com
infinitetrial.com
sola0818.com
news.forsola.com
news.infinitetrial.com
news.sola0818.com

# Reference: https://twitter.com/0xrb/status/1515984142609297417
# Reference: https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory
# Reference: https://www.fortinet.com/blog/threat-research/enemybot-a-look-into-keksecs-latest-ddos-botnet
# Reference: https://otx.alienvault.com/pulse/625018546137a10d9ebc8ca3

xfrvkmokgfb2pajafphw3upl6gq2uurde7de7iexw4aajvslnsmev5id.onion
/enemybot.arc
/enemybot.arm
/enemybot.arm4
/enemybot.arm4l
/enemybot.arm4t
/enemybot.arm4tl
/enemybot.arm4tll
/enemybot.arm5
/enemybot.arm5l
/enemybot.arm5n
/enemybot.arm6
/enemybot.arm64
/enemybot.arm6l
/enemybot.arm7
/enemybot.arm7l
/enemybot.arm8
/enemybot.armv4
/enemybot.armv4l
/enemybot.armv5l
/enemybot.armv6
/enemybot.armv61
/enemybot.armv6l
/enemybot.armv7l
/enemybot.dbg
/enemybot.exploit
/enemybot.i4
/enemybot.i486
/enemybot.i586
/enemybot.i6
/enemybot.i686
/enemybot.kill
/enemybot.m68
/enemybot.m68k
/enemybot.mips
/enemybot.mips64
/enemybot.mipseb
/enemybot.mipsel
/enemybot.mpsl
/enemybot.pcc
/enemybot.powerpc
/enemybot.powerpc-440fp
/enemybot.powerppc
/enemybot.ppc
/enemybot.ppc2
/enemybot.ppc440
/enemybot.ppc440fp
/enemybot.root
/enemybot.root32
/enemybot.sh
/enemybot.sh4
/enemybot.sparc
/enemybot.spc
/enemybot.ssh4
/enemybot.x32
/enemybot.x64
/enemybot.x86
/enemybot.x86_32
/enemybot.x86_64
/enemybotarc
/enemybotarm
/enemybotarm4
/enemybotarm4l
/enemybotarm4t
/enemybotarm4tl
/enemybotarm4tll
/enemybotarm5
/enemybotarm5l
/enemybotarm5n
/enemybotarm6
/enemybotarm64
/enemybotarm6l
/enemybotarm7
/enemybotarm7l
/enemybotarm8
/enemybotarmv4
/enemybotarmv4l
/enemybotarmv5l
/enemybotarmv6
/enemybotarmv61
/enemybotarmv6l
/enemybotarmv7l
/enemybotdbg
/enemybotexploit
/enemyboti4
/enemyboti486
/enemyboti586
/enemyboti6
/enemyboti686
/enemybotkill
/enemybotm68
/enemybotm68k
/enemybotmips
/enemybotmips64
/enemybotmipseb
/enemybotmipsel
/enemybotmpsl
/enemybotpcc
/enemybotpowerpc
/enemybotpowerpc-440fp
/enemybotpowerppc
/enemybotppc
/enemybotppc2
/enemybotppc440
/enemybotppc440fp
/enemybotroot
/enemybotroot32
/enemybotsh
/enemybotsh4
/enemybotsparc
/enemybotspc
/enemybotssh4
/enemybotx32
/enemybotx64
/enemybotx86
/enemybotx86_32
/enemybotx86_64
/enemybotrevampv1_amd64_netbsd
/enemybotrevampv1_amd64_openbsd
/enemybotrevampv1_amd_linux
/enemybotrevampv1_ppc64le_linux
/enemybotrevampv1_arm_freebsd
/enemybotrevampv1_amd64_darwin
/enemybotrevampv1_amd64_solaris
/enemybotrevampv1
# Reference: https://blog.netlab.360.com/rimasuta-spread-with-ruijie-0day/
# Reference: https://otx.alienvault.com/pulse/6152ec24e5796835a8d13758

wrabajewouypwxdsq4rxn7heb3k53ihoogik46ji6o7gj65yeo33reqd.onion
vmdm5jrmksizpt6f7trsno6od7xcfs6hzywah46eaju72jkfvqbqdcqd.onion
uf7ejrtdd6vvrsobk6rtsuicwogqyf6g72s55qop2kvpt7r4wfui6fqd.onion
t5pmcdgiipaznhuexh2usvojfixqzudnizgzeyihsyu7e5rehj7bfkad.onion
rg7t465nvnnzugdbdqdg3yf2pypssynb4wxavgghb4me2lecnw23ivyd.onion
qbqdcqdpnjc66nasxdomwlyqo32d4ft43pooo7s4yuom3gn2gr5bmcpw7lgq4qd.onion
pnjc66nasxdomwlyqo32d4ft43pooo7s4yuom3gn2gr5bmcpw7lgq4qd.onion
gmfj55g3lvkik3d73euirhjnicny3x32azifmtboqojsglnnifulbzqd.onion

# Reference: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/d/spring4shell/IOCs-Spring4Shell.txt
# Reference: https://otx.alienvault.com/pulse/625552517551031b5f67f851

http://45.95.169.143
/The420smokeplace.dns/

# Reference: https://unit42.paloaltonetworks.com/cve-2021-32305-websvn/
# Reference: https://otx.alienvault.com/pulse/612de7f27522f86a0531aca4
# Reference: https://www.virustotal.com/gui/file/e6f20e73af6cc393dd139b32117a8681e15edfe61c157f3509d1e740184b3d5c/detection

75.119.143.229:666
/4wa3.arc
/4wa3.arcle-hs38
/4wa3.arm
/4wa3.arm4
/4wa3.arm4l
/4wa3.arm4t
/4wa3.arm4tl
/4wa3.arm4tll
/4wa3.arm5
/4wa3.arm5l
/4wa3.arm5n
/4wa3.arm6
/4wa3.arm64
/4wa3.arm6l
/4wa3.arm7
/4wa3.arm7l
/4wa3.arm8
/4wa3.armv4
/4wa3.armv4l
/4wa3.armv5l
/4wa3.armv6
/4wa3.armv61
/4wa3.armv6l
/4wa3.armv7l
/4wa3.dbg
/4wa3.exploit
/4wa3.i4
/4wa3.i486
/4wa3.i586
/4wa3.i6
/4wa3.i686
/4wa3.kill
/4wa3.m68
/4wa3.m68k
/4wa3.mips
/4wa3.mips64
/4wa3.mipseb
/4wa3.mipsel
/4wa3.mpsl
/4wa3.pcc
/4wa3.powerpc
/4wa3.powerpc-440fp
/4wa3.powerppc
/4wa3.ppc
/4wa3.pp-c
/4wa3.ppc2
/4wa3.ppc440
/4wa3.ppc440fp
/4wa3.root
/4wa3.root32
/4wa3.sh
/4wa3.sh4
/4wa3.sparc
/4wa3.spc
/4wa3.ssh4
/4wa3.x32
/4wa3.x32_64
/4wa3.x64
/4wa3.x86
/4wa3.x86_32
/4wa3.x86_64

# Reference: https://www.lacework.com/blog/muhstik-takes-aim-at-confluence-cve-2021-26084/
# Reference: https://otx.alienvault.com/pulse/6139c2eff3981531042a860b

bvprzqhoz72jltin.onion
bvprzqhoz72jltin.onion.ly
bvprzqhoz72jltin.onion.ws
bvprzqhoz72jltin.tor2web.su

# Reference: https://www.virustotal.com/gui/file/f5ca8c432bb79ce130f11ff6dd9ce883044f272e99636375a7f0fd5ec4f97c59/detection

95.213.208.226:59666
cnc.krakenbit.net

# Reference: https://elfdigest.com/brief/e3a9b38e6e508dfb71eebdfdbdf7b3efa5bd6ffc67d92158254341fa13e21176

192.241.133.183:1312

# Reference: https://elfdigest.com/brief/516fcf6ba1c8e36571d53ea34870105ee03c93ab98e386ca9b5f714b038c722f

59.13.123.239:1312

# Reference: https://twitter.com/elfdigest/status/1520795444988817411

159.65.223.3:1312

# Reference: https://elfdigest.com/brief/db895a0aa5430819f0e605204e9968cebcd5b13165cfa973242ac40df41ea877

146.190.232.240:1312

# Reference: https://elfdigest.com/brief/d8d37f9148614014e20b7498f21007e47c17b11c577425353a5bff43fabe1fae

37.0.11.158:15025

# Reference: https://www.virustotal.com/gui/file/ee7a78c2a86f1e69ee0e4db252a0667973e59ea9324453a119014019682d6b26/detection

142.93.229.199:554

# Reference: https://twitter.com/elfdigest/status/1521037931766497286

193.142.58.171:404

# Reference: https://elfdigest.com/brief/a14bd20d2757f14185e1a8dafda7556f957af15e18e0294140f49964ca30c8ef

85.202.169.154:16011

# Reference: https://elfdigest.com/brief/d8d37f9148614014e20b7498f21007e47c17b11c577425353a5bff43fabe1fae

37.0.11.158:15025

# Reference: https://elfdigest.com/brief/417f47aba03c3323082027d5813029033174af23a789b03b7e37f4da8c483ae6

144.172.70.166:888

# Reference: https://elfdigest.com/brief/a8875c3bad30270efe07611b8f68546d6cb6ab19f0105319ebaba0d624bab0bf

92.255.85.17:8888

# Reference: https://elfdigest.com/brief/3a7ce8c173b7b75ddf1f96802b03b4fd05dae8ba305e0ddc2ba3a2bd541a20a0

194.31.98.205:55551

# Reference: https://elfdigest.com/brief/90c4aa9fbf36c7c52e4fa2baf763fa4d4f1cfe22042cd13163884745fb8ba73c

103.136.40.176:8985

# Reference: https://elfdigest.com/brief/c19a70a91897b60ca56d7bf20f7113ebe83165087fd918789020b17cb4e09a13

45.32.108.147:6969

# Reference: https://elfdigest.com/brief/a64486354e093ca94b411da614b3c1216f33e2e9d42ca89d21adf1cb963ecebd

45.148.123.58:839

# Reference: https://elfdigest.com/brief/e9f2a27a154d7d154ffa57e31f4ebfbe9d85cb25286e16783307edb112cdcfed

103.136.40.243:5034

# Reference: https://elfdigest.com/brief/ca351c14a9b77fbfc2bcce85abc894bc848593da2c740eedffcd0176495cef77

45.95.169.124:9506

# Reference: https://elfdigest.com/brief/43b324477b915a080803cf9d3ca8508e53a7cde5d3d322fdd57d31aadbe7551f

64.225.73.76:1312

# Reference: https://elfdigest.com/brief/2dfebd219f88b0a96fe4c9423a8932b65adc9c22bfc01919fc18e43660856cb5

206.189.181.21:1312

# Reference: https://elfdigest.com/brief/345ffe9aac541522b41a48a74318e896e6333a2f02c57a0ef47ec49820d225f4

154.23.191.157:5896

# Reference: https://elfdigest.com/brief/c9c6b4ecdc013fb578e7c053ebd82ea13163c07ac5fabd9c669efc586ffcbc33

109.237.96.25:5034

# Reference: https://elfdigest.com/brief/345ffe9aac541522b41a48a74318e896e6333a2f02c57a0ef47ec49820d225f4

154.23.191.157:5896

# Reference: https://elfdigest.com/brief/3a14c5f124ebeb422aaaa783ed78e323defb72bc020673adab6040a7ea3b1723

2.56.59.10:1312

# Reference: https://elfdigest.com/brief/36e4c8d60917804c3e4168b93bba35439d2e1b8eac125755e767560088de8cf1

62.197.136.154:2113

# Reference: https://elfdigest.com/brief/c9c6b4ecdc013fb578e7c053ebd82ea13163c07ac5fabd9c669efc586ffcbc33

109.237.96.25:5034

# Reference: https://elfdigest.com/brief/c9c6b4ecdc013fb578e7c053ebd82ea13163c07ac5fabd9c669efc586ffcbc33

109.237.96.25:5034

# Reference: https://elfdigest.com/brief/c626be277752a9c86e304c5101a851cceecde4ebec9c35bee12a189c3a3f13c1

103.136.40.176:45526

# Reference: https://twitter.com/_odisseus/status/1522558072052498433

185.110.190.83:9050

# Reference: https://elfdigest.com/brief/d694d9b8b61a7e6826bc40d7acb17a3d0c35fbc7d4654bc07f16c6c9ce830ba5

37.187.108.156:9050

# Reference: https://elfdigest.com/brief/f58a097d24059e934c8dc46f925a3f55471ea3b4de2ee92122ae67f669bdf4df

95.217.152.34:45

# Reference: https://elfdigest.com/brief/0f176b1f33abb3a3a3764766216049cb28dbd84e6d8b3b1f29745f944d6f3c06

141.95.84.78:59666

# Reference: https://elfdigest.com/brief/15f530d3a423b10d467d8b7a94a79da8e6ec1d34c6ede0f0988a43eb44c8110a

2.56.59.50:16025

# Reference: https://elfdigest.com/brief/b4e8becd365238c3c2101efdd4db3850084fe887bc49cfae3c980eebb0b346b0

2.56.56.162:56679
/gaybub

# Reference: https://elfdigest.com/brief/f10855751adc66a7391e2aed514dfe34fc4a8425472a7662d05e544c075947ee

198.98.48.215:5555

# Reference: https://elfdigest.com/brief/4bd6e530db1c7ed7610398efa249f9c236d7863b40606d779519ac4ccb89767f

49.12.214.66:9500

# Reference: https://elfdigest.com/brief/3ab0a6c5966a98e898e4f01e69852aa80427b6d99f889005dc1389b6ac1217c5

37.0.11.74:1312

# Reference: https://elfdigest.com/brief/e6a8d9fc258c839fc20be7bd42d0becc1a6af81d156eeeb0a1919630aadf3307

107.175.94.137:6666

# Reference: https://elfdigest.com/brief/2abf6060c8a61d7379adfb8218b56003765c1a1e701b346556ca5d53068892a5

154.39.244.171:8999

# Reference: https://elfdigest.com/brief/9e40430e5d70f9ade3e3b81d04d723c603ad2d7b184155c7c89d86b9c1af1eac

51.158.187.34:9375
/kbotv2

# Reference: https://elfdigest.com/brief/bc492af4475621beb55bbc8f34c02cac51fc088e16bcc8b3b797a1a1e8b876d3

23.94.28.76:8985

# Reference: https://elfdigest.com/brief/ae64cd40d636bdf1335f142522684d51e63f2e51c092709af84ecc6d9cc5c002

165.22.224.116:45

# Reference: https://elfdigest.com/brief/c4638fb77a096d5a88c9d042c075be1c07a9c164a5b0267b3223760c740a4482

137.184.111.139:1312

# Reference: https://elfdigest.com/brief/0b8603871290278ceda3c6599b0a07e518caec79085663d72f27e0e81dd01df7

103.153.254.67:5555

# Reference: https://elfdigest.com/brief/3f069c378185dd3ca84fdbfe6bb959707e0f5c0c93f9a923687c5270cfaff563

107.172.0.101:45

# Reference: https://elfdigest.com/brief/046ffb8c8da9f12f9d2391f5251bd38cbd48791b82db36a2f81f1198588ec2ec

45.142.122.52:1312

# Reference: https://elfdigest.com/brief/ec46fd24333d9389c1194c20286fedf1a729825276874cc0c60925e5550527fd

149.57.168.225:36063
dank-net.tk
katana.dank-net.tk

# Reference: https://elfdigest.com/brief/690a04716264bee5df909fc5c9ee4465267de2109473548d465131ca3c720562

107.175.94.137:9931

# Reference: https://elfdigest.com/brief/5c8691f5707f9d4cad5f909e848632fa4f6b3aa63f80d31e6c5f161afbfb9b7f

51.210.80.98:6969

# Reference: https://elfdigest.com/brief/8f5a1d760ebc4cbcce7851dbef8802b83d2c30a56797ae101b649abb959eed12

178.23.190.51:9987
iwishiwashappy.eu
dota.iwishiwashappy.eu

# Reference: https://elfdigest.com/brief/141ab6882632101808a6338e0a5cfd7b031cc2b3f6e152b700afd2653298bb5e

172.245.186.189:4335

# Reference: https://elfdigest.com/brief/a2d98b5bdbe4aee1e84783eb9465dd9358d5ef1e198e5a1aa74f1d20aedc56b8

5.182.210.145:158

# Reference: https://elfdigest.com/brief/61e968a83fd8653aab3f04dcea0ffa888628e9bc6c9a53cfc88cdf6100827752

212.192.246.110:5555

# Reference: https://elfdigest.com/brief/7312e8fa966219554f374c71e2897a72319b2d2d188a5b6e9c7c7a76ce8e56ec

103.136.41.110:6525

# Reference: https://elfdigest.com/brief/9c59376168b04f16dd2bbdd4e8748848b3329f2278c273bc45ce8e9d8d1ad3aa

20.187.127.241:11000
myjiaduobao.xyz

# Reference: https://elfdigest.com/brief/57b99e3f69621a938f201a7c7764413bf884162ce62dffbc95067be06134d7e5

162.243.161.74:1312

# Reference: https://elfdigest.com/brief/da647646cd36a3acb716b4266e9032f9c1caf555b7667e1dbe5bef89e7d2fdbb

20.187.86.47:8080
neverwinwlaq.xyz

# Reference: https://otx.alienvault.com/pulse/627bc2acc45f0ce91ba52a06
# Reference: https://www.virustotal.com/gui/file/03e6f09bbb61920fe39c8fadcbba554eb60aabd75e15aad200fa33f84b4e6234/detection

http://103.136.40.243
http://146.70.80.113
103.136.40.243:5034
119.179.214.255:48348
175.11.71.224:58786

# Reference: https://elfdigest.com/brief/8b3cea7b646a12669fdcc187d15f6266e023378beef1d21ab690e36c143efda1

150.230.38.140:1791

# Reference: https://elfdigest.com/brief/4df8e42528dea42c0c8da6ba80f69e2cce50f841fc3b51e27f99031b1a821543

78.141.212.90:1543

# Reference: https://www.virustotal.com/gui/file/cdf2c0c68b5f8f20af448142fd89f5980c9570033fe2e9793a15fdfdadac1281/detection

http://80.94.92.38
80.94.92.38:21

# Reference: https://elfdigest.com/brief/cca8734833c6bc8e1667f09333c198a8ca64a99fbd7ee6cd42f06de680d7025c

46.249.32.128:37009

# Reference: https://elfdigest.com/brief/16de867d548b31900a96c03bb6b3d0efce7dcdd6a5b1c627e683e671d409542a

46.249.32.128:839

# Reference: https://elfdigest.com/brief/64317307935c3a00724ba448545de7c74385254f7dab22d7f8305ffca05464d2

107.175.87.164:39497

# Reference: https://elfdigest.com/brief/d3cb1b14eb4a1d4d862af2ad760aa4402ae3da98400a769449e7aaaeeade6d32

23.94.28.76:31963

# Reference: https://elfdigest.com/brief/327195c89ff0279167fd0ebad71f10a28b4c74aca507120acb897a199882e859

156.226.173.28:59999

# Reference: https://elfdigest.com/brief/3e07e1f82497656e7e658b97a757759fe2030d1e629b40d7957c2cd011fc76bc

172.245.210.119:19372

# Reference: https://elfdigest.com/brief/27df42866fb21c178665f0a49b173f1f8b31f4ab61eb07b4edb86e1e954305ce

194.31.98.232:2074

# Reference: https://elfdigest.com/brief/fdd826580f8f7ee9681b55a640d9056e4ba63aff9fee831f54705b6c4694cfcd

107.172.197.117:1791

# Reference: https://elfdigest.com/brief/67c44956996df95d113ff77d3bdd694b6a86400b6ed7c554322af0e8d12c961b

172.111.10.220:606
23.227.146.106:13568

# Reference: https://elfdigest.com/brief/ca179b465c8f2240275ad797697ebbe04b59bc32e23022871b0193ce248cdd68

38.54.1.17:5555

# Reference: https://elfdigest.com/brief/99e8d346e6cf530cbc26fcd204c61abadad63b4141f6f77302ab2fc008023324
# Reference: https://elfdigest.com/brief/b53d7cdde08b2165fe41492683e462b55d4f9e4bece84868392bdc1bff064df7

104.168.96.111:34598

# Reference: https://elfdigest.com/brief/0802593f2b1b74bdc864d85ee34c4f6aa4c9c7fa2fea42e97f40615a624d715b

2.58.149.222:1312

# Reference: https://elfdigest.com/brief/06b60a3da66794fd8aa7905c467aa8215358237111f7ba64dfa5b506647a9b96

209.141.55.18:6738

# Reference: https://elfdigest.com/brief/6032db52200639ac22d56a5d1d197edba8869376572743f6a39c65064d1e0eac

185.26.120.181:61231

# Reference: https://elfdigest.com/brief/3c77b666726d2594a02c185fbea9e78e64e78395b841ee3fd64be26405adac53

2.56.57.187:6738

# Reference: https://elfdigest.com/brief/1c7673c3be3b3233bbd4b935337a8a0ec0111514e531395187f2ffafcddbb952

107.175.94.137:9931

# Reference: https://elfdigest.com/brief/374e5d6b6f1af9d115ef41f92016e1c12acdd8e41f0253e6dca1167b9a5a130d

103.136.40.176:8985

# Reference: https://elfdigest.com/brief/9fe11b3fc00ec1ad396e4ea8b53c1ea22c096eaf571584f48daf77726b42ca65

104.131.58.204:1312

# Reference: https://elfdigest.com/brief/6a42769381ea1f2df9fb53884dff5898a9e63ef6a728505732f020bb50febcb0

2.56.56.94:1092

# Reference: https://elfdigest.com/brief/2e112b57d8fb29954bf118e4cf365cf942fa5d66ccac423afd115e8f87d298fe

103.136.40.176:8985

# Reference: https://elfdigest.com/brief/6a42769381ea1f2df9fb53884dff5898a9e63ef6a728505732f020bb50febcb0

2.56.56.94:1092

# Reference: https://elfdigest.com/brief/f6965c0da05e60698998f6f10286929128a5ee5133d4a7b532d1abda9b135cd0

209.141.55.18:8985

# Reference: https://elfdigest.com/brief/ee26b154bd0a14cabb194bac99b655c27fc0161594ec51a8c3725515553a2e72

104.131.58.204:34241

# Reference: https://elfdigest.com/brief/09fd27fabe0b68ff78d5d84726dcfee86f86548dd73d4e624eb26166037fcdd2

192.3.231.100:390

# Reference: https://elfdigest.com/brief/4b059f7c4c5b00160f4617e34e06ab8bdc2dc971eb26ee26edf31da8827fb74c

185.26.121.176:5555
 
# Reference: https://elfdigest.com/brief/76426d5c9704efa35484a1cf08c3ee11bfe724c06137625a75fe6ee1a6b31220

185.26.121.176:1312
 
# Reference: https://elfdigest.com/brief/064318771d2bf6400261d72215e510f2fa125dc4c15f2cc910d3b10e13851f18
 
37.0.8.86:45
 
# Reference: https://elfdigest.com/brief/694a789eb18b4ef196a2151ee79a941f5f57652f07b4fc0f01bb60722beb4184
 
37.0.8.86:1024

# Reference: https://twitter.com/PhishStats/status/1526207746244284416

/aqua.arc
/aqua.arm
/aqua.arm4
/aqua.arm4l
/aqua.arm4t
/aqua.arm4tl
/aqua.arm4tll
/aqua.arm5
/aqua.arm5l
/aqua.arm5n
/aqua.arm6
/aqua.arm64
/aqua.arm6l
/aqua.arm7
/aqua.arm7l
/aqua.arm8
/aqua.armv4
/aqua.armv4l
/aqua.armv5l
/aqua.armv6
/aqua.armv61
/aqua.armv6l
/aqua.armv7l
/aqua.dbg
/aqua.exploit
/aqua.i4
/aqua.i486
/aqua.i586
/aqua.i6
/aqua.i686
/aqua.kill
/aqua.m68
/aqua.m68k
/aqua.mips
/aqua.mips64
/aqua.mipseb
/aqua.mipsel
/aqua.mpsl
/aqua.pcc
/aqua.powerpc
/aqua.powerpc-440fp
/aqua.powerppc
/aqua.ppc
/aqua.ppc2
/aqua.ppc440
/aqua.ppc440fp
/aqua.root
/aqua.root32
/aqua.sh
/aqua.sh4
/aqua.sparc
/aqua.spc
/aqua.ssh4
/aqua.x32
/aqua.x64
/aqua.x86
/aqua.x86_32
/aqua.x86_64
/zz.arc
/zz.arm
/zz.arm4
/zz.arm4l
/zz.arm4t
/zz.arm4tl
/zz.arm4tll
/zz.arm5
/zz.arm5l
/zz.arm5n
/zz.arm6
/zz.arm64
/zz.arm6l
/zz.arm7
/zz.arm7l
/zz.arm8
/zz.armv4
/zz.armv4l
/zz.armv5l
/zz.armv6
/zz.armv61
/zz.armv6l
/zz.armv7l
/zz.dbg
/zz.exploit
/zz.i4
/zz.i486
/zz.i586
/zz.i6
/zz.i686
/zz.kill
/zz.m68
/zz.m68k
/zz.mips
/zz.mips64
/zz.mipseb
/zz.mipsel
/zz.mpsl
/zz.pcc
/zz.powerpc
/zz.powerpc-440fp
/zz.powerppc
/zz.ppc
/zz.ppc2
/zz.ppc440
/zz.ppc440fp
/zz.root
/zz.root32
/zz.sh
/zz.sh4
/zz.sparc
/zz.spc
/zz.ssh4
/zz.x32
/zz.x64
/zz.x86
/zz.x86_32
/zz.x86_64
/.nCKx/

# Reference: https://elfdigest.com/brief/b68f3c6f8f816c69a61d3b17501f9a72f9249096f543834ef2b5c79eb37b20b9

194.87.71.20:63645

# Reference: https://twitter.com/360Netlab/status/1526624889909792768
# Reference: https://blog.netlab.360.com/botnet-group-behind-attack-bjjkb/ (Chinese)

ilikefishing.xyz
iranistrash.cc
iwishiwashappy.eu
iwishiwasnormal.ru
uiasuibasdbui.art
zzzsleepisnicezzz.art
dota.zzzsleepisnicezzz.art
dota.iwishiwashappy.eu
dota.uiasuibasdbui.art

# Reference: https://elfdigest.com/brief/f0a3d73205c487468f98ab821dde61da82605accc0640602523739b105f55fb4

198.251.83.227:1791

# Reference: https://elfdigest.com/brief/9546b12523d896aa5773e47f631f16b6f7f3e0c961dc61d2aade37088a6a3d10

37.0.8.86:9506

# Reference: https://elfdigest.com/brief/01cf97397fb707d7d4876899ae41cfc48427f7710bdd6264af7da7688539e7fa

46.249.32.102:8985

# Reference: https://elfdigest.com/brief/541bd90e560f1f4cf695ac58335a0de103e769ff579583842f869fc88d24a49c

156.96.151.228:45

# Reference: https://elfdigest.com/brief/b819d70262023bf356bc25ec7d59ae65d67794cbb6c3c5dede326378e374436d

dzfherse.ddns.net

# Reference: https://elfdigest.com/brief/8da75c1f2866a2fe0ff7f76324a605da4aa90d0169c156cd953b98ddc574f582

163.123.142.144:20092

# Reference: https://elfdigest.com/brief/41ee73fe779cf62b1aa65ffd391c3e09d163e6fd4c3186e6d23ec07629d4f196

144.22.254.85:4662

# Reference: https://elfdigest.com/brief/fab380b43f10c3290237100dd3fe668a3bdfe5b28bc9811e8a035c725fb7e730

163.123.142.144:2092

# Reference: https://elfdigest.com/brief/30507f21541bdfd389eb26a3db886f63cfac41f210d37e48f0391b07ba450791

23.95.225.102:1024

# Reference: https://elfdigest.com/brief/c92c34f9d9cc7787bdf95a504e9a5c42d1b2ea68ae1359ddda59dd9dd4d4e893

195.58.38.253:35580

# Reference: https://elfdigest.com/brief/0a42c3b49713c67f376b35ec4609c83b3b75dab7f1ddb60324afeb7b489b0267

2.57.122.154:1312

# Reference: https://elfdigest.com/brief/2835029b31d5f674c0ac48da199aedd2dce59e5d4814ca5c4041ca86213144df

2.56.59.196:7777

# Reference: https://elfdigest.com/brief/3da76a993466a965783ba0c014374d8374076dfe069bd727c613e7b8bc80e991

149.57.169.208:1791

# Reference: https://elfdigest.com/brief/6f1b745c6ad237a07d4bd9e09a0512cb4144e95fe805df5d7a3ecef68f07aa5f

179.43.156.214:56679

# Reference: https://elfdigest.com/brief/863d918681c019d6288ae98625ca0d84be167cd1ccd138e6cf02548f08f9b680

179.61.251.10:420

# Reference: https://elfdigest.com/brief/eccf0b5701bddbd0496fb24b1d1bd49501e0996172b7902e35188fe1d08d071d

94.228.124.204:1312

# Reference: https://elfdigest.com/brief/17346f1c956c6f1f92b259f25069f63aecb8e5be84b5751e5781ad6a8a842262

103.136.40.176:5034

# Reference: https://elfdigest.com/brief/4e4fbf59b276c471452cde5264249725f048eae0f0dc482f26d6102ff5a3d98e

149.57.210.215:1312

# Reference: https://elfdigest.com/brief/b4d5f505404d28029c23bb05d720f78e75e8f072df2d9fd2ca169db785ad60ef

45.124.84.135:4932

# Reference: https://elfdigest.com/brief/2676ae8b3021eab5128002d8a6f0187e38d0ee9f2a8d150d41adc26d2195426b

147.182.211.96:1312

# Reference: https://elfdigest.com/brief/136ee8876c8a00a952e602fae341ef290050b6bf506c0854e49a77bdd0fef995

38.54.16.10:5555

# Reference: https://elfdigest.com/brief/94dfb506b7cdb1a387b65c72d76f263457f6cae79d71b4b4fe08b69e45a7a1ea

23.92.27.113:1312

# Reference: https://elfdigest.com/brief/966c59b83f5c2a7c97e711a2588262881ab51b3ece4d09004267604fc429ce85

103.136.41.100:5034

# Reference: https://elfdigest.com/brief/3786db7a34682c8fad8b4e921e676f412c4b49100c494522aad80c7169edea51

194.31.98.17:61777

# Reference: https://elfdigest.com/brief/c98ec89089cac5d2ade0005cb6a862140298be25624db4788f42bd48ed302696

193.142.58.171:30149

# Reference: https://elfdigest.com/brief/8adbdc4e6656edef6ef93c19f20caa15f911a6f8b0b112974d5317c5fed5ef42

157.245.74.197:9931

# Reference: https://elfdigest.com/brief/a90a3493388f4389556a17b0511a453adf7b855865dffc4f833a6f929117c419

103.136.40.176:39497

# Reference: https://unit42.paloaltonetworks.com/cve-2022-22954-vmware-vulnerabilities/

http://198.46.189.105
http://51.81.133.91
135.148.91.146:1980
/NW_BBB.arc
/NW_BBB.arcle-hs38
/NW_BBB.arm
/NW_BBB.arm4
/NW_BBB.arm4l
/NW_BBB.arm4t
/NW_BBB.arm4tl
/NW_BBB.arm4tll
/NW_BBB.arm5
/NW_BBB.arm5l
/NW_BBB.arm5n
/NW_BBB.arm6
/NW_BBB.arm64
/NW_BBB.arm6l
/NW_BBB.arm7
/NW_BBB.arm7l
/NW_BBB.arm8
/NW_BBB.armv4
/NW_BBB.armv4l
/NW_BBB.armv5l
/NW_BBB.armv6
/NW_BBB.armv61
/NW_BBB.armv6l
/NW_BBB.armv7l
/NW_BBB.dbg
/NW_BBB.exploit
/NW_BBB.i4
/NW_BBB.i486
/NW_BBB.i586
/NW_BBB.i6
/NW_BBB.i686
/NW_BBB.kill
/NW_BBB.m68
/NW_BBB.m68k
/NW_BBB.mips
/NW_BBB.mips64
/NW_BBB.mipseb
/NW_BBB.mipsel
/NW_BBB.mpsl
/NW_BBB.pcc
/NW_BBB.powerpc
/NW_BBB.powerpc-440fp
/NW_BBB.powerppc
/NW_BBB.ppc
/NW_BBB.pp-c
/NW_BBB.ppc2
/NW_BBB.ppc440
/NW_BBB.ppc440fp
/NW_BBB.root
/NW_BBB.root32
/NW_BBB.sh
/NW_BBB.sh4
/NW_BBB.sparc
/NW_BBB.spc
/NW_BBB.ssh4
/NW_BBB.x32
/NW_BBB.x32_64
/NW_BBB.x64
/NW_BBB.x86
/NW_BBB.x86_32
/NW_BBB.x86_64
/Ugliest.arc
/Ugliest.arcle-hs38
/Ugliest.arm
/Ugliest.arm4
/Ugliest.arm4l
/Ugliest.arm4t
/Ugliest.arm4tl
/Ugliest.arm4tll
/Ugliest.arm5
/Ugliest.arm5l
/Ugliest.arm5n
/Ugliest.arm6
/Ugliest.arm64
/Ugliest.arm6l
/Ugliest.arm7
/Ugliest.arm7l
/Ugliest.arm8
/Ugliest.armv4
/Ugliest.armv4l
/Ugliest.armv5l
/Ugliest.armv6
/Ugliest.armv61
/Ugliest.armv6l
/Ugliest.armv7l
/Ugliest.dbg
/Ugliest.exploit
/Ugliest.i4
/Ugliest.i486
/Ugliest.i586
/Ugliest.i6
/Ugliest.i686
/Ugliest.kill
/Ugliest.m68
/Ugliest.m68k
/Ugliest.mips
/Ugliest.mips64
/Ugliest.mipseb
/Ugliest.mipsel
/Ugliest.mpsl
/Ugliest.pcc
/Ugliest.powerpc
/Ugliest.powerpc-440fp
/Ugliest.powerppc
/Ugliest.ppc
/Ugliest.pp-c
/Ugliest.ppc2
/Ugliest.ppc440
/Ugliest.ppc440fp
/Ugliest.root
/Ugliest.root32
/Ugliest.sh
/Ugliest.sh4
/Ugliest.sparc
/Ugliest.spc
/Ugliest.ssh4
/Ugliest.x32
/Ugliest.x32_64
/Ugliest.x64
/Ugliest.x86
/Ugliest.x86_32
/Ugliest.x86_64

# Reference: https://elfdigest.com/brief/ec4dc2a078c3dcd4685027760ed21e1eb8e8a1781427fd87f450ea58dc027855

2.56.59.202:666

# Reference: https://elfdigest.com/brief/741cfd59c77ee347bec2b9f14617554fae41bd89ab824f9d5c8e03101cf552f5

149.57.210.157:57468

# Reference: https://elfdigest.com/brief/a4359820b67e1cf9d0d69f534cc41406b0ce64c4c5d89b024bb1e0d7ddf115f1

206.81.14.184:1312

# Reference: https://elfdigest.com/brief/2dfba932d61993b63909250755cf7882cf13980f7a1283543c0cc66a1404f40c

172.245.186.189:5900
172.245.186.189:5901

# Reference: https://elfdigest.com/brief/99b312a7b8c6de91ec2e5ef0f1e1fe7cee63263fe402d1756b2270aee6f05197

137.184.107.143:1312

# Reference: https://elfdigest.com/brief/bcbbc1286291cea0defb344c98dae19914466633a1225a07561b231aef97f8e5

207.154.226.20:1791

# Reference: https://elfdigest.com/brief/dbe71b9bf484d72b09e447b28656a099f996715dd00d89c8503a482528c7b5da

45.134.174.234:9372

# Reference: https://elfdigest.com/brief/cf08da6870c9ae3b09cc45a3ba75d35fc89c772157c09131d97f8ba3b08e3562

46.19.137.50:55566

# Reference: https://elfdigest.com/brief/543bff368dd017d7f2d9414a84a40735c3eaeb95258983dcc1e2cd52a8e4e651

159.89.20.31:1024

# Reference: https://elfdigest.com/brief/afb66c8532eed63a10c8dce13582dedb6e80a9ffaa614a390588558c7d416d03

149.57.210.157:6637

# Reference: https://elfdigest.com/brief/afb66c8532eed63a10c8dce13582dedb6e80a9ffaa614a390588558c7d416d03

149.57.210.157:6637

# Reference: https://elfdigest.com/brief/9e35c0b5c812027d6698b662bb771ada7c1d40cf04050f450feebcbbdbff6b9a

172.245.210.119:17372

# Reference: https://elfdigest.com/brief/184f34491a3fd771ef88f242b9cd64fab1e58f84a066df1973a0b1057e5af503

45.142.122.121:63645

# Reference: https://elfdigest.com/brief/000a3338e08875012215744f37400dfae75c727350df4d23eba7106948e24674

91.208.162.112:2113

# Reference: https://elfdigest.com/brief/831879118e2ff584d76a11094f0b102302a571dfff95fb0e7ac1649417daeebd

85.204.116.189:6738

# Reference: https://www.virustotal.com/gui/file/1f917ca040501c2abead432b12f35e5adc8b0ced9cc6c222fdfc56d205d4e389/detection

http://104.212.150.180
104.212.150.180:2323
104.212.150.180:54702
104.212.150.180:5555
cn1928aa.duckdns.org

# Reference: https://www.virustotal.com/gui/file/07b347c274e02541c78441d3077d0cc9f42ae797db73cb1aa41ad69418341acf/detection

http://8.89.214.177
8.89.214.177:2323
8.89.214.177:54702
8.89.214.177:5555

# Reference: https://elfdigest.com/brief/b8287aa7ea121ac35c8265d732ad18e2175694c28f834bb505bef50e832390b5

149.57.168.225:23
/doge.arc
/doge.arcle-hs38
/doge.arm
/doge.arm4
/doge.arm4l
/doge.arm4t
/doge.arm4tl
/doge.arm4tll
/doge.arm5
/doge.arm5l
/doge.arm5n
/doge.arm6
/doge.arm64
/doge.arm6l
/doge.arm7
/doge.arm7l
/doge.arm8
/doge.armv4
/doge.armv4l
/doge.armv5l
/doge.armv6
/doge.armv61
/doge.armv6l
/doge.armv7l
/doge.dbg
/doge.exploit
/doge.i4
/doge.i486
/doge.i586
/doge.i6
/doge.i686
/doge.kill
/doge.m68
/doge.m68k
/doge.mips
/doge.mips64
/doge.mipseb
/doge.mipsel
/doge.mpsl
/doge.pcc
/doge.powerpc
/doge.powerpc-440fp
/doge.powerppc
/doge.ppc
/doge.pp-c
/doge.ppc2
/doge.ppc440
/doge.ppc440fp
/doge.root
/doge.root32
/doge.sh
/doge.sh4
/doge.sparc
/doge.spc
/doge.ssh4
/doge.x32
/doge.x32_64
/doge.x64
/doge.x86
/doge.x86_32
/doge.x86_64

# Reference: https://elfdigest.com/brief/ecf843b66828b9aeee306bbe6da74b94d87b0c4b16b04f3d2f5d87a31a68363b
# Reference: https://www.virustotal.com/gui/file/03e1f304077e02e105baee280100936184f0083018fd4a6db4c7dad538029740/detection

179.43.187.223:55651
titi.pics
rabbit.titi.pics

# Reference: https://elfdigest.com/brief/1604f0ab1f506a83d9ad14f9cc75a28cd16f6b245cd5d2e2e942685f553006db
# Reference: https://www.virustotal.com/gui/file/1604f0ab1f506a83d9ad14f9cc75a28cd16f6b245cd5d2e2e942685f553006db/detection

23.159.160.147:3074
hahayouregay.cf

# Reference: https://www.virustotal.com/gui/file/15855c4df7e6d8a3a6237e1342f29daafbb8801055e04caf57781de504f61b2d/detection

209.141.41.11:443

# Reference: https://www.virustotal.com/gui/file/541b650a56fe8927a35f65f2df7168d33ecaa4428563cf708bd373e8f464228f/detection

144.172.83.134:1312

# Reference: https://elfdigest.com/brief/ab93401d999d616368a3ff03b84189cbd075ede7563a03c72fc29eac79e1b388

37.0.8.123:1312

# Reference: https://elfdigest.com/brief/14c1a0c4fcb4cc4204fc19e9c618e09e199c9b579b6b0341322974d91207b124

104.248.252.20:1791

# Reference: https://elfdigest.com/brief/f219a45b40d7d5f77b2d1a6e2ff8f217497e1b8ce33073243d0fa328751fc31f

5.181.80.103:9589

# Reference: https://elfdigest.com/brief/01b4d9e1f11f433955edbd93edc45669057b69140d575597f0bf9c7aedb66c9a

23.160.193.123:1749

# Reference: https://elfdigest.com/brief/97c51929dfb96fa8aed46855f883d0a900abd1c485ecd406d5669caf5024a475

41.216.182.131:23

# Reference: https://elfdigest.com/brief/119e631d09df522b3b09952ebf2bfdab33be97168b266182cb44a2fd5aec64a8

176.58.121.232:839

# Reference: https://elfdigest.com/brief/23c6ff067788ea082f08e7f497b1d098114633f71682fe378d070650bf463304

144.172.71.155:6666

# Reference: https://elfdigest.com/brief/e23395e39e5f6a39d218ee48aa5deaacb3b429de9cb529ad52c34d6ee5dbb65c

139.144.25.203:1312

# Reference: https://elfdigest.com/brief/c902d07e4b6168314d2b53d08715d45fab92b64b98d9231c0a567c13249f920e

149.57.133.79:1791

# Reference: https://elfdigest.com/brief/95d1778e51fcd76c49b129064fc949d1898284c5a223d9888cc5ddb9d6d6257e

185.153.180.80:1111

# Reference: https://elfdigest.com/brief/31cf18d03d8844fb0458926f3a9b0d7aec8aeeb83a54d6e19fc0db25c74b8bc1

209.141.40.107:56343

# Reference: https://elfdigest.com/brief/95dd534ae1b1480e89a89488bddc300e89b36711bde2f4371f9a96efee68eba5

45.79.126.62:1312

# Reference: https://elfdigest.com/brief/4b841df5c6ddca8478ebd2c5291e30d1c5541aeb4d44704ba3685d249193918e

45.95.55.23:32774

# Reference: https://elfdigest.com/brief/0bea11b1fba652e1f12c6a7c2fab17f1336f9aa8a843de48b043e83374d7774f

194.31.98.191:9506

# Reference: https://elfdigest.com/brief/29c087b5c2fd17342f1a05b8f115f7613ad7d59ce372acce22841d130818847c

209.141.37.15:59

# Reference: https://elfdigest.com/brief/7f9a8d8561ae4327faae6bd98d44bb1271b414155eb529cf3465e42cd56390ea

46.23.109.40:44455

# Reference: https://elfdigest.com/brief/72d350c85c2644e8c35d540ab93ede55856de593ed9098aff9d11f2cada99bb5

185.44.81.114:6666

# Reference: https://elfdigest.com/brief/0706386cd36628da345d3af948764fcb6585bcbf53699066e6a2f70ed251c8e8

149.57.201.137:1024

# Reference: https://elfdigest.com/brief/1e56c1850a5206996ce4e2a2f7ab0d2e24a3a1119b80a404041eea2e0f3dbe1f

179.43.187.223:8892

# Reference: https://elfdigest.com/brief/b204d8958953c9ee36ecddf70a5f5a2ee7f587668e234b6d3cfc3c273f047b58

31.133.0.140:5555

# Reference: https://elfdigest.com/brief/7ef34c61ce4ed4a403bd7711d44f5497f9e9de9369521b801c179e4507ef2dbd

149.57.201.137:26663

# Reference: https://www.virustotal.com/gui/file/49e11014e7243d070e297d064a1f234ace2d28db7d8ef1f64f2cd62f077d7480/detection

http://101.33.238.116
101.33.238.116:60001
202.189.6.247:30301

# Reference: https://elfdigest.com/brief/8805b658effcd19207b4f2c8ae78029fb3db07b88fa396e6b9e5ffad4ae4316b

45.95.55.27:32774

# Reference: https://elfdigest.com/brief/6f0c949e811490823b6f61b5acfe95f8157f206d2dd6975dc59a1ba04c3b48a2

46.23.109.40:44455

# Reference: https://elfdigest.com/brief/f5a1fe1f1a0e323801abc985c0667e36fdef63588f18267743d6406869ce3432

15.204.7.101:5418

# Reference: https://elfdigest.com/brief/5fed541903f1658c9a2edc243af51a2aebe176c5fc2ccb7cb5ebb126c1621ed7

172.245.210.119:20129

# Reference: https://elfdigest.com/brief/fed28cbf2b646710dbf3cd9d80d0b9a873093571ab7058df2af36e819c7afc8c

62.197.136.92:9506

# Reference: https://elfdigest.com/brief/95075f59434b5c44d723737e62af9d5f72f398698e7b37c1e08c9697c0526c5a

31.7.58.162:55566

# Reference: https://elfdigest.com/brief/179b123d79923b66f326e5c8956e5a8b4219063861eae3147fc42efcb6d5fe70

190.123.44.199:5034

# Reference: https://elfdigest.com/brief/0bbb257fdd158ad92b5fee2efb2a87469cfa5250cd4b74f19f616147494c514c

194.163.34.162:19001

# Reference: https://elfdigest.com/brief/71fb99bd3551f7fd093473ffd693dfa574987152a3962b83b5200fe3f7521b8d

135.148.46.76:4258

# Reference: https://elfdigest.com/brief/cdd69b8b075c68fb8936ee04d04adf21a8dc3cec6bd6aaa9721195f3845ec864

149.57.201.137:1312

# Reference: https://elfdigest.com/brief/49cdb9ce3a5e79336881a5a234d207baedc2b19afdcbb9db8c99ea1335e8eef7 

45.95.169.117:5555

# Reference: https://elfdigest.com/brief/a9c91b91a2fd3b7448154946a5ea1a45dfedae351a556174a514761c36f06645

209.141.41.137:65501

# Reference: https://elfdigest.com/brief/e6c3d0bc0f54b4e7c29a553f832cfa42bcc233096a20e3888689f98d6b676654

103.136.41.100:45526

# Reference: https://elfdigest.com/brief/fe59a5943d4208990dcc71a7ad89605fe10facc69d0e0a596e2be485c644d0d7

178.62.34.177:45526

# Reference: https://elfdigest.com/brief/e6c3d0bc0f54b4e7c29a553f832cfa42bcc233096a20e3888689f98d6b676654

103.136.41.100:45526

# Reference: https://elfdigest.com/brief/b646230b793317c2d6a3caff78209e5bb75292bdba6af2c399b2a95059eb1733

45.142.122.121:59025

# Reference: https://elfdigest.com/brief/b8836d08a14e7b78ae890409c1511b378a3dfeaf5e2f1a9149472b92c3807e48

209.141.57.111:1312

# Reference: https://elfdigest.com/brief/469b1098925aeb3696cdf8becb52619e9bb9aafefd24160333b12cf67ef82430

bigbooterhax.xyz
net.bigbooterhax.xyz

# Reference: https://elfdigest.com/brief/e506bd816cbb4f638d98edaff4c5e926ba0b4d6da0c1ef286d03c3cbfbfd2521

149.57.170.179:60010

# Reference: https://elfdigest.com/brief/0b1b278e8d720012e5f1fceba0811f69a63d39dc3390aeccd03485c316f8248a

194.31.98.203:6969

# Reference: https://elfdigest.com/brief/23b2c22b5f6606899d6a25244a6bbb55839282dce840ff9ed54790227eddb9e8

198.74.112.103:5210
heikexiaolin1.f3322.net

# Reference: https://twitter.com/1ZRR4H/status/1534012809775828996

http://15.204.7.101
15.204.7.101:1418
twmolibaby.tw
tututu.twmolibaby.tw

# Reference: https://elfdigest.com/brief/8ccaf2c5883600bcc47adc3d77e6a611a969fd50bb6c08624a0cdfb6b8049275

45.95.169.117:59666
midnightservices.us

# Reference: https://elfdigest.com/brief/b653d63aa9e3557826ab74049eeacf2dbc7f06d7527d2bb03639ff9767e2f41c

/pYjw2xKzdL77H589

# Reference: https://elfdigest.com/brief/8443709842d7806dce4d0f30d1d845a3f3645972841c6ef8d98ae3239c63db58

146.19.191.118:45526

# Reference: https://elfdigest.com/brief/9293b71e68991f495153764e722eab2cea5be298d927703882aa7c6967d774ca

193.233.203.224:45526

# Reference: https://elfdigest.com/brief/7e47aaa863ab3fc58c5773fdd97ed552842c181519482deddcbb7eb5822ca726

205.185.123.5:3884

# Reference: https://elfdigest.com/brief/8987c13681130bafbefeb694ce8c5e7ead783b3f7758d63a420f2c3ef95922bc

149.57.168.89:1791

# Reference: https://elfdigest.com/brief/34b120fbebb7d4d65b2ceb2aa7e96a7d1cebbff8fb9c5c27a642616fa6b134da

128.199.10.110:39497

# Reference: https://elfdigest.com/brief/3f9fb43da64d35c81ce928a95521e6782fd9b649138652e5fa70b5796a87e9e9

195.201.219.199:61231

# Reference: https://elfdigest.com/brief/f62599940739f42b7d9865ee1a2e80683da235e53b78e7bf39c57748d3cab540

149.57.210.56:909

# Reference: https://elfdigest.com/brief/da85fdbb5c94c2ac669074f1db9e5302f4573f0fce4c7c05db24c66d4c07f75e

198.98.54.60:1312

# Reference: https://elfdigest.com/brief/0279dd08074970341c66f1cb1c0e762f91b45f8c5587b2ebe287ea395b0152eb

136.144.41.9:6859

# Reference: https://elfdigest.com/brief/bc7e9cc94b89daf6994ffdf56d505381a384716a1518b2f8a7736c4f127edf74

cancerresearch.lol
net.cancerresearch.lol
193.233.185.14:3074

# Reference: https://elfdigest.com/brief/dec25d4f1386680b0f2536dbd889e5593ccb2d9867a0f680ff9a127aa08c128d

104.217.249.182:1302

# Reference: https://elfdigest.com/brief/c2d9eba23452913cce5531236a4254e42afbfc5913a20c2f37bacfd8cf2b59c4

45.148.120.13:34241

# Reference: https://elfdigest.com/brief/c9bc3c1232a32231ae37f3c48e966e5fbcfcbb1fce2a14894bc1edbda20cdf4b

185.254.98.125:1312

# Reference: https://elfdigest.com/brief/04ad9407c1f4d4524eac02237a2791e278ceb8c973e5f28474ffa7a88c6e8a34

46.249.32.157:40004

# Reference: https://elfdigest.com/brief/f4226477318e96cc7d22af2cd10931fa105d84666e72478eb2dd07567ff73ca7

149.57.170.179:1996

# Reference: https://elfdigest.com/brief/3587bfb6be5418482cb00b7a627f25066caf9c092f6f1b233275832edbeaba7d

143.198.133.212:8080

# Reference: https://elfdigest.com/brief/815298c832be8bc0ecb4c671fbc603a3685641d36e29895b147f20c129624fbd

195.133.18.183:45526

# Reference: https://elfdigest.com/brief/f6975a7dd46f4da899b30fd9108b3005d5802916e008525adf162392cac92aef
# Reference: https://www.virustotal.com/gui/file/16485360c2319fb565d5f987c8bfe9ebe36b8682c93a87fb4aecd33444ae5d94/detection

139.162.131.116:61002
fbot.raiseyourdongers.pw
ohyaya.raiseyourdongers.pw
ohyaya2.raiseyourdongers.pw

# Reference: https://elfdigest.com/brief/867fbd96415ec2d1419cf8d5bd74b2963fd7b592f69990a92c471372f51d86e2

136.144.41.113:23023

# Reference: https://elfdigest.com/brief/8e15b121d253466fc7cdfbffdd20009a47b01f231bdf0e84fea50b35a5e329e0

104.168.96.111:19097

# Reference: https://elfdigest.com/brief/00df6c5e00aac969a7fba63af6d2b703b8c2a82d3abc994443439ad39daa6148

37.0.8.158:23023

# Reference: https://elfdigest.com/brief/f4659623f75cbf9190c2966686ca1b5d673ae1fb167aa5eb8b91547a7c116821

188.213.7.44:22
85.239.33.192:65525

# Reference: https://elfdigest.com/brief/400710fc4fd99cd4519d2dc33ca5aa0f63dd012be0da12f6d154ac9631c4ca58

45.95.169.123:36170
/abv1q9081289379879cghq9uwh3978y

# Reference: https://elfdigest.com/brief/6d58b8f0e4d0496202a7612d1a6bc5ad69e2fc8d4e1e3891536aad548ca25626

/pumaxnxx

# Reference: https://elfdigest.com/brief/9a4ec837878b631dffb0bd5a9100550fc7219d91fab663cc5d1e0083423ac4a3

193.233.185.75:43521

# Reference: https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/
# Reference: https://otx.alienvault.com/pulse/62a07e54195a69554f16abe6

134.213.29.14:32953

# Reference: https://elfdigest.com/brief/3718fd9732673e2dcfb17d4ef56f31de01632d24f2c2631611d32ee3fbea076f

193.233.185.59:909

# Reference: https://elfdigest.com/brief/f32b63b27702ce4e05e3f8e0df84c0f6f10cd36abef0026dc5dd0937c726e8e2

136.144.41.9:9931

# Reference: https://elfdigest.com/brief/7754373fd401856b41e3d6f2a6e4feb03c05c5e7168bc1bb0cb71d8547cc9bba

5.2.70.22:1111

# Reference: https://elfdigest.com/brief/5294918e818402394197bf256b24dc229dd6b72f118c603db0c16ecf3eea58d8

66.187.4.229:60195

# Reference: https://elfdigest.com/brief/7963ec896b079afb3991795425adbaf9de77f9f50643c3b00edd583cb7d7bec1

103.161.17.72:839

# Reference: https://elfdigest.com/brief/689321fbbd534bd085bf105ac1e72e37733a1fd44c4c8dccb6072ad79d8412db

179.43.167.30:55650
shisha4ho.me

# Reference: https://elfdigest.com/brief/0cfc75047b8960670ddc0cc8f847956b6b9cf9e865af4e70379c8f349e9d035f

/shitnet

# Reference: https://elfdigest.com/brief/a1b99b896c99280df49b5c4b121086fbf2f36a9e94909852045b50e0a330db4c

cnc.titi.pics

# Reference: https://elfdigest.com/brief/de9052dae79131401a9a9f00d8ee68627af18cbc665d87c2285c319f89feed6a

46.102.156.60:1791

# Reference: https://elfdigest.com/brief/a31f4caa0be9e588056c92fd69c8ac970ebc7e85a68615b1d9407a954d4df45d

185.193.126.182:9999

# Reference: https://elfdigest.com/brief/90e6e5334124275d8afd0413d2ad1315bec3a1f850b176e6559842d6264fd606

31.44.185.235:9987

# Reference: https://elfdigest.com/brief/e5bbaa3a4e73e7f6be8af7625d3b81d1b9d5900d2aec6a71fd144e84bf95a0a5

143.198.55.237:13

# Reference: https://elfdigest.com/brief/085c715ddd74c14dc3ff079dfd47829d591237b066ab1dfa1cbf26a768a0ada3

185.82.218.211:5034

# Reference: https://elfdigest.com/brief/244ed096d26ae952b472dfbfbd27c6eed8db08e02ba6b5239236ef4d5a977e6d

176.122.23.54:9100

# Reference: https://elfdigest.com/brief/3a79225b5d6e1726e24b18ee35ad2a1b3656de80f4931d9fbd6ec3d7d9c7438d

185.193.126.161:9100

# Reference: https://www.virustotal.com/gui/file/ff4f898b799ae6e15283d4acd43ea073be2ca53a5bb5243d3c38f4f92867d704/detection

190.123.44.125:1312

# Reference: https://www.virustotal.com/gui/file/a270da4ef3690def8207861be4ede4a3e339d205e96944e0af1d7d6b450b6a17/detection

/a-r.m-4.Sakura
/a-r.m-5.Sakura
/a-r.m-6.Sakura
/a-r.m-7.Sakura
/i-4.8-6.Sakura
/i-5.8-6.Sakura
/i-6.8-6.Sakura
/m-6.8-k.Sakura
/m-i.p-s.Sakura
/m-p.s-l.Sakura
/p-p.c-.Sakura
/s-h.4-.Sakura
/x-3.2-.Sakura
/x-6.4-.Sakura
/x-8.6-.Sakura

# Reference: https://elfdigest.com/brief/af110a366c570a36b5cb3df15ca0be596430ecc1296d23acbe986b1fb2d7a6ca

172.104.232.236:666

# Reference: https://elfdigest.com/brief/3e3899dd982f92894ffcace52a11c4ed72449efa81e974bd183ad98cecec0cf0

136.144.41.9:1312

# Reference: https://elfdigest.com/brief/4e043f835b045393d5067769c908ec31afc0cd3717f1661d68c2f3a13599f3d0

104.217.249.182:888

# Reference: https://elfdigest.com/brief/9d3b48a90d324e694d03b88e999e857ad17a05e3860465bb04aa34dec6abe8f4

172.245.210.119:8812

# Reference: https://elfdigest.com/brief/e153d44ca9aaabb34337d1bd19ad635536efd7e3ad4898215b64c8e9a303cddb

45.95.55.56:34241

# Reference: https://elfdigest.com/brief/b8bf6ff925d8ed3bcf9630c155785ba91230fe3d525587ed65a10f16158f872d

2.56.178.198:420

# Reference: https://elfdigest.com/brief/c605e0b18a96308d12162612c4d9daeaf868a5324a6f51bc719cf94a9883c5bb

45.95.169.100:6666

# Reference: https://elfdigest.com/brief/99a0c781beb1d27c0617ce98ba2b9590def7b4ad2c8106a1d7f9182f73e7f862

62.197.136.157:606

# Reference: https://elfdigest.com/brief/a1b55de595cfd0bb1cfbc5f890a0b2f94b19d4d3e9bbb470c412549508a91d56

146.59.64.13:4842

# Reference: https://elfdigest.com/brief/b0b720061a00741a1739faacee4653c5579edbf0097403478009af36b38db0f9

45.61.55.20:1312

# Reference: https://elfdigest.com/brief/623acd5831d55b8d73d9122e7c3b52b0b808c5a0c5201cc92ecb01c58d0370ff

209.141.37.15:2310

# Reference: https://elfdigest.com/brief/e01cbb5b5a2f0567c4d4ef0bff0d972f7c1afd827a0ce0bdeb87a26031e7c452

206.189.148.216:909

# Reference: https://elfdigest.com/brief/ae355ac333b34a1a94f8925535e9119b00dde53bca6e52be250b531feef1a937

172.245.210.119:12935

# Reference: https://elfdigest.com/brief/e3c5dfbee052c565cf1010887a8fe1b0a3bfb634446962d76f3346af2c832941

107.189.8.21:55650
bigducks.cc

# Reference: https://elfdigest.com/brief/d41ad6f808ee90187dc7abae73cb2ff8fe6dda5a6ca6d688952c9ce9c4edbb60

209.141.62.66:1312

# Reference: https://elfdigest.com/brief/d2ee928a4ba0716ad927cdfb25f1cc502011e879d6b46bcd8c2ad0e1a5bdf29b

38.54.12.67:5555

# Reference: https://elfdigest.com/brief/ad8bae53071afc5e5ec4028648c1cb7ec402e2846192577c6033315a2f324157

167.71.211.197:1312

# Reference: https://elfdigest.com/brief/77cdb334afa02d71004ee7bda165d899421e5fc3c35532dc2158c3396f47bb37

209.141.36.27:5555

# Reference: https://elfdigest.com/brief/a8914bdda059327125dd04385db39ded40e8545a75ffd664cb200b4d20c870a3

138.197.102.252:34129

# Reference: https://elfdigest.com/brief/f9e40add4afc8df75d0ea0aeb243619ae593ad713356a2c0d70b6739d34bcc34

2.56.59.49:1337

# Reference: https://elfdigest.com/brief/a974fd03e23846da3d55aae8a16647c03d33d5dfa9517f9cc590b8a9fedd6eb9

46.249.32.176:6666

# Reference: https://elfdigest.com/brief/ac5e13ae60a3b946e8d0cc2d88c7a3dc6061d3629f3331b3d53b17451590ee6e

209.141.37.15:9506

# Reference: https://elfdigest.com/brief/295ae18ed2c930b7e34127ea7c3821514a51851b942a738b00dccb795cb87deb

45.90.161.134:606

# Reference: https://elfdigest.com/brief/089f819dfd2f1fecc5f028e7a5d93f32f3f11c3eecb97393f8aed826d2d9c319

62.197.136.92:9999

# Reference: https://elfdigest.com/brief/e630019a9a4e6da42c892790c8f44f1319a97e311a22414c65df48719b21d619

209.141.46.117:1312

# Reference: https://elfdigest.com/brief/bcd0c446f2721b3abcef5acf9cdc85a4fa63f1cda08b476f2471657239bc74bc

179.43.167.29:55650
spasonetwork.xyz

# Reference: https://elfdigest.com/brief/014767c5f79964e88e30ef7b062520f9c726fd6a7e0e1bc196d0af6e7765004e

45.140.188.109:1111

# Reference: https://elfdigest.com/brief/66c2d9f8a49fc35ed69399069367d70508f37acad75a226c2e7ed3e3702a62c2

45.95.55.56:45

# Reference: https://www.virustotal.com/gui/file/1058143974c71606ead362d7d9d8fffe3012da4f6188efe27ea5df39091be0ec/detection

185.102.170.250:1337

# Reference: https://elfdigest.com/brief/1df9d647a47d70123333ec1cdce1ede17fef241078f0eaa49576ee566ff01d83

141.255.161.126:1302

# Reference: https://elfdigest.com/brief/23f880601d89e367b312c4f9ffaa5c2659ad7dc51c70c43fa804748ad42f9406

185.102.170.65:55551
moobotinfect.cc

# Reference: https://elfdigest.com/brief/b74e9ac31270df8bc847f3a34dcf9bcb3f7bc1a2a6fc479c95f001d5613bba27

193.23.161.194:4531

# Reference: https://elfdigest.com/brief/f4d0e64fccb63503b0330084c7a00767686bcb080b033d17afb643e09467492a

46.249.32.12:65102

# Reference: https://elfdigest.com/brief/556de9685684edb2959b333dc8b62a92f1a934b89a36effc0bcfa6b1216efe9b

157.245.54.76:9506

# Reference: https://elfdigest.com/brief/2f4a7e764b9571e307a015513c63cd575ddb9b70d8ff2a1d71220615f6f94d3d

179.43.142.162:1302

# Reference: https://elfdigest.com/brief/17a70976ac553aea29c12de4a6f9f2cc7e6579b2f809226b31526b7fe7489cc0

45.141.239.114:60001

# Reference: https://elfdigest.com/brief/316b15aa454c0a13249a87fbf0252447abfdd3c01568380e63311cb4dd55e198

45.142.122.121:606

# Reference: https://elfdigest.com/brief/6f01991abd2e9a6704df1158e3dc59854654a7e2b9d02687729b1b15ef563f23

185.102.170.115:47788

# Reference: https://elfdigest.com/brief/1251d4aa4b48c066e4a8e073d2cb7df7f797ba42ba79b2a114281a4e539a4f75

81.17.25.194:34480

# Reference: https://github.com/blacklotuslabs/IOCs/blob/main/ZuoRAT_IoCs.txt
# Reference: https://blog.lumen.com/zuorat-hijacks-soho-routers-to-silently-stalk-networks/
# Reference: https://otx.alienvault.com/pulse/62bc260b0ab85ba1ae2ecde6
# Reference: https://www.virustotal.com/gui/file/2f4359f91a92fa56d4aa0940ecb928042e20787b660c95e853e944ba92b02f17/detection

http://101.99.91.10
http://103.140.187.131
http://141.98.212.62
http://202.178.11.78
103.140.187.131:39500
103.140.187.131:55556
103.140.187.131:6666
101.99.91.10:53
202.178.11.78:53
memthree.com
myipdnsomatic.com
cd.memthree.com
/asdfa.a

# Reference: https://elfdigest.com/brief/66163efffe694e8c68bc68185844bd4dd8aa67d7184008fc7ab78f05bcaf9126

163.123.142.144:1302
/LjEZs

# Reference: https://elfdigest.com/brief/8fee9f2b02f4f53dfcee889e5daf0b701e307e33d95f1d53ac7cc5d04f835bc5

45.140.188.109:666

# Reference: https://elfdigest.com/brief/d8f82df7601e99cedea3872917bd5519d78805fc5454611e0e005819ea999bc0

134.195.138.33:390

# Reference: https://elfdigest.com/brief/f1b2a0c3a765f1de84dbca8ffb6e8d6f9c12a39f41df744f7c0f41543fffed89

45.141.239.114:5900

# Reference: https://elfdigest.com/brief/3bbf82d5e5b5a71faedb1473541504dc46417f7e830b6de6ecb180f78447fa2a

45.95.55.23:55750
nekos-are-cool.cc
nya.nekos-are-cool.cc

# Reference: https://elfdigest.com/brief/61ff0ed403657f0cfd7efda0fc5bef71c8e88c28cda0078bc52ffbba328ff1ca

194.87.144.188:34129

# Reference: https://elfdigest.com/brief/2a70ec237d1505b5d522ed86ba1390c7300662851de0a71d963a95b928d75070

2.56.57.21:8892
vruhshabla.xyz
cnc.vruhshabla.xyz

# Reference: https://elfdigest.com/brief/db4e492cac0a6447e46cfea8cd7f2b28467b4e27dd51833ec7dddc83fe20aadb

49.12.233.88:3778

# Reference: https://elfdigest.com/brief/cd7c34d15b810324d089556f7415731e9c9eb57cb347b51bd4f070cfc91b7f75

179.43.142.162:55650

# Reference: https://elfdigest.com/brief/ba48df001bf25b000658ff641638da39b59cd302bc91846e69c025fcb3c128e3
# Reference: https://www.virustotal.com/gui/file/1e68e137463693406d28a0caf83ca55856e90fe6ec9a1ea1c0dd404267f61a76/detection

163.123.142.144:55650
u-suck-my-dick.xyz

# Reference: https://elfdigest.com/brief/901e77fabc902c157a50320dc000b742a8b161b815cb3421d9b791b78160eb21

194.31.98.17:34241

# Reference: https://elfdigest.com/brief/3ec0a98cc089ad08c35fa057166eb28043d5f9a4ad55e9673f4f335edb6f6caf
# Reference: https://elfdigest.com/brief/e197e4245655952d42941018658ea3f378c46d4be9aa0f61d2f250d0c5e69b00

111.90.143.133:25565
141.255.161.126:55650
atilla.to

# Reference: https://elfdigest.com/brief/4c1db9e8460d6cd99adb6315881e32bdd8d087374ff8d6a372d61a4a8a806ac4

149.57.135.78:81
haikanet.duckdns.org

# Reference: https://elfdigest.com/brief/b491c05cf9cbf677808f117663e6ad36a36f6ffd8b8e74a591711431ae9deb67

45.95.169.146:61231

# Reference: https://elfdigest.com/brief/3db939f47de8013a9aa483150567acab61feb3a907e94eadc87d38a8a4d268f6

165.227.67.14:9506

# Reference: https://elfdigest.com/brief/e2e6e2c62a329d052802dfca44506212154d00743450e89c19327545e2b6c4d2

137.184.210.50:81

# Reference: https://elfdigest.com/brief/1c3eb0a47dd413982ecf3fc3b1c69e88268b40d7e94d4ec196dfcec67e9fcd02

5.161.76.146:9931

# Reference: https://elfdigest.com/brief/b7c7f94d807ef9d683e74c5b493f579013c04cfb3372c91a1883e5535e351ff5

194.87.71.134:60124
toliatypiza.ru

# Reference: https://elfdigest.com/brief/fbcc445a80f3fc3878cb33dd35a92a8808ee3a3a1c9ae405586152d9f7fbee7d

2.56.59.12:9990

# Reference: https://elfdigest.com/brief/193b6ab6a838c060994103843412638bb17e58fdb7874cfe0c27ca98e3a02644

136.144.41.138:5900

# Reference: https://elfdigest.com/brief/a0db3dd6029eca0d8396fd35e412c9806c69decf454cc142827b7f176541287d

159.223.85.125:9506

# Reference: https://elfdigest.com/brief/7f90ea6415ab7208cf4db2b6be28d602fe1ead8ef43d6e285448ce5e31f1a8f6

81.17.22.118:1302

# Reference: https://elfdigest.com/brief/2cc72e6808c27e2051c9a93739dd4e63af231831717a1c67b9c8c684f77c75b3

2.56.59.12:9999

# Reference: https://www.virustotal.com/gui/file/428a86b8c75a4a437edf65f482c3589c061ddb6e152570182c14d691f793813a/detection

yarunet.ddns.net

# Reference: https://elfdigest.com/brief/2ebc6da7541dfe7672b336926f6d78644d815251a98c89749158975024119195

81.17.25.194:11225

# Reference: https://elfdigest.com/brief/1aa0c7c01f6c4b6d610610460267a036ee78991dc2b446f953ad54542ab74181

163.123.142.144:61002

# Reference: https://elfdigest.com/brief/9d4bea208f2906051038d7dbb450c36af4d77b8bb5aa0a4cac9d7049e063c5ae

104.248.11.133:81

# Reference: https://elfdigest.com/brief/bfa5f54344661e1d3c1b68e38caa2da0f9ad5631969e196066b14ff594f85927

163.123.142.144:8985

# Reference: https://elfdigest.com/brief/971188ee1202fe474b4bb7d36d55434a8b8ac660bbbb413c44db1876b261dfcd

74.201.28.102:3007

# Reference: https://elfdigest.com/brief/5d2b4a62af27a66dc94e9e142c05c182c1538892c8f643746a8ca32a3f739ef4

163.123.142.144:59666

# Reference: https://elfdigest.com/brief/a1fa96861f4949b5b5be8a4009cf358917d49030d983d23ef916a9c105511af0

163.123.142.144:5555

# Reference: https://elfdigest.com/brief/28f7d9261d75686f1e314ec3f29f8b4981334666e786248e2e6e3633ac14e41b

45.142.122.121:9506

# Reference: https://elfdigest.com/brief/7eb61fbaf394bda5057ca3109b32fb23116f123bd1553653fad861d24f6f31cc

78.153.130.150:9931

# Reference: https://elfdigest.com/brief/6fd358d82ffa54c3a3052a2ff86aa7c5f7ff396802cbb7ba9f479174696091ea

209.141.47.225:1312

# Reference: https://elfdigest.com/brief/8548acf12853c2ffaac9f0a8588008e56d74f84d942c392f4e35df9954251cf9

194.31.98.205:81

# Reference: https://elfdigest.com/brief/5781021d3adc4cca7d9f3977ca524aac3dab6e67771a047d19d32757acb62ddb

103.147.122.68:360

# Reference: https://elfdigest.com/brief/d19e9cc67831bb718fa28d44803938bc90fb54737869631d1395e47f85a88126

163.123.142.144:1312

# Reference: https://elfdigest.com/brief/2da50f41b2dfd0f2b53dc4b714bf979ecceb387ab0c0d1e4ca0d76f7e0523bd9

205.185.118.99:26663

# Reference: https://elfdigest.com/brief/47b3a9faafd43d2fb0d7bb6f0af1d9ed1714650639289cb6fc137c999b0db385

209.141.56.201:1312

# Reference: https://elfdigest.com/brief/e13c079a56c6f83c60e613e7b1dd7dd91966710e76c3337758ad694150140a08

185.112.83.232:42516

# Reference: https://unit42.paloaltonetworks.com/mirai-variant-v3g4/
# Reference: https://twitter.com/elfdigest/status/1545076650705973248
# Reference: https://www.virustotal.com/gui/file/1218da43a62da76927484bca73a3eee53425c54625147f8d01149bcef2f09d1e/detection
# Reference: https://www.virustotal.com/gui/file/6f654198e8efd5aff1c7a903353967d0e96aeff0402cb0a79fabbc10d18c63d2/detection
# Reference: https://www.virustotal.com/gui/file/f295904d966889afb0f6b3625e504a1420a978434e2b6a9e9b85b688a44593fa/detection

http://104.244.72.64
http://176.123.9.238
http://198.98.49.79
176.123.9.253:11111
185.254.196.162:49661
abc.8xl9.com
comeanalyze.8xl9.com
fuckyounigger.8xl9.com

# Reference: https://elfdigest.com/brief/c2496df09a2564b3293960fbc1df87f56d3bf8db78d35fdc02bdca52c87c123f

185.112.83.30:3778

# Reference: https://elfdigest.com/brief/d5540dc20355632c09c7e9c16b011a186c8cb7410461eb6294fbdda8aa710ff8

45.138.74.106:34129

# Reference: https://elfdigest.com/brief/afcfc1e20a7c53070b831289c741a1f30ae9b2ae22261548402815832d5c784d

212.192.246.155:1312

# Reference: https://elfdigest.com/brief/8e3c92fbe809b7f4966da6f3130c0a2e1fc597ca9c0bcfbfa5d4dc490617dbd6

37.0.8.167:8

# Reference: https://elfdigest.com/brief/25f5f4989b0aefd757313de5ddf1a22aa1dc17190a8389baf78ace971f795f7a

78.153.130.156:3778

# Reference: https://elfdigest.com/brief/b7b08df148a880f1afd2db4e6f510070e89c132ec0fcef6a4d6c34a37a7522b7

78.153.130.150:3778

# Reference: https://elfdigest.com/brief/5d5d29c6fd2d59f1eaa07593e45c1791613b357a71f4a3d2371b0cf95d26f813

45.95.169.146:81

# Reference: https://elfdigest.com/brief/db7780137c7fb0c6f517c4ddee90630524b053fd22fc9b56ff8a92aa88ca16ad

161.35.125.227:655

# Reference: https://elfdigest.com/brief/9cb3cfc2e5fc9583850fd7bd3adde7415fe265ecbf067f37d2c382b2b1e5491e

45.95.169.153:3778

# Reference: https://elfdigest.com/brief/6ffd210851b4f5e3f34ffb094d4f168f73b7e8bfbaaff24df6fa01e19a90d626

74.201.28.102:3007

# Reference: https://elfdigest.com/brief/ee39824b5601f145eda59ea45011db04961e3318d1ba72f6960d657ea2ac757d

147.182.165.111:1312

# Reference: https://elfdigest.com/brief/e12b116b7dd4417feb8646adb10bc20873fae211544cb8cc9c116211c621ab34

147.182.137.90:1312

# Reference: https://elfdigest.com/brief/d48074fa6b4902b6d56ee062463889a29bb679e65997f1835f429df1ca0b8ed9

206.217.205.27:57047
37.120.152.152:54988

# Reference: https://elfdigest.com/brief/860bfd028711c860fd0473bfa9cf12c4245323a8c45b8d2822831eb4b520751f

94.158.247.111:2113

# Reference: https://elfdigest.com/brief/43665cee0a332f23b6d64a7273491e39eeab2058ea7bf4e2b701402626436c48

75.119.139.188:11025

# Reference: https://elfdigest.com/brief/4ad6598ae9135655843322b63e7c04c948fc6e07adfe3c8f2ffc23fe60fb1e02

217.114.43.170:3778

# Reference: https://elfdigest.com/brief/852b5ec0b7fc817307cb7fddbf046d464869de9ec6243bde1c2e79a90b80203c

209.141.61.118:909

# Reference: https://elfdigest.com/brief/f5ba08f805e5bb3f58c56b2e42636ca3e09c86ae4668a08702178b7f5125f7bc

77.222.54.214:3778

# Reference: https://elfdigest.com/brief/5b596e575e54854497ccae1ae6799f2094304aec0e9ed9c08ba162dda9fed849

185.102.170.250:6667

# Reference: https://elfdigest.com/brief/45a5bd65b2b34066377f47df0a6bfeae0ce6e24a10b4f181a7ab81e61e0fbe26

194.87.84.179:2113

# Reference: https://elfdigest.com/brief/5df61334c8c6df2347718ca27a71fe35a7691a5ac4aecffbc771b40f7a680439

103.147.122.68:365

# Reference: https://elfdigest.com/brief/7b709f229ce781233c2c11eefa6aa9a64f5e8eaafa3fe4741f30c1cb00ffff77

85.204.116.171:3778

# Reference: https://elfdigest.com/brief/be5ac18a81337bdea47d0e914185b8e05f621d4eab98387e962c743a943d4f83

78.153.130.150:13111

# Reference: https://elfdigest.com/brief/677926d792928643392ab3605d1beb859419b35c57a64915ca902ef8b9cd2dba

45.141.239.114:5713

# Reference: https://www.virustotal.com/gui/file/01e6b33c346d22f9710e3ee005fe807d7e560652a4c1682460d6cba99887898b/detection

204.76.203.95:5034

# Reference: https://malwareconfig.com/config/f2dfd98c45855cda309ee22ac5c01294

h4remix.xyz
cnc.h4remix.xyz
home.h4remix.xyz
report.h4remix.xyz

# Reference: https://elfdigest.com/brief/a338427dddd7c9c642297a2d2d22642bda5d9d6bea6732417cf12d36ede09618

157.245.50.153:9375

# Reference: https://elfdigest.com/brief/47854274240b96240b25dedc6542a0f5d458784758b4455f4de417fdcf0b0243

194.87.84.225:3884

# Reference: https://elfdigest.com/brief/b7facbefb326dc825ed322eb1316a62c74b45f8045b734983e22760113e17e8e

45.144.225.35:3778

# Reference: https://elfdigest.com/brief/9690b5002b1b9dd2a210b58ffd6ec0bdee38a1b9fdbfc7c6e5aefbe6d94bdd02

194.87.84.30:3007

# Reference: https://elfdigest.com/brief/f668307745cf911c1ac9cc5f32adfb6f5ac0256a75ac7b7ae7d96c912a563194

45.90.161.148:9506

# Reference: https://elfdigest.com/brief/9fbdf8a6e290cfada051b7e9396a95af63caabdbe33358b01806392cd937d380

78.153.130.156:55555

# Reference: https://elfdigest.com/brief/f369b2f7e186b195feb0c8331681e782269a6ee767eb8d4b530e0225df809651

136.144.41.9:3778

# Reference: https://elfdigest.com/brief/4f31bf2ae95feb4bf659d72d5510e761253c59867e5ab2a9fc520cfe525b9c90

206.189.5.25:2112

# Reference: https://elfdigest.com/brief/f668307745cf911c1ac9cc5f32adfb6f5ac0256a75ac7b7ae7d96c912a563194

45.90.161.148:9506

# Reference: https://elfdigest.com/brief/9fbdf8a6e290cfada051b7e9396a95af63caabdbe33358b01806392cd937d380

78.153.130.156:55555
 
# Reference: https://elfdigest.com/brief/f369b2f7e186b195feb0c8331681e782269a6ee767eb8d4b530e0225df809651

136.144.41.9:3778

# Reference: https://elfdigest.com/brief/4f31bf2ae95feb4bf659d72d5510e761253c59867e5ab2a9fc520cfe525b9c90

206.189.5.25:2112

# Reference: https://elfdigest.com/brief/3cee1beff7c0e9b59c27b72b7d73f82c9e85d35f82387ab342494bd5de6da49b

141.255.162.196:60195
balkan-general.net
cnc.balkan-general.net

# Reference: https://elfdigest.com/brief/e4cefb4c9da2aa58730c89eec993c8970dfdc31ad13874c69967001db2035747

37.0.8.157:1312

# Reference: https://elfdigest.com/brief/55dff834636bcb8f269b164e76dfd4f5a583cb0020e25b22c04e895fd63588d0

194.31.98.244:4343
194.31.98.244:443

# Reference: https://elfdigest.com/brief/9fcebd5cc52f05c97e54d27fdd8a59828e4dac4b1ac2bbbb22a290e4820509bc

74.201.28.102:56999
condinet.cf
cnc.condinet.cf
/haha.arc
/haha.arcle-hs38
/haha.arm
/haha.arm4
/haha.arm4l
/haha.arm4t
/haha.arm4tl
/haha.arm4tll
/haha.arm5
/haha.arm5l
/haha.arm5n
/haha.arm6
/haha.arm64
/haha.arm6l
/haha.arm7
/haha.arm7l
/haha.arm8
/haha.armv4
/haha.armv4l
/haha.armv5l
/haha.armv6
/haha.armv61
/haha.armv6l
/haha.armv7l
/haha.dbg
/haha.exploit
/haha.i4
/haha.i486
/haha.i586
/haha.i6
/haha.i686
/haha.kill
/haha.m68
/haha.m68k
/haha.mips
/haha.mips64
/haha.mipseb
/haha.mipsel
/haha.mpsl
/haha.pcc
/haha.powerpc
/haha.powerpc-440fp
/haha.powerppc
/haha.ppc
/haha.pp-c
/haha.ppc2
/haha.ppc440
/haha.ppc440fp
/haha.root
/haha.root32
/haha.sh
/haha.sh4
/haha.sparc
/haha.spc
/haha.ssh4
/haha.x32
/haha.x32_64
/haha.x64
/haha.x86
/haha.x86_32
/haha.x86_64

# Reference: https://elfdigest.com/brief/86d9c517b5b86f811119239c14cf53d40b388fe30986a8055420655f95b3f684

172.105.203.170:62554

# Reference: https://elfdigest.com/brief/270ab40bc46f8ffe82143c227387bb1fc7791807bdad8d48c914eb0fdb60b29e

45.95.55.27:9506

# Reference: https://elfdigest.com/brief/0fdc5d11dbd982f7a5cda4173086f33573ce177cb2bcce37a4b9747a8c0c424a

78.153.130.156:9931

# Reference: https://elfdigest.com/brief/9875752bba6d37603c8792cfe6d9ae772bc7745b74aa0a305bf95f7e676f3447

193.233.188.108:23552

# Reference: https://elfdigest.com/brief/7ad6efea791ce2d25915b7a31e5b74620a7b67cb786a90aba6cec9fef32e6517

45.141.239.167:4258

# Reference: https://elfdigest.com/brief/7f1e039b4b39e14fac20368b277b7bb8b0d7ecaab59c600eaf46a69b852780a9

193.233.188.108:55650

# Reference: https://elfdigest.com/brief/49114a2bba5ba804ae0c2b8be116a71171ed96677c7aded32008315d94cb9c04

193.151.180.75:55650

# Reference: https://elfdigest.com/brief/e8c518175239d95460e39389533427f519ffcb33706aa008a64bd86cfad1b3b1

141.98.6.212:3778

# Reference: https://elfdigest.com/brief/bc4e94490dfd7c436a5aa9069990ac880399c1e23f400523acdd7434c815ddcd

194.31.98.79:45526

# Reference: https://elfdigest.com/brief/593244fd831c169fc5ed73a2b7dee9d58c2c62a8185614becfb4f8940c12f9ed

193.233.177.66:1302

# Reference: https://elfdigest.com/brief/b48f097e426d1fe5f6538cddf28e0dd6effbff8c1c8624f05bfacdebebf40b42

205.185.124.91:7878

# Reference: https://elfdigest.com/brief/78505f858ff794773b9a01c00a76ed4f63c6e1b5851a0bafecec5d255e18ba0a

185.225.73.131:9506

# Reference: https://elfdigest.com/brief/9170a14353fa9d2def5a07baef747a649754e86cffdbae68ec0cf178d8e78926

51.81.8.45:500

# Reference: https://elfdigest.com/brief/c3a4d6d717b3d1c04106975afc320fc377050fe5d29e9f395171ab6a11642020

185.184.54.151:5683

# Reference: https://elfdigest.com/brief/98fa8467228da3a7fe065e3fa4c3874bd71f6a96934aad667632faf10e42c83a

81.161.229.7:9990

# Reference: https://elfdigest.com/brief/542b77fd9c5edd990309b2b5fe7b6495a5d8e19c44e03f3f0da5d2fe3f129fb6

193.233.177.66:8
 
# Reference: https://elfdigest.com/brief/662c2e9f218ffebed1396115742eafd4ed9a0a422a0da41f1220e8bcae488725
 
134.122.55.195:666

# Reference: https://elfdigest.com/brief/be2b74aa45d8ecb7ef7ff94ad67d89f516b957d46f8de22ad09b83ae006664a6

103.147.122.73:345

# Reference: https://www.virustotal.com/gui/file/164d60a82db3e9e1ba0e357cd83ee217bbc9a64c23a83134fc4782bc8668bef7/detection
# Reference: https://www.virustotal.com/gui/file/5e28bc93c69a710f93280e1a34884e5fef07278811d48dd673f4396e4f50d385/detection

2.58.149.116:9987
223.252.173.167:9987
43.249.192.101:9931
45.14.226.143:9987
62.197.136.36:9987
74.119.193.34:9987

# Reference: https://elfdigest.com/brief/625b4a7a52d3b8cc98ae67deed2d854be71f73a7f15a0c233d102b56252438b6

199.195.250.211:59666
zuurry.net
bot.zuurry.net

# Reference: https://elfdigest.com/brief/9e2389e5a42088798cef13589ce7b68dfb8a28c485ea11ee9f8ec86191c90211

45.124.84.253:9281

# Reference: https://elfdigest.com/brief/5612b8b5cecb4a36d33b775f5b357fd99d4e0573f4f6e158eb908133a7b53e73

163.123.143.56:9999

# Reference: https://elfdigest.com/brief/cc4170ec2f55f1ab29626880dae40080aed1bfe8712ca93a6a982a20d6fa2eac

45.124.84.253:9281

# Reference: https://elfdigest.com/brief/29e6865131d07cb4bdeb2833aaee3c0908f7ca87fcabe7ebccf35cf03ee6530c

193.233.177.57:8

# Reference: https://elfdigest.com/brief/0054134803c5c713ff10c253051ea036560ffa6729ae4a1398c9cdf5470cbc2f

163.123.143.81:8

# Reference: https://elfdigest.com/brief/8a7a819ec8be3d127303b8eef1f0b0c6b12ab505cf8531ed4eab4368c50e4ca5

104.149.162.190:863

# Reference: https://elfdigest.com/brief/e07255e424e8e4a9e073c953921bf3ee337385d2120bf4d84b8eceb8c5d428f2

204.76.203.84:420

# Reference: https://elfdigest.com/brief/10c482c737ba5f59cb67a410d1889b55a0b8c4914ebf4f675b10af6268b3da50

205.185.118.99:9506

# Reference: https://github.com/stamparm/maltrail/issues/19098
# Reference: https://app.any.run/tasks/83c3ef4f-3e3d-4e86-aec5-8dd72b679e8e/
# Reference: https://www.virustotal.com/gui/file/54d31c6f8392b39748d0d759edd6002a0660d4d7fa37241e7de225ee341c902f/detection
# Reference: https://www.virustotal.com/gui/file/84d6f2016d74585eabd8e3fd9e9504ec173a7b6590d4cecabfe650a8b76ff99a/detection

rischyo.cf
/db0fa4b8db0333367e9bda3ab68b8042.arc
/db0fa4b8db0333367e9bda3ab68b8042.arcle-hs38
/db0fa4b8db0333367e9bda3ab68b8042.arm
/db0fa4b8db0333367e9bda3ab68b8042.arm4
/db0fa4b8db0333367e9bda3ab68b8042.arm4l
/db0fa4b8db0333367e9bda3ab68b8042.arm4t
/db0fa4b8db0333367e9bda3ab68b8042.arm4tl
/db0fa4b8db0333367e9bda3ab68b8042.arm4tll
/db0fa4b8db0333367e9bda3ab68b8042.arm5
/db0fa4b8db0333367e9bda3ab68b8042.arm5l
/db0fa4b8db0333367e9bda3ab68b8042.arm5n
/db0fa4b8db0333367e9bda3ab68b8042.arm6
/db0fa4b8db0333367e9bda3ab68b8042.arm64
/db0fa4b8db0333367e9bda3ab68b8042.arm6l
/db0fa4b8db0333367e9bda3ab68b8042.arm7
/db0fa4b8db0333367e9bda3ab68b8042.arm7l
/db0fa4b8db0333367e9bda3ab68b8042.arm8
/db0fa4b8db0333367e9bda3ab68b8042.armv4
/db0fa4b8db0333367e9bda3ab68b8042.armv4l
/db0fa4b8db0333367e9bda3ab68b8042.armv5l
/db0fa4b8db0333367e9bda3ab68b8042.armv6
/db0fa4b8db0333367e9bda3ab68b8042.armv61
/db0fa4b8db0333367e9bda3ab68b8042.armv6l
/db0fa4b8db0333367e9bda3ab68b8042.armv7l
/db0fa4b8db0333367e9bda3ab68b8042.dbg
/db0fa4b8db0333367e9bda3ab68b8042.exploit
/db0fa4b8db0333367e9bda3ab68b8042.i4
/db0fa4b8db0333367e9bda3ab68b8042.i486
/db0fa4b8db0333367e9bda3ab68b8042.i586
/db0fa4b8db0333367e9bda3ab68b8042.i6
/db0fa4b8db0333367e9bda3ab68b8042.i686
/db0fa4b8db0333367e9bda3ab68b8042.kill
/db0fa4b8db0333367e9bda3ab68b8042.m68
/db0fa4b8db0333367e9bda3ab68b8042.m68k
/db0fa4b8db0333367e9bda3ab68b8042.mips
/db0fa4b8db0333367e9bda3ab68b8042.mips64
/db0fa4b8db0333367e9bda3ab68b8042.mipseb
/db0fa4b8db0333367e9bda3ab68b8042.mipsel
/db0fa4b8db0333367e9bda3ab68b8042.mpsl
/db0fa4b8db0333367e9bda3ab68b8042.pcc
/db0fa4b8db0333367e9bda3ab68b8042.powerpc
/db0fa4b8db0333367e9bda3ab68b8042.powerpc-440fp
/db0fa4b8db0333367e9bda3ab68b8042.powerppc
/db0fa4b8db0333367e9bda3ab68b8042.ppc
/db0fa4b8db0333367e9bda3ab68b8042.pp-c
/db0fa4b8db0333367e9bda3ab68b8042.ppc2
/db0fa4b8db0333367e9bda3ab68b8042.ppc440
/db0fa4b8db0333367e9bda3ab68b8042.ppc440fp
/db0fa4b8db0333367e9bda3ab68b8042.root
/db0fa4b8db0333367e9bda3ab68b8042.root32
/db0fa4b8db0333367e9bda3ab68b8042.sh
/db0fa4b8db0333367e9bda3ab68b8042.sh4
/db0fa4b8db0333367e9bda3ab68b8042.sparc
/db0fa4b8db0333367e9bda3ab68b8042.spc
/db0fa4b8db0333367e9bda3ab68b8042.ssh4
/db0fa4b8db0333367e9bda3ab68b8042.x32
/db0fa4b8db0333367e9bda3ab68b8042.x32_64
/db0fa4b8db0333367e9bda3ab68b8042.x64
/db0fa4b8db0333367e9bda3ab68b8042.x86
/db0fa4b8db0333367e9bda3ab68b8042.x86_32
/db0fa4b8db0333367e9bda3ab68b8042.x86_64

# Reference: https://github.com/stamparm/maltrail/issues/19099
# Reference: https://app.any.run/tasks/6deaf4bd-dbd0-43e9-87d7-55e17aece673/
# Reference: https://www.virustotal.com/gui/file/333b852c8fcc81adc3fcfddfdc867aa81b48de7bb0a2ce190cdd2a3e5ee4f0bc/detection

bydthkk.top
kk.bydthkk.top
qwugdsabbdsdeeeeb212c.bydthkk.top

# Reference: https://github.com/stamparm/maltrail/issues/19100
# Reference: https://app.any.run/tasks/2f499b8d-1393-407f-8b1b-61d3bf15670d/

networkmapping.xyz

# Reference: https://www.virustotal.com/gui/file/1faf06144218163ed53d00e79032b8ddb1e5a279e11be09fdaa26028b536b2fe/detection

poxiaokeji.top

# Reference: https://elfdigest.com/brief/e4b43f2361c91016240303ae2b0159e8f2b0fc9a00c7abd951e0c32875cc42db

194.59.40.91:3778

# Reference: https://github.com/stamparm/maltrail/issues/19101
# Reference: https://github.com/stamparm/maltrail/issues/19102
# Reference: https://app.any.run/tasks/8e7f3dc5-d005-4cc5-88c9-1b28bb4fa232/
# Reference: https://app.any.run/tasks/3c74909a-6830-4ae8-8113-faf43b0649df/

http://45.90.161.148
http://74.201.28.102
/home.arc
/home.arcle-hs38
/home.arm
/home.arm4
/home.arm4l
/home.arm4t
/home.arm4tl
/home.arm4tll
/home.arm5
/home.arm5l
/home.arm5n
/home.arm6
/home.arm64
/home.arm6l
/home.arm7
/home.arm7l
/home.arm8
/home.armv4
/home.armv4l
/home.armv5l
/home.armv6
/home.armv61
/home.armv6l
/home.armv7l
/home.dbg
/home.exploit
/home.i4
/home.i486
/home.i586
/home.i6
/home.i686
/home.kill
/home.m68
/home.m68k
/home.mips
/home.mips64
/home.mipseb
/home.mipsel
/home.mpsl
/home.pcc
/home.powerpc
/home.powerpc-440fp
/home.powerppc
/home.ppc
/home.pp-c
/home.ppc2
/home.ppc440
/home.ppc440fp
/home.root
/home.root32
/home.sh
/home.sh4
/home.sparc
/home.spc
/home.ssh4
/home.x32
/home.x32_64
/home.x64
/home.x86
/home.x86_32
/home.x86_64

# Reference: https://elfdigest.com/brief/154f4f0e240b81d701af9f6c60cd0edf1f409e51dc5a9aee298848cef1bc8913

163.123.143.56:3778

# Reference: https://github.com/stamparm/maltrail/issues/19103
# Reference: https://app.any.run/tasks/056d656a-f428-4acd-b8df-aae53e156559/

http://31.7.58.162

# Reference: https://elfdigest.com/brief/e5fc4e1bb576285d4e5054dd1582180666bc47aabd6fb564cd5bec6f2fa999bb

163.123.143.56:9902

# Reference: https://github.com/stamparm/maltrail/issues/19104
# Reference: https://app.any.run/tasks/e0f2cb88-1ea0-488d-bb91-2a5285ff2a4b/

http://205.185.118.99

# Reference: https://github.com/stamparm/maltrail/issues/19105
# Reference: https://app.any.run/tasks/684d4a66-b23b-4c7a-a316-f429f08f1d60/

http://23.234.200.42
/duck3k/

# Reference: https://elfdigest.com/brief/7bcdad91d7128750b0893c13a75db19143d2f41fdceee1cd4d59e2e0da68f402

23.234.200.42:3007

# Reference: https://elfdigest.com/brief/1a5a1eea963cf80977158fee356ca292c6466d072196f053b2a9cc728fc14318

208.67.106.115:3074

# Reference: https://elfdigest.com/brief/1ac2d69510087f4ce0ae0f95aa46f8bc59e9878019c7e2dc9ebef3a68981733e

3.69.60.58:58978

# Reference: https://elfdigest.com/brief/048dfa28a5a3df6ad30130241fddadeed98c4baa545673a9593d6acc91dde5e5

208.67.104.103:81

# Reference: https://www.virustotal.com/gui/ip-address/103.161.17.231/relations
# Reference: https://elfdigest.com/brief/61d3167d2ad2cf7a957f7903e98000ba6c9bf76654f5a7ca898416ce17965f3f

103.161.17.231:355
/og.arc
/og.arcle-hs38
/og.arm
/og.arm4
/og.arm4l
/og.arm4t
/og.arm4tl
/og.arm4tll
/og.arm5
/og.arm5l
/og.arm5n
/og.arm6
/og.arm64
/og.arm6l
/og.arm7
/og.arm7l
/og.arm8
/og.armv4
/og.armv4l
/og.armv5l
/og.armv6
/og.armv61
/og.armv6l
/og.armv7l
/og.dbg
/og.exploit
/og.i4
/og.i486
/og.i586
/og.i6
/og.i686
/og.kill
/og.m68
/og.m68k
/og.mips
/og.mips64
/og.mipseb
/og.mipsel
/og.mpsl
/og.pcc
/og.powerpc
/og.powerpc-440fp
/og.powerppc
/og.ppc
/og.pp-c
/og.ppc2
/og.ppc440
/og.ppc440fp
/og.root
/og.root32
/og.sh
/og.sh4
/og.sparc
/og.spc
/og.ssh4
/og.x32
/og.x32_64
/og.x64
/og.x86
/og.x86_32
/og.x86_64

# Reference: https://elfdigest.com/brief/eb01ab94d533b2d57ed396ef7a2e37a0daa96649d8ec6ab85e09ae1228411b5f

45.90.160.182:9990

# Reference: https://elfdigest.com/brief/54c3e85544355a4e4eb37b7e3865e3f358becd63e0c22bc0857c536e9e13cad0

141.94.16.50:1302

# Reference: https://www.virustotal.com/gui/ip-address/45.95.55.74/relations
# Reference: https://elfdigest.com/brief/15634acd22f186744862f12ebf4d7bc87df87ad82c0a8d87b71332c3389022cd

45.95.55.74:55650
titti.pics
cnc.titti.pics

# Reference: https://www.virustotal.com/gui/file/1a0902ab15d78c8b81f16669695d229a6ecf4c1cf191f14b9da9b896315d0a30/detection

212.192.241.125:8892
bigducks.cc
cnc.bigducks.cc

# Reference: https://elfdigest.com/brief/fda0a3d95017f2818f7f4a325be90164f77cbbc9723887bdda56c5f5aaa97f9b

103.161.17.233:420

# Reference: https://elfdigest.com/brief/8f2e2c46ab6bf1057b61927b36776db75cc200d314ad425528908c498c7b4866

37.187.87.141:1302

# Reference: https://elfdigest.com/brief/a8207a6f544b03ef9f0ff6ce446c7178f52cb094b41ed5606e926e6e2260fc01

45.90.162.66:3007

# Reference: https://elfdigest.com/brief/9510c179377e8589e4391867dd0cf52b560b00844e6f5ca5e7dcb1e987f95141

163.123.143.81:45

# Reference: https://elfdigest.com/brief/db6de3872e7797eff177495473878c6e8435d3b1a08f3edd56f7f1090cef7802

botnet.nsohunter.com

# Reference: https://elfdigest.com/brief/fae2c1d6579ec696650f2bbac9ed0ef4fec0cf34dd9b28151c4a7b2b7057d156

45.90.160.182:9999

# Reference: https://elfdigest.com/brief/8367c07edf41cd0cfeb723fad7aaede5d70fa28924fef469ca80ab4093381271

botnet.nsohunter.com

# Reference: https://elfdigest.com/brief/69e96fddc3f2ca5e77770fcbbcc4d7107c7bf8be0b98ffa8a871d90ee60023d7

208.67.106.145:55555

# Reference: https://elfdigest.com/brief/0eb220c690d0f2c93f86e17104b8cb6afc1030f53e4fcec5f49ec8b958a20d1e

107.182.129.208:1302

# Reference: https://elfdigest.com/brief/8068d5974f0ef1bc130c240801b2f340d3ddb0aafb979ab5475c432b32c3d993

77.73.132.142:3778

# Reference: https://elfdigest.com/brief/be66a4e573d961b43c3b397b2cdd2eb78a81825e69cc06b6b019074879ff427f

204.76.203.168:6281

# Reference: https://elfdigest.com/brief/b38f43065e7f8afc6d0f781e25d3bd1c9fba1a9832e6c7069d485a89081d741d

95.182.123.165:3778

# Reference: https://elfdigest.com/brief/065e08e329b003844b041677fd86c858c4cc717851e6362766b3b2c99b6d69d6

107.182.129.208:3778

# Reference: https://elfdigest.com/brief/765f54e7cc46421838528a076800579edc954517c3602e9c98c40ea7b2e25f8e

154.64.14.90:59666

# Reference: https://elfdigest.com/brief/054afd6437b2ed16f7d382c6ea2a14ee4f042f7eeca98c4b6c293d5b6164b8a9

138.197.9.111:81

# Reference: https://elfdigest.com/brief/fc38fcc1d70af23c097b7a08a633ba550162eb65bff4684d21ab48c978651827

134.119.1.149:3778

# Reference: https://elfdigest.com/brief/741f14e16f302aff4ffa2cd1c53dff95f6a4c73b5ad21249612ab049b49b0749

185.196.220.217:3778

# Reference: https://elfdigest.com/brief/fbcec9f36ed3f1216f324751bf0ca7fbdb3748d5338051388c1d45ebaf2fa338

77.73.133.2:3778

# Reference: https://www.virustotal.com/gui/file/0993ed51b4053c865c97141511c9995d374425ee88fd36bc332ba158ccf514b1/detection

http://185.225.73.196

# Reference: https://www.virustotal.com/gui/file/8e9f87bb25ff83e4ad970366bba47afb838028f7028ea3a7c73c4d08906ec102/detection

185.225.73.196:4345
185.225.73.196:443

# Reference: https://www.virustotal.com/gui/file/2fd28fb0f8bf3b5b769a7ff8f81b8ffd82d93f65c1f1d50f7d7b3d0cb908e96d/detection

185.225.73.196:4344

# Reference: https://www.virustotal.com/gui/file/0b683992b02de1fae6bb21504a825c8f5460969c2154dc706855ec726a262b1b/detection

2.58.149.116:9999

# Reference: https://www.virustotal.com/gui/file/2ce5f6147e12fade80dd75c15e1ef979845c5d66056b0c02e34465b7f9dbada7/detection

107.182.129.226:65399

# Reference: https://elfdigest.com/brief/d300b7582078f164715401b3c116f3c34e0df81a62ea06e717e34ed31244372f

204.76.203.168:55650
fewbots.lol
cnc.fewbots.lol

# Reference: https://elfdigest.com/brief/217e7fbfabd7e92819ebe4ad041de952754ab4ee683320620fb09c8fde4056b2

213.142.151.173:9506

# Reference: https://elfdigest.com/brief/8c3b87b145fdcc63eee110b3e67c046d0ad0a2eadf9ef64e4a839149977c19f3

163.123.143.81:839

# Reference: https://elfdigest.com/brief/d9fc1ad9af297ff9f0fabf2227f8060b0eb069bb4fe430723ab06af3b981b9db

163.123.143.71:34241

# Reference: https://elfdigest.com/brief/83e735a3d1212609e0f904451474df580eae89605180fe410acea908c01a9252

5.255.100.78:9999

# Reference: https://elfdigest.com/brief/62f55e6aed221dea3af5200ba33efaaa1f3c7c48a09cde32c3aeec87a1bfe32e

45.67.34.67:81

# Reference: https://www.virustotal.com/gui/file/7b95c4ac774a493feccd8c038c2c44efad537f82541ae2524088899d5a289c70/detection
# Reference: https://www.virustotal.com/gui/file/7cdba32005ffcfadad9b963bcb445e04a6938b1fa33c842defce35c7c7cba5e8/detection

156.96.151.226:7854

# Reference: https://elfdigest.com/brief/f0393e7e789e320e6bb49dd2cf3812a6d2d7fa5053c82fc633d42b43487d24ae

179.43.156.139:9331
sexycowcoerweosuck.cc
bots.sexycowcoerweosuck.cc

# Reference: https://elfdigest.com/brief/814a939fcf6d8b98d31adbabbe24a157d42838ceaf35bf775d9c4ef4fb9b4cff

45.148.122.227:3778

# Reference: https://elfdigest.com/brief/663d10a4f37a043f743fe41848ecb0324e34efa851dde2342c7c5bf0fb734836

77.73.131.122:34241

# Reference: https://elfdigest.com/brief/3c33ab1325e1b2a27ed83bf665e4782f2cc883bab13c9bb8cd3e6fa9de60e78c

45.67.34.67:3778

# Reference: https://elfdigest.com/brief/c5334574536d54255baecfc480db0b6f0912fe4753e82e0fb8144efa52c37496

198.58.123.77:151

# Reference: https://elfdigest.com/brief/f50eb10f86afb4d33fb98dde7fdc2576d5a105b59280cc1e998cb8d5f3f45b6e

109.206.241.211:5683

# Reference: https://elfdigest.com/brief/4636a2ed185e746a901b730778af3a05a38383e5e557a94dbaf2dbe07540f036

46.249.32.102:28232
l33.lol
cnc.l33.lol

# Reference: https://elfdigest.com/brief/36d79634ee6e296792ec1d14a751e352ee9260ff07d219fbb0cfe66eb358796a

208.67.105.199:3007
condiboatnetx.org
cnc.condiboatnetx.org

# Reference: https://elfdigest.com/brief/801a801cad3b315d09ab13d9b5f071a284e48a1a43c46fc6f375f01b5d6d857e

208.67.104.63:3778

# Reference: https://elfdigest.com/brief/28f5807812b9887589a79c1b034a3ee49ada09515fa95bedc8dfadd342df49c4

208.67.104.67:671

# Reference: https://twitter.com/tosscoinwitcher/status/1556702087164993536

/mrrow.arc
/mrrow.arcle-hs38
/mrrow.arm
/mrrow.arm4
/mrrow.arm4l
/mrrow.arm4t
/mrrow.arm4tl
/mrrow.arm4tll
/mrrow.arm5
/mrrow.arm5l
/mrrow.arm5n
/mrrow.arm6
/mrrow.arm64
/mrrow.arm6l
/mrrow.arm7
/mrrow.arm7l
/mrrow.arm8
/mrrow.armv4
/mrrow.armv4l
/mrrow.armv5l
/mrrow.armv6
/mrrow.armv61
/mrrow.armv6l
/mrrow.armv7l
/mrrow.dbg
/mrrow.exploit
/mrrow.i4
/mrrow.i486
/mrrow.i586
/mrrow.i6
/mrrow.i686
/mrrow.kill
/mrrow.m68
/mrrow.m68k
/mrrow.mips
/mrrow.mips64
/mrrow.mipseb
/mrrow.mipsel
/mrrow.mpsl
/mrrow.pcc
/mrrow.powerpc
/mrrow.powerpc-440fp
/mrrow.powerppc
/mrrow.ppc
/mrrow.pp-c
/mrrow.ppc2
/mrrow.ppc440
/mrrow.ppc440fp
/mrrow.root
/mrrow.root32
/mrrow.sh
/mrrow.sh4
/mrrow.sparc
/mrrow.spc
/mrrow.ssh4
/mrrow.x32
/mrrow.x32_64
/mrrow.x64
/mrrow.x86
/mrrow.x86_32
/mrrow.x86_64

# Reference: https://elfdigest.com/brief/ab54f6a91df8ecf50095e074a29186a71362d600c6bd25e6353c02b9be4a2ffe

109.206.241.200:29448

# Reference: https://elfdigest.com/brief/f8df7dc96dfb879da90fb1a240a0baf99f6892514a0f7e7f78e44d26f99838ed

163.123.142.131:8

# Reference: https://elfdigest.com/brief/e68f58e09f39ec1c8b2f2bf4b90f626b0b0d4906194f37a37a677f3a3c4f3434

208.67.106.33:1312

# Reference: https://elfdigest.com/brief/375b4a7f173b75d47ff6c6cd11640a4d037885b501584ef58a4c69fcfe73f8ee

163.123.142.131:2092

# Reference: https://elfdigest.com/brief/8b4561c89c880a6d2283f230741ebff156347bffcc4635da41fce0c66fe89926

208.67.106.206:3778

# Reference: https://twitter.com/tosscoinwitcher/status/1557443326873219072
# Reference: https://twitter.com/tosscoinwitcher/status/1557448597813092352
# Reference: https://www.virustotal.com/gui/file/393f8b3da8c5abb2d001be30cc2ceb2cc508ca17ed3a218b5cd9baa8c0b6bb48/detection

http://168.138.128.171
35.192.203.60:4662
/lol/smtpserver

# Reference: https://github.com/stamparm/maltrail/issues/19108
# Reference: https://app.any.run/tasks/d1746ab3-2a26-451e-bad2-4487f752521c/
# Reference: https://www.virustotal.com/gui/file/859cccde2212557e4f871f95b6a94ceb1ac4df41b581930682a570a039402aa0/detection

http://159.223.13.188
73test.castlemc.pl

# Reference: https://elfdigest.com/brief/4a4de299b21c2e8cea79bbd53fe4a5e0a3154d071645cfc5803e33a9ff2b0b19

45.135.118.238:7978

# Reference: https://elfdigest.com/brief/eb55eaded5e5dea47652f6f103c691b4b5705bd707124757858fca51ded2e59f

77.73.131.122:81

# Reference: https://elfdigest.com/brief/d4bd84046acb7cf462c258e296eb9818ff8342ea69d37f04805d4b7e0d4888f2

95.214.53.214:55579

# Reference: https://elfdigest.com/brief/565766d7e6361c040d717dc70261cdf085e507ae5d2632fe8548694159ce1123

143.198.155.142:42516

# Reference: https://elfdigest.com/brief/6e8d36faf6cd93f1eb37c3db8249c3b6e9886e3f336b4cc47d5e747a1f70dcaf

208.67.107.247:3778

# Reference: https://elfdigest.com/brief/e75eb6cdf02631dc1ae26615c6d6f5e9d0ad0dabd10da6a3993445fbbb766051

103.161.17.239:425

# Reference: https://elfdigest.com/brief/06de21e2f6188a8a65f35ffb8d9df73a1e3d23c144e5b765232b57f9f4cdee9e

137.184.84.112:839

# Reference: https://elfdigest.com/brief/7838fb10c45e8479ba9e792d8d8a6734a3672c6d1a27f8331cdef2674e7d2645

owo.rest

# Reference: https://elfdigest.com/brief/890cf0c4a2858c07533e19bb9b75bbc043f86c4d6953d73024afbf8454af0a5a

208.67.104.94:671

# Reference: https://elfdigest.com/brief/01c5a7f10c73ea59548e2c6b9f826af956891312870715c361307c531f5476e6

79.110.62.223:11337

# Reference: https://elfdigest.com/brief/a05437150a1e3a47e5ea1659dc8361e5ad6ef727bd14ffd4f6427ca7a0ada88e

107.189.11.231:65525

# Reference: https://elfdigest.com/brief/109080c5f53ad208814f4079d3c78e40d46d80e2d7850a42af058672483f57a0

205.185.115.101:42516

# Reference: https://elfdigest.com/brief/d58867a920541ba587ab4f88fb2cb3d576a22ae305a803f80b5a134b78044405

20.226.5.153:89

# Reference: https://elfdigest.com/brief/10d3329025d57e6b55a10544cddb128569935b95bdb6e519bab76701d8d2b443

141.98.6.110:56999

# Reference: https://elfdigest.com/brief/1d9f2f479fcbb59d8e1973d1084a306a7bf6796a8136f2d9c05476578e5f77d7

107.182.129.240:5034

# Reference: https://elfdigest.com/brief/95685ce485e3e87f4cc24923a9407c061012c195b6f2c8d9340d1756405a12da

77.222.54.12:3778

# Reference: https://elfdigest.com/brief/357637f4c140e8428c4539d7c6187a1bc98a1d964cd68198f09751ab875013d1

45.124.84.194:606

# Reference: https://elfdigest.com/brief/eb36977a754bc5a89c6fae65c1053b52f6ed9795f345b5015ed884bd7364fdda

77.73.131.122:81

# Reference: https://elfdigest.com/brief/3442cbe82329ad04eff42832ae9ef3431654d90b2ba7c955b592861d2ae5d01b

109.206.241.219:1312

# Reference: https://elfdigest.com/brief/a8448217f3b990048bc796f49e65543828ac3df87731fb49600e5244fd302be9

138.197.142.116:55650
goodpackets.cc
cnc.goodpackets.cc

# Reference: https://elfdigest.com/brief/15b6b5499fdc0a336f332b9db70f1ead3a12eb068d1ff4cc4fe120e8868ba8d5

179.43.175.97:55650

# Reference: https://elfdigest.com/brief/c04d687f37be72766a08f03a0c2b751b5f444688201cf47d7ffb18ce1df31852

141.98.6.211:6666

# Reference: https://www.virustotal.com/gui/file/4ac6b5af8637cd4e75230d6cfb9b2ef12c8254d8f122055dc835e47608730baa/detection

185.101.105.117:666

# Reference: https://www.virustotal.com/gui/file/73c47ea66f4045d78b945118dee14ee5d83621e549c7bbf9b77c6f20c8a5a4b1/detection

185.101.105.117:839

# Reference: https://www.virustotal.com/gui/file/5023ffb697b41cac7e3ef20da7d84ce6faa950db47acd8bf5ea1fe48f7b74534/detection

185.101.105.117:23

# Reference: https://www.virustotal.com/gui/file/4833991b5726472359a0a5cad06e254d8e51c2c19546e20d24d06c82ed9ea727/detection

185.101.105.117:441

# Reference: https://www.virustotal.com/gui/file/02444bc626c91f1e23961e2ecfa391f4afc18fdcd2035ff5f073f028d3d76ad9/detection

185.101.105.117:576

# Reference: https://www.virustotal.com/gui/file/8e95a386c0110e01de8ce748a278424f14be2e00816270f55e708bf7a5b63f4d/detection

http://185.101.105.117

# Reference: https://www.virustotal.com/gui/file/a0cd94590d546e333bbc7ed49c456d09a417af5cf568ccfee2caf26c2f1edcef/detection

185.101.105.117:5558

# Reference: https://elfdigest.com/brief/cb1519fd4ed2bb7aee1610ec4b3b23e9d8cc8b1f500616db19143562d5d9a771

104.248.232.242:747

# Reference: https://elfdigest.com/brief/29c6a22af3c3418dd4dfd22391595c53678babdeb2151e678db4e60d99a7438d

209.141.58.134:55650

# Reference: https://elfdigest.com/brief/904c3b5f1087bd11e7eddeee262ff7aae786ab522b0f942251fe84c474593ee3

92.119.159.102:38241

# Reference: https://elfdigest.com/brief/80badb913fd9b4b1b6f6bd586b046f94bb0ba57cc41230693ae89c8ad04937a7

68.183.117.138:747

# Reference: https://elfdigest.com/brief/fd1dcf0e58e81ab6370f5e67d92f2e649c9646f6d3eec86cbb63a002023baf3f

109.206.241.211:2153
femboy.store
cutie.femboy.store

# Reference: https://elfdigest.com/brief/71fbbd8119ae59de36f9502e2d148ebf7d9dceaad5282aaec0446b0cea938ab3

50.115.170.112:12

# Reference: https://elfdigest.com/brief/2f39f3b2c1953ed820fd5cd039e2b533486e4a37fd9f7fab26fa488698d7db8f

107.182.129.239:9506

# Reference: https://elfdigest.com/brief/c2d998dc662fb820041d4ca25920ad71e74c5eabb5df23bcbd0555d77b91a39e

185.233.185.135:30149

# Reference: https://elfdigest.com/brief/5f93429280a7554d2280b670e8a9d78748280c1059a786b781a62e391574b71a

50.115.170.112:31337

# Reference: https://elfdigest.com/brief/ef7871aef5af58bcc7e9e0312d4380fbc6ced91418297a3e9a523f1d21f159c2

20.25.153.134:89

# Reference: https://elfdigest.com/brief/9509f042eb0060b3c0d4228278424dbc5f27242ef98d1963226511f6ec43c19f

77.222.52.77:3778

# Reference: https://www.virustotal.com/gui/ip-address/37.139.129.11/relations
# Reference: https://elfdigest.com/brief/bf0880d0b1f2f85a2ad1ec96b56fef306ecc488c559877fea1e8938ecfff79bd

204.76.203.181:38241
dosbot.in
dosbot.re

# Reference: https://elfdigest.com/brief/8b8129509ce25b214e8ed6ce4bf53584f469a023aa2bbc6499975e934b4d57ee

185.150.18.56:3778

# Reference: https://elfdigest.com/brief/af9daeaa519a9ded9acaa95a286de4f3f18dd8c2a3de19e4ce8bae8e7921c654

163.123.142.131:4258

# Reference: https://elfdigest.com/brief/7882ad5d5f09ca935d20aaa8893a10579b9da0cb88e18b0c1a0d14ff25cc8a38

37.44.238.187:1337

# Reference: https://elfdigest.com/brief/b9ec264b79f09572a37b77dcb9d2837b5765e503d12e4a4129ea341f13e1d4c8

163.123.142.131:9375

# Reference: https://elfdigest.com/brief/d383185fca3dadf1e175df39b5ba77dea290c364c425a3ec9c4582f38cf9a59a

185.44.81.114:8888

# Reference: https://elfdigest.com/brief/94874632de6669fbce37d58158b1761974231da554adf6053dd9dfb9c117b0aa

167.71.205.157:1312

# Reference: https://elfdigest.com/brief/be058cb1c446ff032869170e9ac6370a5a821982b5414b67bd9d20afabc44305

209.141.57.40:5034

# Reference: https://elfdigest.com/brief/b6e428c8d34490b1a8bed3e796668edcaf93e802f41a8626bff3e23532562f00

192.241.132.183:1312

# Reference: https://elfdigest.com/brief/257a519b7b5ed9ba4aacf7c37528462ce727a4582c8ac8379d31420c929b5291

107.182.129.149:59666
whitesecurity.xyz

# Reference: https://elfdigest.com/brief/67e6d996ee313de3cb597c2480135bfbf21a953d7fb59820f148eeafe6004052

141.98.6.211:38241
hangniggers.com
thereisdefnotabotnetonthisshit.hangniggers.com

# Reference: https://elfdigest.com/brief/0dd5eaf0a6fa2741e8210eafaa6a5f06067d23359a5c537fcd75a654cb4b209a

146.19.207.61:3778

# Reference: https://elfdigest.com/brief/4cae31c5f6c7950d776bd2a75a2bccffe7d4c1698697d539870b196138a8e73c

45.95.169.31:8985

# Reference: https://elfdigest.com/brief/f11e6960ee5f8d498b146b09c04faeda631b86f434318fc450fe509b68ec3f2d

109.206.241.200:671

# Reference: https://elfdigest.com/brief/cfed686e47af11caaba58b4cb7799bec3fb4947367cecfa2eb5334b3849642ec

67.205.186.66:3778

# Reference: https://elfdigest.com/brief/a789b3997947ac1073eed61e116b5c031560ae43fbc060bf44b6d5774e5d0a7e

45.14.224.231:38241

# Reference: https://elfdigest.com/brief/1ba6e50c511aa565cb2897e02032d99b7c4503aeeb3e51cb3876b3ff6001173b

45.61.188.118:425

# Reference: https://elfdigest.com/brief/0946483101faec4e737da26abd8a9b6e3d7c2089d8c9c5a667698dba8977499f

163.123.143.129:1991

# Reference: https://elfdigest.com/brief/48f51b71642abcd609c3186ff6c01d127a90241be0860363322b62c6fe05b4b3

77.222.52.220:3778

# Reference: https://elfdigest.com/brief/00b4d404ed906ba2b1dde958df7371338e74dde6209591d1121a7805e34aeeab

163.123.142.131:1302

# Reference: https://elfdigest.com/brief/2ec216eb1eee1604b956f870b0b017bfddb063bb6197cbc65fb8cd48e399d262

45.140.188.40:12345

# Reference: https://www.virustotal.com/gui/ip-address/45.90.161.35/relations
# Reference: https://elfdigest.com/brief/8354fcfb220a0f48711e7d057874d7745ce5e019ce1d716e4e9edc38e3e16957

208.87.133.77:54321
raw.condinet.cf
report.condinet.cf

# Reference: https://elfdigest.com/brief/4cb64e45ea55c45acd7664335d5eee4800e9e9176bdccff62b451c646bf0c136

45.143.223.146:9506

# Reference: https://elfdigest.com/brief/85a542a9af5b7d9efbd14ffa7ccf8236ee183d59252c75497b89f6f3afd210d4

209.141.40.234:5400

# Reference: https://elfdigest.com/brief/b93a9a48689bcc07dfac0dfbdc6d67c79cf22edba4791a8cf863a1d040c995f9

163.123.143.129:8991

# Reference: https://elfdigest.com/brief/5646bdfc4bb62d7e566ad285eb679ddfffde160a21efe8e4abae4ab3fec95cd9

5.181.80.130:2113

# Reference: https://elfdigest.com/brief/6c18af452cae602f6b3012878312ed8b90571b7cfc3990b09c490647c65a2a62

109.206.241.200:45

# Reference: https://elfdigest.com/brief/879e9bd9ab74b8696957b75855c3dcf2a604455856038889ca634fb305246c4d

193.189.101.100:38241
designed-for-humans.net

# Reference: https://elfdigest.com/brief/bda4576647d5dbbeb18d83ec151c510043aedc9f9b4e3b81a0c73555eecfdde4

178.211.139.135:65420

# Reference: https://elfdigest.com/brief/7cae52616abdfa8b6e809c1b24058cbe112ce2ce33fe4d7070006e98fa2a5593

163.123.142.131:3778

# Reference: https://elfdigest.com/brief/99deb5372d8695ba16e79160c647feab24fdd2b810466a0da74ebfe64e38d464

79.110.62.114:8991

# Reference: https://www.virustotal.com/gui/ip-address/51.81.255.132/relations
# Reference: https://elfdigest.com/brief/45237455447434dffa73342b7ad10ce968f5b688882a9d5315d03af158f4ff7b
# Reference: https://www.virustotal.com/gui/file/0b76aa056ba53fe9a19d338124a149102dbcbe252dcc567513d195a0f3657f01/detection

51.81.255.132:55650
5v5hack.top
xmbot.ink
xmidc.shop

# Reference: https://www.virustotal.com/gui/file/328b3bd3de0d18dd55436bbb921e933a4cb53a78d348eb465739ff2a049e3f2d/detection

icealeximino.live
telnet.icealeximino.live

# Reference: https://elfdigest.com/brief/6cea3a6bfc3ebd770e0c353e227fcfd5c87871d1ecc9486caeb8739878871f5b

185.112.83.86:81

# Reference: https://elfdigest.com/brief/80415d67fa20f3b053a155da702e8b934e83dbaaf6119e06fa5f6cd1e66b0b20

199.195.249.90:909

# Reference: https://www.virustotal.com/gui/ip-address/157.119.103.19/relations
# Reference: https://elfdigest.com/brief/60766701b615f436da25214562974dff6b4167fdb444887a7d7f032a92c965fc

104.208.78.101:27000
yinweiaiqian.top
zhuangyexiazai.top

# Reference: https://twitter.com/tosscoinwitcher/status/1565042798243418112
# Reference: https://www.virustotal.com/gui/ip-address/45.95.55.225/detection

http://45.95.55.225

# Reference: https://elfdigest.com/brief/ba4fbf605172021fb4e40ca60457e2e1c44372d614b29d141e46204408ce56f8

46.23.109.40:55579

# Reference: https://elfdigest.com/brief/c3355b397ac3359330e888d80da5e7746a73d7924af0f994c0b61d242ce6bc0c

164.92.145.205:4662

# Reference: https://elfdigest.com/brief/f07b7c01fe03a4426c5ffca21c1c897f5defa3c4064077577be02c187dcf892c

141.98.6.110:54321
bowlan.cf
hungbn.bowlan.cf
/supercat.arc
/supercat.arcle-hs38
/supercat.arm
/supercat.arm4
/supercat.arm4l
/supercat.arm4t
/supercat.arm4tl
/supercat.arm4tll
/supercat.arm5
/supercat.arm5l
/supercat.arm5n
/supercat.arm6
/supercat.arm64
/supercat.arm6l
/supercat.arm7
/supercat.arm7l
/supercat.arm8
/supercat.armv4
/supercat.armv4l
/supercat.armv5l
/supercat.armv6
/supercat.armv61
/supercat.armv6l
/supercat.armv7l
/supercat.dbg
/supercat.exploit
/supercat.i4
/supercat.i486
/supercat.i586
/supercat.i6
/supercat.i686
/supercat.kill
/supercat.m68
/supercat.m68k
/supercat.mips
/supercat.mips64
/supercat.mipseb
/supercat.mipsel
/supercat.mpsl
/supercat.pcc
/supercat.powerpc
/supercat.powerpc-440fp
/supercat.powerppc
/supercat.ppc
/supercat.pp-c
/supercat.ppc2
/supercat.ppc440
/supercat.ppc440fp
/supercat.root
/supercat.root32
/supercat.sh
/supercat.sh4
/supercat.sparc
/supercat.spc
/supercat.ssh4
/supercat.x32
/supercat.x32_64
/supercat.x64
/supercat.x86
/supercat.x86_32
/supercat.x86_64

# Reference: https://elfdigest.com/brief/d9739695b8dfef8d8fe455a3af8d0495cff5a20a8e1bbb52a44f0231265b7e36

79.110.62.20:671

# Reference: https://elfdigest.com/brief/36f924989bf3c22630c857b3b8ad1ef728e79f7d475cd0fd8aa2cfdc5c04760b

107.182.129.239:671

# Reference: https://elfdigest.com/brief/94a851f9ccea11e82077fbabfddc7fcd431393c49f46ffc5dadfab5e4b710c70

77.222.42.157:3778

# Reference: https://elfdigest.com/brief/ca514b3c848f0209b9599e07a9afcd23075c9c3a90571953daea63124dcad254

199.195.249.225:1312

# Reference: https://elfdigest.com/brief/7bc97f1eb168254bdac590d643f0d3c058eb209c0ae575a58daa830d5e49d0cf

158.101.11.17:4662
/steamamd64.elf

# Reference: https://elfdigest.com/brief/2fc08ab0a9d92a8d57257d3a786065489aa6aa148cae66886fe289abc5dfdfbc

205.185.124.162:1024
goatnet.cf

# Reference: https://elfdigest.com/brief/2bf425fcc34a704284ad3924bba5b330eab5a454d9782f00e95d03f630f704ed

43.155.77.24:9931

# Reference: https://elfdigest.com/brief/a6da5833ea3449f1dd7240b681793354c09bf37bbd4087f1201eed5319d4ea48

45.95.55.54:6969

# Reference: https://elfdigest.com/brief/a9695d0b5055d15ccc2c3b2f9349418265cd47502fcce0ac8f9d2436bbe0d0f5

139.162.14.145:9999

# Reference: https://elfdigest.com/brief/407ab93722ad15b465d9789ff04a8f0fc6035762a89385bbd27647e82995b263

195.178.120.115:56999
tamkjll.com
nsotool.tamkjll.com

# Reference: https://elfdigest.com/brief/5c910683a0ec05d92047533f4e9472bcaefdbce09d7084c379e22ff46f45209d

43.155.77.24:3778

# Reference: https://elfdigest.com/brief/bcc87c72f074c77c034e4c3857e8ddba7aa5841593cb1d7dbd8358d43836598f

176.123.7.4:60141
8xl9.com
comeanalyze.8xl9.com
/deathtrump.arc
/deathtrump.arcle-hs38
/deathtrump.arm
/deathtrump.arm4
/deathtrump.arm4l
/deathtrump.arm4t
/deathtrump.arm4tl
/deathtrump.arm4tll
/deathtrump.arm5
/deathtrump.arm5l
/deathtrump.arm5n
/deathtrump.arm6
/deathtrump.arm64
/deathtrump.arm6l
/deathtrump.arm7
/deathtrump.arm7l
/deathtrump.arm8
/deathtrump.armv4
/deathtrump.armv4l
/deathtrump.armv5l
/deathtrump.armv6
/deathtrump.armv61
/deathtrump.armv6l
/deathtrump.armv7l
/deathtrump.dbg
/deathtrump.exploit
/deathtrump.i4
/deathtrump.i486
/deathtrump.i586
/deathtrump.i6
/deathtrump.i686
/deathtrump.kill
/deathtrump.m68
/deathtrump.m68k
/deathtrump.mips
/deathtrump.mips64
/deathtrump.mipseb
/deathtrump.mipsel
/deathtrump.mpsl
/deathtrump.pcc
/deathtrump.powerpc
/deathtrump.powerpc-440fp
/deathtrump.powerppc
/deathtrump.ppc
/deathtrump.pp-c
/deathtrump.ppc2
/deathtrump.ppc440
/deathtrump.ppc440fp
/deathtrump.root
/deathtrump.root32
/deathtrump.sh
/deathtrump.sh4
/deathtrump.sparc
/deathtrump.spc
/deathtrump.ssh4
/deathtrump.x32
/deathtrump.x32_64
/deathtrump.x64
/deathtrump.x86
/deathtrump.x86_32
/deathtrump.x86_64

# Reference: https://elfdigest.com/brief/0b8359373be7df1470764abc23e91338ddb6f2f96396869e3c6e0da309f28b88

124.156.2.226:42516

# Reference: https://elfdigest.com/brief/e7c8cb2782dbedbc945390f4959a45ae255d689757ef81d3f83478b7406405bc

193.233.203.128:31337

# Reference: https://elfdigest.com/brief/8995fc456536f30477d38ba99b54d2f0edc0ce50e84e2aea038532be40ec8c4f
# Reference: https://elfdigest.com/brief/e0fefc3b50ee21d002933ffe4d6c6eb5832613462a305a930aa7f25441a3dc30
# Reference: https://www.virustotal.com/gui/file/423aded3b8ec99a9bbd7f7b8c3f32e7ee94d1a1c41109fb26434d90b1b56a478/detection

103.107.8.250:59999
185.216.71.192:59999
psscc.cn
botnet.psscc.cn
botnet2.psscc.cn
botnet3.psscc.cn

# Reference: https://elfdigest.com/brief/3ce1677c6f6e14e96961314618a7db4df33ddbc58512f9411c60a4fd1afefe49

198.98.51.203:3778

# Reference: https://elfdigest.com/brief/538d32bcf861370ce19ba70133ce4109e08dc3405ec590ee8cdf0c302984e0f4

208.67.106.145:38241
cyberproperty.us
cnc.cyberproperty.us

# Reference: https://twitter.com/1ZRR4H/status/1567222528027795460

/All.arc
/All.arcle-hs38
/All.arm
/All.arm4
/All.arm4l
/All.arm4t
/All.arm4tl
/All.arm4tll
/All.arm5
/All.arm5l
/All.arm5n
/All.arm6
/All.arm64
/All.arm6l
/All.arm7
/All.arm7l
/All.arm8
/All.armv4
/All.armv4l
/All.armv5l
/All.armv6
/All.armv61
/All.armv6l
/All.armv7l
/All.dbg
/All.exploit
/All.i4
/All.i486
/All.i586
/All.i6
/All.i686
/All.kill
/All.m68
/All.m68k
/All.mips
/All.mips64
/All.mipseb
/All.mipsel
/All.mpsl
/All.pcc
/All.powerpc
/All.powerpc-440fp
/All.powerppc
/All.ppc
/All.pp-c
/All.ppc2
/All.ppc440
/All.ppc440fp
/All.root
/All.root32
/All.sh
/All.sh4
/All.sparc
/All.spc
/All.ssh4
/All.x32
/All.x32_64
/All.x64
/All.x86
/All.x86_32
/All.x86_64

# Reference: https://www.virustotal.com/gui/domain/564sfacnc.duckdns.org/relations
# Reference: https://elfdigest.com/brief/d2a9bd928a209b7c2dadb42b187d35912bd9ffc79aaf4392261efd16e66a2d0b

179.43.140.150:39752
564sfacnc.duckdns.org
/getReadycuzImHere.arc
/getReadycuzImHere.arcle-hs38
/getReadycuzImHere.arm
/getReadycuzImHere.arm4
/getReadycuzImHere.arm4l
/getReadycuzImHere.arm4t
/getReadycuzImHere.arm4tl
/getReadycuzImHere.arm4tll
/getReadycuzImHere.arm5
/getReadycuzImHere.arm5l
/getReadycuzImHere.arm5n
/getReadycuzImHere.arm6
/getReadycuzImHere.arm64
/getReadycuzImHere.arm6l
/getReadycuzImHere.arm7
/getReadycuzImHere.arm7l
/getReadycuzImHere.arm8
/getReadycuzImHere.armv4
/getReadycuzImHere.armv4l
/getReadycuzImHere.armv5l
/getReadycuzImHere.armv6
/getReadycuzImHere.armv61
/getReadycuzImHere.armv6l
/getReadycuzImHere.armv7l
/getReadycuzImHere.dbg
/getReadycuzImHere.exploit
/getReadycuzImHere.i4
/getReadycuzImHere.i486
/getReadycuzImHere.i586
/getReadycuzImHere.i6
/getReadycuzImHere.i686
/getReadycuzImHere.kill
/getReadycuzImHere.m68
/getReadycuzImHere.m68k
/getReadycuzImHere.mips
/getReadycuzImHere.mips64
/getReadycuzImHere.mipseb
/getReadycuzImHere.mipsel
/getReadycuzImHere.mpsl
/getReadycuzImHere.pcc
/getReadycuzImHere.powerpc
/getReadycuzImHere.powerpc-440fp
/getReadycuzImHere.powerppc
/getReadycuzImHere.ppc
/getReadycuzImHere.pp-c
/getReadycuzImHere.ppc2
/getReadycuzImHere.ppc440
/getReadycuzImHere.ppc440fp
/getReadycuzImHere.root
/getReadycuzImHere.root32
/getReadycuzImHere.sh
/getReadycuzImHere.sh4
/getReadycuzImHere.sparc
/getReadycuzImHere.spc
/getReadycuzImHere.ssh4
/getReadycuzImHere.x32
/getReadycuzImHere.x32_64
/getReadycuzImHere.x64
/getReadycuzImHere.x86
/getReadycuzImHere.x86_32
/getReadycuzImHere.x86_64

# Reference: https://elfdigest.com/brief/086a24732e9cf654bc5e06579649d67127e8a195893426284aeefbfcf811dd45

198.98.51.203:11064

# Reference: https://twitter.com/CujoaiLabs/status/1567544113544761346
# Reference: https://www.virustotal.com/gui/file/e623dba37282b20601f69503bf3c3b782d0a18f516a012dd8b3d5259ef1e65e5/detection

ic3.agency

# Reference: https://elfdigest.com/brief/df823e1161a46e09d49023f232b3967144091fa324ec6764b873161ed7decd81

205.185.113.157:60195
salanes.com

# Reference: https://elfdigest.com/brief/024ec8a5025c9eff68c174d181a603577b8da669732df8675872dc7ca809ddc1

185.112.83.86:3778

# Reference: https://elfdigest.com/brief/a51ac88920838035e758b9c20912867c51f78e76bc27fb6bf57128eb7ada54f8

167.99.218.114:9100

# Reference: https://elfdigest.com/brief/47535e6161b5151382286a22bf585e67b158ee3dfbbd969d63899d17706e3845

79.110.62.168:3778

# Reference: https://elfdigest.com/brief/a0ce449cce82a700460ab40bc04753110b5dcbb8a6c8f136b1a0028dcdafe6b7

89.208.106.36:9931

# Reference: https://elfdigest.com/brief/3b7d35f818f2fc0465f31141e1abe7aef8ca59738ffe313b28778cda3bef58e4

81.161.229.46:59999

# Reference: https://elfdigest.com/brief/7c8c5d522cb7f3a93a45dc55f0a99ad1a2d453c10f3a36f150c82b30ff52aa0a

195.178.120.115:3007
cattostresser.com
cnc.cattostresser.com

# Reference: https://elfdigest.com/brief/8c222d2b5bb7aed3fe75b809df2e3d43ee08abb79dd41c1b87a4be40cfc7261c

104.244.79.11:8

# Reference: https://elfdigest.com/brief/19b518db2b8e612f6b5f20e247aed3d431133b385d9f627e1b78b0f7afac5149

52.231.30.204:59666

# Reference: https://elfdigest.com/brief/beb3fe367bc724e65cdf6f27719cc421a3f327d0c98e5ac32cec0b245d9be173

185.216.71.116:24995

# Reference: https://elfdigest.com/brief/80f7762cb9a084a4283eff37a8fabd7e8cfdc6cacb3522e5234976a6d681061e

104.244.79.11:3778

# Reference: https://elfdigest.com/brief/9c3317f1815e6fce7cb0df0463bc22a4b0c7748e152236dc8df4fb2c89195302

79.137.197.54:3778

# Reference: https://elfdigest.com/brief/e134a74d7ff74b5191a5ec4c5a6037eb708db7bc223385c86730bb673b5c13da

185.216.71.116:671

# Reference: https://elfdigest.com/brief/20f7a9b880ed82c0b163d7f0ff0009bc94cdc0404efe5f0ff01f5465c6a4248f

159.223.123.120:9506

# Reference: https://elfdigest.com/brief/e9aed148554cf717660e8f0a2f2de64fb156be454fb9f7ac818aec79ad7741cc

199.195.250.45:3778

# Reference: https://elfdigest.com/brief/1be10493b1b6206ef0463308eed73c4c9e63e98e0881dcb712ba7f42f48555cd

103.161.174.242:3778

# Reference: https://elfdigest.com/brief/b0d35e78b1928202ef44e4bef53fa8a191610eaf069fe009cb64f8178e2bb949

78.135.85.160:9506

# Reference: https://elfdigest.com/brief/992969936d3c841a5ca10fb921c53b8ba20b0dd469a679d1d13f995e352b2f72

81.161.229.3:9990

# Reference: https://www.virustotal.com/gui/file/135526d6688fb69dd9b006779a72ea605b06e35d2f5662db4ee33781d52f46a8/detection

stomp.psscc.cn

# Reference: https://elfdigest.com/brief/7adc1d710b737943b214b1d1ebfaf49603e14e79e60da35f5dc474ccd53b1c69

46.166.185.143:655

# Reference: https://www.virustotal.com/gui/ip-address/45.95.169.202/relations
# Reference: https://elfdigest.com/brief/52788b470cc4b902ec328fefcd00d336611b6989e64138dbb533dbc557da0d3c

45.95.169.202:60583
ddosbotnet.xyz
iotscanner.cfd
/chernobyl.arc
/chernobyl.arcle-hs38
/chernobyl.arm
/chernobyl.arm4
/chernobyl.arm4l
/chernobyl.arm4t
/chernobyl.arm4tl
/chernobyl.arm4tll
/chernobyl.arm5
/chernobyl.arm5l
/chernobyl.arm5n
/chernobyl.arm6
/chernobyl.arm64
/chernobyl.arm6l
/chernobyl.arm7
/chernobyl.arm7l
/chernobyl.arm8
/chernobyl.armv4
/chernobyl.armv4l
/chernobyl.armv5l
/chernobyl.armv6
/chernobyl.armv61
/chernobyl.armv6l
/chernobyl.armv7l
/chernobyl.dbg
/chernobyl.exploit
/chernobyl.i4
/chernobyl.i486
/chernobyl.i586
/chernobyl.i6
/chernobyl.i686
/chernobyl.kill
/chernobyl.m68
/chernobyl.m68k
/chernobyl.mips
/chernobyl.mips64
/chernobyl.mipseb
/chernobyl.mipsel
/chernobyl.mpsl
/chernobyl.pcc
/chernobyl.powerpc
/chernobyl.powerpc-440fp
/chernobyl.powerppc
/chernobyl.ppc
/chernobyl.pp-c
/chernobyl.ppc2
/chernobyl.ppc440
/chernobyl.ppc440fp
/chernobyl.root
/chernobyl.root32
/chernobyl.sh
/chernobyl.sh4
/chernobyl.sparc
/chernobyl.spc
/chernobyl.ssh4
/chernobyl.x32
/chernobyl.x32_64
/chernobyl.x64
/chernobyl.x86
/chernobyl.x86_32
/chernobyl.x86_64
/megayacht.arc
/megayacht.arcle-hs38
/megayacht.arm
/megayacht.arm4
/megayacht.arm4l
/megayacht.arm4t
/megayacht.arm4tl
/megayacht.arm4tll
/megayacht.arm5
/megayacht.arm5l
/megayacht.arm5n
/megayacht.arm6
/megayacht.arm64
/megayacht.arm6l
/megayacht.arm7
/megayacht.arm7l
/megayacht.arm8
/megayacht.armv4
/megayacht.armv4l
/megayacht.armv5l
/megayacht.armv6
/megayacht.armv61
/megayacht.armv6l
/megayacht.armv7l
/megayacht.dbg
/megayacht.exploit
/megayacht.i4
/megayacht.i486
/megayacht.i586
/megayacht.i6
/megayacht.i686
/megayacht.kill
/megayacht.m68
/megayacht.m68k
/megayacht.mips
/megayacht.mips64
/megayacht.mipseb
/megayacht.mipsel
/megayacht.mpsl
/megayacht.pcc
/megayacht.powerpc
/megayacht.powerpc-440fp
/megayacht.powerppc
/megayacht.ppc
/megayacht.pp-c
/megayacht.ppc2
/megayacht.ppc440
/megayacht.ppc440fp
/megayacht.root
/megayacht.root32
/megayacht.sh
/megayacht.sh4
/megayacht.sparc
/megayacht.spc
/megayacht.ssh4
/megayacht.x32
/megayacht.x32_64
/megayacht.x64
/megayacht.x86
/megayacht.x86_32
/megayacht.x86_64

# Reference: https://elfdigest.com/brief/c5f9259f9b8ce710e87d64b7a79e40dfd617bf8febf774b39770925a21859c4c

212.192.246.76:38241
raznet2021.ml
cnc.raznet2021.ml

# Reference: https://elfdigest.com/brief/5d996645322e8b385c7f921b8ee1a2fbedab93c3162a029a3d54b62eadea9b5a

02-20.xyz
kk.02-20.xyz

# Reference: https://www.virustotal.com/gui/ip-address/158.69.175.30/relations

1ind.cn
dd.1ind.cn
go.1ind.cn

# Reference: https://elfdigest.com/brief/c2a516056d90a4d1a79999a54c1e17c450e413e1995952b8e5bc2b2c52c1a65d

13.69.208.165:8443

# Reference: https://www.virustotal.com/gui/file/b5a692552f1e0b3f10d11c55e9c6363f15e0d785501b0cf82663c876dd3149af/detection
# Reference: https://www.virustotal.com/gui/file/49089e1c114956344c8e1771c624a9f62bf3ca9c3de40b57016f188c12001082/detection

boatnet.hopto.org

# Reference: https://twitter.com/sysk1ll3r/status/1570905960843186176
# Reference: https://elfdigest.com/brief/9e4c68ef72ff1ef6f5bfecae66def8ffe5b9942b5a80c0890a7225e32d076a06
# Reference: https://www.virustotal.com/gui/file/6318e27c277802424ed38137ad4667cb0178ec5f9a0735d0580e0ff2733b0ddd/detection

http://103.119.112.37
45.61.186.23:490
/.oKA31/

# Reference: https://elfdigest.com/brief/ebc0a7eca31478b117b77a25e1d7bea095b3443740885c441221386c1b32fd4a

45.137.206.158:666

# Reference: https://elfdigest.com/brief/45f78231bf226a1c8f837459db4ca82155e877694251656582df4c750626acae

46.23.109.212:420

# Reference: https://elfdigest.com/brief/4df2b1838172f8cc9609b6461627f81839d00476c6715b4a90d05a74a611e164

45.61.186.4:13561

# Reference: https://elfdigest.com/brief/32c126c3f5883439aabce5015e3570089f4e7faea7562154bf702a5c37926e48

185.216.71.213:55579

# Reference: https://elfdigest.com/brief/fcf1b6e22caf324af89908a36e2f404239a18f66088500a3757327f54d270ead

217.195.155.162:4388
vsdashi.xyz
js.vsdashi.xyz

# Reference: https://elfdigest.com/brief/e36d8ecd8a1ac77118f0103a9da163d2411973940a3db5560814ecf8f9ed4dbe

85.31.46.6:9506

# Reference: https://elfdigest.com/brief/3e3843df66136ef4712047ce855f1d6d4c8aafd6a95b9378a43d190d1bfc0923

51.79.0.136:38241
notabotnet.lol
cnc.notabotnet.lol

# Reference: https://elfdigest.com/brief/7a214ee080cd703c6d0f0e2bac6a4b1d2aa1e541881ea692cb8b5b4226c5256b

199.195.253.121:269

# Reference: https://elfdigest.com/brief/59de6bfdd9ed67d803bc062b5f2234fa76e339833f99963e41ca744330d14005

185.252.178.48:23549

# Reference: https://elfdigest.com/brief/4149830c8b387578a1f6b856fc89572f00c116c6546313ea0b104f571ce769c1

107.182.129.219:7777

# Reference: https://elfdigest.com/brief/d8f8fcf11bf1f23c3483e10ae276eef7b3c8f1b516ad16c84e76db663da2b9a8

185.225.73.158:4281
chxv8ybuh2ytmfvfwrulcdqtywlooiybaevwsa2b.org
cnc.chxv8ybuh2ytmfvfwrulcdqtywlooiybaevwsa2b.org
scan.chxv8ybuh2ytmfvfwrulcdqtywlooiybaevwsa2b.org

# Reference: https://elfdigest.com/brief/f79c04983076e32849df7e15e82ad96d669b4b07963cbb173d457388eaf07a56

45.86.86.232:42713
nsad.gay
dev.nsad.gay
rnets.nsad.gay

# Reference: https://elfdigest.com/brief/e839b16386131161fa15337ef739ff8a26c023fac988ce4dc86f1a02f2e16e0b

185.252.178.48:56999

# Reference: https://elfdigest.com/brief/9b3e85fff38855a38d795c655776d2300debee59c08374a8e57ba3522d0f296d

103.161.174.5:3778

# Reference: https://elfdigest.com/brief/07de4765be77b5e6be90cafe85920ec0688928b75d3d4bc6f1b82f2224a41c51

45.140.188.111:420

# Reference: https://elfdigest.com/brief/9e5c6424a86a0dc55f225c856f7d92826e75041822c8a06758c0ac5d17cf47c8

185.225.73.158:490

# Reference: https://elfdigest.com/brief/1a70ceb57768d3e027e307abd09548f151a8d6da72532f1b88e9813eaf0bdad2

185.28.39.25:11337

# Reference: https://elfdigest.com/brief/ecf26f7ce7d13fada8e0cc2d7eabb81735f014635cd935954f8dd0fe35a4c26c

185.252.178.159:55312

# Reference: https://elfdigest.com/brief/803d0ea978f0da1ba5f90e3d4d55ff5b2dc15c39f536f5002a96781bc301124c

176.97.210.166:5035

# Reference: https://elfdigest.com/brief/1e6cbcb47880cf83a50a40ea177ec3fca5e893ff9b26b690fa0e29821023d95a

161.97.118.175:1111

# Reference: https://elfdigest.com/brief/ecf40bfc256dd3ba03c9ab8cbac671c58c446934522487bba250ba551d3514fd
# Reference: https://elfdigest.com/brief/b2b64efd8cf3f7fea63b2a58b11bd6f6935d6177644cd8b382db4799ee800008

104.222.188.111:54452
81.161.229.3:54452
attack.tamkjll.com
botnet.tamkjll.com
svftt.tamkjll.com
/tamkjll.arc
/tamkjll.arcle-hs38
/tamkjll.arm
/tamkjll.arm4
/tamkjll.arm4l
/tamkjll.arm4t
/tamkjll.arm4tl
/tamkjll.arm4tll
/tamkjll.arm5
/tamkjll.arm5l
/tamkjll.arm5n
/tamkjll.arm6
/tamkjll.arm64
/tamkjll.arm6l
/tamkjll.arm7
/tamkjll.arm7l
/tamkjll.arm8
/tamkjll.armv4
/tamkjll.armv4l
/tamkjll.armv5l
/tamkjll.armv6
/tamkjll.armv61
/tamkjll.armv6l
/tamkjll.armv7l
/tamkjll.dbg
/tamkjll.exploit
/tamkjll.i4
/tamkjll.i486
/tamkjll.i586
/tamkjll.i6
/tamkjll.i686
/tamkjll.kill
/tamkjll.m68
/tamkjll.m68k
/tamkjll.mips
/tamkjll.mips64
/tamkjll.mipseb
/tamkjll.mipsel
/tamkjll.mpsl
/tamkjll.pcc
/tamkjll.powerpc
/tamkjll.powerpc-440fp
/tamkjll.powerppc
/tamkjll.ppc
/tamkjll.pp-c
/tamkjll.ppc2
/tamkjll.ppc440
/tamkjll.ppc440fp
/tamkjll.root
/tamkjll.root32
/tamkjll.sh
/tamkjll.sh4
/tamkjll.sparc
/tamkjll.spc
/tamkjll.ssh4
/tamkjll.x32
/tamkjll.x32_64
/tamkjll.x64
/tamkjll.x86
/tamkjll.x86_32
/tamkjll.x86_64

# Reference: https://elfdigest.com/brief/f8be980d03941da7103eabfb2cc8dac3244d24fd34c18021930a2002d140b2b7

82.165.54.214:717

# Reference: https://www.virustotal.com/gui/ip-address/185.252.178.162/relations
# Reference: https://elfdigest.com/brief/6a548aaa8336857961aeafcd79d11d3f762cc680bc68dca1a30695632ab6e79a

212.192.246.147:38241
cjfop.xyz
hbdfblf.xyz
idfdfh.xyz
jxhfn.xyz
sdfsd.xyz

# Reference: https://elfdigest.com/brief/c5d2bbaa2c03ee51682fe840469a8a38d80de3ff65c58a70b12e6f057ba1f2de

45.155.165.86:9506

# Reference: https://elfdigest.com/brief/ec36dd5373fd480204d838974dbf7f42034f15dfa9b96b63469e5239685240a3

109.106.244.250:606

# Reference: https://elfdigest.com/brief/c5a527ab662ffa4e7107f187ad14cf853212023233dda40597f603ddb4120ec5

45.61.186.4:14124
/pzi.arc
/pzi.arcle-hs38
/pzi.arm
/pzi.arm4
/pzi.arm4l
/pzi.arm4t
/pzi.arm4tl
/pzi.arm4tll
/pzi.arm5
/pzi.arm5l
/pzi.arm5n
/pzi.arm6
/pzi.arm64
/pzi.arm6l
/pzi.arm7
/pzi.arm7l
/pzi.arm8
/pzi.armv4
/pzi.armv4l
/pzi.armv5l
/pzi.armv6
/pzi.armv61
/pzi.armv6l
/pzi.armv7l
/pzi.dbg
/pzi.exploit
/pzi.i4
/pzi.i486
/pzi.i586
/pzi.i6
/pzi.i686
/pzi.kill
/pzi.m68
/pzi.m68k
/pzi.mips
/pzi.mips64
/pzi.mipseb
/pzi.mipsel
/pzi.mpsl
/pzi.pcc
/pzi.powerpc
/pzi.powerpc-440fp
/pzi.powerppc
/pzi.ppc
/pzi.pp-c
/pzi.ppc2
/pzi.ppc440
/pzi.ppc440fp
/pzi.root
/pzi.root32
/pzi.sh
/pzi.sh4
/pzi.sparc
/pzi.spc
/pzi.ssh4
/pzi.x32
/pzi.x32_64
/pzi.x64
/pzi.x86
/pzi.x86_32
/pzi.x86_64

# Reference: https://elfdigest.com/brief/07ed602d8b4ce01739c06c9ab67d5a5bc1e9c07c5795cd5d8b1378e7ee7b63fc

179.43.140.150:38241
newmethcnc.duckdns.org

# Reference: https://elfdigest.com/brief/b1e3e8d2cc64b68435ec613308fe01fbc19177d76e48af9798e8e313ca2723de

43.155.77.24:9506

# Reference: https://twitter.com/sysk1ll3r/status/1574727599812595712
# Reference: https://www.virustotal.com/gui/ip-address/5.206.227.70/relations

http://5.206.227.70

# Reference: https://twitter.com/sysk1ll3r/status/1574772459898814466

/meihao.arc
/meihao.arcle-hs38
/meihao.arm
/meihao.arm4
/meihao.arm4l
/meihao.arm4t
/meihao.arm4tl
/meihao.arm4tll
/meihao.arm5
/meihao.arm5l
/meihao.arm5n
/meihao.arm6
/meihao.arm64
/meihao.arm6l
/meihao.arm7
/meihao.arm7l
/meihao.arm8
/meihao.armv4
/meihao.armv4l
/meihao.armv5l
/meihao.armv6
/meihao.armv61
/meihao.armv6l
/meihao.armv7l
/meihao.dbg
/meihao.exploit
/meihao.i4
/meihao.i486
/meihao.i586
/meihao.i6
/meihao.i686
/meihao.kill
/meihao.m68
/meihao.m68k
/meihao.mips
/meihao.mips64
/meihao.mipseb
/meihao.mipsel
/meihao.mpsl
/meihao.pcc
/meihao.powerpc
/meihao.powerpc-440fp
/meihao.powerppc
/meihao.ppc
/meihao.pp-c
/meihao.ppc2
/meihao.ppc440
/meihao.ppc440fp
/meihao.root
/meihao.root32
/meihao.sh
/meihao.sh4
/meihao.sparc
/meihao.spc
/meihao.ssh4
/meihao.x32
/meihao.x32_64
/meihao.x64
/meihao.x86
/meihao.x86_32
/meihao.x86_64

# Reference: https://elfdigest.com/brief/797efb743498d95261671ea874bd77b715b7d12b42eb5e796440daec75b6c78d

45.61.187.18:490

# Reference: https://elfdigest.com/brief/0ed0a8dc49a891e5bf701fad3f0fa8bf2abb90d12e313d7a4625da9a4f2e93f0

158.69.175.30:3778
a.02-20.xyz

# Reference: https://www.virustotal.com/gui/ip-address/158.69.175.30/relations

/oshit.arc
/oshit.arcle-hs38
/oshit.arm
/oshit.arm4
/oshit.arm4l
/oshit.arm4t
/oshit.arm4tl
/oshit.arm4tll
/oshit.arm5
/oshit.arm5l
/oshit.arm5n
/oshit.arm6
/oshit.arm64
/oshit.arm6l
/oshit.arm7
/oshit.arm7l
/oshit.arm8
/oshit.armv4
/oshit.armv4l
/oshit.armv5l
/oshit.armv6
/oshit.armv61
/oshit.armv6l
/oshit.armv7l
/oshit.dbg
/oshit.exploit
/oshit.i4
/oshit.i486
/oshit.i586
/oshit.i6
/oshit.i686
/oshit.kill
/oshit.m68
/oshit.m68k
/oshit.mips
/oshit.mips64
/oshit.mipseb
/oshit.mipsel
/oshit.mpsl
/oshit.pcc
/oshit.powerpc
/oshit.powerpc-440fp
/oshit.powerppc
/oshit.ppc
/oshit.pp-c
/oshit.ppc2
/oshit.ppc440
/oshit.ppc440fp
/oshit.root
/oshit.root32
/oshit.sh
/oshit.sh4
/oshit.sparc
/oshit.spc
/oshit.ssh4
/oshit.x32
/oshit.x32_64
/oshit.x64
/oshit.x86
/oshit.x86_32
/oshit.x86_64

# Reference: https://elfdigest.com/brief/11bb1bef875c02ff07bf143ec35df6bc4a73ef4e0aef6238f54f61ad02838498

212.227.3.102:717

# Reference: https://elfdigest.com/brief/4d1aecda959ecb531f118f377778f0d6504a2404d25f78c89634e9f5ed521aac

217.12.206.138:490

# Reference: https://elfdigest.com/brief/200f68f05247e7d7d39940bf78ea618d064cdee9f25c10dff617c27c8c9431af

185.252.178.188:56999
hyenas.us
cnc.hyenas.us

# Reference: https://elfdigest.com/brief/9302534bc9755a2b2815a328d4d76d1c5a241353aa200d835ad7a0ddf9dfaa52

164.92.226.96:717

# Reference: https://elfdigest.com/brief/82498570d7c346c388195e2ede554d7eb3c96706b2124fdfcfd01ea40b2d1d0f

45.61.187.18:590

# Reference: https://elfdigest.com/brief/55bcec165cc2586cf6f77c2e4a1768eb07a1a0621adeab468cb0d823e2d52d9c

85.31.46.179:59666
noveltyuk.com

# Reference: https://elfdigest.com/brief/f5bfcd303d3a269398b5455a5e9b0e4e1ec614aa28fe1e5592055bbfed9af4b4

45.140.188.33:420

# Reference: https://elfdigest.com/brief/77c8c0468e9feb5be46a9264065fc39e4295489fd1a20c4a580b90c46b614103

195.133.18.159:5683

# Reference: https://elfdigest.com/brief/9699913762fc2ad79b7e1a3a6813e04f6c8e7c86261a7c0a87074a2c73e17568
# Reference: https://www.virustotal.com/gui/ip-address/45.95.55.197/relations

45.95.55.197:2823
barbershoppp.com

# Reference: https://elfdigest.com/brief/77a846472067b9e7c1aa1265bde0a23dd6e6a397a5c823d688f93d2d8002235b

5.253.246.70:9375

# Reference: https://elfdigest.com/brief/eebe13650d400a8d8ece2f8b0f22f7a115dc8795af323c84de709882a239e391

codibbos.net

# Reference: https://elfdigest.com/brief/08343f0f051d9b09a39b97f7098c637b6d328cfe1466fe9a6bef7289a31a0187

45.154.3.219:3778

# Reference: https://elfdigest.com/brief/d5c453472c0f8126597b02e76692c50b19476cc509ee4355f34f1eddde8067cc

67.205.164.37:666

# Reference: https://twitter.com/CujoaiLabs/status/1577305955485863940
# Reference: https://www.joesandbox.com/analysis/715958/0/html

http://135.148.104.21
135.148.104.21:55650

# Reference: https://www.virustotal.com/gui/file/c11f24300b79821bf818ddb0a22afc8507e45f84608221cf0fe6ebabb35c00bc/detection

109.157.206.152:7547

# Reference: https://elfdigest.com/brief/fed5353fa504068b52dcc4e7892d49657eebd2a76a31d3666abacef743b583f1
# Reference: https://elfdigest.com/brief/8bebece9918b16f64751467babcd45ff11aad3087f97b8d7ef693e1b278f8d2d

179.43.175.6:38241
femboy.boats
c2.femboy.boats

# Reference: https://elfdigest.com/brief/699fea9ff953b1837c51c8d1dc032004315bf73d5c8a70359048def3da3cc5ed

195.178.120.151:420

# Reference: https://twitter.com/r3dbU7z/status/1577368036956323850
# Reference: https://www.joesandbox.com/analysis/716080/0/html

/a-r.m-4.ISIS
/a-r.m-5.ISIS
/a-r.m-6.ISIS
/a-r.m-7.ISIS
/i-4.8-6.ISIS
/i-5.8-6.ISIS
/i-6.8-6.ISIS
/m-6.8-k.ISIS
/m-i.p-s.ISIS
/m-p.s-l.ISIS
/p-p.c-.ISIS
/s-h.4-.ISIS
/x-3.2-.ISIS
/x-6.4-.ISIS
/x-8.6-.ISIS
/ISIS.arc
/ISIS.arcle-hs38
/ISIS.arm
/ISIS.arm4
/ISIS.arm4l
/ISIS.arm4t
/ISIS.arm4tl
/ISIS.arm4tll
/ISIS.arm5
/ISIS.arm5l
/ISIS.arm5n
/ISIS.arm6
/ISIS.arm64
/ISIS.arm6l
/ISIS.arm7
/ISIS.arm7l
/ISIS.arm8
/ISIS.armv4
/ISIS.armv4l
/ISIS.armv5l
/ISIS.armv6
/ISIS.armv61
/ISIS.armv6l
/ISIS.armv7l
/ISIS.dbg
/ISIS.exploit
/ISIS.i4
/ISIS.i486
/ISIS.i586
/ISIS.i6
/ISIS.i686
/ISIS.kill
/ISIS.m68
/ISIS.m68k
/ISIS.mips
/ISIS.mips64
/ISIS.mipseb
/ISIS.mipsel
/ISIS.mpsl
/ISIS.pcc
/ISIS.powerpc
/ISIS.powerpc-440fp
/ISIS.powerppc
/ISIS.ppc
/ISIS.pp-c
/ISIS.ppc2
/ISIS.ppc440
/ISIS.ppc440fp
/ISIS.root
/ISIS.root32
/ISIS.sh
/ISIS.sh4
/ISIS.sparc
/ISIS.spc
/ISIS.ssh4
/ISIS.x32
/ISIS.x32_64
/ISIS.x64
/ISIS.x86
/ISIS.x86_32
/ISIS.x86_64

# Reference: https://twitter.com/r3dbU7z/status/1577433884765323264
# Reference: https://elfdigest.com/brief/8e44dbc5a58f8c509c858b7bcf9123669773e316bdeaf32ee84d9e40d9881f71

http://204.76.203.6
204.76.203.6:454
/gigasex.arc
/gigasex.arcle-hs38
/gigasex.arm
/gigasex.arm4
/gigasex.arm4l
/gigasex.arm4t
/gigasex.arm4tl
/gigasex.arm4tll
/gigasex.arm5
/gigasex.arm5l
/gigasex.arm5n
/gigasex.arm6
/gigasex.arm64
/gigasex.arm6l
/gigasex.arm7
/gigasex.arm7l
/gigasex.arm8
/gigasex.armv4
/gigasex.armv4l
/gigasex.armv5l
/gigasex.armv6
/gigasex.armv61
/gigasex.armv6l
/gigasex.armv7l
/gigasex.dbg
/gigasex.exploit
/gigasex.i4
/gigasex.i486
/gigasex.i586
/gigasex.i6
/gigasex.i686
/gigasex.kill
/gigasex.m68
/gigasex.m68k
/gigasex.mips
/gigasex.mips64
/gigasex.mipseb
/gigasex.mipsel
/gigasex.mpsl
/gigasex.pcc
/gigasex.powerpc
/gigasex.powerpc-440fp
/gigasex.powerppc
/gigasex.ppc
/gigasex.pp-c
/gigasex.ppc2
/gigasex.ppc440
/gigasex.ppc440fp
/gigasex.root
/gigasex.root32
/gigasex.sh
/gigasex.sh4
/gigasex.sparc
/gigasex.spc
/gigasex.ssh4
/gigasex.x32
/gigasex.x32_64
/gigasex.x64
/gigasex.x86
/gigasex.x86_32
/gigasex.x86_64

# Reference: https://elfdigest.com/brief/549e6304100d56db6779cb83c1780343e383e4d1a5414660e770d1576e3b5ef1

217.195.155.138:17691
zhudaji.net

# Reference: https://www.virustotal.com/gui/file/2db937b3f3550406357058d10fe975a249fa30d3b25c94dab16227021f14e872/detection
# Reference: https://www.joesandbox.com/analysis/707860/0/html

204.76.203.7:1337
boatnet.uk

# Reference: https://elfdigest.com/brief/ffba60dc747da61f2b04d8e1b66632dfd7e0837cafb1b683ad427e677d41fdd6

204.76.203.28:25565

# Reference: https://elfdigest.com/brief/b63232883d89779165cb8d43b81c5c14749c7e03776ac19c77968b85aa7815c6

45.154.3.176:3778

# Reference: https://elfdigest.com/brief/7871d3b00038175ccdb9dd9a9bc78c49190fe5feb0909e1d8fbbf05c9f94b7cc

135.148.104.21:1024

# Reference: https://elfdigest.com/brief/cc21c385181e6bc9194726100066e38769bb63e22eeac305020082c4979b1adc

79.137.195.112:3778

# Reference: https://elfdigest.com/brief/d7959cf50fcdfa71192a6c4e0717ab93a63852e405461505f2f40fc474d2d49d

66.187.4.108:1312

# Reference: https://elfdigest.com/brief/124827af0e34921618e6cfd97e5fd575305c3115a429b2d378e06d928b03778e

45.140.141.193:34241

# Reference: https://elfdigest.com/brief/345b13d60312470d548df53c196879f4f8a5e0f59eb488b8e394fc6c030f04de

45.155.165.86:38241

# Reference: https://elfdigest.com/brief/900ee79db09ef300d631fec7bb0f86bd8021480fc6eacf1c8ce327fb83ad9710

146.19.173.32:666

# Reference: https://elfdigest.com/brief/104afa0b31cad8a89c40cff7ce102a6ebc6e481fd6c439dfacf08cd9678a067c

195.178.120.151:9999
/Zenz.arc
/Zenz.arcle-hs38
/Zenz.arm
/Zenz.arm4
/Zenz.arm4l
/Zenz.arm4t
/Zenz.arm4tl
/Zenz.arm4tll
/Zenz.arm5
/Zenz.arm5l
/Zenz.arm5n
/Zenz.arm6
/Zenz.arm64
/Zenz.arm6l
/Zenz.arm7
/Zenz.arm7l
/Zenz.arm8
/Zenz.armv4
/Zenz.armv4l
/Zenz.armv5l
/Zenz.armv6
/Zenz.armv61
/Zenz.armv6l
/Zenz.armv7l
/Zenz.dbg
/Zenz.exploit
/Zenz.i4
/Zenz.i486
/Zenz.i586
/Zenz.i6
/Zenz.i686
/Zenz.kill
/Zenz.m68
/Zenz.m68k
/Zenz.mips
/Zenz.mips64
/Zenz.mipseb
/Zenz.mipsel
/Zenz.mpsl
/Zenz.pcc
/Zenz.powerpc
/Zenz.powerpc-440fp
/Zenz.powerppc
/Zenz.ppc
/Zenz.pp-c
/Zenz.ppc2
/Zenz.ppc440
/Zenz.ppc440fp
/Zenz.root
/Zenz.root32
/Zenz.sh
/Zenz.sh4
/Zenz.sparc
/Zenz.spc
/Zenz.ssh4
/Zenz.x32
/Zenz.x32_64
/Zenz.x64
/Zenz.x86
/Zenz.x86_32
/Zenz.x86_64

# Reference: https://elfdigest.com/brief/7bcff294068e9cce202776f78a065c978e9c98b4226a1440401f0391e1574abe

144.34.181.226:3778

# Reference: https://elfdigest.com/brief/4f601a8e0271a561cc5ff4619c32ad9293dd30a1e0c1a52db5697556919f44e9

80.76.51.189:420

# Reference: https://elfdigest.com/brief/012886c5dcd11b91edc190134a04c03420066a347f73716fb4b52315861b15b8

164.92.254.170:666

# Reference: https://elfdigest.com/brief/302f29a145f97d3a911a0bcfb904f27591fea56bc920af95e04bf99b480b5d75

23.147.226.118:123

# Reference: https://elfdigest.com/brief/43f525fa4133395f8d8903e7894c5daedfb34f23fb3c6155e132d84943916c98

164.155.93.113:3778

# Reference: https://elfdigest.com/brief/607aff4db2203d1e0cb9b42fcdd0b02e810a146b7fef077baa87b6bd896096f5

171.22.30.175:9999

# Reference: https://elfdigest.com/brief/0f909c04132d09eaeb3f36329537136bc6aabf9c22fe95fc61069d7588d6de72
# Reference: https://www.virustotal.com/gui/file/0f909c04132d09eaeb3f36329537136bc6aabf9c22fe95fc61069d7588d6de72/detection

155.199.179.136:37215
185.216.71.88:56999
197.253.66.249:37215
v4.psscc.cn

# Reference: https://www.virustotal.com/gui/file/4aed0843a6a71850ca10969f6dc953bda26e464c36dca8cac755f1f9f3f92e62/detection
# Reference: https://www.virustotal.com/gui/file/b28e28d42bd42ee9a827592bdc07473aa78aeb51e46ede7aa9f395d28f03d656/detection

79.110.62.227:9506
snap.tk
cnc.snap.tk
dev.snap.tk

# Reference: https://www.virustotal.com/gui/file/f0d12efb246fac3a93f2cab32924e202eddbe92e7d80ba8be3219f5aadf0551e/detection

http://79.110.62.227

# Reference: https://elfdigest.com/brief/c5316a609beb12499ab775aced5c0168b9ba32713ebf07b3c3586c19be17552a
# Reference: https://elfdigest.com/brief/92f9bc71b4deeee2987200189f7ce81bc5c2063e417b9c4f84c2a5551a5986b5

157.245.102.148:38241
85.209.134.96:38241
pf5i4vjturuoy5i6p2penpob7wor2slaxxrn2z5jzf6miqw3bkhunuqd.onion
skid.uno
/tbotarc
/tbotarcle-hs38
/tbotarm
/tbotarm4
/tbotarm4l
/tbotarm4t
/tbotarm4tl
/tbotarm4tll
/tbotarm5
/tbotarm5l
/tbotarm5n
/tbotarm6
/tbotarm64
/tbotarm6l
/tbotarm7
/tbotarm7l
/tbotarm8
/tbotarmv4
/tbotarmv4l
/tbotarmv5l
/tbotarmv6
/tbotarmv61
/tbotarmv6l
/tbotarmv7l
/tbotdbg
/tbotexploit
/tboti4
/tboti486
/tboti586
/tboti6
/tboti686
/tbotkill
/tbotm68
/tbotm68k
/tbotmips
/tbotmips64
/tbotmipseb
/tbotmipsel
/tbotmpsl
/tbotpcc
/tbotpowerpc
/tbotpowerpc-440fp
/tbotpowerppc
/tbotppc
/tbotpp-c
/tbotppc2
/tbotppc440
/tbotppc440fp
/tbotroot
/tbotroot32
/tbotsh
/tbotsh4
/tbotsparc
/tbotspc
/tbotssh4
/tbotx32
/tbotx32_64
/tbotx64
/tbotx86
/tbotx86_32
/tbotx86_64

# Reference: https://elfdigest.com/brief/283c4f3b7886becbd370dd7c2980224d11f0409251b1a6232c8c2f9720c8d0e3

37.139.128.107:9506

# Reference: https://elfdigest.com/brief/e7b2a00e8284145b0270109cc7cc22c9d49961ebc59a0c2d0a4a0200d9ecf555
# Reference: https://elfdigest.com/brief/ade1a77b0215b22bbbbf13ed9eca8354ab7dbc3703b670e58b376f0b7d8c2642

179.43.163.105:38241
45.95.55.237:38241
amkcnc.duckdns.org

# Reference: https://elfdigest.com/brief/a7d9489ca2ccc677afbd0ec62d9f5bc280423dc14bd2eb67ea556c9f80866d3e

37.44.238.187:606

# Reference: https://elfdigest.com/brief/97fb917c4a4ba79ae9234eff438b8b1d93827edb90b3c8c8ca8a14859e066f56

154.12.41.218:3778

# Reference: https://elfdigest.com/brief/7cde99cb2dbf61989ffcac370007afa526b57609eab5e7a4881848ee777e996c

185.117.3.120:9506
/hotnet.arc
/hotnet.arcle-hs38
/hotnet.arm
/hotnet.arm4
/hotnet.arm4l
/hotnet.arm4t
/hotnet.arm4tl
/hotnet.arm4tll
/hotnet.arm5
/hotnet.arm5l
/hotnet.arm5n
/hotnet.arm6
/hotnet.arm64
/hotnet.arm6l
/hotnet.arm7
/hotnet.arm7l
/hotnet.arm8
/hotnet.armv4
/hotnet.armv4l
/hotnet.armv5l
/hotnet.armv6
/hotnet.armv61
/hotnet.armv6l
/hotnet.armv7l
/hotnet.dbg
/hotnet.exploit
/hotnet.i4
/hotnet.i486
/hotnet.i586
/hotnet.i6
/hotnet.i686
/hotnet.kill
/hotnet.m68
/hotnet.m68k
/hotnet.mips
/hotnet.mips64
/hotnet.mipseb
/hotnet.mipsel
/hotnet.mpsl
/hotnet.pcc
/hotnet.powerpc
/hotnet.powerpc-440fp
/hotnet.powerppc
/hotnet.ppc
/hotnet.pp-c
/hotnet.ppc2
/hotnet.ppc440
/hotnet.ppc440fp
/hotnet.root
/hotnet.root32
/hotnet.sh
/hotnet.sh4
/hotnet.sparc
/hotnet.spc
/hotnet.ssh4
/hotnet.x32
/hotnet.x32_64
/hotnet.x64
/hotnet.x86
/hotnet.x86_32
/hotnet.x86_64

# Reference: https://elfdigest.com/brief/23a0b029ebe04cb10c14fc5790926844894802a189e2879875a59b4c0be64a1d

43.156.35.69:3778

# Reference: https://elfdigest.com/brief/0d919d842c29a206443df2aa3ca2c742514df356a1540a11ec467f61b36aec2a
# Reference: https://www.joesandbox.com/analysis/725828/0/html

85.209.134.231:54452

# Reference: https://elfdigest.com/brief/47237b73ef74e95908ff9dad8f3b3ceeba8e7e3598a4636b7c270cc4dd8fe434
# Reference: https://www.virustotal.com/gui/file/47237b73ef74e95908ff9dad8f3b3ceeba8e7e3598a4636b7c270cc4dd8fe434/detection

185.242.125.187:52869

# Reference: https://elfdigest.com/brief/d4b217e45ae23309d6e3a5079f74436276540ba5ffa3e4d0d75e2f8096a3cf3a

46.101.159.18:38241

# Reference: https://elfdigest.com/brief/c210cdc75bc5258d4aa23949432d093bfdf66fb01d487be3ed9a17e89d4e7e4f

154.16.115.249:45

# Reference: https://elfdigest.com/brief/6a810799713c529f9c49fd949b4b0483118faa41a26319591e7464d252d0e529

41.216.189.197:606

# Reference: https://elfdigest.com/brief/a524a00256695895fc7f499b1493c32aaf6d6e2ed6bedf28a0c712ba9f313f93

94.103.188.36:866

# Reference: https://elfdigest.com/brief/8703e8934e735b9de5adb785f89e524a1d4908a57f31b701804d42e0f836db90

45.95.55.44:59666
nomeum.net
cnc.nomeum.net

# Reference: https://www.virustotal.com/gui/file/380aa73db1d7f1c64e06538e4e3ef9617b2903368b85c6bfbf78673330ff8824/detection

5.159.100.157:1420

# Reference: https://www.virustotal.com/gui/file/08be5c87dfd52652d37c4884475eef99cd08533ffc68168decd06d47d8fba509/detection

197.35.244.58:37215
wemix.cc
botnet.wemix.cc

# Reference: https://www.virustotal.com/gui/file/37eb53d5603f42cfcf2c47aa45fb7e6353e9a7f9480169a0966648859d492536/detection

43.142.242.144:5555

# Reference: https://elfdigest.com/brief/a1653104d006b45c12c21e82911f7876d601ab1427b0f1ee2e5755d7085e73bd

154.16.115.249:9931

# Reference: https://elfdigest.com/brief/deeabd0ca1ebb3bacfce9db8db190ac5eebe5f2e679621af94494fe45154408c

85.209.134.235:9506

# Reference: https://elfdigest.com/brief/6f629cb44b58ec76e255466262a9e4a4e7fb5c3133596d936ca37f86bd6510e2

154.16.115.249:9506
/akido.arc
/akido.arcle-hs38
/akido.arm
/akido.arm4
/akido.arm4l
/akido.arm4t
/akido.arm4tl
/akido.arm4tll
/akido.arm5
/akido.arm5l
/akido.arm5n
/akido.arm6
/akido.arm64
/akido.arm6l
/akido.arm7
/akido.arm7l
/akido.arm8
/akido.armv4
/akido.armv4l
/akido.armv5l
/akido.armv6
/akido.armv61
/akido.armv6l
/akido.armv7l
/akido.dbg
/akido.exploit
/akido.i4
/akido.i486
/akido.i586
/akido.i6
/akido.i686
/akido.kill
/akido.m68
/akido.m68k
/akido.mips
/akido.mips64
/akido.mipseb
/akido.mipsel
/akido.mpsl
/akido.pcc
/akido.powerpc
/akido.powerpc-440fp
/akido.powerppc
/akido.ppc
/akido.pp-c
/akido.ppc2
/akido.ppc440
/akido.ppc440fp
/akido.root
/akido.root32
/akido.sh
/akido.sh4
/akido.sparc
/akido.spc
/akido.ssh4
/akido.x32
/akido.x32_64
/akido.x64
/akido.x86
/akido.x86_32
/akido.x86_64

# Reference: https://elfdigest.com/brief/087a5875eb760928f8879180eeecf0208fd1910ffe268b9d3997fa4f7da114a6

37.44.238.150:9506
/sensi.arc
/sensi.arcle-hs38
/sensi.arm
/sensi.arm4
/sensi.arm4l
/sensi.arm4t
/sensi.arm4tl
/sensi.arm4tll
/sensi.arm5
/sensi.arm5l
/sensi.arm5n
/sensi.arm6
/sensi.arm64
/sensi.arm6l
/sensi.arm7
/sensi.arm7l
/sensi.arm8
/sensi.armv4
/sensi.armv4l
/sensi.armv5l
/sensi.armv6
/sensi.armv61
/sensi.armv6l
/sensi.armv7l
/sensi.dbg
/sensi.exploit
/sensi.i4
/sensi.i486
/sensi.i586
/sensi.i6
/sensi.i686
/sensi.kill
/sensi.m68
/sensi.m68k
/sensi.mips
/sensi.mips64
/sensi.mipseb
/sensi.mipsel
/sensi.mpsl
/sensi.pcc
/sensi.powerpc
/sensi.powerpc-440fp
/sensi.powerppc
/sensi.ppc
/sensi.pp-c
/sensi.ppc2
/sensi.ppc440
/sensi.ppc440fp
/sensi.root
/sensi.root32
/sensi.sh4
/sensi.sparc
/sensi.spc
/sensi.ssh4
/sensi.x32
/sensi.x32_64
/sensi.x64
/sensi.x86
/sensi.x86_32
/sensi.x86_64

# Reference: https://elfdigest.com/brief/002d23802f5e90492a340a0202f8082ddf84d3abdb7834bf7cb771c81161e0a9

185.28.39.15:839

# Reference: https://elfdigest.com/brief/53d1293cc0ad6e01882df14e326d9bfd658833c4a54efeeac5784b575bee34a5

45.138.70.19:3778

# Reference: https://elfdigest.com/brief/4ca28391222f17c5e2c16fc056b6f61407fee600ab431acd9df2dbc200c094f8

5.182.206.101:56999
backupsuper.cc
s7.backupsuper.cc

# Reference: https://twitter.com/tosscoinwitcher/status/1585045840166817792

amkbins.duckdns.org
/ascaris.arc
/ascaris.arcle-hs38
/ascaris.arm
/ascaris.arm4
/ascaris.arm4l
/ascaris.arm4t
/ascaris.arm4tl
/ascaris.arm4tll
/ascaris.arm5
/ascaris.arm5l
/ascaris.arm5n
/ascaris.arm6
/ascaris.arm64
/ascaris.arm6l
/ascaris.arm7
/ascaris.arm7l
/ascaris.arm8
/ascaris.armv4
/ascaris.armv4l
/ascaris.armv5l
/ascaris.armv6
/ascaris.armv61
/ascaris.armv6l
/ascaris.armv7l
/ascaris.dbg
/ascaris.exploit
/ascaris.i4
/ascaris.i486
/ascaris.i586
/ascaris.i6
/ascaris.i686
/ascaris.kill
/ascaris.m68
/ascaris.m68k
/ascaris.mips
/ascaris.mips64
/ascaris.mipseb
/ascaris.mipsel
/ascaris.mpsl
/ascaris.pcc
/ascaris.powerpc
/ascaris.powerpc-440fp
/ascaris.powerppc
/ascaris.ppc
/ascaris.pp-c
/ascaris.ppc2
/ascaris.ppc440
/ascaris.ppc440fp
/ascaris.root
/ascaris.root32
/ascaris.sh
/ascaris.sh4
/ascaris.sparc
/ascaris.spc
/ascaris.ssh4
/ascaris.x32
/ascaris.x32_64
/ascaris.x64
/ascaris.x86
/ascaris.x86_32
/ascaris.x86_64

# Reference: https://elfdigest.com/brief/7c1f75ca94e359e017f0db159f706fa7d08998a2c64cb19bdfa0e72dc8fe0805

41.216.182.144:43571

# Reference: https://elfdigest.com/brief/235617b901820a265db7735a2741743ac04f766ca96e61d5ab55bfbdaa850eb1

45.90.161.135:3778

# Reference: https://elfdigest.com/brief/59c5cdccf2fa5e67716e87f4da18c23391e3773d54ce9c0c19cca0e730a468ba

sharehy.com
test.sharehy.com

# Reference: https://elfdigest.com/brief/4bdad345ea7ddac211821b915cb0f1763138901c234d340fe2d89480ff9f3dcb

45.138.70.19:45
/squidward.arc
/squidward.arcle-hs38
/squidward.arm
/squidward.arm4
/squidward.arm4l
/squidward.arm4t
/squidward.arm4tl
/squidward.arm4tll
/squidward.arm5
/squidward.arm5l
/squidward.arm5n
/squidward.arm6
/squidward.arm64
/squidward.arm6l
/squidward.arm7
/squidward.arm7l
/squidward.arm8
/squidward.armv4
/squidward.armv4l
/squidward.armv5l
/squidward.armv6
/squidward.armv61
/squidward.armv6l
/squidward.armv7l
/squidward.dbg
/squidward.exploit
/squidward.i4
/squidward.i486
/squidward.i586
/squidward.i6
/squidward.i686
/squidward.kill
/squidward.m68
/squidward.m68k
/squidward.mips
/squidward.mips64
/squidward.mipseb
/squidward.mipsel
/squidward.mpsl
/squidward.pcc
/squidward.powerpc
/squidward.powerpc-440fp
/squidward.powerppc
/squidward.ppc
/squidward.pp-c
/squidward.ppc2
/squidward.ppc440
/squidward.ppc440fp
/squidward.root
/squidward.root32
/squidward.sh
/squidward.sh4
/squidward.sparc
/squidward.spc
/squidward.ssh4
/squidward.x32
/squidward.x32_64
/squidward.x64
/squidward.x86
/squidward.x86_32
/squidward.x86_64

# Reference: https://elfdigest.com/brief/11be3753bad2aafec6af9746bf55ae116417c03771d873a1d23d7a626cf1ae88

198.98.52.196:11064

# Reference: https://elfdigest.com/brief/ea29d1b3475e9275d5258cd1bef32faf9af16074d4bb68e3c76fc24af8660130

41.216.182.144:43573

# Reference: https://elfdigest.com/brief/8670d8fe97bac5c7d4b06eb7f3a7c93d64b11312d83a3261a5ec25946595ae5d

gang.monster

# Reference: https://github.com/stamparm/maltrail/issues/19126
# Reference: https://app.any.run/tasks/acf9f5d8-9165-48a3-8126-f211254113a5/
# Reference: https://www.virustotal.com/gui/ip-address/179.43.175.5/relations

http://179.43.175.5

# Reference: https://elfdigest.com/brief/70b3f0a407118f046842ab3e6387f01dab640c3817315d1cf4c84505424c10d5

37.44.238.150:9506

# Reference: https://elfdigest.com/brief/71f07d7d2cee8543b9504172f36dd96ad29671ac2a0ef853e0833a0f1abde258

3.75.95.184:58589

# Reference: https://elfdigest.com/brief/3f11e68bf8f08ceccc38e791a1e4a3c7affe6fd99a21fcf507e286a4da532169

45.95.55.232:606

# Reference: https://elfdigest.com/brief/a24ff655bd8874da32245350e3afab22a18bccc4a4d714aecf3de1e4d67fc4fe

194.180.48.156:9931

# Reference: https://elfdigest.com/brief/ae6c1f517a8bdf23f4d03596818833fd1fc0db4a8d2c0c098ab1796ccaeb7663

107.189.29.74:690

# Reference: https://elfdigest.com/brief/e97986a23c217b525ad58ac7ab451e748e1579e67fc7bea69b75f62f25116141

45.95.169.36:911

# Reference: https://elfdigest.com/brief/0d8105b5d32b21ffb7833a9619d7f6be1ab639d0e8546ee4835e4efa92d21347

209.141.51.170:666

# Reference: https://elfdigest.com/brief/271924967766202e34459989e2806aa2db7d130bf8f8419b92a8b82643f822d8

193.47.61.232:4353

# Reference: https://elfdigest.com/brief/f31660f8ed8713878a09cb40bc8736652ac1ab84870e6cb8a93806c34e454026

89.203.251.188:7267

# Reference: https://elfdigest.com/brief/f425fa120bc1b3926ed92ed5cec74898f1d40c3059ae443f816a9e10a2699f80

http://194.145.227.21

# Reference: https://bazaar.abuse.ch/sample/2ffb369480d74e71480c94c0146f39a30a22749e7e32e914cf617b6f73379095/

http://185.132.53.105

# Reference: https://elfdigest.com/brief/c1a08a5f41bfe47e9796e9a38a2a3499f588abb7a5aa2ef0cd54a4ebd37b3013

43.156.35.69:55555

# Reference: https://elfdigest.com/brief/6c08c3f6f36366388f8f4c06c2992194ba9c221c69602d0d3479b973fad08522

138.68.174.56:1111

# Reference: https://elfdigest.com/brief/e9376d87f6a5efc44108ffcf91bb16b1169556d0654fe032de1bf9e99edf12dc
# Reference: https://www.virustotal.com/gui/file/e9376d87f6a5efc44108ffcf91bb16b1169556d0654fe032de1bf9e99edf12dc/detection

37.44.238.234:35

# Reference: https://elfdigest.com/brief/eaae36024377e57592befd06ef34085d8b0fb9cd8954aec32c88f8fbb0a1dd5d

45.61.187.64:690

# Reference: https://elfdigest.com/brief/6e8100357c7e00c7ec1d8d56e3014ad0368c01213a212f46208202f710b93ad2
# Reference: https://www.virustotal.com/gui/file/1a4baadc59bc3a6e1baf4271ba052a23ac29972e5252ce301ef59dad418e7a69/detection
# Reference: https://www.virustotal.com/gui/file/06e29dae7840ce03c5b5316667071992f87d8dfab3f6a21ba43aff04adc547c0/detection
# Reference: https://www.virustotal.com/gui/file/46db26799d82b7bf19510237724241acd9a53344e900f177f6e6664973d2025e/detection

194.26.229.56:9876
3732g6dg.ws
bins.3732g6dg.ws
fb.3732g6dg.ws
/bin1.arc
/bin1.arcle-hs38
/bin1.arm
/bin1.arm4
/bin1.arm4l
/bin1.arm4t
/bin1.arm4tl
/bin1.arm4tll
/bin1.arm5
/bin1.arm5l
/bin1.arm5n
/bin1.arm6
/bin1.arm64
/bin1.arm6l
/bin1.arm7
/bin1.arm7l
/bin1.arm8
/bin1.armv4
/bin1.armv4l
/bin1.armv5l
/bin1.armv6
/bin1.armv61
/bin1.armv6l
/bin1.armv7l
/bin1.dbg
/bin1.exploit
/bin1.i4
/bin1.i486
/bin1.i586
/bin1.i6
/bin1.i686
/bin1.kill
/bin1.m68
/bin1.m68k
/bin1.mips
/bin1.mips64
/bin1.mipseb
/bin1.mipsel
/bin1.mpsl
/bin1.pcc
/bin1.powerpc
/bin1.powerpc-440fp
/bin1.powerppc
/bin1.ppc
/bin1.pp-c
/bin1.ppc2
/bin1.ppc440
/bin1.ppc440fp
/bin1.root
/bin1.root32
/bin1.sh
/bin1.sh4
/bin1.sparc
/bin1.spc
/bin1.ssh4
/bin1.x32
/bin1.x32_64
/bin1.x64
/bin1.x86
/bin1.x86_32
/bin1.x86_64

# Reference: https://elfdigest.com/brief/1ef21605cff2abd3355c86b9956df1390ae5e75d1b5f657794134e0d8b0caf00

159.65.85.205:9922

# Reference: https://elfdigest.com/brief/75a570705be0a36e27c408e73b9e44e4237f37742106195f0d553c6ec70e9b2e

bulletbot.xyz
cnc.bulletbot.xyz

# Reference: https://elfdigest.com/brief/c12d704c0b89f5e7005780d19fb3997f7e1fdd0972d6dc2193ccca1b558945ad

194.180.48.22:9506

# Reference: https://elfdigest.com/brief/8afd14e138b7fa1cc9fe81eeb499ca5475d8a86e50dcfe72aab3b7e364ec5e1d
# Reference: https://www.virustotal.com/gui/file/49942c5ffec233be2bfdf3ebfb2ba1fa9cd4a0697c45ced509b2ef9ae712fb67/detection

http://173.198.248.40
173.198.248.40:9922
/ohshitbg.arc
/ohshitbg.arcle-hs38
/ohshitbg.arm
/ohshitbg.arm4
/ohshitbg.arm4l
/ohshitbg.arm4t
/ohshitbg.arm4tl
/ohshitbg.arm4tll
/ohshitbg.arm5
/ohshitbg.arm5l
/ohshitbg.arm5n
/ohshitbg.arm6
/ohshitbg.arm64
/ohshitbg.arm6l
/ohshitbg.arm7
/ohshitbg.arm7l
/ohshitbg.arm8
/ohshitbg.armv4
/ohshitbg.armv4l
/ohshitbg.armv5l
/ohshitbg.armv6
/ohshitbg.armv61
/ohshitbg.armv6l
/ohshitbg.armv7l
/ohshitbg.dbg
/ohshitbg.exploit
/ohshitbg.i4
/ohshitbg.i486
/ohshitbg.i586
/ohshitbg.i6
/ohshitbg.i686
/ohshitbg.kill
/ohshitbg.m68
/ohshitbg.m68k
/ohshitbg.mips
/ohshitbg.mips64
/ohshitbg.mipseb
/ohshitbg.mipsel
/ohshitbg.mpsl
/ohshitbg.pcc
/ohshitbg.powerpc
/ohshitbg.powerpc-440fp
/ohshitbg.powerppc
/ohshitbg.ppc
/ohshitbg.pp-c
/ohshitbg.ppc2
/ohshitbg.ppc440
/ohshitbg.ppc440fp
/ohshitbg.root
/ohshitbg.root32
/ohshitbg.sh
/ohshitbg.sh4
/ohshitbg.sparc
/ohshitbg.spc
/ohshitbg.ssh4
/ohshitbg.x32
/ohshitbg.x32_64
/ohshitbg.x64
/ohshitbg.x86
/ohshitbg.x86_32
/ohshitbg.x86_64
/xqo7tbyh/

# Reference: https://elfdigest.com/brief/c2fde00035a8ee461e1ea90bdd04795e1618b37730e1b194edf95f104e5708c3
# Reference: https://elfdigest.com/brief/ad2028d6ffc177282cbbccc5f602b8279afdae6c7a13c3ce03e1d11572da2b8b
# Reference: https://www.virustotal.com/gui/file/3ab66b02b399d4f2cc4c544daa34109dc3e34ebed8620f5d65ef707062383b96/detection

104.21.61.154:38241
139.59.184.172:38241
157.245.102.148:38241
159.223.217.105:38241
159.223.239.160:38241
165.227.167.116:38241
167.71.71.110:38241
172.67.211.136:38241
188.166.50.205:38241
188.166.54.13:38241
194.55.186.20:38241
46.101.159.18:38241
68.183.146.202:38241
85.209.134.96:38241
shetoldmeshewas12.uno

# Reference: https://elfdigest.com/brief/220d867919e11aec855d667bc2aad7d19ec10d7ad927efaaafe51093eb83cb40

80.94.92.49:9999

# Reference: https://elfdigest.com/brief/3271f4605eb95ae323c13fc4f723014dfdf847505bc516be514587553c341e52

193.47.61.254:38241
femnet.femboy.boats

# Reference: https://www.virustotal.com/gui/file/b4e8e2575fe2f3669f49c0f02fd4342da71399de51cbde1863ae115de687a075/detection

http://54.232.166.209
001sv.ddns.net
002sv.ddns.net

# Reference: https://www.virustotal.com/gui/file/046c99b9c9e3c26c9d6faa4eca757f794498980aabf312b5e0ebe70c0a65faa3/detection

http://52.67.193.210
0101sv.ddns.net

# Reference: https://elfdigest.com/brief/e9cb41c17604cd24ec1504c972b961201c9fe7cdf963c5f18a18583a8cb325d1
# Reference: https://www.virustotal.com/gui/file/6204d70e87843bdd1793e5ee22b80cb1c0d618fb705d15d814440f050af341f2/detection

http://103.252.119.85
103.252.119.85:9922

# Reference: https://elfdigest.com/brief/98f29793f9d32669f3ab96f7c38e98d41959861f3b8b2828c2d8ea3d63a38856

79.132.128.75:38241

# Reference: https://elfdigest.com/brief/6ed0890e35c0cbc949f65ccf14795bb62299788fb80e30e6a23cb475f23259db

212.52.0.14:18271

# Reference: https://elfdigest.com/brief/3941341494bd628ac605e5b8f4a4665c5d3d7b4ff14975959c371a4aab04f12f

205.185.123.174:3778

# Reference: https://elfdigest.com/brief/e4174b2cb41dbde68cab81b2995a64e5f149764e1cc9bd82f3470b36ef960d83

185.177.57.104:655

# Reference: https://elfdigest.com/brief/167de31709e5da209217e44ebe676de6308c4b0d591b9f14b5400fcab6bc3f73

31.41.244.132:56999
hostlookl.cc
vds.hostlookl.cc

# Reference: https://www.bleepingcomputer.com/news/security/updated-rapperbot-malware-targets-game-servers-in-ddos-attacks/

http://185.216.71.149
185.216.71.149:5123

# Reference: https://elfdigest.com/brief/3c1b78dd1a1e8df0f1e2de7fb69c0f56e56433d234923572d66558aa3c313d39

45.95.169.135:59666
hopacali.xyz

# Reference: https://elfdigest.com/brief/594ad61967d1430d62a9250becda7880a5946a4221be4500c208e73ec62f290f

51.15.7.147:1312

# Reference: https://elfdigest.com/brief/b0aed60367755280b88f0efd6d64083ac5d29ac095851ab0f013a6397ec5bcad

185.132.53.205:1312

# Reference: https://elfdigest.com/brief/7d74b065f04ab53cbd933cd1d4e35a07c9f68b7c17710526c6e7e685b64d8d85

51.15.7.147:61231

# Reference: https://elfdigest.com/brief/07585523163f30a691ebb8c6f5e4915cfdc94c8ff012d1dac3566b7f771dca11

38.242.209.184:3778

# Reference: https://www.virustotal.com/gui/file/98df6f8e3a1c542d60ebb2bbd5fcd7763a79e165093d37d47fc7e873ad30edd6/detection

http://177.71.227.248
01mts.ddns.net

# Reference: https://elfdigest.com/brief/fda6aad825c49f0a27da02b965d4fb3287b0b04f85a7c1635f8290768a937a7a

77.73.131.59:3778

# Reference: https://elfdigest.com/brief/c390a4e3b92a07ffd8f6f4d7a14d98c0a821c3ee5bc4aff8a571af61dbb81543

46.101.60.11:3778

# Reference: https://elfdigest.com/brief/d7d50366947c933b75cc118fe94c1ccba732178a725434115469b1cce9df4e3e

195.133.40.138:1337

# Reference: https://elfdigest.com/brief/9d53327b3913989d3099dff9d12ef224b3b79c78b15026ea0f2815decd6cc10c

185.246.220.213:1312

# Reference: https://www.virustotal.com/gui/file/5f015c8c25c1e652a0d148dc3efc0a9be1265a035a4b1f360198a1621cd7fff7/detection

http://185.132.53.205
/phantom.arc
/phantom.arcle-hs38
/phantom.arm
/phantom.arm4
/phantom.arm4l
/phantom.arm4t
/phantom.arm4tl
/phantom.arm4tll
/phantom.arm5
/phantom.arm5l
/phantom.arm5n
/phantom.arm6
/phantom.arm64
/phantom.arm6l
/phantom.arm7
/phantom.arm7l
/phantom.arm8
/phantom.armv4
/phantom.armv4l
/phantom.armv5l
/phantom.armv6
/phantom.armv61
/phantom.armv6l
/phantom.armv7l
/phantom.dbg
/phantom.exploit
/phantom.i4
/phantom.i486
/phantom.i586
/phantom.i6
/phantom.i686
/phantom.kill
/phantom.m68
/phantom.m68k
/phantom.mips
/phantom.mips64
/phantom.mipseb
/phantom.mipsel
/phantom.mpsl
/phantom.pcc
/phantom.powerpc
/phantom.powerpc-440fp
/phantom.powerppc
/phantom.ppc
/phantom.pp-c
/phantom.ppc2
/phantom.ppc440
/phantom.ppc440fp
/phantom.riscv64
/phantom.root
/phantom.root32
/phantom.s390x
/phantom.sh
/phantom.sh4
/phantom.sparc
/phantom.spc
/phantom.ssh4
/phantom.x32
/phantom.x32_64
/phantom.x64
/phantom.x86
/phantom.x86_32
/phantom.x86_64

# Reference: https://twitter.com/blackorbird/status/1594904970943664128 (# RobinBot)
# Reference: https://mp-weixin-qq-com.translate.goog/s/CQgBh46m3aU1ZDs503M8AQ?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp

176.97.210.195:7267
193.23.161.194:3214
89.203.251.188:1337
89.203.251.217:7267

# Reference: https://elfdigest.com/brief/88d906c78fcb8eee6a03f1bc6d4ac2179f517a92404bc39001737cdba8d96ee9

84.21.172.25:3778

# Reference: https://mp.weixin.qq.com/s/4iTA4LBNEnOQ5T5AcvZCCA (Chinese)
# Reference: https://elfdigest.com/brief/bf2847caaabade2e20b15ac62f15ee3eb897e6868daf58b6fcc4d8bcac00f415
# Reference: https://www.virustotal.com/gui/file/18867b2b67ffdbce15ebaf3fe5a878fe77f2606e5f8bec464f774fbe671e957e/detection

179.43.175.5:38241
84.21.172.75:38241
cattoloveslily.wtf
cdn.cattoloveslily.wtf

# Reference: https://twitter.com/CujoaiLabs/status/1596088342747447298
# Reference: https://blog.netlab.360.com/new-ddos-botnet-wszeor/ (Chinese)

http://176.65.137.5
http://176.65.137.6
sudolite.ml
zero.sudolite.ml
/zero.amd64
/zero.arc
/zero.arcle-hs38
/zero.arm
/zero.arm4
/zero.arm4l
/zero.arm4t
/zero.arm4tl
/zero.arm4tll
/zero.arm5
/zero.arm5l
/zero.arm5n
/zero.arm6
/zero.arm64
/zero.arm6l
/zero.arm7
/zero.arm7l
/zero.arm8
/zero.armv4
/zero.armv4l
/zero.armv5l
/zero.armv6
/zero.armv61
/zero.armv6l
/zero.armv7l
/zero.dbg
/zero.exploit
/zero.i4
/zero.i486
/zero.i586
/zero.i6
/zero.i686
/zero.kill
/zero.m68
/zero.m68k
/zero.mips
/zero.mips64
/zero.mipseb
/zero.mipsel
/zero.mpsl
/zero.pcc
/zero.powerpc
/zero.powerpc-440fp
/zero.powerppc
/zero.ppc
/zero.pp-c
/zero.ppc2
/zero.ppc440
/zero.ppc440fp
/zero.riscv64
/zero.root
/zero.root32
/zero.s390x
/zero.sh
/zero.sh4
/zero.sparc
/zero.spc
/zero.ssh4
/zero.x32
/zero.x32_64
/zero.x64
/zero.x86
/zero.x86_32
/zero.x86_64

# Reference: https://elfdigest.com/brief/7f03f734525543e10c4873a59d2320c99b7a9c1d44bd482111fd5145827bc99c

37.44.238.178:9506

# Reference: https://elfdigest.com/brief/c8bb76884655d2a19464b3f1cf1c38d9e0c0a4618370cda5983a710ff52626a5

193.108.113.249:3778

# Reference: https://twitter.com/elfdigest/status/1597017763368751104

http://3.88.246.75
3.88.246.75:13666
iodhqowihdq2235df.ddns.net
/hu3hu3hu3

# Reference: https://twitter.com/elfdigest/status/1597018658986934273

kortextrade.com
cnc.kortextrade.com
/nullnet_bin_dir

# Reference: https://twitter.com/elfdigest/status/1597019554709897216

http://163.123.142.194
163.123.142.194:42069

# Reference: https://elfdigest.com/brief/549d7d014af91868bbecd20c2d0b15277723eed794a1e8074821d1e70c6074ab

42.96.0.142:3778

# Reference: https://elfdigest.com/brief/021508d854c2ef0787b0ae0f12c062ba7079d5a15c286ad6331949c42406160e

http://107.189.1.155
107.189.1.155:60195
sjys6.top
l41.sjys6.top
/Mddos

# Reference: https://elfdigest.com/brief/8811f9ffe427e93603d4dd7a1d845dbc17c30cf299cca72bb3085c2e4d598a13
# Reference: https://www.virustotal.com/gui/file/8811f9ffe427e93603d4dd7a1d845dbc17c30cf299cca72bb3085c2e4d598a13/detection
# Reference: https://www.virustotal.com/gui/file/0040aac65de0d237b7275d41d7d2924ef0b6c3da25e1b27d80919dc02b6cfee5/detection

http://84.21.172.198
84.21.172.198:1312
85.209.134.235:9331
infectedshit.cc
bots.infectedshit.cc
scan.infectedshit.cc

# Reference: https://elfdigest.com/brief/17acb276d0c8b60d2956aca60d3635fd5f720b018d5eacba149ac1394187535e

212.86.104.147:3778

# Reference: https://elfdigest.com/brief/1f08ad82beb057ed447fc8fdabb75c738f671edb3eef942b22ec330623228062

212.224.86.91:9997

# Reference: https://elfdigest.com/brief/23ee3d7532a57390628b5f3757add0565a0f8d3a31fa449a27bf4cefcb50dead

212.90.123.3:158

# Reference: https://elfdigest.com/brief/44ef32fdf2c69ae2b5ddf62bf411a87e3a06c5671c73f854ac7e06359c2e9280

45.95.55.25:911

# Reference: https://www.virustotal.com/gui/file/91d43a97a1efce2e1a2a632ac7df44f7ab9df82d97fcf6788cb604ea16892975/detection

45.95.55.191:38241

# Reference: https://elfdigest.com/brief/49b9e8bc479c3d3d0670dcb189b903a3818356f35004fdb29a20f8993565bffd

45.61.187.101:690

# Reference: https://elfdigest.com/brief/835d627e3db2e396de4d018fa0d1ab5933c66ceb0eb2daf1323709fa7b589c7c

194.50.170.131:3007

# Reference: https://elfdigest.com/brief/e70945f79362f36c52fd5dc35e5bc8b24e9fc01e0f82b3f488fa2aa4aa52711a

45.140.188.80:9506

# Reference: https://elfdigest.com/brief/dc308499c870fff5c4b9000f3edb9d3a45915cbb699c2efaf1340f81a3f45918

103.14.224.128:9506

# Reference: https://elfdigest.com/brief/30eb4f4a9079794278b31a65fe5190afa2f0b1a60f5be677836fb09996e693a9

163.123.142.194:4258

# Reference: https://elfdigest.com/brief/e11271171067715941a63b98d2a2ccca756b5e90c3df6fac27712f5ca6a624ae

84.21.172.169:6669

# Reference: https://elfdigest.com/brief/9305d477322211f9ae0254cb99b5015f14d140225ceaa294625285e38161fd45

23.224.121.247:3778

# Reference: https://elfdigest.com/brief/910d5dfacc5ff378519fff4f318c88e85d5bab459b1ac7900baac482b10244af

109.206.243.209:9506

# Reference: https://elfdigest.com/brief/74e8539cf768da19d9527e04e348803c20efbb9e15db87c4a0c137926eb2ad46

45.140.147.240:3778

# Reference: https://elfdigest.com/brief/857bcf69a13b2a3720d81fb79d6a22d78da79583b9fdc0a2d9de9f9d2953b67f

85.239.33.229:56999

# Reference: https://elfdigest.com/brief/da4766426e5c3c5302dadfc0514a7d56ec1ca1451f2f56485e33de3531225f8c

5.181.80.180:27459
guestchair300.sytes.net

# Reference: https://elfdigest.com/brief/6311829245f14eed482f4d948488cd4f8d0fde97a49fb72194bcaebaa5f9f6a4

dogeatingchink.uno

# Reference: https://elfdigest.com/brief/42061f1349250abedb97d81465e189dbd91e0afa795041a84ad49d250ef5a2f9

45.155.158.229:3778

# Reference: https://elfdigest.com/brief/02e6958f19ddf44d97247496c3c99c3331f6451210fa3a1deec332ec526ec0fa

198.98.56.129:13

# Reference: https://www.virustotal.com/gui/file/131746fcf4ff544bae537fd436a2e0096b31112eb59eaf591b1dfd3a6708bb6e/detection

185.62.189.210:6612

# Reference: https://www.virustotal.com/gui/file/ff79ab20dd2e5a87856fecb29dd242908a8fd61bea7d607dc8f9b27ef95bd35c/detection

185.62.189.210:1994

# Reference: https://www.virustotal.com/gui/file/280d1bf8d9488e5ac3dda67ace030ee96828fc831337947fc4233786a0420208/detection

http://185.62.189.210

# Reference: https://elfdigest.com/brief/d0ace019a4e8976a910cbe1804e83d297218c27350fa389446f371aec81b86d8

77.91.122.114:9999

# Reference: https://elfdigest.com/brief/c74a3ff5a4a2a6b10d44c08c10b0938d60d11b8a61b997bf14958080e0df501d

207.167.64.147:9999

# Reference: https://elfdigest.com/brief/5e94dd92e52c5bbc8351a4160d4bcf049e1d07bb3037e9191e221627f16733d9

45.145.226.64:12345

# Reference: https://elfdigest.com/brief/c2abf77042a4e7daef472244f0826d5e78556a9283f84401500f4f3326e9f449

5.181.80.180:9931

# Reference: https://twitter.com/banthisguy9349/status/1743217787206517197
# Reference: https://app.validin.com/axon?source=DNS&type=ip&find=91.92.242.113
# Reference: https://elfdigest.com/brief/5adf25df621f5a2d55a5d277ff9eb4a160e8806e8484d7ea4aa447173acd6dd3/detection
# Reference: https://www.virustotal.com/gui/file/0594bda00da8aa0d9cc1662a17100e3bf87a4fe8ca04cdc690bfee243732392e/detection

138.68.65.48:38241
161.35.88.106:1311
161.35.89.255:1311
161.35.90.184:1311
165.22.201.172:1288
20.187.91.63:59413
24.144.81.7:1302
87.121.112.29:1311
87.121.112.41:1311
91.92.251.113:38241
94.131.13.80:1311
infectedchink.cat
0kn.tech
for.geek

# Reference: https://elfdigest.com/brief/ff2d6854bc3e06e7bd7d9458caff24d278633c1ce8f3794c595cf17af2c0bd40

185.132.53.3:3778

# Reference: https://elfdigest.com/brief/86aec9fa7b3b60170b826bfa3fe7f234f2996a33b735f6be9506a896abd1e0fb

163.123.142.172:42069

# Reference: https://elfdigest.com/brief/b834031099391abd42f95f8015f800844d6ea957031e8119bf6d01a186d2b4d3

109.206.243.183:814

# Reference: https://elfdigest.com/brief/c154dfd737ac20f1c3605432044604e88a79adfe9e88f1718902ec58c00afc9a

193.35.18.230:420

# Reference: https://elfdigest.com/brief/e054fa5012cfcd6a194eaf787f071c4632c086e3f55a1083f4b6203d0fd11c23

185.246.221.138:9999

# Reference: https://elfdigest.com/brief/88569e07cb9fb91f4595ecc4d4a8d53f846dfe2c4f54c14973c22a2785a8ad38

104.244.76.7:56999
biubiu001.app
a.biubiu001.app

# Reference: https://twitter.com/peterkruse/status/1602694579387617281
# Reference: https://www.virustotal.com/gui/file/15d02ad97668856e37929b27fad3c3165f9996f3087fb01a9ccb6b772bfde21b/detection
# Reference: https://www.virustotal.com/gui/file/26a3836c8cb0a9b80f37a35e341aec95e0377acf3dc3d698600de7ccf63b408d/detection

http://109.206.243.66
109.206.243.66:3007
d4xw.xyz
/botx.amd64
/botx.arc
/botx.arcle-hs38
/botx.arm
/botx.arm4
/botx.arm4l
/botx.arm4t
/botx.arm4tl
/botx.arm4tll
/botx.arm5
/botx.arm5l
/botx.arm5n
/botx.arm6
/botx.arm64
/botx.arm6l
/botx.arm7
/botx.arm7l
/botx.arm8
/botx.armv4
/botx.armv4l
/botx.armv5l
/botx.armv6
/botx.armv61
/botx.armv6l
/botx.armv7l
/botx.dbg
/botx.exploit
/botx.i4
/botx.i486
/botx.i586
/botx.i6
/botx.i686
/botx.kill
/botx.m68
/botx.m68k
/botx.mips
/botx.mips64
/botx.mipseb
/botx.mipsel
/botx.mpsl
/botx.pcc
/botx.powerpc
/botx.powerpc-440fp
/botx.powerppc
/botx.ppc
/botx.pp-c
/botx.ppc2
/botx.ppc440
/botx.ppc440fp
/botx.riscv64
/botx.root
/botx.root32
/botx.s390x
/botx.sh
/botx.sh4
/botx.sparc
/botx.spc
/botx.ssh4
/botx.x32
/botx.x32_64
/botx.x64
/botx.x86
/botx.x86_32
/botx.x86_64

# Reference: https://elfdigest.com/brief/c4f05607b6b9ccec1c95636ab7a419f4cf25bebbff9f16285b47ef81da5296fb

198.50.242.126:158

# Reference: https://mp.weixin.qq.com/s/4iTA4LBNEnOQ5T5AcvZCCA (Chinese)
# Reference: https://otx.alienvault.com/pulse/6399b4e48b9d5768cd1f7b2b

http://185.246.221.220
185.213.26.101:6001
185.246.221.220:6001
peniseater.click
whatareyousearchingfor.net
znet.whatareyousearchingfor.net
/Bins_Bot_hicore_amd64
/Bins_Bot_hicore_arc
/Bins_Bot_hicore_arcle-hs38
/Bins_Bot_hicore_arm
/Bins_Bot_hicore_arm4
/Bins_Bot_hicore_arm4l
/Bins_Bot_hicore_arm4t
/Bins_Bot_hicore_arm4tl
/Bins_Bot_hicore_arm4tll
/Bins_Bot_hicore_arm5
/Bins_Bot_hicore_arm5l
/Bins_Bot_hicore_arm5n
/Bins_Bot_hicore_arm6
/Bins_Bot_hicore_arm64
/Bins_Bot_hicore_arm6l
/Bins_Bot_hicore_arm7
/Bins_Bot_hicore_arm7l
/Bins_Bot_hicore_arm8
/Bins_Bot_hicore_armv4
/Bins_Bot_hicore_armv4l
/Bins_Bot_hicore_armv5l
/Bins_Bot_hicore_armv6
/Bins_Bot_hicore_armv61
/Bins_Bot_hicore_armv6l
/Bins_Bot_hicore_armv7l
/Bins_Bot_hicore_dbg
/Bins_Bot_hicore_exploit
/Bins_Bot_hicore_i4
/Bins_Bot_hicore_i486
/Bins_Bot_hicore_i586
/Bins_Bot_hicore_i6
/Bins_Bot_hicore_i686
/Bins_Bot_hicore_kill
/Bins_Bot_hicore_m68
/Bins_Bot_hicore_m68k
/Bins_Bot_hicore_mips
/Bins_Bot_hicore_mips64
/Bins_Bot_hicore_mipseb
/Bins_Bot_hicore_mipsel
/Bins_Bot_hicore_mpsl
/Bins_Bot_hicore_pcc
/Bins_Bot_hicore_powerpc
/Bins_Bot_hicore_powerpc-440fp
/Bins_Bot_hicore_powerppc
/Bins_Bot_hicore_ppc
/Bins_Bot_hicore_pp-c
/Bins_Bot_hicore_ppc2
/Bins_Bot_hicore_ppc440
/Bins_Bot_hicore_ppc440fp
/Bins_Bot_hicore_riscv64
/Bins_Bot_hicore_root
/Bins_Bot_hicore_root32
/Bins_Bot_hicore_s390x
/Bins_Bot_hicore_sh
/Bins_Bot_hicore_sh4
/Bins_Bot_hicore_sparc
/Bins_Bot_hicore_spc
/Bins_Bot_hicore_ssh4
/Bins_Bot_hicore_x32
/Bins_Bot_hicore_x32_64
/Bins_Bot_hicore_x64
/Bins_Bot_hicore_x86
/Bins_Bot_hicore_x86_32
/Bins_Bot_hicore_x86_64

# Reference: https://www.virustotal.com/gui/file/5da3c4264f44e107bfaacf1bcca45c87d6329e9a927a8826e98d42d4662375da/detection
# Reference: https://www.virustotal.com/gui/file/24c52b2f308b3da21c5823c3bb2e4ee95533faf3d15ce9725878e0d7762e416f/detection

http://212.24.110.70
212.24.110.70:23

# Reference: https://elfdigest.com/brief/1a8a7ead7d406969a36b6f6bedd06462206c886fe339373a2dc2781366c29b76
# Reference: https://elfdigest.com/brief/c1d9b1227744e6a51d409c64f95cd8880b7ffb966d94ea4ad43e0a5725213a94

193.47.61.42:59666
193.47.61.42:56999
rootednet.com

# Reference: https://www.virustotal.com/gui/file/8599fb66430461f1d8750c03490697f25105028037c4a1378c1ceef783549995/detection

193.47.61.42:61231

# Reference: https://www.virustotal.com/gui/file/118a11be26ed31489c5fa14109d7f22f1c5084feaba78b804d3d68adb4295d18/detection

107.172.197.117:9931

# Reference: https://twitter.com/fuyinglab/status/1603626053293203457

gxgvoh5yljp2v2hvyiztzjhhuveaygcejp54y5gts2dnntdjexrkm2ad.onion

# Reference: https://twitter.com/SecureSh3ll/status/1603514505748684832

http://171.22.30.173
171.22.30.173:1337

# Reference: https://elfdigest.com/brief/7b63551a6aa794f6a6c3c353bbed350c4c5b17212f18b5934dcf4e1b6d2c3b04
# Reference: https://www.virustotal.com/gui/file/7b63551a6aa794f6a6c3c353bbed350c4c5b17212f18b5934dcf4e1b6d2c3b04/detection

91.208.206.151:9506

# Reference: https://elfdigest.com/brief/4c5d202fbe306877fabd765872f320c90b96c34ba9eb6d79490b287f5f52b769

43.156.35.69:56999
liuweijie.online

# Reference: https://elfdigest.com/brief/c3b2407be697f041db056eefab865682ec565b7fd0546cd7b2a6b487f8aa3a77

85.192.41.106:576

# Reference: https://elfdigest.com/brief/1d31f80f8d0b28f2d29e9724f8764404e77f8cb9cc401cd7bcc0823fb3d5c9ed

173.249.38.96:3007

# Reference: https://twitter.com/tosscoinwitcher/status/1604941918579740673
# Reference: https://www.virustotal.com/gui/file/068b161b8cb9c6736d8c6b0398c6b4f46b3f6eec5e86fc6e4323a2047006ad7d/detection

http://193.35.18.162
youngbarua.com

# Reference: https://elfdigest.com/brief/85741e746784664a288152687597c525ac242eda1836005c53093d98d25e00aa

193.35.18.225:3778

# Reference: https://elfdigest.com/brief/5cafeb4e58d717810ef12470e62e6e07d9c4f4e610ca71708c6533c030c11fa0
# Reference: https://elfdigest.com/brief/d3c11a95253cb29cf9b55d9a141849707ed193fe9fbdbf4d413e6b2c641e8f1f

23.224.131.230:56999
45.81.39.72:56999
btc-f2pool.top
a.btc-f2pool.top
230.btc-f2pool.top

# Reference: https://elfdigest.com/brief/0bb4dce69365ae39f2477b04ec5156dbff08c8ef3e11350bc7dbd3f61bae904d

47.87.225.23:7890

# Reference: https://elfdigest.com/brief/1a1958e2fb3cb4e12ef59089176c8fdaeb2fdf0734da18eda25247eec6ea7b2a

193.42.33.214:1930

# Reference: https://elfdigest.com/brief/f162f2a81d38b70cc9024bb86e95ae589790d3163bafc5a3411b36f995e1084d

207.167.64.147:9595

# Reference: https://elfdigest.com/brief/070620a459e9d82ec907b7697ea053dc9585f583803d7d51fbcacc780b005ca1

46.3.112.9:56999
cyberpros.site
dawr1.cyberpros.site

# Reference: https://elfdigest.com/brief/595b3f23360e606e169845fb1ecfa06d15dbc54319487dbe766f1d1c47d77066
# Reference: https://elfdigest.com/brief/14b5a714210ad9239d3fc3c1d871fd28fa183297574695c5d67f763a04a0bcef

104.244.72.8:56999
46.3.112.238:56999
bot.layer7.top

# Reference: https://elfdigest.com/brief/094cdab2f2c0553ee88d6dd9b22a76310143cf5b94fd3a3574d984a22dce46fe
# Reference: https://www.virustotal.com/gui/file/094cdab2f2c0553ee88d6dd9b22a76310143cf5b94fd3a3574d984a22dce46fe/detection

159.253.120.185:56999
91.208.206.151:56999
solarstress.lol

# Reference: https://elfdigest.com/brief/b9b4a484297b810126a4affc56e0ab5bcc51aed0e5b11476924877c01ea86934

193.42.33.81:1930

# Reference: https://twitter.com/nuria_imeq/status/1606418052836315136

http://209.141.51.132
http://45.195.69.113

# Reference: https://elfdigest.com/brief/1b488b4d47acf22c3c425f202e821b4f2463219a6206ff19b2b0fce9e3430161

23.225.14.201:839

# Reference: https://elfdigest.com/brief/dfca882bb7e234dd2a591d06589e2dad0c1472ba8099a9039c00c270c03e2a0c

185.132.53.77:45948

# Reference: https://elfdigest.com/brief/55acb60ef862528d983048cf360ee4e00a64c6aa36d378171b4a80b78f42b4e2

209.141.51.132:6646
heylitimysun.top

# Reference: https://www.virustotal.com/gui/file/2c8a5bedfddfe1c0424872374a1d2211ebfccc03523982f85c70a66c551b508d/detection

/xmogum.amd64
/xmogum.arc
/xmogum.arcle-hs38
/xmogum.arm
/xmogum.arm4
/xmogum.arm4l
/xmogum.arm4t
/xmogum.arm4tl
/xmogum.arm4tll
/xmogum.arm5
/xmogum.arm5l
/xmogum.arm5n
/xmogum.arm6
/xmogum.arm64
/xmogum.arm6l
/xmogum.arm7
/xmogum.arm7l
/xmogum.arm8
/xmogum.armv4
/xmogum.armv4l
/xmogum.armv5l
/xmogum.armv6
/xmogum.armv61
/xmogum.armv6l
/xmogum.armv7l
/xmogum.dbg
/xmogum.exploit
/xmogum.i4
/xmogum.i486
/xmogum.i586
/xmogum.i6
/xmogum.i686
/xmogum.kill
/xmogum.m68
/xmogum.m68k
/xmogum.mips
/xmogum.mips64
/xmogum.mipseb
/xmogum.mipsel
/xmogum.mpsl
/xmogum.pcc
/xmogum.powerpc
/xmogum.powerpc-440fp
/xmogum.powerppc
/xmogum.ppc
/xmogum.pp-c
/xmogum.ppc2
/xmogum.ppc440
/xmogum.ppc440fp
/xmogum.riscv64
/xmogum.root
/xmogum.root32
/xmogum.s390x
/xmogum.sh
/xmogum.sh4
/xmogum.sparc
/xmogum.spc
/xmogum.ssh4
/xmogum.x32
/xmogum.x32_64
/xmogum.x64
/xmogum.x86
/xmogum.x86_32
/xmogum.x86_64
/xmogu/

# Reference: https://elfdigest.com/brief/3b445c0ff3e32ec5dffd770016f6bbc1cdeca0f5f53310b70ca2640e24d2c293

193.42.33.81:671

# Reference: https://elfdigest.com/brief/414f18ddfc8cb4d3e3586d473df064b643c86b44bd2ec3d880c9887577633e1c

193.47.61.42:34241

# Reference: https://elfdigest.com/brief/db37ecdef89cd316a0f49c5231d349116bee3e9bd1083862e0609cb329b83905

38.60.28.167:55555

# Reference: https://www.virustotal.com/gui/file/7ec13c263d7ddf28f7595799da807e4c457ec7a907eeee534a497f93ad519364/detection
# Reference: https://www.virustotal.com/gui/file/0ac4dcce9224ac1c8f544bbe911be1233e7a9b21a1e49b1d468eedae5867acf4/detection

http://18.229.185.94
http://54.233.89.18
0sv.hopto.org

# Reference: https://elfdigest.com/brief/a91e846c8534eb18ce83437b37f2dbda8faa2c4361def76d6ba6844ba297a71d

85.239.34.15:56999

# Reference: https://elfdigest.com/brief/b891fbe459279a0b0c67488e80f3174dec1b7d36d351c85f1d67065b1453c581

178.128.153.121:56999
ddaa.xinghaoshangcheng.cn

# Reference: https://elfdigest.com/brief/9c4a05cdd18b7371ea16dc9b2d54f6fb11225943b71ed9c5aa31a0bdca6721d2

195.58.39.206:671

# Reference: https://www.virustotal.com/gui/file/62517c695fcf3afd1eecfe8f83809a774e8ef7a0e7784a96904ef8e808086c17/detection

http://18.228.35.133
1337sv.hopto.org

# Reference: https://elfdigest.com/brief/f3379cdddfaf3bccd792b6effe2bb45d1256fd588166b445a442c34bbbbae061
# Reference: https://elfdigest.com/brief/5f8c939a1aa3fffbda32ab15ec5c07caf8e3125c1ababa620b52e6ceeb3e88db

107.189.10.180:56999
46.3.112.155:56999
xiaojue.top

# Reference: https://elfdigest.com/brief/ba79cf9aec445aad98d9ba7ad8f85f5a8f8617c8482ed8913f725f10b2942b42

23.225.14.209:839

# Reference: https://elfdigest.com/brief/6df376c1d1b9d279e39eaa1d7d70318f90395d35097c8be7d27622ef759e609e

195.58.39.18:671

# Reference: https://elfdigest.com/brief/fb02e573c9199bc2f55a35a493591ab173ba3ce229664efb12c2f5f59319bca3

193.42.33.14:45

# Reference: https://elfdigest.com/brief/0006972759ce3ebc695ab72523aa6c8206e2d6a909cd5e1337be2c2b99136548

45.81.39.193:56999

# Reference: https://elfdigest.com/brief/b21b83c031084e16167ae3b1bf8e94a6fb446651168b60f00e3c6273d278ba37

195.58.39.254:420

# Reference: https://elfdigest.com/brief/b4666ec378918963a8b2dec526e36d63533d3eff1acc0f5f3612352afdf2b906

86.104.194.156:420

# Reference: https://elfdigest.com/brief/acb573afa4ca18a7398ee49e3ccf4d485098d665c890d0818cc04b6f45f52f73

47.87.230.236:6666

# Reference: https://elfdigest.com/brief/ed48c3e2181f8112825cee371e98cacf87388c7ca0d8da4fa032a1d0f26ac830
# Reference: https://elfdigest.com/brief/461430d3129ba68cd02fcebd48f00cc018bff0cd4c77ef0f042c002323f2272f
# Reference: https://www.virustotal.com/gui/file/8a8784ecfaece8512132616cf30d55c150f85c37987dd585e2177e322454dcf8/detection

156.236.16.237:60195
179.43.154.136:60195
185.112.83.254:60195
blazingnetwork.pro
hihi.blazingnetwork.pro

# Reference: https://elfdigest.com/brief/4a5985304bf311176b9e64856d478a2d6715e7ce9fbad7a971b57db227453ff6

45.81.39.191:56999
hitman.ltd
 
# Reference: https://elfdigest.com/brief/0c155dd41219e8143fb78ef1bd7ae71650a74085d9cd587ecc94aa6ac8bafa21

45.81.39.194:56999
errorcoders.com

# Reference: https://www.virustotal.com/gui/file/ae156ceae2e2ea13d397675316fd96219d7f3a7dd164e0f773fdc7f709209515/detection

http://45.81.39.193

# Reference: https://elfdigest.com/brief/7d7e293f33d2bfe02a01594d73a1329ef315410a30b0782d0661619c1590632f

193.35.18.155:420

# Reference: https://elfdigest.com/brief/015d3f9dc23e066ed5c43cf979dd28c8837354bde77dd4b463030a0d5e7c72f3

185.231.207.232:9931

# Reference: https://elfdigest.com/brief/77941869784efb48fe7edb0dc2fe93c37052a4a0ec4d990dcccff9bda38bb6cc

5.181.80.115:59666
cookiehub.ga

# Reference: https://elfdigest.com/brief/e66ce9274d115010f006315166bae7ea358bb687c8f3b0d293848136df960316

167.172.164.152:1302

# Reference: https://elfdigest.com/brief/6bea5877e3e091daee2854b1aad1ebeeca1f00b2fcf918ac16261b4ea3c0b52f

195.133.40.116:65531

# Reference: https://elfdigest.com/brief/da14b366daf36ec0d92554c6ab3e0d08bb8f46ebfc4532eb9517928f64f9fff0

45.140.188.85:7000

# Reference: https://elfdigest.com/brief/83ebb3060ab1e893bef60815f285dd4ca328db03d87e4c7b361ae431f06ee9cc

51.222.32.104:59666
xin.badplayer.net

# Reference: https://elfdigest.com/brief/f35741f9ee05a2a667a17e72309650507ba7b734923fa033318c8ecd82fe27a2

45.81.39.172:1337

# Reference: https://elfdigest.com/brief/72311342a12a621909cb04b49fe369080c56a3221de199a7954b7933c3270c9b

41.216.182.17:6606

# Reference: https://elfdigest.com/brief/426f13ceac38a9f6b2b907a8518589f1f89557e164f7490d38325a6db6cedd9c

45.14.165.26:9595

# Reference: https://elfdigest.com/brief/ce771831df50817deddeb41acb8eccb300a8146f87b19f0c3f8c9eb3e47ac8d0

5.181.80.115:9931

# Reference: https://elfdigest.com/brief/04520f8b115a7d624338a88ef42788140e678997ee4692cb9c92f79afcfdb5da

107.189.8.94:999
qiqijiawawajia.bond

# Reference: https://elfdigest.com/brief/7c18a8bad0e7432b14f259bea83a5fd85285fc8aa1506b891cef7d0bf480a546

193.47.61.205:45

# Reference: https://www.virustotal.com/gui/file/5cd9f789da6b24c4a321fbea538f543e5605aa9fd96e7fec908844e9e1d8dc27/detection
# Reference: https://www.virustotal.com/gui/file/7a47189dba781c9eab74cb202562c97280991411ccc5779296f35ce7861fcbff/detection

185.246.220.5:56999
1216khw.kro.kr

# Reference: https://www.virustotal.com/gui/file/da96282024cd7eeef4645e24e4d4ebc0f09716577af386016bac8822dde58aa9/detection

185.246.220.5:1312

# Reference: https://www.virustotal.com/gui/file/2c02728972d936f89a3b175555e16a883d3c9c185d0ce860b355a59cd831306c/detection
# Reference: https://www.virustotal.com/gui/file/658420fc413a1ed89dfa9cdbbdcc9ffc20ec9ec41ef04ed6696ee3e6fe344f78/detection

185.246.220.5:1791

# Reference: https://elfdigest.com/brief/eb3094e350e6a94bb8b2ed56885c904cd21e41ae9d8d948d7b3f1ecf03095ead

37.44.238.172:6666

# Reference: https://elfdigest.com/brief/ad1ca9c7bbaa7858c4e9dad94edb4ce91be28c959d78ef653a66ba2e3a82b387

79.133.41.114:606

# Reference: https://elfdigest.com/brief/f7391a8515239440b3c31160238c61cd444638f95a62822ccd78cf28bc288437

185.132.53.108:56999
synful.lol

# Reference: https://elfdigest.com/brief/0ec276759995912eaf14acb0ecda05c35a5c468a87a123383fa8ff893ad22672

138.68.111.24:56999
orxy.online
pipi.orxy.online

# Reference: https://www.virustotal.com/gui/file/28acdee6347baec5ff8bc75a6a91984cc77f4c6da37c2026d6522a7a072af419/detection

lul.orxy.online

# Reference: https://elfdigest.com/brief/9f6826c8582e9a6d8995b5a530e61f490235c70b865f0f800d83c6ee95365988

45.128.234.72:4259

# Reference: https://twitter.com/SecureSh3ll/status/1612575508390203410
# Reference: https://www.virustotal.com/gui/ip-address/109.206.243.161/detection

http://109.206.243.161

# Reference: https://elfdigest.com/brief/61881c491edf41da27ea209b4100d66c58ecd85621677758f607136be32b9bea

107.189.10.180:3778

# Reference: https://ti.qianxin.com/blog/articles/watch-out-for-new-variants-of-rapper-botnet-and-related-mining-activities/
# Reference: https://elfdigest.com/brief/95aa6882f5ea5a892ef832ef15dea77261394a7fec6db9d91267d40f1cf2bfa5

http://109.206.243.207
109.206.243.207:5555
109.206.243.207:6667

# Reference: https://elfdigest.com/brief/39dd070ea397d0f6c9e90f10748fbc826478ab9a99ce4017016e50a13f2c7a21

79.124.78.155:10

# Reference: https://www.virustotal.com/gui/file/b50dbf9c8056fa4f6b48c9dd20e1df8c67f51552d09df69d6a1fa29598f218ec/detection

http://167.99.5.116

# Reference: https://threatfox.abuse.ch/ioc/1068144/
# Reference: https://www.virustotal.com/gui/file/7b82e49b5f8ebe452f8d8fcce23686ad1e86efc754e223449c3ae4b46e9b3e8e/detection

194.180.49.139:6666

# Reference: https://elfdigest.com/brief/131cf9906e3a57667c977696ae861032a0f999170acd0ab6afb8e659667a8c06

47.87.225.23:2909

# Reference: https://umbrella.cisco.com/blog/query-volumes-mirai-dgas

bwhrdaumwuvn.support
exvdaajegjur.support
kedbuffigfjs.online
lvfjcwwobycj.tech
nympompksmfx.tech
oornsduuwjli.tech
qjqubpciajoc.tech
vmdefmnsndoj.tech
xpknpxmywqsr.support
xpknpxmywqsrhe.online

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/

http://124.248.238.58
http://195.178.120.44
http://98.126.213.24
1.116.115.169:3884
1.36.116.198:41763
1.65.210.150:14984
101.0.34.178:2906
101.0.38.50:44735
101.0.54.245:4538
101.182.231.187:48933
101.28.105.18:8000
103.149.87.111:1024
103.161.181.149:56999
103.161.181.160:56999
103.166.183.190:3778
103.166.183.241:3778
103.166.185.76:1312
103.173.157.210:9375
103.178.232.12:56999
103.179.172.238:3778
103.179.189.80:56999
103.183.118.73:56999
103.186.147.155:23382
103.205.254.77:20001
103.215.81.11:107
103.223.8.254:21591
103.231.88.10:60448
103.250.184.81:24250
103.252.200.195:33207
103.40.198.149:3378
104.199.208.211:81
104.244.76.105:55650
104.244.76.7:55650
106.198.46.97:8000
106.209.194.84:13267
107.182.129.217:59666
107.182.129.240:38241
107.182.129.84:1337
107.189.29.157:55655
107.6.255.132:1337
109.122.221.134:56999
109.136.176.176:45336
109.173.41.35:60744
109.206.240.137:3074
109.206.240.138:38241
109.206.240.231:34241
109.206.241.17:34241
109.206.243.119:1312
109.206.243.207:1231
109.206.243.209:4200
109.206.243.209:9375
109.98.208.52:1337
110.235.60.191:26935
111.22.150.20:30301
111.252.183.41:4040
112.118.25.184:65059
113.156.84.26:17117
114.152.33.239:18468
114.43.200.54:13826
115.30.220.132:6881
115.59.98.34:4000
115.70.22.20:39111
116.115.34.181:6881
116.49.133.189:6881
116.68.103.34:33352
117.194.146.46:6881
117.194.151.218:4000
117.194.158.134:1114
117.194.159.202:34222
117.195.109.34:8083
117.196.26.178:25080
117.201.206.165:21914
117.208.238.56:2964
117.212.168.193:30301
117.212.170.227:8080
117.215.246.33:33369
117.216.0.116:1027
117.216.2.219:30301
117.216.21.161:50861
117.216.30.198:21742
117.216.30.56:12996
117.216.46.218:6881
117.217.150.235:30301
117.223.94.66:1434
117.241.186.0:8080
117.248.55.134:46880
117.253.150.194:30301
117.253.154.247:5060
117.253.155.14:34354
117.255.78.187:8080
118.42.15.169:11822
119.246.227.26:26578
119.247.38.87:51413
121.109.144.192:25824
121.176.159.225:42779
121.221.67.12:6881
123.202.251.95:6713
125.118.127.158:6881
125.179.94.58:55859
128.199.133.226:56999
129.146.248.40:8985
129.226.204.213:1312
130.105.100.72:6881
130.239.18.158:8729
130.239.18.158:8735
132.145.54.215:25565
134.209.230.71:3778
137.184.170.90:38241
137.184.49.114:1337
137.74.170.71:62170
138.197.141.232:38241
138.68.111.24:8769
139.59.2.115:9902
14.37.18.132:40864
140.228.21.109:32488
140.99.3.104:3778
140.99.4.20:13
141.94.21.71:9189
141.98.6.106:2311
141.98.6.124:45
141.98.6.222:56999
141.98.6.81:8769
143.137.57.102:7173
143.137.57.103:7173
143.137.57.107:7173
143.137.57.108:7173
143.137.57.110:7173
143.137.57.111:7173
143.137.57.113:7173
143.137.57.117:7173
143.137.57.11:7173
143.137.57.121:7173
143.137.57.123:7173
143.137.57.125:7173
143.137.57.127:7173
143.137.57.130:7173
143.137.57.135:7173
143.137.57.139:7173
143.137.57.13:7173
143.137.57.141:7173
143.137.57.142:7173
143.137.57.143:7173
143.137.57.145:7173
143.137.57.146:7173
143.137.57.14:7173
143.137.57.151:7173
143.137.57.152:7173
143.137.57.153:7173
143.137.57.156:7173
143.137.57.158:7173
143.137.57.15:7173
143.137.57.160:7173
143.137.57.161:7173
143.137.57.163:7173
143.137.57.165:7173
143.137.57.168:7173
143.137.57.173:7173
143.137.57.180:7173
143.137.57.181:7173
143.137.57.185:7173
143.137.57.186:7173
143.137.57.187:7173
143.137.57.189:7173
143.137.57.195:7173
143.137.57.196:7173
143.137.57.198:7173
143.137.57.19:7173
143.137.57.200:7173
143.137.57.201:7173
143.137.57.203:7173
143.137.57.204:7173
143.137.57.206:7173
143.137.57.207:7173
143.137.57.208:7173
143.137.57.209:7173
143.137.57.211:7173
143.137.57.220:7173
143.137.57.228:7173
143.137.57.22:7173
143.137.57.239:7173
143.137.57.23:7173
143.137.57.241:7173
143.137.57.246:7173
143.137.57.24:7173
143.137.57.252:7173
143.137.57.254:7173
143.137.57.25:7173
143.137.57.26:7173
143.137.57.27:7173
143.137.57.29:7173
143.137.57.30:7173
143.137.57.33:7173
143.137.57.35:7173
143.137.57.36:7173
143.137.57.37:7173
143.137.57.42:7173
143.137.57.43:7173
143.137.57.48:7173
143.137.57.4:7173
143.137.57.52:7173
143.137.57.54:7173
143.137.57.58:7173
143.137.57.5:7173
143.137.57.60:7173
143.137.57.64:7173
143.137.57.69:7173
143.137.57.71:7173
143.137.57.72:7173
143.137.57.77:7173
143.137.57.86:7173
143.137.57.8:7173
143.137.57.90:7173
143.137.57.91:7173
143.137.57.97:7173
143.137.57.99:7173
143.176.32.44:6881
143.198.238.130:666
143.42.108.121:23
146.120.177.167:14280
146.19.191.61:13
146.19.191.65:56999
147.135.1.82:22
147.182.142.77:3778
148.70.150.207:30301
149.56.246.85:56999
15.204.176.159:22
15.235.149.63:1337
151.80.43.180:6881
152.117.119.76:58302
154.13.6.69:56999
154.16.115.249:1312
154.23.248.18:3007
154.3.40.71:31149
155.94.170.216:9506
156.224.24.249:56999
156.251.30.167:56999
156.251.30.168:1337
157.230.184.88:55655
157.230.35.220:56999
158.51.126.24:3778
159.65.22.254:3778
161.35.75.138:52
163.172.91.117:51413
163.58.22.17:6881
165.232.162.26:56999
167.172.164.152:59666
167.235.140.28:3778
167.99.112.235:1312
168.119.146.116:53327
168.90.79.64:28167
171.22.30.173:49326
171.22.30.185:9506
171.22.30.42:3778
172.65.219.10:32504
172.93.160.232:48748
172.93.160.232:6666
173.212.202.248:51422
173.255.195.147:38241
175.0.98.48:6881
175.209.226.117:60648
176.111.173.27:5555
176.114.21.197:35861
176.131.245.110:51413
176.209.229.15:27013
176.212.181.126:25399
176.213.204.57:61998
176.63.23.236:23647
176.97.210.205:65420
177.130.7.101:7173
177.130.7.102:7173
177.130.7.108:7173
177.130.7.109:7173
177.130.7.10:7173
177.130.7.111:7173
177.130.7.112:7173
177.130.7.115:7173
177.130.7.116:7173
177.130.7.119:7173
177.130.7.120:7173
177.130.7.124:7173
177.130.7.125:7173
177.130.7.127:7173
177.130.7.129:7173
177.130.7.130:7173
177.130.7.132:7173
177.130.7.133:7173
177.130.7.137:7173
177.130.7.142:7173
177.130.7.144:7173
177.130.7.146:7173
177.130.7.147:7173
177.130.7.148:7173
177.130.7.149:7173
177.130.7.150:7173
177.130.7.154:7173
177.130.7.156:7173
177.130.7.157:7173
177.130.7.158:7173
177.130.7.166:7173
177.130.7.168:7173
177.130.7.171:7173
177.130.7.180:7173
177.130.7.182:7173
177.130.7.183:7173
177.130.7.184:7173
177.130.7.187:7173
177.130.7.190:7173
177.130.7.196:7173
177.130.7.199:7173
177.130.7.19:7173
177.130.7.1:7173
177.130.7.203:7173
177.130.7.204:7173
177.130.7.205:7173
177.130.7.208:7173
177.130.7.20:7173
177.130.7.213:7173
177.130.7.214:7173
177.130.7.215:7173
177.130.7.217:7173
177.130.7.218:7173
177.130.7.221:7173
177.130.7.225:7173
177.130.7.226:7173
177.130.7.228:7173
177.130.7.232:7173
177.130.7.233:7173
177.130.7.238:7173
177.130.7.23:7173
177.130.7.240:7173
177.130.7.243:7173
177.130.7.246:7173
177.130.7.247:7173
177.130.7.250:7173
177.130.7.251:7173
177.130.7.255:7173
177.130.7.25:7173
177.130.7.26:7173
177.130.7.27:7173
177.130.7.36:7173
177.130.7.38:7173
177.130.7.40:7173
177.130.7.44:7173
177.130.7.47:7173
177.130.7.48:7173
177.130.7.50:7173
177.130.7.53:7173
177.130.7.54:7173
177.130.7.56:7173
177.130.7.58:7173
177.130.7.61:7173
177.130.7.62:7173
177.130.7.65:7173
177.130.7.66:7173
177.130.7.67:7173
177.130.7.69:7173
177.130.7.71:7173
177.130.7.73:7173
177.130.7.76:7173
177.130.7.82:7173
177.130.7.84:7173
177.130.7.91:7173
177.130.7.92:7173
177.130.7.99:7173
177.86.58.0:7173
177.86.58.101:7173
177.86.58.103:7173
177.86.58.104:7173
177.86.58.107:7173
177.86.58.10:7173
177.86.58.110:7173
177.86.58.116:7173
177.86.58.11:7173
177.86.58.124:7173
177.86.58.127:7173
177.86.58.129:7173
177.86.58.132:7173
177.86.58.135:7173
177.86.58.141:7173
177.86.58.143:7173
177.86.58.144:7173
177.86.58.152:7173
177.86.58.153:7173
177.86.58.154:7173
177.86.58.157:7173
177.86.58.158:7173
177.86.58.161:7173
177.86.58.162:7173
177.86.58.164:7173
177.86.58.166:7173
177.86.58.168:7173
177.86.58.170:7173
177.86.58.174:7173
177.86.58.179:7173
177.86.58.17:7173
177.86.58.180:7173
177.86.58.182:7173
177.86.58.188:7173
177.86.58.190:7173
177.86.58.192:7173
177.86.58.194:7173
177.86.58.199:7173
177.86.58.201:7173
177.86.58.208:7173
177.86.58.20:7173
177.86.58.210:7173
177.86.58.213:7173
177.86.58.214:7173
177.86.58.215:7173
177.86.58.216:7173
177.86.58.223:7173
177.86.58.229:7173
177.86.58.230:7173
177.86.58.231:7173
177.86.58.234:7173
177.86.58.235:7173
177.86.58.240:7173
177.86.58.241:7173
177.86.58.242:7173
177.86.58.243:7173
177.86.58.244:7173
177.86.58.246:7173
177.86.58.251:7173
177.86.58.30:7173
177.86.58.31:7173
177.86.58.35:7173
177.86.58.36:7173
177.86.58.38:7173
177.86.58.40:7173
177.86.58.42:7173
177.86.58.49:7173
177.86.58.4:7173
177.86.58.50:7173
177.86.58.53:7173
177.86.58.54:7173
177.86.58.56:7173
177.86.58.5:7173
177.86.58.60:7173
177.86.58.62:7173
177.86.58.64:7173
177.86.58.67:7173
177.86.58.6:7173
177.86.58.72:7173
177.86.58.74:7173
177.86.58.77:7173
177.86.58.79:7173
177.86.58.82:7173
177.86.58.85:7173
177.86.58.89:7173
177.86.58.91:7173
177.86.58.94:7173
178.124.176.209:28502
178.141.12.151:10745
178.166.11.27:51413
178.204.10.74:30673
178.204.225.196:57829
178.211.189.46:14775
178.33.232.187:51413
178.57.196.154:49001
178.72.69.69:2279
178.72.77.6:25600
179.12.135.57:6881
179.184.128.250:62644
179.43.140.156:61993
179.43.141.99:61993
179.43.142.156:1972
179.43.154.193:1337
179.43.155.157:1312
179.43.156.149:60195
179.43.182.79:1543
179.43.182.79:420
18.220.154.211:9151
180.188.19.36:7110
180.188.243.213:12608
181.46.185.69:24442
181.46.216.210:40359
185.107.71.134:28030
185.107.71.137:28114
185.124.167.171:3062
185.126.237.210:999
185.126.33.61:58439
185.13.112.30:16188
185.132.53.119:2113
185.132.53.77:2973
185.149.90.110:6881
185.169.132.144:22
185.185.40.176:51413
185.21.217.78:65045
185.216.71.112:3778
185.216.71.192:3389
185.216.71.192:59666
185.216.71.65:38241
185.216.71.69:3778
185.216.71.77:1312
185.225.73.91:3778
185.225.74.212:56999
185.225.74.251:8888
185.225.74.251:9999
185.246.220.136:9931
185.246.221.101:1312
185.250.148.11:8999
185.253.224.47:6881
185.254.37.25:6666
185.28.39.60:1337
185.44.81.114:9999
185.49.242.25:17937
185.74.222.157:443
186.151.141.140:9093
186.193.244.0:7173
186.193.244.109:7173
186.193.244.112:7173
186.193.244.119:7173
186.193.244.11:7173
186.193.244.123:7173
186.193.244.124:7173
186.193.244.128:7173
186.193.244.129:7173
186.193.244.130:7173
186.193.244.131:7173
186.193.244.135:7173
186.193.244.136:7173
186.193.244.139:7173
186.193.244.13:7173
186.193.244.141:7173
186.193.244.142:7173
186.193.244.147:7173
186.193.244.149:7173
186.193.244.150:7173
186.193.244.159:7173
186.193.244.163:7173
186.193.244.165:7173
186.193.244.167:7173
186.193.244.169:7173
186.193.244.173:7173
186.193.244.174:7173
186.193.244.175:7173
186.193.244.178:7173
186.193.244.181:7173
186.193.244.185:7173
186.193.244.186:7173
186.193.244.189:7173
186.193.244.18:7173
186.193.244.190:7173
186.193.244.191:7173
186.193.244.192:7173
186.193.244.193:7173
186.193.244.196:7173
186.193.244.198:7173
186.193.244.202:7173
186.193.244.204:7173
186.193.244.207:7173
186.193.244.208:7173
186.193.244.211:7173
186.193.244.21:7173
186.193.244.223:7173
186.193.244.226:7173
186.193.244.227:7173
186.193.244.230:7173
186.193.244.236:7173
186.193.244.241:7173
186.193.244.243:7173
186.193.244.245:7173
186.193.244.246:7173
186.193.244.248:7173
186.193.244.250:7173
186.193.244.251:7173
186.193.244.253:7173
186.193.244.254:7173
186.193.244.255:7173
186.193.244.31:7173
186.193.244.36:7173
186.193.244.38:7173
186.193.244.43:7173
186.193.244.44:7173
186.193.244.45:7173
186.193.244.46:7173
186.193.244.47:7173
186.193.244.49:7173
186.193.244.51:7173
186.193.244.52:7173
186.193.244.53:7173
186.193.244.55:7173
186.193.244.56:7173
186.193.244.57:7173
186.193.244.58:7173
186.193.244.59:7173
186.193.244.61:7173
186.193.244.62:7173
186.193.244.65:7173
186.193.244.6:7173
186.193.244.75:7173
186.193.244.86:7173
186.193.244.88:7173
186.193.244.89:7173
186.193.244.90:7173
186.193.244.94:7173
186.218.28.0:18308
187.183.44.53:5910
188.113.132.193:4384
188.134.28.31:60552
188.163.42.112:40355
188.187.182.32:17245
188.209.56.11:28127
188.209.56.20:28079
188.209.56.30:28183
188.209.56.33:28071
188.226.88.99:51413
188.32.62.31:51413
189.1.60.100:7173
189.1.60.101:7173
189.1.60.102:7173
189.1.60.107:7173
189.1.60.108:7173
189.1.60.110:7173
189.1.60.111:7173
189.1.60.112:7173
189.1.60.116:7173
189.1.60.117:7173
189.1.60.125:7173
189.1.60.128:7173
189.1.60.129:7173
189.1.60.12:7173
189.1.60.130:7173
189.1.60.131:7173
189.1.60.132:7173
189.1.60.138:7173
189.1.60.13:7173
189.1.60.142:7173
189.1.60.144:7173
189.1.60.146:7173
189.1.60.149:7173
189.1.60.158:7173
189.1.60.165:7173
189.1.60.168:7173
189.1.60.16:7173
189.1.60.172:7173
189.1.60.173:7173
189.1.60.174:7173
189.1.60.17:7173
189.1.60.184:7173
189.1.60.185:7173
189.1.60.187:7173
189.1.60.188:7173
189.1.60.193:7173
189.1.60.196:7173
189.1.60.19:7173
189.1.60.201:7173
189.1.60.207:7173
189.1.60.208:7173
189.1.60.212:7173
189.1.60.215:7173
189.1.60.216:7173
189.1.60.218:7173
189.1.60.226:7173
189.1.60.231:7173
189.1.60.234:7173
189.1.60.235:7173
189.1.60.236:7173
189.1.60.239:7173
189.1.60.246:7173
189.1.60.247:7173
189.1.60.248:7173
189.1.60.251:7173
189.1.60.253:7173
189.1.60.254:7173
189.1.60.255:7173
189.1.60.26:7173
189.1.60.33:7173
189.1.60.37:7173
189.1.60.3:7173
189.1.60.40:7173
189.1.60.42:7173
189.1.60.53:7173
189.1.60.59:7173
189.1.60.5:7173
189.1.60.64:7173
189.1.60.65:7173
189.1.60.69:7173
189.1.60.6:7173
189.1.60.75:7173
189.1.60.78:7173
189.1.60.7:7173
189.1.60.80:7173
189.1.60.81:7173
189.1.60.82:7173
189.1.60.83:7173
189.1.60.85:7173
189.1.60.8:7173
189.1.60.90:7173
189.1.60.93:7173
189.1.60.97:7173
189.1.60.98:7173
189.1.60.99:7173
189.1.60.9:7173
189.115.35.44:6881
189.140.139.107:45767
189.248.208.215:48678
189.63.224.156:2700
189.84.252.103:7173
189.84.252.105:7173
189.84.252.114:7173
189.84.252.115:7173
189.84.252.117:7173
189.84.252.118:7173
189.84.252.121:7173
189.84.252.122:7173
189.84.252.123:7173
189.84.252.127:7173
189.84.252.129:7173
189.84.252.130:7173
189.84.252.131:7173
189.84.252.132:7173
189.84.252.134:7173
189.84.252.137:7173
189.84.252.141:7173
189.84.252.143:7173
189.84.252.149:7173
189.84.252.14:7173
189.84.252.150:7173
189.84.252.151:7173
189.84.252.152:7173
189.84.252.153:7173
189.84.252.158:7173
189.84.252.168:7173
189.84.252.169:7173
189.84.252.16:7173
189.84.252.171:7173
189.84.252.175:7173
189.84.252.181:7173
189.84.252.184:7173
189.84.252.185:7173
189.84.252.187:7173
189.84.252.188:7173
189.84.252.18:7173
189.84.252.190:7173
189.84.252.195:7173
189.84.252.197:7173
189.84.252.199:7173
189.84.252.19:7173
189.84.252.203:7173
189.84.252.205:7173
189.84.252.20:7173
189.84.252.213:7173
189.84.252.21:7173
189.84.252.220:7173
189.84.252.221:7173
189.84.252.222:7173
189.84.252.228:7173
189.84.252.22:7173
189.84.252.231:7173
189.84.252.233:7173
189.84.252.234:7173
189.84.252.242:7173
189.84.252.247:7173
189.84.252.24:7173
189.84.252.254:7173
189.84.252.25:7173
189.84.252.30:7173
189.84.252.31:7173
189.84.252.37:7173
189.84.252.38:7173
189.84.252.39:7173
189.84.252.3:7173
189.84.252.43:7173
189.84.252.46:7173
189.84.252.47:7173
189.84.252.50:7173
189.84.252.59:7173
189.84.252.60:7173
189.84.252.67:7173
189.84.252.69:7173
189.84.252.6:7173
189.84.252.72:7173
189.84.252.74:7173
189.84.252.77:7173
189.84.252.79:7173
189.84.252.7:7173
189.84.252.80:7173
189.84.252.81:7173
189.84.252.84:7173
189.84.252.86:7173
189.84.252.88:7173
189.84.252.91:7173
189.84.252.92:7173
189.84.252.93:7173
189.84.252.99:7173
190.160.164.117:44768
191.189.25.205:14639
192.161.55.115:56999
192.169.69.25:48529
192.54.57.220:5555
193.218.201.115:3778
193.26.13.183:17061
193.35.18.138:61231
193.35.18.169:3778
193.35.18.220:4258
193.35.18.33:56999
193.35.18.53:56999
193.42.32.124:1312
193.42.33.14:1312
193.42.33.14:56999
193.42.33.157:666
193.42.33.217:38241
193.42.33.226:11064
193.42.33.81:1312
193.42.33.81:9931
193.47.61.150:56999
193.47.61.232:5319
193.47.61.75:5034
194.163.188.175:1302
194.163.188.175:59666
194.163.45.31:443
194.180.191.88:3778
194.180.48.133:6666
194.180.48.22:3456
194.180.48.60:1312
194.41.47.197:9999
194.49.94.24:38241
194.55.186.154:13
194.55.186.216:3778
194.55.224.203:56999
194.87.151.116:3778
194.87.151.120:1312
194.87.151.244:9931
194.87.151.56:3778
195.133.18.154:54452
195.133.40.73:2616
195.154.171.155:8672
195.178.120.129:3778
195.178.120.191:5034
195.178.120.44:2310
195.178.120.55:3003
195.192.229.48:11450
195.20.17.237:38241
195.58.39.187:13
198.12.70.38:56999
198.50.242.125:666
198.50.242.126:420
198.98.58.12:3778
199.195.248.125:5555
199.195.250.172:56999
2.235.141.179:51413
2.87.113.129:28399
20.205.3.43:1312
200.119.165.26:22372
200.142.179.102:7173
200.142.179.103:7173
200.142.179.104:7173
200.142.179.105:7173
200.142.179.106:7173
200.142.179.109:7173
200.142.179.10:7173
200.142.179.113:7173
200.142.179.114:7173
200.142.179.118:7173
200.142.179.119:7173
200.142.179.121:7173
200.142.179.124:7173
200.142.179.125:7173
200.142.179.134:7173
200.142.179.138:7173
200.142.179.139:7173
200.142.179.13:7173
200.142.179.142:7173
200.142.179.145:7173
200.142.179.148:7173
200.142.179.151:7173
200.142.179.155:7173
200.142.179.157:7173
200.142.179.158:7173
200.142.179.163:7173
200.142.179.164:7173
200.142.179.167:7173
200.142.179.16:7173
200.142.179.171:7173
200.142.179.174:7173
200.142.179.177:7173
200.142.179.179:7173
200.142.179.182:7173
200.142.179.184:7173
200.142.179.188:7173
200.142.179.18:7173
200.142.179.190:7173
200.142.179.194:7173
200.142.179.196:7173
200.142.179.197:7173
200.142.179.200:7173
200.142.179.201:7173
200.142.179.203:7173
200.142.179.204:7173
200.142.179.205:7173
200.142.179.207:7173
200.142.179.208:7173
200.142.179.209:7173
200.142.179.214:7173
200.142.179.215:7173
200.142.179.217:7173
200.142.179.219:7173
200.142.179.21:7173
200.142.179.221:7173
200.142.179.222:7173
200.142.179.223:7173
200.142.179.225:7173
200.142.179.227:7173
200.142.179.237:7173
200.142.179.23:7173
200.142.179.242:7173
200.142.179.248:7173
200.142.179.24:7173
200.142.179.27:7173
200.142.179.30:7173
200.142.179.31:7173
200.142.179.33:7173
200.142.179.34:7173
200.142.179.35:7173
200.142.179.38:7173
200.142.179.41:7173
200.142.179.42:7173
200.142.179.43:7173
200.142.179.44:7173
200.142.179.45:7173
200.142.179.48:7173
200.142.179.53:7173
200.142.179.55:7173
200.142.179.62:7173
200.142.179.65:7173
200.142.179.67:7173
200.142.179.70:7173
200.142.179.80:7173
200.142.179.81:7173
200.142.179.84:7173
200.142.179.86:7173
200.142.179.8:7173
200.142.179.92:7173
200.142.179.98:7173
201.182.144.0:7173
201.182.144.104:7173
201.182.144.106:7173
201.182.144.109:7173
201.182.144.10:7173
201.182.144.112:7173
201.182.144.113:7173
201.182.144.114:7173
201.182.144.115:7173
201.182.144.118:7173
201.182.144.123:7173
201.182.144.129:7173
201.182.144.133:7173
201.182.144.139:7173
201.182.144.13:7173
201.182.144.144:7173
201.182.144.146:7173
201.182.144.147:7173
201.182.144.149:7173
201.182.144.150:7173
201.182.144.155:7173
201.182.144.158:7173
201.182.144.161:7173
201.182.144.163:7173
201.182.144.169:7173
201.182.144.16:7173
201.182.144.175:7173
201.182.144.177:7173
201.182.144.178:7173
201.182.144.179:7173
201.182.144.182:7173
201.182.144.187:7173
201.182.144.188:7173
201.182.144.189:7173
201.182.144.18:7173
201.182.144.191:7173
201.182.144.194:7173
201.182.144.197:7173
201.182.144.1:7173
201.182.144.203:7173
201.182.144.207:7173
201.182.144.209:7173
201.182.144.20:7173
201.182.144.211:7173
201.182.144.213:7173
201.182.144.214:7173
201.182.144.221:7173
201.182.144.223:7173
201.182.144.226:7173
201.182.144.227:7173
201.182.144.228:7173
201.182.144.231:7173
201.182.144.239:7173
201.182.144.23:7173
201.182.144.240:7173
201.182.144.244:7173
201.182.144.246:7173
201.182.144.247:7173
201.182.144.251:7173
201.182.144.253:7173
201.182.144.26:7173
201.182.144.27:7173
201.182.144.30:7173
201.182.144.37:7173
201.182.144.39:7173
201.182.144.40:7173
201.182.144.46:7173
201.182.144.49:7173
201.182.144.4:7173
201.182.144.50:7173
201.182.144.54:7173
201.182.144.55:7173
201.182.144.56:7173
201.182.144.57:7173
201.182.144.58:7173
201.182.144.60:7173
201.182.144.62:7173
201.182.144.68:7173
201.182.144.70:7173
201.182.144.74:7173
201.182.144.77:7173
201.182.144.79:7173
201.182.144.82:7173
201.182.144.87:7173
201.182.144.90:7173
201.182.144.97:7173
202.164.130.103:57154
202.29.240.37:1312
204.76.203.169:25565
204.76.203.178:25565
204.76.203.179:25565
204.76.203.186:25565
204.76.203.200:38241
205.185.116.126:5202
205.185.118.82:55650
205.185.119.229:1312
205.185.120.229:55650
205.185.121.29:59666
205.185.122.104:55650
205.185.124.162:1520
206.189.0.127:1791
206.53.57.150:56854
209.141.32.233:55650
209.141.34.192:3007
211.227.92.167:41066
212.107.227.117:54321
212.32.247.207:8676
212.52.0.139:18271
212.64.215.188:1337
212.87.204.161:9560
212.87.204.235:45632
212.87.213.158:56999
213.133.98.149:6881
213.136.79.27:5918
213.136.79.7:11891
216.154.0.101:30756
217.107.126.45:2315
217.114.47.164:1234
218.102.115.231:16212
23.128.248.43:333
23.94.201.213:5555
24.135.76.226:6893
24.203.20.162:52243
27.215.177.241:30301
31.43.81.91:26086
34.240.122.248:8108
37.1.83.7:6881
37.112.204.220:43194
37.113.129.4:4000
37.139.129.11:38241
37.187.153.127:9080
37.221.92.200:61002
37.44.238.144:1302
37.44.238.191:1337
37.44.238.192:5683
37.59.34.117:22
37.59.65.43:6666
37.59.91.23:22
38.242.232.9:61231
38.6.142.113:1312
38.6.173.70:56999
38.6.188.200:56999
39.61.112.88:30301
41.249.211.191:47827
43.155.77.24:1312
45.132.173.123:30361
45.136.244.79:3007
45.138.70.43:3778
45.138.74.104:4662
45.14.165.190:56999
45.14.224.204:38241
45.14.224.237:38241
45.140.188.40:808
45.142.182.116:55650
45.143.223.179:9506
45.148.116.40:23382
45.148.122.84:2310
45.148.122.86:45
45.152.209.5:60387
45.153.129.6:443
45.154.255.138:8080
45.155.165.86:1312
45.156.205.113:6881
45.158.23.38:3778
45.162.50.144:1027
45.164.114.102:7173
45.164.114.103:7173
45.164.114.105:7173
45.164.114.106:7173
45.164.114.109:7173
45.164.114.10:7173
45.164.114.110:7173
45.164.114.111:7173
45.164.114.114:7173
45.164.114.115:7173
45.164.114.11:7173
45.164.114.120:7173
45.164.114.123:7173
45.164.114.130:7173
45.164.114.132:7173
45.164.114.135:7173
45.164.114.137:7173
45.164.114.139:7173
45.164.114.140:7173
45.164.114.146:7173
45.164.114.147:7173
45.164.114.148:7173
45.164.114.154:7173
45.164.114.156:7173
45.164.114.157:7173
45.164.114.158:7173
45.164.114.162:7173
45.164.114.163:7173
45.164.114.164:7173
45.164.114.165:7173
45.164.114.175:7173
45.164.114.176:7173
45.164.114.179:7173
45.164.114.17:7173
45.164.114.180:7173
45.164.114.181:7173
45.164.114.182:7173
45.164.114.184:7173
45.164.114.185:7173
45.164.114.18:7173
45.164.114.192:7173
45.164.114.197:7173
45.164.114.198:7173
45.164.114.19:7173
45.164.114.1:7173
45.164.114.202:7173
45.164.114.203:7173
45.164.114.209:7173
45.164.114.217:7173
45.164.114.220:7173
45.164.114.226:7173
45.164.114.228:7173
45.164.114.229:7173
45.164.114.234:7173
45.164.114.236:7173
45.164.114.238:7173
45.164.114.23:7173
45.164.114.242:7173
45.164.114.24:7173
45.164.114.252:7173
45.164.114.255:7173
45.164.114.25:7173
45.164.114.27:7173
45.164.114.31:7173
45.164.114.38:7173
45.164.114.39:7173
45.164.114.40:7173
45.164.114.42:7173
45.164.114.44:7173
45.164.114.47:7173
45.164.114.50:7173
45.164.114.52:7173
45.164.114.55:7173
45.164.114.59:7173
45.164.114.5:7173
45.164.114.60:7173
45.164.114.61:7173
45.164.114.64:7173
45.164.114.71:7173
45.164.114.79:7173
45.164.114.7:7173
45.164.114.80:7173
45.164.114.85:7173
45.164.114.89:7173
45.164.114.90:7173
45.164.114.93:7173
45.169.132.102:7173
45.169.132.104:7173
45.169.132.105:7173
45.169.132.106:7173
45.169.132.109:7173
45.169.132.112:7173
45.169.132.114:7173
45.169.132.115:7173
45.169.132.117:7173
45.169.132.11:7173
45.169.132.120:7173
45.169.132.122:7173
45.169.132.124:7173
45.169.132.126:7173
45.169.132.130:7173
45.169.132.131:7173
45.169.132.134:7173
45.169.132.137:7173
45.169.132.138:7173
45.169.132.141:7173
45.169.132.142:7173
45.169.132.143:7173
45.169.132.151:7173
45.169.132.153:7173
45.169.132.154:7173
45.169.132.156:7173
45.169.132.158:7173
45.169.132.15:7173
45.169.132.160:7173
45.169.132.162:7173
45.169.132.164:7173
45.169.132.165:7173
45.169.132.168:7173
45.169.132.170:7173
45.169.132.177:7173
45.169.132.178:7173
45.169.132.189:7173
45.169.132.190:7173
45.169.132.191:7173
45.169.132.193:7173
45.169.132.198:7173
45.169.132.199:7173
45.169.132.19:7173
45.169.132.205:7173
45.169.132.209:7173
45.169.132.20:7173
45.169.132.210:7173
45.169.132.211:7173
45.169.132.213:7173
45.169.132.214:7173
45.169.132.220:7173
45.169.132.222:7173
45.169.132.22:7173
45.169.132.231:7173
45.169.132.233:7173
45.169.132.236:7173
45.169.132.240:7173
45.169.132.244:7173
45.169.132.252:7173
45.169.132.253:7173
45.169.132.255:7173
45.169.132.25:7173
45.169.132.28:7173
45.169.132.30:7173
45.169.132.31:7173
45.169.132.34:7173
45.169.132.36:7173
45.169.132.40:7173
45.169.132.41:7173
45.169.132.42:7173
45.169.132.44:7173
45.169.132.47:7173
45.169.132.50:7173
45.169.132.51:7173
45.169.132.57:7173
45.169.132.5:7173
45.169.132.60:7173
45.169.132.61:7173
45.169.132.62:7173
45.169.132.63:7173
45.169.132.64:7173
45.169.132.68:7173
45.169.132.70:7173
45.169.132.71:7173
45.169.132.81:7173
45.169.132.85:7173
45.169.132.87:7173
45.169.132.89:7173
45.169.132.91:7173
45.169.132.92:7173
45.169.132.97:7173
45.169.132.98:7173
45.169.132.9:7173
45.195.74.197:9105
45.195.74.233:9105
45.67.139.11:56999
45.88.67.192:2310
45.88.67.240:1312
45.89.54.71:56999
45.9.5.132:3778
45.90.162.107:3778
45.95.169.153:56999
45.95.169.158:1312
45.95.169.31:65420
45.95.55.152:81
45.95.55.197:2006
45.95.55.202:61214
46.101.138.202:34241
46.101.51.192:3778
46.146.132.180:65435
46.188.125.83:19712
46.23.109.212:671
46.23.109.40:8688
46.232.210.110:14909
46.232.211.29:15109
46.249.32.136:26
46.251.144.100:59306
46.3.112.137:12210
46.48.157.55:50518
47.37.173.222:55021
47.4.251.227:50321
47.87.130.49:81
47.87.153.243:666
47.87.162.118:40570
47.87.215.152:56999
47.87.230.233:36063
47.87.240.156:2112
47.9.70.126:6881
49.188.139.203:47837
49.206.41.45:43867
5.135.157.230:51413
5.167.168.211:15432
5.18.235.17:4222
5.18.86.198:12314
5.181.80.102:3778
5.181.80.115:1312
5.181.80.124:1337
5.189.185.57:3882
5.189.188.23:46962
5.19.9.48:3693
5.56.134.55:30301
5.71.121.4:6881
5.79.98.177:54661
50.25.136.219:25092
51.15.27.96:606
51.159.169.75:12345
51.161.64.197:666
51.89.64.42:22
52.220.4.63:443
52.220.57.168:443
57.128.136.224:61337
59.15.105.175:16189
59.4.64.6:40611
59.89.221.60:19814
59.92.42.205:8081
59.93.17.38:32837
59.93.22.184:1027
60.225.34.171:53868
61.3.185.180:20992
61.93.17.50:16363
64.226.72.109:5555
66.56.139.8:24046
68.168.213.235:38241
68.183.41.96:3007
68.191.23.134:9200
73.165.38.94:6881
73.166.15.170:6882
73.46.108.66:30301
74.201.30.45:13
75.6.183.124:6969
77.222.60.122:1312
77.222.60.122:3778
77.34.179.111:37843
77.34.87.23:15815
77.45.155.51:53568
77.73.131.247:60195
77.73.69.59:55555
78.153.130.36:60195
78.190.176.45:38097
79.110.62.189:3003
79.136.232.105:19747
79.137.207.165:1337
8.210.151.85:9022
80.234.65.114:29541
80.76.51.107:38241
80.76.51.113:9999
80.76.51.90:6593
80.78.23.28:666
81.161.229.169:56990
81.161.229.36:8769
81.161.229.46:56999
81.161.229.46:59666
81.171.10.66:53436
81.176.66.195:9913
81.29.23.210:21866
81.5.99.106:51755
82.151.123.127:6913
82.151.125.169:3584
83.149.70.202:30011
84.21.172.75:1312
84.53.216.77:3841
84.54.50.170:9506
85.204.116.91:420
85.217.144.250:3778
85.217.144.32:553
85.217.144.59:1312
85.217.144.59:6859
85.31.45.118:56999
85.31.45.232:1776
85.31.46.211:3007
86.102.28.176:34678
86.140.45.248:52196
86.181.77.179:28548
86.57.137.129:64888
87.121.113.145:2310
87.121.113.145:9931
87.227.219.27:51413
88.90.79.166:30301
89.134.2.134:24609
89.208.103.112:1312
89.208.107.26:59736
89.212.249.49:51413
90.143.145.108:6881
90.205.213.156:35095
91.121.77.7:54000
91.200.100.74:3778
91.234.99.68:55555
92.248.252.194:58900
92.255.175.237:45942
92.87.6.120:3778
92.87.6.205:3778
93.116.227.100:6895
93.34.84.188:23193
94.103.188.36:3778
94.140.152.130:3842
94.156.144.145:3778
94.72.140.74:56818
95.176.203.181:46828
95.214.27.136:61002
95.72.88.185:33677
96.38.184.7:63985
98.126.213.24:21
98.126.213.24:23
98.126.213.24:25
98.169.173.13:27481
98.49.61.177:54988
99.241.118.157:18566
mirailovers.pw
5o23hioifhiahdwaji.ddns.net
amkscan.duckdns.org
c2poc.chxv8ybuh2ytmfvfwrulcdqtywlooiybaevwsa2b.org
hihi.mirailovers.pw
vipchongzhi.f3322.net

# Reference: https://elfdigest.com/brief/8203ba0a7d3ce64f7980f94022810d489b5eb7e45c98f31fecc8a65b347703da

179.43.187.243:59666
off.koro.root.sx

# Reference: https://twitter.com/SecureSh3ll/status/1615017267502219268

/okamiii.16
/okamiii.1586
/okamiii.amd64
/okamiii.arc
/okamiii.arcle-hs38
/okamiii.arm
/okamiii.arm4
/okamiii.arm4l
/okamiii.arm4t
/okamiii.arm4tl
/okamiii.arm4tll
/okamiii.arm5
/okamiii.arm5l
/okamiii.arm5n
/okamiii.arm6
/okamiii.arm64
/okamiii.arm6l
/okamiii.arm7
/okamiii.arm7l
/okamiii.arm8
/okamiii.armv4
/okamiii.armv4l
/okamiii.armv5l
/okamiii.armv6
/okamiii.armv61
/okamiii.armv6l
/okamiii.armv7l
/okamiii.dbg
/okamiii.exploit
/okamiii.i4
/okamiii.i486
/okamiii.i586
/okamiii.i6
/okamiii.i686
/okamiii.kill
/okamiii.m68
/okamiii.m68k
/okamiii.mips
/okamiii.mips64
/okamiii.mipseb
/okamiii.mipsel
/okamiii.mpsl
/okamiii.pcc
/okamiii.powerpc
/okamiii.powerpc-440fp
/okamiii.powerppc
/okamiii.ppc
/okamiii.pp-c
/okamiii.ppc2
/okamiii.ppc440
/okamiii.ppc440fp
/okamiii.riscv64
/okamiii.root
/okamiii.root32
/okamiii.s390x
/okamiii.sh
/okamiii.sh4
/okamiii.sparc
/okamiii.spc
/okamiii.ssh4
/okamiii.x32
/okamiii.x32_64
/okamiii.x64
/okamiii.x86
/okamiii.x86_32
/okamiii.x86_64

# Reference: https://twitter.com/petikvx/status/1615634421742280705

/kr.amd64
/kr.arc
/kr.arcle-hs38
/kr.arm
/kr.arm4
/kr.arm4l
/kr.arm4t
/kr.arm4tl
/kr.arm4tll
/kr.arm5
/kr.arm5l
/kr.arm5n
/kr.arm6
/kr.arm64
/kr.arm6l
/kr.arm7
/kr.arm7l
/kr.arm8
/kr.armv4
/kr.armv4l
/kr.armv5l
/kr.armv6
/kr.armv61
/kr.armv6l
/kr.armv7l
/kr.dbg
/kr.exploit
/kr.i4
/kr.i486
/kr.i586
/kr.i6
/kr.i686
/kr.kill
/kr.m68
/kr.m68k
/kr.mips
/kr.mips64
/kr.mipseb
/kr.mipsel
/kr.mpsl
/kr.pcc
/kr.powerpc
/kr.powerpc-440fp
/kr.powerppc
/kr.ppc
/kr.pp-c
/kr.ppc2
/kr.ppc440
/kr.ppc440fp
/kr.riscv64
/kr.root
/kr.root32
/kr.s390x
/kr.sh
/kr.sh4
/kr.sparc
/kr.spc
/kr.ssh4
/kr.x32
/kr.x32_64
/kr.x64
/kr.x86
/kr.x86_32
/kr.x86_64

# Reference: https://elfdigest.com/brief/ff3ee04ba81556b73b18a80ce881b678cf1d7793ac927131ebd4b80f90a17cb8

195.58.39.44:5555

# Reference: https://urlhaus.abuse.ch/downloads/text_online/

6yddxah0lq.buchalska.com

# Reference: https://www.virustotal.com/gui/ip-address/77.73.131.165/relations
# Reference: https://elfdigest.com/brief/e53b7b07c8814fb00785fbf62f0df13c75f01b3f9bfcaa8ec8a056a845e30014

77.73.131.165:12345

# Reference: https://elfdigest.com/brief/2617615f0b04a64ebdff0ae5d9ac05064c31330ba15a8be8481de3ed989c729c

185.21.103.186:9506

# Reference: https://elfdigest.com/brief/df32a69e3da65f9dfda490e93d6c4c07bb9b1106e500c4811af76d99475e9659

15.204.5.85:9000

# Reference: https://elfdigest.com/brief/ac06adcff7e335fb03947d63258fecd59c7050d9a9857e9f1e5bbfb7a024026c

80.91.223.133:4258

# Reference: https://twitter.com/SecureSh3ll/status/1616894985437167623
# Reference: https://www.virustotal.com/gui/file/2c1566a2e03c63b67fbdd80b4a67535e9ed969ea3e3013f0ba503cfa58e287e3/detection

/zone.32
/zone.64
/zone.arc
/zone.arcle-hs38
/zone.arm
/zone.arm4
/zone.arm4l
/zone.arm4t
/zone.arm4tl
/zone.arm4tll
/zone.arm5
/zone.arm5l
/zone.arm5n
/zone.arm6
/zone.arm64
/zone.arm6l
/zone.arm7
/zone.arm7l
/zone.arm8
/zone.armv4
/zone.armv4l
/zone.armv5l
/zone.armv6
/zone.armv61
/zone.armv6l
/zone.armv7l
/zone.dbg
/zone.exploit
/zone.i4
/zone.i486
/zone.i586
/zone.i6
/zone.i686
/zone.kill
/zone.m68
/zone.m68k
/zone.mips
/zone.mips64
/zone.mipseb
/zone.mipsel
/zone.mpsl
/zone.pcc
/zone.powerpc
/zone.powerpc-440fp
/zone.powerppc
/zone.pp-c
/zone.ppc
/zone.ppc2
/zone.ppc440
/zone.ppc440fp
/zone.root
/zone.root32
/zone.sh
/zone.sh4
/zone.sparc
/zone.spc
/zone.ssh4
/zone.x32
/zone.x32_64
/zone.x64
/zone.x86
/zone.x86_32
/zone.x86_64

# Reference: https://elfdigest.com/brief/238f2e1af1ec80026f5c071c0259b5c53d0cf9c03b0f81c829d49caea5d7a25b

45.128.234.198:6888

# Reference: https://elfdigest.com/brief/230a4eb27130f7eded65515281dbec93247ab5bf62f07147054c6c128b1f3c0e

37.44.238.144:60195
orxy.space
mynet.orxy.space
testlol.orxy.space

# Reference: https://elfdigest.com/brief/09d796cc433102e882da6f51b314006f5213cccc96a973323e70e4f974822ddf
# Reference: https://www.virustotal.com/gui/file/09d796cc433102e882da6f51b314006f5213cccc96a973323e70e4f974822ddf/detection

172.104.244.136:23

# Reference: https://elfdigest.com/brief/1f34e6cec0977cdcac5a9468d494f24cc6073209ac3bc4261591b6acee8038dc

137.175.17.190:59666
dapi.mutouxs.com

# Reference: https://elfdigest.com/brief/a9bda589761dbada242a89263b5ce90aeb386c0834f94f4037301720375b06e3

209.141.40.108:123

# Reference: https://elfdigest.com/brief/39c846eedfadccfb02d82e3aa6786044d3c8a15cf98aa68b8c41fc6a4c36e079

209.141.37.198:666

# Reference: https://elfdigest.com/brief/aafab6fd7b624d47b40a3d1b1e186140a66c8c0e67ddc82487da0fd67ada773e

107.189.5.101:9506

# Reference: https://twitter.com/petikvx/status/1615634421742280705
# Reference: https://twitter.com/petikvx/status/1618122879379570688

http://77.91.78.211
http://78.153.130.141

# Reference: https://elfdigest.com/brief/0948924d72d14cd4224f8c36bb5f620da23f9d308bc761f1c0802326fb005316

172.104.182.243:288

# Reference: https://elfdigest.com/brief/d8b897a2b6a7124a82cbc4cb77219f0e2cc49400d0cc3b925c695be0a3bd73a2

193.42.33.14:1315

# Reference: https://elfdigest.com/brief/08390b135a7ed69621738b08df86123d4fc32506072d32342a0f0359dd23dea3

45.131.111.72:37212

# Reference: https://elfdigest.com/brief/ba8709695cb66336ab5a28993a9a53dd56798ae9ca080c08c3e2646a569be84f

107.189.31.181:59666
quanyuhe.tk
jiangshi.quanyuhe.tk

# Reference: https://www.virustotal.com/gui/file/30672312cd18396a06be1ff7e224a0a388c209d434941aaea4c4098c053fe9ab/detection

107.189.1.122:56999
42.quanyuhe.tk

# Reference: https://elfdigest.com/brief/b2be3c40a62da999078aa2eb8c6c60e180fe82e790c634f82e158335c1bfb6a1

185.212.149.107:61231

# Reference: https://elfdigest.com/brief/4e2c44876eb6c29982b2712016d7663034fedcabb3339ac2d313cad735185658

185.132.53.77:1963

# Reference: https://elfdigest.com/brief/64c0909c9ec8547928dc5484561fc1965b5e2d7b135272598cc76882947c381e

212.192.246.12:3778

# Reference: https://elfdigest.com/brief/af4465baf16dbabce3ed8a4676054bf4d129b0ffa87da867cfb2f2bcc03e0687

195.58.39.229:1312

# Reference: https://twitter.com/elfdigest/status/1620814394803240960

103.195.237.238:23

# Reference: https://elfdigest.com/brief/b75079d2461440a03bfeb53e9e44ba59230962a9d6f34c8749b6c8ea35a8c3de

178.18.250.52:61231

# Reference: https://elfdigest.com/brief/c7c26d75521235eccbbcf461cf6262225785a1e5d1375b22c97e2f3644c55416

45.95.55.157:38241
hajunxz.cc

# Reference: https://elfdigest.com/brief/35f6293f01b4a5e9106a76e9651ffb27c3c38e4b4435c8623e1120087f2a7ccc

185.246.220.98:42069

# Reference: https://blog.cyble.com/2023/02/03/new-medusa-botnet-emerging-via-mirai-botnet-targeting-linux-users/
# Reference: https://twitter.com/sloppy_bear/status/1632921110483173376

http://45.145.167.117
45.145.167.117:6666
5.181.134.79:1337
/medusa-stealer.arc
/medusa-stealer.arcle-hs38
/medusa-stealer.arm
/medusa-stealer.arm4
/medusa-stealer.arm4l
/medusa-stealer.arm4t
/medusa-stealer.arm4tl
/medusa-stealer.arm4tll
/medusa-stealer.arm5
/medusa-stealer.arm5l
/medusa-stealer.arm5n
/medusa-stealer.arm6
/medusa-stealer.arm64
/medusa-stealer.arm6l
/medusa-stealer.arm7
/medusa-stealer.arm7l
/medusa-stealer.arm8
/medusa-stealer.armv4
/medusa-stealer.armv4l
/medusa-stealer.armv5l
/medusa-stealer.armv6
/medusa-stealer.armv61
/medusa-stealer.armv6l
/medusa-stealer.armv7l
/medusa-stealer.dbg
/medusa-stealer.exploit
/medusa-stealer.i4
/medusa-stealer.i486
/medusa-stealer.i586
/medusa-stealer.i6
/medusa-stealer.i686
/medusa-stealer.kill
/medusa-stealer.m68
/medusa-stealer.m68k
/medusa-stealer.mips
/medusa-stealer.mips64
/medusa-stealer.mipseb
/medusa-stealer.mipsel
/medusa-stealer.mpsl
/medusa-stealer.pcc
/medusa-stealer.powerpc
/medusa-stealer.powerpc-440fp
/medusa-stealer.powerppc
/medusa-stealer.ppc
/medusa-stealer.pp-c
/medusa-stealer.ppc2
/medusa-stealer.ppc440
/medusa-stealer.ppc440fp
/medusa-stealer.root
/medusa-stealer.root32
/medusa-stealer.sh
/medusa-stealer.sh4
/medusa-stealer.sparc
/medusa-stealer.spc
/medusa-stealer.ssh4
/medusa-stealer.x32
/medusa-stealer.x32_64
/medusa-stealer.x64
/medusa-stealer.x86
/medusa-stealer.x86_32
/medusa-stealer.x86_64

# Reference: https://elfdigest.com/brief/1c4eab7d107c3f3fa507c2720c9d4503d50a4c3c448946299338e6d55dcda192
# Reference: https://www.virustotal.com/gui/file/1c4eab7d107c3f3fa507c2720c9d4503d50a4c3c448946299338e6d55dcda192/detection

softdetails.ru

# Reference: https://elfdigest.com/brief/2d4b830aa6ad0216767c2f662ed9f6517033325992c49a4db065ff2dc50ad50d

78.135.85.129:11337

# Reference: https://elfdigest.com/brief/4410b6bd156bc7e059e105d22c862094c64aa3583f1bfb97b68eb18f973fab28

103.195.237.238:9375

# Reference: https://elfdigest.com/brief/b644923caa36a79a2142617ce4ddd84f5e6cf27fdd60224657ed3906fcfd0c82
# Reference: https://elfdigest.com/brief/2f5eb608085c7f57bc9ade4e980021ed96518509aa1bda1395d832e38432335d

45.12.253.12:38241
45.9.74.88:38241
hajunxz.cc

# Reference: https://elfdigest.com/brief/50ed6096d5c8f58f7be39ab0ac0dc4ad168e371a95d636256aa39edd50590467

103.195.237.238:3778

# Reference: https://elfdigest.com/brief/8141d0c3aefe6da1ac96f2e563e5ab7398e1c897782150521ce282a2681e0e09

31.42.186.52:839

# Reference: https://elfdigest.com/brief/43f597b962269bcbfa215f078fa757f01c0907cd6026c28a3bd7ed92daaf2b5b

185.246.220.98:42069

# Reference: https://elfdigest.com/brief/73d33e606d31c2f1586f739395e9912ff865771a57e5fbf35f88b935bd26f327

103.179.172.2:606

# Reference: https://elfdigest.com/brief/424fee63e1f2500477c045128f266f590e1874002c4c78af3ac10cddc52e4e1b

176.123.1.44:5444

# Reference: https://elfdigest.com/brief/a8c24247e77a98f5294e14074330bf24b69bee16d5e83c5ceb8f8ce987044f13

47.87.154.205:6666

# Reference: https://elfdigest.com/brief/4ca20355bc8abfe8e69740b719ca573569c75191d049bf60e617fcbc628e4ed7

193.201.126.75:8587

# Reference: https://elfdigest.com/brief/199dc89ad2c347cf35d0a41c9406f96f0bbc31cd8d137ee4cfd0e85d8c297fc9
# Reference: https://elfdigest.com/brief/0b0fce9c160b1965ddf30f726ac58b5cb3e04f91c2634fbf9cf08c7e017bd9a0

47.87.134.240:420

# Reference: https://twitter.com/pmelson/status/1622691102162620416
# Reference: https://search.censys.io/hosts/194.40.243.206/data/table

194.40.243.206:22222
194.40.243.206:9998
194.40.243.206:9999

# Reference: https://elfdigest.com/brief/3c83d7775db4c48181ccd26db85f2d69ea45dc5b98ddc246bb4ef66cad38a623

167.172.89.28:9375

# Reference: https://twitter.com/petikvx/status/1621529861767716865
# Reference: https://www.virustotal.com/gui/ip-address/107.189.5.161/detection
# Reference: https://www.virustotal.com/gui/file/ea1d2222de4e5d8f91cc1a4f42e6643d5fc34cba13b59a392e7157fe0a1aa1d4/detection
# Reference: https://www.virustotal.com/gui/file/399f35c920b493060981e2252359d749cfe259921972f1dc323aa9e46821dd45/detection

http://107.189.5.161
100.43.163.61:55650
l377.to

# Reference: https://elfdigest.com/brief/55bd01ad5cdba1b46328e46216a9a34a5cd131b8c60a4e9bc649c4936bdd6b24

47.87.230.233:606

# Reference: https://elfdigest.com/brief/dbabd332c0148c8a29155fb488b792af90a9032d55d094e4cf8da7e159986878

64.93.80.146:9000

# Reference: https://twitter.com/fuyinglab/status/1623504306899939329
# Reference: https://www.virustotal.com/gui/file/0454b55141cbb4c2a7a3dfd27c89e0831fe30c939ed3a630893978ad284a696f/detection

http://37.0.11.160
/peach.arc
/peach.arcle-hs38
/peach.arm
/peach.arm4
/peach.arm4l
/peach.arm4t
/peach.arm4tl
/peach.arm4tll
/peach.arm5
/peach.arm5l
/peach.arm5n
/peach.arm6
/peach.arm64
/peach.arm6l
/peach.arm7
/peach.arm7l
/peach.arm8
/peach.armv4
/peach.armv4l
/peach.armv5l
/peach.armv6
/peach.armv61
/peach.armv6l
/peach.armv7l
/peach.dbg
/peach.exploit
/peach.i4
/peach.i486
/peach.i586
/peach.i6
/peach.i686
/peach.kill
/peach.m68
/peach.m68k
/peach.mips
/peach.mips64
/peach.mipseb
/peach.mipsel
/peach.mpsl
/peach.pcc
/peach.powerpc
/peach.powerpc-440fp
/peach.powerppc
/peach.ppc
/peach.pp-c
/peach.ppc2
/peach.ppc440
/peach.ppc440fp
/peach.root
/peach.root32
/peach.sh
/peach.sh4
/peach.sparc
/peach.spc
/peach.ssh4
/peach.x32
/peach.x32_64
/peach.x64
/peach.x86
/peach.x86_32
/peach.x86_64

# Reference: https://elfdigest.com/brief/464e2f5739b92fe2809b0c0ebfb23bb1233403d22e93723ee7ebcc388b55ff9b

194.87.151.209:1312

# Reference: https://twitter.com/r3dbU7z/status/1623485814339473409
# Reference: https://www.virustotal.com/gui/file/7dac120310cd3b4837c0eb6aa95446836d046c0f4df384f6faa8d32dde401f9f/detection

http://5.178.0.104
http://5.178.0.83
5.178.0.104:6667
5.178.0.83:6667
/st4rlight32
/st4rlight64
/st4rlightarc
/st4rlightarcle-hs38
/st4rlightarm
/st4rlightarm4
/st4rlightarm4l
/st4rlightarm4t
/st4rlightarm4tl
/st4rlightarm4tll
/st4rlightarm5
/st4rlightarm5l
/st4rlightarm5n
/st4rlightarm6
/st4rlightarm64
/st4rlightarm6l
/st4rlightarm7
/st4rlightarm7l
/st4rlightarm8
/st4rlightarmv4
/st4rlightarmv4l
/st4rlightarmv5l
/st4rlightarmv6
/st4rlightarmv61
/st4rlightarmv6l
/st4rlightarmv7l
/st4rlightdbg
/st4rlightexploit
/st4rlighti4
/st4rlighti486
/st4rlighti586
/st4rlighti6
/st4rlighti686
/st4rlightkill
/st4rlightm68
/st4rlightm68k
/st4rlightmips
/st4rlightmips64
/st4rlightmipseb
/st4rlightmipsel
/st4rlightmpsl
/st4rlightpcc
/st4rlightpowerpc
/st4rlightpowerpc-440fp
/st4rlightpowerppc
/st4rlightppc
/st4rlightpp-c
/st4rlightppc2
/st4rlightppc440
/st4rlightppc440fp
/st4rlightroot
/st4rlightroot32
/st4rlightsh
/st4rlightsh4
/st4rlightsparc
/st4rlightspc
/st4rlightssh4
/st4rlightx32
/st4rlightx32_64
/st4rlightx64
/st4rlightx86
/st4rlightx86_32
/st4rlightx86_64

# Reference: https://www.virustotal.com/gui/file/169a9b12ebacad2aa6ac00dc98d14e02976eb31ae7f3de6f806535b052584e27/detection

79.137.198.58:3778

# Reference: https://www.virustotal.com/gui/file/05a15cf971487a670a614166f74eed3622f25d2ce82dff099e6b257396b35342/detection

http://79.137.198.58

# Reference: https://elfdigest.com/brief/84a53ea62f032281925f2571265e4c1eef31a652eb4d3b8e52299980d72952b1

37.49.230.213:9931

# Reference: https://elfdigest.com/brief/048e506f4b01b732f3338b8a91479b3df8404ed9ebfa0ba856bf00e071a70963

185.117.74.19:59666
7ihack.com
btnet.7ihack.com

# Reference: https://elfdigest.com/brief/b29737c5f4179551274f40374e4cf4a27728b4ef01c4ca02d86b9fdb61e43449

aresnet.tk
rs7.aresnet.tk

# Reference: https://elfdigest.com/brief/51435acd18ba90bad61d9cf1b604cd8cfb0262bd53705d15d9d49a16826e68c5

113.30.191.198:59666
akur.group
proxy.akur.group

# Reference: https://elfdigest.com/brief/08c7eaca6452805140b4e9b43e9853b2072a2d54df1c5cac095b3520d472ea97

195.133.40.208:38241

# Reference: https://twitter.com/CujoaiLabs/status/1620832274890756097

http://45.66.230.47
/jkl32
/jkl64
/jklarc
/jklarcle-hs38
/jklarm
/jklarm4
/jklarm4l
/jklarm4t
/jklarm4tl
/jklarm4tll
/jklarm5
/jklarm5l
/jklarm5n
/jklarm6
/jklarm64
/jklarm6l
/jklarm7
/jklarm7l
/jklarm8
/jklarmv4
/jklarmv4l
/jklarmv5l
/jklarmv6
/jklarmv61
/jklarmv6l
/jklarmv7l
/jkldbg
/jklexploit
/jkli4
/jkli486
/jkli586
/jkli6
/jkli686
/jklkill
/jklm68
/jklm68k
/jklmips
/jklmips64
/jklmipseb
/jklmipsel
/jklmpsl
/jklpcc
/jklpowerpc
/jklpowerpc-440fp
/jklpowerppc
/jklppc
/jklpp-c
/jklppc2
/jklppc440
/jklppc440fp
/jklroot
/jklroot32
/jklsh
/jklsh4
/jklsparc
/jklspc
/jklssh4
/jklx32
/jklx32_64
/jklx64
/jklx86
/jklx86_32
/jklx86_64

# Reference: https://elfdigest.com/brief/935188efeecd88934db39a5c2b5a8324b43f2701e72cf604e1f324f86db4aa0f

47.87.229.145:61231

# Reference: https://elfdigest.com/brief/60b50c2d5f97adf6d03f2d99b4e333ff36d25c5242f4b3fac1abda820cd735f3

81.161.229.169:37697
81b3odf0d.fun
0243hfdnsafnz03y41b325red.81b3odf0d.fun

# Reference: https://www.virustotal.com/gui/ip-address/136.175.200.132/relations
# Reference: https://www.virustotal.com/gui/file/8ad6a44dc03e81e23d9ac060ee289cfbba5f14fe31ccfbbc1087d321cd5e0af3/detection
# Reference: https://www.virustotal.com/gui/file/a5fb7a5e14f69a950f042b22f890ed2a5885ce569fea4b15d67db7e7f83d4cf8/detection

dingleberry.site
monkeynuts.online
tyty.dingleberry.site

# Reference: https://elfdigest.com/brief/253045ce2a425eb4873a530b21ae0f4e6dc7b5c7c3e9442aaf362ada5c99998f

155.94.163.236:56999
xnyidc.top
j.xnyidc.top

# Reference: https://elfdigest.com/brief/7adf4681d8a21a6c42c5685edabb40916b89c0cb54f151a766b4d7c9ed511a56

45.154.3.16:56999
ddos.quest
botnet.ddos.quest

# Reference: https://twitter.com/SecureSh3ll/status/1627067399169249287
# Reference: https://www.virustotal.com/gui/file/85e0e444dc3ca880e5b9c2f0328be353a3e68419de78cf9d139354e79e8a875a/detection
# Reference: https://www.virustotal.com/gui/file/c5474a03383d63ce590ee4517d755040e2bb8814550ddb6c2aa7b3fe49ce934b/detection

http://104.244.75.53
fijgiefo.ddns.net

# Reference: https://elfdigest.com/brief/e154fc900469fd31b1baa58d143f1a91136dc5f3024d58e49b004792108450d4

185.254.37.236:38241

# Reference: https://elfdigest.com/brief/d5eb98c9555cbac34d83b1f3a613680f8792de553694feceac039e9ca57c0923

212.87.204.100:9506

# Reference: https://elfdigest.com/brief/a38136067b5678508b8515b8c9db2d232380c1256c6ce914be7e12949073c16a

212.87.204.248:1312

# Reference: https://elfdigest.com/brief/8a525715b9cccac5717a1cb2f05806292344a47e933c94839af7ed09bd440ebf

103.178.229.137:9375

# Reference: https://elfdigest.com/brief/21880f04bd34be2611b90c38616984f5737a97d13d739144b8ecac98db7d4a3a

98.159.98.243:38241
orxy.space
krebnkhj.orxy.space

# Reference: https://elfdigest.com/brief/bc811dd2923e592e0bdd132bde22dc24e1938ac1df0ddf858b436411c9b3e8e6

193.35.18.154:38241
paradox-security.cc
niger.paradox-security.cc

# Reference: https://twitter.com/1ZRR4H/status/1628282081976414209

http://171.22.136.15
http://171.22.136.16
http://171.22.136.17
http://171.22.136.18
http://171.22.136.19
ozxxb.eu
qiap.cc
vzxv.me

# Reference: https://elfdigest.com/brief/9f1019217b1b34e8344aaa61035dd3c927ef0c44044d0a10229fda1502acdfbb

45.88.67.192:5555

# Reference: https://elfdigest.com/brief/63f3d49b4ec480494cd3230e36ecb708e42b8c54750f0cdcd31c099b28897687

185.158.112.239:9999

# Reference: https://elfdigest.com/brief/f0105f955afa016620d48e2daa2acbf536eb873c057a88637aa2bf03cb787b10

45.148.122.46:1543

# Reference: https://elfdigest.com/brief/c2de38b13a9e15655ff10f3d4d800d8e4e8e22b90dcc26ea9ff6c187fd903ef7

152.89.211.46:3778

# Reference: https://elfdigest.com/brief/83554a055a555c06f90290b7e8de23e11b1527e03da94d0a128fb2ca9648668c

193.42.33.21:55650

# Reference: https://elfdigest.com/brief/dc30e6500ebcf937a237d027acdd40c2dd68741b4f40a9523196ee82eb13e3c3

37.221.65.228:9999

# Reference: https://elfdigest.com/brief/de6780e43fddade30c55bf52fa3bf5ea95e71bfcc8e3ec3f4e4d1e13291baeb6

212.87.204.103:9506

# Reference: https://www.virustotal.com/gui/file/326406a1f55c468fb715bf412d7bbffb66b292ace3ba327f102131ee5cf1df70/detection
# Reference: https://www.virustotal.com/gui/file/5e41710a62e8b12ef0e56043cddd42b41e1cde798c5ef5f99ef0d90d7f2fff79/detection

142.93.128.246:56999
catpn.net
bot.catpn.net

# Reference: https://elfdigest.com/brief/72f922f31abb9cd440923e74901a2ee412d9fe16d77273cd5f748eecef457523
# Reference: https://www.virustotal.com/gui/file/326406a1f55c468fb715bf412d7bbffb66b292ace3ba327f102131ee5cf1df70/detection
# Reference: https://www.virustotal.com/gui/file/eda1eb8d88dee0f23eec93c2fa04d87d6433145ff385910bbcbe90f373c7d839/detection

109.206.240.9:56999
178.62.79.143:56999
195.133.40.248:56999
botnet.catpn.net

# Reference: https://elfdigest.com/brief/2fe49af296c6b295dd05a01a1949708fc0a9d55d0747498249cb6099419c9b73

193.42.33.21:1302

# Reference: https://elfdigest.com/brief/9a3727775a98d08edeb56d34bb70830964550810cfaaa0abe8e3b8eb7c2f3d30

45.12.253.144:38241
botnet.sayto1k.ru

# Reference: https://elfdigest.com/brief/1cf1473a99535d7f5145ab8e7827ab80cc2c6c74dcdc8797bd220103c0d20975

185.254.37.25:1337

# Reference: https://twitter.com/D4RKR4BB1T47/status/1626122247483031552
# Reference: https://tehtris.com/en/blog/honeypots-activity-of-the-week-43

http://59.187.205.166
vmlguzrwpi7lupxte4dvrwrdfkwijca2nyizk2fqnq3zheyvxwvnahqd.onion

# Reference: https://tehtris.com/en/blog/honeypots-activity-of-the-week-50

/ohshit.32
/ohshit.64
/ohshit.arc
/ohshit.arcle-hs38
/ohshit.arm
/ohshit.arm4
/ohshit.arm4l
/ohshit.arm4t
/ohshit.arm4tl
/ohshit.arm4tll
/ohshit.arm5
/ohshit.arm5l
/ohshit.arm5n
/ohshit.arm6
/ohshit.arm64
/ohshit.arm6l
/ohshit.arm7
/ohshit.arm7l
/ohshit.arm8
/ohshit.armv4
/ohshit.armv4l
/ohshit.armv5l
/ohshit.armv6
/ohshit.armv61
/ohshit.armv6l
/ohshit.armv7l
/ohshit.dbg
/ohshit.exploit
/ohshit.i4
/ohshit.i486
/ohshit.i586
/ohshit.i6
/ohshit.i686
/ohshit.kill
/ohshit.m68
/ohshit.m68k
/ohshit.mips
/ohshit.mips64
/ohshit.mipseb
/ohshit.mipsel
/ohshit.mpsl
/ohshit.pcc
/ohshit.powerpc
/ohshit.powerpc-440fp
/ohshit.powerppc
/ohshit.ppc
/ohshit.pp-c
/ohshit.ppc2
/ohshit.ppc440
/ohshit.ppc440fp
/ohshit.root
/ohshit.root32
/ohshit.sh
/ohshit.sh4
/ohshit.sparc
/ohshit.spc
/ohshit.ssh4
/ohshit.x32
/ohshit.x32_64
/ohshit.x64
/ohshit.x86
/ohshit.x86_32
/ohshit.x86_64

# Reference: https://tehtris.com/en/blog/our-selection-of-alerts-on-honeypots-report-1-january-2023

/AkitaXss/

# Reference: https://elfdigest.com/brief/908a7b05bb544e438d9c25b39771ddd8cc4db02f3fb0a257c72953313fa32598

193.42.33.24:38241
skid4.life

# Reference: https://www.virustotal.com/gui/file/f672abac54cd7977377437d43ebe28a3b723ed0e0ad94329833e2a58e632d1e0/detection

http://193.42.33.24

# Reference: https://elfdigest.com/brief/c90a035b9d8d371d287dd8a3a7443f39e37539c1f71ef29cb01b16b02f213d35

46.3.197.29:1337

# Reference: https://twitter.com/RedDrip7/status/1630038030810779648
# Reference: https://www.virustotal.com/gui/file/3484aac5259bbc26a403c4546f9134efd076606467f7a8d370fbee1b69cc113c/detection

195.18.27.172:7787
46.232.62.138:1543

# Reference: https://twitter.com/RedDrip7/status/1630042382619250688

139.144.18.38:38241

# Reference: https://twitter.com/RedDrip7/status/1630046125716836352
# Reference: https://www.virustotal.com/gui/file/3a167876f26e41bf31e212bdae1a6fed1f5bb6f880e2141639b6c32db977d898/detection

5.253.246.151:31337

# Reference: https://elfdigest.com/brief/62b1498d1e9889f5533975bceeec4b8c1482e545ca35aa7c28b9e151aeab55b0

143.198.217.16:56999
condiv5.hopto.org

# Reference: https://twitter.com/r3dbU7z/status/1630072674574639105
# Reference: https://www.virustotal.com/gui/file/ac286505cddd22ddf874957ee3c9eef971225ae183ba3246b07c22ecf1a641a9/detection
# Reference: https://www.virustotal.com/gui/file/f19d9b6937df4491927af683659894824e758f600fcc48c20b928735737b2ba1/detection

84.54.50.104:56999
xfxyaj.xyz
bots.xfxyaj.xyz

# Reference: https://elfdigest.com/brief/dcfff85415785b0b898851cbc67afcb69e393629e6b85dc049868f888f579c42

139.162.4.196:56999
setup.hopto.org

# Reference: https://elfdigest.com/brief/cdfcb81fa5b69d339954b448604201c9f10389b12a4412fa79b09fa2ff69259e

143.198.217.16:2023
quangchaytool.tk

# Reference: https://elfdigest.com/brief/23cb4317f6e230e89d0f58eff174ef1ef131b646c610b559200710063b8ff269

64.112.72.170:9375

# Reference: https://elfdigest.com/brief/a93a068f7ee38dc9fb7534569cc6f4e930eaf4036bbdbb9efb38e1377ce4d52b

176.111.173.32:1312

# Reference: https://elfdigest.com/brief/24f2241568b9f5e2493eba4262143f6542690d78fea924acae346e3449b5440f

http://103.178.229.154

# Reference: https://elfdigest.com/brief/61afb1ccc711cdd14be640db19762a550f049c84449efe69261d1a6af6144713

http://139.59.75.75
139.59.75.75:6075

# Reference: https://elfdigest.com/brief/cb95f844feb93bda2a011b9667c4808cd602498358d585671cdf4bec9f59686d

http://109.206.243.161

# Reference: https://elfdigest.com/brief/18f1853a2ecacf7712d4531e072fb158eb19acaf60919762beb019a8ccaa7677
# Reference: https://www.virustotal.com/gui/file/3394c80086715cb6e946ddf36883692efaf85e52d0368b3638d8b841cf89623f/detection
# Reference: https://www.virustotal.com/gui/file/1d4091349c589e1100577fa72f6e94f2fa4ec33bfb69fb8b2d3b98f47551cb64/detection

chinesetable.us
cnc.chinesetable.us

# Reference: https://elfdigest.com/brief/1533fefae62a7c12f70bf7b6d9a9006b99296e8a5a97c754acaa8f86b9757e7f

185.237.96.105:3778

# Reference: https://elfdigest.com/brief/cfd6c4a64d6ac93765727eaa664b52613fb069e8ac155df7cfbb9a7ee492c931

2.59.119.250:9506

# Reference: https://elfdigest.com/brief/d3ab36eb378680dda3a6a0637190a5f0b711232c07261a02175292a95c5502c2

shemalefreak.online
botnet.shemalefreak.online

# Reference: https://www.virustotal.com/gui/ip-address/5.252.177.59/relations
# Reference: https://elfdigest.com/brief/87a65ef005e7ce0bb22f976e92de655b7e79c01c5e5f925811d188824006a034

http://5.252.177.59
magicbog.win

# Reference: https://elfdigest.com/brief/17d6905993fe8d77d93ee1f6ce4446fc82accdc8057f8fc58854eeedbeabfad6

http://109.169.2.198

# Reference: https://elfdigest.com/brief/13963b67022c7c5dde0e62f9ee178ea988f6098d058b1b9541045383b51a261b

http://212.87.213.149
212.87.213.149:666

# Reference: https://www.virustotal.com/gui/ip-address/77.73.131.181/relations
# Reference: https://elfdigest.com/brief/678f1bd93bd79ed3715226b6595ef8d5c91e30ff9153a2296b560a5d25b08ec8

http://77.73.131.181
209.141.33.182:695

# Reference: https://elfdigest.com/brief/dd658e29b8180366ef67896658f7b197f30cfa627bd5d5b1f7361432efda1f94

http://176.111.173.32
176.111.173.32:5555

# Reference: https://elfdigest.com/brief/1d804ad83a47ea8f232fe05791ac3ab882f12775add0fc100ddfc6cb005aa433
# Reference: https://elfdigest.com/brief/a2303d11035af1a48f359f3f99d61525fdff30c240c16ffadaa73161d5021e4d

103.216.113.207:56999
178.128.114.167:56999
zingspeed.me
botnet.zingspeed.me

# Reference: https://elfdigest.com/brief/fde361119bda89660d61f8576ed721b3b6ecc9e5acfae935ebc0065deb84f4b8

68.183.229.40:56999
68.183.229.40:8080

# Reference: https://www.virustotal.com/gui/file/8dd5cc3032b9a934e60aa40ce7dc543bb43fb9677c81d3a79131a33d67706e9a/detection

143.198.217.16:9375

# Reference: https://www.virustotal.com/gui/file/dfdc4278eac7aed67d5bd6e8a25bf51f4c2f5552dd1af288d7ce334f5f1bba93/detection

http://143.198.217.16

# Reference: https://www.virustotal.com/gui/file/cdfcb81fa5b69d339954b448604201c9f10389b12a4412fa79b09fa2ff69259e/detection

103.178.229.154:2023

# Reference: https://www.virustotal.com/gui/file/c8613b0fddb86b1ccdcc41eeac0402dcc65de1f37c80d3f94beec093c384b9f3/detection

143.198.217.16:1312

# Reference: https://elfdigest.com/brief/1fc4007da87478b9f6b8b3b9bae94a4a5de3905041df1c634ce53eaeb0a3807f

18.138.234.195:56999

# Reference: https://elfdigest.com/brief/d6e023927d969bf6120d7bc7244f58116e0eb4c7cb82442fb38375e2dc1c7270

95.214.55.109:38241
kladnxzincznidwbnab.cyou

# Reference: https://elfdigest.com/brief/d815ac6601f5d4355f7970d33ff0a6ecdf741d891fe1e89095df2c9de3689bfd

85.217.144.59:4258

# Reference: https://elfdigest.com/brief/cef4604abbdc84a03bfad1f0d3714105a2db2d968c495c84eea5f8c017be6aa6

http://45.81.234.64

# Reference: https://ti.qianxin.com/blog/articles/Andoryu-Botnet-A-New-Botnet-Based-on-Socks-Protocol/
# Reference: https://otx.alienvault.com/pulse/63f65728cca7c85ecacd0572

http://47.87.154.192
104.234.239.190:1025
152.67.66.37:1080
172.86.123.20:1025
/Andoryu.32
/Andoryu.64
/Andoryu.arc
/Andoryu.arcle-hs38
/Andoryu.arm
/Andoryu.arm4
/Andoryu.arm4l
/Andoryu.arm4t
/Andoryu.arm4tl
/Andoryu.arm4tll
/Andoryu.arm5
/Andoryu.arm5l
/Andoryu.arm5n
/Andoryu.arm6
/Andoryu.arm64
/Andoryu.arm6l
/Andoryu.arm7
/Andoryu.arm7l
/Andoryu.arm8
/Andoryu.armv4
/Andoryu.armv4l
/Andoryu.armv5l
/Andoryu.armv6
/Andoryu.armv61
/Andoryu.armv6l
/Andoryu.armv7l
/Andoryu.dbg
/Andoryu.exploit
/Andoryu.i4
/Andoryu.i486
/Andoryu.i586
/Andoryu.i6
/Andoryu.i686
/Andoryu.kill
/Andoryu.m68
/Andoryu.m68k
/Andoryu.mips
/Andoryu.mips64
/Andoryu.mipseb
/Andoryu.mipsel
/Andoryu.mpsl
/Andoryu.pcc
/Andoryu.powerpc
/Andoryu.powerpc-440fp
/Andoryu.powerppc
/Andoryu.ppc
/Andoryu.pp-c
/Andoryu.ppc2
/Andoryu.ppc440
/Andoryu.ppc440fp
/Andoryu.root
/Andoryu.root32
/Andoryu.sh
/Andoryu.sh4
/Andoryu.sparc
/Andoryu.spc
/Andoryu.ssh4
/Andoryu.x32
/Andoryu.x32_64
/Andoryu.x64
/Andoryu.x86
/Andoryu.x86_32
/Andoryu.x86_64

# Reference: https://elfdigest.com/brief/1ec7255ac37acd793cd9cd48d554907fef25ebbb65f1f04e84f46ab708f3a9b3

http://193.42.33.21

# Reference: https://elfdigest.com/brief/88dd896c082a7cee71c26e2f6330a37109334ceabe048e10ebe40b876a612a93

http://193.164.7.59
193.164.7.59:3778

# Reference: https://elfdigest.com/brief/66003ca71cf12278398fde7082696869f0d112a1506c46392bdd3b22fa193312

185.225.73.175:59666
catbbos.fun
botbet.catbbos.fun
scen.catbbos.fun

# Reference: https://elfdigest.com/brief/897cc18e07c9a5e5e095f0a7bf2945a02339bbefdf331a059045cc6bf30d8099

http://176.111.173.27
176.111.173.27:11025

# Reference: https://elfdigest.com/brief/86b0842f4defefb7e396092fc75cb58461256819b257080400c8bb3f08d65877

http://85.217.144.59
85.217.144.59:45

# Reference: https://elfdigest.com/brief/f229c6cbff70c32dff7f3aabc3b405af1949bd5083ef51a7d216f217da546ea2

179.61.251.213:5683

# Reference: https://twitter.com/r3dbU7z/status/1632757433935249409

http://143.42.11.97
45.124.76.252:300
45.136.244.126:5555
59.82.60.46:300
/BF23ewedqw/AEWTrjwqe34
/BF23ewedqw/AQUIJE3q2
/BF23ewedqw/IKOWERA
/BF23ewedqw/WSERIA
/BF23ewedqw/edfgj
/BF23ewedqw/

# Reference: https://twitter.com/r3dbU7z/status/1632748756138328064
# Reference: https://www.virustotal.com/gui/file/c598cca5a1599bd7b96557f4719d05534a155cfac38dcb1bdf48f92fbeeeb1c6/detection

http://179.61.251.213
179.61.251.213:5683

# Reference: https://elfdigest.com/brief/d9f4c964ab8e2f25e5f1f2dd11b46ecda57822ead8677ef4ae463c7d5790d2a7

http://94.158.244.45

# Reference: https://elfdigest.com/brief/dfef5bd45114040bba6a0195df2c2321638987a9984ad34e9b3ec4e169768834

193.42.33.21:56999

# Reference: https://elfdigest.com/brief/d14ed484396c60527571810699824ef5c4cd4ab527bd741c2bdf59f5bae281d5

185.254.37.25:3778

# Reference: https://elfdigest.com/brief/086f3861f234b0eb89643113a0df7f88d830b7d2627ecaab4067650ec9f7174f

179.43.182.79:60195
mc-live.online
botnet.mc-live.online

# Reference: https://elfdigest.com/brief/4f57d625f1af876b0eac0ece8de4140ff94862fd5f4ef65a8fbd9c36945f4651

103.186.214.136:56999
xiaojue.xyz

# Reference: https://elfdigest.com/brief/6f8c7c7b96c0d477cb50bfe9ef96b0282fbd095944c04f411d18a470765a1bb9

45.128.232.127:3778

# Reference: https://elfdigest.com/brief/388cb2fa24c6bf1de868e721274f2e402b51ddac8113a6d13b1ca57e6eb58c9a

109.206.240.54:1821

# Reference: https://elfdigest.com/brief/2b7835a60b8531b9052faa7c281f39b2359c16c51eef4aa09f6dcf9a97e07a67

192.253.237.71:107

# Reference: https://elfdigest.com/brief/c73e517fcec0d575b6ffc914cfc58fc2865561d79c2723587bd363a040236448

46.3.197.29:5555

# Reference: https://elfdigest.com/brief/c1501a8bde21e99e71f30e2382c97a106754f3b742d238f33942f411678c8804

http://77.91.78.113

# Reference: https://elfdigest.com/brief/e20667ed689d41d8eebec7a83853a9413085c2d009d6a9819a9255fdba899dbb

212.113.106.38:1337

# Reference: https://www.virustotal.com/gui/ip-address/47.87.225.23/relations
# Reference: https://elfdigest.com/brief/2ad1a833a07cf93672871d8887b2ce6a494d04da7b5f6f2a61bdd5e026ade701
# Reference: https://www.virustotal.com/gui/file/04bab5c48e48b6ff6e0133a5448e27fab8b949b1e24c3fcd0d7891ac3a72b3e8/detection
# Reference: https://www.virustotal.com/gui/ip-address/47.87.225.23/relations

http://47.87.225.23
47.87.225.23:7890

# Reference: https://elfdigest.com/brief/7b02a5bbfb614d1ebb7565a37d513c5f7257f95e8251aa5e301e3d0ea5d5b381

185.227.152.152:107

# Reference: https://elfdigest.com/brief/2e09e2c71df787caf4a91aa8cd307626b6da2ff73d4c1a044049c070e9d32e9b

45.33.100.223:606

# Reference: https://elfdigest.com/brief/3a98e6a34d48678896256c3b3556635c9a6fdd0a099d4a9029e6ccc4fb8bad47

84.54.50.170:23

# Reference: https://elfdigest.com/brief/4be2700e581b2a933c5d9e287d388e53b7ffa50561c56e812138d10f20e05704

http://45.95.55.165
45.95.55.165:3778

# Reference: https://elfdigest.com/brief/d46a9fb148ab0ac153ed454adf7abfcebcf518a5585ef1705aa396f050ac25e8

141.95.84.78:39078
new.nodefunction.vip

# Reference: https://www.virustotal.com/gui/file/cf3a89843ff33559c91401e377e44bdbfc839231df97fabec7c93f8862d08f4b/detection

botnet.nodefunction.vip

# Reference: https://elfdigest.com/brief/a4a08f0f4735943cd1ee127b17ddc18c641aae7f028c27f99ca6515124abf89c

http://79.137.248.213

# Reference: https://elfdigest.com/brief/2c9fcdf2875779522bc8beaca188e2e732c307ea6317174790b85229d8ddf45d

http://85.217.144.59
85.217.144.59:5555

# Reference: https://elfdigest.com/brief/288da154ba67fa789d86922281e218e3a4d6eaeac40af7233dd823442cd43165

http://79.110.62.233
79.110.62.233:9560

# Reference: https://elfdigest.com/brief/a963d418607993727816ec3f8fc642c98c95ab0152152ebd3795ff07f2f002a6

http://51.195.139.140
51.195.139.140:3778

# Reference: https://elfdigest.com/brief/d0be07db47b10c15a24c47d193920e6d592b4f4cec924c4e37e96b61480ce795
# Reference: https://www.virustotal.com/gui/file/6abcd0d8dac7c799033ab3edf0c71372f60ad2af06b8ded7e4d9fa30a5f82b02/detection

103.90.225.7:15779
128.199.134.42:59666
hihihi.site

# Reference: https://elfdigest.com/brief/4af977c6bbfa69e504d7fd2521e173a756a26988086293751b8f4319ab19e5a5
# Reference: https://www.virustotal.com/gui/file/4af977c6bbfa69e504d7fd2521e173a756a26988086293751b8f4319ab19e5a5/detection

http://109.169.2.140
109.169.2.140:1312

# Reference: https://elfdigest.com/brief/41f19ddd43b8fbd209e2bfd82fe6e3af545a49c97c3da9d9ffd4f3bdfc17ef48

5.255.111.128:56999
ddosing.online
bot.ddosing.online

# Reference: https://elfdigest.com/brief/eb0f29b47e227321b7b40cf92d72c4a602acbddc07634d6896151ff0d056d952

http://45.138.74.172

# Reference: https://elfdigest.com/brief/eccf5b3094c650785489b9d2fd5339002e8c47fba42dbf12256420cc23873921

http://160.20.109.234
160.20.109.234:3778

# Reference: https://elfdigest.com/brief/e8e105f4ac02b43718baf1597c8ae659335dec542945526e91045dbeff95b934

http://45.61.186.19
45.61.186.19:1312

# Reference: https://elfdigest.com/brief/6f3f6c15ae0d5e11822f60c09c519988a9a4346a79295223cbd7b74bc25fb5b2
# Reference: https://elfdigest.com/brief/abbb1f39127007fb945fa14838703ed26fa15fb724af4ecc42fd1fbc7558cdaa

http://167.179.68.134
167.179.68.134:1312

# Reference: https://elfdigest.com/brief/fe9fe193a860076ed279581534c94d7a988b7718a9315bd369f6bf7400249efc

http://45.81.243.186
45.81.243.186:1337

# Reference: https://elfdigest.com/brief/bcec23002a08f5489e997a7dbe06bc5324f6faefeb143a541b557c2adb95fd24

85.217.144.33:9931

# Reference: https://elfdigest.com/brief/62dcf5753316ea3aff7eefa929bfa151f48955741e8b07ec7c5b53a67a1964ee
# Reference: https://www.virustotal.com/gui/file/c9ce68fd5683764ffe7ea575aa38841e9c872fd75c8da901d8cbf48d224b3e8b/detection

http://93.190.8.33
93.190.8.33:1312

# Reference: https://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnet

156.236.16.237:4120
185.112.83.254:4120
77.73.131.247:4120
156.236.16.237:61420
185.112.83.254:61420
77.73.131.247:61420
/z0l1mxjm4mdl4jjfjf7sb2vdmv/
/asdf?a=GETA
/asdf?a=GETA&b=GETB

# Reference: https://elfdigest.com/brief/12adf0f9ef389b3693ea6cf99c08f7a9bc88db2f7a908a8945a162bac6dfd6a2

http://93.190.8.33
93.190.8.33:3778

# Reference: https://elfdigest.com/brief/24e6f88b84d485271e6d2382e758c632613cb3ff46a91c44e8659f388bf53ae0

http://66.94.117.205
66.94.117.205:1312

# Reference: https://elfdigest.com/brief/6f5ad4e9137dde1498015e3cb679e502c6a90bea88fc8ee022e881e5798d64ea

http://217.195.197.83
217.195.197.83:3778

# Reference: https://elfdigest.com/brief/e43b14124352f780afcb24d06bc658d260602896a885ad7eecb2f4fdb85000cf

157.230.217.69:666

# Reference: https://elfdigest.com/brief/3ffda9c11d8187024d11ffbf9984bc7f1307ae98c2092a68a4288e6cbf22de71

5.252.199.138:61915

# Reference: https://elfdigest.com/brief/acef6f73e8edd482ddc6fd032489dddbcd026ab6ff8b02ce4b6b922caa868664

129.158.216.189:23

# Reference: https://elfdigest.com/brief/95f312bcbe88e0404ebf829e99b82a638a80e37c5eacee2ff53006815192044c

84.54.50.177:555

# Reference: https://elfdigest.com/brief/6a115dbcb909563249115c03be76ef2b20bafd04a4356ce7d4970c876eb5cc9b
# Reference: https://elfdigest.com/brief/1230eed6c363f25dfc0eca255e4e1f631d3123834998d305b1f179b042d03671

http://85.217.144.33
85.217.144.33:9506

# Reference: https://elfdigest.com/brief/e04e260b771dc96972a6d7c5b35d4d7954fd96e759fcf9d62919d4994a431f13

37.49.229.52:3074

# Reference: https://elfdigest.com/brief/f50a1ad93f4306debe569fa25161c86f182904ca53253ae5b9fd1da2ad9c5ccf

http://66.94.117.205
66.94.117.205:1791

# Reference: https://elfdigest.com/brief/b73460183c77324f3c6d580105ff568c454f6388a2babab55eb4bb2843a7e6b5

http://37.221.92.200

# Reference: https://www.virustotal.com/gui/file/128c942c3615bb3773a3a157fbf1b2c1da95c5058ef9f21ef9dd8d49599fdeea/detection

37.221.92.200:12459
duc3k.com
admin.duc3k.com

# Reference: https://elfdigest.com/brief/2e167e6c27ae8ad1f23c7c96afb94fd8a029409b681ac8b19c7aa503aabc6147

41.216.182.42:23

# Reference: https://elfdigest.com/brief/ee857db4212e3c5b4117c238778918b0766a04f77c0637078ae4dc014d7bd96f

109.98.208.52:60422

# Reference: https://elfdigest.com/brief/fbb3414618c965d294714381dd3c9322941979e578cb26752c8c5dc8997bb385
# Reference: https://www.virustotal.com/gui/file/fbb3414618c965d294714381dd3c9322941979e578cb26752c8c5dc8997bb385/detection

http://45.151.123.27
45.151.123.27:1312

# Reference: https://twitter.com/SecureSh3ll/status/1637182671880171527
# Reference: https://bazaar.abuse.ch/sample/d9bd1932dad08061e9cfecdc42bc4cbb3eec506ab54f4d889d6ae523d8249324/
# Reference: https://www.virustotal.com/gui/file/d9bd1932dad08061e9cfecdc42bc4cbb3eec506ab54f4d889d6ae523d8249324/detection

193.35.18.163:2137

# Reference: https://elfdigest.com/brief/762b73bd42d73c47163f3057faa4670e3c1f150198689c155055bbf2a514de1b
# Reference: https://www.virustotal.com/gui/file/f6206a35cde04acbd252b7d9147acec5f22e02be73f7f0b0db256bfd61122dcf/detection
# Reference: https://www.virustotal.com/gui/file/762b73bd42d73c47163f3057faa4670e3c1f150198689c155055bbf2a514de1b/detection

http://193.151.139.142
193.151.139.142:1312

# Reference: https://elfdigest.com/brief/a2773ede9d2cf982247c64326aa49cefa51814b9d89f88a44a5e65cc08aaa1e9

http://50.7.177.44
50.7.177.44:666

# Reference: https://elfdigest.com/brief/99f79e1b11d5daf80c360007d63ed754c377aba1cd995dd196a0624906059f9d

http://193.42.33.66
193.42.33.66:3778

# Reference: https://elfdigest.com/brief/23c64617b65455f94e4ee6534b2ac1b691345308939b5fbdeaf9543fc0d6d42c

103.145.13.132:23

# Reference: https://elfdigest.com/brief/33c5e6d10503199323d7d0a1564c49e4edf999644398e94c0b8bf134f50de866

47.87.201.219:5555

# Reference: https://elfdigest.com/brief/345af30747e6bc29131d37896094eee96e0255ad157d0a1d688f732bb3d60303

47.87.131.128:158

# Reference: https://elfdigest.com/brief/35e74622b20afd09a0e31dc7a139ffcb881d5a141e0862ca3fce955df50fdc36

http://37.221.92.202
37.221.92.202:59666
niggerskiller.cf

# Reference: https://elfdigest.com/brief/0b862a3b57ce17fe2780541d0bde2b77965eba3065bd40fb9fb7df884e525336

47.87.138.189:41526

# Reference: https://elfdigest.com/brief/686fb10624e0f6001922f5a7da9d6c10671b960e04da8cb6300bd81671d4407d

195.133.40.202:56999
zxyes.xyz
test.zxyes.xyz

# Reference: https://elfdigest.com/brief/8d68d690514765aca94a5fce64b9a230053036aa0696ce817bb1919edeb87432
# Reference: https://www.virustotal.com/gui/file/d502542baec72142eef5bbe366c81681acaca46c920c37c724d2cd0b8a93a223/detection

103.161.181.97:56999
kamuiv3.hopto.org
/ctrlt/DeviceUpgrade_1

# Reference: https://elfdigest.com/brief/4cf746a139073be8a0ecc26baa185576a2d0582f47a8a02bb6ac96273973e839

158.160.21.132:1312

# Reference: https://elfdigest.com/brief/792754c6e660335fe22a3099a2953c7d51b9b5c9eb6bed989790393ba1ef8ce9

45.61.184.58:695

# Reference: https://elfdigest.com/brief/f01dd98cb5003b692b097c3e9e2493ddd041511d4e1b2874d85fb6e1bbfd3a9b

31.214.243.29:4258

# Reference: https://elfdigest.com/brief/ea90699a0a702614fd8f533961a45c1c3d1c0ea1da96ccbba4ea745e640bebe6
# Reference: https://www.virustotal.com/gui/file/ea90699a0a702614fd8f533961a45c1c3d1c0ea1da96ccbba4ea745e640bebe6/detection

185.250.149.94:443

# Reference: https://elfdigest.com/brief/17492e1447ec32d450601db269a687e058fab102b0bd35763e93483c755921cd

46.3.197.29:1312

# Reference: https://elfdigest.com/brief/c12bc6a7b13591a732b61146d00bc1cb483d7ae95df007cddc0112ab835339d7

31.214.243.99:4258

# Reference: https://elfdigest.com/brief/a0ede4b9d54a197d970f9322813d69b247e7b597772c2e289e9dcaca42b76451

37.44.238.192:420

# Reference: https://elfdigest.com/brief/3ba8be440a17901bb03cf637803cc30e0ad5b2abdacbdd425aa18afbcd4fa540

xx.cc

# Reference: https://elfdigest.com/brief/5d452229d8f07f6ac5dcd8e85d8d3b85591d563ba556bc9c81a1b6db848c8e65

37.44.238.192:420

# Reference: https://elfdigest.com/brief/521cc5404a70afcfcdb43a4a8e66b4761514d8303df2e9395732c417073b9ef2

185.244.129.67:23

# Reference: https://elfdigest.com/brief/d048f678d2012959a3e040bf950889548bbc38d3b96b0a2d0f60930889741471

141.193.68.18:4662

# Reference: https://elfdigest.com/brief/6d43f0f2b9139c5c9e4552642dc8629775367c521c024ed355dd636de35a51c8

185.225.74.170:4432

# Reference: https://elfdigest.com/brief/2b318c6894e66a3e8f3abe92eaf92b181fbc4b41998ce6a2081b72582bf8b773

37.44.238.182:39

# Reference: https://elfdigest.com/brief/8806c8f83a22f582e54ab9ca75387e5709ed21fef0671d8cec4a695e5913101d

185.206.144.136:23

# Reference: https://elfdigest.com/brief/a7602ada97d833efbf2584af322ddd416e6dabcb1dbbfa38d86a6c96b6091898
# Reference: https://www.virustotal.com/gui/file/f6f56b9b08046941583dcba468647526d0cf64e35a8f0486a6ea82887ccd87a5/detection
# Reference: https://www.virustotal.com/gui/file/ed2083f82d23b3cf978e497a0d3b9ad9dc504b4ae1e30fad8ac73405e41e9826/detection
# Reference: https://www.virustotal.com/gui/file/a7602ada97d833efbf2584af322ddd416e6dabcb1dbbfa38d86a6c96b6091898/detection

103.178.228.103:56999
log.txt.al

# Reference: https://elfdigest.com/brief/b1e3c1f0c94806955ffd1a0edb4482915c63d777719bceb4328c6201c21f618c

45.61.188.89:56999
l7c7.com
botnet.l7c7.com

# Reference: https://elfdigest.com/brief/299a0979b6b4ac120a61cf40f494337a3acc53a9fb0a087a83b960b6dcc670f9

185.225.74.67:839

# Reference: https://elfdigest.com/brief/d74ab8b24ca920f584b363860fac5ea78f9bbf7354a2c5e3fcae48df7219d97b

47.87.215.121:65531

# Reference: https://elfdigest.com/brief/65c5d4455e69e30962d0b793bf2472a676c383743dc828643146a6e4d0db9cd0

199.195.248.192:56999
xiojue.com

# Reference: https://www.virustotal.com/gui/domain/cnm48.cn/relations
# Reference: https://elfdigest.com/brief/8f34635582b40095852b614377c71e88c9cdeaeb832398ae53788a66babaee79

103.42.31.8:56999
cnm48.cn
chatgpt.cnm48.cn
tencent.cnm48.cn

# Reference: https://elfdigest.com/brief/566ca0edfa417e0bb85d9efb319d41e2ea5bef8a72b640378c8b4989a5e46cea

185.126.117.236:61915

# Reference: https://elfdigest.com/brief/680f16ea36846b333c45f67b7ee3ead411734d4ef933b664eb4d97c56a0e5e7f

14.225.210.249:5555

# Reference: https://elfdigest.com/brief/55196c6327703b603a06f6f2470a01730b8bf81ebf0ed3750c6e2fbd58ae9a94

87.121.113.149:1337
potatomepotato.hopto.org

# Reference: https://elfdigest.com/brief/822a118d3cea8441c32087d235ab5b97ec4a6b55d5b781f8189bb21e22f198b0

185.225.74.97:3778

# Reference: https://twitter.com/bad_packets/status/1641211634805874688
# Reference: https://twitter.com/r3dbU7z/status/1641367204355514368

http://192.161.55.115
harmxvu.ddnsking.com
/jack5trl.sh
/ljc.sh

# Reference: https://elfdigest.com/brief/63c24599241b7c44f6a66bb7466183ee64fd65aa1970772015ca450a5ee8948e

198.98.51.106:5555

# Reference: https://elfdigest.com/brief/eb31a502fc534996e3480985311d37ab56fd08cbc34bb7472785cc60ca575218
# Reference: https://www.virustotal.com/gui/file/62d1be9316dbe916fd20e18faa2d037d8d0f4b100fa3f223a4cd2229db12e160/detection

bruh123.hopto.org

# Reference: https://elfdigest.com/brief/9f1d9ddc6d49b3f11cb00450583ccf9a5d80fdadecbd0379a70b25f7d5a5786f

185.225.74.241:3778

# Reference: https://elfdigest.com/brief/08def68df2b40fa9f189cf2606b5317f87ba34208ec35c03f9589f28cacb3d5a
# Reference: https://elfdigest.com/brief/502649d7351873d32380d0d4f1b84029eb699daa93377401d6eaa2f918ab2d90

193.42.33.217:60195
daxw.eu

# Reference: https://elfdigest.com/brief/ceb30f79fa905c2c64a1c9cb3bb4b5b05c4f0de9fdb3cdad44571b571589d1bb

95.214.25.155:1312

# Reference: https://elfdigest.com/brief/55850d890f80ee21123e7a3a79c82f82b88067dbe8741eb6368509b772e5dbd5

111.90.146.117:5555

# Reference: https://elfdigest.com/brief/42fae824c78bf63ea8e8cecf9f414840fb03d91462ffc7afa3400927cb80b78a

178.218.144.110:56999
thanh.ddns.net

# Reference: https://elfdigest.com/brief/1e5018d80d427eb77b0575d82d9a5e634b92be98853e49abb9e9f1627d6d5d90

88.208.199.38:23

# Reference: https://elfdigest.com/brief/daa02c66a7984da82ae2e96c1d8925a2d4fc31ed0f19ef4a0817e43be745b6b4

47.87.218.20:666

# Reference: https://elfdigest.com/brief/05c6285077c3622cb563fbda75cf517e98329d0efd5d8459250066ac9b827b72

45.134.11.110:23

# Reference: https://elfdigest.com/brief/f5d43378d020c27bfeea69b3b163f2d341237dfe3b26f34864b0b1d54e518922

185.225.73.130:667

# Reference: https://elfdigest.com/brief/8c109142d6b6e570ca5774923e8de9c9f5ee7ee82e08c2974f8ed8c8b42bd421

212.87.204.52:1972
testingbot.ddnsking.com

# Reference: https://elfdigest.com/brief/e7b0b03f87c977a814be7beab784e8dbae5fbbb5d91d81253dd8c819f05102c1

41.216.182.196:6969
withersmith.xyz

# Reference: https://elfdigest.com/brief/69e78496c99d9a16493bdc02c086fedcb37689c9898ad2bcbe41b917385ffad5

45.93.31.28:56999
cnm48.cn
chatgpt.cnm48.cn
tencent.cnm48.cn

# Reference: https://elfdigest.com/brief/b75299f57e24de5ffa2c9ac139a48e5d66b1a2ebf137bbc62d6a16d971212543

195.58.39.195:13

# Reference: https://elfdigest.com/brief/9699e922c9a982d5845506ac21b662c267227f68fa0c24bc83a62ce953b5396e

193.35.18.108:420

# Reference: https://www.virustotal.com/gui/file/16daa6fa6f624d3f4acec3b9438ade2ebda25b0a8f888f4ae5edd9cc9f72c216/detection

http://111.74.149.81
111.74.149.81:30047
172.104.217.127:30047

# Reference: https://twitter.com/petrovic082/status/1644242297444356096

http://204.44.109.117

# Reference: https://www.virustotal.com/gui/file/2f245c5f1158be898610c3549b5327950c2664e3d3a9cadc0486cc9b96864de4/detection
# Reference: https://www.virustotal.com/gui/file/997f303c3696788923e41d35a26fc2c79a11ec34389028d81a6fb43f8c11aecf/detection

http://198.50.135.105
189.78.245.80:27160
192.99.168.245:27160
00sax0asfd00ddd.loseyourip.com
41asd41as4d5as4d4f4.casacam.net
/asdsad54asa5s4d32
/asdsad54asa5s4d64
/asdsad54asa5s4darc
/asdsad54asa5s4darcle-hs38
/asdsad54asa5s4darm
/asdsad54asa5s4darm4
/asdsad54asa5s4darm4l
/asdsad54asa5s4darm4t
/asdsad54asa5s4darm4tl
/asdsad54asa5s4darm4tll
/asdsad54asa5s4darm5
/asdsad54asa5s4darm5l
/asdsad54asa5s4darm5n
/asdsad54asa5s4darm6
/asdsad54asa5s4darm64
/asdsad54asa5s4darm6l
/asdsad54asa5s4darm7
/asdsad54asa5s4darm7l
/asdsad54asa5s4darm8
/asdsad54asa5s4darmv4
/asdsad54asa5s4darmv4l
/asdsad54asa5s4darmv5l
/asdsad54asa5s4darmv6
/asdsad54asa5s4darmv61
/asdsad54asa5s4darmv6l
/asdsad54asa5s4darmv7l
/asdsad54asa5s4ddbg
/asdsad54asa5s4dexploit
/asdsad54asa5s4di4
/asdsad54asa5s4di486
/asdsad54asa5s4di586
/asdsad54asa5s4di6
/asdsad54asa5s4di686
/asdsad54asa5s4dkill
/asdsad54asa5s4dm68
/asdsad54asa5s4dm68k
/asdsad54asa5s4dmips
/asdsad54asa5s4dmips64
/asdsad54asa5s4dmipseb
/asdsad54asa5s4dmipsel
/asdsad54asa5s4dmpsl
/asdsad54asa5s4dpcc
/asdsad54asa5s4dpowerpc
/asdsad54asa5s4dpowerpc-440fp
/asdsad54asa5s4dpowerppc
/asdsad54asa5s4dppc
/asdsad54asa5s4dpp-c
/asdsad54asa5s4dppc2
/asdsad54asa5s4dppc440
/asdsad54asa5s4dppc440fp
/asdsad54asa5s4droot
/asdsad54asa5s4droot32
/asdsad54asa5s4dsh
/asdsad54asa5s4dsh4
/asdsad54asa5s4dsparc
/asdsad54asa5s4dspc
/asdsad54asa5s4dssh4
/asdsad54asa5s4dx32
/asdsad54asa5s4dx32_64
/asdsad54asa5s4dx64
/asdsad54asa5s4dx86
/asdsad54asa5s4dx86_32
/asdsad54asa5s4dx86_64
/l4sd4s32
/l4sd4s64
/l4sd4sarc
/l4sd4sarcle-hs38
/l4sd4sarm
/l4sd4sarm4
/l4sd4sarm4l
/l4sd4sarm4t
/l4sd4sarm4tl
/l4sd4sarm4tll
/l4sd4sarm5
/l4sd4sarm5l
/l4sd4sarm5n
/l4sd4sarm6
/l4sd4sarm64
/l4sd4sarm6l
/l4sd4sarm7
/l4sd4sarm7l
/l4sd4sarm8
/l4sd4sarmv4
/l4sd4sarmv4l
/l4sd4sarmv5l
/l4sd4sarmv6
/l4sd4sarmv61
/l4sd4sarmv6l
/l4sd4sarmv7l
/l4sd4sdbg
/l4sd4sexploit
/l4sd4si4
/l4sd4si486
/l4sd4si586
/l4sd4si6
/l4sd4si686
/l4sd4skill
/l4sd4sm68
/l4sd4sm68k
/l4sd4smips
/l4sd4smips64
/l4sd4smipseb
/l4sd4smipsel
/l4sd4smpsl
/l4sd4spcc
/l4sd4spowerpc
/l4sd4spowerpc-440fp
/l4sd4spowerppc
/l4sd4sppc
/l4sd4spp-c
/l4sd4sppc2
/l4sd4sppc440
/l4sd4sppc440fp
/l4sd4sroot
/l4sd4sroot32
/l4sd4ssh
/l4sd4ssh4
/l4sd4ssparc
/l4sd4sspc
/l4sd4sssh4
/l4sd4sx32
/l4sd4sx32_64
/l4sd4sx64
/l4sd4sx86
/l4sd4sx86_32
/l4sd4sx86_64
/4ad4as5dsa54d45as/
/7sa78das87d87asd87as8/

# Reference: https://twitter.com/r3dbU7z/status/1644953900259090432

badplayer.net
/ninja.32
/ninja.64
/ninja.arc
/ninja.arcle-hs38
/ninja.arm
/ninja.arm4
/ninja.arm4l
/ninja.arm4t
/ninja.arm4tl
/ninja.arm4tll
/ninja.arm5
/ninja.arm5l
/ninja.arm5n
/ninja.arm6
/ninja.arm64
/ninja.arm6l
/ninja.arm7
/ninja.arm7l
/ninja.arm8
/ninja.armv4
/ninja.armv4l
/ninja.armv5l
/ninja.armv6
/ninja.armv61
/ninja.armv6l
/ninja.armv7l
/ninja.dbg
/ninja.exploit
/ninja.i4
/ninja.i486
/ninja.i586
/ninja.i6
/ninja.i686
/ninja.kill
/ninja.m68
/ninja.m68k
/ninja.mips
/ninja.mips64
/ninja.mipseb
/ninja.mipsel
/ninja.mpsl
/ninja.pcc
/ninja.powerpc
/ninja.powerpc-440fp
/ninja.powerppc
/ninja.ppc
/ninja.pp-c
/ninja.ppc2
/ninja.ppc440
/ninja.ppc440fp
/ninja.root
/ninja.root32
/ninja.sh
/ninja.sh4
/ninja.sparc
/ninja.spc
/ninja.ssh4
/ninja.x32
/ninja.x32_64
/ninja.x64
/ninja.x86
/ninja.x86_32
/ninja.x86_64

# Reference: https://elfdigest.com/brief/73a0dc60d8aa36cbac1f6a30bf9eca0b64f726babca4791999a225cd554dfed1

layer4.vip
botnet.layer4.vip

# Reference: https://elfdigest.com/brief/a8666d0cf2f0fbcc011770836d96db8f876663cd105a659342c79761073e327f

209.141.52.88:56999

# Reference: https://twitter.com/SecureSh3ll/status/1645873577030287361

http://194.87.197.176

# Reference: https://elfdigest.com/brief/b03d7f7e503d394fc9965b0281f1021be4c3a1e165b0b20890156ee5cfd87de9

95.214.53.112:25565

# Reference: https://elfdigest.com/brief/2bf4997d7dbfee3361d24597447712bbdd7317f4daf407200adc735db5660dc8

98.159.98.71:3778

# Reference: https://elfdigest.com/brief/637e3742a0f08bd6336aecb2159ab420f92fb877a0f7026a33461a3b3c16b489

158.160.0.32:1312

# Reference: https://elfdigest.com/brief/d0a0841d1b84ac2de9e672686ac554c496c939a43189cfb2035762fb2e196343

64.225.73.18:38241
dogeating.monster

# Reference: https://www.virustotal.com/gui/file/03ef925493ded5b9cefe09e8a0fe91949e4eaecff14faf87c5d82e3bd33d130d/detection

chinkona.buzz

# Reference: https://www.virustotal.com/gui/file/49585cdc4417890919645538b1adf0818b75dc91b9cadd6585a8f8252ac68849/detection

/0xh0roxxnavebusyoo.32
/0xh0roxxnavebusyoo.64
/0xh0roxxnavebusyoo.arc
/0xh0roxxnavebusyoo.arcle-hs38
/0xh0roxxnavebusyoo.arm
/0xh0roxxnavebusyoo.arm4
/0xh0roxxnavebusyoo.arm4l
/0xh0roxxnavebusyoo.arm4t
/0xh0roxxnavebusyoo.arm4tl
/0xh0roxxnavebusyoo.arm4tll
/0xh0roxxnavebusyoo.arm5
/0xh0roxxnavebusyoo.arm5l
/0xh0roxxnavebusyoo.arm5n
/0xh0roxxnavebusyoo.arm6
/0xh0roxxnavebusyoo.arm64
/0xh0roxxnavebusyoo.arm6l
/0xh0roxxnavebusyoo.arm7
/0xh0roxxnavebusyoo.arm7l
/0xh0roxxnavebusyoo.arm8
/0xh0roxxnavebusyoo.armv4
/0xh0roxxnavebusyoo.armv4l
/0xh0roxxnavebusyoo.armv5l
/0xh0roxxnavebusyoo.armv6
/0xh0roxxnavebusyoo.armv61
/0xh0roxxnavebusyoo.armv6l
/0xh0roxxnavebusyoo.armv7l
/0xh0roxxnavebusyoo.dbg
/0xh0roxxnavebusyoo.exploit
/0xh0roxxnavebusyoo.i4
/0xh0roxxnavebusyoo.i486
/0xh0roxxnavebusyoo.i586
/0xh0roxxnavebusyoo.i6
/0xh0roxxnavebusyoo.i686
/0xh0roxxnavebusyoo.kill
/0xh0roxxnavebusyoo.m68
/0xh0roxxnavebusyoo.m68k
/0xh0roxxnavebusyoo.mips
/0xh0roxxnavebusyoo.mips64
/0xh0roxxnavebusyoo.mipseb
/0xh0roxxnavebusyoo.mipsel
/0xh0roxxnavebusyoo.mpsl
/0xh0roxxnavebusyoo.pcc
/0xh0roxxnavebusyoo.powerpc
/0xh0roxxnavebusyoo.powerpc-440fp
/0xh0roxxnavebusyoo.powerppc
/0xh0roxxnavebusyoo.ppc
/0xh0roxxnavebusyoo.pp-c
/0xh0roxxnavebusyoo.ppc2
/0xh0roxxnavebusyoo.ppc440
/0xh0roxxnavebusyoo.ppc440fp
/0xh0roxxnavebusyoo.root
/0xh0roxxnavebusyoo.root32
/0xh0roxxnavebusyoo.sh
/0xh0roxxnavebusyoo.sh4
/0xh0roxxnavebusyoo.sparc
/0xh0roxxnavebusyoo.spc
/0xh0roxxnavebusyoo.ssh4
/0xh0roxxnavebusyoo.x32
/0xh0roxxnavebusyoo.x32_64
/0xh0roxxnavebusyoo.x64
/0xh0roxxnavebusyoo.x86
/0xh0roxxnavebusyoo.x86_32
/0xh0roxxnavebusyoo.x86_64

# Reference: https://elfdigest.com/brief/41e98b9873320657cd1f6cfaf0d73347e9f2d02f54416da24393f75c603107e5

91.212.121.97:23

# Reference: https://elfdigest.com/brief/73dc423c7bf55f4cf055bd19e1c3846637a1021dd919679d5e0ef6c32d53b0b5

81.161.229.94:1337

# Reference: https://elfdigest.com/brief/2f5428fd203d891573f6640314809508871ad8dba1c4865419283466f1d5f334

45.137.206.188:666

# Reference: https://elfdigest.com/brief/a82a7f9d22956da045439be45cb4cb1b76611c7a3536f5842526efc7444f82ad
# Reference: https://www.virustotal.com/gui/file/0358ace7ae3581c3d5ad27b2b4ca76beb278a947c310abc4d08c4cc63ff7f3cb/detection
# Reference: https://www.virustotal.com/gui/file/a82a7f9d22956da045439be45cb4cb1b76611c7a3536f5842526efc7444f82ad/detection
# Reference: https://www.virustotal.com/gui/file/bc56f6fc641bdae3a6923527fae0b9fbcc84c4c857c6713ecc5be248d29b6e76/detection

134.122.71.215:52
161.35.75.138:52
45.79.8.118:52
64.225.104.158:52
kgfislove.cf
bot.kgfislove.cf
/kgf.32
/kgf.64
/kgf.arc
/kgf.arcle-hs38
/kgf.arm
/kgf.arm4
/kgf.arm4l
/kgf.arm4t
/kgf.arm4tl
/kgf.arm4tll
/kgf.arm5
/kgf.arm5l
/kgf.arm5n
/kgf.arm6
/kgf.arm64
/kgf.arm6l
/kgf.arm7
/kgf.arm7l
/kgf.arm8
/kgf.armv4
/kgf.armv4l
/kgf.armv5l
/kgf.armv6
/kgf.armv61
/kgf.armv6l
/kgf.armv7l
/kgf.dbg
/kgf.exploit
/kgf.i4
/kgf.i486
/kgf.i586
/kgf.i6
/kgf.i686
/kgf.kill
/kgf.m68
/kgf.m68k
/kgf.mips
/kgf.mips64
/kgf.mipseb
/kgf.mipsel
/kgf.mpsl
/kgf.pcc
/kgf.powerpc
/kgf.powerpc-440fp
/kgf.powerppc
/kgf.ppc
/kgf.pp-c
/kgf.ppc2
/kgf.ppc440
/kgf.ppc440fp
/kgf.root
/kgf.root32
/kgf.sh
/kgf.sh4
/kgf.sparc
/kgf.spc
/kgf.ssh4
/kgf.x32
/kgf.x32_64
/kgf.x64
/kgf.x86
/kgf.x86_32
/kgf.x86_64
/kgfint.32
/kgfint.64
/kgfint.arc
/kgfint.arcle-hs38
/kgfint.arm
/kgfint.arm4
/kgfint.arm4l
/kgfint.arm4t
/kgfint.arm4tl
/kgfint.arm4tll
/kgfint.arm5
/kgfint.arm5l
/kgfint.arm5n
/kgfint.arm6
/kgfint.arm64
/kgfint.arm6l
/kgfint.arm7
/kgfint.arm7l
/kgfint.arm8
/kgfint.armv4
/kgfint.armv4l
/kgfint.armv5l
/kgfint.armv6
/kgfint.armv61
/kgfint.armv6l
/kgfint.armv7l
/kgfint.dbg
/kgfint.exploit
/kgfint.i4
/kgfint.i486
/kgfint.i586
/kgfint.i6
/kgfint.i686
/kgfint.kill
/kgfint.m68
/kgfint.m68k
/kgfint.mips
/kgfint.mips64
/kgfint.mipseb
/kgfint.mipsel
/kgfint.mpsl
/kgfint.pcc
/kgfint.powerpc
/kgfint.powerpc-440fp
/kgfint.powerppc
/kgfint.ppc
/kgfint.pp-c
/kgfint.ppc2
/kgfint.ppc440
/kgfint.ppc440fp
/kgfint.root
/kgfint.root32
/kgfint.sh
/kgfint.sh4
/kgfint.sparc
/kgfint.spc
/kgfint.ssh4
/kgfint.x32
/kgfint.x32_64
/kgfint.x64
/kgfint.x86
/kgfint.x86_32
/kgfint.x86_64

# Reference: https://elfdigest.com/brief/d4aed753cf4132a229c0404ca7a77b7b5a8ce9679e281b3bce9861265bc2d404

81.161.229.94:1337

# Reference: https://elfdigest.com/brief/7d53c3d3506fc73f15ce62fac15b477ea8ab5b9148198e2fc040222ea41b29e8

103.164.138.86:55650

# Reference: https://elfdigest.com/brief/4a9b73f572f83b48893a4d08f34a488752c513713d6dfccae1fc732d6c421418

103.161.176.37:56999
rotmang.tk

# Reference: https://elfdigest.com/brief/6ace1865ef6f04fba25938d748fa01129dd6c009300224c129b173ff9b61ab31

185.163.45.39:45

# Reference: https://twitter.com/tosscoinwitcher/status/1648066187505565696

http://193.35.18.243
http://88.214.21.26

# Reference: https://elfdigest.com/brief/46920e7884fade0067bf7d784273379cbea29180ec4fce36233cf47a9eb19685

77.91.85.244:3778

# Reference: https://elfdigest.com/brief/75f0bc2a65e2fd53d76c55c086fc57f96d2f0db7d9e923dbb8f43a03c1eba6aa

179.43.182.61:5683

# Reference: https://elfdigest.com/brief/4c8421d8ed5553bb9baa03edfce29b32f3da046037561e55b0abc51f25ffb39e

45.131.79.240:3778

# Reference: https://elfdigest.com/brief/a0f905eb7416c8bc37ef22c04c1e99d8ff13795a8c0dde4ab68d0627b764f513

103.79.142.215:666

# Reference: https://elfdigest.com/brief/8dcd31e4e196504c0f0a264a28a8e24cb100871e5e7fcfec70d02acaaac9b5a0

79.137.207.119:606

# Reference: https://elfdigest.com/brief/f60f597a366de0248ce31e303f6f66bcd04bb79e9d528cf25e18b1db6befb13a

83.229.115.93:23

# Reference: https://elfdigest.com/brief/0b1889416e27b7dfde67abd31e6edd6ec45c57902a5cfa401bdaa529910805c9

104.244.74.239:4258

# Reference: https://elfdigest.com/brief/58f9337fa9b05644a41e32f4cc3c752fe004a9d819b520bbc4f1e75edb781696

146.59.185.74:63645

# Reference: https://elfdigest.com/brief/cf28ce80edb9a301f4334ba63d9d1e8bb3c1cb95c6cdf1ee72c60047ebb0e9b2
# Reference: https://www.virustotal.com/gui/file/f080a2885ac9d34b3fe0bfa86e1a049726e7d94dffa9081283f7fc7ce899615f/detection
# Reference: https://www.virustotal.com/gui/file/e20265e2af9a6e04036ed75f42398954b21f39e3561002c8c25d356d84851073/detection

107.189.4.143:56999
204.44.109.81:56999
layer7.fun

# Reference: https://elfdigest.com/brief/032e6352cc7bd1491d9b9703355f7b445bc36c69b6d7406d0a8c1174fae74706

195.178.120.37:3778

# Reference: https://twitter.com/sicehice/status/1649239970492698624

http://129.151.64.55
http://134.65.62.64
/.duck/updater

# Reference: https://elfdigest.com/brief/0e7839cbba3ea06cda468e74052c63e2db7d718954c28f74a81720fedada1dac

104.244.74.239:3778

# Reference: https://elfdigest.com/brief/00194eb4a918bcf7a065447a685a2f51a5ed6b59f492f444efc1ad10012621eb

194.169.175.190:1312

# Reference: https://elfdigest.com/brief/6e4d480e0691c4041c0b7d292e8b58c4bf102624797756a49ef41961aabf1d22

109.206.243.200:671

# Reference: https://elfdigest.com/brief/e28befe222225334cf254580bb0e8e2889d146378e275cf47f971269aa650eaf

nguyentatthanh.ml

# Reference: https://elfdigest.com/brief/35d3365e176d2138e2003de4d2cf2023eb3156bcb77de3dd83db130d1aa375d6

95.214.27.161:1791

# Reference: https://elfdigest.com/brief/41c2eb59eea2ccc5526415db497cc27614069feb159f615396369812ffa40b38

185.254.37.3:45

# Reference: https://elfdigest.com/brief/024fbdb77067dab08d5eef7ee47249a0067a0a02a9c638a1cf36869b3759e419

51.89.240.11:666

# Reference: https://elfdigest.com/brief/ff70d268fb9b7bd8f39ef5458d221fc8d9874b3cdd67924a31c4fa4e92aaad8d

155.94.178.83:56999
wfsq.site

# Reference: https://elfdigest.com/brief/5065887654570a3c37f03d22ee2377f8a228f51c55f01fdeefd01ad887374cd2

155.94.235.216:9506

# Reference: https://elfdigest.com/brief/e1bc6d3db47deb43a8c6c1a3c9d9d1ba7e336d1e6e5f63843b8450c8029bc3af

108.177.122.127:3478
95.214.27.202:1111

# Reference: https://elfdigest.com/brief/37dd49852d6ffdb5e674eb449954a2b0e05cf465f30f55866a768555462117a8

193.35.18.35:30149

# Reference: https://twitter.com/r3dbU7z/status/1650739562065305601

http://193.35.18.35

# Reference: https://elfdigest.com/brief/ff020ed071bc1bf614809fe7e6f33eab8a6a409e5afa6cb084af9a3559aad8d9

193.151.146.131:655

# Reference: https://elfdigest.com/brief/556289dc0adfa44ef0bdedf676e3373aa5f1328142145d76b4bdd4b7c25f1dd6

98.159.98.113:1337

# Reference: https://elfdigest.com/brief/96ff01645032839e96421de3370d48c67919ecd8c7111f8c55dc986766c9f8bb

185.163.45.39:3778

# Reference: https://twitter.com/tosscoinwitcher/status/1650964117245796352
# Reference: https://tria.ge/230425-zfsfgseg21/behavioral1

http://31.220.2.52

# Reference: https://www.zerodayinitiative.com/blog/2023/4/21/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal

zvub.us

# Reference: https://elfdigest.com/brief/267f9360c348e87301749fa51020ffbd2124ac62dbc7d66f8483eff4ebe389b0

5.181.80.134:721

# Reference: https://elfdigest.com/brief/b65ce57e3848dd54191102e0aa0d097e8cff27b2d164b7dd454800d29fae5fc5

109.205.213.3:1024

# Reference: https://elfdigest.com/brief/cad9b50e6da341ce3e0b00d0994481076101c81caba28eab80ba65b73794b551

77.91.122.37:23

# Reference: https://elfdigest.com/brief/92c876fdfa02d93ff645a5682daf24b96d0b36784e00bfe2d5089a20e80f6375

193.35.18.56:61002
socialgains.cf
dnsresolve.socialgains.cf

# Reference: https://elfdigest.com/brief/48039c040e07dfc336a8e105f1004e6af1ac15e05dc74ff0cebde99c030d9b16

185.172.114.157:61915

# Reference: https://twitter.com/tosscoinwitcher/status/1651679921524334592

http://193.35.18.243

# Reference: https://elfdigest.com/brief/054b214fe2d6e8723fcfad9b5c8a161d010ba61972e5adffff235d6d714d4890

194.55.224.182:5900

# Reference: https://elfdigest.com/brief/834c2b411dc3e26220ddc4b1c797972dfcc32f4b140aadb7daa97bee7bd81f1e

http://194.15.36.24
194.15.36.24:3778

# Reference: https://elfdigest.com/brief/cecdf3374b072c3c50e7b8a5ee8fba19af2fd6adb3e037b675b261dfa0f9357e

http://80.178.222.97
80.178.222.97:3778

# Reference: https://elfdigest.com/brief/31ea16ea8f0dff42c66b60821689d659aeef0df7f9939c130b8ebf8a33759cf7

http://193.35.18.37
193.35.18.37:9931

# Reference: https://elfdigest.com/brief/96af74ab3021985949fe2ebbfaab0775a62b8af4d09dd8ca7192c17ea6fb6959

http://157.254.195.181

# Reference: https://elfdigest.com/brief/4beb12afef07d5bbe0049879a09a72309e63f75cf8f3d11bb9f092f7c56b0982

http://45.95.169.181
45.95.169.181:6666

# Reference: https://elfdigest.com/brief/ef6d5693b7fe6549fdfaf2e4dd4b29668ffad69cb7cb6e195521bfb48d6deb9a

http://158.101.199.107
158.101.199.107:3778

# Reference: https://elfdigest.com/brief/19c1fdbc570c91ab641c42e142023ed2f598662aea1c4c769bb4e5f10e1a954c

37.221.92.199:60195
mirailovers.io
botnet.mirailovers.io

# Reference: https://elfdigest.com/brief/00ed53cef3499c5947e3b387dee128fa87927e9ed87d997ab1cb2e4ee5b9aa69

http://185.254.97.160
107.210.122.226:9375

# Reference: https://www.virustotal.com/gui/file/3881000ae49ca0e28024566a68d914fd0b94d2ef622f6801c366bfae7457e483/detection

109.123.253.184:1312

# Reference: https://www.virustotal.com/gui/file/54613078b13d5c0829c62b72f6ba2a4f825a8a4bd5f3072932e5912a95e262fd/detection
# Reference: https://www.virustotal.com/gui/file/f5a37b4edbd847407c42e6f7d68ffbf9b091ea5f78cc880c0ba4bbdd3f982715/detection
# Reference: https://www.virustotal.com/gui/file/f5a37b4edbd847407c42e6f7d68ffbf9b091ea5f78cc880c0ba4bbdd3f982715/detection

107.167.233.104:30110
128.116.41.195:63901
5.181.80.173:1972
rtjrsdtghszrdtf.ru

# Reference: https://twitter.com/tosscoinwitcher/status/1653159646004412416

http://141.98.10.75

# Reference: https://elfdigest.com/brief/d9d658cbb94d6971a557880a3301ca94598a2c9459aaa190fb1c2604c971b00e

172.81.41.196:963

# Reference: https://elfdigest.com/brief/9d41d1b5c7d5951fc8308c4d420418eb40d82e22fdc60ed6275522bff8944c1f

143.47.183.129:1312

# Reference: https://twitter.com/SecureSh3ll/status/1653025449033838593

http://109.206.241.34
/mango.arc
/mango.arm
/mango.arm4
/mango.arm4l
/mango.arm4t
/mango.arm4tl
/mango.arm4tll
/mango.arm5
/mango.arm5l
/mango.arm5n
/mango.arm6
/mango.arm64
/mango.arm6l
/mango.arm7
/mango.arm7l
/mango.arm8
/mango.armv4
/mango.armv4l
/mango.armv5l
/mango.armv6
/mango.armv61
/mango.armv6l
/mango.armv7l
/mango.dbg
/mango.exploit
/mango.i4
/mango.i486
/mango.i586
/mango.i6
/mango.i686
/mango.kill
/mango.m68
/mango.m68k
/mango.mips
/mango.mips64
/mango.mipseb
/mango.mipsel
/mango.mpsl
/mango.pcc
/mango.powerpc
/mango.powerpc-440fp
/mango.powerppc
/mango.ppc
/mango.ppc2
/mango.ppc440
/mango.ppc440fp
/mango.root
/mango.root32
/mango.sh
/mango.sh4
/mango.sparc
/mango.spc
/mango.ssh4
/mango.x32
/mango.x64
/mango.x86
/mango.x86_32
/mango.x86_64

# Reference: https://elfdigest.com/brief/f37156d08947cadc02b422cd99d539f8599dcabce959838cd77aa510060195ff
# Reference: https://www.virustotal.com/gui/file/6104bba49c0ff2d7b7cd42f92d06d78486228e72c3121b2f62672c58a4fcc60d/detection

kintaro.cc
cnc.kintaro.cc

# Reference: https://elfdigest.com/brief/a2fd539fe2d83f1f9e82ec0da351bb2d9603f371a635310ffed219efd37ee412
# Reference: https://www.virustotal.com/gui/file/7d4a23449751aae48d6a0cf3410d2b90e5bd0e0a4defe69a0368f8b2d205eec0/detection
# Reference: https://www.virustotal.com/gui/file/352c3b264ad1493abbb0e5c8b0a6ba2eb562061baa34fdf82a9ede59e1db93dc/detection

81.161.229.106:6996
icmp.gay
qweef.store
rocock.gay

# Reference: https://elfdigest.com/brief/4a3baa3bff7f9622cc625c02b23d7f453077405093280e70dd153d2ab60717c8

194.55.224.126:1738

# Reference: https://elfdigest.com/brief/efaeb67f8c72e68b7d12d6ba6f806f9e8a928a2d7242ba8dc5f2097dc6837214

45.61.186.98:56999
sjys6.icu
coind.sjys6.icu

# Reference: https://twitter.com/tosscoinwitcher/status/1654227501932232705

http://85.217.144.207

# Reference: https://www.virustotal.com/gui/file/e2a64c8d31295cfe71278625ea128c5c0d7d5ab3f6ce6a0b9ce3407cd45a22df/detection

testcncshit1.ddns.net

# Reference: https://elfdigest.com/brief/a6a724d247b0ccf048d57c37ca6d6f30decec101d11e679a5e7a344701e4d935

45.142.107.233:56744

# Reference: https://elfdigest.com/brief/b7c2d8e969cd973312dccaa913d6206893f9225c72cecc0789b88d18bedb6d84

185.131.52.220:3778

# Reference: https://elfdigest.com/brief/e672d299b066eaf0b862b423b8ffb1ea5703b56f09868228da8e0e753f635dc4

194.87.151.135:3778

# Reference: https://elfdigest.com/brief/9dba16ed5ec6dabdc28eaabd50b7e1f865aba7acf013134f389f6b69e330128b
# Reference: https://www.virustotal.com/gui/file/9dba16ed5ec6dabdc28eaabd50b7e1f865aba7acf013134f389f6b69e330128b/detection
# Reference: https://www.virustotal.com/gui/file/caf8b70da52b414fced3777469d6641103f5942194bdf2630483d2e821e9a980/detection

87.121.221.169:38241
lankzy.xyz

# Reference: https://elfdigest.com/brief/9aa2ea75d1447378d3f0eb265d5b2ecb6fa50a29308caf9e5fd5302e0e85f73d
# Reference: https://www.virustotal.com/gui/file/7a8c0727d580ecfa8a05a7aae1bc12f33ac6caf89dec37b6fd2191fcc86c6d2d/detection

107.189.13.11:55650
204.44.76.117:56999
doved.top
cjhsb.doved.top
dove.doved.top

# Reference: https://elfdigest.com/brief/de1d975edb0141983d134664344aa57a234f996c8fe34a7801e78bd87886d6e8

103.179.188.130:56999
botnet.dynns.com

# Reference: https://elfdigest.com/brief/bba2ec7451ced3415773c5504f88a71aea75f81ee69981c1eaf7bafff38e8297

109.122.221.146:55655
zu0x.com

# Reference: https://elfdigest.com/brief/83dc12ad088c281b395be7ef366c458a0143d6d659c439c990263fbf8ad82ea2

85.217.144.136:56999
chipbf.com
botnet.chipbf.com

# Reference: https://elfdigest.com/brief/a3269778324af8b8de5c549dcad105b0f91f1ea5319d4362b08105f18f502d7b

87.121.113.2:1791

# Reference: https://elfdigest.com/brief/3584c87c0fd019ecb9f7d894811b7cf81a515e1022764da504740fafedd23ba1

cnc.vinaddns.com

# Reference: https://twitter.com/0xrb/status/1656231887482830851

163.123.142.146:31337

# Reference: https://elfdigest.com/brief/bb9e2792bccd38df5a835aa036464aa916cba4a1384512bf94f9fe7d9b128dcf

77.91.75.228:1791

# Reference: https://elfdigest.com/brief/4f483ba395bf1b6989401f9efcd2d4d24ef881cb8edc74bf351db2e406b896a5

37.220.86.29:3778

# Reference: https://elfdigest.com/brief/135aee1cb29bdc1cc1bb3f6684234406c2a5627495dc9a2f26dda06e1998f847

15.235.33.231:1312

# Reference: https://twitter.com/SecureSh3ll/status/1656735685389189130
# Reference: https://www.virustotal.com/gui/file/049a2a5c2be9763f756164b45bcc5694b14a9fc62e272659992f0c1fd58d0e9a/detection

http://84.54.50.20
84.54.50.20:55579

# Reference: https://twitter.com/r3dbU7z/status/1657102563383169025

62.109.15.166:10000
172.65.102.138:22

# Reference: https://elfdigest.com/brief/9a5fba136d9c99bfa3edb2484774a8fc265468a2de4b5b5cdb525fb601979fe0

141.98.6.151:42311
davidglass.nl

# Reference: https://elfdigest.com/brief/b735b4f5b00d950c5ebba4d86bc6d0ad3c4119f0de611e6902d41926f67dcfb0

202.92.6.102:3778

# Reference: https://elfdigest.com/brief/a91d574144ef6e4b5019bbd77c26c9f0a84747c89c18af77d05de8f166cfa9df

50.115.165.101:23552

# Reference: https://elfdigest.com/brief/141587c444a67faef09678959854f485ce8cada254003441f1c1ea6472d7972b

103.164.138.99:3778

# Reference: https://elfdigest.com/brief/30d6f04d17c2314808b4cf45f578245d47dd009a30f5b2d93428ebc7fa344e07

51.250.83.119:55555

# Reference: https://elfdigest.com/brief/4fbea3b03d3e69bcde1974f3446413f8bf00a24af7f46ae66129d1cc6d1f2e8a

162.19.227.81:3778

# Reference: https://elfdigest.com/brief/21627405a7a8d6ed310b2060072e34b6311df93aacd6f140c2607f4291598607

5.252.176.80:3778

# Reference: https://elfdigest.com/brief/e2985cb5a08f3e31971962e62f60f1b60d5f0d5f4b09b727fdf61a52f1c613df

87.121.113.85:1791

# Reference: https://elfdigest.com/brief/0ce93a6fb985c98a8de2a119b65c274fcbcf1f6238b2d176592435d89d787af4

154.12.57.120:3778

# Reference: https://elfdigest.com/brief/0a8079c438e6995cd7f1384b6bf57c64b3e1b142fa4eb29524c3b26bfbe4d5ed

91.234.99.110:65400

# Reference: https://elfdigest.com/brief/cbda376a92a2a42ff2bc3e84d0bb2821fb76154c0438482f588a926f3748acc6

141.98.6.137:3778

# Reference: https://elfdigest.com/brief/0f338e55dd6226eb88e2ac8805ac632fe0f6f8c1c392793b1b490b6367be893c

87.121.221.67:1337

# Reference: https://twitter.com/RedDrip7/status/1657932112882970627
# Reference: https://www.virustotal.com/gui/file/274c8dcc073a1e559082ba8dff71752a561019658c97676731938ac333e9bb2e/detection

79.137.203.150:60195
shinji.app
djk931znbfjslaz.shinji.app

# Reference: https://www.virustotal.com/gui/file/1623a90a5a44296762362655fc0703ba7aa9c0da87bffddc779ce1de3ef04b8e/detection

128.199.22.114:38241
fuckmy.site

# Reference: https://www.virustotal.com/gui/file/1b6b0675b41f94dc06a247135d8d9580978eab6130495f0ee78c66fcac889ef9/detection

fuckmy.store

# Reference: https://www.virustotal.com/gui/file/13e1e65946fcb0949d0780c6dad34404230dcf8bc1e7711fa91a073d277ebc9d/detection

193.149.176.198:38241
getcred.uk

# Reference: https://www.virustotal.com/gui/file/ad277b4ef7732a9cdb3e8ed1d89e486d60318b81adb265ff784ca77fa36d18ff/detection

infectedchink.uno

# Reference: https://elfdigest.com/brief/15c8654d39557e2400de66226bd747d917390b1c3dd93d7ad8496fb4adac58c0

141.98.6.145:6666

# Reference: https://elfdigest.com/brief/5930b55e90de6c5549b2e0e077695aa0b9890dd92f2d001e4a6e2393e7b3c321
# Reference: https://www.virustotal.com/gui/file/00c2bc22cf1c5ad186082743b0a25a97651f62e89f9b98a05f28093c54ffb9d2/detection

198.98.62.142:5002
205.185.118.82:5002
xiaojue02.top

# Reference: https://www.virustotal.com/gui/file/1404fed335341c05b0d53ab9b41e4c7497ebee0874d3d7cf906bddf3cba32bca/detection
# Reference: https://www.virustotal.com/gui/file/2931501fded745d34e6351b5e571004d6ae0c697f9a5f7bb58009e1faa27b497/detection
# Reference: https://www.virustotal.com/gui/file/560c550c6f43cf55391edd7790666ba9077a044723199ce47584dba2d44327c9/detection

http://163.123.142.241
179.43.154.253:55650
tightass.cc
bot.tightass.cc
cnc.tightass.cc
sss.tightass.cc

# Reference: https://elfdigest.com/brief/4a299423b0b2951eaafaa3d68a03d8251fd135519eae5a8b73b0ccda5d2f27a6

sjyddos4.top

# Reference: https://twitter.com/r3dbU7z/status/1659818624327057409

http://185.12.14.122
http://193.35.18.226

# Reference: https://elfdigest.com/brief/9fc929ce4ebf76192ac2ad62a29755feeed57fae7d4420f9f42acddc42e5efdc

141.98.6.106:56744

# Reference: https://elfdigest.com/brief/caa66c9c6ccba43deb1b2f402c9c05afd93ff2f3a2fe87246fdcc3583dc399a1

194.180.48.149:55555
noobquan.xyz
botnet.noobquan.xyz

# Reference: https://elfdigest.com/brief/e840315f365377541d062a6c0e353bc6f6c3e7c32c53cc4b325127fb8680de9c

103.166.183.123:56999
botnet.onthewifi.com

# Reference: https://elfdigest.com/brief/3ef2252ddc47312b556b72fe80f3e209a3e0296d68a1242a6ccc8179d46fcc53

103.82.22.249:5683

# Reference: https://elfdigest.com/brief/4c8e1cf5a4123751c8387b631f4d1891ef879807a0310d6cdac6c06727507c7e

84.54.50.99:55650
wq.gy
bot.wq.gy
cnc.wq.gy

# Reference: https://elfdigest.com/brief/5481444d6c1a55936d5f1d4a113a37447a7a814ee630f1ebb9ff197e1ffbe239

50.115.165.101:27410

# Reference: https://tria.ge/230525-2pw65scg55/behavioral1
# Reference: https://www.virustotal.com/gui/file/009e3e353786d583026894bcdd4588921941c821f308555d5d4aada19311262f/detection

http://192.210.162.147
192.210.162.147:56999

# Reference: https://www.virustotal.com/gui/domain/ayx.ink/relations
# Reference: https://www.virustotal.com/gui/file/801b58f24e5115f4189cf3ae8517b823d17c3d9d37622dc726a5daedb387ea4c/detection

ayx.ink
cnc.ayx.ink
net.ayx.ink
qi.ayx.ink

# Reference: https://elfdigest.com/brief/f28ee4bf4152fb50721645b587b273af96f211383b215f6cdfba5c788b253bdd

45.66.230.47:38241

# Reference: https://elfdigest.com/brief/34e7056ef1d1cc0c6f32aac935134593c575177e3c3ccc5237b38373436c85c6

167.71.40.197:3778

# Reference: https://elfdigest.com/brief/c9508e3cb9e6df06f31d6c2240d8bacc5983da5f6f0916d3277549503cef6903

47.87.131.126:1337

# Reference: https://elfdigest.com/brief/2dc5ab6b103780e1060379cb8207c2fbcaee431e63fae58e0bacf5e5f0ad63c6

47.87.142.47:5683

# Reference: https://elfdigest.com/brief/441e581c0ef9a63d192fd6832c4caa9ac3479da11acb1fea36d5bb027ef0561e

45.128.232.143:34129

# Reference: https://elfdigest.com/brief/0769287f751519e9f1b81c294788ca586ffd48e6d33c0d1c942c36bf1aa22651
# Reference: https://elfdigest.com/brief/4c6d7f7c52358220ef729b20c8d2925e75d6eded0ddf83c6e1c9fc0a8f84023f

212.113.119.121:81
77.91.85.194:81
dbovmix.xyz

# Reference: https://elfdigest.com/brief/8a9b9d1afdd1d4f8fdadcb4525992a98dd373a33c02fc171c42148df0bff623b

79.110.49.5:6666

# Reference: https://www.virustotal.com/gui/file/22cdb8a6aa3cf20823255bffb9b683949be4ab4f4961a48e6839089329701c89/detection

http://194.87.151.244
194.87.151.244:9931
194.87.151.244:666
/jebanySise.arc
/jebanySise.arcle-hs38
/jebanySise.arm
/jebanySise.arm4
/jebanySise.arm4l
/jebanySise.arm4t
/jebanySise.arm4tl
/jebanySise.arm4tll
/jebanySise.arm5
/jebanySise.arm5l
/jebanySise.arm5n
/jebanySise.arm6
/jebanySise.arm64
/jebanySise.arm6l
/jebanySise.arm7
/jebanySise.arm7l
/jebanySise.arm8
/jebanySise.armv4
/jebanySise.armv4l
/jebanySise.armv5l
/jebanySise.armv6
/jebanySise.armv61
/jebanySise.armv6l
/jebanySise.armv7l
/jebanySise.dbg
/jebanySise.exploit
/jebanySise.i4
/jebanySise.i486
/jebanySise.i586
/jebanySise.i6
/jebanySise.i686
/jebanySise.kill
/jebanySise.m68
/jebanySise.m68k
/jebanySise.mips
/jebanySise.mips64
/jebanySise.mipseb
/jebanySise.mipsel
/jebanySise.mpsl
/jebanySise.pcc
/jebanySise.powerpc
/jebanySise.powerpc-440fp
/jebanySise.powerppc
/jebanySise.ppc
/jebanySise.pp-c
/jebanySise.ppc2
/jebanySise.ppc440
/jebanySise.ppc440fp
/jebanySise.root
/jebanySise.root32
/jebanySise.sh
/jebanySise.sh4
/jebanySise.sparc
/jebanySise.spc
/jebanySise.ssh4
/jebanySise.x32
/jebanySise.x32_64
/jebanySise.x64
/jebanySise.x86
/jebanySise.x86_32
/jebanySise.x86_64
/Smash-That-Like-Button/

# Reference: https://elfdigest.com/brief/ce0efa630175ce9a8bee1758994ea02df33cb36e136ab9aec632b0126f91bbce

85.217.144.136:56999
cantdown.space
bato.cantdown.space

# Reference: https://www.virustotal.com/gui/file/f8811d80030ac680f6b98f5b610e90630531c21714513d5ea53719a0c95c77ee/detection

85.217.144.136:22008
legendmulti.ga
bato.legendmulti.ga

# Reference: https://elfdigest.com/brief/e9bc8743080892ef13b066b12d560f6756a6ce5d575887b932048f6dbb50829a

77.105.146.198:3778

# Reference: https://elfdigest.com/brief/436dcb9d1ce6a4c4404505311e9851ef534267625fe3a3c0840ddeb5f15c12f9

212.129.33.59:6881

# Reference: https://elfdigest.com/brief/c1f8bbd695b824fec3abf19debbce89fae45bd58e445954f859ca9dcfdb6c355

84.54.50.230:56999
chalntz.top
botnet.chalntz.top

# Reference: https://elfdigest.com/brief/0ded240220cc349c505f43d4a9f6403d586bcc9eb94c0317da288f9b81189797

194.38.21.21:39497

# Reference: https://elfdigest.com/brief/41fb3f3f462573b08e250873cb9d5476213931fa339a0aee50290663542eb034

78.153.130.217:15567

# Reference: https://elfdigest.com/brief/398f91c71817f61f56bc64836b5eba5d445bd4e89bad688af88338a1a5923d2a

45.66.230.161:38241

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (03 Jun 2023)

http://103.91.9.106
http://104.128.127.203
http://109.230.203.157
http://124.248.238.58
http://156.230.130.69
http://158.220.103.2
http://216.118.230.197
http://37.44.238.97
http://98.126.213.24
103.145.60.159:443
103.179.188.48:56999
103.180.137.4:1312
103.255.177.11:23
103.82.25.250:56999
104.167.3.87:56999
104.244.74.252:56999
106.211.151.133:1351
107.167.6.70:56999
107.173.209.253:55555
107.189.29.121:56999
107.189.29.5:34633
107.189.3.153:1312
107.210.122.226:45
107.210.122.226:9506
108.60.219.162:9077
108.61.211.73:3007
109.122.221.146:56999
109.184.57.214:56653
109.205.213.7:1024
110.39.43.218:27017
111.61.191.211:6881
114.254.44.57:51417
115.207.10.49:4000
115.36.215.150:51413
115.48.149.117:8083
116.103.108.200:56999
117.194.148.144:1591
117.194.163.136:4000
117.196.59.65:8083
117.208.207.28:10176
117.208.239.134:11211
117.212.173.186:43852
117.213.41.252:4000
117.213.6.12:21478
117.217.234.106:13546
117.219.125.199:1027
117.223.189.186:1027
117.241.184.6:11211
117.245.92.40:47235
117.247.113.60:30301
117.248.62.158:30301
117.253.103.144:1434
117.253.109.162:35355
117.255.190.184:24943
118.106.16.239:16828
118.166.146.54:16446
119.123.224.4:8083
120.211.137.179:30301
121.127.241.65:5699
124.142.122.112:21199
124.6.16.234:8083
125.82.182.44:30301
130.193.40.103:1312
136.175.200.142:5050
138.197.127.249:81
141.98.10.75:38241
141.98.10.75:9931
141.98.6.106:9999
141.98.6.149:3884
142.202.221.42:25565
142.93.203.178:3778
144.172.80.85:4444
146.19.191.229:3778
147.182.144.194:38241
147.182.145.144:38241
149.255.222.9:50523
149.56.78.215:8985
15.204.5.86:1337
154.26.133.134:61234
154.45.216.220:1079
154.64.225.69:56999
154.9.29.106:3778
156.206.140.22:55943
157.230.213.165:5555
157.245.149.3:1337
157.48.150.0:37302
157.97.105.189:59666
158.101.18.193:25565
158.160.13.185:1312
158.220.103.2:5555
159.100.30.60:1312
159.28.179.93:5897
159.65.56.68:6667
159.89.202.36:13022
162.157.94.49:20417
163.123.142.194:59666
164.90.201.190:38241
165.232.114.41:1312
168.187.19.51:6881
170.0.56.83:28521
170.187.228.34:6667
173.212.205.73:51487
173.82.142.226:55655
176.111.173.27:1312
176.120.203.230:49464
176.99.175.241:16423
178.141.211.58:35633
178.72.70.130:13807
178.72.81.217:36017
178.78.41.94:9931
179.109.39.65:32051
179.93.214.34:35664
180.190.80.61:64347
182.59.255.130:30301
183.14.212.99:30301
185.101.139.100:61169
185.21.217.75:55267
185.224.128.110:38241
185.225.74.131:1312
185.225.74.155:1312
185.225.74.160:54452
185.225.74.193:2113
185.225.74.201:42069
185.254.37.25:55555
185.254.37.81:49326
185.254.37.81:61002
186.23.28.47:46278
186.29.32.140:45403
187.148.28.150:50396
188.127.254.243:6969
188.32.93.32:49810
188.93.233.29:9999
189.217.91.114:48929
190.109.229.46:28955
192.153.57.132:27712
192.187.109.243:23
193.111.198.59:55655
193.111.248.175:8443
193.200.134.200:443
193.35.18.109:38241
193.42.33.217:3007
193.47.61.47:56741
194.110.247.198:13
194.180.48.158:79
194.180.48.84:38247
194.41.47.197:56744
194.55.224.149:9931
194.55.224.182:5901
194.55.224.35:3778
194.87.151.120:443
195.154.220.30:51413
195.2.74.10:25565
195.3.223.177:55655
195.58.39.13:13
195.58.39.189:6996
195.58.39.227:3778
196.89.34.233:56029
197.203.142.119:49686
197.49.155.159:48098
2.61.141.54:49001
20.48.39.152:19482
200.106.214.155:28903
200.74.109.153:48890
202.14.121.237:39688
204.44.71.71:56999
205.185.123.50:6285
206.189.155.244:56999
207.154.192.237:1337
207.180.192.46:62183
209.141.36.28:1002
209.141.36.87:3778
211.114.224.93:51417
213.232.115.140:38241
217.160.192.182:23
217.79.184.40:1337
218.212.63.52:63724
219.106.208.57:8057
219.110.67.181:13755
220.146.70.185:23914
220.89.226.43:7737
222.14.209.81:35630
222.227.199.208:51413
223.130.30.104:37106
223.130.30.55:58434
223.130.30.98:19822
23.234.237.147:55655
23.94.236.79:5555
24.212.176.217:7741
24.4.56.145:41067
27.59.48.171:2830
37.113.105.166:6881
37.221.92.198:55555
37.221.92.203:1337
37.221.92.205:1337
37.221.92.205:3007
37.44.238.97:8181
37.48.111.210:61636
38.6.178.253:56999
41.216.181.42:60195
41.216.182.16:6996
45.11.0.184:1312
45.12.109.103:56999
45.12.253.178:1312
45.128.232.167:3778
45.128.232.167:666
45.131.111.250:23
45.131.111.251:3157
45.137.117.81:3778
45.138.71.70:3778
45.138.74.220:3778
45.143.4.45:38241
45.148.116.48:61002
45.148.119.123:38241
45.158.22.165:56999
45.61.186.98:1337
45.66.230.105:55555
45.66.230.173:6996
45.66.230.36:45
45.67.230.5:65420
45.7.2.129:51417
45.79.8.118:38241
45.88.66.237:6666
45.88.66.237:8081
45.88.67.38:38241
45.93.30.228:56999
46.232.211.110:60040
46.232.211.168:61111
46.232.211.96:18559
47.188.173.6:6881
47.87.136.213:666
47.87.139.248:56999
47.87.141.16:13
47.87.199.173:7645
47.87.199.173:999
49.157.47.120:8888
49.229.246.2:32384
5.135.191.94:51413
5.165.208.35:5919
5.181.159.78:3778
5.181.80.148:1337
5.249.164.42:1337
5.25.25.175:17437
5.255.111.128:5418
5.81.186.34:51413
51.15.20.118:55655
51.222.43.110:1337
51.79.51.171:6667
51.81.149.60:22
51.81.85.213:9999
51.91.154.4:6667
52.174.1.97:6667
57.128.164.115:5683
58.23.82.231:1027
59.88.227.84:30301
59.93.16.106:8000
59.93.30.98:4000
59.94.205.38:28359
59.99.136.191:6881
61.1.227.221:13442
61.221.29.19:6881
61.3.102.127:5777
61.3.180.37:52342
61.3.96.169:47088
62.113.117.232:9999
62.69.239.30:27324
64.227.65.235:38241
66.228.45.120:4444
67.168.48.97:54103
68.149.228.87:51413
70.80.249.217:34418
71.233.41.235:51417
72.209.178.21:39104
74.208.206.241:3778
76.69.197.54:6893
77.105.147.194:13
79.110.49.53:3778
81.134.50.243:6881
81.161.229.113:55579
81.161.229.36:45
81.163.128.184:17689
81.171.1.52:28035
81.171.9.208:10295
81.30.194.250:47251
82.165.167.92:23
82.76.88.103:15370
84.53.229.40:5379
84.54.50.198:55650
85.209.134.231:56999
85.217.144.14:56999
85.217.144.182:8769
85.217.144.35:55555
85.217.144.86:38241
85.31.45.232:25510
85.99.49.144:48619
86.38.4.136:56999
87.117.159.121:16261
87.121.113.160:9931
87.121.113.2:9931
87.121.113.72:13
87.121.221.61:55650
87.236.85.110:6881
89.149.202.16:28025
90.249.86.117:61844
91.219.188.40:2062
91.229.90.107:12345
91.83.92.228:57562
93.80.67.122:40422
93.94.223.42:20081
94.1.208.8:49001
94.66.214.157:48794
95.10.201.104:49017
95.139.107.236:57820
95.214.27.136:5683
95.214.27.201:59777
95.214.27.248:3074
95.214.27.248:37009
95.214.27.3:9999
95.214.27.53:55650
95.214.27.76:6996
95.214.53.112:179
95.216.14.254:50000
98.159.100.33:60195
client.orxy.space
pxp.softdetails.in
xxfgrw1.kro.kr

# Reference: https://elfdigest.com/brief/95957ad851be98b30907123eb09f57c393808b084311aed3751b365ddebadb4a

102.129.215.7:60195
999apk.top
138.999apk.top

# Reference: https://www.virustotal.com/gui/file/0c728548744c692826e885cc28e99445d8d4a54289b50d388713b5f30a9dd7d2/detection

23.999apk.top

# Reference: https://www.virustotal.com/gui/file/27304700dc53d71505aa6d32165fe6142f3e6173effcd08a84255a3eae40788e/detection
# Reference: https://www.virustotal.com/gui/file/efc752ef2b378aa5c1d21313c3fdc9c0e8576384c12b15b036f56c8871146db1/detection

85.217.144.250:3778
ping.999apk.top

# Reference: https://www.virustotal.com/gui/file/1a79f1f690223855394be9e6041b6570f0cd897788845dc1deb92260c9439c22/detection

41.216.181.42:60195
38.999apk.top

# Reference: https://elfdigest.com/brief/b266b1159b04bb98a3eddaf4e2e75c249c0372e60c4b2ab596e33890c6ef5287

193.42.32.207:55555
shanjicaonima.life
cnc.shanjicaonima.life
tsuki.shanjicaonima.life

# Reference: https://elfdigest.com/brief/93992870685a82f51ccbbe87e0f40b19a9ff99988c4162f7e38a9dfdb556d230

198.98.53.159:1024

# Reference: https://elfdigest.com/brief/3d513dd255c3b2a439837774cbbd6d344e1a9e05fe209f0eb823be6273eb7993

179.43.182.188:1791

# Reference: https://elfdigest.com/brief/ca9600d13e7df271681966140653b25a263f620385ab79a187b0b0a1962f8829

198.98.52.145:9506

# Reference: https://elfdigest.com/brief/02faa418e46a1cbc3bf5c0901396752a1032522e2c3a11b173f9aa6968a06b61

103.160.3.10:9931

# Reference: https://elfdigest.com/brief/6c807e3526efd8e5410f17fac8c6efee8dc3b4e569357767d658bb8a0f4d61ef

45.90.161.73:1312

# Reference: https://elfdigest.com/brief/1a7191c2386e589559e7badb04bec8022f8eeefac29ca458de3c4726507284dc

5.255.120.80:9090

# Reference: https://elfdigest.com/brief/d18231fbe7432ef4e57da51117d96ecc7597881230bcfd82be56f69ce028b547

141.98.6.142:55555
ibypasser.online
cnc.ibypasser.online

# Reference: https://elfdigest.com/brief/8b7a1a2adf928bce580760b54decc71a18728092acb46774da94449848cd5132

45.90.161.73:5558

# Reference: https://elfdigest.com/brief/985ee277520b852fa1dd9253deaad3f7d2e2f28f4a2f7bdcf2cb975883a992a9

193.29.189.74:3778

# Reference: https://elfdigest.com/brief/0a3b02bee7391072e8bda36d295480f244094674538ad2e70dd1e1502f58ece7

45.150.108.215:32465

# Reference: https://elfdigest.com/brief/68e6fdf53d29d3e30169a0c87e4102e5f96a84b957e436e3dc9001e1928a82e3

213.232.112.203:56999
euphnet.xyz

# Reference: https://elfdigest.com/brief/2da28a4a1d4c015ee0eb9f6bb4f7b8210a03c5b94138c95baba9e4e2a777704e

141.98.10.34:9931

# Reference: https://elfdigest.com/brief/08ba5963a80eb7fc960d066baef2fc8f7514d5ce63d3947b7717a57f5eb05665

103.16.161.29:59666
galaxybotnet.site

# Reference: https://elfdigest.com/brief/884699a3a29e3e214f587b55849ad3447eaa6a7737050036afb75dd2600ab53d

109.122.221.38:3778

# Reference: https://elfdigest.com/brief/25214994f294e2e74b283caf78a12635a27dce92283f99492c8b59f2b1bd5b73

139.177.188.99:5555

# Reference: https://elfdigest.com/brief/650c28bc9cfb9e78e995b296d3927fa7dfe9a6c9316a5eb6bed59b21f3d4b024

193.233.232.72:34129

# Reference: https://elfdigest.com/brief/3db6b7c48d3b01217dcdac01a74947219df805d9554aab9bdd26dce699a4d819

194.110.247.20:3778

# Reference: https://elfdigest.com/brief/8993a58cf9e8c1a5e21f49d6b233fc805c11550e960c536ced07efd3a1a720f1

45.90.14.172:3778

# Reference: https://elfdigest.com/brief/900be6762351fddfffc2ed0db1dcf85ad325e8d306aefabefbcddd0ca5f667ce

45.95.232.69:3778

# Reference: https://elfdigest.com/brief/a1b0a50e949e6341144a0b73dd991894291c15ba8baad2491ba5dad66de2fa58

50.115.165.101:1312

# Reference: https://elfdigest.com/brief/1eb133a8bf7c129119737871c50a9d98cb7d140d59cb0d89fa7d06c3584d3808

89.23.88.54:3778

# Reference: https://elfdigest.com/brief/9496ece4dfaf28296673b7de089a690e5b1815a21cb29e24ea138eb9e65ff6b3

142.93.210.135:667

# Reference: https://elfdigest.com/brief/8eb96a1cab6b25337bb5d135d77375812a713b22aa10a02c96379be1dd3f71af

45.81.243.38:6666

# Reference: https://elfdigest.com/brief/e4fe993ed1e1b134c7f95edbca4b4a420fe8555dfa54fa992970e2d38220c166

85.217.144.141:3778

# Reference: https://elfdigest.com/brief/707cc46a7a55a494ad3cf0e4aed849452b1ab26cafd40559df92d0198465255b

185.225.74.79:56744

# Reference: https://elfdigest.com/brief/32f09deebef50eea2685d082cfaf67f9b0e8fd8a2c2afac56e383364f7aaa657

164.90.189.252:420

# Reference: https://elfdigest.com/brief/5965bc4a14035a748e27ac7882583975b168a1fd42a3ecdab6f01b11dd4d043b

45.128.232.180:56744

# Reference: https://elfdigest.com/brief/ab8118b0d66641be0d70d8f799e6e54d1b73e7c0346aa3c33fa2306674f3b39e

64.226.122.208:59666
corh.cf
cnc.corh.cf

# Reference: https://elfdigest.com/brief/e1889da0e5512beb477897471a70d1597f9670c1d507ab0cffde6acf5c1348c8

46.3.113.208:5082
violtebotnet.cc

# Reference: https://twitter.com/r3dbU7z/status/1670367451455062016
# Reference: https://www.virustotal.com/gui/file/7cac3a651950f241e59ca0ddd12a8c7faf84946e81157ab2236a40915dd4d892/detection
# Reference: https://www.virustotal.com/gui/file/312022da42ab6df882c44d984f9aceea7f08e217a5ca8ca985c533a1af399cee/detection

http://185.180.199.41
91.235.234.81:32465
juice-wrld.lat
lil-peep.online
lil-tracy.store
post-malone.xyz

# Reference: https://elfdigest.com/brief/04a641a19d7d287aa76cba1005a0b847d47971f32456cd9d61e3fbb4d9dad208

2.59.255.30:1312

# Reference: https://elfdigest.com/brief/9eb0d02e997ae68918849e98a881c0304dce20c247e6fcaf2b1faa7a56a2a6df

91.208.206.170:1312

# Reference: https://elfdigest.com/brief/4ca31643d77dd99c20690d56551b172c26869d48ba89f39506d377073285c154

45.128.232.86:59666
badworldgama.top
fluu.badworldgama.top

# Reference: https://elfdigest.com/brief/681997ab2b4f39b6d4c2d2967a14f9abb6adb1ce4fadb74ba303ff0af46d8767

85.217.144.71:56744

# Reference: https://elfdigest.com/brief/5c85f9d88acc9a830e4099941d308a9f4c49f0ccf818d17063f56271d5a1cbbe

212.87.213.148:666

# Reference: https://elfdigest.com/brief/0e9b8a1ea5e0cc0ef661538eb38da51605ea458a4f6dcbec1d8cf0384c004fb1

217.76.48.204:9585

# Reference: https://elfdigest.com/brief/d4110136912578f4542861143dc3adda13a0d7a2cdc92912164f1a48db82ccf8

85.217.144.71:4277

# Reference: https://elfdigest.com/brief/5a05cb228af34e02b4ec94f708af15df47297526036c24ce31937eeba963be06

194.110.247.20:1999

# Reference: https://elfdigest.com/brief/5e87374ee15938f3677a0e0b66ab342a178230e58c521b88156d138532bf4faa

193.35.18.62:1312

# Reference: https://elfdigest.com/brief/4e33ef521474163d0e6e3a01c29e7b449bac7f8df51af2f161206d0e73dbb151

185.102.174.187:55650
sarin.rest

# Reference: https://elfdigest.com/brief/bc69e599037743949fad204aae9e0c52f406a105ae642bf0008949b8e7ef8384

194.180.48.108:9506

# Reference: https://elfdigest.com/brief/ffcbafbee2f5391cf1fa7f9f28cdac58cc4e2e4fb51afbabbb250757984187da

37.221.92.195:1312

# Reference: https://elfdigest.com/brief/e790e7341d0a4d28234b5343276d66b8fccea525c91861bd559c55a613b11b6b

185.228.81.141:59666
nekololis.wtf
cnc.nekololis.wtf

# Reference: https://elfdigest.com/brief/e096f4564bb35bf8c8ae59251fb2421074973a973a6a810888cebc6a76b72bc6

185.228.81.141:45

# Reference: https://elfdigest.com/brief/76ba2fcd2ee2f42d6cd64e67c39d99fcfbf76d514ca0566a9af73c1d6ebfed5f

46.19.137.90:566

# Reference: https://elfdigest.com/brief/a877ea1e0f8d708a708af77db7c53816634c95ffaf367e14e6eace075222e47b

128.199.151.207:3778

# Reference: https://elfdigest.com/brief/38efa3b9d6faad32aca6841c178d63a3b2fbd50b8daec16ac26578b658307263

45.66.230.32:3778

# Reference: https://elfdigest.com/brief/a4c2ebf90f20ede8fe63baacfc644282c6215e045839179c68e78747ffdc63e9

http://45.128.232.130
45.128.232.130:45

# Reference: https://elfdigest.com/brief/12badb4d37a6e699f137c40ec1609b093d29e88d289f3b7b34416454c1018d3a

http://5.181.80.141
5.181.80.141:60195
/f2q2kke5aadloo4aasdjjjfirbmw

# Reference: https://elfdigest.com/brief/6917bbf9f8fc9dac24d75fa075f3b573597f0f545516a73ebf0bc3dfd1545d94

http://103.178.229.220
103.178.229.220:1312

# Reference: https://elfdigest.com/brief/7a05fbc6f3225f807d48b605bcf593d05d5d2eaeefe25e470578b41096e983ff

http://88.214.20.105
45.143.223.215:4001

# Reference: https://www.virustotal.com/gui/file/152c662149a6a1e22d4fa29bfcbba8237d993295b17de29193a160e98619ab78/detection

88.214.20.105:871

# Reference: https://elfdigest.com/brief/095b345316a7582febe1f8fd610768a31f80e6528eef7f2239e34ec5d1a7200a

http://193.161.204.91
/n1ceb1nzm4bo4

# Reference: https://elfdigest.com/brief/8d05425e8e4be4c17de915a85bc1642cf2177ed6a35ffa5ad0655bdd565853bc
# Reference: https://www.virustotal.com/gui/file/0685b695035e5d3c2b5e89e9e8717f10d3702847a48456a94cda93a908a02fcd/detection

http://162.240.105.54
162.240.105.54:3778

# Reference: https://elfdigest.com/brief/18228a1aeb6b5707f873b4ee20c623bdc46dc726e0305671b20e04998e234935

http://45.132.241.71
45.132.241.71:721

# Reference: https://elfdigest.com/brief/49ea91c178855bd87cfbffbf77e92674c9f4b15dc41e42c8abb44408d40b25f4
# Reference: https://www.virustotal.com/gui/file/0302fadc0cd5b70117cdf7d0c5d9dfbe0b238ecce70788784cb1eeb0ea70a817/detection

http://193.42.32.40
193.42.32.40:59635
psonpcks.online

# Reference: https://elfdigest.com/brief/fade72b342c846c638453a35a92aca636397b1b2134ca6d5099ef0b3af6d4363
# Reference: https://www.virustotal.com/gui/file/fade72b342c846c638453a35a92aca636397b1b2134ca6d5099ef0b3af6d4363/detection

http://139.99.114.145
139.99.114.145:1312

# Reference: https://elfdigest.com/brief/15328241c36736ed125a36339b29ce7c13475669514f4721d5f3d0358381796f

http://103.166.185.17
103.166.185.17:3778

# Reference: https://elfdigest.com/brief/db3dc8cce9a7342770ca1941f93f16cb111243d8ecce2db4eb18381ef9d20957
# Reference: https://www.virustotal.com/gui/file/17eaf01edc093f566cec2104bb66fdd0bf5639972d31294e1c73abe8980f8ae8/detection

http://45.147.46.125
45.147.46.125:31

# Reference: https://elfdigest.com/brief/ab9c02bb562e0f0bfc0351c62b535eaa9a8368b03a268d6fbd282bf9310570c9

193.35.18.147:103

# Reference: https://elfdigest.com/brief/8c8865a3ee07cde8d14e51c534626f91e7166fa462b6e97cb0308b32ffe7c9bd
# Reference: https://www.virustotal.com/gui/file/d2afb3c26352c14a266a462d08714f20226d879b59e5aff5bdb580eb4be5e759/detection

http://194.9.6.61
194.9.6.61:7777
45.143.223.215:1337

# Reference: https://elfdigest.com/brief/b29f5d42b19f4b6c6ed495538feea48c148009ea50e34eb22ee6e3c0faba120b

http://185.252.179.190
185.252.179.190:9375
185.254.18.2:7777

# Reference: https://www.virustotal.com/gui/file/05bac2be75136a1817707623207c6de6bd1d3a660bfdaed70234d07ecd73c355/detection

botnet.vinaddns.com

# Reference: https://elfdigest.com/brief/80599e4ae9781172445f37150c7f51f8c4248ff55fb5d7699e9f54036f320669
# Reference: https://www.virustotal.com/gui/file/112235bc91b4c563a4eef376106163f45b29c84217eb2c3b49ce01964cbcf20b/detection

http://103.195.236.140
103.195.236.140:1791

# Reference: https://elfdigest.com/brief/dd2f01d0ac061bf69ec182afab21074d41b1c16867e4722f11b434262986ab5a

5.181.80.120:60195
timestop.online
the.timestop.online

# Reference: https://elfdigest.com/brief/96e8d28520087da8aa2ea59a2ba3255ef3b53d29236389d784724aad121c8ec4

http://47.87.129.156
47.87.129.156:9931

# Reference: https://elfdigest.com/brief/e61bf180e02b5e5c266ce97142052e52668ec840fbc5b6ed4f724a0eb90c250b
# Reference: https://www.virustotal.com/gui/file/b7e9aee9e5e964fa1922d49c76ee7c79a4fa40d26f4b16d6d73a9db9d0320896/detection

http://185.167.96.166
185.167.96.166:1312

# Reference: https://elfdigest.com/brief/5804b62f22c946bd35135919251c6d0d10354b8f1efd67f2e92a939e0410129e

172.105.94.82:576

# Reference: https://elfdigest.com/brief/4c8dca7fd01970784856f1207f4c881cdce86b76090be47e9bcc253f46c972c6

http://85.208.139.122
85.208.139.122:1312

# Reference: https://elfdigest.com/brief/23423a3649fd7fc9890093ede3362b0ab4fa9282b855517f1a6e73bb14e795c1

http://109.98.208.52

# Reference: https://elfdigest.com/brief/8ceb919ac38f2bf7111517dfea7e5dc13fc15b334b95ece25072aeafaf09829a
# Reference: https://www.virustotal.com/gui/file/10cf242d2e1750145f0922be20c931bd005877cc00e1e3b8c2506aaab4f809f0/detection

http://198.98.60.57
198.98.60.57:9506

# Reference: https://www.virustotal.com/gui/file/02480a6101a6774473dfba3c4637fcb2e5edf09eab975097e6ce690440831c9e/detection

103.118.30.18:56999
nguyennghi.info
botnet.nguyennghi.info
node5gsieutoc.nguyennghi.info

# Reference: https://elfdigest.com/brief/bf4a4ba6e62b6cb2add8b3f129d35e7cca2bb800773f3176aede5ba565e7babd

141.98.6.123:9506

# Reference: https://elfdigest.com/brief/7cda3591af494bd7233e4ff26c5efd033c081907af775698723ffa7377743688

194.59.31.108:566

# Reference: https://elfdigest.com/brief/eea607d352acc2a926a260b29b37b48568f7308a154194c4ab6fdd793688ae9a

194.180.48.69:14

# Reference: https://elfdigest.com/brief/8095cc6791dcd50642629c1d36e6af4181a92644e9d68f83d0103411a5429762

88.214.20.105:3666

# Reference: https://elfdigest.com/brief/eb812589966f7cde24f0913132ab7d2167d5b0f2f660973584dd8e7bb92941e7

http://104.238.189.68
104.238.189.68:3778

# Reference: https://elfdigest.com/brief/0178275104a9b19acb2286bb4a8338c9c5bd358644d2624afe93ac0d667ea695

http://194.59.31.108
194.59.31.108:59666

# Reference: https://elfdigest.com/brief/2084de67555a72f5abe5bb07b7daa9a9a65b419afa75f07eb2c4fb3f58aa6730

http://45.88.90.152
45.88.90.152:1312

# Reference: https://elfdigest.com/brief/3b2ce7a5ecb033f1470513daf8343e2ee623f701bf20ff07cf181e524bc02ccb

47.87.161.30:6580

# Reference: https://elfdigest.com/brief/75035ae62ba3a8fc9dacf04de3004d7765cf5813097e0eafd6cb97fe53b73248
# Reference: https://www.virustotal.com/gui/file/bd5d5fddd339da1d67e982f6cc10c126c76344cd40e0c3374b925efbda617f59/detection

http://5.42.75.67
5.42.75.67:1312

# Reference: https://elfdigest.com/brief/d9fa4f37075b1046296c8d63704d90d2451938656f3a035ec3d9f1448f22632b

http://194.59.31.121
194.59.31.121:3556

# Reference: https://elfdigest.com/brief/b83f1a2a3e279af0960a71672d39719b6711398e6f74b99fd88d0738c061ea82

http://162.19.161.214
162.19.161.214:1338

# Reference: https://elfdigest.com/brief/c916b0bf38058f3102add37a4b714abade1b6e042cffa8c7721652b60b49df62

94.131.113.221:38241

# Reference: https://elfdigest.com/brief/7275c5ef3a38119af1889f1f6ba14110168052dc285ae2eaf552de5b9102e412

http://5.206.227.169
5.206.227.169:9931

# Reference: https://elfdigest.com/brief/1c7289e8d036aed307cb0e61af48e0a641530130f313251b84582406acf78d39

http://5.252.177.46
5.252.177.46:1791

# Reference: https://elfdigest.com/brief/ce39399a7c0fbd8a4580528ca220e5bbfc698aca8a5d66d19fbcf650aa7a9e9f

141.98.6.123:9506

# Reference: https://elfdigest.com/brief/2be723d0251113341dd4d847e457662b19854c01453707a1d9111f6fa00bb7e6

103.164.139.229:1337

# Reference: https://elfdigest.com/brief/efde0d4f7381fa35a71a380e9f4959081bc780e933adcde70419456515113244

45.88.90.152:1791

# Reference: https://elfdigest.com/brief/981858f0341e6d2ac8b30216c75272c8b696fae760fd3a70d33b45928b8008c0

103.164.139.229:1337
/KaKeGuRuI

# Reference: https://elfdigest.com/brief/59bcca2037e7f55f5fff9ff02ea3d4f5cc296ca73d4f3a16ace511c3d988d0cb
# Reference: https://www.virustotal.com/gui/file/0a5d1e1baa7798784b0dfc771acde2696ce291c1c8c08eaf1bd05378d1a4e456/detection

http://185.174.136.195
185.174.136.195:1312

# Reference: https://elfdigest.com/brief/5fbb7660c1a212e21733dac03333e84424a251fe34f7cf850d3ab35473dddb72

http://87.121.47.67
87.121.47.67:56443

# Reference: https://elfdigest.com/brief/76930718c85a4e125663760cbe93a0ae7b9a8c247c8463f0f59b21315b94e126

84.54.51.103:59666

# Reference: https://elfdigest.com/brief/a7b6fe9527200e1e660313c498aa02c9a548ae1763f5aead33a5359d70caa279
# Reference: https://www.virustotal.com/gui/file/5f2da4c4bf6597adfcaa1278b5b2ea008fab5a10c56f8ce4a056c200b04d4c51/detection

http://81.91.178.56
81.91.178.56:1312

# Reference: https://elfdigest.com/brief/6ad3ebd22fab278cd7c33006740c8bcdae23a56a244b9739d13f3fd152bfb07c

5.249.161.98:576

# Reference: https://elfdigest.com/brief/13034e530c5c0544bc69caebe012d2ced7cc82f82de77df34a026d268df62303

87.120.88.118:16

# Reference: https://elfdigest.com/brief/a0c8ea12d9628b0987ef151c214c42c96da0765eacee7ed38a921aff774fe3c8

http://87.120.88.181

# Reference: https://elfdigest.com/brief/347d5492187a59b49f021b5426eb7590b0ababb04d9917523bda0898854aace2

http://185.174.136.230
185.174.136.230:60195

# Reference: https://elfdigest.com/brief/545d656bc451fc73d1de1449030cbe06a18a6c970e240aa043d786f587f3677e

http://91.208.162.48

# Reference: https://www.fortinet.com/blog/threat-research/condi-ddos-botnet-spreads-via-tp-links-cve-2023-1389
# Reference: https://www.bleepingcomputer.com/news/security/new-condi-malware-builds-ddos-botnet-out-of-tp-link-ax21-routers/
# Reference: https://www.virustotal.com/gui/file/0e70d8352ba3c20dee01ad59e7575bb2dbf5680ed266509340d061469ca3b42b/detection
# Reference: https://www.virustotal.com/gui/file/3f65b063bd069d646a09111f25f35c18e0bd79cfaccdd839ac1f15cb2c614590/detection
# Reference: https://www.virustotal.com/gui/file/05f06544286e8989fbcc5993770568cc620decc6a239e253463b2117a8097542/detection
# Reference: https://www.virustotal.com/gui/file/09b3d30dcf3e0e892d6a0bf2a6b676fb5d13518007595925368f55f602ed0d43/detection

http://85.217.144.35
85.217.144.35:12397
85.217.144.35:3007
cdn.duc3k.com
cdn2.duc3k.com

# Reference: https://unit42.paloaltonetworks.com/mirai-variant-iz1h9/
# Reference: https://otx.alienvault.com/pulse/64712ddfa559e42b1ee4bf5c

dotheneedfull.club

# Reference: https://www.virustotal.com/gui/file/fe04015accfc346f36b09b6a9025989c9b804e225c541ef1802b48ea9c87d83f/detection
# Reference: https://www.virustotal.com/gui/file/b760425543538a2fa71bfa62db69196e9014aaf7d35a68d533b675e07b592b4b/detection

45.95.169.204:14400
89.185.85.103:14400
ihateb1nary.com

# Reference: https://twitter.com/tosscoinwitcher/status/1684451168800616449
# Reference: https://tria.ge/230727-g1nnxsaa76/behavioral1
# Reference: https://tria.ge/230727-g3vv1saa86/behavioral1

http://114.67.217.170
http://46.29.166.61

# Reference: https://www.virustotal.com/gui/file/b26ca6e5c34a3af80ba9a8e5d89b2f10624a1664b27acd26f6b46a850915d72b/detection

103.178.229.217:56999
buns.legendmulti.ga

# Reference: https://www.virustotal.com/gui/file/ea1baa11ef15a8f454d7ebdb903bce20763bd44808b66c22aa0dcaaada62084b/detection

2.59.255.135:38241
chatgenie.co.uk

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-07-27)

http://103.186.67.227
http://147.78.103.10
http://95.214.27.52
107.189.3.174:1337
135.125.114.164:22005
135.148.57.150:1194
137.184.228.241:1312
162.248.224.46:55579
193.233.18.179:9506
194.87.216.140:3778
45.148.244.224:1312
5.206.227.169:55555
85.208.139.32:3557
87.120.88.208:9931
95.214.27.52:6075
maizhangyu.top
stress.wtf
cnc.stress.wtf
bot.maizhangyu.top
testbots.maizhangyu.top

# Reference: https://twitter.com/sicehice/status/1673893976934612993
# Reference: https://www.virustotal.com/gui/file/caf577935671be92ac6d345a23f49168787250316edbe6ddccebdfbcdec385eb/detection

http://172.245.135.175
137.74.95.182:443
15.235.47.158:443
45.142.107.30:1390
95.214.53.112:15567
/server/boxshell3
/boxshell3

# Reference: https://twitter.com/sicehice/status/1663954926228103168

http://45.128.232.143
/paraiso.32
/paraiso.64
/paraiso.arc
/paraiso.arcle-hs38
/paraiso.arm
/paraiso.arm4
/paraiso.arm4l
/paraiso.arm4t
/paraiso.arm4tl
/paraiso.arm4tll
/paraiso.arm5
/paraiso.arm5l
/paraiso.arm5n
/paraiso.arm6
/paraiso.arm64
/paraiso.arm6l
/paraiso.arm7
/paraiso.arm7l
/paraiso.arm8
/paraiso.armv4
/paraiso.armv4l
/paraiso.armv5l
/paraiso.armv6
/paraiso.armv61
/paraiso.armv6l
/paraiso.armv7l
/paraiso.dbg
/paraiso.exploit
/paraiso.i4
/paraiso.i486
/paraiso.i586
/paraiso.i6
/paraiso.i686
/paraiso.kill
/paraiso.m68
/paraiso.m68k
/paraiso.mips
/paraiso.mips64
/paraiso.mipseb
/paraiso.mipsel
/paraiso.mpsl
/paraiso.pcc
/paraiso.powerpc
/paraiso.powerpc-440fp
/paraiso.powerppc
/paraiso.ppc
/paraiso.pp-c
/paraiso.ppc2
/paraiso.ppc440
/paraiso.ppc440fp
/paraiso.root
/paraiso.root32
/paraiso.sh
/paraiso.sh4
/paraiso.sparc
/paraiso.spc
/paraiso.ssh4
/paraiso.x32
/paraiso.x32_64
/paraiso.x64
/paraiso.x86
/paraiso.x86_32
/paraiso.x86_64

# Reference: https://www.virustotal.com/gui/file/854b10b967dc46b96f14bbd183b06cff2442b1dc9c2861fd4cce5054e0c95146/detection
# Reference: https://www.virustotal.com/gui/file/007f7a8b294caad2eabb046df5d2b48130d1586ca623d6d425fb2756105f26f6/detection

http://103.110.33.164
103.110.33.164:19990
skyline2006.xyz
bato.skyline2006.xyz
skyljne2006.ddns.net
/bin/zhttpd/${IFS}cd${IFS}/tmp
/bin/zhttpd/${IFS}cd${IFS}
/goform/set_LimitClient_cfg

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-08-01)

http://155.100.78.22
http://181.200.7.84
http://201.187.159.95
http://65.108.121.237
http://68.183.19.243
http://92.222.237.231
209.105.243.162:3778

# Reference: https://threatfox.abuse.ch/browse/tag/CVE-2022-1388/

146.19.75.41:9987
178.23.190.52:9987
193.178.210.87:9987
194.156.98.43:9987
194.156.98.67:9987
77.91.101.249:9987
77.91.72.39:9987

# Reference: https://www.virustotal.com/gui/file/3fafbd8048c8ee811c3fffa7087d99518719f2ff8c252157b599ef3dc2c61563/detection

http://93.123.16.205

# Reference: https://twitter.com/tosscoinwitcher/status/1689030035473408001
# Reference: https://tria.ge/230808-1jj4yshd9s/behavioral1
# Reference: https://www.virustotal.com/gui/file/a04945acbad016c0dea55a2db1bc4bd876e8ed5db928b7eeda9b552dbafdab97/detection

http://84.54.51.136
84.54.51.136:28015

# Reference: https://twitter.com/tosscoinwitcher/status/1689376545885061120
# Reference: https://tria.ge/230809-zd3tfagh8z/behavioral1
# Reference: https://www.virustotal.com/gui/file/323f6a2c6934f6c9c46deb0e4d5a19162ff27ae4f0b65995248654c1e0a6734e/detection
# Reference: https://www.virustotal.com/gui/file/eb6e874cfb4666e6ef0d625eed95fba8ec35b9fb6703560d1de79cd2be57364e/detection
# Reference: https://www.virustotal.com/gui/file/e52d3120c6bcf7d43712ae637cd65c94714d0a1138b49ca462087dc56a35f042/detection
# Reference: https://www.virustotal.com/gui/file/aa46ffabd5834ff8fec3f0495abae24cc6503602474c974fa6c09e228d6f2789/detection

http://2.59.254.79
191.190.215.47:52869
2.59.254.79:65412
2.59.254.79:7199
2.59.254.79:7996
212.102.240.243:7547
cnc.crow.ggm.pw

# Reference: https://twitter.com/sicehice/status/1689810147768463360

/D4x.32
/D4x.64
/D4x.arc
/D4x.arcle-hs38
/D4x.arm
/D4x.arm4
/D4x.arm4l
/D4x.arm4t
/D4x.arm4tl
/D4x.arm4tll
/D4x.arm5
/D4x.arm5l
/D4x.arm5n
/D4x.arm6
/D4x.arm64
/D4x.arm6l
/D4x.arm7
/D4x.arm7l
/D4x.arm8
/D4x.armv4
/D4x.armv4l
/D4x.armv5l
/D4x.armv6
/D4x.armv61
/D4x.armv6l
/D4x.armv7l
/D4x.dbg
/D4x.exploit
/D4x.i4
/D4x.i486
/D4x.i586
/D4x.i6
/D4x.i686
/D4x.kill
/D4x.m68
/D4x.m68k
/D4x.mips
/D4x.mips64
/D4x.mipseb
/D4x.mipsel
/D4x.mpsl
/D4x.pcc
/D4x.powerpc
/D4x.powerpc-440fp
/D4x.powerppc
/D4x.ppc
/D4x.pp-c
/D4x.ppc2
/D4x.ppc440
/D4x.ppc440fp
/D4x.root
/D4x.root32
/D4x.sh
/D4x.sh4
/D4x.sparc
/D4x.spc
/D4x.ssh4
/D4x.x32
/D4x.x32_64
/D4x.x64
/D4x.x86
/D4x.x86_32
/D4x.x86_64

# Reference: https://www.virustotal.com/gui/file/f455741d0ede1f72730e874b7a941215d2a9a9b0428e1bf1a19a32be7fc51e4b/detection

http://37.44.238.213

# Reference: https://twitter.com/tosscoinwitcher/status/1689757113462210560
# Reference: https://www.virustotal.com/gui/file/b88e25d96e48241f56e6a5db555847a02a62588a50e0601c7254c63944426f02/detection

http://193.31.28.13
bullsbotnet.live

# Reference: https://www.virustotal.com/gui/ip-address/84.54.51.103/relations
# Reference: https://www.virustotal.com/gui/file/c724639f58c5d2b39902894e1046e689a204f95975890adf0bdc9bc2d6433822/detection
# Reference: https://www.virustotal.com/gui/file/17eb103f073ec5653199126bacbc55196eaf4bc2f2683c45a806234d03874e9e/detection

84.54.51.103:45
84.54.51.103:56999
nekololis.ovh
nekololis.xyz
cnc.nekololis.ovh
cnc.nekololis.xyz

# Reference: https://twitter.com/noexceptcpp/status/1691952868301983928
# Reference: https://www.virustotal.com/gui/file/420f0ceea850226262a9bbf0ef2e60ef8e8c4efeddcc4602b0fa02d2e427b5eb/detection
# Reference: https://www.virustotal.com/gui/file/055f90ff00749c0c6586fc0a4a3a8283b45717db808ba9fbd715ab14838099f4/detection
# Reference: https://www.virustotal.com/gui/file/5be711323ccbcebd590c4123cb3ff2c6ba5c2ae7104f7aaceeef17cf489759b2/detection

http://103.118.30.141
http://94.156.102.245
103.110.33.162:43957
103.118.30.141:43957
49.236.208.231:43957
condi.network
hbt_dz.condi.network
/most-32
/most-64
/most-arc
/most-arcle-hs38
/most-arm
/most-arm4
/most-arm4l
/most-arm4t
/most-arm4tl
/most-arm4tll
/most-arm5
/most-arm5l
/most-arm5n
/most-arm6
/most-arm64
/most-arm6l
/most-arm7
/most-arm7l
/most-arm8
/most-armv4
/most-armv4l
/most-armv5l
/most-armv6
/most-armv61
/most-armv6l
/most-armv7l
/most-dbg
/most-exploit
/most-i4
/most-i486
/most-i586
/most-i6
/most-i686
/most-kill
/most-m68
/most-m68k
/most-mips
/most-mips64
/most-mipseb
/most-mipsel
/most-mpsl
/most-pcc
/most-powerpc
/most-powerpc-440fp
/most-powerppc
/most-ppc
/most-pp-c
/most-ppc2
/most-ppc440
/most-ppc440fp
/most-root
/most-root32
/most-sh
/most-sh4
/most-sparc
/most-spc
/most-ssh4
/most-x32
/most-x32_64
/most-x64
/most-x86
/most-x86_32
/most-x86_64

# Reference: https://www.virustotal.com/gui/file/2dbe7cd934937e64aeaadc03d2d83d5768b4ffbb738538a420a12dff376377ce/detection

http://84.54.50.198

# Reference: https://www.virustotal.com/gui/file/fd6e542976b70be296a7bfa9783a6ac3f979ec795c0481890f74506a4faae976/detection

http://37.49.226.210
37.49.226.210:9506

# Reference: https://www.fortinet.com/blog/threat-research/ddos-botnets-target-zyxel-vulnerability-cve-2023-28771
# Reference: https://otx.alienvault.com/pulse/64be7735f5c03be52e3d305c

babaroga.lib
blacknurse.lib
dragon.lib
routercontroller.geek
tempest.lib
hoz.1337.cx

# Reference: https://blogs.juniper.net/en-us/threat-research/dreambus-botnet-resurfaces-targets-rocketmq-vulnerability

92.204.243.155:8080
ru6r4inkaf4thlgflg4iqs5mhqwqubols5qagspvya4whp3dgbvmyhad.onion

# Reference: https://twitter.com/tosscoinwitcher/status/1696931742932938918
# Reference: https://tria.ge/230830-vc3ptsgb8z/behavioral1

45.95.146.26:55590
miori.lol

# Reference: https://twitter.com/sicehice/status/1697092495916552361

176.123.1.132:8088

# Reference: https://twitter.com/sicehice/status/1697452670603116770
# Reference: https://www.virustotal.com/gui/file/ee390641b5d8bf89c81bf6cdcbe21d12d3c7022ce81fce54b786fe68c54ecc9c/detection
# Reference: https://www.virustotal.com/gui/file/dca14593652b1a8d423d4e2eee36c6b73d73ceebdd73c320bd413ee8545be879/detection

http://185.254.37.243
34.91.223.10:25596
jiggaboojones.tech

# Reference: https://twitter.com/sicehice/status/1697455299383247091
# Reference: https://www.virustotal.com/gui/file/e8f13083583b4addc367d319f4b1ce424b2decba641b206499581beca10f6533/detection

http://94.156.102.209
94.156.102.209:7645

# Reference: https://www.virustotal.com/gui/file/d9c994e754bf65ec938d4ea3d86e20b08c5f568fb5fb835f1c2bc73c641b4a26/detection
# Reference: https://www.virustotal.com/gui/file/4374c4fc7f27cea7a398a5fb7e6d332b65efa6b8dbcf29bcf248f28dcd251b37/detection
# Reference: https://www.virustotal.com/gui/file/14cfdb068f93f63862d4566b72e166ec17a03a5ce899d8fb310052cad6d3fc53/detection

145.40.93.33:19999
94.156.102.209:1312

# Reference: https://www.virustotal.com/gui/file/adbe8d22f6436e345483532935f0f7da63af072bd6d53e490adf3e4abe6cef94/detection

145.40.93.33:53
45.95.146.77:1312

# Reference: https://www.virustotal.com/gui/file/7cd8e94532923801a5bf186a26b057714a7a40418a94b1fedc5cb48e2f29008e/detection

144.91.90.211:5034
145.40.93.33:22465

# Reference: https://threatfox.abuse.ch/ioc/1153391/
# Reference: https://www.virustotal.com/gui/file/d119b310c7a4d77f9d833050cbfa8ca8b172282febdf981c6b923f02f3a489e4/detection
# Reference: https://www.virustotal.com/gui/file/933bd49da16886eaec020f28d09c0e3c5946133a5351cda98d16c3453971d5c7/detection
# Reference: https://www.virustotal.com/gui/file/282d206ea9703b8a80853577bfac81e1de5ff3d17f337e67b317fc860516b972/detection

http://79.110.62.186
79.110.62.186:1312

# Reference: https://twitter.com/banthisguy9349/status/1698653497749618863
# Reference: https://www.virustotal.com/gui/ip-address/94.156.6.4/relations
# Reference: https://www.virustotal.com/gui/file/eb4c2a238c2f051734afa7512d8f052d41bedb2026dc0eefb8dd055a970f1364/detection
# Reference: https://www.virustotal.com/gui/file/4f14f32e3ab478f1c4e178746c98c551d4e07dc59ec74814afb3c52dcce9b54a/detection

http://94.156.6.4
94.156.6.4:1312
94.156.6.4:1791

# Reference: https://vulncheck.com/blog/rocketmq-exploit-payloads
# Reference: https://otx.alienvault.com/pulse/64f8aa42b367073f758f1b6a

http://103.85.25.121
http://134.209.58.230
http://45.15.158.124
http://94.156.6.110
acf-producao.s3.amazonaws.com
ashleyhub.s3.amazonaws.com
aaadutyv1.s3.amazonaws.com
brazilfoundation-assets.s3.amazonaws.com

# Reference: https://urlhaus.abuse.ch/url/2710899/

/shithirointhehouse.sh

# Reference: https://www.virustotal.com/gui/file/003d13cd9cd962810ec9d61b6a4d0db61856fc7d4cf70543e4c697d133f0fd68/detection

141.98.6.249:11339
195.178.120.181:11337

# Reference: https://www.virustotal.com/gui/file/f1516f40a6fe812d185a66c9298e18373ba4c1dc78591b306fe48a9024138517/detection
# Reference: https://www.virustotal.com/gui/file/751cc978867a8a3942f67e2b2db7b341983ba0d25ccf7485a095808c79cce470/detection
# Reference: https://www.virustotal.com/gui/file/5456ce9cf5ae748605bca2a2b53650c8037596e3ee0830f3900b92455473ab3c/detection

141.98.6.249:2002
141.98.6.249:53421
quanxx.site
cnc.quanxx.site

# Reference: https://www.virustotal.com/gui/file/7076aae399487dfc51a550b25609964e2851fa2ea0c7cf98b5f27366eedea2be/detection

http://141.98.6.249

# Reference: https://twitter.com/RedDrip7/status/1704060798757392678
# Reference: https://www.virustotal.com/gui/ip-address/199.195.251.104/relations
# Reference: https://www.virustotal.com/gui/file/450b0834ae550b8cf6c1fde7e833319fdda2cb48465120785e33b0bf1c1ec0cb/detection
# Reference: https://www.virustotal.com/gui/file/d3b32c47b54525578501b14fb2ee4e52e7aa85fe8d12ad56f401e985af1068d2/detection
# Reference: https://www.virustotal.com/gui/file/633df92e1c5a82c2d6df934eb6071c8cc197479daaa9065d7d431924c6e9c1ef/detection

199.195.251.104:55551
199.195.251.104:55552
209.222.115.38:25565
80.76.51.160:55551
80.76.51.160:55552
faptits.click
gaybooba.cc
pornblog.es
tcp.homes
xxx4you.es
xxxsector.es
xxxspace.click
c.gaybooba.cc
dd.gaybooba.cc

# Reference: https://elfdigest.com/brief/48ed9d5e32d207ee9d516378584ef9232e10d37ed9db11fa6446be9ba307f868

http://194.37.80.97
194.37.80.97:9506

# Reference: https://elfdigest.com/brief/1805368f0b5c7338ed34a5c81f52fb76fc6b86cdbc44bbd9dcfcdb5ff24da9d0

95.214.24.125:6734
d4xw.fun

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-09-23)

http://103.74.100.192
http://103.77.240.62
http://116.103.228.193
http://147.78.103.103
http://210.211.117.205
http://45.128.232.4
http://93.123.85.43
http://93.123.85.90
193.42.32.174:9931
194.37.80.211:9506
38.92.49.124:3778
45.134.225.245:1024
45.155.220.254:5555
45.95.169.247:56999
5.181.80.102:38241
5.181.80.130:38241
81.94.159.163:3778
93.123.85.151:43957
nulling.to
somersaultcloud.xyz
bp.somersaultcloud.xyz
hiro.nulling.to

# Reference: https://www.virustotal.com/gui/file/ce7e6df9356d711fb017add31791a813a89b0b8833a48f0825344ddc7853900d/detection

114.123.240.31:8080
142.204.1.63:8080
212.219.173.69:8080
212.241.170.244:8080
5.181.80.119:58141
/yourbiggestnightmare.32
/yourbiggestnightmare.64
/yourbiggestnightmare.arc
/yourbiggestnightmare.arcle-hs38
/yourbiggestnightmare.arm
/yourbiggestnightmare.arm4
/yourbiggestnightmare.arm4l
/yourbiggestnightmare.arm4t
/yourbiggestnightmare.arm4tl
/yourbiggestnightmare.arm4tll
/yourbiggestnightmare.arm5
/yourbiggestnightmare.arm5l
/yourbiggestnightmare.arm5n
/yourbiggestnightmare.arm6
/yourbiggestnightmare.arm64
/yourbiggestnightmare.arm6l
/yourbiggestnightmare.arm7
/yourbiggestnightmare.arm7l
/yourbiggestnightmare.arm8
/yourbiggestnightmare.armv4
/yourbiggestnightmare.armv4l
/yourbiggestnightmare.armv5l
/yourbiggestnightmare.armv6
/yourbiggestnightmare.armv61
/yourbiggestnightmare.armv6l
/yourbiggestnightmare.armv7l
/yourbiggestnightmare.dbg
/yourbiggestnightmare.exploit
/yourbiggestnightmare.i4
/yourbiggestnightmare.i486
/yourbiggestnightmare.i586
/yourbiggestnightmare.i6
/yourbiggestnightmare.i686
/yourbiggestnightmare.kill
/yourbiggestnightmare.m68
/yourbiggestnightmare.m68k
/yourbiggestnightmare.mips
/yourbiggestnightmare.mips64
/yourbiggestnightmare.mipseb
/yourbiggestnightmare.mipsel
/yourbiggestnightmare.mpsl
/yourbiggestnightmare.pcc
/yourbiggestnightmare.powerpc
/yourbiggestnightmare.powerpc-440fp
/yourbiggestnightmare.powerppc
/yourbiggestnightmare.ppc
/yourbiggestnightmare.pp-c
/yourbiggestnightmare.ppc2
/yourbiggestnightmare.ppc440
/yourbiggestnightmare.ppc440fp
/yourbiggestnightmare.root
/yourbiggestnightmare.root32
/yourbiggestnightmare.sh
/yourbiggestnightmare.sh4
/yourbiggestnightmare.sparc
/yourbiggestnightmare.spc
/yourbiggestnightmare.ssh4
/yourbiggestnightmare.x32
/yourbiggestnightmare.x32_64
/yourbiggestnightmare.x64
/yourbiggestnightmare.x86
/yourbiggestnightmare.x86_32
/yourbiggestnightmare.x86_64

# Reference: https://www.virustotal.com/gui/file/12badb4d37a6e699f137c40ec1609b093d29e88d289f3b7b34416454c1018d3a/detection

5.181.80.141:60195
cnc.nulling.to

# Reference: https://www.virustotal.com/gui/file/dacc01807ddb5a94bfed1bd78bd65e6b7d57e151b73b5a334bc3175fed1e342d/detection

37.221.92.200:60195
ezz.nulling.to
scan.nulling.to

# Reference: https://www.virustotal.com/gui/file/ef7f772edbf3d81146f28f17be0dfa621f4ad9a1b61ddda66222dd8f10224266/detection

http://45.138.74.83
212.239.37.167:8080
212.246.166.104:8080
44.158.79.80:8080
twss.nulling.to
/eramthginseggibruoy/
/0xh0roxxnavebusyoo32elf.elf
/0xh0roxxnavebusyoo64elf.elf
/0xh0roxxnavebusyooarcelf.elf
/0xh0roxxnavebusyooarcle-hs38elf.elf
/0xh0roxxnavebusyooarm4elf.elf
/0xh0roxxnavebusyooarm4lelf.elf
/0xh0roxxnavebusyooarm4telf.elf
/0xh0roxxnavebusyooarm4tlelf.elf
/0xh0roxxnavebusyooarm4tllelf.elf
/0xh0roxxnavebusyooarm5elf.elf
/0xh0roxxnavebusyooarm5lelf.elf
/0xh0roxxnavebusyooarm5nelf.elf
/0xh0roxxnavebusyooarm64elf.elf
/0xh0roxxnavebusyooarm6elf.elf
/0xh0roxxnavebusyooarm6lelf.elf
/0xh0roxxnavebusyooarm7elf.elf
/0xh0roxxnavebusyooarm7lelf.elf
/0xh0roxxnavebusyooarm8elf.elf
/0xh0roxxnavebusyooarmelf.elf
/0xh0roxxnavebusyooarmv4elf.elf
/0xh0roxxnavebusyooarmv4lelf.elf
/0xh0roxxnavebusyooarmv5lelf.elf
/0xh0roxxnavebusyooarmv61elf.elf
/0xh0roxxnavebusyooarmv6elf.elf
/0xh0roxxnavebusyooarmv6lelf.elf
/0xh0roxxnavebusyooarmv7lelf.elf
/0xh0roxxnavebusyoodbgelf.elf
/0xh0roxxnavebusyooexploitelf.elf
/0xh0roxxnavebusyooi486elf.elf
/0xh0roxxnavebusyooi4elf.elf
/0xh0roxxnavebusyooi586elf.elf
/0xh0roxxnavebusyooi686elf.elf
/0xh0roxxnavebusyooi6elf.elf
/0xh0roxxnavebusyookillelf.elf
/0xh0roxxnavebusyoom68elf.elf
/0xh0roxxnavebusyoom68kelf.elf
/0xh0roxxnavebusyoomips64elf.elf
/0xh0roxxnavebusyoomipsebelf.elf
/0xh0roxxnavebusyoomipselelf.elf
/0xh0roxxnavebusyoomipself.elf
/0xh0roxxnavebusyoompslelf.elf
/0xh0roxxnavebusyoopccelf.elf
/0xh0roxxnavebusyoopowerpc-440fpelf.elf
/0xh0roxxnavebusyoopowerpcelf.elf
/0xh0roxxnavebusyoopowerppcelf.elf
/0xh0roxxnavebusyoopp-celf.elf
/0xh0roxxnavebusyooppc2elf.elf
/0xh0roxxnavebusyooppc440elf.elf
/0xh0roxxnavebusyooppc440fpelf.elf
/0xh0roxxnavebusyooppcelf.elf
/0xh0roxxnavebusyooroot32elf.elf
/0xh0roxxnavebusyoorootelf.elf
/0xh0roxxnavebusyoosh4elf.elf
/0xh0roxxnavebusyooshelf.elf
/0xh0roxxnavebusyoosparcelf.elf
/0xh0roxxnavebusyoospcelf.elf
/0xh0roxxnavebusyoossh4elf.elf
/0xh0roxxnavebusyoox32_64elf.elf
/0xh0roxxnavebusyoox32elf.elf
/0xh0roxxnavebusyoox64elf.elf
/0xh0roxxnavebusyoox86_32elf.elf
/0xh0roxxnavebusyoox86_64elf.elf
/0xh0roxxnavebusyoox86elf.elf

# Reference: https://www.virustotal.com/gui/file/12bb9755c3d05e996b0a5722cce063538944c0f5d382796b418335809272bcf7/detection

45.128.232.121:56999
dfgy.shop

# Reference: https://www.virustotal.com/gui/file/10759f70269ed44746996feaee94a7f828ed68797878c8e98000502c5dadb00d/detection

85.202.87.162:38241
pqahzam.ink

# Reference: https://www.virustotal.com/gui/file/23c60a2798a2ea5c48f74140b9afd94e2378933febac1a44757446bfa7fef24e/detection

85.217.144.91:38241
dfvzfvd.help

# Reference: https://www.virustotal.com/gui/file/a5c36e400f0f0a414993e1149bdf5790406fa1651543f0a45e9fa66a917ff0ae/detection

opewu.homes

# Reference: https://www.virustotal.com/gui/ip-address/45.95.169.247/relations
# Reference: https://www.virustotal.com/gui/file/261e28b231ecae92186ebc20ad3d7283e6b8d3b6c80413f961c068f4df986ba0/detection

http://45.95.169.247
fuckyournet.tk
mmone.online
cnc.mmone.online

# Reference: https://www.virustotal.com/gui/file/44e2d313117fd0a722a7038da12ea529b1e670d0b953a5bdaaa299fa175e1052/detection

http://103.131.57.59
103.131.57.59:19990
lovebaongoc.ddns.net

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-09-26)

http://84.54.51.82
141.98.10.44:45
141.98.10.59:45
157.254.166.232:3778
81.161.229.251:1791
84.54.51.82:59666
hamsterrace.space
bot.hamsterrace.space

# Reference: https://www.virustotal.com/gui/file/011a7aaba02cbdf9da5504a6471f5201f92112b9de4a1e4d5c8ba21de642de1a/detection

80.211.83.69:1994

# Reference: https://www.virustotal.com/gui/file/105054d58b412bc97e2ba0b806ed123f7e1de5983806485a75ec46c44cedb57d/detection

http://80.211.83.69
/blade.32
/blade.64
/blade.arc
/blade.arcle-hs38
/blade.arm
/blade.arm4
/blade.arm4l
/blade.arm4t
/blade.arm4tl
/blade.arm4tll
/blade.arm5
/blade.arm5l
/blade.arm5n
/blade.arm6
/blade.arm64
/blade.arm6l
/blade.arm7
/blade.arm7l
/blade.arm8
/blade.armv4
/blade.armv4l
/blade.armv5l
/blade.armv6
/blade.armv61
/blade.armv6l
/blade.armv7l
/blade.dbg
/blade.exploit
/blade.i4
/blade.i486
/blade.i586
/blade.i6
/blade.i686
/blade.kill
/blade.m68
/blade.m68k
/blade.mips
/blade.mips64
/blade.mipseb
/blade.mipsel
/blade.mpsl
/blade.pcc
/blade.powerpc
/blade.powerpc-440fp
/blade.powerppc
/blade.ppc
/blade.pp-c
/blade.ppc2
/blade.ppc440
/blade.ppc440fp
/blade.root
/blade.root32
/blade.sh
/blade.sh4
/blade.sparc
/blade.spc
/blade.ssh4
/blade.x32
/blade.x32_64
/blade.x64
/blade.x86
/blade.x86_32
/blade.x86_64

# Reference: https://www.virustotal.com/gui/file/9814c20e856e23aefb140b2c0c4321e7e896bf88857b1f4a6162968e0f9e3011/detection

5.181.80.111:9506

# Reference: https://www.virustotal.com/gui/file/cc02dba8887a9e858a3811d8bc3b914aba52747485281915a45c92c9868ca259/detection

http://5.181.80.111

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-10-03)

104.168.24.213:1337
141.98.10.40:1312
141.98.10.44:1312
154.9.28.251:3778
172.104.213.137:3778
172.105.96.226:3778
185.150.26.248:60195
194.180.49.139:60195
45.55.195.93:60195
5.181.80.126:38241
5.181.80.134:38241
5.42.76.85:60195
80.76.51.154:34241
80.76.51.213:1312
94.228.162.150:3778
nxdtr.tk
tcprestt.top
api.tcprestt.top
cry.nulling.to

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-10-07)

95.214.25.116:59666
lmao.zelenskyj.ru
zelenskyj.ru

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-10-08)

45.81.39.249:38241
5.181.80.133:38241
5.181.80.81:38241
5.206.227.148:60124
79.110.48.46:38241
dekma-gay.ru
wxd5cxqklilifh0m4pv8tg.dekma-gay.ru
xkoic3y.dekma-gay.ru

# Reference: https://twitter.com/SecureSh3ll/status/1711118032217546840
# Reference: https://www.virustotal.com/gui/file/dfb3d0290feb1a525a210bf6e32cffcbffc7f2e1a29643b89c948ec14877ad73/detection

http://103.67.197.87
condi.cloud
cnc.condi.cloud
/Sodomy_By_Sh3ll.txt

# Reference: https://twitter.com/SecureSh3ll/status/1711748056356434034
# Reference: https://twitter.com/redrabytes/status/1710229481565126875
# Reference: https://www.virustotal.com/gui/file/f26eac0f77d25a3ad5d8915c36d64ea6fd61cd1a2a067250e942207744f1eda6/detection

http://194.180.48.105
194.180.48.105:6667

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-10-10)

103.13.210.153:1312
103.13.210.153:3912
103.178.229.177:1234
141.98.10.82:1302
185.196.9.102:961
185.224.128.191:55650
185.44.81.147:56999
199.48.225.212:3778
2.56.247.173:33605
209.141.57.170:666
45.125.66.19:34241
45.142.107.88:9506
5.181.80.127:38241
5.181.80.54:38241
5.206.227.148:60195
80.94.92.20:24529
80.94.92.20:59666
87.237.55.99:1791
91.92.247.79:666
91.92.252.214:38241
93.123.85.27:45
93.123.85.86:14356
94.156.6.33:1420

# Reference: https://twitter.com/sicehice/status/1711870227317719234

http://194.180.48.100
http://221.195.135.241

# Reference: https://twitter.com/redrabytes/status/1712894394129375328
# Reference: https://www.virustotal.com/gui/file/a60b9d23bfb05377cb97f7f71ac47b61d43003ffc21d0b4d16206084d1aafe64/detection
# Reference: https://www.virustotal.com/gui/file/8127f8c730ffe7f767bec28b083dc7f1acd797399f712a201e991f39b9716b6f/detection

http://45.88.90.129
45.88.90.129:9090

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-10-16)

141.98.10.26:1024
185.150.26.225:38241
185.225.73.177:38241
45.13.227.9:1312
45.13.227.9:9931
45.141.87.124:13
45.142.182.103:36063
45.95.146.72:55555
81.161.229.197:1312
93.123.85.12:1791
94.156.6.248:1312
95.214.25.164:59666
awouig92p74y213fg54.top
dotnet-outlawz.xyz
pvp-rivals.com
bot.pvp-rivals.com
komaru.awouig92p74y213fg54.top

# Reference: https://www.virustotal.com/gui/file/969e3fbadef0250e5faeb80fafa44e921d56447c77a8c55f5b62b7820bfe030a/detection

http://199.48.225.212
199.48.225.212:3778

# Reference: https://www.virustotal.com/gui/file/a3be49a276c503305bc642a71c1647c2ab3b22f965c795177d94833c5e5ef2ee/detection

http://185.254.37.196
185.254.37.196:1312

# Reference: https://www.virustotal.com/gui/file/37db6d554b503d9bc6e38681ce15e1db260cc6043ac9f3e244fd888d2e8853fe/detection

http://45.81.39.10
45.81.39.10:1312
/scorp.32
/scorp.64
/scorp.arc
/scorp.arcle-hs38
/scorp.arm
/scorp.arm4
/scorp.arm4l
/scorp.arm4t
/scorp.arm4tl
/scorp.arm4tll
/scorp.arm5
/scorp.arm5l
/scorp.arm5n
/scorp.arm6
/scorp.arm64
/scorp.arm6l
/scorp.arm7
/scorp.arm7l
/scorp.arm8
/scorp.armv4
/scorp.armv4l
/scorp.armv5l
/scorp.armv6
/scorp.armv61
/scorp.armv6l
/scorp.armv7l
/scorp.dbg
/scorp.exploit
/scorp.i4
/scorp.i486
/scorp.i586
/scorp.i6
/scorp.i686
/scorp.kill
/scorp.m68
/scorp.m68k
/scorp.mips
/scorp.mips64
/scorp.mipseb
/scorp.mipsel
/scorp.mpsl
/scorp.pcc
/scorp.powerpc
/scorp.powerpc-440fp
/scorp.powerppc
/scorp.ppc
/scorp.pp-c
/scorp.ppc2
/scorp.ppc440
/scorp.ppc440fp
/scorp.root
/scorp.root32
/scorp.sh
/scorp.sh4
/scorp.sparc
/scorp.spc
/scorp.ssh4
/scorp.x32
/scorp.x32_64
/scorp.x64
/scorp.x86
/scorp.x86_32
/scorp.x86_64

# Reference: https://www.virustotal.com/gui/file/36ff6d08aa086b33e83c45654176595d286c7a71719d6406b15846e9fcba6dbe/detection
# Reference: https://www.virustotal.com/gui/file/1c1940419311975e6532dcd13af34bb07071f3466ecc319bd058a2075024e415/detection

http://80.211.24.5
80.211.24.5:1991
80.211.24.5:43583
80.211.24.5:52869
80.211.24.5:8080
80.211.24.5:8081

# Reference: https://www.virustotal.com/gui/file/0dd22d6e4d26c6e62373e915eaf15df5fc0968a624b4df94ee1d7cbd0ff3349b/detection

34.147.16.24:25596
asdjjasdhioasdia.online

# Reference: https://www.virustotal.com/gui/file/015950b2819a9f9b1548a78ce691f60b0699ee0f4b8f34feca9f97004e0b62cb/detection

husd8uasd9.online

# Reference: https://www.fortinet.com/blog/threat-research/Iz1h9-campaign-enhances-arsenal-with-scores-of-exploits
# Reference: https://otx.alienvault.com/pulse/65256889f90b0d9b7d871ed1

http://2.56.59.215
http://212.192.241.72

# Reference: https://twitter.com/SecureSh3ll/status/1718715242497077530

kbcsda.org
/ddju.32
/ddju.64
/ddju.arc
/ddju.arcle-hs38
/ddju.arm
/ddju.arm4
/ddju.arm4l
/ddju.arm4t
/ddju.arm4tl
/ddju.arm4tll
/ddju.arm5
/ddju.arm5l
/ddju.arm5n
/ddju.arm6
/ddju.arm64
/ddju.arm6l
/ddju.arm7
/ddju.arm7l
/ddju.arm8
/ddju.armv4
/ddju.armv4l
/ddju.armv5l
/ddju.armv6
/ddju.armv61
/ddju.armv6l
/ddju.armv7l
/ddju.dbg
/ddju.exploit
/ddju.i4
/ddju.i486
/ddju.i586
/ddju.i6
/ddju.i686
/ddju.kill
/ddju.m68
/ddju.m68k
/ddju.mips
/ddju.mips64
/ddju.mipseb
/ddju.mipsel
/ddju.mpsl
/ddju.pcc
/ddju.powerpc
/ddju.powerpc-440fp
/ddju.powerppc
/ddju.ppc
/ddju.pp-c
/ddju.ppc2
/ddju.ppc440
/ddju.ppc440fp
/ddju.root
/ddju.root32
/ddju.sh
/ddju.sh4
/ddju.sparc
/ddju.spc
/ddju.ssh4
/ddju.x32
/ddju.x32_64
/ddju.x64
/ddju.x86
/ddju.x86_32
/ddju.x86_64

# Reference: https://www.virustotal.com/gui/file/64b6eb2317f74f39d666df798943bef7fc678a9d732ee95fa026439a6558e70a/detection

rmdtqq.libre
ujbljw.pirate

# Reference: https://twitter.com/tosscoinwitcher/status/1721647914790137876
# Reference: https://www.virustotal.com/gui/domain/jumpnde.com/relations
# Reference: https://www.virustotal.com/gui/file/c8f3b553c7e1b8df7ec6cb51399205197fee8e33714996243a1c2824f0ea8b69/detection
# Reference: https://www.virustotal.com/gui/file/f05972c63f4dc849d00880dbf19d6c247c53ad702ff6dd4fa6e1c39f01f02aa5/detection

155.138.142.194:5555
155.138.142.194:8989
45.76.171.89:5555
jumpnde.com
mrbzzdyx.jumpnde.com
qvpocbah.jumpnde.com

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-11-08)

171.228.209.167:56999
ngocronglau.xyz
botnet.ngocronglau.xyz

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-11-14)

14.225.206.204:56999
93.123.85.5:1024
muphantom.online

# Reference: https://twitter.com/tosscoinwitcher/status/1727462546687570402
# Reference: https://tria.ge/231122-2whbkafg3v/static1
# Reference: https://www.virustotal.com/gui/file/2104359d19ef912f3c93c67f04285d570c3feeb78f819c278840ad2f44b07c76/detection

http://185.94.29.111
http://45.128.232.186
http://78.40.117.36
http://91.92.240.111
http://91.92.255.79
91.92.240.111:1302
dewelo.neuhost.pl
/GuruITDDoS3.32
/GuruITDDoS3.64
/GuruITDDoS3.arc
/GuruITDDoS3.arcle-hs38
/GuruITDDoS3.arm
/GuruITDDoS3.arm4
/GuruITDDoS3.arm4l
/GuruITDDoS3.arm4t
/GuruITDDoS3.arm4tl
/GuruITDDoS3.arm4tll
/GuruITDDoS3.arm5
/GuruITDDoS3.arm5l
/GuruITDDoS3.arm5n
/GuruITDDoS3.arm6
/GuruITDDoS3.arm64
/GuruITDDoS3.arm6l
/GuruITDDoS3.arm7
/GuruITDDoS3.arm7l
/GuruITDDoS3.arm8
/GuruITDDoS3.armv4
/GuruITDDoS3.armv4l
/GuruITDDoS3.armv5l
/GuruITDDoS3.armv6
/GuruITDDoS3.armv61
/GuruITDDoS3.armv6l
/GuruITDDoS3.armv7l
/GuruITDDoS3.dbg
/GuruITDDoS3.exploit
/GuruITDDoS3.i4
/GuruITDDoS3.i486
/GuruITDDoS3.i586
/GuruITDDoS3.i6
/GuruITDDoS3.i686
/GuruITDDoS3.kill
/GuruITDDoS3.m68
/GuruITDDoS3.m68k
/GuruITDDoS3.mips
/GuruITDDoS3.mips64
/GuruITDDoS3.mipseb
/GuruITDDoS3.mipsel
/GuruITDDoS3.mpsl
/GuruITDDoS3.pcc
/GuruITDDoS3.powerpc
/GuruITDDoS3.powerpc-440fp
/GuruITDDoS3.powerppc
/GuruITDDoS3.ppc
/GuruITDDoS3.pp-c
/GuruITDDoS3.ppc2
/GuruITDDoS3.ppc440
/GuruITDDoS3.ppc440fp
/GuruITDDoS3.root
/GuruITDDoS3.root32
/GuruITDDoS3.sh
/GuruITDDoS3.sh4
/GuruITDDoS3.sparc
/GuruITDDoS3.spc
/GuruITDDoS3.ssh4
/GuruITDDoS3.x32
/GuruITDDoS3.x32_64
/GuruITDDoS3.x64
/GuruITDDoS3.x86
/GuruITDDoS3.x86_32
/GuruITDDoS3.x86_64
/RpcSecurity.32
/RpcSecurity.64
/RpcSecurity.arc
/RpcSecurity.arcle-hs38
/RpcSecurity.arm
/RpcSecurity.arm4
/RpcSecurity.arm4l
/RpcSecurity.arm4t
/RpcSecurity.arm4tl
/RpcSecurity.arm4tll
/RpcSecurity.arm5
/RpcSecurity.arm5l
/RpcSecurity.arm5n
/RpcSecurity.arm6
/RpcSecurity.arm64
/RpcSecurity.arm6l
/RpcSecurity.arm7
/RpcSecurity.arm7l
/RpcSecurity.arm8
/RpcSecurity.armv4
/RpcSecurity.armv4l
/RpcSecurity.armv5l
/RpcSecurity.armv6
/RpcSecurity.armv61
/RpcSecurity.armv6l
/RpcSecurity.armv7l
/RpcSecurity.dbg
/RpcSecurity.exploit
/RpcSecurity.i4
/RpcSecurity.i486
/RpcSecurity.i586
/RpcSecurity.i6
/RpcSecurity.i686
/RpcSecurity.kill
/RpcSecurity.m68
/RpcSecurity.m68k
/RpcSecurity.mips
/RpcSecurity.mips64
/RpcSecurity.mipseb
/RpcSecurity.mipsel
/RpcSecurity.mpsl
/RpcSecurity.pcc
/RpcSecurity.powerpc
/RpcSecurity.powerpc-440fp
/RpcSecurity.powerppc
/RpcSecurity.ppc
/RpcSecurity.pp-c
/RpcSecurity.ppc2
/RpcSecurity.ppc440
/RpcSecurity.ppc440fp
/RpcSecurity.root
/RpcSecurity.root32
/RpcSecurity.sh
/RpcSecurity.sh4
/RpcSecurity.sparc
/RpcSecurity.spc
/RpcSecurity.ssh4
/RpcSecurity.x32
/RpcSecurity.x32_64
/RpcSecurity.x64
/RpcSecurity.x86
/RpcSecurity.x86_32
/RpcSecurity.x86_64
/GuruITDDoS/

# Reference: https://www.virustotal.com/gui/file/afb6538ce87d38727d19de6a5d6f4fdef13579a35e54ad9da788c621942056b9/detection

http://79.124.7.24
neuhost.pl
net.neuhost.pl

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-11-25)

5.181.80.59:38241
88.198.201.180:1791
91.92.254.4:38241

# Reference: https://otx.alienvault.com/pulse/6560a2629741c6dccf310fd3 (# infectedslurs, jenx, hailbot)

cbdgzy.pirate
chinks-eat-dogs.africa
cooldockmantoo.men
czbrwa.geek
fawzpp.indy
gottalovethe.indy
hbakun.geek
hujunxa.cc
hxqytk.geek
iaxtpa.parody
infectedchink.online
ksarpo.parody
rwziag.pirate

# Reference: https://twitter.com/SecureSh3ll/status/1728493957888245979
# Reference: https://www.virustotal.com/gui/file/e3f768474c62cada290e112b233c54349ea8fbdeb614244f8a8a862e8b5a928a/detection

http://2.56.247.223
2.56.247.223:666

# Reference: https://www.virustotal.com/gui/file/f48f379deed22103dd56c7e55a12baad3331efd22f14d3672114aa3c1366dc2b/detection
# Reference: https://www.virustotal.com/gui/file/86396d30282cb86df0b88893e406528e2a2dab3c84c77fdf7eb5192c5f422c19/detection
# Reference: https://www.virustotal.com/gui/file/24416aa5668e3f6cab8c1cf5b9f7a934ea8b71ae432910fc7c1ecd4f4d103c39/detection
# Reference: https://www.virustotal.com/gui/file/04b5b880682da523af2b56fef290ca0135741f9ac28675ed0a9fe60b255d8f7b/detection

methodize.xyz

# Reference: https://twitter.com/SecureSh3ll/status/1731642042663473570
# Reference: https://twitter.com/redrabytes/status/1731651818633982195
# Reference: https://www.virustotal.com/gui/file/1923d5b5cc32bb467ecfee2bf1936aadd62e6ad1a7506d746cb75e98c3c14017/detection
# Reference: https://www.virustotal.com/gui/file/2ea377f6d94ff7debc4fb7185adb085a21a4e1b614944373312a6c2d7a0bc3c5/detection
# Reference: https://www.virustotal.com/gui/file/35dfb5d78e05a8fa17106085d2e432d071d6ac595cee0a223516a6798f8699cc/detection
# Reference: https://www.virustotal.com/gui/file/3cee803cf0ab4c10d380b7af416c36ac85bcbaae1c24bacf39d9da0b16bd4f4c/detection
# Reference: https://www.virustotal.com/gui/file/47d45552ce9a0cdc1c015ae5c6431756c721909a79fa8bb6917eb601b13b8c6d/detection
# Reference: https://www.virustotal.com/gui/file/52943a068ba5bf3853f893be24ac36d1719bf561111ebc4b36093a0843fc9804/detection
# Reference: https://www.virustotal.com/gui/file/62557a37952b668e3614b10426a84fd55c0875c69f566247a9577d35f8ac7a33/detection
# Reference: https://www.virustotal.com/gui/file/f47a362fb3ae69123dc563b235d03e20a95153870d58ef8810e1a1c7642cec6c/detection

http://91.92.244.25
91.92.244.25:23
91.92.244.25:562
/Sokkyo.32
/Sokkyo.64
/Sokkyo.arc
/Sokkyo.arcle-hs38
/Sokkyo.arm
/Sokkyo.arm4
/Sokkyo.arm4l
/Sokkyo.arm4t
/Sokkyo.arm4tl
/Sokkyo.arm4tll
/Sokkyo.arm5
/Sokkyo.arm5l
/Sokkyo.arm5n
/Sokkyo.arm6
/Sokkyo.arm64
/Sokkyo.arm6l
/Sokkyo.arm7
/Sokkyo.arm7l
/Sokkyo.arm8
/Sokkyo.armv4
/Sokkyo.armv4l
/Sokkyo.armv5l
/Sokkyo.armv6
/Sokkyo.armv61
/Sokkyo.armv6l
/Sokkyo.armv7l
/Sokkyo.dbg
/Sokkyo.exploit
/Sokkyo.i4
/Sokkyo.i486
/Sokkyo.i586
/Sokkyo.i6
/Sokkyo.i686
/Sokkyo.kill
/Sokkyo.m68
/Sokkyo.m68k
/Sokkyo.mips
/Sokkyo.mips64
/Sokkyo.mipseb
/Sokkyo.mipsel
/Sokkyo.mpsl
/Sokkyo.pcc
/Sokkyo.powerpc
/Sokkyo.powerpc-440fp
/Sokkyo.powerppc
/Sokkyo.ppc
/Sokkyo.pp-c
/Sokkyo.ppc2
/Sokkyo.ppc440
/Sokkyo.ppc440fp
/Sokkyo.root
/Sokkyo.root32
/Sokkyo.sh
/Sokkyo.sh4
/Sokkyo.sparc
/Sokkyo.spc
/Sokkyo.ssh4
/Sokkyo.x32
/Sokkyo.x32_64
/Sokkyo.x64
/Sokkyo.x86
/Sokkyo.x86_32
/Sokkyo.x86_64

# Reference: https://www.virustotal.com/gui/file/f13dcbb0c059b61539b04c1e84c13f1335c906d1455b1b97f28b60e490771104/detection
# Reference: https://www.virustotal.com/gui/file/e8ee81c3d1629ce9cc9071e1f0dbc68839932edf3f177c11e5c2b89e817826f4/detection

193.222.96.23:5466

# Reference: https://www.virustotal.com/gui/file/19b45f03d911ce9029a7d222bee3e2b1e539e02382f4e1f5592211eb478177d0/detection

2.56.247.167:9902

# Reference: https://www.virustotal.com/gui/file/0f6370d652391a161369dc379f88800297b1828560291a986122e9b7a95fbb2d/detection

mykillerisbetter.fun
fbi.mykillerisbetter.fun

# Reference: https://www.virustotal.com/gui/file/f956614a3927e7d463cf8f6ca490d14df256876ae64637e76d17995ccfeb5984/detection

2.56.247.167:65434

# Reference: https://www.virustotal.com/gui/file/efabda7ca0cd8f6bfff27d04ae6fd9dfe87374de258e7e2309fd41f9e8abc898/detection

2.56.247.167:61002

# Reference: https://www.virustotal.com/gui/file/e99ef4599da951ec5418cbaa5602bc810c8ca4109472a5397de727a6b3e22a7d/detection

2.56.247.167:6969

# Reference: https://www.virustotal.com/gui/file/e0c9bd32543fe89c4ad977664fa5e0940d899bcd7a3d3d519b686036ca7c5215/detection

2.56.247.167:1738

# Reference: https://www.virustotal.com/gui/file/ba37627aa7599820045d2b042dde830ab1848b0f1301f003d8947bf31b76b048/detection

2.56.247.167:6666

# Reference: https://www.virustotal.com/gui/file/ad45e3412e4075a4233cae3309bfd834fa314465ba4a3658f6583eed9f86150b/detection

2.56.247.167:1889

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-12-04)

14.225.211.141:56999
lmanber.fun
bolo.lmanber.fun

# Reference: https://twitter.com/smica83/status/1731970276726919211
# Reference: https://www.virustotal.com/gui/file/e1aa291c991a588b8f90bcead2b877f532f052e1554805f09832a0027078eb1d/detection
# Reference: https://www.virustotal.com/gui/file/c86a1d0a601140638fb173b1ba6a14f6454c58ed44d404abc328b10c50f13b44/detection
# Reference: https://www.virustotal.com/gui/file/b3a4aa904693ee0b46cef89c20fd0a22f806dbe401670480dd359722ebe817f2/detection
# Reference: https://www.virustotal.com/gui/file/913b83eddd975537f092cbf797d8347c97cf8d2833dc779a6da0c55ffbeaf501/detection
# Reference: https://www.virustotal.com/gui/file/4b61256dca3b550927afa545a579c118671750e6408190fff5f2d95d8bc9e7ae/detection
# Reference: https://www.virustotal.com/gui/file/bcbd7d50a6f4d44298e2e6a3f188f4bc074de221610bc621eb2c08159f8570e4/detection
# Reference: https://www.virustotal.com/gui/file/4308108441922ac0f5f007132aa37b10b38834df690614a24175ae2e85cbb3f1/detection
# Reference: https://www.virustotal.com/gui/file/12b1ef4f7c10246df53c9f3f2bd110f87d3469b36cf72754bde97919517df4af/detection

141.164.56.46:10431
45.204.1.40:10431
rshell.daixia.hu
test.rshell.daixia.hu

# Reference: https://twitter.com/1ZRR4H/status/1732776974483910966
# Reference: https://www.virustotal.com/gui/file/737b473a9b14626969b34c880107e730f4253dc6220799bbc0023004cb324390/detection

http://91.92.249.96
91.92.249.96:43957
ezleaks.com

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/91.92.243.156/community
# Reference: https://www.virustotal.com/gui/file/e87db80c3ca75b6d3dd716da413ac6d239beea4c300ad190ec51702dd74949ad/detection

http://91.92.243.156
desertum.space
empty.desertum.space
pixel.desertum.space

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/file/bcc376e29f8fb540c4cc2ec9e63c933259023d7297ac57282699e70d07f317a0/detection

45.142.182.95:43957
shoprbx.com
botnet.shoprbx.com

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/104.248.150.52/community

http://104.248.150.52

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/45.156.24.179/community

http://45.156.24.179

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/file/fac6c75b683f0f097db434c8e4ba7279fd8a788d3230427b74ab0546b6015dcc/detection

64.227.96.75:43957
qngxgw.xyz
dd.qngxgw.xyz

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/46.29.162.49/relations

http://46.29.162.49

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/205.185.122.208/relations

http://205.185.122.208

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/45.63.6.19/relations

http://45.63.6.19

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/file/b87a31b43c1c06a9ef420753eabbf5823ab2c805213a1d2bd3aa1806a7659137/detection

154.12.88.17:43957
firehxh.top
houzi.firehxh.top

# Reference: https://twitter.com/1ZRR4H/status/1732790026012901707
# Reference: https://www.virustotal.com/gui/ip-address/194.26.192.53/relations

http://194.26.192.53
intrerrompu-frais.ddns.net

# Reference: https://twitter.com/g0njxa/status/1732795311226077228

http://103.178.228.64
http://137.184.119.152
http://154.12.88.17
http://158.51.207.198
http://185.225.75.44
http://193.42.33.131
http://212.87.204.125
http://64.227.96.75
http://93.123.85.12
http://93.123.85.86
154.7.231.207:21301
154.7.231.72:21257
185.224.128.191:21425
uygarugurlu.dev
botnet.uygarugurlu.dev

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/

http://103.77.240.57
http://103.78.0.159
http://137.175.17.80
http://91.92.252.23
http://93.123.85.116
http://93.123.85.122
103.178.235.88:19990
103.77.240.57:43957
139.162.59.39:7074
185.53.88.64:6061
bngoc.skyljne.click
botnet.atakehosting.com
skyljne.click

# Reference: https://twitter.com/redrabytes/status/1736154382972932233

http://103.178.235.42
103.178.235.42:19990
103.178.235.42:9999
/skyljne.32
/skyljne.64
/skyljne.arc
/skyljne.arcle-hs38
/skyljne.arm
/skyljne.arm4
/skyljne.arm4l
/skyljne.arm4t
/skyljne.arm4tl
/skyljne.arm4tll
/skyljne.arm5
/skyljne.arm5l
/skyljne.arm5n
/skyljne.arm6
/skyljne.arm64
/skyljne.arm6l
/skyljne.arm7
/skyljne.arm7l
/skyljne.arm8
/skyljne.armv4
/skyljne.armv4l
/skyljne.armv5l
/skyljne.armv6
/skyljne.armv61
/skyljne.armv6l
/skyljne.armv7l
/skyljne.dbg
/skyljne.exploit
/skyljne.i4
/skyljne.i486
/skyljne.i586
/skyljne.i6
/skyljne.i686
/skyljne.kill
/skyljne.m68
/skyljne.m68k
/skyljne.mips
/skyljne.mips64
/skyljne.mipseb
/skyljne.mipsel
/skyljne.mpsl
/skyljne.pcc
/skyljne.powerpc
/skyljne.powerpc-440fp
/skyljne.powerppc
/skyljne.ppc
/skyljne.pp-c
/skyljne.ppc2
/skyljne.ppc440
/skyljne.ppc440fp
/skyljne.root
/skyljne.root32
/skyljne.sh
/skyljne.sh4
/skyljne.sparc
/skyljne.spc
/skyljne.ssh4
/skyljne.x32
/skyljne.x32_64
/skyljne.x64
/skyljne.x86
/skyljne.x86_32
/skyljne.x86_64

# Reference: https://www.virustotal.com/gui/file/fcede59347b8a6956dc3e56d0741f21fcca2fa954b117fe4c03355fc22897e0a/detection
# Reference: https://www.virustotal.com/gui/file/be4a8aecc6fa95e80c2d518e1413390556678bd6717d47e5373f7fccc58b0dcc/detection
# Reference: https://www.virustotal.com/gui/file/be0f98713fbdf7948030b18ccb78c45c56639861b3e8d8d18b3ce8b73f145900/detection
# Reference: https://www.virustotal.com/gui/file/bae5b345bcf5246163f66fecbddddf88173d646a1b4f237bf12b339e9bce81b4/detection
# Reference: https://www.virustotal.com/gui/file/bae5b345bcf5246163f66fecbddddf88173d646a1b4f237bf12b339e9bce81b4/detection
# Reference: https://www.virustotal.com/gui/file/6023fa34f7ee19045b000321b6acd7d8b267268b06a95b0e9c4d7ae821a24725/detection
# Reference: https://www.virustotal.com/gui/file/3cc0b8795c2e83a0945526c8c484bd088497ec65d252bb0c312953a60453d501/detection
# Reference: https://www.virustotal.com/gui/file/1190a1a8fbb646ce59164fa3472dfce61a5690f3ca19c2b68759be1a139c12c4/detection

http://5.196.162.2
5.196.162.2:828

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2023-12-26)
# Reference: https://www.virustotal.com/gui/file/171b6ee729d08135b26b3784bffd1de202717a543c5d8969d613be7a500c86aa/detection

139.162.3.239:3778
141.98.10.19:59666
141.98.10.47:1024
143.198.228.15:3778
188.166.101.86:1312
198.98.61.218:1312
45.142.182.103:4426
5.181.156.131:667
93.123.85.19:6281
93.123.85.41:3778
botnet.bydgoszcz.pl

# Reference: https://twitter.com/blackorbird/status/1742065825828520286
# Reference: https://blog-xlab-qianxin-com.translate.goog/mirai-tbot/?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en

cncvwk.libre
dogchink.oss
dogeatingchink.parody
edrnhe.oss
etbez.gopher
fszki.gopher
fuckdafurry.dyn
fuckmy.website
gropethe.indy
hbpngf.libre
hbpngf.oss
hfoddy.dyn
hiakamai.dyn
himrresearcher.dyn
hinetlab.gopher
homehitter.tk
iarrfd.dyn
icansinga.parody
icanteatthedog.pirate
icecoldfridge.libre
iliveona.cloud
infectedchink.pirate
infectedslurs.geek
kxynjt.indy
metbez.gopher
mfszki.gopher
monkeyontop.gopher
mqcgbs.gopher
netfags.geek
oke.dyn
onthereps.geek
pb1345.dyn
pb2871.pirate
pb3928.parody
pb5872.pirate
pb9827.parody
pboconline1023.dyn
pboconline1248.geek
pboconline2389.geek
pboconline3615.parody
pboconline7629.pirate
pboconline8271.parody
pboconline8273.pirate
pboconline9080.dyn
pektbo.libre
pwskys.dyn
qcgbs.gopher
qhedye.oss
rdtqq.libre
rikzgj.pirate
roaqxg.parody
shetoldmeshewas12.dyn
shetoldmeshewas12.geek
shetoldmeshewas12.gopher
shetoldmeshewas12.indy
shetoldmeshewas12.libre
shetoldmeshewas12.oss
shetoldmeshewas12.parody
shetoldmeshewas12.pirate
shetoldmeshewas13.dyn
shetoldmeshewas13.geek
shetoldmeshewas13.gopher
shetoldmeshewas13.indy
shetoldmeshewas13.libre
shetoldmeshewas13.oss
shetoldmeshewas13.parody
shetoldmeshewas13.pirate
suckmytoe.libre
thischinkisa.geek
tjanwl.gopher
ulkvb.oss
ulkvmb.oss
vbffwf.dyn
vrodpw.indy
vvsjfn.parody
w3d0ntlikebot5.parody
wnisyi.libre
xtltgx.geek
xtvyez.indy
yelloskinscant.parody
yellowchink.pirate
yellowskin.oss
youra.geek

# Reference: https://app.validin.com/axon?source=DNS&type=ip&find=104.168.172.20
# Reference: https://app.validin.com/axon?source=DNS&type=ip&find=45.95.168.230
# Reference: https://www.virustotal.com/gui/ip-address/37.49.224.189/relations
# Reference: https://www.virustotal.com/gui/ip-address/45.95.168.230/relations
# Reference: https://www.virustotal.com/gui/file/00770aa99c68053d33b248cbbcb4dabe4fb4f80969de5310161a13e5342e09c5/detection

amenacnc.duckdns.org
amenascan.duckdns.org
amkmeth.duckdns.org
methamk.duckdns.org
snortcnc.duckdns.org

# Reference: https://twitter.com/sicehice/status/1743024279313350943
# Reference: https://www.virustotal.com/gui/file/01052dda9eb332c9ef13be2c65e03b8dfa5847814947fde744e89ebc1a181501/detection
# Reference: https://www.virustotal.com/gui/file/1de59f814ab7ce1cf244561d43ffb769e6f1262c6da2ffe4afc1dd2ee41814e5/detection
# Reference: https://www.virustotal.com/gui/file/b6fd6311c6ed9af6eb2a6202ec81043978003e7828bb27af81b83d14b22ca9a6/detection
# Reference: https://www.virustotal.com/gui/file/691c23775e1ed959981ce7c0edca1937851df6f8621932cc943302cf4b0db50e/detection

http://45.229.237.214
http://5.253.247.56
195.144.21.137:888
87.121.58.103:6666
87.121.58.103:9701
/.5r3fqt67ew531has4231.32
/.5r3fqt67ew531has4231.64
/.5r3fqt67ew531has4231.arc
/.5r3fqt67ew531has4231.arcle-hs38
/.5r3fqt67ew531has4231.arm
/.5r3fqt67ew531has4231.arm4
/.5r3fqt67ew531has4231.arm4l
/.5r3fqt67ew531has4231.arm4t
/.5r3fqt67ew531has4231.arm4tl
/.5r3fqt67ew531has4231.arm4tll
/.5r3fqt67ew531has4231.arm5
/.5r3fqt67ew531has4231.arm5l
/.5r3fqt67ew531has4231.arm5n
/.5r3fqt67ew531has4231.arm6
/.5r3fqt67ew531has4231.arm64
/.5r3fqt67ew531has4231.arm6l
/.5r3fqt67ew531has4231.arm7
/.5r3fqt67ew531has4231.arm7l
/.5r3fqt67ew531has4231.arm8
/.5r3fqt67ew531has4231.armv4
/.5r3fqt67ew531has4231.armv4l
/.5r3fqt67ew531has4231.armv5l
/.5r3fqt67ew531has4231.armv6
/.5r3fqt67ew531has4231.armv61
/.5r3fqt67ew531has4231.armv6l
/.5r3fqt67ew531has4231.armv7l
/.5r3fqt67ew531has4231.dbg
/.5r3fqt67ew531has4231.exploit
/.5r3fqt67ew531has4231.i4
/.5r3fqt67ew531has4231.i486
/.5r3fqt67ew531has4231.i586
/.5r3fqt67ew531has4231.i6
/.5r3fqt67ew531has4231.i686
/.5r3fqt67ew531has4231.kill
/.5r3fqt67ew531has4231.m68
/.5r3fqt67ew531has4231.m68k
/.5r3fqt67ew531has4231.mips
/.5r3fqt67ew531has4231.mips64
/.5r3fqt67ew531has4231.mipseb
/.5r3fqt67ew531has4231.mipsel
/.5r3fqt67ew531has4231.mpsl
/.5r3fqt67ew531has4231.pcc
/.5r3fqt67ew531has4231.powerpc
/.5r3fqt67ew531has4231.powerpc-440fp
/.5r3fqt67ew531has4231.powerppc
/.5r3fqt67ew531has4231.ppc
/.5r3fqt67ew531has4231.pp-c
/.5r3fqt67ew531has4231.ppc2
/.5r3fqt67ew531has4231.ppc440
/.5r3fqt67ew531has4231.ppc440fp
/.5r3fqt67ew531has4231.root
/.5r3fqt67ew531has4231.root32
/.5r3fqt67ew531has4231.sh
/.5r3fqt67ew531has4231.sh4
/.5r3fqt67ew531has4231.sparc
/.5r3fqt67ew531has4231.spc
/.5r3fqt67ew531has4231.ssh4
/.5r3fqt67ew531has4231.x32
/.5r3fqt67ew531has4231.x32_64
/.5r3fqt67ew531has4231.x64
/.5r3fqt67ew531has4231.x86
/.5r3fqt67ew531has4231.x86_32
/.5r3fqt67ew531has4231.x86_64
/5r3fqt67ew531has4231
/5r3fqt67ew531has4231.64
/5r3fqt67ew531has4231.arc
/5r3fqt67ew531has4231.arcle-hs38
/5r3fqt67ew531has4231.arm
/5r3fqt67ew531has4231.arm4
/5r3fqt67ew531has4231.arm4l
/5r3fqt67ew531has4231.arm4t
/5r3fqt67ew531has4231.arm4tl
/5r3fqt67ew531has4231.arm4tll
/5r3fqt67ew531has4231.arm5
/5r3fqt67ew531has4231.arm5l
/5r3fqt67ew531has4231.arm5n
/5r3fqt67ew531has4231.arm6
/5r3fqt67ew531has4231.arm64
/5r3fqt67ew531has4231.arm6l
/5r3fqt67ew531has4231.arm7
/5r3fqt67ew531has4231.arm7l
/5r3fqt67ew531has4231.arm8
/5r3fqt67ew531has4231.armv4
/5r3fqt67ew531has4231.armv4l
/5r3fqt67ew531has4231.armv5l
/5r3fqt67ew531has4231.armv6
/5r3fqt67ew531has4231.armv61
/5r3fqt67ew531has4231.armv6l
/5r3fqt67ew531has4231.armv7l
/5r3fqt67ew531has4231.dbg
/5r3fqt67ew531has4231.exploit
/5r3fqt67ew531has4231.i4
/5r3fqt67ew531has4231.i486
/5r3fqt67ew531has4231.i586
/5r3fqt67ew531has4231.i6
/5r3fqt67ew531has4231.i686
/5r3fqt67ew531has4231.kill
/5r3fqt67ew531has4231.m68
/5r3fqt67ew531has4231.m68k
/5r3fqt67ew531has4231.mips
/5r3fqt67ew531has4231.mips64
/5r3fqt67ew531has4231.mipseb
/5r3fqt67ew531has4231.mipsel
/5r3fqt67ew531has4231.mpsl
/5r3fqt67ew531has4231.pcc
/5r3fqt67ew531has4231.powerpc
/5r3fqt67ew531has4231.powerpc-440fp
/5r3fqt67ew531has4231.powerppc
/5r3fqt67ew531has4231.ppc
/5r3fqt67ew531has4231.pp-c
/5r3fqt67ew531has4231.ppc2
/5r3fqt67ew531has4231.ppc440
/5r3fqt67ew531has4231.ppc440fp
/5r3fqt67ew531has4231.root
/5r3fqt67ew531has4231.root32
/5r3fqt67ew531has4231.sh
/5r3fqt67ew531has4231.sh4
/5r3fqt67ew531has4231.sparc
/5r3fqt67ew531has4231.spc
/5r3fqt67ew531has4231.ssh4
/5r3fqt67ew531has4231.x32
/5r3fqt67ew531has4231.x32_64
/5r3fqt67ew531has4231.x64
/5r3fqt67ew531has4231.x86
/5r3fqt67ew531has4231.x86_32
/5r3fqt67ew531has4231.x86_64
/.neko
/.neko.64
/.neko.arc
/.neko.arcle-hs38
/.neko.arm
/.neko.arm4
/.neko.arm4l
/.neko.arm4t
/.neko.arm4tl
/.neko.arm4tll
/.neko.arm5
/.neko.arm5l
/.neko.arm5n
/.neko.arm6
/.neko.arm64
/.neko.arm6l
/.neko.arm7
/.neko.arm7l
/.neko.arm8
/.neko.armv4
/.neko.armv4l
/.neko.armv5l
/.neko.armv6
/.neko.armv61
/.neko.armv6l
/.neko.armv7l
/.neko.dbg
/.neko.exploit
/.neko.i4
/.neko.i486
/.neko.i586
/.neko.i6
/.neko.i686
/.neko.kill
/.neko.m68
/.neko.m68k
/.neko.mips
/.neko.mips64
/.neko.mipseb
/.neko.mipsel
/.neko.mpsl
/.neko.pcc
/.neko.powerpc
/.neko.powerpc-440fp
/.neko.powerppc
/.neko.ppc
/.neko.pp-c
/.neko.ppc2
/.neko.ppc440
/.neko.ppc440fp
/.neko.root
/.neko.root32
/.neko.sh
/.neko.sh4
/.neko.sparc
/.neko.spc
/.neko.ssh4
/.neko.x32
/.neko.x32_64
/.neko.x64
/.neko.x86
/.neko.x86_32
/.neko.x86_64
/.nekoisdaddy.32
/.nekoisdaddy.64
/.nekoisdaddy.arc
/.nekoisdaddy.arcle-hs38
/.nekoisdaddy.arm
/.nekoisdaddy.arm4
/.nekoisdaddy.arm4l
/.nekoisdaddy.arm4t
/.nekoisdaddy.arm4tl
/.nekoisdaddy.arm4tll
/.nekoisdaddy.arm5
/.nekoisdaddy.arm5l
/.nekoisdaddy.arm5n
/.nekoisdaddy.arm6
/.nekoisdaddy.arm64
/.nekoisdaddy.arm6l
/.nekoisdaddy.arm7
/.nekoisdaddy.arm7l
/.nekoisdaddy.arm8
/.nekoisdaddy.armv4
/.nekoisdaddy.armv4l
/.nekoisdaddy.armv5l
/.nekoisdaddy.armv6
/.nekoisdaddy.armv61
/.nekoisdaddy.armv6l
/.nekoisdaddy.armv7l
/.nekoisdaddy.dbg
/.nekoisdaddy.exploit
/.nekoisdaddy.i4
/.nekoisdaddy.i486
/.nekoisdaddy.i586
/.nekoisdaddy.i6
/.nekoisdaddy.i686
/.nekoisdaddy.kill
/.nekoisdaddy.m68
/.nekoisdaddy.m68k
/.nekoisdaddy.mips
/.nekoisdaddy.mips64
/.nekoisdaddy.mipseb
/.nekoisdaddy.mipsel
/.nekoisdaddy.mpsl
/.nekoisdaddy.pcc
/.nekoisdaddy.powerpc
/.nekoisdaddy.powerpc-440fp
/.nekoisdaddy.powerppc
/.nekoisdaddy.ppc
/.nekoisdaddy.pp-c
/.nekoisdaddy.ppc2
/.nekoisdaddy.ppc440
/.nekoisdaddy.ppc440fp
/.nekoisdaddy.root
/.nekoisdaddy.root32
/.nekoisdaddy.sh
/.nekoisdaddy.sh4
/.nekoisdaddy.sparc
/.nekoisdaddy.spc
/.nekoisdaddy.ssh4
/.nekoisdaddy.x32
/.nekoisdaddy.x32_64
/.nekoisdaddy.x64
/.nekoisdaddy.x86
/.nekoisdaddy.x86_32
/.nekoisdaddy.x86_64
/nekoisdaddy.32
/nekoisdaddy.64
/nekoisdaddy.arc
/nekoisdaddy.arcle-hs38
/nekoisdaddy.arm
/nekoisdaddy.arm4
/nekoisdaddy.arm4l
/nekoisdaddy.arm4t
/nekoisdaddy.arm4tl
/nekoisdaddy.arm4tll
/nekoisdaddy.arm5
/nekoisdaddy.arm5l
/nekoisdaddy.arm5n
/nekoisdaddy.arm6
/nekoisdaddy.arm64
/nekoisdaddy.arm6l
/nekoisdaddy.arm7
/nekoisdaddy.arm7l
/nekoisdaddy.arm8
/nekoisdaddy.armv4
/nekoisdaddy.armv4l
/nekoisdaddy.armv5l
/nekoisdaddy.armv6
/nekoisdaddy.armv61
/nekoisdaddy.armv6l
/nekoisdaddy.armv7l
/nekoisdaddy.dbg
/nekoisdaddy.exploit
/nekoisdaddy.i4
/nekoisdaddy.i486
/nekoisdaddy.i586
/nekoisdaddy.i6
/nekoisdaddy.i686
/nekoisdaddy.kill
/nekoisdaddy.m68
/nekoisdaddy.m68k
/nekoisdaddy.mips
/nekoisdaddy.mips64
/nekoisdaddy.mipseb
/nekoisdaddy.mipsel
/nekoisdaddy.mpsl
/nekoisdaddy.pcc
/nekoisdaddy.powerpc
/nekoisdaddy.powerpc-440fp
/nekoisdaddy.powerppc
/nekoisdaddy.ppc
/nekoisdaddy.pp-c
/nekoisdaddy.ppc2
/nekoisdaddy.ppc440
/nekoisdaddy.ppc440fp
/nekoisdaddy.root
/nekoisdaddy.root32
/nekoisdaddy.sh
/nekoisdaddy.sh4
/nekoisdaddy.sparc
/nekoisdaddy.spc
/nekoisdaddy.ssh4
/nekoisdaddy.x32
/nekoisdaddy.x32_64
/nekoisdaddy.x64
/nekoisdaddy.x86
/nekoisdaddy.x86_32
/nekoisdaddy.x86_64

# Reference: https://www.virustotal.com/gui/file/81625c58370835bc2b51107cfbcaaccd0fa17944051eff0c579bb091d018645b/detection

http://195.144.21.137

# Reference: https://twitter.com/banthisguy9349/status/1743217262192935138
# Reference: https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.banner%3D%22*TBOTNET*%22

http://185.194.176.29
102.129.168.6:61616
185.150.26.227:61616
185.194.176.21:16726
185.194.176.21:19522
185.194.176.21:19575
185.194.176.21:25831
185.194.176.21:30532
185.194.176.21:34233
185.194.176.21:41889
185.194.176.21:48861
185.194.176.21:58319
185.194.176.21:61192
185.194.176.21:61616
185.194.176.22:16726
185.194.176.22:19522
185.194.176.22:19575
185.194.176.22:25831
185.194.176.22:30532
185.194.176.22:38241
185.194.176.22:41889
185.194.176.22:48861
185.194.176.22:58319
185.194.176.22:61192
185.194.176.22:61616
185.194.176.23:16726
185.194.176.23:19522
185.194.176.23:19575
185.194.176.23:25831
185.194.176.23:30532
185.194.176.23:38241
185.194.176.23:41889
185.194.176.23:48861
185.194.176.23:58319
185.194.176.23:61192
185.194.176.23:61616
185.194.176.27:16726
185.194.176.27:19522
185.194.176.27:19575
185.194.176.27:25831
185.194.176.27:38241
185.194.176.27:41889
185.194.176.27:48861
185.194.176.27:58319
185.194.176.27:61192
185.194.176.27:61616
185.194.176.28:16726
185.194.176.28:19522
185.194.176.28:19575
185.194.176.28:25831
185.194.176.28:41889
185.194.176.28:48861
185.194.176.28:58319
185.194.176.28:61192
185.194.176.28:61616
185.194.176.29:16726
185.194.176.29:19522
185.194.176.29:19575
185.194.176.29:25831
185.194.176.29:38241
185.194.176.29:41889
185.194.176.29:48861
185.194.176.29:58319
185.194.176.29:61192
185.194.176.29:61616
185.194.176.30:16726
185.194.176.30:19522
185.194.176.30:19575
185.194.176.30:25831
185.194.176.30:34233
185.194.176.30:38241
185.194.176.30:41889
185.194.176.30:48861
185.194.176.30:58319
185.194.176.30:61192
185.194.176.30:61616
185.194.176.31:16726
185.194.176.31:19522
185.194.176.31:19575
185.194.176.31:25831
185.194.176.31:38241
185.194.176.31:41889
185.194.176.31:48861
185.194.176.31:58319
185.194.176.31:61192
185.194.176.31:61616
185.194.176.33:16726
185.194.176.33:19522
185.194.176.33:19575
185.194.176.33:25831
185.194.176.33:30532
185.194.176.33:34233
185.194.176.33:38241
185.194.176.33:41889
185.194.176.33:48861
185.194.176.33:58319
185.194.176.33:61192
185.194.176.33:61616
185.194.176.34:16726
185.194.176.34:19522
185.194.176.34:19575
185.194.176.34:25831
185.194.176.34:30532
185.194.176.34:38241
185.194.176.34:41889
185.194.176.34:48861
185.194.176.34:58319
185.194.176.34:61192
185.194.176.34:61616
185.194.176.35:16726
185.194.176.35:19522
185.194.176.35:19575
185.194.176.35:25831
185.194.176.35:30532
185.194.176.35:34233
185.194.176.35:38241
185.194.176.35:41889
185.194.176.35:48861
185.194.176.35:58319
185.194.176.35:61192
185.194.176.35:61616
185.194.176.36:16726
185.194.176.36:19522
185.194.176.36:19575
185.194.176.36:25831
185.194.176.36:30532
185.194.176.36:38241
185.194.176.36:41889
185.194.176.36:48861
185.194.176.36:58319
185.194.176.36:61192
185.194.176.36:61616
185.194.176.38:16726
185.194.176.38:19522
185.194.176.38:19575
185.194.176.38:25831
185.194.176.38:30532
185.194.176.38:38241
185.194.176.38:41889
185.194.176.38:48861
185.194.176.38:58319
185.194.176.38:61192
185.194.176.38:61616
185.194.176.39:16726
185.194.176.39:19522
185.194.176.39:19575
185.194.176.39:25831
185.194.176.39:30532
185.194.176.39:34233
185.194.176.39:38241
185.194.176.39:41889
185.194.176.39:48861
185.194.176.39:58319
185.194.176.39:61192
185.194.176.39:61616
185.194.176.40:16726
185.194.176.40:19522
185.194.176.40:19575
185.194.176.40:25831
185.194.176.40:38241
185.194.176.40:41889
185.194.176.40:48861
185.194.176.40:58319
185.194.176.40:61192
185.194.176.40:61616
185.194.176.41:16726
185.194.176.41:19522
185.194.176.41:19575
185.194.176.41:25831
185.194.176.41:38241
185.194.176.41:41889
185.194.176.41:48861
185.194.176.41:58319
185.194.176.41:61192
185.194.176.41:61616
185.194.176.42:16726
185.194.176.42:19522
185.194.176.42:19575
185.194.176.42:25831
185.194.176.42:30532
185.194.176.42:34233
185.194.176.42:38241
185.194.176.42:41889
185.194.176.42:48861
185.194.176.42:58319
185.194.176.42:61192
185.194.176.42:61616
185.194.176.46:16726
185.194.176.46:19522
185.194.176.46:19575
185.194.176.46:25831
185.194.176.46:30532
185.194.176.46:41889
185.194.176.46:48861
185.194.176.46:58319
185.194.176.46:61192
185.194.176.46:61616
185.194.176.47:16726
185.194.176.47:19522
185.194.176.47:19575
185.194.176.47:25831
185.194.176.47:30532
185.194.176.47:34233
185.194.176.47:38241
185.194.176.47:41889
185.194.176.47:48861
185.194.176.47:58319
185.194.176.47:61192
185.194.176.47:61616
198.251.88.139:61616
37.221.95.74:61616
45.142.182.96:61616
5.181.80.102:61616
5.181.80.53:19522
5.181.80.53:19575
5.181.80.53:25831
5.181.80.53:30532
5.181.80.53:34233
5.181.80.53:38241
5.181.80.53:41584
5.181.80.53:41889
5.181.80.53:58319
5.181.80.53:58403
5.181.80.53:61192
5.181.80.53:61616
5.181.80.55:19522
5.181.80.55:19575
5.181.80.55:25831
5.181.80.55:34233
5.181.80.55:38241
5.181.80.55:41584
5.181.80.55:41889
5.181.80.55:58319
5.181.80.55:58403
5.181.80.55:61192
5.181.80.55:61616
5.181.80.72:61616
62.72.164.3:61616
91.92.241.184:61616
91.92.242.113:19522
91.92.242.113:19575
91.92.242.113:25831
91.92.242.113:30532
91.92.242.113:34233
91.92.242.113:38241
91.92.242.113:41584
91.92.242.113:41889
91.92.242.113:48861
91.92.242.113:58319
91.92.242.113:58403
91.92.242.113:61192
91.92.242.113:61616 
91.92.251.17:19522
91.92.251.17:19575
91.92.251.17:25831
91.92.251.17:30532
91.92.251.17:34233
91.92.251.17:38241
91.92.251.17:41584
91.92.251.17:41889
91.92.251.17:42422
91.92.251.17:58319
91.92.251.17:61192
91.92.251.17:61616
93.123.85.12:61616
94.156.68.152:16726
94.156.68.152:19522
94.156.68.152:19575
94.156.68.152:25831
94.156.68.152:30532
94.156.68.152:34233
94.156.68.152:38241
94.156.68.152:41584
94.156.68.152:41889
94.156.68.152:48861
94.156.68.152:58319
94.156.68.152:58403
94.156.68.152:61192
94.156.68.152:61616

# Reference: https://www.virustotal.com/gui/collection/3907280a7819ff4541828da1343778371409e80d7160f0cae31b838d76acd04e/iocs

185.194.176.14:61616
185.194.176.20:61616
185.194.176.24:61616
185.194.176.25:61616
185.194.176.26:61616
185.194.176.32:61616
185.194.176.37:61616
185.194.176.43:61616
185.194.176.44:61616
185.194.176.45:61616
185.194.176.48:61616
185.194.176.8:61616
5.181.80.130:61616
5.181.80.140:61616
5.181.80.54:61616
5.181.80.59:61616
5.181.80.60:61616
5.181.80.61:61616
5.181.80.77:61616
5.181.80.81:61616
91.92.244.7:61616
91.92.245.143:61616
91.92.251.113:61616
91.92.252.214:61616
91.92.253.254:61616
91.92.254.4:61616
94.156.64.114:61616
94.156.64.115:61616
94.156.64.116:61616
94.156.64.218:61616
94.156.68.149:61616
94.156.68.150:61616
94.156.68.151:61616
94.156.68.153:61616

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-01-05)

http://45.86.155.249
http://87.121.58.103
141.98.10.85:1024
185.224.128.187:7774

# Reference: https://twitter.com/redrabytes/status/1743361786756166134

http://45.13.119.251
http://93.123.85.71
45.13.119.251:9932

# Reference: https://twitter.com/redrabytes/status/1730281641547886702

http://94.156.68.152

# Reference: https://twitter.com/redrabytes/status/1730278548911411437

http://91.92.247.79
91.92.247.79:48215

# Reference: https://twitter.com/redrabytes/status/1729584001705246822

http://45.95.146.26
45.95.146.26:55591

# Reference: https://twitter.com/redrabytes/status/1712983674784825573

http://103.178.229.177
103.178.229.177:56412

# Reference: https://twitter.com/redrabytes/status/1711318983880605879

http://103.13.210.153

# Reference: https://twitter.com/redrabytes/status/1710217951389839560

http://80.94.92.20

# Reference: https://twitter.com/redrabytes/status/1743432775141822542
# Reference: https://www.virustotal.com/gui/file/b4dfd074baebd300dfb835b45773b1bfd7883403eafe35db17eb65fcd732983e/detection
# Reference: https://www.virustotal.com/gui/file/9478bb8fa96a4b9baa199be60285800027abb1fd296ca8e0a0fd26ee647c49ff/detection
# Reference: https://www.virustotal.com/gui/file/4378fd1720cc38c2b85ae452c5c68c1a0a3fc271fabc1f6f2482fa4a3c01645f/detection

http://82.165.215.205
176.223.133.62:1290
51.195.193.177:1290

# Reference: https://twitter.com/redrabytes/status/1743518706485891400

http://45.79.140.235
http://45.79.66.14
45.79.140.235:21
45.79.66.14:21

# Reference: https://twitter.com/sicehice/status/1743678560735515131
# Reference: https://twitter.com/redrabytes/status/1744054902341419497
# Referecne: https://www.virustotal.com/gui/ip-address/2.58.95.35/detection
# Reference: https://www.virustotal.com/gui/file/701e55988e5409acc81d6e19f08879a3fecdc96bc5d0981c4caac65d7529a0f5/detection

http://2.58.95.35
http://80.66.88.49
80.66.88.49:7777
80.66.88.49:9999

# Reference: https://twitter.com/redrabytes/status/1743937583392956833
# Reference: https://www.virustotal.com/gui/file/ad804a6b102674a2ad43a40be16385324ec53bb6a1e56ebd4f5fec1ca208e245/detection

http://45.131.108.210
45.131.108.210:747
45.131.108.210:8752
/NokiaRawPoweaOnTopGangGang
/NokiaRawPoweaOnTopGangGang.64
/NokiaRawPoweaOnTopGangGang.arc
/NokiaRawPoweaOnTopGangGang.arcle-hs38
/NokiaRawPoweaOnTopGangGang.arm
/NokiaRawPoweaOnTopGangGang.arm4
/NokiaRawPoweaOnTopGangGang.arm4l
/NokiaRawPoweaOnTopGangGang.arm4t
/NokiaRawPoweaOnTopGangGang.arm4tl
/NokiaRawPoweaOnTopGangGang.arm4tll
/NokiaRawPoweaOnTopGangGang.arm5
/NokiaRawPoweaOnTopGangGang.arm5l
/NokiaRawPoweaOnTopGangGang.arm5n
/NokiaRawPoweaOnTopGangGang.arm6
/NokiaRawPoweaOnTopGangGang.arm64
/NokiaRawPoweaOnTopGangGang.arm6l
/NokiaRawPoweaOnTopGangGang.arm7
/NokiaRawPoweaOnTopGangGang.arm7l
/NokiaRawPoweaOnTopGangGang.arm8
/NokiaRawPoweaOnTopGangGang.armv4
/NokiaRawPoweaOnTopGangGang.armv4l
/NokiaRawPoweaOnTopGangGang.armv5l
/NokiaRawPoweaOnTopGangGang.armv6
/NokiaRawPoweaOnTopGangGang.armv61
/NokiaRawPoweaOnTopGangGang.armv6l
/NokiaRawPoweaOnTopGangGang.armv7l
/NokiaRawPoweaOnTopGangGang.dbg
/NokiaRawPoweaOnTopGangGang.exploit
/NokiaRawPoweaOnTopGangGang.i4
/NokiaRawPoweaOnTopGangGang.i486
/NokiaRawPoweaOnTopGangGang.i586
/NokiaRawPoweaOnTopGangGang.i6
/NokiaRawPoweaOnTopGangGang.i686
/NokiaRawPoweaOnTopGangGang.kill
/NokiaRawPoweaOnTopGangGang.m68
/NokiaRawPoweaOnTopGangGang.m68k
/NokiaRawPoweaOnTopGangGang.mips
/NokiaRawPoweaOnTopGangGang.mips64
/NokiaRawPoweaOnTopGangGang.mipseb
/NokiaRawPoweaOnTopGangGang.mipsel
/NokiaRawPoweaOnTopGangGang.mpsl
/NokiaRawPoweaOnTopGangGang.pcc
/NokiaRawPoweaOnTopGangGang.powerpc
/NokiaRawPoweaOnTopGangGang.powerpc-440fp
/NokiaRawPoweaOnTopGangGang.powerppc
/NokiaRawPoweaOnTopGangGang.ppc
/NokiaRawPoweaOnTopGangGang.pp-c
/NokiaRawPoweaOnTopGangGang.ppc2
/NokiaRawPoweaOnTopGangGang.ppc440
/NokiaRawPoweaOnTopGangGang.ppc440fp
/NokiaRawPoweaOnTopGangGang.root
/NokiaRawPoweaOnTopGangGang.root32
/NokiaRawPoweaOnTopGangGang.sh
/NokiaRawPoweaOnTopGangGang.sh4
/NokiaRawPoweaOnTopGangGang.sparc
/NokiaRawPoweaOnTopGangGang.spc
/NokiaRawPoweaOnTopGangGang.ssh4
/NokiaRawPoweaOnTopGangGang.x32
/NokiaRawPoweaOnTopGangGang.x32_64
/NokiaRawPoweaOnTopGangGang.x64
/NokiaRawPoweaOnTopGangGang.x86
/NokiaRawPoweaOnTopGangGang.x86_32
/NokiaRawPoweaOnTopGangGang.x86_64
/NokiaRawPoweaOnTopGangGang64
/NokiaRawPoweaOnTopGangGangarc
/NokiaRawPoweaOnTopGangGangarcle-hs38
/NokiaRawPoweaOnTopGangGangarm
/NokiaRawPoweaOnTopGangGangarm4
/NokiaRawPoweaOnTopGangGangarm4l
/NokiaRawPoweaOnTopGangGangarm4t
/NokiaRawPoweaOnTopGangGangarm4tl
/NokiaRawPoweaOnTopGangGangarm4tll
/NokiaRawPoweaOnTopGangGangarm5
/NokiaRawPoweaOnTopGangGangarm5l
/NokiaRawPoweaOnTopGangGangarm5n
/NokiaRawPoweaOnTopGangGangarm6
/NokiaRawPoweaOnTopGangGangarm64
/NokiaRawPoweaOnTopGangGangarm6l
/NokiaRawPoweaOnTopGangGangarm7
/NokiaRawPoweaOnTopGangGangarm7l
/NokiaRawPoweaOnTopGangGangarm8
/NokiaRawPoweaOnTopGangGangarmv4
/NokiaRawPoweaOnTopGangGangarmv4l
/NokiaRawPoweaOnTopGangGangarmv5l
/NokiaRawPoweaOnTopGangGangarmv6
/NokiaRawPoweaOnTopGangGangarmv61
/NokiaRawPoweaOnTopGangGangarmv6l
/NokiaRawPoweaOnTopGangGangarmv7l
/NokiaRawPoweaOnTopGangGangdbg
/NokiaRawPoweaOnTopGangGangexploit
/NokiaRawPoweaOnTopGangGangi4
/NokiaRawPoweaOnTopGangGangi486
/NokiaRawPoweaOnTopGangGangi586
/NokiaRawPoweaOnTopGangGangi6
/NokiaRawPoweaOnTopGangGangi686
/NokiaRawPoweaOnTopGangGangkill
/NokiaRawPoweaOnTopGangGangm68
/NokiaRawPoweaOnTopGangGangm68k
/NokiaRawPoweaOnTopGangGangmips
/NokiaRawPoweaOnTopGangGangmips64
/NokiaRawPoweaOnTopGangGangmipseb
/NokiaRawPoweaOnTopGangGangmipsel
/NokiaRawPoweaOnTopGangGangmpsl
/NokiaRawPoweaOnTopGangGangpcc
/NokiaRawPoweaOnTopGangGangpowerpc
/NokiaRawPoweaOnTopGangGangpowerpc-440fp
/NokiaRawPoweaOnTopGangGangpowerppc
/NokiaRawPoweaOnTopGangGangppc
/NokiaRawPoweaOnTopGangGangpp-c
/NokiaRawPoweaOnTopGangGangppc2
/NokiaRawPoweaOnTopGangGangppc440
/NokiaRawPoweaOnTopGangGangppc440fp
/NokiaRawPoweaOnTopGangGangroot
/NokiaRawPoweaOnTopGangGangroot32
/NokiaRawPoweaOnTopGangGangsh
/NokiaRawPoweaOnTopGangGangsh4
/NokiaRawPoweaOnTopGangGangsparc
/NokiaRawPoweaOnTopGangGangspc
/NokiaRawPoweaOnTopGangGangssh4
/NokiaRawPoweaOnTopGangGangx32
/NokiaRawPoweaOnTopGangGangx32_64
/NokiaRawPoweaOnTopGangGangx64
/NokiaRawPoweaOnTopGangGangx86
/NokiaRawPoweaOnTopGangGangx86_32
/NokiaRawPoweaOnTopGangGangx86_64

# Reference: https://www.virustotal.com/gui/file/005447140f7ddfda8c2613b5a7913f1969ccffd35d2a19f6c98c39060717038a/detection
# Reference: https://www.virustotal.com/gui/file/0bff93744a14e4146e83a642d90799434e451286f84f765a86c9a6099371b27a/detection

89.190.156.145:33966
89.190.156.145:43210
89.190.156.145:7733
dogmuncher.xyz
boats.dogmuncher.xyz

# Reference: https://www.virustotal.com/gui/file/a915f3fc1b16a26921fae81d06542f90f2036207a5289d91ba32b80eb39949ae/detection
# Reference: https://www.virustotal.com/gui/file/4f78ef4d8dc703e4f5a4cbc81f7df39ea817a000a454e07ef66d199a4540e3cb/detection
# Reference: https://www.virustotal.com/gui/file/089a580f35efcde7ec999413aeeece8493d7d4c93213ed5d9e79b6a763980fe0/detection

http://107.182.128.2
http://91.92.244.214
http://91.92.244.70
107.182.128.2:1312
91.92.244.70:43957
/top1hbt.64
/top1hbt.arc
/top1hbt.arcle-hs38
/top1hbt.arm
/top1hbt.arm4
/top1hbt.arm4l
/top1hbt.arm4t
/top1hbt.arm4tl
/top1hbt.arm4tll
/top1hbt.arm5
/top1hbt.arm5l
/top1hbt.arm5n
/top1hbt.arm6
/top1hbt.arm64
/top1hbt.arm6l
/top1hbt.arm7
/top1hbt.arm7l
/top1hbt.arm8
/top1hbt.armv4
/top1hbt.armv4l
/top1hbt.armv5l
/top1hbt.armv6
/top1hbt.armv61
/top1hbt.armv6l
/top1hbt.armv7l
/top1hbt.dbg
/top1hbt.exploit
/top1hbt.i4
/top1hbt.i486
/top1hbt.i586
/top1hbt.i6
/top1hbt.i686
/top1hbt.kill
/top1hbt.m68
/top1hbt.m68k
/top1hbt.mips
/top1hbt.mips64
/top1hbt.mipseb
/top1hbt.mipsel
/top1hbt.mpsl
/top1hbt.pcc
/top1hbt.powerpc
/top1hbt.powerpc-440fp
/top1hbt.powerppc
/top1hbt.ppc
/top1hbt.pp-c
/top1hbt.ppc2
/top1hbt.ppc440
/top1hbt.ppc440fp
/top1hbt.root
/top1hbt.root32
/top1hbt.sh
/top1hbt.sh4
/top1hbt.sparc
/top1hbt.spc
/top1hbt.ssh4
/top1hbt.x32
/top1hbt.x32_64
/top1hbt.x64
/top1hbt.x86
/top1hbt.x86_32
/top1hbt.x86_64
/sdxkzX_UXA229x.64
/sdxkzX_UXA229x.arc
/sdxkzX_UXA229x.arcle-hs38
/sdxkzX_UXA229x.arm
/sdxkzX_UXA229x.arm4
/sdxkzX_UXA229x.arm4l
/sdxkzX_UXA229x.arm4t
/sdxkzX_UXA229x.arm4tl
/sdxkzX_UXA229x.arm4tll
/sdxkzX_UXA229x.arm5
/sdxkzX_UXA229x.arm5l
/sdxkzX_UXA229x.arm5n
/sdxkzX_UXA229x.arm6
/sdxkzX_UXA229x.arm64
/sdxkzX_UXA229x.arm6l
/sdxkzX_UXA229x.arm7
/sdxkzX_UXA229x.arm7l
/sdxkzX_UXA229x.arm8
/sdxkzX_UXA229x.armv4
/sdxkzX_UXA229x.armv4l
/sdxkzX_UXA229x.armv5l
/sdxkzX_UXA229x.armv6
/sdxkzX_UXA229x.armv61
/sdxkzX_UXA229x.armv6l
/sdxkzX_UXA229x.armv7l
/sdxkzX_UXA229x.dbg
/sdxkzX_UXA229x.exploit
/sdxkzX_UXA229x.i4
/sdxkzX_UXA229x.i486
/sdxkzX_UXA229x.i586
/sdxkzX_UXA229x.i6
/sdxkzX_UXA229x.i686
/sdxkzX_UXA229x.kill
/sdxkzX_UXA229x.m68
/sdxkzX_UXA229x.m68k
/sdxkzX_UXA229x.mips
/sdxkzX_UXA229x.mips64
/sdxkzX_UXA229x.mipseb
/sdxkzX_UXA229x.mipsel
/sdxkzX_UXA229x.mpsl
/sdxkzX_UXA229x.pcc
/sdxkzX_UXA229x.powerpc
/sdxkzX_UXA229x.powerpc-440fp
/sdxkzX_UXA229x.powerppc
/sdxkzX_UXA229x.ppc
/sdxkzX_UXA229x.pp-c
/sdxkzX_UXA229x.ppc2
/sdxkzX_UXA229x.ppc440
/sdxkzX_UXA229x.ppc440fp
/sdxkzX_UXA229x.root
/sdxkzX_UXA229x.root32
/sdxkzX_UXA229x.sh
/sdxkzX_UXA229x.sh4
/sdxkzX_UXA229x.sparc
/sdxkzX_UXA229x.spc
/sdxkzX_UXA229x.ssh4
/sdxkzX_UXA229x.x32
/sdxkzX_UXA229x.x32_64
/sdxkzX_UXA229x.x64
/sdxkzX_UXA229x.x86
/sdxkzX_UXA229x.x86_32
/sdxkzX_UXA229x.x86_64
/syms.64
/syms.arc
/syms.arcle-hs38
/syms.arm
/syms.arm4
/syms.arm4l
/syms.arm4t
/syms.arm4tl
/syms.arm4tll
/syms.arm5
/syms.arm5l
/syms.arm5n
/syms.arm6
/syms.arm64
/syms.arm6l
/syms.arm7
/syms.arm7l
/syms.arm8
/syms.armv4
/syms.armv4l
/syms.armv5l
/syms.armv6
/syms.armv61
/syms.armv6l
/syms.armv7l
/syms.dbg
/syms.exploit
/syms.i4
/syms.i486
/syms.i586
/syms.i6
/syms.i686
/syms.kill
/syms.m68
/syms.m68k
/syms.mips
/syms.mips64
/syms.mipseb
/syms.mipsel
/syms.mpsl
/syms.pcc
/syms.powerpc
/syms.powerpc-440fp
/syms.powerppc
/syms.ppc
/syms.pp-c
/syms.ppc2
/syms.ppc440
/syms.ppc440fp
/syms.root
/syms.root32
/syms.sh
/syms.sh4
/syms.sparc
/syms.spc
/syms.ssh4
/syms.x32
/syms.x32_64
/syms.x64
/syms.x86
/syms.x86_32
/syms.x86_64

# Reference: https://twitter.com/sicehice/status/1744750053497934018

http://84.54.51.37
http://93.123.85.133

# Reference: https://twitter.com/banthisguy9349/status/1745051212657954981
# Reference: https://twitter.com/banthisguy9349/status/1745069669411614951

http://1.34.146.54
http://103.242.25.67
http://217.12.199.67
http://219.68.244.13
http://45.77.132.13
122.20.144.36:9000
124.110.63.41:8002
210.146.153.23:7000
210.149.155.4:8080
3.112.87.5:5000
49.142.208.114:26987
54.238.9.211:8002
58.90.231.88:7000
58.91.225.231:100
59.127.196.190:880
79.175.40.95:8080
82.209.207.178:8080
2x9bm54.257.cz
updater.zzux.com
/avtrev.64
/avtrev.arc
/avtrev.arcle-hs38
/avtrev.arm
/avtrev.arm4
/avtrev.arm4l
/avtrev.arm4t
/avtrev.arm4tl
/avtrev.arm4tll
/avtrev.arm5
/avtrev.arm5l
/avtrev.arm5n
/avtrev.arm6
/avtrev.arm64
/avtrev.arm6l
/avtrev.arm7
/avtrev.arm7l
/avtrev.arm8
/avtrev.armv4
/avtrev.armv4l
/avtrev.armv5l
/avtrev.armv6
/avtrev.armv61
/avtrev.armv6l
/avtrev.armv7l
/avtrev.dbg
/avtrev.exploit
/avtrev.i4
/avtrev.i486
/avtrev.i586
/avtrev.i6
/avtrev.i686
/avtrev.kill
/avtrev.m68
/avtrev.m68k
/avtrev.mips
/avtrev.mips64
/avtrev.mipseb
/avtrev.mipsel
/avtrev.mpsl
/avtrev.pcc
/avtrev.powerpc
/avtrev.powerpc-440fp
/avtrev.powerppc
/avtrev.pp-c
/avtrev.ppc
/avtrev.ppc2
/avtrev.ppc440
/avtrev.ppc440fp
/avtrev.root
/avtrev.root32
/avtrev.sh
/avtrev.sh4
/avtrev.sparc
/avtrev.spc
/avtrev.ssh4
/avtrev.x32
/avtrev.x32_64
/avtrev.x64
/avtrev.x86
/avtrev.x86_32
/avtrev.x86_64
/jfowijfoiwejfoiwjefoijwefjio

# Reference: https://twitter.com/sicehice/status/1745298061453046111

http://45.94.4.157

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-01-10)

141.98.10.85:38241
185.224.128.11:55650
45.90.97.101:9931
cremeonu.online
cnc7.cremeonu.online

# Reference: https://www.akamai.com/blog/security-research/mirai-based-noabot-crypto-mining
# Reference: https://github.com/akamai/akamai-security-research/blob/main/malware/noabot/iocs.csv

melovingsangria.online
mimicer.online
mimicmaster.online
/magicPussy_64
/magicPussy_arc
/magicPussy_arcle-hs38
/magicPussy_arm
/magicPussy_arm4
/magicPussy_arm4l
/magicPussy_arm4t
/magicPussy_arm4tl
/magicPussy_arm4tll
/magicPussy_arm5
/magicPussy_arm5l
/magicPussy_arm5n
/magicPussy_arm6
/magicPussy_arm64
/magicPussy_arm6l
/magicPussy_arm7
/magicPussy_arm7l
/magicPussy_arm8
/magicPussy_armv4
/magicPussy_armv4l
/magicPussy_armv5l
/magicPussy_armv6
/magicPussy_armv61
/magicPussy_armv6l
/magicPussy_armv7l
/magicPussy_dbg
/magicPussy_exploit
/magicPussy_i4
/magicPussy_i486
/magicPussy_i586
/magicPussy_i6
/magicPussy_i686
/magicPussy_kill
/magicPussy_m68
/magicPussy_m68k
/magicPussy_mips
/magicPussy_mips64
/magicPussy_mipseb
/magicPussy_mipsel
/magicPussy_mpsl
/magicPussy_pcc
/magicPussy_powerpc
/magicPussy_powerpc-440fp
/magicPussy_powerppc
/magicPussy_ppc
/magicPussy_pp-c
/magicPussy_ppc2
/magicPussy_ppc440
/magicPussy_ppc440fp
/magicPussy_root
/magicPussy_root32
/magicPussy_sh
/magicPussy_sh4
/magicPussy_sparc
/magicPussy_spc
/magicPussy_ssh4
/magicPussy_x32
/magicPussy_x32_64
/magicPussy_x64
/magicPussy_x86
/magicPussy_x86_32
/magicPussy_x86_64
/magicPussyMommy
/magicPussySon

# Reference: https://www.virustotal.com/gui/file/682f7b4e6ff60782b1fe737fa9c3a6f7f4983ee437526f1df455a02233ef2379/detection

http://107.189.1.122
107.189.1.122:56999

# Reference: https://medium.com/@simone.kraus/mirai-semantics-denmarks-energy-sector-and-noname057-5a5858746a56

http://145.239.54.169
http://91.235.234.81

# Reference: https://blog.xlab.qianxin.com/rimasuta-new-variant-switches-to-chacha20-encryption-en/
# Reference: https://otx.alienvault.com/pulse/65a50abee199d553d8817cb0

24rq2pvihkrct6pxl6zy3p36gt2wd6sn6izoz7ntlivxvbuu5ei3xwad.onion
3crj2ylhdffpf2yik4bb2hn32xey2bdhcpykxfezb4sq53eelglp3sqd.onion
44yd2dxmm5xuo7dsivwkf2fqyqmfsqkt5nkxdlgwpnbr57sca56j74yd.onion
acuy77ahadd6g5rw2pxsuejskirjmxaoj37ck7fvj4h4kc36a3uwirqd.onion
bbknilviexavjvnwdtdqmhsexqcokfwgdqthxexvuwzlwgaggddaahxn.onion
bvxx2p6hfttpiyntpuf72axcvaakjbz5zgiea7iklkrb2s6wrdrv4lid.onion
c3uybau64lj32ty3z3sxgchnrmg72bvbpua66mcvydcjpgrbv2r6huyd.onion
drv4lids5q2zsdf5n7dezz2hcah23iodsrn6gpyv6f2dxv62ikp7idntmlecvqd.onion
fend7yhjoeam7b4fp4rj5oobphuvmhjbovhtvporusjex4nyoiamgdyd.onion
m5idjwoj4q5yrmo5xbnvhoqqrdld6pruxx5qjvr6gfnnmao4xiniwzid.onion
m7wajjzas7eotqw4b6k4aei5q4zijdal3spsec7wsfmf2xqjhmydjiyd.onion
npnsktlnofwisqvd3e6tpslinkypajmh5jctyjivuf6jza3syw2v6cid.onion
pcjvbrttcy2s3gqpgwklgsco4u4bskr5xhvdzs4pzqqcrfllkwe437id.onion
s4ofksblif7bmo7sp64f56gij6xzh7sznvrn46m6daup2hwdmwbiabqd.onion
s5q2zsdf5n7dezz2hcah23iodsrn6gpyv6f2dxv62ikp7idntmlecvqd.onion
sourt33xcdoyg4jcrh33qvx6cjoneowihsfrbuqldkrrili54gdvryyd.onion
syd5mtjvcqxvnnkeqjjkdm2oz2jzl6swrfhnvliiemxtgiqvcbm26nyd.onion
tybocptxypx42ngrcqldrgas536syipwotmfnbjpwc5fpxth4xf4faqd.onion
u7kteztwfg3p6wdeiq6y7zidxx3xtto4gmm2vwz42mzd6s4ixgvpgxyd.onion
uu2iggf5wq57dt6xanfdmwq3rvxqorkb43bh2eacj2vz22nvwewlxcyd.onion
wauby5e7m6zf2eb7rfn7nqm3diuaehdu6tfay4janiktgx33wjfifkyd.onion
wf4uxi6izbqppzb4fvg4sq7sm5t5w5xl5v5pkxpguwpr4aci7hvzboid.onion
wjd2t2lzbgb7g7bcenpl2r2bsobkbwwpooqrmiwqjkpktm5p5seifcid.onion
xjdhr5is3qsw2cyekdxo57gchpxusvkko3265x2lmmn4g6fnlimdngqd.onion
yjh2bktujnqkj7u7g7hxotck6sfhjuf7crhc4vcf6ewpa7swoqalfkid.onion
yqs4gu4c2kb5ybgcigkl5gcsqbjuk5n2su2pozpsw4ojav2op5gddkid.onion

# Reference: https://twitter.com/banthisguy9349/status/1747248262355058901

185.150.26.253:1286
185.194.176.25:1311
195.85.114.135:65535
204.76.203.10:1311
204.76.203.12:1311
204.76.203.14:1311
204.76.203.17:1310
204.76.203.21:1287
204.76.203.23:1311
204.76.203.26:1319
204.76.203.29:1311
204.76.203.31:1311
204.76.203.33:1311
204.76.203.37:1311
204.76.203.39:1311
204.76.203.41:1311
204.76.203.46:1311
204.76.203.57:1311
204.76.203.59:1311
204.76.203.60:1311
204.76.203.6:1311
204.76.203.8:1311
204.76.203.9:1325
45.58.188.244:1308
45.95.146.102:1288

# Reference: https://twitter.com/banthisguy9349/status/1747239764116291865

aascendcash.cc
aascendcash.co
aascendcash.top
dailakijabita.mom
activities.dailakijabita.mom
ads.portalofertowy24.pl
igcgroups.org
info.portalofertowy24.pl
loans55599.com
lolibob.noho.st
mail.visadilglyph.info
manigilalandscape.com
mx.portalofertowy24.pl
ns.lolibob.noho.st
onilneasi.dns.army
oninerel.dns.army
seconline.dns.army
seuaaou.dns.army
visadilglyph.info
xmpp-upload.lolibob.noho.st
zodiaclol.softether.net

# Reference: https://twitter.com/sicehice/status/1747692864505557488

http://80.66.88.71

# Reference: https://threatfox.abuse.ch/ioc/1231546/

http://103.189.203.36

# Reference: https://twitter.com/redrabytes/status/1748134232138915902

93.123.85.133:6117
93.123.85.133:65500

# Reference: https://twitter.com/banthisguy9349/status/1748385336118378890
# Reference: https://pastebin.com/zq2ySAry

chasekyc.firewall-gateway.com
crypto4ac.app
ftp.securec1-portal1a-01chase.dns04.com
inslot.xyz
mx12.obeisance368726.online
obeisance368726.online
plesk.inslot.xyz
securec1-portal1a-01chase.dns04.com

# Refernce: https://www.virustotal.com/gui/file/6ed58c755b9331ef32a4506e079ae3f4c69c95b29794905e07f57c622dcf77b5/detection

45.95.146.105:21853
89.190.156.145:24368
ashleyobyrd.oss
cynthiaoperez.geek
feliciamwalker.parody
sydneyrmartinez.geek

# Reference: https://www.virustotal.com/gui/file/a465da987585a5af1fbfbaac6fc0f9d6cba7b6b28f6694f413eb900648c5f0b3/detection
# Reference: https://www.virustotal.com/gui/file/731e8382a26eb892e81a052717777402209119d1db5fb0564adec2311baa520e/detection
# Reference: https://www.virustotal.com/gui/file/5bf8c96021f8c1208d394f25bf83f29958b012d64ffe9bf960a0707330e4404c/detection
# Reference: https://www.virustotal.com/gui/file/5bf8c96021f8c1208d394f25bf83f29958b012d64ffe9bf960a0707330e4404c/detection
# Reference: https://www.virustotal.com/gui/file/47de07fe816665dba4ad0816619f2af520b09055d16f035d7dfbf18b952a784b/detection
# Reference: https://www.virustotal.com/gui/file/4105b708c8c4fe6efd94280a114ca696ec4b64727da5cd24229a71fc8dbb7e97/detection

89.190.156.145:33966
89.190.156.145:3399
kaisenc2.online
boats.kaisenc2.online

# Reference: https://twitter.com/SecureSh3ll/status/1749091749383766019
# Reference: https://www.virustotal.com/gui/file/bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872/detection

193.35.18.187:64599
swarmnetwork.online
hive.swarmnetwork.online
hive-c2.swarmnetwork.online

# Reference: https://twitter.com/sicehice/status/1749587020702163285
# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.149/relations
# Reference: https://www.virustotal.com/gui/file/02cb3d33a14f371d5698f4b83154304cda91f09a2a2b29ce6049adb3afdf6ef4/detection
# Reference: https://www.virustotal.com/gui/file/20fcca2dd5acefca3a747ae5e0bf26a3654fb36201ce4da7fa223c930c38b64a/detection
# Reference: https://www.virustotal.com/gui/file/27a417d3c840f5bd56aed47c6d789be7dd673fae4334e4a0891694d997d918c3/detection
# Reference: https://www.virustotal.com/gui/file/da79c5a64a4d8e52e040b07ff242acccfd7e7be7dff1b6cedafe0048a0e0baa4/detection
# Reference: https://www.virustotal.com/gui/file/bf9f5d54453aa1adb8eb940e5cded299e1c63dcfbbf2e737dc5796883e37591c/detection
# Reference: https://www.virustotal.com/gui/file/ecdb3e0a9a8d34679a8ff5b31de6b93f5e3de9fb3ede97b6c580e9e441dd46e4/detection
# Reference: https://www.virustotal.com/gui/file/d7745852e7fd0e557896f1c6653f60bbcc05f1fc5d2605931d52517d2be64772/detection
# Reference: https://www.virustotal.com/gui/file/ba85e578edc9af1837ee31d7e6b613602dda8e2f9cb8d964c6fa4c9562e5d600/detection
# Reference: https://www.virustotal.com/gui/file/4afbe8a117488f44d01ea852ad37e9acfa961fb71c7cdbf09b4d16b45f45f2ca/detection

http://91.92.243.65
http://93.123.85.149
194.48.250.43:57899
84.54.51.90:57899
84.54.51.90:7999
93.123.85.149:38245
93.123.85.149:57899
93.123.85.149:666
93.123.85.149:9931
abadila.best
tsuki.army
virtuehub.one
bot.abadila.best
bot.shop4youv2.de
c2.abadila.best
chinkz.abadila.best
cnc.tsuki.army
load.abadila.best
owned.abadila.best

# Reference: https://www.virustotal.com/gui/file/3e63d29cab764c48c497e2737f2db5991f908dff05a0ba4f2569b8ca0afb2eb0/detection
# Reference: https://www.virustotal.com/gui/file/60b181c211daa4c8d022b03a16e88aa4d7bc8d6ab5d556ccb6472d9dda05f6da/detection

94.156.6.173:1337

# Reference: https://www.virustotal.com/gui/file/b692e7e77ee1f96cb101a880de3ace31507c7acaea8a65a5e51ebf45409cf08a/detection
# Reference: https://www.virustotal.com/gui/file/b3b08f1048b2de745176ebe4984064fac061cb560da0eb0939745dcbec909ee3/detection
# Reference: https://www.virustotal.com/gui/file/4a75659b55d3d92863410ada6220f1b5f852e9db4d8056d88227b02690e78295/detection

twoyellowchinks.geek

# Reference: https://twitter.com/banthisguy9349/status/1752421209730416930
# Reference: https://www.virustotal.com/gui/file/00fda7300e8f9e8e6420a52eba484f2a310d0ec0f3b26a5e1128c56c029f509f/detection

http://185.38.142.22
185.38.142.22:666

# Reference: https://www.virustotal.com/gui/file/f4d1273f3ca99910603f01559cc2491ff37738bb6b6b21034ea856db14a09b90/detection
# Reference: https://www.virustotal.com/gui/file/7074300210c22880a40d7743943c8f0c9b1c273e8b229036cead1b8cb275233c/detection
# Reference: https://www.virustotal.com/gui/file/ca5f2d19f033ac40ede3a1cc1117bfe06213a75cd3f13ed836f9862a8105ed9c/detection
# Reference: https://www.virustotal.com/gui/file/31c5ffca4eb495f9f3673e1a3a2a6373e872d6b825de70012794330f12190abf/detection

http://105.76.246.147
http://162.251.155.6
http://198.190.115.188
http://212.90.59.65
http://78.186.207.85
http://93.123.85.91
http://95.100.234.103
http://96.7.152.157
93.123.85.91:43957
93.123.85.91:59666
puiepa.monster
/h0r0zx00x.64
/h0r0zx00x.arc
/h0r0zx00x.arcle-hs38
/h0r0zx00x.arm
/h0r0zx00x.arm4
/h0r0zx00x.arm4l
/h0r0zx00x.arm4t
/h0r0zx00x.arm4tl
/h0r0zx00x.arm4tll
/h0r0zx00x.arm5
/h0r0zx00x.arm5l
/h0r0zx00x.arm5n
/h0r0zx00x.arm6
/h0r0zx00x.arm64
/h0r0zx00x.arm6l
/h0r0zx00x.arm7
/h0r0zx00x.arm7l
/h0r0zx00x.arm8
/h0r0zx00x.armv4
/h0r0zx00x.armv4l
/h0r0zx00x.armv5l
/h0r0zx00x.armv6
/h0r0zx00x.armv61
/h0r0zx00x.armv6l
/h0r0zx00x.armv7l
/h0r0zx00x.dbg
/h0r0zx00x.exploit
/h0r0zx00x.i4
/h0r0zx00x.i486
/h0r0zx00x.i586
/h0r0zx00x.i6
/h0r0zx00x.i686
/h0r0zx00x.kill
/h0r0zx00x.m68
/h0r0zx00x.m68k
/h0r0zx00x.mips
/h0r0zx00x.mips64
/h0r0zx00x.mipseb
/h0r0zx00x.mipsel
/h0r0zx00x.mpsl
/h0r0zx00x.pcc
/h0r0zx00x.powerpc
/h0r0zx00x.powerpc-440fp
/h0r0zx00x.powerppc
/h0r0zx00x.ppc
/h0r0zx00x.pp-c
/h0r0zx00x.ppc2
/h0r0zx00x.ppc440
/h0r0zx00x.ppc440fp
/h0r0zx00x.root
/h0r0zx00x.root32
/h0r0zx00x.sh
/h0r0zx00x.sh4
/h0r0zx00x.sparc
/h0r0zx00x.spc
/h0r0zx00x.ssh4
/h0r0zx00x.x32
/h0r0zx00x.x32_64
/h0r0zx00x.x64
/h0r0zx00x.x86
/h0r0zx00x.x86_32
/h0r0zx00x.x86_64
/hiroz3x.64
/hiroz3x.arc
/hiroz3x.arcle-hs38
/hiroz3x.arm
/hiroz3x.arm4
/hiroz3x.arm4l
/hiroz3x.arm4t
/hiroz3x.arm4tl
/hiroz3x.arm4tll
/hiroz3x.arm5
/hiroz3x.arm5l
/hiroz3x.arm5n
/hiroz3x.arm6
/hiroz3x.arm64
/hiroz3x.arm6l
/hiroz3x.arm7
/hiroz3x.arm7l
/hiroz3x.arm8
/hiroz3x.armv4
/hiroz3x.armv4l
/hiroz3x.armv5l
/hiroz3x.armv6
/hiroz3x.armv61
/hiroz3x.armv6l
/hiroz3x.armv7l
/hiroz3x.dbg
/hiroz3x.exploit
/hiroz3x.i4
/hiroz3x.i486
/hiroz3x.i586
/hiroz3x.i6
/hiroz3x.i686
/hiroz3x.kill
/hiroz3x.m68
/hiroz3x.m68k
/hiroz3x.mips
/hiroz3x.mips64
/hiroz3x.mipseb
/hiroz3x.mipsel
/hiroz3x.mpsl
/hiroz3x.pcc
/hiroz3x.powerpc
/hiroz3x.powerpc-440fp
/hiroz3x.powerppc
/hiroz3x.ppc
/hiroz3x.pp-c
/hiroz3x.ppc2
/hiroz3x.ppc440
/hiroz3x.ppc440fp
/hiroz3x.root
/hiroz3x.root32
/hiroz3x.sh
/hiroz3x.sh4
/hiroz3x.sparc
/hiroz3x.spc
/hiroz3x.ssh4
/hiroz3x.x32
/hiroz3x.x32_64
/hiroz3x.x64
/hiroz3x.x86
/hiroz3x.x86_32
/hiroz3x.x86_64
/h0r0zx00xh0r0zx00xdefault/

# Reference: https://twitter.com/banthisguy9349/status/1753076341463998956
# Reference: https://www.virustotal.com/gui/ip-address/45.136.153.217/relations
# Reference: https://www.virustotal.com/gui/file/faf36b5bd42d6eea92fd8f6d5952e14970ad572bf46b6be8f60fa38728178dc4/detection
# Reference: https://www.virustotal.com/gui/file/7df82096ca41533a153c5b7f1aa7806aaf07d330edc8df33f7f0b5a9a549a626/detection
# Reference: https://www.virustotal.com/gui/file/413a443676555d16a78cfa30c983a773b781d4ab62614647d2a15ce0da8a086e/detection
# Reference: https://www.virustotal.com/gui/file/3951e0cd281f9fe1b9c966762607e0e8619a1acfa74ea2e966889d97706aa056/detection

http://94.156.71.213
193.111.248.58:55579
80.66.88.49:1972
moobot.pro
api.moobot.pro

# Reference: https://www.virustotal.com/gui/file/d77d212bd29a0eced383b28902588cbb67c875dc657ae67437ef29639114b777/detection
# Reference: https://www.virustotal.com/gui/file/b25ccbc0f8a6aa586638f51bb3b74d05115aefa05911ce7f8f401653a7420065/detection

45.118.146.123:33933
45.118.146.123:43957
cltxhot.fun
bot.cltxhot.fun

# Reference: https://www.virustotal.com/gui/file/e6bcf698a7d73b1e342f7a973bfa50ba4d83d4eab47c752a55b8e2a6964c8f3e/detection
# Reference: https://www.virustotal.com/gui/file/aa252d9dce71c7d0a9f19825d859342cf93b23c4acc6f75a86fe747cfb3b641c/detection

103.74.100.192:33993
103.74.100.192:43957
love.cltxhot.fun
proxy.cltxhot.fun

# Reference: https://www.virustotal.com/gui/file/fa14faa16aca4fbf557f41922c7cb3de70efc1ea95bb60302f86b83b46844039/detection
# Reference: https://www.virustotal.com/gui/file/f44eb118345e3cbfb1987c4ae4c178b05c3b38e0665ea8acb14a15d8baadd2ea/detection
# Reference: https://www.virustotal.com/gui/file/5b73ec697c2cef1002b28f93b6448f581925c6f9e75171a36b524975a932abdb/detection

http://103.186.67.227
103.186.66.231:5985
103.186.67.227:43957
subphattai.online
locbotnet.ddns.net
/bulu.32
/bulu.64
/bulu.arc
/bulu.arcle-hs38
/bulu.arm
/bulu.arm4
/bulu.arm4l
/bulu.arm4t
/bulu.arm4tl
/bulu.arm4tll
/bulu.arm5
/bulu.arm5l
/bulu.arm5n
/bulu.arm6
/bulu.arm64
/bulu.arm6l
/bulu.arm7
/bulu.arm7l
/bulu.arm8
/bulu.armv4
/bulu.armv4l
/bulu.armv5l
/bulu.armv6
/bulu.armv61
/bulu.armv6l
/bulu.armv7l
/bulu.dbg
/bulu.exploit
/bulu.i4
/bulu.i486
/bulu.i586
/bulu.i6
/bulu.i686
/bulu.kill
/bulu.m68
/bulu.m68k
/bulu.mips
/bulu.mips64
/bulu.mipseb
/bulu.mipsel
/bulu.mpsl
/bulu.pcc
/bulu.powerpc
/bulu.powerpc-440fp
/bulu.powerppc
/bulu.ppc
/bulu.pp-c
/bulu.ppc2
/bulu.ppc440
/bulu.ppc440fp
/bulu.root
/bulu.root32
/bulu.sh
/bulu.sh4
/bulu.sparc
/bulu.spc
/bulu.ssh4
/bulu.x32
/bulu.x32_64
/bulu.x64
/bulu.x86
/bulu.x86_32
/bulu.x86_64

# Reference: https://www.virustotal.com/gui/file/ac45bb783c50101e2241dc6077fe3e91ce881a3d043b33b33e1c097ac38aae36/detection
# Reference: https://www.virustotal.com/gui/file/0384924dced52055a36e547f113c4034d1a6335305930db223ad7d4f6b665820/detection

147.78.103.10:43957
mc-live.online
c2.mc-live.online

# Reference: https://www.virustotal.com/gui/file/3acbb9c127ba5ca950c9d0bb731eb677cd59fcd321f6cc81504a08683b841514/detection
# Reference: https://www.virustotal.com/gui/file/ca94919c7ed48ba257308f7b796fd4b7793a4a6fd97fedffac2a303f51cf8793/detection

zelenskyj.ru
lmao.zelenskyj.ru
nerds.zelenskyj.ru

# Reference: https://www.virustotal.com/gui/ip-address/179.61.251.93/community

http://179.61.251.93

# Reference: https://www.virustotal.com/gui/file/11ebe413ff06d3991e8bc45200780c34658e5db64daa3f6c3315144c91867003/detection

http://86.107.179.234

# Reference: https://twitter.com/banthisguy9349/status/1753342123061940395
# Reference: https://www.virustotal.com/gui/file/aabdf5b7af143baec7c44e5672d56aeca0389f61d062e08ad156ad5d3f81f081/detection

http://192.227.231.5
192.227.231.5:23

# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.36/relations

cynix.lol
juiesica.wiki
nraw.xyz

# Reference: https://www.virustotal.com/gui/file/fda280dfdfb864d18022db3ff1e73cf988b32eba6fa673faea7efb5593716844/detection

93.123.85.36:52441

# Reference: https://www.virustotal.com/gui/file/f4c9b5c0bab7b05688ea06cce926f8b2dac2467d9ca999485a5b0d6ba3a1b576/detection

93.123.85.36:5544

# Reference: https://www.virustotal.com/gui/file/e4f4852e392f9d0786bb604939dcb66a564d02297ce84161a0fd9b81052ffe7f/detection
# Reference: https://www.virustotal.com/gui/file/c0d7053d96c928e00d3942cab0b9329123657ff09aa92f8e6c669d5d5daa1160/detection

http://103.173.19.54
http://104.109.132.212
http://108.167.245.4
http://153.122.14.6
http://172.183.15.88
http://219.234.16.199
http://23.216.29.192
http://27.0.63.149
http://3.1.125.100
http://3.121.38.18
http://31.200.47.253
http://38.239.148.137
http://43.224.249.165
http://68.64.27.239
http://88.99.86.70
93.123.85.36:32402

# Reference: https://www.virustotal.com/gui/file/973602a2b341910dabd5560fe5a2294fe8247b76bc230e6e3b05f647482da780/detection

93.123.85.36:33966

# Reference: https://www.virustotal.com/gui/file/de940aa8733d9e103b116a2888bf3dd1a7b8efcd913eb7dc0aa07f23d5ed7bca/detection

93.123.85.5:1083
cnc-nle.lol
bins.cnc-nle.lol

# Reference: https://www.virustotal.com/gui/file/85c72159d34c7374c6bbd8778234a3c06eb244cf32f925a9e43054768125b198/detection

http://93.123.85.5

# Reference: https://www.virustotal.com/gui/file/7811cb70a9afe2247dfa549b9fa949340ca523321bffefca348d94e2cf4c2ec5/detection

http://93.123.85.29
/f2q2kke5aadloo4aasdjjjfirbmw/

# Reference: https://www.virustotal.com/gui/file/6fb1e3444bef0477e732ed6ae8a3a67bc1ee3bd565da72f6712bbc1cebe408ff/detection

93.123.85.29:59666
moixd.duckdns.org

# Reference: https://www.virustotal.com/gui/file/05ea97ea20eec9a4630c390accbddae2161da4556fd43269333191ca16e1813d/detection

45.95.147.171:35342
cumshot.vip

# Reference: https://www.virustotal.com/gui/file/0f709f8e918c2796fdc46c078c526551c44309c1de16d215bd499a14a565c809/detection

89.190.156.211:1122
89.190.156.222:1122
shrug.lol
tlscat.net

# Reference: https://www.virustotal.com/gui/file/986d9b72027e94f32df92fbd81a3e7db80a22fbc7412ff53db66faa2ceed263c/detection

http://41.216.189.197

# Reference: https://www.virustotal.com/gui/file/5c7ce2cea0d285cd48abcb4d4268505114750fac1a0ef3b1e16dbee5450e3b9f/detection

41.216.189.197:5683

# Reference: https://www.virustotal.com/gui/file/6a810799713c529f9c49fd949b4b0483118faa41a26319591e7464d252d0e529/detection

41.216.189.197:606

# Reference: https://www.virustotal.com/gui/file/117cb8c901cabfc015975fc7066aa788d2d827d337466b8350c37da301a4c2fe/detection

93.123.85.81:1337

# Reference: https://www.virustotal.com/gui/file/39a450513a4d07f866b418aa70d0dab2a83b1ca1354481f7e58c15e3ba2ae207/detection

84.54.51.31:34213

# Reference: https://www.virustotal.com/gui/ip-address/189.105.137.3/relations

izeeckbyvpnssh.shop
mirai.izeeckbyvpnssh.shop

# Reference: https://twitter.com/banthisguy9349/status/1752709464103202832
# Reference: https://www.virustotal.com/gui/file/8b6aa6e37a1500c4f62f5ee9cc2c574969b13b519fe42e84d845b673e042a4b7/detection
# Reference: https://www.virustotal.com/gui/file/7b3143d7b82c43ee2499736fc7fb3657906ce20b21c4b6c3b997bd1da5351489/detection
# Reference: https://www.virustotal.com/gui/file/5a6b8f66cde7560ce8e7705514b5cc1f29408d42c5f5f9576490ed5f9266fcae/detection
# Reference: https://www.virustotal.com/gui/file/42eb1429c71f72da8c5d01dff105fa7f25cadddfd9e34580d86346c790efabb2/detection
# Reference: https://www.virustotal.com/gui/file/2032cca4fb8f12ca4f858f2396a22b539b2599ae3c052a134ed54b735ff89bda/detection
# Reference: https://www.virustotal.com/gui/file/026360488b62f9754b2770a08c70ab405b08baa60cfc22402fe878db3dced516/detection
# Reference: https://www.virustotal.com/gui/file/e9320bb360e76ffe9b393c30695ca5e2f0cbe4aeaef1ed2df32ac0b820e9fda2/detection
# Reference: https://www.virustotal.com/gui/file/8b4d23fe89c332fd7ac29d556fbbc62cd63706b3e7c68bdbdb64227b61532aef/detection

http://162.250.123.61
http://198.71.48.95
http://45.128.232.130
http://91.151.89.166
141.98.7.6:8088
162.250.123.61:13
162.250.123.61:55555
45.128.232.130:5683
blow-job.fun
ex0washere.strangled.net
/TRC.64
/TRC.arc
/TRC.arcle-hs38
/TRC.arm
/TRC.arm4
/TRC.arm4l
/TRC.arm4t
/TRC.arm4tl
/TRC.arm4tll
/TRC.arm5
/TRC.arm5l
/TRC.arm5n
/TRC.arm6
/TRC.arm64
/TRC.arm6l
/TRC.arm7
/TRC.arm7l
/TRC.arm8
/TRC.armv4
/TRC.armv4l
/TRC.armv5l
/TRC.armv6
/TRC.armv61
/TRC.armv6l
/TRC.armv7l
/TRC.dbg
/TRC.exploit
/TRC.i4
/TRC.i486
/TRC.i586
/TRC.i6
/TRC.i686
/TRC.kill
/TRC.m68
/TRC.m68k
/TRC.mips
/TRC.mips64
/TRC.mipseb
/TRC.mipsel
/TRC.mpsl
/TRC.pcc
/TRC.powerpc
/TRC.powerpc-440fp
/TRC.powerppc
/TRC.ppc
/TRC.pp-c
/TRC.ppc2
/TRC.ppc440
/TRC.ppc440fp
/TRC.root
/TRC.root32
/TRC.sh
/TRC.sh4
/TRC.sparc
/TRC.spc
/TRC.ssh4
/TRC.x32
/TRC.x32_64
/TRC.x64
/TRC.x86
/TRC.x86_32
/TRC.x86_64

# Reference: https://twitter.com/sicehice/status/1748149383588147230

http://212.113.120.128

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-02-04)

141.98.7.15:1985
172.111.10.14:9506
172.111.10.14:9621
185.91.127.235:1312
195.144.21.204:1312
41.216.183.193:4258
45.13.227.186:1312
45.13.227.186:3912
85.239.34.70:9110
93.123.85.91:1312
93.123.85.91:3912
94.156.68.158:9931
94.156.71.208:1312
94.156.71.208:3912
95.214.52.175:13735
botnet.rocks
bots.gxz.me
z.botnet.rocks

# Reference: https://www.virustotal.com/gui/file/fbb00982181aa9727614442dcfe4b50aac1ab081f0dd6f27fb8f5f90ad5a3d84/detection

45.142.182.104:35890

# Reference: https://www.virustotal.com/gui/file/c24a4d686fa06aa111a90b166e0f7a4a0c8c45b09be997786a81ebc91dbeba52/detection

45.142.182.104:56777

# Reference: https://www.virustotal.com/gui/file/a4bd5637ac28aa5102ccdcd0a8b27f829423a873ed1b6ca2cc26ca7e984cb549/detection

45.142.182.104:35222

# Reference: https://www.virustotal.com/gui/file/4b86a1b7055191223187d6086a3fc41bd908c2e548020b47e34cdf748bc84766/detection

45.142.182.104:9998

# Reference: https://twitter.com/banthisguy9349/status/1755162007383282159
# Reference: https://threatfox.abuse.ch/browse/tag/TBOTNET/

104.248.129.146:1311
134.209.94.234:1310
157.230.242.17:1311
157.230.244.224:1311
159.223.89.203:1311
159.223.89.252:1311
159.223.90.237:1311
165.22.101.63:1311
165.22.96.144:1311
170.64.202.30:1311
185.196.10.27:1311
185.224.128.49:1311
185.224.128.50:1311
185.224.128.51:1435
185.224.128.52:2053
185.224.128.53:2079
185.224.128.54:1629
185.224.128.55:1713
185.74.222.151:1295
194.143.146.141:1521
194.143.146.147:1311
194.143.146.152:1433
195.14.123.125:1311
195.14.123.126:1311
195.85.114.141:65535
204.76.203.156:61616
204.76.203.19:61616
204.76.203.20:61616
204.76.203.21:61616
204.76.203.230:61616
204.76.203.2:1311
204.76.203.30:61616
204.76.203.31:61616
204.76.203.32:61616
204.76.203.36:61616
204.76.203.42:1332
204.76.203.43:61616
204.76.203.44:1311
204.76.203.45:1433
204.76.203.48:61616
204.76.203.49:1311
204.76.203.50:61616
204.76.203.51:1307
204.76.203.52:1310
204.76.203.53:61616
204.76.203.54:61616
204.76.203.55:61616
204.76.203.56:61616
204.76.203.57:61616
204.76.203.58:61616
204.76.203.60:61616
204.76.203.61:1291
204.76.203.65:1302
204.76.203.66:1311
204.76.203.68:1311
204.76.203.69:1311
204.76.203.70:1311
204.76.203.71:1311
204.76.203.72:1311
45.81.23.13:1433
45.93.9.100:1311
45.93.9.107:1311
45.93.9.108:1311
45.93.9.108:1299
45.93.9.113:1311
45.93.9.116:1311
45.93.9.119:1311
45.93.9.98:1285
45.93.9.98:1311
45.95.146.13:61616
5.181.80.100:1311
5.181.80.103:1311
5.181.80.111:1289
5.181.80.150:61616
5.181.80.151:61616
5.181.80.152:61616
5.181.80.153:61616
5.181.80.221:1311
5.181.80.223:1288
5.181.80.231:1288
5.181.80.38:61616
5.181.80.39:61616
5.181.80.40:61616
5.181.80.41:61616
5.181.80.43:61616
51.195.61.8:65535
62.72.185.11:1311
62.72.185.12:1311
62.72.185.13:1311
62.72.185.14:1311
62.72.185.16:1311
62.72.185.17:1311
62.72.185.18:1311
62.72.185.20:1311
62.72.185.21:1311
62.72.185.22:1311
62.72.185.23:1311
62.72.185.24:1311
62.72.185.25:1299
62.72.185.26:1303
62.72.185.27:1311
62.72.185.28:1291
62.72.185.30:1311
62.72.185.31:1311
62.72.185.32:1311
62.72.185.33:1311
62.72.185.34:1311
62.72.185.35:1311
62.72.185.36:1311
62.72.185.37:1311
62.72.185.38:1311
62.72.185.39:1311
62.72.185.3:1311
62.72.185.40:1311
62.72.185.41:1311
62.72.185.42:1311
62.72.185.43:1311
62.72.185.44:1311
62.72.185.45:1311
62.72.185.46:61616
62.72.185.47:61616
62.72.185.49:61616
62.72.185.4:1375
62.72.185.50:61616
62.72.185.5:1311
62.72.185.6:1298
62.72.185.7:1311
62.72.185.9:1311
64.227.106.194:1288
68.183.183.68:1311
68.183.187.38:1311
74.119.193.126:1297
80.92.206.176:1311
85.204.116.128:1294
85.204.116.230:1287
85.204.116.237:1284
85.204.116.247:1295
85.204.116.24:1293
87.121.112.29:1294
87.121.112.41:1299
89.190.156.172:1311
89.190.156.173:1306
89.190.156.174:1311
89.190.156.175:1517
89.190.156.176:1311
89.190.156.182:1725
89.190.156.211:1311
89.190.156.253:61616
94.131.13.80:1288
94.156.67.13:61616
94.156.67.14:61616
94.156.69.147:61616
94.156.71.216:1311
94.156.71.218:1294
94.156.71.219:1290
94.156.71.221:1291
94.156.71.222:1310
94.156.71.50:61616
94.156.71.52:61616
94.156.71.53:61616

# Reference: https://www.virustotal.com/gui/file/cb90b4ebfec7ba30702f15cb5d696aa54ae83c14ed4e6192aad7776435219b98/detection

2.59.254.226:16

# Reference: https://twitter.com/banthisguy9349/status/1755613952707539365

http://93.222.18.21

# Reference: https://twitter.com/banthisguy9349/status/1755614882798752247

124.223.106.247:4449

# Reference: https://twitter.com/banthisguy9349/status/1755628633010368794
# Reference: https://gist.github.com/thehappydinoa/90a5c3db423b6ca1d52d3c7d84582262

114.33.8.73:88
115.59.3.70:10234
121.189.111.218:46719
122.117.142.237:880
123.11.88.171:59991
124.223.106.247:4448
124.33.173.242:880
134.17.169.221:38989
142.179.80.122:880
149.156.155.28:433
165.255.69.46:41791
175.202.117.220:19339
178.46.22.5:12343
178.47.215.68:62419
181.197.159.183:8888
182.155.250.21:880
182.234.183.31:880
183.105.181.153:14601
183.105.181.153:57640
188.16.51.48:9439
188.17.55.87:48293
188.17.55.87:7310
190.250.23.42:58747
192.1.123.201:29448
202.90.93.222:41500
211.219.137.245:60534
211.238.64.195:13639
218.157.69.207:9374
220.135.76.194:880
220.78.42.254:53394
31.27.12.102:3731
37.244.149.237:48768
37.79.97.254:39458
5.141.76.148:46661
5.141.76.148:6064
58.152.186.135:880
60.249.248.119:880
60.250.143.121:880
78.134.4.112:88
/ClrnnhUEDbDJlKHObFCq
/GFdeDGGhlSAgjPOObAhb
/nOEvHLPcAVHbicmChCan

# Reference: https://www.virustotal.com/gui/file/007f065e58d07a799a21a2849a3907334abca1a31392e638d9343126079ca9b5/detection

http://154.9.30.146
156.96.155.234:56999
joshan.fun
dd.joshan.fun

# Reference: https://twitter.com/banthisguy9349/status/1755896668262662448

http://162.248.102.218
http://81.17.21.234
http://91.92.243.187
http://220.116.202.130
http://222.111.35.44
http://45.128.232.93
220.116.202.130:8809
220.116.202.130:8814
222.111.35.44:8809
222.111.35.44:8814

# Reference: https://www.virustotal.com/gui/file/ea86f12cd8417ebd26074f4483894cfe833ccf31c2e5faa59bcdbb3cccb117ac/detection

echothesky.eu.org

# Reference: https://twitter.com/banthisguy9349/status/1755914429445902342

http://45.128.232.91
http://91.92.243.187

# Reference: https://twitter.com/banthisguy9349/status/1755972642199257173
# Reference: https://urlhaus.abuse.ch/host/217.12.199.67/

http://217.12.199.67

# Reference: https://www.virustotal.com/gui/ip-address/156.94.155.238/relations
# Reference: https://www.virustotal.com/gui/file/d53e78ec5aa67ee38656ec16e6b9614ee61e13406d4d1e2db096480c3bed700a/detection
# Reference: https://www.virustotal.com/gui/file/8f1834515506cb80a3f2fbc06c8e799fdae3f2be39afd4e36eab3cbfc1b2eec8/detection
# Reference: https://www.virustotal.com/gui/file/95ed62fca33c6a3ad4805cd31ddc8d9c18b5a191e4bae850008a108be992f472/detection
# Reference: https://www.virustotal.com/gui/file/74665f0bd6953afe54bfae52aa0e0a4ae4cad6dd8de6e9b1570472a06adeab0c/detection

http://156.94.155.238
http://156.96.155.238
http://38.6.178.140
156.96.155.238:17560
38.6.178.140:17560
38.6.178.140:17561
lionos.xyz
ml.lionos.xyz
pda.lionos.xyz
/easy_cloud.sh
/easy_pass.sh

# Reference: https://www.virustotal.com/gui/file/259f8bc9020da48dee649441e8a36b56d5ffeae89919a550716383a592149761/detection

http://204.93.164.31
http://23.224.176.63
47.90.43.134:12339
/easy_av_wget.sh

# Reference: https://www.virustotal.com/gui/ip-address/85.97.109.9/detection

85.97.109.9:23858

# Reference: https://twitter.com/banthisguy9349/status/1756365409010205141
# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.113/relations
# Reference: https://www.virustotal.com/gui/file/b154c2baf570ea816bf6a12823bf71e51a8fcafc4c76814a59d185647975efd7/detection
# Reference: https://www.virustotal.com/gui/file/fd1f178cad2de24d298f9c4092a3283e34f729e491e37f3995431926c089756e/detection
# Reference: https://www.virustotal.com/gui/file/f9d4f7961d5e58060c0219df1594a9486cfe2bab084e8b1d2d276faf6da2c65f/detection
# Reference: https://www.virustotal.com/gui/file/cb3bd022e40c823cee0dae69738dc7c117f18d14ee18d2210dabac8a77ecadb3/detection
# Reference: https://www.virustotal.com/gui/file/b9656b2011886ce4e97e6498987d1d54ebb4c434ecb0f1f956eb863716a6f186/detection
# Reference: https://www.virustotal.com/gui/file/3535f98472b7501e6a66255e93a5ccebd74c934998473bf41e59416eb506fa9a/detection
# Reference: https://www.virustotal.com/gui/file/2d63947460dab1a71e45a08b5a8faa14edb9c9f26554fdf20467a8e03d00f138/detection
# Reference: https://www.virustotal.com/gui/file/2d63947460dab1a71e45a08b5a8faa14edb9c9f26554fdf20467a8e03d00f138/detection

http://103.252.90.214
http://51.250.72.163
103.252.90.214:9931
51.250.72.163:839
93.123.85.97:11025
knuieox.beauty
rubick3.online
shitt.lol

# Reference: https://twitter.com/banthisguy9349/status/1756595867375501433
# Reference: https://www.virustotal.com/gui/file/c48d1c0b7ca64872ddc30956f8b35e30560020e11709b638c28b279244336665/detection
# Reference: https://www.virustotal.com/gui/file/ab1d72c07380d02dc0f80f9b5a69331ca812881f0e23d52d792e8e4907497d32/detection
# Reference: https://www.virustotal.com/gui/file/9b6a183e41f932ea83d915fd1b8c147b05f00b56eb872983a4986cc89e7a309f/detection
# Reference: https://www.virustotal.com/gui/file/8772da80858825202381f2e460a17d4f81830a93a2afd8835919c3170c2d68a3/detection
# Reference: https://www.virustotal.com/gui/file/537503ef57dea9bac0141bb708e285137e1e01a61a794af608add36bbb6dc45e/detection
# Reference: https://www.virustotal.com/gui/file/1f4a839209cf62f50ffd2960cdebda68bbfe405055881daf5ac19248cc4e7c9f/detection
# Reference: https://www.virustotal.com/gui/file/1cee8d8c999f5882e2d3f3da3ae3ebe9ef3435aa8b7f7d5c69bc068178055bda/detection
# Reference: https://www.virustotal.com/gui/file/0eed60e5491c31b7e0f320422b9ec75f6a02651f5a3bcec132ddff74b7a34b89/detection

http://42.96.2.220
42.96.2.220:43957
networkbotbet.top
botnet.networkbotbet.top

# Reference: https://www.virustotal.com/gui/file/305737094adec33d7c38866be6b5709d3dbba0f9dd23f65d805c90b87fe10182/detection

http://103.155.81.228
103.155.81.228:56999

# Reference: https://twitter.com/banthisguy9349/status/1756608948327653629
# Reference: https://www.virustotal.com/gui/file/db1e572de484967f32f063fd04c5f676c4df30ba7d524970626a7740a0438937/detection
# Reference: https://www.virustotal.com/gui/file/c8d8f0ca6687782aa134b53297082c7dad7b8e565bb7310d57f3cd52cc3b9577/detection

http://15.235.186.150
http://171.228.211.109
15.235.186.150:56999
15.235.186.150:8888
171.228.211.109:56999
shopkami.cloud
shopkami.site
botnet.shopkami.site
kami.shopkami.site
quangvip.shopkami.site
/quang.32
/quang.64
/quang.arc
/quang.arcle-hs38
/quang.arm
/quang.arm4
/quang.arm4l
/quang.arm4t
/quang.arm4tl
/quang.arm4tll
/quang.arm5
/quang.arm5l
/quang.arm5n
/quang.arm6
/quang.arm64
/quang.arm6l
/quang.arm7
/quang.arm7l
/quang.arm8
/quang.armv4
/quang.armv4l
/quang.armv5l
/quang.armv6
/quang.armv61
/quang.armv6l
/quang.armv7l
/quang.dbg
/quang.exploit
/quang.i4
/quang.i486
/quang.i586
/quang.i6
/quang.i686
/quang.kill
/quang.m68
/quang.m68k
/quang.mips
/quang.mips64
/quang.mipseb
/quang.mipsel
/quang.mpsl
/quang.pcc
/quang.powerpc
/quang.powerpc-440fp
/quang.powerppc
/quang.ppc
/quang.pp-c
/quang.ppc2
/quang.ppc440
/quang.ppc440fp
/quang.root
/quang.root32
/quang.sh
/quang.sh4
/quang.sparc
/quang.spc
/quang.ssh4
/quang.x32
/quang.x32_64
/quang.x64
/quang.x86
/quang.x86_32
/quang.x86_64

# Reference: https://www.virustotal.com/gui/file/5e1d55aa380b6a0d274c380ca1b732e2b8e7595e996a32a2bb7b6a98163ecb41/detection

http://194.169.175.30
http://94.156.69.236
194.169.175.30:38245
fuck-niggers.xyz
lsagjogu8ztaueghasdjsdigh.cc
rebirthbot.icu

# Reference: https://twitter.com/banthisguy9349/status/1756666658494525713
# Reference: https://www.virustotal.com/gui/file/f5ea654500cc5ed7e250b98e260aa01ebc74f0458684a351300277824fdd9de6/detection
# Reference: https://www.virustotal.com/gui/file/da0c7529f45310e6ed36972a89c187904226197263b66e5f5e94b28e5291c5ff/detection
# Reference: https://www.virustotal.com/gui/file/b5d14149f81c514c2056a94ec23ca156f7680cdbd79f85e8d819a29f939b18b0/detection
# Reference: https://www.virustotal.com/gui/file/818a9d157308bc8f3c5e24480eb3fddb5e57d224c886a915990090da7fc35726/detection

http://45.154.1.68
http://91.92.20.235
45.154.1.68:1302
45.154.1.68:1420
45.154.1.68:55312
pizda.site
root.pizda.site

# Reference: https://www.virustotal.com/gui/file/a556d8fe13de7f2b3d6fdf312eea8eb0b2816f8066511eea12d72d692d5fede2/detection

http://204.7.203.96
http://95.214.27.10

# Reference: https://www.virustotal.com/gui/file/0161443ad4b8f2266ecfb8e4543d10ef331c759e5d8a6b0eb23ed2b87f6d41a9/detection

5.181.80.40:38241

# Reference: https://www.virustotal.com/gui/file/02db883baeba58af0eb3e097be58a4ad603478596132437eb4222cc52b2d17ec/detection

94.156.69.147:38241

# Reference: https://twitter.com/banthisguy9349/status/1757040907059179718

http://45.88.67.38
http://45.95.146.13

# Reference: https://twitter.com/banthisguy9349/status/1757012354817040689

8.39.227.183:5556
8.39.227.194:5556

# Reference: https://twitter.com/banthisguy9349/status/1757052175392309592

http://206.189.116.184

# Reference: https://twitter.com/James_inthe_box/status/1757058885905772566
# Reference: https://www.virustotal.com/gui/file/69ee7bfb005c16f65eb993246f117fbfe39dbf6ad2008f2823c58ff3b00ec244/detection
# Reference: https://www.virustotal.com/gui/file/ad74d86a78af331f99637e5ee7506da8f8c5904ca3033811826579c564dd1120/detection
# Reference: https://www.virustotal.com/gui/file/511790030f663f9b851a52b63ce9fad8ce68960e64e3d498e779377b2428bc87/detection
# Reference: https://www.virustotal.com/gui/file/41521cad4ae6fb510f5729b1a4dccd184f7e887d49632e2d221a87190abdc519/detection
# Reference: https://www.virustotal.com/gui/file/3397a08d2c2a37e11357c10ee1d52054d1f475b19cbff0e2e72edb2cbcbac591/detection
# Reference: https://www.virustotal.com/gui/file/d277d2364777fe90777b72a7d9bfb7e92233fdafd7d5ff80b28c55e65bdc413d/detection
# Reference: https://www.virustotal.com/gui/file/0651eb8e5bc9bd35dad0cbc97567e40c21234ec06bba041923eedfe6e2d7123b/detection

http://31.220.3.140
178.128.212.40:13022
178.128.212.40:44583
192.53.175.42:13022
206.189.87.133:44583
207.148.78.147:13022
68.183.185.237:13022
0xfaaaaaf.us
le.0xfaaaaaf.us
bytes.0xfaaaaaf.us

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-02-12)

103.174.73.85:19990
109.107.181.228:1676
109.107.181.228:666
146.190.244.20:9932
188.127.235.191:59666
45.155.91.135:21425
45.95.146.13:38241
45.95.146.22:42421
45.95.146.22:9931
91.92.247.252:1312
91.92.247.252:8276
93.123.85.4:9931
bot.elite-likes.de
haha.skyljne.click

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-02-12)

http://103.65.235.21
http://116.118.49.164
http://146.19.191.178
http://42.119.113.85
http://45.118.146.123
http://45.139.104.69
http://45.77.240.70
http://93.123.39.165

# Reference: https://urlhaus.abuse.ch/host/komarufans.tech/
# Reference: https://www.virustotal.com/gui/file/e95827b9888bb47671a4c07fa978c3a160f1ef720edc912ab403abbf77aabbfb/detection
# Reference: https://www.virustotal.com/gui/file/4e768929a407f0208d26690809ab8c9f113c604a32a12615e3c0a986bd0b7c37/detection
# Reference: https://www.virustotal.com/gui/file/f35955603791f1858167e609fcddc618ebcb0eae6fa57074dacc5ecb9b08f20f/detection
# Reference: https://www.virustotal.com/gui/file/de414048b98f74fbe30dea6d011e46e7331579cba6d4c675d56af68200f01ca4/detection

http://45.154.1.144
http://45.95.146.56
45.154.1.144:1488
45.95.146.56:1337
komarufans.tech

# Reference: https://nsfocusglobal.com/mirai-botnets-new-wave-hailbot-kiraibot-catddos-and-their-fierce-onslaught/
# Reference: https://www.virustotal.com/gui/file/083cf99498ad0ea2f0a92467842d8d9a3cc67e171c4085c7adf38d89dba26df0/detection
# Reference: https://www.virustotal.com/gui/file/0b3fa0562f4210c717cc9cca2fed14168b81434c8ae5ba780f2330ab7701eb3f/detection
# Reference: https://www.virustotal.com/gui/file/179b689efb7e163ea2b6dc6967e37300bbae60d99d0a700f57cebd24cb7d2789/detection
# Reference: https://www.virustotal.com/gui/file/2149de8336841738bc053c276641ea6a6b5f275e8085b9bd9c49fe54d93cf304/detection
# Reference: https://www.virustotal.com/gui/file/4703842afc272da5313d52883fff8c573b23198b62328ea8b9633224a8c61d20/detection
# Reference: https://www.virustotal.com/gui/file/4b556c1816c13581e8391b6db17a9c1b1541adb871a29885129883e85f23b41a/detection
# Reference: https://www.virustotal.com/gui/file/76db21ede9cf80633f24f44e54ab7080a5070a5ceab760547f45229fd490c133/detection
# Reference: https://www.virustotal.com/gui/file/a2990e87aa692bc190dd1145a5883cbf02a009a8d925da99ed717ac88acbc66e/detection
# Reference: https://www.virustotal.com/gui/file/ef0aa637fb334fd0387230146c8e9bad10e1a1ba3742a15e7bcdeefdc7c0220a/detection
# Reference: https://www.virustotal.com/gui/file/f6fc5834c185a4c7e1bacdbdb27882d55245236a01d9eb35b3064717be3b466a/detection

103.192.209.121:35014
139.177.197.168:35342
172.105.98.97:35342
179.43.155.231:336
179.43.155.231:37427
179.43.155.231:54123
179.43.155.231:7210
179.43.155.231:7212
192.46.222.61:35342
212.118.43.167:2222
212.118.43.167:7777
34.165.70.211:25596
34.176.112.249:25596
34.64.52.239:25596
34.69.75.60:25596
34.92.28.223:25596
35.188.240.127:25596
5.181.80.115:25596
5.181.80.120:25596
5.181.80.70:25596
5.181.80.71:25596
77.105.138.202:35342
88.218.62.221:35342
88.218.62.22:35342

# Reference: https://www.virustotal.com/gui/file/0601098954f6d4e94af6a12988dbf30a786286c2ae0988ffeb560223b937e131/detection

204.76.203.156:38241

# Reference: https://www.virustotal.com/gui/file/214713434747ed77534c7ac6772c8cdde18b3b43285b7e054054d0fc09a06670/detection

5.181.80.151:38241

# Reference: https://www.virustotal.com/gui/file/5f22fcdc008a315cebfe2d0899e3b284ff96bb0406a158f8a543df183b4d51c0/detection

5.181.80.153:38241

# Reference: https://www.virustotal.com/gui/file/40e557159eecf832ad9a7b55b75f84f3cc3b233844236fc21e693df54e7133e4/detection

204.76.203.66:38241

# Reference: https://www.virustotal.com/gui/file/9abf675b031049fc32b6bec2c485fb8892b9b050f3fbbf1ec7fd54f607b842c0/detection

89.190.156.253:38241

# Reference: https://www.virustotal.com/gui/file/a364e7680b07c3983348db2074547b74bf786e5f2265f2c9f60b76c33ec04912/detection

5.181.80.38:38241

# Reference: https://www.virustotal.com/gui/file/eaa5b79abf29a11bcc7ae439a801e16fcce9270b541b7c23d366ade3edbb5876/detection

5.181.80.41:38241

# Reference: https://www.virustotal.com/gui/file/5f22fcdc008a315cebfe2d0899e3b284ff96bb0406a158f8a543df183b4d51c0/detection

5.181.80.194:38241

# Reference: https://www.virustotal.com/gui/file/f3ee5d054fa17d3829cd62a8b1dec1e4db12f8006f6db4b6e5089be4f9c021d0/detection

204.76.203.129:7645

# Reference: https://www.virustotal.com/gui/file/eb4c2a238c2f051734afa7512d8f052d41bedb2026dc0eefb8dd055a970f1364/detection

94.156.6.4:1791

# Reference: https://www.virustotal.com/gui/ip-address/204.76.203.131/detection

http://204.76.203.131

# Reference: https://www.virustotal.com/gui/ip-address/107.189.7.133/relations

107.189.7.133:41584
107.189.7.133:61192
107.189.7.133:61616

# Reference: https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days

qwewu.site
wu.qwewu.site

# Reference: https://www.virustotal.com/gui/ip-address/80.92.206.176/relations

80.92.206.176:1433
aliciacmorton.oss
amandaxthomas.dyn
brianystafford.geek
chink.site
luiseryan.oss
richardpjones.oss

# Reference: https://www.virustotal.com/gui/file/f5d9389fc01b84223feb9d9509549ee918f52f97993c3fab423eff9bb581dafa/detection
# Reference: https://www.virustotal.com/gui/file/ae815cae65e76f15bcef84ed53afe1c6373f96acb189ec5f66f32a2dd7b43311/detection
# Reference: https://www.virustotal.com/gui/file/76b89c8c9977961bd17de22f9f0407fc7c01c61ca83a5dd172aae661f9f96ce8/detection
# Reference: https://www.virustotal.com/gui/file/643e703f85b8a16e19ecb271b3caf9efd09c8c1ccd801d3aefe97d234dd0ab0d/detection
# Reference: https://www.virustotal.com/gui/file/03d50bc21399e81c4984f268a0900728470239844c3c5729908a9bbc179040da/detection

51.79.186.239:43957

# Reference: https://www.virustotal.com/gui/file/b9ad960535f8f850f9759c0e76d800e5c64977a488025514a74052807eb05917/detection
# Reference: https://www.virustotal.com/gui/file/6c64ae730fb3921eb6d36673d09e48e76b4822fbb6e32cbb310520db376acf5a/detection
# Reference: https://www.virustotal.com/gui/file/0ce199895dd3059d9a3c3b66f48b163913928cb4f5dec71913f26898012a1313/detection

103.47.195.200:42597
anti-ddos.io.vn
abc.anti-ddos.io.vn

# Reference: https://www.virustotal.com/gui/ip-address/103.238.234.21/relations
# Reference: https://www.virustotal.com/gui/file/ffdbbb9d4f3c2729a872b3ecbc202f82ade56634dba9b0f9cf8f41b6fbb92d72/detection
# Reference: https://www.virustotal.com/gui/file/fd5401803560872a043feb46f8d89290fe0d475e4e703dd77f49f1aab65323b6/detection
# Reference: https://www.virustotal.com/gui/file/6897ab99ade61768a07bf955abf3aae2d982afecbf7bf408e90edeef0be8e988/detection
# Reference: https://www.virustotal.com/gui/file/60df284b707fefc16a01fec057d95116d89b878afe8d8902e4c6f01b7b77e843/detection
# Reference: https://www.virustotal.com/gui/file/0b419cf91a924b1c7ba8da5592a92471ebde2fc744098c06bec02a4f44641557/detection

103.77.214.210:12344
103.77.214.210:12348
103.77.214.210:12346
103.77.214.210:13100
103.77.214.210:13131
103.77.214.210:5000
ngocrongdemon.click
nroplus.top
antiddos-fw.ngocronglau.xyz
fw.anti-ddos.io.vn
fw.ngocrongdemon.click
fw.ngocronglau.xyz
fw.nroplus.top
fw.shopkami.cloud
nro.shopkami.site
q.ngocronglau.xyz

# Reference: https://www.virustotal.com/gui/file/d781d8d078405175670522e91be0f766fdcfd335b4abafd0513d1260adb9c84d/detection
# Reference: https://www.virustotal.com/gui/file/d3403222667b75c5b888196bb84dd4a3896f67c60c9bedad8555399a7b495824/detection
# Reference: https://www.virustotal.com/gui/file/c86a3e4e783a0b9f3aa4ab70e87feed6f2c5e745d28a9d648867c06af85b8c8f/detection
# Reference: https://www.virustotal.com/gui/file/a656eb6e5c4007df8c67729845bb473d17de04444e4f1bd2926e98b6f360cf83/detection
# Reference: https://www.virustotal.com/gui/file/70ef693265752a5c5919dc383f6456fdd3bacf8bacff029e33d5814d496eacff/detection
# Reference: https://www.virustotal.com/gui/file/4619ac44a8a3e22fcea977f2d2650921db423822fcf49281b4f322f6a0384c9f/detection

171.228.207.189:56999
vip.shopkami.cloud

# Reference: https://www.virustotal.com/gui/file/f5c7f703ff97329cc9a9871f04c2c040d1f928525a5b480a05b2e250dd947a94/detection
# Reference: https://www.virustotal.com/gui/file/99b522c4348e1e0817202511c77100cf41968167278a21995ce87443cd51684a/detection

163.123.142.194:59666
riches.homes
ensurex.riches.homes

# Reference: https://www.virustotal.com/gui/file/46cb41f8508a27f2cbb629fede3c3c2064a0f50403919c9cf9d201cc0525d656/detection

http://51.68.136.167

# Reference: https://www.virustotal.com/gui/file/03f458cdfa9b2b98b5594fa181ac2f4f06c6555b44bc89482e61fea9a51b3b30/detection
# Reference: https://www.virustotal.com/gui/file/0ce7e96aca37df2bc1f2b45425a25ce8a0295f9bbc38c39f73100909678a9166/detection

http://193.111.250.222
rawupdater.cf
backend.rawupdater.cf
update.rawupdater.cf

# Reference: https://www.virustotal.com/gui/file/357c488701713a08d07a34fe66997d255483186e5e706fdfb306a31a5f361f1b/detection
# Reference: https://www.virustotal.com/gui/file/d29326a11ca59972cc2a46bc5b8fd693c20b94a7d674344838ae74dae44b1d6d/detection
# Reference: https://www.virustotal.com/gui/file/e8d8465685071dea1cfc8461b834e09fd6d9ce417800a63a409aa283ab448a4d/detection

171.22.28.209:3778
171.22.28.209:56999
orionleaks.cc
funlab.orionleaks.cc
kek.orionleaks.cc

# Reference: https://www.virustotal.com/gui/file/3e680f82980ed9cf00dddc715bb9cda46675afb1acd7ceb33c97d8c3f9afb578/detection

http://37.221.92.204
37.221.92.204:56744

# Reference: https://www.virustotal.com/gui/file/cb49b45da306a03ea7e87976fbd011760b84c08aa37ca7f24a1ec1ab0748b742/detection
# Reference: https://www.virustotal.com/gui/file/4b8163feb682dbc9a5678a3b18d7ae321c18ffd7deaf85db34686f0b4f3c54cf/detection

37.221.92.204:1312
37.221.92.204:59666
dth.wtf
software.dth.wtf

# Reference: https://twitter.com/abuse_ch/status/1759152410650464548
# Reference: https://www.virustotal.com/gui/file/785cf63b7ae50c86d31c35dc7811bf714e9e2114dd6ebf1c511c662eb28605b6/detection
# Reference: https://www.virustotal.com/gui/file/9f68f67e0cf0a8f337091efd3bd1033427ce33284441c32d369330d43d1e0621/detection

http://91.92.240.138
91.92.240.138:2023
91.92.240.138:56999

# Reference: https://www.virustotal.com/gui/file/0f536abf56571c4d3ad52fff920a0512b8a5b3dbd76d9af1df1cbabb75a1a4b5/detection

http://103.174.73.85
http://103.228.37.236
http://103.245.236.188
/huhu.32
/huhu.64
/huhu.arc
/huhu.arm
/huhu.arm4
/huhu.arm4l
/huhu.arm4t
/huhu.arm4tl
/huhu.arm4tll
/huhu.arm5
/huhu.arm5l
/huhu.arm5n
/huhu.arm6
/huhu.arm64
/huhu.arm6l
/huhu.arm7
/huhu.arm7l
/huhu.arm8
/huhu.armv4
/huhu.armv4l
/huhu.armv5l
/huhu.armv6
/huhu.armv61
/huhu.armv6l
/huhu.armv7l
/huhu.dbg
/huhu.exploit
/huhu.i4
/huhu.i486
/huhu.i586
/huhu.i6
/huhu.i686
/huhu.kill
/huhu.m68
/huhu.m68k
/huhu.mips
/huhu.mips64
/huhu.mipseb
/huhu.mipsel
/huhu.mpsl
/huhu.pcc
/huhu.powerpc
/huhu.powerpc-440fp
/huhu.powerppc
/huhu.pp-c
/huhu.ppc
/huhu.ppc2
/huhu.ppc440
/huhu.ppc440fp
/huhu.rc
/huhu.rcle-hs38
/huhu.rm
/huhu.rm4
/huhu.rm4l
/huhu.rm4t
/huhu.rm4tl
/huhu.rm4tll
/huhu.rm5
/huhu.rm5l
/huhu.rm5n
/huhu.rm6
/huhu.rm64
/huhu.rm6l
/huhu.rm7
/huhu.rm7l
/huhu.rm8
/huhu.rmv4
/huhu.rmv4l
/huhu.rmv5l
/huhu.rmv6
/huhu.rmv61
/huhu.rmv6l
/huhu.rmv7l
/huhu.root
/huhu.root32
/huhu.sh
/huhu.sh4
/huhu.sparc
/huhu.spc
/huhu.ssh4
/huhu.x32
/huhu.x32_64
/huhu.x64
/huhu.x86
/huhu.x86_32
/huhu.x86_64

# Reference: https://www.virustotal.com/gui/file/f3156b7589537be4f48137703dba57eec6a9a351b80029729c9255044d6cb0d5/detection
# Reference: https://www.virustotal.com/gui/file/7c572e50d5dec21f3b8c6dafd5a2f17fd862647e20b903085ad6c2218e853fa6/detection
# Reference: https://www.virustotal.com/gui/file/71602b0fe048ac14d0e341bd4e8de405b4ff3e4b07747a747d3727a4a111b5f3/detection
# Reference: https://www.virustotal.com/gui/file/5c35d215def291575647814737a0f98058b93a80ac7736c1a3adef407974fd91/detection

103.140.249.213:3389
103.28.32.56:2023
139.99.31.124:30120
botnet.serveblog.net
mostnet.servegame.com
net-killer.servehttp.com

# Reference: https://www.virustotal.com/gui/file/0297c5b23a47e0c90830ea807d0e99c27e3c83fc59723c51bf6355f14745135d/detection

103.69.97.45:1791
net-killer.online

# Reference: https://www.virustotal.com/gui/file/56571fd8a519580e8c3ec19d0367e3e614b86daf0818fab434ce24497be8de62/detection

http://103.174.73.96

# Reference: https://www.virustotal.com/gui/file/fd2537d8f8a8cf32590f8c0ff7706296510e02a5bf953abcfddafe64587a54b2/detection
# Reference: https://www.virustotal.com/gui/file/920d8ba367f6c5db37da7c27329f83b6e63b426fa73d28c6edda9e7c7b9314ff/detection
# Reference: https://www.virustotal.com/gui/file/88b383081c46232d2a0c46cf8c35b84ac92417eeae25a386f1de3dc2d8336269/detection
# Reference: https://www.virustotal.com/gui/file/0264fc2f0b024c52c197e37d93b53b767953f7d93383bda15e49677e5621187f/detection

http://93.123.85.65
93.123.85.65:34241
93.123.85.65:3778
93.123.85.65:43957
93.123.85.65:9375
myisrael.ddns.net

# Reference: https://www.virustotal.com/gui/ip-address/95.164.22.239/relations

http://95.164.22.239

# Reference: https://www.virustotal.com/gui/file/f373f49317a0933e754a8547634413cf989ce2e48c3fb1c4befc371f6d026698/detection
# Reference: https://www.virustotal.com/gui/file/ff818af7d5879a212d9aa05920c90060212ecb0a574c060aed4163f325f5f596/detection

http://66.187.7.174
66.187.7.174:3074
weilaibot.net

# Reference: https://twitter.com/banthisguy9349/status/1764345949399171127
# Reference: https://www.virustotal.com/gui/file/f24989340e5825fb5847a2ff0e7614bb829c41c45d831eac727b7ebb4229c030/detection

http://141.98.11.208
141.98.11.208:16837
awuam.com
ackcm.awuam.com

# Reference: https://www.virustotal.com/gui/file/e817d406100d641f93a449be83790c6ff272ca2e228534d2a5deb7a44edd8f8f/detection

111.243.109.76:41465
bots.awuam.com
ddns.awuam.com

# Reference: https://www.virustotal.com/gui/file/1a0c9dfba7b5e8b0e2b70c14a89c30fd8488dc886eea5e3fc8d73dd399eed4fe/detection

1.162.151.116:39167
zunbot.awuam.com

# Reference: https://www.virustotal.com/gui/file/edded3ec2218151c56c7045c7bcf158632a605dc68531a1e19d4e5bb3353992b/detection

qwerty.awuam.com

# Reference: https://www.virustotal.com/gui/file/dcb8e59dc0ff5d6ec5779ca5170ce0ae944ecc34f00c7fdf3ea14cf48d70b521/detection
# Reference: https://www.virustotal.com/gui/file/c92832d228bf9631c9280d1ace6bfcfa43cae0a3b015a29e15f7d74d04f0aebd/detection

46.3.113.170:8778
nw.awuam.com

# Reference: https://www.virustotal.com/gui/file/fc357b816b031d6bb5c4f1df1f29a80a742b538b4c44d674d4547f2e4dfa295b/detection

103.106.228.99:11259
botnet.awuam.com

# Reference: https://www.virustotal.com/gui/file/90dc011e64acf53cc89504514e3a9aff629ecb38bf6b218d5d7f17392653a30a/detection
# Reference: https://www.virustotal.com/gui/file/007c92595e22782c0415fc7194dd46611531c0eb3e5f5abcad3a27ca08d06409/detection

http://45.88.90.115

# Reference: https://www.virustotal.com/gui/file/b9822051ee6631dee8d596a08f2397555319a8448396499c589ffe50c8864659/detection

93.123.85.174:9931
mirailovers.ddns.net

# Reference: https://www.virustotal.com/gui/ip-address/199.195.249.78/relations

199.195.249.78:13145

# Reference: https://www.virustotal.com/gui/file/da038fb77c7daf81067a313d6ad5842db92f7bef1ab6e4a03efd0ef4f910c5da/detection

129.159.55.240:56636
sdxpay.cn
ddos.sdxpay.cn

# Reference: https://www.virustotal.com/gui/file/b5c8bcfab39ff142b860bcc08b0951e6a080b051554666e1509fe8fce25161fc/detection

149.50.209.216:43957

# Reference: https://www.virustotal.com/gui/file/5d1123fb79786a45e3dab26651885724bf8fc40385005d690267a2bc60f85d99/detection

185.196.9.72:56537

# Reference: https://www.virustotal.com/gui/ip-address/185.196.10.164/detection
# Reference: https://www.virustotal.com/gui/file/cc8fd3598f577ccdedcd5e3fb3ac6be453f78260742dc89fed69d2ae4ae0df2e/detection

185.196.10.164:62452
185.196.9.72:62452
feckoffbr0.sbs

# Reference: https://www.virustotal.com/gui/file/c6fd60d9ffa6709698e11d68a5ea77d2838d67413429824947bdefaead8f3b13/detection

http://146.19.191.85
bulldognet.info

# Reference: https://www.virustotal.com/gui/file/9c83748fb48f92d603886164effe5b691ba7d47db957809ad8cb3eab7f0aaa8c/detection

http://193.111.248.204

# Reference: https://www.virustotal.com/gui/file/7fbb48c63c4f37f04051c93c9fafe0d79fd50e22635aa40bcf6c3c9cd9d2ede1/detection

193.111.248.204:1024

# Reference: https://www.virustotal.com/gui/file/d463e8e41e71dc6a281b1c2cbeb5201d01498b60d19e6ab79e7e50ee1d18d970/detection

65.222.202.53:5880
aquabotnet.xyz

# Reference: https://www.virustotal.com/gui/file/9d208b416aa7f8fc03fd1a72f5a7512173fcced51b87ef4459df975d8d51285c/detection

146.19.191.85:55600

# Reference: https://twitter.com/banthisguy9349/status/1759525650690388412

47.105.86.47:21997

# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.197/relations

93.123.85.197:21
/87sbhas6as.arc
/87sbhas6as.arm
/87sbhas6as.arm4
/87sbhas6as.arm4l
/87sbhas6as.arm4t
/87sbhas6as.arm4tl
/87sbhas6as.arm4tll
/87sbhas6as.arm5
/87sbhas6as.arm5l
/87sbhas6as.arm5n
/87sbhas6as.arm6
/87sbhas6as.arm64
/87sbhas6as.arm6l
/87sbhas6as.arm7
/87sbhas6as.arm7l
/87sbhas6as.arm8
/87sbhas6as.armv4
/87sbhas6as.armv4l
/87sbhas6as.armv5l
/87sbhas6as.armv6
/87sbhas6as.armv61
/87sbhas6as.armv6l
/87sbhas6as.armv7l
/87sbhas6as.dbg
/87sbhas6as.exploit
/87sbhas6as.i4
/87sbhas6as.i486
/87sbhas6as.i586
/87sbhas6as.i6
/87sbhas6as.i686
/87sbhas6as.kill
/87sbhas6as.m68
/87sbhas6as.m68k
/87sbhas6as.mips
/87sbhas6as.mips64
/87sbhas6as.mipseb
/87sbhas6as.mipsel
/87sbhas6as.mpsl
/87sbhas6as.pcc
/87sbhas6as.powerpc
/87sbhas6as.powerpc-440fp
/87sbhas6as.powerppc
/87sbhas6as.ppc
/87sbhas6as.ppc2
/87sbhas6as.ppc440
/87sbhas6as.ppc440fp
/87sbhas6as.root
/87sbhas6as.root32
/87sbhas6as.sh
/87sbhas6as.sh4
/87sbhas6as.sparc
/87sbhas6as.spc
/87sbhas6as.ssh4
/87sbhas6as.x32
/87sbhas6as.x64
/87sbhas6as.x86
/87sbhas6as.x86_32
/87sbhas6as.x86_64

# Reference: https://www.virustotal.com/gui/ip-address/45.95.146.86/relations
# Reference: https://www.virustotal.com/gui/file/ee47d02896f53760011288da8ee3614d44367be3bb30cbc1dbf885d95e55558a/detection

45.95.146.86:21
57.31.144.212:23

# Reference: https://urlhaus.abuse.ch/host/93.123.85.189

http://93.123.85.189

# Reference: https://urlhaus.abuse.ch/host/93.123.85.196

http://93.123.85.196
rahuiopis.monster

# Reference: https://urlhaus.abuse.ch/host/93.123.85.200
# Reference: https://www.virustotal.com/gui/file/64ad4eeecb4b4ebf5e7b56014a9da8bbcc6ebeb46ba94a838a601f67d5d2f0b7/detection

http://93.123.85.200
93.123.85.200:1312

# Reference: https://urlhaus.abuse.ch/host/93.123.85.202

http://93.123.85.202
iruiwqne.sbs
mail.iruiwqne.sbs

# Reference: https://urlhaus.abuse.ch/host/129.159.55.240/

http://129.159.55.240

# Reference: https://www.virustotal.com/gui/file/03b3e5cd2fc11d8dc1d81e9a26ce1a0ae5be20617879da81ef31540ad43304e3/detection

37.44.238.66:56745

# Reference: https://www.virustotal.com/gui/file/0c9fc20ded9d618e0ebddefb1fa4aa10169b7c22320a7589fcd8690ca602152a/detection

37.44.238.66:56744

# Reference: https://www.virustotal.com/gui/file/fe25aad00fd9071f8dc5f5a832e5d2a44e1d39e3e71986682a419e12255e0c35/detection

http://5.181.80.233
37.44.238.66:2342

# Reference: https://www.virustotal.com/gui/file/d38d57969db2d2190100ee2bced525c3fb01adf86caab05cc75a982ed35c5e77/detection

5.181.80.233:1111

# Reference: https://www.virustotal.com/gui/file/38f20331f2a3469143dd6c5cc7b85cc34c72f1bf9e8d47f1b149486a3c7263b3/detection

37.68.246.207:13568

# Reference: https://www.virustotal.com/gui/file/003b4005bd9fc33b5c9a9bd953daec9b8ba3145ec3f478025841b789ad6d501c/detection

158.51.124.124:55650
209.141.61.80:55650

# Reference: https://www.virustotal.com/gui/file/500e519cda72f20e95ca491d083cc5e122dff2f003bb0f4b43219553cffea29a/detection

http://41.216.183.27

# Reference: https://twitter.com/banthisguy9349/status/1760003602897350711
# Reference: https://www.virustotal.com/gui/file/ea972d36b848577e0cafd26481b7f99e3b14a8d8717cf822640c4072d5843090/detection

http://185.91.127.216
http://193.111.250.51
http://45.82.177.212
193.111.250.51:55555
nexyvox.com
bot.nexyvox.com

# Reference: https://www.virustotal.com/gui/file/f94b1ebef251bb4174162419c32b7ce9727832e1fda37853726e036fe13e5d77/detection

http://103.172.79.74
http://42.96.11.146
103.172.79.74:2807
networkbn.com
bonet.networkbn.com

# Reference: https://www.virustotal.com/gui/file/f0df1969eb7f51f46596bd6b7bd8530939fd1a8775c58713359194aea471dd26/detection

103.172.79.74:43957

# Reference: https://www.virustotal.com/gui/file/1f4a839209cf62f50ffd2960cdebda68bbfe405055881daf5ac19248cc4e7c9f/detection
# Reference: https://www.virustotal.com/gui/file/e02a4b4ebfc4cec04cf29798c1998b10da784607d51ff218eb16e415be1b054d/detection
# Reference: https://www.virustotal.com/gui/file/d760e32539d26a2dac7b85b5a1ba86b9f4661b4c5ba2edb812dd30f688eaf41a/detection

http://42.96.2.220
42.96.2.220:43957
42.96.2.220:56999

# Reference: https://www.virustotal.com/gui/file/135f1658fe4ae11d6767390b756775ddde1f127b37f65f525e6287aaa6bf053b/detection

http://159.223.196.192
159.223.196.192:56999
layer4.bf
bot.layer4.bf
botnet.layer4.bf
hiyl7.hilariocolche.com

# Reference: https://www.virustotal.com/gui/ip-address/135.148.26.106/relations
# Reference: https://www.virustotal.com/gui/ip-address/142.44.187.28/relations
# Reference: https://www.virustotal.com/gui/ip-address/144.217.224.61/relations

bridlewoodsc.izzyhosting.net
cantdownmeha.myftp.org
commowing.online
guide-huj.vps.truo.co
mrundownable.ddns.net
ovh.yerco.xyz
rapidpanel.us
thebotnetisonfire.zapto.org
yerco.xyz

# Reference: https://www.virustotal.com/gui/ip-address/45.131.108.167/detection

http://45.131.108.167

# Reference: https://twitter.com/banthisguy9349/status/1760258653557338505

159.223.196.192:56999
84.54.51.103:6666
93.123.85.174:43957

# Reference: https://twitter.com/banthisguy9349/status/1760362988572131491
# Reference: https://www.virustotal.com/gui/file/98c1d99430f13fc6d0aecdc671352a67d9bdd3045621beb5b8ce2595b7e261fb/detection

http://94.156.8.80
94.156.8.80:43957
booter.cat
love.booter.cat

# Reference: https://twitter.com/banthisguy9349/status/1760267291642466473
# Reference: https://www.virustotal.com/gui/ip-address/204.76.203.96/relations
# Reference: https://www.virustotal.com/gui/file/c1cd4bed408aa22c2cc7798d60a8b76819e6865f2dc8fda1ef0b23bb216ba22b/detection
# Reference: https://www.virustotal.com/gui/file/0ac407b6452d960c1f72281a9a5067ee2cd9d720960a32ed0574e47049fe2060/detection

http://185.225.74.161
http://204.76.203.96
http://91.92.247.150
107.189.7.133:3824
204.76.203.76:3090
5.181.80.178:3090
ilovechina.dyn
metafastcare.shop
whydoyouhateme.dyn

# Reference: https://www.virustotal.com/gui/ip-address/103.82.20.7/relations
# Reference: https://www.virustotal.com/gui/file/aa1169180af01000df2cdecdd024ef7d5e012c36d38efcdde52f8f02026352da/detection

http://103.82.20.7
103.82.20.7:42516

# Reference: https://pastebin.com/MkHLhN7L

194.169.175.31:38245
45.95.146.38:1312
45.95.146.89:7788
85.239.34.84:23
91.92.252.208:1312
93.123.85.109:5555
93.123.85.113:1312
93.123.85.127:5555
93.123.85.136:5555
93.123.85.49:1312
94.156.68.104:55555

# Reference: https://www.virustotal.com/gui/file/c069524d37dce3d375bba446f4d8d1a3d5a76e1d51abb38feab04aff6c8a2e5f/detection
# Reference: https://www.virustotal.com/gui/file/d006b78f39473ad7a882bc4b29196d54c239523c4753876c18bbf31756d3ec3d/detection

http://103.82.25.198
http://142.93.231.4
http://172.107.32.148
http://190.211.252.253
http://194.156.88.113
http://37.44.238.194
http://45.81.39.111
http://5.255.125.175
http://85.31.45.4
http://93.123.85.172
http://95.181.173.111
103.82.25.198:12397
45.13.119.233:1524
45.81.39.111:443
floppa.cam
naizi.gay
96110.naizi.gay
a.naizi.gay
botnet.floppa.cam
dedoviqis.onthewifi.com
gang.naizi.gay
huydeptrai.zapto.org

# Reference: https://www.virustotal.com/gui/ip-address/37.221.65.78/relations

http://37.221.65.78
37.221.65.78:63645
chernobyl.fun
tesla-alert.com
app.tesla-alert.com
auth.tesla-alert.com
/Fantazy.arc
/Fantazy.arm
/Fantazy.arm4
/Fantazy.arm4l
/Fantazy.arm4t
/Fantazy.arm4tl
/Fantazy.arm4tll
/Fantazy.arm5
/Fantazy.arm5l
/Fantazy.arm5n
/Fantazy.arm6
/Fantazy.arm64
/Fantazy.arm6l
/Fantazy.arm7
/Fantazy.arm7l
/Fantazy.arm8
/Fantazy.armv4
/Fantazy.armv4l
/Fantazy.armv5l
/Fantazy.armv6
/Fantazy.armv61
/Fantazy.armv6l
/Fantazy.armv7l
/Fantazy.dbg
/Fantazy.exploit
/Fantazy.i4
/Fantazy.i486
/Fantazy.i586
/Fantazy.i6
/Fantazy.i686
/Fantazy.kill
/Fantazy.m68
/Fantazy.m68k
/Fantazy.mips
/Fantazy.mips64
/Fantazy.mipseb
/Fantazy.mipsel
/Fantazy.mpsl
/Fantazy.pcc
/Fantazy.powerpc
/Fantazy.powerpc-440fp
/Fantazy.powerppc
/Fantazy.ppc
/Fantazy.ppc2
/Fantazy.ppc440
/Fantazy.ppc440fp
/Fantazy.root
/Fantazy.root32
/Fantazy.sh
/Fantazy.sh4
/Fantazy.sparc
/Fantazy.spc
/Fantazy.ssh4
/Fantazy.x32
/Fantazy.x64
/Fantazy.x86
/Fantazy.x86_32
/Fantazy.x86_64

# Reference: https://twitter.com/banthisguy9349/status/1760645477194764677

http://103.180.149.83

# Reference: https://twitter.com/banthisguy9349/status/1760626346487951465
# Reference: https://twitter.com/banthisguy9349/status/1770013233673343159
# Reference: https://www.virustotal.com/gui/file/b6d234d83775ded8082080a0f8f93d664c0c96204f76053fab2acc46310e42f3/detection

http://147.135.10.151
147.135.10.151:45454
15.204.211.32:888
15.204.211.32:9999
45.81.39.172:1337
botnet.gay
c2.neko.ltd
catgirls.foundation
catgirls.network
cnc.neko.ltd
hacker.catgirls.network
neko.ltd
rx.neko.ltd

# Reference: https://www.virustotal.com/gui/file/3995da2b3596774144cc47037e7f4773ccaeff02da9ff4982445ca3d23f834f4/detection

147.135.10.151:4197

# Reference: https://elfdigest.com/brief/49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b
# Reference: https://www.virustotal.com/gui/file/49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b/detection
# Reference: https://www.virustotal.com/gui/file/4aa68a06c07154d01f6b1366a485253f375e084b4ddf00ba96cec0d583182a64/detection

succubus.neko.ltd

# Reference: https://twitter.com/banthisguy9349/status/1760626346487951465
# Reference: https://pastebin.com/LLnMJPNQ
# Reference: https://pastebin.com/vBNVEGrZ
# Reference: https://pastebin.com/a6MnK38k

http://103.195.236.98
http://104.167.221.222
http://108.174.198.206
http://147.182.249.167
http://154.222.236.61
http://185.144.159.137
http://185.144.159.137 
http://185.196.10.60
http://2.58.95.76
http://45.142.182.88
146.19.191.200:69
154.222.236.61:56999
185.196.10.139:59666
185.196.10.60:55655
185.196.9.223:1302
185.91.127.216:55555
185.91.127.233:3778
185.91.127.233:56999
37.221.94.43:5555
45.138.174.72:3778
5.181.80.126:35769 
94.156.8.116:43957
ddos7.cc
botnet.ddos7.cc
staging.qyh.co.ua

# Reference: https://www.virustotal.com/gui/file/5225a0d80e77efd2a415d26ef4d9bf83abba9ef37b446d31de29bbfdb36ac943/detection

letters.hopto.org

# Reference: https://www.virustotal.com/gui/file/3ccd8873336683e1f226a18b5ba3e6eb4b5502bdc7d76ae09abe9b33e7ab0e75/detection

http://185.196.10.139

# Reference: https://www.virustotal.com/gui/file/19bcbfc87abc341af194e6c88e37999eea5badd36d90a587b87b2b8b19bdba76/detection

185.196.10.139:59666

# Reference: https://urlhaus.abuse.ch/url/2767988/

http://45.128.232.235
/atlas.arc
/atlas.arm
/atlas.arm4
/atlas.arm4l
/atlas.arm4t
/atlas.arm4tl
/atlas.arm4tll
/atlas.arm5
/atlas.arm5l
/atlas.arm5n
/atlas.arm6
/atlas.arm64
/atlas.arm6l
/atlas.arm7
/atlas.arm7l
/atlas.arm8
/atlas.armv4
/atlas.armv4l
/atlas.armv5l
/atlas.armv6
/atlas.armv61
/atlas.armv6l
/atlas.armv7l
/atlas.dbg
/atlas.exploit
/atlas.i4
/atlas.i486
/atlas.i586
/atlas.i6
/atlas.i686
/atlas.kill
/atlas.m68
/atlas.m68k
/atlas.mips
/atlas.mips64
/atlas.mipseb
/atlas.mipsel
/atlas.mpsl
/atlas.pcc
/atlas.powerpc
/atlas.powerpc-440fp
/atlas.powerppc
/atlas.ppc
/atlas.ppc2
/atlas.ppc440
/atlas.ppc440fp
/atlas.root
/atlas.root32
/atlas.sh
/atlas.sh4
/atlas.sparc
/atlas.spc
/atlas.ssh4
/atlas.x32
/atlas.x64
/atlas.x86
/atlas.x86_32
/atlas.x86_64

# Reference: https://www.virustotal.com/gui/file/acb70803105a730c08d8fd7a8dabdbc78539b646730d0df1b8738dc9d8f438c6/detection
# Reference: https://www.virustotal.com/gui/file/7170e802266544c07b819ed12eda651e63bc4af6b7a291da425ac038b9552bdc/detection

http://84.54.51.48
84.54.51.48:61231
/ntpd.arc
/ntpd.arm
/ntpd.arm4
/ntpd.arm4l
/ntpd.arm4t
/ntpd.arm4tl
/ntpd.arm4tll
/ntpd.arm5
/ntpd.arm5l
/ntpd.arm5n
/ntpd.arm6
/ntpd.arm64
/ntpd.arm6l
/ntpd.arm7
/ntpd.arm7l
/ntpd.arm8
/ntpd.armv4
/ntpd.armv4l
/ntpd.armv5l
/ntpd.armv6
/ntpd.armv61
/ntpd.armv6l
/ntpd.armv7l
/ntpd.dbg
/ntpd.exploit
/ntpd.i4
/ntpd.i486
/ntpd.i586
/ntpd.i6
/ntpd.i686
/ntpd.kill
/ntpd.m68
/ntpd.m68k
/ntpd.mips
/ntpd.mips64
/ntpd.mipseb
/ntpd.mipsel
/ntpd.mpsl
/ntpd.pcc
/ntpd.powerpc
/ntpd.powerpc-440fp
/ntpd.powerppc
/ntpd.ppc
/ntpd.ppc2
/ntpd.ppc440
/ntpd.ppc440fp
/ntpd.root
/ntpd.root32
/ntpd.sh
/ntpd.sh4
/ntpd.sparc
/ntpd.spc
/ntpd.ssh4
/ntpd.x32
/ntpd.x64
/ntpd.x86
/ntpd.x86_32
/ntpd.x86_64

# Reference: https://www.virustotal.com/gui/ip-address/51.250.71.111/relations

http://51.250.71.111
cnc.akayo.pp.ua

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-02-24)

103.155.81.228:1234
103.178.235.32:19990
114.67.217.170:1312
134.209.111.71:9999
141.95.81.119:2300
141.98.10.72:1024
141.98.7.15:1915
143.198.95.76:42061
146.190.53.148:81
146.59.12.246:20002
147.45.40.62:9931
178.79.150.75:4444
185.209.160.19:8872
193.35.18.127:51321
203.25.119.136:48748
31.222.202.156:5555
41.216.183.27:5034
45.142.107.117:3549
45.86.86.60:3912
45.95.146.3:8872
45.95.169.14:9931
46.19.140.242:32465
5.181.80.116:3090
5.181.80.153:3090
5.181.80.177:3090
5.181.80.27:3090
51.159.167.215:34241
62.173.140.174:17900
78.31.67.78:2300
84.54.51.103:32015
87.121.58.103:32015
91.92.240.13:9511
93.123.85.140:9932
93.123.85.181:1337
93.123.85.8:1312
94.156.65.180:34241
bigballz.bounceme.net
db2017417b23.zapto.org

# Reference: https://www.virustotal.com/gui/file/2fea6cdd579253c8f4475d12372b234693fe4aaf6ce67899ff8b52039c354631/detection

94.156.65.49:38241

# Reference: https://www.virustotal.com/gui/file/6cc1574a677afa4b41bbda548f6efd8bb029790963ce40bdf56b4624f6af5224/detection

45.125.66.111:38241

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-02-25)

http://103.180.149.224
http://103.47.195.200
http://109.107.181.93
http://45.95.169.135
http://79.137.207.38
http://93.123.85.206
103.178.234.224:19990
103.28.33.96:2023
185.196.10.164:59312
185.196.9.97:43957
185.196.9.97:48795
193.23.55.21:56789
212.102.39.208:58095
45.11.93.150:8964
51.250.71.111:443
89.190.156.176:8872
93.123.85.142:43957
loadbalance.click
botnet.loadbalance.click

# Reference: https://urlhaus.abuse.ch/host/45.145.42.233/
# Reference: https://www.virustotal.com/gui/file/df9494e4a50f4541287c79161d4b0d3f9b825ebde9e934ea659d232615b105b9/detection
# Reference: https://www.virustotal.com/gui/file/dca8987f6dda30fe0371b022fe9945068ae4c8633413169248f38ab1e1c66355/detection
# Reference: https://www.virustotal.com/gui/file/4dd9e1f8155e4585dd2f46f3690cd31d1bbe8cdb37015d59b9eb2401b01d54ef/detection

http://45.145.42.233
45.145.42.233:1302

# Reference: https://urlhaus.abuse.ch/host/185.196.9.223/

http://185.196.9.223

# Reference: https://urlhaus.abuse.ch/host/93.123.85.10/
# Reference: https://urlhaus.abuse.ch/host/185.196.10.231/
# Reference: https://urlhaus.abuse.ch/host/94.156.66.229/
# Reference: https://urlhaus.abuse.ch/host/91.92.240.190/
# Reference: https://urlhaus.abuse.ch/host/37.221.92.112/
# Reference: https://pastebin.com/y2TM3CFq

http://185.196.10.231
http://185.196.11.28
http://185.196.9.14
http://193.35.18.164
http://37.221.92.112
http://91.92.240.190
http://91.92.244.84
http://91.92.253.46
http://91.92.254.43
http://94.156.66.229
http://94.156.71.220
http://94.156.71.29
http://94.156.71.59
http://94.156.8.116
185.196.10.231:1312
185.196.11.28:51231
185.196.9.14:23213
193.35.18.164:60195
37.221.92.112:5555
91.92.240.190:5525
91.92.244.84:9511
91.92.253.46:59962
91.92.254.43:6666
94.156.66.229:1312
94.156.71.220:2821
94.156.71.29:60195
94.156.71.59:13
interpol-is.gay
niggas-are.gay
lucatylerschwing.interpol-is.gay

# Reference: https://twitter.com/banthisguy9349/status/1762874572339052824

http://165.232.89.27

# Reference: https://twitter.com/banthisguy9349/status/1762877441972805858

http://94.156.69.47

# Reference: https://www.virustotal.com/gui/ip-address/45.11.93.150/detection

45.11.93.150:8964
mainnetwork.sysromeu.eu.org

# Reference: https://twitter.com/banthisguy9349/status/1763529482822947165
# Reference: https://urlhaus.abuse.ch/host/146.19.191.200/
# Reference: https://www.virustotal.com/gui/file/eac115700bb9c979d0d471b24752b8659adf69b29497d87b6c4b5d17955c48a6/detection
# Reference: https://www.virustotal.com/gui/file/e901a7f26238a851bb65f43fc2626b51d89c4fb55d60c6b8c8abda8fe2f30895/detection
# Reference: https://www.virustotal.com/gui/file/dc6bb6f838fd5392a1dfed44c14d19bf12a75f72a6cf2cb74170348b4beaf285/detection

http://146.19.191.200
146.19.191.200:1312
146.19.191.200:4747
146.19.191.200:69
/mardin.arc
/mardin.arm
/mardin.arm4
/mardin.arm4l
/mardin.arm4t
/mardin.arm4tl
/mardin.arm4tll
/mardin.arm5
/mardin.arm5l
/mardin.arm5n
/mardin.arm6
/mardin.arm64
/mardin.arm6l
/mardin.arm7
/mardin.arm7l
/mardin.arm8
/mardin.armv4
/mardin.armv4l
/mardin.armv5l
/mardin.armv6
/mardin.armv61
/mardin.armv6l
/mardin.armv7l
/mardin.dbg
/mardin.exploit
/mardin.i4
/mardin.i486
/mardin.i586
/mardin.i6
/mardin.i686
/mardin.kill
/mardin.m68
/mardin.m68k
/mardin.mips
/mardin.mips64
/mardin.mipseb
/mardin.mipsel
/mardin.mpsl
/mardin.pcc
/mardin.powerpc
/mardin.powerpc-440fp
/mardin.powerppc
/mardin.ppc
/mardin.ppc2
/mardin.ppc440
/mardin.ppc440fp
/mardin.root
/mardin.root32
/mardin.sh
/mardin.sh4
/mardin.sparc
/mardin.spc
/mardin.ssh4
/mardin.x32
/mardin.x64
/mardin.x86
/mardin.x86_32
/mardin.x86_64

# Reference: https://twitter.com/banthisguy9349/status/1763602307772522602
# Reference: https://www.virustotal.com/gui/file/fd9f4ce46eabd984438806191f5688a5e62a541029804e131bd92d124d09866e/detection

144.172.73.36:43957
juniorfoxy.ooo
netherlands-0.juniorfoxy.ooo
who.juniorfoxy.ooo

# Reference: https://urlhaus.abuse.ch/feeds/asn/49581/
# Reference: https://www.virustotal.com/gui/file/8507fd051ea6e312973a65ad0e58ce9f70fe004c9ab530d4ab58fe29a2b48673/detection

http://144.172.73.237
http://144.172.73.35
http://144.172.73.36
http://144.172.73.38
http://146.19.191.106
http://146.19.191.108
http://146.19.191.118
http://146.19.191.161
http://146.19.191.162
http://146.19.191.200
http://146.19.191.229
http://146.19.191.253
http://146.19.191.65
http://176.97.210.135
http://176.97.210.166
http://176.97.210.205
http://176.97.210.211
http://176.97.210.229
http://176.97.210.239
http://176.97.210.240
http://185.117.3.120
http://185.216.71.112
http://185.216.71.116
http://185.216.71.134
http://185.216.71.144
http://185.216.71.153
http://185.216.71.157
http://185.216.71.172
http://185.216.71.187
http://185.216.71.192
http://185.216.71.213
http://185.216.71.65
http://185.216.71.66
http://185.216.71.69
http://185.216.71.77
http://185.216.71.88
http://185.91.127.233
http://185.91.127.235
http://185.91.127.80
http://193.111.248.186
http://193.111.248.19
http://193.111.248.58
http://193.111.248.62
http://193.111.249.179
http://193.141.60.128
http://2.58.113.120
http://2.58.113.242
http://2.58.113.45
http://37.221.92.195
http://37.221.92.198
http://37.221.92.199
http://37.221.92.205
http://37.221.94.43
http://37.221.94.56
http://45.13.227.186
http://45.13.227.36
http://45.13.227.38
http://45.13.227.56
http://45.13.227.69
http://45.13.227.9
http://45.131.108.158
http://45.131.108.27
http://45.131.111.142
http://45.131.111.241
http://45.131.111.243
http://45.131.111.250
http://45.131.111.251
http://45.131.111.254
http://45.131.111.72
http://45.142.104.145
http://45.142.107.167
http://45.142.107.233
http://45.142.107.88
http://5.253.246.110
http://5.253.246.16
http://5.253.246.70
http://80.91.223.133
http://91.212.121.223
http://91.212.121.90
http://91.212.121.97
176.97.210.172:3333
185.216.71.251:7575
185.216.71.62:52054
88.0.80.202:8081
/fuckoffskid.arc
/fuckoffskid.arm
/fuckoffskid.arm4
/fuckoffskid.arm4l
/fuckoffskid.arm4t
/fuckoffskid.arm4tl
/fuckoffskid.arm4tll
/fuckoffskid.arm5
/fuckoffskid.arm5l
/fuckoffskid.arm5n
/fuckoffskid.arm6
/fuckoffskid.arm64
/fuckoffskid.arm6l
/fuckoffskid.arm7
/fuckoffskid.arm7l
/fuckoffskid.arm8
/fuckoffskid.armv4
/fuckoffskid.armv4l
/fuckoffskid.armv5l
/fuckoffskid.armv6
/fuckoffskid.armv61
/fuckoffskid.armv6l
/fuckoffskid.armv7l
/fuckoffskid.dbg
/fuckoffskid.exploit
/fuckoffskid.i4
/fuckoffskid.i486
/fuckoffskid.i586
/fuckoffskid.i6
/fuckoffskid.i686
/fuckoffskid.kill
/fuckoffskid.m68
/fuckoffskid.m68k
/fuckoffskid.mips
/fuckoffskid.mips64
/fuckoffskid.mipseb
/fuckoffskid.mipsel
/fuckoffskid.mpsl
/fuckoffskid.pcc
/fuckoffskid.powerpc
/fuckoffskid.powerpc-440fp
/fuckoffskid.powerppc
/fuckoffskid.ppc
/fuckoffskid.ppc2
/fuckoffskid.ppc440
/fuckoffskid.ppc440fp
/fuckoffskid.root
/fuckoffskid.root32
/fuckoffskid.sh
/fuckoffskid.sh4
/fuckoffskid.sparc
/fuckoffskid.spc
/fuckoffskid.ssh4
/fuckoffskid.x32
/fuckoffskid.x64
/fuckoffskid.x86
/fuckoffskid.x86_32
/fuckoffskid.x86_64
/myaqhy4x7dcghsrr.arc
/myaqhy4x7dcghsrr.arm
/myaqhy4x7dcghsrr.arm4
/myaqhy4x7dcghsrr.arm4l
/myaqhy4x7dcghsrr.arm4t
/myaqhy4x7dcghsrr.arm4tl
/myaqhy4x7dcghsrr.arm4tll
/myaqhy4x7dcghsrr.arm5
/myaqhy4x7dcghsrr.arm5l
/myaqhy4x7dcghsrr.arm5n
/myaqhy4x7dcghsrr.arm6
/myaqhy4x7dcghsrr.arm64
/myaqhy4x7dcghsrr.arm6l
/myaqhy4x7dcghsrr.arm7
/myaqhy4x7dcghsrr.arm7l
/myaqhy4x7dcghsrr.arm8
/myaqhy4x7dcghsrr.armv4
/myaqhy4x7dcghsrr.armv4l
/myaqhy4x7dcghsrr.armv5l
/myaqhy4x7dcghsrr.armv6
/myaqhy4x7dcghsrr.armv61
/myaqhy4x7dcghsrr.armv6l
/myaqhy4x7dcghsrr.armv7l
/myaqhy4x7dcghsrr.dbg
/myaqhy4x7dcghsrr.exploit
/myaqhy4x7dcghsrr.i4
/myaqhy4x7dcghsrr.i486
/myaqhy4x7dcghsrr.i586
/myaqhy4x7dcghsrr.i6
/myaqhy4x7dcghsrr.i686
/myaqhy4x7dcghsrr.kill
/myaqhy4x7dcghsrr.m68
/myaqhy4x7dcghsrr.m68k
/myaqhy4x7dcghsrr.mips
/myaqhy4x7dcghsrr.mips64
/myaqhy4x7dcghsrr.mipseb
/myaqhy4x7dcghsrr.mipsel
/myaqhy4x7dcghsrr.mpsl
/myaqhy4x7dcghsrr.pcc
/myaqhy4x7dcghsrr.powerpc
/myaqhy4x7dcghsrr.powerpc-440fp
/myaqhy4x7dcghsrr.powerppc
/myaqhy4x7dcghsrr.ppc
/myaqhy4x7dcghsrr.ppc2
/myaqhy4x7dcghsrr.ppc440
/myaqhy4x7dcghsrr.ppc440fp
/myaqhy4x7dcghsrr.root
/myaqhy4x7dcghsrr.root32
/myaqhy4x7dcghsrr.sh
/myaqhy4x7dcghsrr.sh4
/myaqhy4x7dcghsrr.sparc
/myaqhy4x7dcghsrr.spc
/myaqhy4x7dcghsrr.ssh4
/myaqhy4x7dcghsrr.x32
/myaqhy4x7dcghsrr.x64
/myaqhy4x7dcghsrr.x86
/myaqhy4x7dcghsrr.x86_32
/myaqhy4x7dcghsrr.x86_64
/Shinji.arc
/Shinji.arm
/Shinji.arm4
/Shinji.arm4l
/Shinji.arm4t
/Shinji.arm4tl
/Shinji.arm4tll
/Shinji.arm5
/Shinji.arm5l
/Shinji.arm5n
/Shinji.arm6
/Shinji.arm64
/Shinji.arm6l
/Shinji.arm7
/Shinji.arm7l
/Shinji.arm8
/Shinji.armv4
/Shinji.armv4l
/Shinji.armv5l
/Shinji.armv6
/Shinji.armv61
/Shinji.armv6l
/Shinji.armv7l
/Shinji.dbg
/Shinji.exploit
/Shinji.i4
/Shinji.i486
/Shinji.i586
/Shinji.i6
/Shinji.i686
/Shinji.kill
/Shinji.m68
/Shinji.m68k
/Shinji.mips
/Shinji.mips64
/Shinji.mipseb
/Shinji.mipsel
/Shinji.mpsl
/Shinji.pcc
/Shinji.powerpc
/Shinji.powerpc-440fp
/Shinji.powerppc
/Shinji.ppc
/Shinji.ppc2
/Shinji.ppc440
/Shinji.ppc440fp
/Shinji.root
/Shinji.root32
/Shinji.sh
/Shinji.sh4
/Shinji.sparc
/Shinji.spc
/Shinji.ssh4
/Shinji.x32
/Shinji.x64
/Shinji.x86
/Shinji.x86_32
/Shinji.x86_64
/SSP.arc
/SSP.arm
/SSP.arm4
/SSP.arm4l
/SSP.arm4t
/SSP.arm4tl
/SSP.arm4tll
/SSP.arm5
/SSP.arm5l
/SSP.arm5n
/SSP.arm6
/SSP.arm64
/SSP.arm6l
/SSP.arm7
/SSP.arm7l
/SSP.arm8
/SSP.armv4
/SSP.armv4l
/SSP.armv5l
/SSP.armv6
/SSP.armv61
/SSP.armv6l
/SSP.armv7l
/SSP.dbg
/SSP.exploit
/SSP.i4
/SSP.i486
/SSP.i586
/SSP.i6
/SSP.i686
/SSP.kill
/SSP.m68
/SSP.m68k
/SSP.mips
/SSP.mips64
/SSP.mipseb
/SSP.mipsel
/SSP.mpsl
/SSP.pcc
/SSP.powerpc
/SSP.powerpc-440fp
/SSP.powerppc
/SSP.ppc
/SSP.ppc2
/SSP.ppc440
/SSP.ppc440fp
/SSP.root
/SSP.root32
/SSP.sh
/SSP.sh4
/SSP.sparc
/SSP.spc
/SSP.ssh4
/SSP.x32
/SSP.x64
/SSP.x86
/SSP.x86_32
/SSP.x86_64
/dabvknzepanfgemnwxwwk6c7/

# Reference: https://www.virustotal.com/gui/ip-address/142.202.189.31/relations

http://142.202.189.31

# Reference: https://www.virustotal.com/gui/ip-address/91.92.252.125/detection

http://91.92.252.125

# Reference: https://urlhaus.abuse.ch/host/213.142.159.239/

http://213.142.159.239

# Reference: https://urlhaus.abuse.ch/url/2774841/

http://45.125.66.129

# Reference: https://urlhaus.abuse.ch/url/2774849/

ssdcertifyed.ygto.com

# Reference: https://urlhaus.abuse.ch/host/84.54.51.142/

http://84.54.51.142

# Reference: https://twitter.com/banthisguy9349/status/1764260013680251080
# Reference: https://urlhaus.abuse.ch/host/23.94.7.175

http://136.144.41.60
http://172.104.42.116
http://192.236.192.211
http://194.62.6.92
http://198.46.209.106
http://2.56.57.7
http://205.185.124.91
http://212.192.241.127
http://212.192.241.36
http://212.192.241.70
http://23.94.7.175
http://54.151.27.172
http://91.205.173.252
/.s4y/

# Reference: https://www.virustotal.com/gui/ip-address/193.221.95.42/relations

http://193.221.95.42

# Reference: https://www.virustotal.com/gui/ip-address/94.156.64.143/relations

http://94.156.64.143
/.ivn.arc
/.ivn.arm
/.ivn.arm4
/.ivn.arm4l
/.ivn.arm4t
/.ivn.arm4tl
/.ivn.arm4tll
/.ivn.arm5
/.ivn.arm5l
/.ivn.arm5n
/.ivn.arm6
/.ivn.arm64
/.ivn.arm6l
/.ivn.arm7
/.ivn.arm7l
/.ivn.arm8
/.ivn.armv4
/.ivn.armv4l
/.ivn.armv5l
/.ivn.armv6
/.ivn.armv61
/.ivn.armv6l
/.ivn.armv7l
/.ivn.dbg
/.ivn.exploit
/.ivn.i4
/.ivn.i486
/.ivn.i586
/.ivn.i6
/.ivn.i686
/.ivn.kill
/.ivn.m68
/.ivn.m68k
/.ivn.mips
/.ivn.mips64
/.ivn.mipseb
/.ivn.mipsel
/.ivn.mpsl
/.ivn.pcc
/.ivn.powerpc
/.ivn.powerpc-440fp
/.ivn.powerppc
/.ivn.ppc
/.ivn.ppc2
/.ivn.ppc440
/.ivn.ppc440fp
/.ivn.root
/.ivn.root32
/.ivn.sh
/.ivn.sh4
/.ivn.sparc
/.ivn.spc
/.ivn.ssh4
/.ivn.x32
/.ivn.x64
/.ivn.x86
/.ivn.x86_32
/.ivn.x86_64

# Reference: https://urlhaus.abuse.ch/host/37.44.238.77/

http://37.44.238.77

# Reference: https://www.virustotal.com/gui/ip-address/204.76.203.3/relations
# Reference: https://www.virustotal.com/gui/file/efee902181163d470ae0e295303f14e160bac498b22dbbb32ec38844955ccda2/detection

http://204.76.203.3
dgsf.cat

# Reference: https://www.virustotal.com/gui/file/6c5e1212691e6b3c6628c328cf81f960b0ecdb47ca35b171babcaeb18f19a2d3/detection

http://159.223.212.11

# Reference: https://pastebin.com/iBhg5JTM

24.144.81.7:2762
45.125.66.100:61616
45.125.66.102:61616
45.93.9.100:1876
45.93.9.107:1521
45.93.9.113:1723
45.93.9.98:1801
46.101.135.216:1311
46.23.108.249:61616
46.23.108.250:61616
46.23.108.251:61616
5.181.80.100:3090
5.181.80.102:3090
5.181.80.123:3090
5.181.80.156:3090
5.181.80.173:3090
5.181.80.174:3090
5.181.80.175:3090
5.181.80.176:3090
5.181.80.192:38421
5.181.80.49:61616 
5.181.80.50:61616
5.181.80.52:61616
5.181.80.56:61616
5.181.80.82:3090
5.181.80.83:3090
62.72.185.110:61616
62.72.185.21:61616
62.72.185.28:61616
62.72.185.34:61616
62.72.185.43:61616
62.72.185.45:61616
62.72.185.58:61616
62.72.185.68:61616
62.72.185.70:1521
62.72.185.80:1311
62.72.185.82:1311
62.72.185.8:38421
62.72.185.92:61616
62.72.185.99:1426
85.204.116.128:1340
85.204.116.230:1308

# Reference: https://twitter.com/banthisguy9349/status/1764726077832757601

http://20.205.11.156
20.205.11.156:666
20.205.11.156:9506

# Reference: https://urlhaus.abuse.ch/host/164.92.157.130/

http://164.92.157.130

# Reference: https://urlhaus.abuse.ch/host/94.156.71.251/
# Reference: https://www.virustotal.com/gui/file/e08eaaf7f1e332f3b34207f75dbef84ab42f4d9aab83ef3f3295373dac209028/detection
# Reference: https://www.virustotal.com/gui/file/0caac1ebf2caa14be183a854ff8fca76c5b6d5d8544bcece363d339264a306ee/detection

http://94.156.71.251
94.156.71.251:1312

# Reference: https://urlhaus.abuse.ch/host/103.78.0.41/
# Reference: https://www.virustotal.com/gui/file/cd01ed98d1c3e914d73680f05520c7d72ae9d768bd277f089d4527e96b049246/detection
# Reference: https://www.virustotal.com/gui/file/68c8cd6664b764ae59af917304a56f1f5da020abc735f99dd5cfb89743b240cd/detection

http://103.78.0.41
103.78.0.41:42597
vani.ovh
botnet.vani.ovh
/vlxx.arc
/vlxx.arm
/vlxx.arm4
/vlxx.arm4l
/vlxx.arm4t
/vlxx.arm4tl
/vlxx.arm4tll
/vlxx.arm5
/vlxx.arm5l
/vlxx.arm5n
/vlxx.arm6
/vlxx.arm64
/vlxx.arm6l
/vlxx.arm7
/vlxx.arm7l
/vlxx.arm8
/vlxx.armv4
/vlxx.armv4l
/vlxx.armv5l
/vlxx.armv6
/vlxx.armv61
/vlxx.armv6l
/vlxx.armv7l
/vlxx.dbg
/vlxx.exploit
/vlxx.i4
/vlxx.i486
/vlxx.i586
/vlxx.i6
/vlxx.i686
/vlxx.kill
/vlxx.m68
/vlxx.m68k
/vlxx.mips
/vlxx.mips64
/vlxx.mipseb
/vlxx.mipsel
/vlxx.mpsl
/vlxx.pcc
/vlxx.powerpc
/vlxx.powerpc-440fp
/vlxx.powerppc
/vlxx.ppc
/vlxx.ppc2
/vlxx.ppc440
/vlxx.ppc440fp
/vlxx.root
/vlxx.root32
/vlxx.sh
/vlxx.sh4
/vlxx.sparc
/vlxx.spc
/vlxx.ssh4
/vlxx.x32
/vlxx.x64
/vlxx.x86
/vlxx.x86_32
/vlxx.x86_64

# Reference: https://urlhaus.abuse.ch/host/89.190.156.61/

http://89.190.156.61

# Reference: https://urlhaus.abuse.ch/host/pboc.online/

pboc.online

# Reference: https://urlhaus.abuse.ch/host/103.173.255.143/
# Reference: https://www.virustotal.com/gui/file/d6a521ee91cfe1e5864a659165364290088fa86d6da9aa3dd4d7f60979329929/detection
# Reference: https://www.virustotal.com/gui/file/9d342a8ee4d0598f3224ffac069d11a22501a6ce6f56847687bcfdacf858a536/detection
# Reference: https://www.virustotal.com/gui/file/947529881170cfc9219f666e0bdc5a3c0ad10743cf8f4b65d5fef684bfeeb2d3/detection

http://103.173.255.143
103.173.255.143:42516
103.173.255.143:42597
srophuchung.com

# Reference: https://urlhaus.abuse.ch/host/194.127.178.5
# Reference: https://www.virustotal.com/gui/file/fdd10c926932838a7ff094e4211363d3ebfcc9fbe5e6918327e56975c5dbbc3f/detection

http://194.127.178.5
194.127.178.5:23597
moneymakernation.online
cnc.moneymakernation.online

# Reference: https://urlhaus.abuse.ch/host/103.116.52.207/
# Reference: https://www.virustotal.com/gui/file/d4dead285e10536c54e9925a7a7258237e55e333d04b7f31ba19721aa3e2bb95/detection

http://103.116.52.207
103.116.52.207:23597
hongdrama.xyz
314.hongdrama.xyz

# Reference: https://urlhaus.abuse.ch/host/nxsisgod.com/
# Reference: https://www.virustotal.com/gui/file/fff93f9071fb076576bfcbb327e81df0d96d8dc460d954fffc87ca1e898f5dc1/detection

193.111.250.51:55555
nxsisgod.com

# Reference: https://pastebin.com/1JE6cB3u

157.230.110.136:8899
172.245.106.205:9999
45.128.232.238:999
84.54.51.142:1337
91.92.244.11:6697
94.103.188.45:1312
95.216.48.143:2323

# Reference: https://twitter.com/banthisguy9349/status/1765346863169900941

84.54.51.103:32105
87.121.58.103:32105

# Reference: https://www.virustotal.com/gui/file/fd5e7f649bf6ff1d978a1b25b51c551e9925ce248bca685067a8c64ced00c2d6/detection

193.124.205.30:42597
vani.ovh
mirai.vani.ovh

# Reference: https://pastebin.com/XYsuxAGQ
# Reference: https://www.virustotal.com/gui/file/d3a102cf9d22609b92f562012fb7ca69f75e4950a2d605ef69b1d633a9ef5378/detection

http://193.124.205.30
http://193.124.205.33
http://194.116.216.83
http://45.154.2.69
http://91.92.252.33
193.124.205.3:42597
193.124.205.33:42597
91.92.253.185:6996
botnet2.vani.ovh

# Reference: https://www.virustotal.com/gui/file/6b116cb881b703a6130b2285f0b22485b9d699b8a29f0c2f9303fdf761dff2f3/detection

http://193.233.132.58
193.233.132.58:443

# Reference: https://twitter.com/Wafer4014/status/1765545525284065341
# Reference: https://pastebin.com/PM0wDYrR

141.98.7.2:1
176.123.2.50:8872
185.216.70.21:60195
185.216.70.30:420
78.40.117.36:1302
85.204.116.119:6666
91.92.253.177:5555
94.156.66.226:6996
94.156.68.231:1312

# Reference: https://urlhaus.abuse.ch/host/185.216.70.30
# Reference: https://pastebin.com/5P3L6kRs

http://185.216.70.30
85.204.116.119:1234

# Reference: https://twitter.com/banthisguy9349/status/1765381166733926625

http://93.123.85.81

# Reference: https://www.virustotal.com/gui/file/e5ff2d440b6a72f5afbee8734166221aaf365fbc210270d4f9482609d15ca683/detection

93.123.85.81:7891

# Reference: https://www.virustotal.com/gui/file/e4bfdf450f02733fd21e24d0bab012f263f5366fe62a922248dc45c3d42accad/detection

93.123.85.81:7070

# Reference: https://www.virustotal.com/gui/file/974e468fb97ffbd7f55a5fd671baaba7a18f173db50f36c3d89e56daba304ce9/detection

93.123.85.81:57899

# Reference: https://twitter.com/banthisguy9349/status/1766014105754694042
# Reference: https://www.virustotal.com/gui/ip-address/81.168.126.138/detection
# Reference: https://www.virustotal.com/gui/file/537805d290cc6d93c18f966036fdca0b2e86405ff0cb837fb74ef5685f4639d5/detection
# Reference: https://www.virustotal.com/gui/file/4537426d0d3fcc0df09f62ea7edf050f2e9743ca7eba6bb45ccea38d75dea125/detection
# Reference: https://www.virustotal.com/gui/file/bd359d4bec8f11cf7483f9ac7a61a4350af52ab92c1db0a424b3034acaf58bb3/detection

http://81.168.126.138
176.98.40.105:6667
93.123.85.13:3632
93.123.85.13:6667
red-bot.cc
botuwuw.red-bot.cc
cdn.red-bot.cc
f6khzwrxb9ppdgtbkufw.red-bot.cc

# Reference: https://www.virustotal.com/gui/file/ac8020132e1330993ca2824890f14b9c812738d1e0bd380b0886cd85166bebea/detection
# Reference: https://www.virustotal.com/gui/file/5ff98fee0289d6220e1c0cb121ce6172a3b5844b01b71bd6a8fee41fdc51f4be/detection

93.123.85.13:1312

# Reference: https://twitter.com/sicehice/status/1766266026738528406
# Reference: https://www.virustotal.com/gui/file/77e23c6b719915ed2716a609e2e18f9855371b2f085d313ea09cb58ae5472a14/detection
# Reference: https://www.virustotal.com/gui/file/67d74037b60e6e179288587e847f8b2b2cc7eab5806b45572dd3a6b4ef9ab508/detection
# Reference: https://www.virustotal.com/gui/file/314629572dad2bf0c068170691646bb9bee5bbbf12b40ed65030a45d5bd8eab1/detection

http://147.78.103.89
http://91.92.246.41
147.78.103.89:5958

# Reference: https://pastebin.com/3FAxkSSU

http://104.248.145.247
http://164.90.146.88
http://172.81.63.236
http://45.138.174.72
http://45.90.97.172
http://94.156.64.247
185.196.8.198:23
198.46.176.140:666
37.44.238.80:8190

# Reference: https://twitter.com/banthisguy9349/status/1766496202185457979

8.39.227.199:5357
8.39.227.199:5556

# Reference: https://pastebin.com/3m1ESpHK

http://144.91.109.161
http://167.99.0.202
http://172.245.106.205
http://185.196.8.198
http://45.87.153.96
http://45.95.147.241
http://5.39.253.57
http://91.92.241.220
http://94.156.8.244
103.153.69.114:43046
141.98.7.12:1985
141.98.7.62:44556
142.202.189.31:37215
171.228.226.103:42597
172.81.63.236:37215
179.43.172.21:9931
194.48.250.50:13
45.125.66.129:37215
45.142.107.38:1024
45.152.107.38:1024
45.90.97.172:2211
5.39.253.48:3007
51.81.0.241:1312
91.92.251.65:6996
91.92.253.150:13370
94.156.68.136:6666
94.156.69.209:5525
94.156.8.179:1312

# Reference: https://urlhaus.abuse.ch/host/193.124.205.45/

http://193.124.205.45

# Reference: https://www.virustotal.com/gui/file/82fbb67bf03714661b75a49245c8fe42141e7b68dda3f97f765eb1f2e00a89a9/detection

best.obs.cn-sz1.ctyun.cn
/sysnew.arc
/sysnew.arm
/sysnew.arm4
/sysnew.arm4l
/sysnew.arm4t
/sysnew.arm4tl
/sysnew.arm4tll
/sysnew.arm5
/sysnew.arm5l
/sysnew.arm5n
/sysnew.arm6
/sysnew.arm64
/sysnew.arm6l
/sysnew.arm7
/sysnew.arm7l
/sysnew.arm8
/sysnew.armv4
/sysnew.armv4l
/sysnew.armv5l
/sysnew.armv6
/sysnew.armv61
/sysnew.armv6l
/sysnew.armv7l
/sysnew.dbg
/sysnew.exploit
/sysnew.i4
/sysnew.i486
/sysnew.i586
/sysnew.i6
/sysnew.i686
/sysnew.kill
/sysnew.m68
/sysnew.m68k
/sysnew.mips
/sysnew.mips64
/sysnew.mipseb
/sysnew.mipsel
/sysnew.mpsl
/sysnew.pcc
/sysnew.powerpc
/sysnew.powerpc-440fp
/sysnew.powerppc
/sysnew.ppc
/sysnew.ppc2
/sysnew.ppc440
/sysnew.ppc440fp
/sysnew.root
/sysnew.root32
/sysnew.sh
/sysnew.sh4
/sysnew.sparc
/sysnew.spc
/sysnew.ssh4
/sysnew.x32
/sysnew.x64
/sysnew.x86
/sysnew.x86_32
/sysnew.x86_64

# Reference: https://www.virustotal.com/gui/file/3cb8715937fe09f4a1cbd7fc049f184ddb6150bf5116e1827655a7ac464054af/detection

46.23.108.252:3090
5.181.80.178:3090
5.181.80.27:3090

# Reference: https://www.virustotal.com/gui/file/e5252579d6a8c1ca9efe490a59b14a5b9c7b2c96808ee915a47706b8732c674b/detection

62.72.185.68:38241

# Reference: https://www.virustotal.com/gui/file/c32ba04a1d8f80c522f3fcd15302ca124c9bb372811972f39b7917e148ead3d5/detection

46.23.108.251:38241

# Reference: https://www.virustotal.com/gui/file/5e7f7c084b11f4129d47e72865d18749be8849ce5caf0519415b0e8576831e78/detection

5.181.80.52:38241

# Reference: https://www.virustotal.com/gui/file/2a529e0b2a320c2a63e4fb0a8a036485c53d27464c0c00e5669a6da87bac46af/detection

62.72.185.92:38241

# Reference: https://pastebin.com/QNLABUWX

http://107.189.4.242
http://107.189.7.6
http://14.225.213.142
http://142.202.188.244
http://147.45.77.28
http://154.9.254.104
http://193.124.205.48
http://194.48.250.133
http://91.92.244.6
http://93.123.85.75
103.67.197.185:2023
141.98.10.79:9511
141.98.7.17:49760
193.35.18.164:59432
45.13.227.12:43957
91.92.251.30:9506

# Reference: https://twitter.com/banthisguy9349/status/1767960504595517721
# Reference: https://www.virustotal.com/gui/file/e08ad495c3b35a5624884f250990bdc303f3a079623ab6fd6f985386d2cbeba5/detection
# Reference: https://www.virustotal.com/gui/file/24559a625d20f947478d30fe5c4f86253f95b1629b80576e2280f09ea650c3ca/detection
# Reference: https://www.virustotal.com/gui/file/182dbf915c6867317702d2b07de99a6293871d3ed6fb23c1c8a0e11bbdfab13d/detection

http://23.199.164.216
http://23.58.189.71
http://91.92.251.34
http://94.156.68.163
91.92.251.34:31337

# Reference: https://pastebin.com/svS0GWTd

http://14.225.208.190
http://141.98.10.52
http://142.202.188.242
http://147.78.103.17
http://171.228.203.74
http://185.33.87.246
http://185.33.87.42
http://188.127.230.210
http://216.219.94.57
http://27.71.17.175
http://45.14.244.89
http://74.50.65.52
http://79.141.162.34
http://91.92.251.251
http://91.92.251.34
http://94.156.66.36
http://95.179.177.99
103.153.69.114:56999
103.228.37.236:2023
14.225.213.142:42597
141.98.7.7:1
141.98.7.88:2378
144.91.109.161:42597
147.45.78.58:23
149.50.213.215:23
15.204.223.194:23
154.9.254.104:1089
154.9.29.154:55650
193.233.202.218:55650
194.48.250.133:23
23.95.132.42:23
45.128.232.186:1302
45.128.232.59:59666
45.154.3.56:56789
45.93.9.132:1302
77.91.85.191:350
89.190.156.61:60124
91.92.241.11:1312
93.123.85.121:5555
93.123.85.75:666
94.228.165.82:60888

# Reference: https://twitter.com/sicehice/status/1767906992578826661

http://95.214.27.7
http://95.214.27.8
http://95.214.53.99

# Reference: https://twitter.com/SecureSh3ll/status/1768762266600497224
# Reference: https://www.virustotal.com/gui/file/11e49f12c76b0ea24044e35467fe7ec95a0a7cd0c932cd042662b241c845479d/detection
# Reference: https://www.virustotal.com/gui/file/0df5e4e1a984f3331ec59ddc57a9c07c4c6b85da90ed328efd44402fd8e2ed94/detection

138.68.95.155:42061
157.230.40.224:42061
165.227.178.235:42061
165.227.178.235:61543
165.227.178.235:7193
45.142.156.209:6868
/la.bot.arc
/la.bot.arm
/la.bot.arm4
/la.bot.arm4l
/la.bot.arm4t
/la.bot.arm4tl
/la.bot.arm4tll
/la.bot.arm5
/la.bot.arm5l
/la.bot.arm5n
/la.bot.arm6
/la.bot.arm64
/la.bot.arm6l
/la.bot.arm7
/la.bot.arm7l
/la.bot.arm8
/la.bot.armv4
/la.bot.armv4l
/la.bot.armv5l
/la.bot.armv6
/la.bot.armv61
/la.bot.armv6l
/la.bot.armv7l
/la.bot.dbg
/la.bot.exploit
/la.bot.i4
/la.bot.i486
/la.bot.i586
/la.bot.i6
/la.bot.i686
/la.bot.kill
/la.bot.m68
/la.bot.m68k
/la.bot.mips
/la.bot.mips64
/la.bot.mipseb
/la.bot.mipsel
/la.bot.mpsl
/la.bot.pcc
/la.bot.powerpc
/la.bot.powerpc-440fp
/la.bot.powerppc
/la.bot.ppc
/la.bot.ppc2
/la.bot.ppc440
/la.bot.ppc440fp
/la.bot.root
/la.bot.root32
/la.bot.sh
/la.bot.sh4
/la.bot.sparc
/la.bot.spc
/la.bot.ssh4
/la.bot.x32
/la.bot.x64
/la.bot.x86
/la.bot.x86_32
/la.bot.x86_64

# Reference: https://twitter.com/banthisguy9349/status/1769700404927873200
# Reference: https://www.virustotal.com/gui/ip-address/141.98.7.221/relations

141.98.7.221:1337

# Reference: https://www.virustotal.com/gui/file/0184b3723c3eb080f91286e3d5b7b7d64eea4c2b9bf3e5ce59f1311e93fe1d63/detection

103.14.225.191:56999
networkbn.click
bn.networkbn.click

# Reference: https://www.virustotal.com/gui/file/eac6ce6cfeace9445a6a277541e85e561977942db4a68b6b020095a5f2a0930b/detection

94.156.65.179:38241

# Reference: https://www.virustotal.com/gui/file/95a440ca7b31086cc37dae5324199d832e9cbc80982b14d2c52495606764f832/detection

94.156.66.208:38241

# Reference: https://www.virustotal.com/gui/file/7a4c450618e23f481d8cd5ad7bd14138c6d760b0faee1621225988d5dbba9257/detection

62.72.185.58:38241

# Reference: https://www.virustotal.com/gui/file/6b1094774cb371567aea10dc3023cf8d6c697985dd36ad0e3c5ce36022824bb3/detection

204.76.203.20:38241

# Reference: https://www.virustotal.com/gui/file/450701cec57e1d4afe92ab596e9e802add2ce2da090027eb82d615d1d75772a9/detection

204.76.203.17:38241

# Reference: https://www.virustotal.com/gui/file/31746737de234b7d3c3e507e72ec059772bf2ef6b559a7a6c396b876779e28c8/detection

http://91.92.242.159

# Reference: https://www.virustotal.com/gui/file/644025b2742de9674882b7aa819a718ac40d402a213bcb0c88f100d6dcb2e3d7/detection

5.181.80.140:38241

# Reference: https://www.virustotal.com/gui/file/4c4d1b465cc7463419b66a6cbd2f06b9b7f93d853c967ac1f25e838fd31a7740/detection

5.181.80.106:38241

# Reference: https://twitter.com/banthisguy9349/status/1770861934025334858
# Reference: https://www.virustotal.com/gui/file/3e0936d55b3a50ec69a1cbc99f44d11d84070eb3c1bb1fbb076e9b1c24fe4cb9/detection

net-killer.work.gd

# Reference: https://pastebin.com/312kjbjd

http://141.98.7.86
http://146.19.191.207
http://185.191.124.173
http://185.216.70.96
http://193.233.203.55
http://45.14.244.117
http://45.140.188.133
http://45.95.147.215
http://91.92.249.208
http://91.92.249.83
http://94.156.68.190
http://95.164.45.31
http://95.164.7.62

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-03-23)

http://103.82.22.249
http://137.66.28.90
http://139.59.209.121
http://147.46.173.115
http://152.30.213.102
http://157.90.23.220
http://164.92.141.56
http://166.88.210.252
http://167.99.179.6
http://169.155.49.133
http://186.57.243.235
http://190.211.252.22
http://211.101.236.121
http://212.227.212.40
http://212.250.71.34
http://217.26.55.50
http://31.166.227.210
http://45.142.182.95
http://66.242.156.33
http://72.167.251.220
http://79.125.66.85
http://8.222.168.53
http://91.150.20.235
http://91.215.110.21
101.71.125.86:300
103.119.1.73:1111
103.173.254.239:42516
103.178.229.220:56999
103.82.21.240:34241
103.82.21.240:3778
107.189.13.105:50810
116.206.75.169:28802
128.199.100.0:1311
128.199.168.231:1433
128.199.80.79:3007
135.148.100.57:41120
136.175.200.177:1337
141.98.24.135:2386
141.98.6.123:45
141.98.6.137:1312
141.98.6.143:9506
141.98.7.7:2
144.208.127.119:56999
146.19.168.217:59666
146.190.81.220:1311
15.235.180.234:7042
152.42.163.34:1311
152.42.163.36:1311
154.13.6.152:55655
154.37.152.66:56999
157.230.41.125:61616
157.245.193.12:1311
162.19.145.38:9999
168.119.241.162:6667
172.111.10.182:6667
172.245.135.175:13513
173.255.225.17:666
176.124.32.84:32465
178.128.63.21:1311
178.128.86.45:1311
179.43.142.79:38241
179.43.155.209:420
179.43.155.209:42069
179.43.155.209:8769
179.43.155.209:9375
179.43.162.124:17382
179.43.182.188:1312
185.102.174.109:5434
185.117.73.134:61616
185.117.73.187:1311
185.141.27.17:1311
185.141.27.200:1311
185.150.26.253:123
185.17.0.201:1312
185.183.96.15:61616
185.196.220.64:23
185.196.9.25:38242
185.196.9.97:38241
185.198.57.73:61616
185.198.57.78:61616
185.209.160.19:54439
185.216.70.192:60195
185.225.74.159:55555
185.225.74.79:9999
185.252.179.190:42069
185.45.193.151:61616
185.82.202.236:1311
188.165.194.214:29500
188.166.248.148:6667
190.211.252.50:4277
193.29.189.14:19999
193.29.189.37:19999
193.35.18.64:3778
193.42.32.198:11025
193.42.32.240:1312
193.42.32.40:55555
194.169.175.31:2323
194.169.175.33:2323
194.180.48.84:47338
194.180.48.84:59666
194.233.175.76:3778
194.26.229.157:6281
195.3.223.177:56999
198.55.103.124:9506
198.98.53.159:1791
198.98.53.236:1312
2.58.113.45:3778
202.189.6.234:6882
206.217.205.20:55183
209.141.46.106:56999
209.38.225.88:6667
217.76.48.204:3884
41.216.181.42:56999
41.216.181.70:60195
41.216.182.160:6996
42.96.0.18:56999
43.248.116.123:3389
45.12.253.228:45
45.125.66.109:1311
45.125.66.111:61616
45.125.66.137:1311
45.125.66.146:1311
45.125.66.152:1311
45.125.66.37:1311
45.125.66.54:1311
45.125.66.61:1311
45.125.66.64:1311
45.125.66.68:1311
45.125.66.95:1311
45.128.232.186:1234
45.131.111.241:59666
45.142.114.233:4444
45.158.22.161:56999
45.66.230.64:9506
45.67.228.91:3666
45.81.234.229:3778
45.81.39.111:55555
45.86.86.176:1312
45.91.116.104:38241
45.95.169.175:5555
46.3.113.238:17691
47.246.0.171:443
5.181.159.147:55555
5.181.80.127:3090
5.181.80.141:3778
5.181.80.189:61616
5.255.100.65:9090
5.42.87.102:45
5.42.95.232:3778
51.15.13.91:1312
51.79.87.4:1482
51.79.87.4:34241
51.89.157.32:4200
62.72.185.175:1475
62.72.185.201:1451
62.72.185.20:1581
62.72.185.35:61616
62.72.185.39:1463
62.72.185.42:61616
62.72.185.65:1760
74.208.188.16:443
75.119.146.125:7267
79.110.49.16:6666
79.110.49.217:56999
79.110.49.85:9375
8.219.246.185:56999
8.222.187.109:55555
80.64.218.145:23
82.180.161.30:3778
84.54.51.124:1311
85.208.139.73:55555
85.217.144.191:15636
85.217.144.218:34129
86.107.179.130:3778
87.121.113.107:56744
87.121.221.196:56744
87.121.221.196:9999
88.214.56.14:2020
91.229.239.77:3778
91.92.241.220:59962
91.92.252.32:2112
91.92.254.23:5656
93.123.85.100:38241
93.123.85.101:3778
94.156.64.143:9821
94.156.8.116:1024
95.179.177.99:9999
95.214.26.87:1312
95.214.27.160:3778
95.214.27.201:59778
95.214.27.45:47338
98.159.100.91:1337
bmjz.vip
botce.heihuo8.top
botnet7.vani.ovh
catnetwork.online
cnc.powerfull-skid.com
cnc.pr333.ggm.kr
espontaneo.cc
firmware.fucktheccp.top
griefcube.cc
heihuo8.top
hex.lumosora.us
lumosora.us
mnmn.espontaneo.cc
powerfull-skid.com
pr333.ggm.kr
route.qyhgroup.com
sjdkghsdughpowieugh8932.griefcube.cc
wwv.bmjz.vip

# Reference: https://twitter.com/tosscoinwitcher/status/1771393158238347667

/foxypoo.arc
/foxypoo.arm
/foxypoo.arm4
/foxypoo.arm4l
/foxypoo.arm4t
/foxypoo.arm4tl
/foxypoo.arm4tll
/foxypoo.arm5
/foxypoo.arm5l
/foxypoo.arm5n
/foxypoo.arm6
/foxypoo.arm64
/foxypoo.arm6l
/foxypoo.arm7
/foxypoo.arm7l
/foxypoo.arm8
/foxypoo.armv4
/foxypoo.armv4l
/foxypoo.armv5l
/foxypoo.armv6
/foxypoo.armv61
/foxypoo.armv6l
/foxypoo.armv7l
/foxypoo.dbg
/foxypoo.exploit
/foxypoo.i4
/foxypoo.i486
/foxypoo.i586
/foxypoo.i6
/foxypoo.i686
/foxypoo.kill
/foxypoo.m68
/foxypoo.m68k
/foxypoo.mips
/foxypoo.mips64
/foxypoo.mipseb
/foxypoo.mipsel
/foxypoo.mpsl
/foxypoo.pcc
/foxypoo.powerpc
/foxypoo.powerpc-440fp
/foxypoo.powerppc
/foxypoo.ppc
/foxypoo.ppc2
/foxypoo.ppc440
/foxypoo.ppc440fp
/foxypoo.root
/foxypoo.root32
/foxypoo.sh
/foxypoo.sh4
/foxypoo.sparc
/foxypoo.spc
/foxypoo.ssh4
/foxypoo.x32
/foxypoo.x64
/foxypoo.x86
/foxypoo.x86_32
/foxypoo.x86_64

# Reference: https://blog.xlab.qianxin.com/mirai-nomi-en/

goweqmcsa.xyz
postdarkness.shop
auth.postdarkness.shop
axz.lionos.xyz
wwea.goweqmcsa.xyz
xza.goweqmcsa.xyz

# Reference: https://www.virustotal.com/gui/ip-address/14.225.198.222/relations
# Reference: https://www.virustotal.com/gui/file/e31f58b04b971d2e65016eb4fa1cfa7de5faf9a506fffbfb95c0c01863b0bc9c/detection

103.153.69.114:43957
bachlong-sro.com
jx1kysu.com

# Reference: https://www.virustotal.com/gui/file/ff94f0a699cce7bf19aee2085433e0b22fc48bc44a7d4da94a515a011e45d4a8/detection

103.137.184.167:32638

# Reference: https://urlhaus.abuse.ch/host/93.123.85.106/

http://93.123.85.106

# Reference: https://twitter.com/banthisguy9349/status/1772898902666031517
# Reference: https://urlhaus.abuse.ch/host/103.67.196.77/
# Reference: https://urlhaus.abuse.ch/host/45.128.232.82/
# Reference: https://urlhaus.abuse.ch/host/74.50.85.233/
# Reference: https://www.virustotal.com/gui/ip-address/31.220.30.240/relations

http://103.67.196.77
http://45.128.232.82
http://74.50.85.233
botnetclicker.xyz
versenet.lol

# Reference: https://urlhaus.abuse.ch/host/white.diicot.xyz/

diicot.xyz
white.diicot.xyz

# Reference: https://twitter.com/banthisguy9349/status/1773254472950530118
# Reference: https://twitter.com/banthisguy9349/status/1773273458169778249

http://51.38.93.187
http://62.72.51.74
15.204.240.170:1337
15.204.244.125:9999
188.213.7.124:2023
51.38.109.59:3476
62.72.51.74:8080
89.116.167.224:1337
91.92.244.78:1337

# Reference: https://urlhaus.abuse.ch/host/62.72.185.39

http://62.72.185.39

# Reference: https://www.virustotal.com/gui/file/3250ac03f54afb378acfe427dce65b32e573081179491b6bc585ab348f12e6d3/detection

185.82.202.236:7354
185.82.202.236:7599
62.72.185.201:2064
78.40.117.5:25569

# Reference: https://www.virustotal.com/gui/file/e4dc22f111de305e484d93e9b12ba80e5b11f2be9808fa400a8a54a41419dff4/detection

78.40.117.5:13342

# Reference: https://www.virustotal.com/gui/file/d07a3e8359c68ff397e10629865155307d1a56cc50bfd39efd70188d3aefa063/detection

http://62.72.185.4

# Reference: https://twitter.com/redrabytes/status/1773797645363867915
# Reference: https://www.virustotal.com/gui/file/e5d9d8cf7500d0e74fb5e380ac290c638dedc8d344f3b9a4f61c26e1c71b6372/detection

http://185.224.128.34
185.224.128.34:33335
185.224.128.34:33336
rooty.cc

# Reference: https://www.virustotal.com/gui/ip-address/89.190.156.173/relations
# Reference: https://www.virustotal.com/gui/file/b3d9600cf626e76ca054ec9cb01999ff1314cc11bdec459f434da636fcf14960/detection

http://89.190.156.173
89.190.156.173:33335
89.190.156.173:33336
peterhware.dyn
wowyoursocute.oss

# Reference: https://www.virustotal.com/gui/file/c2c5339ef6eacaa7e9713fb19f754a32fab2b194dd83f90ed4c4cfb5ddbff78c/detection

http://45.88.90.103

# Reference: https://twitter.com/banthisguy9349/status/1773663691365306450
# Reference: https://twitter.com/banthisguy9349/status/1787558250453340462
# Reference: https://pastebin.com/v6fTwbAK

http://144.172.73.8
http://185.148.241.107
103.4.235.175:9900
103.82.135.217:9900
141.98.7.200:1337
141.98.7.2:4122
141.98.7.37:1337
141.98.7.41:1337
141.98.7.53:999
141.98.7.7:4122
142.44.236.7:666
144.172.73.20:1337
144.172.73.44:1337
144.172.73.5:1337
144.172.73.8:1337
144.172.73.9:10000
15.204.132.100:1337
15.204.211.81:5000
15.204.22.165:1337
158.51.96.17:1225
185.148.241.107:1337
185.171.121.161:420
185.91.127.66:1337
195.58.39.34:6643
198.98.57.36:1337
198.98.58.246:1337
199.195.251.103:22
2.58.95.55:1337
209.141.35.229:27358
216.107.139.159:9966
23.160.193.106:1225
23.160.193.4:1225
23.160.194.10:1225
41.216.182.208:1337
45.128.232.138:7070
45.128.232.85:7070
45.137.207.144:1337
45.140.141.160:9900
45.140.188.152:1337
45.140.188.19:1337
45.140.188.212:1337
45.141.202.162:1010
45.141.202.71:1337
45.141.202.78:1337
45.90.12.98:9900
45.90.13.125:1337
45.90.13.164:1337
5.181.80.64:999
5.196.162.3:4611
5.196.244.80:666
51.222.196.58:1337
51.81.230.244:9900
54.39.67.23:9999
79.137.203.236:1337
84.54.51.107:7070
84.54.51.132:7070
84.54.51.144:7070
84.54.51.195:7070
84.54.51.205:7070
84.54.51.206:1337
84.54.51.207:7070
84.54.51.208:7070
86.104.194.180:1337
91.103.253.34:1337
91.92.255.74:999
92.249.48.147:8888
93.123.85.59:1337
94.156.71.193:1337
94.156.71.51:1337
a.refusal.biz
aeicjslvodjfklllf.top
aemvieudjkscbbb.top
aenbcisbflkdjjjccc.top
aeocidkcsjxxcxcc.top
authillusion.online
alo.taxido.shop
balkanskiskidovi.xyz
betaproxy.herios-stresser.space
bl.refusal.biz
blyndz.icu
cafe.refusal.biz
caovh.lol
chrysler.vip
chryslernetwork.online
dash.authillusion.online
ddos.nekofish.cc
egirls.tech
eternalservices.cc
fleurs-parfaites.online
frostedfamily.xyz
gorillafirewall.su
gorillaproxy.cloud
gorillaproxy.su
holding.homes
info.refusal.biz
kane.kingswoklongwood.com
metis-kill-faggots.xyz
nekofish.cc
niggakilla.xyz
ooxxoxox.win
poggo-proxy.online
proxy.iswearimnotgay.net
proxys.herios-stress.xyz
refusal.biz
report.refusal.biz
santa.army
sb.refusal.biz
seized.icu
stitch.army
tomware.xyz
wyng.whiting.io
xs.ooxxoxox.win

# Reference: https://pastebin.com/adj7VqbL
# Reference: https://pastebin.com/6WXhbX8d

http://103.35.190.189
http://103.35.190.238
http://141.98.10.128
http://141.98.10.82
http://141.98.10.87
http://141.98.11.96
http://185.196.11.209
http://185.216.70.192
http://185.224.128.36
http://193.111.248.44
http://193.141.60.143
http://45.152.86.86
http://91.92.241.110
http://93.123.39.73
http://94.156.71.98
/insetto-arc
/insetto-arm
/insetto-arm4
/insetto-arm4l
/insetto-arm4t
/insetto-arm4tl
/insetto-arm4tll
/insetto-arm5
/insetto-arm5l
/insetto-arm5n
/insetto-arm6
/insetto-arm64
/insetto-arm6l
/insetto-arm7
/insetto-arm7l
/insetto-arm8
/insetto-armv4
/insetto-armv4l
/insetto-armv5l
/insetto-armv6
/insetto-armv61
/insetto-armv6l
/insetto-armv7l
/insetto-dbg
/insetto-exploit
/insetto-i4
/insetto-i486
/insetto-i586
/insetto-i6
/insetto-i686
/insetto-kill
/insetto-m68
/insetto-m68k
/insetto-mips
/insetto-mips64
/insetto-mipseb
/insetto-mipsel
/insetto-mpsl
/insetto-pcc
/insetto-powerpc
/insetto-powerpc-440fp
/insetto-powerppc
/insetto-ppc
/insetto-ppc2
/insetto-ppc440
/insetto-ppc440fp
/insetto-root
/insetto-root32
/insetto-sh
/insetto-sh4
/insetto-sparc
/insetto-spc
/insetto-ssh4
/insetto-x32
/insetto-x64
/insetto-x86
/insetto-x86_32
/insetto-x86_64
/shindeVarc
/shindeVarm
/shindeVarm4
/shindeVarm4l
/shindeVarm4t
/shindeVarm4tl
/shindeVarm4tll
/shindeVarm5
/shindeVarm5l
/shindeVarm5n
/shindeVarm6
/shindeVarm64
/shindeVarm6l
/shindeVarm7
/shindeVarm7l
/shindeVarm8
/shindeVarmv4
/shindeVarmv4l
/shindeVarmv5l
/shindeVarmv6
/shindeVarmv61
/shindeVarmv6l
/shindeVarmv7l
/shindeVdbg
/shindeVexploit
/shindeVi4
/shindeVi486
/shindeVi586
/shindeVi6
/shindeVi686
/shindeVkill
/shindeVm68
/shindeVm68k
/shindeVmips
/shindeVmips64
/shindeVmipseb
/shindeVmipsel
/shindeVmpsl
/shindeVpcc
/shindeVpowerpc
/shindeVpowerpc-440fp
/shindeVpowerppc
/shindeVppc
/shindeVppc2
/shindeVppc440
/shindeVppc440fp
/shindeVroot
/shindeVroot32
/shindeVsh
/shindeVsh4
/shindeVsparc
/shindeVspc
/shindeVssh4
/shindeVx32
/shindeVx64
/shindeVx86
/shindeVx86_32
/shindeVx86_64
/skidnr.arc
/skidnr.arm
/skidnr.arm4
/skidnr.arm4l
/skidnr.arm4t
/skidnr.arm4tl
/skidnr.arm4tll
/skidnr.arm5
/skidnr.arm5l
/skidnr.arm5n
/skidnr.arm6
/skidnr.arm64
/skidnr.arm6l
/skidnr.arm7
/skidnr.arm7l
/skidnr.arm8
/skidnr.armv4
/skidnr.armv4l
/skidnr.armv5l
/skidnr.armv6
/skidnr.armv61
/skidnr.armv6l
/skidnr.armv7l
/skidnr.dbg
/skidnr.exploit
/skidnr.i4
/skidnr.i486
/skidnr.i586
/skidnr.i6
/skidnr.i686
/skidnr.kill
/skidnr.m68
/skidnr.m68k
/skidnr.mips
/skidnr.mips64
/skidnr.mipseb
/skidnr.mipsel
/skidnr.mpsl
/skidnr.pcc
/skidnr.powerpc
/skidnr.powerpc-440fp
/skidnr.powerppc
/skidnr.ppc
/skidnr.ppc2
/skidnr.ppc440
/skidnr.ppc440fp
/skidnr.root
/skidnr.root32
/skidnr.sh
/skidnr.sh4
/skidnr.sparc
/skidnr.spc
/skidnr.ssh4
/skidnr.x32
/skidnr.x64
/skidnr.x86
/skidnr.x86_32
/skidnr.x86_64
/zmap.arc
/zmap.arm
/zmap.arm4
/zmap.arm4l
/zmap.arm4t
/zmap.arm4tl
/zmap.arm4tll
/zmap.arm5
/zmap.arm5l
/zmap.arm5n
/zmap.arm6
/zmap.arm64
/zmap.arm6l
/zmap.arm7
/zmap.arm7l
/zmap.arm8
/zmap.armv4
/zmap.armv4l
/zmap.armv5l
/zmap.armv6
/zmap.armv61
/zmap.armv6l
/zmap.armv7l
/zmap.dbg
/zmap.exploit
/zmap.i4
/zmap.i486
/zmap.i586
/zmap.i6
/zmap.i686
/zmap.kill
/zmap.m68
/zmap.m68k
/zmap.mips
/zmap.mips64
/zmap.mipseb
/zmap.mipsel
/zmap.mpsl
/zmap.pcc
/zmap.powerpc
/zmap.powerpc-440fp
/zmap.powerppc
/zmap.ppc
/zmap.ppc2
/zmap.ppc440
/zmap.ppc440fp
/zmap.root
/zmap.root32
/zmap.sh
/zmap.sh4
/zmap.sparc
/zmap.spc
/zmap.ssh4
/zmap.x32
/zmap.x64
/zmap.x86
/zmap.x86_32
/zmap.x86_64

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-03-31)

http://103.173.178.208
http://103.188.244.189
http://113.22.74.126
http://161.35.249.113
http://40.83.122.109
http://42.112.76.107
103.116.52.207:42597
103.172.79.74:2023
103.173.178.208:43957
14.225.208.190:19990
45.152.86.86:56789
74.50.85.233:43957
91.92.253.201:6996
93.123.85.11:35769
4qvvg9ud51lxa5te.gta5.eu.org
a.iruko.top
akdns.top
ap.akdns.top
bt.zoml.cc
fdh32fsdfhs.shop
fw1.anti-ddos.io.vn
iruko.top
metis-black.com
metis-info.com
nt.zua6.com
voidc2.xyz
xinjiangworker.shop
xjp.xinjiangworker.shop
zoml.cc
zua6.com

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-03-31)

118.227.92.21:23
139.59.88.74:667
147.78.103.94:38241
15.204.223.49:9931
162.20.184.46:37215
177.165.108.44:23
185.196.10.155:3778
185.196.8.213:6789
193.35.18.56:65490
193.35.18.62:3778
197.253.114.16:37215
213.129.216.207:23
34.125.17.32:6668
45.13.226.34:9932
46.226.164.82:23
62.72.185.15:61616
62.72.185.90:61616
67.217.60.78:7854
74.50.65.52:7855
77.73.68.225:1688
91.92.249.225:61616
91.92.252.207:61616
91.92.252.218:61616
91.92.252.224:61616
91.92.252.225:61616
93.123.85.73:6789
a.hxhk.cc
api.virtue.ltd
b.hxhk.cc
c.hxhk.cc
cnc.hxhk.cc
giga.giganoob.xyz
giganoob.xyz
hxhk.cc
jhbaghjbasdg.shop
rawapi.nekololis.ovh
servicehelper.oss
t.hxhk.cc
tomhxhk.cc
v.hxhk.cc
virtue.ltd
x.hxhk.cc
z.hxhk.cc

# Reference: https://twitter.com/redrabytes/status/1774825933297316161
# Reference: https://www.virustotal.com/gui/file/0302a084d7d3f03d60c1827b965279ca72fa1d294326c25842ec8dd4fe733bb2/detection

http://45.131.111.159
45.131.111.159:23
45.131.111.159:777
crewlife.online
paradisecityofficial.de
reallifehollywood.eu

# Reference: https://twitter.com/redrabytes/status/1774835154084647234
# Reference: https://www.virustotal.com/gui/file/e0aaf01b459cbf11b2b0426c0fd9f2cd08cdbf10dd6551178dd805321eae61e9/detection
# Reference: https://www.virustotal.com/gui/file/e02371957fbb6ba207d007f93e22b66f50991f630741404aead608f445e38ed9/detection
# Reference: https://www.virustotal.com/gui/file/d51066a2804b29bff6aaba25103fc002c4bdc5b66dd8de67edb321254c708e03/detection
# Reference: https://www.virustotal.com/gui/file/7e2e0930d1712b55709c89ecaa253832e68a359073603c6d4a541f7089f1001a/detection
# Reference: https://www.virustotal.com/gui/file/2138b20bbbbe079f309a9837ffa1cf1759e6d064c5516fc3684e64d021550f47/detection

http://67.217.60.78
118.227.92.21:23
67.217.60.78:7854
67.217.60.78:7855

# Reference: https://twitter.com/redrabytes/status/1774895333417296117

http://104.234.204.161
104.234.204.161:1
104.234.204.161:100

# Reference: https://twitter.com/redrabytes/status/1774916150444347855

http://185.224.128.36
185.224.128.36:33335
185.224.128.36:33336

# Reference: https://pastebin.com/sQJWU65t

http://103.67.197.152
http://146.190.148.70
http://149.50.96.91
http://185.16.39.29
http://188.132.183.10
http://209.239.112.213
http://80.66.77.235
http://83.209.41.236
http://87.246.7.66
http://91.92.254.124
http://92.249.48.166
http://94.156.8.109

# Reference: https://pastebin.com/FmsKXBHs

http://141.98.7.37
http://185.245.83.56
http://194.164.20.178
http://42.96.15.115
http://45.128.232.145

# Reference: https://twitter.com/redrabytes/status/1775644653397614666

103.188.244.189:2024
103.188.244.189:43957

# Reference: https://www.virustotal.com/gui/file/4b30644f8c74c354e165432b8b084c7d002b51bbdc0da48a15723b96e740eef9/detection

http://45.95.169.139

# Reference: https://www.virustotal.com/gui/file/b60a151390ba1b32c773ef74db98b16f2d229d7cd521ace2e6c6906235eef46d/detection
# Reference: https://www.virustotal.com/gui/file/bb0fea23f67c783d1b0d3f8f92e1fd91f1c5d85f7782bc135f0269057e2ab4c3/detection

45.95.169.139:9372

# Reference: https://twitter.com/banthisguy9349/status/1777031116815204451

45.128.232.100:1337
45.128.232.169:1337
84.54.51.206:10000
pf7.prsv.ch

# Reference: https://twitter.com/redrabytes/status/1777095655187530172
# Reference: https://www.virustotal.com/gui/file/a0a92504bea5a0ca003f0997ccb48653b5e2c81cd4fe72784bd6cf90943e9ec9/detection

http://154.44.26.59
154.44.25.185:36912
przsc.cn
botnet.przsc.cn
net.przsc.cn

# Reference: https://twitter.com/banthisguy9349/status/1777280091401105539

http://171.244.42.47
http://188.93.233.235
http://45.140.143.161
http://45.140.188.47
http://45.61.188.140
http://51.81.230.244
http://54.39.252.71
http://92.249.48.78

# Reference: https://twitter.com/banthisguy9349/status/1777291768129597651

http://141.98.7.123
http://141.98.7.217
http://144.217.16.164
http://159.253.120.116
http://193.35.18.98
http://198.27.107.169
http://199.195.251.103
http://205.185.119.42
http://38.45.100.58
http://41.216.182.208
http://45.128.232.43
http://51.222.204.13
http://51.89.251.242
http://79.133.46.200
http://85.203.42.64
http://89.208.103.203
http://91.103.253.34
http://91.92.254.109
http://92.249.48.147
http://94.131.99.113
135.148.124.223:1337
141.98.10.46:8443
141.98.7.123:1337
144.172.73.25:1337
144.172.73.26:1337
144.172.73.28:10000
144.217.16.164:9900
146.19.254.219:1337
149.56.79.118:9999
15.204.18.204:1337
159.253.120.116:7777
172.65.149.128:22
193.34.69.249:8080
193.35.18.35:88
205.185.119.42:1337
23.160.193.10:1225
23.160.194.106:1225
38.45.100.58:1337
45.128.232.85:1337
45.140.188.47:911
45.141.202.79:1337
5.196.162.1:9999
5.196.239.182:1337
5.39.34.46:9999
51.222.204.13:1337
51.81.115.26:1337
51.89.251.242:1337
79.133.46.200:1337
85.203.42.64:1337
93.123.85.172:1337
94.156.71.66:1337
94.156.71.66:9999
94.156.8.32:9900
94.156.8.72:7777
94.156.8.79:7777
dpmc2.mysellix.io
fuzzyproxy.cc
leanc2.xyz
lydiari.mrbonus.com
naucosi.cfd
ninja-cnc.xyz
nuclear.baby
poggo-proxy.lol
proxy-voidc2.xyz

# Reference: https://twitter.com/banthisguy9349/status/1777298091885916595

http://178.208.87.102
http://64.226.114.30
http://91.92.243.135
http://91.92.254.113
http://91.92.255.185
http://94.156.64.41
http://94.156.65.212
/.x/Chrome

# Reference: https://twitter.com/banthisguy9349/status/1777242830685016335

http://137.184.244.207
/zbot.sh
/zbot-build.sh
/zbotarc
/zbotarm
/zbotarm4
/zbotarm4l
/zbotarm4t
/zbotarm4tl
/zbotarm4tll
/zbotarm5
/zbotarm5l
/zbotarm5n
/zbotarm6
/zbotarm64
/zbotarm6l
/zbotarm7
/zbotarm7l
/zbotarm8
/zbotarmv4
/zbotarmv4l
/zbotarmv5l
/zbotarmv6
/zbotarmv61
/zbotarmv6l
/zbotarmv7l
/zbotdbg
/zbotexploit
/zboti4
/zboti486
/zboti586
/zboti6
/zboti686
/zbotkill
/zbotm68
/zbotm68k
/zbotmips
/zbotmips64
/zbotmipseb
/zbotmipsel
/zbotmpsl
/zbotpcc
/zbotpowerpc
/zbotpowerpc-440fp
/zbotpowerppc
/zbotppc
/zbotppc2
/zbotppc440
/zbotppc440fp
/zbotroot
/zbotroot32
/zbotsh
/zbotsh4
/zbotsparc
/zbotspc
/zbotssh4
/zbotx32
/zbotx64
/zbotx86
/zbotx86_32
/zbotx86_64

# Reference: https://twitter.com/redrabytes/status/1777658313624195315

http://185.150.26.199
185.150.26.199:25463
185.150.26.199:8080
185.150.26.199:9931

# Reference: https://twitter.com/SecureSh3ll/status/1778033688418357517
# Reference: https://www.virustotal.com/gui/file/18e0f574bf11bc5e7de8c95b83c187649b2d87d74651e59d9c2aad53ac7bb7f1/detection
# Reference: https://www.virustotal.com/gui/file/0f85c284c99cfc2f977970f4a146ae28d6d28f15105ea7ed35c3b636703090cb/detection

http://103.163.214.97

# Reference: https://www.virustotal.com/gui/file/24ecf7110eb7a0e461c47fac6475348aa9a663c3ec61d713d5f75f97c788db96/detection

http://18.228.76.56
jqwmpakodwask.ddnsking.com

# Reference: https://twitter.com/redrabytes/status/1778136542533316667
# Reference: https://www.virustotal.com/gui/file/21145b098b1e7a85ffd356daee66d5ca4bc5c43183b1fd2c7d116369d2eeea40/detection

http://192.54.57.69
192.54.57.69:1749
192.54.57.69:3884

# Reference: https://www.virustotal.com/gui/file/d2ead20052a4d7bb57f8de7d5c6354dd999f781a39c3cf3eb2268116603facc5/detection

http://94.156.8.244

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-04-11)

104.168.32.17:21425
104.234.204.151:100
137.184.10.195:9511
141.98.10.76:59666
141.98.7.91:23
185.196.10.155:1312
185.196.10.155:1337
185.196.10.207:60195
185.196.11.209:59962
185.216.70.250:21425
185.224.128.34:1312
185.65.205.158:1024
185.94.29.111:1302
193.141.60.143:59432
193.141.60.143:6789
193.181.23.187:23
23.94.148.10:666
23.95.182.31:1024
34.159.237.198:6668
45.86.86.60:5555
46.102.174.17:1024
5.253.246.12:23
5.253.246.170:1312
51.79.87.4:8732
84.54.51.35:6788
85.239.33.129:12345
91.92.242.187:55555
93.123.85.100:1337
93.123.85.135:118
93.123.85.47:3778
api.przsc.cn
bot.ddosvps.cc
ddosvps.cc
emv1.ib-comm-gateway.com
ezz.ust.cx
giga.giganoob.ru
hatsune.network
ib-comm-gateway.com
int.hatsune.network
marinion.online
net-killer.ddns.net
rubiconviewer.buzz
secure-cyber-security-rebirthltd.su
secure-network-rebirthltd.ru
sex.secure-cyber-security-rebirthltd.su
tcpfin.xyz
tcpsyn.xyz
ust.cx
zhudaji.com

# Reference: https://twitter.com/banthisguy9349/status/1778348569419796742
# Reference: https://twitter.com/tolisec/status/1778514523332149656
# Reference: https://www.virustotal.com/gui/file/e83dc4a4c4846fde6b6ad53b7feacd8dd4bce4869af1f6f615c9ba1069b60e2b/detection
# Reference: https://www.virustotal.com/gui/file/dd71456155eebf228a3e8ed3499bf3afa841265d6fd1e6d56af3cb0b8f4c18a1/detection
# Reference: https://www.virustotal.com/gui/file/aee499304dd672782f404c1da20436ce162c44cd37f9d256275089fc17b2d7ed/detection
# Reference: https://www.virustotal.com/gui/file/83a2709a64f7d76f99af95dfa7416e1a0293cb2b1771bc3636392e05bcfabf3d/detection
# Reference: https://www.virustotal.com/gui/file/632deec0c8c32292e9057617906315ef7e1c381849038dd0dfc3b502fb3f586a/detection
# Reference: https://www.virustotal.com/gui/file/54bfe1a78064d443fb977ad79eab1dda0d4588dc7644882d7f16d04ab270745c/detection
# Reference: https://www.virustotal.com/gui/file/4730105d00af6296688da0b51f3b9be8ea81a4844a3a1d9996256fc218920f28/detection
# Reference: https://www.virustotal.com/gui/file/d9411832982195a96f56830d348b4ba6abf4f81d25c7abda83c0d329a0cafa41/detection
# Reference: https://www.virustotal.com/gui/file/895ca7a9c96ff5d34e96d1ff31d28e1b9040a13b3485c4613d5f2d2302f8c21c/detection

139.144.55.226:24150
139.144.55.226:38241
147.78.12.176:17560
147.78.12.176:24150
adminpanel.oss
dontargetme.nl
rayboboish4x.dyn
session.geek
websersaiosnginxo.ru
1a1f31761f.dontargetme.nl
9da8e16d88.dontargetme.nl
ad2fb4408f.dontargetme.nl
b397c83d57.dontargetme.nl
ea5588a7e5.dontargetme.nl
a7970f7097.accesscam.org
admincs.duckdns.org
a7970f7097.admincs.duckdns.org
a7970f7097.adminpanel.oss
a7970f7097.casacam.net
a7970f7097.chickenkiller.com
a7970f7097.ddnsfree.com
a7970f7097.dontargetme.nl
a7970f7097.duckdns.org
a7970f7097.geek
a7970f7097.oss
a7970f7097.session.geek
a7970f7097.websersaiosnginxo.ru

# Reference: https://twitter.com/redrabytes/status/1779299630766784716

http://176.123.1.215
176.123.1.215:666
176.123.1.215:7777

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-04-14)

http://14.225.219.227
http://45.88.90.185
http://94.156.8.110
103.237.86.195:2024
103.67.197.152:2023
141.98.7.77:1337
172.245.191.97:666
176.123.1.215:7777
188.166.232.102:35769
198.46.177.144:666
203.145.46.240:2024
209.141.37.216:3074
37.44.238.94:59666
45.128.232.130:1337
45.67.86.155:9009
45.67.86.157:9009
45.88.90.185:118
45.88.90.185:57899
45.88.90.185:81
51.68.213.73:25
85.195.79.166:9981
87.246.7.66:52154
93.123.39.73:400
94.156.10.76:1312
hackerddos.x3322.net
jswl.vipsf888.com
mcnodes.zapto.org
nextoneup.shop
qingfengddos.x3322.net
rsx.nextoneup.shop
trembolone.duckdns.org
wcjwcj.lol

# Reference: https://twitter.com/redrabytes/status/1779622237525377335
# Reference: https://x.com/redrabytes/status/1851547074405232898
# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.254/relations

http://93.123.85.254
http://93.123.85.53
93.123.85.53:1312
93.123.85.53:1337
93.123.85.53:2222
93.123.85.53:51096
93.123.85.53:6060
93.123.85.53:999
dreamproxy.xyz
hyperc2.xyz
gov.dreamproxy.xyz

# Reference: https://twitter.com/redrabytes/status/1779623895189901403

http://93.123.85.48
93.123.85.48:1337
93.123.85.48:1

# Reference: https://threatfox.abuse.ch/browse/tag/TBOTNET/ (# 2024-04-15)

185.216.70.169:21425
204.76.203.2:1883
204.76.203.3:1883
45.125.66.100:61192
62.72.185.14:17912
62.72.185.38:61616
62.72.185.4:16726
85.204.116.206:61616
85.204.116.20:61616
85.204.116.21:61616
85.204.116.22:61616

# Reference: https://twitter.com/banthisguy9349/status/1779930761581219933

http://141.98.7.218
http://141.98.7.237
http://185.102.172.115
http://185.196.8.230
http://193.34.69.249
http://193.35.18.35:88
http://209.141.44.84
http://209.141.62.176
http://45.128.232.185
http://45.128.232.219
http://45.133.74.121
http://45.90.12.124
http://51.83.180.205
http://86.104.194.180
http://94.156.66.16
http://94.156.66.225
http://94.156.67.74
http://94.156.8.32
http://94.228.168.28

# Reference: https://twitter.com/banthisguy9349/status/1779944782938120308

89.187.28.15:2222
pickthecotton.xyz
zopz-api.com

# Reference: https://www.virustotal.com/gui/file/3631ca4b1a2a476ad0ea82fc7e350e9f9d80a6bf4f46f5fa47d8b9f24ec17d94/detection

188.119.103.198:17691

# Reference: https://www.virustotal.com/gui/file/5eed52c542df07ff7acab7bf24ffe208e044edb8ee65666dd4003418dfc49fd7/detection
# Reference: https://www.virustotal.com/gui/file/fdd556b2bb8148f8fbbee387c2c6be089fc8f0203620cee0cd5f698fc564b68b/detection

http://188.119.103.198
66.187.4.175:17691
66.187.4.175:55650
dttao.net

# Reference: https://twitter.com/banthisguy9349/status/1779963082254496106
# Reference: https://twitter.com/redrabytes/status/1779964571844853773

http://37.140.247.125
37.140.247.125:420

# Reference: https://twitter.com/banthisguy9349/status/1780554781792063578
# Reference: https://www.virustotal.com/gui/file/386506e79d721fb6bff6962c2f046ae118df2025648dcabf1d69358974969c19/detection

209.141.41.148:9009

# Reference: https://urlhaus.abuse.ch/host/93.123.85.72/

http://93.123.85.72

# Reference: https://www.virustotal.com/gui/ip-address/103.177.35.175/relations
# Reference: https://www.virustotal.com/gui/file/2634832054feaa61ffea29d1c2327d17f06e54551eafe772c68141fe4e80fc3e/detection
# Reference: https://www.virustotal.com/gui/file/25b219be4643ed698fd4e5267f0499129690a88bfccb1bbc5da66beea0493cfb/detection

103.177.35.175:43957
verminteam.link
botnettajima.ddns.net
net-killer.verminteam.link
/tajma.arc
/tajma.arm
/tajma.arm4
/tajma.arm4l
/tajma.arm4t
/tajma.arm4tl
/tajma.arm4tll
/tajma.arm5
/tajma.arm5l
/tajma.arm5n
/tajma.arm6
/tajma.arm64
/tajma.arm6l
/tajma.arm7
/tajma.arm7l
/tajma.arm8
/tajma.armv4
/tajma.armv4l
/tajma.armv5l
/tajma.armv6
/tajma.armv61
/tajma.armv6l
/tajma.armv7l
/tajma.dbg
/tajma.exploit
/tajma.i4
/tajma.i486
/tajma.i586
/tajma.i6
/tajma.i686
/tajma.kill
/tajma.m68
/tajma.m68k
/tajma.mips
/tajma.mips64
/tajma.mipseb
/tajma.mipsel
/tajma.mpsl
/tajma.pcc
/tajma.powerpc
/tajma.powerpc-440fp
/tajma.powerppc
/tajma.ppc
/tajma.ppc2
/tajma.ppc440
/tajma.ppc440fp
/tajma.root
/tajma.root32
/tajma.sh
/tajma.sh4
/tajma.sparc
/tajma.spc
/tajma.ssh4
/tajma.x32
/tajma.x64
/tajma.x86
/tajma.x86_32
/tajma.x86_64

# Reference: https://www.virustotal.com/gui/file/15680613974e22644b5627353bfd2f5353e5f8299e5660fea7ca157b24949288/detection

botnet.verminteam.link

# Reference: https://twitter.com/banthisguy9349/status/1780864908604678151

http://104.223.90.5
http://107.174.205.17
http://109.74.12.246
http://117.202.0.14
http://141.98.10.76
http://141.98.7.251
http://147.78.103.94
http://166.88.61.185
http://167.86.68.78
http://173.255.238.129
http://179.43.168.98
http://185.150.26.226
http://185.196.10.155
http://185.196.10.207
http://185.196.11.64
http://185.196.11.65
http://185.196.8.31
http://185.196.9.34
http://192.210.196.207
http://193.233.132.31
http://193.233.202.125
http://193.37.59.58
http://194.110.247.98
http://198.55.111.5
http://2.42.168.99
http://201.249.174.166
http://203.145.46.240
http://205.209.114.243
http://209.141.57.75
http://212.70.149.14
http://216.219.94.124
http://37.44.238.78
http://37.44.238.94
http://38.55.201.11
http://44.215.69.235
http://45.128.232.208
http://45.128.232.236
http://45.178.6.2
http://45.88.90.17
http://46.44.203.207
http://47.101.206.165
http://5.181.190.250
http://62.138.18.242
http://66.187.4.213
http://74.119.193.242
http://83.82.7.63
http://91.191.170.4
http://91.92.255.109
http://92.249.48.38
http://94.154.33.42
http://94.156.66.198
http://94.156.79.107
http://94.156.8.161
http://94.156.8.57
http://95.216.182.122
doxbin.top
epiddserica.com
p3pr00t.com
b.doxbin.top
cnc.atlasapi.co
hi.p3pr00t.com
hi.vani.ovh
kayomirai.kro.kr
owo.p3pr00t.com
santc.epiddserica.com
superdomain.africa
vivki.epiddserica.com

# Reference: https://twitter.com/banthisguy9349/status/1780960259831443774
# Reference: https://www.virustotal.com/gui/file/57387202c335220f7e19bbb08758a735d3307ae45e3fbe6ee1e1bffe9e3da53d/detection

104.168.45.11:21425
172.245.119.63:21425
172.245.119.70:21425
185.216.70.168:21425
198.12.124.76:21425
tcpdown.su

# Reference: https://www.virustotal.com/gui/file/fe9c5067ab07ab18453b3163b78faa38222d9d30e4cc2a101cda397710bd88ac/detection
# Reference: https://www.virustotal.com/gui/file/e95095c93c6d3214d68760191cc23c6348fc019652d5cf3115163f6a91d9edc9/detection
# Reference: https://www.virustotal.com/gui/file/c091fbd6bd55d69544cbe7b000cdbd89123600ca084af16f462ffd68a9537335/detection
# Reference: https://www.virustotal.com/gui/file/a4e49bddd2adcd66d47f8028ceab0e2366b4613cd3e15a354f3fc5db17220f79/detection

104.168.45.11:7722
185.216.70.169:21425
185.216.70.250:21425
youare.geek

# Reference: https://twitter.com/banthisguy9349/status/1780657600926753047

http://198.98.57.36
http://209.141.50.91
http://209.141.59.146

# Reference: https://www.virustotal.com/gui/file/40c42246edc076be23cdbebf55244e46be303bf4662c68cd45953e86b963e7c1/detection
# Reference: https://www.virustotal.com/gui/file/5be6f9f05ffa8af0f9aee8410ad659e573ba1f79adef4b06863183225b87a15d/detection
# Reference: https://www.virustotal.com/gui/file/8125867675d0e9e71bceb9ad304ce43e254c44a71ecbd0729c48243908f3267f/detection

http://203.145.46.240
http://45.128.232.236
203.145.46.240:2023
5.128.232.236:65501
aomacamada.ddns.net
net-killler.store

# Reference: https://www.virustotal.com/gui/ip-address/103.167.88.226/relations

103.167.88.226:43957
103.174.73.85:29989
14.225.219.227:42597
20.222.185.152:9999

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-04-19)

http://91.92.243.252
91.92.252.229:43957
93.123.85.103:43957
1lbf2hu4.filter.evo-shield.com
ar.emals.site
axhc0ugc.filter.evo-filter.com
bot.vptmedia.click
botnet.paintmc.net
br04.dominext.me
caip-deposit-rebate.info
caip-deposit-rebates.info
cncboatnetonlvu.apimomo.pro
correoi.lat
cttpt.sbs
cyan-coyote-11490.zap.cloud
dh1com.top
dhhll.top
dominext.me
dripps.lol
emals.site
eternalservices.xyz
fbi.rip
freedommobile-credit.info
frosteddev.xyz
gov-return-cad.info
haolac.cfd
heleh.vn
herioscheats.xyz
legendsworld.in
lem0n.cc
lon.vani.ovh
loz.vani.ovh
mitigated.cc
npcodaas.xyz
paintmc.net
proxy.heleh.vn
ps2rewired.com
pt.lem0n.cc
pttgov.lol
qmsuutcb.filter.evo-filter.com
server.benefit-daily.com
sixacir.cfd
twhcorp.net
ubnutu.cyou
violet-seahorse-20462.zap.cloud
vptmedia.click
xanaxc2.xyz
xd.ubnutu.cyou
yeuemvcl.cltxhot.fun
zxtv77iz.filter.evo-filter.com

# Reference: https://urlhaus.abuse.ch/host/45.88.90.17

http://45.88.90.17

# Reference: https://urlhaus.abuse.ch/host/5.182.210.52

http://5.182.210.52

# Reference: https://urlhaus.abuse.ch/host/93.123.85.55
# Reference: https://www.virustotal.com/gui/file/025f0a61a55952cab92aa714fbd1d7fbb4d6abb9c7a4d1b4b51625d842ec2ac5/detection
# Reference: https://www.virustotal.com/gui/file/f0b46f0628e4f6cb302a3bc80fc1141e5da15bd7260a625adff428eaa8565b61/detection
# Reference: https://www.virustotal.com/gui/file/c7d73328d6aac755efc73aa5dac63c07bfa81b3317bd94a076a886a7b2e4de5b/detection
# Reference: https://www.virustotal.com/gui/file/6390402edc7e8df1876b7ee50433de5d18bdbbfe40480b9c5f7c8502d8f40732/detection

http://93.123.85.55
93.123.85.55:42597
93.123.85.55:56744
93.123.85.55:61231
ravec2.xyz
what.ravec2.xyz

# Reference: https://www.virustotal.com/gui/file/c7bb74f455cfb680676a789023ff8d098e866ff72d4d2ad40bf98f3af309c95f/detection

103.174.73.85:1500
bot.nhankimcuong.vn

# Reference: https://www.virustotal.com/gui/file/3b9db29e1d83538f4284a683e14b588d78d78d423ede9b430a5d91f5266f3638/detection

http://103.174.73.190

# Reference: https://www.virustotal.com/gui/file/bb435975889d13990fd1e242c6c6bbae058cb793b56fe491239db0a3ed929067/detection

89.190.156.34:33335
rooty.shop

# Reference: https://www.virustotal.com/gui/file/25da029841de7f21225f9d8f7ad8f9c19e26525c3f4cd381e6c854225b20ba30/detection

45.128.232.208:33335
rootme.xyz

# Reference: https://www.virustotal.com/gui/file/9a4a44029756239d94e1e977850b833cffb8319c49c89fc29971c25557436671/detection

http://94.156.79.129

# Reference: https://www.virustotal.com/gui/file/9e20c27b019c346914955dcd5613c12119da096d56cfa85e7df5ce955a83dc6b/detection
# Reference: https://www.virustotal.com/gui/file/76b7d024c8df7f8995572640e4d2ca63e2a344c90c8eeecdffa609adc7c4f53a/detection

http://103.237.87.90
103.237.87.90:43957
aiko-network.tech

# Reference: https://twitter.com/banthisguy9349/status/1782383606356205936
# Reference: https://www.virustotal.com/gui/file/f47f37620fab0eb67f520e8f3e4ab2f775fb159bc5abedb8a54fde5a8b6aff29/detection
# Reference: https://www.virustotal.com/gui/file/d6ade77d8435b026c6bab1b21e5357fa12f047958beefc1e0808bf030e2b233a/detection

85.133.161.248:25565
94.228.168.60:2024
94.228.168.60:8080

# Reference: https://twitter.com/banthisguy9349/status/1782797312344965477
# Reference: https://www.virustotal.com/gui/file/ff42180e5eca780ab282744d3832bb84c16ed606e340bd2c57a399a7bc5ee770/detection
# Reference: https://www.virustotal.com/gui/file/d06c8b274b280220fed87277a727578a05a0f48ad645c56e577181a05b1616b3/detection

http://162.214.103.215
http://162.214.103.216

# Reference: https://twitter.com/banthisguy9349/status/1782789917384257825

149.56.79.119:1337
15.204.18.234:1337
15.235.149.123:888
15.235.149.59:666
152.42.239.228:1337
158.51.96.17:1025
185.102.172.136:999
188.212.100.60:1337
193.187.174.244:2052
2.58.95.133:1337
209.141.44.84:1337
217.15.168.60:1337
37.114.56.22:1337
45.128.232.12:1337
45.128.232.210:1337
45.131.64.78:2052
82.165.230.58:3000
91.92.252.74:1337
94.156.79.33:10000

# Reference: https://twitter.com/banthisguy9349/status/1783128733743722597

boats.voidnet.click
cnc.voidnet.click
eclp8oz0m8mxouv96hc9p7k2btydt3iv.click
group-networks.ru
net-killer.ooguy.com
putin.zelenskyj.ru
sdiufgsdugif.group-networks.ru
sdjgh29387y29ws.group-networks.ru
ss.02maill.com
tracking-alert.org
voidnet.click
zimbralet.x24hr.com
zsu-ua-gov.info

# Reference: https://urlhaus.abuse.ch/asn/203168/

http://193.222.96.114
http://193.222.96.115
http://193.222.96.128
http://193.222.96.14
http://193.222.96.234
http://194.48.251.10
http://194.48.251.116
http://194.48.251.9
http://45.88.90.224
http://87.120.84.220
http://87.121.105.252
http://94.156.10.201
http://94.156.10.208

# Reference: https://www.virustotal.com/gui/file/68fbc44879bd19b3d079a7008cc9d1ff75922d8f2398758149b514fe17c07bf4/detection

45.142.182.96:38241

# Reference: https://urlhaus.abuse.ch/browse/tag/getmadyacunt/

/fuckhoneypotsniggerdis9ayd
/fuckhoneypotsniggerdj8aw
/fuckhoneypotsniggerdjsklaj
/fuckhoneypotsniggerdkiwoquyd
/fuckhoneypotsniggerdlskajhdk
/fuckhoneypotsniggerdposajkdsa
/fuckhoneypotsniggerfdjsajkdfysa9
/fuckhoneypotsniggerid90aw78ds
/fuckhoneypotsniggerjdsiaoduywa
/fuckhoneypotsniggerue89216

# Reference: https://twitter.com/banthisguy9349/status/1783418461894422658

http://143.198.199.217
128.199.180.45:9511
137.184.10.195:9511
138.197.90.26:9511
138.68.97.101:9511
138.68.97.171:9511
139.59.156.81:9511
139.59.41.182:9511
146.190.135.213:9511
159.203.9.75:9511
159.223.220.220:9511
161.35.210.154:9511
174.138.51.159:9511
174.138.51.232:9511
64.225.17.60:9511
64.226.124.214:9511
64.23.232.47:9511
64.23.251.20:9511
64.23.251.7:9511
68.183.48.122:9511
sushiking.world
s.sushiking.world

# Reference: https://twitter.com/banthisguy9349/status/1783434240543039703

209.14.69.249:666
37.1.198.73:666
nocrynetworking.duckdns.org

# Reference: https://twitter.com/banthisguy9349/status/1783436924818256345 (# Nosviak4)

http://51.38.70.1
http://89.117.151.8
158.220.106.37:3000
57.129.16.213:3000
78.40.116.170:3000
91.92.254.165:7070
1.gamithou.cyou
1.ip-51-38-70.eu
kuramaservices.xyz

# Reference: https://www.virustotal.com/gui/file/121da51b5fbc85cc4d13323d138787483d5babb2482d50cedbdd0c061c18244b/detection

domain-botnet.servehttp.com

# Reference: https://www.virustotal.com/gui/file/e3530f28dfcdfd0f38591ff064ba3ef42e36fe29af76abeea5f344b010df5a3b/detection

http://14.225.219.252

# Reference: https://urlhaus.abuse.ch/host/51.79.217.59

http://51.79.217.59

# Reference: https://urlhaus.abuse.ch/host/103.97.132.194

http://103.97.132.194

# Reference: https://twitter.com/banthisguy9349/status/1783491223241596958

103.109.37.45:55555
103.147.126.5:56999
103.180.148.159:9999
103.29.2.134:56999
103.67.163.20:2023
103.72.57.195:2023
103.90.162.122:56999
104.244.75.14:8085
104.248.153.17:55555
104.248.171.245:4444
107.189.12.26:8821
107.189.6.155:12345
116.103.228.213:56999
116.103.228.244:56999
116.103.228.62:55555
116.103.229.125:55555
128.199.91.40:56999
142.93.231.4:55555
162.214.103.216:55555
162.250.123.61:1337
172.105.200.56:55555
178.211.130.203:55555
185.225.74.178:55555
185.225.74.70:6666
185.248.140.175:1024
193.109.85.80:55555
193.35.18.182:6666
193.47.61.69:6666
194.180.48.151:55555
194.180.48.32:55552
194.87.151.65:55555
198.98.58.189:8051
2.56.116.200:6666
2.58.113.120:55555
2.58.95.122:6666
205.185.121.139:8085
205.185.121.29:55555
209.141.51.181:8085
37.1.204.201:56999
37.157.70.87:2023
41.216.182.169:6996
41.216.189.180:6996
45.128.232.90:6661
45.152.84.69:56999
45.83.246.243:55555
45.88.90.108:56999
50.115.170.112:443
66.94.105.204:55555
68.69.186.178:56999
79.110.62.86:6666
80.78.26.61:6969
81.161.229.111:6666
84.54.51.43:443
85.239.33.7:30
87.121.47.234:6666
92.119.156.79:55555
94.156.71.142:56999
94.156.8.80:6969
95.181.173.111:55555

# Reference: https://twitter.com/banthisguy9349/status/1783491223241596958

http://107.149.218.187
http://116.12.224.126
http://116.202.104.101
http://138.68.95.14
http://139.162.144.42
http://165.22.202.153
http://172.105.64.161
http://178.62.215.189
http://179.43.182.96
http://18.208.216.77
http://185.196.9.223
http://185.94.29.111
http://188.166.89.189
http://194.110.247.20
http://194.135.82.196
http://194.163.188.175
http://194.233.161.243
http://2.58.149.40
http://212.118.39.220
http://223.18.203.209
http://223.18.203.81
http://223.19.201.177
http://223.19.201.211
http://223.19.255.254
http://223.19.255.62
http://23.88.37.163
http://3.209.244.1
http://34.236.114.208
http://44.194.182.44
http://45.118.146.212
http://45.128.232.186
http://45.13.227.9
http://45.145.42.233
http://45.61.49.138
http://45.88.90.30
http://45.88.90.46
http://50.106.21.209
http://50.34.49.99
http://50.47.188.158
http://54.164.254.95
http://62.169.246.94
http://78.40.117.36
http://79.124.7.24
http://79.167.44.231
http://81.161.229.251
http://82.31.183.61
http://82.67.73.195
http://83.203.4.180
http://84.54.51.87
http://89.169.55.166
http://89.190.156.61
http://91.92.240.111
http://91.92.240.235
http://91.92.240.43
http://91.92.255.45
http://91.92.255.79
http://92.144.153.134
http://92.222.205.153
http://93.123.85.79
http://93.93.12.129
http://94.131.121.98
http://94.236.164.76
14.187.173.195:443
18.188.204.71:443
208.78.227.107:443
209.147.114.35:9443
34.236.114.208:443
50.201.236.33:9443
52.14.153.194:443
54.164.254.95:443
79.167.95.151:443
83.203.4.180:443
84.54.47.189:8080
88.99.37.244:443
92.144.153.134:443
93.123.85.131:1337
93.93.12.125:443
adolfhitler.su
bot.secure-network-rebirthltd.ru
kz.adolfhitler.su
netsyn.online
pve.rebirthltd.com
rebirth-network.su
rebirthltd.dev
rebirthltd.top
scan.rebirthltd.dev
scan.rebirthltd.top
secure-core-rebirthltd.su
security.rebirth-network.su
security.secure-core-rebirthltd.su
vps.rebirth-network.su
xd.netsyn.online
xd.nodefunction.vip

# Reference: https://urlhaus.abuse.ch/asn/212238/

http://188.119.103.139
http://192.54.57.13
http://193.37.58.223
http://38.89.76.175

# Reference: https://urlhaus.abuse.ch/browse.php?search=softbot.arm

http://185.150.26.225
http://45.142.182.123
http://45.142.182.80
http://79.110.62.86
45.142.182.80:5900
/softbot.arc
/softbot.arm
/softbot.arm4
/softbot.arm4l
/softbot.arm4t
/softbot.arm4tl
/softbot.arm4tll
/softbot.arm5
/softbot.arm5l
/softbot.arm5n
/softbot.arm6
/softbot.arm64
/softbot.arm6l
/softbot.arm7
/softbot.arm7l
/softbot.arm8
/softbot.armv4
/softbot.armv4l
/softbot.armv5l
/softbot.armv6
/softbot.armv61
/softbot.armv6l
/softbot.armv7l
/softbot.dbg
/softbot.exploit
/softbot.i4
/softbot.i486
/softbot.i586
/softbot.i6
/softbot.i686
/softbot.kill
/softbot.m68
/softbot.m68k
/softbot.mips
/softbot.mips64
/softbot.mipseb
/softbot.mipsel
/softbot.mpsl
/softbot.pcc
/softbot.powerpc
/softbot.powerpc-440fp
/softbot.powerppc
/softbot.ppc
/softbot.ppc2
/softbot.ppc440
/softbot.ppc440fp
/softbot.root
/softbot.root32
/softbot.sh
/softbot.sh4
/softbot.sparc
/softbot.spc
/softbot.ssh4
/softbot.x32
/softbot.x64
/softbot.x86
/softbot.x86_32
/softbot.x86_64

# Reference: https://urlhaus.abuse.ch/browse/tag/mirai/ (# 2024-04-26)

http://103.163.214.145
http://159.100.17.108
http://93.123.85.49
http://94.156.79.155
http://94.156.79.48

# Reference: https://twitter.com/banthisguy9349/status/1784839628584825239
# Reference: https://www.virustotal.com/gui/file/fb088cec2214538871e219a8f90f737cbdb9b759d2473d92efe9de084fbc9e30/detection
# Reference: https://www.virustotal.com/gui/file/e1dbc46eea55f940b6f63822b88b45e4be4fd122deb867a55e13f7b3820678ec/detection
# Reference: https://www.virustotal.com/gui/file/92baabd1045e6a8ae73952451668ed9c8d4f87dbbaf1bfdb76cf90a9b7a915de/detection
# Reference: https://www.virustotal.com/gui/file/1242bd40715ba706d2a808afcf45fb21a1fbf801bf70018bebd75030f879a410/detection

http://85.239.33.65
http://91.92.254.116
31.220.1.44:5667
85.239.33.65:5667
91.92.252.191:5667
91.92.254.116:5667
94.156.248.18:5667
cecilio.network
cecilio.pro
retardedclassmate.dyn
servernoworky.geek
whitepeopleonly.dyn

# Reference: https://www.virustotal.com/gui/file/9c4c74e725afa8cd45b02531c3864a09c44af94d88610085cf8715f5fa0231ee/detection

http://74.208.123.71

# Reference: https://urlhaus.abuse.ch/host/45.158.9.58

http://45.158.9.58

# Reference: https://pastebin.com/ZhwRGQxB

bot.qngxgw.eu.org
legendsworld.top
qngxgw.eu.org
spotslfy.com

# Reference: https://www.virustotal.com/gui/file/fbde07f0582c954a0300e48cf4e70b54c155b05bc8780c04a34ad80c3e738ef8/detection
# Reference: https://www.virustotal.com/gui/file/9389dcbe18e4ee9d4d491705a8e6acd0e3913e057649b651520c6fe7025cdc14/detection
# Reference: https://www.virustotal.com/gui/file/314c86d10ca98a0bb8f424c583985ad2bffa4a12ce72a7f9e56c2d4d42096bc4/detection

http://94.156.79.107
35.198.149.52:33966
45.131.111.219:33966
89.190.156.145:7733
94.156.79.107:33966
kovey-net.xyz
mezo-api.xyz
kovey.mezo-api.xyz
net.kovey-net.xyz
raw.mezo-api.xyz

# Reference: https://www.virustotal.com/gui/file/d0da36595b8823d5c7144957dbb55b6586f5396e642c86c948d65270f984b51f/detection
# Reference: https://www.virustotal.com/gui/file/6d0e7706300963da7dd31a00a7f26056f5a4a009aee2bade4646185304680f52/detection
# Reference: https://www.virustotal.com/gui/file/65bef3466d93595396705ea52d0487d41f8e7f28e5b9dbc85d5097b47be6858a/detection
# Reference: https://www.virustotal.com/gui/file/5acc82aaf0180bae3e232e2a13d0ac37ce154315543366d83c458dc3e3a5b7a9/detection
# Reference: https://www.virustotal.com/gui/file/577370e6a691310a94dc5de98cdca6764cde6594c61afe807dec29bb556a0582/detection

http://103.174.73.190
103.174.73.190:19990
103.174.73.190:42597
103.174.73.190:43957
mirai-nro.space

# Reference: https://twitter.com/banthisguy9349/status/1785203013088358425
# Reference: https://www.virustotal.com/gui/file/02a8a462612a1f9d3e1ac1cede877c4d271b2d0389feef64fa014a29d65af1c6/detection

212.70.149.10:35342
212.70.149.14:35342
hitler.su
kz.hitler.su
xysk5eeyj0j5n.xyz

# Reference: https://www.virustotal.com/gui/file/1278b40e5887b882b7c928cc401af3b9668842d65a4247c8b43bf202d2505b06/detection

194.169.175.43:7777
87.246.7.194:35342
87.246.7.198:35342

# Reference: https://twitter.com/banthisguy9349/status/1785743403684077788
# Reference: https://urlhaus.abuse.ch/host/94.156.66.78

http://94.156.66.78
94.156.66.78:1337

# Reference: https://urlhaus.abuse.ch/host/94.156.71.108/

http://94.156.71.108
/kelly.arc
/kelly.arm
/kelly.arm4
/kelly.arm4l
/kelly.arm4t
/kelly.arm4tl
/kelly.arm4tll
/kelly.arm5
/kelly.arm5l
/kelly.arm5n
/kelly.arm6
/kelly.arm64
/kelly.arm6l
/kelly.arm7
/kelly.arm7l
/kelly.arm8
/kelly.armv4
/kelly.armv4l
/kelly.armv5l
/kelly.armv6
/kelly.armv61
/kelly.armv6l
/kelly.armv7l
/kelly.dbg
/kelly.exploit
/kelly.i4
/kelly.i486
/kelly.i586
/kelly.i6
/kelly.i686
/kelly.kill
/kelly.m68
/kelly.m68k
/kelly.mips
/kelly.mips64
/kelly.mipseb
/kelly.mipsel
/kelly.mpsl
/kelly.pcc
/kelly.powerpc
/kelly.powerpc-440fp
/kelly.powerppc
/kelly.ppc
/kelly.ppc2
/kelly.ppc440
/kelly.ppc440fp
/kelly.root
/kelly.root32
/kelly.sh
/kelly.sh4
/kelly.sparc
/kelly.spc
/kelly.ssh4
/kelly.x32
/kelly.x64
/kelly.x86
/kelly.x86_32
/kelly.x86_64

# Reference: https://urlhaus.abuse.ch/host/15.204.223.49/

http://15.204.223.49

# Reference: https://pastebin.com/8TMSWd5D

128.199.74.55:3778
185.196.8.31:23
193.233.132.117:23
31.207.34.135:23
38.45.200.163:38241
66.248.207.29:23
93.123.39.16:1312
94.103.124.89:666
94.103.124.95:666

# Reference: https://threatfox.abuse.ch/browse/malware/elf.bashlite/

103.14.226.21:12345
103.166.184.95:12345
185.196.8.31:3221
185.196.8.31:777
193.35.18.127:19286
2.58.95.131:65481
34.159.237.198:6667
45.88.90.17:4444
46.226.160.88:4258
5.253.246.39:666
5.42.100.119:4258
5.42.102.198:666
51.81.85.213:8888
85.204.116.161:25561
85.204.116.161:25565
91.92.252.187:606
94.156.66.236:23
94.156.71.74:666
94.156.8.161:999

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (2024-05-03)

103.174.73.190:2024
103.237.87.90:999
154.197.110.188:5667
154.197.110.191:5667
159.253.120.176:5667
176.123.1.127:666
185.117.3.187:1024
185.196.11.177:45
185.216.70.88:6281
185.99.133.173:5667
185.99.133.18:5667
185.99.133.34:5667
185.99.133.5:5667
2.58.95.123:3778
204.76.203.101:38241
204.76.203.103:38241
204.76.203.223:38241
206.189.49.14:57899
37.44.238.78:65001
37.44.238.94:9931
45.125.66.100:38241
45.13.227.201:33966
45.178.6.2:8090
45.86.86.60:38241
45.88.90.46:6969
5.181.190.250:1475
5.181.190.250:8008
5.181.80.189:38241
5.181.80.60:38241
5.181.80.61:38241
62.72.185.15:38241
62.72.185.38:38241
62.72.185.42:38241
62.72.185.90:38241
66.187.4.175:1337
85.204.116.206:38241
85.204.116.21:38241
85.204.116.22:38241
89.185.30.66:2006
91.149.202.222:5667
91.92.240.43:2006
91.92.243.102:1990
91.92.252.238:5667
92.249.48.17:666
93.123.85.103:33966
93.123.85.112:5667
93.123.85.113:5667
93.123.85.167:5555
93.123.85.69:9932
94.156.248.20:5667
94.156.79.155:5958
94.156.79.197:60195
94.156.79.77:33966
94.156.79.77:3966
94.156.8.57:59666
94.156.8.76:33966
95.169.196.22:118
99.195.249.124:3778
api.atlasapi.co
boatnet.dogzsec.org
bobs.kraken11op.ru
bzwl888.sbs
cecilio.one
cecilioisbetter.dyn
dead-cheap-doma.in
dogzsec.org
fbmarket-place.info
graph.vani.ovh
jswl.bzwl888.sbs
kraken11op.ru
spagetti.openproxylist.info
thisisnotabotnet.pirate
youlovemedontyou.bounceme.net

# Reference: https://twitter.com/banthisguy9349/status/1787127076702560738

http://158.160.8.110
http://95.174.91.180
144.48.241.31:8080
199.195.254.188:808
77.68.37.125:808
/hidakibest.arc
/hidakibest.arm
/hidakibest.arm4
/hidakibest.arm4l
/hidakibest.arm4t
/hidakibest.arm4tl
/hidakibest.arm4tll
/hidakibest.arm5
/hidakibest.arm5l
/hidakibest.arm5n
/hidakibest.arm6
/hidakibest.arm64
/hidakibest.arm6l
/hidakibest.arm7
/hidakibest.arm7l
/hidakibest.arm8
/hidakibest.armv4
/hidakibest.armv4l
/hidakibest.armv5l
/hidakibest.armv6
/hidakibest.armv61
/hidakibest.armv6l
/hidakibest.armv7l
/hidakibest.dbg
/hidakibest.exploit
/hidakibest.i4
/hidakibest.i486
/hidakibest.i586
/hidakibest.i6
/hidakibest.i686
/hidakibest.kill
/hidakibest.m68
/hidakibest.m68k
/hidakibest.mips
/hidakibest.mips64
/hidakibest.mipseb
/hidakibest.mipsel
/hidakibest.mpsl
/hidakibest.pcc
/hidakibest.powerpc
/hidakibest.powerpc-440fp
/hidakibest.powerppc
/hidakibest.ppc
/hidakibest.ppc2
/hidakibest.ppc440
/hidakibest.ppc440fp
/hidakibest.root
/hidakibest.root32
/hidakibest.sh
/hidakibest.sh4
/hidakibest.sparc
/hidakibest.spc
/hidakibest.ssh4
/hidakibest.x32
/hidakibest.x64
/hidakibest.x86
/hidakibest.x86_32
/hidakibest.x86_64

# Reference: https://twitter.com/coremew/status/1787224534879277439

http://45.81.242.7

# Reference: https://twitter.com/banthisguy9349/status/1787743177283088843
# Reference: https://www.virustotal.com/gui/file/21b4a735e87583c44568f174417157a8ea865c8ade97fe64b7dff6e25b2d66ad/detection

103.14.226.21:43957
103.146.22.14:43957
103.153.69.196:43957
103.92.25.157:43957
103.92.27.77:43957
103.92.27.7:43957
sro3ga.net

# Reference: https://twitter.com/banthisguy9349/status/1787872907269419425

http://103.174.73.185
/abwdsac3bw.arc
/abwdsac3bw.arm
/abwdsac3bw.arm4
/abwdsac3bw.arm4l
/abwdsac3bw.arm4t
/abwdsac3bw.arm4tl
/abwdsac3bw.arm4tll
/abwdsac3bw.arm5
/abwdsac3bw.arm5l
/abwdsac3bw.arm5n
/abwdsac3bw.arm6
/abwdsac3bw.arm64
/abwdsac3bw.arm6l
/abwdsac3bw.arm7
/abwdsac3bw.arm7l
/abwdsac3bw.arm8
/abwdsac3bw.armv4
/abwdsac3bw.armv4l
/abwdsac3bw.armv5l
/abwdsac3bw.armv6
/abwdsac3bw.armv61
/abwdsac3bw.armv6l
/abwdsac3bw.armv7l
/abwdsac3bw.dbg
/abwdsac3bw.exploit
/abwdsac3bw.i4
/abwdsac3bw.i486
/abwdsac3bw.i586
/abwdsac3bw.i6
/abwdsac3bw.i686
/abwdsac3bw.kill
/abwdsac3bw.m68
/abwdsac3bw.m68k
/abwdsac3bw.mips
/abwdsac3bw.mips64
/abwdsac3bw.mipseb
/abwdsac3bw.mipsel
/abwdsac3bw.mpsl
/abwdsac3bw.pcc
/abwdsac3bw.powerpc
/abwdsac3bw.powerpc-440fp
/abwdsac3bw.powerppc
/abwdsac3bw.ppc
/abwdsac3bw.ppc2
/abwdsac3bw.ppc440
/abwdsac3bw.ppc440fp
/abwdsac3bw.root
/abwdsac3bw.root32
/abwdsac3bw.sh
/abwdsac3bw.sh4
/abwdsac3bw.sparc
/abwdsac3bw.spc
/abwdsac3bw.ssh4
/abwdsac3bw.x32
/abwdsac3bw.x64
/abwdsac3bw.x86
/abwdsac3bw.x86_32
/abwdsac3bw.x86_64
/abwdsac3c.arc
/abwdsac3c.arm
/abwdsac3c.arm4
/abwdsac3c.arm4l
/abwdsac3c.arm4t
/abwdsac3c.arm4tl
/abwdsac3c.arm4tll
/abwdsac3c.arm5
/abwdsac3c.arm5l
/abwdsac3c.arm5n
/abwdsac3c.arm6
/abwdsac3c.arm64
/abwdsac3c.arm6l
/abwdsac3c.arm7
/abwdsac3c.arm7l
/abwdsac3c.arm8
/abwdsac3c.armv4
/abwdsac3c.armv4l
/abwdsac3c.armv5l
/abwdsac3c.armv6
/abwdsac3c.armv61
/abwdsac3c.armv6l
/abwdsac3c.armv7l
/abwdsac3c.dbg
/abwdsac3c.exploit
/abwdsac3c.i4
/abwdsac3c.i486
/abwdsac3c.i586
/abwdsac3c.i6
/abwdsac3c.i686
/abwdsac3c.kill
/abwdsac3c.m68
/abwdsac3c.m68k
/abwdsac3c.mips
/abwdsac3c.mips64
/abwdsac3c.mipseb
/abwdsac3c.mipsel
/abwdsac3c.mpsl
/abwdsac3c.pcc
/abwdsac3c.powerpc
/abwdsac3c.powerpc-440fp
/abwdsac3c.powerppc
/abwdsac3c.ppc
/abwdsac3c.ppc2
/abwdsac3c.ppc440
/abwdsac3c.ppc440fp
/abwdsac3c.root
/abwdsac3c.root32
/abwdsac3c.sh
/abwdsac3c.sh4
/abwdsac3c.sparc
/abwdsac3c.spc
/abwdsac3c.ssh4
/abwdsac3c.x32
/abwdsac3c.x64
/abwdsac3c.x86
/abwdsac3c.x86_32
/abwdsac3c.x86_64
/abwdsac3w.arc
/abwdsac3w.arm
/abwdsac3w.arm4
/abwdsac3w.arm4l
/abwdsac3w.arm4t
/abwdsac3w.arm4tl
/abwdsac3w.arm4tll
/abwdsac3w.arm5
/abwdsac3w.arm5l
/abwdsac3w.arm5n
/abwdsac3w.arm6
/abwdsac3w.arm64
/abwdsac3w.arm6l
/abwdsac3w.arm7
/abwdsac3w.arm7l
/abwdsac3w.arm8
/abwdsac3w.armv4
/abwdsac3w.armv4l
/abwdsac3w.armv5l
/abwdsac3w.armv6
/abwdsac3w.armv61
/abwdsac3w.armv6l
/abwdsac3w.armv7l
/abwdsac3w.dbg
/abwdsac3w.exploit
/abwdsac3w.i4
/abwdsac3w.i486
/abwdsac3w.i586
/abwdsac3w.i6
/abwdsac3w.i686
/abwdsac3w.kill
/abwdsac3w.m68
/abwdsac3w.m68k
/abwdsac3w.mips
/abwdsac3w.mips64
/abwdsac3w.mipseb
/abwdsac3w.mipsel
/abwdsac3w.mpsl
/abwdsac3w.pcc
/abwdsac3w.powerpc
/abwdsac3w.powerpc-440fp
/abwdsac3w.powerppc
/abwdsac3w.ppc
/abwdsac3w.ppc2
/abwdsac3w.ppc440
/abwdsac3w.ppc440fp
/abwdsac3w.root
/abwdsac3w.root32
/abwdsac3w.sh
/abwdsac3w.sh4
/abwdsac3w.sparc
/abwdsac3w.spc
/abwdsac3w.ssh4
/abwdsac3w.x32
/abwdsac3w.x64
/abwdsac3w.x86
/abwdsac3w.x86_32
/abwdsac3w.x86_64
/bulon.arc
/bulon.arm
/bulon.arm4
/bulon.arm4l
/bulon.arm4t
/bulon.arm4tl
/bulon.arm4tll
/bulon.arm5
/bulon.arm5l
/bulon.arm5n
/bulon.arm6
/bulon.arm64
/bulon.arm6l
/bulon.arm7
/bulon.arm7l
/bulon.arm8
/bulon.armv4
/bulon.armv4l
/bulon.armv5l
/bulon.armv6
/bulon.armv61
/bulon.armv6l
/bulon.armv7l
/bulon.dbg
/bulon.exploit
/bulon.i4
/bulon.i486
/bulon.i586
/bulon.i6
/bulon.i686
/bulon.kill
/bulon.m68
/bulon.m68k
/bulon.mips
/bulon.mips64
/bulon.mipseb
/bulon.mipsel
/bulon.mpsl
/bulon.pcc
/bulon.powerpc
/bulon.powerpc-440fp
/bulon.powerppc
/bulon.ppc
/bulon.ppc2
/bulon.ppc440
/bulon.ppc440fp
/bulon.root
/bulon.root32
/bulon.sh
/bulon.sh4
/bulon.sparc
/bulon.spc
/bulon.ssh4
/bulon.x32
/bulon.x64
/bulon.x86
/bulon.x86_32
/bulon.x86_64
/bulus.arc
/bulus.arm
/bulus.arm4
/bulus.arm4l
/bulus.arm4t
/bulus.arm4tl
/bulus.arm4tll
/bulus.arm5
/bulus.arm5l
/bulus.arm5n
/bulus.arm6
/bulus.arm64
/bulus.arm6l
/bulus.arm7
/bulus.arm7l
/bulus.arm8
/bulus.armv4
/bulus.armv4l
/bulus.armv5l
/bulus.armv6
/bulus.armv61
/bulus.armv6l
/bulus.armv7l
/bulus.dbg
/bulus.exploit
/bulus.i4
/bulus.i486
/bulus.i586
/bulus.i6
/bulus.i686
/bulus.kill
/bulus.m68
/bulus.m68k
/bulus.mips
/bulus.mips64
/bulus.mipseb
/bulus.mipsel
/bulus.mpsl
/bulus.pcc
/bulus.powerpc
/bulus.powerpc-440fp
/bulus.powerppc
/bulus.ppc
/bulus.ppc2
/bulus.ppc440
/bulus.ppc440fp
/bulus.root
/bulus.root32
/bulus.sh
/bulus.sh4
/bulus.sparc
/bulus.spc
/bulus.ssh4
/bulus.x32
/bulus.x64
/bulus.x86
/bulus.x86_32
/bulus.x86_64

# Reference: https://twitter.com/banthisguy9349/status/1788185648093974853
# Reference: https://www.virustotal.com/gui/file/a25cae3b8d61fd0d2fcf57167e6d450198f90f06d0f8a83efc0c68ad2d8e81c7/detection
# Reference: https://www.virustotal.com/gui/file/35ec3957284489e6d17662c218c896bd061c20ac74ad5ac92c9d21c1207d3bff/detection

cnc.nperm.net
scan.nperm.net

# Reference: https://twitter.com/banthisguy9349/status/1788218204621263102

91.92.245.7:1337
91.92.246.210:1337
91.92.251.91:1337
91.92.252.103:1337
94.156.66.18:1337
94.156.71.195:1337
94.156.71.254:1337
94.156.71.64:1337
94.156.71.65:1337
94.156.71.77:1337

# Reference: https://twitter.com/banthisguy9349/status/1788632996817338411

buycodeshop.com

# Reference: https://twitter.com/banthisguy9349/status/1788609226811544041
# Reference: https://urlhaus.abuse.ch/host/173.44.139.198

http://173.44.139.198

# Reference: https://twitter.com/banthisguy9349/status/1788833929413210482

http://14.225.204.172
http://146.196.67.240

# Reference: https://twitter.com/banthisguy9349/status/1788953183626150301
# Reference: https://www.virustotal.com/gui/file/0812d52f25610ea74a144c0dcd3b5a700bbd3f2ae20fa3917f3d5ea070e93451/detection

http://174.138.2.237
http://185.216.214.242
senpaiontop.nl

# Reference: https://twitter.com/banthisguy9349/status/1788615992999825412

http://178.215.236.112
http://178.215.236.182

# Reference: https://twitter.com/banthisguy9349/status/1789362580303044713
# Reference: https://urlhaus.abuse.ch/host/141.98.7.172

http://141.98.7.172
141.98.7.172:30120

# Reference: https://twitter.com/banthisguy9349/status/1789360833501220972
# Reference: https://www.virustotal.com/gui/file/2a160d31f0f13c4054ce7aee363c1ba228d4d0328f1b2a3ec4aa5e756cbaa6bf/detection

80.87.206.203:8956

# Reference: https://twitter.com/banthisguy9349/status/1789349066461028605
# Reference: https://urlhaus.abuse.ch/browse.php?search=Aqua.x86_64

http://179.43.172.21
http://45.125.66.52
http://45.13.227.201
http://94.156.79.215
http://94.156.79.77
http://94.156.8.169
kovey-net.lol
ravencraft.ro
net.kovey-net.lol
salamandra.ravencraft.ro

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-05-12)
# Reference: https://www.virustotal.com/gui/file/f76b23ba369ba7575cbc85a562b0b1ae52ba1661ef13d05b679f7eb39beda2f6/detection
# Reference: https://www.virustotal.com/gui/file/148ba36ea40a59c165f657cb89f1f7b29f150267400b9dc8c38e8a2a9c38b5fa/detection
# Reference: https://www.virustotal.com/gui/file/0681d68ae2d3e18a8a58c1ef363fa411e9a0af14badb69799b6490c79e8cf4e6/detection

216.238.88.174:23
45.146.234.130:38241
5.42.96.3:23
91.195.240.12:60195
91.92.244.58:60195
94.156.67.181:23
daili778.org
minuoddos.top
poor-indians-tax-me.icu
apt.daili778.org

# Reference: https://twitter.com/banthisguy9349/status/1790091679216627712
# Reference: https://www.virustotal.com/gui/file/fb86bb0863d15ac65a916979052220f755765eb0d5bc4c1c47e34762738d2311/detection
# Reference: https://www.virustotal.com/gui/file/c88da56b348f8d89b5ab99a710de7131bdbc2f1dba4bb9809b1b3fd27322630e/detection
# Reference: https://www.virustotal.com/gui/file/0c9e865d2a20847e93ce245fd3f7f0b16fc23d657134d2bb7ae1d49175dfc872/detection
# Reference: https://www.virustotal.com/gui/file/3bcf8e487bc663cb4b85e92f016ccfaac1887ad6dd14c684fa1ce6f189feab2f/detection

http://45.128.232.229
198.98.51.91:36588
45.128.232.229:36555
meowing.cc
meowware.ddns.net
frankbrown.webhop.me

# Reference: https://www.virustotal.com/gui/file/0f2d3ef6d79ead147c78387f2d9edb64010e2766af742f22eae224752609820b/detection

http://84.54.51.126

# Reference: https://twitter.com/banthisguy9349/status/1790087780376232305

http://84.54.51.35

# Reference: https://twitter.com/banthisguy9349/status/1790272168808391148
# Reference: https://www.fortinet.com/blog/threat-research/botnets-continue-exploiting-cve-2023-1389-for-wide-scale-spread
# Reference: https://www.virustotal.com/gui/file/041d2c338765e506054762e84b926cd6ef248519065878c8e8d75639c40cdaee/detection

45.155.91.135:7722

# Reference: https://twitter.com/LemonHaze420_/status/1790283684194431471
# Reference: https://www.virustotal.com/gui/file/73c80b4085e8d964006bd69aa18f8d63ed94cce57bd31da374cdb38d42ba74d9/detection

http://103.149.86.202
206.189.89.30:49376

# Reference: https://www.virustotal.com/gui/file/00e7924d536ee1e573b8a94373ed31fdaeeb5af7c903663c8197a500ed28e1a2/detection

91.92.244.204:5683

# Reference: https://x.com/banthisguy9349/status/1791876030879142266

146.59.3.38:43957
45.128.232.90:43957
82.197.68.240:43957

# Reference: https://x.com/banthisguy9349/status/1791862015025140148

http://20.151.70.137
http://91.219.150.148
http://94.156.144.79

# Reference: https://x.com/banthisguy9349/status/1792126276720804328

http://193.31.28.148

# Reference: https://www.virustotal.com/gui/file/dd441ab625ed4560b8661cc8825414cf4d286b97521a647848d836215aed8242/detection

194.59.30.223:58267
45.128.232.8:58267
85.209.133.104:58267
xijinping.mov

# Reference: https://www.virustotal.com/gui/file/19f0ee67f36f0fad35e10446712fe79d8f84b77f00ca759265d02921acf7340f/detection

45.128.96.191:57899

# Reference: https://www.virustotal.com/gui/file/40ac31c19944b9c85b3d5aee9a6ce00aaa6603798575acedd64ff95b6055304f/detection

77.246.109.228:7122
chinkseatblahajs.libre

# Reference: https://www.virustotal.com/gui/file/f39049d74e74e367d87e7f1a52ea693221e8506db1f4050db9a687d4ec2be820/detection

213.238.182.147:6969

# Reference: https://www.virustotal.com/gui/file/be3af62f97b053c9a095df5411725bdceb203af6a057ede4731497c1c5cf084f/detection

213.238.182.147:57899
yoshiproxy.ltd

# Reference: https://x.com/banthisguy9349/status/1792228662227407160

http://103.114.160.250
http://141.11.92.115
http://141.98.11.102
http://157.245.67.229
http://176.32.38.160
http://179.43.188.106
http://179.43.188.110
http://185.150.26.232
http://185.196.9.58
http://185.216.70.173
http://193.149.129.220
http://193.200.134.248
http://194.59.30.223
http://220.158.233.185
http://45.141.85.179
http://45.141.85.252
http://45.15.157.122
http://82.197.68.240
http://91.134.30.137
http://91.92.252.201
http://93.123.85.153
http://94.156.64.34
http://94.156.71.230
http://94.156.8.192
http://94.156.8.241
http://94.156.8.30
http://94.156.8.62
http://94.156.8.78

# Reference: https://urlhaus.abuse.ch/browse.php?search=ab69ef32017a5365ee0e7faca03e1352382865c5672e989d99d2d77ec91c33ef

http://14.165.151.87
http://178.84.167.164

# Reference: https://x.com/redrabytes/status/1792695060309655997

107.189.14.17:1337
141.11.92.115:3778
185.150.26.232:3778
185.196.9.79:1337
194.59.30.223:888
91.92.252.211:777

# Reference: https://www.virustotal.com/gui/file/38953f1a89c2a94fcecbe7fe7b7718baf6d622a9b7370168862a6756bef917b1/detection

66.225.246.190:43957
qqchun.top

# Reference: https://x.com/banthisguy9349/status/1792856428933181604
# Reference: https://urlhaus.abuse.ch/host/s77.san2.xyz

s77.san2.xyz

# Reference: https://x.com/banthisguy9349/status/1792856428933181604
# Reference: https://urlhaus.abuse.ch/host/newdomain.africa

newdomain.africa

# Reference: https://x.com/banthisguy9349/status/1792851439867339171
# Reference: https://www.virustotal.com/gui/file/0a33f033228c61f7ab5ea51f694a81d162f9938346ae6d445b500dc957cc085c/detection
# Reference: https://www.virustotal.com/gui/file/a77aefa151fae7a8849d4f76cdd68eaf7e252677f8b11a4a35d6de89d5f8b275/detection
# Reference: https://www.virustotal.com/gui/file/040d84354e46a2e25a9fccda0a9415e84dc680d6f7d6badbbc5deb786d850bb0/detection

http://80.211.203.249
174.138.28.28:42597
174.138.28.28:8080
80.211.203.249:42597
94.156.69.28:42597
manhquyen.xyz
botnet.manhquyen.xyz
vip.manhquyen.xyz

# Reference: https://x.com/banthisguy9349/status/1793549072328192150
# Reference: https://www.virustotal.com/gui/file/2be9347879a653da64c4c34a2bb382f266df2ed7c0d9db9a7a6bb114f39d988b/detection
# Reference: https://www.virustotal.com/gui/file/3a8c21807a0faec3322f5343eb5ea6622e853aba35e1c4fb59c5a6e764d5c391/detection

http://181.214.250.54
181.214.250.54:55655
celerlink.buzz
d.celerlink.buzz

# Reference: https://x.com/banthisguy9349/status/1793552087428800940

http://107.175.70.118

# Reference: https://urlhaus.abuse.ch/host/34.118.17.38/

http://34.118.17.38

# Reference: https://urlhaus.abuse.ch/host/103.237.87.24/
# Reference: https://www.virustotal.com/gui/file/4b9f2ac5fd9d4e4e3b4e3941be89347a8d8c5ebf1216f3a7cf152acd3b2e6eaf/detection

http://103.237.87.24

# Reference: https://x.com/banthisguy9349/status/1793569200780538014
# Reference: https://www.virustotal.com/gui/file/4499d7e6e086213e7a533c0cf255609bcae758346516c4ab072b4855fef1f602/detection

37.221.92.97:33966
qxej27mv7hud1uk03kj438ggzby0v7a8mgwwnmky2n9vn1tmcn1qpm8kax84ymn.ru
raw.qxej27mv7hud1uk03kj438ggzby0v7a8mgwwnmky2n9vn1tmcn1qpm8kax84ymn.ru

# Reference: https://x.com/banthisguy9349/status/1793575113276678562
# Reference: https://urlhaus.abuse.ch/host/103.237.87.24/

http://103.237.87.24

# Reference: https://x.com/banthisguy9349/status/1793990047865442537
# Reference: https://urlhaus.abuse.ch/host/108.181.160.104/
# Reference: https://www.virustotal.com/gui/file/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/detection
# Reference: https://www.virustotal.com/gui/file/444c4ab51671a63cedc0f1ef1ae4a466278d7941c15c126e0fcfa6043f5d7fe8/detection

http://108.181.160.104
108.181.160.104:1312
108.181.160.104:54337

# Reference: https://x.com/banthisguy9349/status/1793543635210002591
# Reference: https://www.virustotal.com/gui/file/a4a4c4393f08434fd789427734eff5fc8e260c394cdb34fe7080f483fa0b4ae6/detection

http://93.123.85.157
93.123.85.157:123
93.123.85.157:3000

# Reference: https://x.com/banthisguy9349/status/1794447310539129110
# Reference: https://www.virustotal.com/gui/file/f20cda3d2bedc3856e7531b0c45c0361b9be1daaac49400eebf66a0e953e925a/detection

193.31.28.148:33335
stopkillingmybot.org

# Reference: https://pastebin.com/raw/frkeLD9c

http://172.105.107.238
http://176.123.4.187
http://185.196.9.180
http://185.208.158.138
http://194.169.175.19
http://37.221.67.248
http://45.128.232.148
http://45.142.182.70
http://45.95.146.29
http://84.54.51.51
http://84.54.51.80
http://85.239.34.213
http://89.190.156.248
http://91.212.121.110
http://91.92.240.97
http://91.92.252.157

# Reference: https://www.virustotal.com/gui/file/ccd893dabebc0501c3c930d128da76dee00a0a6a66da45c152e7fe7a844c61b9/detection

http://45.95.146.119
http://45.95.146.4

# Reference: https://www.virustotal.com/gui/file/8fe6df81dc8166d76d6f4b0326307a4bd7db62e08200547dd1abbfaaa24d6c6a/detection

194.147.35.77:9375

# Reference: https://x.com/banthisguy9349/status/1795342357883412724
# Reference: https://www.virustotal.com/gui/file/09c457e9697053c4ca9df7845cd354846b450b836aa2ec341d93f5baaacbcf42/detection
# Reference: https://www.virustotal.com/gui/file/725cd414a50ccea04840c60ec12a0cb12ddf45598f90ea522e56ab3744de3351/detection

http://103.177.35.32
103.177.35.32:19990
bobungbu.com
cnc.bobungbu.com
net-killer.bobungbu.com

# Reference: https://x.com/banthisguy9349/status/1795048574780149827
# Reference: https://www.virustotal.com/gui/file/83cf322b632c4b67263205a65e49898a96f49d57c3bbd156cbf70a63cfe5604f/detection

http://141.98.7.251
141.98.7.251:65501

# Reference: https://www.virustotal.com/gui/file/ca016ca4d22d480244f124f0d665a1349dde52a041be7cb9c4ff445b16b6043f/detection

79.110.62.186:81

# Reference: https://sysdig.com/blog/ddos-as-a-service-the-rebirth-botnet/

rebirthltd.mysellix.io

# Reference: https://x.com/RacWatchin8872/status/1798342814453178767
# Reference: https://www.virustotal.com/gui/file/3aa17d68d38bf5548643755a326087f98ab962c3f61f446c51aa819f0eba7b0a/detection

http://178.33.35.183
http://209.141.60.86
http://34.116.205.7
buthost.pl
cnc.buthost.pl

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-06-08)

142.93.102.168:9511
173.249.34.252:23
178.215.236.209:1999
188.130.251.44:59666
45.131.111.48:5555
83.229.69.242:1312
91.92.249.80:4090
91.92.252.201:1024
93.123.39.185:1312
93.123.39.98:1312
94.156.67.124:1024
8b8n.com
coinbasenftapp.com
jupyterlab.site
myra.re
telnet.8b8n.com
test.fynndows.de

# Reference: https://www.virustotal.com/gui/file/67d89e0869d940137c69a4c864cd1b6f03ed7e3154c3830c8b920fe1506b5c91/detection

93.123.85.78:55

# Reference: https://www.virustotal.com/gui/file/a813be1cfe7a2a85575c93668038bb0fc72512e8ab201e45f984112eea1a9aaa/detection

93.123.85.78:12659
us.8b8n.com

# Reference: https://x.com/banthisguy9349/status/1801596188728111576

http://132.145.55.237
http://142.4.124.42
http://185.142.53.168
http://185.224.128.34
http://93.123.85.119
http://94.156.71.187

# Reference: https://x.com/sicehice/status/1801679959544500637
# Reference: https://www.virustotal.com/gui/file/7a2a19f93593c27ef1d4c0998fa41933facbe17454d67743602c07b94c5de72d/detection

http://185.244.36.200
http://185.244.36.236

# Reference: https://www.virustotal.com/gui/file/bba7032ec210310d5aa9fd9f01ecd12b9867b2464c3fdb70a55a281c03b9b618/detection

37.49.229.111:25609
40.69.166.185:30143

# Reference: https://www.virustotal.com/gui/file/2993e1a2e962d773872d6fd9d085f88e778f4717b80692a0b582a433b59b8d01/detection

37.49.229.111:25615

# Reference: https://x.com/banthisguy9349/status/1802261090585248122

http://43.134.227.6

# Reference: https://www.virustotal.com/gui/file/d6b58f70e447320a22a674ab8edb3e43ee99f03baffdc71d78b715faf4bb7ff0/detection

193.32.176.234:1791
193.32.176.234:23

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-06-22)

103.151.238.184:47925
103.151.239.121:2023
103.174.73.185:45456
103.77.246.53:47925
141.98.152.165:47925
147.45.124.206:47925
157.230.250.250:42597
209.141.60.86:47925
45.128.232.15:13322
45.155.76.231:47925
45.159.210.127:47925
93.123.85.103:47925
bot.heleh.com.vn
dzjs.ceshi.ink
jswl.lbz8.top
ddcc.bf
js.ddcc.bf

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-06-22)

http://45.87.247.120
http://87.251.79.242
107.189.14.198:1312
37.44.238.75:81
45.87.247.120:4258
5.59.248.211:38241
57.128.162.39:33966
82.153.68.38:3778
87.251.79.242:4258
onlyslq.lol
slq.onlyslq.lol
/awawawa.arc
/awawawa.arm
/awawawa.arm4
/awawawa.arm4l
/awawawa.arm4t
/awawawa.arm4tl
/awawawa.arm4tll
/awawawa.arm5
/awawawa.arm5l
/awawawa.arm5n
/awawawa.arm6
/awawawa.arm64
/awawawa.arm6l
/awawawa.arm7
/awawawa.arm7l
/awawawa.arm8
/awawawa.armv4
/awawawa.armv4l
/awawawa.armv5l
/awawawa.armv6
/awawawa.armv61
/awawawa.armv6l
/awawawa.armv7l
/awawawa.dbg
/awawawa.exploit
/awawawa.i4
/awawawa.i486
/awawawa.i586
/awawawa.i6
/awawawa.i686
/awawawa.kill
/awawawa.m68
/awawawa.m68k
/awawawa.mips
/awawawa.mips64
/awawawa.mipseb
/awawawa.mipsel
/awawawa.mpsl
/awawawa.pcc
/awawawa.powerpc
/awawawa.powerpc-440fp
/awawawa.powerppc
/awawawa.ppc
/awawawa.ppc2
/awawawa.ppc440
/awawawa.ppc440fp
/awawawa.root
/awawawa.root32
/awawawa.sh
/awawawa.sh4
/awawawa.sparc
/awawawa.spc
/awawawa.ssh4
/awawawa.x32
/awawawa.x64
/awawawa.x86
/awawawa.x86_32
/awawawa.x86_64

# Reference: https://x.com/banthisguy9349/status/1804795568822055276
# Reference: https://x.com/banthisguy9349/status/1795466918595297731
# Reference: https://www.virustotal.com/gui/file/47a62097ee909e5755b06cba9284e0c9377e9a3f0889de22b3a70981f24827b6/detection
# Reference: https://www.virustotal.com/gui/file/29866f6d51987d93baadb3478ef1c2ae91172d1d74e1bbeaf7ea8d4efaf8da8d/detection
# Reference: https://www.virustotal.com/gui/file/b6b0e3a01065aad3f3bf29c1d87f26938a9852888e916bed71daa785721de2e6/detection
# Reference: https://www.virustotal.com/gui/file/40b4a8e91427b81ee97fb43a56edce02dce93f88a6c55ad698c50693fb069f6b/detection

http://45.142.182.126
http://45.148.10.78
152.89.244.142:33335
2.58.95.97:33335
45.128.232.243:33335
45.142.182.126:666
94.156.10.24:33335
pty.su
rootwho.su
bins.pty.su
bins.rootwho.su

# Reference: https://x.com/RacWatchin8872/status/1804861462868853217
# Reference: https://www.virustotal.com/gui/file/81574a6bf203b1c8d38a0fac729625f605408981552e7a6ac82b5d1fa13185b5/detection
# Reference: https://www.virustotal.com/gui/file/9b18c79c38d9cc34934831830798bb61d13871d460d1babfca2057b3f24fcfbd/detection
# Reference: https://www.virustotal.com/gui/file/ae3f3fd78f2ee09fa1a35a733248b5d58e10cf9f587b59592dc5bbd12eb61d46/detection

http://217.197.162.200
217.197.162.200:5555

# Reference: https://x.com/LemonHaze420_/status/1805118194056659298
# Reference: https://www.virustotal.com/gui/file/bf5980f4b9fe5635062de75bb26a2f217bac015c642c3a3825de628b0b28fdbd/detection
# Reference: https://www.virustotal.com/gui/file/70ff7828d8dbe1616e6595a952ff9277e03c01b9a6f4289a352f0c26edcd73c4/detection
# Reference: https://www.virustotal.com/gui/file/640838822599767dcba19a9c1d7b7a6d399086ce9f8550f85f8b546fa554f0dc/detection
# Reference: https://www.virustotal.com/gui/file/49ad9d61f6753d859d9049e1cfd543a70c78fe614946c54e355c64909014b544/detection

http://158.160.165.142
158.160.165.142:4258

# Reference: https://www.virustotal.com/gui/file/0f8fd3148e8699b94ed4e08932a7b903ce25224f1724ae894326442d0ff05419/detection

http://185.216.70.76
185.216.70.76:4258

# Reference: https://www.virustotal.com/gui/file/38ec8a61822307457fbbf9a2fc280326db1a6408d90c23547ed15981d0ce4cee/detection

http://185.55.240.135
185.55.240.135:4258

# Reference: https://app.validin.com/detail?find=uk2.jeanyeung888.eu.org&type=dom&ref_id=62b68033bda#tab=host_pairs_v2

jeanyeung888.eu.org
uk2.jeanyeung888.eu.org

# Reference: https://app.validin.com/detail?find=device7767629-b0e90e1b.wd2go.com&type=dom&ref_id=62b68033bda#tab=host_pairs_v2

device7767629-b0e90e1b.wd2go.com

# Reference: https://www.virustotal.com/gui/file/d57f913c8ad5d85960e195cc050e03124496b41f51339185269290355080de2d/detection
# Reference: https://www.virustotal.com/gui/file/bcd58c1a0e37a621de55a0d8c6940110f6d4462957d266f68e9ba17b5c65ab83/detection

http://109.248.207.133
109.248.207.133:4258

# Reference: https://www.fortinet.com/blog/threat-research/growing-threat-of-malware-concealed-behind-cloud-services

http://209.141.35.56
http://45.128.232.15
http://45.128.232.234
http://45.128.232.90

# Reference: https://www.virustotal.com/gui/file/f40aa12599850a0263abbea6657b6b86cae2e6c3fed8ff783d4ed8d58d763f9e/detection

209.141.35.56:25512

# Reference: https://www.virustotal.com/gui/file/8ec4424e3ed37b031bedca93dab3d7fc17d7eca698abc6b98c5e71224491f7b7/detection

209.141.35.56:36508
45.128.232.229:36508

# Reference: https://www.virustotal.com/gui/file/2b526e5ac01916d74e7aa88770102a8f34d4c57cea7a4e45c501331670635e26/detection

45.128.232.234:7856

# Reference: https://www.virustotal.com/gui/file/f4047e6a444ac836cb2b400fed9fbde759ad91933c64c9da991912c59daa1a78/detection

45.88.90.110:56999

# Reference: https://www.virustotal.com/gui/file/54e0e72f3faf3bd613ecae581be539c98ff4cf48a5eff0ae0f2a81fbc7e697d3/detection

45.88.90.110:48229
paofen.org
sf.paofen.org

# Reference: https://x.com/tosscoinwitcher/status/1806055578688712894
# Reference: https://www.virustotal.com/gui/file/4f650e278c9d59ef6efdc75a77384e867ea4f3c17246a8ca9869a39d13d55c9a/detection
# Reference: https://www.virustotal.com/gui/file/20c43d5cde8cec0b6d14c5872bf208ab593637f37068dc1676f82f5196c44224/detection
# Reference: https://www.virustotal.com/gui/file/1de174bc54036308a3ebdfb771dd8fd06f8f28992cbed8eb20ccd835e6bd6d09/detection

http://213.202.208.9
183.82.183.102:26
213.202.208.9:56744

# Reference: https://www.virustotal.com/gui/file/f3111897eb4a25bf7cb7eb9f2a634bcef26350a4a8b18f995f8042ed8b7b161a/detection

http://54.207.228.64
mycnc1.sytes.net

# Reference: https://www.virustotal.com/gui/file/d6333c3c306c5f6fd37847b0a13d70738f8660cb280381b1b1211535cb7b5101/detection

/InfectedNight.arc
/InfectedNight.arm
/InfectedNight.arm4
/InfectedNight.arm4l
/InfectedNight.arm4t
/InfectedNight.arm4tl
/InfectedNight.arm4tll
/InfectedNight.arm5
/InfectedNight.arm5l
/InfectedNight.arm5n
/InfectedNight.arm6
/InfectedNight.arm64
/InfectedNight.arm6l
/InfectedNight.arm7
/InfectedNight.arm7l
/InfectedNight.arm8
/InfectedNight.armv4
/InfectedNight.armv4l
/InfectedNight.armv5l
/InfectedNight.armv6
/InfectedNight.armv61
/InfectedNight.armv6l
/InfectedNight.armv7l
/InfectedNight.dbg
/InfectedNight.exploit
/InfectedNight.i4
/InfectedNight.i486
/InfectedNight.i586
/InfectedNight.i6
/InfectedNight.i686
/InfectedNight.kill
/InfectedNight.m68
/InfectedNight.m68k
/InfectedNight.mips
/InfectedNight.mips64
/InfectedNight.mipseb
/InfectedNight.mipsel
/InfectedNight.mpsl
/InfectedNight.pcc
/InfectedNight.powerpc
/InfectedNight.powerpc-440fp
/InfectedNight.powerppc
/InfectedNight.ppc
/InfectedNight.ppc2
/InfectedNight.ppc440
/InfectedNight.ppc440fp
/InfectedNight.root
/InfectedNight.root32
/InfectedNight.sh
/InfectedNight.sh4
/InfectedNight.sparc
/InfectedNight.spc
/InfectedNight.ssh4
/InfectedNight.x32
/InfectedNight.x64
/InfectedNight.x86
/InfectedNight.x86_32
/InfectedNight.x86_64

# Reference: https://x.com/raghav127001/status/1808317996747874685
# Reference: https://x.com/RussianPanda9xx/status/1808330340618195026
# Reference: https://www.virustotal.com/gui/file/67564d4a3ad079b6ec430193d5a60ce67df4d13409387fd074fd10d921fda20e/detection

http://108.174.58.28
botbot.ddosvps.cc

# Reference: https://x.com/RacWatchin8872/status/1808797006153822577
# Reference: https://www.virustotal.com/gui/file/39dcfcdb128f08d2aa0f3a78a499e180f9713c67c28f69d8d819d4ac38cf42c6/detection

http://185.172.128.16

# Reference: https://www.virustotal.com/gui/file/04bb7ee21d0959d942520fd647ee6924fe7882b6ef4d4466f4eda45d458f5e28/detection

freethewind.parody

# Reference: https://www.virustotal.com/gui/file/1598f7876c17b82e7dd87d15d5041db3f3c80c54027af0412e2078eb1045c729/detection

burnthe.libre

# Reference: https://x.com/banthisguy9349/status/1809153154946121939
# Reference: https://www.virustotal.com/gui/file/22e3841f0c8ef8cd8b2ba8a12082ff03202287b76991577955b98c82ca70e108/detection

15.229.32.8:47925
suicide2024.xyz
br.suicide2024.xyz

# Reference: https://x.com/banthisguy9349/status/1809113216993099927
# Reference: https://www.fortinet.com/blog/threat-research/botnets-continue-exploiting-cve-2023-1389-for-wide-scale-spread

http://45.95.169.11

# Reference: https://www.virustotal.com/gui/file/815906a43e43cc569c643a21c554ce86f5b87a9d9e93db4ea066badd367ff058/detection

http://195.133.18.119
/totoshit.arc
/totoshit.arm
/totoshit.arm4
/totoshit.arm4l
/totoshit.arm4t
/totoshit.arm4tl
/totoshit.arm4tll
/totoshit.arm5
/totoshit.arm5l
/totoshit.arm5n
/totoshit.arm6
/totoshit.arm64
/totoshit.arm6l
/totoshit.arm7
/totoshit.arm7l
/totoshit.arm8
/totoshit.armv4
/totoshit.armv4l
/totoshit.armv5l
/totoshit.armv6
/totoshit.armv61
/totoshit.armv6l
/totoshit.armv7l
/totoshit.dbg
/totoshit.exploit
/totoshit.i4
/totoshit.i486
/totoshit.i586
/totoshit.i6
/totoshit.i686
/totoshit.kill
/totoshit.m68
/totoshit.m68k
/totoshit.mips
/totoshit.mips64
/totoshit.mipseb
/totoshit.mipsel
/totoshit.mpsl
/totoshit.pcc
/totoshit.powerpc
/totoshit.powerpc-440fp
/totoshit.powerppc
/totoshit.ppc
/totoshit.ppc2
/totoshit.ppc440
/totoshit.ppc440fp
/totoshit.root
/totoshit.root32
/totoshit.sh
/totoshit.sh4
/totoshit.sparc
/totoshit.spc
/totoshit.ssh4
/totoshit.x32
/totoshit.x64
/totoshit.x86
/totoshit.x86_32
/totoshit.x86_64

# Reference: https://www.virustotal.com/gui/file/8ff305244885626e86f7791397e03518fd91bfc7abdc15d716506e859cc212e5/detection

209.141.53.247:2601
celestial.pw

# Reference: https://x.com/RacWatchin8872/status/1809928064396145095
# Reference: https://www.virustotal.com/gui/file/a981d9b81847958256835570298fd0af776b4ca70aa248bb6ed39a31fb713bab/detection
# Reference: https://www.virustotal.com/gui/file/a4bd519fe1220ed758336a19e1a1ff922d727d3db3eea8c66ab412cf259d5cd5/detection
# Reference: https://www.virustotal.com/gui/file/4cafa99c027f975a92fc5ba5c17a625c5e5fa45440165673c69e18b353200764/detection
# Reference: https://www.virustotal.com/gui/file/49741cff360d75acc75aca5ed177d6b1ae7a19fae556f47822ac12de97b0b258/detection

http://38.58.177.229
38.58.177.229:4258

# Reference: https://x.com/RacWatchin8872/status/1810296724956623119
# Reference: https://www.virustotal.com/gui/file/298c8780e80b11af97fdedd564bf3ea2f36d94f9b82b9c122d257bfdff796880/detection

http://5.59.248.206
5.59.248.206:56744
/IGz.arc
/IGz.arm
/IGz.arm4
/IGz.arm4l
/IGz.arm4t
/IGz.arm4tl
/IGz.arm4tll
/IGz.arm5
/IGz.arm5l
/IGz.arm5n
/IGz.arm6
/IGz.arm64
/IGz.arm6l
/IGz.arm7
/IGz.arm7l
/IGz.arm8
/IGz.armv4
/IGz.armv4l
/IGz.armv5l
/IGz.armv6
/IGz.armv61
/IGz.armv6l
/IGz.armv7l
/IGz.dbg
/IGz.exploit
/IGz.i4
/IGz.i486
/IGz.i586
/IGz.i6
/IGz.i686
/IGz.kill
/IGz.m68
/IGz.m68k
/IGz.mips
/IGz.mips64
/IGz.mipseb
/IGz.mipsel
/IGz.mpsl
/IGz.pcc
/IGz.powerpc
/IGz.powerpc-440fp
/IGz.powerppc
/IGz.ppc
/IGz.ppc2
/IGz.ppc440
/IGz.ppc440fp
/IGz.root
/IGz.root32
/IGz.sh
/IGz.sh4
/IGz.sparc
/IGz.spc
/IGz.ssh4
/IGz.x32
/IGz.x64
/IGz.x86
/IGz.x86_32
/IGz.x86_64

# Reference: https://www.virustotal.com/gui/file/197b6800ea36198a0c28e789a8f8ea2df446e686366cd55a332442e1743b0371/detection

http://185.216.70.156

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-07-13)

http://194.233.78.47
http://37.156.29.141
http://45.93.200.174
http://93.123.85.239
103.162.20.166:3007
173.249.34.252:1357
185.208.158.215:9506
194.233.78.47:4258
198.7.114.191:33966
37.156.29.141:4258
45.90.13.207:59666
45.93.200.174:4258
5.59.248.195:1312
5.59.248.211:1302
5.59.248.211:2700
5.59.248.211:9506
5.59.248.220:38241
89.117.146.230:1002
91.92.242.121:38241
91.92.255.163:38241
93.123.85.246:6963
94.156.66.188:81
95.214.27.183:15096
anything.line.pm
boats.cloudboats.vip
clients.kaitenc2.de
cloudboats.vip
cnc.zaloweb.ink
cryptoinvest.black
fortnite.cryptoinvest.black
kaitenc2.de
wrld-proxy.ru
zaloweb.ink

# Reference: https://x.com/banthisguy9349/status/1812888986026733605
# Reference: https://www.virustotal.com/gui/file/f4bf61fc335db4f3e7d7d89b534bc1e6ead66a51938e119ea340fe95039935e3/detection

111.211.202.226:23
84.54.51.35:6788

# Reference: https://x.com/banthisguy9349/status/1812883358902362606
# Reference: https://x.com/raghav127001/status/1817065427203248388

91.92.242.121:1337
91.92.242.121:8080

# Reference: https://www.virustotal.com/gui/file/e64e37fc5f80763c42acf8697da3a8b801198e1a357edc5b7bdc0c6c79a8f547/detection

http://91.92.252.52
91.92.252.52:3778

# Reference: https://x.com/banthisguy9349/status/1814972722998366705

test.ddosvps.cc

# Reference: https://pastebin.com/HWEL1WEv

http://103.238.235.163
http://104.218.235.68
http://104.218.236.179
http://107.189.31.249
http://141.11.149.201
http://141.98.7.59
http://147.78.103.120
http://147.78.103.95
http://149.50.116.115
http://154.44.25.69
http://158.69.129.111
http://185.27.62.20
http://193.168.173.217
http://194.124.227.4
http://198.98.59.63
http://2.56.212.75
http://204.93.201.50
http://209.141.57.51
http://209.141.58.144
http://37.221.67.60
http://45.32.8.100
http://45.95.169.138
http://45.95.169.147
http://45.95.169.149
http://46.17.42.8
http://5.253.246.43
http://85.239.34.37
http://93.123.85.201
http://93.123.85.204
http://94.156.67.161
http://95.214.27.205
nimade.top
xz.nimade.top

# Reference: https://x.com/thehappydinoa/status/1815382995605287042
# Reference: https://www.virustotal.com/gui/file/f36cf9f570a3d59a4bc0942b1e6cfde4faf83586ca5b9ba20c0b1f0d91c4868d/detection
# Reference: https://www.virustotal.com/gui/file/96b847812fbdb3ccedb2d2e790992e4acaafabef8019506a1e9045ba131aff66/detection

http://15.235.203.214
15.235.203.214:2466
15.235.203.214:8080
94.123.41.244:52869
mineheaven.org
vector.mineheaven.org

# Reference: https://www.virustotal.com/gui/file/195fea1919c84d47312969c2e609756d07185d7ebc6abda7efbe60718885c6b5/detection

51.79.141.54:5976
botvectors.mineheaven.org

# Reference: https://www.virustotal.com/gui/file/0e927d6d2c1bf1547c0e2c655761428c7eb49bfa0fc06176360fdf26c5b51b7b/detection

157.230.177.251:35656
bot.mineheaven.org
nbot.mineheaven.org

# Reference: https://www.virustotal.com/gui/file/446087c19920506277ed0e7c56ae84df36f3c384f03d721fa8c587371dc69e5e/detection

103.174.72.3:35426
lmanber.xyz
botconnect.lmanber.xyz

# Reference: https://www.virustotal.com/gui/file/3a5c9fb1672dc49736c7ea4ca1d9163de3c15c4a73d1b1435b089e5989732ed5/detection

4.213.168.254:35456
bolo-botnet.net
connect.bolo-botnet.net

# Reference: https://x.com/thehappydinoa/status/1815383128510242943
# Reference: https://www.virustotal.com/gui/file/14a066f18ae1c0bf1dc3cf8cd8e4e383cb576ede15688a89403a9ae388530b73/detection

http://51.79.142.121
51.79.142.121:8080

# Reference: https://www.virustotal.com/gui/file/0f40625671738dbe03e83e298fb0b3a6b59395734190e3648764e55679933ccf/detection

http://93.123.85.104
93.123.85.104:9932

# Reference: https://x.com/raghav127001/status/1817025177739268536
# Reference: https://www.virustotal.com/gui/file/717da13a248f13455000bc7bedc844c5a1981c0ae50342d29acb7f4a4542cad8/detection
# Reference: https://www.virustotal.com/gui/file/5ab72be12cca8275d95a90188a1584d67f95d43a7903987e734002983b5a3925/detection

http://94.156.66.191
http://94.156.71.55
stresse.live
stressland.ru
cyberbotne.stresse.live
meowbonet.stresse.live
ohayobinet.stressland.ru

# Reference: https://x.com/banthisguy9349/status/1817998560442425710

15.235.203.165:6677
185.150.26.210:47925
185.150.26.221:47925
185.196.9.5:51237
45.156.21.122:8967

# Reference: https://x.com/RacWatchin8872/status/1818272620565209107
# Reference: https://www.virustotal.com/gui/file/ba858ea2eaa1a556cf1fe15dfd9a0e1fbfbb7c5ff9835f8b59f1753f2986a887/detection

http://93.123.85.108
93.123.85.108:47925

# Reference: https://x.com/LemonHaze420_/status/1818456077526073563
# Reference: https://www.virustotal.com/gui/ip-address/89.110.90.159/relations
# Reference: https://www.virustotal.com/gui/file/797770f162ac0598d54df42b1a449e8ccdb629857c9b81913fa6ac0f88edd584/detection
# Reference: https://www.virustotal.com/gui/file/709c3f984b6bcd3554adb6db43f1cb3c0324ff02a9bfafbd6663473258bf5ce3/detection
# Reference: https://www.virustotal.com/gui/file/66de6782348319cc238849cb4d32ef6c2a8d1f777a061e2884475c185970a5ef/detection

89.110.90.159:2222
89.110.90.159:6969
94.103.83.102:3257
chinkdogeaters.dyn
fracturiser.oss
nakotne.pirate
nvr.libre
francothesped.geek
tacomuncher.oss
wearelegal.pirate

# Reference: https://x.com/karol_paciorek/status/1818642618525327774

http://77.90.37.71
51.158.108.203:53
scan.yerco.xyz

# Reference: https://www.virustotal.com/gui/file/0662f2df22ed991de450ba5c0dc2a2b156fa1be1b9bb859c8ff3a7d31c0c1421/detection
# Reference: https://www.virustotal.com/gui/file/990bd1ef0320ed30cf7168649afa114f88177841244027c34a02b91ea01b7109/detection
# Reference: https://www.virustotal.com/gui/file/a8bad0febd71b35d2dd4cadc8195b0394fbc5e6be2f6e271e51fb23fe615cea8/detection

http://91.92.249.160

# Reference: https://x.com/banthisguy9349/status/1819284159560323115
# Reference: https://www.virustotal.com/gui/file/6dfeedfdf14f3b7c511c772f034fffc25f5abe12ab589f6db4303ab559acea5f/detection

http://31.24.251.32
http://77.221.151.28
http://91.92.252.108
31.24.251.32:23
77.221.151.28:23
microsoftconnect.net
secure.microsoftconnect.net

# Reference: https://x.com/banthisguy9349/status/1819301843899408742
# Reference: https://urlhaus.abuse.ch/host/203.161.46.2/

http://203.161.46.2
203.161.46.2:9999
sosa.lol

# Reference: https://x.com/banthisguy9349/status/1819302055988580587
# Reference: https://www.virustotal.com/gui/file/94de978d50b1fd901d6e395ca0d833aec5cffbdc01231c3eb49e3aa6273a00c5/detection

http://5.59.248.66
5.59.248.66:1337

# Reference: https://x.com/banthisguy9349/status/1819305353906884683
# Reference: https://urlhaus.abuse.ch/host/5.59.248.52/
# Reference: https://www.virustotal.com/gui/file/e72cb6fb125b099650b4803c8fb859ae8ab4510453ea88de2163f869939dc89c/detection
# Reference: https://www.virustotal.com/gui/file/b00a48790bc40ccec2c912d9c4f6aaa752b4a3b57f59dc425ef94faa264b5376/detection

http://5.59.248.52
5.59.248.52:1312

# Reference: https://isc.sans.edu/diary/Increased%20Activity%20Against%20Apache%20OFBiz%20CVE-2024-32113/31132
# Reference: https://www.virustotal.com/gui/file/9570dd5b889f9c318e64b26b40c347adac86e4d11f2394486aac778736cf11a2/detection
# Reference: https://www.virustotal.com/gui/file/7ebbbc1a87086d76898913924298299e39d64a2574aedbe9290798b730b97715/detection
# Reference: https://www.virustotal.com/gui/file/0855f2e02845c07fed7859e38c682c635af90f0dc67aa578a01cbe0715b4be17/detection

http://185.196.10.231
http://95.214.27.196
185.196.10.231:1312
95.214.27.196:3007
sairamylove.com

# Reference: https://x.com/banthisguy9349/status/1819433763933192217
# Reference: https://app.validin.com/detail?type=dom&find=Sheepyy.love#tab=host_pairs_v2

sheepyy.love
worker.sheepyy.love
ing-login-member-toekn.dynssl.com
ing-member-token.authorizeddns.net
login-ing-member.misecure.com
logln-token-sms-cy.b0tnet.com
member-ing-login-token.mylftv.com
online-bank-of-cyprus-member.ygto.com

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-08-03)

http://156.238.225.102
http://31.31.233.28
100.42.188.202:1312
103.118.40.168:56005
107.189.31.227:1337
107.189.31.249:1337
129.154.197.126:83
147.182.202.39:81
154.9.249.164:3778
190.97.165.12:25601
190.97.165.12:25602
190.97.165.12:25603
190.97.165.12:25608
194.124.227.4:59666
213.171.4.129:3778
45.139.104.237:9506
45.95.169.147:5555
46.19.143.28:2969
46.23.108.170:6149
5.59.248.10:1024
51.195.54.78:1002
51.195.54.78:1003
51.195.54.78:1004
51.195.54.78:1005
62.210.144.241:4258
77.90.41.72:5000
77.90.42.160:888
91.92.252.195:9511
93.157.106.225:1312
94.156.67.132:1337
cyberspeed.baby
khongphaibotnet.servehttp.com
xjp.cyberspeed.baby

# Reference: https://x.com/raghav127001/status/1820247145628278881
# Reference: https://www.virustotal.com/gui/file/c99ca5d6319b7f1710092e3a67007a12c9ec4a4e6e88eed929d61bd6d50a1143/detection
# Reference: https://www.virustotal.com/gui/file/3888aae35f898dc2be59adeb08b5312d6844a8855c7b57fc90c70ec328b41f16/detection
# Reference: https://www.virustotal.com/gui/file/34745a9d2d4b8ec1b0e1bc3517219c811df6a73447ed1fb2baade79955ed42db/detection

http://45.66.231.16
45.66.231.16:38241

# Reference: https://x.com/RacWatchin8872/status/1820424075392463123

http://154.216.20.232

# Reference: https://x.com/tolisec/status/1820890344923484507
# Reference: https://elfdigest.com/report/9c794799b52f9c5c70d76c1b9b879a3666ff7347eb00f872d701a72d096fb077

195.2.81.97:7122
35.212.131.94:7122
printerconsulting.ru
reports.printerconsulting.ru

# Reference: https://x.com/banthisguy9349/status/1820896146354794936

http://193.32.179.21
http://80.94.92.172

# Reference: https://x.com/RacWatchin8872/status/1822063734275092945
# Reference: https://www.virustotal.com/gui/file/b16dc2649d290a9e19b75764e87fe39d6022e12e93c207689269b90e2f6b28e0/detection

http://154.216.17.31
howyoudoinbby.dyn

# Reference: https://x.com/sicehice/status/1823133984844284252
# Reference: https://www.virustotal.com/gui/file/77e05b52f51cfc8ec31f0dc2e544dc21b94250f35a5a353fd5e4e271e75bc45d/detection

http://194.87.232.36
http://95.214.27.251

# Reference: https://x.com/RacWatchin8872/status/1823333641373565368
# Reference: https://www.virustotal.com/gui/file/e4fe5379adde816655ac390659eaf4cb151052efb1c91091f74bba0aff6b4b17/detection
# Reference: https://www.virustotal.com/gui/file/94f851a87123e35b6470292b117b57196c79a63ddf948f52f83962b21b78281a/detection
# Reference: https://www.virustotal.com/gui/file/7ef91204c19d2136c102c3d05fee689f5df5618a5292c3204a91851acb3b1f35/detection
# Reference: https://www.virustotal.com/gui/file/50824f3e4973fdc49c8858a9e70b04475c80360eb7da5a229726eb886b7dffcb/detection

http://47.120.60.228
http://69.165.74.77
69.165.74.77:56999
qqzx.cc
d.qqzx.cc

# Reference: https://x.com/banthisguy9349/status/1823400214394282145
# Reference: https://www.virustotal.com/gui/file/88a5db2e388d82d600c14cd1419b86775b98928db2368683d50c497a64beef08/detection

95.214.27.152:47925
meme.vacstresser.org

# Reference: https://www.virustotal.com/gui/file/c24d371f7dd9298ee54961793b06aec16ac6d1735949e4bdf587827019786628/detection
# Reference: https://www.virustotal.com/gui/file/81c05d4bebe7c762834d628a52cdd19354ed4c39d26ae85bf24d5ba6db158c33/detection
# Reference: https://www.virustotal.com/gui/file/70817694af267eb12ea05771e2d7ee889fa78bf0627eaf3705a1f94fb7a9395a/detection

81.161.229.4:1312

# Reference: https://x.com/banthisguy9349/status/1823768991409598841
# Reference: https://www.virustotal.com/gui/file/cf60e8fd0b216a00a97ef2447e548a03549763b7767d515b7dc06bcfe05daaad/detection

95.214.27.157:47925
botnetrealsexo.com
foxthreatnigger.botnetrealsexo.com

# Reference: https://x.com/RacWatchin8872/status/1824145988682125743
# Reference: https://tria.ge/240815-wf4a7szckm/static1
# Reference: https://www.virustotal.com/gui/file/b76a075b4070f986f905ee8c57b66c804bc4b3e2cc878c7af3baaaa36b676b64/detection

http://93.123.85.118
93.123.85.118:9703
magic.bulletvm.net

# Reference: https://x.com/BlinkzSec/status/1824722212869263533
# Reference: https://www.virustotal.com/gui/file/226fdb8853e982a6d136c2f9392d16d999a689ea0640b4890cb208c85afb9130/detection

http://45.202.35.22
45.202.35.22:1420
mamma.su
cnc.mamma.su
/nullnet_bin_dir/
/nullnet_load.arc
/nullnet_load.arm
/nullnet_load.arm4
/nullnet_load.arm4l
/nullnet_load.arm4t
/nullnet_load.arm4tl
/nullnet_load.arm4tll
/nullnet_load.arm5
/nullnet_load.arm5l
/nullnet_load.arm5n
/nullnet_load.arm6
/nullnet_load.arm64
/nullnet_load.arm6l
/nullnet_load.arm7
/nullnet_load.arm7l
/nullnet_load.arm8
/nullnet_load.armv4
/nullnet_load.armv4l
/nullnet_load.armv5l
/nullnet_load.armv6
/nullnet_load.armv61
/nullnet_load.armv6l
/nullnet_load.armv7l
/nullnet_load.dbg
/nullnet_load.exploit
/nullnet_load.i4
/nullnet_load.i486
/nullnet_load.i586
/nullnet_load.i6
/nullnet_load.i686
/nullnet_load.kill
/nullnet_load.m68
/nullnet_load.m68k
/nullnet_load.mips
/nullnet_load.mips64
/nullnet_load.mipseb
/nullnet_load.mipsel
/nullnet_load.mpsl
/nullnet_load.pcc
/nullnet_load.powerpc
/nullnet_load.powerpc-440fp
/nullnet_load.powerppc
/nullnet_load.ppc
/nullnet_load.ppc2
/nullnet_load.ppc440
/nullnet_load.ppc440fp
/nullnet_load.root
/nullnet_load.root32
/nullnet_load.sh
/nullnet_load.sh4
/nullnet_load.sparc
/nullnet_load.spc
/nullnet_load.ssh4
/nullnet_load.x32
/nullnet_load.x64
/nullnet_load.x86
/nullnet_load.x86_32
/nullnet_load.x86_64

# Reference: https://x.com/tosscoinwitcher/status/1825275628830212185
# Reference: https://www.virustotal.com/gui/file/5756fe106d0d836309be5f383a8bc54e4adac424a406f7e56746b6dcd3e419e6/detection

http://154.216.18.196

# Reference: https://x.com/banthisguy9349/status/1826327512647172402
# Reference: https://www.virustotal.com/gui/file/1d53b73b847d9e0a72b46612a020097a0673bd4cbdf3c5e96bfb98ee9de6711b/detection
# Reference: https://www.virustotal.com/gui/file/1d53b73b847d9e0a72b46612a020097a0673bd4cbdf3c5e96bfb98ee9de6711b/detection

http://45.148.123.62
f0x.dad

# Reference: https://www.virustotal.com/gui/ip-address/45.14.226.24/relations

http://45.14.226.24
nvr.cx

# Reference: https://www.virustotal.com/gui/file/00d0b408d515e2affdd62677ab42752928669fb9851de4e23b07f642e4f205f3/detection

185.196.9.43:51515

# Reference: https://x.com/banthisguy9349/status/1827630028814745834
# Reference: https://search.censys.io/hosts/62.204.41.39

62.204.41.39:12001
62.204.41.39:12002
62.204.41.39:12003
62.204.41.39:12004
62.204.41.39:12005
62.204.41.39:12009
62.204.41.39:12011
62.204.41.39:5580
62.204.41.39:8088
62.204.41.39:8888

# Reference: https://www.virustotal.com/gui/file/736575d7277732b652edade1e21e8614755935b24ba6b032c2a831748a006ac4/detection

http://103.228.37.56
http://147.78.103.177
http://147.78.103.184
http://147.78.103.195
http://147.78.103.47
http://179.43.190.218
http://185.149.146.227
http://185.172.128.144
http://193.233.132.175
http://198.23.165.253
http://45.129.199.237
http://45.66.231.213
http://5.42.66.22
http://5.42.96.55
http://91.92.242.124
http://91.92.246.18
http://93.123.39.110
http://93.123.39.98

# Reference: https://www.virustotal.com/gui/ip-address/74.50.81.158/relations
# Reference: https://www.virustotal.com/gui/file/940282b050bf203610b0a8f736ab00628b4b657df00dbce7b3e2eedd89a49c3e/detection
# Reference: https://www.virustotal.com/gui/file/6ad5984bc9af7af6962a080bbb1a35bb56e8671c4b9c1d44e88da5a3f6b9aa82/detection
# Reference: https://www.virustotal.com/gui/file/22553be649f76a060ebbdfd410e295b66803e9c49d23369a726be2c5a25733ab/detection

http://74.50.81.158

# Reference: https://www.virustotal.com/gui/ip-address/93.123.39.111/relations
# Reference: https://www.virustotal.com/gui/file/e5e386b04523239693e8e883dd18ba41c37597834a4ee3a7937f5a93d1164321/detection

http://93.123.39.111

# Reference: https://www.virustotal.com/gui/ip-address/93.123.85.213/relations
# Reference: https://www.virustotal.com/gui/file/4324915872ffb8478387553decc23ef49ff5a78a4fb191fa836c2dd496470c67/detection
# Reference: https://www.virustotal.com/gui/file/42420ea8c6e9d99468c35107ba5a710723777e2a472f9c1cca8a6afc1756c9a3/detection
# Reference: https://www.virustotal.com/gui/file/947f517d3b833cc046b2ea0540aad199b7777fb03057122fb0b618828abdc212/detection

http://93.123.85.213
violet-services.xyz

# Reference: https://x.com/TuringAlex/status/1829140692293300538

foxnointel.ru

# Reference: https://x.com/RacWatchin8872/status/1828882835102449714

http://93.123.85.197

# Reference: https://www.virustotal.com/gui/file/dead2703649359e1d92856cb0cf3b4355f0b5358775598c89187fe1fe7cb4313/detection

93.123.85.197:8769
vavdb.ggm.kr

# Reference: https://www.virustotal.com/gui/file/84350d880e013806d3dd6db18b26cb506ea1a91209141839ae73cb9b548a61bd/detection

http://45.202.35.36

# Reference: https://x.com/banthisguy9349/status/1829422154485465501
# Reference: https://urlhaus.abuse.ch/host/154.216.17.121/
# Reference: https://urlhaus.abuse.ch/host/154.216.20.233/
# Reference: https://urlhaus.abuse.ch/host/95.214.27.155/

154.216.17.121:8080
154.216.20.233:8080
95.214.27.155:8080

# Reference: https://x.com/BlinkzSec/status/1829687733784379882
# Reference: https://app.validin.com/detail?find=103.77.240.73&type=ip4&ref_id=8ecaa1e6ca4#tab=host_pairs_v2
# Reference: https://app.validin.com/detail?find=148.100.78.3&type=ip4&ref_id=8ecaa1e6ca4#tab=host_pairs_v2
# Reference: https://www.virustotal.com/gui/file/df97b895143eafd0cabafec1c258b5c7429f7728a4d80c1a1294f281a087f82f/detection
# Reference: https://www.virustotal.com/gui/file/3a38a87059662b50c420157b586cfa06b4e88fd38c9a6d27b8e78ff06e2f8219/detection

http://103.77.240.73
http://148.100.78.3
http://192.3.1.113

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-08-31)

http://194.5.98.54
103.205.60.51:3007
104.237.135.234:12381
104.237.135.234:1337
104.237.135.234:2222
104.237.135.234:2474
104.237.135.234:5555
104.237.135.234:6969
104.237.135.234:8745
104.237.135.234:8932
104.237.135.248:12381
104.237.135.248:1337
104.237.135.248:2222
104.237.135.248:2474
104.237.135.248:5555
104.237.135.248:6969
104.237.135.248:8745
104.237.135.248:8932
104.237.135.249:12381
104.237.135.249:1337
104.237.135.249:2222
104.237.135.249:2474
104.237.135.249:5555
104.237.135.249:6969
104.237.135.249:8745
104.237.135.249:8932
139.162.122.50:12381
139.162.122.50:1337
139.162.122.50:2222
139.162.122.50:2474
139.162.122.50:5555
139.162.122.50:6969
139.162.122.50:8745
139.162.122.50:8932
139.162.84.81:12381
139.162.84.81:1337
139.162.84.81:2222
139.162.84.81:2474
139.162.84.81:5555
139.162.84.81:6969
139.162.84.81:8745
139.162.84.81:8932
139.162.84.95:12381
139.162.84.95:1337
139.162.84.95:2222
139.162.84.95:2474
139.162.84.95:5555
139.162.84.95:6969
139.162.84.95:8745
139.162.84.95:8932
154.213.185.141:6788
154.216.17.121:5667
154.216.17.67:9506
154.216.18.82:9506
154.216.19.139:1081
156.238.225.102:80
159.253.120.29:666
172.104.165.127:12381
172.104.165.127:1337
172.104.165.127:2222
172.104.165.127:2474
172.104.165.127:5555
172.104.165.127:6969
172.104.165.127:8745
172.104.165.127:8932
172.105.109.175:12381
172.105.109.175:1337
172.105.109.175:2222
172.105.109.175:2474
172.105.109.175:5555
172.105.109.175:6969
172.105.109.175:8745
172.105.109.175:8932
172.105.120.101:12381
172.105.120.101:1337
172.105.120.101:2222
172.105.120.101:2474
172.105.120.101:5555
172.105.120.101:6969
172.105.120.101:8745
172.105.120.101:8932
172.232.124.43:12381
172.232.124.43:1337
172.232.124.43:2222
172.232.124.43:2474
172.232.124.43:5555
172.232.124.43:6969
172.232.124.43:8745
172.232.124.43:8932
172.232.148.112:12381
172.232.148.112:1337
172.232.148.112:2222
172.232.148.112:2474
172.232.148.112:5555
172.232.148.112:6969
172.232.148.112:8745
172.232.148.112:8932
172.232.152.145:12381
172.232.152.145:1337
172.232.152.145:2222
172.232.152.145:2474
172.232.152.145:5555
172.232.152.145:6969
172.232.152.145:8745
172.232.152.145:8932
172.232.203.179:12381
172.232.203.179:1337
172.232.203.179:2222
172.232.203.179:2474
172.232.203.179:5555
172.232.203.179:6969
172.232.203.179:8745
172.232.203.179:8932
172.232.237.104:12381
172.232.237.104:1337
172.232.237.104:2222
172.232.237.104:2474
172.232.237.104:5555
172.232.237.104:6969
172.232.237.104:8745
172.232.237.104:8932
172.232.237.29:12381
172.232.237.29:1337
172.232.237.29:2222
172.232.237.29:2474
172.232.237.29:5555
172.232.237.29:6969
172.232.237.29:8745
172.232.237.29:8932
172.232.34.247:12381
172.232.34.247:1337
172.232.34.247:2222
172.232.34.247:2474
172.232.34.247:5555
172.232.34.247:6969
172.232.34.247:8745
172.232.34.247:8932
172.233.107.81:12381
172.233.107.81:1337
172.233.107.81:2222
172.233.107.81:2474
172.233.107.81:5555
172.233.107.81:6969
172.233.107.81:8745
172.233.107.81:8932
172.233.172.199:12381
172.233.172.199:1337
172.233.172.199:2222
172.233.172.199:2474
172.233.172.199:5555
172.233.172.199:6969
172.233.172.199:8745
172.233.172.199:8932
172.234.244.102:12381
172.234.244.102:1337
172.234.244.102:2222
172.234.244.102:2474
172.234.244.102:5555
172.234.244.102:6969
172.234.244.102:8745
172.234.244.102:8932
172.234.244.28:12381
172.234.244.28:1337
172.234.244.28:2222
172.234.244.28:2474
172.234.244.28:5555
172.234.244.28:6969
172.234.244.28:8745
172.234.244.28:8932
172.235.142.66:12381
172.235.142.66:1337
172.235.142.66:2222
172.235.142.66:2474
172.235.142.66:5555
172.235.142.66:6969
172.235.142.66:8745
172.235.142.66:8932
172.235.48.113:12381
172.235.48.113:1337
172.235.48.113:2222
172.235.48.113:2474
172.235.48.113:5555
172.235.48.113:6969
172.235.48.113:8745
172.235.48.113:8932
172.235.51.77:12381
172.235.51.77:1337
172.235.51.77:2222
172.235.51.77:2474
172.235.51.77:5555
172.235.51.77:6969
172.235.51.77:8745
172.235.51.77:8932
172.236.11.132:12381
172.236.11.132:1337
172.236.11.132:2222
172.236.11.132:2474
172.236.11.132:5555
172.236.11.132:6969
172.236.11.132:8745
172.236.11.132:8932
172.236.34.39:12381
172.236.34.39:1337
172.236.34.39:2222
172.236.34.39:2474
172.236.34.39:5555
172.236.34.39:6969
172.236.34.39:8745
172.236.34.39:8932
172.236.61.194:12381
172.236.61.194:1337
172.236.61.194:2222
172.236.61.194:2474
172.236.61.194:5555
172.236.61.194:6969
172.236.61.194:8745
172.236.61.194:8932
173.255.246.83:12381
173.255.246.83:1337
173.255.246.83:2222
173.255.246.83:2474
173.255.246.83:5555
173.255.246.83:6969
173.255.246.83:8745
173.255.246.83:8932
176.123.2.219:5060
185.196.11.135:9506
185.196.9.165:60199
185.255.178.106:2474
193.233.203.161:5667
193.32.179.252:12381
193.32.179.252:1337
193.32.179.252:2222
193.32.179.252:2474
193.32.179.252:5555
193.32.179.252:6969
193.32.179.252:8745
193.32.179.252:8932
194.195.124.33:12381
194.195.124.33:1337
194.195.124.33:2222
194.195.124.33:2474
194.195.124.33:5555
194.195.124.33:6969
194.195.124.33:8745
194.195.124.33:8932
195.2.81.97:12381
195.2.81.97:1337
195.2.81.97:2222
195.2.81.97:2474
195.2.81.97:5555
195.2.81.97:6969
195.2.81.97:8745
195.2.81.97:8932
199.192.23.79:47925
20.199.79.76:12381
20.199.79.76:1337
20.199.79.76:2222
20.199.79.76:2474
20.199.79.76:5555
20.199.79.76:6969
20.199.79.76:8745
20.199.79.76:8932
20.244.84.75:12381
20.244.84.75:1337
20.244.84.75:2222
20.244.84.75:2474
20.244.84.75:5555
20.244.84.75:6969
20.244.84.75:8745
20.244.84.75:8932
20.56.18.114:12381
20.56.18.114:1337
20.56.18.114:2222
20.56.18.114:2474
20.56.18.114:5555
20.56.18.114:6969
20.56.18.114:8745
20.56.18.114:8932
213.183.53.189:5667
23.139.82.90:25565
31.31.233.28:80
34.0.211.16:12381
34.0.211.16:1337
34.0.211.16:2222
34.0.211.16:2474
34.0.211.16:5555
34.0.211.16:6969
34.0.211.16:8745
34.0.211.16:8932
34.0.78.181:12381
34.0.78.181:1337
34.0.78.181:2222
34.0.78.181:2474
34.0.78.181:5555
34.0.78.181:6969
34.0.78.181:8745
34.0.78.181:8932
34.1.162.132:12381
34.1.162.132:1337
34.1.162.132:2222
34.1.162.132:2474
34.1.162.132:5555
34.1.162.132:6969
34.1.162.132:8745
34.1.162.132:8932
34.35.69.212:12381
34.35.69.212:1337
34.35.69.212:2222
34.35.69.212:2474
34.35.69.212:5555
34.35.69.212:6969
34.35.69.212:8745
34.35.69.212:8932
34.97.142.97:12381
34.97.142.97:1337
34.97.142.97:2222
34.97.142.97:2474
34.97.142.97:5555
34.97.142.97:6969
34.97.142.97:8745
34.97.142.97:8932
35.206.137.131:12381
35.206.137.131:1337
35.206.137.131:2222
35.206.137.131:2474
35.206.137.131:5555
35.206.137.131:6969
35.206.137.131:8745
35.206.137.131:8932
35.206.230.229:12381
35.206.230.229:1337
35.206.230.229:2222
35.206.230.229:2474
35.206.230.229:5555
35.206.230.229:6969
35.206.230.229:8745
35.206.230.229:8932
35.207.181.87:12381
35.207.181.87:1337
35.207.181.87:2222
35.207.181.87:2474
35.207.181.87:5555
35.207.181.87:6969
35.207.181.87:8745
35.207.181.87:8932
35.213.227.193:12381
35.213.227.193:1337
35.213.227.193:2222
35.213.227.193:2474
35.213.227.193:5555
35.213.227.193:6969
35.213.227.193:8745
35.213.227.193:8932
35.214.155.115:12381
35.214.155.115:1337
35.214.155.115:2222
35.214.155.115:2474
35.214.155.115:5555
35.214.155.115:6969
35.214.155.115:8745
35.214.155.115:8932
35.215.191.108:12381
35.215.191.108:1337
35.215.191.108:2222
35.215.191.108:2474
35.215.191.108:5555
35.215.191.108:6969
35.215.191.108:8745
35.215.191.108:8932
35.215.60.186:12381
35.215.60.186:1337
35.215.60.186:2222
35.215.60.186:2474
35.215.60.186:5555
35.215.60.186:6969
35.215.60.186:8745
35.215.60.186:8932
35.216.58.85:12381
35.216.58.85:1337
35.216.58.85:2222
35.216.58.85:2474
35.216.58.85:5555
35.216.58.85:6969
35.216.58.85:8745
35.216.58.85:8932
35.217.11.179:12381
35.217.11.179:1337
35.217.11.179:2222
35.217.11.179:2474
35.217.11.179:5555
35.217.11.179:6969
35.217.11.179:8745
35.217.11.179:8932
35.219.178.176:12381
35.219.178.176:1337
35.219.178.176:2222
35.219.178.176:2474
35.219.178.176:5555
35.219.178.176:6969
35.219.178.176:8745
35.219.178.176:8932
35.219.254.219:12381
35.219.254.219:1337
35.219.254.219:2222
35.219.254.219:2474
35.219.254.219:5555
35.219.254.219:6969
35.219.254.219:8745
35.219.254.219:8932
4.231.239.100:12381
4.231.239.100:1337
4.231.239.100:2222
4.231.239.100:2474
4.231.239.100:5555
4.231.239.100:6969
4.231.239.100:8745
4.231.239.100:8932
45.65.9.51:12381
45.65.9.51:1337
45.65.9.51:2222
45.65.9.51:2474
45.65.9.51:5555
45.65.9.51:6969
45.65.9.51:8745
45.65.9.51:8932
45.65.9.52:12381
45.65.9.52:1337
45.65.9.52:2222
45.65.9.52:2474
45.65.9.52:5555
45.65.9.52:6969
45.65.9.52:8745
45.65.9.52:8932
45.79.181.50:12381
45.79.181.50:1337
45.79.181.50:2222
45.79.181.50:2474
45.79.181.50:5555
45.79.181.50:6969
45.79.181.50:8745
45.79.181.50:8932
45.79.236.13:12381
45.79.236.13:1337
45.79.236.13:2222
45.79.236.13:2474
45.79.236.13:5555
45.79.236.13:6969
45.79.236.13:8745
45.79.236.13:8932
45.95.169.158:9931
5.188.34.248:12381
5.188.34.248:1337
5.188.34.248:2222
5.188.34.248:2474
5.188.34.248:5555
5.188.34.248:6969
5.188.34.248:8745
5.188.34.248:8932
5.188.34.250:12381
5.188.34.250:1337
5.188.34.250:2222
5.188.34.250:2474
5.188.34.250:5555
5.188.34.250:6969
5.188.34.250:8745
5.188.34.250:8932
5.188.34.251:12381
5.188.34.251:1337
5.188.34.251:2222
5.188.34.251:2474
5.188.34.251:5555
5.188.34.251:6969
5.188.34.251:8745
5.188.34.251:8932
5.188.34.252:12381
5.188.34.252:1337
5.188.34.252:2222
5.188.34.252:2474
5.188.34.252:5555
5.188.34.252:6969
5.188.34.252:8745
5.188.34.252:8932
5.255.127.202:59666
5.255.127.202:7777
5.59.248.234:1312
5.59.248.52:1024
5.8.33.112:12381
5.8.33.112:1337
5.8.33.112:2222
5.8.33.112:2474
5.8.33.112:5555
5.8.33.112:6969
5.8.33.112:8745
5.8.33.112:8932
5.8.33.125:12381
5.8.33.125:1337
5.8.33.125:2222
5.8.33.125:2474
5.8.33.125:5555
5.8.33.125:6969
5.8.33.125:8745
5.8.33.125:8932
5.8.33.138:12381
5.8.33.138:1337
5.8.33.138:2222
5.8.33.138:2474
5.8.33.138:5555
5.8.33.138:6969
5.8.33.138:8745
5.8.33.138:8932
5.8.33.156:12381
5.8.33.156:1337
5.8.33.156:2222
5.8.33.156:2474
5.8.33.156:5555
5.8.33.156:6969
5.8.33.156:8745
5.8.33.156:8932
5.8.33.161:12381
5.8.33.161:1337
5.8.33.161:2222
5.8.33.161:2474
5.8.33.161:5555
5.8.33.161:6969
5.8.33.161:8745
5.8.33.161:8932
5.8.33.163:12381
5.8.33.163:1337
5.8.33.163:2222
5.8.33.163:2474
5.8.33.163:5555
5.8.33.163:6969
5.8.33.163:8745
5.8.33.163:8932
5.8.33.165:12381
5.8.33.165:1337
5.8.33.165:2222
5.8.33.165:2474
5.8.33.165:5555
5.8.33.165:6969
5.8.33.165:8745
5.8.33.165:8932
5.8.33.175:12381
5.8.33.175:1337
5.8.33.175:2222
5.8.33.175:2474
5.8.33.175:5555
5.8.33.175:6969
5.8.33.175:8745
5.8.33.175:8932
5.8.33.179:12381
5.8.33.179:1337
5.8.33.179:2222
5.8.33.179:2474
5.8.33.179:5555
5.8.33.179:6969
5.8.33.179:8745
5.8.33.179:8932
5.8.33.77:12381
5.8.33.77:1337
5.8.33.77:2222
5.8.33.77:2474
5.8.33.77:5555
5.8.33.77:6969
5.8.33.77:8745
5.8.33.77:8932
51.107.6.184:12381
51.107.6.184:1337
51.107.6.184:2222
51.107.6.184:2474
51.107.6.184:5555
51.107.6.184:6969
51.107.6.184:8745
51.107.6.184:8932
51.12.246.75:12381
51.12.246.75:1337
51.12.246.75:2222
51.12.246.75:2474
51.12.246.75:5555
51.12.246.75:6969
51.12.246.75:8745
51.12.246.75:8932
51.120.241.156:12381
51.120.241.156:1337
51.120.241.156:2222
51.120.241.156:2474
51.120.241.156:4444
51.120.241.156:5555
51.120.241.156:6969
51.120.241.156:8745
51.120.241.156:8932
77.90.22.54:1234
91.92.242.124:3024
92.223.30.117:12381
92.223.30.117:1337
92.223.30.117:2222
92.223.30.117:2474
92.223.30.117:5555
92.223.30.117:6969
92.223.30.117:8745
92.223.30.117:8932
92.223.30.118:12381
92.223.30.118:1337
92.223.30.118:2222
92.223.30.118:2474
92.223.30.118:5555
92.223.30.118:6969
92.223.30.118:8745
92.223.30.118:8932
92.223.30.122:12381
92.223.30.122:1337
92.223.30.122:2222
92.223.30.122:2474
92.223.30.122:5555
92.223.30.122:6969
92.223.30.122:8745
92.223.30.122:8932
92.223.30.152:12381
92.223.30.152:1337
92.223.30.152:2222
92.223.30.152:2474
92.223.30.152:5555
92.223.30.152:6969
92.223.30.152:8745
92.223.30.152:8932
92.223.30.154:12381
92.223.30.154:1337
92.223.30.154:2222
92.223.30.154:2474
92.223.30.154:5555
92.223.30.154:6969
92.223.30.154:8745
92.223.30.154:8932
92.223.30.25:12381
92.223.30.25:1337
92.223.30.25:2222
92.223.30.25:2474
92.223.30.25:5555
92.223.30.25:6969
92.223.30.25:8745
92.223.30.25:8932
92.223.30.53:12381
92.223.30.53:1337
92.223.30.53:2222
92.223.30.53:2474
92.223.30.53:5555
92.223.30.53:6969
92.223.30.53:8745
92.223.30.53:8932
92.223.30.94:12381
92.223.30.94:1337
92.223.30.94:2222
92.223.30.94:2474
92.223.30.94:5555
92.223.30.94:6969
92.223.30.94:8745
92.223.30.94:8932
92.249.48.20:8080
92.249.48.53:18129
92.249.48.62:1337
92.249.48.80:3000
92.249.48.80:999
92.249.48.82:666
92.38.135.242:12381
92.38.135.242:1337
92.38.135.242:2222
92.38.135.242:2474
92.38.135.242:5555
92.38.135.242:6969
92.38.135.242:8745
92.38.135.242:8932
92.38.135.244:12381
92.38.135.244:1337
92.38.135.244:2222
92.38.135.244:2474
92.38.135.244:5555
92.38.135.244:6969
92.38.135.244:8745
92.38.135.244:8932
92.38.135.245:12381
92.38.135.245:1337
92.38.135.245:2222
92.38.135.245:2474
92.38.135.245:5555
92.38.135.245:6969
92.38.135.245:8745
92.38.135.245:8932
92.38.135.246:12381
92.38.135.246:1337
92.38.135.246:2222
92.38.135.246:2474
92.38.135.246:5555
92.38.135.246:6969
92.38.135.246:8745
92.38.135.246:8932
92.38.135.247:12381
92.38.135.247:1337
92.38.135.247:2222
92.38.135.247:2474
92.38.135.247:5555
92.38.135.247:6969
92.38.135.247:8745
92.38.135.247:8932
92.38.135.249:12381
92.38.135.249:1337
92.38.135.249:2222
92.38.135.249:2474
92.38.135.249:5555
92.38.135.249:6969
92.38.135.249:8745
92.38.135.249:8932
92.38.135.250:12381
92.38.135.250:1337
92.38.135.250:2222
92.38.135.250:2474
92.38.135.250:5555
92.38.135.250:6969
92.38.135.250:8745
92.38.135.250:8932
92.38.135.253:12381
92.38.135.253:1337
92.38.135.253:2222
92.38.135.253:2474
92.38.135.253:5555
92.38.135.253:6969
92.38.135.253:8745
92.38.135.253:8932
92.38.160.10:12381
92.38.160.10:1337
92.38.160.10:2222
92.38.160.10:2474
92.38.160.10:5555
92.38.160.10:6969
92.38.160.10:8745
92.38.160.10:8932
92.38.160.11:12381
92.38.160.11:1337
92.38.160.11:2222
92.38.160.11:2474
92.38.160.11:5555
92.38.160.11:6969
92.38.160.11:8745
92.38.160.11:8932
92.38.160.12:12381
92.38.160.12:1337
92.38.160.12:2222
92.38.160.12:2474
92.38.160.12:5555
92.38.160.12:6969
92.38.160.12:8745
92.38.160.12:8932
92.38.160.13:12381
92.38.160.13:1337
92.38.160.13:2222
92.38.160.13:2474
92.38.160.13:5555
92.38.160.13:6969
92.38.160.13:8745
92.38.160.13:8932
92.38.160.14:12381
92.38.160.14:1337
92.38.160.14:2222
92.38.160.14:2474
92.38.160.14:5555
92.38.160.14:6969
92.38.160.14:8745
92.38.160.14:8932
92.38.160.7:12381
92.38.160.7:1337
92.38.160.7:2222
92.38.160.7:2474
92.38.160.7:5555
92.38.160.7:6969
92.38.160.7:8745
92.38.160.7:8932
92.38.160.9:12381
92.38.160.9:1337
92.38.160.9:2222
92.38.160.9:2474
92.38.160.9:5555
92.38.160.9:6969
92.38.160.9:8745
92.38.160.9:8932
93.123.85.247:59962
93.157.106.238:10
94.103.84.230:12381
94.103.84.230:1337
94.103.84.230:2222
94.103.84.230:2474
94.103.84.230:5555
94.103.84.230:6969
94.103.84.230:8745
94.103.84.230:8932
94.156.67.132:9506
94.156.69.188:40347
94.156.69.223:59666
94.156.71.42:9506
95.214.27.26:30120
95.85.78.18:12381
95.85.78.18:1337
95.85.78.18:2222
95.85.78.18:2474
95.85.78.18:5555
95.85.78.18:6969
95.85.78.18:8745
95.85.78.18:8932
95.85.78.19:12381
95.85.78.19:1337
95.85.78.19:2222
95.85.78.19:2474
95.85.78.19:5555
95.85.78.19:6969
95.85.78.19:8745
95.85.78.19:8932
95.85.78.21:12381
95.85.78.21:1337
95.85.78.21:2222
95.85.78.21:2474
95.85.78.21:5555
95.85.78.21:6969
95.85.78.21:8745
95.85.78.21:8932
95.85.78.24:12381
95.85.78.24:1337
95.85.78.24:2222
95.85.78.24:2474
95.85.78.24:5555
95.85.78.24:6969
95.85.78.24:8745
95.85.78.24:8932
95.85.78.25:12381
95.85.78.25:1337
95.85.78.25:2222
95.85.78.25:2474
95.85.78.25:5555
95.85.78.25:6969
95.85.78.25:8745
95.85.78.25:8932
95.85.78.2:12381
95.85.78.2:1337
95.85.78.2:2222
95.85.78.2:2474
95.85.78.2:5555
95.85.78.2:6969
95.85.78.2:8745
95.85.78.2:8932
a.dvrinside.digital
a.foxnointel.ru
a.francoanddosbothaving.fun
a.printerconsulting.ru
a.respectkkk.boats
a.sexforfun.xyz
b.dvrinside.digital
b.foxnointel.ru
b.francoanddosbothaving.fun
b.printerconsulting.ru
b.respectkkk.boats
b.sexforfun.xyz
boatnet.top
bot.geekcs2.top
botnet.jexkia.online
c.dvrinside.digital
c.foxnointel.ru
c.francoanddosbothaving.fun
c.printerconsulting.ru
c.respectkkk.boats
c.sexforfun.xyz
d.dvrinside.digital
d.foxnointel.ru
d.francoanddosbothaving.fun
d.printerconsulting.ru
d.respectkkk.boats
d.sexforfun.xyz
dvrinside.digital
e.dvrinside.digital
e.foxnointel.ru
e.francoanddosbothaving.fun
e.printerconsulting.ru
e.respectkkk.boats
e.sexforfun.xyz
f.dvrinside.digital
f.foxnointel.ru
f.francoanddosbothaving.fun
f.printerconsulting.ru
f.respectkkk.boats
f.sexforfun.xyz
francoanddosbothaving.fun
g.dvrinside.digital
g.foxnointel.ru
g.francoanddosbothaving.fun
g.printerconsulting.ru
g.respectkkk.boats
g.sexforfun.xyz
geekcs2.top
h.dvrinside.digital
h.foxnointel.ru
h.francoanddosbothaving.fun
h.printerconsulting.ru
h.respectkkk.boats
h.sexforfun.xyz
j.dvrinside.digital
j.foxnointel.ru
j.francoanddosbothaving.fun
j.printerconsulting.ru
j.respectkkk.boats
j.sexforfun.xyz
jexkia.online
k.dvrinside.digital
k.foxnointel.ru
k.francoanddosbothaving.fun
k.printerconsulting.ru
k.respectkkk.boats
k.sexforfun.xyz
kyniemsro.com
loadingboats.dyn
mrlagoon.club
respectkkk.boats
sexforfun.xyz
tcp.boatnet.top

# Reference: https://x.com/banthisguy9349/status/1830175916061769936

http://194.147.35.35
http://5.35.44.21
cookiedough.lol
dosbotbig.mom
francoanddosbot.fun
santasbigcandycane.pics
yellowchinks.lat
b.cookiedough.lol
b.yellowchinks.lat
c.cookiedough.lol
c.francoanddosbot.fun
e.dosbotbig.mom
e.francoanddosbot.fun
e.yellowchinks.lat
f.cookiedough.lol
f.francoanddosbot.fun
g.dosbotbig.mom
g.yellowchinks.lat
h.santasbigcandycane.pics
h.yellowchinks.lat
j.cookiedough.lol
j.dosbotbig.mom
j.francoanddosbot.fun
j.yellowchinks.lat
k.cookiedough.lol
k.dosbotbig.mom
k.francoanddosbot.fun

# Reference: https://www.virustotal.com/gui/file/014af37328b38fa8b16ab95527831bfcbc1de222845814ee4a98cc68b4f233fa/detection

aaaa.ru
aabd.ru
aack.ru
aaff.ru
ablf.ru
adbf.ru
afaa.ru
afca.ru
afcb.ru
afdf.ru
akaf.ru
akck.ru
alec.ru
bacc.ru
ball.ru
bclf.ru
bfkc.ru
cala.ru
ccek.ru
cfkf.ru
ckea.ru
deel.ru
dfde.ru
dkaa.ru
dkae.ru
ecca.ru
edaa.ru
ekac.ru
faec.ru
fffa.ru
kabc.ru
kacb.ru
kblk.ru
kdea.ru
kefc.ru
kfaf.ru
labk.ru
lfdf.ru
lkkk.ru

# Reference: https://x.com/banthisguy9349/status/1830251896516612312
# Reference: https://www.virustotal.com/gui/file/0001624f98a0f8e1bd440bb447715f4fbbfc53839f1ea950e0203f77fd7ea966/detection

http://45.152.112.46
http://45.159.211.121
http://81.177.3.19
45.159.211.121:443

# Reference: https://www.virustotal.com/gui/ip-address/209.141.53.247/relations
# Reference: https://www.virustotal.com/gui/file/28f3952e999bc3c17dd36ed6455e6809b408ba08189009788389a64f2fe0f99a/detection

browsersmakemehappy.com
floodx.live

# Reference: https://x.com/banthisguy9349/status/1829421872355713197

http://194.165.16.26

# Reference: https://x.com/RacWatchin8872/status/1831620826451292600
# Reference: https://www.virustotal.com/gui/file/d43ddefea0a51cbdf14d933cc12c16128f76c72a3f3d2d97464c5a49987a4a9c/detection

http://94.156.68.194
94.156.68.194:56999
proxies.codes
bot.proxies.codes

# Reference: https://x.com/RacWatchin8872/status/1831620826451292600
# Reference: https://www.virustotal.com/gui/file/b10fbd6cf89a6caed619472ded8e0d44584fab7937fdc578c91a3912c4a66875/detection

http://93.123.85.226

# Reference: https://x.com/SecureSh3ll/status/1832131946945622377
# Reference: https://www.virustotal.com/gui/file/cf757e6eb8c7e52e32b3f27d24ed0d7034fae4cbd74cfaf89fdacd89a5c050cb/detection

http://95.214.27.246

# Reference: https://x.com/redrabytes/status/1832336757481681215

154.197.69.149:81

# Reference: https://www.virustotal.com/gui/file/028b6a28786e60bedd6a6998ac71ede36b83dc44e438172a724cf150fffe9e4e/detection

45.95.169.162:9506

# Reference: https://www.virustotal.com/gui/file/a5092607e6539d96ad5f6d188b279af59732aa3a2240b049ee8db898a18d6c90/detection

45.95.169.162:1312

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-09-09)

http://91.92.243.233
104.168.101.215:9931
104.237.135.234:2348
104.237.135.234:38441
104.237.135.234:6463
104.237.135.234:8241
104.237.135.248:1114
104.237.135.248:2348
104.237.135.248:38441
104.237.135.248:4200
104.237.135.248:6463
104.237.135.248:7214
104.237.135.248:8241
104.237.135.249:38441
104.237.135.249:4444
139.162.84.81:1114
139.162.84.81:2348
139.162.84.81:38441
139.162.84.81:4200
139.162.84.81:4444
139.162.84.81:6463
139.162.84.81:7214
139.162.84.81:8241
139.162.84.95:2348
139.162.84.95:38441
139.162.84.95:4444
154.216.17.167:59962
154.216.19.18:59962
172.104.165.127:1114
172.104.165.127:2348
172.104.165.127:38441
172.104.165.127:6463
172.104.165.127:7214
172.104.165.127:8241
172.105.109.175:2348
172.105.109.175:38441
172.105.109.175:4444
172.105.109.175:6463
172.105.109.175:8241
172.105.120.101:1114
172.105.120.101:2348
172.105.120.101:38441
172.105.120.101:6463
172.105.120.101:7214
172.105.120.101:8241
172.232.124.43:38441
172.232.124.43:4444
172.232.148.112:38441
172.232.148.112:4200
172.232.148.112:4444
172.232.152.145:38441
172.232.152.145:4200
172.232.152.145:4444
172.232.152.145:6463
172.232.152.145:8241
172.232.203.179:1114
172.232.203.179:38441
172.232.203.179:4200
172.232.203.179:4444
172.232.203.179:7214
172.232.237.29:1114
172.232.237.29:6463
172.232.237.29:7214
172.232.237.29:8241
172.233.107.81:2348
172.233.107.81:38441
172.233.107.81:4200
172.233.107.81:6463
172.233.107.81:8241
172.233.172.199:1114
172.233.172.199:2348
172.233.172.199:38441
172.233.172.199:4444
172.233.172.199:7214
172.234.244.102:38441
172.234.244.102:4200
172.234.244.28:38441
172.234.244.28:4200
172.235.142.66:1114
172.235.142.66:2348
172.235.142.66:38441
172.235.142.66:4200
172.235.142.66:7214
172.235.48.113:38441
172.235.48.113:4200
172.235.51.77:1114
172.235.51.77:2348
172.235.51.77:38441
172.235.51.77:7214
172.236.11.132:2348
172.236.11.132:38441
172.236.11.132:4200
172.236.11.132:6463
172.236.11.132:8241
172.236.34.39:38441
172.236.34.39:4200
172.236.34.39:4444
172.236.61.194:2348
172.236.61.194:38441
172.236.61.194:4200
172.236.61.194:6463
172.236.61.194:8241
173.255.246.83:1114
173.255.246.83:2348
173.255.246.83:38441
173.255.246.83:4200
173.255.246.83:4444
173.255.246.83:7214
193.32.179.252:1114
193.32.179.252:2348
193.32.179.252:38441
193.32.179.252:4200
193.32.179.252:4444
193.32.179.252:6463
193.32.179.252:7214
193.32.179.252:8241
194.195.124.33:38441
194.195.124.33:4444
194.195.124.33:6463
194.195.124.33:8241
195.2.81.97:1114
195.2.81.97:2348
195.2.81.97:38441
195.2.81.97:4200
195.2.81.97:6463
195.2.81.97:7214
195.2.81.97:8241
20.199.79.76:38441
20.199.79.76:4444
20.199.79.76:6463
20.199.79.76:8241
20.244.84.75:38441
20.244.84.75:4200
20.244.84.75:4444
20.56.18.114:1114
20.56.18.114:6463
20.56.18.114:7214
20.56.18.114:8241
34.0.211.16:1114
34.0.211.16:2348
34.0.211.16:38441
34.0.211.16:7214
34.1.162.132:38441
34.1.162.132:4444
34.35.69.212:1114
34.35.69.212:2348
34.35.69.212:38441
34.35.69.212:4200
34.35.69.212:7214
34.97.142.97:2348
34.97.142.97:38441
34.97.142.97:4200
34.97.142.97:4444
34.97.142.97:6463
34.97.142.97:8241
35.206.137.131:1114
35.206.137.131:7214
35.206.230.229:38441
35.206.230.229:4444
35.207.181.87:1114
35.207.181.87:38441
35.207.181.87:4200
35.207.181.87:6463
35.207.181.87:7214
35.207.181.87:8241
35.213.227.193:1114
35.213.227.193:38441
35.213.227.193:4200
35.213.227.193:4444
35.213.227.193:7214
35.214.155.115:1114
35.214.155.115:7214
35.215.191.108:1114
35.215.191.108:38441
35.215.191.108:4444
35.215.191.108:6463
35.215.191.108:7214
35.215.191.108:8241
35.215.60.186:1114
35.215.60.186:2348
35.215.60.186:38441
35.215.60.186:6463
35.215.60.186:7214
35.215.60.186:8241
35.216.58.85:2348
35.216.58.85:38441
35.216.58.85:6463
35.216.58.85:8241
35.217.11.179:38441
35.217.11.179:4200
35.219.178.176:2348
35.219.178.176:38441
35.219.254.219:2348
35.219.254.219:38441
35.219.254.219:4200
35.219.254.219:4444
4.231.239.100:1114
4.231.239.100:38441
4.231.239.100:4444
4.231.239.100:7214
45.202.35.64:38241
45.65.9.51:2348
45.65.9.51:38441
45.65.9.51:4200
45.65.9.51:6463
45.65.9.51:8241
45.65.9.52:2348
45.65.9.52:38441
45.65.9.52:4444
45.79.181.50:2348
45.79.181.50:38441
45.79.236.13:2348
45.79.236.13:38441
45.79.236.13:4444
5.188.34.248:1114
5.188.34.248:2348
5.188.34.248:38441
5.188.34.248:4200
5.188.34.248:6463
5.188.34.248:7214
5.188.34.248:8241
5.188.34.250:1114
5.188.34.250:2348
5.188.34.250:38441
5.188.34.250:4200
5.188.34.250:4444
5.188.34.250:6463
5.188.34.250:7214
5.188.34.250:8241
5.188.34.251:2348
5.188.34.251:38441
5.188.34.251:4200
5.188.34.251:4444
5.188.34.251:6463
5.188.34.251:8241
5.188.34.252:2348
5.188.34.252:38441
5.188.34.252:6463
5.188.34.252:8241
5.59.248.92:59666
5.8.33.112:1114
5.8.33.112:38441
5.8.33.112:4200
5.8.33.112:6463
5.8.33.112:7214
5.8.33.112:8241
5.8.33.125:1114
5.8.33.125:7214
5.8.33.138:1114
5.8.33.138:2348
5.8.33.138:38441
5.8.33.138:4444
5.8.33.138:6463
5.8.33.138:7214
5.8.33.138:8241
5.8.33.156:1114
5.8.33.156:2348
5.8.33.156:38441
5.8.33.156:4200
5.8.33.156:4444
5.8.33.156:6463
5.8.33.156:7214
5.8.33.156:8241
5.8.33.161:1114
5.8.33.161:6463
5.8.33.161:7214
5.8.33.161:8241
5.8.33.163:1114
5.8.33.163:2348
5.8.33.163:38441
5.8.33.163:4200
5.8.33.163:7214
5.8.33.165:1114
5.8.33.165:2348
5.8.33.165:38441
5.8.33.165:4200
5.8.33.165:4444
5.8.33.165:6463
5.8.33.165:7214
5.8.33.165:8241
5.8.33.175:38441
5.8.33.175:4444
5.8.33.179:1114
5.8.33.179:2348
5.8.33.179:38441
5.8.33.179:4200
5.8.33.179:4444
5.8.33.179:7214
5.8.33.77:1114
5.8.33.77:2348
5.8.33.77:38441
5.8.33.77:4200
5.8.33.77:4444
5.8.33.77:6463
5.8.33.77:7214
5.8.33.77:8241
51.107.6.184:38441
51.107.6.184:4444
51.107.6.184:6463
51.107.6.184:8241
51.12.246.75:1114
51.12.246.75:6463
51.12.246.75:7214
51.12.246.75:8241
51.120.241.156:1114
51.120.241.156:38441
51.120.241.156:4200
51.120.241.156:7214
89.36.160.67:5667
91.92.243.233:33966
92.223.30.117:1114
92.223.30.117:2348
92.223.30.117:38441
92.223.30.117:4200
92.223.30.117:4444
92.223.30.117:7214
92.223.30.118:1114
92.223.30.118:38441
92.223.30.118:4444
92.223.30.118:7214
92.223.30.122:1114
92.223.30.122:2348
92.223.30.122:38441
92.223.30.122:4444
92.223.30.122:6463
92.223.30.122:7214
92.223.30.122:8241
92.223.30.152:1114
92.223.30.152:38441
92.223.30.152:4444
92.223.30.152:7214
92.223.30.154:1114
92.223.30.154:2348
92.223.30.154:38441
92.223.30.154:4444
92.223.30.154:7214
92.223.30.25:38441
92.223.30.25:4200
92.223.30.25:4444
92.223.30.53:38441
92.223.30.53:4444
92.223.30.94:2348
92.223.30.94:38441
92.223.30.94:4200
92.223.30.94:4444
92.38.135.242:2348
92.38.135.242:38441
92.38.135.242:4200
92.38.135.242:4444
92.38.135.242:6463
92.38.135.242:8241
92.38.135.244:1114
92.38.135.244:38441
92.38.135.244:4444
92.38.135.244:6463
92.38.135.244:7214
92.38.135.244:8241
92.38.135.245:38441
92.38.135.245:4200
92.38.135.245:4444
92.38.135.245:6463
92.38.135.245:8241
92.38.135.246:1114
92.38.135.246:2348
92.38.135.246:38441
92.38.135.246:6463
92.38.135.246:7214
92.38.135.246:8241
92.38.135.247:1114
92.38.135.247:2348
92.38.135.247:38441
92.38.135.247:4200
92.38.135.247:4444
92.38.135.247:7214
92.38.135.249:1114
92.38.135.249:7214
92.38.135.250:1114
92.38.135.250:2348
92.38.135.250:38441
92.38.135.250:7214
92.38.135.253:1114
92.38.135.253:2348
92.38.135.253:38441
92.38.135.253:4200
92.38.135.253:4444
92.38.135.253:6463
92.38.135.253:7214
92.38.135.253:8241
92.38.160.10:1114
92.38.160.10:38441
92.38.160.10:4200
92.38.160.10:6463
92.38.160.10:7214
92.38.160.10:8241
92.38.160.11:38441
92.38.160.11:4200
92.38.160.11:4444
92.38.160.11:6463
92.38.160.11:8241
92.38.160.12:1114
92.38.160.12:6463
92.38.160.12:7214
92.38.160.12:8241
92.38.160.13:1114
92.38.160.13:2348
92.38.160.13:38441
92.38.160.13:4200
92.38.160.13:4444
92.38.160.13:6463
92.38.160.13:7214
92.38.160.13:8241
92.38.160.14:1114
92.38.160.14:38441
92.38.160.14:4200
92.38.160.14:4444
92.38.160.14:6463
92.38.160.14:7214
92.38.160.14:8241
92.38.160.7:38441
92.38.160.7:4200
92.38.160.7:4444
92.38.160.9:1114
92.38.160.9:2348
92.38.160.9:38441
92.38.160.9:4444
92.38.160.9:7214
93.123.85.167:3778
93.157.106.238:7761
94.103.84.230:2348
94.103.84.230:38441
94.103.84.230:4200
94.103.84.230:4444
94.103.84.230:6463
94.103.84.230:8241
94.156.71.225:3778
95.85.78.18:1114
95.85.78.18:2348
95.85.78.18:38441
95.85.78.18:4444
95.85.78.18:7214
95.85.78.19:1114
95.85.78.19:2348
95.85.78.19:38441
95.85.78.19:4200
95.85.78.19:4444
95.85.78.19:6463
95.85.78.19:7214
95.85.78.19:8241
95.85.78.24:1114
95.85.78.24:2348
95.85.78.24:38441
95.85.78.24:4444
95.85.78.24:6463
95.85.78.24:7214
95.85.78.24:8241
95.85.78.25:1114
95.85.78.25:2348
95.85.78.25:38441
95.85.78.25:4444
95.85.78.25:6463
95.85.78.25:7214
95.85.78.25:8241
95.85.78.2:2348
95.85.78.2:38441
95.85.78.2:4200
95.85.78.2:6463
95.85.78.2:8241
a.cookiedough.lol
a.dosbotbig.mom
a.francoanddosbot.fun
a.funnyyellowpeople.click
a.yellowchinks.lat
aabl.ru
abkd.ru
b.dosbotbig.mom
b.francoanddosbot.fun
b.funnyyellowpeople.click
baal.ru
bdda.ru
beca.ru
bekd.ru
bfck.ru
c.dosbotbig.mom
c.funnyyellowpeople.click
c.yellowchinks.lat
cbda.ru
cdeb.ru
clca.ru
cnc.ghty.online
d.cookiedough.lol
d.dosbotbig.mom
d.francoanddosbot.fun
d.funnyyellowpeople.click
d.yellowchinks.lat
e.cookiedough.lol
e.funnyyellowpeople.click
f.dosbotbig.mom
f.funnyyellowpeople.click
f.yellowchinks.lat
faek.ru
flca.ru
fuerer-net.ru
funnyyellowpeople.click
g.cookiedough.lol
g.francoanddosbot.fun
g.funnyyellowpeople.click
ghty.online
h.cookiedough.lol
h.dosbotbig.mom
h.francoanddosbot.fun
h.funnyyellowpeople.click
india-scam-call-center.pw
j.funnyyellowpeople.click
k.funnyyellowpeople.click
k.yellowchinks.lat
kbak.ru
kble.ru
keal.ru
laea.ru
loadingthisb.in
mhdy.site
popipg.com
raw.fuerer-net.ru
server.fuerer-net.ru
slapping.homes
taqifshananen.xyz
ydl-v2.mhdy.site
zencileriyerim.fun

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2024-09-09)

http://103.69.96.179
http://13.48.214.27
http://157.10.45.102
http://185.196.8.239
http://185.208.158.246
http://192.227.247.60
http://199.192.23.79
http://209.141.47.218
http://216.250.254.26
http://3.123.144.39
http://37.44.238.66
http://38.60.199.101
http://38.60.199.174
http://45.82.121.157
http://45.89.247.58
http://93.123.85.58
103.238.235.163:56999
103.77.208.150:43957
103.97.58.169:47925
15.235.209.194:19990
154.213.187.164:25000
157.10.45.238:43957
178.254.41.13:23
185.196.8.239:47925
185.196.9.11:47925
185.208.158.128:47925
189.126.106.199:47925
193.124.33.3:47925
193.37.59.116:56999
198.98.59.177:8848
209.141.47.218:47925
209.141.57.64:9070
45.128.232.198:47925
45.156.21.122:8977
45.65.9.79:47925
45.89.247.58:47925
5.182.211.142:47925
5.59.248.206:43957
51.81.234.167:43957
89.185.25.230:47925
92.249.48.33:1337
92.249.48.34:56999
93.123.85.166:47925
93.123.85.199:47925
94.156.248.33:56999
94.156.65.60:33006
94.156.67.241:47925
94.156.71.159:1200
94.156.79.13:47925
4gnekoland.top
apibnng.servehttp.com
bot.haluodq.cc
botnet.4gnekoland.top
botnet123.cc
botnetddos.zapto.org
c.cnc.gay
cnc.fungoa.kro.kr
cnc.gay
comfortel.cloud
craf.kro.kr
cs.proxy1.bf
euphorianet.xyz
foxthreatnointel.africa
fungoa.kro.kr
hismokes.shop
lmfaololxdlmfaolmfao.xyz
minuoddos.xyz
net.icdns.online
online4321.shop
ovh.atproxy.xyz
pl-oferta4382762.store
pl-oferta8572401.store

# Reference: https://x.com/cyberfeeddigest/status/1833213119029449094

/fquoqU/

# Reference: https://www.virustotal.com/gui/file/09e3458367867e8b997b24c3b7bd5ff533616fdeb97d3ddcf6edc191160c813c/detection

160.22.160.118:3007

# Reference: https://www.virustotal.com/gui/file/79cc5ca330aabec945c8d6703354482c9545f89b0d4fe18cd9b03c48e2f067ea/detection

160.22.160.231:3007

# Reference: https://www.virustotal.com/gui/file/4241e30384f3b58e25d530354bf33bd5d2ef9ff6ee2d7b646400830a67f59f42/detection

103.28.33.98:4258

# Reference: https://x.com/sicehice/status/1833534160306348161
# Reference: https://www.virustotal.com/gui/file/e1ce2334b03c33909a768ed3e6ce2133d09ee9e5252bbf78e0240452d5b94ba3/detection
# Reference: https://www.virustotal.com/gui/file/80db654728e36088c332abd739fbb66410f8e49a55bdd360c041bf94b8d842d7/detection
# Reference: https://www.virustotal.com/gui/file/60ccc1960f28cd5e89c5cd85c44c6a48b9fa83f3f176e3d39a3a0cfb45dd400d/detection
# Reference: https://www.virustotal.com/gui/file/6057190ea3e2531ad5d67e762e53e0ed314a4df35c21fe76d580ba3a6be3e313/detection

http://91.92.248.237
91.92.248.237:38241
enemybotnet.com

# Reference: https://www.virustotal.com/gui/file/00b975cd98ec82c396f424d6fc89c9780033de6d1c09ffc658eeba57bef5f56a/detection

91.92.243.233:33966
fuerer-net.ru
net.fuerer-net.ru
raw.fuerer-net.ru
server.fuerer-net.ru

# Reference: https://www.virustotal.com/gui/file/45f0a7935c1c101a5b517ec2560d80ec683f753727af01c8fa2b49ff30391649/detection

http://45.90.13.198
45.90.13.198:32
/yumeko.arc
/yumeko.arm
/yumeko.arm4
/yumeko.arm4l
/yumeko.arm4t
/yumeko.arm4tl
/yumeko.arm4tll
/yumeko.arm5
/yumeko.arm5l
/yumeko.arm5n
/yumeko.arm6
/yumeko.arm64
/yumeko.arm6l
/yumeko.arm7
/yumeko.arm7l
/yumeko.arm8
/yumeko.armv4
/yumeko.armv4l
/yumeko.armv5l
/yumeko.armv6
/yumeko.armv61
/yumeko.armv6l
/yumeko.armv7l
/yumeko.dbg
/yumeko.exploit
/yumeko.i4
/yumeko.i486
/yumeko.i586
/yumeko.i6
/yumeko.i686
/yumeko.kill
/yumeko.m68
/yumeko.m68k
/yumeko.mips
/yumeko.mips64
/yumeko.mipseb
/yumeko.mipsel
/yumeko.mpsl
/yumeko.pcc
/yumeko.powerpc
/yumeko.powerpc-440fp
/yumeko.powerppc
/yumeko.ppc
/yumeko.ppc2
/yumeko.ppc440
/yumeko.ppc440fp
/yumeko.root
/yumeko.root32
/yumeko.sh
/yumeko.sh4
/yumeko.sparc
/yumeko.spc
/yumeko.ssh4
/yumeko.x32
/yumeko.x64
/yumeko.x86
/yumeko.x86_32
/yumeko.x86_64

# Reference: https://x.com/RacWatchin8872/status/1833858948136362108

http://45.66.231.24
http://45.66.231.26

# Reference: https://www.virustotal.com/gui/file/a28f6559ffe833e70f53562eebadbfacbd177895fd0a91e1043e7d52e7d28a41/detection

34.125.42.112:9506

# Reference: https://x.com/banthisguy9349/status/1835237497992835416
# Reference: https://www.virustotal.com/gui/file/6643a2292d25583388b185fad3f54643fdbbfe2f2b37944c604405435cbb2650/detection
# Reference: https://www.virustotal.com/gui/file/2193c8a32f886839c21b02f743c14acb9c00af8365f550bb561385af9ceff863/detection
# Reference: https://www.virustotal.com/gui/file/1727dc9f8ceb95c0665e6681710e1cdec36a95ad8f9ca861e504d2702a5bf0b7/detection
# Reference: https://www.virustotal.com/gui/file/8ec33674a30f3fac2828881af0452b43125d46bec2411ecb20d528b67e63173b/detection
# Reference: https://www.virustotal.com/gui/file/087a52ebdc42b08c68f3b5267d2fcbaf5aa46ce628dc4c39eb07150cb763e9c4/detection
# Reference: https://www.virustotal.com/gui/file/fadf397542e7842bb376121a105e379abe178adcf5bf53785e65bd71b8d8e021/detection
# Reference: https://www.virustotal.com/gui/file/5dc56f3ef4e53932be62164eb93cd3cfc1ae8537c10ded0822f6e688925c543f/detection
# Reference: https://www.virustotal.com/gui/file/faf945ddb24c5b41dad1cb46fac0fc0ac74f4e46823aa2e06f9b1f1afa4bfa63/detection

http://178.215.238.4
http://178.215.238.8
http://5.42.82.207
http://85.239.33.253
http://93.123.85.3
http://93.123.85.62
http://95.214.27.210
178.215.238.8:26718
178.215.238.8:57027
85.239.33.253:666
93.123.85.3:3778
93.123.85.62:23552
93.123.85.62:47925
95.214.27.210:3074
fhlc.me
botnet.fhlc.me
/pinto.arc
/pinto.arm
/pinto.arm4
/pinto.arm4l
/pinto.arm4t
/pinto.arm4tl
/pinto.arm4tll
/pinto.arm5
/pinto.arm5l
/pinto.arm5n
/pinto.arm6
/pinto.arm64
/pinto.arm6l
/pinto.arm7
/pinto.arm7l
/pinto.arm8
/pinto.armv4
/pinto.armv4l
/pinto.armv5l
/pinto.armv6
/pinto.armv61
/pinto.armv6l
/pinto.armv7l
/pinto.dbg
/pinto.exploit
/pinto.i4
/pinto.i486
/pinto.i586
/pinto.i6
/pinto.i686
/pinto.kill
/pinto.m68
/pinto.m68k
/pinto.mips
/pinto.mips64
/pinto.mipseb
/pinto.mipsel
/pinto.mpsl
/pinto.pcc
/pinto.powerpc
/pinto.powerpc-440fp
/pinto.powerppc
/pinto.ppc
/pinto.ppc2
/pinto.ppc440
/pinto.ppc440fp
/pinto.root
/pinto.root32
/pinto.sh
/pinto.sh4
/pinto.sparc
/pinto.spc
/pinto.ssh4
/pinto.x32
/pinto.x64
/pinto.x86
/pinto.x86_32
/pinto.x86_64

# Reference: https://www.fortinet.com/blog/threat-research/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401
# Reference: https://otx.alienvault.com/pulse/66e0b0caffa8120f0871c74b

188.214.27.50:4782

# Reference: https://x.com/cyberfeeddigest/status/1835923485836599398

http://146.59.80.72
http://45.148.10.242

# Reference: https://x.com/BlinkzSec/status/1835993212093186270

http://154.216.17.169

# Reference: https://www.virustotal.com/gui/file/fd6faeb45d3e6167c4af8642dd9e680a6fbc54da6055080bbfeea1a90626031f/detection

pen.gorillafirewall.su

# Reference: https://x.com/RacWatchin8872/status/1837145030596726950

http://94.156.65.232

# Reference: https://x.com/BlinkzSec/status/1837371987108217331
# Reference: https://www.virustotal.com/gui/file/e5a59674395f74eb44421b429352d398201b9e297d7cd692e06230b9c1c343ad/detection

http://94.156.71.92
94.156.71.92:3333
94.156.71.92:44061
eliron-networks369.org
hacker.eliron-networks369.org
/killua.arc
/killua.arm
/killua.arm4
/killua.arm4l
/killua.arm4t
/killua.arm4tl
/killua.arm4tll
/killua.arm5
/killua.arm5l
/killua.arm5n
/killua.arm6
/killua.arm64
/killua.arm6l
/killua.arm7
/killua.arm7l
/killua.arm8
/killua.armv4
/killua.armv4l
/killua.armv5l
/killua.armv6
/killua.armv61
/killua.armv6l
/killua.armv7l
/killua.dbg
/killua.exploit
/killua.i4
/killua.i486
/killua.i586
/killua.i6
/killua.i686
/killua.kill
/killua.m68
/killua.m68k
/killua.mips
/killua.mips64
/killua.mipseb
/killua.mipsel
/killua.mpsl
/killua.pcc
/killua.powerpc
/killua.powerpc-440fp
/killua.powerppc
/killua.ppc
/killua.ppc2
/killua.ppc440
/killua.ppc440fp
/killua.root
/killua.root32
/killua.sh
/killua.sh4
/killua.sparc
/killua.spc
/killua.ssh4
/killua.x32
/killua.x64
/killua.x86
/killua.x86_32
/killua.x86_64

# Reference: https://www.virustotal.com/gui/ip-address/15.204.160.166/relations

bitwise.lol
catairlines.net
chunkyc2.cc
eliron369.xyz
iloveanycast.com
metispowerisassicantlie.xyz
niggakilla.us
orbitcnc.lol
satanstress.net
path.catairlines.net

# Reference: https://urlhaus.abuse.ch/browse/tag/botnetdomain/ (# 2024-09-21)

111467.xyz
45-148-123-62.cprapid.com
4567979.site
admin.econ.gg
af.peertube.red
ajieapi.top
ajiecdn03.top
bota.lolzone.lol
c0c.zonel.lol
captcha.webredirect.org
chanmiraiserver1.duckdns.org
chrome.webredirect.org
cimedpromocao.space
dedify.de
dicshopping.com
econ.gg
enerjikcocukoyunlari.xyz
evinizicinsanat.xyz
followflow.zip
globalvoice.mobi
hostodo2.111467.xyz
kennerdoflamengo.store
kennerflamengodobrasil.online
kennerflamengodobrasil.space
kennerflamengodobrasil.store
kennerflamengostore.space
lolzone.lol
mercado25anos.space
mercadolivre-25anos.store
mercadosniver25.store
onemk3.teracomm.mk
orgin.ajieapi.top
orgin.ajiecdn03.top
p1p1.eu
pagamentoresgate.shop
paguesafe.space
panel.v2ryang.ydns.eu
peertube.red
shayan.90.ydns.eu
teracomm.mk
testprofitapi.kkscoin.com
testprofitweb.kkscoin.com
thelinecityph.online
v2ryang.ydns.eu
webtop.chat
yeniakillitelefonlar.xyz
zonel.lol

# Reference: https://x.com/BlinkzSec/status/1837403940939264284
# Reference: https://urlhaus.abuse.ch/host/91.92.241.129/
# Reference: https://www.virustotal.com/gui/file/a35a6b4cb0608da902098027d754428cc330ac32c45eec89d6b75417b51bc7ab/detection
# Reference: https://www.virustotal.com/gui/file/346d6715d7758d55c2bd8f46ccc7afe7d35a44fab74867d202bb3748d701e44d/detection

http://91.92.241.129

# Reference: https://x.com/banthisguy9349/status/1837507974614462501

http://109.107.181.163
http://45.200.148.43
slapped.homes

# Reference: https://x.com/sicehice/status/1837615077312086144
# Reference: https://www.virustotal.com/gui/file/0f9e2fde95303e02dcb1a72712a366325d3dc5be9c3b6f76d4840480eaaea6e2/detection
# Reference: https://www.virustotal.com/gui/file/1ad27ad6b7bf774718f53f56cac3ebd73bcb7c766480d0c1db7040308c5840d7/detection

http://103.161.34.97
103.161.34.97:3778
193.111.248.148:5003
193.111.248.148:8080

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-09-22)

http://121.127.34.110
http://185.142.53.6
103.161.34.97:45
103.168.67.128:3025
107.173.85.74:3545
134.122.40.184:16810
138.68.75.52:1337
139.59.247.93:16810
154.213.187.152:51321
154.216.20.94:59962
156.238.224.214:65535
157.245.110.224:16810
159.65.185.228:1400
159.65.185.228:1452
159.65.185.228:1521
159.65.185.228:1557
159.65.185.228:1565
159.65.185.228:1627
159.65.185.228:1643
159.65.185.228:16810
159.65.185.228:1723
159.65.185.228:1763
159.65.185.228:1801
159.65.185.228:1883
159.65.185.228:1911
159.65.185.228:1962
159.65.185.228:2000
159.65.185.228:2003
159.65.185.228:2004
159.65.185.228:2030
159.65.185.228:2031
159.65.185.228:2052
159.65.185.228:2053
159.65.185.228:2071
159.65.185.228:2077
159.65.185.228:2078
159.65.185.228:2079
159.65.185.228:2080
159.65.185.228:2082
159.65.185.228:2083
159.65.185.228:2086
159.65.185.228:2087
159.65.185.228:2095
159.65.185.228:2096
159.65.185.228:2169
159.65.185.228:2181
159.65.185.228:2210
159.65.185.228:2222
159.65.185.228:2281
159.65.185.228:2312
159.65.185.228:2323
159.65.185.228:2367
159.65.185.228:2375
159.65.185.228:2376
159.65.185.228:2377
159.65.185.228:2380
159.65.185.228:2384
159.65.185.228:2387
159.65.185.228:2404
159.65.185.228:2434
159.65.185.228:2443
159.65.185.228:2446
159.65.185.228:2455
159.65.185.228:2469
159.65.185.228:2475
167.172.52.2:16810
170.64.156.94:16810
172.234.244.102:1114
178.128.99.13:16810
185.106.123.68:1337
185.224.129.143:1337
185.45.194.44:16810
185.45.194.48:16810
185.82.200.108:1337
185.82.200.117:1337
188.166.33.193:1337
194.156.99.151:1337
194.36.191.14:1337
194.36.191.19:1337
195.66.213.107:18129
209.38.250.200:1317
209.38.250.200:1382
209.38.250.200:1436
209.38.250.200:1493
209.38.250.200:1504
209.38.250.200:1515
209.38.250.200:1521
209.38.250.200:16810
209.38.250.200:1696
209.38.250.200:1723
209.38.250.200:1738
209.38.250.200:1754
209.38.250.200:1801
209.38.250.200:1822
209.38.250.200:1883
209.38.250.200:1911
209.38.250.200:1952
209.38.250.200:1962
209.38.250.200:1967
209.38.250.200:2000
209.38.250.200:2003
209.38.250.200:2004
209.38.250.200:2048
209.38.250.200:2052
209.38.250.200:2053
209.38.250.200:2074
209.38.250.200:2077
209.38.250.200:2078
209.38.250.200:2079
209.38.250.200:2080
209.38.250.200:2082
209.38.250.200:2083
209.38.250.200:2086
209.38.250.200:2087
209.38.250.200:2095
209.38.250.200:2096
209.38.250.200:2131
209.38.250.200:2181
209.38.250.200:2197
209.38.250.200:2222
209.38.250.200:2226
209.38.250.200:2230
209.38.250.200:2250
209.38.250.200:2281
209.38.250.200:2323
209.38.250.200:2375
209.38.250.200:2376
209.38.250.200:2380
209.38.250.200:2404
209.38.250.200:2415
209.38.250.200:2443
209.38.250.200:2455
209.38.250.200:2525
45.12.134.48:1337
45.14.224.253:1337
45.144.30.199:1337
45.144.31.210:1337
45.66.231.185:38241
45.89.247.103:9506
45.89.247.147:33966
64.227.66.208:16810
64.227.88.113:16810
68.183.131.1:1337
68.183.41.104:1337
77.221.151.118:2545
91.92.242.77:51511
95.214.52.167:2222
95.214.52.167:45946
khashibd.ir
bb.khashibd.ir
cn.foxnointel.ru

# Reference: https://x.com/cyberfeeddigest/status/1838126115715494079
# Reference: https://www.virustotal.com/gui/file/00b090eca91c15635a20fa82caae30f0c9a7687f11ef3c70f4ab0a6a34c06159/detection

http://178.215.238.7
178.215.238.7:4258

# Reference: https://x.com/cyberfeeddigest/status/1838124397996941476
# Reference: https://www.virustotal.com/gui/file/543d7a878230f98cc85ff6aff89f9ad4a62d8959a54602380f611959f303f337/detection
# Reference: https://www.virustotal.com/gui/file/4a1bcbdb6caa8301d5d29ebcd17a55efafe8d4523f43c1ef2fb67dfa234f8665/detection
# Reference: https://www.virustotal.com/gui/file/2c9a3a51f99da3b763aa2d4c6fe5dc864020c7b034c44583d1401d1e40bede46/detection
# Reference: https://www.virustotal.com/gui/file/1ca4e6cd03da262b0e4b9bc99b595ab91ee601b6d9b9bcfb1ef6bd8cdbf617ea/detection

http://193.233.252.41
193.233.252.41:4258

# Reference: https://x.com/cyberfeeddigest/status/1838099567901814931
# Reference: https://www.virustotal.com/gui/file/a8fd8776d61abe9abdb91799f8c0a4ef5d9e7ccaadfb4cf0dca35a440c7ae41f/detection

http://185.157.247.125
185.93.221.112:45695
auschwitz.accesscam.org
hiroshima.accesscam.org
treblinka.camdvr.org

# Reference: https://x.com/cyberfeeddigest/status/1838214781695574172

http://103.230.121.12

# Reference: https://x.com/sicehice/status/1838251222400147803
# Reference: https://www.virustotal.com/gui/file/6214b97a6ca5c74da7fcc5590d247b17281050de54c1d927b2150da3721df054/detection

http://195.62.32.138
193.111.248.148:5005
195.62.32.138:45
/ebatsa
/miraigg.arc
/miraigg.arm
/miraigg.arm4
/miraigg.arm4l
/miraigg.arm4t
/miraigg.arm4tl
/miraigg.arm4tll
/miraigg.arm5
/miraigg.arm5l
/miraigg.arm5n
/miraigg.arm6
/miraigg.arm64
/miraigg.arm6l
/miraigg.arm7
/miraigg.arm7l
/miraigg.arm8
/miraigg.armv4
/miraigg.armv4l
/miraigg.armv5l
/miraigg.armv6
/miraigg.armv61
/miraigg.armv6l
/miraigg.armv7l
/miraigg.dbg
/miraigg.exploit
/miraigg.i4
/miraigg.i486
/miraigg.i586
/miraigg.i6
/miraigg.i686
/miraigg.kill
/miraigg.m68
/miraigg.m68k
/miraigg.mips
/miraigg.mips64
/miraigg.mipseb
/miraigg.mipsel
/miraigg.mpsl
/miraigg.pcc
/miraigg.powerpc
/miraigg.powerpc-440fp
/miraigg.powerppc
/miraigg.ppc
/miraigg.ppc2
/miraigg.ppc440
/miraigg.ppc440fp
/miraigg.root
/miraigg.root32
/miraigg.sh
/miraigg.sh4
/miraigg.sparc
/miraigg.spc
/miraigg.ssh4
/miraigg.x32
/miraigg.x64
/miraigg.x86
/miraigg.x86_32
/miraigg.x86_64

# Reference: https://x.com/banthisguy9349/status/1837406602757878263

http://104.131.131.50
http://104.131.237.245
http://139.162.105.67
http://14.176.160.169
http://141.98.11.136
http://147.182.177.199
http://147.182.183.138
http://149.248.44.196
http://154.216.19.58
http://154.216.19.77
http://154.216.20.75
http://154.216.20.75:85
http://157.245.211.201
http://159.203.71.79
http://172.233.66.152
http://173.255.230.192
http://181.41.196.10
http://198.98.62.237
http://2.56.214.40
http://2.57.122.121
http://209.105.242.216
http://209.141.42.202
http://212.227.160.44
http://216.126.231.33
http://23.228.72.18
http://38.60.253.15
http://45.11.92.17
http://45.140.192.221
http://45.142.104.70
http://45.202.35.87
http://45.202.35.94
http://45.32.126.172
http://45.55.115.133
http://45.77.247.71
http://45.79.100.217
http://45.79.190.114
http://50.116.26.12
http://66.70.242.174
http://68.183.74.40
http://79.124.49.158
http://85.209.133.91
http://87.121.112.42
http://87.121.112.46
http://89.22.237.50
http://93.123.85.159
echo-c2.kro.kr
unstatical.ctx.cl

# Reference: https://www.virustotal.com/gui/file/22a8d4d81c4072c1bac955d1e0db95d00d470309f4b82fdeb65a3dabae8bf2cc/detection

154.216.20.75:33966

# Reference: https://www.virustotal.com/gui/file/c6782cb4d4968522ad26728e9b326f8c4001d97f51379cffe56f4f6461862923/detection
# Reference: https://www.virustotal.com/gui/file/2e5760fbe3bdf4c23b30832a0db5b0096e3cabfbed85ffedc07a85c2f2a4e638/detection

14.225.203.65:42597
14.225.219.252:42597
legendsworld.cloud

# Reference: https://x.com/cyberfeeddigest/status/1838546989912350794

http://87.120.166.8

# Reference: https://pastebin.com/Wey7d3Kp

http://107.175.75.9
http://107.189.13.99
http://154.216.17.41
http://154.216.18.94
http://154.216.20.165
http://154.216.20.58
http://154.216.20.97
http://180.131.145.180
http://185.170.144.49
http://205.185.127.244
http://206.189.128.141
http://38.242.132.137
http://45.139.104.237
http://45.202.35.116
http://45.95.169.213
http://46.17.43.187
http://51.79.157.172
http://66.63.187.145
http://66.63.187.51
http://87.120.166.204
http://94.156.69.172
http://95.214.52.167
/Stokers.arc
/Stokers.arm
/Stokers.arm4
/Stokers.arm4l
/Stokers.arm4t
/Stokers.arm4tl
/Stokers.arm4tll
/Stokers.arm5
/Stokers.arm5l
/Stokers.arm5n
/Stokers.arm6
/Stokers.arm64
/Stokers.arm6l
/Stokers.arm7
/Stokers.arm7l
/Stokers.arm8
/Stokers.armv4
/Stokers.armv4l
/Stokers.armv5l
/Stokers.armv6
/Stokers.armv61
/Stokers.armv6l
/Stokers.armv7l
/Stokers.dbg
/Stokers.exploit
/Stokers.i4
/Stokers.i486
/Stokers.i586
/Stokers.i6
/Stokers.i686
/Stokers.kill
/Stokers.m68
/Stokers.m68k
/Stokers.mips
/Stokers.mips64
/Stokers.mipseb
/Stokers.mipsel
/Stokers.mpsl
/Stokers.pcc
/Stokers.powerpc
/Stokers.powerpc-440fp
/Stokers.powerppc
/Stokers.ppc
/Stokers.ppc2
/Stokers.ppc440
/Stokers.ppc440fp
/Stokers.root
/Stokers.root32
/Stokers.sh
/Stokers.sh4
/Stokers.sparc
/Stokers.spc
/Stokers.ssh4
/Stokers.x32
/Stokers.x64
/Stokers.x86
/Stokers.x86_32
/Stokers.x86_64

# Reference: https://www.virustotal.com/gui/file/d9c7cc12c71212d806a0927b9c55567d405ba070922337e60d80a9242839140f/detection
# Reference: https://www.virustotal.com/gui/file/5981a182e970835f7a25bc0ec4d36fcd97028e427bc07f2110c6cc7350723004/detection

hailcocks.ru

# Reference: https://x.com/BlinkzSec/status/1839371374596665368
# Reference: https://x.com/NDA0E/status/1839389673346703488
# Reference: https://www.virustotal.com/gui/file/069ecaeb0f4c9a2786c0bd61c3cc0d640afc86e597a9c7ced9aa29b1caee66ad/detection
# Reference: https://www.virustotal.com/gui/file/cf9a6c2b98446578da913f3cf666b85806750cbe0bfa0788faab8c648e8e0cea/detection

http://104.168.101.215
104.168.101.215:60195
5.255.125.247:4089

# Reference: https://www.virustotal.com/gui/file/5b986d3858b7f5eb5f0a540db6f03f2d69adeb90fe529a7b5ab78b80740e8427/detection

104.168.101.215:38241
wuchxhangchina.dyn

# Reference: https://x.com/s1dhy/status/1839413220580204852
# Reference: https://x.com/s1dhy/status/1840106110411567415
# Reference: https://x.com/s1dhy/status/1839969674856890474
# Reference: https://x.com/ShanHolo/status/1840059314519560410
# Reference: https://app.any.run/tasks/be568d58-6b29-4e5e-a849-67b01cdad701
# Reference: https://www.virustotal.com/gui/file/d7bece4b8b7eab33488a5ade41981d63f5217f5451d381daabc98758970a8282/detection
# Reference: https://www.virustotal.com/gui/file/ad7f80ce71ad756f3593489453bfa38035afc8e6e05d3fae63403c9a2e5772f3/detection

http://167.88.167.117
167.88.167.117:7777
167.88.167.117:9999
217.144.184.61:777
colombia-c2.wtf
infinyx.us
myonlinez.one
squadware.dev
cnc.squadware.dev
russia.infinyx.us
socket.infinyx.us
socket.squadware.dev

# Reference: https://www.virustotal.com/gui/file/0ba9825ffb0becfd532cb77e3762f6fc52a889a64c81ce48d6ef019cfe03d3a9/detection

79.110.62.233:8769

# Reference: https://www.virustotal.com/gui/file/58def77c32e06d85e5f746b9e44bd863d2314b657161f91a2c088d638d5eaeb2/detection

http://5.59.249.236
5.59.249.236:1024

# Reference: https://www.virustotal.com/gui/file/853a21647adb0750d2ea05b074500d44b4bc88e145632dacdef63e01e8b3fccf/detection

45.142.104.70:7687

# Reference: https://x.com/DaveLikesMalwre/status/1839771238358720641
# Reference: https://www.virustotal.com/gui/file/42b47ec45d22786dda22dfc46682a952e041d5c574d14accdf75879f2a75834e/detection

http://45.13.227.129
45.13.227.129:1312

# Reference: https://www.virustotal.com/gui/file/77f097b9d66fbc73a0b20169c59432c43035c676357b586280d7dc7b97c8ed90/detection
# Reference: https://www.virustotal.com/gui/file/0481d7b1de73084c41cc1fdea2c3eabf4aad5113cde6559bfbc3dffae90de061/detection
# Reference: https://www.virustotal.com/gui/file/caa969a579345609841c57341ce2f747bfb7730ad4d57f7cbcd3de2e2f46dffb/detection

http://103.28.35.146
103.28.35.146:1995
loctajima.website
cnc.loctajima.website

# Reference: https://pastebin.com/8yBsZAjj

http://1.92.146.107
http://103.149.87.69
http://103.28.35.146
http://107.172.60.29
http://116.103.228.193
http://154.216.19.99
http://154.216.20.109
http://157.10.45.143
http://185.157.247.125
http://194.120.230.54
http://209.105.242.216
http://209.141.42.202
http://209.141.47.218
http://216.126.231.33
http://216.126.231.41
http://37.44.238.66
http://37.44.238.82
http://45.11.92.17
http://45.86.155.64
http://45.95.169.213
http://5.59.248.127
http://5.59.249.210
http://5.59.249.232
http://5.59.249.236
http://94.156.177.119
http://94.156.68.181

# Reference: https://www.virustotal.com/gui/file/00023a6aac15142f714c0e6c63cffea7e508cb0f856e01af73e88e06f2b25d21/detection

aaad.ru
aaaf.ru
aaec.ru
aakb.ru
aald.ru
abal.ru
abkb.ru
acac.ru
accl.ru
aclb.ru
aclk.ru
adaa.ru
adbl.ru
adea.ru
aded.ru
aekb.ru
afed.ru
afkc.ru
aflb.ru
akea.ru
akfl.ru
aklc.ru
aldl.ru
baab.ru
baae.ru
baaf.ru
baec.ru
bbfc.ru
bbll.ru
bcbl.ru
bcek.ru
bfcc.ru
bfec.ru
bkak.ru
bkbk.ru
cbak.ru
cbba.ru
ccka.ru
ccle.ru
cdab.ru
cdla.ru
cebe.ru
cebf.ru
ckaf.ru
daac.ru
dadc.ru
dcdk.ru
dcfl.ru
ddal.ru
decc.ru
dfff.ru
dkea.ru
eaak.ru
eafa.ru
eafk.ru
ebae.ru
eblk.ru
eeef.ru
eekk.ru
efaa.ru
efka.ru
eflb.ru
facb.ru
fafb.ru
falf.ru
fbaa.ru
fbda.ru
fbek.ru
fcba.ru
fcka.ru
fdcd.ru
fecf.ru
fedb.ru
flea.ru
kaaa.ru
kaad.ru
kacl.ru
kbdb.ru
kbka.ru
kdac.ru
kdee.ru
keaa.ru
kfkk.ru
kkca.ru
klek.ru
lakk.ru
lcfl.ru
ldae.ru
ldfa.ru
leal.ru
lfaa.ru
lkak.ru

# Reference: https://x.com/banthisguy9349/status/1841204815042408529

valapedia.com

# Reference: https://www.virustotal.com/gui/file/a170305b30a7bf472934618ee694509364ad28c1640fd90b41bc95764c9bd56e/detection
# Reference: https://www.virustotal.com/gui/file/5102c963761bf35b052424b2ba500575ffd9d2ba616f4bcc8e92eceb352abff8/detection

157.10.45.127:1995
157.10.45.143:1995
bott.ddns.net

# Reference: https://www.virustotal.com/gui/file/7e767b338553b83f46769279b6eba7cd9d0bac3a24b03d29f13649be52526385/detection

weoweo.site

# Reference: https://x.com/RacWatchin8872/status/1842588082023047598

http://45.88.88.76

# Reference: https://urlhaus.abuse.ch/url/3215893/
# Reference: https://urlhaus.abuse.ch/host/45.156.25.175

http://45.156.25.175
45.156.25.175:8008

# Reference: https://www.virustotal.com/gui/file/f7f0f73e78804cb099544f158e42af2848e9cdd0422cab54c1c2bd52752d781e/detection

dlink.cfd
frank.dlink.cfd

# Reference: https://x.com/banthisguy9349/status/1842867594295972303
# Reference: https://www.virustotal.com/gui/file/88cadb11666c25436621b24c9713b176165e84f3b5b7e2e3388fe25dd7aa0149/detection

37.202.49.118:56648

# Reference: https://x.com/banthisguy9349/status/1842867594295972303
# Reference: https://www.virustotal.com/gui/file/fccdcd3ce85cd5a109a46fea58ecf670dd26d9ce36262c912b82b2064be7549f/detection

103.96.130.75:5681

# Reference: https://x.com/banthisguy9349/status/1842867594295972303
# Reference: https://www.virustotal.com/gui/file/d114f599e25e5b5075900d80b247ff09670d1776c9bb06579ed3fca2bc3cc408/detection

103.96.130.75:5680

# Reference: https://www.virustotal.com/gui/file/889d80b74f334ff6e59fc6adc513fa255efa7de1608939b30e10e82d20d0a38c/detection

http://91.200.103.117
91.200.103.117:23561
gowogle.xyz
kreuzfahrt-radar.de
yi0key.heleh.com.vn
/bolubotnetarc
/bolubotnetarm
/bolubotnetarm4
/bolubotnetarm4l
/bolubotnetarm4t
/bolubotnetarm4tl
/bolubotnetarm4tll
/bolubotnetarm5
/bolubotnetarm5l
/bolubotnetarm5n
/bolubotnetarm6
/bolubotnetarm64
/bolubotnetarm6l
/bolubotnetarm7
/bolubotnetarm7l
/bolubotnetarm8
/bolubotnetarmv4
/bolubotnetarmv4l
/bolubotnetarmv5l
/bolubotnetarmv6
/bolubotnetarmv61
/bolubotnetarmv6l
/bolubotnetarmv7l
/bolubotnetdbg
/bolubotnetexploit
/bolubotneti4
/bolubotneti486
/bolubotneti586
/bolubotneti6
/bolubotneti686
/bolubotnetkill
/bolubotnetm68
/bolubotnetm68k
/bolubotnetmips
/bolubotnetmips64
/bolubotnetmipseb
/bolubotnetmipsel
/bolubotnetmpsl
/bolubotnetpcc
/bolubotnetpowerpc
/bolubotnetpowerpc-440fp
/bolubotnetpowerppc
/bolubotnetppc
/bolubotnetppc2
/bolubotnetppc440
/bolubotnetppc440fp
/bolubotnetroot
/bolubotnetroot32
/bolubotnetsh
/bolubotnetsh4
/bolubotnetsparc
/bolubotnetspc
/bolubotnetssh4
/bolubotnetx32
/bolubotnetx64
/bolubotnetx86
/bolubotnetx86_32
/bolubotnetx86_64

# Reference: https://x.com/sicehice/status/1843020622613684425
# Reference: https://x.com/banthisguy9349/status/1845537942942388612
# Reference: https://www.virustotal.com/gui/file/134892ef9740547bf6bdcc0fa21552d65c33affb45d453d0fa142f7926a53efc/detection
# Reference: https://www.virustotal.com/gui/file/098331f76281660cc052b13027fef8ce517cfa18ea75e657ade30a2d0a385b47/detection
# Reference: https://www.virustotal.com/gui/file/3e14f398ea57c363dc607205303e3e91f0770f894eac3d032684c2277e08d69b/detection
# Reference: https://www.virustotal.com/gui/file/f4c6c78133a5ee74725fb280414427441a8f2918744bf6fa87cdc8df6a27a9f4/detection
# Reference: https://www.virustotal.com/gui/file/e6bf8fd4ed306a4f026c4b1bd6b28da13cb55a356daf87f6a72c748f0978b6dd/detection

http://45.137.198.204
http://45.95.169.122
http://57.129.51.86
http://93.123.85.176
http://93.123.85.253
57.129.51.86:4258
93.123.85.176:43957
93.123.85.176:4444
93.123.85.253:5812
/botpilled/rbot

# Reference: https://x.com/sicehice/status/1843689384673194036
# Reference: https://www.virustotal.com/gui/file/1a1765dc2fa88772ebfb4c16796297d90eee84329b9a1b299c24d9532dfcd7af/detection

http://172.235.166.10
194.120.230.54:57899
merisprivate.net
cnc.merisprivate.net

# Reference: https://www.virustotal.com/gui/file/f0429d35186a2a5b22314850ce75f0ee957d00d61d4958049a7ac59575971737/detection

194.120.230.54:3778
ziparchive.xyz
cnc.ziparchive.xyz
/ttssgg.arc
/ttssgg.arm
/ttssgg.arm4
/ttssgg.arm4l
/ttssgg.arm4t
/ttssgg.arm4tl
/ttssgg.arm4tll
/ttssgg.arm5
/ttssgg.arm5l
/ttssgg.arm5n
/ttssgg.arm6
/ttssgg.arm64
/ttssgg.arm6l
/ttssgg.arm7
/ttssgg.arm7l
/ttssgg.arm8
/ttssgg.armv4
/ttssgg.armv4l
/ttssgg.armv5l
/ttssgg.armv6
/ttssgg.armv61
/ttssgg.armv6l
/ttssgg.armv7l
/ttssgg.dbg
/ttssgg.exploit
/ttssgg.i4
/ttssgg.i486
/ttssgg.i586
/ttssgg.i6
/ttssgg.i686
/ttssgg.kill
/ttssgg.m68
/ttssgg.m68k
/ttssgg.mips
/ttssgg.mips64
/ttssgg.mipseb
/ttssgg.mipsel
/ttssgg.mpsl
/ttssgg.pcc
/ttssgg.powerpc
/ttssgg.powerpc-440fp
/ttssgg.powerppc
/ttssgg.ppc
/ttssgg.ppc2
/ttssgg.ppc440
/ttssgg.ppc440fp
/ttssgg.root
/ttssgg.root32
/ttssgg.sh
/ttssgg.sh4
/ttssgg.sparc
/ttssgg.spc
/ttssgg.ssh4
/ttssgg.x32
/ttssgg.x64
/ttssgg.x86
/ttssgg.x86_32
/ttssgg.x86_64

# Reference: https://x.com/sicehice/status/1843692568682635432
# Reference: https://www.virustotal.com/gui/file/b64cf24fb2954b871fea20c34b0c14130bc3f919a674deb58682f9ce5760cbbf/detection

http://37.221.93.146
37.221.93.146:3778

# Reference: https://x.com/malwrhunterteam/status/1844287504373121136
# Reference: https://www.virustotal.com/gui/file/751e301f537391ceadf69029c410dccd21c129bff563fedbeddfcf874051c51d/detection
# Reference: https://www.virustotal.com/gui/file/086d630b8c97e1311014a3afa33e8c501880e68f0096f2dc849ccb27de20220c/detection

45.66.231.93:1418

# Reference: https://www.virustotal.com/gui/file/1e137e83857a5d3a15be0ee3dcae96a6431f2ab8212e008516c335668fdfc131/detection

45.95.169.213:1312

# Reference: https://www.virustotal.com/gui/file/7dafaee4c6dc91a023a6882f75d3b4c4404261d21e769043d9d19db88172b91a/detection

http://93.123.109.160
93.123.109.160:3778

# Reference: https://x.com/DaveLikesMalwre/status/1845956911646363882
# Reference: https://www.virustotal.com/gui/file/2db7afae0ee8e3752773e31698e4f0d16cd0f3cc9ed417b6ed709670cf668cb0/detection

192.142.103.82:6668
192.142.103.82:8000
shinju-networks.net
cnc.shinju-networks.net

# Reference: https://x.com/redrabytes/status/1849337367863189820

141.98.10.116:53648
154.213.187.58:48920
novo.geek
novoline.pirate
novoline.top
s1.novo.geek
s1.novoline.pirate
s1.novoline.top

# Reference: https://x.com/banthisguy9349/status/1849706028192969215

185.196.10.215:12234

# Reference: https://urlhaus.abuse.ch/host/167.172.21.155/
# Reference: https://www.virustotal.com/gui/file/b7f58be94a00ece9cff690df9808c0d3e9afd67cf7a4e5a11c56137415dadd64/detection
# Reference: https://www.virustotal.com/gui/file/5175d4bb0ba9d1ed5c3cb0c56981176a3e5789990d64db78f24557ec417d111e/detection

http://167.172.21.155
167.172.21.155:8443

# Reference: https://x.com/banthisguy9349/status/1850493968796053775

129.146.248.40:8986
154.213.185.248:666
185.196.10.71:2222
209.141.42.202:666
5.59.248.145:1024
51.38.128.242:9999
64.235.37.140:1024
80.75.212.206:1024
87.120.113.3:9999
93.123.85.205:9999

# Reference: https://www.virustotal.com/gui/file/c273fe827f96691b4bfa85f726d77b3a4dc86547510c97a653477c4e13cf814a/detection

http://45.141.59.178

# Reference: https://x.com/DaveLikesMalwre/status/1851273296014139805
# Reference: https://www.virustotal.com/gui/file/269ecbe3404d1e87d0b91b31e798cef6938a7a2b80596532b407b69e03829f97/detection
# Reference: https://www.virustotal.com/gui/file/3477d69a75de32d0f3b274e9ed19e4fa477cefb29c9d1f3aca8cc45b363dbbce/detection

http://94.156.68.148
5.181.80.77:38241

# Reference: https://www.virustotal.com/gui/file/653a7a3181df45a7dbc941ba69eb2222cd2cad79179f440e06dc27160ef5bad9/detection
# Reference: https://www.virustotal.com/gui/file/1228abc41baf27e1f5b6c64471c2f638232c9fa9318ce7d5d847d24992560875/detection

http://45.95.147.226

# Reference: https://www.virustotal.com/gui/ip-address/194.169.175.201/relations
# Reference: https://www.virustotal.com/gui/file/a07c9436161194b02e7c1bbf10feda1940f663b0e651fb8cf09ee2b2e5f47abf/detection
# Reference: https://www.virustotal.com/gui/file/0f65f0f0402082bcf36a52da0b019fe8cd394fc20f29702cde750e401a1cd02d/detection

http://194.169.175.201
194.169.175.201:21
194.169.175.201:52136
194.169.175.201:12814
monke.re
gayporn.accesscam.org

# Reference: https://x.com/DaveLikesMalwre/status/1851273296014139805
# Reference: https://app.validin.com/detail?type=dom&find=ftpget.sh#tab=host_pairs

http://185.150.24.68
http://185.224.128.31
185-150-24-67.cprapid.com
185-150-24-68.cprapid.com
bmzbaumaschinen.com
imamba.eu
loadapi1.com
mg-plant.com
search-blp.net
search-cht.net
search-dl1.com
search-dl2.com
search-dl3.com
search-dur.com
search-fst.com
search-gld.com
search-grd.com
search-hoj.com
search-hrd.com
search-jrd.com
search-mnt.com
search-slv.com
search-spd.com
search-st1.com
search-sug.com
search-syt.com
spainparkvillas.com
zxload1.com
js1.search-st1.com
srch1.cmailhost.net
vpn911645173.softether.net

# Reference: https://www.virustotal.com/gui/file/e10fbcbbc7d7dff1927da0e63e1ac9811ff240e0d255aaf9e737d49bb9a0502f/detection
# Reference: https://www.virustotal.com/gui/file/4e1a25596870905b60774f1138990fc857f01e2e65b2857051ab3b95e5a2e3d4/detection

85.209.134.186:1302

# Reference: https://www.virustotal.com/gui/file/7c7296d7076f70b80e700d03036c549ce0115e223f9dda9b6584d3fcb95aab88/detection

85.209.134.186:1312

# Reference: https://x.com/malwrhunterteam/status/1852327034330005724

lmkejukaacko2tjb64fsmscpzeozfen3t5xvtllaxe2m7btp2matkaad.onion

# Reference: https://x.com/banthisguy9349/status/1852374001324089807
# Reference: https://www.virustotal.com/gui/file/fda5b9edbcf08c705f11c5e097d30fd2638715264859ffe70fb778224f22e0be/detection

http://194.163.169.206
178.18.253.119:1337
194.163.169.206:443
anycon.publicvm.com
/botnets/thunderLoader/

# Reference: https://x.com/redrabytes/status/1853037472097144890
# Reference: https://www.virustotal.com/gui/file/2d6a74d933d9df527ee3731142168529500d0287e705f998d69549ed1127f0b7/detection

http://85.95.173.28
85.95.173.28:1995
mirailover.ddns.net

# Reference: https://x.com/0x6rss/status/1854430628311159041
# Reference: https://www.virustotal.com/gui/file/98bbe9f9955cd1a311a032cabb0bf99f6b9a17968f6b02fdc667caca28998dc4/detection
# Reference: https://www.virustotal.com/gui/file/545bd0db3deb31a498aba5ccb32dfa8e0a477f01f707c4df16f9a3f3b308d3ff/detection

http://157.173.118.27
157.173.118.27:3778
/ub8ehJSePAfc9FYqZIT6.arc
/ub8ehJSePAfc9FYqZIT6.arm
/ub8ehJSePAfc9FYqZIT6.arm4
/ub8ehJSePAfc9FYqZIT6.arm4l
/ub8ehJSePAfc9FYqZIT6.arm4t
/ub8ehJSePAfc9FYqZIT6.arm4tl
/ub8ehJSePAfc9FYqZIT6.arm4tll
/ub8ehJSePAfc9FYqZIT6.arm5
/ub8ehJSePAfc9FYqZIT6.arm5l
/ub8ehJSePAfc9FYqZIT6.arm5n
/ub8ehJSePAfc9FYqZIT6.arm6
/ub8ehJSePAfc9FYqZIT6.arm64
/ub8ehJSePAfc9FYqZIT6.arm6l
/ub8ehJSePAfc9FYqZIT6.arm7
/ub8ehJSePAfc9FYqZIT6.arm7l
/ub8ehJSePAfc9FYqZIT6.arm8
/ub8ehJSePAfc9FYqZIT6.armv4
/ub8ehJSePAfc9FYqZIT6.armv4l
/ub8ehJSePAfc9FYqZIT6.armv5l
/ub8ehJSePAfc9FYqZIT6.armv6
/ub8ehJSePAfc9FYqZIT6.armv61
/ub8ehJSePAfc9FYqZIT6.armv6l
/ub8ehJSePAfc9FYqZIT6.armv7l
/ub8ehJSePAfc9FYqZIT6.dbg
/ub8ehJSePAfc9FYqZIT6.exploit
/ub8ehJSePAfc9FYqZIT6.i4
/ub8ehJSePAfc9FYqZIT6.i486
/ub8ehJSePAfc9FYqZIT6.i586
/ub8ehJSePAfc9FYqZIT6.i6
/ub8ehJSePAfc9FYqZIT6.i686
/ub8ehJSePAfc9FYqZIT6.kill
/ub8ehJSePAfc9FYqZIT6.m68
/ub8ehJSePAfc9FYqZIT6.m68k
/ub8ehJSePAfc9FYqZIT6.mips
/ub8ehJSePAfc9FYqZIT6.mips64
/ub8ehJSePAfc9FYqZIT6.mipseb
/ub8ehJSePAfc9FYqZIT6.mipsel
/ub8ehJSePAfc9FYqZIT6.mpsl
/ub8ehJSePAfc9FYqZIT6.pcc
/ub8ehJSePAfc9FYqZIT6.powerpc
/ub8ehJSePAfc9FYqZIT6.powerpc-440fp
/ub8ehJSePAfc9FYqZIT6.powerppc
/ub8ehJSePAfc9FYqZIT6.ppc
/ub8ehJSePAfc9FYqZIT6.ppc2
/ub8ehJSePAfc9FYqZIT6.ppc440
/ub8ehJSePAfc9FYqZIT6.ppc440fp
/ub8ehJSePAfc9FYqZIT6.root
/ub8ehJSePAfc9FYqZIT6.root32
/ub8ehJSePAfc9FYqZIT6.sh
/ub8ehJSePAfc9FYqZIT6.sh4
/ub8ehJSePAfc9FYqZIT6.sparc
/ub8ehJSePAfc9FYqZIT6.spc
/ub8ehJSePAfc9FYqZIT6.ssh4
/ub8ehJSePAfc9FYqZIT6.x32
/ub8ehJSePAfc9FYqZIT6.x64
/ub8ehJSePAfc9FYqZIT6.x86
/ub8ehJSePAfc9FYqZIT6.x86_32
/ub8ehJSePAfc9FYqZIT6.x86_64

# Reference: https://x.com/banthisguy9349/status/1854809251731915065
# Reference: https://www.virustotal.com/gui/file/fe51452dc0b3f7c1446dad0ead61377fdcb22c49897c900d1aec006b3fee8724/detection

209.126.0.207:4258
209.126.0.207:8080
/bgiegeir.arc
/bgiegeir.arm
/bgiegeir.arm4
/bgiegeir.arm4l
/bgiegeir.arm4t
/bgiegeir.arm4tl
/bgiegeir.arm4tll
/bgiegeir.arm5
/bgiegeir.arm5l
/bgiegeir.arm5n
/bgiegeir.arm6
/bgiegeir.arm64
/bgiegeir.arm6l
/bgiegeir.arm7
/bgiegeir.arm7l
/bgiegeir.arm8
/bgiegeir.armv4
/bgiegeir.armv4l
/bgiegeir.armv5l
/bgiegeir.armv6
/bgiegeir.armv61
/bgiegeir.armv6l
/bgiegeir.armv7l
/bgiegeir.dbg
/bgiegeir.exploit
/bgiegeir.i4
/bgiegeir.i486
/bgiegeir.i586
/bgiegeir.i6
/bgiegeir.i686
/bgiegeir.kill
/bgiegeir.m68
/bgiegeir.m68k
/bgiegeir.mips
/bgiegeir.mips64
/bgiegeir.mipseb
/bgiegeir.mipsel
/bgiegeir.mpsl
/bgiegeir.pcc
/bgiegeir.powerpc
/bgiegeir.powerpc-440fp
/bgiegeir.powerppc
/bgiegeir.ppc
/bgiegeir.ppc2
/bgiegeir.ppc440
/bgiegeir.ppc440fp
/bgiegeir.root
/bgiegeir.root32
/bgiegeir.sh
/bgiegeir.sh4
/bgiegeir.sparc
/bgiegeir.spc
/bgiegeir.ssh4
/bgiegeir.x32
/bgiegeir.x64
/bgiegeir.x86
/bgiegeir.x86_32
/bgiegeir.x86_64

# Reference: https://pastebin.com/Rbk2BXdJ

http://103.192.179.5
http://109.120.137.19
http://143.47.38.152
http://154.205.134.248
http://154.216.16.108
http://154.216.16.127
http://162.245.221.12
http://178.215.238.198
http://191.96.235.65
http://193.84.71.119
http://194.233.65.110
http://198.12.107.126
http://209.141.52.86
http://209.141.54.46
http://217.114.43.149
http://31.13.224.244
http://45.124.95.225
http://45.125.66.103
http://45.221.97.86
http://64.235.37.140
http://82.55.220.172
http://87.120.116.226
http://91.149.233.17
http://94.156.177.146
http://95.164.4.65
85-95-173-28.saransk.ru
bot.proy.lol
byte-main-cnc.n-e.kr
chrismccaw.net
cnc.carteldesinaloa.ru
proy.lol
selfrep.carteldesinaloa.ru
sqdqsdsq.com

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-11-10)

107.172.60.29:666
107.175.31.202:1024
134.122.40.184:4444
138.197.141.146:11450
138.197.141.146:11991
138.197.141.146:1299
138.197.141.146:13554
138.197.141.146:17569
138.197.141.146:18137
138.197.141.146:18232
138.197.141.146:21792
138.197.141.146:22146
138.197.141.146:25265
138.197.141.146:4444
138.197.141.146:6559
138.197.141.146:9604
138.197.155.229:11450
138.197.155.229:11991
138.197.155.229:1307
138.197.155.229:13554
138.197.155.229:17569
138.197.155.229:18137
138.197.155.229:18232
138.197.155.229:21792
138.197.155.229:22146
138.197.155.229:25265
138.197.155.229:4444
138.197.155.229:6559
138.197.155.229:9604
138.197.7.36:11450
138.197.7.36:11991
138.197.7.36:1297
138.197.7.36:13554
138.197.7.36:17569
138.197.7.36:18137
138.197.7.36:18232
138.197.7.36:21792
138.197.7.36:22146
138.197.7.36:25265
138.197.7.36:4444
138.197.7.36:6559
138.197.7.36:9604
138.68.66.39:11450
138.68.66.39:11991
138.68.66.39:1296
138.68.66.39:13554
138.68.66.39:17569
138.68.66.39:18137
138.68.66.39:18232
138.68.66.39:21792
138.68.66.39:22146
138.68.66.39:25265
138.68.66.39:4444
138.68.66.39:6559
138.68.66.39:9604
139.59.247.93:11450
139.59.247.93:11991
139.59.247.93:1306
139.59.247.93:13554
139.59.247.93:17569
139.59.247.93:18137
139.59.247.93:18232
139.59.247.93:21792
139.59.247.93:22146
139.59.247.93:25265
139.59.247.93:4444
139.59.247.93:6559
139.59.247.93:9604
139.59.59.19:11450
139.59.59.19:11991
139.59.59.19:1303
139.59.59.19:13554
139.59.59.19:17569
139.59.59.19:18137
139.59.59.19:18232
139.59.59.19:21792
139.59.59.19:22146
139.59.59.19:25265
139.59.59.19:4444
139.59.59.19:6559
139.59.59.19:9604
141.98.10.116:48920
141.98.11.122:25596
147.45.42.138:3778
152.89.170.31:38241
154.216.16.38:59962
154.216.18.230:59962
154.216.19.139:199
154.216.19.64:3778
154.216.20.119:777
154.216.20.130:3778
154.216.20.45:59962
154.216.20.58:1500
154.216.20.75:9506
157.245.110.224:11450
157.245.110.224:11991
157.245.110.224:1290
157.245.110.224:13554
157.245.110.224:17569
157.245.110.224:18137
157.245.110.224:18232
157.245.110.224:21792
157.245.110.224:22146
157.245.110.224:25265
157.245.110.224:4444
157.245.110.224:6559
157.245.110.224:9604
159.65.185.228:4444
160.22.160.59:1312
165.22.62.189:11450
165.22.62.189:11991
165.22.62.189:1292
165.22.62.189:13554
165.22.62.189:17569
165.22.62.189:18137
165.22.62.189:18232
165.22.62.189:21792
165.22.62.189:22146
165.22.62.189:25265
165.22.62.189:4444
165.22.62.189:6559
165.22.62.189:9604
167.172.52.2:4444
170.64.156.94:4444
178.128.99.13:11450
178.128.99.13:11991
178.128.99.13:1320
178.128.99.13:13554
178.128.99.13:17569
178.128.99.13:18137
178.128.99.13:18232
178.128.99.13:21792
178.128.99.13:22146
178.128.99.13:25265
178.128.99.13:4444
178.128.99.13:6559
178.128.99.13:9604
178.215.238.7:1488
185.117.72.139:11450
185.117.72.139:11991
185.117.72.139:1323
185.117.72.139:13554
185.117.72.139:17569
185.117.72.139:18137
185.117.72.139:18232
185.117.72.139:21792
185.117.72.139:22146
185.117.72.139:25265
185.117.72.139:4444
185.117.72.139:6559
185.117.72.139:9604
185.117.72.140:11450
185.117.72.140:11991
185.117.72.140:1299
185.117.72.140:13554
185.117.72.140:17569
185.117.72.140:18137
185.117.72.140:18232
185.117.72.140:21792
185.117.72.140:22146
185.117.72.140:25265
185.117.72.140:4444
185.117.72.140:6559
185.117.72.140:9604
185.117.73.73:4444
185.174.135.118:1302
185.183.98.241:4444
185.45.194.44:4444
185.45.194.48:4444
192.227.146.254:302
193.124.205.33:1985
193.124.205.75:1985
193.143.1.59:38242
194.120.230.54:118
198.12.107.126:1302
198.12.107.126:1420
204.48.21.45:1312
209.141.47.218:666
209.200.246.150:10019
209.38.250.200:4444
213.130.144.69:33966
217.15.161.176:73
31.172.83.15:3778
37.221.93.101:3778
45.139.104.161:3778
45.142.104.70:8713
45.148.10.51:1345
45.221.97.86:57899
45.88.88.55:9506
45.95.169.213:1337
46.23.108.109:1303
46.23.108.109:4444
46.23.108.110:1317
46.23.108.110:4444
46.23.108.111:1313
46.23.108.111:4444
46.23.108.159:1345
46.23.108.161:1521
46.23.108.58:1521
46.23.108.61:1521
46.23.108.62:1521
46.23.108.64:1431
46.23.108.65:1312
46.8.229.204:9999
5.59.248.145:61231
5.59.249.232:1337
64.227.66.208:4444
64.227.88.113:4444
66.63.187.195:1999
67.220.95.213:1290
69.165.65.90:118
77.90.22.54:8008
79.133.46.243:9931
81.161.238.213:1999
85.239.34.134:51515
87.120.114.147:1999
87.120.114.147:3778
87.120.84.248:38242
91.142.77.79:5555
91.208.184.54:56744
92.249.48.53:1337
93.123.39.105:38241
93.123.85.123:9931
93.123.85.138:3778
93.123.85.190:1312
93.123.85.19:23
93.123.85.236:999
93.123.85.38:3778
94.156.105.122:2711
94.156.177.146:1999
94.156.69.121:31337
bsktem.online
byeux.com
cnc.ghtyuio.online
dico-inside.com
dump.hduak.site
fgwe.myvnc.com
ghtyuio.online
hduak.site
iholdtelnet.com
myway-ing.win
novo.doxbin.top
omg.rekugg.pro
rekugg.pro
server.dico-inside.com
server.myway-ing.win
skt.bsktem.online
srv1.pty.su
srv10.pty.su
srv2.pty.su
srv3.pty.su
srv4.pty.su
srv5.pty.su
srv6.pty.su
srv7.pty.su
srv8.pty.su
srv9.pty.su

# Reference: https://www.virustotal.com/gui/file/4ed1ec71c295f24fe2c38868ffd6abf4c7acc86f2ac7a90e90eae608f22e4c12/detection
# Reference: https://www.virustotal.com/gui/file/5198fcf4f8967a8273abe7cd1653fdf9ca5ee7e7ff8bd2455cd97670262bc6b4/detection

159.100.18.123:1995
abcyxz.lol
botnet.abcyxz.lol

# Reference: https://www.virustotal.com/gui/file/f4ce999ef12ba344cdf3b71af0f6f00ce2e8532ab3f15cc9684c298b080bfe35/detection
# Reference: https://www.virustotal.com/gui/file/eeb356fe38c955c5b4473b2aa24f0804c4c37f3b353ee27f7eb539928f83a0cb/detection
# Reference: https://www.virustotal.com/gui/file/371cfba4903da01d947097dd9e21e7633b739ae45b9617bd32449d8fa4730935/detection

20.6.130.111:1995
minebeo.fun
botnet.minebeo.fun

# Reference: https://www.virustotal.com/gui/file/acdae055535004f2d762e4c82c1737f45e3fb0e6711714dd50e0c5d54330f250/detection

45.142.182.93:59666
joskekurwa.xyz
botnet.joskekurwa.xyz

# Reference: https://app.validin.com/detail?find=Login%20-%20Nosviak4&type=raw&ref_id=50c6e2ad34a#tab=host_pairs (# 2024-11-14)

api-zurgc2.site
tsuki-solutions.cc
ip197.ip-51-81-100.us

# Reference: https://x.com/DaveLikesMalwre/status/1857555894944342385

http://31.59.128.10

# Reference: https://x.com/SecureSh3ll/status/1858967662841544981
# Reference: https://www.virustotal.com/gui/file/1865a100428c9b645abffe55437581f0251e4d5e11f26c796e5393c4ea968c05/detection

http://87.120.117.252
87.120.117.252:2222
87.120.117.252:33563
104d.hldns.ru

# Reference: https://x.com/SecureSh3ll/status/1860751506296774774

http://154.216.17.126
154.216.17.126:8021

# Reference: https://www.virustotal.com/gui/file/788f59e0e22d494bbacd83d374f28ea4d745743fa472998c056f67d696e88c13/detection
# Reference: https://www.virustotal.com/gui/file/5dbb72873be4e5e56061bd79326c2ff3ff0cb78279ee7bd57d1740dfdf2b6a06/detection
# Reference: https://www.virustotal.com/gui/file/35de4876c5db45349314243f24a11dd5adce2852dd6f1d36fde1dbfb5ef6e7f3/detection

http://154.216.17.109
154.216.16.109:33966
eye-network.ru
bbos.eye-network.ru
cloud.eye-network.ru
files.eye-network.ru
files1.eye-network.ru
ksdjwi.eye-network.ru
raw.eye-network.ru
server.eye-network.ru
server1.eye-network.ru
server2.eye-network.ru
server3.eye-network.ru
server4.eye-network.ru
server5.eye-network.ru

# Reference: https://x.com/redrabytes/status/1861022012895862890

http://45.125.66.203
154.213.187.213:38241
154.213.187.214:38241
154.213.187.242:38241
154.213.187.245:38241
154.213.187.247:38241
154.213.187.248:38241
154.213.187.249:38241
46.23.108.18:6060

# Reference: https://x.com/redrabytes/status/1861503862869283036

http://64.235.45.196
64.235.37.140:21
64.235.45.196:3778
/ohsh!t.sh

# Reference: https://x.com/redrabytes/status/1861544101994254702
# Reference: https://www.virustotal.com/gui/file/c3e0eda12e6532f3a3e412414cde013ae42ed57143500fb2bea7533afdfc7215/detection

http://87.120.117.3
87.120.117.3:6666

# Reference: https://x.com/TuringAlex/status/1861377303910965562
# Reference: https://www.virustotal.com/gui/file/5779d092402d7a9df85972d0d20245b335d67619a7e5761e6ee36b9e28b6880e/detection
# Reference: https://www.virustotal.com/gui/file/72538cf93bf2a84628eb4755566758f93a6ed395b7375bb06ea62933833773d0/detection
# Reference: https://www.virustotal.com/gui/file/72821513d59d491f13d5fdcb36fc311d202da0b876079c38e21ba77422e7781c/detection
# Reference: https://www.virustotal.com/gui/file/eeaeeef2dffd35994b6009c63922bd60a57446e30b2b4dfe8e0683efef39b7e1/detection

77.232.39.3:8001
77.232.40.10:8001
77.232.42.52:8001
77.232.43.100:8001
cve-2021-36260.ru

# Reference: https://x.com/DaveLikesMalwre/status/1861567719004410271
# Reference: https://www.virustotal.com/gui/file/6b9b184965b98407c98536a87cb0b8272ccc28713f80531b5c5221b2630fac3b/detection

http://45.125.66.90

# Reference: https://x.com/redrabytes/status/1862007168309907485

154.216.20.149:777
193.111.248.45:6969
213.199.41.149:3778
216.126.231.240:1944
45.200.148.215:666
51.120.244.179:1791

# Reference: https://www.virustotal.com/gui/file/079b0a7465219254df866a1bbc0bb9066b7c0600a8423e485d30c00dbed62428/detection

211.195.178.55:7547
47.197.201.18:7547

# Reference: https://x.com/DaveLikesMalwre/status/1863377690956362100
# Reference: https://app.validin.com/detail?find=Login%20-%20Nosviak4&type=raw&ref_id=c4d2d238c14#tab=host_pairs (# 2024-12-02)

noircrypt.studio
stringlog-auth4693.zzux.com
stringlog-auth4696.zzux.com
stringlog-auth4697.zzux.com
stringlog-auth4703.zzux.com
stringlog-auth4704.zzux.com
stringlog-auth4710.zzux.com
stringlog-auth4711.zzux.com
stringlog-auth4719.zzux.com

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2024-12-02)

http://45.149.241.12
http://89.22.230.162
103.136.150.114:1311
103.136.150.114:2345
107.189.8.204:1311
107.189.8.204:2345
154.213.187.206:1311
154.213.187.68:6075
154.213.189.14:1995
154.213.189.2:61231
154.216.17.118:54321
159.223.89.97:3778
176.32.39.112:1311
176.32.39.112:2345
185.78.76.132:1312
193.143.1.70:38242
193.233.193.45:1311
193.233.193.45:2345
193.84.71.119:38241
194.58.66.244:1311
194.58.66.244:2345
194.87.198.29:1311
194.87.30.79:1311
194.87.30.79:2345
195.133.53.106:1311
195.133.53.106:2345
195.133.92.51:1311
198.98.49.215:1311
198.98.49.215:2345
205.185.114.79:1311
205.185.114.79:2345
209.141.44.226:1311
209.141.44.226:2345
209.141.49.186:1311
209.141.49.186:2345
209.141.57.98:1311
209.141.57.98:2345
209.141.61.182:1311
209.141.61.182:2345
213.182.204.57:1311
213.182.204.57:2345
217.28.130.41:1311
217.28.130.41:2345
23.158.56.103:56744
27.102.118.110:1311
27.102.118.110:2345
27.102.118.111:1311
27.102.118.111:2345
31.13.248.13:1311
31.13.248.13:2345
31.13.248.89:1311
31.13.248.89:2345
38.114.100.142:1311
38.114.100.142:2345
45.125.66.215:3333
45.125.66.215:9999
45.140.168.235:1311
45.140.168.235:2345
45.140.169.21:1311
45.140.169.21:2345
45.147.200.148:1311
45.147.200.148:2345
45.149.241.12:56744
45.200.148.215:1995
45.91.193.133:1985
5.39.254.71:1311
5.39.254.71:2345
66.36.234.2:1995
81.29.149.178:1311
81.29.149.178:2345
86.107.100.80:1311
86.107.100.80:2345
87.120.114.160:1311
87.120.114.197:1311
88.151.195.157:1311
88.151.195.157:2345
88.151.195.22:1311
88.151.195.22:2345
89.22.230.162:1024
89.32.41.42:1311
89.32.41.42:2345
91.142.79.239:8001
91.149.218.232:1311
91.149.218.232:2345
91.149.238.18:1311
91.149.238.18:2345
91.202.233.202:38241
94.156.227.234:38242
aisysmddos.com
arismstress.us
kingstonwikkerink.dyn
nguyenletriloc.pro
mirailogin.xyz
aiddoscnc.aisysmddos.com
aiddoscnc2.aisysmddos.com
botnet.arismstress.us
elitexrebirth.elite-api.su
gay.nguyenletriloc.pro
raw.igxhost.ru

# Reference: https://x.com/RacWatchin8872/status/1863561175394304478
# Reference: https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=services.http.response.html_title%3A%22Login+-+Nosviak4%22

http://31.59.128.9
http://67.211.216.8
http://69.165.65.148
51.81.121.128:3000
62.60.246.102:2000
netzurgc3.fun
whybeamydomain.shop
ip115.ip-51-81-104.us

# Reference: https://www.virustotal.com/gui/file/da8153ed65fa0f3f2143f8b608f49a1e5fbfa47cb9e776a414ae7ce57556d173/detection
# Reference: https://www.virustotal.com/gui/file/37f361df4b8df1ca7844ac696c65307e9574a0c3f96e52602156b5646c1a13fa/detection

93.123.85.46:47925

# Reference: https://x.com/banthisguy9349/status/1865356438438044038

http://87.120.112.101

# Reference: https://x.com/banthisguy9349/status/1866091166975864851

http://103.163.119.220
http://103.192.179.31
http://109.176.207.235
http://154.213.187.14
http://154.213.187.182
http://154.213.187.84
http://157.10.45.118
http://160.191.86.209
http://161.97.175.164
http://165.232.176.151
http://178.215.238.31
http://185.142.53.148
http://185.170.144.88
http://185.7.78.88
http://198.23.133.131
http://199.195.249.112
http://199.204.97.78
http://209.141.39.46
http://209.141.47.117
http://209.97.160.92
http://23.158.56.103
http://27.102.129.91
http://41.216.189.175
http://45.200.149.100
http://77.111.101.78
http://87.120.115.168
http://87.121.112.77
http://87.6.220.118
http://89.169.4.44
http://90.45.68.107
http://91.216.169.28
http://91.227.62.22
http://93.123.85.192
http://94.156.167.109
http://94.156.167.85
http://94.156.227.233
bin.elite-api.su
clavity.me
drumev.eu
dzifast.click
evelynnk.duckdns.org
fr.elite-api.su
h2.vn1-cn.dzifast.click
muwc.shop
pirati.privatedns.org
ragebotnet.duckdns.org
sekhon.duckdns.org
seyfhg.work.gd
srothienhoa.com
vn1-cn.dzifast.click

# Reference: https://x.com/BlinkzSec/status/1871204633441710231
# Reference: https://search.censys.io/hosts/154.213.187.6

154.213.187.6:22

# Reference: https://x.com/BlinkzSec/status/1872558521252012463
# Reference: https://urlhaus.abuse.ch/asn/214943/

http://185.216.71.152
http://94.156.227.229
94-156-227-229.plesk.page
aaahealthcareservice.com
affectionate-cohen.94-156-227-229.plesk.page
amrhub.com
bmcort.com
eager-jones.94-156-227-229.plesk.page
jaamdesign.com
laughing-kowalevski.66-63-187-84.plesk.page
marcanogarcia.com
meinklassiker.com
mhmsoftware.com
nyiragongovolcano.com
pacificmont.com
pack153queens.com
ssquar.com
syntheticincenseonline.com
thedannymorganband.com
troop153queens.com
tygattisoftware.com
ulomstore.com

# Reference: https://www.fortinet.com/blog/threat-research/botnets-continue-to-target-aging-d-link-vulnerabilities

http://194.110.247.46
http://45.86.86.60
http://87.10.220.221
http://87.11.174.141
21savage.dyn
2joints.libre
75cents.libre
codingdrunk.cc
codingdrunk.in
coziest.lol
eighteen.pirate
fortyfivehundred.dyn
imaverygoodbadboy.libre
nineteen.libre
f.codingdrunk.cc
le.codingdrunk.in
pirati.abuser.eu
ru.coziest.lol

# Reference: https://x.com/DaveLikesMalwre/status/1874183809215639766
# Reference: https://app.validin.com/detail?find=Login%20-%20Nosviak4&type=raw#tab=host_pairs (# 2024-12-31)

http://103.211.206.59
http://142.93.202.126
http://159.223.160.78
http://160.30.20.118
http://195.66.213.24
http://51.195.60.102
http://51.81.100.197
http://64.20.34.146
api.edureel.ai
chat.edureel.ai
chatapi.edureel.ai
drrugs.xyz
kurama.ltd
lst.bglprem.pw
nasa-federation.co.uk
pokemulti.fr
server-64-20-34-146.da.direct
sofakingclean.pro
panel.pokemulti.fr
wings.pokemulti.fr

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2025-01-01)
# Reference: https://www.virustotal.com/gui/file/7885a3a76efde53d99c08ee237d11714b6b3d4ffdd0bfe86ad127039cfe3f70c/detection

http://5.175.237.74
128.254.146.232:2345
154.205.128.136:61543
154.213.187.125:51320
154.213.187.125:55555
154.213.187.147:7070
154.213.190.241:1791
154.213.192.22:7070
154.216.16.98:34129
154.216.17.153:1312
154.216.17.216:3778
154.216.20.216:3778
166.88.130.30:2345
178.215.238.25:33966
178.215.238.4:33966
185.196.11.47:59962
185.196.8.105:59962
185.22.153.100:2345
185.22.155.152:2345
185.22.155.158:2345
185.22.155.213:2345
188.132.232.157:81
193.111.248.108:33966
193.200.78.37:33966
194.58.66.131:2345
194.87.198.191:2345
195.179.230.64:606
198.23.133.131:3778
20.221.64.23:1791
212.192.15.158:2345
212.227.135.15:59666
212.227.63.113:59666
23.94.37.42:2601
31.13.248.234:2345
37.202.222.79:3778
38.110.228.165:1995
38.110.228.165:45
45.149.241.64:3778
45.200.149.249:2601
64.23.249.232:1995
74.48.108.226:1543
74.48.108.226:1995
74.48.140.181:15412
77.111.101.78:9931
83.222.191.146:33211
85.209.17.110:9506
86.107.100.88:2345
87.121.86.161:1995
88.151.195.95:2345
888online.asia
91.212.166.7:6666
93.123.85.8:9931
asdfui.elite-api.su
bot.spine8797.com
cardiacpure.ru
google-br.duckdns.org
intenseapi.com
joaophillip.dev
modernfirewall.ru
plutoc2.site
raw.cardiacpure.ru
raw.cloudboats.vip
raw.intenseapi.com
servers.vlrt-gap.com
srvy.vlrt-gap.com
vlrt-gap.com
wavec2.joaophillip.dev

# Reference: https://x.com/SecureSh3ll/status/1875249728054833294
# Reference: https://www.virustotal.com/gui/file/cf68b03656682bb07e7d416528e1bd3adb136d07bc8ca1c672f2a7a4d76123a7/detection
# Reference: https://www.virustotal.com/gui/file/1908b0ec0220aebc75421e565e0395814a0f4e0151a2cb453f80852633378cab/detection

http://185.157.247.35
http://37.44.238.68
http://66.63.187.92
http://87.121.86.228
144.208.127.181:4096
146.71.81.108:4096
185.198.234.82:4096
203.96.177.158:4096
217.195.153.233:4096
45.95.18.100:4096
85.209.133.6:20722
xaiverbot.net

# Reference: https://x.com/banthisguy9349/status/1875563329080738009
# Reference: https://www.virustotal.com/gui/file/650017ae435b585872d3faf349b322486a94340339607874b9ce9107bb7461dd/detection
# Reference: https://www.virustotal.com/gui/file/2898b905f7637e8bf599836cbc30ed2c7834a2a59a2620693142f7ed11b51c52/detection

31.56.39.15:1995
31.56.39.15:8080
bot.lukos-trade.ro
botnetdolly.zapto.org
chernobyl.stressing.world
lemonsmp.work.gd
zver.stressing.world

# Reference: https://x.com/SecureSh3ll/status/1875607498549555589

http://91.188.254.21
/Kloki.arc
/Kloki.arm
/Kloki.arm4
/Kloki.arm4l
/Kloki.arm4t
/Kloki.arm4tl
/Kloki.arm4tll
/Kloki.arm5
/Kloki.arm5l
/Kloki.arm5n
/Kloki.arm6
/Kloki.arm64
/Kloki.arm6l
/Kloki.arm7
/Kloki.arm7l
/Kloki.arm8
/Kloki.armv4
/Kloki.armv4l
/Kloki.armv5l
/Kloki.armv6
/Kloki.armv61
/Kloki.armv6l
/Kloki.armv7l
/Kloki.dbg
/Kloki.exploit
/Kloki.i4
/Kloki.i486
/Kloki.i586
/Kloki.i6
/Kloki.i686
/Kloki.kill
/Kloki.m68
/Kloki.m68k
/Kloki.mips
/Kloki.mips64
/Kloki.mipseb
/Kloki.mipsel
/Kloki.mpsl
/Kloki.pcc
/Kloki.powerpc
/Kloki.powerpc-440fp
/Kloki.powerppc
/Kloki.ppc
/Kloki.ppc2
/Kloki.ppc440
/Kloki.ppc440fp
/Kloki.root
/Kloki.root32
/Kloki.sh
/Kloki.sh4
/Kloki.sparc
/Kloki.spc
/Kloki.ssh4
/Kloki.x32
/Kloki.x64
/Kloki.x86
/Kloki.x86_32
/Kloki.x86_64

# Reference: https://www.virustotal.com/gui/file/1d7d6749e49dad1984f278f121649b964e9ebd5a02892ee2024469ce0fe2ff6e/detection

210.99.100.132:13566
210.99.104.154:13566
210.99.106.175:13566
210.99.117.68:13566
210.99.133.107:13566
210.99.133.114:13566
210.99.147.90:13566
210.99.157.18:13566
210.99.161.225:13566
210.99.162.132:13566
210.99.165.117:13566
210.99.169.239:13566
210.99.171.85:13566
210.99.18.203:13566
210.99.191.127:13566
210.99.200.39:13566
210.99.222.223:13566
210.99.227.14:13566
210.99.237.178:13566
210.99.240.245:13566
210.99.241.208:13566
210.99.243.193:13566
210.99.25.155:13566
210.99.44.2:13566
210.99.56.16:13566
210.99.65.85:13566
210.99.66.2:13566
210.99.7.131:13566
210.99.76.131:13566
210.99.84.196:13566
210.99.87.239:13566
210.99.96.222:13566
83.222.191.90:13566

# Reference: https://x.com/SecureSh3ll/status/1875637400921362833

http://83.222.191.90

# Reference: https://www.virustotal.com/gui/file/12cd4afdaccd0bcf1927bb68733473483af3878da0cc2d0917c4c926c5eb4873/detection

212.70.149.164:52128
212.70.149.207:52128

# Reference: https://www.virustotal.com/gui/file/1cf95728d7dc00fcf2a75493e9395b181d2074ae5750493da83f1dfbcefee69c/detection

212.70.149.10:35342
212.70.149.12:35342

# Reference: https://x.com/tosscoinwitcher/status/1875679608982663278
# Reference: https://www.virustotal.com/gui/file/748be808842acf49d21caed517e08fdb817c47f50b74303099d52ea676d606b4/detection
# Reference: https://www.virustotal.com/gui/file/ee0faf107bf34a08c98f720ef0ff6225b14df94b50baa2d827451ad04f4d5971/detection

http://193.111.248.108
http://194.37.81.64

# Reference: https://threatfox.abuse.ch/browse/malware/elf.moobot/ (# 2025-01-05)

http://103.116.53.12
http://103.117.122.206
http://103.117.122.232
http://103.130.213.224
http://103.150.221.219
http://103.161.112.49
http://103.195.236.122
http://103.20.235.132
http://103.216.118.97
http://103.238.234.112
http://103.6.234.240
http://103.77.209.61
http://103.77.246.171
http://103.77.246.188
http://104.167.221.214
http://104.244.73.3
http://104.248.156.143
http://107.175.32.137
http://113.30.189.81
http://13.212.104.170
http://134.122.52.106
http://139.162.184.115
http://139.162.187.197
http://144.126.242.57
http://144.172.73.40
http://144.217.129.64
http://149.88.80.131
http://149.88.80.145
http://152.53.66.68
http://154.213.187.106
http://154.213.190.241
http://154.213.190.251
http://154.213.192.3
http://156.253.250.102
http://157.10.45.92
http://157.230.244.30
http://157.66.27.105
http://158.23.49.68
http://159.100.17.87
http://159.100.18.123
http://159.223.54.213
http://159.65.114.94
http://16.171.194.113
http://160.187.229.161
http://160.191.175.187
http://160.30.137.63
http://162.245.221.25
http://162.251.95.195
http://164.92.228.157
http://165.22.240.41
http://165.227.253.92
http://172.104.165.70
http://172.104.84.99
http://172.98.22.142
http://172.98.22.185
http://178.128.210.87
http://178.128.24.105
http://178.128.24.65
http://178.128.54.7
http://179.61.181.159
http://181.214.58.121
http://181.41.196.7
http://185.112.249.20
http://185.112.83.155
http://185.14.92.131
http://185.78.76.132
http://185.95.164.236
http://185.96.163.83
http://188.166.226.169
http://188.166.231.120
http://190.123.46.52
http://190.123.46.53
http://191.96.235.60
http://192.210.187.71
http://199.192.23.197
http://199.231.191.169
http://20.117.170.164
http://20.205.17.54
http://20.6.130.111
http://206.189.155.231
http://206.189.37.158
http://207.148.27.29
http://212.64.199.171
http://217.15.161.176
http://24.199.67.107
http://27.100.39.14
http://3.68.248.166
http://31.13.224.249
http://31.172.83.147
http://31.172.83.15
http://34.58.44.108
http://36.50.134.25
http://36.50.135.139
http://38.145.203.17
http://38.165.44.80
http://38.242.197.33
http://45.149.241.24
http://45.154.24.11
http://45.200.148.215
http://45.200.149.179
http://45.82.255.215
http://45.85.146.39
http://45.95.169.129
http://46.176.187.253
http://46.250.238.169
http://47.84.203.243
http://5.230.167.99
http://5.230.229.137
http://5.59.248.145
http://51.195.194.80
http://51.79.143.51
http://51.79.155.218
http://52.150.237.12
http://52.47.32.244
http://67.217.241.10
http://68.183.191.15
http://68.183.225.84
http://69.165.74.25
http://69.165.74.42
http://70.36.125.10
http://74.48.108.19
http://75.119.147.136
http://80.76.51.45
http://81.161.238.213
http://81.28.10.140
http://82.118.16.127
http://82.118.16.134
http://82.147.84.175
http://84.200.24.7
http://84.247.146.58
http://85.31.47.4
http://87.120.112.234
http://87.120.114.52
http://87.120.127.150
http://87.121.86.200
http://87.121.86.64
http://91.202.233.202
http://91.218.67.59
http://91.218.67.85
http://92.249.48.84
http://93.113.180.180
http://93.113.180.243
http://93.123.109.208
http://93.123.85.190
http://93.123.85.216
http://93.123.85.40
http://94.156.105.122
http://94.158.245.27
http://95.214.27.194
103.135.101.188:10496
103.77.172.24:47925
107.189.4.201:58431
119.8.27.105:55650
134.122.52.106:1995
141.98.7.28:56744
144.172.73.40:43957
150.95.109.27:43957
154.213.186.72:9999
154.213.187.106:47925
154.90.62.152:56999
161.97.175.164:443
161.97.175.164:8080
162.245.221.12:56999
178.215.238.198:47925
178.215.238.6:56744
185.7.78.88:43957
185.78.76.132:1995
190.123.44.73:1995
190.123.46.52:43957
191.96.235.60:43957
193.176.158.29:1337
205.185.120.246:10496
205.185.125.181:3074
209.141.39.46:56744
209.141.39.46:9999
209.141.47.117:1999
216.250.254.26:47925
217.15.161.176:43957
27.124.45.146:10496
3.68.248.166:43957
38.55.246.3:56999
45.11.92.17:56999
45.66.231.204:51511
45.88.90.30:43957
46.8.229.204:56744
5.59.248.206:3778
75.119.147.136:443
77.111.101.78:1995
77.221.143.57:1995
80.76.51.45:47925
81.161.238.2:56999
87.120.112.234:47925
89.169.4.44:47925
89.185.30.66:43957
91.212.166.7:47925
91.218.67.59:43957
91.92.240.43:43957
93.123.85.19:43957
94.156.167.85:47925
95.214.27.194:47925
api.guarantly.com
baidunc.online
bot.hiv.icu
botnet.baidunc.online
botnet.sharkcdn.net
chinagov.one
chmod0777kk.com
doxbin.uno
ducnhan.duckdns.org
guarantly.com
hiv.icu
js.liveya.org
jsgd.us-tv.top
liveya.org
miraitest31.duckdns.org
net.tiktoka.cc
niggakid.duckdns.org
p.doxbin.uno
testprodad.duckdns.org
tiktoka.cc
trembolone.zapto.org
update.byeux.com
us-tv.top
webhorizon.icu

# Reference: https://www.virustotal.com/gui/file/2049116070f5e31f15a3aedb7adee80c227dfcfc06c73f3ce2f43792291350b5/detection

5.252.177.233:1312

# Reference: https://www.virustotal.com/gui/file/373533cd4bded005b2d34fd03e0af39bfd4b36ee913a627d26e01044bdd652ea/detection

http://5.252.177.233

# Reference: https://x.com/banthisguy9349/status/1878191581108355100

http://154.213.192.42
154.213.192.42:3778

# Reference: https://www.virustotal.com/gui/file/2762406750631e28c77d82a510b3c55dfa55f9584d5b660a95f3cc909b06919e/detection
# Reference: https://www.virustotal.com/gui/file/c632725093e64d00e75fd6ac65faa0b27880419911c47b99319fae9a92e845f8/detection

http://103.188.82.218
185.121.12.166:1749

# Reference: https://pastebin.com/raw/xYzuLEfD

http://141.98.11.129
http://141.98.11.161
http://154.213.190.246
http://154.216.20.189
http://195.133.10.39
http://45.202.35.24
123.pentaq.net
area-a-id-ui-sant.serveuser.com
clineteintesasanpaolo.itsaol.com
dk-a-priv-nod-id.itsaol.com
dp-akt-ref-id9128411.toh.info
ftp.sanpaolo-home-it.instanthq.com
id-mundo-d-id0167.itsaol.com
intesasanpolo.onedumb.com
sanpaolo-home-it.instanthq.com
service-web-san-polo.longmusic.com
web-sanpaolo.dubya.info

# Reference: https://x.com/TuringAlex/status/1881217211836273019
# Reference: https://www.virustotal.com/gui/file/982b3e5beb492d126bf1962ab2a9d5e1f2230c697d6907f2480e328da366da06/detection
# Reference: https://www.virustotal.com/gui/file/1908b0ec0220aebc75421e565e0395814a0f4e0151a2cb453f80852633378cab/detection
# Reference: https://www.virustotal.com/gui/file/d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0/detection

liberalretard.libre
trump2024.oss

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2025-02-03)

http://193.143.1.66
0x.un5t48l3.host
0x003.top
0x004.top
0x02.nexusiotsolutions.net
0x02.preload.su
0x03.preload.su
0x602a1f143b8c9751a9faf18324235457c08efcf4cnc.siegenuke.com
0x602a1f143b8c9751a9faf18324235457c08efcf4scan.siegenuke.com
1.0x004.top
10050lan.8b8n.com
102.211.232.40:3778
107.172.51.228:3778
109.71.252.202:38241
128.199.35.104:1291
134.122.53.54:1295
139.59.126.134:55555
139.59.226.19:1460
139.59.45.165:1302
139.59.46.142:1306
141.98.10.115:1302
141.98.10.142:2211
142.93.173.110:1343
143.198.201.134:1295
144.172.91.73:1291
146.190.30.159:1290
147.182.241.94:1347
152.53.39.53:420
154.127.56.84:3778
154.213.186.64:3778
154.213.187.229:1532
154.213.187.229:80
154.213.192.22:80
154.62.226.5:3778
156.229.232.99:33844
156.229.232.99:38241
157.245.56.174:1438
159.223.45.59:59666
159.223.74.127:1319
159.223.85.44:1296
159.89.123.72:1300
159.89.198.214:1304
159.89.227.55:1313
164.90.151.97:1298
165.22.116.233:1289
167.172.160.222:1310
167.172.35.36:1316
167.88.165.27:23
167.88.165.99:23
167.99.190.4:1293
170.64.205.51:1312
184.174.97.72:123
184.174.97.72:21
184.174.97.72:2222
184.174.97.72:23
184.174.97.72:36508
184.174.97.72:53
184.174.97.72:69
184.174.97.72:8080
185.102.172.203:5555
185.106.123.117:1411
185.106.123.122:1300
185.106.123.124:1285
185.244.150.136:1285
185.244.150.141:1390
185.244.150.142:1305
185.252.215.156:3778
185.82.200.111:1293
185.82.200.119:1338
190.btc-f2pool.top
193.143.1.46:7070
193.143.1.66:62389
193.200.78.24:3778
193.200.78.57:33966
194.107.126.7:36508
194.107.126.7:8080
194.36.191.25:1401
19485320-coinbase.com
195.177.95.92:1337
195.177.95.92:4320
195.178.110.224:9999
1g4kyu21asdgb5.ga
2.59.132.84:123
2.59.132.84:21
2.59.132.84:2222
2.59.132.84:23
2.59.132.84:25
2.59.132.84:3333
2.59.132.84:36508
2.59.132.84:443
2.59.132.84:8080
212.64.199.23:9931
217.156.66.237:60195
255gaming.xyz
31.13.224.14:38241
37.221.67.209:7001
404verified.xyz
41.216.189.127:63645
41.216.189.243:63645
45.11.229.38:37212
45.128.233.72:1337
45.139.104.177:1995
45.149.241.12:80
45.221.96.37:5555
45.87.43.193:1300
45.90.160.134:1999
45.95.169.129:3778
45.95.169.133:3778
46.101.121.254:1299
4ina.fastwars.ru
64.225.52.129:1287
66.59.197.136:1312
79.124.60.186:3277
79.124.60.186:37212
79.124.60.186:554
80.76.51.164:666
83.222.190.91:33844
83.222.190.91:38241
87.120.117.141:38241
87.120.125.56:38241
89.22.230.162:80
94.103.125.184:101
94.103.125.184:3778
94.154.35.185:3778
95.169.203.15:1112
96.62.214.10:3778
96.62.214.33:3778
9mawsx9hrdk2wzas.botanik.gq
a.smokingpenis.club
aa.cyberium.cc
abcproxy.click
adadcdad.abcproxy.click
agakarakocbots.duckdns.org
agakarakoccnc.duckdns.org
ahyfn.com
air.schastin.de
alex-botnet.xyz
alexr00t3d.com
allcheesedout.cc
amaravaticityportal.com
animahuyna.myftp.biz
anon-net.com
anonplus.org
anothersasa.ru
api.modemfirewall.ru
api.remaiten.org
apocalypsemirai.ddns.net
apollonet.xyz
apollonet02.com
arm7plz.xyz
artillery.cf
b.smokingpenis.club
babamirai31.duckdns.org
babane.chanbaba.online
back.openother.com
bakongcity.city
barsoeb.space
base.uboat.ga
bigboatzarereppin.hopto.org
bigpulls.cf
binary.microsoftconnect.net
block-dem-packets.com
blyat.pw
bmw.expcs.xyz
boatnet.ddns.net
boatnet.ga
boatnet.vphim.top
boatnetswootnet.xyz
boetz.duckdns.org
bognet.kygtps.live
boki.ug-rp.info
bonkers-botnet.xyz
bot.2024888.site
bot.abcproxy.click
bot.bakongcity.city
bot.fewbots.cc
bot.flameofwar.net
bot.floppaonyou.fr
bot.fmovies.sk
bot.iamdelta.xyz
bot.merisprivate.net
bot.mypowers.top
bot.myshit.xyz
bot.ndascad.xyz
bot.nulling.io
bot.suqi.bf
bot.tianyadd.top
bot.titi.pics
bot.wmddos.xyz
bot.work-tools.org
bot2.m1nhbl4ck.social
botnet.0x003.top
botnet.best
botnet.checkgdv.click
botnet.cloudleaks.cc
botnet.daddyhackingteam.com
botnet.dynamic-dns.net
botnet.fantazy.spa
botnet.fantazy.space
botnet.kuykuykuy.com
botnet.lexro.com
botnet.lymak.com
botnet.mirailogin.xyz
botnet.niggersare.us
botnet.openai666.fun
botnet.rooting.ml
botnet.sapphirenet.xyz
botnet.tfmobile.store
botnet.ventoxcfx.click
botnet.voidcdk.com
botnet.yourdomain.co
botnet.zepeck.com
botnethosts.pw
bots.resentual.cc
bots.richstressop.cloud
brickwork-solutions.xyz
bueenotgay.duckdns.org
bumiipaneldigital.cloud
c.cnbot.space
c.santaiot.net
c0vid.ddns.net
c1.cnbot.space
c1.neo-one.info
c2.protopal.club
cat-are-here.ru
cats-are-cute.ru
cats-master.ru
catsquad.co.vu
cb.boatnetswootnet.xyz
chanbaba.online
chanmiraixd.duckdns.org
char.aerx.io
checkgdv.click
chupamipito.tk
ciubuc.diicot.net
cloudleaks.cc
cnc.255gaming.xyz
cnc.ahyfn.com
cnc.alex-botnet.xyz
cnc.alexr00t3d.com
cnc.alprazolam.rip
cnc.anon-net.com
cnc.apollonet.xyz
cnc.apollonet02.com
cnc.arm7plz.xyz
cnc.bins.sh
cnc.block-dem-packets.com
cnc.bonkers-botnet.xyz
cnc.botnet.best
cnc.botnethosts.pw
cnc.casualaffinity.net
cnc.chupamipito.tk
cnc.darkiot.net
cnc.dec9.cf
cnc.dico-inside.com
cnc.diicot.su
cnc.dogzsec.org
cnc.duc3k.com
cnc.eatmydick.tk
cnc.encmoney.pw
cnc.finechina.tk
cnc.flameofwar.net
cnc.flexsecurity.xyz
cnc.getrektlol.xyz
cnc.heherawr.tk
cnc.horizonisrising.xyz
cnc.iamdelta.xyz
cnc.icdns.online
cnc.ifryrouters.tk
cnc.infamous.xyz
cnc.iotbotnet.xyz
cnc.joskekurwa.xyz
cnc.junoland.xyz
cnc.kvnode.nl
cnc.lalashit.xyz
cnc.leakedfiles.xyz
cnc.loadingboats.ru
cnc.mariokartayy.com
cnc.methaddict.xyz
cnc.miraibot.top
cnc.monkesec.xyz
cnc.myshit.xyz
cnc.mysteriousland.tk
cnc.nullsec.cf
cnc.oneneo.xyz
cnc.rapeme.fun
cnc.rightcdn.ml
cnc.santaiot.net
cnc.scriptkid.lol
cnc.shaffer.cn
cnc.sinsforgiven.xyz
cnc.sinushost.space
cnc.skidstresser.xyz
cnc.stressamp.com
cnc.stressfor.me
cnc.switcherino.xyz
cnc.tacobelllover.tk
cnc.tccmn9cs2j3srwmq.tk
cnc.trumcode.xyz
cnc.xkobeimparatu.net
cnc.zbenchecken.xyz
cnc3.ghty.online
cnchost.gotdns.ch
cncreport.gotdns.ch
cnctomecutie1337.mikeysyach.xyz
cnsmaccas.duckdns.org
cocaine.cokepusher.ru
cocaine.dopegame.ru
cocaine.dopegame.su
cocaine.fredosantana.ru
cocaine.traphouse.to
cocaine.traplife.ru
cocaine.trapspot.ru
cocaine.xest.su
commemay.dns.navy
comp56.duckdns.org
comp56l.duckdns.org
comsuoncondicloud.duckdns.org
condiv9.duckdns.org
connect.bricktale.cc
control.skidstresser.xyz
crystalc2.duckdns.org
csgo.topsnek.net
cuttiecats.ru
d3dx9.ch
dab.piceskeklol.tk
dank.reppin.tk
darkattacknet.duckdns.org
darkattackscan.duckdns.org
darkdnsnet.duckdns.org
darkdnsscan.duckdns.org
darkiot.net
darksoul.un5t48l3.host
ddos.1314mu.com
ddos.howardwang2312.com
ddosit.pro
dec9.cf
demon.u-suck-my-dick.xyz
dev.sharingurl.com
diicot.net
diicot.su
dkdrlahhwlxptmxm2.p-e.kr
dns.api-services.online
dns1.emercoindns.com
doink.societynetwork.xyz
domain.tripplesixtodeath.top
drytekc.com
e.xijinping.mov
eaefae.savirland.com
eatmydick.tk
encmoney.pw
esss.bulletpool.ru
expcs.xyz
extend.us.to
f.silynigr.xyz
fantazy.spa
fantazy.space
fbi.condi.network
fearmiraixd.duckdns.org
fewbots.cc
finechina.tk
flameofwar.net
flexsecurity.xyz
floppaonyou.fr
fmovies.sk
force.uboat.ga
forever.bumiipaneldigital.cloud
fortunec2.fun
frank.netgear.icu
franknb.pytonsabc.tech
freepein.top
fucklevel3.wang
gasktfnfqw.su
get.xijinping.mov
getrektlol.xyz
gfedcba.elrooted.com
gg.elrooted.com
ghost.lspmodz.ml
godmirai.cf
godnet.godnigga.eu
gokittler.ru
gorillamc.party
guddimirai.duckdns.org
h2q80nhmyl.duckdns.org
hacler.ro
haha.protopal.club
heherawr.tk
heis.lateto.work
himanurnice.ru
holdabchoneypots.p-e.kr
hoon.cyberium.cc
horizonisrising.xyz
horse.silynigr.xyz
hou.zu0x.com
huettengaudi.co
huyhoang.ddns.net
iamdelta.xyz
iaopw3djo9.duckdns.org
idoingitagain.space
ifryrouters.tk
iholdxrp.ru
iigm.res.in
immafreebitch.ddns.net
infamous.xyz
info.toasterhosting.stream
install.wowzabro.club
iotbotnet.xyz
irc.potato.solutions
jack.stressing.world
jawak.kygtps.live
jinhj.stressamp.com
jmdb.ignorelist.com
jmdd.chickenkiller.com
joshpecklmao.xyz
junoland.xyz
juwelier-muenzer.de
juwelier-spieker.de
juwelierhohage.de
k.silynigr.xyz
kanikiken.duckdns.org
kekcncdud.linux.lol
kekresultdud.linux.lol
kekt.network
khanh.nroome.online
khuongbotnet.ddns.net
killbaidu.top
kittler.ru
kittlerer.ru
kittlez.ru
kittylovecenter.tk
kjlfaakagb.ru
kolinda.pucaj.ga
kosha.cbu.net
krebs.bigbotpein.com
krebs.fucklevel3.wang
krkrdoskslansldkalsd.o-r.kr
kurwa.barsoeb.space
kuykuykuy.com
kvnode.nl
kygtps.live
lalashit.xyz
lana.midnight.pm
leakedfiles.xyz
lelresults.linux.lol
lexro.com
linuxoidoops.gdn
listen.kristen.pw
listen.sinushost.space
listen.xenonbooter.xyz
lkq.cyberspeed.baby
lo.uvgczsuidrtg.com
loader.racoon.ml
loader.upmirai.club
loader1.anothersasa.ru
loadfrom.ftp.sh
loadingboats.ru
loadsecure.pw
lol.picesboats.club
lspmodz.ml
lunarproducts.net
lymak.botnet.com
m1nhbl4ck.social
mango.deewpn.com
mariokartayy.com
memes.krebs.net
meow.botnet.services
methla.duckdns.org
midnight.pm
mikeysyach.xyz
milnetbrasil.duckdns.org
minecraft.topsnek.net
mir.anonplus.org
mirai.2024888.site
mirai.bounceme.net
mirai123.ddns.net
miraibot.top
miraicnc.ddns.net
miraiddos.ddns.net
miraiddosoffline.ddns.net
miraigains.top
modemfirewall.ru
monkesec.xyz
murrez.duckdns.org
murrez622.duckdns.org
music.znods.xyz
mustafababapro31.duckdns.org
mustiki.duckdns.org
mvjvuhvevyk.ru
mycnc0.ddns.net
myhome.anothersasa.ru
mykittler.ru
mypowers.top
myscan0.ddns.net
myshit.xyz
mysql.microsoftconnect.net
mysteriousland.tk
nakjddkssf.ru
nbot.lmanber.xyz
ndascad.xyz
nebulabot.net
neo-one.info
net.igxhost.ru
net.uglistnet.cfd
netgear.icu
netkiller.free-ddns.com
network.santasbigcandycane.cx
netwxrk.org
new.toasterhostingcool.stream
newkittler.ru
niggersare.us
nixw00xtr00x.duckdns.org
noballs.lol
node.forever.bumiipaneldigital.cloud
nohoneyboys.linux.lol
nonamee.zapto.org
notmirai007.ddns.net
nulling.io
nullsec.cf
o.do.do
okay.gorillamc.party
openai666.fun
openother.com
overloads.us.to
ovz.abhik.net
p.cnbot.space
packets.cf
panel.daudau.org
panel.subdeew.site
peanutherow.ddns.net
peanutheroz.ddns.net
peasemir.anothersasa.ru
penis.elite-api.su
piceskeklol.tk
pidors.ddosit.pro
plenkovic.pucaj.ga
plusrepo4.fastwars.ru
polizei.su
potato.solutions
powerade.root.sx
proxy.bigbotpein.com
proxy.cnbot.space
proxyapi.modemfirewall.ru
psy.hacler.ro
pucaj.ga
puller.bigpulls.cf
pytonsabc.tech
qbotisdead.xyz
qittler.ru
qo.ro.lt
r.cnbot.space
r.loadsecure.pw
r.nexusiotsolutions.net
randommirai.duckdns.org
rapeme.fun
ratatouille.allcheesedout.cc
raw.awaken-network.net
rdp.fucklevel3.wang
really.idoingitagain.space
receive.tonguepunchfartbox.life
receive2.tonguepunchfartbox.life
receiver.linux.lol
rep.anonplus.org
rep.anothersasa.ru
rep.kekt.network
rep.miraibot.top
rep.securityupdates.us
report.ahyfn.com
report.boatnet.ga
report.botnethosts.pw
report.chupamipito.tk
report.cnbot.space
report.dec9.cf
report.drytekc.com
report.eatmydick.tk
report.encmoney.pw
report.finechina.tk
report.hightechcrime.club
report.ifryrouters.tk
report.leakedfiles.xyz
report.linuxoidoops.gdn
report.mysteriousland.tk
report.netwxrk.org
report.potato.solutions
report.santasbigcandycane.cx
report.shaffer.cn
report.skidsec.org
report.skidstresser.xyz
report.smokemethallday.tk
report.tfmobile.store
report.ttoww.com
report.xf0.pw
reports.rxqtxyz.xyz
reportscan.ddns.net
repping.wordtheminer.com
resbot.online
resentual.cc
resolv.blyat.pw
resonline.systeme.io
results.coolxr.info
resultsarein.linux.lol
rgvsf.stressamp.com
richstressop.cloud
rightcdn.ml
romc2.nl
rooting.ml
rpt.openother.com
rucnc.romc2.nl
s.santaiot.net
s.wolfiot.xyz
s1.neo-one.info
santaiot.net
sapphirenet.xyz
satanprayer.cf
scalar.sharingurl.com
scan.404verified.xyz
scan.alex-botnet.xyz
scan.alexr00t3d.com
scan.alprazolam.rip
scan.anon-net.com
scan.apollonet.xyz
scan.apollonet02.com
scan.arm7plz.xyz
scan.artillery.cf
scan.bins.sh
scan.block-dem-packets.com
scan.bonkers-botnet.xyz
scan.flexsecurity.xyz
scan.getrektlol.xyz
scan.godmirai.cf
scan.horizonisrising.xyz
scan.joshpecklmao.xyz
scan.junoland.xyz
scan.kvnode.nl
scan.mariokartayy.com
scan.methaddict.xyz
scan.monkesec.xyz
scan.nullsec.cf
scan.oneneo.xyz
scan.packets.cf
scan.rapeme.fun
scan.remaiten.org
scan.santaiot.net
scan.sinsforgiven.xyz
scan.snowondex.life
scan.snowondex.net
scan.snowondex.org
scan.spamtech.win
scan.stressfor.me
scan.switcherino.xyz
scan.tacobelllover.tk
scan.voxlobid.tk
scan.xyro.xyz
scan.zbenchecken.xyz
scanmaccas.duckdns.org
scanthembigbots.mikeysyach.xyz
schools.meal-data.com
scriptkid.lol
secure.kingdomplugin.nl
seeder.zeusgacor.bet
server.meal-data.com
server1.nutsz.club
sex.miraigains.top
shaffer.cn
sharingurl.com
sheis.lateto.work
sinsforgiven.xyz
sinushost.space
sirgate.xyz
skidstresser.xyz
smokingpenis.club
snortscan.duckdns.org
snowondex.life
snowondex.net
snowondex.org
something.catchat.us
somethingfastrn.redirectme.ne
somethingfastrn.redirectme.net
somethingfornothing.eu.org
spamhaus.allowed.org
ssca.meal-data.com
ssffsdfssdfsdfsf.n-e.kr
sss.snicker.ir
sstresser.eu
starforgemirai.duckdns.org
state.zu-mm.com
stauss-uhren-schmuck.de
stone.schastin.de
stone.sinushost.biz
storm-proxy.ddns.net
stressamp.com
stressfor.me
suckmyass1983.ddns.net
support.nexusiotsolutions.net
suqi.bf
survur.glibc.org
switcherino.xyz
t7ga41ys.glibc.org
tacobelllover.tk
tccmn9cs2j3srwmq.tk
termine.juwelier-muenzer.de
termine.juwelier-spieker.de
termine.juwelierhohage.de
termine.stauss-uhren-schmuck.de
test.aandy.cf
test.sstresser.eu
testbot.ddosvps.cc
tfmobile.store
thatsofar.top
theeyefirewall.su
thekittler.ru
thelipscrub.com
tianyadd.top
tickets.huettengaudi.co
tripplesixtodeath.top
trumcode.xyz
twin.zu-mm.com
uboat.ga
udptcp.packets.cf
ug-rp.info
un5t48l3.host
unicorn.d3dx9.ch
unixbot.ddns.net
update.drytekc.com
urabotnet.duckdns.org
us.miraigains.top
usa.artillery.cf
vantrong.id.vn
ventoxcfx.click
vm-tastingcollection1.i6m.nl
vmi86141.contabo.host
voidcdk.com
vphim.top
wcj.yyyyvps.cn
web.digitaldatainsights.org
whois.hopto.org
whyrwehere.tripplesixtodeath.top
wmddos.xyz
work-tools.org
wow.freepein.top
wow.qbotisdead.xyz
wtf.gorillamc.party
xf0.pw
xg5kisn74mk2xi7gu55d.q5f2k0evy7go2rax9m4g.ru
xinglian.us.kg
xo.midnight.pm
xsuarez.mooo.com
xyro.xyz
xz33006.h52l.com
yeet.mariokartayy.com
yourdomain.co
yyyds.life
yyyyvps.cn
yzykar2.hopto.org
zbenchecken.xyz
zepeck.com
zu-mm.com
/nA0diE1/
/pecga.32
/pecga.64
/pecga.arc
/pecga.arcle-hs38
/pecga.arm
/pecga.arm4
/pecga.arm4l
/pecga.arm4t
/pecga.arm4tl
/pecga.arm4tll
/pecga.arm5
/pecga.arm5l
/pecga.arm5n
/pecga.arm6
/pecga.arm64
/pecga.arm6l
/pecga.arm7
/pecga.arm7l
/pecga.arm8
/pecga.armv4
/pecga.armv4l
/pecga.armv5l
/pecga.armv6
/pecga.armv61
/pecga.armv6l
/pecga.armv7l
/pecga.dbg
/pecga.exploit
/pecga.i4
/pecga.i486
/pecga.i586
/pecga.i6
/pecga.i686
/pecga.kill
/pecga.m68
/pecga.m68k
/pecga.mips
/pecga.mips64
/pecga.mipseb
/pecga.mipsel
/pecga.mpsl
/pecga.pcc
/pecga.powerpc
/pecga.powerpc-440fp
/pecga.powerppc
/pecga.pp-c
/pecga.ppc
/pecga.ppc2
/pecga.ppc440
/pecga.ppc440fp
/pecga.root
/pecga.root32
/pecga.sh
/pecga.sh4
/pecga.sparc
/pecga.spc
/pecga.ssh4
/pecga.x32
/pecga.x32_64
/pecga.x64
/pecga.x86
/pecga.x86_32
/pecga.x86_64

# Reference: https://x.com/redrabytes/status/1887188128537981179
# Reference: https://x.com/abuse_ch/status/1887209599398519177
# Reference: https://www.virustotal.com/gui/file/15b3bd18faf2c0f573701cbca5324b79303f449ad09f8088c0a7aed26a4fddbf/detection

http://103.163.215.73
156.244.6.16:64715
156.244.6.159:64715
38.54.84.54:64715
38.60.209.101:64715

# Reference: https://x.com/redrabytes/status/1888210388589658596
# Reference: https://www.virustotal.com/gui/file/001be33dc268331f202b6b0c8f06c20cbc2af22698ff11b3aab8a5ec6bdda522/detection
# Reference: https://www.virustotal.com/gui/file/10487bfc710f38d681aa7d7d7fca6ca597e0a2ddcfa5522e5573c1832662ad11/detection

http://194.85.251.8
http://37.44.238.88
37.44.238.88:443

# Reference: https://x.com/DaveLikesMalwre/status/1886790709707001954

http://45.90.12.184
http://51.81.104.115
http://87.120.127.238
youcantdownmy.ovh
game.youcantdownmy.ovh

# Reference: https://x.com/redrabytes/status/1890316002761625726

http://216.126.231.240

# Reference: https://twitter.com/banthisguy9349/status/1782789917384257825

monkey-proxy-999.online

# Reference: https://x.com/skocherhan/status/1891037419031384430

http://154.213.189.132
http://91.234.199.123
api-livinglifeforfun.shop
ns3177629.ip-51-195-60.eu

# Reference: https://www.virustotal.com/gui/file/02a3f75f44c137d4ba5ef2c96b9d270dca001ab2bb868cf99c41258637380a1d/detection

193.143.1.42:60255
service1921.live
srerv.service1921.live

# Reference: https://www.virustotal.com/gui/file/130fc062b850d3415561fc6c0d453ab51675f1e783d8ee0dfd17fb82ee300189/detection

dasdv1.service1921.club

# Reference: https://x.com/redrabytes/status/1891293476429734240/history
# Reference: https://www.virustotal.com/gui/file/c35d5fb22d47e276e38fde699fc3b1e88e60a708d85b6ebea69815dec5d4883e/detection

americanexpressloginus.com
mitgpssms.com
rustbakingtable.com
smsfastersend.com
suomi-app.net
updateinfo-portal.com

# Reference: https://x.com/redrabytes/status/1891281757103661457/history
# Reference: https://www.virustotal.com/gui/file/08c175079071c0817336b6d2de43e05c4aeb7b5dc605116a9053be2593ee3688/detection

http://160.22.160.31
160.22.160.31:56999
sroglad.com
srogland.com

# Reference: https://x.com/redrabytes/status/1891274068747342294/history

http://37.221.67.207
37.221.67.207:1111
37.221.67.207:45
37.221.67.207:6969

# Reference: https://x.com/redrabytes/status/1891264857338425413
# Reference: https://www.virustotal.com/gui/file/587dec802d12db0680d5115fb266a21c5d9e025ec76073f8d31071f4f9fa9818/detection

http://96.62.214.212
96.62.214.212:21
96.62.214.212:3778

# Reference: https://x.com/redrabytes/status/1891464699834712305

http://194.85.251.68
194.85.251.68:21
194.85.251.68:9931

# Reference: https://x.com/redrabytes/status/1891690166437191827

http://193.32.162.38
193.32.162.38:21
193.32.162.38:3778

# Reference: https://x.com/redrabytes/status/1891837702368022710
# Reference: https://threatfox.abuse.ch/ioc/1412941/

193.143.1.19:101
193.143.1.19:21
193.143.1.19:9876
honeypie.r-e.kr

# Reference: https://x.com/redrabytes/status/1892637110030520479
# Reference: https://www.virustotal.com/gui/file/3d7c7160238d12b01bb5be6551dfc1fcdc28cdf642c70a4a8851f031a4f672ba/detection
# Reference: https://www.virustotal.com/gui/file/b60a4c0d5912c522e6a6a9ef2e8729fa53ac23e9fca04fda505afba47af42b2d/detection
# Reference: https://www.virustotal.com/gui/file/e3c5df6fe90bb4d9932ab5c0d9d9975d32fae2eb8db1d6c18c09840f6ab22462/detection

http://103.77.214.27
103.77.214.27:1995
103.77.214.27:21
103.77.214.27:56999
huyandvit-cnc.duckdns.org

# Reference: https://x.com/redrabytes/status/1892899594817753104
# Reference: https://www.virustotal.com/gui/file/5de8cc1d8e0a6111d9df026906abf69b394a453c9a9e1928713532ccad07347a/detection

http://162.0.214.70
http://165.154.224.116
162.0.214.70:1111
162.0.214.70:333
165.154.224.116:443

# Reference: https://x.com/redrabytes/status/1893271962387988654
# Reference: https://www.virustotal.com/gui/file/0b7a4a6875b7abb2a02d9c969f26b013e564d8e6c7e08e400ab76e83bb04b1d4/detection

http://107.189.31.150
107.189.31.150:22512
107.189.31.150:4554

# Reference: https://x.com/redrabytes/status/1893147846624293272
# Reference: https://www.virustotal.com/gui/file/25e2272599f52ffedfda442ca59c84affd841f7b144881e6acc610b4d9bcf105/detection

http://160.22.161.89
160.22.161.89:56999

# Reference: https://www.virustotal.com/gui/file/28130800215a79af4bccd8351eeea364a17e4581eb194e2bb2b8868a0b0b3a3b/detection

160.22.160.117:3007

# Reference: https://app.validin.com/detail?find=%3A%3A%3A%22twitter%3Asite%22%3A%22%40FBI%22&type=raw&ref_id=9fe05fdca27#tab=host_pairs (# 2025-02-22)

banthis.su
fbigovs.xyz
invtg.icu

# Reference: https://www.virustotal.com/gui/file/318d9f2a75cd221b43b96d2fe1c8ef0f09f295e2d6293e78d36bf086d0d47c70/detection

http://185.142.53.41

# Reference: https://x.com/redrabytes/status/1894418927674859934

107.189.31.150:9473

# Reference: https://x.com/redrabytes/status/1895526017613316150
# Reference: https://www.virustotal.com/gui/file/4143697a8a9f9d05657970f2b5938c31084ddaa704778716e026c2a005337c9a/detection
# Reference: https://www.virustotal.com/gui/file/fbb4b19908d741cf509695767f2aaa8fe03513a0626c9a6a33212a8b6376bc6e/detection
# Reference: https://www.virustotal.com/gui/file/c84aba91164169efcda006f06f9ed08f7eef65ab3b5d92ee834300fa23ea6a5e/detection
# Reference: https://www.virustotal.com/gui/file/af634ace3201a00e6b678c235e37a07cf77c842400b11abd6bc5604606c97ca1/detection
# Reference: https://www.virustotal.com/gui/file/922414ea0cbc3361416e84749aaae404cd62a60b56b2ffc3044f1167e2b1fae1/detection
# Reference: https://www.virustotal.com/gui/file/4e014f7445feac34bccb4a062a5d596f3d8438025a1faa6317cf965ef257b80a/detection
# Reference: https://www.virustotal.com/gui/file/f401dfd535f5bf376f2f562a35e6aa1c1ff07b32f1f73c05c9ab4e5707b0bee5/detection
# Reference: https://www.virustotal.com/gui/file/8b1a31f938ddcda95eefac5c3ccad06da085a8e55f9264033bb3456008a7954d/detection
# Reference: https://www.virustotal.com/gui/file/0ed8a8d2bcd65b50c2fa0d828ee5c05c41f4b0b920bd2de9cea162e14ddb8041/detection
# Reference: https://www.virustotal.com/gui/file/f57454fb21295cfc6d5f20f35527dd31a4793431b4ee46be595ded4bc4acadb3/detection
# Reference: https://www.virustotal.com/gui/file/9938651cd4c87ed5b7f4c9837a2b46a0c2ebb75b34c325800ff0f9f95d6894ba/detection

http://141.98.10.109
141.98.10.109:27160
141.98.10.109:25565
141.98.10.109:54498
141.98.10.109:65535
141.98.10.109:8080
146.19.191.85:16
157.10.45.96:56999
185.196.9.244:11231
206.212.246.10:22
206.212.246.10:53
91.212.121.37:3389
93.187.217.71:20480
93.187.217.71:22
93.187.217.71:53
94.142.130.241:9931
94.158.244.248:576
cl0udhaven.com
suprasrvoknew.giize.com
test.vantrong.id.vn
/0kx3kx9kx7kx/
/3ATOGoldAge32
/3ATOGoldAge64
/3ATOGoldAgearc
/3ATOGoldAgearcle-hs38
/3ATOGoldAgearm
/3ATOGoldAgearm4
/3ATOGoldAgearm4l
/3ATOGoldAgearm4t
/3ATOGoldAgearm4tl
/3ATOGoldAgearm4tll
/3ATOGoldAgearm5
/3ATOGoldAgearm5l
/3ATOGoldAgearm5n
/3ATOGoldAgearm6
/3ATOGoldAgearm64
/3ATOGoldAgearm6l
/3ATOGoldAgearm7
/3ATOGoldAgearm7l
/3ATOGoldAgearm8
/3ATOGoldAgearmv4
/3ATOGoldAgearmv4l
/3ATOGoldAgearmv5l
/3ATOGoldAgearmv6
/3ATOGoldAgearmv61
/3ATOGoldAgearmv6l
/3ATOGoldAgearmv7l
/3ATOGoldAgedbg
/3ATOGoldAgeexploit
/3ATOGoldAgei4
/3ATOGoldAgei486
/3ATOGoldAgei586
/3ATOGoldAgei6
/3ATOGoldAgei686
/3ATOGoldAgekill
/3ATOGoldAgem68
/3ATOGoldAgem68k
/3ATOGoldAgemips
/3ATOGoldAgemips64
/3ATOGoldAgemipseb
/3ATOGoldAgemipsel
/3ATOGoldAgempsl
/3ATOGoldAgepcc
/3ATOGoldAgepowerpc
/3ATOGoldAgepowerpc-440fp
/3ATOGoldAgepowerppc
/3ATOGoldAgepp-c
/3ATOGoldAgeppc
/3ATOGoldAgeppc2
/3ATOGoldAgeppc440
/3ATOGoldAgeppc440fp
/3ATOGoldAgeroot
/3ATOGoldAgeroot32
/3ATOGoldAgesh
/3ATOGoldAgesh4
/3ATOGoldAgesparc
/3ATOGoldAgespc
/3ATOGoldAgessh4
/3ATOGoldAgex32
/3ATOGoldAgex32_64
/3ATOGoldAgex64
/3ATOGoldAgex86
/3ATOGoldAgex86_32
/3ATOGoldAgex86_64

# Reference: https://www.virustotal.com/gui/file/05603dff9bba29501155259d1a6f925f1328e83e9701a354586dead846e7de68/detection
# Reference: https://www.virustotal.com/gui/file/8242a2ba8a73683c7f35f98f63d612d5ec06be854a79bfe983335dd2e341203b/detection

http://45.61.136.31

# Reference: https://www.virustotal.com/gui/ip-address/193.143.1.19/relations
# Reference: https://www.virustotal.com/gui/file/fe3db68d64b4214bda5b43ecaa8ba0fa837971db28b4dea8a49ccaac7cade8c0/detection

193.143.1.19:8769
boomhavoc.r-e.kr
iottest.n-e.kr

# Reference: https://x.com/TuringAlex/status/1899805570716278993

santasbigcandycane.ru
nfs.santasbigcandycane.ru
re.santasbigcandycane.ru

# Reference: https://x.com/redrabytes/status/1899929255833985475
# Reference: https://www.virustotal.com/gui/file/3e26204eba90ebf94001773952658942d68746d5bf54ec9dbae52ddb9087e51b/detection
# Reference: https://www.virustotal.com/gui/file/a9e619dd276f0eb049a277db38b284da5aef9f393cab2dacf5de46e9e677183c/detection
# Reference: https://www.virustotal.com/gui/file/f658abc9567bf4b624239c09f83edf4a6d4669c48d3ec56e275544559642590d/detection

http://156.253.227.112
156.253.227.112:21
156.253.227.112:3778
45.134.39.193:6240
45.153.242.189:53
mclands.publicvm.com

# Reference: https://www.virustotal.com/gui/file/37c5cc6cfefc3c37fc912ee384099bc0697c678286d4181d1fdc65464f374f44/detection

http://54.207.152.36
cnc.freedynamicdns.net

# Reference: https://x.com/redrabytes/status/1902391700833656884
# Reference: https://x.com/Jane_0sint/status/1902765822663074209
# Reference: https://www.virustotal.com/gui/file/a6be12c3c8dd2355975f18dbeb450c1130df50f893548282b427c4933e1f15cf/detection
# Reference: https://www.virustotal.com/gui/file/af894b758b8edd357ce97f18694b405ca93c6c1e091f6d7457887530edc7c3ef/detection

http://77.90.153.218
77.90.153.218:1944

# Reference: https://x.com/redrabytes/status/1902884298622898182
# Reference: https://www.virustotal.com/gui/file/11805b5cc078dbba61400160fb56182cba34c0bb5e71ddf948ea1828c4983494/detection

http://45.144.53.177
45.144.53.177:43957
45.144.53.177:73
20b20t.com.tr
net.20b20t.com.tr

# Reference: https://x.com/redrabytes/status/1903937435039363249
# Reference: https://www.virustotal.com/gui/file/21edfc97a23615194750a6d3479925b120c3af92003975832c743b9b659cac53/detection

http://103.77.246.176
103.77.246.176:1337
103.77.246.176:3912
anti.linkpc.net

# Reference: https://x.com/redrabytes/status/1904947632587350301
# Reference: https://www.virustotal.com/gui/file/1c7ec27edb1e1b5bce7ce676777a0dd9e0bf709db0acaf7053b12b38ec03fb6c/detection
# Reference: https://www.virustotal.com/gui/file/301b58ae229d7e9e0be0363b81571f0704c9abd67738f0524ed69d52b1fff2eb/detection
# Reference: https://www.virustotal.com/gui/file/301b58ae229d7e9e0be0363b81571f0704c9abd67738f0524ed69d52b1fff2eb/detection
# Reference: https://www.virustotal.com/gui/file/b02aa7761baea80255a2b1ff688bd55d6af539d5acf39dd02d2607e9e13a3bd6/detection
# Reference: https://www.virustotal.com/gui/file/f0fe0f22eed4d6f489e626c4b224287063cc78c0bc05552d0df0f87849192d12/detection

http://87.121.84.145
87.121.84.145:5555

/g4za.32
/g4za.64
/g4za.arc
/g4za.arcle-hs38
/g4za.arm
/g4za.arm4
/g4za.arm4l
/g4za.arm4t
/g4za.arm4tl
/g4za.arm4tll
/g4za.arm5
/g4za.arm5l
/g4za.arm5n
/g4za.arm6
/g4za.arm64
/g4za.arm6l
/g4za.arm7
/g4za.arm7l
/g4za.arm8
/g4za.armv4
/g4za.armv4l
/g4za.armv5l
/g4za.armv6
/g4za.armv61
/g4za.armv6l
/g4za.armv7l
/g4za.dbg
/g4za.exploit
/g4za.i4
/g4za.i486
/g4za.i586
/g4za.i6
/g4za.i686
/g4za.kill
/g4za.m68
/g4za.m68k
/g4za.mips
/g4za.mips64
/g4za.mipseb
/g4za.mipsel
/g4za.mpsl
/g4za.pcc
/g4za.powerpc
/g4za.powerpc-440fp
/g4za.powerppc
/g4za.pp-c
/g4za.ppc
/g4za.ppc2
/g4za.ppc440
/g4za.ppc440fp
/g4za.root
/g4za.root32
/g4za.sh
/g4za.sh4
/g4za.sparc
/g4za.spc
/g4za.ssh4
/g4za.x32
/g4za.x32_64
/g4za.x64
/g4za.x86
/g4za.x86_32
/g4za.x86_64

# Reference: https://x.com/redrabytes/status/1904939950535029145
# Reference: https://www.virustotal.com/gui/file/f0fe0f22eed4d6f489e626c4b224287063cc78c0bc05552d0df0f87849192d12/detection
# Reference: https://www.virustotal.com/gui/file/53bf72223d0aed45c73e93e6fa66dfd9a65a9c598b73e7570976f36a755b511b/detection

http://185.194.205.79
185.194.205.79:1337
185.194.205.79:61003
185.194.205.79:61005
syncnet.cc

# Reference: https://x.com/redrabytes/status/1905240181688369158
# Reference: https://www.virustotal.com/gui/file/2916e88e9ff9368955c6104d469b0ff550cc6656b847465a298531df15028a8e/detection
# Reference: https://www.virustotal.com/gui/file/5d8bdc433225bdb9efeb4e5127b25d0b60a198927ce1bea410089dab4ba82359/detection
# Reference: https://www.virustotal.com/gui/file/9ad43929c89163f6f3de9cd348c0d02dc9cae1b4179b0305d3e8a6bf5cdf00a0/detection

http://196.251.86.49
176.65.142.137:12345
176.65.142.137:3778
196.251.86.49:36063
196.251.86.49:60195
belvedereh.vip
jimmyudp-raw.xyz

# Reference: https://any.run/cybersecurity-blog/gorillabot-malware-analysis/
# Reference: https://www.virustotal.com/gui/file/420804c14431b28bd371dc8fcd4908482e0658ecb902149dbbe6ce87f4a60b3f/detection
# Reference: https://www.virustotal.com/gui/file/c9eb9d62c79cfb09f968867497a3645ba5723f533dedf66918116b4efdf46a4d/detection

http://193.143.1.70
15.197.206.168:7777
154.216.19.139:38242
172.65.239.124:7777
185.170.144.84:38242
94.156.177.61:38242

# Reference: https://x.com/redrabytes/status/1905408740393705850
# Reference: https://x.com/redrabytes/status/1905613254212145414
# Reference: https://www.virustotal.com/gui/file/f2bf5eee38a33cfc47757dfa2c5f9c41ee6d2d9e65968de8cd4cace669a49e35/detection
# Reference: https://www.virustotal.com/gui/file/ada106db97b095fdbf5aa8c3d1627c38fb1d4ccff69502c1b4c90306e8930dcc/detection

http://46.203.233.30
46.203.233.30:1337
46.203.233.30:8080
46.203.233.30:9931
fran2.vpnhome.org

# Reference: https://x.com/redrabytes/status/1905406139044364296
# Reference: https://www.virustotal.com/gui/file/069ddc8a39284967f4c5d514463d33674cf955e7cb976456de76f7552e5061b1/detection

http://198.98.51.68
198.98.51.68:1302
198.98.51.68:21
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.32
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.64
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arcle-hs38
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm4
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm4l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm4t
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm4tl
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm4tll
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm5
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm5l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm5n
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm6
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm64
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm6l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm7
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm7l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.arm8
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv4
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv4l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv5l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv6
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv61
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv6l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.armv7l
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.dbg
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.exploit
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.i4
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.i486
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.i586
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.i6
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.i686
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.kill
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.m68
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.m68k
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.mips
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.mips64
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.mipseb
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.mipsel
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.mpsl
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.pcc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.powerpc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.powerpc-440fp
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.powerppc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.pp-c
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.ppc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.ppc2
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.ppc440
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.ppc440fp
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.root
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.root32
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.sh
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.sh4
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.sparc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.spc
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.ssh4
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x32
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x32_64
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x64
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x86
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x86_32
/GODLYBINSNIGGAYOUCANTCRACKTHESEBITCH11111222268.x86_64

# Reference: https://threatfox.abuse.ch/browse/tag/Mirai/ (# 2025-03-29)

1.70.127.236:50363
102.33.105.87:52893
102.33.80.182:55097
103.130.214.198:1625
103.135.45.110:99
103.142.27.125:56999
103.180.236.30:38964
103.199.180.156:41217
103.199.200.252:50618
103.199.202.192:34560
103.203.72.139:54517
103.203.72.227:35974
103.207.124.49:46918
103.207.125.52:52052
103.207.125.55:59495
103.207.125.5:60171
103.208.230.41:42929
103.214.71.65:1311
103.214.71.65:1337
103.214.71.66:1311
103.214.71.66:1337
103.214.71.67:1311
103.214.71.67:1337
103.214.71.72:1311
103.214.71.72:1337
103.214.71.8:9931
103.247.52.197:54146
103.247.6.98:48449
103.39.108.224:101
103.77.246.176:56412
103.83.86.117:36063
103.98.152.120:101
103.98.38.150:54377
103.98.38.173:56392
104.168.101.23:61617
104.168.101.23:8976
104.168.101.27:3277
104.234.168.3:8080
104.234.168.45:10000
104.234.168.45:1337
104.234.168.45:8080
104.234.168.49:1337
104.234.168.59:10000
104.236.57.252:1337
104.248.155.103:1543
104.248.47.182:1440
104.248.47.182:1945
104.248.47.182:1990
104.248.47.182:2840
104.248.47.182:38241
104.248.47.182:5034
104.248.47.182:911
106.107.241.212:47623
106.56.138.202:48749
106.58.150.133:33279
107.172.206.67:1312
107.172.218.188:1731
107.189.19.106:1311
107.189.19.106:1401
107.189.26.194:10000
107.189.31.150:1302
107.189.4.201:101
107.189.4.201:1995
109.104.153.181:1291
109.104.153.181:1337
109.106.142.43:63571
109.71.252.20:1337
110.182.251.206:48030
110.4.2.45:40167
112.246.113.161:33031
112.248.111.119:36350
112.248.113.107:55163
113.0.160.113:49910
113.102.128.211:33304
113.221.46.223:55136
113.227.55.2:49289
113.238.77.36:44848
113.24.190.27:37171
113.26.224.128:35030
113.88.192.179:44301
113.92.223.14:52517
115.51.125.28:45283
115.52.1.50:52982
115.52.27.174:45019
115.52.4.200:38212
115.54.144.221:48998
115.55.193.94:34009
115.55.218.128:59100
115.55.223.75:46811
115.55.224.32:52276
115.55.63.117:56833
115.55.94.214:50119
115.56.159.197:48902
115.58.83.170:34050
115.58.95.45:36272
115.59.29.86:44835
115.60.22.211:6288
115.61.97.186:55839
116.24.80.59:45796
117.192.233.78:54812
117.192.38.155:33392
117.194.245.162:57054
117.196.174.241:44590
117.197.225.182:45108
117.198.9.121:50702
117.202.65.36:39376
117.204.164.49:49599
117.205.81.77:49115
117.206.138.22:59568
117.206.73.192:60308
117.207.10.248:45625
117.208.136.230:38944
117.208.170.74:41721
117.209.11.133:42279
117.209.25.46:48771
117.209.3.106:60251
117.209.3.142:39989
117.209.6.187:55387
117.209.8.4:43696
117.209.80.4:43284
117.209.82.113:55042
117.209.83.6:35134
117.209.89.62:57875
117.209.92.77:46342
117.209.93.126:56189
117.209.93.15:43524
117.211.215.108:54426
117.211.252.219:37949
117.211.37.103:47570
117.211.47.205:38103
117.213.118.134:46045
117.213.91.210:52217
117.215.139.182:51124
117.215.248.227:49380
117.215.249.82:60479
117.216.63.251:35782
117.219.38.85:40373
117.219.42.125:46735
117.219.95.230:35434
117.221.254.202:40116
117.221.50.51:41440
117.222.116.244:41658
117.223.0.185:55666
117.235.121.255:39779
117.235.125.56:34821
117.235.145.183:41693
117.235.98.5:33920
117.241.178.228:48244
117.242.225.203:36517
117.242.233.237:36798
117.248.161.189:60409
117.248.162.244:32769
117.252.171.152:39287
117.253.101.22:38568
117.253.107.77:57419
117.253.13.241:48773
117.253.153.168:53642
117.254.60.135:53159
117.254.61.73:56761
117.254.96.59:42843
117.255.180.48:60563
117.255.185.229:53335
117.255.98.244:39330
119.115.244.219:37800
119.116.36.65:40937
119.143.165.164:49382
119.179.222.75:35778
120.56.5.189:42658
120.61.19.167:59009
120.61.239.166:45010
120.61.24.196:49076
120.61.68.97:50907
121.237.167.31:52360
121.31.179.25:40498
123.10.209.103:37811
123.11.76.90:36536
123.12.10.11:41620
123.13.100.146:34694
123.4.44.42:44782
123.5.127.175:49108
123.8.191.141:38869
123.9.218.164:44456
123.9.47.122:50013
125.106.32.67:33860
125.126.165.232:48009
125.41.2.112:57140
125.46.233.44:48478
125.62.199.32:47483
128.0.118.23:1337
128.0.118.51:1337
128.199.35.104:1292
128.199.35.104:1311
128.199.35.104:1401
128.199.56.142:1311
128.199.56.142:1401
128.254.207.40:1286
128.254.207.40:1337
134.122.50.242:1311
134.122.50.242:1401
134.122.53.54:1311
134.122.53.54:1401
134.209.241.33:1311
134.209.241.33:1401
135.148.129.33:666
135.148.129.37:7070
137.184.37.183:1311
137.184.37.183:1401
138.124.123.156:1337
138.68.156.151:1311
138.68.156.151:1401
139.59.226.19:1293
139.59.226.19:1311
139.59.226.19:1401
139.59.45.165:1311
139.59.45.165:1401
139.59.46.142:1311
139.59.46.142:1401
14.155.188.14:60552
141.11.25.78:1312
141.98.10.122:8080
142.93.173.110:1311
142.93.173.110:1401
143.110.229.153:1311
143.110.229.153:1401
143.198.201.134:1311
143.198.201.134:1401
144.172.73.45:9931
144.172.91.73:1311
144.172.91.73:1401
146.190.30.159:1311
146.190.30.159:1401
147.135.3.193:8080
147.135.99.254:666
147.182.241.94:1311
147.182.241.94:1401
147.45.193.108:1995
154.12.94.68:1995
154.213.200.12:1289
154.213.200.12:1337
154.23.163.214:1995
156.229.232.154:51325
157.10.45.96:1337
157.245.56.174:1311
157.245.56.174:1388
157.245.56.174:1401
158.69.129.109:1337
158.69.129.111:10000
158.69.175.235:1294
158.69.175.235:1337
159.223.74.127:1311
159.223.74.127:1401
159.223.83.97:59666
159.223.85.44:1311
159.223.85.44:1401
159.89.123.72:1311
159.89.123.72:1401
159.89.198.214:1311
159.89.198.214:1401
159.89.227.55:1311
159.89.227.55:1401
160.191.245.128:56999
160.191.245.152:5555
160.22.161.157:56999
161.248.55.89:43799
162.19.192.198:6643
162.248.102.170:1337
164.90.151.97:1311
164.90.151.97:1401
165.140.8.5:10000
165.22.116.233:1311
165.22.116.233:1401
165.22.227.75:1311
165.22.227.75:1401
167.172.160.222:1311
167.172.160.222:1401
167.172.35.36:1311
167.172.35.36:1401
167.172.73.72:1311
167.172.73.72:1401
167.99.190.4:1311
167.99.190.4:1401
168.235.111.72:853
170.64.170.215:1311
170.64.170.215:1401
170.64.198.196:1311
170.64.198.196:1401
170.64.205.51:1311
170.64.205.51:1401
170.64.221.8:1311
170.64.221.8:1401
170.64.224.151:1311
170.64.224.151:1401
170.64.235.124:1311
170.64.235.124:1401
172.38.0.225:57458
172.86.73.60:1309
175.107.2.115:39790
175.146.50.170:41336
175.147.153.77:56158
175.151.249.161:57469
175.165.85.242:46873
175.165.85.9:59780
175.165.86.112:48144
175.167.103.224:36316
175.167.87.156:56721
175.173.163.156:53659
175.175.99.41:50780
175.30.105.177:45773
176.36.148.87:45781
176.65.134.15:38242
176.65.134.62:3778
176.65.134.62:7777
176.65.137.13:1312
176.65.144.232:3778
176.65.144.243:64431
176.97.114.233:10000
177.12.94.85:57984
178.176.107.243:47624
178.177.200.61:59965
178.245.232.95:41311
179.61.253.95:2052
180.119.109.53:36724
182.113.201.173:55203
182.114.198.97:49346
182.114.35.96:48433
182.117.104.254:55710
182.117.108.1:33433
182.117.26.62:32987
182.117.70.102:48561
182.118.144.168:57583
182.118.159.138:33519
182.120.49.245:49337
182.121.252.121:56583
182.124.34.64:59215
182.127.132.174:36948
182.127.3.198:42537
182.53.98.8:51939
183.240.211.144:36008
185.106.123.117:1521
185.106.123.122:1521
185.112.102.12:3778
185.121.15.44:1295
185.121.15.44:1337
185.121.15.49:1311
185.121.15.49:1337
185.14.92.169:1337
185.14.92.70:1337
185.183.98.251:5555
185.186.26.126:9090
185.196.10.75:10000
185.196.11.216:17777
185.198.234.221:1337
185.198.58.166:1298
185.198.58.166:1337
185.208.158.228:5150
185.208.159.200:1337
185.220.204.227:1440
185.220.204.227:1945
185.220.204.227:1990
185.220.204.227:2840
185.220.204.227:38241
185.220.204.227:5034
185.220.204.227:911
185.224.0.240:3778
185.228.81.250:9090
185.232.205.104:5555
185.244.150.136:1486
185.244.150.142:1457
185.248.12.129:53782
185.91.69.142:1337
185.95.159.125:5000
188.38.3.30:49263
189.174.81.167:34577
190.110.176.83:34928
191.29.133.216:39840
192.10.163.76:41479
193.143.1.118:3093
193.17.183.20:1308
193.17.183.20:1337
193.200.78.41:888
193.200.78.41:8888
193.32.162.27:18129
193.32.162.27:7331
194.107.126.7:123
194.107.126.7:2222
194.107.126.7:23
194.107.126.7:25
194.107.126.7:3333
194.107.126.7:99
194.15.36.12:7331
194.15.36.154:1337
194.36.191.25:1470
194.85.251.31:5555
194.85.251.42:1337
194.85.251.75:1337
194.85.251.76:1999
194.85.251.79:10002
194.85.251.79:11101
194.85.251.79:1311
194.85.251.79:15443
194.85.251.79:16765
194.85.251.79:1801
194.85.251.79:18245
194.85.251.79:18673
194.85.251.79:1949
194.85.251.79:2096
194.85.251.79:2281
194.85.251.79:4369
194.85.251.79:5000
194.85.251.79:5061
194.85.251.79:5324
194.85.251.79:5671
194.85.251.79:5985
194.85.251.79:6362
194.85.251.80:1311
194.85.251.80:14265
194.85.251.80:14326
194.85.251.80:15568
194.85.251.80:16993
194.85.251.80:17761
194.85.251.80:17763
194.85.251.80:18246
194.85.251.80:18444
194.85.251.80:1961
194.85.251.80:1963
194.85.251.80:20548
194.85.251.80:2080
194.85.251.80:2086
194.85.251.80:2143
194.85.251.80:22222
194.85.251.80:22585
194.85.251.80:3260
194.85.251.80:3389
194.85.251.80:5957
194.85.251.80:5977
194.85.251.80:6007
194.85.251.80:6238
194.85.251.80:6362
194.85.251.80:8088
194.85.251.80:9599
194.85.251.81:1337
194.85.251.82:1337
194.85.251.83:1337
194.85.251.84:1337
194.85.251.85:1337
194.85.251.86:1337
194.85.251.87:1337
194.85.251.88:1337
194.85.251.89:1337
194.85.251.90:1337
194.85.251.91:1337
194.85.251.92:1337
194.85.251.93:1337
194.85.251.95:1337
194.85.251.96:1337
194.87.198.253:1337
194.87.47.34:1337
195.178.110.224:8888
195.189.226.165:5000
195.189.227.167:5000
196.251.67.134:13
196.251.81.246:2222
196.251.83.83:1337
196.251.87.118:1337
196.251.88.47:9999
196.251.90.117:1337
196.251.90.12:1337
196.251.90.150:17383
196.251.90.76:1337
196.251.91.59:1337
198.251.81.124:1337
198.251.84.77:1337
198.251.89.178:6969
198.27.107.169:666
198.50.200.192:10000
198.50.200.192:1737
198.91.25.130:10000
198.98.50.251:1337
198.98.50.251:2214
199.195.248.181:1311
199.195.248.181:1337
199.195.248.181:2214
199.195.251.203:1337
199.195.252.167:1337
1adminmctopiamc1.pl
2.56.165.139:1338
2.57.19.42:1337
202.66.165.57:37801
204.76.203.172:1962
204.76.203.173:1311
204.76.203.173:1337
204.76.203.173:1962
204.76.203.175:1311
204.76.203.175:1337
204.76.203.175:1962
204.76.203.183:1338
204.76.203.188:1337
204.76.203.188:1338
204.76.203.188:1962
205.185.117.18:3778
205.185.125.185:1999
206.189.4.45:1311
206.189.4.45:1401
206.189.46.226:1311
206.189.46.226:1401
206.81.2.56:1311
206.81.2.56:1401
206.85.166.130:60915
209.141.33.129:1338
209.141.33.93:10000
209.141.36.93:3778
209.141.52.230:1338
209.141.52.230:7331
209.141.59.9:3778
209.141.62.176:1338
209.200.246.80:1311
209.38.27.236:1311
209.38.27.236:1401
209.38.30.238:1311
209.38.30.238:1401
211.148.104.167:52824
211.223.79.89:54774
212.192.12.51:1337
212.64.199.191:1312
213.209.129.101:5378
213.209.129.101:6578
213.209.129.92:32891
213.209.129.92:5253
213.209.129.92:8372
213.209.150.48:1337
216.146.25.49:1298
216.146.25.49:1337
216.146.25.64:1311
216.73.158.27:1293
216.73.158.27:1337
217.195.153.175:1311
217.195.153.175:1337
217.195.153.175:1962
217.195.153.175:2214
217.208.204.56:58447
219.155.80.144:40272
219.157.18.92:50458
219.157.59.83:42100
220.201.40.154:35147
221.15.17.107:56362
221.225.231.34:51688
222.136.140.83:42846
222.136.153.49:37336
222.138.110.180:56898
222.140.158.251:49005
222.142.203.59:37324
222.241.48.205:39319
223.10.11.208:48203
223.11.57.128:45732
223.151.254.216:48398
223.8.213.139:59247
23.146.184.61:3778
23.94.235.18:45
27.0.217.195:40090
27.11.25.87:49021
27.153.201.216:52132
27.202.227.227:55412
27.207.91.1:54720
27.215.53.150:51484
27.37.24.214:44588
31.13.248.173:1337
31.171.131.83:1995
31.56.39.115:1338
31.56.7.102:1995
31.56.7.16:1337
31.56.7.197:2052
31.56.7.201:2052
31.59.131.238:3778
36.100.18.17:47929
36.97.146.17:42561
37.221.93.92:1337
37.59.181.218:10000
37.59.181.219:666
38.135.54.193:1337
39.65.95.187:56298
39.79.149.147:37298
42.179.52.120:58287
42.224.212.231:36875
42.224.249.106:41101
42.225.47.110:49573
42.227.34.15:48586
42.229.168.116:59094
42.232.82.206:32807
42.235.154.113:52266
42.235.171.56:58076
42.235.187.127:42753
42.237.23.104:41135
42.238.141.143:54380
42.238.244.143:48953
42.54.196.157:60860
42.85.175.44:58023
45.11.229.125:1338
45.11.229.248:42069
45.11.92.73:56999
45.123.188.143:1337
45.125.66.124:69
45.129.199.194:1337
45.13.225.196:1337
45.137.198.33:1234
45.137.198.33:4123
45.137.198.33:888
45.137.198.33:8888
45.137.207.144:22
45.139.104.149:1337
45.14.224.97:1311
45.14.224.97:1401
45.140.188.188:1338
45.140.188.62:51894
45.140.188.81:2052
45.144.54.160:6349
45.147.251.145:1440
45.147.251.145:1945
45.147.251.145:1990
45.147.251.145:2840
45.147.251.145:38241
45.147.251.145:5034
45.147.251.145:911
45.15.158.6:81
45.164.177.102:11462
45.164.177.162:11406
45.164.177.171:11875
45.164.177.197:10761
45.178.250.90:10012
45.192.102.5:1995
45.39.70.13:2969
45.45.237.44:1337
45.61.169.138:1299
45.61.169.138:1337
45.61.169.138:2214
45.86.155.252:1337
45.87.43.193:1311
45.87.43.193:1401
45.87.43.24:1311
45.87.43.24:1401
45.88.9.226:1338
45.90.12.222:1337
45.90.219.246:7968
46.101.121.254:1311
46.101.121.254:1401
46.19.143.10:1945
46.19.143.10:1990
46.19.143.10:2840
46.247.108.131:8080
5.181.177.211:2052
5.181.177.86:1995
5.230.29.46:1337
5.83.218.12:3778
51.38.137.108:47925
51.79.123.249:10000
51.81.104.118:1195
51.81.65.105:666
51.81.65.106:10000
58.47.43.12:36940
59.182.111.124:39264
59.182.126.26:54200
59.182.141.128:44016
59.183.32.14:49220
59.184.253.188:49645
59.184.68.24:43986
59.54.88.94:52777
59.88.1.26:56681
59.88.140.173:38095
59.88.178.88:36198
59.88.19.247:47235
59.88.251.39:50463
59.88.45.23:56107
59.89.183.33:52864
59.89.217.42:59628
59.89.239.173:36150
59.89.25.168:58462
59.91.90.29:51476
59.92.82.100:42181
59.93.130.217:56601
59.94.44.209:46006
59.95.83.73:43363
59.95.85.40:54677
59.95.88.105:50906
59.97.116.251:49522
59.97.119.33:59147
59.97.250.137:40681
59.97.255.106:41489
59.99.138.28:50889
59.99.210.136:37742
59.99.215.123:45986
59.99.220.103:58712
60.189.244.224:57217
60.19.7.201:39589
60.211.6.44:53596
60.22.41.223:44668
60.23.238.191:40709
61.0.144.92:38397
61.137.175.45:39874
61.2.151.2:53491
61.3.103.72:51543
61.3.172.163:50809
61.3.208.200:39691
61.52.229.192:44320
61.52.50.93:58017
61.52.54.208:47257
61.53.140.37:55039
61.53.93.196:55428
61.54.206.124:36242
62.60.156.32:1337
62.60.157.244:10000
62.60.232.98:1337
62.60.248.116:7193
64.225.52.129:1301
64.225.52.129:1311
64.225.52.129:1401
67.159.18.50:1995
68.183.34.11:1311
68.183.34.11:1401
74.50.81.60:1337
78.187.17.22:38637
78.189.35.154:60732
78.40.117.13:60255
79.124.60.85:3277
79.124.60.85:61617
80.76.49.221:1337
80.78.25.185:2115
81.92.223.20:1311
81.92.223.20:1401
82.23.183.119:10000
82.23.183.119:7070
82.23.183.119:8080
82.29.61.37:1024
83.168.107.32:2137
83.48.200.74:34174
87.121.105.102:2052
87.121.61.24:1311
87.121.61.24:1337
87.121.84.100:1337
87.121.84.101:1337
87.121.84.102:1337
87.121.84.103:1337
87.121.84.104:1337
87.121.84.105:1337
87.121.84.106:1337
87.121.84.107:1337
87.121.84.108:1337
87.121.84.109:1337
87.121.84.110:1337
87.121.84.111:1337
87.121.84.56:10258
87.121.84.56:11112
87.121.84.56:1311
87.121.84.56:1337
87.121.84.56:15256
87.121.84.56:16992
87.121.84.56:1883
87.121.84.56:1912
87.121.84.56:1961
87.121.84.56:1962
87.121.84.56:2038
87.121.84.56:20546
87.121.84.56:20722
87.121.84.56:2079
87.121.84.56:21037
87.121.84.56:21942
87.121.84.56:22705
87.121.84.56:2404
87.121.84.56:2454
87.121.84.56:38777
87.121.84.56:5985
87.121.84.56:6007
87.121.84.56:8081
87.121.84.84:10002
87.121.84.84:10259
87.121.84.84:11450
87.121.84.84:1311
87.121.84.84:1337
87.121.84.84:16561
87.121.84.84:18244
87.121.84.84:18444
87.121.84.84:2077
87.121.84.84:2086
87.121.84.84:2087
87.121.84.84:21104
87.121.84.84:2281
87.121.84.84:3389
87.121.84.84:3684
87.121.84.84:4242
87.121.84.84:4840
87.121.84.84:5061
87.121.84.84:6005
87.121.84.84:6808
87.121.84.84:8010
87.121.84.84:8387
87.121.84.84:9052
87.121.84.84:9999
87.121.84.91:1337
87.121.84.92:1337
87.121.84.94:1337
87.121.84.95:1337
87.121.84.96:1337
87.121.84.97:1337
87.121.84.98:1337
87.121.84.99:1337
88.151.195.221:1337
89.213.174.246:6666
89.213.174.246:9999
91.149.253.11:42069
91.188.254.129:1311
91.188.254.129:1337
91.244.197.12:1311
91.244.197.12:1337
91.244.197.150:1311
91.244.197.150:1337
92.246.141.75:101
93.127.132.197:1543
93.95.115.185:1337
94.154.34.34:3778
95.156.207.88:5000
95.169.203.15:1311
95.169.203.15:1401
95.169.203.245:1337
0x503.org
angela.spklove.com
axonstress.fun
azmamiraixd.duckdns.org
bakery.bloggertasher.ru
batnet.proxyapi.my.id
bbos.lol
bctabsogebtmoutsgs.duckdns.org
bigboats.icu
biggay.space
bot.dstats.org
bot.freedma.xyz
bot.gribostress.pro
bot.vpnvn4g.com
botnet.0x503.org
botnet.cinquento.publicvm.com
botnet.dexcfw.dev
botnet.tcp-bypass.ovh
botnet.voct.dev
botnet1.uapworx1.sbs
botx.tianyadd.top
c2.crucialnetworks.xyz
catfirewall.ru
cinquento.publicvm.com
cnc-boatnet.vpnvn4g.com
cnc.axonstress.fun
cnc.kotomari-vn.dev
crucialnetworks.xyz
d.qqzx.site
damn.biggay.space
deabcbecaconmougot.duckdns.org
dexcfw.dev
dstats.org
egirls.fun
ewqrt.com
feetpics.us
freedma.xyz
git.adwizy.io
gribostress.pro
hwhm.cc5.us.kg
js.telega.cn
kotomari-vn.dev
longvusro.com
mirai.cinquento.publicvm.com
net.cinquento.publicvm.com
newageofkifirempire.camdvr.org
nigga.party
niggabutt.lol
overdose.sbs
ownerbotnet.opyddos.my.id
panel.deewpn.com
pastebin.lol
pastelab.xyz
phidev.duckdns.org
prox.zematic.host
proxy-bot.sensesecurity.vip
qqzx.site
rykeen.duckdns.org
s1-node1.1adminmctopiamc1.pl
s1.1adminmctopiamc1.pl
sanctorum.site
scan.bigboats.icu
secure.overdose.sbs
sensesecurity.vip
server1988.ignorelist.com
servicesssl.linkpc.net
specbot.duckdns.org
spklove.com
srolangvan.com
srv.vlrt-gap.com
ssh.getsolara.info
subzerox5.duckdns.org
tcp-bypass.ovh
tcp.bbos.lol
touchable.lol
toxic-c2.de
trumpsha.mypi.co
uapworx1.sbs
ubuntu.tel
uthinker.ddns.cam
voct.dev
vpnvn4g.com
wanyuyugg.top
xjust.xyz
yn.noyoo.cn
yunger.ddns.cam
zcjs888.cfd
zematic.host

# Reference: https://x.com/redrabytes/status/1907220721702428808
# Reference: https://www.virustotal.com/gui/file/ebef1d4454b35526aa8179723eaa64d5935edc165d6b8444ced2deb79b6142b5/detection

http://176.65.142.252
176.65.142.252:2222
176.65.142.252:3333
176.65.142.252:7575
galaxias.cc
cbot.galaxias.cc

# Reference: https://app.validin.com/detail?find=wget.sh&type=dom&ref_id=3d60ea46bc5#tab=host_pairs (# 2025-04-02)

adesso-online.com
ora-0-web.com
profileupdate.info
visionproxy.cc
webprocediweb.com
cnc.visionproxy.cc
cpcalendars.c.ora-0-web.com
cpcontacts.e.ora-0-web.com
i.web-app-on.com
nuklearcnc.duckdns.org
aa.104-168-101-27.cprapid.com
webmail.adesso-online.com
webmail.webprocediweb.com

# Reference: https://app.validin.com/detail?find=wget.sh&type=dom&ref_id=3d60ea46bc5#tab=host_pairs (# 2025-04-02)

http://104.245.240.190
http://121.122.2.153
http://132.145.111.234
http://15.235.210.152
http://154.216.18.46
http://176.65.140.155
http://176.65.142.252
http://185.142.53.190
http://196.251.83.185
http://213.209.150.115
http://43.229.76.69
http://45.95.147.172
http://45.95.147.179
http://46.19.143.12
http://46.19.143.14
http://46.4.114.226
http://46.4.114.252
http://50.99.83.204
http://66.181.38.163
http://66.63.187.69
http://74.50.84.248
http://87.236.95.134
http://94.156.167.35
http://94.156.227.74

# Reference: https://app.validin.com/detail?find=gavno.txt&type=dom&ref_id=68ec3ff03c2#tab=host_pairs (# 2025-04-02)

http://195.133.1.141

# Reference: https://www.virustotal.com/gui/file/224b1f16c265acff7f2102d838f2364d1f4409ba20da1e2f7307c9b0eb6aaf17/detection

185.196.10.127:8888

# Reference: https://x.com/redrabytes/status/1907572737356312706
# Reference: https://www.virustotal.com/gui/file/04533604daabc3b5b8e00987ee5c723856dd2a6754278a281c25e7992a16def6/detection

http://84.201.20.155
84.201.20.155:21
84.201.20.155:3378

# Reference: https://x.com/redrabytes/status/1913221465425555499
# Reference: https://x.com/redrabytes/status/1913727428578738358
# Reference: https://www.virustotal.com/gui/file/4d5db037e6bff4eb0bb8f808e293ba77679d60bfb229259bd3b3bbb64064089b/detection

http://66.63.187.82
66.63.187.82:21
66.63.187.82:3403
66.63.187.82:39497
66.63.187.82:6666

# Reference: https://x.com/banthisguy9349/status/1913909985945190712

http://103.163.119.220
http://103.178.235.240
http://103.83.86.170
http://104.168.101.27
http://107.150.0.103
http://107.172.206.67
http://107.173.143.15
http://147.45.193.108
http://154.81.179.195
http://156.253.227.62
http://165.232.115.145
http://173.234.28.237
http://176.65.137.13
http://176.65.137.221
http://176.65.138.240
http://176.65.140.174
http://176.65.141.183
http://176.65.142.252
http://176.65.144.193
http://176.65.144.232
http://176.65.144.253
http://176.65.144.96
http://179.43.182.115
http://185.142.53.233
http://192.241.146.135
http://196.251.71.100
http://196.251.80.200
http://198.23.212.246
http://209.141.33.93
http://213.209.143.24
http://216.9.224.47
http://217.114.43.149
http://31.58.51.98
http://45.141.26.96
http://45.221.96.15
http://45.221.96.37
http://45.83.207.17
http://61.7.209.115
http://66.187.4.77
http://66.63.187.82
http://68.183.55.5
http://84.201.20.53
http://89.187.28.82
176.65.144.193:8080
213.209.143.24:8080
0x503.3738.org
botnetci31.duckdns.org
zorg-c2.duckdns.org
eversioneweb.com
gestisciweb.com
mail.oraonweb.com
multi-canale.com
webmail.a.multi-canale.com
webdisk.f.multi-canale.com
versioneonline.com
web-app-on.com
mail.h.web-app-on.com
cpanel.web-app-on.com
mail.web-app-on.com
webmail.web-app-on.com
autodiscover.web-app-on.com
listen.suized.to
bongtak.n-e.kr
net-killer.cameraddns.net

# Reference: https://x.com/redrabytes/status/1913943577417113905

103.178.235.240:3778
103.178.235.240:9555
103.77.241.250:2023
103.77.241.250:2025
104.168.101.27:1412
104.168.101.27:3211
176.65.137.221:12312
176.65.137.221:41214
176.65.138.240:3778
176.65.140.174:1337
176.65.140.174:1995
176.65.141.183:101
176.65.141.183:15390
176.65.142.252:25634
176.65.144.193:26425
176.65.144.193:44115
176.65.144.253:12972
176.65.144.253:9654
185.196.9.222:2211
185.196.9.222:7733
192.241.146.135:3778
192.241.146.135:9555
196.251.71.29:25478
196.251.71.29:41277
196.251.71.29:56412
196.251.80.200:1312
196.251.80.200:3912
205.185.125.181:420
205.185.125.181:56412
213.209.143.24:34411
216.9.224.47:1312
216.9.224.47:3912
31.58.51.98:24529
31.58.51.98:59999
51.38.137.114:3771
51.38.137.114:3778
61.7.209.115:207
61.7.209.115:3211
89.187.28.82:3778
argus-services.xyz
starivel.com
url-longer.click
bot.argus-services.xyz
main.url-longer.click

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2025-05-04)

103.136.43.20:47524
103.245.231.12:7198
103.77.241.152:2023
103.77.241.152:2024
103.83.86.26:23
104.103.92.35:6958
104.131.117.190:51413
104.234.168.3:111
104.85.39.31:6958
104.96.146.61:6958
111.182.234.93:30301
112.121.151.104:1434
112.246.160.45:8000
113.25.209.204:30301
113.9.125.219:14204
115.63.251.69:8082
116.68.97.58:6256
117.195.84.95:20759
117.212.166.143:6881
120.85.93.244:15122
123.56.185.43:9150
128.199.208.158:8456
138.201.253.6:51413
139.162.242.225:3778
139.99.133.178:6881
146.19.143.149:1338
148.113.216.206:22
148.64.64.237:6881
15.235.22.79:22
150.241.99.36:9999
160.187.146.122:56999
161.248.238.54:1995
176.65.137.13:3778
176.65.140.37:1312
176.65.141.182:15390
176.65.142.122:3778
176.65.144.18:1337
176.65.144.18:420
176.65.144.197:443
176.65.144.253:56999
176.65.144.96:26425
176.65.148.181:12121
176.65.148.181:80
176.65.148.219:3128
177.91.21.88:34110
178.72.75.241:18970
185.107.95.68:28109
185.12.204.106:22
185.14.92.142:8080
185.14.92.169:9182
185.173.37.138:8443
185.196.11.216:9876
185.198.234.139:7198
188.209.56.49:28100
188.209.56.7:28046
193.200.78.28:33966
193.200.78.62:9090
194.0.234.223:8080
194.110.247.90:15390
194.62.248.235:8080
194.62.248.58:10000
195.66.213.237:10000
196.251.69.157:6667
196.251.84.250:5555
196.251.89.29:6729
196.251.91.59:6930
198.251.81.124:2115
198.251.81.124:9999
198.251.81.204:1337
200.73.138.20:34156
205.185.117.53:3778
209.141.33.93:5538
209.141.34.106:12121
209.141.34.106:60195
209.141.37.88:10938
209.141.43.206:3778
209.141.50.64:12121
209.141.60.63:1337
213.209.129.92:34241
213.209.129.92:5555
222.133.85.137:8000
23.38.156.99:6958
250.batcom.top
27.194.84.29:8081
27.202.255.111:8081
31.58.58.130:9090
37.114.63.145:61807
37.27.117.170:8888
39.89.147.248:8082
43.250.173.2:1995
45.125.65.119:443
45.90.12.219:1337
46.232.210.29:12509
5.231.70.29:47524
51.81.104.125:1337
59.89.220.90:48489
59.92.161.114:56652
59.92.163.151:6881
59.99.197.255:57616
62.60.155.231:3128
62.60.248.138:6666
67.205.137.180:38975
67.205.137.180:41829
74.50.81.60:7331
77.163.38.24:51417
80.94.92.144:1337
84.201.20.155:3778
84.53.216.128:3585
86.54.42.116:10000
87.121.84.103:9090
87.121.84.207:9931
87.121.84.211:8080
87.121.84.215:9090
87.121.84.216:9090
87.121.84.217:9090
87.121.84.37:7331
87.121.84.51:9090
89.168.81.122:443
91.196.35.171:7578
91.239.77.159:28820
92.112.125.86:2052
92.112.125.88:2052
92.122.106.145:6958
asdflasdfasdfasdf.kro.kr
booooooty.duckdns.org
bot.chinaddos.vip
bot.zwntl.cn
botnet.getsolara.info
botnet.nightcnc.space
botnet.phatdepzai.site
botnet9.ddns.net
bytemirai.duckdns.org
cloud.glowman554.gq
connect.antiwifi.dev
data.hello4443.xyz
dvrhelper.anondns.net
eicp.byxwgimpbwiskniw.info
fiushion.online
foxthreatnointel.vip
galaxias.cc
game.herabig.com
get.pinkobmen.com
hailcock.gotdns.ch
heibeo-cnc.duckdns.org
hjfdjkahfkejw.chickenkiller.com
hostsrvtogoodnews.camdvr.org
huyhoangluvnhi.duckdns.org
huyxingum.mikustore.net
i.30x.ru
intenseproxy.zip
izumi-sv.f5.si
jojoasmr.xyz
js.kzlyxu.cn
kamru.ru
kamru.su
load.societynetwork.xyz
lorda.hopto.org
main.jojoasmr.xyz
mirai666.chickenkiller.com
miraisucks.anondns.net
mywebh.kro.kr
neon.galaxias.cc
neugumma.makeup
neugumma.monster
neugumma.my
niekot.xyz
nnbotnet.duckdns.org
pangacnc.com
project4443.xyz
pwirn.cc
ram.niekot.xyz
raw.foxthreatnointel.vip
raw.intenseproxy.zip
rrr.shenron.pw
rse.pwirn.cc
rustbot.anondns.net
sapoud.ddns.net
server.neugumma.makeup
server.neugumma.monster
service.neugumma.my
shenron.pw
shoptool.store
snowsro.com
societynetwork.xyz
srohoahong.com
srovuongtu.com
techsupport.anondns.net
tranixxio.org
ukrainianhorseriding.kamru.su
uracnc.duckdns.org
vip.tranixxio.org
vnc.8b8o.com
web.project4443.xyz
zabo.0x504.com

# Reference: https://x.com/skocherhan/status/1919197707941421081
# Reference: https://www.virustotal.com/gui/file/f88e4aa10cd00c17969a9097292353b13a76b9101baedde9e19589ce3eeac183/detection
# Reference: https://www.virustotal.com/gui/file/c2099d0fa237c070da657eb87795477497a962bee69a7a573d7c0c813a9eeac8/detection

http://152.53.253.130
152.53.253.130:5000

# Reference: https://www.virustotal.com/gui/file/30001274ae471f8b7c1d06b63a5fab50462515493a57ca88363be15b569e67b1/detection

209.141.44.28:3778

# Reference: https://www.virustotal.com/gui/file/229261f6d2ce4e8223a014d70d2305952a88713dd7fe8b21dde58b401e158caa/detection
# Reference: https://www.virustotal.com/gui/file/0b1c8abee319782321f1789ea1673836975af359632becff392b226cd3e8dd73/detection
# Reference: https://www.virustotal.com/gui/file/30429449b235f236435a5443ced147bd83658dfc70e7fa84f693c55dc7e5f00f/detection
# Reference: https://www.virustotal.com/gui/file/5655342b0d955aecb0b1f218819a01dea22ce243c812a9aca4824cd059d17d0e/detection
# Reference: https://www.virustotal.com/gui/file/f45eb27189a5b6ac0a0eaa6c014c75e7ded7215a5c173a1521b07cad61070127/detection

http://185.127.16.86
185.127.16.86:3778

# Reference: https://www.virustotal.com/gui/file/a4e5de376bd167de6ead80db91e5681c1a3a9d735ef6bb5942087004fce0d440/detection
# Reference: https://www.virustotal.com/gui/file/a1af56c872f76eb2f3c8e76692fb3dfc84310115126d5636006dadba6dcac560/detection
# Reference: https://www.virustotal.com/gui/file/839bf38d87f24b16495a98d1a29d0967a252d1397ba50674c3cb6b8cfc539dbb/detection
# Reference: https://www.virustotal.com/gui/file/6225fdf2bcd7a2ae4e21dd69dd00f014b94dbeb319299e9b22530ea25d8aac38/detection
# Reference: https://www.virustotal.com/gui/file/3e13844b1a5f867195a4f8ebfa5211b0dc6dad423851344de876eebf9ff864c0/detection

23.95.197.208:1412

# Reference: https://www.virustotal.com/gui/file/a7c25002b7de4f6538321d73f843cd82ed15553d14ec4d8d7c035d73cd2cc92d/detection
# Reference: https://www.virustotal.com/gui/file/55dfa9573fc96c5c470b5fd27c12d4a8b14b6d30bb586c64e6b90e6847557d18/detection
# Reference: https://www.virustotal.com/gui/file/08050394bcb9f306237954724ecc7d8cc7d9b5a90fed55336a6c7e323ef636de/detection

139.59.242.226:1995
betbot.mchbee.cloud

# Reference: https://x.com/skocherhan/status/1925208267992514764
# Reference: https://www.virustotal.com/gui/file/da554c106b781bfa5e6d02308d952d1b5eb23bc9e9579bfabdf28617d0338f54/detection
# Reference: https://www.virustotal.com/gui/file/49461eb4d322dd4ae8059207b3ffcd1af749ec755ec4c7cfb2bfb868000a2595/detection
# Reference: https://www.virustotal.com/gui/file/c5d17d5f7ede9e373a864c89aa358185fa7865c188d7691b643304ffd885b26c/detection

http://154.92.5.49
http://176.65.134.15
154.92.5.49:25448
27.124.34.146:25448
81.21.1.194:30120
jjiiee.com

# Reference: https://www.virustotal.com/gui/file/c12a4fd89fce99a6b08b61642ece75e1aaa3e253e66fac44910d7f76315bd4e9/detection

209.141.56.100:23
209.141.56.100:9375

# Reference: https://www.virustotal.com/gui/file/0b540ce061840ccd567120f3a88e741c61a144c20d69c401b193ce64b7eb791c/detection

http://42.112.26.36
/bombaclart

# Reference: https://www.virustotal.com/gui/file/0285d5d5e2a4f19f4a2f80b8a74be4768aeee4d97d20b771779ac429856cd933/detection
# Reference: https://www.virustotal.com/gui/file/0211abb28c2c5ecbd217342feb635a294a5fb1cda3d1690b2f198040d5d41366/detection

http://185.191.124.171
killalljews.oss

# Reference: https://www.virustotal.com/gui/file/03b51aac2a70f234e6ca70e97c9992d20bd35f204112490792b4518fc35fcbb9/detection

103.253.147.242:27651
103.253.147.242:46852
38.60.198.181:27651
21savage.dyn
eighteen.pirate

# Reference: https://www.virustotal.com/gui/file/08d63a772abb10045e2f843ecd9c2324794ba9000c848a3608ecdc8fe5be7493/detection

103.253.147.242:23789
103.253.147.242:61543
116.203.104.203:53
54.36.111.116:53
75cents.libre
fortyfivehundred.dyn
nineteen.libre

# Reference: https://www.virustotal.com/gui/file/00144016db58bfd68afbec84ea4db41b0f21e55c76cd3d66b2eacb6704a00510/detection

156.244.14.93:50464
189.126.138.170:179
74.125.250.129:19302
mineplex.libre

# Reference: https://www.trendmicro.com/en_us/research/25/f/langflow-vulnerability-flodric-botnet.html
# Reference: https://www.virustotal.com/gui/file/439f9d5a7220ddd55d30083d2372eb9e871829693ac6a0b2a3894ddcaf46d45a/detection
# Reference: https://www.virustotal.com/gui/file/08cf20e54c634f21d8708573eef7fde4dbd5d3cd270d2cb8790e3fe1f42eccec/detection

188.166.68.21:54707
206.71.149.179:54707
45.61.137.226:54707
80.66.75.121:25565
/e1x.32
/e1x.64
/e1x.arc
/e1x.arcle-hs38
/e1x.arm
/e1x.arm4
/e1x.arm4l
/e1x.arm4t
/e1x.arm4tl
/e1x.arm4tll
/e1x.arm5
/e1x.arm5l
/e1x.arm5n
/e1x.arm6
/e1x.arm64
/e1x.arm6l
/e1x.arm7
/e1x.arm7l
/e1x.arm8
/e1x.armv4
/e1x.armv4l
/e1x.armv5l
/e1x.armv6
/e1x.armv61
/e1x.armv6l
/e1x.armv7l
/e1x.dbg
/e1x.exploit
/e1x.i4
/e1x.i486
/e1x.i586
/e1x.i6
/e1x.i686
/e1x.kill
/e1x.m68
/e1x.m68k
/e1x.mips
/e1x.mips64
/e1x.mipseb
/e1x.mipsel
/e1x.mpsl
/e1x.pcc
/e1x.powerpc
/e1x.powerpc-440fp
/e1x.powerppc
/e1x.pp-c
/e1x.ppc
/e1x.ppc2
/e1x.ppc440
/e1x.ppc440fp
/e1x.root
/e1x.root32
/e1x.sh
/e1x.sh4
/e1x.sparc
/e1x.spc
/e1x.ssh4
/e1x.x32
/e1x.x32_64
/e1x.x64
/e1x.x86
/e1x.x86_32
/e1x.x86_64

# Reference: https://x.com/BlinkzSec/status/1937794015954375043
# Reference: https://urlhaus.abuse.ch/url/3570032/
# Reference: https://www.virustotal.com/gui/file/d8f44604bed0851cc46046777ddf7bb6548d6d04f344877abb435f6528a4e3d8/detection
# Reference: https://www.virustotal.com/gui/file/d1a8793d7ebf2a4710112d61a717b662dbc7befe1dbd31fad0cdee0784cde7b0/detection
# Reference: https://www.virustotal.com/gui/file/a40e8d2f50910bc36a4462bd00c660ef14b5d84c1a27fb3a20672eeb45dae984/detection

http://89.187.28.238
89.187.28.238:12121
mong666.org
b0tn3t.mong666.org
/morte.arc
/morte.arm
/morte.arm4
/morte.arm4l
/morte.arm4t
/morte.arm4tl
/morte.arm4tll
/morte.arm5
/morte.arm5l
/morte.arm5n
/morte.arm6
/morte.arm64
/morte.arm6l
/morte.arm7
/morte.arm7l
/morte.arm8
/morte.armv4
/morte.armv4l
/morte.armv5l
/morte.armv6
/morte.armv61
/morte.armv6l
/morte.armv7l
/morte.dbg
/morte.exploit
/morte.i4
/morte.i486
/morte.i586
/morte.i6
/morte.i686
/morte.kill
/morte.m68
/morte.m68k
/morte.mips
/morte.mips64
/morte.mipseb
/morte.mipsel
/morte.mpsl
/morte.pcc
/morte.powerpc
/morte.powerpc-440fp
/morte.powerppc
/morte.ppc
/morte.ppc2
/morte.ppc440
/morte.ppc440fp
/morte.root
/morte.root32
/morte.sh
/morte.sh4
/morte.sparc
/morte.spc
/morte.ssh4
/morte.x32
/morte.x64
/morte.x86
/morte.x86_32
/morte.x86_64

# Reference: https://www.virustotal.com/gui/file/44548227310e184b9d2d907ff5b25b40033edf75abcb7d5738d98060766a4bb2/detection

185.163.45.30:23
185.163.45.30:81

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2025-06-29)

http://107.150.0.18
http://198.98.59.180
http://213.209.143.44
http://91.208.206.217
103.130.212.130:38241
103.130.213.53:45
103.245.231.8:1024
103.245.231.8:7198
103.245.237.112:3007
103.252.137.107:12121
106.105.76.24:1311
108.168.17.23:1311
109.69.15.134:1311
109.69.15.140:1311
109.69.15.148:1311
109.69.15.151:1311
109.69.15.163:1311
109.69.15.218:1311
109.70.232.146:1311
109.70.234.54:1311
109.70.234.80:1311
109.71.252.111:8080
109.8.197.115:1311
116.86.217.203:1311
119.207.185.25:1311
120.86.173.46:1311
121.136.18.225:1311
121.171.78.222:1311
124.244.34.165:1311
125.228.223.50:1311
128.0.118.43:181
137.220.191.21:1311
137.220.191.26:1311
137.220.191.30:1311
137.220.191.36:1311
137.220.191.45:1311
137.220.191.51:1311
137.220.191.67:1311
137.220.191.70:1311
138.19.184.18:1311
139.59.228.111:1311
14.53.228.71:1311
141.170.215.16:1311
143.110.176.223:1311
144.172.73.33:3778
147.135.3.193:6060
147.135.3.193:7070
147.45.68.82:9000
149.115.83.82:1311
15.204.12.151:1337
15.204.132.50:6969
15.204.238.52:1337
152.89.181.226:1311
154.205.139.106:3778
156.228.232.70:1311
156.228.232.72:1311
156.228.232.73:1311
158.51.68.109:1311
158.51.68.132:1311
158.51.68.147:1311
158.51.68.152:1311
158.51.68.228:1311
158.51.68.249:1311
158.51.68.24:1311
158.51.68.48:1311
158.51.68.54:1311
158.69.129.111:181
160.119.18.57:1311
160.119.24.236:1311
160.119.4.89:1311
160.187.246.174:10022
160.187.246.174:12121
160.32.224.157:1311
160.7.243.251:1311
161.248.238.54:56999
161.248.238.54:57899
162.247.146.163:1311
162.247.147.72:1311
162.247.150.146:1311
166.141.177.23:1311
166.168.97.57:1311
166.48.102.53:1311
170.39.13.3:1311
170.39.13.4:1311
170.52.65.250:1311
171.25.157.154:1311
172.65.108.145:25565
172.65.111.47:25565
172.65.145.72:22
172.65.150.137:22
176.100.36.127:8080
176.100.36.156:999
176.100.36.19:181
176.100.36.76:8080
176.101.165.180:1311
176.120.170.203:1311
176.65.134.25:26425
176.65.138.123:7716
176.65.140.44:15390
176.65.141.210:15390
176.65.142.127:38361
176.65.142.151:3778
176.65.148.144:3778
176.65.149.229:181
176.96.131.92:5683
178.208.187.90:3778
178.236.244.39:40138
178.42.34.154:1311
181.41.245.5:1311
184.104.239.240:1311
184.105.68.138:1311
184.105.68.163:1311
184.105.68.187:1311
184.105.68.199:1311
184.105.68.228:1311
184.105.68.62:1311
184.105.68.67:1311
185.113.223.229:9900
185.121.13.159:51635
185.122.90.35:1311
185.128.170.113:1311
185.128.170.119:1311
185.128.170.36:1311
185.128.170.54:1311
185.128.170.55:1311
185.128.170.56:1311
185.128.170.60:1311
185.128.170.61:1311
185.128.170.62:1311
185.128.170.63:1311
185.128.170.64:1311
185.128.170.65:1311
185.128.170.67:1311
185.128.170.70:1311
185.128.170.71:1311
185.128.170.74:1311
185.128.170.75:1311
185.128.170.76:1311
185.128.170.77:1311
185.128.170.78:1311
185.128.170.79:1311
185.128.170.80:1311
185.128.170.81:1311
185.128.170.82:1311
185.128.170.84:1311
185.128.170.85:1311
185.128.170.86:1311
185.128.170.87:1311
185.128.170.89:1311
185.128.170.90:1311
185.14.92.111:10000
185.14.92.224:8080
185.142.53.233:80
185.154.206.42:1311
185.173.36.137:9035
185.173.37.18:9035
185.179.247.131:1311
185.179.247.147:1311
185.179.247.33:1311
185.179.247.39:1311
185.179.247.99:1311
185.189.226.76:1311
185.196.10.91:999
185.196.11.216:7651
185.208.159.64:1337
185.210.90.127:1311
185.232.37.79:1311
185.232.38.138:1311
185.26.227.26:1311
185.29.55.79:443
185.83.95.40:1311
192.121.10.231:1311
192.165.0.176:1311
192.165.0.69:1311
193.183.210.158:1311
193.200.78.28:1311
193.233.203.186:3778
194.132.68.15:1311
194.62.248.235:4000
194.62.248.235:4123
194.62.248.235:5050
194.62.248.235:777
194.68.225.195:29491
194.68.24.35:1311
195.133.215.16:1311
195.2.78.159:35348
195.91.206.60:1311
196.251.114.8:3778
196.251.116.138:1311
196.251.84.41:38242
196.251.87.197:38241
198.231.30.218:1311
198.231.30.222:1311
198.251.81.118:59669
198.251.81.96:1337
198.98.59.180:3778
2.133.254.229:1311
204.10.179.232:1311
205.185.117.147:59669
206.189.11.93:1311
207.167.64.24:5058
209.141.35.229:8397
209.141.37.88:3905
209.141.38.239:1337
210.6.166.148:1311
212.11.64.197:10000
212.87.221.19:9999
213.112.189.147:1311
213.204.193.47:1311
213.204.214.195:1311
213.209.150.107:3778
213.212.57.101:1311
213.212.57.124:1311
213.67.127.76:1311
213.67.94.181:1311
216.185.217.60:1311
217.156.123.148:443
217.156.123.150:443
217.60.38.130:38242
220.127.201.28:1311
221.146.139.30:1311
24.224.176.17:1311
24.224.185.147:1311
24.234.90.194:1311
24.48.18.64:1311
31.208.4.144:1311
31.28.4.146:1311
31.44.225.220:1311
31.44.229.84:1311
31.44.230.191:1311
31.56.26.14:9402
31.56.26.14:9403
31.56.26.14:9404
31.57.159.6:3778
31.58.68.231:443
31.59.58.20:2222
34.130.77.237:5329
34.58.79.106:35647
34.91.168.191:5532
37.114.37.78:1337
37.114.50.115:181
37.221.93.228:8397
38.2.39.210:1311
38.2.40.166:1311
38.54.15.75:16326
38.54.15.75:19174
38.54.27.184:3778
38.54.71.20:1311
38.60.134.117:3778
38.60.136.129:3778
38.60.136.235:3778
38.60.209.138:3778
38.60.216.145:3778
38.60.216.187:3778
38.85.167.3:1311
41.216.189.170:1311
45.11.229.248:1311
45.11.229.45:3778
45.13.151.192:10000
45.134.39.55:9999
45.135.194.43:3778
45.137.70.78:6667
45.154.38.94:1311
45.154.96.21:181
45.155.206.243:22
45.50.221.254:1311
45.61.184.179:3778
45.61.60.169:3778
45.66.228.71:10000
45.8.161.254:1311
45.90.12.104:1338
45.90.12.81:6969
45.91.171.107:1337
46.203.124.231:1995
46.203.233.164:666
46.247.109.116:1234
46.36.74.122:1311
5.57.242.144:1311
5.57.243.106:1311
5.63.21.188:5555
51.38.140.87:3778
51.38.140.90:181
51.68.222.89:9900
51.75.32.168:1337
51.79.57.15:181
51.81.100.197:4123
51.81.100.197:777
51.81.100.197:8080
51.81.104.118:6060
51.81.104.118:7070
57.138.218.16:1311
58.152.227.100:1311
58.177.4.245:1311
59.148.115.109:1311
59.149.184.223:1311
61.239.102.47:1311
61.239.241.35:1311
64.72.55.47:1311
64.89.240.117:1311
64.89.240.123:1311
64.89.240.169:1311
64.89.240.171:1311
64.89.240.173:1311
64.89.240.183:1311
64.89.240.190:1311
64.89.240.198:1311
64.89.241.12:1311
64.89.241.202:1311
64.89.241.210:1311
64.89.241.212:1311
64.89.241.217:1311
64.89.241.218:1311
64.89.241.220:1311
64.89.241.222:1311
64.89.241.234:1311
64.89.241.36:1311
64.89.243.114:1311
64.89.243.122:1311
64.89.243.238:1311
64.89.243.51:1311
64.89.243.53:1311
64.89.243.62:1311
64.89.243.91:1311
64.89.243.93:1311
64.89.244.125:1311
64.89.244.163:1311
64.89.244.172:1311
64.89.244.181:1311
64.89.244.184:1311
64.89.244.2:1311
64.89.244.47:1311
64.89.244.90:1311
64.89.245.227:1311
64.89.246.171:1311
64.89.246.46:1311
64.89.246.4:1311
64.89.246.58:1311
64.89.247.112:1311
64.89.247.131:1311
64.89.247.196:1311
64.89.247.198:1311
64.89.247.67:1311
64.89.248.142:1311
64.89.248.178:1311
64.89.248.203:1311
64.89.248.234:1311
64.89.249.185:1311
64.89.249.206:1311
64.89.249.242:1311
64.89.250.101:1311
64.89.250.75:1311
64.89.250.84:1311
64.89.251.107:1311
64.89.251.11:1311
64.89.251.157:1311
64.89.251.185:1311
64.89.251.186:1311
64.89.251.187:1311
64.89.251.37:1311
64.89.252.89:1311
64.89.252.92:1311
64.89.253.121:1311
64.89.253.123:1311
64.89.253.204:1311
64.89.253.42:1311
64.89.253.45:1311
64.89.253.80:1311
64.89.254.190:1311
65.87.61.184:1311
66.63.187.192:443
68.84.153.228:1311
69.138.127.249:1311
69.18.10.132:1311
69.45.225.218:1311
69.45.225.219:1311
69.45.225.220:1311
71.11.235.130:1311
72.53.231.104:1311
72.9.114.153:1311
72.9.114.232:1311
72.9.121.132:1311
72.9.126.183:1311
73.127.130.247:1311
74.221.64.89:1311
74.221.64.94:1311
74.221.64.95:1311
74.221.67.41:1311
74.221.67.53:1311
74.221.68.81:1311
74.221.69.104:1311
74.221.70.11:1311
74.221.70.7:1311
74.221.71.162:1311
74.221.71.170:1311
74.221.71.179:1311
74.221.71.198:1311
74.221.71.30:1311
74.221.72.147:1311
74.221.72.183:1311
74.221.73.102:1311
74.221.73.103:1311
74.221.73.105:1311
74.221.73.110:1311
74.221.73.116:1311
74.221.73.117:1311
74.221.73.123:1311
74.221.73.126:1311
74.221.73.249:1311
74.221.73.66:1311
74.221.73.73:1311
74.221.73.80:1311
74.221.73.90:1311
74.221.75.108:1311
74.221.75.119:1311
74.221.75.120:1311
74.221.75.122:1311
74.221.75.126:1311
74.221.75.19:1311
74.221.75.21:1311
74.221.75.69:1311
74.221.75.83:1311
74.221.75.92:1311
74.221.76.152:1311
74.221.76.174:1311
74.221.76.53:1311
74.221.76.55:1311
74.221.76.68:1311
74.221.76.69:1311
74.221.76.71:1311
74.221.76.74:1311
74.221.76.79:1311
74.221.76.80:1311
74.221.76.82:1311
74.221.76.83:1311
74.221.76.84:1311
74.221.76.86:1311
74.221.76.91:1311
74.221.76.93:1311
74.221.76.96:1311
74.221.77.137:1311
74.221.77.152:1311
74.221.77.206:1311
74.221.78.131:1311
74.221.78.151:1311
74.221.78.180:1311
74.221.78.181:1311
74.221.78.187:1311
74.221.78.207:1311
75.155.149.184:1311
76.8.213.131:1311
77.105.146.126:7777
77.110.103.206:1337
77.232.37.108:8080
77.232.38.204:37215
77.232.41.51:21695
77.232.41.51:27589
77.232.41.51:27862
77.239.114.204:10000
77.38.177.94:1311
77.38.221.244:1311
77.75.230.145:8000
78.40.116.170:25565
78.67.14.89:1311
80.51.119.148:1311
81.224.52.110:1311
81.228.202.52:1311
82.199.117.108:1311
82.27.2.184:10000
82.64.145.87:1311
83.168.69.117:22
83.223.27.127:1311
83.229.17.45:38241
83.229.87.221:1440
83.233.99.58:1311
84.218.124.234:1311
85.197.178.8:1311
85.197.184.196:1311
85.226.151.8:1311
85.230.218.203:1311
85.231.122.188:1311
85.239.33.160:1311
86.54.42.125:38242
86.54.42.68:1995
87.121.79.41:888
87.121.79.41:8888
87.121.84.163:3778
87.121.84.50:38361
87.121.84.60:38361
87.20.235.24:5060
87.20.235.24:5061
87.239.29.156:1311
89.208.113.170:974
89.32.41.158:6963
90.141.12.196:1311
90.227.23.168:1311
91.130.48.21:1311
91.142.79.142:8001
91.230.73.101:10000
91.237.16.41:1311
94.156.170.148:10000
94.255.193.204:1311
94.26.90.76:3128
95.38.193.164:1311
95.56.22.114:1311
99.116.228.38:1311
99.228.226.19:1311
99.232.231.14:1311
99.250.64.81:1311
3gipcam.com
5k5kat1ka1tna4n6ns.duckdns.org
5k5kat1ka1tna4n6nsm.duckdns.org
abc.umbrella-corp.it
all.tcphangjews.lol
antiwifi.cc
apexservices.duckdns.org
api.trumdvfb.com
approach.ilovegaysex.su
betnot.duck
bin.unproxy.st
blaskjar.xyz
boatrep.xyz
booterbot.duckdns.org
booterbotbins.duckdns.org
booterbotscan.duckdns.org
bot.chanbaba.online
bothehedoxiahihi.zapto.org
botnet.ethoneservices.xyz
botnet.exiled.rip
botnet.fkgpt.xyz
botnet.s3oox.com
botnet.s3ox11.com
botnet.topshield.xyz
botnetrep.xyz
bulon.duckdns.org
bunker-net.zapto.org
butbot.ddns.net
butbot.sytes.net
c2.vampwrotesatori.xyz
ccn.fdstat.vip
cecilioc2.xyz
cnc.boatrep.xyz
cnc.botnetrep.xyz
cnc.discordservers.fun
cnc.isisnet.xyz
cnc.jssaytcp.lat
cnc.kalonhakko.tk
cnc.phazerproxy.online
cnc.r00ts.online
cnc.rspay.top
cnc.tacobellfordinner.tk
cnc.whiteace.xyz
cnc2.jssaytcp.lat
cross-compiling.org
cskcncsus.vietnamddns.com
cute.trumdvfb.com
dc.xteamking.ga
deathbotnet.lol
deneme.chanbaba.online
denemebuba31.duckdns.org
discordservers.fun
dog.xlabsecurity.ru
dolphincode.duckdns.org
dtd.gcdxw.space
dvrhelpers.su
fdstat.vip
fish.dvrhelpers.su
furry-femboys.top
fusion-api.nl
hhhbotnecior.zapto.org
hihi.trumdvfb.com
horse.ipcamlover.ru
host.mrighosting.info
hotel.wildhorsehotel.net
hypixelproxy.gooning.shop
i-kiss-boys.com
ilovegaysex.su
iotkit.duckdns.org
ipcamlover.ru
isisnet.xyz
iwishiamhappy.zapto.org
izumi-test.f5.si
izumisv1.cc
j48asd.dns.army
jbvpshosti.com
jssaytcp.lat
jyk85mxc.z1001.net
kalonhakko.tk
katana.tcphangjews.lol
kitty.xlabresearch.ru
lane.ilovegaysex.su
lipaisanigger.niekot.xyz
lited-mafia.ddns.net
m1dni9ht.ddns.net
main.oooservers.kro.kr
main.server19.n-e.kr
mdnditly.gotdns.ch
mdnsucchim.ddns.net
meow.analystic-see.de
milkor723.duckdns.org
ministry.ilovegaysex.su
mr.diicotsec.ru
mrighosting.info
net.drillrp.com
netbabanet.duckdns.org
netflux.r00ts.online
nmsl.cnmnm.top
nmsl.i20.icu
nnmirai.duckdns.org
nv6b6ka9.z1001.net
ooo.asdfcompany.o-r.kr
oooservers.kro.kr
packets.packets.cf
phazerproxy.online
pnrt.kotomari-vn.dev
prismware.cf
problem.cloudboats.vip
r0.vampwrotesatori.xyz
realitygaming.duckdns.org
realitygamingph.duckdns.org
report.hydrasec.xyz
rspay.top
sc.0x504.com
scan.301.church
scan.fdstat.vip
scan.isisnet.xyz
scan.jssaytcp.lat
scan.phazerproxy.online
scan.r00ts.online
scan.switchnets.net
scan.tacobellfordinner.tk
scan.yiffgallery.xyz
server19.n-e.kr
shiina.ilove26.cf
sigmaboi.duckdns.org
somanydomain.anondns.net
ssro.xyz
supersha256.run.place
tacobellfordinner.tk
tai.fdstat.vip
takibotnet.duckdns.org
takidayne.duckdns.org
takine.duckdns.org
tcphangjews.lol
test.galaxias.cc
testbotgame.zapto.org
traxanhc2.duckdns.org
trumdvfb.com
ts4.kir22.ru
ts5.kir22.ru
twinkfinder.nl
unproxy.st
urabenet.ddns.net
vagner.sytes.net
vampwrotesatori.xyz
watermelonbins.duckdns.org
wavecarried.vietnamddns.com
whiteace.xyz
wildhorsehotel.net
wolf.tcphangjews.lol
x.purgepots.net
xaxa.marvisxoxo.st
xlabresearch.ru
xlabsecurity.ru
xnxx.galaxias.cc
xteamking.ga
yn.eoow.cn
zrysdxnzmo.antiwifi.cc

# Reference: https://x.com/BlinkzSec/status/1948235319788155135

http://102.208.228.165
kurama.network

# Reference: https://x.com/BlinkzSec/status/1950021630136107340
# Reference: https://www.virustotal.com/gui/file/003f52b55188def1a2e3fd324cad4c185633d95c2e005cebd71645a3f5f9defa/detection
# Reference: https://www.virustotal.com/gui/file/bbdfa157a11857424d0b0adb3a66e863b0ea8441e2a0c92cb739e5d8ebc81516/detection

http://103.212.227.29
103.212.227.29:12121
ddos678.com
flowito.xyz
as.ddos678.com

# Reference: https://x.com/BlinkzSec/status/1950021630136107340

ajczgt.ignorelist.com
naldlh.jumpingcrab.com
xosjcq.twilightparadox.com
swepgv.crabdance.com

# Reference: https://www.virustotal.com/gui/file/97ed5b39c6c6e6e48531968ac70fa19c09ea7a662df2f0e4c9730f95d9b3549e/detection

92.113.21.114:81

# Reference: https://x.com/abuse_ch/status/1953367924233683197
# Reference: https://www.virustotal.com/gui/file/dafb6cfaa8bef0c98d9c3bb38d837a12a1b3a29f77dc7c0eb71d6cca81b89264/detection
# Reference: https://www.virustotal.com/gui/file/132d49c94235c07d71109156ea59ecf0ee4364d115863bd35e97d21bfb1e8439/detection
# Reference: https://www.virustotal.com/gui/file/427637c4b8bcb940183227dc35be73158128f3cbf485d5f06aef7b8171a70d28/detection
# Reference: https://www.virustotal.com/gui/file/8f7435f5405f5653794447a982789a1fbee1b79207b29973383c75e527b057ac/detection
# Reference: https://www.virustotal.com/gui/file/9fe88c7d94383284c0f26ab9a3936b4d984118ede03aacd3f1a7e80d18740094/detection
# Reference: https://www.virustotal.com/gui/file/caf58369b34126be4f46efed96ecab81b2c4f16feced00b34ea0423abd743c29/detection

http://172.133.82.130
15.204.119.129:61527
ezs.link
mozicloud.org
diabolus.in.rs
hololive.mozicloud.org
okayuthefoodiecat.mozicloud.org
mozi.mozicloud.org

# Reference: https://x.com/BlinkzSec/status/1954929500179095769
# Reference: https://www.virustotal.com/gui/file/1cfed5e3963fd22823a63fe44ba533a014dff9528b44c9c2b620c81963d595ce/detection

http://74.194.191.52

# Reference: https://x.com/redrabytes/status/1956672997831451002
# Reference: https://www.virustotal.com/gui/file/17df6d8f63eed3a7a46dd13c8e87c748a2b31c0838125f6582d2792b4139eac4/detection

http://66.63.187.141
45.135.194.32:37214
66.63.187.141:21
bootaa.anondns.net

# Reference: https://x.com/redrabytes/status/1956675627722883404

http://23.146.184.21
209.141.32.42:1999

# Reference: https://x.com/BlinkzSec/status/1957426831747092987
# Reference: https://www.virustotal.com/gui/file/c6a1b0ff38c2f4fa2c7c1595880280c7c9dc222c4799833245889fec7935cc83/detection

http://103.245.231.188

# Reference: https://x.com/redrabytes/status/1957584747980288088
# Reference: https://www.virustotal.com/gui/ip-address/94.154.35.109/relations
# Reference: https://www.virustotal.com/gui/file/0661155ac0ed53079eba8f86dd8e72e9db297643a045bd557b373173f172085c/detection

196.251.80.130:4565
94.154.35.109:4515
94.154.35.109:999
bootasactive.icu
ihaveahotwife.icu
pawsondeck.cc

# Reference: https://x.com/redrabytes/status/1959004607314894867

http://163.5.63.89
163.5.63.89:21
163.5.63.89:777

# Reference: https://x.com/redrabytes/status/1959478858287022544
# Reference: https://www.virustotal.com/gui/file/5bc1d7d715b2189390d905273ba4865e9ebb5bbbdd58b774e7bf4c732c60d51d/detection

http://82.27.2.83
82.27.2.83:1312
82.27.2.83:3306

# Reference: https://x.com/redrabytes/status/1959475516739633344
# Reference: https://www.virustotal.com/gui/file/295484725fb31617587fc217b4c4bcddba42b687db0174698c2b894798d8e633/detection

http://176.65.149.225
176.65.149.225:6161

# Reference: https://www.virustotal.com/gui/file/463c379d5f97d28784372dfe3bb59234bb26a71fa5f94e155b204ca1677b147f/detection
# Reference: https://www.virustotal.com/gui/file/270be7df7ada71eea5f2d1ce4394478ef03cb45480ff1e0c17e8535894c21a21/detection

http://176.65.149.226
176.65.149.226:839
rapidloader.org
blackmafia.rapidloader.org

# Reference: https://x.com/redrabytes/status/1959475516739633344
# Reference: https://www.virustotal.com/gui/file/d65a728c2e50fafc23838d678417a4e1d6ba38341141a78a686ec457b905b25c/detection
# Reference: https://www.virustotal.com/gui/file/a74e354e0ad2f12499de8dbd7500029d168ba09f8c38a2af985706c06fa6fac3/detection

94.156.152.65:61459
call105.net
autodiscover.milkir.ro
host117.xtpanel.org
rockwood.call105.net

# Reference: https://x.com/redrabytes/status/1959467263674958111
# Reference: https://www.virustotal.com/gui/file/201cf10b7a8dd23be5926fc167da2f2848c6d916843277cef1e4cb7ee527777e/detection

http://109.205.213.5
109.205.213.5:1412
192.227.134.76:10257
192.227.134.76:1412

# Reference: https://www.virustotal.com/gui/file/74bfa3944f4ab713e68790125556bbf53fba512a3eba97798ffc8071ea2b7ddb/detection

94.26.90.79:1995
mr.diicotsec.ru

# Reference: https://www.virustotal.com/gui/file/95ad9b479b5b9a43adcc9c47216878765d71f26003706adaad8768af372bb050/detection

http://77.83.240.93

# Reference: https://www.virustotal.com/gui/file/02adc9ce7867029eb055a8ce7fa05309222f84bec9c4c70447f03da1f6a7173b/detection

2.59.161.34:6969
206.123.145.137:523
89.221.203.116:6969
camelboat.n-e.kr
unjiproxy.p-e.kr

# Reference: https://www.virustotal.com/gui/file/f170f52ad2b6483a2163b80db539976f10f3c5104697da9c6e6a3c1a5f06802b/detection

102.129.165.169:6969
206.123.128.47:6969
85.208.9.171:523
hellocamel.p-e.kr
webcasionop1.o-r.kr

# Reference: https://www.virustotal.com/gui/file/e0246bf3373c70a1f933520dae2e9366b0729d691b810da78f7ce84e189331c3/detection

45.74.16.34:523
unjibot.p-e.kr

# Reference: https://www.virustotal.com/gui/file/ec49ed0d5e51514b62d2a0b3340d8b8eaf1b3153f6a23f8997d3c451984b00a2/detection

cameldomain1.n-e.kr

# Reference: https://www.virustotal.com/gui/ip-address/77.110.113.46/detection

http://77.110.113.46
77.110.113.46:8080
77.110.113.46:8888

# Reference: https://www.virustotal.com/gui/file/8c98ca13d2b6a3bc273be29490ce23a4ab49b8a07e8df44195cfd85b34cffdf6/detection
# Reference: https://www.virustotal.com/gui/file/e35be6f150d0484d1db33fa1003827e76fabe05662bedd16cc8e8c69eb2fd53d/detection

http://45.156.87.129
45.156.87.129:57899
45.156.87.129:8080
auranetwork.cc
catraw.auranetwork.cc

# Reference: https://www.virustotal.com/gui/ip-address/185.149.146.63/relations
# Reference: https://www.virustotal.com/gui/file/bba422351f956574d1b1b06edc4123c11431d4166d3b5d627e605317ed041feb/detection
# Reference: https://www.virustotal.com/gui/file/a5f2eb72758f927f4ae47e0b6abf7acf46cde7cb4b03fc4c8e334a1ca29d73c5/detection

http://185.149.146.63
185.149.146.63.sslip.io
enidius.space

# Reference: https://blog.xlab.qianxin.com/super-large-scale-botnet-aisuru-en/

6mv1eyr328y6due83u3js6whtzuxfyhw.ru
updatetoto.tw
a.6mv1eyr328y6due83u3js6whtzuxfyhw.ru
approach.ilovegaysex.su
coerece.ilovegaysex.su
lane.ilovegaysex.su
ministry.ilovegaysex.su
u.ilovegaysex.su

# Reference: https://www.virustotal.com/gui/file/4b450b5dce61f8d561f0d56eccc75d63fe97fde89769500e8b1a2fb6793ffca2/detection

87.120.93.123:8443
beansarewatching.cfd
cosmoriga.cfd

# Reference: https://www.virustotal.com/gui/file/17a1139ffed855e1912459a08eed90ac1633a7c4643a853511782be7e870f4fb/detection

64.188.91.90:8443

# Reference: https://x.com/BlinkzSec/status/1974497918133428563

dstat.digital
n7.gay
go-invie.invie.id
p2.dstat.digital

# Reference: https://www.virustotal.com/gui/file/e0aca48030fbbc14dbda94f351d56716119029c526fd7c8191f673903aa5b86f/detection

http://159.223.83.97
/Yboats.arc
/Yboats.arm
/Yboats.arm4
/Yboats.arm4l
/Yboats.arm4t
/Yboats.arm4tl
/Yboats.arm4tll
/Yboats.arm5
/Yboats.arm5l
/Yboats.arm5n
/Yboats.arm6
/Yboats.arm64
/Yboats.arm6l
/Yboats.arm7
/Yboats.arm7l
/Yboats.arm8
/Yboats.armv4
/Yboats.armv4l
/Yboats.armv5l
/Yboats.armv6
/Yboats.armv61
/Yboats.armv6l
/Yboats.armv7l
/Yboats.dbg
/Yboats.exploit
/Yboats.i4
/Yboats.i486
/Yboats.i586
/Yboats.i6
/Yboats.i686
/Yboats.kill
/Yboats.m68
/Yboats.m68k
/Yboats.mips
/Yboats.mips64
/Yboats.mipseb
/Yboats.mipsel
/Yboats.mpsl
/Yboats.pcc
/Yboats.powerpc
/Yboats.powerpc-440fp
/Yboats.powerppc
/Yboats.ppc
/Yboats.ppc2
/Yboats.ppc440
/Yboats.ppc440fp
/Yboats.root
/Yboats.root32
/Yboats.sh
/Yboats.sh4
/Yboats.sparc
/Yboats.spc
/Yboats.ssh4
/Yboats.x32
/Yboats.x64
/Yboats.x86
/Yboats.x86_32
/Yboats.x86_64

# Reference: https://x.com/abuse_ch/status/1976636930105245971
# Reference: https://www.virustotal.com/gui/file/034c7081b8cf3ffbc762dfb50934e009938e68912f8bf83c69af5181247f6514/detection

http://45.141.215.196
45.141.215.196:12121
jbvipnetwork.cc
/FuckYou0urlhaus0abuse0ch/

# Reference: https://www.virustotal.com/gui/file/2c9cda6ce94fc0dd45b11312a54e82beacaedb0b7def3698481c22796b338989/detection

103.252.89.226:12121
15.197.148.33:12121
devilnet.xyz

# Reference: https://www.virustotal.com/gui/file/b7f136813eeb228a82b6339e4e45449e69e990726c17ad5df6d0d519d65a6012/detection

goth.wtf

# Reference: https://app.validin.com/detail?find=1.sh&type=dom&ref_id=4d2e37e0b7f#tab=host_pairs (# 2025-10-10)

discm.sbs
cnc.discm.sbs
cnc3.discm.sbs

# Reference: https://www.virustotal.com/gui/file/168c3eae74a27492808e53c839677abc45d952e6bdab8425ce9544ddc29d93fd/detection

196.251.116.223:12121
upjohn90.cc

# Reference: https://www.virustotal.com/gui/file/f9908c8ac9b790c9725b1c504cedb149908eebb90277bf8058103c7112ca44ba/detection
# Reference: https://www.virustotal.com/gui/file/3d00a07947d443c59c3d10bc62feff0eef69cbb2788300ebee5bc882fb585c22/detection

http://181.214.231.124
179.61.138.56:13105
179.61.138.56:13106
anranapi.xyz
/nwfaiehg4ewijfgriehgirehaughrarg.arc
/nwfaiehg4ewijfgriehgirehaughrarg.arm
/nwfaiehg4ewijfgriehgirehaughrarg.arm4
/nwfaiehg4ewijfgriehgirehaughrarg.arm4l
/nwfaiehg4ewijfgriehgirehaughrarg.arm4t
/nwfaiehg4ewijfgriehgirehaughrarg.arm4tl
/nwfaiehg4ewijfgriehgirehaughrarg.arm4tll
/nwfaiehg4ewijfgriehgirehaughrarg.arm5
/nwfaiehg4ewijfgriehgirehaughrarg.arm5l
/nwfaiehg4ewijfgriehgirehaughrarg.arm5n
/nwfaiehg4ewijfgriehgirehaughrarg.arm6
/nwfaiehg4ewijfgriehgirehaughrarg.arm64
/nwfaiehg4ewijfgriehgirehaughrarg.arm6l
/nwfaiehg4ewijfgriehgirehaughrarg.arm7
/nwfaiehg4ewijfgriehgirehaughrarg.arm7l
/nwfaiehg4ewijfgriehgirehaughrarg.arm8
/nwfaiehg4ewijfgriehgirehaughrarg.armv4
/nwfaiehg4ewijfgriehgirehaughrarg.armv4l
/nwfaiehg4ewijfgriehgirehaughrarg.armv5l
/nwfaiehg4ewijfgriehgirehaughrarg.armv6
/nwfaiehg4ewijfgriehgirehaughrarg.armv61
/nwfaiehg4ewijfgriehgirehaughrarg.armv6l
/nwfaiehg4ewijfgriehgirehaughrarg.armv7l
/nwfaiehg4ewijfgriehgirehaughrarg.dbg
/nwfaiehg4ewijfgriehgirehaughrarg.exploit
/nwfaiehg4ewijfgriehgirehaughrarg.i4
/nwfaiehg4ewijfgriehgirehaughrarg.i486
/nwfaiehg4ewijfgriehgirehaughrarg.i586
/nwfaiehg4ewijfgriehgirehaughrarg.i6
/nwfaiehg4ewijfgriehgirehaughrarg.i686
/nwfaiehg4ewijfgriehgirehaughrarg.kill
/nwfaiehg4ewijfgriehgirehaughrarg.m68
/nwfaiehg4ewijfgriehgirehaughrarg.m68k
/nwfaiehg4ewijfgriehgirehaughrarg.mips
/nwfaiehg4ewijfgriehgirehaughrarg.mips64
/nwfaiehg4ewijfgriehgirehaughrarg.mipseb
/nwfaiehg4ewijfgriehgirehaughrarg.mipsel
/nwfaiehg4ewijfgriehgirehaughrarg.mpsl
/nwfaiehg4ewijfgriehgirehaughrarg.pcc
/nwfaiehg4ewijfgriehgirehaughrarg.powerpc
/nwfaiehg4ewijfgriehgirehaughrarg.powerpc-440fp
/nwfaiehg4ewijfgriehgirehaughrarg.powerppc
/nwfaiehg4ewijfgriehgirehaughrarg.ppc
/nwfaiehg4ewijfgriehgirehaughrarg.ppc2
/nwfaiehg4ewijfgriehgirehaughrarg.ppc440
/nwfaiehg4ewijfgriehgirehaughrarg.ppc440fp
/nwfaiehg4ewijfgriehgirehaughrarg.root
/nwfaiehg4ewijfgriehgirehaughrarg.root32
/nwfaiehg4ewijfgriehgirehaughrarg.sh
/nwfaiehg4ewijfgriehgirehaughrarg.sh4
/nwfaiehg4ewijfgriehgirehaughrarg.sparc
/nwfaiehg4ewijfgriehgirehaughrarg.spc
/nwfaiehg4ewijfgriehgirehaughrarg.ssh4
/nwfaiehg4ewijfgriehgirehaughrarg.x32
/nwfaiehg4ewijfgriehgirehaughrarg.x64
/nwfaiehg4ewijfgriehgirehaughrarg.x86
/nwfaiehg4ewijfgriehgirehaughrarg.x86_32
/nwfaiehg4ewijfgriehgirehaughrarg.x86_64

# Reference: https://www.virustotal.com/gui/file/b106656ce91d11e05fd3a37a53ca72d40c4c802f900895fe7eb48c2d701c3051/detection

181.214.231.124:1887

# Reference: https://www.virustotal.com/gui/file/08b0b121c9e7c9ea14f8fdedb84615b302062735d283242a854897144fe9f863/detection

202.155.94.19:12121
89.213.174.225:12121
uranium.ddns.net
uraniumc2.ddns.net

# Reference: https://www.virustotal.com/gui/file/6a5d6f91177537c767aa986fc58a0ec357c9358bd8d22b896c8824a807e45a6b/detection

45.94.31.73:18129

# Reference: https://www.virustotal.com/gui/file/16a75c55b04c87b7d82aa8f8253fbdb7e45a49dfebb74852f2fb8f42a7548f42/detection

41.216.189.108:12121
sopflgg.bounceme.net

# Reference: https://www.virustotal.com/gui/file/49005aa129d9747077d85b9fbf1cc6bf1cc050aec05dbeb98664e7368fbf506c/detection

http://157.20.32.206
zantux-plan.duckdns.org

# Reference: https://www.virustotal.com/gui/file/4c6c57dd49a6f255087cba75c7a8461f05169ce7d4bfa0b77899b39a303b3333/detection

http://41.216.189.108
sjnm.ddns.net

# Referecne: https://www.virustotal.com/gui/file/01c9f831c5b0586a8253102a1b92ae3b93443bf988ab3e05eb3c0ca2b8a6f958/detection

drooby.ddns.net

# Reference: https://app.validin.com/detail?type=dom&find=1.sh#tab=host_pairs (# 2025-10-10)

beesoft.vn
denisadental.duckdns.org
dgshejc.ip-ddns.com
draft247.redirectme.net
erfffxz.bounceme.net
katanaa.zapto.org
mangotruff.redirectme.net
mijn-formulier.jkub.com
mijn-omgeving.almostmy.com
morteone.duckdns.org
phubotnet.duckdns.org
s3o-cnc.ddns.net
s3ov8.ddns.net
s3ov838.ddns.net
servizioclienti.mooo.com

# Reference: https://www.virustotal.com/gui/file/1145d501a2bf66167143108c81a43e67d178fb0f89de5921892755e592c41aef/detection

196.251.84.55:12121
wrxcnc.com

# Reference: https://www.virustotal.com/gui/file/030e9e17001eef1a5fed6c3e805732cb925e1ca1ee2ce89e694e575bc1d68c17/detection

196.251.70.174:3778

# Reference: https://www.virustotal.com/gui/file/0a50775073eea46a61ab65bf6211d881d68d0b71330dd7736c8544bbfeb0f5f2/detection

176.65.132.198:12121
accessdennied.uk

# Reference: https://threatfox.abuse.ch/browse/malware/elf.mirai/ (# 2025-10-11)

http://213.209.150.159
http://87.121.84.44
http://91.224.92.78
http://91.92.240.220
103.125.163.10:7080
103.130.213.44:1791
103.137.36.6:22483
103.164.200.170:7080
103.191.63.195:3778
103.20.103.50:3778
103.217.215.238:17645
103.230.153.181:2570
103.245.10.51:56156
103.70.204.249:30005
103.77.214.206:9869
103.77.241.145:12121
103.77.241.176:12121
103.77.241.43:3778
103.82.211.164:45793
107.150.100.32:9035
107.150.102.20:34567
107.150.102.74:9034
115.245.112.26:20671
116.72.19.113:4229
117.192.38.205:58323
117.193.158.222:36183
117.198.24.117:43700
117.200.113.193:51725
117.200.205.178:55690
117.200.235.222:50080
117.204.166.44:60061
117.205.174.62:57690
117.205.89.118:35488
117.206.134.229:58613
117.206.234.114:53486
117.206.67.191:42144
117.206.97.94:47987
117.209.10.233:43235
117.209.117.203:54377
117.209.47.37:39303
117.209.6.228:44924
117.209.81.154:56913
117.209.83.214:51791
117.209.87.90:39979
117.209.91.36:34727
117.211.36.112:55816
117.213.242.89:34301
117.213.251.206:41340
117.213.255.54:45235
117.215.50.184:56466
117.215.56.135:38058
117.216.182.235:59878
117.216.59.92:39143
117.217.17.80:57432
117.221.162.80:37571
117.221.55.35:42360
117.223.140.93:43205
117.223.142.92:38956
117.231.155.127:51171
117.244.69.162:57954
117.244.73.41:51052
117.248.26.217:58719
117.248.27.11:40529
117.251.175.15:34225
120.60.235.145:60309
120.61.23.167:35898
120.61.246.245:49306
128.0.118.22:3838
135.148.129.38:2022
14.19.30.234:9034
14.19.6.245:12345
141.98.10.66:1999
142.132.185.98:1114
142.132.185.98:12381
142.132.185.98:1337
142.132.185.98:2348
142.132.185.98:23845
142.132.185.98:2474
142.132.185.98:3257
142.132.185.98:3333
142.132.185.98:38441
142.132.185.98:4200
142.132.185.98:4444
142.132.185.98:5555
142.132.185.98:6463
142.132.185.98:6969
142.132.185.98:7122
142.132.185.98:7214
142.132.185.98:8745
142.132.185.98:8932
147.45.211.142:34567
147.45.211.143:34567
147.45.211.59:12345
147.45.211.59:34567
147.45.48.80:12345
150.129.202.193:1316
150.129.202.197:1316
150.241.230.64:1337
150.241.230.64:702
151.242.30.16:1999
151.242.30.2:38241
152.53.209.147:1999
155.94.155.248:1337
156.229.125.160:3778
159.89.31.123:9034
160.191.86.240:6935
161.35.159.168:5555
161.97.77.188:2004
163.5.63.89:8080
164.90.174.64:5555
172.86.116.47:20160
176.100.36.132:1337
176.100.36.132:702
176.100.36.135:9090
176.100.37.106:5000
176.100.37.191:3875
176.46.152.89:22
176.65.141.49:12121
176.65.149.34:81
178.16.52.103:3778
179.61.253.87:3778
182.60.11.210:56523
185.14.92.219:9090
185.177.59.106:10000
185.196.8.136:1776
185.254.96.150:4444
185.254.96.150:4550
185.254.96.150:888
185.254.96.150:8888
185.38.142.131:8000
185.91.127.181:2378
192.227.134.76:3211
193.111.248.170:38241
193.111.248.188:7774
193.111.248.238:3778
193.26.115.154:5555
194.102.104.20:4258
194.113.37.21:38242
194.58.38.57:5555
194.58.38.57:9034
195.177.94.50:4478
195.248.240.141:3778
196.251.117.150:12121
196.251.118.144:3778
196.251.70.174:1312
196.251.72.179:9999
196.251.80.5:3778
196.251.84.79:1312
196.251.85.246:3778
199.195.251.103:1338
199.195.252.167:18685
202.155.94.19:3778
203.115.103.19:43652
205.185.125.97:1999
212.192.221.236:38242
213.209.143.44:4096
213.209.143.62:1024
213.209.143.62:3778
213.209.150.159:56999
213.209.150.159:59666
213.232.114.169:9506
217.60.248.115:38242
217.60.248.199:38242
217.60.249.53:38242
217.60.39.163:38242
23.132.28.196:1995
31.25.11.228:3778
31.56.39.15:1302
31.57.38.226:1995
31.59.120.38:38242
37.114.46.103:4967
37.114.63.119:14963
37.114.63.187:27909
37.221.93.228:43759
41.216.189.108:1302
43.224.0.5:1316
43.230.158.26:5393
43.249.52.210:12166
45.133.74.177:20169
45.133.74.189:46696
45.135.194.24:13470
45.137.70.11:29576
45.140.188.23:6969
45.156.87.138:12121
45.156.87.152:3778
45.170.245.23:3778
45.59.114.31:10000
45.59.114.31:888
45.81.252.38:38241
45.86.155.252:8888
45.90.12.222:40090
45.90.12.6:6969
45.90.12.71:56999
45.90.13.173:9999
46.38.138.58:3778
5.181.187.146:3778
5.181.3.37:12345
5.181.3.37:5555
5.230.226.36:23004
5.231.70.72:23
5.253.247.68:9374
5.42.217.111:3778
51.68.219.217:10000
51.81.135.243:6699
51.81.234.164:8080
51.81.234.164:8888
59.182.151.39:54713
59.182.76.162:39719
59.88.137.240:43157
59.88.228.171:45441
59.88.26.25:40718
59.88.33.46:49095
59.93.129.245:34114
59.94.112.173:47745
59.94.123.220:48092
59.94.126.195:35454
59.94.126.82:37416
59.94.65.179:45363
59.95.84.74:58020
59.95.94.15:57585
59.96.143.254:49291
59.97.181.55:46538
61.1.144.160:51034
61.1.220.214:52810
61.1.235.35:54994
61.1.235.37:59556
61.3.142.67:59229
61.3.26.162:36413
61.3.29.188:52092
63.141.249.83:12121
64.72.205.165:2096
68.183.206.140:5555
72.60.91.50:501
77.110.103.206:49074
77.110.112.5:9035
77.110.112.75:12345
77.90.15.136:5829
78.153.149.249:9034
78.159.156.10:33728
81.19.140.41:9034
82.27.2.83:3912
83.147.255.22:5050
84.200.81.239:1312
84.200.81.239:3778
87.120.191.44:45
87.121.84.168:38361
87.121.84.53:50498
87.248.130.35:3778
87.248.150.68:8020
87.248.150.68:8060
88.151.192.118:9034
88.151.192.129:9034
89.144.20.51:1024
89.213.174.225:3778
89.32.41.47:3778
89.32.41.64:3778
89.32.41.66:1995
89.39.121.92:34195
91.235.116.149:34241
94.156.179.178:54321
94.23.162.51:443
1.izumisv1.cc
1.santaiot.net
48101.online
504.su
9257.org
abc.galaxias.cc
abc.izumisv1.cc
ajnetwork.ddns.net
allahbotnet.duckdns.org
allahmisin.musallat.xyz
animefastflux.com
api.chanlevip.site
api.hammz.kapakhost.my.id
api.hammznetx.kapakhost.my.id
ars1t.cfd
asdfavae.duckdns.org
atomdata.xyz
attack.emocc.cc
autblx.xyz
bbos.p-e.kr
bilibili.osfc.org.cn
boatn1941.ddns.net
bolo.gay
booter.pro
bot.9257.org
bot.exayte.xyz
bot.hiddenlists.net
bot.networkbot.org
bot.nightbotnet.my.id
bot.orcacrash.site
bot.skylablool.live
bot.vac.lol
botbuji.xyz
botnet.agency
botnet.eu.cc
botnet.fakepay.online
botnet.iris-security.xyz
botnet.m85test.xyz
botnet.turtle12-iz.cyou
botnet.zinomc.com
botnet92.redirectme.net
botnetnn.duckdns.org
botnetszx.duckdns.org
bottingstation.info
bulon.trumdvfb.com
butternet.vietnamddns.com
c.loyaltyservices.lol
c.overflow.ltd
c2.atomdata.xyz
c2.sombras.space
casino1929299910.o-r.kr
ccie.cash
cdn.valgap.org
chanlevip.site
cin.cinquento.publicvm.com
cnc.301.church
cnc.404verified.xyz
cnc.48101.online
cnc.504.su
cnc.9257.org
cnc.botbuji.xyz
cnc.botnet.agency
cnc.bottingstation.info
cnc.ccie.cash
cnc.cinquento.publicvm.com
cnc.feds.gay
cnc.kalonarkks.tk
cnc.mutao.in
cnc.naldlh.lol
cnc.netjssaytcp.lat
cnc.netjssaytcpp.lat
cnc.rainb0w69.xyz
cnc.zinomc.com
cnc1.naldlh.lol
cnc2.bottingstation.info
cnc2.naldlh.lol
cnc3.naldlh.lol
cnc4.naldlh.lol
cnnetwork.uk
cns.mutao.in
codingvix.win
comslut.xyz
condiv5.ddns.net
connect.feds.gay
connect.jssaytcp.lat
csk.vietnamddns.com
cvawrs.duckdns.org
daga.house
daimao.dpdns.org
datasurge.vip
death-net.duckdns.org
diarrhea-diaper-scat-fart-midget-stink.lol
domet.chanbaba.online
doxxingservices.shop
dstat.cfd
dvrxpert.tiananmensquare1989.su
emocc.cc
evelynn.redirectme.net
evelynnrank1.duckdns.org
exayte.xyz
faggot.comslut.xyz
fakepay.online
fasdv.duckdns.org
fearoxe.duckdns.org
feds.gay
hammz.kapakhost.my.id
hammznetx.kapakhost.my.id
hbtxhuy.duckdns.org
hiddenlists.net
hikylover.st
hypnos-api.kapakhost.my.id
idk.daga.house
iotmiraibotnet.duckdns.org
ip.nebulabin.pl
iris-security.xyz
j2hnet.duckdns.org
j2hnet2.duckdns.org
jbvpshosti.ink
kalonarkks.tk
keke.stolevpn.xyz
last.galaxias.cc
liltrippy.com
lm.mutao.in
lol.0x504.com
loyaltyservices.lol
m85-net.redirectme.net
m85test.xyz
mafia.trumdvfb.com
main.minefarm19.o-r.kr
makarovs839.duckdns.org
meow2137.duckdns.org
minefarm19.o-r.kr
miz.lspmodz.ml
mong666.duckdns.org
morte.qzz.io
mortebin.duckdns.org
mortefour.duckdns.org
mortethree.duckdns.org
mortetwo.duckdns.org
motre.jbvpshosti.com
mrrplikeuwantit.niggabutt.lol
musallat.xyz
mutao.in
n0rv3m.xyz
naldlh.lol
narco.thotiana.live
nebulabin.pl
net.bolo.gay
net.booter.pro
netjssaytcp.lat
netjssaytcpp.lat
netohxxx.duckdns.org
nettercrazy.ddns.net
networkbot.org
nigga.dstat.cfd
nigger-from.africa
nigger.comslut.xyz
nightbotnet.my.id
orcacrash.site
oseuum.chickenkiller.com
overflow.ltd
p.x86thx.xyz
phulocnhat2005.duckdns.org
pljslt.top
pma.jarry.online
pozie.lol
proxywall.p-e.kr
rainb0w69.xyz
random.societynetwork.xyz
raw.vaticanc2.top
report.datasurge.vip
riseonid.com
s.botsaresafu.com
s.overflow.ltd
s3osx.ddns.net
savaswsd.duckdns.org
sbd.haongmaidong.com
scan.504.su
scan.atomdata.xyz
scan.ccie.cash
scan.darkiot.net
scan.naldlh.lol
scan.rainb0w69.xyz
scan.saturnbotnet
scan.sombras.space
scan.stolevpn.xyz
seven.nadns.info
shitfaced.tk
skidlol.p-e.kr
skylablool.live
snoopdogweed.n0rv3m.xyz
snoopdogweedhitler.comslut.xyz
sombras.space
stolevpn.xyz
streamcodex.online
test.datasurge.vip
testnetv4.duckdns.org
tiananmensquare1989.su
top1miku.duckdns.org
trannynet.adgods.uk
turkishzenci.duckdns.org
turtle12-iz.cyou
udpppp.icu
uranet.duckdns.org
vac.lol
valgap.org
vaticanc2.top
vip.jbvipnetwork.cc
vipcncnetwork.com
vmklsfdv.duckdns.org
void.proxywall.p-e.kr
voidc2.p-e.kr
voxelnodes.in
vpsx64.duckdns.org
waitwhatisthis.societynetwork.xyz
weed.pozie.lol
wifi.nigger-from.africa
wither-xmr.duckdns.org
xc355.bounceme.net
xdxd.hoangmaidong.com
xsopflgg.bounceme.net
zazadawg.comslut.xyz
zazadawg3.comslut.xyz
zebratitties.autblx.xyz
zinomc.com

# Generic

/shell?cd+/tmp;
/shell?cd+/tmp;+wget+
/shell?cd+/tmp;rm+-rf+*;wget+
/shell?cd+/tmp;rm+-rf+*;wget+0.0.0.0
/shell?cd+/tmp;rm+sh+sh;wget+
/shk;+chmod+
/tmp;rm+-rf+*;wget
/tmp;rm+-rf+*;wget+0.0.0.0
