# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: BumbleBee, Hisoka, Snugy, TriFive, huntxspy

# Reference: https://unit42.paloaltonetworks.com/xhunt-campaign-attacks-on-kuwait-shipping-and-transportation-organizations/
# Reference: https://github.com/pan-unit42/iocs/blob/master/xHunt/xHunt_IOCs.csv
# Reference: https://www.virustotal.com/gui/file/892d5e8e763073648dfebcfd4c89526989d909d6189826a974f17e2311de8bc4/detection

google-update.com
learn-service.com
microsofte-update.com
woxmma.microsofte-update.com

# Reference: https://unit42.paloaltonetworks.com/more-xhunt-new-powershell-backdoor-blocked-through-dns-tunnel-detection/
# Reference: https://twitter.com/Voulnet/status/1014951078364876801
# Reference: https://otx.alienvault.com/pulse/5da0d8dc27a2ad4cc8864283

firewallsupports.com
windows64x.com
winx64-microsoft.com
windows-updates.com

# Reference: https://unit42.paloaltonetworks.com/xhunt-campaign-backdoors/
# Reference: https://otx.alienvault.com/pulse/5fa97823e94863569cf1fdbe

sharepoint-web.com

# Reference: https://unit42.paloaltonetworks.com/xhunt-campaign-backdoors/
# Reference: https://otx.alienvault.com/pulse/5fa97823e94863569cf1fdbe

deman1.icu
hotsoft.icu
lidarcc.icu
uplearn.top

# Reference: https://unit42.paloaltonetworks.com/bumblebee-webshell-xhunt-campaign/
# Reference: https://otx.alienvault.com/pulse/5ffcbc5b19a30849ecd2ab78

142.11.211.79:8080
142.11.211.79:8081
192.119.110.194:8083
91.92.109.59:1234
91.92.109.59:1255
91.92.109.59:1288
91.92.109.59:1289
backendloop.online
bestmg.info
windowsmicrosofte.online

# Reference: https://www.cynet.com/orion-threat-alert-flight-of-the-bumblebee/
# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-04-05-IOCs-for-Bumblebee-and-Cobalt-Strike.txt

192.236.198.63:443
23.82.19.208:443
45.147.229.177:433

# Reference: https://twitter.com/r0ny_123/status/1515939792034230272

108.62.12.12:443

# Reference: https://twitter.com/Max_Mal_/status/1516352309311246339

199.80.55.44:443
209.141.59.96:433
23.106.160.120:433

# Reference: https://twitter.com/k3dg3/status/1516819204200091655
# Reference: https://tria.ge/220420-t3m7dsechn/behavioral2

184.29.205.132:443

# Reference: https://twitter.com/phage_nz/status/1519207039968313344

104.168.236.99:443
172.241.29.169:443
23.82.141.184:443
messerota.com

# Reference: https://twitter.com/Max_Mal_/status/1519323650062753792

108.62.118.56:443
185.33.87.53:443
28.11.143.222:443
49.12.241.35:443
71.1.188.122:443
89.222.221.14:443

# Reference: https://tria.ge/220428-tx94zafbc7

209.141.59.96:443
23.106.160.120:443

# Reference: https://twitter.com/Max_Mal_/status/1521449204106862592

138.201.190.52:443
23.83.134.136:443

# Reference: https://twitter.com/1ZRR4H/status/1521822196150067201
# Reference: https://github.com/CronUp/Malware-IOCs/blob/main/2022-05-03_Bumblebee

103.175.16.45:443
103.175.16.46:443
103.175.16.49:443
108.62.118.236:443
108.62.118.56:443
108.62.118.61:443
108.62.118.62:443
108.62.118.64:443
138.201.190.52:443
23.106.160.120:443
23.106.160.39:443
23.106.160.40:443
23.81.246.187:443
23.83.134.110:443
23.83.134.133:443
23.83.134.136:443
45.147.229.177:443
45.147.229.23:443
49.12.241.35:443

# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-05-03-IOCs-for-Contact-Forms-Bumblebee-and-Cobalt-Strike.txt

45.153.243.93:443

# Reference: https://twitter.com/k3dg3/status/1521899597462966273
# Reference: https://twitter.com/pr0xylife/status/1521901280771416066

figesoyuzo.com
/usda29ksagh12/

# Reference: https://twitter.com/James_inthe_box/status/1521956984941019139

108.62.12.203:443
23.82.128.149:443

# Reference: https://twitter.com/petrovic082/status/1522951977445081089
# Reference: https://www.virustotal.com/gui/file/e90c7d64377f397f556feaf056d0319c8338311d44e320541207a362b683196a/detection

45.140.146.244:443

# Reference: https://twitter.com/1ZRR4H/status/1530746956619857920
# Reference: https://twitter.com/pr0xylife/status/1530842662072467456
# Reference: https://twitter.com/pr0xylife/status/1530842864187494403
# Reference: https://isc.sans.edu/diary/rss/28636
# Reference: https://otx.alienvault.com/pulse/627bcbb336db3754603b5c38
# Reference: https://www.virustotal.com/gui/file/02dce7f57e4933edf84cbe525d8115defd5ecafd5b2b203be6a2ec7aa0099bc7/detection

banytul.com
barkunode.com
baronrtal.com
birobixt.com
bunadist.com
curanao.com
glicefud.com
goranism.com
kurabas.com
marebust.com
maudaris.com
olodaris.com
omnimature.com
parashane.com
vorkinal.com

# Reference: https://twitter.com/malware_traffic/status/1524564009034334210
# Reference: https://www.virustotal.com/gui/file/d08c8c165c0ca480ef40df7b9f7107524dbcc51e5e49fe013cbc16d91f18cef1/detection

154.56.0.218:443
serverjarvis.sytes.net

# Reference: https://tria.ge/220509-ygys8agghn

146.70.106.92:443
23.227.198.195:443
23.227.203.120:443
51.83.253.244:443

# Reference: https://twitter.com/ESETresearch/status/1524971448892366880
# Reference: https://twitter.com/ESETresearch/status/1524971459248066560

194.33.40.181:443
23.88.117.246:443
91.213.8.18:443

# Reference: https://isc.sans.edu/diary/28664
# Reference: https://otx.alienvault.com/pulse/62864c5e786571c438628fd6

194.135.33.144:443
southerncompanygas.co
wolsleyindustrialgroup.co
wolsleyindustrialgroup.com

# Reference: https://tria.ge/220519-sh1rbagge9

192.236.198.116:443
79.110.52.53:443

# Reference: https://twitter.com/pr0xylife/status/1527356211053547529

103.175.16.117:443
154.56.0.221:443
64.44.101.250:443

# Reference: https://tria.ge/220520-mxt97aaef5

176.107.177.124:443
192.236.160.254:443
192.236.192.85:443

# Reference: https://twitter.com/pr0xylife/status/1528787494711578625

192.236.194.136:443
193.239.84.247:443
63.141.248.253:443

# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_25.05.2022.txt

192.119.64.21:443
64.44.102.6:443
79.110.52.56:443

# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_26.05.2022.txt

103.175.16.121:443
64.44.135.250:443
68.233.238.105:443

# Reference: https://twitter.com/k3dg3/status/1529868442391674881
# Reference: https://tria.ge/220526-t3xe3ahack

23.254.229.131:443
51.75.62.99:443
79.110.52.71:443

# Reference: https://tria.ge/220528-fh5n2sdfhm
# Reference: https://tria.ge/220527-w8yanagch4

101.88.16.100:443
107.90.225.1:443
108.16.90.159:443
108.174.195.253:443
121.15.221.97:443
121.175.62.199:443
146.70.78.21:443
154.0.119.28:443
154.56.0.228:443
170.32.109.77:443
18.127.96.221:443
185.156.172.8:443
185.62.56.12:443
19.71.13.153:443
21.175.22.99:443
22.175.0.90:443
38.12.57.131:443
49.12.153.53:443
51.68.146.200:443
73.214.29.52:443
77.121.49.161:443
78.112.52.91:443
8.12.181.20:443
84.119.1.64:443

# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_09.06.2022.txt

103.175.16.107:443
103.175.16.108:443
103.175.16.122:443
145.239.135.155:443
146.19.173.139:443
146.19.253.49:443
146.70.104.250:443
146.70.125.82:443
149.255.35.134:443
154.56.0.241:443
185.156.172.123:443
185.62.58.133:443
185.62.58.169:443
192.236.161.191:443
192.236.249.68:443
193.233.203.156:443
193.239.84.254:443
194.135.33.148:443
194.135.33.149:443
212.114.52.46:443
23.254.201.97:443
37.120.198.248:443
45.147.229.101:443
45.147.229.50:443
46.21.153.145:443
54.38.136.187:443

# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-06-09-IOCs-from-TA578-Bumblebee-with-Cobalt-Strike.txt

145.239.30.26:443

# Reference: https://twitter.com/ankit_anubhav/status/1536773306358976512
# Reference: https://tria.ge/220614-wfjlssgcgq/behavioral1

103.175.16.108:443
104.168.219.94:443
107.44.53.47:330
111.99.39.11:387
115.109.212.139:461
123.67.113.210:483
133.57.116.243:424
135.253.243.175:300
142.182.181.207:450
145.239.135.155:443
146.70.125.82:443
15.209.19.148:466
154.56.0.252:443
157.17.142.85:406
158.35.83.74:332
160.70.24.228:486
167.28.27.185:467
171.78.101.85:258
172.244.110.160:367
185.62.58.133:443
188.104.94.69:348
188.57.4.52:357
188.6.218.149:317
193.233.203.156:443
194.135.33.148:443
21.29.238.98:209
216.254.58.191:443
22.83.186.45:201
221.106.84.123:307
223.243.46.133:147
33.145.184.132:240
34.229.154.31:235
39.57.152.217:440
45.153.241.187:443
47.58.200.234:159
48.165.175.199:316
48.209.106.172:357
57.240.143.90:256
67.136.243.43:323
68.227.158.172:411
69.161.201.181:382
78.89.31.86:229
80.156.1.202:305
80.26.101.48:372
80.9.246.19:338
90.81.8.16:370

# Reference: https://tria.ge/220614-w277aagfcl/behavioral1

103.175.16.106:443
104.124.14.244:197
105.137.48.127:156
112.143.55.233:256
115.200.5.214:467
117.75.94.181:456
12.236.242.155:211
122.247.231.47:117
128.44.54.202:493
13.218.205.215:309
134.247.186.104:233
145.239.28.110:443
146.19.173.186:443
148.70.67.206:267
170.24.243.46:441
171.227.174.67:108
172.117.69.12:366
177.96.182.180:213
182.10.38.85:198
185.62.57.27:443
187.247.16.193:308
192.107.100.31:298
192.205.3.12:235
193.233.203.243:443
2.211.111.213:125
20.150.149.28:415
201.249.37.165:420
204.1.81.223:110
207.90.225.187:369
211.22.161.225:196
24.57.185.167:317
29.64.0.111:122
4.165.175.212:387
40.72.17.141:326
45.142.214.167:443
45.147.231.202:443
45.84.0.13:443
51.68.145.54:443
57.132.248.83:391
66.160.230.114:370
67.194.32.32:367
69.235.89.243:366
76.96.116.176:190
77.49.189.77:103
78.202.137.116:271
89.52.115.119:444

# Reference: https://pastebin.com/bST3CZAx

1.32.39.22:459
102.109.16.255:445
103.175.16.106:443
103.175.16.107:443
103.175.16.108:443
103.175.16.117:443
103.175.16.121:443
103.175.16.122:443
103.175.16.59:443
104.124.14.244:197
104.135.8.250:417
104.168.156.224:443
104.168.219.94:443
105.137.48.127:156
107.44.53.47:330
108.28.254.44:399
109.108.10.35:386
111.99.39.11:387
112.110.146.153:349
112.143.55.233:256
112.81.173.199:399
114.9.152.233:402
115.103.22.1:153
115.109.212.139:461
115.16.153.155:459
115.200.5.214:467
115.239.67.202:380
117.50.181.41:373
117.75.94.181:456
119.177.224.146:124
12.236.242.155:211
120.237.172.163:343
122.247.231.47:117
123.67.113.210:483
124.243.81.221:274
126.68.7.249:422
128.44.54.202:493
13.218.205.215:309
132.44.27.212:299
133.133.249.24:204
133.57.116.243:424
134.247.186.104:233
135.142.208.39:298
135.253.243.175:300
135.36.13.40:427
137.253.55.69:235
138.65.77.29:391
140.208.107.161:360
141.98.168.70:443
142.11.216.143:443
142.182.181.207:450
143.117.20.123:425
144.52.138.51:193
145.239.135.155:443
145.239.28.110:443
145.239.30.26:443
146.19.173.105:443
146.19.173.116:443
146.19.173.139:443
146.19.173.186:443
146.19.173.195:443
146.19.173.202:443
146.19.173.224:443
146.19.253.15:443
146.19.253.49:443
146.19.253.6:443
146.70.104.250:443
146.70.124.77:443
146.70.125.122:443
146.70.125.82:443
146.70.86.254:443
148.70.67.206:267
149.255.35.134:443
149.255.35.183:443
149.57.112.159:122
15.209.19.148:466
154.56.0.100:443
154.56.0.102:443
154.56.0.199:443
154.56.0.219:443
154.56.0.221:443
154.56.0.231:443
154.56.0.240:443
154.56.0.241:443
154.56.0.242:443
154.56.0.252:443
155.113.182.180:324
157.17.142.85:406
158.35.83.74:332
158.69.98.105:443
160.20.147.191:443
160.70.24.228:486
162.144.249.150:239
165.158.204.41:469
167.235.245.35:443
167.28.27.185:467
168.20.103.16:132
170.107.238.10:276
170.24.243.46:441
171.227.174.67:108
171.78.101.85:258
172.117.69.12:366
172.244.110.160:367
174.150.214.40:426
174.58.225.25:420
176.107.177.124:443
177.231.94.146:410
177.96.182.180:213
178.255.155.53:108
18.215.29.142:436
18.8.71.243:176
180.184.129.160:223
180.23.251.29:230
182.10.38.85:198
182.62.4.186:282
183.37.64.159:220
185.156.172.123:443
185.250.148.136:443
185.62.56.186:443
185.62.56.201:443
185.62.56.202:443
185.62.57.162:443
185.62.57.182:443
185.62.57.27:443
185.62.58.133:443
185.62.58.169:443
185.62.58.209:443
185.62.58.222:443
185.62.58.238:443
185.94.100.232:189
187.247.16.193:308
188.104.94.69:348
188.57.4.52:357
188.6.218.149:317
190.123.237.229:261
192.107.100.31:298
192.119.64.21:443
192.205.3.12:235
192.21.12.118:231
192.236.160.254:443
192.236.161.191:443
192.236.192.85:443
192.236.194.136:443
192.236.249.68:443
193.233.203.156:443
193.233.203.243:443
193.239.84.247:443
193.239.84.254:443
193.43.251.231:312
194.135.33.148:443
194.135.33.149:443
194.135.33.16:443
194.37.97.135:443
198.98.57.91:443
198.98.62.156:443
2.190.89.140:236
2.211.111.213:125
2.97.24.126:148
20.150.149.28:415
201.249.37.165:420
203.138.139.122:404
204.1.81.223:110
207.90.225.187:369
208.151.241.134:362
208.231.162.191:266
208.84.180.22:146
209.141.52.25:443
21.29.238.98:209
210.163.58.211:385
210.251.188.194:228
211.22.161.225:196
212.114.52.46:443
212.234.34.219:148
213.115.131.233:186
213.203.201.199:307
213.26.162.157:477
216.254.58.191:443
218.199.149.25:415
22.83.186.45:201
221.106.84.123:307
221.218.33.190:154
221.238.146.116:272
222.62.166.76:206
223.243.46.133:147
23.227.202.179:443
23.254.201.97:443
23.254.227.144:443
23.254.227.53:443
23.254.229.131:443
24.57.185.167:317
26.6.83.53:219
28.78.74.145:427
29.64.0.111:122
3.172.226.46:189
30.65.48.152:239
31.215.170.180:431
32.181.245.23:191
33.145.184.132:240
34.229.154.31:235
35.17.203.69:268
37.120.198.248:443
37.64.220.2:332
37.72.174.23:443
39.57.152.217:440
4.165.175.212:387
40.72.17.141:326
45.138.172.22:443
45.142.214.167:443
45.147.229.101:443
45.147.229.50:443
45.147.231.202:443
45.153.241.187:443
45.153.241.234:443
45.3.236.177:312
45.84.0.13:443
46.21.153.145:443
47.58.200.234:159
48.165.175.199:316
48.209.106.172:357
49.57.156.149:228
51.210.158.156:443
51.68.144.94:443
51.68.145.54:443
51.75.62.15:443
51.75.62.99:443
51.83.250.240:443
53.96.32.99:333
54.37.130.77:443
54.38.136.187:443
54.38.139.20:443
55.14.133.44:292
57.132.248.83:391
57.156.134.113:446
57.240.143.90:256
58.10.55.201:382
60.27.170.3:463
63.122.120.151:268
63.141.248.253:443
64.250.120.4:406
64.44.101.250:443
64.44.102.6:443
64.44.135.230:443
64.44.135.250:443
65.254.82.66:498
65.95.20.151:232
66.160.230.114:370
66.23.70.38:168
67.136.243.43:323
67.194.32.32:367
68.227.158.172:411
68.233.238.105:443
69.161.201.181:382
69.235.89.243:366
70.77.209.88:224
76.96.116.176:190
77.49.189.77:103
78.174.92.106:151
78.202.137.116:271
78.244.227.62:462
78.79.38.95:496
78.89.31.86:229
78.90.18.29:383
79.110.52.104:443
79.110.52.236:443
79.110.52.56:443
79.110.52.71:443
79.133.212.60:211
79.198.114.179:442
80.156.1.202:305
80.241.131.170:311
80.26.101.48:372
80.9.246.19:338
83.142.26.147:465
83.47.40.251:306
89.52.115.119:444
9.240.112.25:411
90.81.8.16:370
91.167.137.83:421
92.204.160.92:443
95.29.177.99:462
98.84.87.52:353

# Reference: https://tria.ge/220625-h96rjabbdr

101.8.100.194:131
103.175.16.47:443
103.200.32.188:492
106.120.29.13:489
13.2.200.200:338
133.209.39.126:217
138.114.199.166:316
146.19.173.202:443
146.19.173.207:443
152.38.148.148:494
168.120.139.16:273
172.110.248.55:203
173.77.219.120:201
186.150.217.235:221
187.210.45.242:299
192.119.77.241:443
193.239.152.108:242
204.181.129.183:248
204.233.101.71:459
206.103.180.253:205
207.6.99.3:471
211.131.243.77:112
215.48.4.118:123
24.121.25.160:346
25.170.215.18:456
28.53.120.108:270
49.179.166.100:235
50.167.186.112:239
50.41.225.93:478
54.38.136.111:443
69.120.31.126:408
74.135.94.210:347
74.57.128.223:112
82.20.113.198:446
86.91.101.57:221
89.172.3.185:315
97.194.155.116:446
98.28.11.39:201

# Reference: https://www.cybereason.com/blog/threat-analysis-report-bumblebee-loader-the-high-road-to-enterprise-domain-control
# Reference: https://otx.alienvault.com/pulse/6306320477c9993c7fc3a2c0

185.62.56.129:443

# Reference: https://www.malware-traffic-analysis.net/2022/08/30/index.html

142.11.234.238:443

# Reference: https://twitter.com/BroadAnalysis/status/1567586542276775938

103.144.139.135:443

# Reference: https://twitter.com/pr0xylife/status/1571899501455048704
# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_19.09.2022.txt

108.177.235.29:443
23.106.160.117:443
23.106.215.133:443
meeronixt.com

# Reference: https://twitter.com/k3dg3/status/1575173131198558208

/ASUYfdhjsQx/

# Reference: https://research.checkpoint.com/2022/bumblebee-increasing-its-capacity-and-evolving-its-ttps/

104.168.201.219:443
142.11.234.230:443
152.89.247.79:443
185.17.40.189:443
185.62.58.175:443
205.185.122.143:443
205.185.123.137:443
209.141.46.50:443
209.141.58.141:443
51.68.146.186:443
51.68.147.233:443
51.83.251.245:443
51.83.253.131:443
54.37.130.166:443
54.37.131.14:443
54.38.138.94:443

# Reference: https://twitter.com/BroadAnalysis/status/1577816261823795200

51.83.250.102:443

# Reference: https://twitter.com/ESETresearch/status/1577963080096555008
# Reference: https://twitter.com/ESETresearch/status/1577963091295453184

103.144.139.158:443
145.239.28.55:443
146.70.147.39:443
146.70.149.48:443
192.119.74.28:443
45.141.58.37:443
54.38.138.5:443

# Reference: https://twitter.com/pr0xylife/status/1583595706148741120

146.59.116.146:443
172.93.193.220:443
23.106.160.112:443
ralepijo.com
/grasbly.dll

# Reference: https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/
# Reference: https://otx.alienvault.com/pulse/635bcc619768c0b6cb3e9677

guteyutur.com
dsfdsfgb.azureedge.net

# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_27.06.2022.txt

103.25.51.23:388
12.75.186.131:263
122.50.173.112:157
124.79.186.17:245
135.36.57.27:157
135.79.221.116:303
14.155.143.74:191
141.69.161.34:281
145.250.252.150:418
146.19.253.56:443
149.197.87.217:409
150.37.37.18:112
151.233.218.244:192
154.171.215.86:169
155.180.101.133:318
156.151.142.100:123
156.165.161.82:298
159.117.143.69:265
168.113.169.88:428
175.90.216.232:197
179.4.178.202:339
19.32.56.182:487
192.119.77.100:443
194.120.202.95:468
194.129.76.203:490
199.61.79.119:346
21.21.141.32:133
212.107.138.109:287
218.122.217.28:234
24.4.68.32:418
28.107.38.196:269
29.122.243.158:226
31.228.253.114:427
33.93.97.183:112
35.120.155.220:262
41.28.188.77:212
51.199.209.83:290
64.157.160.42:207
68.121.248.35:464
68.14.88.177:143
76.81.225.65:337
78.24.136.181:493
78.74.20.180:433

# Reference: https://www.cynet.com/blog/orion-threat-alert-flight-of-the-bumblebee/

192.236.198.63:433

# Reference: https://twitter.com/tosscoinwitcher/status/1590084982193913857
# Reference: https://tria.ge/221108-zhe8yahgbp/behavioral1

146.19.253.28:443
146.70.149.38:443
176.223.165.108:443

# Reference: https://www.malware-traffic-analysis.net/2022/11/07/index.html

http://134.209.118.141
http://87.251.67.176
103.144.139.156:443
144.173.110.28:115
155.182.198.198:402
183.125.56.150:459
188.172.189.108:163
193.211.15.111:229
208.226.164.254:152
212.48.233.55:446
220.193.225.180:148
39.65.8.170:443
4.167.227.222:325
56.50.75.119:423
73.13.11.238:338
86.184.196.254:214
95.254.227.139:451

# Reference: https://twitter.com/malwrhunterteam/status/1592249538802511873
# Reference: https://www.virustotal.com/gui/file/48d585ca3a477ef7e8f0983735903335d9a5327f5fc434c222b6f551f7c0dc68/detection

1.3.49.41:116
126.214.148.137:194
132.236.194.230:315
133.135.205.124:197
157.195.106.206:250
191.208.255.91:175
215.55.4.215:483
25.166.31.10:427
33.15.138.183:236
33.187.124.30:114
64.44.135.140:443
78.86.12.112:410
cruds-club.com

# Reference: https://twitter.com/malware_traffic/status/1592268760924450816
# Reference: https://tria.ge/221114-vt7p4sha5y/behavioral5

107.189.13.247:443
54.37.130.24:443
64.44.102.241:443

# Reference: https://twitter.com/Unit42_Intel/status/1593636233212739584

193.200.16.175:443

# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-12-07-IOCs-for-Bumblebee-infection-with-Cobalt-Strike.txt

139.177.146.137:443
81.77.212.213:118
88.52.50.98:452

# Reference: https://tria.ge/230208-x8dfxseb8w

103.175.16.104:443
172.86.120.111:443
205.185.113.34:443
23.254.167.63:443

# Reference: https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_21.02.2023.txt

104.168.140.145:443
108.62.118.170:443
108.62.141.20:443
192.119.72.133:443
23.108.57.201:443
51.68.145.171:443

# Reference: https://twitter.com/Artilllerie/status/1628349460966215682
# Reference: https://0paste.com/443087.txt

103.175.16.13:443
104.168.157.253:443
146.19.173.86:443
157.254.194.117:443
160.20.147.242:443
173.234.155.246:443
185.17.40.138:443
185.173.34.35:443
192.111.146.178:443
194.135.33.184:443
195.20.17.75:443
23.82.140.155:443
51.68.144.43:443
51.75.62.204:443
86.106.131.105:443
91.206.178.234:443

# Reference: https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/bumblebee-docusign-campaign

107.189.5.17:443
114.70.235.72:357
122.125.104.16:475
138.133.49.46:211
140.157.121.40:433
141.161.143.136:272
146.29.236.141:457
150.18.156.130:256
174.72.94.173:309
177.232.32.155:257
179.55.218.145:322
181.87.160.175:479
194.135.33.85:443
196.224.200.10:482
207.12.58.212:419
209.141.40.19:443
210.38.79.54:319
214.77.93.215:263
216.73.114.69:379
24.64.127.190:229
32.234.39.72:191
38.174.252.233:131
44.184.236.94:128
58.249.161.153:350
6.66.255.6:433
60.231.88.20:422
72.204.201.249:374
73.73.80.51:127
93.216.14.249:213

# Reference: https://twitter.com/Max_Mal_/status/1636365861681496068

12.100.159.196:261
138.5.60.195:103
152.151.165.105:252
175.103.114.28:154
210.154.128.203:164
41.82.217.82:340
43.231.64.55:493
45.61.187.225:433

# Reference: https://tria.ge/230318-bzrfjacg81/behavioral1

103.175.16.15:443
107.189.12.129:443
157.254.194.119:443
192.111.146.184:443
192.254.79.101:443
195.133.192.10:443
209.141.53.174:443
23.254.225.130:443
37.28.155.36:443
51.83.248.92:443

# Reference: https://twitter.com/0xToxin/status/1649131620383825923

103.175.16.150:443
146.70.155.82:443
149.3.170.179:443

# Reference: https://twitter.com/k3dg3/status/1659619906919251979
# Reference: https://tria.ge/230519-wbzgfsfa73/behavioral1

103.175.16.151:443
192.198.82.59:443
194.135.33.160:443
32.54.188.44:443
92.119.178.40:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bumblebee/

http://103.175.16.13
100.166.114.2:231
100.221.98.138:443
100.62.116.119:471
102.189.132.75:411
103.144.139.137:443
103.144.139.139:443
103.144.139.145:443
103.144.139.146:443
103.144.139.150:443
103.144.139.154:443
103.144.139.159:443
103.144.139.164:443
103.144.139.166:443
103.175.16.105:443
103.175.16.10:443
103.175.16.119:443
103.175.16.133:443
103.175.16.149:443
103.175.16.208:443
103.175.16.25:443
103.175.16.58:443
103.175.16.60:443
104.109.81.90:359
104.168.136.137:443
104.168.144.212:443
104.168.151.120:443
104.168.162.242:443
104.168.171.159:443
104.168.171.189:443
104.168.171.97:443
104.168.172.195:443
104.168.174.148:443
104.168.175.78:443
104.168.175.81:443
104.168.200.192:443
104.168.202.54:443
104.168.203.190:443
104.168.204.115:443
104.168.218.224:443
104.168.218.74:443
104.168.243.123:443
104.168.243.178:443
104.168.243.204:443
104.168.244.96:443
104.219.233.101:443
104.219.233.107:443
104.219.233.113:443
104.219.233.120:443
104.219.233.125:443
104.219.233.127:443
104.219.233.129:443
104.219.233.130:443
104.219.233.133:443
104.219.233.145:443
104.219.233.30:443
104.219.233.38:443
104.219.233.41:443
104.219.233.42:443
104.244.72.215:443
104.244.75.253:443
104.244.77.61:443
104.37.20.148:152
104.86.43.102:455
105.111.222.244:485
105.45.26.251:205
106.30.10.152:200
107.189.1.123:443
107.189.1.156:443
107.189.1.219:443
107.189.13.201:443
107.189.14.8:443
107.189.30.231:443
107.189.5.45:443
107.189.6.147:443
107.189.8.58:443
107.204.201.53:264
107.219.151.119:244
108.174.194.151:443
108.25.105.234:166
108.62.118.108:443
108.62.118.177:443
108.62.118.219:443
108.62.118.235:443
108.62.118.53:443
108.62.118.59:443
108.62.118.70:443
108.62.118.81:443
108.62.12.19:443
108.62.12.202:443
108.62.141.221:443
108.62.141.38:443
108.62.141.52:443
108.62.141.98:443
109.140.220.255:121
109.251.149.213:421
112.242.91.221:407
113.4.33.142:138
113.56.104.34:443
113.98.120.85:440
116.151.146.123:341
116.204.18.170:113
116.205.234.96:247
116.241.116.41:410
117.17.41.72:459
117.172.191.115:471
118.64.27.23:475
118.89.112.82:338
119.50.18.190:134
12.194.222.34:380
120.181.249.142:177
121.164.36.213:396
121.37.185.77:358
124.131.180.3:215
124.76.30.34:476
124.9.134.87:426
125.81.24.187:397
126.76.167.19:201
126.99.238.54:447
128.79.29.175:298
129.125.121.145:133
129.250.70.54:276
129.51.68.80:196
13.234.171.104:461
130.173.49.173:107
130.242.219.205:423
131.136.57.50:384
131.220.159.133:200
132.11.130.225:224
132.180.150.102:379
133.99.126.202:263
134.179.38.71:422
135.125.241.35:443
135.15.5.19:411
136.179.9.50:318
137.219.255.218:446
137.31.59.180:443
138.141.158.45:217
139.177.146.230:443
139.177.146.25:443
139.177.146.26:443
139.177.146.27:443
14.11.77.37:138
14.128.51.19:412
14.195.237.81:451
142.11.193.243:443
142.11.194.198:443
142.11.195.231:443
142.11.196.174:443
142.11.199.235:443
142.11.206.112:443
142.11.210.50:443
142.11.211.32:443
142.11.212.144:443
142.11.213.56:443
142.11.216.12:443
142.11.234.228:443
142.11.238.7:443
142.11.245.185:443
142.118.138.85:402
142.32.211.156:157
142.93.12.251:443
143.27.231.233:335
144.136.57.11:443
145.239.135.16:443
145.239.29.119:443
145.239.30.219:443
145.239.30.242:443
145.239.30.73:443
145.239.31.136:443
146.158.114.155:467
146.19.173.120:443
146.19.173.137:443
146.19.173.141:443
146.19.173.148:443
146.19.173.173:443
146.19.173.25:443
146.19.173.26:443
146.19.173.31:443
146.19.173.33:443
146.19.173.34:443
146.19.173.45:443
146.19.173.61:443
146.19.173.71:443
146.19.173.76:443
146.19.253.102:443
146.19.253.41:443
146.19.253.53:443
146.59.116.127:443
146.59.116.131:443
146.59.116.185:443
146.59.116.196:443
146.59.116.242:443
146.59.116.25:443
146.59.116.49:443
146.59.116.4:443
146.59.116.54:443
146.59.116.64:443
146.59.116.77:443
146.59.116.79:443
146.59.117.200:443
146.70.100.126:443
146.70.100.80:443
146.70.102.73:443
146.70.106.163:443
146.70.106.76:443
146.70.124.116:443
146.70.124.117:443
146.70.125.80:443
146.70.125.93:443
146.70.135.135:443
146.70.139.252:443
146.70.143.133:443
146.70.143.140:443
146.70.143.183:443
146.70.147.16:443
146.70.147.57:443
146.70.147.7:443
146.70.149.11:443
146.70.149.14:443
146.70.149.32:443
146.70.149.40:443
146.70.149.42:443
146.70.149.43:443
146.70.149.45:443
146.70.149.58:443
146.70.152.221:443
146.70.161.59:443
146.70.161.82:443
146.70.53.139:443
146.70.53.142:443
146.70.86.47:443
147.79.237.123:354
149.255.35.138:443
149.255.35.163:443
149.28.84.215:443
149.3.170.185:443
149.3.170.196:443
149.3.170.213:443
149.3.170.236:443
149.3.170.62:443
149.3.170.94:443
15.248.60.137:220
151.218.16.201:462
152.89.247.225:443
152.89.247.241:443
153.30.97.227:163
154.56.0.101:443
154.56.0.110:443
154.56.0.114:443
154.56.0.115:443
154.56.0.196:443
154.56.0.197:443
155.98.234.36:412
157.254.194.104:443
157.254.194.150:443
158.208.5.127:269
158.67.156.68:380
159.107.119.196:466
159.113.48.85:385
159.191.39.179:386
159.248.192.111:424
159.89.22.59:443
16.249.204.133:158
16.86.113.88:226
160.20.147.91:443
160.20.62.151:124
161.207.51.170:397
162.0.209.131:443
163.158.2.201:265
164.254.139.199:210
164.29.3.97:443
164.52.201.153:443
164.90.179.108:443
165.132.190.127:368
165.15.183.148:458
165.84.157.60:302
167.77.156.226:482
168.160.250.76:159
169.197.227.201:474
169.246.230.158:489
17.147.212.14:276
17.29.249.188:264
170.160.24.88:267
170.36.34.111:203
170.66.154.71:361
170.88.0.154:120
170.95.167.18:496
172.241.27.116:443
172.241.27.120:443
172.86.120.141:443
172.86.121.123:443
172.86.121.56:443
172.86.121.59:443
172.86.121.61:443
172.86.122.167:443
172.86.123.111:443
172.86.123.150:443
172.86.123.217:443
172.86.123.231:443
172.93.193.149:443
172.93.193.3:443
172.93.193.42:443
172.93.193.46:443
172.93.193.74:443
172.93.193.95:443
172.93.201.138:443
172.93.201.207:443
172.93.201.244:443
172.93.201.2:443
173.200.61.240:100
173.234.155.124:443
173.234.155.133:443
173.234.155.143:443
173.62.170.155:484
176.111.174.65:443
176.111.174.66:443
176.111.174.67:443
176.111.174.70:443
176.111.174.73:443
176.223.165.119:443
176.223.165.125:443
178.63.172.12:443
179.174.90.170:108
179.5.59.188:228
179.88.25.130:348
18.141.105.98:293
18.151.45.13:359
18.210.196.217:178
180.160.133.46:486
180.175.236.161:293
180.220.100.51:127
181.33.49.44:164
182.121.202.27:373
182.206.137.152:214
183.194.177.52:219
184.167.112.126:440
184.34.86.128:233
184.56.33.232:129
184.83.49.115:179
185.123.53.173:443
185.123.53.248:443
185.145.97.141:443
185.165.82.120:182
185.227.82.15:443
185.62.57.202:443
185.62.57.94:443
185.69.113.39:124
186.190.32.221:102
189.167.167.132:443
189.215.92.254:209
19.128.78.21:190
190.165.163.67:285
190.238.244.214:117
191.65.54.76:181
192.111.146.181:443
192.111.146.185:443
192.111.146.186:443
192.111.146.189:443
192.119.120.146:443
192.119.120.22:443
192.119.64.249:443
192.119.65.175:443
192.119.66.138:443
192.119.74.194:443
192.119.77.44:443
192.119.81.86:443
192.119.87.45:443
192.129.129.20:443
192.129.129.53:443
192.155.197.15:315
192.198.82.51:443
192.198.82.56:443
192.198.82.60:443
192.198.82.62:443
192.236.146.147:443
192.236.155.219:443
192.236.155.47:443
192.236.161.44:443
192.236.161.50:443
192.236.178.253:443
192.236.179.104:443
192.236.193.215:443
192.236.194.101:443
192.236.194.104:443
192.236.198.181:443
192.236.199.191:443
192.236.199.61:443
192.236.208.19:443
192.236.233.8:443
192.254.79.100:443
192.254.79.106:443
192.254.79.120:443
192.254.79.122:443
192.254.79.124:443
192.255.188.11:443
192.49.26.26:156
193.109.120.156:443
193.109.120.252:443
193.109.120.71:443
194.13.72.84:438
194.135.33.127:443
194.135.33.139:443
194.135.33.151:443
194.135.33.182:443
194.135.33.40:443
194.135.33.90:443
194.15.216.113:443
194.15.216.247:443
194.162.246.66:284
194.59.183.30:443
195.133.192.103:443
195.133.192.117:443
195.133.192.26:443
195.133.192.4:443
195.20.17.210:443
195.20.17.233:443
195.20.17.76:443
195.24.93.69:140
196.168.84.24:372
196.205.170.142:344
196.229.162.29:498
197.100.127.145:468
198.176.96.204:443
198.230.60.229:465
198.84.123.61:443
198.98.48.141:443
198.98.48.231:443
198.98.49.201:443
198.98.50.15:443
198.98.50.197:443
198.98.51.235:443
198.98.51.250:443
198.98.51.75:443
198.98.52.145:443
198.98.52.241:443
198.98.52.246:443
198.98.55.214:443
198.98.56.242:443
198.98.56.9:443
198.98.57.185:443
198.98.58.184:443
198.98.59.245:443
198.98.59.39:443
198.98.59.54:443
198.98.59.64:443
198.98.60.196:443
199.195.249.106:443
199.195.249.67:443
199.195.249.74:443
199.195.251.244:443
199.195.253.39:443
2.126.13.36:272
2.240.132.127:273
2.50.39.29:308
2.56.10.16:443
200.154.18.124:356
200.97.188.60:309
201.101.156.173:443
201.19.223.122:395
202.77.46.110:494
203.48.139.140:482
204.172.178.183:443
204.223.28.129:424
205.160.222.15:274
205.185.113.181:443
205.185.114.107:443
205.185.114.241:443
205.185.115.138:443
205.185.116.99:443
205.185.119.60:443
205.185.121.162:443
205.185.121.173:443
205.185.123.115:443
205.185.126.42:443
205.185.127.176:443
206.219.40.88:120
206.245.228.10:133
206.8.75.126:347
207.146.147.151:430
207.206.225.56:376
207.232.34.49:443
208.115.216.246:443
209.141.35.185:443
209.141.35.21:443
209.141.41.251:443
209.141.41.46:443
209.141.42.230:443
209.141.46.65:443
209.141.46.67:443
209.141.48.117:443
209.141.48.135:443
209.141.48.221:443
209.141.49.203:443
209.141.49.72:443
209.141.51.187:443
209.141.51.65:443
209.141.54.211:443
209.141.57.123:443
209.141.57.151:443
209.141.57.29:443
209.141.58.129:443
209.198.142.251:182
209.244.102.105:112
211.138.66.214:245
211.30.22.66:156
212.114.52.124:443
212.128.221.184:268
212.46.38.231:443
213.227.154.19:443
213.232.235.90:443
213.80.235.165:443
213.9.245.43:177
215.158.14.90:210
215.52.248.60:351
216.247.106.59:282
217.246.42.10:346
217.60.200.139:240
217.8.253.10:398
218.155.13.204:130
218.77.185.92:266
219.110.187.248:435
219.169.113.48:428
219.192.196.111:289
22.39.164.0:452
221.131.148.148:357
221.184.92.249:392
221.225.254.105:363
222.183.74.213:469
222.202.140.206:438
223.187.26.169:105
23.106.124.154:443
23.106.124.23:443
23.106.160.137:443
23.106.160.141:443
23.106.160.52:443
23.106.160.82:443
23.106.215.141:443
23.106.215.165:443
23.106.215.225:443
23.106.215.230:443
23.106.215.233:443
23.106.215.60:443
23.106.215.82:443
23.106.223.144:443
23.106.223.14:443
23.106.223.182:443
23.106.223.197:443
23.106.223.1:443
23.106.223.209:443
23.106.223.219:443
23.106.223.222:443
23.108.57.200:443
23.108.57.250:443
23.108.57.29:443
23.108.57.57:443
23.108.57.59:443
23.108.57.5:443
23.108.57.65:443
23.108.57.66:443
23.108.57.79:443
23.108.57.87:443
23.136.208.76:136
23.19.58.176:443
23.229.117.229:443
23.254.142.159:443
23.254.161.46:443
23.254.167.143:443
23.254.204.109:443
23.254.204.210:443
23.254.225.249:443
23.254.229.210:443
23.254.247.48:443
23.29.115.164:443
23.81.246.171:443
23.81.246.17:443
23.81.246.205:443
23.81.246.22:443
23.82.128.116:443
23.82.128.11:443
23.82.128.127:443
23.82.140.100:443
23.82.140.14:443
23.82.140.180:443
23.82.19.119:443
24.183.132.242:376
25.131.252.242:253
25.169.42.242:443
27.31.180.123:139
28.23.200.103:366
29.15.120.102:455
29.203.98.166:376
3.215.24.1:346
30.140.193.246:341
30.225.24.243:414
31.135.71.34:258
31.232.16.192:443
33.191.119.32:366
34.1.180.202:108
34.119.95.6:249
34.2.221.48:450
34.34.152.166:165
36.150.76.13:147
36.201.196.202:367
37.1.214.229:443
37.1.214.72:443
37.221.67.104:443
37.221.67.122:443
37.28.156.24:443
37.28.157.29:443
37.42.62.77:427
38.180.25.111:443
38.180.25.71:443
38.180.4.165:443
38.48.147.152:349
4.177.13.86:289
4.236.88.115:131
41.15.71.157:274
41.7.15.180:116
41.70.42.112:452
42.179.23.39:452
42.63.100.82:129
43.184.255.110:182
44.224.48.159:123
44.94.75.93:103
45.11.19.208:443
45.11.19.252:443
45.11.19.70:443
45.11.19.86:443
45.132.180.49:420
45.141.58.139:443
45.147.229.47:443
45.147.230.179:443
45.147.230.233:443
45.147.230.245:443
45.147.231.156:443
45.147.231.232:443
45.153.240.94:443
45.153.241.209:443
45.153.241.245:443
45.153.242.183:443
45.153.242.184:443
45.153.242.242:443
45.153.242.61:443
45.153.243.111:443
45.153.243.126:443
45.153.243.130:443
45.153.243.222:443
45.32.37.109:443
45.61.184.227:443
45.61.184.24:443
45.61.184.8:443
45.61.185.227:443
45.61.185.65:443
45.61.186.18:443
45.61.186.51:443
45.61.187.10:443
45.61.187.123:443
45.61.187.160:443
45.61.187.170:443
45.61.187.204:443
45.61.187.225:443
45.61.187.40:443
45.66.151.142:443
45.66.151.193:443
45.66.248.156:443
45.66.248.216:443
45.66.248.61:443
45.66.248.64:443
45.84.240.87:443
46.142.186.28:443
46.142.187.27:443
46.142.187.96:443
46.214.226.37:368
46.240.5.92:298
46.249.38.114:443
46.249.38.141:443
47.26.53.19:195
48.194.62.179:122
5.141.46.137:379
5.237.231.132:443
5.45.54.50:412
5.53.19.66:164
50.44.183.176:440
51.68.144.13:443
51.68.145.174:443
51.68.145.40:443
51.68.147.63:443
51.68.157.245:443
51.75.63.193:443
51.75.63.234:443
51.77.41.141:443
51.77.41.66:443
51.81.134.202:443
51.83.225.143:443
51.83.248.182:443
51.83.248.28:443
51.83.249.204:443
51.83.250.153:443
51.83.250.168:443
51.83.252.171:443
51.83.253.18:443
51.83.254.164:443
51.83.254.187:443
51.83.254.3:443
51.83.254.9:443
51.83.255.232:443
51.83.255.85:443
52.40.0.232:170
54.108.3.223:465
54.37.130.121:443
54.37.130.195:443
54.37.131.107:443
54.37.131.10:443
54.37.131.158:443
54.37.131.164:443
54.37.131.232:443
54.38.136.144:443
54.38.136.209:443
54.38.136.39:443
54.38.137.14:443
54.38.139.94:443
54.66.60.129:229
58.184.81.243:122
6.10.249.12:377
60.248.37.104:413
61.147.148.44:325
62.113.238.72:443
62.113.238.73:443
62.160.169.2:232
62.22.48.195:239
62.82.188.190:234
64.44.101.102:443
64.44.101.123:443
64.44.101.25:443
64.44.102.140:443
64.44.102.202:443
64.44.102.224:443
64.44.102.239:443
64.44.102.36:443
64.44.102.85:443
64.44.135.134:443
64.44.135.197:443
64.44.135.198:443
64.44.97.138:443
64.44.97.56:443
64.44.97.58:443
64.44.98.157:443
64.44.98.213:443
66.15.189.146:122
66.9.9.138:154
67.17.64.18:478
67.28.24.164:451
68.63.126.83:102
69.114.87.193:408
69.128.111.23:128
69.164.203.147:443
69.46.15.158:443
7.12.29.221:249
7.71.244.186:411
74.17.237.225:370
74.219.241.225:481
74.230.15.244:376
75.115.238.135:394
76.134.233.76:443
76.26.104.26:249
77.38.240.57:172
78.0.144.134:330
79.143.87.103:443
79.172.113.34:443
79.196.23.192:106
8.126.95.33:443
8.219.132.142:443
8.222.182.83:443
8.222.227.103:443
8.253.171.67:308
8.76.233.176:318
80.17.127.251:110
80.187.122.238:295
80.85.142.45:443
81.215.251.28:357
82.104.34.104:373
82.4.190.155:413
85.143.223.165:148
85.239.52.113:443
85.239.52.15:443
85.239.52.179:443
85.239.52.29:443
85.239.52.71:443
85.239.54.134:443
85.239.54.145:443
85.239.54.178:443
85.239.54.192:443
85.239.54.2:443
85.58.120.124:184
86.105.1.108:443
86.106.87.135:443
88.139.160.72:326
89.159.155.176:455
89.41.26.77:443
89.44.9.153:443
89.44.9.204:443
91.206.178.167:443
91.206.178.179:443
91.206.178.204:443
91.206.178.68:443
91.206.178.81:443
91.235.234.107:443
91.235.234.199:443
91.245.253.76:443
91.245.254.101:443
91.245.254.107:443
91.245.254.41:443
91.245.254.96:443
91.245.254.97:443
91.43.99.217:268
92.204.160.44:443
93.212.145.203:443
93.212.159.189:443
94.103.188.112:443
94.88.121.46:403
94.98.129.174:197
95.168.191.134:443
95.168.191.248:443
95.249.6.218:443
97.85.151.94:372
98.18.89.105:425
98.254.212.235:127
99.253.242.138:390
ambronixt.com
irs.reviews

# Reference: https://threatfox.abuse.ch/browse/malware/win.bumblebee/ (# 2023-09-08)

104.199.38.224:443
34.77.116.45:443
35.239.11.197:443
52.211.87.95:443
95.214.56.243:443
3v1n35i5kwx.life
cmid1s1zeiu.life
itszko2ot5u.life
newdnq1xnl9.life

# Reference: https://threatfox.abuse.ch/ioc/1149948/

103.82.37.213:443

# Reference: https://threatfox.abuse.ch/ioc/1150215/

85.167.242.61:443

# Reference: https://threatfox.abuse.ch/ioc/1150544/

165.227.8.47:443

# Reference: https://twitter.com/k3dg3/status/1697373194972217715
# Reference: https://tria.ge/230831-1vmzzsba29/behavioral1

134.156.166.37:332

# Reference: https://threatfox.abuse.ch/ioc/1163465/

62.4.17.47:443

# Reference: https://threatfox.abuse.ch/ioc/1163901/

164.52.223.235:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.bumblebee/ (# 2023-09-19)

164.52.216.101:443
164.52.223.170:443
170.187.142.12:443
185.226.116.226:443
216.48.184.52:443
43.155.161.152:443
95.177.215.71:443

# Reference: https://twitter.com/Intrinsec/status/1709609529070010447
# Reference: https://www.virustotal.com/gui/ip-address/128.140.53.189/relations
# Reference: https://www.virustotal.com/gui/file/4ca01b4a13ae7673bd0e92aa999efc59c1614bb496e2274e8d552ed2fc6cfe00/detection
# Reference: https://www.virustotal.com/gui/file/60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3/detection

g7qf7ew5c.life

# Reference: https://twitter.com/k3dg3/status/1711509566934974785

186.85.54.111:149

# Reference: https://threatfox.abuse.ch/ioc/1198165/

20.22.18.80:443

# Reference: https://threatfox.abuse.ch/ioc/1204316/

149.28.109.119:443

# Reference: https://twitter.com/Artilllerie/status/1729182856625496184
# Reference: https://bazaar.abuse.ch/sample/4203f929fe8fab1c990e027216ef732955cc4fbfe598e9dc02dbf61fefd2e579/
# Reference: https://www.virustotal.com/gui/ip-address/62.133.61.203/relations
# Reference: https://app.validin.com/axon?find=62.133.61.203&type=ip
# Reference: https://tria.ge/231125-1cf4qach83
# Reference: https://www.virustotal.com/gui/file/790e47348ed361bcb1b2d5e3f5ab7c95f3fb7b53b94b54ea0dffd93d8d0f6e0e/detection

livmesilovess.pro
llvemewhateh.pro
02uhomlq.life
0oz7923s.life
0req10rd.life
0rlxan4o.life
0xtmu3tz.life
10ciy2hb.life
11ou1grl.life
1p24echu.life
1p34o0do.life
1q04n1r6.life
1qa3k743.life
2z2dl1og.life
37zi55wc.life
3jhcm6ou.life
3k8iq1nb.life
3nmeg5wa.life
3xqy6csn.life
43vtghfz.life
4huoqrsp.life
4r3inwrt.life
4soexc4m.life
54y2q50j.life
6a1fbhay.life
6o26tws0.life
6qwim2j8.life
6xhpschv.life
7564a2mg.life
7kmzys39.life
83b0leyy.life
8hxwl72r.life
8qwcvseh.life
9hh7hq5r.life
a9nhflze.life
aiv8bb2b.life
aqjjchti.life
aqnx9c9h.life
awr5omre.life
ay03u2te.life
az77sw77.life
b24f19ne.life
baunjh6t.life
bei9dppm.life
btycmaq0.life
c9l8ri53.life
cg4cuoyi.life
d0k4fdaa.life
dph3pby8.life
e97igyz6.life
ep0kbvph.life
et53yjoc.life
fra3xqrx.life
hjcbhzd8.life
hkgd9kar.life
hx0hysyg.life
i6n08gx7.life
i9f44mju.life
igak9l9s.life
is45ipqt.life
j57fzy12.life
jpngew6a.life
jwyxm0f3.life
kqn0zkig.life
luw8ubf2.life
m3vc2ce4.life
m4v4xq2f.life
mddoknvi.life
n64c2akw.life
o10qz4xe.life
ohwv1vpp.life
oq36weoi.life
p1p97dov.life
p5e68m36.life
pe6r5tzc.life
pyjijjlm.life
q65io756.life
qal55els.life
qhfoevow.life
r0ca080m.life
r5ue5rok.life
rbvsf6io.life
t31jn4t1.life
t99iv15x.life
tcjcv520.life
tvgco82h.life
uq034w07.life
vojg90l2.life
vv5sfo80.life
vxyojl27.life
w2hje2t7.life
wq6w8jkq.life
wykpnxcx.life
x698iah6.life
yqofro9q.life
yykdmh0r.life
z2tp7x2v.life
zdx0i18o.life
zefawfb0.life
zmlly8xo.life
zna5lybe.life
zpy1vssg.life

# Reference: https://twitter.com/Artilllerie/status/1757725596992278642
# Reference: https://www.virustotal.com/gui/file/c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a/detection

0ad1qrc1.life
0be6z82a.life
0hb72lv4.life
0ny3328d.life
0yznun55.life
12jawwzi.life
1330r5tl.life
18nf94hr.life
1kq5u5oh.life
22km13qy.life
25utqefr.life
2jrlu58d.life
2m420uuq.life
2r5pct64.life
2x5sidtj.life
389wsdwk.life
3botypuk.life
3hlr4b32.life
4bekj09u.life
4eo14u97.life
4qrr6ij0.life
56snpngr.life
56xom9cr.life
5a0mrc70.life
5cai9tan.life
5s9j4ij0.life
5xrn6i3n.life
5zime47c.life
61oankru.life
652t37sd.life
6t152qng.life
6tcl7gdl.life
7nx3ips8.life
7ue3qloo.life
7v3pqzur.life
8e2fs333.life
8jenv5cj.life
8zxvhrw3.life
93628xvf.life
9b7t2l0q.life
9bydjn76.life
9i4h14pn.life
9rzeyw6d.life
9xuj8nh1.life
accq42df.life
acuaw2q0.life
agjsuxbi.life
akzuglxg.life
augbit10.life
az3hs01z.life
b0wknuvv.life
b7v0h14g.life
bhqjgnyg.life
bnevdx61.life
c0g886v7.life
c4e9t8ri.life
c8o1xb3q.life
cu945ae2.life
d0paetq1.life
d5lspsc8.life
d64ijd3x.life
da3qmuiz.life
dkzmobfb.life
dtacg44e.life
dwdgv8ey.life
dza0z859.life
e12p0p07.life
ecdb0x3j.life
eiwkrw3v.life
enxlrvsp.life
es4xrlbf.life
f94vimcc.life
fcl2tw80.life
fjtg4l8d.life
fjtwh7ez.life
fmeojv6b.life
frm6u0r1.life
g27j5iqe.life
g4ggjukx.life
g7on0c47.life
gaiuzmjh.life
gb3kmt70.life
ge0gmguu.life
gpw38bkj.life
guycev3v.life
gvwgb5nw.life
h5hyssny.life
hkk0meg1.life
hlbflus2.life
hm2psb94.life
hocj7ez7.life
hyivgigf.life
i8kyugpr.life
i8yegp0g.life
idqrdhpg.life
ig4xohtj.life
ink7i9yf.life
inwyinkt.life
jbq2lc4m.life
jh1px0y2.life
jtyk5gdq.life
k6ptpfxk.life
k9asv5kf.life
kkrmo7k8.life
klclsjxl.life
klcmu5e3.life
kxk0fp99.life
kxxxz02p.life
lawsc41o.life
lni114wn.life
lnze846x.life
lq4rvf7h.life
lq6oee8d.life
mc255438.life
mkt3shgr.life
ms6qhpe2.life
mtu5eery.life
mw0au96x.life
myskwtvz.life
n0ohhx48.life
n1iq0gkh.life
n6s0rru2.life
n9t609lu.life
nnc9xesb.life
o0r9qsit.life
o1kmnuax.life
orc3zq3c.life
ouhz98km.life
pmrzi1bx.life
puh4ptfq.life
q905hr35.life
qblg0klz.life
qdqw1w5c.life
ql5hk4dj.life
qo725zwl.life
qpxq51gq.life
qulj3o2b.life
quw31ted.life
qz0pzkv1.life
qz7waafq.life
r1vp426o.life
r4x6iy6x.life
racgyvid.life
rj3h9lji.life
rka4u64f.life
rm0vgyz1.life
rqmbst2l.life
rrfklwtt.life
rtnzmwv0.life
s68s3bdd.life
si0wpv63.life
sx3i8jmk.life
t5me2n7i.life
thde5hd5.life
tkpnkize.life
tli6v0bb.life
tmzcoebw.life
tztttnt4.life
u3zvhegy.life
u45wcqn7.life
uj1lqdzb.life
v9nvi0qk.life
vevijml2.life
vg7uaic3.life
vkm1k94n.life
vpvmrmin.life
vtq4vrd1.life
w97o36m1.life
w9inw8u1.life
wdxn08y6.life
widcqm70.life
wiof5kps.life
wiw2pzow.life
wmds946t.life
wuxe83rt.life
wv7n0k5b.life
wvxatase.life
x1268u29.life
x2h84q1y.life
x3h1ahco.life
x9e2x6a2.life
xawrjuc7.life
xwcetuq6.life
y0a5tf81.life
y2stju2y.life
y3v1d1vu.life
y5eqdqo8.life
y6rqgp73.life
y7px5b06.life
y833kir4.life
ym1mmve7.life
ymxcwnjs.life
z15hvoz2.life
z4u0pw7m.life
z5gt6avq.life
zo2epezl.life
ztlkhvae.life
zutr3leo.life

# Reference: https://threatfox.abuse.ch/browse/malware/win.bumblebee/ (# 2024-05-05)


158.160.58.164:443
164.52.200.182:443
164.52.201.144:443
164.52.203.68:443
164.52.204.122:443
164.52.210.159:443
164.52.211.43:443
164.52.219.118:443
164.52.223.174:443
216.48.177.248:443
216.48.178.45:443
216.48.179.106:443
216.48.179.170:443
216.48.179.174:443
216.48.179.60:443
216.48.179.68:443
216.48.180.70:443
216.48.181.191:443
216.48.181.201:443
216.48.182.251:443
216.48.183.206:443
216.48.183.41:443
216.48.183.60:443
216.48.183.70:443
216.48.183.71:443
216.48.183.75:443
216.48.183.81:443
216.48.183.85:443
216.48.184.188:443
216.48.185.120:443
216.48.185.13:443
178.177.200.35.bc.googleusercontent.com
178.227.100.34.bc.googleusercontent.com
215.145.200.35.bc.googleusercontent.com
11qet4bgg.life
1d98d2w0k.life
1wrap3lnr.life
23b3imkqh.life
292edkjz6.life
2a6m2wkiq.life
2jlczycvw.life
2niq3fv8t.life
2x5cn12li.life
3rldogkrx.life
43dtvcgy6.life
44uegsxdd.life
497hssmh9.life
49jw256uc.life
4hdkyh1ns.life
4kqz7kqt2.life
5hsghdbng.life
5yv0b66c5.life
7clm8w86o.life
8fqxxf116.life
8jcl1fkor.life
8nrjr6hc4.life
8s75cl4j9.life
8t8g8jquy.life
99t9f8t4c.life
9f8srknbf.life
9qf9v3tgq.life
ajl0toabj.life
api.mcc-dspace.l2c2.co.in
arl8xdy0i.life
awjjbslep.life
awmv2d35g.life
axqje16l4.life
c231spcbk.life
c3x5wqfqd.life
cj87mkoo4.life
cmau5xobd.life
cpanel.ripplendt.com
crbk7hduu.life
d00d7ks32.life
db9oyi6b2.life
dl23dcg0p.life
donkvamcz.life
e2e-100-206.ssdcloudindia.net
e2e-100-41.ssdcloudindia.net
e2e-100-60.ssdcloudindia.net
e2e-100-70.ssdcloudindia.net
e2e-100-71.ssdcloudindia.net
e2e-100-75.ssdcloudindia.net
e2e-100-81.ssdcloudindia.net
e2e-100-85.ssdcloudindia.net
e2e-101-188.ssdcloudindia.net
e2e-102-13.ssdcloudindia.net
e2e-68-182.ssdcloudindia.net
e2e-69-144.ssdcloudindia.net
e2e-69-153.ssdcloudindia.net
e2e-69-171.ssdcloudindia.net
e2e-71-68.ssdcloudindia.net
e2e-72-122.ssdcloudindia.net
e2e-73-167.ssdcloudindia.net
e2e-73-170.ssdcloudindia.net
e2e-73-172.ssdcloudindia.net
e2e-73-173.ssdcloudindia.net
e2e-73-176.ssdcloudindia.net
e2e-79-159.ssdcloudindia.net
e2e-80-43.ssdcloudindia.net
e2e-85-101.ssdcloudindia.net
e2e-87-205.ssdcloudindia.net
e2e-88-118.ssdcloudindia.net
e2e-92-174.ssdcloudindia.net
e2e-94-248.ssdcloudindia.net
e2e-95-45.ssdcloudindia.net
e2e-96-170.ssdcloudindia.net
e2e-96-174.ssdcloudindia.net
e2e-96-60.ssdcloudindia.net
e2e-96-68.ssdcloudindia.net
e2e-98-191.ssdcloudindia.net
e2e-98-201.ssdcloudindia.net
e2e-99-251.ssdcloudindia.net
elearnacad.com
ezsj23n67.life
f0a3myb17.life
f66we2.easypanel.host
farentrip.com
gaamc74sm.life
gebj02y46.life
gmsjfazpo.life
go6nu8hgl.life
govntutzt.life
gpoxpkoiy.life
hadoop1.bizinso.com
inekdxiil.life
j2hsoa4va.life
jvmzaf24a.life
jzvx353vf.life
k4ikh1i8s.life
kbs.thinkiit.in
l9w8yn2fo.life
lcd7igvud.life
lgu7drz5a.life
lnoz4exs6.life
m460p6w8i.life
mcc-dspace.l2c2.co.in
mei2hlvph.life
nii34kqrw.life
o3f4d47j3.life
ofav9exew.life
oqfb13om6.life
p5zhkxu7x.life
p9m9as6rc.life
pltfrvss1.life
prl7fpdgq.life
pwfkwiup6.life
pzhihpnt2.life
qak8s.vunet.io
qm4hupdsq.life
qqpjqdylr.life
ripplendt.com
rm43ln1wn.life
s7n9pjbnl.life
secops.vunetsystems.com
server.instahosting.in
stage.mobycover.com
tcyvzdeex.life
tdyfmnlvv.life
test1.donateabook.org.in
testseries.thinkiit.in
trfy09x33.life
trustkeyfinserv.com
uaeo95mzk.life
ulfv8hiv3.life
un5nke6rt.life
upxamcuma.life
uvx6qjirx.life
v4wlbpzf0.life
vjgmo889e.life
webdisk.ripplendt.com
webmail.togetherindia.in
workernode3.dev.providerdom.com
wox5mblpd.life
wp9wddjn4.life
x5zxvz2yn.life
x7ir6c3dp.life
xky2lv24m.life
xszhjlyga.life
y0ue7nc4v.life
y7mmp6opv.life
yg7kcxnie.life
yk37wagdg.life
ynnlb3rus.life
yombx43uh.life
z1hf83vee.life
z4aarde49.life
z75717vaj.life
z8g4klplp.life

# Reference: https://x.com/malwrhunterteam/status/1841892169356841253
# Reference: https://www.virustotal.com/gui/file/c26344bfd07b871dd9f6bd7c71275216e18be265e91e5d0800348e8aa06543f9/detection

http://193.242.145.138
0cc2z8zrnhf.life
2z1ls31az7s.life
38f5wvwwn7o.life
6mnudp7zj73.life
7exy2b231n2.life
8x2apo5m7ri.life
93j4v4jopzd.life
9do3mcejztt.life
acgr6r8zdot.life
ameagxzo2f7.life
d0xtxp89bb9.life
f4vb9n3tdvh.life
fig3gj0v6qe.life
ilofx941igp.life
l9t6r0y6cvi.life
nyy41uibsv5.life
p5047yjrb8q.life
pxu1ajsdhqr.life
ru4jvijdytq.life
tvx1ovdepj8.life
txgogs9p8a1.life
uyn0icgx1kv.life
vu5b47m18jn.life
x9yrzer0ndt.life
ygo9u1fkwux.life

# Reference: https://x.com/Max_Mal_/status/1843644023329960275
# Reference: https://tria.ge/241003-larp4syhmb

07zxfo0kere.life
08mkuqnx6gv.life
0tab35o0swu.life
1grovn87c8s.life
1v0xhie4os8.life
234ct3lkozp.life
2u8znzsbrto.life
331k2rdkmmb.life
37z6li6l9y2.life
38i6lh0rpze.life
3e6rrifr5fn.life
4izk0gc9is6.life
4k59ij2ujeu.life
65r8nx12fqr.life
6brdh3p893b.life
6q894zusd4k.life
736d0mvetjw.life
7ewh8ltr7il.life
7r8ln1wswth.life
8hjv8mbhrlj.life
8mgj12azbyd.life
8qvt5iabz5n.life
8ru044xed25.life
8z9m8hndrhp.life
9f6p9g7x13s.life
9qiliikd3sp.life
ar7xakeve0o.life
b1h0uaabzyz.life
bev8ymaajb7.life
bzc9sq2pz53.life
dpgs2lt1sbz.life
drmk5rdefb5.life
du19ek78tjw.life
dw34kmgfl7t.life
dxyob8x456a.life
eb4l6wisq9z.life
eeqwg3mzq07.life
exueqqmz3ia.life
f2j20ayqh8y.life
fsr2hskx44p.life
ge0lpqif3ar.life
glux8x5b8d6.life
he8fq4k8d3w.life
hudrx8fn980.life
ibcm5at6qrz.life
in4pzu7t2pv.life
j280b59doxz.life
khxcp22s3dz.life
l6syolvczan.life
lobavyclh8e.life
lrugnff8fkc.life
lzeqr3apopn.life
m5iukps17y7.life
mjb3r6mcs1f.life
mk7plk9c6i2.life
nhdeapyfg7e.life
nzs8vi9w5o8.life
o4m5a5no7e8.life
plll0xq4y82.life
q7dfpyyhe08.life
qc4mwjiop45.life
spd22scperm.life
vauy5ah65sx.life
vl41cymzzfq.life
w8ligr695sd.life
wdga570b8pz.life
widn8soih8u.life
xeoz1f1vjs0.life
xo8be64ejh2.life
y0zvqpi42no.life
y7pzxau0717.life
y9neib92f2m.life
yan95akxgqt.life
z3z4fq0420z.life
zdf5ki8x9r0.life

# Reference: https://x.com/malwrhunterteam/status/1886746828739170429
# Reference: https://www.virustotal.com/gui/file/31b72e1c246b4f38e70f9c8c556a626b15736589860f3231001bb4ebae749239/detection

http://5.61.50.177
http://5.61.58.167

# Reference: https://x.com/abuse_ch/status/1888928742719848770
# Reference: https://threatfox.abuse.ch/browse/malware/win.bumblebee/ (# 2025-02-10)

103.214.68.123:443
176.118.193.128:443
188.130.207.84:443
http://188.130.207.84
0981sldrltbr.live
0cveatwx9onj.live
0dhalnnwr5.click
0gpc9bw4u1.click
0ndr4p83d77l.life
0rhagsowd21x.live
0sart8cqbx.click
0u4bcayb8u.click
0v1q3eo9s0.click
0vni6x657z.click
0z5az6un9k6k.life
0z5lh9y5fa.click
11lcj1foy666.live
120kgwc4jfly.live
149.154.153.2:443
14l0gvqa2wfs.live
15ic5gwe2k.click
174bi044vz.click
19eirqhj1ptr.live
1bqv1lzjzv.click
1cckgd13z5.click
1huvyn540lvf.live
1p2alr73vu.click
1r023rdyp4.click
1smmlbbiqr.click
1uwsarbntiak.life
20vg4bnmsm2g.live
27c28lnp3v.click
27v2bofhl4.click
2b1iajzctif7.live
2bdgvvjm.life
2fnprbf7f0.click
2hgk63egag.click
2j06j0zbw4fa.live
2wqfxxycnk.click
2xkmymk1hj.click
33bxjuazvpki.life
35tvv0rdqr.click
37jnlxcobt19.life
3btlsn8gcc15.life
3c2xflq8mztc.live
3c4vbp09o4vi.live
3e60zvd64d8y.live
3hxcwahlpf.click
3ibjpmls5x46.live
3j6smer0tm.click
3kuys3ewv4.click
3ld9tlu84tq5.life
3ltro4h65i.click
3mttjimj67ty.live
3r613gqzl2.click
3rcsnn36p6s5.live
3rlfa7w0bz37.live
3s7pn3jol1sn.life
3sehf3t4x5.click
3vf80x1nn2fl.live
3wea9rl1rgeg.live
3xphflcx0yq4.life
40vzdof7rw3k.live
42grunsnoe9w.live
43xlybjsso81.live
45.155.249.85:443
45.155.37.158:443
45.83.20.213:443
45urhm0ldgxb.live
45uxfcmd39.click
46.249.38.179:443
498t20uubi3o.live
49wkezslshdv.life
4ade0dllwb.click
4bdibo23vc.click
4cgtkfwngo.click
4ddou9872c.click
4el3s31yx88p.life
4f8unvwe5d.click
4hi6mbnb5s0z.life
4hk1bcnxbse0.live
4llsz5uucm4c.live
4mo318kk29i4.live
4moudqs62qop.live
4q3m78acq6.click
4qp8nh2vne.click
4vtje1w38exh.live
53y5nwsc6j.click
53y7czdm4d.click
55245v7fzs.click
562z75s3bp.click
56ay6pdta1cj.live
56azbsx5nm.click
56isecfkc6o5.live
56j99fpadq.click
56twol6whmuw.live
58zw8vhjr5.click
5buum8t9vl.click
5k9b8nmc0x8r.live
5luyjjps2cmd.life
5pnoroy33rs6.live
5rd208is5r.click
5t1etvjo7mks.live
5tdp1iu4ihcc.live
5u42wjin0vfz.live
5vemrk03ekz1.live
5vi9zf66i5rn.life
5yvebug9k4.click
62dp72sdft.click
64ud5xnryz.click
66q91fugn5.click
66y7xsiqlf.click
6709v1hcy1.click
689c3d8ylq.click
6aqyzvre0r.click
6bbqbdc2b960.live
6ijcq51cepr6.live
6l96lk6edlyf.live
6oxxm9nx9d.click
6pbugwu93y.click
6pzlval6k9.click
6s2ti8rxvd.click
6vfmbabg9pc9.live
6x8gg3nbme.click
6y3igtg9t6.click
6z96z4mk84dc.live
6zom9v75gq8h.life
71qe8ditqb.click
747wloy5yoes.life
75f6f1w33o.click
76bwxwes4lsm.live
77o38tif4ukq.life
78s6ysrrqov9.life
79.132.130.23:443
7aitzo5gvl32.live
7bas9hk86p.click
7brlqqqwvjmj.live
7c4eg8zwt2g4.live
7ceyexwuce.click
7e7zsccui4.click
7iwrjx9gz0.click
7ju937zqujo0.live
7lv77j4spxno.life
7m4t2a3vp0.click
7mhh5gky493r.live
7n1hfolmrnbl.live
7oc6be5fmy.click
7os6ak1hbb.click
7ou7og586r.click
7pxdgqfz7u.click
7srgwdrxaogy.live
7ujqandds2.click
7xe3hsgshou7.live
7xr6qqar5udj.live
7xwz4hw8dts9.live
7y2yvpkuff.click
7zaolm729xjw.life
7zggkh833im1.live
809b03x27fi6.live
81zm5a5g9n.click
83z0nl2piwr8.live
85ciukct31.click
85d73x9hjx.click
86ishytz9u7v.live
8bdu38hwmj.click
8betz225xp.click
8ekeu1gyn59t.life
8h190hskyb.click
8ifj3b4lrq3l.life
8led7zzey9.click
8nxybioj7yyr.live
8q59sypdstid.life
8ri49slbox.click
8rw9jhcenm.click
8tt83qzcq6.click
8u7r35mu2e4g.live
8vndou1xlz.click
8vvh0jbqd0.click
8wgq2x4dybx9.live
919gdzdsh875.live
91vk7tzyjz50.live
93532tdctv9n.live
949akcta77hb.live
95m2cqy7pn.click
96gv0kvbxb.click
96lwn3t0l09d.live
97t3nh4kk510.live
9czpsd7vz7ki.live
9f6e733z67jp.life
9hqid2tzng.click
9izvqig6y2x2.live
9k7m67cwwf.click
9mbxy8omj3af.life
9n6bmko47gxe.live
9qlg6ojje0fh.life
9rib57u1zu3c.live
9rs7axe4za.click
9so8csbbronu.life
9yi98fh7usy1.live
a01fubohct6o.live
a1w5xfjqmsqg.live
a1ybrgv4l17q.live
a2cey1j0xl.click
a4tgoqi1cm8x.live
a53faphpe4.click
a8bxv8lqe1m0.live
a9hh0gszzfzd.life
a9ph8qf8d6.click
a9tztn31dh.click
ac3r53i7d5xg.life
ae1ltqtnk2.click
afkpkeo4or.click
ag66bxojxn.click
ak94ypsccm.click
akk5t6frjq.click
aluory5qfl.click
alxccyd8dh.click
am7gd0loc1.click
amwnef8mjo4v.live
aqjmrj6al93j.live
arownfz1c8o2.life
au97foecnlrm.live
avwtkc23ffmw.live
ax0n8xgcoxrb.live
az0qytiwfk.click
az9uleh15d.click
b0m5wu1321oc.live
b2agbvcra964.life
b4c6xa0j4f.click
b4j8gnyy3a.click
b5sqn635n9.click
b72o02l2ilc6.live
b8nir721kn.click
b8w2qcig4n.click
bao2cdlwd0.click
bb7yagbjh97a.live
bbgw63uuji.click
ben41oomm3.click
bm76b9296k.click
bm8h637h6iyq.live
bmdcn5celetq.live
bme21emezt7p.life
bnaqhh4afsbk.live
bnpuxnov7lhr.live
bqlv6aj9kcse.live
brdhxlmme0.click
brqs41ehse7h.live
btl89a3rwn.click
bw59chpi635u.live
bxsoogjl68x4.live
by209mp9ux7l.live
c1yp2qhm7efl.life
c63jt1hfwa.click
c8g7qp4v5wrz.live
cbwsfxcdei.click
cc5fi2q6ca.click
cea3571xxgik.live
cjbdm0nhub.click
cqbqpjfkws.click
cqmeb9oww6ge.live
cv7kb9dz91.click
cvggxnytt623.life
cvh7gbxot24r.life
cvnsiogvl3kt.live
cxmol7xleuko.live
cxt4dbxe5z8j.live
cy46uzqi4f.click
d2mtygmipptj.life
d3bvlw20er.click
d6p8y4py4p.click
d7x2whgood.click
dad1zg44n0bn.live
dbehn6j4eo8w.live
didfn4ti9dub.live
djdcwrayut4e.live
dkfjh7csdl.click
dlkim3cw0wt8.life
dls5ae3bfp.click
doj6z5i9g803.live
dq2z0y9csj.click
dsg2r2kq0a.click
dsq1lipv2t.click
dv14q2l82c.click
dvmwxxwjf199.life
dwx4t70m9n.click
dxjeucbj4p0j.live
dz00bieqet.click
dzutub700u.click
e0et68offggh.live
e0kp1z1172fc.live
e0x9x2elinlq.live
e0z7zira31kl.live
e28y6x3j3g.click
e55fg5b5c2yc.life
e61wl4hvygsm.live
e6mp3nvz9u.click
e7ivqfhnss0x.live
e7m7mpflz4.click
eehq8ss3yz.click
ehca1iots2.click
em384aqhmcf4.live
enf3gev34gis.live
etptzwxsyp32.life
eveduk5ox1qx.live
exnlmrzjk9qc.live
ezmsd75lhe.click
f3bvx132ifi6.life
f4crfba23nw6.live
f6cq5yyoaw.click
f6s4n6w41oov.live
f8zhsdf9xqr6.life
fb25x2ju7i.click
fcskmybxwr.click
fek3qya20lid.live
ffjhws2gre.click
fgo6ht7f53.click
fi7anseaj7.click
fileoutput.pro
fkgm8tb8fwky.life
flagsair.com
flnenmtgtmua.live
fribbomlqhr6.live
ft8qxfxurc.click
ftxodsy5xwbu.live
g2to6sz5pi.click
g3in90m5caz2.live
g5l1d24n7poh.life
g5nsteyp5i.click
g604vf7250p7.live
g841i9ksgn.click
g90uubdr4p.click
gelt9hoabf.click
gflgt8sbzn.click
gjl37cvm6xly.life
gmbr1am8na.click
gpk97r68ualc.live
gv1evlnry3.click
gx6xly9rp6vl.live
gxisp0gpznx3.live
gxr2xu29ge.click
gzrg7hqcc2.click
h2klkgn348b4.live
h3p2sxyyk8.click
h7hicpv7o8.click
h7wlytwy4x04.live
h7xupkk0d3.click
h81fx7sj8srr.live
h9rs75hncwhe.live
hajbxv0c2v.click
hg3pmupul32p.life
hkk3112645hz.live
hlt3vsvywu0h.live
hmcrbt08mwns.live
hmh20ykvlf.click
hmpq1r1hm1.click
hrc7wx3t279t.live
hvcds0it8dt7.life
hwxw76qvnvsi.live
hxc1x3no0o4j.live
hztr0qlwke.click
i18t3jshekua.live
i3iubj73c21c.live
i404wfndsogw.live
i4965hr9jc.click
i76uhrb930.click
ib9wv6nqehhx.life
ic3xmpvjda0f.live
icubce4khx.click
iicar1be181a716d.top
iij8hlutxq94.life
il1nlb7tn0.click
il3xglyjmtyc.live
ilp3urzo9kag.live
imzv005r3o.click
iqc5deqaie.click
isdeio7algf8.live
ixu6xial6v.click
j0h0iu3v3y.click
j8qo2la38tog.life
jawiqrzaactj.live
jbqqapfqwsbx.live
jbx8p0a58f.click
jc51pt290y0n.live
jcpx6uvkyi6j.live
jelkm7pxeiej.live
jh0ybbi2x3qi.live
jhgpbf6btiyx.live
jlakanjcdg.click
jmpxjjqhe8.click
jq6j4xahl9bc.live
jqs7cxnbi4.click
jyss7n9vmgie.live
k6r7vemk6bvp.live
kbkdtwucfl40.live
kc8svtokry.click
kddpj0gryr.click
kh2e843low.click
khf9pjkylz5h.life
kiuxl1yijx.click
kkpjp9jzbzba.live
kmquuw37td.click
kqiqovthoj.click
ks4bjt91jriw.life
kse2q7uxyrwp.live
kxbzvtg7v4.click
kz6ec7e8b65d.live
l0sxwikzxd.click
l1bfvyx5yr8e.life
l1cr5uamgqz2.life
l3ofrslrqi1c.live
l4yws3edxr.click
l6twpf9rs4tr.live
l7kzf2d26kug.life
lb442inpjx.click
lexcomak5gr4.live
ljn1z45vhq.click
lp09sfynbd.click
lvxu4bay2zbi.live
lw4j77uju8pp.live
lwpk3miw9n.click
lxsq535scirs.life
lxw6duivu7.click
lzqm2jeon3lj.life
m09y74kg48fn.live
m4tx2apfmoxo.live
m8upx4ecup.click
m9a2qfmqay.click
mckag832orba.live
mfwnbxvt9qme.live
midyxlu6b22f.live
mjxuo21v7m61.live
mlapn50uxw9v.live
mmmpa1byo300.live
mmr9xlyxzx82.live
mqmjiiw89dh7.live
mqpeq58cpr02.life
mt3jj0qpep3v.life
mt9ycu98jr.click
mtqdvzkai700.live
mv51x5kfad.click
mxfeh1pwds.click
n0915tjvju0p.live
n2uc737ef71m.live
n7iemk16.life
n8g3y6zj1d.click
najmubn5aaq8.live
nb56cfxd01nr.life
nb7kh0ch7jhi.live
nbjbppl4to3z.live
ncx7jf2irofs.live
ndwz99m5qq9e.live
nepygxz419.click
nevkq7lku38l.live
nfcgov.com
nfggas3od8ft.live
nhkvd56j82xw.live
nhl2mrxdfwpr.live
nl60gv2bh1oy.live
nmgyqyrb8b.click
nn2lzqkvvqas.live
nox7lvewcl.click
npww7jbq9bby.live
nq6tnp761c.click
nqegf98i8b6z.live
nqnqubgnwe.click
nrw5skueou.click
nsmdrrzxjp.click
nt000parpu2j.live
nv7wbhc818.click
nvg55tpgvn.click
nvgirtryox1z.live
nwd8iw9s0v.click
nwv57uahqum9.life
o0fivl26q7.click
o337yf9fh4bf.live
o4eylekzbn1c.live
o74k3j5jb3fi.live
oa2a8w8lvx.click
on6x7xwoy7.click
onu3mtmqyn.click
ovekd5n3gklq.live
p2d8uedq80.click
p3cq1w5r7g.click
p4jydxsh9rfy.live
p6xuzncl71.click
pajdiulm557o.live
pbx71kj2i60y.live
pdw0v9voxlxr.live
peck4grakjq3.live
pfdatb2hxf.click
pgjcqit925.click
pjwdypu4zhcj.live
pnvreg8x1y.click
prsmqbgcl655.live
pt2xll3o0n.click
punzeemzny.click
pw32n6xs44kz.live
pwgbx9rqap.click
pys2nmc0yk2m.life
q23npiabi1b9.live
q653kbddwgwo.live
q8as06ncbn.click
qags48phh4.click
qbl27phekk7p.live
qbrptvqnh1.click
qc0dv69e1ub0.live
qdhqoj9s20.click
qdmq0x08ez76.live
qf530mdf7ow6.life
qiqpq7vl7l8f.live
qk6a1ahb63uz.live
qpiw5n9vwsap.life
qs4eujbwj3.click
qu8z6xvgn574.live
qvb4xvuxv34j.live
qw29coixci.click
qw93n29j3ckj.live
qw9a58vunuja.live
qxz5ri835a.click
qyasdoxv9qa0.life
qydstwmw2imy.live
qyori8noyw.click
r29zrk2jrf.click
r2c9fj5fxeks.live
r3geabq7zf8o.life
r3mvri2usb4r.life
r5wrzrk1bi.click
r6o2sj70m85m.live
r7odxkpj3d.click
r8o76ucqi2.click
r8odycmtgooa.life
ral9rhuaxy.click
rato5okc78nh.life
rc5f77iac2pk.live
rdjpjf4dogbk.live
rega9fyfpx.click
rf7se18cyw.click
rg26t2dc4hf4.live
rjafv9rkqq.click
rjj19c1jpn.click
rjql4nicl6bg.live
rkffupb7i1gv.live
rkgq6lk77x.click
roc72ievev.click
roe2j411xl.click
rqyuhu82y5ro.life
rrvot3ihi002.life
rvi6iv6l5v.click
rvibzshhrk.click
rvjuigv5fasw.live
s5lxi812qbt5.life
s9e6t55h4b.click
sbeo0cztn1kh.live
sg8yy8ayy3dh.life
sgl7og2qswmm.live
sgztlhpq7hjh.live
shszqhe1rl.click
si00bu9fv5he.live
si500s8ghrhk.live
slwtl6leeuc7.life
snglx6pb33.click
soj8eqkhhz4x.life
sq4uso9lnx.click
srgvcomsfr.click
st5j8zqdrppf.live
st9rdv9xai.click
su3j9n5mdgme.life
sv3pldc5gkdl.live
svviz5wc7lgg.live
swbwumhyt6.click
sxauicqq93vc.live
sy2ove7rm8xj.live
t120o0lqyzjk.life
t1473sdzlxpz.live
t19prsb6tn.click
t1h1yn7nkt.click
t6vwhb73qa.click
t792ufhvll.click
t7rsa4z24q.click
t80l9iuufi.click
tbt0aqol3sp2.live
tliy48rr6fi7.life
tner0hutwe3g.life
tsaljzw4n08y.live
tue8ewbznzuh.live
tyfqgmpj6mdp.live
tzkny08b2y.click
u1jeqp0t6a.click
u1sir3p4rc.click
u2ejhf3ok7.click
u4cvsoeaa55k.life
u9trr3isvdhq.live
uaakle2evth7.life
uc38lfln1t.click
ufbt7kts4x.click
ufl7i9hmt1.click
ugko9g5ipa4o.live
ugm94zjzl5nl.live
ui1b0rvu0k.click
ul6105p00e.click
ulbun31qmv.click
ulhida6od0xa.life
upsflszdwl.click
usdt67a50l.click
usgdwvnaa1ld.live
usqgw2bvlxf1.live
ut6qohwra5lm.live
uu4cx79e90.click
uvann7a8dc4s.live
uw6ns5hvy4.click
uwh20rvdkz.click
uztmazsno4y5.live
v0sunq4e18.click
v1w3127cwxhl.life
v6h9bdel752b.life
v8i86sawgtga.live
va7ipkx0be.click
vb25od0prp.click
vf7b9fg30l.click
vig3u2t4fm.click
vikjurbmmiu2.live
vivh2xlt9i6q.live
vk4p0ebgci.click
vp8m8xbg5m.click
vp9c9rziba2a.live
vrrbk7ykz8h1.live
vsvflq7ehwmc.live
vt55pc7kyb0b.live
vtv3exgyhiph.live
vty734e9v4uv.live
vuftqxjdst36.life
vvn7jm2ag5.click
vw5ml50769aa.live
vy9u47oyzltu.live
w30vk3531dej.live
w3nhid8w6qhc.live
w4wgwgvmf9ct.live
w5e57imddx2p.live
wbljk8p8ddm8.live
whko7loy7h5z.live
whvffwd7zphw.live
wi1w9yu1vush.live
wkoxixd1yj.click
wkxfgjwonu.click
wo5oxsnqywog.life
wo6ukcgjwy.click
wom4o4cutfx6.live
wpvf6nome553.live
ws97loclildz.live
wswis3sptby1.live
wt5jho6fwo.click
wuxj658w482y.live
wvhpde4o0m.click
wvj9kgl9ihhe.live
wy208n1h4fx4.live
wz4pnl68jg.click
x0822sepnx.click
x2r9bglz76r7.live
x2to3wolid.click
x5mbn2n8j0wn.life
x8tyzbn7ii.click
x99ahfftf28l.live
xa7wlz3r5y.click
xc9jzl8n3mya.live
xdct138800gn.live
xisdha07tt.click
xk9g4w9g1m0o.life
xmjalyvg92.click
xnmicwdmlkqm.live
xqqoo0a8zk0w.live
xt58p1nya3.click
xtc4f7gax7.click
xuqu5zosjqcj.life
xyz5fpz6im57.life
y1xdtswib3.click
y3hhmeydtr.click
y3mpywhmem7t.live
y4n250nv3qub.life
y4yhop208nes.life
y626kbnryktm.live
y65z9jsgrh.click
y9s73mnvurxr.live
yba2edcldt.click
ybc5iluw3c.click
ybe0gfw3qt.click
yczi2ujcyyro.live
ydi1tars4qo5.life
yg3ugy70v9rh.life
yhi5fiitvk.click
ykk98pvhd6jy.life
yoeedt2afs6g.live
yr5viowxku.click
yrmdkujkkbbz.live
ysdwk0l8xass.live
yu4cf2njdqtv.live
yzrr1e55ni.click
z0326e3cp6wo.live
z1wcdy9l9rim.life
zbldvupsdc.click
zboa9irfs2bv.live
zdjs22x7jie8.live
zecf73x7kezq.life
zhfx7glmdw.click
zhwt1lf5gclu.live
zj9lg3qke1k5.life
zl7bmlfq8n9w.live
zml0liy8t9ec.live
zoki7ma89z7b.live
zpo18lm8vg1x.live
zsm954jr5ek4.live
zt3nnzr70hn0.live
ztg55ej90ari.live
zv46ga4ntybq.live
zvm00jz8j2i4.life
zx4u41mgxq6x.live
zz64pxhgxa44.life

# Reference: https://x.com/abuse_ch/status/1897656299191451662
# Reference: https://threatfox.abuse.ch/browse/tag/e5774fe6340da26c/ (# 2025-03-06)

103.214.68.110:443
109.205.195.228:443
192.121.22.92:443
194.127.179.88:443
84.200.17.29:443
0e4ykh9d7k7.click
0ffmtln7j1y.click
0iy3kqu94si.click
0murdtba2o3.click
0qlcz1igan7.click
0szo2m8ytu4.click
0zn2so0zgyj.click
119qwh18wha.click
15h1vcxjhcy.click
1age5rpmnbq.click
1ehmf2jswpf.click
1evjkcljww1.click
1jefj7xac8q.click
1roeeh9jina.click
1vj5me987ef.click
1x1yo5pko9x.click
1ywg4j0oomt.click
2aecwymugah.click
2dau07h6k17.click
2gs1v6rp60s.click
2oyzpakeuca.click
2plnxces98r.click
2u27sfjco3w.click
2wbw7n1xihz.click
33y30z4ce50.click
3dpa9b43ohv.click
3leycamcmfo.click
3mibffhnyi0.click
492kjd62lfx.click
4ayqsfi0frd.click
4euze8kz5ji.click
4hc98sdamp0.click
4k2znm7tg08.click
4pc1ncx1mcy.click
4td54jwr0zo.click
4v2s2z8epmd.click
5284u69ffk2.click
58oxlxuqaq5.click
5dwy52kpv9b.click
5ejcuwqmzb9.click
5f3ebvpukrk.click
5ijbx337vd2.click
5lmt48rx41d.click
5oy2h2i3s12.click
5t86twnzcmf.click
5v4vprlnf1n.click
65bxe4f289i.click
6andejt34fm.click
6linr1ga29p.click
6pw6pxmkusw.click
6r3ypuoxg63.click
6sqtyfoht9l.click
6u8p3dxuusp.click
6wo9w60mg4p.click
70vwxtv11dw.click
73wkg93t6yb.click
751pzl1k7ru.click
75m3o0suck0.click
75u1xvupwy3.click
77ch3dlvcuc.click
7avrr81op36.click
7n45idh4yj8.click
7rbvv9nr7ux.click
7skh2n8lxji.click
7u3hg5ic6v9.click
7w9n1ekf99b.click
88crnaq8rxq.click
8eoxb33106v.click
8knidjus98f.click
8m2dood1yoh.click
8ra21ma0ldn.click
8u1tf686x8r.click
8x4zwderijh.click
94eglntbdur.click
95rlgtcuahq.click
96ee942zsw7.click
96l0jwdfwsf.click
99e0wxgydv3.click
9d2285jpz2p.click
9nu6ob9yisd.click
9onudoucpop.click
9vzu8lt5gfa.click
a2h8x65mhmb.click
a3y10sgbbvk.click
a6yd6fx61tc.click
ae4fgatomcn.click
amwy9i160dz.click
anwx8vvu2tn.click
aoh4pifqjfw.click
at29watz76g.click
awqnq8gjfzw.click
ax1ygtd18gp.click
axee3wisuxs.click
b2fqqlxq123.click
bdmr8nb86ja.click
bknot0mxcmy.click
bue8o8ghun3.click
c2h9uj4rq5j.click
c497xw4aqdm.click
cpv7boidplb.click
cxahitpgek3.click
cxb56fm5ero.click
dadec2g78sc.click
dfkn2gbzi9y.click
dg4j9l1r2ay.click
dlpxgm04qg9.click
dmnwh4hhbae.click
dq08agjyis7.click
dr9246f6s6l.click
dzgbb9tb8us.click
e107j7ub2do.click
e16qxa5a0x5.click
e27y0btovqa.click
e2kxh90scmn.click
e64hgph4fpf.click
eeayckwouit.click
eezcti0865s.click
efu7sqzes6x.click
enuq9dl52m3.click
es6fj45yryo.click
esrj2fl3fkj.click
esxquugkfce.click
euvl2d6y99j.click
f39llnutow1.click
f8vdyr368rr.click
fa1zmtf2m3x.click
fuoor4i9488.click
g3i7sutsk12.click
g4g74vkatnh.click
g8m8yjye3ha.click
gb52rzeqsel.click
gelqzmrcfun.click
gisulurnufk.click
gy2okaumph3.click
gypx84c0psc.click
hnpxeksl6z9.click
hq4m4bni69p.click
hwcnz0dhias.click
hxdjnq9y2tf.click
i0rwy7k6rh8.click
i1nghzvqqw2.click
i4eneu6mdrc.click
ibnlf6ruz6i.click
ie4jzevdaka.click
ih1fzdij3lw.click
imk5htcomi6.click
iouwahp82yh.click
iy0fu8vdjbm.click
j4u90kxcsjx.click
ja7zxnoe636.click
jgyffzjilwz.click
jkund4pf7vs.click
jlei39yhui0.click
jphokolus37.click
jsnwvpzo96y.click
jz1u17o13nd.click
k3fff4avppe.click
ki1e2lrrkab.click
kmm14f207e0.click
kmmfsxcqiyv.click
knvop5puf3w.click
ko4bo769zz7.click
ku53frhnnq9.click
kucqx0vafku.click
kvyz834555f.click
l52j1936qx7.click
ld6w0ra2n5v.click
lhlgrhqcv88.click
lhxxt08ai6o.click
lk34zp37aa8.click
lpv5wu5s5jc.click
lr7bhtn4zb5.click
lrn0z4vhs7i.click
lznvqhcqtqs.click
m77i9q5433m.click
mhd2v73drk9.click
mmh6zjh9rws.click
mp7h1aoti1g.click
mwu8dx0r8l6.click
mxnz6y6v6it.click
n22xrd1xrto.click
n2v9iwcj5lv.click
n60hergp5i1.click
n6uv59241o8.click
n7cje11zxw6.click
n8sbjfep5yd.click
nd4s9y4ej08.click
ne2zv67ff4w.click
njw2mly3gp2.click
no87qw0tt1n.click
nu1ry3ywid2.click
nubhcl6uvd6.click
nzqeawje6ww.click
otuk9puv3dy.click
oz5dqn7i3p9.click
p1u0oy2fsaa.click
p4hxcc1ryt6.click
p9s154rw222.click
pa1hbnoohz2.click
pck8bewecd3.click
pfga45i3mid.click
pj2h7xw21zx.click
pjkd7svtqyt.click
pjqxgepuuxs.click
ple4wnxbe69.click
plh1z2c4cod.click
pnrn5ibtkoi.click
pp99r7idm47.click
pv9sf56pm4m.click
pweekbw7x9i.click
q8h20fokn7m.click
qbjc9488vee.click
qbn8ng1n4y6.click
qksyhib7zyv.click
qzy5mm7zq48.click
r4fdtv6l0zt.click
reoq4nq1uxy.click
rvmfj6uvqol.click
ryywkuoidqa.click
rzftt23dyz5.click
s38tusi2x3c.click
s3rdb2mrcsh.click
s7ebb7t79vn.click
sei8qt3dvnx.click
sfprfnm3jz6.click
sjq07uvdff3.click
swjzhmujv7y.click
t0ug2073blk.click
t3wnsc1lf6m.click
t52sdbm13om.click
t5nv5hwf6xq.click
t5tucz0hybz.click
t8vxfebri9r.click
t9w049vk6ff.click
tay4gok6gyf.click
tg878idk6zk.click
ti18xwdwt1l.click
tifwab6uy6t.click
tiitp659yg7.click
tj17eq1yv9p.click
tj23acum82m.click
tq580ndi36m.click
trjwgh2g6wj.click
ts4kuo6q3fq.click
tvo5pcspdk3.click
tyv7socu189.click
u0hs21xo0oj.click
u4fh5ldwfza.click
u4fhmu65x9q.click
u8ree4paj98.click
uecqk6x4j8t.click
ugcjmsd979x.click
uim2clr02st.click
uk2cx2bz9oh.click
unxyj66bcvh.click
upy95n1br0q.click
ut9q9m3xzn8.click
uudq6jblsp2.click
uwy8pn7se7b.click
uxn5yk90rs8.click
v53ub1ek0c3.click
v8tarf4uflp.click
vca3utda017.click
vfhfp5pv5jq.click
vib2cn03qfj.click
vj04lk1o8ap.click
vknmfmm75hy.click
vq8k3ph0zfc.click
vxg5zt80xk1.click
w13gm0otbf7.click
w5o0gvbo6gz.click
wnmatvjf2h9.click
womnuuahre3.click
wsswivqef2j.click
wua8g5ux08g.click
wvs1z0uvn22.click
wxcln2wlnhw.click
x10ai1h5k4i.click
xdfbgydlc05.click
xoz2qzlb8kq.click
xraf83jqez0.click
xux5834xj2v.click
ybhoykhbcm3.click
ydp1wcn6wjc.click
yiinkrgx909.click
ykl2qv386hr.click
yn20wnog91u.click
ys3844kcr0z.click
yul1jw5agk7.click
yzain1fjta2.click
z1hhugojrb7.click
z4br67e4pmu.click
z67frn680cp.click
zgcgefh40gx.click
zh00p2xhbc3.click
zj7zlpwpgk2.click
zoql7t6ai2j.click
zpz5jkazftt.click
zrvvmchlzab.click
zs1ffuhp837.click

# Reference: https://x.com/malwrhunterteam/status/1899065795734282579

coinsurf-network.pro
techspotnet.tech

# Reference: https://x.com/malwrhunterteam/status/1912817215704879546
# Reference: https://www.virustotal.com/gui/file/89ee8409e1b2aa3f6754dd364e7273a673e097b408ae279b1368c4a4347a18f4/detection

lionmobiles.com
17ek6ne63tvp1.life
3tkemqy8wipsj.life
52szf55f8gmk8.life
5rysu08g3k6gc.life
6rzcyj1sswqm2.life
7g342zvzn3uqq.life
7gup8m7nsh4bl.life
94y5pkgk1etpy.life
9n9tal4hw00ip.life
9qnk0nmyswkvz.life
aftxgkj92l0in.life
awov62djki4y0.life
b51lj50er7i5c.life
cbo4qfnw25cvh.life
ch7bk8l5jzsdy.life
duhhgvdrjx5m8.life
euod9uk8f3l81.life
g0yw5p28hbx0s.life
h3t6oau35fj9w.life
hsxe8ye2venfd.life
i6r4k2jo8giob.life
iwzkgwcv5ebat.life
iy4sgebvy7irq.life
jced3p0f46gyy.life
oh6qtkwfuus46.life
p55dbejqk240n.life
pdyckgp144x0w.life
pg3k818fzjx8x.life
pxu2liz19adny.life
q2afcbxeqvlvp.life
q77e1ox1itdb4.life
rkrjtpvvmeals.life
s7m284fqxpzmw.life
u0dvovexg8a9r.life
xigticnxbhrv8.life
xsenlg0qhhi1b.life
yo2blls44tlmy.life
yrdzyc58ivnz2.life
zucscj1mnafjq.life

# Reference: https://x.com/malwrhunterteam/status/1920464411963031659
# Reference: https://www.virustotal.com/gui/file/281e07af77e1ff21140a7102c3cf8802dff96e670c8c3c73b8250d487a5196ed/detection

download-server.online
19ak90ckxyjxc.life
9b10t4vyvx6b5.life
9nl2a1qma4swd.life
apsgw881ol7rs.life
gc9fctjq62t2e.life
o2u1xbm9xoq4p.life
rmqa3jodwcmgd.life

# Reference: https://x.com/malwrhunterteam/status/1922046046768709912
# Reference: https://www.virustotal.com/gui/file/839e3f4dc441578019dc33c43bc918ad7e6022baa3770f45c6eccfe1239d79c1/detection

soft-server.online

# Reference: https://x.com/malwrhunterteam/status/1924765529102811386

software-server.online
zenmap.pro

# Reference: https://x.com/skocherhan/status/1922088229668344157

05by1jl7fjlpm.life
06g15h6u4co8d.life
08cke7akux8kw.life
0a2oobiviohq1.life
0eftob9vxa877.life
0ei4jxf0cszgd.life
0j62jm3djgxe7.life
0vmyb63gn2ptp.life
16pul9mybq7xz.life
1j89dadarol4g.life
1ngmbwokqkiov.life
1tznpvtx5dfm8.life
1zwze7b6jqovz.life
2885patz8ovcf.life
296e90bwwbghd.life
2970uw58lq0x7.life
29e8eji42sktd.life
2ekg1e4hsed7c.life
2odsenx2yp0lo.life
35vy1pligjgul.life
3jxjww65p5maz.life
3obruwxmqzonj.life
3w2o83k0n8265.life
43wubiwvmajs3.life
456iqa3y1dx4m.life
4hlnzokni29fh.life
4me127ppi31at.life
4sntr015i7xom.life
4ui23j0z9jjrn.life
4w1b7rsnyg3sm.life
51415jvbttwu4.life
5395dg0j4h79n.life
54x58q8lib4hu.life
54zgxvq8jzq81.life
59vajiveghhtk.life
5ew1715l4z3ef.life
5gimy9lgi9xbl.life
5p9udlfi4yvg6.life
5sq4py78k91rm.life
5vhkbv1vxxsnm.life
6dbu605hajf1q.life
6ep9wbu6v24n0.life
6kjpjs3v34hbf.life
6km9ottqfh6zn.life
6q4rlo4sr8s85.life
74of7b9bmuags.life
7d2zsoxb59ie1.life
7e3xn5owh54h1.life
7m959mli25a72.life
7o3zfbd5rf5mz.life
7oo4hxt5haih5.life
7qdvi1ojq79ap.life
7qjjcy6vg835x.life
7vcfugjejghtu.life
822xkcv8p7yj5.life
84ntpl4mk4cwm.life
85ur7zivhczam.life
86dcshj21wg6m.life
8k9dg54uoiaig.life
8n3rj69ohv8rv.life
8sg769rvpe1lp.life
8sz83ieffpzwj.life
8vh7uizstjhnb.life
902zrmiyj0203.life
93k4iwdrz9dv0.life
94sd02j2s8w5g.life
9k7m4sno3n6zf.life
9vgvnzk51j1sy.life
ai66uq00ax202.life
atpk4sqovxf2y.life
awfdktgdajxzt.life
b2ys2fltibnfu.life
bgiphdk30zk35.life
bnbm2ncu9edm7.life
bqlbyaavprz19.life
bsobgla5ebrjj.life
c45ze0b5hhvdg.life
cj92kmlm09rx6.life
cn20xuahy8t1g.life
cp2br7osw928r.life
cwdnohn9obt5r.life
darveicg7xcj0.life
daxbkb16ebdao.life
dn50y7ahnc1bj.life
dt2cg075ch11u.life
dyrsovg0janxg.life
eapnxzvi8p2dy.life
ec8puhgxe2irq.life
eifir9x2xpqsb.life
epqykfhm5zq6l.life
evzftxl2qjfj4.life
ew3crbjgfbbhd.life
ey8axyn00x8sf.life
ey9n44bwtmjaw.life
f3be5ccj5ioc7.life
f5l5coo21t986.life
fa03e75bicux5.life
fc4v5wx4p4syq.life
fl2ifygitryuh.life
flewo6le618h7.life
gquyy1qf8ncn7.life
h28r6gebma715.life
h8gw0cbhkkrrf.life
hb0nsim3indj8.life
hij11nti41rxp.life
hlqz0e62ixrnp.life
ho0e0fu2f1ehu.life
hoieva2gl9tzx.life
htc8v674o5340.life
hvrcruhojtv59.life
i9lnrwpyl6q1s.life
igdibsm1sy5ef.life
ikp95oty597zb.life
il3ha3mtfvku8.life
inkja7hekgcuv.life
iptckm8axh4up.life
ithg3ysseil61.life
j34duklow92k3.life
jbrprj8im7aia.life
k2yu4bhadklet.life
k7b843izg720e.life
k8tdxptwoarz9.life
kb7o9tevgv0nj.life
kks80hyrpbmuz.life
kt1zpdc26avtr.life
l0ecv85wptocs.life
lhunevjdxw5kz.life
lqhhfpiqp5chx.life
lsoj8le5dvbzq.life
m4ivqiz0weqy7.life
m5f2awao92hp9.life
mt07ykdxl55cw.life
mvp5pt36h20vf.life
n2cy5wx4nfs8n.life
n5d6y67plvnto.life
n7fyq5glyab2j.life
nh0hujf2w5xi9.life
nia2qq0etuzpb.life
nl2jkkuqs8efp.life
nq0tsip71ecq5.life
nramyw3ac65tz.life
nucp69y9nhvm2.life
nuq0isjlua30l.life
nzsgq8404xxkm.life
oefia9wp8je6z.life
ofvs2a3nhyrqi.life
ogb5xkgmg4oju.life
oknzqkp6ph302.life
p3arx0taom00w.life
phofkkfcuixei.life
phwix4m5d2xcl.life
pl43cimufnrmu.life
pz9k9kaihtptd.life
qhyut7e0tjz2a.life
qj2suuu4ixgvf.life
qnw1tsg4ogxa0.life
qo5lmcyhdzxlf.life
qy6ctflx8ydfe.life
r0lethdy5ytqp.life
r4a4n001s7uhi.life
r7rw9inm558jg.life
r976ptnxbh52l.life
rdg0u5n7237r5.life
ref18bh4aku24.life
rjgkw1xkq6tgo.life
rlq13ng659buz.life
rn07j0x1acnyz.life
rrfz818tk7l3b.life
rxaswnnmmce9g.life
rzxkvxyj2i9qj.life
s23kd323qzj2l.life
s6tbv8w63f840.life
s8akau9vlsrbq.life
scu2pm45pz9q2.life
sfrq624fuus5k.life
si8p7wuxa7ddt.life
sijq1m7wknt6g.life
t9toueu4d6gzm.life
tesc2obtfbdke.life
tldemeczwtpb7.life
tmuu1ryu4fvbm.life
trtiqjiry7k05.life
tv9jc206cpnyd.life
u2eqkj41hheze.life
u7d1qd724touv.life
u8karkeeu2qtj.life
uaooxwnck1qwk.life
uh61rmo8drq8c.life
uimcnlvkowuot.life
unluozjsodi8i.life
uod2mz4es33ka.life
v0kgi0osnu7pw.life
v0p0woy3f8ze7.life
v2vijxyqbqsbl.life
v30ty639krk3p.life
v66tip8ogttrf.life
vrnf4tj48nxod.life
vujdfffgcjd7k.life
vuu79f2ne8xl1.life
w1nd36e506qqi.life
wd7jo4d8zlxg0.life
whzw13p3r7lzp.life
wi88w99xo9zlt.life
wl2n961unpaix.life
wqfvb1lom02cg.life
wz3qdxhxns2g4.life
x357y9ss65tdu.life
x3an9oqhcf2mf.life
x70eca9dqaj6k.life
xf30997j6tp8z.life
xfi23ljskvgtg.life
xhuahzm5uiimo.life
xjfbfo2a6koef.life
xnxutbo5etuw9.life
xwn7sukhzhbqv.life
xxx4tb82ly3p2.life
y2iv17lkdmj55.life
y37vxmir7miwq.life
y5i7fcp0z2vdv.life
ykv99faqy3ky4.life
yv8yhgwsm81x7.life
z0lg8lijtw3mh.life
zf8sn8l1c1c16.life
zit5if516dao2.life
zom3rkt078g1k.life
zpvptw82h5c00.life
zw96t31o1h768.life
zx1qk0w02fke7.life

# Reference: https://www.virustotal.com/gui/ip-address/188.40.187.142/relations

btxgk8b410a5434e.top
cwfvvc1505fa2742.top
dbvnp9d4e0174182.top
dnegj8d40dcb4cb2.top
dvypm296a83d9d71.top
dzwqoc182ab3e3dc.top
eybokb1853d04c72.top
fjbyn9e1fec2498f.top
ftxdha3dd13803d3.top
fxhbo217a740f19f.top
fzamg95a03d0fbf3.top
gozay2c535c99f72.top
gudrjfd31bf04ae0.top
gyznia9b2b8f4dc8.top
hfeys8ce2403d5c8.top
iedzq061cd6e4de0.top
iicar1be181a716d.top
ikhnue74d9e14f59.top
iwlwy29b36930d62.top
jdfgwc93bfae4ac9.top
jflgwa80c6686879.top
jxicl82677cd4831.top
lbgcu670254e4153.top
mgonme9f4bffd1cb.top
mkeif199cb5cf258.top
oonxr7a7a878dfc4.top
phkow7a0fed3cf50.top
prren14f05214178.top
ykroa6a888d1406a.top
znaek9de87780a5d.top
zntyze774be7472d.top
zvdlg18ce2114540.top

# Reference: https://x.com/1ZRR4H/status/1928176650916704304
# Reference: https://www.virustotal.com/gui/ip-address/188.40.187.152/relations

0vwdh086y6617.life
20ztrlynhqrkl.life
2nviz2u0243nr.life
2yj7j6r9vo33o.life
397nrivd76yo3.life
3mar7y5c3r4zx.life
3y9cnn3ltwru4.life
4v0qmowukun68.life
55ueww9semkcm.life
5izwfepuwh2ic.life
5oqmgkgz5rf70.life
5p981xjz7sbyt.life
6bs426zjqpbth.life
7d0qhl3jn2xp2.life
7dxudveyrs1qv.life
830pmmvl3x3qb.life
8a3peanh4uz8e.life
9ir8es90oecw2.life
cmpf8huatefqk.life
csyn20vl3z4q0.life
dt2hlgmn1nzpl.life
e12sw2209cc53.life
e21hhjf8659tt.life
e3h08otb6xmu3.life
f24yew7yxdas9.life
f5bdp5r97x63z.life
fk522cqcb411i.life
gap5w2em9msor.life
gennj5glepbm3.life
ghyouopkphf2x.life
gvygkcpol74gy.life
hrjcfbz49zbdn.life
jqyeegna3lht2.life
knmekk4xh1yfu.life
nbfg014yic1qb.life
nbs6lnzvk9nkg.life
nd6h2ldqkvdw6.life
nins8k5g0f1dx.life
nz9sjxx21tp5x.life
ogbh7anjjdjdd.life
os5ryl12zmx42.life
oulq1xmd91yva.life
p8ya80enl7muq.life
piur2ev55twj7.life
pnqu4zi9mlahx.life
q8r7omleri0pd.life
qcvgu67ml13r1.life
quqd8ic552xs4.life
qv4njcerh3hsj.life
r9mkypblrf7ai.life
tcvttq08r9jty.life
ug2a0sj16kerd.life
uld7tnpvgr1ir.life
vncik1psdrrbl.life
vns5srpw5p315.life
vqzguhj0laj7p.life
vs3b5qgn6ksql.life
w79vt2diz7dml.life
xtbt0ekpcxnak.life
yh4x0620pw1ap.life
ypki3cocq1asj.life
yqijzlle1r3rl.life

# Reference: https://x.com/SquiblydooBlog/status/1942927450062872977
# Reference: https://tria.ge/250709-neemfsxvgx
# Reference: https://tria.ge/250709-ned1xsxvgw

011jn31n05qzpp.org
01t05hb4armbco.org
0jfv3ru6slys8b.org
0youdp14i4r4h5.org
1074slp8zafyz3.org
13ov5ypehzqx5l.org
15eaytwast9oig.org
18xsm4245vgytb.org
1ge03xy5vtwn5s.org
1v6pqsve9hg3gy.org
2gdaqm18d6p9d8.org
2rxyt9urhq0bgj.org
2x51hwe9cnidu4.org
2yr46kghd39ise.org
3h98rycjvt3gj5.org
3pu8prnkr8v31d.org
3pvk0zw1k7g28h.org
54jmh8bnrpha7y.org
560tvzwrobbl2k.org
5ka8rxp6t6eup2.org
6cimu4mc085em8.org
7p788ywb3z9fwe.org
8doj8uvx604eck.org
958xz3300iu8oe.org
9g055w2ak8hd6t.org
acl1omagtzq38v.org
ae7a1pbhn5ytpe.org
aelovxoinqta4a.org
avm2dir92zqv9x.org
bvt69kywl2s8rg.org
cjlv1576zqgb47.org
cybf5coa1t2xr2.org
dlbqduy9gjprko.org
epnl524h4k03mu.org
ev2sirbd269o5j.org
ewujsfb1dp5ran.org
fbixeudnf6vbhh.org
fo1463oipy7oq8.org
gd2i9y77jhbjqb.org
gkukvtxlew982a.org
gydu03jt8n5e41.org
haq82ih59xa38b.org
hnxkyiagzxlvv0.org
hpzmehtnkk4q22.org
igl71zhw25qw3d.org
ijt0l3i8brit6q.org
invutsz52frzl8.org
j8ku0xu0dqduxr.org
j8plhuz7p6052k.org
jpgw5b5zv4vdoy.org
jy3y61q6hyhf4c.org
kecah03gobzlrt.org
ks50ioz9nm3v05.org
kwywztxoo2xdot.org
ky1d1p1daahe5t.org
l2q3fkrpgyxr8r.org
mh4bjdyhen3d9z.org
nlvskzui15vxju.org
nrd1qnd4l7tcp9.org
nrej2ipydbg40k.org
o44e59aio5jk9q.org
oovlcxvht9kupu.org
oqu78tlfbxcf50.org
ovh1kn1tcqw5kp.org
pk743hnddx0nds.org
pkzwaki575nsll.org
q008rx2d58h76q.org
q2myvg0j1nna57.org
r2r3qzjb3bp1ar.org
r4aadwqq9d2h24.org
s6mngnfnj9nrfj.org
s96phai2s1wzen.org
t052317kru670j.org
th87nd6s31jke7.org
tig85m8n7xixaz.org
tqilxwrw5m54pj.org
trj1qy559ygvx3.org
tx6jny2iaea186.org
tycl4o5dep10cd.org
u0tkv94vt86y23.org
ui9bex45gw70az.org
usguzk6xqox3ss.org
v3hm711ignzez6.org
v5rjsdqogstopr.org
vfo2q74c1y0x74.org
vfwlzltibeg7ne.org
vzf1g0it8gpvq7.org
w823niq7veztr9.org
wp67lr8ysypurn.org
x5b6lm11d90dht.org
x5x2vq5joobqxe.org
xgcibmd1rd21us.org
xuixp4uro6pl3z.org
y9e05pr4v7lhp9.org
ygvmhd7ll9v2nu.org
z3l0kxd46ulurv.org
z3vni7gw9q1i8p.org
z55s2t6ca702es.org
zrym1d73kdmimj.org
zs2u14kk7bqbn2.org

# Reference: https://x.com/Threatlabz/status/1945881983680405570
# Reference: https://github.com/ThreatLabz/iocs/blob/main/bumblebee/c2s.txt

01t05hb4armbco.org
04cpjtn6d597az.org
0577bp0rs10ymm.org
0auc4opinnfh1q.org
0bg5rg4eqhqw1n.org
0fssfbehzsz8qn.org
0geiyyrkthh79m.org
0ja41rz8tt8w79.org
0jtced7w9vfmaj.org
0k2mnkluop7988.org
0reih6vwzswljn.org
149c7l5vw61clg.org
164r969k1ukm08.org
177hdmsutlfyqg.org
1m3esx9nv6zp0s.org
1uwufqh9t1wet2.org
22giihgptezt1z.org
24r6q4e5bk2tdi.org
2764eafl6bpv62.org
27ed7kspxchzo3.org
2ak1xqk2yeyjme.org
2i0nq29y5xdgcb.org
2jncqdqmsdqcaf.org
2q4v1psyuyhwc4.org
2sdff2l4b8dcg1.org
2yr46kghd39ise.org
32g2urpgkp1ett.org
35odo4pv02h6p9.org
37xg0gcjj10smr.org
3k3ex1xpylqt7f.org
3nux6z16ieip7u.org
3vlcder6gy9pi6.org
410zkwthev6jat.org
46jv5iyy16qmfp.org
49du87ynddqyr2.org
49rglxiuv631w9.org
4du0yhfw1rlus1.org
4e9nzmft0yl3y1.org
4tr25p513j3gy5.org
4x1xwl0vlcp0oh.org
54koqynag1148v.org
55plyc62j0lfn8.org
598yocmm5cfoto.org
5afyc7zxdwetb7.org
5aibzvk4gvzg2x.org
5e2zy0a1u4l4md.org
5sm4tii0w4lnu2.org
62bfob4279ktbv.org
6nnykp2aycmayg.org
6t7ck78asiw4eg.org
7cj00m27hf1elx.org
7v6chp4bfor6ie.org
7zvxd67khn485a.org
823rczij8ssycw.org
84xdoticua6qyv.org
884euz06fqq9km.org
8a2c630an9l6gw.org
8jb9c55ddgl6xh.org
8pcu7bac1qs72l.org
8qoy7s4f9eypvu.org
8uio8tf1bs4763.org
9lwaixm8plvds4.org
9origpkd1twsb3.org
9t4p23kxbmym9m.org
9tf8evh4mdcae0.org
9y8mfxcl0m2adn.org
aacd3vmj6v0ml8.org
afeabgsiafvy8p.org
b2aa1e67emw8ln.org
bhvhbmjmni7a51.org
bmt6ksooy4daii.org
bnjjnkzwtmdzhq.org
bntvpoyzta0cix.org
bwu8a3myfu95r1.org
bx9w5y1yfkldbl.org
c617drcvfj3ob7.org
cjjmbramcs7wta.org
ctfyicw3fc01dz.org
czgy9s1rc5fpet.org
d1hmxkpwby0d4s.org
dcndsw9u1opm4m.org
ddzk1a413t6d1t.org
dzrppqwrvmaopm.org
e4hh7z2lrrt36j.org
eidk5vq33bdurk.org
erbeggn0jqke5o.org
fgutu3qk8wd74g.org
fq2ly9aadebz1q.org
fqhgfbgeq6dgko.org
g568owaol2g56w.org
g6vpoct17x7vui.org
gcu9cqv4o29163.org
gg58rhkne5ecqh.org
gtwfi8r2fw8tvm.org
gvall75jsrx75h.org
gxc9pk5isfhewk.org
gz22sljuyiorre.org
hcjnofag6p0tqi.org
hijcv03lnz60go.org
hm7515fez3j800.org
i07d878brw68j7.org
i0f999ohmhy3dq.org
i6s8jrx6k5jvfi.org
ifdiohd0e9dkh3.org
igypnjq2twaydg.org
ile1fyd69lhj2g.org
ivstca2cvzg9p7.org
j24qqbl5bmno44.org
j3wm1njhajbvmo.org
ji8g825aby8ral.org
jpu1uupjx64qqp.org
k4nl2tph900n1m.org
k7z9hncq00t31r.org
kei9u3zutxk3xy.org
kmsihcsoink11l.org
koff5vkghy991i.org
l7jfhojiwy7fci.org
la3uc7o4meb984.org
lb8habevt8z8av.org
lg96xeyjet83ql.org
lj7qd3owgu3qz6.org
lrbsawm4lgwi3v.org
m56fefdjvlya62.org
m5ys88zf7e6la0.org
mc0k0e9u2ejlla.org
msfrizew60fa5p.org
n5v063dsicdqsd.org
n7bc2cu0ual6ph.org
nazah5o8bmj94c.org
njf3gtk0oi3cn7.org
o3l6jccoqjlcju.org
p5lnptjbch3mck.org
p7je3tj5sa40m7.org
p965xttibzdw9q.org
pirmg4brrghd71.org
pmrvuwm2oyykro.org
pngybhqff1ro25.org
pszkazlcqkcwj0.org
px9dangd5p0opr.org
q1nrjj5gorwiog.org
q55xt8v4elpoew.org
q9l9azgvj62ofm.org
qkcg6gujx8rkfb.org
qruc5iio46zbia.org
r30amxfreoi6mr.org
r4fnb7z8qyaanw.org
rjoa3ayukahl71.org
rjta7ke51jvai2.org
rjy583l0jh5jxp.org
rlsuxw2nmylalc.org
s6t6fxl14klmwr.org
sgoqxbs1petu7c.org
surj0ehsjzm65c.org
t0rky85smr4rr3.org
t49u35avy38k84.org
tdag8kh6ak5q8z.org
tgqtojochb4xa9.org
tkybviqnhwezce.org
tm63qqra0sqhwr.org
tn6x2gf7ryll47.org
tpj41b0dd8bubq.org
tqtmbbmjyaeum6.org
tze75quz2tol13.org
tzlmn2775dnrt6.org
u30918ntpfzlks.org
u6xbp1l9nljvke.org
u94ez21mkmnllx.org
ub82w8g9dq3295.org
ud399gym460dq0.org
uilc1pdqq6hc69.org
ur9zrpvo9d6thq.org
v1ie072d3nq7yr.org
v2rg7ysji2b910.org
vn85bbyxaymnj5.org
vpmo3wk7dfshar.org
vqf44a0qv0fr6i.org
vt79b0cguimqnm.org
vvl43zpldexfem.org
w1c7y6xw3worai.org
w4nv1rg6wjewi7.org
wdxw0fel1a1pbi.org
wiz4vhi2jjl3ir.org
wk4hmcydty3i0i.org
wrmcmw3s7wmlj7.org
wvqwflvcq0e544.org
xfcu1f31voyj8q.org
xo236e1x7j24xo.org
xz9j00z5ydhfxe.org
xzk82h0rexeztk.org
y01hcjhicqsafo.org
y1u29hg7ilhkhn.org
y2151brfuuf2s3.org
y3j80r115j4k7a.org
y5tzjoak527ebp.org
ydztf6rdv4f6lq.org
yj6jurm5qqkye5.org
yy5sfd8r1ltoj4.org
z8up0cw7b0obda.org
zei0i9o0tb57in.org
zfbnznm29uvfhv.org
zj8ossa2c3xc94.org
zkjf9t3118d6os.org
