# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: veletrix loader

# Reference: https://twitter.com/MichalKoczwara/status/1643578019242442752
# Reference: https://twitter.com/MichalKoczwara/status/1643598384610017281
# Reference: https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=073fb179ccb5a8ecad40fad2c940ef3bd3ce06f1

103.45.142.118:8082
114.132.56.160:8082
119.3.204.38:8082
164.88.255.246:8082
180.76.179.154:8082
185.80.202.166:8082
216.83.44.138:8087
216.83.44.139:8087
216.83.44.140:8087
216.83.44.139:8082
216.83.44.13:8082
216.83.44.138:8789
216.83.44.140:8082
39.98.173.197:8082
43.136.116.140:8082
45.76.231.62:8082
45.76.97.205:8082
45.94.42.61:8082
45.94.42.61:19090
64.176.37.78:8082
66.181.36.244:8082
8.222.140.105:8082
82.157.154.3:8082

# Reference: https://x.com/malwrhunterteam/status/1889287149863702646
# Reference: https://www.virustotal.com/gui/file/a921ee9bac3903adf360d901cc9a9235c4b88e6dfcccdea23edd60057014f6ff/detection
# Reference: https://www.virustotal.com/gui/file/3606842ac4a7627426ad78fbac2cad392647f1be031edb9a2046a846f191a585/detection
# Reference: https://www.virustotal.com/gui/file/1ae30e2698772e0dfade7d3cb3d79eb01fd90e650d9fb94f10368f1dff7e0c93/detection

103.30.76.254:8084
548125.com

# Reference: https://x.com/malwrhunterteam/status/1896920306562027960
# Reference: https://www.virustotal.com/gui/file/0d9d9319c7e198dc7e5ad16fcb32e0208e9ae9c597d6ef55529fd1e70f2fd92c/detection
# Reference: https://www.virustotal.com/gui/file/a7d4c0752ade8e254cbabdffc49f3fff1b6e9173ca05058f905c4594e4ab3a14/detection
# Reference: https://www.virustotal.com/gui/file/800524ead4ea37033a31f3815afc2149c7c49b071d2b12eaab43d137b7558a60/detection

113.44.89.162:443

# Reference: https://x.com/malwrhunterteam/status/1900535978650972297
# Reference: https://www.virustotal.com/gui/file/125eec79530dff6b987af22b338a68cd1e4cec95fbbe3667f793195fab9e202a/detection
# Reference: https://www.virustotal.com/gui/file/39e6cb3ab100c14154a21ea52e5fd239e45bf6b8c494f859ee82bd5e255a8c32/detection

45.145.228.118:7799

# Reference: https://x.com/Jane_0sint/status/1902333528534073802
# Reference: https://app.any.run/tasks/a3bcac8e-51f2-4922-a4a8-677345e7393f
# Reference: https://app.any.run/tasks/288d9045-7562-4f86-b41d-87176654e5c5
# Reference: https://app.any.run/tasks/28fb84a7-f49a-4d84-8ef5-87035a3fbc23

198.98.48.4:55689
43.128.85.89:8084

# Reference: https://x.com/malwrhunterteam/status/1907164500383441392
# Reference: https://www.virustotal.com/gui/file/5a172a716f2772d09186164da34e1aad536d71cbd6aa0f1ddb2fa201ca1a79f7/detection

147.93.122.8:8084

# Reference: https://x.com/malwrhunterteam/status/1911746330952622573
# Reference: https://www.virustotal.com/gui/file/d1168d09e64f7a6e0048c0c3a4197166e0536b61d6db00a162b3a31f8e1a4af4/detection

27.25.151.34:12345

# Reference: https://x.com/malwrhunterteam/status/1911749743958503876
# Reference: https://www.virustotal.com/gui/file/09f4bd9a9b9c35a8aa398ecd0bd86ab5cbf12fd6b0391ed966e4bdf24ba0bed6/detection
# Reference: https://www.virustotal.com/gui/file/1efa3a940ab68db66ab5498b51944e0095085db5d3504fed9c0ebb55beda045b/detection

54.250.244.150:8084

# Reference: https://x.com/malwrhunterteam/status/1912922319187476738
# Reference: https://www.virustotal.com/gui/file/f3b1c933afe9b3fc366bfbc311683c6643c04720eb2d04c52d49e63c3fbb7ef4/detection
# Reference: https://www.virustotal.com/gui/file/a15f30f20e3df05032445697c906c3a2accf576ecef5da7fad3730ca5f9c141c/detection
# Reference: https://www.virustotal.com/gui/file/9cb6f45e3fe2fdd035c6e7634986aaadde625d68e1f0344558f262818f58385f/detection

121.37.80.227:8084

# Reference: https://x.com/malwrhunterteam/status/1913547725502640265
# Reference: https://www.virustotal.com/gui/file/157ccecda80b1deee56a722aba14eafc231899939365a2842b4f660f92a11a24/detection

198.252.107.249:443

# Reference: https://x.com/malwrhunterteam/status/1913535502533140530
# Reference: https://www.virustotal.com/gui/file/6321bb2e4134db7704f5371ff6deca2e89ab9a0fdf3f2bb86b34b4ae11283c13/detection

38.91.118.218:9002
value-keys.com
alicloud.value-keys.com

# Reference: https://x.com/malwrhunterteam/status/1913536150439932103
# Reference: https://www.virustotal.com/gui/file/8932c191212aa44562de0b7cedd12a813945f6e72f612a92db6bbe78a4561d85/detection

123.60.50.172:60001

# Reference: https://x.com/malwrhunterteam/status/1914626415292489985
# Reference: https://www.virustotal.com/gui/file/a7c6da7c4d76a53996a8ae57ccfd6c804c25a8cfeb528a918c685e7a338ea316/detection
# Reference: https://www.virustotal.com/gui/file/850277a7a28bac6837698cc52125d06e3a5fe4334b6fade7df00e7c44e654cd7/detection
# Reference: https://www.virustotal.com/gui/file/300fec8f396f0f51d5db594b095ae09150d09731667b8f979709022dbfb44df8/detection

23.226.136.169:38084
23.226.136.169:65535

# Reference: https://x.com/malwrhunterteam/status/1915032715289661731
# Reference: https://www.virustotal.com/gui/file/5eaaf8af492b74fe6aefc76879fefa86f221e369cc242600e5f36f9267a75d65/detection
# Reference: https://www.virustotal.com/gui/file/2817e26773a18ea6185fa22ab0060338e227b97d4eb3f7b65921f00805fb6120/detection

134.175.254.142:8000
81.71.246.226:8882

# Reference: https://x.com/malwrhunterteam/status/1915361972750582270
# Reference: https://www.virustotal.com/gui/file/00920e109f16fe61092e70fca68a5219ade6d42b427e895202f628b467a3d22e/detection

103.30.76.206:443

# Reference: https://x.com/malwrhunterteam/status/1917189837267886295
# Reference: https://www.virustotal.com/gui/file/0efbda15a1785e1b395b9744841097dc6943b585fa00724105f06d3c7dbd088b/detection

1.15.95.229:53351

# Reference: https://x.com/malwrhunterteam/status/1922188146080350520
# Reference: https://www.virustotal.com/gui/file/fef69f8747c368979a9e4c62f4648ea233314b5f41981d9c01c1cdd96fb07365/detection

62.234.24.38:9999

# Reference: https://x.com/malwrhunterteam/status/1922950235891920966
# Reference: https://www.virustotal.com/gui/file/8a7f4c90b72851d1cbf297542a3ee6703def01a5cd0839607d9be253fea89461/detection

38.55.198.20:8084

# Reference: https://www.virustotal.com/gui/file/2c8910f552168cd6b491c2e1d7662452addd8398e323f51dc49db18fd7759b3d/detection

106.15.105.78:65320

# Reference: https://x.com/malwrhunterteam/status/1928941538001703225
# Reference: https://www.virustotal.com/gui/file/a0f4ee6ea58a8896d2914176d2bfbdb9e16b700f52d2df1f77fe6ce663c1426a/detection
# Reference: https://www.virustotal.com/gui/file/77b0f0861bec071f18e14f3b26c95e46b4c64e61d688de50b5880f4c30d61a24/detection
# Reference: https://www.virustotal.com/gui/file/689751d26d4cc9e17729653e6d1b4078eb3613d666a9669c4d86453c6b6fd523/detection

96.9.125.82:8082
96.9.125.82:8085

# Reference: https://x.com/ElementalX2/status/1931062614970581451
# Reference: https://www.seqrite.com/blog/operation-dragonclone-chinese-telecom-veletrix-vshell-malware/
# Reference: https://www.virustotal.com/gui/file/2206cc6bd9d15cf898f175ab845b3deb4b8627102b74e1accefe7a3ff0017112/detection

47.96.172.80:10088

# Reference: https://x.com/malwrhunterteam/status/1931450753442287839
# Reference: https://www.virustotal.com/gui/file/1b56142f8457af1b488607dc9c004a0e2fc6bb097e472f6c4a3ce83ad513e12e/detection

13.213.71.156:8084

# Reference: https://www.trellix.com/blogs/research/the-silent-fileless-threat-of-vshell/
# Reference: https://www.virustotal.com/gui/file/54585ddae14b24d0100fe85c9e18e44f936368a9f48ae189ccf2cc40cd7c1b7c/detection
# Reference: https://www.virustotal.com/gui/file/fa99edf1270fd67575f1c35d183629fb5bf92a8f5de5280ccc5f638bd79c2867/detection

http://47.98.194.60
47.98.194.60:443
47.98.194.60:8084

# Reference: https://x.com/58_158_177_102/status/1975704382328218113
# Reference: https://www.virustotal.com/gui/file/719bb84cca932f7d3f09e5e5358d79e954dab80ffad9c43b42bb03209a679997/detection
# TITLE-HOST=セキュリティプラグインのダウンロード

47.245.30.54:8888
bookinghotelnow.com
golfpoolinvitational.com
hilarygrace.com
instatechtrendings.com
sbi-zondowal.com
weknowweddings.com
yu123sp.com
zdfhcl.com

# Reference: https://x.com/smica83/status/1978591124269797549
# Reference: https://x.com/skocherhan/status/1978594157493997620
# Reference: https://www.virustotal.com/gui/file/6fa4949992c9f261ed7848d44577149ea11d4c5269e891578d66a1c3d4629109/detection
# Reference: https://www.virustotal.com/gui/file/fad397bbf868b50b0fccc8bdb9930edee9d05ad25a0f330a5551d1529d6662c8/detection

13.210.13.81:8081
snlper5.com
my.snlper5.com
vs.snlper5.com

# Reference: https://x.com/smica83/status/1980731559503360078
# Reference: https://x.com/L0Psec/status/1991910497663562045
# Reference: https://www.virustotal.com/gui/file/fbdc91031882f77857e6a5cac1c32a5c5a4571350a905cf9158d912a8b892b3a/detection

54.92.96.88:48001
54.92.96.88:48010

# Reference: https://x.com/smica83/status/1983606758464745885
# Reference: https://www.virustotal.com/gui/file/569b815d15a61de542fcdd583d3c1a280860a87ae20aa5062cc8638451a5eb7e/detection

112.74.165.239:8443

# Reference: https://x.com/smica83/status/1984879181021298908
# Reference: https://www.virustotal.com/gui/file/03c1d09ee4065afa6f0d1e68e497a07dc1f6d5a4c9ff5ac0e65101eac12f1c83/detection
# Reference: https://www.virustotal.com/gui/file/5bde8bdd08f2248eb947cb6242b2b788e1837cbf6e5b0a25187500dc8bed75cc/detection

192.227.153.57:8084

# Reference: https://www.nviso.eu/blog/nviso-analyzes-vshell-post-exploitation-tool
# Reference: https://threatfox.abuse.ch/browse/malware/win.vshell/ (# 2025-11-05)

http://101.43.26.13
http://102.134.35.184
http://103.197.25.8
http://113.45.8.103
http://114.55.230.124
http://117.72.170.55
http://118.89.173.244
http://119.45.23.116
http://124.220.50.56
http://139.129.192.65
http://139.162.80.182
http://150.158.172.49
http://159.75.211.175
http://172.245.59.249
http://18.143.149.105
http://198.20.133.15
http://198.98.54.209
http://206.188.196.221
http://212.232.23.231
http://223.254.128.15
http://23.95.229.128
http://38.207.178.252
http://38.60.200.217
http://43.139.208.225
http://43.207.90.226
http://45.32.99.90
http://47.76.245.121
http://47.92.133.35
http://47.97.46.118
http://64.112.43.97
http://8.136.56.202
http://8.152.98.250
http://8.219.90.249
http://81.68.216.108
http://81.69.229.149
http://89.117.94.105
http://89.187.28.33
1.116.196.153:9999
1.13.91.59:5432
1.14.199.139:8084
1.94.166.13:1234
101.126.54.210:8086
101.132.34.211:8083
101.132.34.211:8084
101.33.196.11:50002
101.33.208.25:10001
101.34.65.131:8085
101.34.71.169:443
101.35.235.124:8084
101.36.108.230:443
101.42.34.250:8086
101.43.136.183:8013
101.43.27.138:1234
103.100.61.249:1922
103.100.63.249:1922
103.144.29.232:1922
103.144.29.253:1922
103.149.93.106:8084
103.149.93.210:8088
103.159.206.136:2086
103.159.206.136:60024
103.171.35.40:8084
103.197.25.8:8443
103.20.220.19:8084
103.42.214.19:15667
103.47.80.2:18084
103.47.80.2:8083
104.145.210.130:8084
104.168.95.4:8888
104.223.108.107:46775
104.223.25.217:10000
104.223.25.217:443
106.15.6.181:8082
106.52.188.212:81
106.75.141.4:1311
106.75.141.4:1322
106.75.141.4:2002
107.148.239.243:8089
107.173.13.108:8084
107.173.141.241:81
107.173.71.25:4433
107.174.35.39:18776
107.175.62.11:443
107.175.83.194:8084
109.206.247.161:8084
110.40.157.86:8088
110.40.167.191:8080
110.40.167.191:8084
110.40.176.194:8084
110.41.53.51:8082
110.41.87.119:18085
110.42.232.120:8084
111.229.217.32:10000
111.230.202.188:18080
111.231.11.61:10011
111.231.59.28:8084
112.125.88.176:12345
113.44.136.127:8084
113.44.136.127:8848
113.44.37.24:8090
113.44.78.152:8088
113.44.89.84:8888
113.44.90.0:23333
113.44.90.0:8085
113.45.185.225:18084
113.45.196.228:222
113.45.206.160:8084
113.45.227.85:8848
113.45.236.40:8084
113.45.236.40:8085
114.132.125.10:12345
114.132.178.196:8084
114.132.192.25:8088
114.132.226.247:8082
114.67.202.90:8443
114.67.98.107:9999
115.120.214.145:8084
115.159.103.198:18084
115.175.28.107:8084
115.190.147.158:8084
115.190.147.158:8088
115.190.178.137:8084
116.62.247.150:8084
117.50.21.64:18084
117.72.148.131:8084
117.72.159.96:8084
117.72.175.125:443
117.72.175.125:8443
117.72.210.195:10002
117.78.41.31:8082
118.107.21.101:9999
118.126.107.202:18080
118.178.139.111:8082
118.24.46.114:8084
118.25.192.79:16379
118.25.26.93:8085
118.31.165.46:8084
118.31.70.79:8082
118.89.104.195:28082
118.89.173.244:8083
118.89.88.183:58084
119.45.160.160:8084
119.45.23.116:4433
119.45.23.116:8084
119.45.71.218:8082
120.48.21.184:8084
120.55.84.149:8082
120.76.42.81:25001
120.78.127.57:10443
120.79.87.224:3389
121.196.245.40:8084
121.196.245.40:8085
121.37.160.115:8084
121.41.1.158:60086
121.41.131.112:58084
122.10.5.218:8003
122.10.5.218:8007
123.206.229.121:443
123.206.229.121:8080
123.249.127.133:8082
123.249.17.235:11000
123.56.102.177:8084
123.57.79.94:443
123.60.135.200:8082
123.60.145.2:5555
123.60.177.229:8084
123.60.178.166:8084
123.60.214.58:9001
123.60.219.97:5566
124.220.16.198:8084
124.220.80.206:60626
124.221.255.78:8084
124.221.32.87:9090
124.222.74.146:8084
124.223.71.152:8082
124.70.142.36:8020
124.70.148.71:8084
124.70.151.248:8084
124.70.65.157:8084
125.122.27.48:8090
125.65.28.180:8082
129.211.13.156:8084
129.211.13.156:8085
129.226.209.21:8084
129.226.209.21:8443
129.226.210.240:23451
129.28.56.180:8084
13.229.231.0:8084
132.145.54.83:8084
132.232.141.206:8084
132.232.141.206:8085
139.159.138.64:55883
139.180.209.17:8888
139.186.136.232:4433
139.196.76.92:8083
139.9.191.30:8084
14.103.136.198:8084
140.143.222.88:18088
140.143.242.109:8082
141.98.199.247:2095
142.171.114.190:8084
142.171.114.190:8085
142.171.114.190:8086
142.171.20.222:8084
142.171.20.222:8086
144.172.122.30:8084
149.104.27.103:8084
149.104.29.60:8084
149.30.242.73:8088
149.30.248.10:28576
149.30.248.10:60578
149.30.248.11:28576
149.30.248.11:60578
149.30.248.12:28576
149.30.248.12:60578
149.30.248.13:28576
149.30.248.13:60578
149.30.248.14:28576
149.30.248.14:60578
149.30.248.15:28576
149.30.248.15:60578
149.30.248.16:28576
149.30.248.16:60578
149.30.248.17:28576
149.30.248.17:60578
149.30.248.18:28576
149.30.248.18:60578
149.30.248.19:28576
149.30.248.19:60578
149.30.248.1:28576
149.30.248.1:60578
149.30.248.20:28576
149.30.248.20:60578
149.30.248.21:28576
149.30.248.21:60578
149.30.248.22:28576
149.30.248.22:60578
149.30.248.23:28576
149.30.248.23:60578
149.30.248.24:28576
149.30.248.24:60578
149.30.248.25:28576
149.30.248.25:60578
149.30.248.26:28576
149.30.248.26:60578
149.30.248.27:28576
149.30.248.27:60578
149.30.248.28:28576
149.30.248.28:60578
149.30.248.29:28576
149.30.248.29:60578
149.30.248.2:28576
149.30.248.2:60578
149.30.248.30:28576
149.30.248.30:60578
149.30.248.31:28576
149.30.248.31:60578
149.30.248.32:28576
149.30.248.32:60578
149.30.248.33:28576
149.30.248.33:60578
149.30.248.34:28576
149.30.248.34:60578
149.30.248.35:28576
149.30.248.35:60578
149.30.248.36:28576
149.30.248.36:60578
149.30.248.37:28576
149.30.248.37:60578
149.30.248.38:28576
149.30.248.38:60578
149.30.248.39:28576
149.30.248.39:60578
149.30.248.3:28576
149.30.248.3:60578
149.30.248.40:28576
149.30.248.40:60578
149.30.248.41:28576
149.30.248.41:60578
149.30.248.42:28576
149.30.248.42:60578
149.30.248.43:28576
149.30.248.43:60578
149.30.248.44:28576
149.30.248.44:60578
149.30.248.45:28576
149.30.248.45:60578
149.30.248.46:28576
149.30.248.46:60578
149.30.248.47:28576
149.30.248.47:60578
149.30.248.48:28576
149.30.248.48:60578
149.30.248.49:28576
149.30.248.49:60578
149.30.248.50:28576
149.30.248.50:60578
149.30.248.51:28576
149.30.248.51:60578
149.30.248.52:28576
149.30.248.52:60578
149.30.248.53:28576
149.30.248.53:60578
149.30.248.54:28576
149.30.248.54:60578
149.30.248.55:28576
149.30.248.55:60578
149.30.248.56:28576
149.30.248.56:60578
149.30.248.57:28576
149.30.248.57:60578
149.30.248.58:28576
149.30.248.58:60578
149.30.248.59:28576
149.30.248.59:60578
149.30.248.5:28576
149.30.248.5:60578
149.30.248.60:28576
149.30.248.60:60578
149.30.248.61:28576
149.30.248.61:60578
149.30.248.62:28576
149.30.248.62:60578
149.30.248.6:28576
149.30.248.6:60578
149.30.248.7:28576
149.30.248.7:60578
149.30.248.8:28576
149.30.248.8:60578
149.30.248.9:28576
149.30.248.9:60578
150.136.112.184:2095
151.106.112.208:8084
151.106.112.208:8086
152.136.137.115:8084
152.136.137.115:8085
152.53.197.247:8080
152.53.197.247:8081
152.53.197.247:8084
154.198.53.145:8084
154.198.53.145:8888
154.198.53.154:8888
154.198.53.176:8888
154.212.113.32:8083
154.212.113.32:8084
154.212.113.33:8084
154.222.24.78:9001
154.223.16.184:4388
154.37.155.101:61252
154.37.155.101:8090
154.86.22.112:16388
154.86.22.189:16388
154.86.22.47:16388
155.94.157.212:8084
155.94.170.238:50001
156.234.201.70:54321
156.245.12.209:8054
156.245.12.210:8054
156.245.12.216:8054
156.247.40.80:8023
157.230.34.45:443
157.230.34.45:8080
158.247.237.190:8084
158.247.237.190:8880
16.162.137.95:8000
16.163.147.182:5672
160.202.230.113:8080
166.108.226.235:8082
166.88.61.58:443
169.239.128.142:2082
169.239.128.142:8443
172.245.126.122:2082
172.247.244.46:52514
175.178.100.95:8082
175.24.205.160:28089
18.143.149.105:443
18.163.126.218:8084
18.163.126.218:9000
180.76.248.85:8083
185.196.10.130:8443
185.74.222.206:20001
188.166.210.146:8080
192.131.142.174:30
192.144.185.134:8082
192.227.167.156:443
192.238.133.156:8888
192.252.179.18:443
192.252.179.60:443
192.3.249.105:8081
193.3.168.201:8084
193.3.168.201:9443
193.42.25.64:58084
193.42.25.7:8082
198.12.73.140:19003
2.59.219.43:8443
20.255.96.154:28080
202.179.155.59:443
204.152.192.54:443
204.9.187.115:83
206.119.175.148:8084
206.119.190.78:28576
206.119.190.78:60578
206.188.196.221:8080
206.190.233.182:18082
206.206.76.110:2052
206.206.76.110:2082
206.206.76.110:2086
206.206.76.110:2095
207.148.72.117:443
207.148.72.117:8443
207.246.82.44:56358
207.246.82.44:8080
208.73.204.38:2086
208.73.204.38:8080
208.73.204.38:8880
208.87.201.17:18084
208.87.203.10:28576
208.87.203.10:60578
208.87.203.11:28576
208.87.203.11:60578
208.87.203.12:28576
208.87.203.12:60578
208.87.203.13:28576
208.87.203.13:60578
208.87.203.14:28576
208.87.203.14:60578
208.87.203.15:28576
208.87.203.15:60578
208.87.203.16:28576
208.87.203.16:60578
208.87.203.17:28576
208.87.203.17:60578
208.87.203.18:28576
208.87.203.18:60578
208.87.203.19:28576
208.87.203.19:60578
208.87.203.20:28576
208.87.203.20:60578
208.87.203.21:28576
208.87.203.21:60578
208.87.203.22:28576
208.87.203.22:60578
208.87.203.23:28576
208.87.203.23:60578
208.87.203.24:28576
208.87.203.24:60578
208.87.203.25:28576
208.87.203.25:60578
208.87.203.26:28576
208.87.203.26:60578
208.87.203.27:28576
208.87.203.27:60578
208.87.203.28:28576
208.87.203.28:60578
208.87.203.29:28576
208.87.203.29:60578
208.87.203.30:28576
208.87.203.30:60578
208.87.203.31:28576
208.87.203.31:60578
208.87.203.32:28576
208.87.203.32:60578
208.87.203.33:28576
208.87.203.33:60578
208.87.203.34:28576
208.87.203.34:60578
208.87.203.35:28576
208.87.203.35:60578
208.87.203.36:28576
208.87.203.36:60578
208.87.203.37:28576
208.87.203.37:60578
208.87.203.38:28576
208.87.203.38:60578
208.87.203.39:28576
208.87.203.39:60578
208.87.203.40:28576
208.87.203.40:60578
208.87.203.41:28576
208.87.203.41:60578
208.87.203.42:28576
208.87.203.42:60578
208.87.203.43:28576
208.87.203.43:60578
208.87.203.44:28576
208.87.203.44:60578
208.87.203.45:28576
208.87.203.45:60578
208.87.203.46:28576
208.87.203.46:60578
208.87.203.47:28576
208.87.203.47:60578
208.87.203.48:28576
208.87.203.48:60578
208.87.203.49:28576
208.87.203.49:60578
208.87.203.50:28576
208.87.203.50:60578
208.87.203.51:28576
208.87.203.51:60578
208.87.203.52:28576
208.87.203.52:60578
208.87.203.53:28576
208.87.203.53:60578
208.87.203.54:28576
208.87.203.54:60578
208.87.203.55:28576
208.87.203.55:60578
208.87.203.56:28576
208.87.203.56:60578
208.87.203.57:28576
208.87.203.57:60578
208.87.203.58:28576
208.87.203.58:60578
208.87.203.59:28576
208.87.203.59:60578
208.87.203.60:28576
208.87.203.60:60578
208.87.203.61:28576
208.87.203.61:60578
208.87.203.62:28576
208.87.203.62:60578
208.87.204.10:28576
208.87.204.10:60578
208.87.204.11:28576
208.87.204.11:60578
208.87.204.12:28576
208.87.204.12:60578
208.87.204.13:28576
208.87.204.13:60578
208.87.204.14:28576
208.87.204.14:60578
208.87.204.15:28576
208.87.204.15:60578
208.87.204.16:28576
208.87.204.16:60578
208.87.204.17:28576
208.87.204.17:60578
208.87.204.18:28576
208.87.204.18:60578
208.87.204.19:28576
208.87.204.19:60578
208.87.204.1:28576
208.87.204.1:60578
208.87.204.20:28576
208.87.204.20:60578
208.87.204.21:28576
208.87.204.21:60578
208.87.204.22:28576
208.87.204.22:60578
208.87.204.23:28576
208.87.204.23:60578
208.87.204.24:28576
208.87.204.24:60578
208.87.204.25:28576
208.87.204.25:60578
208.87.204.26:28576
208.87.204.26:60578
208.87.204.27:28576
208.87.204.27:60578
208.87.204.28:28576
208.87.204.28:60578
208.87.204.29:28576
208.87.204.29:60578
208.87.204.2:28576
208.87.204.2:60578
208.87.204.30:28576
208.87.204.30:60578
208.87.204.31:28576
208.87.204.31:60578
208.87.204.32:28576
208.87.204.32:60578
208.87.204.33:28576
208.87.204.33:60578
208.87.204.34:28576
208.87.204.34:60578
208.87.204.35:28576
208.87.204.35:60578
208.87.204.36:28576
208.87.204.36:60578
208.87.204.37:28576
208.87.204.37:60578
208.87.204.38:28576
208.87.204.38:60578
208.87.204.39:28576
208.87.204.39:60578
208.87.204.3:28576
208.87.204.3:60578
208.87.204.40:28576
208.87.204.40:60578
208.87.204.41:28576
208.87.204.41:60578
208.87.204.42:28576
208.87.204.42:60578
208.87.204.43:28576
208.87.204.43:60578
208.87.204.44:28576
208.87.204.44:60578
208.87.204.45:28576
208.87.204.45:60578
208.87.204.46:28576
208.87.204.46:60578
208.87.204.47:28576
208.87.204.47:60578
208.87.204.48:28576
208.87.204.48:60578
208.87.204.49:28576
208.87.204.49:60578
208.87.204.4:28576
208.87.204.4:60578
208.87.204.50:28576
208.87.204.50:60578
208.87.204.51:28576
208.87.204.51:60578
208.87.204.52:28576
208.87.204.52:60578
208.87.204.53:28576
208.87.204.53:60578
208.87.204.54:28576
208.87.204.54:60578
208.87.204.55:28576
208.87.204.55:60578
208.87.204.56:28576
208.87.204.56:60578
208.87.204.57:28576
208.87.204.57:60578
208.87.204.58:28576
208.87.204.58:60578
208.87.204.59:28576
208.87.204.59:60578
208.87.204.5:28576
208.87.204.5:60578
208.87.204.60:28576
208.87.204.60:60578
208.87.204.61:28576
208.87.204.61:60578
208.87.204.62:28576
208.87.204.62:60578
208.87.204.6:28576
208.87.204.6:60578
208.87.204.7:28576
208.87.204.7:60578
208.87.204.8:28576
208.87.204.8:60578
208.87.204.9:28576
208.87.204.9:60578
212.232.23.231:88
212.64.26.62:38084
223.254.128.15:4433
23.105.211.168:2443
23.94.137.134:8084
23.94.66.124:8080
23.94.70.197:8084
23.94.99.229:40002
23.94.99.229:40003
23.95.107.162:55555
23.95.193.221:443
23.95.193.221:8080
23.95.229.128:11211
27.102.130.132:8084
27.124.40.170:443
38.147.170.223:8085
38.147.171.129:5432
38.147.173.88:6868
38.147.190.239:8081
38.162.117.244:8084
38.165.22.110:14443
38.181.219.116:54412
38.190.198.40:8084
38.207.178.19:18082
38.207.178.44:8084
38.38.250.105:8848
38.38.251.151:39001
38.38.251.244:8084
38.45.124.194:8084
38.45.124.194:8174
38.45.124.195:8084
38.45.124.195:8174
38.45.124.195:8414
38.45.124.196:8084
38.45.124.196:8174
38.45.124.196:8414
38.45.124.197:8084
38.45.124.197:8174
38.45.124.197:8414
38.45.124.198:8084
38.45.124.198:8174
38.45.124.198:8414
38.47.102.195:8084
38.54.115.111:443
38.54.13.44:8084
38.54.16.76:443
38.54.82.222:443
38.55.194.74:10004
38.60.157.177:8080
38.60.200.217:443
39.100.65.211:443
39.104.25.196:30064
39.104.76.52:8082
39.105.201.242:8084
39.105.201.242:9999
39.106.253.209:8084
39.96.125.213:8084
39.98.48.153:8084
39.98.48.153:8888
39.98.48.153:9999
42.192.203.122:10010
42.192.60.49:8084
43.100.87.224:443
43.128.111.202:8001
43.128.85.19:6677
43.130.69.135:18083
43.134.181.57:8084
43.136.130.177:8084
43.136.42.5:8084
43.136.58.181:9090
43.137.17.160:8084
43.137.2.72:8443
43.138.186.236:8888
43.139.67.72:9090
43.207.90.226:10443
43.207.90.226:7443
43.207.90.226:8443
43.224.227.197:1433
43.251.102.129:8088
43.251.102.129:8089
43.251.102.129:8090
45.125.32.193:2083
45.135.118.214:2086
45.135.118.214:8880
45.144.137.227:2345
45.144.137.235:8084
45.152.65.232:28844
45.152.67.128:8568
45.152.67.129:443
45.221.97.104:8084
45.32.99.90:443
45.63.120.124:443
45.82.252.165:48084
47.100.137.246:8084
47.101.61.246:443
47.103.27.212:5432
47.103.27.212:8083
47.109.158.85:9080
47.109.178.63:8082
47.109.70.18:443
47.109.96.127:18080
47.109.96.127:18088
47.116.23.8:8081
47.116.23.8:9094
47.120.42.92:8085
47.121.130.232:8084
47.121.130.60:10086
47.121.30.118:8082
47.122.125.91:8084
47.122.144.43:8085
47.122.144.43:8091
47.129.128.140:8084
47.243.241.78:60607
47.243.241.78:60608
47.76.108.54:8880
47.76.220.58:56789
47.76.237.133:443
47.82.101.184:8084
47.92.232.28:6379
47.92.232.28:8084
47.94.8.197:8084
47.94.8.197:8090
47.96.175.34:8084
47.97.0.198:8084
47.97.113.146:8084
47.97.46.118:8084
49.232.102.63:10222
49.232.102.63:22322
49.232.236.39:8084
49.232.70.27:49952
49.234.9.184:10000
49.235.159.185:18084
51.79.248.199:8848
52.77.66.67:443
59.110.162.216:10000
59.110.47.206:443
62.182.80.140:8084
62.182.80.147:8084
62.182.80.169:8084
62.234.97.159:8088
64.112.43.97:2082
64.69.34.217:8082
65.49.233.42:3306
66.103.223.68:8082
68.64.176.125:10001
68.64.176.141:443
68.64.176.181:8088
68.64.176.182:8088
74.119.193.253:9200
77.37.44.6:8084
8.130.190.133:8084
8.134.195.179:8084
8.138.101.146:3022
8.140.29.89:8085
8.152.98.250:8088
8.162.1.19:8084
8.212.61.168:8443
8.217.84.95:8084
8.218.211.12:443
8.219.171.47:443
8.219.90.249:8443
8.219.90.249:8848
80.78.28.83:8080
81.69.229.149:8080
82.156.90.23:8084
82.156.90.23:8202
83.229.123.240:61144
83.229.127.87:32417
89.117.94.105:81
91.222.174.12:8084
api.xwphd.com
bkp.windowstimes.me
times.windowstimes.me
windowstimes.me
xwphd.com

# Reference: https://x.com/PrakkiSathwik/status/1986344282987585655
# Reference: https://www.virustotal.com/gui/file/957f160bad1460c537daa17e4cdf970d0843237d86bab225e320e2b61baeb988/detection
# Reference: https://www.virustotal.com/gui/file/78fc3bee89f84994a8de98203ec5bebc58b77efbabce4edac05e21057cd179b2/detection

150.109.111.36:443
150.109.79.52:443
cn-zoom.xyz
logs.cn-zoom.xyz

# Reference: https://x.com/smica83/status/1991901657181917281
# Reference: https://www.virustotal.com/gui/file/3baa4c72dfe055193191dbffe5211298beaac2bde9b770c4f4e0fdcf897f2da6/detection
# Reference: https://www.virustotal.com/gui/file/444837ab41577a1aa7a1c83a150b5e1077db949defec2eb2f7dc79ee4ee1dd71/detection

3.1.83.60:8084

# Reference: https://x.com/smica83/status/1995810046316367992
# Reference: https://www.virustotal.com/gui/file/95682e021447f2a283e03d8d049f3f22e1f83da30dc55c5194f9c655c806decd/detection
# Reference: https://www.virustotal.com/gui/file/a0d18728aa159537e436ef0ffcfe272e4a8fc369980c696b2bbf41fc1390b301/detection

206.206.78.33:8084

# Reference: https://x.com/smica83/status/1998750346047291421
# Reference: https://www.virustotal.com/gui/file/3169b3b83bcb5f3d431ef6f29cee60e3cf16563f29cc41e06de40073555493d1/detection
# Reference: https://www.virustotal.com/gui/file/aaaa6f11a25e03ed15efb244322808b170a2a897439ddec89cd756efa8620e77/detection

72.62.67.46:1223

# Reference: https://x.com/smica83/status/2000531661050556917
# Reference: https://www.virustotal.com/gui/file/2c932711da74536c269c1406fd08ad49c7d26f9033a73036891f9ee188ca4ccb/detection
# Reference: https://www.virustotal.com/gui/file/2ae821deda2e7358bbf62649d51ac607480765f99940cd09aa3af8aa81853509/detection

38.55.205.7:8084

# Reference: https://x.com/smica83/status/2000533012526584056
# Reference: https://www.virustotal.com/gui/file/6ab88eb07b327b5d670aa7bf4d22331923ecf8f0a5706a6520696e237fa78e40/detection
# Reference: https://www.virustotal.com/gui/file/8d519526836d33e4d5dcc05a4bddadfdf581be14e57327b503797f43c9176c51/detection

115.190.200.230:10444

# Reference: https://x.com/smica83/status/2000572443770122674
# Reference: https://www.virustotal.com/gui/file/6fad5a1fb0e65b193ef6920ef8ee7643c5dbcff2add0a7733489c7f573ff6ed8/detection
# Reference: https://www.virustotal.com/gui/file/1a4132ade49283ee4216d1ad635a9071fc351ba8e24f8e5ecf21d790686e3ba4/detection

103.213.244.106:8084

# Reference: https://x.com/smica83/status/2000672095793979829
# Reference: https://www.virustotal.com/gui/file/fd5e230bde21003dee247fcf7d4d62b916bee758a10629e70ffcefaf3562c428/detection
# Reference: https://www.virustotal.com/gui/file/7c6eec0a01fc62fc304431885a8a8bdfee3b957aed9e495254ff0464e6d9970d/detection
# Reference: https://www.virustotal.com/gui/file/a3ae9cd8a6abee30479b200667466b417bbd07d82c94fd032460f9d7720bda2c/detection
# Reference: https://www.virustotal.com/gui/file/a5d7e8e33bf2a38cd78d06816d9f73d083a4c9138c187ae7c6eaba0c817e6866/detection
# Reference: https://www.virustotal.com/gui/file/2f78d70dd46f93e67d0b0000b63370e8ada71502cb6931fce7ddf55d56b3f21d/detection
# Reference: https://www.virustotal.com/gui/file/2653e381b45970910f9d5ea628716991e8c8a9b614d43c2c378bd08a83b349e0/detection

107.173.187.149:61239
176.116.0.96:8084
56.155.141.135:443

# Reference: https://x.com/smica83/status/2001722116551643600
# Reference: https://www.virustotal.com/gui/file/ac0cc8dba4da9a6e5ab2c55f3a470dbe264fe3b04172f12389a9b802606ff3ba/detection

101.43.3.136:8000

# Reference: https://bi-zone.medium.com/adversaries-exploit-cve-2025-55182-to-attack-russian-companies-1b4e98ca5804
# Reference: https://www.virustotal.com/gui/file/4c4feb31d77c43c3f2facb040be3fe30b461b9fdc21f1815bf83b628dc95a416/detection

107.173.89.153:443
107.173.89.153:60051

# Reference: https://x.com/malwrhunterteam/status/2016433241503281459
# Reference: https://www.virustotal.com/gui/file/345f2f3d3cb863c9004504ae89954828057832d32488a278cb88940894a3c562/detection

dnsuptime.dns.army
