Create association_IPs_Domains.txt

2023-09-07 00:17:02 +02:00 · 2023-09-07 00:17:02 +02:00 · 1f0f518593
parent cdaccb2b5d
commit 1f0f518593
1 changed files with 527 additions and 0 deletions
--- a/DDGroup/association_IPs_Domains.txt
+++ b/DDGroup/association_IPs_Domains.txt
@ -0,0 +1,527 @@
+207.244.242.177
+mikepedro207yyyxx.ddns.net
+donmikeyyyx.ddns.net
+mikexwormxxxyy.ddns.net
+
+66.94.122.207
+mikepedro207yyyxx.ddns.net
+donmikeyyyx.ddns.net
+
+207.244.233.229
+donmikeyyyx.ddns.net
+
+209.145.55.12
+donmikeyyyx.ddns.net
+
+207.244.244.133
+donmikeyyyx.ddns.net
+
+207.244.235.47
+donmikeyyyx.ddns.net
+mikludoykxx.ddns.net
+
+207.244.236.205   
+quasharr.ddns.net  
+newtryex.ddns.net  
+wormxwar.ddns.net  
+retsuportm.ddnsfree.com  
+mywormtwon.ddns.net  
+spreadrem1.ddnsfree.com  
+  
+
+5.189.130.151 
+mywarswar.ddnsfree.com
+wormxwar.ddns.net
+quasharr.ddns.net
+retsuportm.ddnsfree.com
+spreadrem1.ddnsfree.com
+
+154.53.45.198
+quasharr.ddns.net
+wormxwar.ddns.net
+retsuportm.ddnsfree.com
+spreadrem1.ddnsfree.com
+
+66.154.110.53 (Quadranet Global)
+wormxwar.ddns.net
+febnew1.ddns.net
+febnew2.ddns.net
+
+209.145.56.157
+retsuportm.ddnsfree.com
+spreadrem1.ddnsfree.com
+wormxwar.ddns.net
+newtryex.ddns.net
+quasharr.ddns.net
+
+207.244.236.205
+spreadrem1.ddnsfree.com
+mywormtwon.ddns.net
+retsuportm.ddnsfree.com
+wormxwar.ddns.net
+newtryex.ddns.net
+quasharr.ddns.net
+
+154.12.234.207
+quasharr.ddns.net
+fresh12.ddns.net
+wormxwar.ddns.net   
+newtryex.ddns.net  
+retsuportm.ddnsfree.com  
+backupjuly2022.ddns.net  
+2ndspreading1.ddns.net  
+spreadrem1.ddnsfree.com  
+
+
+154.12.233.76
+quasharr.ddns.net
+asyrwart.ddns.net
+mynewfresh.ddns.net
+freshinxworm.ddns.net
+
+154.53.52.101
+mywarswarw.ddns.net
+mynewfresh.ddns.net
+
+
+
+161.97.106.212
+backupjuly2022.ddns.net
+febbit2.ddns.net
+febbit1.ddns.net
+2ndspreading1.ddns.net
+july202022.ddns.net
+fresh12.ddns.net
+
+
+154.53.32.96
+2ndspreading1.ddns.net
+july202022.ddns.net
+febnew2.ddns.net
+febnew1.ddns.net
+febnew.ddns.net
+backupjuly2022.ddns.net
+fresh12.ddns.net
+febnew3.ddns.net
+febrem1.ddns.net
+febrem.ddns.net
+
+142.11.211.90
+2ndspreading1.ddns.net
+july202022.ddns.net
+backupjuly2022.ddns.net
+febnew3.ddns.net
+freshspread.ddnsking.com
+febrem1.ddns.net
+fresh12.ddns.net
+febnew.ddns.net 
+febnew3.ddns.net
+febbit1.ddns.net
+febrem.ddns.net
+newwarr.ddns.net
+
+209.126.83.213
+newtryex.ddns.net
+febrem1.ddns.net
+fresh12.ddns.net
+2ndspreading1.ddns.net
+retsuportm.ddnsfree.com
+backupjuly2022.ddns.net
+
+209.126.77.229
+fresh12.ddns.net 
+2ndspreading1.ddns.net 
+febrem1.ddns.net
+backupjuly2022.ddns.net 
+
+
+66.94.108.214
+frspeed.ddns.net
+fresh12.ddns.net
+febrem1.ddns.net
+2ndspreading1.ddns.net
+july202022.ddns.net
+febbit2.ddns.net
+febbit1.ddns.net
+backupjuly2022.ddns.net
+
+
+104.168.190.126
+febbit2.ddns.net
+febrem1.ddns.net
+febrem.ddns.net
+febnew2.ddns.net
+febnew1.ddns.net
+febnew3.ddns.net
+febnew.ddns.net
+febbit1.ddns.net
+
+45.133.174.97
+2ndspreading1.ddns.net
+july202022.ddns.net 
+febbit1.ddns.net 
+fresh12.ddns.net
+backupjuly2022.ddns.net
+
+144.126.144.172
+frspeed.ddns.net 
+july202022.ddns.net 
+backupjuly2022.ddns.net
+2ndspreading1.ddns.net
+febrem1.ddns.net
+
+191.101.130.52
+febbit3.ddns.net
+fresh12.ddns.net
+febrem.ddns.net
+newwarr.ddns.net
+febnew3.ddns.net
+febrem1.ddns.net
+
+185.157.162.187
+febnew3.ddns.net
+febnew2.ddns.net
+febnew1.ddns.net
+febnew.ddns.net
+
+152.89.162.58
+febnew2.ddns.net
+febnew1.ddns.net
+febnew3.ddns.net
+febnew.ddns.net
+
+154.12.254.251
+retsuportm.ddnsfree.com
+spreadrem1.ddnsfree.com
+quasharr.ddns.net
+
+154.53.55.72
+retsuportm.ddnsfree.com
+spreadrem1.ddnsfree.com
+fresh12.ddns.net
+backupjuly2022.ddns.net
+2ndspreading1.ddns.net
+
+87.249.134.92
+fresh12.ddns.net
+
+146.70.104.94 (1 day only)
+febnew.ddns.net
+febnew1.ddns.net
+febnew2.ddns.net 
+febnew3.ddns.net 
+
+
+66.94.108.243
+febnew.ddns.net 
+febnew1.ddns.net
+febnew2.ddns.net 
+febbit2.ddns.net 
+
+89.117.72.232 
+quasharr.ddns.net
+freshinxworm.ddns.net 
+secoundxwormm.ddns.net 
+
+89.117.76.67
+quasharr.ddns.net
+
+194.163.172.117 
+febnew1.ddns.net 
+febnew2.ddns.net
+
+154.53.63.206
+freshwarsmi.ddns.net
+
+209.145.63.57
+Darwin090.gleeze.com
+
+46.142.89.251
+quasharr21.ddns.net
+
+45.90.222.15
+febnew1.ddns.net
+febnew2.ddns.net
+
+
+
+#### From here, relation is made via stickerpix.co.uk which was used to drop both samples for above and below this line
+
+144.126.151.207
+genekol.nsupdate.info
+
+185.176.220.169
+genekol.nsupdate.info
+mulla2022.hopto.org
+
+185.176.220.29
+genekol.nsupdate.info
+generem.camdvr.org
+harrywlike.ddns.net
+bit100.accesscam.org
+mulla2022.hopto.org
+
+154.12.255.13
+genekol.nsupdate.info
+generem.camdvr.org
+harrywlike.ddns.net
+bit100.accesscam.org 
+
+209.145.61.216
+genekol.nsupdate.info
+harrywlike.ddns.net
+bit100.accesscam.org
+
+38.242.134.118
+genekol.nsupdate.info
+generem.camdvr.org 
+harrywlike.ddns.net 
+
+185.176.220.230
+genekol.nsupdate.info
+generem.camdvr.org
+harrywlike.ddns.net
+
+94.46.246.39
+genekol.nsupdate.info
+
+94.46.246.63
+generem.camdvr.org
+hobbyhrs2.zapto.org
+
+20.231.31.0
+generem.camdvr.org
+
+94.46.246.38
+harrywlike.ddns.net
+
+209.126.84.214
+harrywlike.ddns.net
+genekol.nsupdate.info
+
+173.205.93.135
+bit100.accesscam.org
+
+192.3.53.69
+bit100.accesscam.org
+
+104.168.152.36
+mulla2022.hopto.org
+
+208.101.60.87
+centplus1.serveftp.com
+
+157.240.12.36
+centplus1.serveftp.com
+
+93.46.8.90
+henderson1.camdvr.org
+
+46.82.174.69
+henderson1.camdvr.org
+
+11.23.33.44
+henderson1.camdvr.org
+
+140.228.29.164
+bit100.accesscam.org
+
+152.89.162.59
+bit100.accesscam.org
+gene.ddnsgeek.com
+rem16.hopto.org
+rem166.hopto.org
+rem1666.hopto.org
+rem1.camdvr.org
+
+37.120.138.200
+bit100.accesscam.org
+rem16.camdvr.org
+www.rem16.camdvr.org 
+rem1.camdvr.org 
+rem16.hopto.org
+rem166.hopto.org
+rem1666.hopto.org
+sunwap1.ddns.net
+rennelautos.kozow.com
+www.rem16.camdvr.org
+www.rennelautos.kozow.com
+
+104.215.112.107
+gene.ddnsgeek.com 
+generem1.hopto.org
+hobbyhrs.zapto.org
+rem1.camdvr.org
+henderson.camdvr.org
+rem16.hopto.org
+rem166.hopto.org
+hendersonk.hopto.org
+generem.hopto.org
+
+192.236.154.231
+gene.ddnsgeek.com 
+hendersonk.hopto.org
+generem.hopto.org
+henderson.camdvr.org
+
+37.120.206.175
+rem1.camdvr.org
+rem166.hopto.org
+
+107.175.32.198
+rem1.camdvr.org
+sunwap1.ddns.net
+rem16.hopto.org
+rem1666.hopto.org
+
+5.181.234.140
+rem1.camdvr.org
+sunwap1.ddns.net
+rem16.hopto.org
+rem166.hopto.org
+rem1666.hopto.org
+
+143.244.46.154
+rem1.camdvr.org
+
+173.44.50.151
+rem1.camdvr.org
+sunwap1.ddns.net
+
+5.181.234.139
+rem1.camdvr.org
+rem16.hopto.org
+rem1666.hopto.org
+sunwap1.ddns.net
+
+37.120.138.222
+rem1.camdvr.org
+rem1666.hopto.org
+sunwap1.ddns.net
+rem16.hopto.org
+
+217.138.204.41
+rem1.camdvr.org
+
+37.120.138.210
+rem1.camdvr.org
+
+185.236.203.124
+rem1.camdvr.org
+
+152.89.162.33
+rem1.camdvr.org
+
+217.64.151.37
+rem1.camdvr.org
+
+45.148.17.18
+rem16.hopto.org
+rem166.hopto.org
+
+20.110.185.77
+rem16.hopto.org
+hendersonk.hopto.org 
+generem.hopto.org
+henderson.camdvr.org
+sunwap1.ddns.net
+rem1666.hopto.org
+rem166.hopto.org
+
+94.46.246.30
+hobbyhrs1.zapto.org
+hobbyhrs.zapto.org
+generem1.hopto.org
+
+185.244.30.164
+halwachi50.mymediapc.net (very out of time frame... 2020-02-02 for 1 day - but malware history - same pattern. 1 IP, several dyndns )
+rennelautos.kozow.com
+
+137.116.73.45
+reneelauto.dynu.net
+
+185.244.30.45
+halwachi50.mymediapc.net
+ansrt.duckdns.org
+amechi.duckdns.org
+www.amechi.duckdns.org
+robinmmadi.servehumour.com
+
+51.75.155.78
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com
+
+185.140.53.20 
+halwachi50.mymediapc.net
+haash.duckdns.org
+judge2020.ddns.net
+believe2021.ddns.net
+accept.ddns.net
+
+185.244.30.80
+halwachi50.mymediapc.net
+gefide5.ddns.net
+robinmmadi.servehumour.com
+
+194.5.97.119
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com 
+oluwa103.hopto.org
+#joey.daniel2you.com# <- Netwire / NanoCore related
+
+185.140.53.145
+halwachi50.mymediapc.net
+remcoss11.ddns.net
+robinmmadi.servehumour.com
+#workstation.homeip.net# <- Loda RAT ( 2021-02, rest is 2020-01 and 2020-05)
+
+185.140.53.34
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com 
+ongod2020.ddns.net 
+coconuthead.ddns.net
+
+45.138.172.161 
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com
+
+185.217.1.165
+halwachi50.mymediapc.net
+mmdedi02.freeddns.org
+melvintravels.ddns.net
+robinmmadi.servehumour.com
+
+37.120.153.2
+halwachi50.mymediapc.net
+#micahserver.dyndns.org
+#telo1928.ddns.net
+#luphen.ddns.net
+#luphen.redirectme.net 
+
+185.19.85.142
+halwachi50.mymediapc.net
+tonymario.chickenkiller.com
+robinmmadi.servehumour.com
+tonymaris7342.ddns.net
+www.amariceo.duckdns.org
+amariceo.duckdns.org
+bitendhatung.servebeer.com (
+www.fresh22.duckdns.org 
+fresh22.duckdns.org 
+
+185.217.1.163
+halwachi50.mymediapc.net
+419millions.chickenkiller.com 
+
+194.5.98.41
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com
+greataggy2.linkpc.net
+chimarem.duckdns.org 
+alonso.ydns.eu
+javaautorun.duia.ro
+
+185.217.1.148
+halwachi50.mymediapc.net
+robinmmadi.servehumour.com
+mmdedi02.freeddns.org