http://potunulit.org/
https://apnamachine.com/tmp/index.php
http://aek0aicifaloh1yo.com/
http://wa5zu7sekai8xeih.com/
http://respekt5567.com/downloads/toolspub1.exe
https://github.com/Abraham3210/bitcoin/releases/download/New/2-1_2023-04-14_08-31.exe

https://bayfiles.com/v1HbA7q9zf/OriginalBuild_exe -> Raccoon Stealer -> C2: http://94.142.138.32

https://transfer.sh/get/25CBdR/moscow_exchang.exe


http://172.86.123.224:8000/builds

http://45.15.159.174/s.exe

https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe

http://hugersi.com/dl/6523.exe

https://transfer.sh/get/I2A8JJ/123.exe -> RedLine (C2: 45.9.74.40:10814)

http://45.9.74.80/power.exe
https://cdn.discordapp.com/attachments/1069223617117814787/1069223713129635970/asdasdb.exe
https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe

http://140.99.221.199/sp1.exe

http://77.73.131.239/s.exe

https://transfer.sh/RmnLYw/crypted%20%282%29.exe

http://hoh0aeghwugh2gie.com/

http://158.101.155.92/koIWDRc.exe

http://yic0oosaeiy7ahng.com/

https://transfer.sh/get/Vz6kII/43252345.exe -> Vidar -> 
DeadDrops: https://steamcommunity.com/profiles/76561198272578552 + https://t.me/libpcre -> C2: http://116.202.1.79:9100 + http://195.201.47.75 + Smth targeting YouTube/ Google Accounts

http://193.109.85.183/btc.exe

https://transfer.sh/7zzgaI/testing.exe -> Noisy! Check later -> https://tria.ge/230513-lqq4hsfh95/behavioral2
Loads: https://transfer.sh/get/pbxx5A/tst2.exe

http://colisumy.com/dl/buildz.exe
http://hie7doodohpae4na.com/

https://nftsmean.com/pro2.exe

http://host-file-host6.com/

https://cdn.discordapp.com/attachments/1082332577060356128/1087147141560012851/635965506.exe?raw

http://209.250.254.249:3002/ -> RedLine (LogsDiller Cloud (Telegram: @logsdillabot)) -> 178.33.182.70:18918

http://138.3.213.192/RKiDaNx.exe -> SectopRat: DNS YqWrYpnLbcsrnl.YqWrYpnLbcsrnl -> C2: 89.248.165.23:5865

https://transfer.sh/get/gEdWaA/maloy.exe -> Telegram Loader : /bot6188685234:AAFOQPOXVhq-YWcA-zGt9fPBpbCYZB9Qf6Q/sendMessage?chat_id=5705203982&text=%0D%0A%F0%9F%94%8A%20*NEW%20EXECUTION*%0D%0A1%EF%B8%8F%E2%83%A3%20User%20=%20Admin%0D%0A2%EF%B8%8F%E2%83%A3%20Date%20UTC%20=%205/13/2023%2011:46:50%20AM%0D%0A3%EF%B8%8F%E2%83%A3%20File%20=%20maloy.exe%0D%0A -> Loads PNG: http://77.91.77.6/loads/Smnnqs.png