mirror of
https://github.com/Gi7w0rm/MalwareConfigLists
synced 2024-06-16 12:08:59 +00:00
528 lines
8.2 KiB
Plaintext
528 lines
8.2 KiB
Plaintext
207.244.242.177
|
|
mikepedro207yyyxx.ddns.net
|
|
donmikeyyyx.ddns.net
|
|
mikexwormxxxyy.ddns.net
|
|
|
|
66.94.122.207
|
|
mikepedro207yyyxx.ddns.net
|
|
donmikeyyyx.ddns.net
|
|
|
|
207.244.233.229
|
|
donmikeyyyx.ddns.net
|
|
|
|
209.145.55.12
|
|
donmikeyyyx.ddns.net
|
|
|
|
207.244.244.133
|
|
donmikeyyyx.ddns.net
|
|
|
|
207.244.235.47
|
|
donmikeyyyx.ddns.net
|
|
mikludoykxx.ddns.net
|
|
|
|
207.244.236.205
|
|
quasharr.ddns.net
|
|
newtryex.ddns.net
|
|
wormxwar.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
mywormtwon.ddns.net
|
|
spreadrem1.ddnsfree.com
|
|
|
|
|
|
5.189.130.151
|
|
mywarswar.ddnsfree.com
|
|
wormxwar.ddns.net
|
|
quasharr.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
spreadrem1.ddnsfree.com
|
|
|
|
154.53.45.198
|
|
quasharr.ddns.net
|
|
wormxwar.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
spreadrem1.ddnsfree.com
|
|
|
|
66.154.110.53 (Quadranet Global)
|
|
wormxwar.ddns.net
|
|
febnew1.ddns.net
|
|
febnew2.ddns.net
|
|
|
|
209.145.56.157
|
|
retsuportm.ddnsfree.com
|
|
spreadrem1.ddnsfree.com
|
|
wormxwar.ddns.net
|
|
newtryex.ddns.net
|
|
quasharr.ddns.net
|
|
|
|
207.244.236.205
|
|
spreadrem1.ddnsfree.com
|
|
mywormtwon.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
wormxwar.ddns.net
|
|
newtryex.ddns.net
|
|
quasharr.ddns.net
|
|
|
|
154.12.234.207
|
|
quasharr.ddns.net
|
|
fresh12.ddns.net
|
|
wormxwar.ddns.net
|
|
newtryex.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
backupjuly2022.ddns.net
|
|
2ndspreading1.ddns.net
|
|
spreadrem1.ddnsfree.com
|
|
|
|
|
|
154.12.233.76
|
|
quasharr.ddns.net
|
|
asyrwart.ddns.net
|
|
mynewfresh.ddns.net
|
|
freshinxworm.ddns.net
|
|
|
|
154.53.52.101
|
|
mywarswarw.ddns.net
|
|
mynewfresh.ddns.net
|
|
|
|
|
|
|
|
161.97.106.212
|
|
backupjuly2022.ddns.net
|
|
febbit2.ddns.net
|
|
febbit1.ddns.net
|
|
2ndspreading1.ddns.net
|
|
july202022.ddns.net
|
|
fresh12.ddns.net
|
|
|
|
|
|
154.53.32.96
|
|
2ndspreading1.ddns.net
|
|
july202022.ddns.net
|
|
febnew2.ddns.net
|
|
febnew1.ddns.net
|
|
febnew.ddns.net
|
|
backupjuly2022.ddns.net
|
|
fresh12.ddns.net
|
|
febnew3.ddns.net
|
|
febrem1.ddns.net
|
|
febrem.ddns.net
|
|
|
|
142.11.211.90
|
|
2ndspreading1.ddns.net
|
|
july202022.ddns.net
|
|
backupjuly2022.ddns.net
|
|
febnew3.ddns.net
|
|
freshspread.ddnsking.com
|
|
febrem1.ddns.net
|
|
fresh12.ddns.net
|
|
febnew.ddns.net
|
|
febnew3.ddns.net
|
|
febbit1.ddns.net
|
|
febrem.ddns.net
|
|
newwarr.ddns.net
|
|
|
|
209.126.83.213
|
|
newtryex.ddns.net
|
|
febrem1.ddns.net
|
|
fresh12.ddns.net
|
|
2ndspreading1.ddns.net
|
|
retsuportm.ddnsfree.com
|
|
backupjuly2022.ddns.net
|
|
|
|
209.126.77.229
|
|
fresh12.ddns.net
|
|
2ndspreading1.ddns.net
|
|
febrem1.ddns.net
|
|
backupjuly2022.ddns.net
|
|
|
|
|
|
66.94.108.214
|
|
frspeed.ddns.net
|
|
fresh12.ddns.net
|
|
febrem1.ddns.net
|
|
2ndspreading1.ddns.net
|
|
july202022.ddns.net
|
|
febbit2.ddns.net
|
|
febbit1.ddns.net
|
|
backupjuly2022.ddns.net
|
|
|
|
|
|
104.168.190.126
|
|
febbit2.ddns.net
|
|
febrem1.ddns.net
|
|
febrem.ddns.net
|
|
febnew2.ddns.net
|
|
febnew1.ddns.net
|
|
febnew3.ddns.net
|
|
febnew.ddns.net
|
|
febbit1.ddns.net
|
|
|
|
45.133.174.97
|
|
2ndspreading1.ddns.net
|
|
july202022.ddns.net
|
|
febbit1.ddns.net
|
|
fresh12.ddns.net
|
|
backupjuly2022.ddns.net
|
|
|
|
144.126.144.172
|
|
frspeed.ddns.net
|
|
july202022.ddns.net
|
|
backupjuly2022.ddns.net
|
|
2ndspreading1.ddns.net
|
|
febrem1.ddns.net
|
|
|
|
191.101.130.52
|
|
febbit3.ddns.net
|
|
fresh12.ddns.net
|
|
febrem.ddns.net
|
|
newwarr.ddns.net
|
|
febnew3.ddns.net
|
|
febrem1.ddns.net
|
|
|
|
185.157.162.187
|
|
febnew3.ddns.net
|
|
febnew2.ddns.net
|
|
febnew1.ddns.net
|
|
febnew.ddns.net
|
|
|
|
152.89.162.58
|
|
febnew2.ddns.net
|
|
febnew1.ddns.net
|
|
febnew3.ddns.net
|
|
febnew.ddns.net
|
|
|
|
154.12.254.251
|
|
retsuportm.ddnsfree.com
|
|
spreadrem1.ddnsfree.com
|
|
quasharr.ddns.net
|
|
|
|
154.53.55.72
|
|
retsuportm.ddnsfree.com
|
|
spreadrem1.ddnsfree.com
|
|
fresh12.ddns.net
|
|
backupjuly2022.ddns.net
|
|
2ndspreading1.ddns.net
|
|
|
|
87.249.134.92
|
|
fresh12.ddns.net
|
|
|
|
146.70.104.94 (1 day only)
|
|
febnew.ddns.net
|
|
febnew1.ddns.net
|
|
febnew2.ddns.net
|
|
febnew3.ddns.net
|
|
|
|
|
|
66.94.108.243
|
|
febnew.ddns.net
|
|
febnew1.ddns.net
|
|
febnew2.ddns.net
|
|
febbit2.ddns.net
|
|
|
|
89.117.72.232
|
|
quasharr.ddns.net
|
|
freshinxworm.ddns.net
|
|
secoundxwormm.ddns.net
|
|
|
|
89.117.76.67
|
|
quasharr.ddns.net
|
|
|
|
194.163.172.117
|
|
febnew1.ddns.net
|
|
febnew2.ddns.net
|
|
|
|
154.53.63.206
|
|
freshwarsmi.ddns.net
|
|
|
|
209.145.63.57
|
|
Darwin090.gleeze.com
|
|
|
|
46.142.89.251
|
|
quasharr21.ddns.net
|
|
|
|
45.90.222.15
|
|
febnew1.ddns.net
|
|
febnew2.ddns.net
|
|
|
|
|
|
|
|
#### From here, relation is made via stickerpix.co.uk which was used to drop both samples for above and below this line
|
|
|
|
144.126.151.207
|
|
genekol.nsupdate.info
|
|
|
|
185.176.220.169
|
|
genekol.nsupdate.info
|
|
mulla2022.hopto.org
|
|
|
|
185.176.220.29
|
|
genekol.nsupdate.info
|
|
generem.camdvr.org
|
|
harrywlike.ddns.net
|
|
bit100.accesscam.org
|
|
mulla2022.hopto.org
|
|
|
|
154.12.255.13
|
|
genekol.nsupdate.info
|
|
generem.camdvr.org
|
|
harrywlike.ddns.net
|
|
bit100.accesscam.org
|
|
|
|
209.145.61.216
|
|
genekol.nsupdate.info
|
|
harrywlike.ddns.net
|
|
bit100.accesscam.org
|
|
|
|
38.242.134.118
|
|
genekol.nsupdate.info
|
|
generem.camdvr.org
|
|
harrywlike.ddns.net
|
|
|
|
185.176.220.230
|
|
genekol.nsupdate.info
|
|
generem.camdvr.org
|
|
harrywlike.ddns.net
|
|
|
|
94.46.246.39
|
|
genekol.nsupdate.info
|
|
|
|
94.46.246.63
|
|
generem.camdvr.org
|
|
hobbyhrs2.zapto.org
|
|
|
|
20.231.31.0
|
|
generem.camdvr.org
|
|
|
|
94.46.246.38
|
|
harrywlike.ddns.net
|
|
|
|
209.126.84.214
|
|
harrywlike.ddns.net
|
|
genekol.nsupdate.info
|
|
|
|
173.205.93.135
|
|
bit100.accesscam.org
|
|
|
|
192.3.53.69
|
|
bit100.accesscam.org
|
|
|
|
104.168.152.36
|
|
mulla2022.hopto.org
|
|
|
|
208.101.60.87
|
|
centplus1.serveftp.com
|
|
|
|
157.240.12.36
|
|
centplus1.serveftp.com
|
|
|
|
93.46.8.90
|
|
henderson1.camdvr.org
|
|
|
|
46.82.174.69
|
|
henderson1.camdvr.org
|
|
|
|
11.23.33.44
|
|
henderson1.camdvr.org
|
|
|
|
140.228.29.164
|
|
bit100.accesscam.org
|
|
|
|
152.89.162.59
|
|
bit100.accesscam.org
|
|
gene.ddnsgeek.com
|
|
rem16.hopto.org
|
|
rem166.hopto.org
|
|
rem1666.hopto.org
|
|
rem1.camdvr.org
|
|
|
|
37.120.138.200
|
|
bit100.accesscam.org
|
|
rem16.camdvr.org
|
|
www.rem16.camdvr.org
|
|
rem1.camdvr.org
|
|
rem16.hopto.org
|
|
rem166.hopto.org
|
|
rem1666.hopto.org
|
|
sunwap1.ddns.net
|
|
rennelautos.kozow.com
|
|
www.rem16.camdvr.org
|
|
www.rennelautos.kozow.com
|
|
|
|
104.215.112.107
|
|
gene.ddnsgeek.com
|
|
generem1.hopto.org
|
|
hobbyhrs.zapto.org
|
|
rem1.camdvr.org
|
|
henderson.camdvr.org
|
|
rem16.hopto.org
|
|
rem166.hopto.org
|
|
hendersonk.hopto.org
|
|
generem.hopto.org
|
|
|
|
192.236.154.231
|
|
gene.ddnsgeek.com
|
|
hendersonk.hopto.org
|
|
generem.hopto.org
|
|
henderson.camdvr.org
|
|
|
|
37.120.206.175
|
|
rem1.camdvr.org
|
|
rem166.hopto.org
|
|
|
|
107.175.32.198
|
|
rem1.camdvr.org
|
|
sunwap1.ddns.net
|
|
rem16.hopto.org
|
|
rem1666.hopto.org
|
|
|
|
5.181.234.140
|
|
rem1.camdvr.org
|
|
sunwap1.ddns.net
|
|
rem16.hopto.org
|
|
rem166.hopto.org
|
|
rem1666.hopto.org
|
|
|
|
143.244.46.154
|
|
rem1.camdvr.org
|
|
|
|
173.44.50.151
|
|
rem1.camdvr.org
|
|
sunwap1.ddns.net
|
|
|
|
5.181.234.139
|
|
rem1.camdvr.org
|
|
rem16.hopto.org
|
|
rem1666.hopto.org
|
|
sunwap1.ddns.net
|
|
|
|
37.120.138.222
|
|
rem1.camdvr.org
|
|
rem1666.hopto.org
|
|
sunwap1.ddns.net
|
|
rem16.hopto.org
|
|
|
|
217.138.204.41
|
|
rem1.camdvr.org
|
|
|
|
37.120.138.210
|
|
rem1.camdvr.org
|
|
|
|
185.236.203.124
|
|
rem1.camdvr.org
|
|
|
|
152.89.162.33
|
|
rem1.camdvr.org
|
|
|
|
217.64.151.37
|
|
rem1.camdvr.org
|
|
|
|
45.148.17.18
|
|
rem16.hopto.org
|
|
rem166.hopto.org
|
|
|
|
20.110.185.77
|
|
rem16.hopto.org
|
|
hendersonk.hopto.org
|
|
generem.hopto.org
|
|
henderson.camdvr.org
|
|
sunwap1.ddns.net
|
|
rem1666.hopto.org
|
|
rem166.hopto.org
|
|
|
|
94.46.246.30
|
|
hobbyhrs1.zapto.org
|
|
hobbyhrs.zapto.org
|
|
generem1.hopto.org
|
|
|
|
185.244.30.164
|
|
halwachi50.mymediapc.net (very out of time frame... 2020-02-02 for 1 day - but malware history - same pattern. 1 IP, several dyndns )
|
|
rennelautos.kozow.com
|
|
|
|
137.116.73.45
|
|
reneelauto.dynu.net
|
|
|
|
185.244.30.45
|
|
halwachi50.mymediapc.net
|
|
ansrt.duckdns.org
|
|
amechi.duckdns.org
|
|
www.amechi.duckdns.org
|
|
robinmmadi.servehumour.com
|
|
|
|
51.75.155.78
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
|
|
185.140.53.20
|
|
halwachi50.mymediapc.net
|
|
haash.duckdns.org
|
|
judge2020.ddns.net
|
|
believe2021.ddns.net
|
|
accept.ddns.net
|
|
|
|
185.244.30.80
|
|
halwachi50.mymediapc.net
|
|
gefide5.ddns.net
|
|
robinmmadi.servehumour.com
|
|
|
|
194.5.97.119
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
oluwa103.hopto.org
|
|
#joey.daniel2you.com# <- Netwire / NanoCore related
|
|
|
|
185.140.53.145
|
|
halwachi50.mymediapc.net
|
|
remcoss11.ddns.net
|
|
robinmmadi.servehumour.com
|
|
#workstation.homeip.net# <- Loda RAT ( 2021-02, rest is 2020-01 and 2020-05)
|
|
|
|
185.140.53.34
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
ongod2020.ddns.net
|
|
coconuthead.ddns.net
|
|
|
|
45.138.172.161
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
|
|
185.217.1.165
|
|
halwachi50.mymediapc.net
|
|
mmdedi02.freeddns.org
|
|
melvintravels.ddns.net
|
|
robinmmadi.servehumour.com
|
|
|
|
37.120.153.2
|
|
halwachi50.mymediapc.net
|
|
#micahserver.dyndns.org
|
|
#telo1928.ddns.net
|
|
#luphen.ddns.net
|
|
#luphen.redirectme.net
|
|
|
|
185.19.85.142
|
|
halwachi50.mymediapc.net
|
|
tonymario.chickenkiller.com
|
|
robinmmadi.servehumour.com
|
|
tonymaris7342.ddns.net
|
|
www.amariceo.duckdns.org
|
|
amariceo.duckdns.org
|
|
bitendhatung.servebeer.com
|
|
www.fresh22.duckdns.org
|
|
fresh22.duckdns.org
|
|
|
|
185.217.1.163
|
|
halwachi50.mymediapc.net
|
|
419millions.chickenkiller.com
|
|
|
|
194.5.98.41
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
greataggy2.linkpc.net
|
|
chimarem.duckdns.org
|
|
alonso.ydns.eu
|
|
javaautorun.duia.ro
|
|
|
|
185.217.1.148
|
|
halwachi50.mymediapc.net
|
|
robinmmadi.servehumour.com
|
|
mmdedi02.freeddns.org
|