Mirrors
/
Gi7w0rm-MalwareConfigLists
mirror of https://github.com/Gi7w0rm/MalwareConfigLists
10
0
Fork 0
Code Issues Releases Wiki Activity
Gi7w0rm-MalwareConfigLists/SmokeLoader/smoke_out_23_04_2023.txt

48 lines
2.5 KiB
Plaintext
Raw Blame History

###################################################################################################
SmokeLoader C2 URLs:
http://host-file-host6.com/
http://potunulit.org/
http://firsttrusteedrx.ru/tmp/
http://kingpirate.ru/tmp/
###################################################################################################
SmokeLoader additional distribution:
https://leaderspro.ps/tmp/index.php
http://hugersi.com/dl/6523.exe
http://respekt5569.com/downloads/toolspub1.exe
###################################################################################################
Payloads:
http://212.113.119.255/file/lega.exe -> Amadey -> C2: http://212.113.119.255/joomla/index.php -> https://bitbucket.org/dushanbepromo/kingsoft/downloads/build_2.exe + https://bbuseruploads.s3.amazonaws.com//fec0945a-edfb-46b3-b675-619ba5fd68dd/downloads/42b2638f-8cab-442d-b8fd-d45b466d087c/build_2.exe ->
http://s.ss2.us/r.crl SectopRat + RedLine -> C2: http://95.214.27.27:33806/
https://fortniteprouniversity.com/wp-content/uploads/Donald2.exe -> https://www.fortniteprouniversity.com/wp-content/uploads/Logs-1.exe -> Unknown Stealer
http://colisumy.com/dl/buildz.exe -> DJVU Ransomware C2: http://zexeq.com/raud/get.php + http://colisumy.com/dl/build2.exe + http://zexeq.com/files/1/build3.exe + Vidar Stealer -> DeadDrop: https://steamcommunity.com/profiles/76561199499188534 + https://t.me/nutalse -> C2: sportbike http://95.217.246.227| + sportbike http://116.203.2.149:11111|
https://cdn.discordapp.com/attachments/1099285398921945139/1099285673254604810/Lingoaa.exe -> RedLine -> C2: 37.220.87.13:48790
###################################################################################################
Old Payloads:
http://45.138.74.247/shared/Ruzvelt.exe
http://45.9.74.80/power.exe
https://github.com/Abraham3210/bitcoin/releases/download/New/2-1_2023-04-14_08-31.exe
###################################################################################################
Payloads (down/not executed)
https://nftsmean.com/run02_2.exe -> Down
https://cdn.discordapp.com/attachments/1069223617117814787/1069223713129635970/asdasdb.exe
https://cdn.discordapp.com/attachments/848958130402361345/1099237519037575208/WhiteCrypt.exe
https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe
https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe
https://cdn.discordapp.com/attachments/1082332577060356128/1087147141560012851/635965506.exe
Reference in New Issue View Git Blame Copy Permalink