mirror of
https://github.com/Gi7w0rm/MalwareConfigLists
synced 2024-06-27 09:28:30 +00:00
48 lines
2.5 KiB
Plaintext
48 lines
2.5 KiB
Plaintext
###################################################################################################
|
|
SmokeLoader C2 URLs:
|
|
|
|
http://host-file-host6.com/
|
|
http://potunulit.org/
|
|
http://firsttrusteedrx.ru/tmp/
|
|
http://kingpirate.ru/tmp/
|
|
|
|
###################################################################################################
|
|
SmokeLoader additional distribution:
|
|
|
|
https://leaderspro.ps/tmp/index.php
|
|
http://hugersi.com/dl/6523.exe
|
|
http://respekt5569.com/downloads/toolspub1.exe
|
|
|
|
|
|
###################################################################################################
|
|
Payloads:
|
|
http://212.113.119.255/file/lega.exe -> Amadey -> C2: http://212.113.119.255/joomla/index.php -> https://bitbucket.org/dushanbepromo/kingsoft/downloads/build_2.exe + https://bbuseruploads.s3.amazonaws.com//fec0945a-edfb-46b3-b675-619ba5fd68dd/downloads/42b2638f-8cab-442d-b8fd-d45b466d087c/build_2.exe ->
|
|
http://s.ss2.us/r.crl SectopRat + RedLine -> C2: http://95.214.27.27:33806/
|
|
|
|
https://fortniteprouniversity.com/wp-content/uploads/Donald2.exe -> https://www.fortniteprouniversity.com/wp-content/uploads/Logs-1.exe -> Unknown Stealer
|
|
|
|
http://colisumy.com/dl/buildz.exe -> DJVU Ransomware C2: http://zexeq.com/raud/get.php + http://colisumy.com/dl/build2.exe + http://zexeq.com/files/1/build3.exe + Vidar Stealer -> DeadDrop: https://steamcommunity.com/profiles/76561199499188534 + https://t.me/nutalse -> C2: sportbike http://95.217.246.227| + sportbike http://116.203.2.149:11111|
|
|
|
|
https://cdn.discordapp.com/attachments/1099285398921945139/1099285673254604810/Lingoaa.exe -> RedLine -> C2: 37.220.87.13:48790
|
|
|
|
|
|
|
|
###################################################################################################
|
|
Old Payloads:
|
|
|
|
http://45.138.74.247/shared/Ruzvelt.exe
|
|
http://45.9.74.80/power.exe
|
|
https://github.com/Abraham3210/bitcoin/releases/download/New/2-1_2023-04-14_08-31.exe
|
|
|
|
###################################################################################################
|
|
Payloads (down/not executed)
|
|
|
|
https://nftsmean.com/run02_2.exe -> Down
|
|
https://cdn.discordapp.com/attachments/1069223617117814787/1069223713129635970/asdasdb.exe
|
|
https://cdn.discordapp.com/attachments/848958130402361345/1099237519037575208/WhiteCrypt.exe
|
|
https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe
|
|
https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe
|
|
https://cdn.discordapp.com/attachments/1082332577060356128/1087147141560012851/635965506.exe
|
|
|
|
|