30 lines
1.3 KiB
Plaintext
30 lines
1.3 KiB
Plaintext
https://github.com/Abraham3210/bitcoin/releases/download/New/2-1_2023-04-14_08-31.exe
|
|
http://45.15.159.174/s.exe
|
|
https://cdn.discordapp.com/attachments/1082332577060356128/1087147141560012851/635965506.exe?raw
|
|
https://cdn.discordapp.com/attachments/1069223617117814787/1069223713129635970/asdasdb.exe
|
|
http://hoh0aeghwugh2gie.com/
|
|
http://45.9.74.80/power.exe
|
|
http://yic0oosaeiy7ahng.com/
|
|
http://aek0aicifaloh1yo.com/
|
|
http://wa5zu7sekai8xeih.com/
|
|
https://nftsmean.com/pro2.exe
|
|
http://hugersi.com/dl/6523.exe
|
|
http://host-file-host6.com/
|
|
http://potunulit.org/
|
|
http://hie7doodohpae4na.com/
|
|
https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe
|
|
https://apnamachine.com/tmp/index.php
|
|
http://colisumy.com/dl/buildz.exe
|
|
https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe
|
|
|
|
|
|
Analyzed:
|
|
https://transfer.sh/get/umExQk/Installer.exe ->
|
|
https://github.com/test93872/demo5/raw/main/plugin_3.dll +
|
|
https://github.com/test93872/demo5/raw/main/plugin_4.dll ->
|
|
XMRig: rx.unmineable.com (cmd: -o rx.unmineable.com:3333 -a rx -k -u RVN:RLsJPUyyYN5HwREgBrsRy6wcz2x3VNKx1s.RIG_CPU -p x --cpu-max-threads-hint=50)
|
|
|
|
https://transfer.sh/get/pQFK0P/telegram74567.exe -> RedLine (C2: 217.182.15.146:7357) Botnet: LogsDiller Cloud (Telegram: @logsdillabot)
|
|
|
|
https://transfer.sh/get/me4bBe/424242.exe -> RedLine (C2: 45.9.74.140:6885)
|