API tools faq
paste
Advertisement
MalwareMustDie

#MalwareMustDie! 623 Kelihos IP Address for CLEAN-UPS

MalwareMustDie
Aug 8th, 2013
1,461
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.83 KB | None | 0 0
raw download clone embed print report
  1. // #MalwareMustDie! $ date
  2. // Thu Aug 8 16:40:00 JST 2013
  3. // Current Kelihos payload IP addresses
  4. // Milked & sorted by: @chrisjwilsoncom
  5. // This data is published for the CLEANUP purpose per regions.
  6. // The Graphic statistic of infection is here: http://ge.tt/6CshMJo/v/1
  7. // Latest Update is in http://pastebin.com/raw.php?i=s7q1Yyr3
  8.  
  9. // Firstly the PoC of UP and ALive: (snipped via @unixfreaxjp report)
  10.  
  11. --2013-08-08 15:31:10-- hxxp://117.74.46.13/rasta01.exe
  12. Connecting to 117.74.46.13:80... connected.
  13. HTTP request sent, awaiting response... 200
  14. Length: 1221261 (1.2M) []
  15. Saving to: ‘rasta01.exe.4’
  16. 100%[==============>] 1,221,261 371KB/s in 3.2s
  17. 2013-08-08 15:31:36 (371 KB/s) - ‘rasta01.exe.4’ saved [1221261/1221261]
  18. --2013-08-08 15:31:56-- hxxp://218.110.111.80/rasta01.exe
  19. Connecting to 218.110.111.80:80... connected.
  20. HTTP request sent, awaiting response... 200
  21. Length: 1221261 (1.2M) []
  22. Saving to: ‘rasta01.exe.5’
  23. 100%[==============>] 1,221,261 1.64MB/s in 0.7s
  24. 2013-08-08 15:32:02 (1.64 MB/s) - ‘rasta01.exe.5’ saved [1221261/1221261]
  25. --2013-08-08 15:32:22-- hxxp://111.67.162.60/rasta01.exe
  26. Connecting to 111.67.162.60:80... connected.
  27. HTTP request sent, awaiting response... 200
  28. Length: 1221261 (1.2M) []
  29. Saving to: ‘rasta01.exe.6’
  30. 100%[==============>] 1,221,261 443KB/s in 2.7s
  31. 2013-08-08 15:33:17 (443 KB/s) - ‘rasta01.exe.6’ saved [1221261/1221261]
  32. --2013-08-08 15:33:34-- hxxp://210.148.165.67/rasta01.exe
  33. Connecting to 210.148.165.67:80... connected.
  34. HTTP request sent, awaiting response... 200
  35. Length: 1221261 (1.2M) []
  36. Saving to: ‘rasta01.exe.7’
  37. 100%[==============>] 1,221,261 1.99MB/s in 0.6s
  38. 2013-08-08 15:33:42 (1.99 MB/s) - ‘rasta01.exe.7’ saved [1221261/1221261]
  39. --2013-08-08 15:33:58-- hxxp://114.178.77.6/rasta01.exe
  40. Connecting to 114.178.77.6:80... connected.
  41. HTTP request sent, awaiting response... 200
  42. Length: 1221261 (1.2M) []
  43. Saving to: ‘rasta01.exe.8’
  44. 100%[==============>] 1,221,261 1.05MB/s in 1.1s
  45. 2013-08-08 15:34:04 (1.05 MB/s) - ‘rasta01.exe.8’ saved [1221261/1221261]
  46.  
  47. // Here is the LIST with with the Country, ISP Network Info and ASN
  48.  
  49. 93.78.76.236|Ukraine|VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC|AS25229
  50. 111.254.192.63|Taiwan|HINET Data Communication Business Group|AS3462
  51. 46.250.16.2|Ukraine|BREEZE-NETWORK TOV TRK _Briz_|AS34661
  52. 220.142.123.97|Taiwan|HINET Data Communication Business Group|AS3462
  53. 114.47.161.112|Taiwan|HINET Data Communication Business Group|AS3462
  54. 89.185.30.50|Ukraine|TVCOM-AS TVCOM Ltd.|AS34092
  55. 92.115.198.208|Moldova, Republic of|MOLDTELECOM-AS Moldtelecom SA|AS8926
  56. 114.38.44.145|Taiwan|HINET Data Communication Business Group|AS3462
  57. 188.27.114.74|Romania|RCS-RDS RCS & RDS SA|AS8708
  58. 5.248.25.109|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  59. 124.111.249.204|Korea, Republic of|HANARO-AS Hanaro Telecom Inc.|AS9318
  60. 111.250.108.4|Taiwan|HINET Data Communication Business Group|AS3462
  61. 176.8.203.155|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  62. 31.170.142.105|Ukraine|UA-KICHKAS PE Kotova Alina Volodymyrivna|AS42714
  63. 176.62.100.91|Russian Federation|OMKC-AS Omskie kabelnye seti Ltd.|AS47165
  64. 178.187.50.130|Russian Federation|SIBIRTELECOM-AS OJSC Rostelecom|AS41440
  65. 117.74.46.13|Japan|TDNC Community Network Center Inc.|AS9354
  66. 176.15.193.76|Russian Federation|CORBINA-AS OJSC _Vimpelcom_|AS8402
  67. 61.227.54.135|Taiwan|HINET Data Communication Business Group|AS3462
  68. 46.118.209.230|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  69. 2.134.150.105|Kazakhstan|KAZTELECOM-AS JSC Kazakhtelecom|AS9198
  70. 176.37.121.102|Ukraine|LANETUA-AS Lanet Network Ltd.|AS39608
  71. 123.110.73.214|Taiwan|SEEDNET Digital United Inc.|AS4780
  72. 178.150.55.54|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  73. 109.254.23.233|Ukraine|DEC-AS Donbass Electronic Communications Ltd.|AS20590
  74. 220.133.139.83|Taiwan|HINET Data Communication Business Group|AS3462
  75. 31.133.61.129|Ukraine|TRUBNIKOV-AS FOP Trubnikov Valeriy Muhaylovich|AS52091
  76. 178.171.64.247|Russian Federation|ELIGHT-AS E-Light-Telecom|AS39927
  77. 213.164.250.131|Romania|LGI-UPC Liberty Global Operations B.V.|AS6830
  78. 82.202.79.46|Czech Republic|CDT-AS CD-Telematika a.s.|AS25512
  79. 46.211.77.101|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  80. 31.28.242.233|Ukraine|SEVSTAR Lancom Ltd.|AS35816
  81. 78.30.226.70|Ukraine|SEVSTAR Lancom Ltd.|AS35816
  82. 31.28.255.186|Ukraine|SEVSTAR Lancom Ltd.|AS35816
  83. 195.228.13.160|Hungary|HTC-AS Magyar Telekom plc.|AS5483
  84. 178.74.237.85|Ukraine|EVEREST-AS _Everest_ Broadcasting Company Ltd|AS49223
  85. 46.174.223.81|Ukraine|SIVASH-AS DP BKS-Sivash|AS39248
  86. 94.137.172.44|Georgia|RUSTAVI2ONLINEAS Caucasus Online LLC|AS16010
  87. 46.35.250.181|Ukraine|SEVSTAR Lancom Ltd.|AS35816
  88. 93.185.220.213|Ukraine|TVCOM-ALTAIR-AS TVCOM Ltd.|AS57033
  89. 203.186.42.238|Hong Kong|HKBN-AS-AP Hong Kong Broadband Network Ltd.|AS9269
  90. 69.244.175.93|United States|CMCS - Comcast Cable Communications, Inc.|AS33668
  91. 61.227.160.166|Taiwan|HINET Data Communication Business Group|AS3462
  92. 109.108.233.133|Ukraine|EVEREST-AS _Everest_ Broadcasting Company Ltd|AS49223
  93. 218.110.111.80|Japan|SO-NET So-net Entertainment Corporation|AS2527
  94. 36.230.173.221|Taiwan|HINET Data Communication Business Group|AS3462
  95. 109.229.189.86|Kazakhstan|ASKET-AS LLP Asket|AS51997
  96. 91.228.13.154|Ukraine|WEBNETWORK Individual entrepreneur Dyachenko Valentina Ivanovna|AS57100
  97. 36.239.72.222|Taiwan|HINET Data Communication Business Group|AS3462
  98. 115.245.49.110|India|BSES-AS-AP BSES TeleCom Limited|AS17803
  99. 201.225.70.75|Panama|Cable & Wireless Panama|AS11556
  100. 159.224.81.49|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  101. 95.58.139.116|Kazakhstan|KAZTELECOM-AS JSC Kazakhtelecom|AS9198
  102. 77.121.241.200|Ukraine|VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC|AS25229
  103. 178.137.27.81|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  104. 77.122.0.33|Ukraine|VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC|AS25229
  105. 178.150.244.54|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  106. 178.165.18.207|Ukraine|CITYNET-AS Maxnet Autonomous System|AS34700
  107. 31.42.73.133|Ukraine|VOSTOKLTD VOSTOK Ltd.|AS29688
  108. 77.39.44.182|Russian Federation|STATEL-AS Rostelecom|AS12683
  109. 114.26.6.80|Taiwan|HINET Data Communication Business Group|AS3462
  110. 118.161.170.98|Taiwan|HINET Data Communication Business Group|AS3462
  111. 109.86.83.144|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  112. 37.139.105.6|Ukraine|SEVSTAR Lancom Ltd.|AS35816
  113. 114.43.3.202|Taiwan|HINET Data Communication Business Group|AS3462
  114. 140.115.61.193|Taiwan|NCU-TW National Central University|AS18420
  115. 123.205.26.62|Taiwan|TINP-TW Taiwan Infrastructure Network Technologie|AS18049
  116. 111.249.245.105|Taiwan|HINET Data Communication Business Group|AS3462
  117. 1.172.233.77|Taiwan|HINET Data Communication Business Group|AS3462
  118. 178.137.35.78|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  119. 109.86.21.122|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  120. 109.87.158.196|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  121. 111.240.192.80|Taiwan|HINET Data Communication Business Group|AS3462
  122. 111.240.1.127|Taiwan|HINET Data Communication Business Group|AS3462
  123. 111.67.162.60|Japan|HANSHIN ITEC HANKYU HANSHIN CO.,LTD.|AS7524
  124. 123.241.183.90|Taiwan|SEEDNET Digital United Inc.|AS4780
  125. 91.187.16.110|Belarus|BELINFONET Belinfonet Autonomus System, Minsk, Belarus|AS24827
  126. 91.200.138.241|Ukraine|SIVASH-AS DP BKS-Sivash|AS39248
  127. 46.73.143.231|Russian Federation|TI-AS Net By Net Holding LLC|AS12714
  128. 1.161.167.99|Taiwan|HINET Data Communication Business Group|AS3462
  129. 109.87.75.251|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  130. 109.229.97.3|Russian Federation|TELECOM-NETWORKS-AS OJSC Telecommunication networks|AS49136
  131. 77.70.87.124|Bulgaria|MEGALAN MOBILTEL EAD|AS35141
  132. 109.87.127.68|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  133. 123.195.24.188|Taiwan|TFN-TW Taiwan Fixed Network, Telco and Network Service Provider.|AS9924
  134. 46.254.162.44|Russian Federation|ITNET33 Informatsionnye Tekhnologii LLC|AS50596
  135. 101.63.135.105|India|BSES-AS-AP BSES TeleCom Limited|AS17803
  136. 81.5.115.182|Russian Federation|MIPT-NET Non state educational institution _Educational Scientific and Experimental Center of Moscow Institute of Physics and Technology_|AS25100
  137. 114.39.53.154|Taiwan|HINET Data Communication Business Group|AS3462
  138. 109.200.236.242|Ukraine|BREEZE-NETWORK TOV TRK _Briz_|AS34661
  139. 178.137.218.33|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  140. 46.161.128.108|Russian Federation|NEWTELESYSTEMS New Telesystems - TV, Ltd.|AS31036
  141. 117.197.230.88|India|BSNL-NIB National Internet Backbone|AS9829
  142. 2.180.38.203|Iran, Islamic Republic of|TIC-AS Telecommunication Infrastructure Company|AS48159
  143. 111.184.33.70|Taiwan|MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc.|AS9416
  144. 109.202.38.208|Russian Federation|KAMENSKTEL-AS CJSC Radiotelephone AS|AS39812
  145. 124.8.128.27|Taiwan|TFN-TW Taiwan Fixed Network, Telco and Network Service Provider.|AS9924
  146. 46.161.173.55|Russian Federation|NEWTELESYSTEMS New Telesystems - TV, Ltd.|AS31036
  147. 217.25.225.80|Russian Federation|IC-VORONEZH-AS IC-VORONEZH|AS6856
  148. 109.162.94.114|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  149. 114.40.76.212|Taiwan|HINET Data Communication Business Group|AS3462
  150. 176.74.95.3|Georgia|EGRISI-AS Egrisi JSC.|AS34797
  151. 195.114.149.69|Ukraine|DATAGROUP PRIVATE JOINT STOCK COMPANY _DATAGROUP_|AS21219
  152. 46.162.219.0|Armenia|ORG-UL31-RIPE UCOM LLC|AS44395
  153. 91.196.61.56|Ukraine|ARHAT-AS PE Bondar TN|AS50204
  154. 37.221.142.107|Ukraine|ABUA-AS LLC AB Ukraine|AS43266
  155. 95.81.94.166|Iran, Islamic Republic of|HAMARA-AS Hamara System Tabriz Engineering Company|AS47262
  156. 109.191.25.23|Russian Federation|INTERSVYAZ-AS Intersvyaz-2 JSC|AS8369
  157. 89.151.154.187|Russian Federation|RU-CHTTS OJSC Rostelecom|AS43468
  158. 109.122.48.79|Ukraine|MEGASTYLE MegaStyle-Service|AS12872
  159. 114.40.143.213|Taiwan|HINET Data Communication Business Group|AS3462
  160. 175.181.219.235|Taiwan|SEEDNET Digital United Inc.|AS4780
  161. 176.74.96.132|Georgia|EGRISI-AS Egrisi JSC.|AS34797
  162. 180.215.33.65|India|MTS-INDIA-IN 334,Udyog Vihar|AS131222
  163. 111.251.194.114|Taiwan|HINET Data Communication Business Group|AS3462
  164. 114.45.224.193|Taiwan|HINET Data Communication Business Group|AS3462
  165. 188.27.168.54|Romania|RCS-RDS RCS & RDS SA|AS8708
  166. 213.111.209.237|Ukraine|MAINSTREAM-AS PP MainStream|AS44924
  167. 5.187.45.114|Russian Federation|LOGOS-AS CJSC _Digital network _Logos_|AS199096
  168. 114.40.103.158|Taiwan|HINET Data Communication Business Group|AS3462
  169. 109.227.97.51|Ukraine|MCLAUT-AS LLC _McLaut-Invest_|AS25133
  170. 178.90.24.46|Kazakhstan|KAZTELECOM-AS JSC Kazakhtelecom|AS9198
  171. 178.150.159.117|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  172. 46.191.189.144|Russian Federation|UBN-AS OJSC _Ufanet_|AS24955
  173. 46.98.71.3|Ukraine|FREGAT-AS ISP _Fregat_ Ltd.|AS15377
  174. 190.208.139.17|Chile|Telmex Servicios Empresariales S.A.|AS6535
  175. 46.50.249.85|Russian Federation|ZSTTKAS JSC _Zap-Sib TransTeleCom_, Novosibirsk|AS21127
  176. 111.255.130.13|Taiwan|HINET Data Communication Business Group|AS3462
  177. 46.118.69.179|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  178. 114.44.52.111|Taiwan|HINET Data Communication Business Group|AS3462
  179. 93.79.70.247|Ukraine|VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC|AS25229
  180. 32.64.90.108|United States|WORLDNET5-10 - AT&T WorldNet|AS8030
  181. 5.152.214.150|United Kingdom|REDSTATION Redstation Limited|AS35662
  182. 93.77.68.168|Ukraine|VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC|AS25229
  183. 190.108.29.37|Uruguay|Tecnowind S.A.|AS20255
  184. 61.70.69.158|Taiwan|MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc.|AS9416
  185. 78.159.37.171|Ukraine|FREENET-AS Freenet Ltd.|AS31148
  186. 122.118.138.173|Taiwan|HINET Data Communication Business Group|AS3462
  187. 37.229.224.61|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  188. 109.251.181.44|Ukraine|FREENET-AS Freenet Ltd.|AS31148
  189. 46.211.106.199|Ukraine|KSNET-AS _Kyivstar_ PJSC|AS15895
  190. 94.28.220.157|Russian Federation|AS_TULATEL OJSC Rostelecom|AS8675
  191. 210.148.165.67|Japan|IIJ Internet Initiative Japan Inc.|AS2497
  192. 115.187.49.219|India|ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd.|AS23860
  193. 36.238.229.56|Taiwan|HINET Data Communication Business Group|AS3462
  194. 5.164.21.197|Russian Federation|TULA-AS CJSC _ER-Telecom Holding_|AS52207
  195. 119.15.220.69|Taiwan|MONAD-TW-AP Monad Digitnamic Corp.|AS17809
  196. 220.138.252.195|Taiwan|HINET Data Communication Business Group|AS3462
  197. 114.42.72.197|Taiwan|HINET Data Communication Business Group|AS3462
  198. 218.166.194.88|Taiwan|HINET Data Communication Business Group|AS3462
  199. 36.226.117.81|Taiwan|HINET Data Communication Business Group|AS3462
  200. 218.166.2.199|Taiwan|HINET Data Communication Business Group|AS3462
  201. 109.87.12.75|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  202. 176.37.191.24|Ukraine|LANETUA-AS Lanet Network Ltd.|AS39608
  203. 219.68.163.80|Taiwan|MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc.|AS9416
  204. 178.204.101.65|Russian Federation|TATTELECOM-AS OJSC _OAO TATTELECOM_|AS28840
  205. 114.178.77.6|Japan|OCN NTT Communications Corporation|AS4713
  206. 1.163.56.51|Taiwan|HINET Data Communication Business Group|AS3462
  207. 109.87.133.37|Ukraine|BANKINFORM-AS TOV _Bank-Inform_|AS13188
  208. 109.197.146.200|Russian Federation|ARS-AS Arctic Region Svyaz OJSC|AS50639
  209. 212.76.20.26|Kazakhstan|2DAY Telecom LLP|AS13082
  210.  
  211. #MalwareMustDie!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!