Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- IoC
- Botnet.0.spreader Configuration
- hxxp: //down.mykings.pw: 8888 / my1.html
- hxxp: //down.mykings.pw: 8888 / ups.rar
- hxxp: //down.mykings.pw: 8888 / item. dat
- hxxp: //up.mykings.pw: 8888 / ver.txt
- hxxp: //up.mykings.pw: 8888 / ups.rar
- hxxp: //up.mykings.pw: 8888 / update.txt
- hxxp: // up.mykings.pw:8888/wpdmd5.txt
- hxxp: //up.mykings.pw: 8888 / wpd.dat
- hxxp: //down.f4321y.com: 8888 / kill.html
- hxxp: //down.f4321y.com : 8888 / test.html
- hxxp: //down.f4321y.com: 8888 / ups.rar
- hxxp: //down.f4321y.com
- hxxp: //down.f4321y.com: 8888 / my1.html
- hxxp: // js .f4321y.com: 280 / v.sct
- hxxp: //up.f4321y.com
- hxxp: //up.f4321y.com: 8888 / ver.txt
- hxxp: //up.f4321y.com: 8888 / ups.rar
- hxxp: //up.f4321y.com: 8888 / update.txt
- hxxp: //up.f4321y.com: 8888 / wpdmd5.txt
- hxxp: // up .f4321y.com: 8888 / wpd.dat
- hxxp: //up.f4321y.com: 8888 / ups.rar
- hxxp: //down.b591.com: 8888 / ups.exe
- hxxp: //down.b591.com: 8888 / ups.rar
- hxxp: //down.b591.com: 8888 / test.html
- hxxp: //down.b591.com: 8888 / ups.rar
- hxxp: //down.b591.com: 8888 / ups.exe
- hxxp: //down.b591.com: 8888 / cab.rar
- hxxp: //down.b591.com: 8888 / cacls.rar
- hxxp: //down.b591.com: 8888 / kill.html
- hxxp: // down2 .b591.com: 8888 / ups.rar
- hxxp: //down2.b591.com: 8888 / wpd.dat
- hxxp: //down2.b591.com: 8888 / wpdmd5.txt
- hxxp: //down2.b591.com: 8888 / ver.txt
- hxxp: //dwon.kill1234.com: 280 / cao.exe
- hxxps: //down2.b5w91.com: 8443
- hxxp: //down.mysking.info: 8888 / ok.txt
- hxxp: //23.27.127.254: 8888 /close.bat
- hxxp: //js.mykings.top: 280 / v.sct
- hxxp: //js.mykings.top: 280 / helloworld.msi
- hxxp: //wmi.mykings.top: 8888 / kill.html
- hxxp : //wmi.mykings.top: 8888 / test.html
- hxxp: //209.58.186.145: 8888 / close2.bat
- hxxp: //67.229.144.218: 8888 / update.txt
- hxxp: //67.229.144.218: 8888 / ps.jpg
- hxxp: //67.229.144.218: 8888 / update.txt
- hxxp: //67.229.144.218: 8888 / my1.html
- hxxp: //67.229.144.218: 8888 / ver.txt
- hxxp: //67.229.144.218: 8888 / test.dat
- hxxp: //down.down0116.info -> new
- hxxp: //down.down0116.info/up.rar -> new
- hxxp: //down.down0116.info/down.txt -> new
- fxp: //ftp.ftp0118.info/a.exe -> new
- botnet.-1.mirai
- hxxp: //100.43.155.171: 280 / mirai /
- botnet.1.proxy
- hxxp: //100.43.155.171: 280 / do /
- botnet.2.rat
- hxxp: //67.229.144.218: 8888 / test1.dat
- hxxp: //47.88.216.68: 8888 / test.dat
- hxxp: //47.52.0.176: 8888 / item.dat
- hxxp: //118.190. 50.141: 8888 / test.dat
- botnet.3.miner
- hxxp: //104.37.245.82: 8888 / 32.rar
- fxp: //fxp.oo000oo.me/s.rar
- hxxp: //198.148.80.194: 8888 / 0121.rar -> new
- fxp: //ftp.ftp0118.info/s.rar -> new
- botnet.4.rat
- hxxp: //104.37.245.82: 8888 / nb.dat
- link:
- http://blog.netlab.360.com/mykings-the-botnet-behind-multiple-active-spreading-botnets/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement