Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Emotet C2 Deltas from 2021/01/25 as of 08:00EST or 13:00UTC ##
- ```
- Notes:
- C2 update today first thing basically. Timestamps on DLLs all backdated to
- These changes on distro are what we saw yesterday(Sunday) for bots on E2/E3.
- E1 is the only true delta here from last nights report and these are all the
- latest T1 C2 IPs right now.
- C2 Deltas:
- E1 now 93 combos, -2.
- E2 now 102 combos, nil.
- E3 now 81 combos, -4.
- ---
- ```
- ### Epoch 1 ###
- ```
- 84.232.229.24:80
- 51.255.203.164:8080
- 217.160.169.110:8080
- 185.183.16.47:80
- 190.45.24.210:80
- 187.162.248.237:80
- 93.146.143.191:80
- 185.94.252.27:443
- 143.0.85.206:7080
- 80.15.100.37:80
- 85.105.239.184:443
- 94.176.234.118:443
- 62.84.75.50:80
- 137.74.106.111:7080
- 172.104.169.32:8080
- 46.105.114.137:8080
- 94.126.8.1:80
- 78.206.229.130:80
- 93.149.120.214:80
- 192.175.111.212:7080
- 80.249.176.206:80
- 181.10.46.92:80
- 190.24.243.186:80
- 191.223.36.170:80
- 177.23.7.151:80
- 154.127.113.242:80
- 51.255.165.160:8080
- 87.106.46.107:8080
- 85.214.26.7:8080
- 190.247.139.101:80
- 46.101.58.37:8080
- 201.185.69.28:443
- 46.43.2.95:8080
- 82.208.146.142:7080
- 110.39.160.38:443
- 186.177.174.163:80
- 51.38.124.206:80
- 81.4.105.175:8080
- 209.33.120.130:80
- 172.245.248.239:8080
- 45.16.226.117:443
- 104.130.154.83:7080
- 217.13.106.14:8080
- 94.23.45.86:7080
- 152.169.22.67:80
- 12.162.84.2:8080
- 201.48.121.65:443
- 81.17.93.134:80
- 81.215.230.173:443
- 60.93.23.51:80
- 122.201.23.45:443
- 31.27.59.105:80
- 105.209.235.113:8080
- 197.232.36.108:80
- 91.233.197.70:80
- 87.106.253.248:8080
- 138.97.60.141:7080
- 152.170.79.100:80
- 190.251.216.100:80
- 177.85.167.10:80
- 212.71.237.140:8080
- 82.48.39.246:80
- 213.52.74.198:80
- 116.125.120.88:443
- 81.214.253.80:443
- 149.62.173.247:8080
- 152.231.89.226:80
- 206.189.232.2:8080
- 181.30.61.163:443
- 1.226.84.243:8080
- 191.241.233.198:80
- 109.101.137.162:8080
- 110.39.162.2:443
- 167.71.148.58:443
- 5.196.35.138:7080
- 190.64.88.186:443
- 200.75.39.254:80
- 138.97.60.140:8080
- 170.81.48.2:80
- 70.32.115.157:8080
- 104.131.41.185:8080
- 190.162.232.138:80
- 188.135.15.49:80
- 95.76.153.115:80
- 188.225.32.231:7080
- 12.163.208.58:80
- 50.28.51.143:8080
- 202.134.4.210:7080
- 190.210.246.253:80
- 149.202.72.142:7080
- 138.197.99.250:8080
- 68.183.190.199:8080
- 211.215.18.93:8080
- Old count: 95
- New count: 93
- Dropped:
- 51.15.7.145:80
- 190.114.254.163:8080
- 192.232.229.53:4143
- 111.67.12.221:8080
- 68.183.170.114:8080
- 70.32.84.74:8080
- 178.211.45.66:8080
- 83.169.21.32:7080
- 178.250.54.208:8080
- 209.236.123.42:8080
- Added:
- 94.126.8.1:80
- 51.38.124.206:80
- 81.4.105.175:8080
- 104.130.154.83:7080
- 94.23.45.86:7080
- 87.106.253.248:8080
- 116.125.120.88:443
- 149.62.173.247:8080
- ---
- ```
- #### Epoch 1 - Spam C2s ####
- ```
- 165.22.93.5:8080
- 128.199.220.70:8080
- 54.38.143.246:7080
- 5.56.132.177:8080
- 54.36.185.63:80
- ```
- #### Epoch 1 - Stealer C2s ####
- ```
- 37.187.195.209:443
- 167.71.4.0:8080
- 165.22.246.219:8080
- 88.217.172.165:8080
- 162.144.212.120:8080
- ```
- ### Epoch 2 ###
- ```
- 69.38.130.14:80
- 195.159.28.230:8080
- 162.241.204.233:8080
- 181.165.68.127:80
- 49.205.182.134:80
- 190.251.200.206:80
- 139.59.60.244:8080
- 119.59.116.21:8080
- 89.216.122.92:80
- 185.94.252.104:443
- 70.92.118.112:80
- 78.24.219.147:8080
- 173.70.61.180:80
- 87.106.139.101:8080
- 66.57.108.14:443
- 24.179.13.119:80
- 121.124.124.40:7080
- 61.19.246.238:443
- 200.116.145.225:443
- 93.146.48.84:80
- 188.219.31.12:80
- 78.188.225.105:80
- 144.217.7.207:7080
- 167.114.153.111:8080
- 157.245.99.39:8080
- 50.116.111.59:8080
- 109.116.245.80:80
- 79.130.130.240:8080
- 168.235.67.138:7080
- 70.183.211.3:80
- 85.105.205.77:8080
- 74.208.45.104:8080
- 12.175.220.98:80
- 104.131.11.150:443
- 41.185.28.84:8080
- 217.20.166.178:7080
- 202.134.4.216:8080
- 138.68.87.218:443
- 123.176.25.234:80
- 75.113.193.72:80
- 74.128.121.17:80
- 172.125.40.123:80
- 180.222.161.85:80
- 139.162.60.124:8080
- 89.106.251.163:80
- 190.240.194.77:443
- 115.94.207.99:443
- 37.187.72.193:8080
- 190.103.228.24:80
- 24.231.88.85:80
- 172.105.13.66:443
- 120.150.60.189:80
- 220.245.198.194:80
- 69.49.88.46:80
- 187.161.206.24:80
- 115.21.224.117:80
- 174.118.202.24:443
- 120.150.218.241:443
- 110.145.101.66:443
- 108.53.88.101:443
- 37.139.21.175:8080
- 176.111.60.55:8080
- 79.137.83.50:443
- 59.21.235.119:80
- 74.58.215.226:80
- 136.244.110.184:8080
- 71.72.196.159:80
- 5.39.91.110:7080
- 188.165.214.98:8080
- 85.105.111.166:80
- 95.9.5.93:80
- 109.74.5.95:8080
- 202.134.4.211:8080
- 110.145.11.73:80
- 134.209.144.106:443
- 2.58.16.89:8080
- 95.213.236.64:8080
- 24.178.90.49:80
- 194.190.67.75:80
- 186.74.215.34:80
- 98.109.133.80:80
- 161.0.153.60:80
- 181.171.209.241:443
- 75.177.207.146:80
- 194.4.58.192:7080
- 172.104.97.173:8080
- 78.189.148.42:80
- 51.89.36.180:443
- 24.69.65.8:8080
- 50.91.114.38:80
- 197.211.245.21:80
- 46.105.131.79:8080
- 185.201.9.197:8080
- 203.153.216.189:7080
- 78.182.254.231:80
- 110.142.236.207:80
- 118.83.154.64:443
- 24.164.79.147:8080
- 74.40.205.197:443
- 75.109.111.18:80
- 62.75.141.82:80
- 172.86.188.251:8080
- Old count: 105
- New count: 102
- Dropped:
- 139.99.158.11:443
- 62.171.142.179:8080
- 94.23.237.171:443
- Added:
- nil
- ---
- ```
- #### Epoch 2 - Spam C2s ####
- ```
- 165.227.170.254:7080
- 195.181.215.65:8080
- 167.114.122.37:80
- 137.74.119.116:8080
- 51.38.237.230:8080
- 219.94.242.134:8080
- 217.160.19.232:8080
- 95.215.46.191:8080
- ```
- #### Epoch 2 - Stealer C2s ####
- ```
- 167.99.105.11:8080
- 51.255.40.241:443
- 78.47.87.196:8080
- 159.65.222.75:8080
- 195.14.0.12:8080
- 87.106.225.180:8080
- 198.144.158.120:443
- 151.236.60.57:8080
- ```
- ### Epoch 3 ###
- ```
- 190.55.186.229:80
- 203.157.152.9:7080
- 157.245.145.87:443
- 132.248.38.158:80
- 110.172.180.180:8080
- 70.32.89.105:8080
- 161.49.84.2:80
- 37.46.129.215:8080
- 50.116.78.109:8080
- 115.79.195.246:80
- 178.62.254.156:8080
- 175.103.38.146:80
- 188.226.165.170:8080
- 91.93.3.85:8080
- 162.144.145.58:8080
- 117.2.139.117:443
- 190.85.46.52:7080
- 201.193.160.196:80
- 152.32.75.74:443
- 195.201.56.70:8080
- 192.210.217.94:8080
- 91.83.93.103:443
- 172.104.46.84:8080
- 201.212.61.66:80
- 186.96.170.61:80
- 74.208.173.91:8080
- 182.73.7.59:8080
- 139.59.12.63:8080
- 211.110.229.161:8080
- 122.116.104.238:8443
- 223.17.215.76:80
- 195.159.28.244:8080
- 82.78.179.117:443
- 2.58.16.86:8080
- 65.32.168.171:80
- 58.27.215.3:8080
- 179.233.3.89:80
- 190.19.169.69:443
- 203.160.167.243:80
- 178.254.36.182:8080
- 202.29.237.113:8080
- 79.133.6.236:8080
- 103.93.220.182:80
- 88.58.209.2:80
- 24.230.124.78:80
- 203.56.191.129:8080
- 186.146.229.172:80
- 91.75.75.46:80
- 68.133.75.203:8080
- 103.229.73.17:8080
- 116.202.10.123:8080
- 139.59.61.215:443
- 46.105.131.68:8080
- 2.82.75.215:80
- 75.127.14.170:8080
- 120.51.34.254:80
- 185.142.236.163:443
- 139.5.101.203:80
- 203.153.216.178:7080
- 188.166.220.180:7080
- 178.33.167.120:8080
- 162.144.42.60:8080
- 201.163.74.204:80
- 103.80.51.61:8080
- 49.206.16.156:80
- 78.90.78.210:80
- 110.37.224.243:80
- 27.78.27.110:443
- 190.18.184.113:80
- 172.193.14.201:80
- 192.163.221.191:8080
- 157.7.164.178:8081
- 183.91.3.63:80
- 109.99.146.210:8080
- 54.38.143.245:8080
- 192.241.220.183:8080
- 180.148.4.130:8080
- 190.107.118.125:80
- 8.4.9.137:8080
- 163.53.204.180:443
- 143.95.101.72:8080
- Old count: 85
- New count: 81
- Dropped:
- 172.96.190.154:8080
- 198.20.228.9:8080
- 37.205.9.252:7080
- 5.79.70.250:8080
- 46.32.229.152:8080
- 185.208.226.142:8080
- Added:
- 211.110.229.161:8080
- 162.144.42.60:8080
- ---
- ```
- #### Epoch 3 - Spam C2s ####
- ```
- 82.118.225.196:7080
- 162.214.68.171:8080
- 202.29.237.114:8080
- 51.178.60.145:8080
- 159.65.140.182:80
- 118.163.97.19:8080
- ```
- #### Epoch 3 - Stealer C2s ####
- ```
- 104.236.52.89:8080
- 45.230.228.26:443
- 195.159.28.229:7080
- 82.145.43.153:8080
- ```
- ### END ###
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
