nanocores

1. http://adl-groups.com/admin/MIRI.exe
2. 96F5763D902BBF019408D43FAC37ABC1
3. BypassUAC 00
4. ClearAccessControl 00
5. ClearZoneIdentifier 01
6. ConnectDelay 4000
7. CnC ip2locate.ddns.net
8. CnC 185.244.31.31
9. EnableDebugMode 00
10. Group Default
11. Mutex 1e60ba28765c3245a7aae84067bdc287
12. Port 8181
13. PreventSystemSleep 01
14. PrimaryDNSServer 8.8.8.8
15. RequestElevation 00
16. RestartDelay 5000
17. RunDelay 0
18. RunOnStartup 01
19. SetCriticalProcess 00
20. UseCustomDNS 01
21. Version 1.2.2.0
22.  
23. ----------------------------------------------------
24.  
25. http://adl-groups.com/ocha/ask.exe
26. FC91B2096A8C934D17E5855BB6DCB10F
27. BypassUAC 00
28. ClearAccessControl 00
29. ClearZoneIdentifier 01
30. ConnectDelay 4000
31. CnC ochaforward.hopto.org
32. CnC 185.244.31.25
33. EnableDebugMode 00
34. Group
35. Mutex f674732bec7df340bef6eddc8ef8cc94
36. Port 3575
37. PreventSystemSleep 01
38. PrimaryDNSServer 8.8.8.8
39. RequestElevation 01
40. RestartDelay 5000
41. RunDelay 0
42. RunOnStartup 01
43. SetCriticalProcess 00
44. UseCustomDNS 01
45. Version 1.2.2.0
46.  
47. ----------------------------------------------------
48.  
49. http://adl-groups.com/bits/BUSH.exe
50. 32E09E87DCF40768939001403FADF762
51. BypassUAC 01
52. ClearAccessControl 00
53. ClearZoneIdentifier 01
54. ConnectDelay 4000
55. CnC ambit19.ddns.net
56. CnC
57. EnableDebugMode 00
58. Group Default
59. Mutex d52c7c3c6d619843b556a462d9694ca2
60. Port 1503
61. PreventSystemSleep 01
62. PrimaryDNSServer 8.8.8.8
63. RequestElevation 00
64. RestartDelay 5000
65. RunDelay 0
66. RunOnStartup 01
67. SetCriticalProcess 00
68. UseCustomDNS 01
69. Version 1.2.2.0
70.  
71. ----------------------------------------------------
72.  
73. http://adl-groups.com/amba/ochagidi.exe
74. CBD75FF91A01E81FF65FB9B71A18D410
75. BypassUAC 00
76. ClearAccessControl 00
77. ClearZoneIdentifier 01
78. ConnectDelay 4000
79. CnC ochaforward.hopto.org
80. CnC 185.244.31.25
81. EnableDebugMode 00
82. Group
83. Mutex f674732bec7df340bef6eddc8ef8cc94
84. Port 3575
85. PreventSystemSleep 01
86. PrimaryDNSServer 8.8.8.8
87. RequestElevation 01
88. RestartDelay 5000
89. RunDelay 0
90. RunOnStartup 01
91. SetCriticalProcess 00
92. UseCustomDNS 01
93. Version 1.2.2.0
94.  
95. ----------------------------------------------------
96.  
97. http://adl-groups.com/temp/tempe.exe
98. 23C54D903C35D9F1807B8678A1F698CC
99. BypassUAC 00
100. ClearAccessControl 00
101. ClearZoneIdentifier 01
102. ConnectDelay 4000
103. CnC templerun.ddns.net
104. CnC
105. EnableDebugMode 00
106. Group JUNETINS
107. Mutex a57382a111f1184d9ed3cbbea8b0c1dc
108. Port 257
109. PreventSystemSleep 01
110. PrimaryDNSServer 8.8.8.8
111. RequestElevation 00
112. RestartDelay 5000
113. RunDelay 0
114. RunOnStartup 01
115. SetCriticalProcess 00
116. UseCustomDNS 01
117. Version 1.2.2.0
118.  
119. ----------------------------------------------------
120.  
121. http://greatmischiefdesign.com/fk/fk.exe
122. 5AF94420900F95ADFF2130BC741D60DF
123. BypassUAC 01
124. ClearAccessControl 00
125. ClearZoneIdentifier 01
126. ConnectDelay 4000
127. CnC 91.193.75.239
128. CnC
129. EnableDebugMode 00
130. Group GOD
131. Mutex a73a18d0ce77364081fc70b913246a
132. Port 5494
133. PreventSystemSleep 01
134. PrimaryDNSServer 8.8.8.8
135. RequestElevation 00
136. RestartDelay 5000
137. RunDelay 0
138. RunOnStartup 00
139. SetCriticalProcess 00
140. UseCustomDNS 01
141. Version 1.2.2.0
142.  
143. ----------------------------------------------------
144.  
145. hxxp://greatmischiefdesign.com/kg/kg.exe
146. E5F52BECDA72B062C3BED1981D6DF5F7
147. BypassUAC 01
148. ClearAccessControl 00
149. ClearZoneIdentifier 01
150. ConnectDelay 4000
151. CnC 95.167.151.236
152. CnC 127.0.0.1
153. EnableDebugMode 00
154. Group kkking
155. Mutex ae73f7d48902d04c8d11d56b38fa72b8
156. Port 6543
157. PreventSystemSleep 01
158. PrimaryDNSServer 8.8.8.8
159. RequestElevation 00
160. RestartDelay 5000
161. RunDelay 0
162. RunOnStartup 01
163. SetCriticalProcess 00
164. UseCustomDNS 01
165. Version 1.2.2.0