-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathQakbot_BB05_31.10.2022.txt
156 lines (139 loc) · 3.22 KB
/
Qakbot_BB05_31.10.2022.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
31.10.2022 | Qakbot | BB05 | Campaign 1667208557| Version 404.14
*************************************************
.url https://bedrijvenzone.nl/od/downnow
.zip 23dfa98dc0b37502bfc20df6154d83dc07d15c7a9980db8f0cf6d5963a997ee6 - BV1
.zip aeeac099be6c1e72cf5133a6df529cc6bfc7df831ccaeca089fcfc546eee232d
.iso fbca66b820f726a1d4256ac071e4fb52579853de81082941fbe11426d9664298
.dll 24aec370771ad1208aeb54721067c9e3b139a368f13ab6b131dc7d6c13da5127
*************************************************
lnk content:
C:\Windows\System32\cmd.exe /c judicature\parked.cmd reg
*************************************************
cmd /c C:\Users\Admin\AppData\Local\Temp\CO.lnk
cmd.exe" /c judicature\parked.cmd reg
regsvr32.exe judicature\dour.dat
wermgr.exe
*************************************************
https://tria.ge/221031-pff3caahe2
*************************************************
c2's
174.77.209.5:443
74.92.243.113:995
112.141.184.246:995
190.37.174.11:2222
90.165.109.4:2222
207.204.120.40:443
98.207.190.55:443
93.156.96.171:443
47.14.229.4:443
188.49.56.189:443
220.134.54.185:2222
181.164.194.228:443
45.184.179.188:2222
190.74.248.136:443
78.179.135.247:443
70.51.139.148:2222
109.133.67.116:995
24.116.45.121:443
70.60.142.214:2222
190.24.45.24:995
45.35.97.45:443
152.170.17.136:443
27.109.19.90:2078
205.161.22.189:443
45.48.36.226:2087
151.213.183.141:995
75.84.234.68:443
72.88.245.71:443
74.92.243.113:995
27.110.134.202:995
172.117.139.142:995
24.9.220.167:443
24.177.111.153:443
142.115.84.88:2222
118.200.83.226:443
181.141.3.126:443
45.230.169.132:995
68.62.199.70:443
45.49.137.80:443
172.112.37.112:2222
45.230.169.132:995
186.188.96.197:443
45.230.169.132:993
62.46.231.64:443
24.206.27.39:443
58.247.115.126:995
200.233.108.153:995
64.207.237.118:443
144.202.15.58:443
58.186.75.42:443
193.3.19.137:443
190.18.236.175:443
149.126.159.224:443
136.232.184.134:995
175.205.2.54:443
186.18.210.16:443
181.56.171.3:995
70.187.0.87:2078
84.35.26.14:995
216.82.134.218:443
74.92.243.113:995
74.92.243.113:50000
186.64.67.44:443
156.220.169.120:993
201.210.121.173:2222
92.185.204.18:2078
156.216.39.119:995
179.100.109.130:32101
83.110.95.167:995
217.102.172.187:443
105.96.229.86:443
156.197.160.119:995
186.73.140.43:443
206.1.251.127:2087
190.203.11.218:443
167.58.240.153:443
186.155.62.161:995
190.78.83.246:993
167.58.124.198:995
190.207.196.66:2222
87.57.13.215:443
102.159.156.248:443
41.101.77.84:443
41.97.249.28:443
197.1.227.26:995
102.156.43.188:443
206.1.176.188:443
197.27.105.165:995
196.77.51.44:443
41.103.17.38:443
118.174.213.11:995
189.148.124.243:2222
190.206.68.150:2222
102.156.160.115:443
75.163.118.79:995
24.69.87.61:443
156.174.23.234:443
105.103.240.236:443
197.207.219.239:443
85.241.180.94:443
88.171.156.150:50000
14.164.18.210:443
97.119.133.150:443
177.17.210.208:2222
41.250.136.196:443
23.118.233.40:443
196.217.63.248:443
103.156.237.178:443
160.176.187.142:995
103.104.54.213:2222
27.106.7.115:443
66.37.239.222:443
75.166.39.70:443
41.99.123.19:443
195.244.180.161:995
24.207.97.40:443
59.93.248.215:443
201.223.166.250:32100
187.187.194.169:443
41.99.158.37:443