-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathQakbot_BB11_20.12.2022.txt
155 lines (137 loc) · 3.21 KB
/
Qakbot_BB11_20.12.2022.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
20.12.2022 | Qakbot | BB11 | Campaign 1671543355 | Version 404.46
*************************************************
.url https://habigonjzilasamiti.org/pm/index.php
.zip 42904c781411928176ed54f44935305697dcedc991f742f9318156dcd707c4d7 pw = RR17
.iso 2c4a8fb6fde8bb7fc5748ab363632fe7de7f5f14c95be89e59aa78920cdc0e74
.dll 501f753fad0f590197b6edacf61c5f60237a2a7e1f414221cc5054195afa53c0
*************************************************
lnk content
%SystemRoot%\system32\wscript.exe \GliridaeNavigability\jocundlyHardcover\haywires\Cellulipetal.wsf
*************************************************
Exec >
cmd.exe /c Report-429_583497.lnk
WScript.exe C:\Users\Admin\AppData\Local\Temp\GliridaeNavigability\jocundlyHardcover\haywires\Cellulipetal.wsf
rundll32.exe c:\users\public\buttoning.dll, qqqb
wermgr.exe
*************************************************
*************************************************
c2's
69.133.162.35:443
86.130.9.250:2222
178.153.5.54:443
12.172.173.82:20
96.255.66.51:995
72.88.245.71:443
47.16.68.188:2222
45.230.169.132:995
142.118.49.193:2222
65.95.85.172:2222
136.35.241.159:443
69.159.156.133:2222
90.48.151.17:2222
92.8.187.85:2222
87.223.95.66:443
75.84.234.68:443
71.31.101.183:443
74.33.196.114:443
76.100.159.250:443
183.82.100.110:2222
12.172.173.82:32101
90.66.229.185:2222
174.104.184.149:443
90.89.95.158:2222
122.186.71.98:443
208.90.9.35:2222
12.172.173.82:990
184.176.154.83:995
92.207.132.174:2222
75.98.154.19:443
81.248.77.37:2222
142.161.27.232:2222
90.104.22.28:2222
198.2.51.242:993
50.68.204.71:993
201.210.114.115:993
87.252.106.197:995
176.79.48.60:443
24.142.218.202:443
109.50.131.204:2222
46.10.198.106:443
2.14.96.234:2222
78.101.91.215:2222
92.154.45.81:2222
79.77.142.22:2222
12.172.173.82:22
86.225.214.138:2222
66.35.124.54:2222
173.18.126.3:443
162.248.14.107:443
190.249.241.149:443
184.68.116.146:61202
88.126.94.4:50000
87.220.205.65:2222
74.92.243.113:50000
188.161.48.24:443
74.66.134.24:443
12.172.173.82:993
64.237.240.3:443
69.119.123.159:2222
90.116.219.167:2222
186.87.52.35:995
91.169.12.198:32100
81.229.117.95:2222
70.55.120.16:2222
76.20.42.45:443
103.141.50.151:995
109.11.175.42:2222
24.71.120.191:443
24.130.149.95:443
98.187.21.2:443
176.142.207.63:443
121.121.100.148:995
172.90.139.138:2222
75.99.125.234:2222
172.248.42.122:443
92.186.69.229:2222
72.11.161.70:443
89.129.109.27:2222
190.199.187.93:2222
77.124.17.122:443
181.118.206.65:995
83.110.95.209:995
147.148.234.231:2222
93.156.97.50:443
217.128.200.114:2222
76.11.14.249:443
80.98.132.66:443
175.139.130.191:2222
27.99.45.237:2222
72.200.109.104:443
184.153.132.82:443
92.148.54.239:2222
90.119.197.132:2222
86.96.75.237:2222
199.83.165.233:443
12.172.173.82:995
12.172.173.82:50001
37.15.128.31:2222
86.99.15.254:2222
91.96.249.3:443
69.165.145.141:443
60.254.51.168:443
116.75.63.156:443
75.156.125.215:995
150.107.231.59:2222
93.147.134.85:443
82.9.210.36:443
174.112.22.106:2078
86.195.14.72:2222
60.234.194.12:2222
89.152.120.181:443
94.30.98.134:32100
86.183.251.169:2222
128.127.21.57:443
184.68.116.146:2222
184.68.116.146:3389
83.213.201.104:993
92.189.214.236:2222