forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathandroid_exobot.txt
307 lines (262 loc) · 8.8 KB
/
android_exobot.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Aliases: coper, marcher, octo
# Reference: https://www.virustotal.com/gui/ip-address/176.119.28.74/relations
# Reference: https://www.threatfabric.com/blogs/exobot_android_banking_trojan_on_the_rise.html
androidpt01.asia
androidpt02.asia
barberink.biz
bizlikebiz.biz
chudresex.at
chudresex.cc
compoz.at
coupon-online.fr
cpsxz1.at
deereebee.info
dfjdgxm3753u744h.at
divingforpearls.at
dndzh457thdhjk.at
elitbizopa.info
fhfhhhrjtfg3637fgjd.at
filllfoll.biz
i-app1.online
i-app4.online
i-app5.online
inovea-engineering.com
ldfghvcxsadfgr.at
lingerieathome.eu
loupeacara.net
loupeahak.com
memosigla.su
messviiqqq.info
nowayright.biz
olimpogods.at
playgoogle.at
playsstore.mobi
playsstore.net
qqqright.info
rockybalboa.at
sarahtame.at
secure-ingdirect.top
securitybitches1.at
securitybitches3.at
soulreaver.at
ssnoways.info
storegoogle.at
sudopsuedo1.su
sudopsuedo2.su
sudopsuedo3.su
track-google.at
trackgoogle.at
weituweritoiwetzer.at
wellscoastink.biz
wqetwertwertwerxcvbxcv.at
# Reference: https://www.virustotal.com/gui/ip-address/178.132.78.152/relations
# Reference: https://www.virustotal.com/gui/file/7896c69b1cc1cb0f603242a46c65d51a512651e3b51759fb34aeb528f0236498/detection
# Reference: https://www.virustotal.com/gui/file/bcfe7d6066272faa3de00f34c7f15d6c183ed193dd5daca772ff4c97b55d64c5/detection
as44aa11.top
as55aa22.top
# Reference: https://twitter.com/malwrhunterteam/status/1504558610159919114
# Reference: https://www.virustotal.com/gui/ip-address/5.255.102.136/relations
# Reference: https://www.virustotal.com/gui/file/464a7c5c1faefaa0fd7bb11b5211a9b4996b0d8eebd2ba694a9dcca95ffabc59/detection
# Reference: https://www.virustotal.com/gui/file/ded98a60183c59d80524cdd2f104dabdab2342d90fea1abebe2bbf92a7e0f336/detection
# Reference: https://www.virustotal.com/gui/file/fca33888cae8d4e9fd4b2a4bcb80cf894786ce60dc3fd32691f80edef56e5b37/detection
fastconnectcenter.com
fastconnectcenter.hk
/875sakLglasg27pvl/
# Reference: https://threatfabric.com/blogs/octo-new-odf-banking-trojan.html
# Reference: https://www.virustotal.com/gui/file/008ffb2b49c8f7d97ad201290abd93bf3fc0d9246775cbdbf180ba910adc2fce/detection
smartcontractlicense.info
/puap9udshc2zmzjmmuzmghst/
# Reference: https://www.virustotal.com/gui/file/0613b3bf8a152356be696c7a9e66058e68dcde708f2f47241e2e538678d48f5d/detection
equisdeperson.space
personification.top
rigorichbroker.com
/MDI0ODlhNzAxYzg2/
# Reference: https://twitter.com/pmmkowalczyk/status/1493559761593380867
# Reference: https://twitter.com/pmmkowalczyk/status/1493559763266908164
auhr8h3ba.ch
hr81ha8ah.ch
hrauu3aga.ch
j3ha8h1ag.ch
uwhauaua.ch
/MWNhMjI2OTkyNjA3/
# Reference: https://www.virustotal.com/gui/ip-address/176.121.14.164/relations
# Reference: https://www.virustotal.com/gui/file/0480b9e36afe56f9554bad57e0ba65a8df65fdfb821dc69c20be85987614f3b3/detection
8ibaub3bav.com
fuaggggotc.top
guuagwuu.top
hbaruuau3h.top
hgauahhh.com
ifn1h8ag1g.com
ifua88ahahgh.com
ihfagzuuu.net
irha3wzuu.top
jgiauwggg.org
thhausgajk.com
uagggauua.com
uauzustttt.com
utabwbazuu.com
/NiYmQ5YzZlODllzzz/
# Reference: https://www.virustotal.com/gui/ip-address/185.151.147.65/relations
# Reference: https://www.virustotal.com/gui/file/02f43cf67a61bd5c42c33d5196d3962845a28e1e014f23010455e73dd4e240ab/detection
bau3baahh.com
gfhau1hacjj.com
uhnazu3au.top
# Reference: https://twitter.com/B0rys_Grishenko/status/1478341854747889664
# Reference: https://cert.pl/posts/2021/12/aktywacja-aplikacji-iko/ (Polish)
# Reference: https://www.virustotal.com/gui/ip-address/176.107.160.226/relations
# Reference: https://www.virustotal.com/gui/ip-address/185.103.109.45/relations
# Reference: https://www.virustotal.com/gui/ip-address/92.255.110.226/relations
# Reference: https://www.virustotal.com/gui/ip-address/188.227.86.32/relations
# Reference: https://www.virustotal.com/gui/file/5a85777d094c644a962787bfa5d80b2ba47493ca7c276f7406c2b3d83feb30e6/detection
dsfiu133ds52231232fdnsjds.top
dsfiu733ds42231232fdnsjds.top
dsfiu733ds52231232fdnsjds.top
s122231232fdnsjds.top
s222231232fdnsjds.top
s22231232fdnsjds.top
s322231232fdnsjds.top
s32231232fdnsjds.top
s42231232fdnsjds.top
/PArhFzp5sG2sN/
# Reference: https://twitter.com/malwrhunterteam/status/1483173995390382085
# Reference: https://www.virustotal.com/gui/file/115b4ae0009c84c335611cfc2a2a1a06db03fc392a627988bd03592d1a154750/detection
# Reference: https://www.virustotal.com/gui/file/59527801e3cf12749e2471fef6df6693e54e74521e8175beb048eaf60ee21d2d/detection
# Reference: https://www.virustotal.com/gui/file/ecf4d571531d0647a393d5860d168f2ef5b633b70831b05e2a47694fc47bc97a/detection
checkips.xyz
checks.design
fastcheck.digital
ipmonitor.services
servercheck.online
xipxesip.club
xipxesip.design
xipxesip.digital
xipxesip.online
xipxesip.services
xipxesip.xyz
/OWU1NzkwNWVmYmRk/
/sljs1NzkwNWVmYmRsnc/
# Reference: https://www.virustotal.com/gui/file/b5ac07a4252d9c14e877d087ffb416ac8d3995dfe8bf6ea4122d19d1b749c3c3/detection
# Reference: https://www.virustotal.com/gui/file/d111d88d82bc8094283c5ef2daa2d681aef11b89a755538cd0ef1cf3c36987b5/detection
rftgyh.shop
rftgyh.store
rftgyh.xyz
qwaszx.club
qwaszx.digital
qwaszx.site
/X0SDscG9rqz68F/
# Reference: https://twitter.com/cleafylabs/status/1526859118794919936
# Reference: https://www.virustotal.com/gui/ip-address/45.147.96.90/relations
# Reference: https://www.virustotal.com/gui/file/8c5445fd569211c74eec6bad036ccd16a5cc3b4979771b041fc90a79bad6feee/detection
ddhfbhdfbsdbfsdg.top
dfdfdfdgdffjdhbf.org
sdhfsdbfbjhsdhff.com
sjsdfsddjhdjfadff.com
ssgsjhfsdfdsjhd.info
vvjfsdsdghsdghfvffdf.top
/MzYzMzJjZDI5YzYx/
# Reference: https://twitter.com/cleafylabs/status/1526866760879722496
homebyavariridgway.com
# Reference: https://www.virustotal.com/gui/file/eadd9c3e3f7a1c5e008ca157cb850aa72d283f702da2ab4daf0e4af4d926ab3e/detection
goos.pw
# Reference: https://twitter.com/f3d__/status/1537005322065391618
beautyxumeley.com
dfdfdfdgdffjdhbf.org
ssgsjhfsdfdsjhd.info
/ZTYxYWI2NWNmYTA3/
# Reference: https://tria.ge/220613-m1yrsacab9
ahnudsbba.xyz
fabh23zuba.top
fu8hhaadl.com
idai2babd1.xyz
jufhahbhazh.top
# Reference: https://tria.ge/220614-hvhq6agef5
8ibaub3bav.com
hbaruuau3h.top
ifn1h8ag1g.com
ifua88ahahgh.com
irha3wzuu.top
uhnazu3au.top
utabwbazuu.com
# Reference: https://twitter.com/_icebre4ker_/status/1541875987419365377
# Reference: https://twitter.com/ecarlesi/status/1541785629721231362
esappguide.com
forumtasking.net
/MTlkYWQwOTBkNmFi/
# Reference: https://www.virustotal.com/gui/file/e48e7c9b01b8a89b8caa6bfaf84fdf7f735d0fa0271aecc6aa7710766df9946d/detection
# Reference: https://www.virustotal.com/gui/file/423cf942b83f38244b6f74d4770056ec66e699e748d66613cd7cb0875036202a/detection
# Reference: https://www.virustotal.com/gui/file/2b3b7c6af707f69b7d3259e829b02b746a949720a3542519f9327d3b071d0cbe/detection
# Reference: https://www.virustotal.com/gui/file/1b3d36c1789c0fc70ae36d70ce8fabfdc54a09a9c5bdf900bcdebd778f7c4f14/detection
# Reference: https://www.virustotal.com/gui/file/13a284a55c6f5ad2c5212cf47510469994b8197c80b3f620f97b4fb716add1bb/detection
albiworkman7583.top
antonwright456.top
elodiecope88968.top
finndalby0.top
karenbarber56543.top
malaikaduggan890.top
miltonchambers72.top
naziawills5523.top
onurrobinson333.top
sabihaplummer80.top
sidesquivel124.top
teaganwhitaker6437.top
zayaanpaine23.top
/ODIzY2ZmOWM4MTY2/
# Reference: https://www.virustotal.com/gui/ip-address/185.238.170.201/relations
# Reference: https://www.virustotal.com/gui/file/e4252d0a21372e9d39385be7bd2fc04c77f42fc5dd803ef82340364044452266/detection
# Reference: https://www.virustotal.com/gui/file/183bd85d061fa509ff9f732dd01b358ce00297fb0ddf6d5e43ab9b4ab36bb6d5/detection
analysisdnsdata.website
checkdns.club
checkdns.design
checkdns.digital
checkdns.services
checkdns.shop
checkdnsplus.site
checkdnsplus.space
dnscheck.club
dnscheck.design
fastcheckdns.shop
fastcheckdns.xyz
/NmE0N2YwOWEzMTM3/
# Reference: https://twitter.com/malwrhunterteam/status/1611068887033909261
# Reference: https://www.virustotal.com/gui/ip-address/62.204.41.203/relations
# Reference: https://www.virustotal.com/gui/file/c11907662ce44c176f1d75646e113e89b271fb2b33cc968c8e2e7543cae82938/detection
analysisdnsdata.site
analysisdnsdata.space
bestipscanworld.xyz
bestscanipworld.xyz
bestworldipscan.xyz
checkserversippool.xyz
doublednscheck.xyz
ipbestscanworld.xyz
ipcheckserverspool.xyz
ipscanbestworld.xyz
ipscanworldbest.xyz
ipworldscanbest.xyz
plusdnscheck.site
plusdnscheck.space
plusdnscheck.website
plusdnscheck.xyz
poolcheckipservers.xyz
poollipceckservers.xyz
poolserverisippool.xyz
scanbestipworld.xyz
scanipbestworld.xyz
scanworldbestip.xyz
scanworldipbest.xyz
serverscheckippool.xyz
serversippoolcheck.xyz
serverspoolcheckip.xyz
worldipbestscan.xyz
# Generic
/angelkelly/
/balls51/
/CHECKPIECEUNTIL/
/CONTAINSURE/
/crystalknight/
/flexdeonblake/
/jadafire/
/MUCHTHENWERESTO/
/QUESTIONROADFAR/
/sinnamonlove/