forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapt_noname05716.txt
73 lines (56 loc) · 2.36 KB
/
apt_noname05716.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Aliases: bobik, ddosia, killnet
# Reference: https://decoded.avast.io/martinchlumecky/bobik/
# Reference: https://www.virustotal.com/gui/ip-address/2.57.122.243/relations
# Reference: https://www.virustotal.com/gui/ip-address/2.57.122.82/relations
# Reference: https://github.com/avast/ioc/tree/master/Bobik
q7zemy6zc7ptaeks.servehttp.com
v9agm8uwtjmz.sytes.net
# Reference: https://decoded.avast.io/martinchlumecky/ddosia-project/
109.107.181.130:4200
109.107.181.130:5001
# Reference: https://www.sentinelone.com/labs/noname05716-the-pro-russian-hacktivist-group-targeting-nato/
# Reference: https://www.virustotal.com/gui/ip-address/31.13.195.87/relations
tom56gaz6poh13f28.myftp.org
zig35m48zur14nel40.myftp.org
# Reference: https://www.team-cymru.com/post/a-blog-with-noname
http://31.13.195.87
109.107.184.11:27017
185.173.37.220:5672
185.173.37.220:6379
31.13.195.87:9100
91.142.79.201:5051
91.142.79.201:9100
87.121.52.9:5001
# Reference: https://twitter.com/teamcymru_S2/status/1620019172712550401
http://212.73.134.208
# Reference: https://decoded.avast.io/martinchlumecky/ddosia-project-how-noname05716-is-trying-to-improve-the-efficiency-of-ddos-attacks/
http://161.35.199.2
http://87.121.52.9
http://94.140.114.239
http://94.140.115.129
161.35.199.2:22
87.121.52.9:22
94.140.114.239:22
94.140.115.129:22
161.35.199.2:5001
87.121.52.9:5001
94.140.114.239:5001
94.140.115.129:5001
# Reference: https://x.com/skocherhan/status/1898214290655428964
# Reference: https://www.virustotal.com/gui/file/9707920bd84a9aafcb5efc112ed19ec2d23b5e36dcc3caba33f5e6aadf0c558f/detection
# Reference: https://www.virustotal.com/gui/file/5588d1c5901d61bb09cd2fc86d523e2ccbc35a0565fd63c73b62757ac2ee51f5/detection
77.91.66.85:5000
77.91.66.85:5005
# Generic
/27bff71b-42c0-4a47-ba39-04c83f2f40bb/update?id=
/bcaa8752-51ff-4e35-8ef9-4aefbf42b482/update?id=
/d380f816-7412-400a-9b64-78e35dd51f6e/update?id=
/fb82275d-6255-4463-8261-ef65d439b83b/update?id=
/fb82275d-6255-4463-8261-ef65d439b83b/AdminService.exe
/fb82275d-6255-4463-8261-ef65d439b83b/afVAcUJTvDvM.exe
/fb82275d-6255-4463-8261-ef65d439b83b/BAebY2lBT7ee.exe
/fb82275d-6255-4463-8261-ef65d439b83b/Q7yheyG7.exe
/fb82275d-6255-4463-8261-ef65d439b83b/xLZ6auza.exe
/fb82275d-6255-4463-8261-ef65d439b83b/XuS1qxZa.exe