forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbabuk.txt
63 lines (42 loc) · 2.17 KB
/
babuk.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Copyright (c) 2014-2025 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Aliases: babyk, babuklocker, babuk-locker
# Reference: https://twitter.com/Glacius_/status/1345376488506462209
# Reference: https://app.any.run/tasks/95d2f695-025d-4a91-843e-66bb57b3519e/
# Reference: https://www.virustotal.com/gui/file/8203c2f00ecd3ae960cb3247a7d7bfb35e55c38939607c85dbdb5c92f0495fa9/detection
babukq4e2p4wu4iq.onion
# Reference: https://www.hackplayers.com/2021/02/sitios-cibercriminales-deepweb.html
gtmx56k4hutn3ikv.onion
# Reference: https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html
http://185.219.52.229
185.219.52.229:6666
185.219.52.229:8080
fbi.fund
xxxs.info
# Reference: https://github.com/thetanz/ransomwatch/blob/main/docs/INDEX.md
nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion
# Reference: https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/is-there-really-such-a-thing-as-a-low-paid-ransomware-operator/
# Reference: https://otx.alienvault.com/pulse/616ee12b44039d67eabb36e8
appmonitorplugin.sytes.net
atualziarsys.serveirc.com
services5500.sytes.net
suporte01092021.myftp.biz
suporte01928492.redirectme.net
suporte20082021.sytes.net
# Reference: https://twitter.com/malwrhunterteam/status/1571177967467864065
sonarmsng5vzwqezlvtu2iiwwdn3dxkhotftikhowpjuzg7p3ca5eid.onion
# Reference: https://twitter.com/malwrhunterteam/status/1670212991109791745
# Reference: https://www.virustotal.com/gui/file/aff7b20907db426ab886cbdab6d5f15afd0310c5b2629ff32a4a617340f0d46d/detection
babydfa6yzdx6otdqjgvk53kpqove5cuhpnr7rjigu5rujo25itdnyyd.onion
# Reference: https://blog.talosintelligence.com/ra-group-ransomware/
# Reference: https://github.com/Cisco-Talos/IOCs/blob/main/2023/05/ra-group-ransomware.txt
# Reference: https://otx.alienvault.com/pulse/64625a79244b743ba2a598a3
hkpomcx622gnqp2qhenv4ceyrhwvld3zwogr4mnkdeudq2txf55keoad.onion
# Reference: https://x.com/RacWatchin8872/status/1787851705654120639
195.182.143.218:8099
# Reference: https://x.com/akaclandestine/status/1900262510747357206
exercice-cybercrise.fr
ispconfig.connectar.ar
mail.wi-sim.com.ar
sosba-lp.com.ar
wi-sim.com