A Leak of Silent Ransomware Operators

0
January 05, 2026

Dear blog readers,

On November 19th 20025 the Silent Ransomware Operator's Dark Web Onion made an interesting posting in what appears to be a compromised Dark Web Onion with a specific post detailing the activities of the Silent Ransomware operators. 

I decided to dig a little bit deeper and also provide an enriched analysis.

Here are the leaked details:

Зубков, Владислав Сергеевич
Телефон: 79038429329
Дата рождения: 09.03.1996
Город: Тула, Россия
Инстаграм: vladi_tula
ВК: slaw71

Иванов, Иван Сергеевич
Телефон: 79153700392, 74957113532
Дата рождения: 03.04.1991
Город: Москва, Россия
 

Унжаков, Василий Андреевич
Телефон: 76534249063
Дата рождения: 22.04.1993
Город: Тула, Россия
Инстаграм: foxstis


Несветаев, Даниил Павлович
Телефон: 79508749805, 79031156929, 79510857967, 79606919091
Дата рождения: 03.01.2000
Город: Курск, Россия
ВК: xvidis


Солдатов, Владимир ВладимировичТелефон: 79514754980, 79124043093
Дата рождения: 21.09.1992
Город: Миасс, Россия
ВК: ВОВА 12345 СОЛДАТОВ

Аверин, Алексей Иванович
Телефон: 79534255483
Дата рождения: 23.01.1996
Город: Тула, Россия
Инстаграм: alexey.averin, averina1exei
ВК: a1exiiu

Фомичёв, Кирилл Алексеевич
Телефон: 79997815534, 79509266372, 79066268794, 79509028210, 79612672856
Дата рождения: 18.12.1996
Город: Тула, Россия
Инстаграм: kirill_fomichev71
ВК: diger71 

Primary domain known to have been involved:

hxxp://business-data-leaks.com - Email: tatodavi1997@finefreemail.com

Related domains:

hxxp://ucheck.info

hxxp://arculufi.com

hxxp://business-data-leaks.com

hxxp://layerzeronetworks.net

hxxp://parcelpathways.com 

Related domains:

hxxp://blackpass.online

hxxp://blackpass.link

Related domains:

hxxp://blackpass.one
hxxp://blackpass.sale
hxxp://blackpass.im
hxxp://blackpass.lu
hxxp://blackpass.io
hxxp://blackpass.ws
hxxp://blackpass.name
hxxp://blackpass.biz 

Stay tuned. Continue reading →

Profiling the Craxs Rat Malware-as-a-Service (MaaS) Enterprise

0
January 05, 2026

Dear blog readers,

I recently came across to a relatively interesting and novel malware as a service malicious software provider that specialized in Android based malware releases with several releases currently in the works and available commercially within the cybercrime ecosystem with the vendor currently possessing a pretty decent social media presence so I decided to provide some personally identifiable information about their online whereabouts. 

Sample domains known to have been involved in the campaign include:

hxxp://craxsrat.com - Email: evlfdev@gmail.com
hxxp://craxsrat.net
hxxp://craxsserver.com
hxxp://craxsrat.com
hxxp://evlfdev.com
hxxp://spysolr.com 

Sample contact details:

Session ID:
05e476b08449c214be276c9eee0db24f5d5a2296da86432a122d3102242939fe3d

Jabber ID:
evfldev@draugr.de

Tox ID:
93BEB9028B77008BFE13A46F2B2290A75988036A77D3D6A315FFA986C45F84654FF298AB9031 

Sample social media accounts involved in the campaign include:

https://x.com/EvLFDev
https://www.facebook.com/craxsrat
https://t.me/EVLFDEV
https://github.com/EVLF
https://www.youtube.com/@EvLFDev
https://www.facebook.com/spysolr/
https://spysolr.com
https://vimeo.com/user204150405
https://x.com/spysolr
https://t.me/spysolr 

Sample video demonstrations:



Related screenshots:









Stay tuned.

Continue reading →

Enriched And Sandboxed Malware Command and Control (C&C) Domains Feed - Week 01

0
January 04, 2026

Dear blog readers,

Happy New Year and a lot of professional and personal success in 2026.

I've recently spend some time working on a personal project where based on the unique malware samples that I process and obtain on my own using my methodology I aim to extract relevant malware command and control (C&C) domains only and offer them in a static form including to offer additional enrichment in terms of their associated MD5 hash and the corresponding malware family. 

Here's the initial batch of processed malware samples and their corresponding MD5s and malware family including additional domain registrations enrichment.

Here's also a link to the DNS resolved and Geolocated MySQL database for Week 01. 

Sample malware command and control (C&C) domains extracted based on unique malware samples that I process and have access to using sandboxing include:

hxxp://212.ip.gl.ply.gg
hxxp://337598cm.nyash.es
hxxp://725822cm.nyash.es
hxxp://a0920080.xsph.ru
hxxp://aatcwo.biz
hxxp://acwjcqqv.biz
hxxp://anpmnmxo.biz
hxxp://api.lyra-connect.us
hxxp://banwyw.biz
hxxp://bendavo.su
hxxp://bghjpy.biz
hxxp://brsua.biz
hxxp://bumxkqgxu.biz
hxxp://burkinafaso.duckdns.org
hxxp://chukwunweikefrankokiteamaekeibeku.ydns.eu
hxxp://cikivjto.biz
hxxp://cjvgcl.biz
hxxp://classic-dave.gl.at.ply.gg
hxxp://colorfulequalugliess.shop
hxxp://conxmsw.su
hxxp://cover-phantom.gl.at.ply.gg
hxxp://cpclnad.biz
hxxp://ctdtgwag.biz
hxxp://cvgrf.biz
hxxp://damcprvgv.biz
hxxp://deoci.biz
hxxp://detectordiscusser.shop
hxxp://devnyash.top
hxxp://dlynankz.biz
hxxp://docs.npo-iskra.ru
hxxp://doddyfire.linkpc.net
hxxp://dstat.one
hxxp://dwrqljrr.biz
hxxp://ecxbwt.biz
hxxp://edurestunningcrackyow.fun
hxxp://elumadns.hopto.org
hxxp://energytulcea.ro
hxxp://ereplfx.biz
hxxp://esuzf.biz
hxxp://eufxebus.biz
hxxp://exposqw.su
hxxp://fatisabi.linkpc.net
hxxp://fjumtfnz.biz
hxxp://free-auto-clicker.com
hxxp://ftxlah.biz
hxxp://fwiwk.biz
hxxp://gcedd.biz
hxxp://gjogvvpsf.biz
hxxp://gnqgo.biz
hxxp://go.bestjacksonvillehotels.com
hxxp://go.tweethost.com
hxxp://graceland777.ddns.net
hxxp://gvijgjwkh.biz
hxxp://gytujflc.biz
hxxp://hehckyov.biz
hxxp://hlzfuyy.biz
hxxp://htwqzczce.biz
hxxp://ifsaia.biz
hxxp://ikechukwugrace.duckdns.org
hxxp://iuzpxe.biz
hxxp://jdhhbs.biz
hxxp://jhvzpcfg.biz
hxxp://jifai.biz
hxxp://jlqltsjvh.biz
hxxp://job-citizenship.gl.at.ply.gg
hxxp://jpskm.biz
hxxp://jwkoeoqns.biz
hxxp://kcyvxytog.biz
hxxp://kg5n.com
hxxp://kilimanjaro.run.place
hxxp://kilimanjaro.theworkpc.com
hxxp://knjghuig.biz
hxxp://know-studied.gl.at.ply.gg
hxxp://kvbjaur.biz
hxxp://la-supreme.gl.at.ply.gg
hxxp://lejtdj.biz
hxxp://loganwolverin2026.duckdns.org
hxxp://lpuegx.biz
hxxp://lrxdmhrr.biz
hxxp://mail.honesty-shippings.com
hxxp://mail.lwaziacademy.com
hxxp://mail.taikei-rmc-co.biz
hxxp://manaura-43718.portmap.host
hxxp://max-merchandise.gl.at.ply.gg
hxxp://mgmsclkyu.biz
hxxp://mjheo.biz
hxxp://mnjmhp.biz
hxxp://muapr.biz
hxxp://myups.biz
hxxp://narroxp.su
hxxp://nasap.net
hxxp://neazudmrq.biz
hxxp://needforrat.hopto.org
hxxp://needleexperience.xyz
hxxp://nffplp.com
hxxp://nnamoograce.duckdns.org
hxxp://nobles.locker
hxxp://npukfztj.biz
hxxp://nqwjmb.biz
hxxp://nwdnxrd.biz
hxxp://ocsvqjg.biz
hxxp://oflybfv.biz
hxxp://oh.whatisyourname.buzz
hxxp://opowhhece.biz
hxxp://oshhkdluh.biz
hxxp://overthinker1877.duckdns.org
hxxp://ozonelf.su
hxxp://pectx.biz
hxxp://pgfsvwx.biz
hxxp://pooreveningfuseor.pw
hxxp://przvgke.biz
hxxp://ptrim.biz
hxxp://pwlqfu.biz
hxxp://pywolwnvd.biz
hxxp://qaynky.biz
hxxp://qdqwrqwrwqrqw.net
hxxp://qncdaagct.biz
hxxp://qpnczch.biz
hxxp://qwdfewf.com
hxxp://reczwga.biz
hxxp://relevantvoicelesskw.shop
hxxp://rffxu.biz
hxxp://root.bhware.store
hxxp://rrqafepng.biz
hxxp://rynmcq.biz
hxxp://saytjshyf.biz
hxxp://ser.nrovn.xyz
hxxp://server.mobware.xyz
hxxp://several-tab.gl.at.ply.gg
hxxp://shpwbsrw.biz
hxxp://silentclickteam.cc
hxxp://sirrbef.cyou
hxxp://sislaps.ydns.eu
hxxp://squatje.su
hxxp://squeaue.su
hxxp://ssbzmoy.biz
hxxp://sxmiywsfv.biz
hxxp://taodianla.com
hxxp://tbjrpv.biz
hxxp://tnevuluw.biz
hxxp://transfer.sh
hxxp://troyka4100.dynu.net
hxxp://turkeyunlikelyofw.shop
hxxp://two-2.s3.cubbit.eu
hxxp://typgfhb.biz
hxxp://uaafd.biz
hxxp://unembel.locker
hxxp://upaste.me
hxxp://uphca.biz
hxxp://vcddkls.biz
hxxp://vestcast.co
hxxp://vicareu.su
hxxp://vjaxhpbji.biz
hxxp://vrrazpdh.biz
hxxp://vvu8ghu9oij25i4.hopto.org
hxxp://vyome.biz
hxxp://warkcdu.biz
hxxp://whjovd.biz
hxxp://whonixgateway.online
hxxp://wisemassiveharmonious.shop
hxxp://wllvnzb.biz
hxxp://wluwplyh.biz
hxxp://wndlogon.hopto.org
hxxp://anpmnmxo.biz
hxxp://free-auto-clicker.com
hxxp://ojang.pe.kr
hxxp://wxgzshna.biz
hxxp://xccjj.biz
hxxp://xlfhhhm.biz
hxxp://xnxvnn.biz
hxxp://xyrgy.biz
hxxp://yauexmxk.biz
hxxp://yhqqc.biz
hxxp://yip.su
hxxp://ytctnunms.biz
hxxp://yunalwv.biz
hxxp://ywffr.biz
hxxp://zgapiej.biz
hxxp://zjbpaao.biz
hxxp://znwbniskf.biz
hxxp://zrlssa.biz
hxxp://zyiexezl.biz 

Sample enriched with corresponding MD5s and malware family malware command and control (C&C) domains from this week's sandboxing activities include: 

hxxp://0d78fe00f48f2148.tyui54345.xyz cdd2d4de47743b4b5df200af11f8e98d9c342a2403a635413bed9dff2407f31d Trojan.Generic
hxxp://0d78fe00f48f2148.zxcv56745.xyz cdd2d4de47743b4b5df200af11f8e98d9c342a2403a635413bed9dff2407f31d Trojan.Generic
hxxp://2ndry.com 73247cafcabbdae7db4d13d6e9b98915055df67e2d29b57794a97fcc3b565e55 Trojan.Generic
hxxp://31bd9b27a24e0be9.tyui54345.xyz 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Trojan.Generic
hxxp://31bd9b27a24e0be9.tyui54345.xyz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://31bd9b27a24e0be9.zxcv56745.xyz 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Trojan.Generic
hxxp://31bd9b27a24e0be9.zxcv56745.xyz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://a.goatgame.co 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://a0920080.xsph.ru 5a8e8e48add151c8058bad8173424e10e1a336dee8982da211d8f612323219c7 Zusy.Generic
hxxp://a0920080.xsph.ru ea7efe5b685adb6324eea4717d5a9ef0c09c0222acc527d3bff2dc752d0cdcf9 Zusy.Generic
hxxp://aatcwo.biz 78cfbb3dcfb3cb41f6c830f1e7108278047f4dd4dd07ae0348bb1ab605c7b17c Whisperer.1.Generic
hxxp://acwjcqqv.biz

hxxp://addicitedoqowm.shop a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Win/malicious_confidence_100%
hxxp://alcomax.com.co 5b2968c2f95f948e2a93b6e4ccfb7810f2581ebb3c6604f2ac9e625e4001d529 Trojan.Generic
hxxp://anpmnmxo.biz

hxxp://ansy20225.dynuddns.net ae5b1853a93a2d9c46ab423aa90f650b8f4a2f2edb94a92848800c0c8c9b7543 Trojan.Generic
hxxp://associationokeo.shop 5846798583be774901279b9bca21a8ef095d0f12e459a7a83535b5b0339046bc Malware
hxxp://associationokeo.shop 9550addd57ac80afc9a177a5e7c9e961892d96593296bac79ec7a6ea65cc12d9 Zusy.Generic
hxxp://banwyw.biz

hxxp://batyatj6.beget.tech 92f2b318d7ae3f25513878332f59c7fbcb31c1c9d35bcc40c39ae8abc7e20ccf Trojan.Agent
hxxp://best-link-app.com 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://best-supply-link.xyz 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://bghjpy.biz

hxxp://brsua.biz 109b03ffc45231e5a4c8805a10926492890f7b568f8a93abe1fa495b4bd42975
hxxp://bumxkqgxu.biz

hxxp://burkinafaso.duckdns.org

hxxp://caffegclasiqwp.shop 2a82243697e2eec45bedc754adcdc1f6f41724a40c6d7d96fd41ad144899b6f7 Dacic.7CD77862.A.Generic
hxxp://carder.bit ed1955afd366883d385daa15c374cbe662b5b864c057c95d54a56f568fd6c2e3 MSILHeracles.Generic
hxxp://cikivjto.biz 9ae7fa194d279e3de56b76499ab09fd912ac0497d74c932e86909f99eb941ec4 Jalapeno.Generic
hxxp://cjhd.mediav.com

hxxp://cjvgcl.biz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://cleaner-partners.biz

hxxp://cli.re 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://cm.everesttech.net 0ee9272dffc57c49f3b539656afeff80599be3f75e5625701eb1201e8c08a095 QD:Trojan.GenericQ
hxxp://colorfulequalugliess.shop 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://colorfulequalugliess.shop 29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1 Trojan.Generic
hxxp://conceptionnyi.sbs 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Zusy.Generic
hxxp://condedqpwqm.shop 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.GenKryptik
hxxp://cpclnad.biz 0ee9272dffc57c49f3b539656afeff80599be3f75e5625701eb1201e8c08a095 QD:Trojan.GenericQ
hxxp://ctdtgwag.biz 73247cafcabbdae7db4d13d6e9b98915055df67e2d29b57794a97fcc3b565e55 Trojan.Generic
hxxp://cutit.org e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://cvgrf.biz 182e0188dcf3bb787487e6178bcbf8b34b14fffb34c0554ff5792873d07e03aa Trojan.Generic
hxxp://damcprvgv.biz

hxxp://deoci.biz bd81aacc34212fdc8bd7f0788e850e8e95cca31db5906ca926eb505cec8fcb9d Fragtor.Generic
hxxp://detectordiscusser.shop

hxxp://detectordiscusser.shop 29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1 Trojan.Generic
hxxp://dlynankz.biz 0ee9272dffc57c49f3b539656afeff80599be3f75e5625701eb1201e8c08a095 QD:Trojan.GenericQ
hxxp://down.nugong.asia eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://down.nugong.asia 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Trojan.Generic
hxxp://down.xy58.top eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://down.xy58.top 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Trojan.Generic
hxxp://dpm.demdex.net eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://dpm.demdex.net 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://dt.hebchengjiu.com 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.Generic
hxxp://dwrqljrr.biz bdcd1657a5264f0bd85ce4cf6063d372fdf2e70ba7c0d151f5149ed0d0b4b240 Trojan.LogMeIn
hxxp://eboduftazce-ru.com

hxxp://ecxbwt.biz 1eb0a9f84af571fbc121df3c1552bda149594d98b35578e98cea5f653b881a14 Pack.Emotet.Generic
hxxp://edurestunningcrackyow.fun

hxxp://edurestunningcrackyow.fun 5846798583be774901279b9bca21a8ef095d0f12e459a7a83535b5b0339046bc Malware
hxxp://el-padrino.com 9550addd57ac80afc9a177a5e7c9e961892d96593296bac79ec7a6ea65cc12d9 Zusy.Generic
hxxp://el-padrino.com 6f92490ec57e611a2966e2b00988fe698610cf725f79d6ba0090312a035939c4 Trojan.Generic
hxxp://energytulcea.ro d18afeeaaf28d8fcc226244ceef3ebe0f68257850234c25a7c73435085a18579 Trojan.Generic
hxxp://ent34ndx3cz8k.x.pipedream.net

hxxp://ereplfx.biz 315451451f47e51b89513027cc67666beceae4d4fc83b08ce3860b98939e8b42 Tedy.Generic
hxxp://esuzf.biz

hxxp://eufxebus.biz

hxxp://evoliutwoqm.shop

hxxp://fightyglobo.sbs 59ff8e0aa665fbbf749c7548906a655cb1869bb58a3b7546efa5b416d19e6308 Trojan.Generic
hxxp://fjumtfnz.biz 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.GenKryptik
hxxp://ftxlah.biz 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://fwiwk.biz

hxxp://gcedd.biz

hxxp://gjogvvpsf.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Win/malicious_confidence_100%
hxxp://gnqgo.biz

hxxp://gohardandmakeit2026.ddns.net

hxxp://guess.mediav.com 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.Generic
hxxp://gvijgjwkh.biz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://gytujflc.biz

hxxp://hehckyov.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Win/malicious_confidence_100%
hxxp://hhhjgbjghgbuguy.atwebpages.com

hxxp://hlzfuyy.biz 6a2c55fbe2221388774d27da453bd8f52d55732edf1099daa831754d35a96eee Trojan.Generic
hxxp://horoscope-online.bar

hxxp://hsiens.xyz 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://httpbin.org 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://htwqzczce.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Win/malicious_confidence_100%
hxxp://ifsaia.biz 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.Generic
hxxp://iuzpxe.biz 7faba6269c05fdda9ee0045aebb835161f0f5d7405e60db1471172bc4e674bda Application.RemoteAdmin.Generic
hxxp://jdhhbs.biz

hxxp://jelepenorocks.com

hxxp://jhvzpcfg.biz d963392aa3f2cfe80e55734fdb2e7db55b99309935031e6c7a034cca62ffd3c9 Doina.Generic
hxxp://jifai.biz

hxxp://jlqltsjvh.biz

hxxp://jorjifornk.live

hxxp://jpskm.biz 9036fb313fd80fe4bb2b048b7260bb7aafa6dbfd40142d0dbac510eb7a623292 Adware.Midie.Generic
hxxp://jwkoeoqns.biz

hxxp://kcyvxytog.biz

hxxp://kilimanjaro.run.place

hxxp://kilimanjaro.theworkpc.com

hxxp://knjghuig.biz

hxxp://kvbjaur.biz

hxxp://lF.b17da333ec194ec4b767.d.requestbin.net

hxxp://lejtdj.biz 315451451f47e51b89513027cc67666beceae4d4fc83b08ce3860b98939e8b42 Tedy.Generic
hxxp://live-s3m.mediav.com 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d
hxxp://liveos.zapto.org e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Win/malicious_confidence_100%
hxxp://lnkd.demdex.net 02b4e1709e79653e9569bf727301f92d4928726ba69d8d764db5841b94d63671 Trojan.Generic
hxxp://locatedblsoqp.shop 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Remcos.Generic
hxxp://lpuegx.biz 78cfbb3dcfb3cb41f6c830f1e7108278047f4dd4dd07ae0348bb1ab605c7b17c Whisperer.1.Generic
hxxp://lrxdmhrr.biz
Whisperer.1.Generic
hxxp://mail.honesty-shippings.com

hxxp://mail.lwaziacademy.com

hxxp://mail.metrohotelsupplies.com

hxxp://mail.rhrgroup.com.my 9f62113246760fed6c4311cb1709fd72bdaad3d389790b838bf30ac44dbd3952
hxxp://max-c.mediav.com 4f91c3fc284a89566d7e8567e1cda33a03563c3484bdbd630761356d56053e41 Trojan.Generic
hxxp://max-c.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Win/malicious_confidence_100%
hxxp://max-r.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://max-r.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Whisperer.1.Generic
hxxp://mgmsclkyu.biz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://millyscroqwp.shop
Whisperer.1.Generic
hxxp://millyscroqwp.shop a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc
hxxp://mjheo.biz a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Whisperer.1.Generic
hxxp://mndasl22.duckdns.org
Win/malicious_confidence_100%
hxxp://mndasl22.duckdns.org f6d4e7c049743bad1addfae2276aa9a36a957eaa1af97cc4afedb3c039168d2d
hxxp://mnjmhp.biz f6d4e7c049743bad1addfae2276aa9a36a957eaa1af97cc4afedb3c039168d2d Jalapeno.Generic
hxxp://modellydivi.sbs
Trojan.Generic
hxxp://modellydivi.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560
hxxp://muapr.biz 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.GenKryptik
hxxp://mytarta.com 9e8db008af73b1cf3703c2b38e900560b19d2583cb307f1d750479d6297c38d1
hxxp://mytarta.com f5441824cba7578fe0821164413e06ea7f446f481cd7bef0c4a22e1f9ee28862 Application.MSILHeracles.Generic
hxxp://myups.biz f5441824cba7578fe0821164413e06ea7f446f481cd7bef0c4a22e1f9ee28862 Trojan.Generic
hxxp://nasap.net
Win/malicious_confidence_100%
hxxp://nasap.net 58cbd0f2e42fb40a4e43c0a60121d8e7b462f6abd1ae3b150019fe4ae959b8d5
hxxp://nasap.net 58cbd0f2e42fb40a4e43c0a60121d8e7b462f6abd1ae3b150019fe4ae959b8d5 Jalapeno.Generic
hxxp://nasap.net f35f7724f94a314df0b39496e7d9385765565282e7cecdfb8dd78f12637fda6e Trojan.Generic
hxxp://nc1337.online f35f7724f94a314df0b39496e7d9385765565282e7cecdfb8dd78f12637fda6e Trojan.GenKryptik
hxxp://nc1337.online 67a8db376b3438977898afc7c53a01c041191f7e7631c2f14945d55393286185 Trojan.Generic
hxxp://neazudmrq.biz 67a8db376b3438977898afc7c53a01c041191f7e7631c2f14945d55393286185 IL:Trojan.MSILZilla
hxxp://needforrat.hopto.org
Trojan.Generic
hxxp://needforrat.hopto.org c2a299f988158d07a573a21621b00b1577b7c232f91c1442ba30d272e4414c5d
hxxp://nervepianoyo.sbs c2a299f988158d07a573a21621b00b1577b7c232f91c1442ba30d272e4414c5d Jalapeno.Generic
hxxp://nervepianoyo.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.Generic
hxxp://nffplp.com 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://nnamoograce.duckdns.org
Trojan.GenKryptik
hxxp://noposaran.dyndns.org

hxxp://noposaran.dyndns.org a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56
hxxp://npukfztj.biz a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56 Barys.Generic
hxxp://nqwjmb.biz
Win/malicious_confidence_100%
hxxp://nts.ammyy.com ed1955afd366883d385daa15c374cbe662b5b864c057c95d54a56f568fd6c2e3 Trojan.FileInfector.Generic
hxxp://nts.ammyy.com 5fc600351bade74c2791fc526bca6bb606355cc65e5253f7f791254db58ee7fa MSILHeracles.Generic
hxxp://nwdnxrd.biz 5fc600351bade74c2791fc526bca6bb606355cc65e5253f7f791254db58ee7fa Trojan.Agent
hxxp://ocsvqjg.biz 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Application.RemoteAdmin.Generic
hxxp://oflybfv.biz
Trojan.FileInfector.Generic
hxxp://opowhhece.biz

hxxp://optimizationguide-pa.googleapis.com

hxxp://oshhkdluh.biz 0ee9272dffc57c49f3b539656afeff80599be3f75e5625701eb1201e8c08a095
hxxp://ottobattleskaldthrenody.com
QD:Trojan.GenericQ
hxxp://ottobattleskaldthrenody.com bf6e0c343ec5053da9bd0d0fa577839f017edc9a6e760bb611fb13424e621351
hxxp://pectx.biz 612300066252c3151883d30f69a9b287c323a4a484a35ca553c5a73d3f7d0cfc Trojan.Generic
hxxp://pgfsvwx.biz
Jalapeno.Generic
hxxp://pioneeruyj.sbs

hxxp://pioneeruyj.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560
hxxp://platform.linkedin.com 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560
hxxp://platformcati.sbs 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.GenKryptik
hxxp://platformcati.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.Generic
hxxp://pooreveningfuseor.pw 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.Generic
hxxp://pooreveningfuseor.pw 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Trojan.Generic
hxxp://pooreveningfuseor.pw 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Trojan.GenKryptik
hxxp://pooreveningfuseor.pw 9550addd57ac80afc9a177a5e7c9e961892d96593296bac79ec7a6ea65cc12d9 Zusy.Generic
hxxp://postman-echo.com 9550addd57ac80afc9a177a5e7c9e961892d96593296bac79ec7a6ea65cc12d9 Trojan.Generic
hxxp://postman-echo.com 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Zusy.Generic
hxxp://przvgke.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Trojan.Generic
hxxp://ptrim.biz
Win/malicious_confidence_100%
hxxp://publisher.linkvertise.com

hxxp://pwlqfu.biz 182e0188dcf3bb787487e6178bcbf8b34b14fffb34c0554ff5792873d07e03aa
hxxp://pywolwnvd.biz 358960c8506683a69ae638443f267857f2417e9ccb62bcfd301226caae025671 Malware/Generic
hxxp://q.gs
Malware/Generic
hxxp://q.gs 182e0188dcf3bb787487e6178bcbf8b34b14fffb34c0554ff5792873d07e03aa
hxxp://qaynky.biz 182e0188dcf3bb787487e6178bcbf8b34b14fffb34c0554ff5792873d07e03aa Malware/Generic
hxxp://qncdaagct.biz
Trojan.Generic
hxxp://qpnczch.biz

hxxp://qu.ax

hxxp://qu.ax 0520b688648369e393b8f603c33dcc1f138a7a6239025b276824d6dbe9c517fb
hxxp://qualifielgalt.sbs 0520b688648369e393b8f603c33dcc1f138a7a6239025b276824d6dbe9c517fb Malware/Generic
hxxp://qualifielgalt.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.Generic
hxxp://query.rec.360.cn 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Malware/Generic
hxxp://quiltpet.xyz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.GenKryptik
hxxp://qwdfewf.com 1fc070d52f6c24eb6e83d5e9474d63868d47509a8aea3687782ebf61ebe97cfd Trojan.Generic
hxxp://qwdfewf.com c3dee07cba853e66489d883ef5bcc094ea32861828ebfcde773e7527726be35c Trojan.Generic
hxxp://rdtxd.mediav.com c3dee07cba853e66489d883ef5bcc094ea32861828ebfcde773e7527726be35c Trojan.Generic
hxxp://rdtxd.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://reczwga.biz 9ae7fa194d279e3de56b76499ab09fd912ac0497d74c932e86909f99eb941ec4 Trojan.Generic
hxxp://relevantvoicelesskw.shop 109b03ffc45231e5a4c8805a10926492890f7b568f8a93abe1fa495b4bd42975
hxxp://relevantvoicelesskw.shop 29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1
hxxp://relevantvoicelesskw.shop 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Trojan.Generic
hxxp://restores.name e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Zusy.Generic
hxxp://rffxu.biz 61c881908bdc8be9c8ee8e42728b6f116768ff2a4edd540e1d82a02c51fd6322 Trojan.Generic
hxxp://rl.ammyy.com
Trojan.Generic
hxxp://rl.ammyy.com bc483e6acdf276b57bb87317962c0091bb1421e61fa3306490b5858eabc61320
hxxp://rrqafepng.biz 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.Generic
hxxp://rustdesk.geacon.it
Trojan.Generic
hxxp://rustdesk.geacon.it 1b8e30647d35a7698616da4491fa259b96b6f1cd3bdee007c4434c31f520ca31
hxxp://rustdesk.geacon.it 1b8e30647d35a7698616da4491fa259b96b6f1cd3bdee007c4434c31f520ca31
hxxp://rustdesk.geacon.it d3c6dc624952d8ce8c0e04565a7dcba15abe40dfbe76a686e9bd4b3bdda14f84 Trojan.Generic
hxxp://rynmcq.biz d3c6dc624952d8ce8c0e04565a7dcba15abe40dfbe76a686e9bd4b3bdda14f84 Trojan.Generic
hxxp://safialinks.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://safialinks.com 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Trojan.Generic
hxxp://sanctam.net 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Trojan.Generic
hxxp://sanctam.net 193fa18e0547e42597e4f6b080576f7c39566e258aa4aa846ffc88435e6548d3 Win/malicious_confidence_100%
hxxp://saytjshyf.biz 193fa18e0547e42597e4f6b080576f7c39566e258aa4aa846ffc88435e6548d3 Trojan.Generic
hxxp://secure01-redirect.net 59ff8e0aa665fbbf749c7548906a655cb1869bb58a3b7546efa5b416d19e6308 Trojan.Generic
hxxp://secure01-redirect.net 3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130 Trojan.Generic
hxxp://sempersim.su 3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130 Trojan.Generic
hxxp://ser.nrovn.xyz fd2d0fbf84a26d2dbf9b64e57c4acef804d83eb2c5b10273c1642f9e8ef7db47 Win/malicious_confidence_100%
hxxp://ser.nrovn.xyz 1954e0151deb50691b312e7e8463bd2e798f78ff0d030ce1ef889e0207cc03aa Trojan.Generic
hxxp://sergei-esenin.com 1954e0151deb50691b312e7e8463bd2e798f78ff0d030ce1ef889e0207cc03aa Trojan.Agent
hxxp://sergei-esenin.com 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Win/malicious_confidence_100%
hxxp://server.entco.network 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.GenKryptik
hxxp://server.entco.network 109b03ffc45231e5a4c8805a10926492890f7b568f8a93abe1fa495b4bd42975 Win/malicious_confidence_100%
hxxp://server.natgo.cn 109b03ffc45231e5a4c8805a10926492890f7b568f8a93abe1fa495b4bd42975
hxxp://server.natgo.cn 0026014d1d7e27c48b5e036a593d7a60f7e8f313394e2b4df59b139f078a4cd2 Trojan.Generic
hxxp://show-g.mediav.com 33e59926cd50c0627c217a1173debd27742fd4b93ae8b9db513a33ecf87bc8b8 Trojan.Generic
hxxp://show.g.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Win32_RemoteAdmin_LogMeIn_A_potentially_unsafe
hxxp://show.g.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://shpwbsrw.biz a57f0775c8de97d1592ffb63b65488c5f2470bc274f5fcfadbabf734f51f4c4a Trojan.Generic
hxxp://silverfox.com
Trojan.Generic
hxxp://sislaps.ydns.eu 09fddbdf0ef88f1cf65d79c1b70a9076d597580fb93209e82c5c3581eb9d5cab
hxxp://smart.sug.so.com
Trojan/Starter
hxxp://smart.sug.so.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2
hxxp://smashygally.sbs e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Agent
hxxp://socm.dmp.360.cn 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.Generic
hxxp://socm.dmp.360.cn e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.GenKryptik
hxxp://ssbzmoy.biz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2
hxxp://stagedchheiqwo.shop 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Suspicious:Trojan.Agent.SFB.qsin
hxxp://stagedchheiqwo.shop a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Win/malicious_confidence_100%
hxxp://stamppreewntnq.shop c366c4e26ec3d2698a94dc04afb58dad429d6c28dff1820d53e277e108103f8f Win32_RemoteAdmin_LogMeIn_A_potentially_unsafe
hxxp://stamppreewntnq.shop a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Trojan.Generic
hxxp://startupmart.bar a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Trojan.Generic
hxxp://startupmart.bar 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Win/malicious_confidence_100%
hxxp://stat.lianmeng.360.cn 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Trojan.Generic
hxxp://sunray1975.zapto.org 7dbfdc26680dd6db6c57c79754ad2a70d34074195aa787f0236223fe69b2ac0d Trojan.GenKryptik
hxxp://sunray1975.zapto.org ed34b1412a85ed48b455019c266b094c693270b026090b0fa44f7fc9735f51ee Trojan.Generic
hxxp://svc.iolo.com ed34b1412a85ed48b455019c266b094c693270b026090b0fa44f7fc9735f51ee Genie.Generic
hxxp://svc.iolo.com 458e3d9f3f51d58101a3b4d8496bceed86391b80c68aeba4aa1411c930094d8a Trojan.Generic
hxxp://sxmiywsfv.biz 458e3d9f3f51d58101a3b4d8496bceed86391b80c68aeba4aa1411c930094d8a Trojan.Kryptik
hxxp://symantec.demdex.net
Win/malicious_confidence_100%
hxxp://symantec.demdex.net 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be
hxxp://symantec.tt.omtrdc.net 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://symantec.tt.omtrdc.net 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Win/malicious_confidence_100%
hxxp://taodianla.com 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://tbjrpv.biz f2e2a44d8084a1b9b359cb6d32ec93331cde72c53229edb5452590e1c26f562c Trojan.Generic
hxxp://test.besthotel360.com
Trojan.Generic
hxxp://test.besthotel360.com 5a418a3bbcdc86ef8b1ced4fbbd941e8ed6e67852a3f82099645364f0acf5e44
hxxp://testmycdn.azureedge.net 5a418a3bbcdc86ef8b1ced4fbbd941e8ed6e67852a3f82099645364f0acf5e44 Trojan.D.Generic
hxxp://time-a.nist.gov 85085cf81f8cff6920395539d277b1e5c242aa0fc3669ae2fade6b49085be5b0 Trojan.Generic
hxxp://tnevuluw.biz 4e773391c268725d6eb6269f0f42baf7509a7a3b11565a0e45ec573f3ed9d6a2 Dacic.3677.Generic
hxxp://top.dhrest.com
Trojan.Ransom.Osiris
hxxp://top.dhrest.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2
hxxp://track.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Genie.Generic
hxxp://track.mediav.com e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://traineiwnqo.shop e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://traineiwnqo.shop a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Trojan.Kryptik
hxxp://transfer.sh a6c9f6f28fbd610e67f591aea2724d4ac3c8265f23d6d8dccf45c2ec8c18c9fc Trojan.FileInfector.Generic
hxxp://trecube.com 36ed94fb9f8ef3f5cbf8494ff6400d0be353ae7c223ed209bd85d466d1ba1ff7 Win/malicious_confidence_100%
hxxp://trecube.com 67a8db376b3438977898afc7c53a01c041191f7e7631c2f14945d55393286185 Marsilia.Generic
hxxp://trecube.com 67a8db376b3438977898afc7c53a01c041191f7e7631c2f14945d55393286185 IL:Trojan.MSILZilla
hxxp://trecube.com c07ab5ae52157b25af3d80b44b8afd41d0d40465f682415d43f5fb8791d03ae5 Trojan.Generic
hxxp://turkeyunlikelyofw.shop c07ab5ae52157b25af3d80b44b8afd41d0d40465f682415d43f5fb8791d03ae5 Jalapeno.Generic
hxxp://turkeyunlikelyofw.shop 5846798583be774901279b9bca21a8ef095d0f12e459a7a83535b5b0339046bc Trojan.D.Generic
hxxp://turkeyunlikelyofw.shop 5846798583be774901279b9bca21a8ef095d0f12e459a7a83535b5b0339046bc Dacic.3677.Generic
hxxp://turkeyunlikelyofw.shop 9550addd57ac80afc9a177a5e7c9e961892d96593296bac79ec7a6ea65cc12d9 Malware
hxxp://typgfhb.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Packer.Krucky.B.Generic
hxxp://uaafd.biz
Win/malicious_confidence_100%
hxxp://uhxqin.biz

hxxp://underlinefiue.sbs 7c052d93aa9a2aabb658540ef34efd02fa0e8be7a647b9d2c162b46302e79ff6
hxxp://underlinefiue.sbs 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.Generic
hxxp://unotree.ru 872d8373408dc474fc240c064bb6d64740c5ff4f88c4ec0228edb00b765f6560 Trojan.GenKryptik
hxxp://unotree.ru c07ab5ae52157b25af3d80b44b8afd41d0d40465f682415d43f5fb8791d03ae5 Win/malicious_confidence_100%
hxxp://uphca.biz c07ab5ae52157b25af3d80b44b8afd41d0d40465f682415d43f5fb8791d03ae5 Jalapeno.Generic
hxxp://vcddkls.biz e4eff92df6c1b675a4d0095ffc34f92d7b96f73a3d417cc8c2a2269a380711a2 Trojan.Generic
hxxp://vjaxhpbji.biz
Win32_RemoteAdmin_Nable_B_potentially_unsafe
hxxp://vrrazpdh.biz

hxxp://vv2z8.dyndns.biz

hxxp://vv2z8.dyndns.biz a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56
hxxp://vvv4x5.dyndns.org a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56 Barys.Generic
hxxp://vvv4x5.dyndns.org a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56 Win32_RemoteAdmin_Nable_B_potentially_unsafe
hxxp://vyome.biz a5b0838f4975cf92e1857742403b0e38ade725dc66aabd38f6039ef659633d56 Barys.Generic
hxxp://warkcdu.biz
Trojan.Generic
hxxp://wfsdragon.ru

hxxp://wfsdragon.ru 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc
hxxp://whjovd.biz 6fd5c640f4c1e434978fdc59a8ec191134b7155217c84845ea6a313aecf25bcc Trojan.Generic
hxxp://whonixgateway.online
Win/malicious_confidence_100%
hxxp://whonixgateway.online

hxxp://win-britain.gl.at.ply.gg 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://win-britain.gl.at.ply.gg 2391648221057ae4454b46e4010db00fa25551df4835c916ad1cf1354077234f Trojan.Generic
hxxp://wisemassiveharmonious.shop 2391648221057ae4454b46e4010db00fa25551df4835c916ad1cf1354077234f Jalapeno.Generic
hxxp://wisemassiveharmonious.shop 29d409af265261b204f6eeeedb5e9bb1f7a829b723a5d1d78384066744bddbe1 Trojan.Generic
hxxp://wisemassiveharmonious.shop 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Trojan.Generic
hxxp://wllvnzb.biz 91a36d137ebfa812b055728807e11338d15d3a5d869cb4babdf779266688e4dd Trojan.Generic
hxxp://wluwplyh.biz
Zusy.Generic
hxxp://wpad.scl3.dc

hxxp://wpad.scl3.dc 7faba6269c05fdda9ee0045aebb835161f0f5d7405e60db1471172bc4e674bda
hxxp://ww7x8.dyndns.org 7faba6269c05fdda9ee0045aebb835161f0f5d7405e60db1471172bc4e674bda Application.RemoteAdmin.Generic
hxxp://www.ammyy.com 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Barys.Generic
hxxp://www.anpmnmxo.biz bc483e6acdf276b57bb87317962c0091bb1421e61fa3306490b5858eabc61320 Win/malicious_confidence_100%
hxxp://wxgzshna.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Win/malicious_confidence_100%
hxxp://x1.c.lencr.org
Win/malicious_confidence_100%
hxxp://x1.c.lencr.org 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be
hxxp://xccjj.biz 216a0655f71264d6f0b8fbe2642c23f548f4e9eadcc717f4999d4897c5b7f9be Trojan.FileInfector.Generic
hxxp://xlfhhhm.biz
Win/malicious_confidence_100%
hxxp://xnxvnn.biz

hxxp://xyrgy.biz

hxxp://xytets.com

hxxp://xytets.com b22f2f2818bee83f8b7ff574a747b667f91f91d601177f5532fb5703b6b076c3
hxxp://xytets.com b22f2f2818bee83f8b7ff574a747b667f91f91d601177f5532fb5703b6b076c3 Trojan.Heur.Generic
hxxp://xytets.com c1eb8323cb382af0d11bfda9ccff4008532be6c5343f1550a814557e9e2e3ce7 Trojan.Tiny
hxxp://yauexmxk.biz c1eb8323cb382af0d11bfda9ccff4008532be6c5343f1550a814557e9e2e3ce7
hxxp://yhqqc.biz
Trojan.Tiny
hxxp://yip.su

hxxp://yip.su 612300066252c3151883d30f69a9b287c323a4a484a35ca553c5a73d3f7d0cfc
hxxp://ytctnunms.biz 872cd0d0d2794e85f831e92d73256de3004ee8fc402464aa32ad198101043e2d Packer.Krucky.B.Generic
hxxp://yunalwv.biz
Win/malicious_confidence_100%
hxxp://ywffr.biz

hxxp://yzzcommon.tyui54345.xyz

hxxp://yzzcommon.tyui54345.xyz 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e
hxxp://yzzcommon.tyui54345.xyz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://yzzcommon.zxcv56745.xyz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://yzzcommon.zxcv56745.xyz 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Win/malicious_confidence_100%
hxxp://yzzcommon.zxcv56745.xyz 206dfac2e92de56c5ddb0bc71a27d3355177f844093dbdf1f6433d159510973e Trojan.FileInfector.Generic
hxxp://yzzcommon.zxcv56745.xyz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://zgapiej.biz eb5efbdcdfe761de4d27a6f5b334e2e2543032070d0ad8339a090cce9eefbf2f Trojan.Generic
hxxp://zjbpaao.biz
Trojan.Tiny
hxxp://zlenh.biz

hxxp://znwbniskf.biz 7c052d93aa9a2aabb658540ef34efd02fa0e8be7a647b9d2c162b46302e79ff6
hxxp://zrlssa.biz
Trojan.Generic
hxxp://zyiexezl.biz

Additional malware domains enrichment includes:

hxxp://vicareu.su - Email: sbakuga@inbox.ru
hxxp://bendavo.su - Email: sbakuga@inbox.ru

Related domain registrations for sbakuga@inbox.ru:

hxxp://diadtuky.su
hxxp://prebwle.su
hxxp://izzardtow.su
hxxp://coverxyzer.su
hxxp://lumma-market.su

Related domain registrations:

hxxp://qwdfewf.com - Email: geraregaettemu@mail.ru

Related domain registrations for geraregaettemu@mail.ru:

hxxp://igbyugfwbwb5.xyz
hxxp://random1125123.xyz
hxxp://olxcarder.xyz
hxxp://newoneazertyqsdf.xyz
hxxp://sdasfghgfds.su

Stay tuned.

Continue reading →

Happy Holidays and Merry Christmas

0
December 26, 2025

Dear blog readers,

This is Dancho.

Happy Holidays and Merry Christmas and New Year Celebration.

I'm on Wikipedia and I'm also on Grokipedia.

Stay tuned.

Continue reading →

Three New Bulgaria-Based Hacking Groups Spotted in the Wild

0
November 14, 2025

Wow.

I just did the impossible and I wanted to take the time and effort to elaborate on what I've been working on during the past two weeks which is technical collection on my way to look for and identify new hacking groups and teams globally.

The first group is NullSecurity-GROUP -> STNeo Leet -> hxxp://www.linkedin.com/in/stneo-leet-13ba14103/ -> hxxp://www.youtube.com/STNeoOfficial -> hxxp://www.youtube.com/channel/UCLASueXZopAxyytvoA-Rwfw -> hxxp://www.vbox7.com/user:stneo -> hxxp://x.com/STNeoBG -> hxxp://x.com/STNeoOfficial -> hxxp://x.com/ChrisiKostova -> hxxp://xtremebooter.com - Email: pittbull96@hotmail.com; NeoUnderground@bk.ru -> ddos-central.us -> varrburg@abv.bg -> tw_m0nster -> Hasan Sunai -> hxxp://soundcloud.com/djfrkk -> hxxp://www.youtube.com/@HHasan-ou1ye

Related domain registrations for pittbull96@hotmail.com:

hxxp://djoni5.com
hxxp://xtremebooter.com
hxxp://nullsecbg.org
hxxp://mazalo-bg.com
hxxp://bphost.net
hxxp://ddos-central.us
hxxp://evohost-bg.net
hxxp://csgo-bg.net
hxxp://pm-bg.net
hxxp://cs-sofia.com
hxxp://bulplay.net

Related domain registrations for NFINITY NETWORKS:

hxxp://net-stress.com
hxxp://nullsecbg.com
hxxp://suricatanet.com - Nfinity Networks BG -> Email: nullrage@icloud.com
hxxp://nullsecbg.org

Related domain registrations for nullrage@icloud.com

hxxp://ddc-bg.com
hxxp://suricatanet.com

Sample screenshots:




























The second group is UGBulgaria -> hxxp://x.com/UGBulgaria -> BL3ss3d -> hxxp://x.com/BlesdBG -> Email: UGBulgaria@gmail.com 

Sample screenshots: 

The third group is Team Toxic BG -> Night_D3v1L Av1g0BG Naskisa Bl00dZZ Bl0wingKK -> hxxp://x.com/TeamToxicPirate -> hxxp://www.facebook.com/teamtoxicbg -> hxxp://team-toxic.tk/ - Email: teamtoxic@mail.bg

Sample screenshots:




Continue reading →
Subscribe to: Comments (Atom)