# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: splinter

# Reference: https://github.com/BishopFox/sliver
# Reference: https://www.virustotal.com/gui/file/1c9cc7108392ca716a522ccfc93c15724fb18bafe8350301c2ced04803aa4040/detection

201.137.231.132:8888
letshack.ddns.net

# Reference: https://twitter.com/1ZRR4H/status/1450913137352392712
# Reference: https://pastebin.com/ZpsxzLZc
# Reference: https://www.malware-traffic-analysis.net/2021/10/20/index.html
# Reference: https://www.proofpoint.com/us/blog/security-briefs/ta551-uses-sliver-red-team-tool-new-activity

http://101.35.159.51
http://104.236.118.101
http://104.236.43.106
http://106.12.207.117
http://111.90.147.236
http://135.181.104.26
http://157.245.14.195
http://157.245.93.17
http://161.97.142.232
http://164.90.232.157
http://176.223.165.145
http://18.163.111.123
http://182.92.189.18
http://185.10.68.232
http://206.72.200.121
http://3.239.175.166
http://35.192.9.111
http://45.79.202.162
http://51.178.46.134
http://52.24.190.27
http://62.171.184.87
http://64.52.111.48
http://85.93.2.78
101.35.159.51:443
104.236.118.101:443
104.236.43.106:443
106.12.207.117:443
111.90.147.236:443
135.181.104.26:443
157.245.14.195:443
157.245.93.17:443
161.97.142.232:443
164.90.232.157:443
176.223.165.145:443
18.163.111.123:443
182.92.189.18:443
185.10.68.232:443
206.72.200.121:443
3.239.175.166:443
35.192.9.111:443
45.79.202.162:443
51.178.46.134:443
52.24.190.27:443
62.171.184.87:443
64.52.111.48:443
85.93.2.78:443
101.35.159.51:8080
104.236.118.101:8080
104.236.43.106:8080
106.12.207.117:8080
111.90.147.236:8080
135.181.104.26:8080
157.245.14.195:8080
157.245.93.17:8080
161.97.142.232:8080
164.90.232.157:8080
176.223.165.145:8080
18.163.111.123:8080
182.92.189.18:8080
185.10.68.232:8080
206.72.200.121:8080
3.239.175.166:8080
35.192.9.111:8080
45.79.202.162:8080
51.178.46.134:8080
52.24.190.27:8080
62.171.184.87:8080
64.52.111.48:8080
85.93.2.78:8080
ruwejo.com

# Reference: https://twitter.com/Max_Mal_/status/1500447223217278980
# Reference: https://www.virustotal.com/gui/file/7f0deab21a3773295319e7a0afca1bea792943de0041e22523eb0d61a1c155e2/detection
# Reference: https://www.virustotal.com/gui/file/d8241e046cb9efcfa7ce733249d580eacff996d8669adbe71019eedafb696a55/detection
# Reference: https://www.virustotal.com/gui/file/2190a7d8d7eafd4af56b01d9a828ab2dc553a804ccda4c291dce51ce01da81f8/detection
# Reference: https://www.virustotal.com/gui/file/1f95397c4634f3348f3001a02eab269148f4c08271c2e2461905a4359f7c4761/detection
# Reference: https://www.virustotal.com/gui/file/08137096b85a3a2611249bb57ba9ace4e8efc9ba28cfddd8557edc3e11e9690c/detection

176.113.115.107:8888
193.27.228.127:8888

# Reference: https://www.sentinelone.com/blog/from-the-front-lines-new-macos-covid-malware-masquerades-as-apple-wears-face-of-apt/
# Reference: https://otx.alienvault.com/pulse/62c6baa44e2fdd526623016c
# Reference: https://www.virustotal.com/gui/file/d9bba1cfca6b1d20355ce08eda37d6d0bca8cb8141073b699000d05025510dcc/detection
# Reference: https://www.virustotal.com/gui/file/eb383824d0aae1b561c42f6709ce0d9f1c39ad8d7a743709f1080b8dc5985cfe/detection
# Reference: https://www.virustotal.com/gui/file/7831806172857a563d7b4789acddc98fc11763aaf3cedf937630b4a9dce31419/detection
# Reference: https://www.virustotal.com/gui/file/4cc4d170209897ce52093a13e2b5a27405efaeb9be1f8e1aaf93226e3451d110/detection
# Reference: https://www.virustotal.com/gui/file/29bb22553c16b32057b30c240b30e2f4fe107d9ccfb6b2d0dbece6f41a2419d6/detection

http://46.137.201.254
46.137.201.254:8001
46.137.201.254:8888

# Reference: https://twitter.com/ESETresearch/status/1547943632455364609
# Reference: https://twitter.com/ESETresearch/status/1547944027957260292
# Reference: https://www.virustotal.com/gui/file/1f6af8e1e04288ce01039927d7f693c38af78378718138702edc68cf3fa6979c/detection
# Reference: https://www.virustotal.com/gui/file/d75d569a20442043eff9946a269ccc2a27c0e4eb33e0f0dbeac48b4ac65400c0/detection

saleforces-it.com
saleforces.s3-accelerate.amazonaws.com

# Reference: https://twitter.com/malwrhunterteam/status/1559639717146251271
# Reference: https://www.virustotal.com/gui/file/57d005ffd8d8e09f822470dd09982dabd13706580fb78c8398242626b4f97f8a/detection

sj-analytics.com

# Reference: https://www.malware-traffic-analysis.net/2022/08/30/index.html
# Reference: https://twitter.com/malware_traffic/status/1564727055304069130

65.20.115.15:8557

# Reference: https://twitter.com/fr0s7_/status/1567449023992184832
# Reference: https://www.virustotal.com/gui/file/1142ba812887fb309a6d4e8a6b14205b80eff6d95ac067d6fd807e65b343cf7d/detection

23.82.140.230:8888
vomonavopo.com

# Reference: https://twitter.com/MichalKoczwara/status/1580643176188350465

195.211.198.113:31337

# Reference: https://twitter.com/MichalKoczwara/status/1580683916939530240
# Reference: https://www.virustotal.com/gui/file/17df554651962ebb1424a549ddc43f2a7e0e25a571ddfe454393b4f413261296/detection

http://44.201.81.167

# Reference: https://twitter.com/r3dbU7z/status/1582932022859026432

ondemand-9839.ske.psydev.eu
dashboard.ondemand-9839.ske.psydev.eu
identity.ondemand-9839.ske.psydev.eu

# Reference: https://twitter.com/MichalKoczwara/status/1591050511125712897
# Reference: https://tria.ge/221111-psjzrsab4z/behavioral1

150.242.219.35:8080

# Reference: https://twitter.com/MichalKoczwara/status/1591185624933060608

143.110.214.130:8080
18.190.153.173:8080
65.108.227.57:9999

# Reference: https://twitter.com/h2jazi/status/1599882699195711489
# Reference: https://twitter.com/h2jazi/status/1601231407334166528
# Reference: https://www.virustotal.com/gui/file/3272bfc6ad54f1162db8c01f0621e295068ac363cb8b5f98b179920c47138de2/detection

23.94.131.51:8888
batrn.com
kmatv.com

# Reference: https://twitter.com/MichalKoczwara/status/1603014021791227905

103.215.127.5:8000

# Reference: https://twitter.com/MichalKoczwara/status/1603709696405225472
# Reference: https://www.virustotal.com/gui/file/92876bc30ecc2493710d8e0f714a8d12277a3208139d26bc85e12839129fd4f1/detection

http://13.48.204.226
13.48.204.226:443
13.48.204.226:8082

# Reference: https://twitter.com/MichalKoczwara/status/1606996714006749186

89.147.111.80:8000

# Reference: https://twitter.com/IronNetTR/status/1615355762598973441

hax0x.win
missbare.com
pt-ccs.com
cs.hax0x.win
rsgr-login.missbare.com
us1-bwh.milktea.info

# Reference: https://twitter.com/r3dbU7z/status/1627205584108896256
# Reference: https://www.virustotal.com/gui/file/31e21a23b571fb59b029dbf521ba63302aff87a9de53f16e5e2599060f168805/detection

154.38.161.223:443
154.38.161.223:8888

# Reference: https://asec.ahnlab.com/en/47088/
# Reference: https://otx.alienvault.com/pulse/63e25c5cbc100230953c2d2e

61.155.8.2:81

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/

1.13.17.105:31337
1.13.17.105:443
1.13.17.105:8443
101.132.125.34:443
101.133.174.70:443
101.33.248.33:31337
101.35.172.163:38080
101.35.172.163:8888
101.35.253.83:31337
101.35.253.83:8888
101.36.121.133:31337
101.36.121.133:8888
101.43.156.89:31337
101.43.156.89:8888
101.43.156.89:9999
103.103.128.167:31337
103.103.128.167:8888
103.124.104.77:3131
103.124.104.80:3131
103.140.187.122:31337
103.15.105.29:31337
103.234.72.156:31337
103.35.151.195:31337
103.35.151.222:31337
103.56.19.196:31337
103.85.110.13:31337
104.131.35.176:443
104.168.142.135:31337
104.198.153.240:31337
104.224.176.67:31337
104.224.176.67:8888
104.236.186.248:31337
104.243.20.216:31337
106.14.30.199:443
106.15.170.198:31337
106.15.78.194:443
107.150.119.144:31337
107.174.78.227:31337
107.174.78.227:8080
107.189.1.156:31337
107.189.1.156:7325
107.189.1.156:8888
107.20.113.175:443
108.61.127.105:31337
109.248.6.249:31337
110.173.59.146:31337
110.173.59.146:8888
110.173.59.147:31337
110.173.59.147:8888
114.132.197.186:31337
114.132.197.186:8888
114.55.58.137:31337
116.203.179.171:31337
116.203.179.171:443
117.50.177.140:31337
117.50.177.140:8888
118.193.37.157:8888
118.193.37.157:9999
118.25.158.13:31337
118.25.22.185:31337
118.25.22.185:8888
121.199.166.58:31337
121.199.2.153:37725
121.199.2.153:443
121.5.112.42:31337
122.147.252.103:31337
124.71.84.65:8889
124.71.84.65:8899
128.199.227.227:31337
128.199.38.50:443
128.199.38.50:8080
129.211.212.112:31337
129.211.212.112:443
13.115.21.133:31337
13.115.21.133:443
13.229.251.52:443
13.236.149.120:31337
13.49.46.31:443
132.145.153.214:31337
134.122.24.31:31337
134.122.24.31:8888
134.209.101.218:443
134.209.122.158:31337
134.209.122.158:8888
134.209.204.95:31337
134.209.26.96:10443
134.209.26.96:31443
134.209.26.96:8080
134.209.65.138:31337
134.209.65.138:445
134.255.218.232:31337
134.255.218.232:8888
135.125.236.177:31337
136.244.95.237:31337
136.244.95.237:8888
137.184.202.213:9091
137.184.57.89:31337
137.184.86.247:31337
138.197.186.34:31337
138.197.224.55:31337
138.68.123.125:31337
138.68.123.125:8888
138.68.149.85:31337
138.68.149.85:443
138.68.99.116:31337
138.68.99.116:443
138.68.99.223:31337
139.144.19.169:31337
139.144.27.201:31337
139.144.27.201:8888
139.144.46.164:31337
139.162.155.164:31337
139.177.146.102:31337
139.177.196.67:31337
139.177.196.67:8888
139.177.203.214:31337
139.177.203.214:8888
139.224.100.44:443
139.224.164.117:443
139.224.254.195:32032
139.224.254.195:443
139.99.122.227:31337
14.1.29.189:31337
14.1.29.189:8443
140.238.221.59:31337
140.238.226.66:31337
140.238.226.66:8888
141.193.159.146:31337
141.193.159.146:8888
142.93.136.194:4443
142.93.136.194:6443
142.93.136.194:8080
142.93.136.194:8443
143.110.155.198:31337
143.110.155.198:8888
143.110.240.214:17960
143.110.240.214:8880
143.110.252.93:31337
143.110.252.93:8888
143.244.185.237:31337
143.244.185.237:443
144.126.211.191:31337
144.126.211.191:443
144.126.211.191:8888
144.126.249.150:31337
144.22.135.107:443
144.22.135.107:80
144.22.230.36:3000
144.34.160.57:31337
144.34.160.57:8888
144.34.180.27:31337
144.34.180.27:443
144.34.250.208:31337
145.239.197.144:31337
146.19.80.25:31337
146.190.128.88:31337
146.190.14.192:443
146.190.160.18:31337
146.59.237.220:31337
146.70.104.167:8080
146.70.79.97:443
147.182.137.225:31337
147.182.137.225:8888
147.182.170.15:31337
148.66.57.50:31337
148.66.57.51:31337
149.127.231.12:1080
149.127.231.12:80
149.248.8.148:13443
149.28.63.25:443
149.28.90.162:1443
149.28.90.162:443
149.56.132.95:31337
149.56.132.95:443
149.56.132.95:8888
149.81.74.205:31337
149.81.74.206:31337
149.81.74.207:31337
149.81.87.18:31337
150.136.62.139:443
150.158.184.129:3389
150.158.184.129:443
150.158.184.129:8888
150.158.184.129:9999
150.158.27.149:31337
150.158.27.149:8888
151.115.60.162:31337
151.115.60.162:9191
151.80.106.50:31337
152.89.218.235:31337
154.202.59.96:31337
154.3.8.48:31337
154.3.8.48:443
154.38.161.223:31337
155.138.229.198:31337
157.245.96.88:17961
157.245.96.88:9088
158.101.5.57:443
158.247.213.192:31337
158.69.102.4:443
159.203.99.10:31337
159.223.14.39:443
159.223.201.125:443
159.65.202.74:31337
159.65.62.90:8080
159.65.62.90:8888
159.65.62.90:8889
159.89.106.178:31337
161.35.214.132:31337
161.35.214.132:443
161.35.62.227:8443
162.33.177.38:54712
162.33.177.72:31337
162.33.177.72:8888
164.90.132.211:31337
164.92.101.3:31337
164.92.161.89:8080
164.92.255.219:443
164.92.255.219:8080
165.22.178.225:31337
165.22.178.225:8888
165.227.176.139:31337
165.227.230.18:31337
165.227.230.18:443
165.227.231.125:31337
165.227.231.125:443
165.227.99.110:31337
167.172.83.4:31337
167.179.108.215:31337
167.179.108.215:8888
167.71.108.217:31337
167.71.108.217:8888
167.71.2.28:31337
167.99.17.196:31337
168.138.93.130:31337
168.63.40.231:31337
170.130.55.160:31337
170.187.207.103:31337
170.64.177.221:31337
171.22.30.222:31337
172.104.238.198:56437
172.105.222.100:8888
172.245.92.226:31337
172.245.92.226:8888
172.86.120.245:31337
172.86.121.214:31337
172.86.75.56:31337
172.86.75.56:8888
172.96.192.52:31337
173.199.71.71:31337
173.82.135.18:31337
173.82.135.18:443
173.82.135.18:8443
173.82.135.18:8888
173.82.192.38:31337
173.82.192.38:8888
174.138.7.112:31337
174.138.7.112:8888
178.128.144.124:31337
178.128.229.91:31337
178.18.247.95:443
178.62.47.29:4443
178.62.47.29:8080
179.43.154.251:31337
179.60.150.147:31337
18.140.228.104:31337
18.159.62.29:31337
18.234.7.23:31337
182.61.145.9:31337
184.73.118.20:31337
184.73.118.20:8888
185.128.106.245:31337
185.130.45.94:31337
185.141.61.185:31337
185.141.61.185:8888
185.150.119.7:31337
185.150.119.7:4443
185.203.119.47:31337
185.25.51.144:31337
185.25.51.144:443
185.25.51.144:8888
185.254.198.147:31337
185.73.124.16:31337
185.81.68.180:31337
185.82.218.214:31337
188.127.237.167:31337
188.166.161.123:31337
188.166.27.178:31337
188.166.27.178:8888
188.166.81.141:31337
190.92.243.156:31337
190.92.243.156:8443
191.101.78.79:31337
191.101.78.79:5432
192.169.6.122:31337
192.169.6.122:8888
192.169.6.122:8889
192.169.6.122:8891
192.227.194.106:31337
192.227.194.106:8888
192.241.128.7:31337
192.241.154.94:31337
192.241.154.94:8888
192.9.132.63:4422
193.149.185.51:31337
193.149.185.51:8888
193.178.147.164:8080
193.29.13.203:31337
193.29.13.203:8888
194.135.17.3:31337
194.135.17.3:443
194.135.17.3:8888
194.163.133.23:31337
194.87.218.16:31337
194.87.218.16:8888
194.87.46.13:31337
194.87.46.13:8888
194.87.68.68:25
194.87.68.68:80
194.87.68.68:8080
195.123.225.18:31337
195.245.239.108:1443
195.245.239.108:31337
195.245.239.108:443
198.211.15.57:31337
198.211.15.57:9000
198.211.15.57:9001
198.211.15.57:9002
198.211.48.141:31337
198.27.76.162:31337
198.46.215.53:31337
198.58.103.64:443
20.1.134.133:443
20.118.135.66:63073
20.118.135.66:8888
20.123.75.93:443
20.248.225.130:31337
20.248.225.130:8888
20.61.4.19:3000
20.61.4.19:4000
20.61.4.19:4001
20.61.4.19:5000
206.189.192.120:31337
206.189.252.100:31337
208.123.119.232:31337
208.123.119.232:8888
208.64.230.6:33338
208.64.230.6:8585
209.141.45.215:443
212.53.167.167:31337
213.189.201.88:31337
213.52.128.52:31337
216.127.175.18:31337
216.127.175.18:8888
217.6.46.91:31337
222.208.209.13:31337
222.208.209.13:8888
222.208.209.148:31337
222.208.209.148:8888
222.208.209.46:31337
222.208.209.46:8888
222.208.210.47:31337
222.208.210.47:8888
23.105.193.194:31337
23.19.227.106:443
23.224.135.138:31337
23.224.135.138:443
23.224.135.138:8888
23.224.135.139:31337
23.224.135.139:443
23.224.135.139:8888
23.224.135.140:31337
23.224.135.140:443
23.224.135.140:8888
23.224.135.141:31337
23.224.135.141:443
23.224.135.141:8888
23.224.135.142:31337
23.224.135.142:443
23.224.135.142:8888
23.234.199.141:31337
23.239.30.17:31337
23.239.30.17:8888
23.82.141.146:31337
23.82.141.146:8888
23.83.127.233:31337
23.94.131.51:31337
23.94.200.202:31337
23.95.44.80:31337
23.95.44.80:8888
3.104.54.39:31337
3.104.54.39:8888
3.128.135.199:31337
3.130.73.232:31337
3.134.102.71:31337
3.134.102.71:8888
3.142.79.130:31337
3.235.153.136:31337
3.235.153.136:443
3.237.92.13:31337
3.237.92.13:8888
3.238.195.247:31337
3.238.195.247:8888
3.68.73.20:443
3.8.115.155:31337
3.82.226.95:443
3.85.22.130:31337
3.85.22.130:8888
3.93.154.104:443
34.162.188.150:31337
34.162.188.150:8443
34.176.0.227:31337
34.201.98.138:31337
34.201.98.138:8888
34.212.32.244:443
34.221.238.130:31337
34.221.238.130:443
34.221.238.130:7777
34.221.238.130:8888
35.167.111.43:443
35.180.135.137:31337
35.180.5.225:31337
35.180.5.225:8443
35.225.60.206:31337
35.236.117.76:31337
35.240.171.140:31337
35.72.242.198:3306
35.72.242.198:443
37.10.71.215:31337
37.10.71.215:443
37.120.238.184:31337
37.120.238.184:80
37.120.238.184:88
37.235.49.25:443
37.28.157.7:31337
37.28.157.7:443
37.48.120.35:31337
38.55.24.35:31337
39.98.48.67:31337
4.240.86.147:31337
4.240.86.147:8888
43.133.22.89:3306
43.133.22.89:45887
43.133.22.89:80
43.137.3.222:31337
43.137.3.222:8888
43.138.196.138:8000
43.138.196.138:8888
43.154.223.31:443
43.207.147.229:3306
43.207.147.229:443
44.202.249.7:31337
44.211.101.170:10003
45.120.52.106:31337
45.120.52.106:8888
45.120.52.149:31337
45.120.52.149:8888
45.134.83.252:31337
45.134.83.252:8888
45.14.224.102:31337
45.153.231.136:31337
45.154.14.194:31337
45.227.255.185:31337
45.227.255.185:8888
45.227.255.217:31337
45.227.255.217:8888
45.227.255.223:31337
45.227.255.223:8888
45.227.255.225:31337
45.227.255.225:8888
45.32.233.220:31337
45.32.233.220:8888
45.56.114.203:31337
45.61.137.59:31337
45.76.162.76:443
45.77.120.140:31337
45.77.120.140:54327
45.77.221.80:31337
45.77.221.80:8888
45.77.41.35:31337
45.79.125.241:31337
45.8.146.160:31337
45.8.146.160:8080
45.8.157.45:31337
45.87.43.114:31337
45.87.43.114:443
45.89.234.23:31337
45.89.234.23:8888
45.9.148.212:31337
45.9.148.212:8888
45.9.148.252:31337
45.9.148.64:31337
45.9.148.64:5443
45.9.150.109:31337
45.9.150.109:3677
45.9.150.132:443
46.101.179.149:31337
46.101.179.149:8888
46.148.26.88:31337
46.148.26.88:8888
46.21.153.155:31337
46.21.153.155:8443
46.21.159.189:443
46.21.159.189:8888
46.246.93.104:31337
46.29.160.10:31337
46.29.160.10:53
47.102.85.249:443
47.103.118.103:443
47.103.149.221:443
47.116.7.129:443
47.116.9.252:443
47.242.117.160:443
47.242.122.35:443
47.242.23.161:43831
47.57.0.78:31337
49.12.3.231:31337
49.232.0.5:31337
49.232.136.115:8090
5.178.2.76:31337
5.199.168.209:31337
5.199.173.106:31337
5.199.173.134:31337
5.199.173.134:5443
5.199.174.230:31337
5.255.114.206:60443
5.255.114.206:8443
51.15.228.209:443
51.15.252.225:31337
51.15.252.225:8888
51.15.57.83:443
51.178.81.117:31337
51.178.81.117:8888
51.81.201.194:31337
51.81.201.194:8888
52.40.129.127:31337
52.40.129.127:8080
52.53.230.115:31337
52.53.230.115:8888
54.151.62.116:8888
54.165.231.50:31337
54.165.231.50:8888
54.197.29.26:443
54.206.116.39:443
54.226.199.146:443
54.65.51.181:31337
54.91.1.255:31337
57.128.11.250:31337
62.210.124.105:31337
62.210.124.105:8888
62.3.58.81:31337
63.250.54.32:31337
64.227.122.163:8443
64.227.18.206:31337
64.44.102.190:31337
64.44.102.190:8888
64.44.102.212:31337
64.44.102.212:443
64.44.102.212:8443
64.44.102.212:8888
65.108.250.5:8448
65.109.134.211:31337
65.20.69.26:443
65.21.180.80:31337
65.21.180.80:8888
66.228.61.51:443
66.42.87.133:31337
66.42.87.133:8888
67.205.151.119:31337
67.205.151.119:8888
67.205.175.21:31337
67.205.175.21:8888
67.205.184.220:31337
68.183.207.200:31337
68.183.207.200:8888
68.183.42.154:31337
72.14.178.145:443
76.74.127.144:31337
76.74.127.145:31337
77.91.73.143:31337
77.91.73.143:8888
78.47.126.26:443
79.136.1.87:31337
79.137.39.211:9090
8.212.148.49:31337
8.212.148.49:8888
8.217.54.75:31337
8.217.54.75:8888
8.218.149.214:443
8.218.200.114:1234
8.218.200.114:12345
8.218.200.114:31337
8.219.200.180:31337
80.78.22.106:31337
80.78.22.106:443
80.78.22.106:8888
81.200.149.183:31337
82.157.142.84:13137
84.32.248.95:32883
85.217.144.191:31337
85.239.54.16:31337
88.99.46.167:31337
89.116.234.48:31337
89.116.234.48:8888
89.147.111.80:31337
89.147.111.80:8888
89.38.128.51:42448
89.44.9.148:31337
91.240.202.179:31337
91.240.202.179:443
92.204.160.119:31337
92.204.160.119:443
92.205.29.124:1234
92.205.29.124:31337
92.205.29.124:8888
92.223.65.169:31337
92.223.65.169:443
93.95.229.168:31337
93.95.229.168:443
93.95.229.168:8888
95.170.68.91:31337
95.170.68.91:8082
95.216.192.109:31337
pezimap.com

# Reference: https://twitter.com/MichalKoczwara/status/1637564597719777280

192.3.128.185:31337

# Reference: https://twitter.com/MichalKoczwara/status/1639289816381628418

91.234.199.4:31337

# Reference: https://twitter.com/MichalKoczwara/status/1639367247830327297

164.92.255.219:8080
164.92.255.219:8448
65.108.250.5:8080
65.108.250.5:8448

# Reference: https://twitter.com/MichalKoczwara/status/1639587828899147777

1.13.174.161:31337
101.33.248.33:31337
103.140.187.122:31337
103.15.105.29:31337
103.234.72.156:31337
103.35.151.195:31337
103.35.151.222:31337
103.56.19.196:31337
103.85.110.13:31337
104.168.142.135:31337
104.198.153.240:31337
104.236.186.248:31337
104.243.20.216:31337
106.15.170.198:31337
107.150.119.144:31337
108.61.127.105:31337
109.248.6.249:31337
114.55.58.137:31337
117.50.177.140:31337
118.193.37.157:31337
121.199.166.58:31337
121.199.2.153:31337
121.5.112.42:31337
122.147.252.103:31337
128.199.227.227:31337
128.199.38.50:31337
13.236.149.120:31337
132.145.153.214:31337
134.209.204.95:31337
134.209.26.96:31337
135.125.236.177:31337
137.184.57.89:31337
137.184.86.247:31337
138.197.186.34:31337
138.197.224.55:31337
138.68.123.125:31337
138.68.99.223:31337
139.144.19.169:31337
139.144.46.164:31337
139.162.155.164:31337
139.177.146.102:31337
139.224.254.195:31337
139.99.122.227:31337
140.238.221.59:31337
140.238.226.66:31337
142.93.136.194:31337
144.126.249.150:31337
144.34.250.208:31337
145.239.197.144:31337
146.19.80.25:31337
146.190.128.88:31337
146.190.160.18:31337
146.59.237.220:31337
146.70.104.167:31337
147.182.170.15:31337
148.66.57.50:31337
148.66.57.51:31337
149.127.231.12:31337
149.28.90.162:31337
149.81.74.205:31337
149.81.74.206:31337
149.81.74.207:31337
149.81.87.18:31337
150.158.184.129:31337
150.158.27.149:31337
151.80.106.50:31337
152.89.218.235:31337
154.202.59.96:31337
155.138.229.198:31337
158.247.213.192:31337
159.203.99.10:31337
159.65.202.74:31337
159.65.62.90:31337
159.89.106.178:31337
162.33.177.38:31337
164.90.132.211:31337
164.92.101.3:31337
164.92.161.89:31337
164.92.255.219:31337
165.227.176.139:31337
165.227.99.110:31337
167.172.83.4:31337
167.71.2.281:31337
167.99.17.196:31337
168.138.93.130:31337
168.63.40.231:31337
170.130.55.160:31337
170.187.207.103:31337
171.22.30.222:31337
172.86.120.245:31337
172.86.121.214:31337
172.96.192.52:31337
173.199.71.71:31337
174.138.7.112:31337
178.128.144.124:31337
178.128.229.91:31337
178.62.47.29:31337
179.43.154.251:31337
179.60.150.147:31337
18.140.228.104:31337
18.159.62.29:31337
18.234.7.23:31337
182.61.145.9:31337
185.128.106.245:31337
185.130.45.94:31337
185.203.119.47:31337
185.254.198.147:31337
185.73.124.16:31337
185.81.68.180:31337
185.82.218.214:31337
188.127.237.167:31337
188.166.161.123:31337
192.241.128.7:31337
193.29.13.203:31337
194.163.133.23:31337
195.123.225.18:31337
198.211.48.141:31337
198.27.76.162:31337
198.46.215.53:31337
20.61.4.19:31337
206.189.192.120:31337
206.189.252.100:31337
212.53.167.167:31337
213.189.201.88:31337
213.52.128.52:31337
216.127.175.18:31337
217.6.46.91:31337
23.105.193.194:31337
23.234.199.141:31337
23.83.127.233:31337
23.94.131.51:31337
23.94.200.202:31337
3.128.135.199:31337
3.130.73.232:31337
3.142.79.130:31337
3.8.115.155:31337
34.176.0.227:31337
34.221.238.130:31337
35.180.135.137:31337
35.225.60.206:31337
35.236.117.76:31337
35.240.171.140:31337
35.72.242.198:31337
37.28.157.7:31337
37.48.120.35:31337
38.55.24.35:31337
39.98.48.67:31337
43.133.22.89:31337
43.207.147.229:31337
44.202.249.7:31337
44.211.101.170:31337
45.14.224.102:31337
45.153.231.136:31337
45.227.255.217:31337
45.227.255.223:31337
45.56.114.203:31337
45.61.137.59:31337
45.77.41.35:31337
45.79.125.241:31337
45.8.157.45:31337
45.89.234.23:31337
45.9.148.252:31337
45.9.150.109:31337
46.148.26.88:31337
46.246.93.104:31337
46.29.160.10:31337
47.242.23.161:31337
47.57.0.78:31337
49.12.3.231:31337
5.178.2.76:31337
5.199.168.209:31337
5.199.173.106:31337
5.199.174.230:31337
54.65.51.181:31337
54.91.1.255:31337
57.128.11.250:31337
57.128.195.112:31337
62.3.58.81:31337
63.250.54.32:31337
64.227.18.206:31337
65.108.250.5:31337
65.109.134.211:31337
67.205.151.119:31337
67.205.184.220:31337
68.183.42.154:31337
76.74.127.144:31337
76.74.127.145:31337
79.136.1.87:31337
8.219.200.180:31337
81.200.149.183:31337
82.157.142.84:31337
84.32.248.95:31337
85.217.144.191:31337
85.239.54.16:31337
88.99.46.167:31337
89.116.234.48:31337
89.38.128.51:31337
89.44.9.148:31337
92.204.160.119:31337
92.205.29.124:31337
92.246.89.172:31337
1.13.174.161:54712
101.33.248.33:54712
101.43.156.89:54712
103.140.187.122:54712
103.15.105.29:54712
103.234.72.156:54712
103.35.151.195:54712
103.35.151.222:54712
103.56.19.196:54712
103.85.110.13:54712
104.168.142.135:54712
104.198.153.240:54712
104.236.186.248:54712
104.243.20.216:54712
106.15.170.198:54712
107.150.119.144:54712
107.174.78.227:54712
108.61.127.105:54712
109.248.6.249:54712
110.173.59.146:54712
110.173.59.147:54712
114.132.197.186:54712
114.55.58.137:54712
117.50.177.140:54712
118.193.37.157:54712
118.25.22.185:54712
121.199.166.58:54712
121.199.2.153:54712
121.5.112.42:54712
122.147.252.103:54712
128.199.227.227:54712
128.199.38.50:54712
13.115.21.133:54712
13.236.149.120:54712
132.145.153.214:54712
134.209.204.95:54712
134.209.26.96:54712
135.125.236.177:54712
136.244.95.237:54712
137.184.57.89:54712
137.184.86.247:54712
138.197.186.34:54712
138.197.224.55:54712
138.68.123.125:54712
138.68.149.85:54712
138.68.99.116:54712
138.68.99.223:54712
139.144.19.169:54712
139.144.27.201:54712
139.144.46.164:54712
139.162.155.164:54712
139.177.146.102:54712
139.177.196.67:54712
139.177.203.214:54712
139.224.254.195:54712
139.99.122.227:54712
140.238.221.59:54712
140.238.226.66:54712
141.193.159.146:54712
142.93.136.194:54712
143.110.155.198:54712
144.126.249.150:54712
144.34.180.27:54712
144.34.250.208:54712
145.239.197.144:54712
146.19.80.25:54712
146.190.128.88:54712
146.190.160.18:54712
146.59.237.220:54712
146.70.104.167:54712
147.182.170.15:54712
148.66.57.50:54712
148.66.57.51:54712
149.127.231.12:54712
149.28.90.162:54712
149.81.74.205:54712
149.81.74.206:54712
149.81.74.207:54712
149.81.87.18:54712
150.158.184.129:54712
150.158.27.149:54712
151.115.60.162:54712
151.80.106.50:54712
152.89.218.235:54712
154.202.59.96:54712
155.138.229.198:54712
158.247.213.192:54712
159.203.99.10:54712
159.65.202.74:54712
159.65.62.90:54712
159.89.106.178:54712
161.35.214.132:54712
162.33.177.38:54712
162.33.177.72:54712
164.90.132.211:54712
164.92.101.3:54712
164.92.161.89:54712
164.92.255.219:54712
165.227.176.139:54712
165.227.230.18:54712
165.227.231.125:54712
165.227.99.110:54712
167.172.83.4:54712
167.71.2.281:54712
167.99.17.196:54712
168.138.93.130:54712
168.63.40.231:54712
170.130.55.160:54712
170.187.207.103:54712
171.22.30.222:54712
172.86.120.245:54712
172.86.121.214:54712
172.86.75.56:54712
172.96.192.52:54712
173.199.71.71:54712
173.82.135.18:54712
174.138.7.112:54712
178.128.144.124:54712
178.128.229.91:54712
178.62.47.29:54712
179.43.154.251:54712
179.60.150.147:54712
18.140.228.104:54712
18.159.62.29:54712
18.234.7.23:54712
182.61.145.9:54712
185.128.106.245:54712
185.130.45.94:54712
185.203.119.47:54712
185.25.51.144:54712
185.254.198.147:54712
185.73.124.16:54712
185.81.68.180:54712
185.82.218.214:54712
188.127.237.167:54712
188.166.161.123:54712
188.166.27.178:54712
188.166.81.141:54712
190.92.243.156:54712
192.227.194.106:54712
192.241.128.7:54712
192.3.128.185:54712
193.149.185.51:54712
193.29.13.203:54712
194.163.133.23:54712
194.87.218.16:54712
194.87.46.13:54712
195.123.225.18:54712
198.211.15.57:54712
198.211.48.141:54712
198.27.76.162:54712
198.46.215.53:54712
20.61.4.19:54712
206.189.192.120:54712
206.189.252.100:54712
208.123.119.232:54712
212.53.167.167:54712
213.189.201.88:54712
213.52.128.52:54712
216.127.175.18:54712
217.6.46.91:54712
23.105.193.194:54712
23.224.135.138:54712
23.224.135.139:54712
23.224.135.140:54712
23.224.135.141:54712
23.224.135.142:54712
23.234.199.141:54712
23.82.141.146:54712
23.83.127.233:54712
23.94.131.51:54712
23.94.200.202:54712
3.128.135.199:54712
3.130.73.232:54712
3.142.79.130:54712
3.235.153.136:54712
3.238.195.247:54712
3.8.115.155:54712
34.176.0.227:54712
34.201.98.138:54712
34.221.238.130:54712
35.180.135.137:54712
35.225.60.206:54712
35.236.117.76:54712
35.240.171.140:54712
35.72.242.198:54712
37.10.71.215:54712
37.120.238.184:54712
37.28.157.7:54712
37.48.120.35:54712
38.55.24.35:54712
39.98.48.67:54712
43.133.22.89:54712
43.207.147.229:54712
44.202.249.7:54712
44.211.101.170:54712
45.120.52.106:54712
45.120.52.149:54712
45.14.224.102:54712
45.153.231.136:54712
45.227.255.217:54712
45.227.255.223:54712
45.32.233.220:54712
45.56.114.203:54712
45.61.137.59:54712
45.77.221.80:54712
45.77.41.35:54712
45.79.125.241:54712
45.8.157.45:54712
45.89.234.23:54712
45.9.148.252:54712
45.9.148.64:54712
45.9.150.109:54712
46.101.179.149:54712
46.148.26.88:54712
46.21.153.155:54712
46.246.93.104:54712
46.29.160.10:54712
47.242.23.161:54712
47.57.0.78:54712
49.12.3.231:54712
5.178.2.76:54712
5.199.168.209:54712
5.199.173.106:54712
5.199.174.230:54712
51.15.252.225:54712
51.178.81.117:54712
51.81.201.194:54712
54.65.51.181:54712
54.91.1.255:54712
57.128.11.250:54712
57.128.195.112:54712
62.3.58.81:54712
63.250.54.32:54712
64.227.18.206:54712
64.44.102.190:54712
64.44.102.212:54712
65.108.250.5:54712
65.109.134.211:54712
65.21.180.80:54712
67.205.151.119:54712
67.205.184.220:54712
68.183.207.200:54712
68.183.42.154:54712
76.74.127.144:54712
76.74.127.145:54712
79.136.1.87:54712
8.219.200.180:54712
80.78.22.106:54712
81.200.149.183:54712
82.157.142.84:54712
84.32.248.95:54712
85.217.144.191:54712
85.239.54.16:54712
88.99.46.167:54712
89.116.234.48:54712
89.38.128.51:54712
89.44.9.148:54712
91.234.199.4:54712
92.204.160.119:54712
92.205.29.124:54712
92.246.89.172:54712
93.95.229.168:54712

# Reference: https://twitter.com/sicehice/status/1647641806190911494

143.198.68.62:8080
143.198.68.62:8888

# Reference: https://twitter.com/sicehice/status/1647635123070746624

95.216.192.109:8888

# Reference: https://twitter.com/drb_ra/status/1652021268164558868
# Reference: https://twitter.com/drb_ra/status/1652021272073650186

188.166.165.134:31337
188.166.165.134:8888

# Reference: https://twitter.com/drb_ra/status/1652383665794457603
# Reference: https://twitter.com/drb_ra/status/1652383669246480390

195.80.148.103:31337
195.80.148.103:8888

# Reference: https://twitter.com/StopMalvertisin/status/1653354581022359552
# Reference: https://www.virustotal.com/gui/file/63d961efa8c959a1f890d584daa07beffba0138e296aa08a5d639ef4b5b33d51/detection
# Reference: https://www.virustotal.com/gui/file/41f35118af48f96cdbfa7aefa71fe3dffe76c9466e6fc4ba2f9210938ce43439/detection

159.223.53.246:6969
159.223.53.246:8888
dns-server.online

# Reference: https://twitter.com/drb_ra/status/1652746030717325315
# Reference: https://twitter.com/drb_ra/status/1652746034261422085

167.71.194.21:31337
167.71.194.21:8888

# Reference: https://twitter.com/drb_ra/status/1653470720507232257

45.61.136.196:8182

# Reference: https://twitter.com/drb_ra/status/1653470758645973014

54.255.40.113:8882

# Reference: https://twitter.com/drb_ra/status/1653470777721667618

85.208.136.119:1242

# Reference: https://twitter.com/drb_ra/status/1653470811905245200
# Reference: https://twitter.com/drb_ra/status/1653470815696896015

138.68.107.45:31337
138.68.107.45:8888

# Reference: https://twitter.com/drb_ra/status/1653833158201057315
# Reference: https://twitter.com/drb_ra/status/1653833161925599240

97.107.134.18:31337
97.107.134.18:8888

# Reference: https://twitter.com/drb_ra/status/1654195551955570692
# Reference: https://twitter.com/drb_ra/status/1654195555516534785

111.68.7.123:31337
111.68.7.123:8888

# Reference: https://twitter.com/drb_ra/status/1654195605755908115

139.224.50.7:443

# Reference: https://twitter.com/drb_ra/status/1654195610017308673

139.224.50.7:8443

# Reference: https://twitter.com/drb_ra/status/1654195615516053524

139.224.50.7:31337

# Reference: https://twitter.com/drb_ra/status/1654195635195727873
# Reference: https://twitter.com/drb_ra/status/1654195638366621700

141.164.50.44:31337
141.164.50.44:8888

# Reference: https://twitter.com/drb_ra/status/1654195678019571727
# Reference: https://twitter.com/drb_ra/status/1654195681635061775

185.77.96.155:31337
185.77.96.155:8888

# Reference: https://twitter.com/drb_ra/status/1654455094417522688

31.41.44.19:443

# Reference: https://twitter.com/drb_ra/status/1654455097609404417

31.41.44.19:31337

# Reference: https://twitter.com/drb_ra/status/1654455128009633792

43.248.136.99:443

# Reference: https://twitter.com/drb_ra/status/1654455131440545799

43.248.136.99:31337

# Reference: https://twitter.com/drb_ra/status/1654455225992790019

141.164.45.81:8888

# Reference: https://twitter.com/drb_ra/status/1654455229679648768

141.164.45.81:31337

# Reference: https://twitter.com/drb_ra/status/1655645096971231266
# Reference: https://twitter.com/drb_ra/status/1655645100083404801

111.68.7.122:31337
111.68.7.122:8888

# Reference: https://twitter.com/drb_ra/status/1656007485424115724

114.118.5.138:50051

# Reference: https://twitter.com/drb_ra/status/1656007539039911937
# Reference: https://twitter.com/drb_ra/status/1656007542835650560

162.33.177.203:31337
162.33.177.203:8888

# Reference: https://twitter.com/drb_ra/status/1656732230742310928
# Reference: https://twitter.com/drb_ra/status/1656732234647207937

54.152.37.54:31337
54.152.37.54:8888

# Reference: https://twitter.com/drb_ra/status/1656732336023646209
# Reference: https://twitter.com/drb_ra/status/1656732339441893401

173.82.58.62:31337
173.82.58.62:8888

# Reference: https://twitter.com/drb_ra/status/1657094704779911179
# Reference: https://twitter.com/drb_ra/status/1657094709506891806

185.99.133.148:31337
185.99.133.148:8888

# Reference: https://twitter.com/drb_ra/status/1657456999334834176
# Reference: https://twitter.com/drb_ra/status/1657457003000725505

37.27.17.204:31337
37.27.17.204:8888

# Reference: https://twitter.com/drb_ra/status/1657457119287730177
# Reference: https://twitter.com/drb_ra/status/1657457123846963201

120.24.42.20:31337
120.24.42.20:8888

# Reference: https://twitter.com/josh_penny/status/1655256609461878784

164.132.237.65:10443

# Reference: https://twitter.com/malwrhunterteam/status/1663059228632784896
# Reference: https://www.virustotal.com/gui/file/f5c78808731edf5c86f9389f52b3cdc21fb41096a64a368cf8265d063a53561e/detection
# Reference: https://www.virustotal.com/gui/file/aff8d50943660328c2503344b5312b20268cf1188ab6704c7186d0c1b05102e3/detection

service-ocztqds1-1304103560.bj.apigw.tencentcs.com

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-07-23)

1.13.180.253:31337
101.35.234.201:31337
101.35.234.201:3306
101.35.234.201:8888
101.37.91.112:31337
101.37.91.112:8888
101.42.166.216:31337
103.106.190.183:31337
103.176.145.162:31337
103.56.19.196:58853
103.56.19.196:8443
103.87.10.156:3308
104.234.147.42:31337
104.238.60.2:31337
104.251.212.135:31337
106.14.219.117:31337
107.148.149.89:31337
107.174.68.34:31337
114.118.5.135:50051
114.118.5.135:9443
114.118.5.138:9443
116.203.203.130:31337
116.203.203.130:8888
116.62.139.1:31337
116.62.139.1:8000
118.195.164.144:443
119.45.121.239:31337
119.45.121.239:443
119.45.206.25:31337
119.45.206.25:443
119.91.77.189:1234
120.24.42.20:53
123.249.88.252:31337
123.249.88.252:9443
123.57.39.29:31337
123.57.39.29:8443
124.222.166.93:8443
129.151.160.94:31337
129.159.135.74:31337
129.211.212.174:31337
13.238.218.206:31337
13.56.236.146:31337
134.122.121.18:31337
134.122.121.18:443
134.122.121.18:8888
134.122.133.131:31337
134.122.133.135:31337
134.209.26.96:32443
137.175.12.37:31337
137.175.12.37:8888
137.175.12.38:31337
137.175.12.38:8888
138.197.36.34:123
138.197.36.34:31337
139.144.24.48:31337
139.162.143.123:31337
139.180.213.133:31337
139.99.3.237:2020
139.99.3.237:31337
139.99.3.237:443
139.99.3.237:8888
140.82.34.250:31337
140.82.6.222:80
143.110.237.32:31337
143.110.237.32:8888
143.198.144.239:31337
143.198.40.42:31337
143.198.40.42:443
146.190.13.16:31337
146.70.79.54:31337
147.78.47.233:31337
147.78.47.233:8888
149.28.157.116:55555
150.158.142.12:31337
152.67.1.187:31337
152.67.26.76:31337
154.40.45.38:31337
157.230.6.223:31337
157.230.6.223:443
157.230.6.223:8888
157.245.202.4:31337
158.160.0.160:31337
158.160.20.71:31337
158.247.217.247:55555
158.51.123.137:31337
158.51.123.137:8888
159.223.113.166:31337
159.223.182.9:31337
159.223.189.221:31337
159.223.189.221:8888
159.223.53.246:31337
159.65.112.137:31337
159.75.154.130:443
159.8.96.5:31337
159.89.106.178:8080
161.35.99.1:31337
162.33.177.23:31337
164.90.149.21:31337
165.22.188.207:31337
165.227.204.151:31337
165.227.204.151:53
165.227.230.18:53
165.227.47.240:31337
167.114.115.246:31337
167.99.191.228:21
167.99.191.228:31337
168.100.11.70:31337
170.178.195.189:20000
170.187.152.186:31337
170.187.152.186:8888
172.105.125.49:22
172.105.125.49:31337
172.105.125.49:8888
172.81.123.204:31337
173.212.239.43:31337
173.254.204.68:31337
175.178.107.105:31337
175.178.107.105:443
175.41.187.111:31337
175.41.187.111:8888
18.163.80.92:31337
182.16.40.115:31337
182.16.40.118:31337
185.154.52.186:31337
185.186.245.34:8443
185.193.127.208:31337
185.254.37.216:31337
185.34.52.140:31337
185.34.52.140:8888
185.39.204.47:31337
185.39.204.47:8888
188.127.227.216:443
188.127.227.216:8080
188.166.218.66:31337
192.210.179.148:31337
192.227.194.137:31337
192.248.176.111:31337
192.3.161.110:31337
194.233.169.252:31337
194.26.135.116:31337
194.26.135.116:443
194.26.135.89:31337
194.26.135.89:8888
194.67.67.118:31337
194.67.67.118:8888
194.87.68.191:31337
194.87.68.191:443
194.87.68.191:80
195.123.225.29:31337
195.123.240.41:31337
195.123.240.41:8888
198.211.109.235:31337
198.211.109.235:8888
198.244.135.226:31337
198.244.135.229:31337
198.244.135.232:31337
198.98.52.184:31337
198.98.52.184:9010
198.98.52.184:9011
20.227.28.202:31337
20.58.167.202:31337
208.117.83.103:31337
208.117.83.103:5000
208.117.83.103:8888
212.118.54.51:31337
212.129.36.58:31337
212.129.36.59:31337
212.129.36.61:31337
212.83.158.17:31337
216.127.186.202:18443
216.127.186.202:31337
216.127.186.202:443
216.127.186.202:8888
217.182.76.45:31337
3.101.117.8:31337
3.101.117.8:8888
3.142.79.130:8888
3.18.103.195:8443
3.70.227.81:31337
3.80.71.248:31337
3.92.41.116:31337
34.105.151.117:31337
34.150.49.203:31337
34.171.81.60:31337
37.187.123.146:31337
38.55.97.95:3306
38.55.97.95:443
42.194.137.196:31337
43.137.17.156:31337
43.142.109.133:31337
43.156.59.135:31337
45.129.14.69:31337
45.129.14.69:443
45.142.166.93:41823
45.148.120.192:31337
45.152.114.93:10443
45.152.114.93:31337
45.153.129.38:31337
45.56.113.227:31337
45.56.113.227:8000
45.56.113.227:8888
45.61.137.200:31337
45.61.137.200:45984
45.77.177.30:31337
45.81.243.45:31337
45.81.39.39:91
45.88.66.59:31337
45.88.66.59:8888
46.249.100.15:31337
46.29.160.10:8443
47.94.169.63:31337
47.94.169.63:8888
47.94.169.63:9999
5.188.34.63:31337
5.252.176.26:31337
5.252.176.26:443
5.75.238.234:31337
5.75.238.234:8888
51.91.103.116:31337
52.70.185.38:8080
54.180.156.74:31337
54.209.86.218:31337
62.113.119.105:31337
62.182.84.234:31337
62.210.70.184:31337
64.226.109.209:31337
64.227.108.134:31337
64.227.108.134:8888
67.205.157.109:31337
68.183.30.174:31337
69.164.202.214:31337
74.120.172.209:31337
8.218.204.19:31337
80.78.23.172:31337
81.19.141.14:31337
81.19.141.14:8888
82.139.253.28:31337
82.156.227.47:31337
82.156.227.47:8888
82.66.159.119:31337
84.201.179.148:31337
84.248.198.231:31337
85.10.135.126:31337
85.204.116.80:31337
85.204.116.80:8888
85.217.144.22:31337
85.217.144.22:8888
88.119.174.210:31337
88.119.174.210:38922
88.119.174.210:443
89.147.110.79:31337
89.163.219.56:31337
95.164.46.194:31337
95.164.46.194:8888
95.170.68.91:443
95.214.27.241:31337
95.214.27.241:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-07-27)

114.55.58.137:31212
114.55.58.137:35487
159.223.168.25:31337
159.223.168.25:443
159.223.168.25:8888
167.172.228.48:31337
167.172.228.48:8888
170.178.195.189:23333
206.189.143.81:31337
206.189.143.81:8888
206.81.5.204:31337
206.81.5.204:443
206.81.5.204:8888
43.153.101.130:31337
43.153.101.130:443
5.255.120.28:31337
5.255.120.28:8080
60.204.185.123:3389
60.204.185.123:443
92.118.39.25:31337
92.118.39.25:443
92.118.39.25:53

# Reference: https://twitter.com/sicehice/status/1668834356444446722

174.49.101.134:8888
xyz.hackersdog.com

# Reference: https://twitter.com/sicehice/status/1658223115564982273

216.127.175.18:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-07-31)

http://172.105.125.49
172.105.125.49:21
47.242.51.151:31337
47.242.51.151:8888
92.118.39.25:8888

# Reference: https://asec.ahnlab.com/en/55652/

config.v6.army
panda.sect.kr
speed.ableoil.net
status.devq.workers.dev

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-08-01)

108.166.206.202:21229
170.178.211.195:12555
23.234.200.38:1443
35.212.172.98:31337
35.212.172.98:8888
47.94.113.86:31337
47.94.113.86:8888
51.91.100.41:31337
51.91.100.41:8443
91.142.73.118:443
91.142.73.118:50543
91.202.4.10:443
91.202.4.10:57302

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-08-09)

1.14.65.206:31337
1.14.65.206:8888
3.91.200.115:443
3.91.200.115:8443

# Reference: https://twitter.com/drb_ra/status/1689347704852258816

45.76.110.190:9090

# Reference: https://twitter.com/drb_ra/status/1689347729368006656

101.200.62.94:9000

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-08-11)

http://118.25.158.13
http://140.82.6.222
http://144.22.135.107
http://194.87.68.191
http://194.87.68.68
http://5.255.120.28
100.36.21.114:31337
100.36.21.114:8888
104.225.129.137:31337
104.225.129.137:443
114.118.5.138:8443
118.107.46.131:31337
118.107.46.131:8888
118.107.46.132:31337
118.107.46.132:8888
118.107.46.133:31337
118.107.46.133:8888
147.189.131.188:31337
147.189.131.188:8888
194.87.236.17:31337
194.87.236.17:8888
23.234.200.38:31337
35.185.58.57:31337
35.185.58.57:8888
8.213.132.159:443
8.213.132.159:7777

# Reference: https://twitter.com/drb_ra/status/1691521995555446784
# Reference: https://twitter.com/drb_ra/status/1691522028250046465

34.172.52.13:31337
34.172.52.13:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-08-16)

135.181.195.133:31337
135.181.195.133:8888
139.224.204.116:1723
139.224.204.116:9019
194.26.135.223:31337
194.26.135.223:443

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-08-20)

137.175.12.37:55566
170.178.211.195:31337
45.42.200.237:31337
45.42.200.237:8443
51.91.79.105:31337
51.91.79.105:8888
98.11.237.48:31337
98.11.237.48:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-19)

http://92.118.39.25
114.55.58.137:59317
118.25.142.205:6553
119.45.20.55:31337
119.45.20.55:443
137.175.12.38:55566
138.68.123.125:10770
146.56.198.25:31337
146.56.198.25:8888
15.237.24.169:42000
158.247.216.215:31337
158.247.216.215:8888
158.247.238.231:20000
172.233.240.65:31337
172.233.240.65:8888
176.123.1.144:31337
176.123.1.144:8888
185.225.70.191:31337
185.225.70.191:8888
188.127.227.207:31337
188.127.227.207:8888
193.233.48.200:8888
193.233.48.200:9090
217.182.170.11:31337
217.182.170.11:8888
23.83.133.53:31337
23.83.133.53:8888
35.232.112.155:31337
35.232.112.155:8888
43.230.161.37:1521
43.230.161.37:55556
51.255.5.104:31337
51.255.5.104:8888
52.74.242.200:8882
58.87.87.59:31337
58.87.87.59:8888
60.204.140.244:31337
60.204.140.244:8888
72.142.102.161:443
81.161.229.45:31337
81.161.229.45:8888
97.74.80.232:31337

# Reference: https://threatfox.abuse.ch/ioc/1152228/

141.164.53.170:20000

# Reference: https://www.virustotal.com/gui/file/6c599434bb8bb0c1e15d1b40ca3e667630e19b7ad48b330591e220fee7722bb2/detection

152.89.170.203:5050

# Reference: https://threatfox.abuse.ch/ioc/1163047/

206.188.197.227:38090

# Reference: https://twitter.com/KorbenD_Intel/status/1702379016877948972
# Reference: https://www.virustotal.com/gui/file/6f78ea9e8979708d7fd0f449777aa8d2bc334fef17b94b2a03b16e68ae6e3a26/detection

http://5.255.126.139
5.255.126.139:31337
5.255.126.139:443
devicereporter.com
js.devicereporter.com
n2.devicereporter.com
nl.devicereporter.com

# Reference: https://twitter.com/1ZRR4H/status/1704741185011568716
# Reference: https://www.virustotal.com/gui/file/c1b0acfd36a9caa242e14f8ce50d32a5a19a0fe3158e3a96cf09496982502b38/detection
# Reference: https://www.virustotal.com/gui/file/3e14b93fb266bad63fbc1e8c22f95b3ec8830182564ca365c44b38604d7fb79f/detection

http://137.184.96.202
13.245.183.173:8999
137.184.96.202:8080
137.184.96.202:8085
137.184.96.202:8086
45.63.7.212:8888
62.109.24.105:31337
62.109.24.105:8888
microsoftapi.net
diagnostics.microsoftapi.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-22)

http://43.133.231.48
114.118.5.136:50051
114.118.5.136:9443
118.184.186.182:42937
185.164.172.245:26668
185.164.172.245:8888
43.133.231.48:45887

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-24)

http://43.133.231.48
104.197.117.123:443
104.198.157.56:8083
113.4.19.28:2376
116.203.193.154:443
116.203.205.230:443
121.5.59.64:443
129.80.81.64:2376
13.52.234.113:443
13.91.106.22:8083
159.75.222.179:2376
162.55.173.180:2376
167.235.244.179:2376
176.31.21.120:2376
178.128.236.145:2376
18.176.32.89:2376
18.219.46.104:443
185.142.184.201:2376
20.121.237.146:443
3.232.215.227:8083
3.32.156.37:2376
3.33.238.117:8083
3.75.222.122:2376
3.79.95.174:2376
3.88.34.220:2376
31.147.205.87:8081
31.172.83.48:2376
34.126.74.251:2376
34.143.153.255:2376
34.143.209.90:2376
34.71.72.45:8083
34.90.195.133:2376
35.168.213.32:8083
35.203.17.14:2376
35.216.181.214:2376
35.222.116.63:8083
35.232.164.7:8083
35.240.180.169:2376
35.247.3.222:443
45.9.150.109:8888
5.161.206.45:2376
5.78.102.166:2376
51.195.252.147:443
52.4.122.136:2376
52.56.159.3:2376
52.86.72.243:8083
54.185.36.34:8083
54.198.73.201:8083
65.21.123.66:2376
69.64.160.107:443
80.240.21.102:2376
81.92.234.5:443
88.218.224.182:443
88.218.224.182:8443

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-26)

145.239.85.234:2376
15.197.228.221:8083
154.53.35.50:2376
163.5.143.157:2376
18.184.208.136:2376
18.216.116.172:8083
194.26.196.83:2376
206.117.31.235:443
209.42.194.93:8081
209.42.194.94:8081
3.132.127.123:8083
3.228.129.243:2376
3.79.246.57:2376
34.126.163.54:2376
34.168.149.233:443
34.69.252.38:8083
34.77.164.25:443
34.95.37.163:2376
35.226.172.143:8083
35.238.243.118:8083
44.214.190.129:443
44.214.190.129:8083
52.56.38.0:443
52.71.220.7:8083
54.198.73.201:443
54.227.170.33:8083
54.93.220.4:2376

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-29)

142.93.192.224:1337
18.157.163.215:2376
18.184.113.135:2376
188.40.163.156:443
195.201.235.164:443
2.57.149.93:8888
2.57.149.93:9090
23.234.203.187:9443
3.121.212.242:2376
3.76.222.154:2376
34.95.63.26:2376
35.198.225.38:2376
45.133.194.65:443
5.75.185.92:2376
52.197.114.159:2376
52.202.74.36:8083
52.56.68.28:443
52.57.163.198:2376
54.146.175.95:8083
54.160.56.128:2376
54.210.7.101:443
54.227.170.33:443
65.21.123.81:2376

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-09-30)

106.14.158.153:33306
106.14.158.153:9443
111.229.142.238:5432
113.4.19.22:2376
114.115.158.49:2376
129.153.131.167:2376
134.209.218.35:10443
135.181.250.71:2376
176.31.21.16:2376
18.196.240.144:2376
18.197.69.9:2376
18.205.146.13:2376
185.239.48.57:34654
185.239.48.57:8081
185.94.237.235:8443
188.40.163.156:8443
188.68.35.207:2376
208.123.119.222:31337
208.123.119.222:443
3.212.234.126:2376
3.37.1.94:2376
3.71.1.246:2376
34.143.223.175:2376
35.195.109.194:8083
35.232.88.10:8083
35.234.251.236:2376
43.154.25.13:31337
43.154.25.13:443
44.203.191.159:2376
45.152.114.93:443
45.79.28.120:2376
47.243.189.152:50051
52.156.132.245:8083
52.3.154.42:2376
52.55.201.51:2376
54.147.40.32:8443
87.239.108.174:31337
87.239.108.174:8443
95.217.91.78:31337
95.217.91.78:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-10-12)

101.182.1.170:31337
106.14.59.171:31337
109.205.183.190:31337
113.31.108.254:31337
120.55.61.38:31337
13.239.102.0:31337
135.125.233.126:31337
137.184.78.220:31337
139.180.193.185:31337
139.59.86.71:31337
143.110.151.209:31337
147.182.190.27:31337
15.235.166.83:31337
159.89.160.18:31337
16.16.172.16:31337
163.172.234.8:31337
167.172.174.4:31337
172.104.152.246:31337
172.104.63.85:31337
182.16.40.114:31337
182.16.40.116:31337
182.16.40.117:31337
185.203.116.51:31337
185.80.129.37:31337
185.80.130.127:31337
192.3.88.168:31337
193.142.59.154:31337
193.3.19.167:31337
195.58.52.46:31337
204.48.31.23:31337
204.48.31.23:443
209.182.225.101:31337
38.147.170.23:31337
38.242.132.29:31337
40.76.233.47:31337
45.12.2.103:31337
45.12.2.103:8888
43.131.245.127:20000
43.133.7.2:31337
44.200.188.170:31337
45.142.212.109:31337
45.155.37.101:31337
45.178.180.232:31337
45.32.109.51:31337
45.32.224.227:31337
45.79.69.11:31337
45.9.150.187:31337
51.195.150.20:31337
51.77.173.201:31337
64.225.109.152:31337
68.178.204.20:31337
68.183.193.39:31337
68.183.245.144:31337
74.234.112.124:31337
78.46.222.87:31337
80.78.25.161:31337
87.251.64.217:31337
91.211.247.92:31337
91.219.148.57:31337
93.95.230.215:31337
93.95.230.215:8888
94.102.49.161:31337

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-10-16)

119.91.216.63:31337
137.184.96.202:443
137.184.96.202:56722
141.164.53.170:18989
141.95.73.4:2376
18.216.108.112:8083
193.137.197.130:443
198.98.53.196:31337
3.120.187.11:2376
3.67.84.194:2376
3.71.181.49:2376
34.142.207.150:2376
35.156.61.119:443
35.198.198.102:2376
35.203.35.135:2376
35.226.166.202:8083
35.238.12.241:8083
46.38.239.155:2376
52.200.129.68:2376
52.59.203.122:2376
54.90.106.204:2376
91.92.128.248:31337
91.92.128.248:443
93.90.193.128:2376
93.95.229.192:31337
93.95.229.192:443
93.95.229.192:8888

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-10-20)

103.159.133.163:20321
103.159.133.163:443
103.159.133.163:8443
103.35.190.32:31337
103.35.190.32:8080
103.35.190.33:31337
103.35.190.33:8080
104.193.69.167:31337
104.244.74.178:31337
104.244.74.178:60001
113.4.19.25:2376
13.212.172.17:31337
13.212.172.17:443
142.171.194.122:9000
142.234.157.35:8056
146.190.67.179:50233
149.28.207.233:59856
157.230.234.168:31337
157.230.234.168:8888
167.235.247.158:8056
172.233.237.227:31337
173.49.90.229:31337
174.138.76.181:31337
174.138.76.181:8888
178.128.144.35:31337
178.190.102.43:2376
18.153.74.37:2376
18.156.84.197:2376
18.184.58.217:2376
18.188.146.171:8083
18.206.175.252:8083
18.219.108.95:8083
18.220.125.151:8083
185.17.40.153:31337
185.17.40.153:8443
185.216.70.236:8443
185.231.154.113:50543
185.8.105.120:2376
188.127.237.46:31337
193.149.176.199:31337
194.180.48.149:8443
194.182.70.200:8443
195.2.71.181:4256
207.148.76.74:443
207.148.76.74:55855
208.115.233.154:10000
208.115.233.154:22122
208.115.233.154:5443
217.76.55.115:30979
23.251.128.205:2376
3.121.85.105:2376
3.123.1.189:2376
3.127.210.141:2376
3.127.214.250:2376
3.133.164.208:8083
3.64.193.204:2376
3.71.41.123:2376
3.71.53.238:2376
3.71.81.137:2376
3.72.0.224:2376
3.73.132.208:2376
3.75.250.5:2376
3.76.104.227:2376
3.76.250.91:2376
3.76.98.45:2376
3.79.181.53:2376
3.79.97.135:2376
31.147.207.51:8081
34.143.178.184:2376
34.148.19.100:2376
34.162.133.104:31337
34.77.140.175:2376
34.88.134.230:2376
34.88.205.25:2376
34.89.20.143:2376
34.91.1.44:2376
34.95.30.177:2376
35.157.144.183:2376
35.159.38.229:2376
35.169.120.200:8083
35.174.58.172:8083
35.202.76.152:8083
35.203.123.82:2376
35.203.83.183:2376
35.203.88.123:2376
35.205.17.31:2376
35.226.14.60:8083
35.228.198.215:2376
35.228.248.56:2376
35.228.89.229:2376
35.231.225.211:2376
35.240.143.100:2376
35.242.142.247:2376
37.27.17.204:31338
37.27.22.110:31337
37.27.22.110:8888
43.132.177.94:31337
43.140.251.2:31337
43.140.251.2:8888
45.137.155.89:2376
45.142.213.85:2376
45.142.214.121:2376
45.155.37.101:443
45.227.255.34:39289
45.227.255.34:47473
45.77.221.80:55638
5.181.23.179:2376
5.35.5.136:443
5.45.83.33:443
5.45.83.33:50543
51.15.165.186:4433
52.195.211.16:31337
52.202.226.75:2376
52.22.145.117:8083
52.28.174.18:2376
54.160.205.236:8083
54.163.249.10:8083
54.166.213.120:8083
54.174.89.226:8083
54.175.249.5:8083
54.207.132.156:2376
54.210.22.254:31337
54.93.80.66:2376
62.72.18.9:11807
66.42.51.178:31337
74.48.44.7:9443
77.244.249.77:443
8.218.204.19:33333
88.99.46.160:31337
89.147.109.80:31337
91.199.147.205:56324
91.206.178.75:31337
91.206.178.75:443
94.103.93.160:443
94.103.93.160:4443
s.u00.ca
baakbfe6kaj8.s.u00.ca
baakbmyvkaba.s.u00.ca

# Reference: https://twitter.com/malwrhunterteam/status/1726968159603917089
# Reference: https://www.virustotal.com/gui/file/cd636847c8432a8f33edeabae98cd154dfb6619783756e18909e139c6b1d510c/detection
# Reference: https://www.virustotal.com/gui/file/a32e26a761bf5867c1fbc3e66b0f79df2c279d3c9fea0d4efbba89a7e86e32b3/detection
# Reference: https://www.virustotal.com/gui/file/8aaa281951bc6f4c8cf9f951835cc188ad6d83aeaadcf3220959b57d39373d4f/detection

onlinenoticeservice.online
sliver.onlinenoticeservice.online
sliver4.onlinenoticeservice.online

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-11-22)

119.28.129.176:31337
147.78.47.241:31337
172.104.212.245:31337
18.197.51.228:2376
18.197.53.191:2376
3.125.8.28:2376
3.71.6.139:2376
3.77.56.253:2376
3.79.230.146:2376
35.203.102.20:2376
35.203.105.134:2376
36.139.110.150:3389
49.13.22.82:8056
51.250.67.9:31337
51.250.67.9:8888
157.90.129.60:31337
157.90.129.60:8888
52.7.198.19:8083
85.209.176.146:31337
91.113.48.177:2376

# Reference: https://www.fortinet.com/blog/threat-research/gotitan-botnet-exploitation-on-apache-activemq
# Reference: https://www.virustotal.com/gui/file/bfce7938591dd9fa3e1368d7eb86fc7f11e935349437fc11de4f124bbbc16dee/detection

http://91.92.240.41
91.92.240.41:443
91.92.240.41:8080

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-12-03)

http://8.220.195.135
103.185.249.231:31337
103.185.249.231:9999
104.238.60.14:31337
13.49.166.101:7443
13.49.166.101:8443
137.184.220.96:31337
143.198.184.220:31337
147.189.131.140:31337
147.189.131.140:8888
15.223.51.227:4444
153.127.8.161:31337
153.127.8.161:8888
18.184.135.86:2376
18.184.167.123:2376
18.191.34.239:8083
18.193.81.144:2376
18.195.125.195:2376
182.92.190.177:11211
193.3.19.167:8443
194.233.66.38:31337
2.57.122.125:36037
2.57.122.125:443
2.57.122.125:8080
2.57.122.125:8888
23.231.40.71:31337
23.231.40.71:8888
23.95.197.109:31337
23.95.197.109:8888
3.120.147.39:2376
3.67.9.189:2376
3.68.157.117:2376
3.71.177.249:2376
3.76.102.156:2376
34.118.166.49:2376
34.118.187.130:2376
34.126.76.184:2376
34.152.28.134:2376
35.153.249.112:8083
35.246.24.13:2376
45.138.157.71:50547
47.108.117.51:31337
47.108.117.51:8888
5.35.5.136:31337
52.15.228.196:8083
52.73.109.241:8083
64.227.124.50:31337
8.220.195.135:45887
80.66.79.129:9090
85.208.214.91:38657
87.239.108.174:8888
88.117.27.108:2376
91.92.246.215:53535
91.92.246.215:8443
91.92.246.29:53535
91.92.246.29:8443

# Reference: https://www.virustotal.com/gui/file/1aecadf489a6dd7a3a6e5dfda9425673a9d04d38a5cb6b0b8f961536c11237ed/detection

94.198.53.143:8888

# Reference: https://twitter.com/malwrhunterteam/status/1734284423774810497
# Reference: https://www.virustotal.com/gui/file/3bc62b5745626a67b90378b243db0a056810bc2e1b7dcab6ca42eed9ada433a5/detection

35.204.187.119:8080
hacktics.net
agent.hacktics.net

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2023-12-22)

101.35.197.155:31337
101.43.12.116:31337
103.143.40.219:31337
103.232.245.46:443
103.253.43.237:31337
103.5.126.215:8443
104.131.0.220:8080
104.193.69.166:31337
104.245.107.19:31337
104.248.80.162:31337
107.172.143.68:31337
107.172.218.140:31337
107.173.148.15:31337
107.174.180.233:31337
107.174.180.233:443
107.189.2.194:31337
109.234.35.14:31337
109.248.236.18:8443
109.94.176.74:31337
114.115.172.223:31337
118.195.245.120:31337
119.91.210.217:31337
121.127.33.67:31337
121.40.122.92:8443
121.40.188.247:8443
124.156.173.75:31337
128.140.75.140:31337
129.146.41.173:31337
13.215.191.59:31337
13.48.105.28:31337
13.58.104.219:443
134.122.80.175:31337
134.175.125.207:31337
134.209.244.69:31337
135.125.107.166:31337
138.197.168.137:18443
139.144.79.120:31337
139.162.105.67:31337
139.180.203.46:8444
139.59.236.124:443
140.246.157.86:31337
142.171.44.245:2053
142.93.141.211:443
143.198.128.249:443
144.126.192.123:8087
144.202.125.45:31337
146.190.211.40:31337
146.70.106.171:31337
148.113.182.51:31337
148.113.182.51:443
148.135.119.4:31337
149.102.252.161:31337
15.235.155.147:22122
150.109.240.18:31337
154.204.44.228:31337
157.245.205.105:31337
158.247.217.90:31337
159.223.221.202:31337
159.223.234.164:31337
159.246.29.95:443
159.65.236.136:31337
159.65.236.136:443
159.75.187.222:31337
159.89.96.72:31337
163.172.232.19:31337
167.114.115.246:8080
167.172.2.185:31337
167.179.67.91:443
167.71.135.204:31337
167.99.16.48:31337
167.99.62.1:31337
167.99.62.1:443
168.100.11.164:31337
170.187.136.83:31337
170.187.190.139:31337
172.172.192.169:443
172.206.69.72:443
172.233.186.141:443
172.233.222.33:443
172.233.222.33:53
172.234.49.149:31337
172.245.9.15:31337
173.255.226.84:31337
174.138.7.112:443
178.128.144.35:443
18.118.177.107:8083
18.183.203.131:31337
18.217.25.229:31337
18.218.207.82:8083
18.234.231.155:31337
18.234.231.155:443
185.130.44.125:31337
185.142.184.133:443
185.172.128.97:31337
185.205.209.163:4443
185.22.155.92:31337
185.225.17.126:8443
185.77.225.199:31337
185.78.76.19:31337
185.92.220.86:31337
185.92.220.86:443
188.120.229.81:31337
188.166.125.71:31337
188.166.125.71:443
188.166.69.51:31337
192.227.194.139:31337
192.52.166.9:31337
192.71.26.247:31337
193.122.182.182:2376
193.142.58.126:31337
193.148.166.247:443
193.3.19.167:443
193.36.119.250:31337
194.233.165.208:31337
194.26.135.232:31337
194.87.196.126:31337
198.12.121.19:31337
198.244.174.214:31337
2.57.122.119:36037
2.57.122.119:443
2.57.122.119:8888
20.120.176.135:31337
20.121.62.185:31337
20.211.145.94:31337
20.42.60.45:443
20.9.129.205:31337
20.9.130.225:31337
20.99.141.107:443
203.25.119.141:31337
206.237.28.61:31337
207.148.78.124:31337
207.148.92.178:55555
208.85.18.159:31337
210.16.65.156:31337
212.71.246.109:443
212.98.224.124:31337
217.195.153.129:31337
222.239.251.205:31337
23.224.55.82:9999
23.94.3.91:31337
3.138.131.175:31337
3.231.153.226:31337
3.76.8.79:2376
3.79.103.101:2376
3.93.43.122:443
34.118.141.190:2376
34.142.29.177:2376
34.152.50.185:2376
34.162.51.179:443
34.28.126.114:31337
34.28.126.114:443
34.29.241.225:443
34.81.4.166:31337
35.203.30.240:2376
35.238.245.197:443
35.85.36.238:31337
35.86.154.89:443
37.156.216.76:31337
38.132.122.178:31337
38.147.172.79:31337
38.180.17.215:31337
4.196.229.99:31337
4.227.189.73:443
43.134.47.201:443
43.138.222.204:3133
43.154.25.56:31337
44.200.76.22:443
45.141.100.164:31337
45.155.249.148:31337
45.155.249.148:8089
45.76.110.190:31337
45.77.221.80:443
45.79.166.193:31337
45.79.166.193:443
45.79.190.91:53
46.101.130.143:31337
46.101.140.228:31337
46.29.166.80:31337
46.29.166.80:443
47.101.141.106:8443
47.101.144.63:38286
47.101.155.133:7443
47.103.203.3:443
47.109.55.151:31337
47.109.57.38:31337
47.111.31.7:8443
47.122.10.149:31337
47.242.66.37:31337
47.245.93.141:31337
49.12.211.146:31337
49.12.7.88:31337
5.230.68.164:31337
5.252.21.121:443
5.75.155.39:31337
5.75.155.39:443
51.195.150.20:443
52.91.148.84:31337
54.149.39.123:31337
54.165.231.50:443
54.175.17.220:31337
62.109.22.162:31337
62.218.124.18:1338
64.176.228.98:443
64.227.130.114:31337
64.227.24.147:31337
65.109.141.212:31337
66.135.19.181:31337
66.42.61.31:31337
68.183.193.39:443
74.103.149.82:31337
74.103.149.82:443
74.103.149.82:8888
74.208.208.195:443
77.76.145.150:443
77.83.246.107:31337
78.46.212.67:31337
8.210.232.186:443
8.217.121.233:8443
80.221.144.253:443
80.66.79.129:31337
80.78.22.209:31337
80.92.205.115:31337
80.92.205.115:443
81.68.198.185:31337
88.80.148.57:31337
89.116.72.113:31337
89.147.110.79:443
91.207.5.57:2376
91.212.166.31:31337
91.219.148.228:443
91.219.148.57:443
91.92.244.59:31337
91.92.252.130:31337
91.92.254.156:2053
91.92.254.156:31337
92.38.241.93:31337
92.63.163.105:8443
94.102.215.183:31337
94.198.53.143:31337
94.241.142.71:31337
95.182.121.24:31337
95.216.146.24:443

# Reference: https://twitter.com/malwrhunterteam/status/1738184310799175994
# Reference: https://www.virustotal.com/gui/file/4e393f60111b423ad61de04b1d00d231a627562c4a6f96d108fa03d0fb87112c/detection

80.78.26.183:8888

# Reference: https://twitter.com/SI_FalconTeam/status/1738217925616496923

45.84.1.161:8081

# Reference: https://twitter.com/SI_FalconTeam/status/1738217925616496923
# Reference: https://www.virustotal.com/gui/file/f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab/detection

45.84.1.161:443

# Reference: https://twitter.com/banthisguy9349/status/1740345962676318596

91.92.253.217:888

# Reference: https://www.virustotal.com/gui/file/688cae52f548ddba0e77ba67a08b76cccedd19fd0d841d55902d94130253b909/detection

78.46.212.67:8056

# Reference: https://embee-research.ghost.io/threat-intel-queries-with-fofabot/

http://35.245.72.15
1.12.254.32:31337
101.33.205.73:31337
101.42.236.245:31337
102.130.112.157:31337
103.107.183.85:31337
103.146.179.112:31337
103.146.230.155:31337
103.166.185.33:31337
103.186.113.25:31337
103.229.124.218:31337
103.27.186.143:443
103.56.113.112:31337
103.56.19.76:31337
104.168.11.90:33333
104.194.242.206:33333
106.15.191.195:31337
107.172.90.123:31337
111.229.170.68:31337
112.126.33.143:31337
116.196.93.7:31337
116.202.251.8:31337
116.203.150.138:31337
116.203.90.155:31337
116.204.123.237:31337
117.50.163.24:31337
117.50.176.248:31337
118.195.128.2:31337
119.45.168.83:31337
119.45.94.189:31337
119.91.157.115:31337
119.91.77.189:31337
120.25.41.242:31337
120.79.171.160:31337
123.56.247.6:31337
123.60.159.213:31337
123.60.78.62:31337
124.220.78.151:31337
124.222.121.166:31337
128.199.54.183:31337
13.215.175.15:31337
13.38.62.5:31337
134.122.133.133:31337
134.122.36.153:31337
139.144.252.215:31337
139.155.25.252:31337
139.180.202.240:55555
139.59.127.166:31337
139.59.222.143:31337
139.59.72.48:31337
140.99.171.153:31337
140.99.19.177:2137
141.11.208.95:31337
142.234.157.35:31337
142.93.144.20:31337
142.93.254.65:31337
143.110.151.209:443
143.198.136.12:31337
143.244.215.24:31337
144.34.246.226:31337
146.190.161.181:31337
147.182.170.103:31337
149.104.22.151:31337
149.28.133.61:31337
150.107.2.54:31337
151.115.43.108:31337
151.80.20.59:31337
152.32.191.36:8085
153.121.37.207:18443
154.18.161.74:31337
154.205.7.150:31337
154.8.154.200:31337
157.230.102.159:31337
157.245.146.101:31337
157.245.27.121:31337
157.245.93.241:31337
158.220.115.82:443
159.203.149.148:443
159.203.33.208:31337
159.223.154.90:31337
159.223.166.164:31337
159.65.130.248:31337
159.65.215.80:31337
159.65.235.113:31337
159.89.49.22:31337
162.212.158.164:31337
162.243.172.47:31337
164.68.121.201:31337
165.154.183.177:443
165.227.188.7:31337
165.227.210.49:443
167.172.0.175:31337
167.235.247.158:31337
167.99.201.203:31337
167.99.208.15:31337
170.106.169.138:31337
170.64.166.187:31337
171.22.28.245:31337
172.232.192.134:31337
172.81.177.154:31337
172.86.75.81:31337
172.96.137.224:31337
172.96.190.163:31337
174.138.111.149:31337
175.178.28.67:31337
175.27.248.214:31337
176.99.11.72:31337
178.128.126.116:7331
178.20.43.69:31337
18.153.210.153:2376
18.232.75.99:31337
182.92.128.194:31337
182.92.22.78:31337
185.117.75.188:31337
185.149.41.43:31337
185.193.127.19:31337
185.196.9.114:31337
185.231.154.113:31337
185.62.56.50:31337
191.96.31.102:31337
192.169.6.122:443
192.227.190.113:33338
193.122.124.168:31337
193.178.147.164:31337
193.227.121.10:31337
193.233.48.58:31337
193.42.33.78:31337
194.135.17.30:31337
194.135.24.241:1443
194.135.24.241:31337
194.190.152.81:31337
194.190.152.81:8888
194.61.120.45:31337
194.68.26.240:55555
195.133.44.80:31337
195.2.71.181:31337
195.246.230.236:31337
198.98.55.82:31337
20.127.54.170:8443
20.234.169.130:443
20.248.176.0:31337
20.52.118.210:8888
20.56.158.50:443
20.61.4.19:6000
203.23.128.191:8443
206.188.197.198:31337
216.238.74.154:31337
218.185.248.203:31337
219.129.195.58:31337
23.105.222.190:31337
23.132.185.120:31337
23.184.48.108:31337
23.184.48.170:31337
23.254.204.15:31337
23.254.225.61:31337
23.92.27.225:31337
3.106.113.46:31337
3.122.237.119:2376
3.19.223.137:31337
3.70.74.35:35000
3.81.11.61:31337
3.93.150.250:31337
34.126.79.76:31337
34.16.159.191:31337
34.162.183.114:31337
34.203.229.137:31337
34.95.43.129:2376
35.180.226.123:31337
35.180.226.123:8888
35.76.112.121:31337
36.140.10.155:33389
38.181.73.65:31337
38.207.173.58:31337
38.242.142.224:31337
39.106.73.241:31337
42.192.54.106:29999
43.136.108.199:31337
43.138.111.142:31337
43.155.141.253:31337
44.210.141.208:443
44.222.150.23:443
45.124.115.196:31337
45.148.120.191:31337
45.155.37.117:31337
45.32.120.18:31337
45.63.77.20:31337
45.67.228.74:31337
45.74.19.102:31337
45.77.134.237:31337
45.77.169.3:31337
45.83.141.51:31337
45.9.148.106:31337
45.95.169.45:31337
46.101.60.112:31337
46.105.83.251:443
47.102.120.55:31337
47.104.149.14:2053
47.106.243.19:31337
47.115.210.115:31337
47.115.215.203:31337
47.242.114.202:31337
47.87.135.213:20202
47.87.151.81:31337
47.92.235.196:31337
47.94.84.217:8099
47.96.171.184:31337
47.97.164.40:31337
47.99.38.116:31337
5.252.177.224:31337
5.252.179.38:443
5.252.179.38:50666
5.8.10.66:443
5.8.10.71:31337
5.8.10.71:443
51.15.18.85:31337
51.15.206.236:31337
51.158.77.242:31337
51.77.137.208:2376
51.89.242.61:31337
52.224.104.63:8443
54.196.126.76:31337
57.128.81.56:31337
60.204.200.204:31337
64.227.12.106:31337
65.109.103.227:31337
65.49.238.93:31337
66.29.152.52:31337
67.205.133.22:31337
67.219.109.90:31337
70.34.200.143:31337
72.142.102.158:31337
78.129.165.238:31337
78.46.198.179:31337
79.110.62.125:31337
8.134.152.131:31337
8.217.40.146:38080
82.157.149.243:31337
82.66.234.146:31337
83.130.137.25:31337
84.46.241.248:31337
85.208.107.144:31337
85.217.144.191:5555
85.239.53.132:31337
87.120.37.113:31337
87.120.37.113:50000
89.117.63.189:31337
89.147.110.117:31337
91.227.40.130:31337
93.115.16.227:31337
94.131.112.139:31337
94.158.244.64:31337
94.23.84.20:31337
95.181.230.80:8080
98.11.226.194:31337
at0.info
autodiscover.iclouddrives.com
autodiscover.vantagedataceters.com
catyun.xyz
cpanel.iclouddrives.com
cpanel.vantagedataceters.com
cpcalendars.iclouddrives.com
cpcalendars.vantagedataceters.com
cpcontacts.iclouddrives.com
cpcontacts.vantagedataceters.com
d2x3.cn
expoc.eu.org
global.easylife.community
iclouddrives.com
kiro3.tensec.net
m.iclouddrives.com
m.vantagedataceters.com
netcoretec.org
session.catyun.xyz
smffff.ru
smtp.iclouddrives.com
smtp.vantagedataceters.com
sv.at0.info
v3.d2x3.cn
vantagedataceters.com
webdisk.iclouddrives.com
webdisk.vantagedataceters.com
webmail.iclouddrives.com
webmail.vantagedataceters.com

# Reference: https://www.virustotal.com/gui/file/8ec225818ef1c99943ba6cb83ca8596c84d704c2f6c098dd7ea880c8e1397b14/detection
# Reference: https://www.virustotal.com/gui/file/c0ce8a249d4b2da533defaf31e6335de828799ba7cf73c8976028fbf1204be94/detection

124.222.5.128:3232

# Reference: https://threatfox.abuse.ch/browse/malware/win.sliver/ (# 2024-01-15)

103.140.187.122:443
103.15.105.29:8888
103.85.110.13:8888
104.193.69.140:31337
113.4.19.3:2376
134.175.125.207:8888
141.98.7.18:443
143.110.252.207:443
156.245.11.1:31337
156.245.11.1:443
156.245.11.1:8888
156.245.11.27:31337
156.245.11.27:443
156.245.11.27:8888
156.245.11.9:31337
156.245.11.9:443
156.245.11.9:8888
159.223.130.150:443
159.75.120.80:3389
172.96.137.224:443
174.138.56.147:31337
176.31.21.3:2376
18.170.56.163:443
18.193.68.253:2376
185.125.56.177:2376
185.196.9.214:53
193.3.19.167:8000
193.3.19.167:8080
20.237.111.240:8444
206.189.106.153:31337
209.151.148.66:31337
3.70.47.231:2376
34.147.142.69:2376
34.88.16.45:2376
35.161.176.76:443
35.230.156.200:2376
35.240.61.64:2376
43.157.27.174:443
43.230.161.37:5432
44.220.45.98:443
46.101.202.59:443
62.109.22.162:8888
64.176.58.13:8443
64.23.154.205:30099
64.23.170.203:31337
64.23.170.203:8888
95.164.69.179:443

# Reference: https://www.virustotal.com/gui/file/1e6cccf49511c2c2f632ddc733186999878eee104c2cee4edd03b88538497a86/detection

67.205.154.243:34353
servicehelper.portmap.io

# Reference: https://twitter.com/Cuser07/status/1749333413826568261
# Reference: https://www.virustotal.com/gui/file/0b81a4bac4b9d6aee27e72d34ed44cde91c07831592167032e767b8f937afa69/detection

128.140.123.244:8056

# Reference: https://twitter.com/felixaime/status/1749813368414998647
# Reference: https://www.virustotal.com/gui/file/2f84e530671031c3448b02f4d772eb198dde3aaa5b52336c393a819e0ebc424a/detection
# Reference: https://www.virustotal.com/gui/file/76e1853b9a4e88cc0521df2815d6ba5d6ea5549c4477f8bdc43b9fc3ede32636/detection
# Reference: https://www.virustotal.com/gui/file/9126cc827516668e32a1a42d851604bff56c812cd8b188549cb6ac99af53279a/detection

212.113.106.100:8888

# Reference: https://twitter.com/malwrhunterteam/status/1750588277911097471
# Reference: https://www.virustotal.com/gui/file/c509e955ea3e30d622681afcae9392ec1038de24098d44856d7e88ac930140f3/detection

esethelpdesk.info
login.esethelpdesk.info
baakbp07gw.login.esethelpdesk.info
baakbrynuwka.login.esethelpdesk.info

# Generic

/.sliver-client/
/.sliver-server/
/.sliver/
/sliver-client
/sliver-client_linux
/sliver-client_linux.sig
/sliver-server
/sliver-server_linux
/sliver-server_linux.sig
