http://94.156.253.17/Downloads/build-new.lnk
http://94.156.253.17/
http://94.156.253.17/Downloads

94.156.253.17 - mailcious

38.181.25.43

194.5.98.250 - mailcious

http://www.royaltotojp.life/gs22/?tZi0=XqGT28VuwgR0tHIWJ12GlexZBkdeEH2omtvxSMlxLbtL0z8j7vfoLf8TYWqqB6Qy1HltMte6&Unt48=GTd0sn7PmjlLKfx&sql=1
http://www.czcblzky.click/gs22/
http://www.royaltotojp.life/gs22/
http://www.wtd6e.buzz/gs22/
http://www.wtd6e.buzz/gs22/?tZi0=VDoZsXgJ33m6GMTGrBxkXeJI5VWl9LckgAFZWBineURiSKUttTcioIZjL6dcFMz5k6jMXEOi&Unt48=GTd0sn7PmjlLKfx&sql=1
http://www.czcblzky.click/gs22/?tZi0=J8uqsMNsS5Yn0BkrkL7ZAY4qgjZ7ppo07do+1ANX1PvbNDE/4Q/w494tyz+wglG6mRixLfnE&Unt48=GTd0sn7PmjlLKfx&sql=1

www.royaltotojp.life(104.21.47.213)
www.wtd6e.buzz(104.21.41.43)
www.czcblzky.click(43.154.67.170)
104.21.47.213
172.67.159.243
43.154.67.170 - mailcious

http://www.xc14265.com/gs22/?J6A=SuVcmOAn2xRPN/PRwV8ysuHDkHc3DBMicxYHYVuZpNjcYi1EwU9TL0jT8CMJ1e4bcGmvv8cy&YL3=9rNhv2&sql=1
http://www.carnivoroussnacks.com/gs22/?J6A=Pq7DZlSzFefC8E+AEVaPt7VRxf8NJwnXcTNfiZeG3B/taPM2i2unT71hL8hyN6OHJcS/jyoU&YL3=9rNhv2&sql=1
http://www.carnivoroussnacks.com/gs22/
http://www.xc14265.com/gs22/
http://103.6.248.9/S138M/wininit.exe

www.xc14265.com(20.210.252.134)
www.cafesmood.store()
www.carnivoroussnacks.com(142.250.207.115)
103.6.248.9 - malware
142.250.204.83
20.210.252.27

http://94.131.107.238/3aa13fff14e398a1.php

94.131.107.238 - mailcious

http://apps.identrust.com/roots/dstrootcax3.p7c
http://94.156.161.167/tl/ert09.txt
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855

uploaddeimagens.com.br(104.21.45.138) - malware
182.162.106.32
104.21.45.138 - malware

http://www.foreverenamored.com/s27k/?jPg8=K0JmOqXr9HCtj2qTWz3wm1ISclVIfppkL5EMoSSMyzeFhY/mEgvox6BxsSrLYXaYq3j87tFB&0rn=WHrpcFC0d - rule_id: 35578
http://www.recetasfaciles.online/s27k/?jPg8=IP+gCJr4i0UK4WoLUFibm9NvX6KUa6cqerNF0fRTUawEz/u35uLTKVzQ6VGTVmNLPMnAirAk&0rn=WHrpcFC0d
http://www.amitravel.info/s27k/?jPg8=YmgXLomuRRyTNUFYOSs0S8Nfvo95Vs+Z6enyvD/2a16SVN4BDc3+Cwr4kMuk0uzccTKbOYcD&0rn=WHrpcFC0d
http://www.blkfence.com/s27k/?jPg8=rkgaiCJU3/PxhQ34LZviyD3FUF4aIN30Rtnx7Sh2laJQr1EMwvmKNq6J82ijchkqGalg+gl9&0rn=WHrpcFC0d

www.blkfence.com(108.163.217.86)
www.recetasfaciles.online(199.59.243.224)
www.amitravel.info(34.98.99.30)
www.foreverenamored.com(185.181.104.242) - mailcious
199.59.243.224 - mailcious
108.163.217.86
185.181.104.242 - mailcious
34.98.99.30 - phishing

http://www.foreverenamored.com/s27k/

http://81.161.229.138/Downloads/desktop.ini
http://81.161.229.138/Downloads
http://81.161.229.138/
https://boatrentalowner.com/wp-content/uploads/2022/02/capetown.hta

81.161.229.138 - mailcious