| URL | IP Address | Threat Actor Email(s) | 
|---|---|---|
| http://784119.cf/att.zip.zip | 31.220.17.248 | [email protected] | 
| http://apkagain.xyz/OFFICE.zip | 91.234.99.200 | [email protected] | 
| http://cm-vfxira.ddns.net/sharepoint.zip | 111.90.149.203 | [email protected] | 
| http://elpatroni.ddns.net/yahoo/ATtt.zip | `15.223.68.22 | 
| URL | IP Address | Threat Actor Emails | 
|---|---|---|
| http://africads12.xyz/popup%20(2).zip | 162.241.27.152 | No Email: +4932221097517 | 
| http://amigocanino.club/acessar.zip | 104.24.112.110,104.24.113.110 | No Email: 216.172.161.27 | 
| http://gidlellc.xyz/txt/txt.zip | 46.17.96.124 | [email protected] | 
| http://instatop.cf/Box/Box.zip | 192.185.112.213 | [email protected] | 
| http://lqanchodien.anffgaming.tk/accgame123kcom.rar | 103.27.62.57 | [email protected] | 
| `http://microsecurities.tk/pdf2020. | 
| URL | IP Address | Threat Actor Emails | 
|---|---|---|
| http://access2882.xyz/LUNO_2020%20(1).zip | 102.130.115.253 | [email protected] | 
| http://actaccs.xyz/chasebank.zip | 170.10.161.6 | [email protected] | 
| http://fanigh.ml/logins/dropboxu%20(1).zip | 178.159.36.97 | [email protected],[email protected],[email protected],[email protected],[email protected] | 
| http://kashinnat.ga/dosal/0nfile.zip | `19 | 
IP: 178.159.36.41
Netblock (using Whois info): 178.159.36.0-178.159.36.255
ASN: 35196 IHOR-AS, RU
Whois Email for IP: [email protected]
Whois Email / SOA for domains: [email protected]
| URL | Type | 
|---|---|
| hxxp://icloud.com-findmyphone.in/admin/login.php | iPanel Pro | 
| hxxp://www.apps.care/apple/admin/login.php | Sign In - iPanel | 
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | # registration details from sending post request to 16shop.club/api/setting/get_setting.php "domain=<blah>" | |
| login.appleid.apples.idmsa.account.locked.sumarry-intl-cloud.com | |
| IP: 162.144.72.165 | |
| HTTP/1.1 200 OK | |
| Connection: keep-alive | |
| Content-Encoding: gzip | |
| Content-Type: application/json | 
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Connect your Google account, check out faster on your devices</title> | |
| <meta http-equiv="content-type" content="text/html; charset=UTF-8"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=yes"> | |
| <meta name="robots" content="noindex, nofollow, noarchive, nosnippet, noodp, noydir"> | |
| <link rel="shortcut icon" href="assets/img/favicon.ico"> | |
| <link rel="apple-touch-icon" href="assets/img/apple-touch-icon.png"> | |
| <link rel="stylesheet" href="assets/css/signin_style.css"> | 
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> | |
| <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport"> | |
| <title>Sign In</title> | |
| <link href="assets/img/favicon.ico" rel="shortcut icon" type="image/x-icon"> | |
| <link href="assets/css/First.css" media="all" rel="stylesheet" type="text/css"> | |
| <link href="assets/css/Second.css" rel="stylesheet" type="text/css"> | |
| <link href="assets/css/Fonts.css" rel="stylesheet" type="text/css"> | 
I hereby claim:
- I am aneilan on github.
- I am w00dsman (https://keybase.io/w00dsman) on keybase.
- I have a public key ASC4oqlnqsBSi7qrJ2i-2zXQpCk1Z2Xeo3-ieyrs7TEbSgo
To claim this, I am signing this object:
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | +__rvm_make:0> make -j4 | |
| CC = gcc | |
| LD = ld | |
| LDSHARED = gcc -shared | |
| CFLAGS = -O3 -fno-fast-math -ggdb3 -Wall -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wunused-variable -Wpointer-arith -Wwrite-strings -Wdeclaration-after-statement -Wimplicit-function-declaration -Wdeprecated-declarations -Wno-packed-bitfield-compat -std=iso9899:1999 -fPIC | |
| XCFLAGS = -D_FORTIFY_SOURCE=2 -fstack-protector -fno-strict-overflow -fvisibility=hidden -DRUBY_EXPORT | |
| CPPFLAGS = -I. -I.ext/include/x86_64-linux -I./include -I. | |
| DLDFLAGS = -Wl,-soname,libruby.so.2.3 -fstack-protector | |
| SOLIBS = -lpthread -ldl -lcrypt -lm | |
| Using built-in specs. | 
      This file has been truncated, but you can view the full file.
    
    
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | This file contains any messages produced by compilers while | |
| running configure, to aid debugging if configure makes a mistake. | |
| It was created by configure, which was | |
| generated by GNU Autoconf 2.69. Invocation command line was | |
| $ ./configure --prefix=/home/aneilan/.rvm/rubies/ruby-2.3.0 --disable-install-doc --enable-shared | |
| ## --------- ## | |
| ## Platform. ## |