# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: cacosms, irata, irspy, realrat

# Reference: https://twitter.com/malwrhunterteam/status/1407420438725238785
# Reference: https://twitter.com/mr_amini8/status/1413038661696987142
# Reference: https://www.virustotal.com/gui/ip-address/157.90.9.65/relations
# Reference: https://www.virustotal.com/gui/file/70b8d5cd1a364c0cf148c8fb36a9cfe85bfbf6b18fbbcf1d36de4aee5e4b9e74/detection
# Reference: https://www.virustotal.com/gui/file/5f9c5dec4856278393b8936c8145a65f8ca045aa01b71e16de6ee5b68d893ea0/detection
# Reference: https://www.virustotal.com/gui/file/46901fac5acff20fa83b8bb4f27a8f96e73a67209b799587bc46f1f6e5b8441b/detection
# Reference: https://www.virustotal.com/gui/file/835a9a1f8c6d3231a939c3070c179cb8f7e74ed5f3afebdff21f4bafe1bbf19f/detection

http://188.40.233.91
gjpay.site
ir-sana.ml
ir-shalplak.gq
ir-shparak.tk
sana-eblagh.xyz
shahparak-ir.ml
shaparak-bmc.tk
shayparak.tk
/ebiagh/
/eblagh/
/eblaghd/
/eblaghe/
/eblaghd/Mellat/recive.php
/sighe12/Mellat/recive.php
/Mellat/recive.php

# Reference: https://twitter.com/malwrhunterteam/status/1407420438725238785
# Reference: https://twitter.com/midnight_comms/status/1461723157232951297
# Reference: https://www.virustotal.com/gui/ip-address/192.227.134.70/relations
# Reference: https://www.virustotal.com/gui/file/8e0dbe364134d00c32ebaeb7a479c4b28bcdb4b528c4a255ade404e0dccdfc21/detection

adiiran-lr.gq
adiiran.tk
adl-dadgostari.tk
adl-police.ml
adl-police.tk
adliran-paygiri.tk
adlirane.ml
adlliiran-ir.cf
adlliiran-ir.ga
adlliiran-ir.gq
asanpeygiri.tk
eblagh-f.ml
eblagh-f.tk
eblagh-iran.ml
eblagh-samane.tk
eblaghe-ghazai.cf
eblaghie-v.gq
edliran.cf
edliran.ga
fata.gq
ir-eblaghe.cf
ir-starka.cf
iran-portal.xyz
ireblaghsana-ir.ml
police-adl.tk
rat-rat.tk
remotedefacer.link
remotedefacer.online
samane.cf
sana-ebiagh.tk
sana-iirani.site
sana-iran-ir.site
sana-iriraun.site
sana-lran.tk
sanabv.ga
sayboriml.ml
sna-portal.com
testsus.ml
/73526/eblagh.php
/Lopqer/sms.php
/eblagh.php

# Reference: https://www.virustotal.com/gui/file/5c388bc80bbaccb57d790dffdf61f85845f33866b1a29c372f2f9f90b5cca77d/detection

sana-eblaghiran.ml

# Reference: https://www.virustotal.com/gui/file/ce90efb8e7a4382b3615a859f39f48e60ccb1b4020bc946a4bc0afcb83c0a49c/detection

sana-eblaghiran.tk

# Reference: https://www.virustotal.com/gui/file/ce90efb8e7a4382b3615a859f39f48e60ccb1b4020bc946a4bc0afcb83c0a49c/detection

sana-eblaghiran.gq

# Reference: https://www.virustotal.com/gui/file/54c704ae09ebd703587ed2b78fcb6c3e9ba314fd9604767182886c0b4ad4f514/detection

eblagh-sanairan.ga

# Reference: https://www.virustotal.com/gui/file/98cf23378dcaed9165d852cc1186710ea39b14f66de6726c999ced8008a5d076/detection

eblagh-sanairan.gq

# Reference: https://www.virustotal.com/gui/file/c93721167305ba16a0c06f565d50ca37fd98b5455723d570942cb90264c21077/detection

eblagh-sanairan.cf

# Reference: https://www.virustotal.com/gui/file/bdd0fbb9cf4591d9007204da0608f0d43a58e03444768f2f856c67e152468132/detection

sana-adliran.ml

# Reference: https://www.virustotal.com/gui/file/b0f493fd7adc4c6f5165118c9da2cf07ca10a890ceb737c0ecbcc87d40c60f5f/detection

dklfjzlsdf.ml

# Reference: https://twitter.com/malwrhunterteam/status/1456978019273396229
# Reference: https://www.virustotal.com/gui/ip-address/162.0.232.163/relations
# Reference: https://www.virustotal.com/gui/ip-address/192.227.134.70/relations
# Reference: https://www.virustotal.com/gui/ip-address/192.227.134.82/relations
# Reference: https://www.virustotal.com/gui/file/26d7819a0f69c63fc4720720dd0c26a929ad2e77b5505c6a6b6b7102078233f6/detection
# Reference: https://www.virustotal.com/gui/file/f630893662d81f95d102ae1d4f185a5116f830fddd2ebb8e2e0f59256616233d/detection

ablaghe-sana.tk
adrilan-sana.ml
amirali56.site
amirali5665.xyz
appes-eqlab.tk
apps-eqlag.ml
aquabest.shop
black-amirpower.xyz
defacerpanel.tk
divar-appex.ml
divar1400.ml
divare-appex.ml
dklfjzlsdf.ml
eblaaghie-sana.ml
eblag-ir.ga
eblag-u-ir.tk
eblagh-09.cf
eblagh-09.ga
eblagh-09.gq
eblagh-09.ml
eblagh-09.tk
eblagh-1.cf
eblagh-1.ga
eblagh-1.gq
eblagh-1.ml
eblagh-1.tk
eblagh-47.ga
eblagh-47.tk
eblagh-55.cf
eblagh-55.ga
eblagh-55.gq
eblagh-61.ml
eblagh-61.tk
eblagh-81.cf
eblagh-81.ga
eblagh-81.ml
eblagh-81.tk
eblagh-9.gq
eblagh-9.tk
eblagh-9.xyz
eblagh-edalat-ir.tk
eblagh-elekterenoki.ga
eblagh-elekterenoki.ml
eblagh-ghazaiie.ml
eblagh-iran.ml
eblagh-pay19.ga
eblagh-pay19.ml
eblagh-pay19.tk
eblagh-sana-electronik.cf
eblagh-sana-electronik.ga
eblagh-sana-electronik.gq
eblagh-sana-online.tk
eblagh-sanairan.cf
eblagh-sanairan.ga
eblagh-sanairan.gq
eblagh-sanairan.ml
eblagh-sanairan.tk
eblagh-vx.gq
eblagh-vx.ml
eblagh-vx.tk
eblaghie-019.ga
eblaghie-019.ml
eblaghie-019.tk
eblaghie-15.cf
eblaghie-15.ga
eblaghie-15.gq
eblaghie-15.ml
eblaghie-15.tk
eblaghie-on1ine.tk
eblaghieh-online6.tk
eblaghiie-sana.tk
eblaghirsana.cf
eblaghirsana.ga
eblaghirsana.tk
eblaghiyh90.tk
eblagi-pigiri.ml
eblagie-pygiri.ga
eblagieh-ghazaei.tk
eblagihe-melat.ml
eblagye-sana.tk
eblaq-irsana.cf
eblaq-irsana.gq
eblaq-irsana.ml
eblaq-irsana.tk
eblaq-sna.cf
eblaq-sna.ml
eblaq-sna.tk
ebllaghie-sana.ml
ebllaghsisana-ir.ml
eiblaghs-ir.cf
eieblagh-ir.ml
eieblagh-ir.tk
forbidden12.tk
git7cyusid9.tk
hdfdhfudyf.xyz
iablaghs-san.ga
iablaghs-san.ml
ir-eblaghe.cf
ir-ista100.ga
iran-portal.xyz
ireblaghsamewsna-ir.ml
ireblaghsana-ir.ml
ireblaghsnna-ir.ml
irn-sana.cf
irn-sana.gq
irn-sana.ml
irn-sana.tk
irsanaeblagh.cf
irsanaeblagh.ga
irsanaeblagh.ml
irsanaeblagh.tk
jdee5ip98.tk
meli-ir.gq
meli-ir.tk
new0account.tk
oaiwj2ow.tk
online-eblaghie.cf
online-eblaghie5.ml
peygiri-12g.ml
peygiri-13p.ml
peygiri-14f.ml
peygiri-9lg.ml
peygiri-est.ml
peygiri-eyb.tk
peygiri-grc.ml
peygiri-obj.ml
peygiri-rcd.ml
peygiri-tpc.ml
peygiri-ufd.ml
peygiri-ygt.ml
peygirie-sana.tk
po-iran.ml
power405.xyz
powerx.ga
prygiri-fcd.ml
prygiri-htp.ml
pygiri-sana.ga
pygiri-sana.gq
pygiri-sana.ml
pygiri-sana.tk
rat-rat.tk
remotedefacer.link
remotedefacer.online
samaneh-sana-ir.tk
san-elbg.ml
sana-adliran.ga
sana-adliran.ml
sana-ebiagh.tk
sana-eblagh.ga
sana-eblaghiran.cf
sana-eblaghiran.ga
sana-eblaghiran.gq
sana-eblaghiran.ml
sana-eblaghiran.tk
sana-lran.tk
sana-peygiri.tk
sanaadl0iran.ml
sanaadliran.xyz
sanabv.ga
sanaeblagh-iran.ml
sanaeblagh.xyz
sanaireblagh.ml
sanaireblagh.tk
sanaji-shapak.ga
sanaji-shapak.gq
sanaji-shapak.ml
seblogh-san.tk
shaepark.tk
shaparak-ir.xyz
shaparak-is.cf
shaparak-is.ml
shaparak-is.tk
shaparak-it.cf
shaparak-it.ga
shaparak-it.gq
shaparak-it.ml
shaparak-pw.ml
shapparek-sna.tk
shop-sa.tk
shpk-sanair.gq
shprkish.ml
sna-eblaq.tk
sna-portal.com
sus-barq.ml
testsus.ml
web-lev.ga

# Reference: https://twitter.com/ReBensk/status/1463011973071659008
# Reference: https://www.virustotal.com/gui/file/ad55c7314f666de9eaece6daaa19c38ae427156c4ebd48f37f38b7a628baf60f/detection

new-mellat-bank.xyz

# Reference: https://www.virustotal.com/gui/file/bf0c75bd80bd8bb86384e6507853293651c8a5d5a807a9fecce08fbdbd4388c7/detection

sana-com-r.ml

# Reference: https://www.virustotal.com/gui/file/763b142544767af1c9a7c1a835002ee0bc1ff58012df4dcfb556b61b0c2473b7/detection

sana.pb5.ir

# Reference: https://www.virustotal.com/gui/file/38836bc6dda4bd96764ed45619a610fcabdc46aa45a20970c6d66a950eab3504/detection

mb-shaparak.gq

# Reference: https://www.virustotal.com/gui/file/b210394d530a54e7f82c0d1d025b79d3241c845e5e27e758ce5980ec2dff7436/detection

sana.mpiko.ir

# Reference: https://www.virustotal.com/gui/file/bf3a78609c2388a6f700a9b63feccf24a5b5762cc94d81afa14bff6db5a5f984/detection

shaparak-bmi.ml

# Reference: https://www.virustotal.com/gui/file/34c81abd142db1c20369a4d7d1107e0143a0d4fc011292471455c8ddb80db46b/detection

irsetpay-ir.tk

# Reference: https://www.virustotal.com/gui/file/544e30fb8c85d078cbe64467f00abdcc54dacd6a27bae609a92c691ec1c0a1b4/detection

aid-shaoarack-ir.tk

# Reference: https://www.virustotal.com/gui/file/43cc666cf6150efa0de925334f272635b7ba81d3686bcc1936fb3e02a5a2be7c/detection

amali.pb5.ir

# Reference: https://www.virustotal.com/gui/file/deca9096f682b1d4ffce4edca6ad0865ce3add0a2bc5e1144c71799004a84936/detection

polis.pb5.ir
/eblagh2/
/eblagh2/rat/

# Reference: https://www.virustotal.com/gui/file/fd1b36fadb2e72a9e1a74687fe662d11ba10fd46f069944470ea03be09791b09/detection

sana-com-r.tk

# Reference: https://www.virustotal.com/gui/file/be4c83027264c7dc798ebfcfa8d566cb462c5e75cb15e0b70f66a6e0b7f9e706/detection

avibili-irani.tk

# Reference: https://www.virustotal.com/gui/file/7a78b3ae543069d91eebcee8e559f46ebde3cf6beffdd06955263fb7d5fe13da/detection

eblagh-mellat.tk

# Reference: https://www.virustotal.com/gui/file/d5234ef9f4274c5da1097e99887240d2ba3974bc0fa4e14008c5089f2a8a0427/detection

sanaeblaghh.tk

# Reference: https://www.virustotal.com/gui/file/a338021216604ef8b1e860ee5c36ca43887011c6b4717606a7724b1daf678716/detection

eblaghie.cf

# Reference: https://www.virustotal.com/gui/file/9d7a1a011a33bb2ffdc93041b1c42b060f888a53396f9a84588233fd6c489953/detection

dadgah-sana.tk

# Reference: https://www.virustotal.com/gui/file/c714b500b76a3631746efb94976d2301140ca5ce6af79c7c196ce0673c767de4/detection

dadyarytehran.tk

# Reference: https://www.virustotal.com/gui/file/5e6f8b8b716c42abd9af0cdcd77e547f080bda24a79452117c977135d92bdd0f/detection

sarmayeegan.tk

# Reference: https://www.virustotal.com/gui/file/104a6ab4bb5d05206fcd30dcadb4dc104e427ef1edf9ecdc20790ff64f1772b2/detection

newmelat-ir.cf

# Reference: https://www.virustotal.com/gui/file/f9774c77e55d4563bd356b6ce234f745df1813db11b45f48faf51afbca518c57/detection

time-pay.gq

# Reference: https://www.virustotal.com/gui/file/511eee2b1ec591859fecf8d4f642dfee96e3d7c5e10e65b0cf4dd4b82c82634b/detection

saa-nna.ml

# Reference: https://www.virustotal.com/gui/ip-address/45.14.224.207/relations
# Reference: https://www.virustotal.com/gui/file/33deab5d65f48099afa722d8b6cc9b96fe35fde1ee9176a9e708879c7a539bd6/detection

adli-iran.cf
aid-shaoarack-ir.cf
aid-shaoarack-ir.tk
alpha-host.ir
alphahosting.ir
amali.pb5.ir
amir-shirazey.tk
app-dadgah.tk
appk-dadgah.tk
arshia-bots.ir
arshia-ne2.ir
asan-pardakht-ir.cf
asan-pardakht-ir.ga
asan-pardakht-ir.gq
asan-pardakht-ir.tk
asdfgh-sdfgh.tk
ase-shaparak.ga
ase-shaparak.ml
asq-shaparak.gq
asr-shaparak.gq
asr-shaparak.ml
avibili-irani.tk
azar-soft.ml
azar-soft.tk
b-shaparak.ml
bazdid-fa.ir
best-mizban.ir
bilalgyan2000.ir
bmp-shaparrak.gq
bomber-pro.ml
claimfreeudd.ml
dad-gaahi.tk
dad-gahi.tk
dad-yari.tk
dad-yarri.tk
dadgaah-appk.tk
dadgaatehran.tk
dadgah-sana.tk
dadgah-tehran.tk
dadgahh-appk.tk
dadgahii-tehran.tk
dadgahtehran.tk
dadgahy-tehran.tk
dadyaritehran.tk
dadyarytehran.tk
divarapp.tk
divarappk.tk
dr-iliya.ir
eblagh-mellat-ir.tk
eblagh-mellat.ml
eblagh-mellat.tk
eblagh-shecayatu-iran.tk
eblaghie.cf
eblaghie.ml
etelaat.piko-server.ir
fast-mizban.ir
hedye-vizhe-tabestan.tk
herni-bot.ir
iliagram.dr-iliya.ir
imanm.gq
instapay-ir.tk
io-shaparak-c.cf
ip-shaparak-io.cf
ip-shaparak.cf
ip-shaparak.gq
ip-shaparak.ml
ip-shaparak.tk
ir-support.pb5.ir
iran-adli.ml
iran-adlii.ml
irsetpay-ir.ml
irsetpay-ir.tk
is-shaparak-ir.ga
keno-wer.tk
lashi.shirazey.cf
lite-host.ir
lwe-shaparak.cf
lwe-shaparak.ga
mb-shaparak.gq
mci-irancell.tk
mellatbank-asanpardakht.cf
mellatbank-asanpardakht.tk
melpardakht.tk
net-train.ir
new-ebl-agh-ir.xyz
new-iran-q.tk
new-kakaz-start.tk
new-majazi-q.tk
new-mellat-bank.xyz
new-sana-eblaagh.xyz
new-sana-eblagh.xyz
new-sana-eblaghiye.tk
newmelat-ir.cf
newmelat-ir.ml
oi-rokhah-new.tk
pay-pardkths.tk
pesh-pew.tk
pikohost.ir
polis.pb5.ir
pqt-shaparak.ml
pqt-shaparak.tk
psd-shaprak.tk
roborex-bot.ir
roshana.cf
sa-na.ml
sa-nna.ga
saa-na.ml
saa-nna.ml
saana-apik.tk
saana.pb5.ir
sad-behpardakht.ga
sadad-shaparak.cf
sana-adiiiran.tk
sana-adiliran1xyz.tk
sana-adliirran.tk
sana-com-r.ml
sana-com-r.tk
sana-daadgah.tk
sana-daddgah.tk
sana-dadgah-apk.tk
sana-eblaghe-iran.xyz
sana-eblaghiye-iran.tk
sana-ie.tk
sana-new.tk
sana.mpiko.ir
sana.pb5.ir
sanaadiiran.tk
sanadadgah.tk
sanaeblaghh.tk
sanaeblah.tk
sanakdrobat.pb5.ir
sarmageggan.tk
sarmayeegan.tk
selfali.ir
serverdefacer.ml
shagarak-ir.ml
shaparak-bankmellat-iran.gq
shaparak-bankmellat-iran.tk
shaparak-bmi.ml
shaparak-ftz.ml
shaparak-kq.ml
shaparak-lbl.ml
shaparak-meli.ml
shaparak-mellat-eng.tk
shaparak-melllatbank-iran.xyz
shaparak-mi-ir.ml
shaparak-phg.gq
shaparak-rtg.cf
shaparak-rtg.ml
shaparakes-0.cf
shaparakm.gq
shapark-bmp-ir.cf
shapark-bmp-ir.ga
shapark-bmp-ir.gq
shapark-bmp-ir.tk
shapark-irnm.cf
shaparrk-tj.ml
shaparrk-tj.tk
shaprk-pep-ir.cf
shaprk-pep-ir.ga
shaprk-pep-ir.gq
shaprk-pep-ir.tk
shaqarek.tk
shegayatname-eblagh-ir.tk
shirazey.cf
shirazeybomber.tk
shop-kal.tk
shop-levi.tk
shop-sap.tk
srw-pey.tk
support-iran-net.xyz
support-iran-sana.xyz
support-newsana.xyz
time-pay.gq
time-pay.ml
time-pay.tk
timesaz.tk
titelegram.ir
tract-iran.ir
trust-wallet-g.cf
trust-wallet-ge.cf
trusts-wallet.xyz
vcm-moodle.ml
viz-panel.ir
web-sh.tk

# Reference: https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran/
# Reference: https://www.virustotal.com/gui/ip-address/185.178.208.134/relations
# Reference: https://www.virustotal.com/gui/file/1512de28f47ee802f2bd31575a47a1caa2c27f2cb5fb1c219d49301b75fbd923/detection

account-tamin-ejtemai-ir.cf
adleiran-ir.tk
adlliran-ir.ml
adllirani.ml
adllliran.ml
benkday-ir.top
blaghmalet-shapark.tk
caloprkds.ml
divaar.xyz
du-shaparak.tk
eblagh-sana126.cf
eblaghonline.tk
edalatiran.cf
edalatiran.ga
ekop.shop
googleadvercap.ml
ibligo.com
iraeblagh.tk
iranadll.ml
myeblaghye.tk
oliverdnssop.cf
oliverhome.cf
oliverhome.ml
papaoliver.com
sana-adliran.site
sana-panelr6s.cf
shprk-melli-ir.cf
taminaccount-ir.ml
texrec.tk
meraf-c128a.appspot.com
api.texrec.tk

# Reference: https://www.virustotal.com/gui/file/4b32fb019d73fad4d44c1b68ff7ec96158902014298458eec47de39e3b3aa8bd/detection

caco333.000webhostapp.com
shafarak.cf

# Reference: https://www.virustotal.com/gui/file/2ba905addab2c210d79aec0b4b185d6ed2e3fc48d55951b5668d8345c65d178e/detection

beh-pardakht.xyz

# Reference: https://www.virustotal.com/gui/file/64d9bdd869c24fa758e9e76d28bc9d399eb91c707eb9ce30aeb776cdb0a01f80/detection

edalat-app.com

# Reference: https://www.virustotal.com/gui/file/b12f057af6679df0d99606e5ae95b08004955a58b176866d67984477dc38d008/detection

nme-top.cf

# Reference: https://www.virustotal.com/gui/file/45ac78f881ff30531e95f24f003c03249bf24dece268a57a65b5f6609f423a02/detection

pec-shapalrak.gq

# Reference: https://www.virustotal.com/gui/file/966d71ed3c149eed6d0e8d412b9e464b38a2012630a94888a10d3fcbfbce6dc1/detection

http://45.147.231.11
/reza/send.php

# Reference: https://www.virustotal.com/gui/file/83f69d44a33c2033972c33c59b0a28bfacf62421a20a916b7c77be3955fc3aa1/detection

liizradvip.xyz

# Reference: https://www.virustotal.com/gui/file/9c4df97e482b228d09f4759d5a181c9bbb200ae3771150c064b6799363a39aea/detection

eblagh-post.tk

# Reference: https://www.virustotal.com/gui/file/0cb5c5eeed9afa49d4dce801777c1ae8dcb16577a3c16c76c85653acfd745f64/detection

iran-sanaeb.tk

# Reference: https://www.virustotal.com/gui/file/94e30d9bc60022c07262d8002e414cca6f3898ec4c32c95c849cefa14b0ad77a/detection

sana-eblaghieh.ml

# Reference: https://www.virustotal.com/gui/file/218545fe27ac30d6983639e2a5764b0a4477b14ecbaac269005e97661ada2318/detection

shaprak-ir.gq

# Reference: https://www.virustotal.com/gui/file/8e6d6e431186f96ddaab73767acac79cc722d203d5e34772b92063d4ba942e51/detection

shaparal.cf

# Reference: https://www.virustotal.com/gui/file/86d59b6bd8df0ba45c57e8ddab03c14e085a6a7772c92d33be776060d9365aca/detection

shaparak-prdakht.ga

# Reference: https://www.virustotal.com/gui/file/f3e4454ec7a4e4b51f0644de956e19c74ca02938ed265b3e4056298f1d0a1d90/detection

shapatak-ir.ga

# Reference: https://www.virustotal.com/gui/file/d61f6025b0dcb7ef6afa57f12c50c6a60bc6111c7a236e8381743fcfe2dd7082/detection

paymen-pay.ml

# Reference: https://www.virustotal.com/gui/file/fab6c6624bdc39db39ab88c7a90129e881ddeded89a19b2c5289fbc242a1a93b/detection

texrac.cf

# Reference: https://www.virustotal.com/gui/file/d0e7180eea4d4aa1e3a43bcc02978d1fa2fde44d18d92a5e95ddfb9a61bf5a53/detection

kiaoiiq910.xyz
sana-adliran.me

# Reference: https://www.virustotal.com/gui/file/c648ecdba5a0adb1056d4af36ce03b4d2ad56c87ed207b174e14184772b877e9/detection

bhwii80181.xyz

# Reference: https://www.virustotal.com/gui/file/ee046d94783aca4ec5620265a214d5488a12020e1b7f872b1471344792686884/detection

shaparaks-ir.tk

# Reference: https://www.virustotal.com/gui/file/b33414351b19a5589989768b6991565759a9e15e28d7dfedd97636a97738a37c/detection

smsihjje.cf

# Reference: https://www.virustotal.com/gui/file/020a2722e446851fef19963ae5da860269ee1bacd33c03a4837c0c385d07b184/detection

ebv-eblagh.xyz
/Eblagh/eblaghimport.php
/eblaghimport.php

# Reference: https://www.virustotal.com/gui/file/d1718e7292bbf77dd9191d23fad7a5ce1df4875331b6ba1634511544a651b80b/detection

mellat-pay-ir.ml

# Reference: https://www.virustotal.com/gui/file/601902a025b929c0294a5a1b0cbfa84b9f896fbce8fe82b51e416aa5c93d0e9b/detection

ebl-eblagh.tk
/mellat/payment.mellat/
/payment.mellat/

# Reference: https://www.virustotal.com/gui/file/13eddbf151f89bd2b1c4618817d20a5701c5b47ed14372d81e62bbd0d600423e/detection

shaparaks-ir.gq
zrin-pal.tk
/data/40226/sms.php

# Reference: https://www.virustotal.com/gui/file/0025225ae2ac093d2a8455305b4d7eddeb9ff457758c9d5a7c862f2bc1063629/detection

sana-irans.xyz

# Reference: https://www.virustotal.com/gui/file/b78d92ebddbc53cf3b364f70562f9213322eb921096c48648b8009d8612d1361/detection

nafasakhar.000webhostapp.com

# Reference: https://www.virustotal.com/gui/file/5a871bd80f4ff27cfd6c59f003decd5d6babee3aeee559f65536ee1cd043eefd/detection

shaparakks.gq

# Reference: https://www.virustotal.com/gui/file/e7d5370480d07e58d885170194ead261b80fe14e42e794e6ff1079a4c2f64564/detection

http://135.181.168.202
sana-adlirans.ml

# Reference: https://www.virustotal.com/gui/file/fc7c6c25d64e289b1f7ebe76c663e61c0171e0f4ad116b7053da4444f7203fa8/detection

iran-sanaadl.tk

# Reference: https://www.virustotal.com/gui/file/a0ea40eaf470b59b54fd19caced1cb832e10812906fc2bdecd4011a678cb1c62/detection

cod-change.cf

# Reference: https://www.virustotal.com/gui/file/969faae7a97a7b5d6572efe63c0d8427815590e9d86d68b26b093ad924c268b2/detection

trust--wallet.ml

# Reference: https://www.virustotal.com/gui/file/9c3e564dd99a0548cd7a42018f01cdb091b00528bef7b3603aea24ddf99b7e51/detection

shaaperak-ir.tk

# Reference: https://www.virustotal.com/gui/file/d9104bbc8043b4b8936741b48063bf577c55143be171cf62ef497da9ec492543/detection

sanairani.cf

# Reference: https://www.virustotal.com/gui/file/396d356760f08725dfc94eea3f687e422f342ea1d5bdb231df40d19c40d0ac1f/detection

bpm--shaparak.cf

# Reference: https://www.virustotal.com/gui/file/a6d464731085a091a76d14fe890ead926acdf72de300093d3876f4764fb687cf/detection

trust-marketa.tk

# Reference: https://www.virustotal.com/gui/file/1805648b238686cff9aa201e22ec25d1390fe518ebb04f98aef0d236f05ca845/detection

shapajak.gq

# Reference: https://www.virustotal.com/gui/file/2af1c66cd2ad38759788b07acde4e1781de3938c979aa4ebc245693624d6e108/detection

eblagh.xyz

# Reference: https://www.virustotal.com/gui/ip-address/192.3.154.61/relations
# Reference: https://www.virustotal.com/gui/file/e5373be93e11e8735cdde14e78c87abcbeaa2b0d3893724ddc971c5640b6cab9/detection

adliran-eblagh-ir.ga
adliran-eblagh-ir.gq
adliran-eblagh-ir.ml
adliran-eblagh-ir.tk
adliran-ir1.cf
adliran-samane-ir.cf
adliran-sana-ir.tk
adliran-sana-iran.cf
adliran1-samane.tk
adlirna-ir.tk
api-charge-bot.cf
bas-pay-ir.cf
bas-pay-ir.gq
bas-pay-ir.ml
bas-pay-ir.tk
bqm-shacparak-com.tk
chargerobot.tk
colz-vps.cf
download-edalathamrah-com.cf
ebalgh-ir.tk
ebiagh-ir.tk
eblagh-internet-ir.ml
eblaghir-sana.gq
eblaghir-sana.ml
edalat-hamrah-ir.tk
ghost3282.tk
ha-edalat.tk
ha-sana.tk
hir-san.tk
ili-oori.tk
internet-bankmellat-ir.tk
internet-mellatbank-ir.tk
ir-idpax-iran.tk
lnternet-bankmellat-ir.tk
lsp-pey.cf
mellatbank-iran-com.ga
mylicense.cf
og-req.tk
op-seq.tk
p-coin.tk
p-net.tk
p-vps.tk
pay-idpy.tk
ps-red.ml
ps-sighe.tk
salamat-ir-gov.tk
salamt-gov-ir.cf
saman-sana-ir.cf
sana-adliran-ir.ga
saz-pay.tk
shaparak-venoss.tk
shaparak-veroncs.tk
shaparak-vorons.tk
shaparakvenos.tk
shapark-mellat.gq
shop-shacpatak-py.tk
sighe-buy.tk
sigheyabi-com.tk
sopp-pey.cf
sorp-pey.cf
ssn-eblagh.tk
tr-wallet.tk
www-paylogin-com.cf
www-slamat-gov-ir.cf

# Reference: https://www.virustotal.com/gui/file/7b8babce594c8294b75d5b61ac4f9a5aec24c29a8ea294caf81bfc70d3c3398a/detection

epay-banki.ga

# Reference: https://www.virustotal.com/gui/ip-address/146.59.254.188/relations
# Reference: https://www.virustotal.com/gui/file/00fc19ea7ea18f6ce5d7a2e377cce48e7caa18ca62fa1d97109dd58805c1bbb4/detection
# Reference: https://www.virustotal.com/gui/file/fef9b60c08b225776460f98213f2343c39858451c125b307c404c742a06d6735/detection

amir-rxhmxni.ir
api-xcr.tk
bots-me.gq
bots-me.tk
eblaq-ir.cf
eblaq-ir.ml
eblgh.cf
eblgh.ga
eblgh.gq
eblgh.tk
epay-banki.cf
epay-banki.ga
epay-banki.gq
g-register.ir
iran-lancer.com
rush-link.gq
sana-gov.xyz
tron-wallet.ga
typing-rush.cf
typing-rush.gq
typing-rush.tk
weblink-sana.ga
weblink-sana.gq
weblink-site.cf
weblink-site.ga
weblink-site.ml
weblink-site.tk
xcr-bot.tk
zohreh-ahmadi.ir

# Reference: https://twitter.com/malwrhunterteam/status/1466836273256181761
# Reference: https://twitter.com/midnight_comms/status/1466971054941904896

eblgh-14000.xyz
salambarrahbar.xyz
/rat/user/nabat/

# Reference: https://twitter.com/malwrhunterteam/status/1466888626571259908
# Reference: https://twitter.com/midnight_comms/status/1466967003189682179
# Reference: https://www.virustotal.com/gui/file/b05418cab378f7c438c440110c7b61371b0d674a80cfbf5a962d06b34d913d95

adelliirann.tk

# Reference: https://twitter.com/malwrhunterteam/status/1466822463057186821
# Reference: https://twitter.com/midnight_comms/status/1466965433467248643
# Reference: https://www.virustotal.com/gui/file/2d3454ce72fbd12699262cee5ab05a068436ddafda04a49fa7a05dc48cee6605/detection

ir-46549.xyz
ir-56163.xyz
edalat.ir-46549.xyz
edalat.ir-56163.xyz

# Reference: https://www.virustotal.com/gui/file/c89b52a6bb50b96ad1d1fcb2c335b534731a5691c7a3aae49b7f7afc33624a01/detection

remote-vip.tk

# Reference: https://www.virustotal.com/gui/file/0ad7826c1de74bc0708b381741daa2ac6b87c8a8f3f38e0b4b0a202df19c09f3/detection

test-remote.tk

# Reference: https://www.virustotal.com/gui/ip-address/37.187.132.157/relations
# Reference: https://www.virustotal.com/gui/file/85b4c2bc2f97c10ed94276d5fe166ec5dfa3e8d0d8c7ed237f64e141affb5732/detection

e3blaq.com
ebiagh.com
eblaq.net
iblaqh.com
rat-1342.xyz
sana-ebiaghir.xyz

# Reference: https://www.virustotal.com/gui/ip-address/162.0.217.30/relations
# Reference: https://www.virustotal.com/gui/file/0a688d1f72d322a18a8ad2efc44c0387ea8f138449559dcd667f0a962b65d497/detection

appsanadownhere-ir-tk.xyz
landingissahna-tk.xyz
sabtsanna-tx-com.xyz
sahnayeman-tk.xyz
thisissahna-tk.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1469772282805555206
# Reference: https://www.virustotal.com/gui/ip-address/194.147.142.95/detection
# Reference: https://www.virustotal.com/gui/file/ec337b5cfc3500034c5f42443774bcbb20b9d1666296d82d37c245cdf1f891d2/detection

12gig-net.tk
12usnet.tk
30gig-net.tk
adiiran-ir.cf
adl-eblagh.ga
adl-eblagh.tk
adl-eblaghiran.cf
adl-eblaghiran.ml
adl-irin.cf
adliran.tk
adliran1.tk
adliran2.tk
adlirani.tk
adlisanaa.ga
amo-reza-login.cf
amo-reza-login.tk
bedi24.ga
claud-zax.tk
cloud-fa.tk
customer-01.tk
customer-02.tk
customer-10.tk
cyber-police.gq
cyberpolice.gq
download-maya.tk
eadl-ir.tk
eblagh--sana-ir.tk
eblagh-adiiran-ir.ga
eblagh-adiiran-ir.ml
eblagh-adliran.ga
eblagh-admiraani.tk
eblagh-ed.ml
eblagh-fata-ir.tk
eblagh-iran-sna.cf
eblagh-iran-sna.gq
eblagh-iran-sna.ml
eblagh-iran-sna.tk
eblagh-sanair.gq
eblagh-sena.cf
eblagh021.ga
eblagh1-electronic.cf
eblagh1-electronic.ga
eblagh2-adlirani.tk
eblagh2-electronic.ml
eblaghi-site.ml
eblaghi-site.tk
eblaghirsana.gq
eblaghy-irni-ir.tk
eblaghy-sana-ir.ga
eblaghy-sana-ir.tk
eblaghye-ir.gq
eblaq-fata.gq
eblaq-sana-ir.tk
eblaq021.ml
eblaqie.xyz
host-free.ml
ir-ablagh.ga
ir-pardakete.gq
iran-hamdel-sh.tk
iranu-adleblagh.ml
iranu-adleblaghi.cf
iranu-adleblaghi.ml
iranu-adleblaghi.tk
kospar.cf
kospar.ga
kospar.gq
kospar.ml
mellatbehpardakht-iran.gq
moshtari-2.tk
moshtari-3.tk
moshtari-4.tk
moshtari-5.tk
myket-ir.cf
net12us.tk
pakket-ontvangen.ga
perfect-uc.cf
peygir-iran-ir.cf
peygir-iran-ir.ml
peygir-iran-ir.tk
peygir-sna.tk
peygiri-rs.ml
peygiri.gq
peygirshi.pw
police-eadl-iran.tk
police-iran.ml
poxirn.ga
pygiri-iran.cf
remoteapk.gq
samaneh-sana.tk
sana-app.com
sana-eblagh-iran.cf
sana-eblagh-vjc-ir.cf
sana-eblagh-vjc-ir.ga
sana-eblagh-vjc-ir.ml
sana-eblagh-vjc-ir.tk
sana-eblagh11.cf
sana-eblagh11.ga
sana-eblaghye-ir.cf
sana-iran-eblagheyi.tk
sana-m-ir.cf
sana-peygiri.cf
sana-peygiri.ga
sana-peygiri.gq
sana-peygiri.ml
sana-talanir.tk
sana.tk
sanaa-adliran.tk
sanair-eb.gq
sanairen-wv.cf
sane-adliran.tk
sena-ir.tk
server-fox.tk
server-vip.site
sex-chat.gq
shaparak-12gignet.cf
shaprk-bmb-ir.ml
shaprk-iran-ir.ga
shaprk-iran-ir.ml
shaprk-iran-ir.tk
shaprk-meli.ga
shekayat.gq
shekayt-sana.cf
shekayt-sana.gq
sigheyab.ml
webamo-reza-login.tk
webcloud-fa.tk
webeadl-ir.tk
webeblaqie.xyz
webperfect-uc.cf
websana-m-ir.cf
websana-talanir.tk
webserver-fox.tk
zax-taha.tk
30gig-net.amo-reza-login.cf
eblagh-admiraani.amo-reza-login.cf
eblaghye-ir.customer-10.tk
eblaghye-ir.gq.customer-10.tk
peygirshi.customer-10.tk
sana.adiiran-ir.cf
zax-taha.customer-10.tk

# Reference: https://www.virustotal.com/gui/file/67ccdd6b89a0418a243a3ab188a7977328f623e87f95b7eb8fcb9f41a2f8f581/detection

ebanking-ir.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1475573184011255808
# Reference: https://twitter.com/midnight_comms/status/1475575581685256198
# Reference: https://www.virustotal.com/gui/ip-address/176.9.212.56/relations
# Reference: https://www.virustotal.com/gui/ip-address/194.147.142.235/relations
# Reference: https://www.virustotal.com/gui/file/eab8e5dfcdc8e3c85f1e0796d0773c7a3a51e357a025be734c79ce680b1e6c3e/detection

ebblaghh3.ga
eblagh-electeronik.gq
eblagh-electeronik2.ga
eblagh-electeroniked.gq
eblagh-ir.co
eblagh-irn.ga
eblagh110-sna.tk
eblaghiie-sana.cf
eblaghsana110-ir.tk
eblaghssna-ir.tk
elobagpeygiri.cf
fata-iran.cf
fshekayat.ml
geblage3.ml
goysl.ml
internet-12giig.ml
mellatt-shop.ml
peygiri-eblaghie-sana.tk
pge-shapark.tk
qeblaghe3.ml
remote-best.tk
sghp-melli.tk
shop-melli-iran.tk
shop-melli.ga
shop-melli.tk
shop-mill.ga
shoping-mill.ga
sighe-daff.tk
sighe-shoop.ml

# Reference: https://www.virustotal.com/gui/ip-address/45.155.173.151/relations
# Reference: https://www.virustotal.com/gui/ip-address/51.254.108.216/relations
# Reference: https://www.virustotal.com/gui/file/72379f71aad2a7bed17d4f91ed79c61214cd250a81e59c93b29c80ec0cf11a4f/detection

abl-irann.tk
af-shaparak.tk
app-sana.com
ara-host.xyz
bkihsjvjvdjgdjvdjvvdj.ml
bots-me.ga
bots-me.ml
bpn-shapatak.tk
bqm-shaprk.ml
clashsupercell.tk
cryptobiit.tk
cybertm.ml
daraserver.ir
deinserverhost.xyz
eblagh-pbp.ml
eblagh-pep.ml
eblagh-pep.tk
eblagh-saba-fata.tk
eblagh-sana-fate.tk
eblagh-sena.tk
eblagh-senal.tk
eblah-sana-fata.ml
eblah-sana-fata.tk
eblah-sans-fala.ml
ems-api.ml
eocic.ml
ezshoping.ir
fast-creat.ir
fater313.ir
fgvhbjnkmnbhgvhj.tk
gifti-trus.tk
gihjdgvbj568.tk
gite-tros.tk
godrat.xyz
hamsaryabi-maya.cf
hamsaryabi-maya.tk
hero-server.ir
httpwebsite.cf
iran-suport.tk
jet-host.ir
lemonrobot.ml
lotusgaming.ir
master-host.ml
master-host.xyz
megahosts.ir
metiwz.ir
mmmnbjhxojcjcjv.tk
monster-security.ml
mr-hp.ml
ms-api.ml
mweb.ml
newmizban.site
newmizban.xyz
nexgift.xyz
night-server.ir
panel-server.xyz
payepai-com.tk
phonix-host.xyz
piggiryy-ir1.tk
pocoserver.net
pocoteam.ml
power-server.ir
power-server.tk
qayehbolaghi.xyz
royaleweb.tk
rtxapi.tk
sana-adl-iran.ml
sana-s.ml
satashop.ir
satasource.ir
self-rezno1.tk
sevenmizban.ir
shaparak-ipc.tk
sighe-yab.ml
signorshop.ir
sing-in.gq
smomti.tk
trustwallet2022.cf
turk-mizban.tk
typing-rush.ga
webfgvhbjnkmnbhgvhj.tk
webtrustwallet2022.cf
webzarinpay.cf
x-pardakth-1400.gq
zarin-server.ir
zarinpay.cf
zarinpay.gq

# Reference: https://www.virustotal.com/gui/file/4997f65b0d78456ac881aefe477aa7d47e2ac96756530bdb6ca7b0718429d01b/detection

hamdamyad.gq
litehost.site
host2333.litehost.site

# Reference: https://www.virustotal.com/gui/file/ad30bbd9430472cb06a8be1c6117952036942117717e92800344ff764157d8d9/detection

pasha.alphahosting.ir

# Reference: https://www.virustotal.com/gui/ip-address/116.202.184.197/relations
# Reference: https://www.virustotal.com/gui/ip-address/116.202.190.150/relations
# Reference: https://www.virustotal.com/gui/file/573e36366ed930637cdaf22e8c20da8768cab4fda6c9f2c61885891c57d54872/detection
# Reference: https://www.virustotal.com/gui/file/6c044ba80ba093251ca5f6c4967b514b97a681dca347e830849952c7a6f16037/detection
# Reference: https://www.virustotal.com/gui/file/c2e156051b84bf0db2045ef79c20c7e995e0b22bae8279df9ee8940f13f52587/detection

banck-shaparack-ir.tk
dn-shaparak.ga
dn-shaparak.ml
dn-shaparak.tk
ds-shaparak.ml
ds-shaparak.tk
pablo-service.tk
pes-shaparak.ml
pes-shaparak.tk
senayar.xyz
sep-novinpardakht.tk
sinatarh.tk
sobhanphp.tk
sp-shapark.cf
sp-shapark.ga
sp-shapark.ml
sp-shapark.tk
yt-shapatak.cf
yt-shapatak.gq

# Reference: https://www.virustotal.com/gui/file/5a672adb90ca4730966d2a8ed131b022a152564ff31b5871bd4b1437b2bbc493/detection
# Reference: https://www.virustotal.com/gui/file/b249f7c8b7026668195878e5a68fe74d38d927c5ceb6a339217127a03c68f223/detection

sana-apk-ir.cf
sana-apk-ir.ml

# Reference: https://www.virustotal.com/gui/file/a2b32b8875da1331ddfd2c70ce3f1ba12da1680375dff5c5b37866b30603f581/detection

sana-1adliran.cf

# Reference: https://www.virustotal.com/gui/file/be890a3a42bc79fd0dd7993dd32c564f37a6caaa67bddf886d23a1446d6f5af8/detection

00098.tk
shaadparak.gq
rat.00098.tk

# Reference: https://www.virustotal.com/gui/file/ef138f6ad939e7e3df93c42499265f06b004ce85afa2b9d9345ad7c06d337a1d/detection

client-eblaghe.ml

# Reference: https://www.virustotal.com/gui/file/3d77255a247fb9b22589fad1e92ba11e3a4cb882e893b8e805c23aab41bc8623/detection

sumerr-ir.tk

# Reference: https://www.virustotal.com/gui/file/78ad1d47c9e690a0bf0d5ea87a5622915f78388b915f413440f8989648e3d85f/detection

snowiby.ga

# Reference: https://www.virustotal.com/gui/file/e398a8bd3b98437a3cf52eb0f303ee0d4363ed10341a1a43f30fc835aba7c370/detection
# Reference: https://www.virustotal.com/gui/file/5b4da6081760628f379caa6bb585100382348397533baca1b29a4012d2dd9beb/detection

danalica.ito.gov.ir/dcore/file/js/tracker.php

# Reference: https://www.virustotal.com/gui/file/3b674f320cac7d953fd7026e65bb3e974f43b788b80b3a85c2716389960661b2/detection

shapajak-ir.ml

# Reference: https://www.virustotal.com/gui/file/dc8c42626edf4bf0b9cacc9c21d682ca32e56ed697cb229415ba29416706fc6f/detection

shapatak-ir.ml

# Reference: https://www.virustotal.com/gui/file/fdc37a0e99b53580d83e63a6f49e2c985c0cb2a3996905e7a14af62dc5f493e7/detection

icm-mellat.ga
Icm-mellat.ga

# Reference: https://www.virustotal.com/gui/file/590278726f4ee4c2db9f2afaf8c11e62dc09acd6d1368fdef448e2ec6a244818/detection

b2-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/14e946c66487102454376e04b17cf2d5ad192dd5d7542274ee294f95ca3ab686/detection

b2b-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/b31b6d93080735b25eaff4a66f0b2dc93f6cfd5efe7053199dfb5413090737a1/detection

b5-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/7816eab3b6021633ab79d11beeb6e98f3bc6dbc80aec01f8fd0bab8aaa11679f/detection

b9-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/3fb52b569c110dc3cd552fb37cf6e13f6758104bcb538eaee41cdda101a6452a/detection

bf-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/9cfc5d3cd6d87361ad4b1da6d29f208d03c31794f301caa865146a813274f211/detection

dl-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/9be85cac1a76caf2ca66a7e613e3ec5c40b657ef5701eee60ea74c454f5f722d/detection

shafarack.ga

# Reference: https://www.virustotal.com/gui/file/ebab499e9dbfd737d69cad9bac37e5a68053f55d5ccae53dbf72d9561a7a845d/detection

shaparaks-ir.ga

# Reference: https://www.virustotal.com/gui/file/659b835b73ccb0341c7f97cfc66f959ae1192c0c2a2ae982e29f3cc6aab1079d/detection

shhaporak.cf

# Reference: https://www.virustotal.com/gui/file/35ddb00109601324423de9ed903e1aa81e164b9b62cbcf461fbd58bdfe852b13/detection

shaparuk.ga

# Reference: https://www.virustotal.com/gui/file/f645368d2cdc68a74f927822ef6590f4bf9e4ae0d82909c13a91c5d70505865a/detection

api.texrcc.tk
dp-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/ce0b1c5e5ccb5e540c04b71a314b4c04c370985937c340c9e699052bb652515f/detection

shapkarak-ir.cf

# Reference: https://www.virustotal.com/gui/ip-address/198.144.189.93/relations
# Reference: https://www.virustotal.com/gui/file/fa4524025b56dbccee06126c18b40a6105709b869345899606da20ec26129db5/detection

35yu5u.ml
5r5hjd.gq
airdrop2021.cf
api-error.cf
api-error.ga
baro-pay.tk
bas-pay.ga
basepay.ga
beso-pey.gq
biso-pey.ga
biso-pey.ml
daillytron-cc.ml
diktator-api.tk
diktator-error.tk
diktator.cf
diktator.tk
e45jrwe.ga
ehjet54.gq
error-api.ml
error-diktator.tk
et764ue.cf
kanie-pey.tk
lkhyfytd.ga
ratkiriri.ga
ratkiriri.tk
rykoedt2.gq
rykoedt2.ml
rykoedt2.tk
saro-pay.cf
saro-pay.ga
saro-pay.ml
saro-pay.tk
sero-pay.cf
sero-pay.ga
sero-pay.ml
sero-pey.cf
sero-pey.ga
sero-pey.gq
sfro-pay.ga
sfro-pay.gq
sfro-pay.ml
sfro-pay.tk
sfro-pey.gq
sfro-pey.ml
sfro-pey.tk
snro-pay.cf
snro-pay.ga
snro-pey.cf
sps-shaparak.tk
stro-pay.cf
stro-pay.gq
stro-pay.ml
stro-pay.tk
stro-pey.cf
stro-pey.ga
stro-pey.ml
stro-pey.tk
trusttwallet.cf
uniouswap-com.ml

# Reference: https://twitter.com/malwrhunterteam/status/1473406036497383425
# Reference: https://twitter.com/midnight_comms/status/1473459603073470464
# Reference: https://www.virustotal.com/gui/file/e07d155c663e8deddc0b8843de0acaddad620a15ac7d9e02397807466fb8e58a/detection

http://45.147.230.25
trustwalllet.cf
mta0.moedazmail.com.br

# Reference: https://twitter.com/malwrhunterteam/status/1473663409992445955
# Reference: https://www.virustotal.com/gui/ip-address/45.14.224.32/relations
# Reference: https://www.virustotal.com/gui/file/9efbf303b035bb02cf5c611ed010816c04d7b91916bf9976e694ad2e246abacb/detection

http://212.114.52.201
http://45.147.230.25
abl--irann.ml
abl--irenn.ml
abl--irran.ml
abl--irren.ml
ablag.ga
ablag.tk
ablagie-adliran.tk
addludksd-sds.ml
adiran-eblagh.gq
adiran-eblagh.ml
adiran-eblagh.tk
adl--irann.ml
adl--iren.ml
adl-peygiri.ml
adl-sana-eb.ml
adlilran.xyz
adliran-ebiagh.xyz
adliran-sana.site
adliran-sano.xyz
adliranian.xyz
adlirn-ir.cf
adll--irren.ml
adlliraniian.ml
adlran-sana.ml
adlransna.ml
adrlin-site.ml
aedll.ga
benzin-ir.com
biag-sana.ml
bqm-shaparak-ir.xyz
cena-sait.cf
csynat661.xyz
dadgah-web.cf
digitalvigo.gq
dodgah-sana.cf
ebalgh-rasmi.tk
ebfamli.ml
ebilag.tk
ebilegh.tk
eblagh-adlran.ml
eblagh-ir.com
eblagh-iran.com
eblagh-lran.ml
eblagh-peygiri.ml
eblaghe-iran.xyz
eblaghe-rasmi.cf
eblaghe-site.cf
eblaghee-sana.gq
eblaghiyefta-ir1.ml
eblaghiyefta-ir4.ml
eblaghiyefta-ir5.ml
eblaghye-sena.ml
eblaghye-site.cf
eblagie-adiliran.tk
eblagie-adliran.ml
eblagye-sena.ml
eblaqe-sana.ml
eblegh-iranian.ml
eblfasaeda-ir.ml
eblfpamlei-ir.ml
eblfsaeda-ir.ml
eblgh-sana.gq
ebliagh.tk
ebliegh.tk
ebllaghe-sana.ml
edaiat.com
edalat--wab.cf
edalat--web.cf
edalat-wab.cf
edll-ir.xyz
efatimli.ml
ersal-payam.xyz
faeblaghis.ml
gov-eblagh.cf
gov-eblagh.gq
gov-eblagh.ml
gov-shaprak.ml
hdbshsj44.xyz
ir-adl-iren.ml
iradll.ml
iran-eblagh2.tk
iran-edi.com
iran-hamdel-sh.cf
iran-hamdel-sh.ga
iran-hamdel-sh.ml
iran-khodro.ml
iran-pot.tk
iran-sanaadli.site
iran-tap.gq
iranis.xyz
ireblaghix.xyz
is-sigheq.tk
kuofeesmon.ml
main3erver.xyz
mellat-sheaprkq.tk
morning-housey.xyz
mysaba.tk
new-siqe.gq
newyeargift-paycompany.ml
nlserver.ml
opshpo.tk
pancake-swap.ml
paygiry-sena.ml
paysmentra.ga
pey-dadsetani.ml
pey-eblaghq.ml
pey-eblaghq.tk
pey-eblaghw.cf
pey-eblaghw.gq
pey-eblaghw.ml
pey-eblaghw.tk
peygiri-apk.ml
peygiri-arf.ml
peygiri-dadgostari.ml
peygiri-dci.ml
peygiri-eblagh-new.gq
peygiri-eblaghye.tk
peygiri-itr.ml
peygiri-sak.ml
peygiri-sms.cf
peygiri-ytr.ml
peygiri.cf
peygiri.ga
peygri-ebleg.cf
peygry-sena.ml
proxy-null.cf
pygiri-iran.ga
randomsize-12.ml
sada-adlran.ml
saheb-dar.xyz
saite-sana.ml
saite-sena.ml
saman-sna.cf
saman-sna.ga
saman-sna.gq
saman-sna.ml
saman-sna.tk
samane-eblgh.cf
sana-adilran.ml
sana-ebl.ml
sana-eblagh-iran.cf
sana-eblagi.cf
sana-eblagi.ga
sana-eblagi.gq
sana-eblagi.ml
sana-eblagi.tk
sana-eblgh.tk
sana-eblogi.gq
sana-iran-ir.tk
sana-iran.online
sana-iranis.xyz
sanad-irani.xyz
sanaeblag.tk
sanafatk.ml
sanaire.cf
sanan-iron.ml
sanan-iron.tk
sanar-irani.xyz
sanat-irani.xyz
sanna-larn.ml
saya-gh.ml
sena-adrliins.cf
sena-adrlins.cf
sena-ira1n.tk
sena-iren.cf
sena-peyggri.cf
sena-peygri.cf
sena-sait.cf
sena-sayt.cf
sena-sita.cf
sep-shaparak-pay.cf
seq-shaqarak-ir.xyz
shaapaarak.tk
shaparak-ipc.tk
shaprak-xer.tk
shaprk-bmb-ir.ml
sighe-yab.gq
sighe-yabi.site
sighehalal.ml
siman-ersal.xyz
site-eblaghe.ml
site-sena.ml
snatrt.ml
soltaniiisirr.xyz
starpar.ml
telegram-hakc.ga
test-dargah.tk
thenull.cf
trust-walet.gq
trustswalt.ml
update-shprk.ml
xe-shaprak.tk
zeoxtm.ml
zeoxtm.tk
zr665.xyz
adl-sana-eb.sanan-iron.tk
adlransna.sanan-iron.tk
adlrdan-sana.sanan-iron.tk
eblagh-adlran.sanan-iron.tk
eblaqe-sana.ml.eblaqe-sana.ml
sada-adlran.sanan-iron.tk
sana-eblagi.main3erver.xyz
sana-eblogi.main3erver.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1474789191397556225
# Reference: https://www.virustotal.com/gui/file/19cfb063d8d43bced68cc3ebfef029bb7a39b7d7a8a6b2b3ba2889fa5cef87ed/detection

dxxx.bar
eblagh-2200.xyz
sna-eblagh.com

# Reference: https://www.virustotal.com/gui/file/47f4ff8cfbf3043635217fdd6e47ea11764be66bb78be0203b88357750786ab3/detection
# Reference: https://www.virustotal.com/gui/file/97cdf8035b74e212b6da44f8af75a4540421349c58668e77d6aaedbc714c5639/detection

cxxx.bar

# Reference: https://www.virustotal.com/gui/ip-address/185.61.152.67/relations
# Reference: https://www.virustotal.com/gui/file/8eb3b6ac76d37f5080711260e0ecff4b5f2443795c0181ca4101a5c9bbf08699/detection
# Reference: https://www.virustotal.com/gui/file/82ebe56b08c5d2810b3870e5124df2f23ae49a0a1f1e5f4293cba0d9aa3e43e3/detection

adleiran.xyz
adleran.xyz
adlian.xyz
adliran1.xyz
adliran2.xyz
adlirno.xyz
adliron.xyz
adlliran.xyz
adlor.xyz
adlrn.xyz
cvv2.xyz
divaor.xyz
divar-man.xyz
divar.bond
divar.cfd
divar.fun
divar.monster
divar.store
divarapi.xyz
divarh.xyz
divarm.xyz
divarman.xyz
divarnew.xyz
divaro.xyz
divarp.xyz
divarpay.xyz
divart.xyz
divarz.xyz
divaur.xyz
divear.xyz
ebiaghi.xyz
ebiaghie.xyz
eblagh1.xyz
eblaghiat2.xyz
eblaghiran.xyz
edalati.xyz
edalatiran.xyz
edalaty.xyz
ghazaiat.xyz
mydivar.xyz
oxxx.bar
pishgiri-sana.com
sanagv.site
ssspp.xyz
xxxsx.xyz

# Reference: https://www.virustotal.com/gui/file/8d657d372777b2e89b5e63ced5e1ab82750a190af54fe34a6953de157dec670c/detection

dadsara-1400.xyz
hello-23123.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1473016650689622025

dadsara-1500.xyz

# Reference: https://www.virustotal.com/gui/file/4d41d251c4d1d48bb213fa84c71af4ebe1b1aa026a1628e639638cb9ec29b6a2/detection

sana-miran.tk

# Reference: https://twitter.com/malwrhunterteam/status/1359203738808893450
# Reference: https://www.virustotal.com/gui/file/a6571e7d63b10a2d323cba7f9d603a977e1c66f635ae7e40027a7a4b0a96383f/detection

shaparack-iir.ga

# Reference: https://twitter.com/malwrhunterteam/status/1349342821623459840
# Reference: https://twitter.com/malwrhunterteam/status/1350419534868578304
# Reference: https://twitter.com/bl4ckh0l3z/status/1350492882633895938
# Reference: https://www.virustotal.com/gui/file/a5657d914de9840f20bbc14b431b614dbeca5040148a569489a761a29cfbef46/detection
# Reference: https://www.virustotal.com/gui/file/53ece16de2047212ba1daba6d5dd27c7e63c7b2bcbf34b89ddce1347f590ff0a/detection

bamharmrah.site
bamimelli.xyz
my-bmi-ir.work
nablism.xyz
/melli/otp.php

# Reference: https://twitter.com/malwrhunterteam/status/1350356095831855104
# Reference: https://www.virustotal.com/gui/file/16cbbc5b747ee165de4b66fb2fc47498799bea57c2dbdb7ef09c6dc26954cec4/detection
# Reference: https://www.virustotal.com/gui/file/8416943efd3af3b11c55d9de23f2a2676c59a2154c0bb03b963ba0aab206e514/detection

hanabaf.ga
/.s/6GiG/
/.s/MelliNet/

# Reference: https://www.virustotal.com/gui/file/78c6361435a3f571db32f4a8ad0b3ab9145f7e95e4b5b781e6542b6e3f7f7c00/detection

simail.site

# Reference: https://www.virustotal.com/gui/file/5d18085f999537912f93c828adab681764f59100a0653b43fe9d408acdd9feb7/detection

amirhasani12345.gemmizban.ir

# Reference: https://www.virustotal.com/gui/file/c42e5992e34f3fed0c37ef3f4b543398f89c4c6da8b331af1bba94c7ebded596/detection

iranglobal.eliyahost.ir

# Reference: https://www.virustotal.com/gui/file/fd0226b3e50e29ed3e2b881c35730d48eadac5e78c6e1088c6c342659168a2a8/detection

keygrk.tk
mestrewas.tsohost.ir
/fuLLLLODLLLL/
/fuLLLLODLLLL/index.html

# Reference: https://twitter.com/malwrhunterteam/status/1476681714319691776
# Reference: https://twitter.com/malwrhunterteam/status/1476682317506785281
# Reference: https://www.virustotal.com/gui/file/81ecc67f4d8df2c5118173d1362a154c16c7db3b8e7314c854b2da19544ea0b8/detection
# Reference: https://www.virustotal.com/gui/file/81ecc67f4d8df2c5118173d1362a154c16c7db3b8e7314c854b2da19544ea0b8/detection

aldeliirann.ml
divarir.cf
irdivarr.cf
kospof.ml

# Reference: https://www.virustotal.com/gui/file/a29e5078ee1ada2c8214d093ed8bb7813cec787bbe889c3e5b42fed658a24f87/detection

googleadvercap.cf
oliverdnssop.cf
/XMrLucyX/panel.php

# Reference: https://www.virustotal.com/gui/file/0267316e9b91ceaec617c455bcb4c6d6cd58b2ff3b394d5c8fe1518400774e97/detection

androidglbl.cf
androidsettings.cf

# Reference: https://www.virustotal.com/gui/file/d101b590b67c6d4e0cd4f1702b04328263c06d7690f2dfbc9266236d19bebb71/detection

androidsetting.cf

# Reference: https://www.virustotal.com/gui/file/22ca0aac892096288f8045199a6bf44689d99321de9b4a549b607e4a0ccfbc31/detection

googleupdates.cf

# Reference: https://www.virustotal.com/gui/file/808f0c09e176834a8f3c0750677fbe9f6ec10caab55067cbec5c98dee300e151/detection

googleglobal.cf

# Reference: https://www.virustotal.com/gui/ip-address/216.250.249.242/relations

adliran-eblagh.site
dadsara-fa.ga
eblaghir.site
mothernonsafe.tk

# Reference: https://twitter.com/malwrhunterteam/status/1478083027607687172
# Reference: https://www.virustotal.com/gui/file/7cd1fd4fe8bcf14da32579c5f173b4fb002740d4e8673528efb8d30da7239181/detection

eblagh-sna.site

# Reference: https://twitter.com/malwrhunterteam/status/1478373104372092933
# Reference: https://twitter.com/midnight_comms/status/1478398312378155011
# Reference: https://www.virustotal.com/gui/ip-address/198.54.120.224/relations
# Reference: https://www.virustotal.com/gui/file/826e1a57d0d084138389ce67b8fbb05c7fbfd4620aad59d635914e7b73c20f06/detection

purnhub.com
toprat.site

# Reference: https://twitter.com/malwrhunterteam/status/1478661638559567877
# Reference: https://www.virustotal.com/gui/file/3161cb7aa9038db5fe6954647f96b25dc6a4968d4c500b25d6904a8774caaee6/detection
# Reference: https://www.virustotal.com/gui/ip-address/194.147.142.188/relations

barghir.tk
eadll.ga
eadllir.tk
eblageirani.xyz
eblaghiyefta-ir3.ml
eblqeie.ga
fbi-eblag.ga
freefalower.tk
irbargh.tk
peygiri-21w.ml
peygiri-web.ml
sanairn-vc.ga
sena-abliron.ml
snairn-vc.ml
snairn.cf
ssena.ml
barghir.soqquz.serverbest.xyz
eadll.ga.fmhucx.serverbest.xyz
eblaghiyefta-ir3.ml.fmhucx.serverbest.xyz
freefalower.wqvzmc.serverbest.xyz
irbargh.soqquz.serverbest.xyz
peygiri-21w.zkgfzu.serverbest.xyz
peygiri-web.zkgfzu.serverbest.xyz
ssena.klyiep.serverbest.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1478687276133715972
# Reference: https://www.virustotal.com/gui/ip-address/212.1.210.150/relations
# Reference: https://www.virustotal.com/gui/file/d3a0855f301f64af98b7f965725444eee7bd73e696ec8b64f272f3bfcc40284b/detection

adllir.ml
adlsana.ml
aedll.ml
eadll.cf
edlsana.ml
ir-adl.ml
irdll.ml
iredl.ml
sadl.ga
sadl.ml
sanaedl.ml
seadl.ga
sunlovelapi.xyz

# Reference: https://www.virustotal.com/gui/file/c9f05ead614ae235efc2688966e0528fcb771f1933bd64a6ebe3de79f2dc5278/detection

sd-shaparak.cf

# Reference: https://www.virustotal.com/gui/ip-address/198.23.172.233/relations

12gbnet.tk
1null-server.xyz
5ashparak.amin-hosting.xyz
5ashparak.tk
adding-pool.ml
addliran-sana.tk
addsal-portal.gq
addsal-portal.ml
adiiran-lr.gq
adiiran-sana.tk
adleey-ir.tk
adleye.ga
adleye.tk
adliran-dadgah.tk
adliran-lr.ga
adliran-lr.gq
adllran-sana.ml
adlye.gq
aghaze-nou.tk
amin-hosting.xyz
apicodsazan.gq
bamk-mellat.tk
bax-2021.cf
bax-2021.gq
bax-2021.ml
bdejehdtsjq.ga
bdejehdtsjq.gq
beh-shaparak.tk
besthobsite.tk
bmq-mellat-ir.ga
bmq-mellat-ir.gq
bmq-mellat-ir.tk
bmq-shapark-ir.tk
botbource.tk
bpc-mellat-ir.ga
bpc-mellat-ir.gq
bpm-sahaparak-ir.tk
bpu-mellat-ir.ml
bpu-mellat-ir.tk
bpz-mellat-ir.cf
bpz-mellat-ir.ml
bqi-shahparak-com.tk
bqi-shaparak-com.tk
buy-check.ga
coin-gold.cf
cqr-shaparak.tk
cup-shaparak.tk
darkteami.tk
ddos-odin.tk
dfq-shaparak.tk
diivare-update.ml
diivare-update.tk
diktator.cf
diva-r.ml
divare-update.tk
eblag-adliran-lr.gq
eblagh-sana-lr.ga
eblagh-sana-lr.ml
eblagh.tk
eblagie-adl.tk
eblq-sana-ir.ml
edliran.ga
edliran.ml
edliran.tk
ejeudgdv.cf
ejeudgdv.tk
foroshapp.net
hamrah-mellat.tk
hash-shaparak.tk
ho-black.cf
ho-black.ga
ho-black.gq
ho-black.ml
ho-black.tk
hub-shaparak.gq
id--bi.tk
instagram-panal.tk
ir-bqi-shahparak-ir.tk
ir-my.cf
ir-my.gq
ir-pardakt.gq
ir-pardakt.ml
ir-shahpalack.ga
ir-shahparaak.ml
ir-shahparaak.tk
ir-shahteck.ml
ir-shahteck.tk
ir-shalpalck.ml
ir-shaqarak.tk
ir-shatarak.ml
ir-starka.ml
ir-starka.tk
ir-starke.ga
ir-starke.gq
ir-starke.tk
ir-starki.tk
iran-film.cf
iran-kish.tk
iri-pay.tk
irmeli-shaparak-ir.tk
irn-shaqarak.tk
irwebdad-ir.cf
ishaparakai.ml
ishaparaki-sp.ml
ji-shaparak.ga
js-12.cf
js-12.ga
js-12.tk
karlean-sad.cf
klkmof.tk
koq-shaparak.ml
kqm-shaqarak.cf
lr-my.cf
lr-my.gq
lr-my.ml
lr-my.tk
max-item.ml
max-net.cf
max-net.gq
max-net.ml
melat-shaparak-pey.tk
melat-shaparakl.tk
melatt-bmi.tk
mellat-bamk.tk
mellat-shahparek-ir.tk
mellatt-shahparak-ir.tk
mellllat-shahparak-ir.tk
milati-ir.ml
my-lr.ga
my-lr.gq
nasa-portal.ml
neeet-std.tk
netarzan1399.ga
netbanmyllat.online
nobitux.tk
okexioir.cf
onilos-shaparak.tk
paigiri-sana.ml
pardakhit-bqm-ir.tk
pardakht-meliat.tk
pardakht-net.tk
paridakht-milat-ir.tk
pay-shapark.gq
pay-sharpak.cf
pay-sharpak.tk
payegiri-lr.cf
payegiri-lr.gq
payegiri-lr.tk
payment-pay.tk
payment-x-pay.gq
payments-page.cf
payments-page.ga
payments-page.ml
payments-page.tk
payments-pay.ml
payments-pay.tk
pip-pay-ir.tk
plass-rat.cf
polbgire-irani.ml
pshaparak.cf
pub-shaparak.cf
pub-shaparak.tk
puller.cf
pullercloud.ml
pullercloud.site
py-shaparak.ga
q-shaparak-xq.tk
rat-maker.tk
rd-divar.cf
rd-divar.ga
rd-divar.ml
rd-divar.tk
rot-shaparak.ml
s-shaparak-com.tk
sabt-sana-lr.cf
sabt-sana-lr.ml
sabt-sana-lr.tk
sahapark-iran.cf
sahparak-ir.gq
sahparak-mellat.ml
sahparak-mellat.tk
sahshsns.xyz
saman-shaparak.cf
sanaql.xyz
saparakk.gq
seop-shperk-iran.tk
sh-aparak.tk
shahparak-asiatek-ir.tk
shahparak-parrdakht-ir.tk
shahparak.ml
shahparek-ir.ga
shahqarek.tk
shalparak.cf
shalparak.tk
shapalaki.tk
shaparack-iir.ga
shaparak-9m.cf
shaparak-bank-iran.ga
shaparak-bank-iran.tk
shaparak-com.cf
shaparak-ir-ir.ml
shaparak-iran-ir.tk
shaparak-irani-com.cf
shaparak-laxlxu.tk
shaparak-my.ml
shaparak-my.tk
shaparak-phg.ml
shaparak-saman.ga
shaparak-saman.ml
shaparaka.ml
shaparakes.tk
shaparakie.ml
shaparakiii.ga
shaparakirr.tk
shaparakk-melat.gq
shaparek-ir.gq
shaparek.ml
shaparek.tk
shapariak-dqm-ir.tk
shapark-iran.tk
shapark-mellat.ga
shapark-mellat.gq
shaparka.ml
shaparkl-melat.cf
shaparkl-saman.ml
shaprak.tk
shaprcak-ir.cf
shaqaraki-asanprdkh-ir.ml
shaqrak.cf
shariparak-melati-ir.tk
sharparak.tk
shatrak.ga
shayparak.ml
shayparak.tk
shegeyab.cf
shegeyab.tk
sheypor-ir.ga
sheypor-ir.tk
shparacck.ml
shparacck.tk
shparack.tk
shprak-melatt.cf
shprak-melatt.tk
shprkkk-pardaz.tk
sm-tn.ga
sm-tn.tk
sms.pardakht-net.tk
so3h.tk
so3r.ml
suxc.tk
teq-shaparak.ga
teq-shaparak.tk
trast-wallet.tk
trast.cf
tru-chent.cf
tru-chent.ml
trust-walet.tk
uk-shaparak.cf
uk-shaparak.ml
update-divar.ml
update-divar.tk
update-divare.ml
updatee-divare.tk
updete-divari.ml
usa-shaparak.tk
vittato-psemjry.tk
vncodest.ml
wdivar.ga
wdivar.tk
webir-shahpalack.ga
webmilati-ir.ml
webparidakht-milat-ir.tk
x-shapwal.tk
xn--rgbga0hz3a.ga
yebaziche.tk

# Reference: https://twitter.com/malwrhunterteam/status/1480624878130810882
# Reference: https://twitter.com/malwrhunterteam/status/1480644526586966016
# Reference: https://twitter.com/midnight_comms/status/1480738242882248708
# Reference: https://twitter.com/midnight_comms/status/1480740266503905283
# Reference: https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
# Reference: https://www.virustotal.com/gui/file/b18bcac068e5827a139c590d44e093299bcedd852e9a64c17e8cfb7499261793/detection
# Reference: https://www.virustotal.com/gui/file/a594384630a4d9d238e07c76867edffa671c4675cbc9ed80c3ab614c2625480e/detection
# Reference: https://www.virustotal.com/gui/file/cbdd4514247474bee8a4368ad87afb97a0cf29a269efb7faf34c75c7646c63ab/detection
# Reference: https://www.virustotal.com/gui/file/b3dea70665740e1e43b50840a8db95debb19e897be433355a88328f2263c2309/detection
# Reference: https://www.virustotal.com/gui/file/816ffa57b028e9e67bd6aeeedffbbfb8c5e5ed8951689d6b1e47746618caaf70/detection

adel-sana.tk
chat18sal.xyz
mellat-bk.xyz
mytestprojects.xyz
lightzer0.xyz

# Reference: https://www.virustotal.com/gui/file/72379f71aad2a7bed17d4f91ed79c61214cd250a81e59c93b29c80ec0cf11a4f/detection

irangeimcxz.power-server.ir

# Reference: https://www.virustotal.com/gui/file/b7d67e5f5c814139ddadf9c4868d0122ed2e76908ce1cf77730c995b581e0b56/detection

panel.hero-server.ir

# Reference: https://twitter.com/malwrhunterteam/status/1480911620608086023
# Reference: https://www.virustotal.com/gui/ip-address/10.10.34.35/relations
# Reference: https://www.virustotal.com/gui/file/17e75f05bd51550f01d5e9db3809bfed37d9f5786fe92aac6e35144e20132f38/detection
# Reference: https://www.virustotal.com/gui/file/c2835809fa5c68b0e82cb62744225fd38ca99030e3453ad1f5b000710b179075/detection

ebiaq.com
ebiagh.org
eblgh.cf
eblaghe-snair.gq
eblagh-1200.xyz
peigyri-eblagh.gq
sanasamane.tk
sana-gov.xyz
sana-adsiran.tk
sana-adsiran.cf
sana-adlsiran.gq
bankmellat.gq
bmpmellimellat.tk
bpz-mellat-ir.tk
mellat.gq
mellatbanking.info
t3files.ddns.net
akhrineblagh.freehost.io
ehzariye.sana.freehost.io

# Reference: https://www.virustotal.com/gui/file/8937b057671d69b76b7449c58c28a428a56f5633e3a28db72dca63c214c72b89/detection

iranplms.ml

# Reference: https://www.virustotal.com/gui/file/f47f91db56c334c9ea265e4eaec04ca0e15832bf9dbdc33745ccc138042ab92d/detection

tejarat-benk.com

# Reference: https://www.virustotal.com/gui/file/4db5d8a9192c1139782ae237e70c052a7d7ad72f68f47567e389edf0519b2e8d/detection

livechater.tk
rayanertebat.ir

# Reference: https://www.virustotal.com/gui/file/cf6b2942374eb4977622d68b941ac148013777a34b34b2a304bf05ddce6e15c2/detection

iamdrdev.gq

# Reference: https://www.virustotal.com/gui/file/dd31fbd534196254fdcf75737f09f84b21a46d051b164e795e7add1556b2bdf7/detection

sana-adlrinom.tk

# Reference: https://www.virustotal.com/gui/ip-address/185.167.72.20/relations

shaparak.com
shaparak.digital
shaparak.me

# Reference: https://www.virustotal.com/gui/ip-address/5.255.91.5/relations

adaro.ir
adl-iran-ir.cf
adl-iran-ir.ga
adl-iran-ir.gq
adl-iran-ir.ml
adliranir-ir.cf
adliranir-ir.gq
adliranir-ir.ml
adliranir-ir.tk
ahangfollow.com
alireza-safari.ir
alopakhsh.net
amir-site.tk
arashoe.ir
avisaind.com
batweb.ir
berozlearn.ir
bmp-paya.tk
brdbeof.tk
brutish.tk
burnwood.win
buttybot.tk
cardforum.cc
cch-shaprak.cf
cch-shaprak.ga
chr-shaprak.ml
ciph3r.ir
coinexapp.tk
crackers01.com
dezmond.ir
digiatom.ir
diivar-ir.tk
diivarr-ir.cf
diivarr-ir.ga
diivarr-ir.gq
diivarr.gq
diivarrr.cf
diivarrr.ga
diivarrr.gq
diivvarr.ml
diivvarr.tk
dilvar.cf
divar--ir.gq
divar-irr.gq
divarir-ir.cf
divarir-ir.gq
divarir-ir.tk
divarir.gq
divarr-ir.cf
divarr-ir.gq
divarrir.cf
divarrir.ga
divarrir.ml
divarrir.tk
divvar.ga
divvarir.cf
divvarir.gq
divvarir.ml
divvarir.tk
divvarrir.cf
divvarrir.ga
divvarrir.gq
divvarrir.ml
divvarrir.tk
dlban.ir
dluptime.tk
eblagh-dl.cf
eblagh-dl.ga
eblagh-dl.gq
eblagh-dl.ml
eblagh-post.tk
eblagh1-adliran.ga
eblagh1-adliran.ml
eblagh1-adliran.tk
eblagh1.tk
eblaghie-dl.tk
eblaghie-ir.cf
eblaghie-ir.ga
eblaghie-ir.gq
eblaghie-ir.tk
eblaghie.gq
eblaghir.cf
eblaghir.gq
eblaghiran.cf
eblaghiran.ga
eblaghiran.gq
eblaghiran.ml
eblaghiran.tk
eblaghname.cf
eblaghname.ga
eblaghname.gq
eblaqhie-dl.gq
eblaqhie-dl.tk
eblaqhie.ga
eblaqhie.gq
eblaqhie.ml
eblaqhie.tk
eblaqiran.ga
eblaqiran.gq
eblaqiran.ml
eblaqiran.tk
eblaqname.cf
eblaqname.gq
eblaqname.ml
eblghnameh-dl.ml
eblghnameh-dl.tk
eblghnameh.cf
eblghnameh.ga
eblghnameh.gq
eblghnameh.ml
eblghnameh.tk
eblqnameh-dl.tk
eblqnameh.ga
eblqnameh.ml
eblqnameh.tk
ehsanmalekinejad.ir
emenazarang.com
enchemical-hut.ir
farpak.group
fawsi.ir
feizi-derakhshi.ir
followergram.tk
followerteam.ir
gapsec.ir
gatem.ir
gatemsotre.ir
gatemtrade.ir
getfollower.info
giahnooshamani.ir
glass-star.ir
hir-shaprak.tk
hschm.ir
htgranite.com
infiniteam.ir
ir-adliran.cf
ir-adliran.ga
ir-adliran.gq
ir-adliran.ml
ir-adliran.tk
ir-divar-ir.tk
ir-eblaq.cf
ir-eblaq.ga
ir-eblaq.ml
ir-eblaq.tk
ir-shahparak.cf
ir-shahparak.gq
iradliran-ir.ga
iradliran-ir.gq
iran-com.tk
iran-vip.ml
iranadlir.gq
iranadlir.ml
iranadlir.tk
irantse.ir
irdiivar.ga
irdiivar.gq
irdiivar.ml
irdiivar.tk
irdivar-ir.ml
irdivarr.tk
irdivvarr.ga
irdivvarr.ml
irdivvarr.tk
irpay.ga
irpay.gq
irpay.ml
irsana-ir.cf
irsana-ir.ga
irsana-ir.ml
irsana-ir.tk
ithirteen.ir
jazabam.com
jor-pa.ir
ke-shaprak.ml
larakala.ir
ler-shapark.ga
line-bot.xyz
lnglounge.ir
marlikdigital.ir
masteraxe.ir
matrixgram.com
mersichat.ir
milvpn.xyz
mjkhajeh.com
mohgivebot.tk
multivpn.xyz
my-rat.tk
mysutsujs.tk
n1vpn.xyz
net-covid-ir.tk
net-pool.ir
newodksj.tk
niracloud.ir
norouzi80.tk
norouzi81.info
norouzi81.tk
novincrop.ir
null-net-work.tk
otom.ir
pandatem.ir
persianpay.cf
power-service.cf
propay.cyou
pubgfrostfestival.ml
pythoniha.ir
pythoniha1.ir
rafa-tech.ir
ragram.ir
rayainst.com
rayainst.ir
revengine3r.ir
rlt-shaprak.gq
rubixmovie.com
rubixmovie.top
sabbas.ir
sada-shprakmelat.cf
san-esis.cf
san-esis.ml
sana-samaneh.ga
sana-samaneh.ml
shahprk.gq
shaparak-js.tk
shapra-kvnd.ml
shaprak-pop.gq
shaprak-set.cf
shaprak-set.ml
shaprakddj.cf
sheyp-oor.tk
shprakserf.ga
shprakserf.gq
shprakserf.ml
shprakserf.tk
shprakwer.ml
soft-support.tk
storm-store.ir
stylestreet.ir
tajrishpharma.com
tebetasviri.com
the-brutish.tk
thebrutish.tk
themaqs.ir
uplmaloo.tk
uplmalooo.tk
uploaduqjdqm.tk
uplymalo.tk
vastudesign.ir
venostehranior.tk
whatsappx.tk
x200.ir
xgts.ir
xnice.gq
yaldaa.xyz
ybrutish.tk
yeee.ir
yz-shaprak.tk
zarnegariran.ir

# Reference: https://www.virustotal.com/gui/file/cd3dc35a4cec05b5e3f66ae2a80a3e6bdea8ad952ed3a584927696107335f3f3/detection

iamdrdev.tk
eblaaghi-sanaa.cf

# Reference: https://twitter.com/malwrhunterteam/status/1481233824092770306
# Reference: https://twitter.com/midnight_comms/status/1481248207229181953
# Reference: https://www.virustotal.com/gui/ip-address/217.160.0.241/relations
# Reference: https://www.virustotal.com/gui/file/7cfec4dfc08443c7b1a14317625e75e2f264e64bcb22cc02ac804def54228a29/detection

samaneir-e.biz
samaneir-e.com
samaneir-e.info
samaneirn.online

# Reference: https://twitter.com/malwrhunterteam/status/1481237183981887490
# Reference: https://twitter.com/midnight_comms/status/1481245440066473988
# Reference: https://www.virustotal.com/gui/file/a25ef8f93114728b224f311e0cfcca60513e607d83672302e4edd7fb67439606/detection

ir-65163.xyz
edalat.ir-65163.xyz

# Reference: https://www.virustotal.com/gui/ip-address/5.255.91.17/relations

asiapay.cf
divar-1.cf
divarr.ml
divarr1.ml
divarsite.ml
divvar.ga
dlvar.ml
seppai.ga
seppai.tk
seppay.ml
shahpay.ga
shahprk.gq
sitedivar.ga

# Reference: https://www.virustotal.com/gui/ip-address/198.54.114.185/relations

abl-sena.gq
abl-sena.ml
abl-sena.tk
ablghee-sana.ml
ablghee-sana.tk
api-reet.tk
ebla-ghy.ml
eblagh-ir.sbs
eblao-sana.ml
samane-eblaghee.gq
samane-eblaghee.ml
samane-sanaa.tk
sana.eblagh.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1481723667037970435
# Reference: https://twitter.com/midnight_comms/status/1481729062385160202
# Reference: https://www.virustotal.com/gui/ip-address/68.65.122.100/relations
# Reference: https://www.virustotal.com/gui/file/2e4547983ed0074e46241828d09ff310122285d341c5a7705d2ebb8edbb86078/detection

adlir-eblog.ml
adlir-eblog.tk
eblagh-adlir.tk
eblagh-adliran.tk
eblagh-eblogin.tk
eblegh-ir.tk
eblogin-adlir.tk
ebv-eblagh.xyz
ebv-eblaghir.ml
ebveblagh.gq
ebveblagh.ml
ebveblagh.tk
mamaloch.xyz
trustupdatewallet.net

# Reference: https://twitter.com/malwrhunterteam/status/1431198354730622977
# Reference: https://twitter.com/bl4ckh0l3z/status/1431218876642103297
# Reference: https://www.virustotal.com/gui/file/21d7fdf3581c65a20e9199d6470de8c0f6776e86827c5c5085175fe52e2eca1e/detection

caco333.ca
vinsa.fun

# Reference: https://twitter.com/malwrhunterteam/status/1346035452894179331
# Reference: https://twitter.com/bl4ckh0l3z/status/1348324827510267909
# Reference: https://www.virustotal.com/gui/domain/karloskey.ml/relations
# Reference: https://www.virustotal.com/gui/file/5253ded3b530bbcde7f9bd8493c9d76a045670308faf15ad28b1e8c635ff9432/detection
# Reference: https://www.virustotal.com/gui/file/92e4013646e60da4c4debd6b975277acf2784352024be43ea5918abdffb0d623/detection

http://37.120.146.4
karloskey.ml
pasargaad.xyz

# Reference: https://www.virustotal.com/gui/file/45ff19a4717c556ebcb83ecff4fb09bc00bf13911f861c3a9d83e0c5462eca6b/detection
# Reference: https://www.virustotal.com/gui/file/c0d6aa4233c70e4f13d01ba858b30e27b439aaf20587de11c3705344f63aac8d/detection

uaioey.ga

# Reference: https://www.virustotal.com/gui/ip-address/162.55.9.240/relations
# Reference: https://www.virustotal.com/gui/file/440421aef5210bb1616a06e19fb6d101718ec37041fa230248fda03e930be5ab/detection

eblagh-adliran.cf
edalat.cf
edalat.ml
myrats.fun
myratsdomain.cf
myratsdomain.tk

# Reference: https://www.virustotal.com/gui/ip-address/172.67.152.80/relations

eblagh-adliran.ml
eblagh-adliran.tk

# Reference: https://twitter.com/malwrhunterteam/status/1481729387485609984
# Reference: https://twitter.com/midnight_comms/status/1481756859681943561
# Reference: https://www.virustotal.com/gui/ip-address/185.178.208.152/relations
# Reference: https://www.virustotal.com/gui/file/82d8fdcc5d3249134c0605f00d1f8272642eed3590a30a3a906047fcf301f4e9/detection

eadl-eblagq.ga
ir-plc.ga

# Reference: https://www.virustotal.com/gui/file/b9478c1dc6ea951a6c13bf9e54ccee3a06fa84fa79ad4dd1d15690beac40abea/detection

cz-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/2e8aa1230aebf32c537c3aaa17ac9de639889fc3473fbd3f9b44c6c5e05fea8e/detection

filmsexyirmovie.tk
zrin-pal.tk

# Reference: https://www.virustotal.com/gui/file/5f5804a687951ea4b7e73ab6fd00e0ea9c4894ba407b9018c0d3c3ff6442b3a3/detection

shaaperak-ir.ga

# Reference: https://www.virustotal.com/gui/file/8c69c05dd80b478f5fc43ba05f3ad8ded8d65454b7a6a87f670e32f34f7ecfe2/detection

cew-shaparak-ir.gq
pew-shaparak-ir.gq

# Reference: https://twitter.com/malwrhunterteam/status/1481944239403634691
# Reference: https://www.virustotal.com/gui/ip-address/185.61.152.66/relations
# Reference: https://www.virustotal.com/gui/file/9d8acbc2bfe9452e7db54c71369c7cfae04b61142fa7962238eb28d7aa97f217/detection

divarbuy.xyz
sxxx.bar
xnxnn.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1482466875065966594
# Reference: https://www.virustotal.com/gui/ip-address/142.44.160.158/relations
# Reference: https://www.virustotal.com/gui/file/736ac0bc2a85190869a24f0d56007c5b1be9f0820e5fc304f906aca5d0459780/detection
# Reference: https://www.virustotal.com/gui/file/62ae9a81c912b94c3ca8b65125e49efd028ebfd2feaa8f1422f7d9447c3f7040/detection

a-poshte.tk
admintak.tk
amirhsvip.ir
amp-ar.tk
armin-esmaeili.tk
eblagh-org.tk
eblogh-iran.tk
eblaghe-site.tk
kia000.tk
requd1.tk
requd4.tk
smartindiapanel.xyz
smartpanel.tk

# Reference: https://www.virustotal.com/gui/file/a913d26e095e02e52dce2dff9eafa042261df6a730ca747df23f75be7df3d80a/detection

bg-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/d42355c02586b032393444e567ac1b2dbdf48b73c38dab6e8ec2f6b185cc14e0/detection

shasparak-ir.cf

# Reference: https://www.virustotal.com/gui/file/178bfae17d66560490592a3e3ba6bd67ab05f976038e9049cb2364f58a48569a/detection

di-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/8ebc434ec9ed5703e893ee63150b2c3a6a5e811d069c1e19f603133936064966/detection

shasparak-ir.cf

# Reference: https://www.virustotal.com/gui/file/919700180d08ece9c46a3a8531664e76d4539ccbac3b96d699ab0cab043ec396/detection

dt-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/0c187d980667b3b1642d13cf395ae4798f4c5461ded0fe624a7e08bdba66e1cf/detection

shaaperak-ir.cf

# Reference: https://www.virustotal.com/gui/file/a03ecf5218a69d3c313532ae9ee84bf2520bc3262ff4c7cb19181f288ead8f15/detection

czvt.cf

# Reference: https://www.virustotal.com/gui/file/cfa0391d031ffec6f2a1b2808b789d42e2aace7d90a82bb2cafb7ab46f6be202/detection

shapkarak-ir.ga

# Reference: https://www.virustotal.com/gui/file/5d9a8cc9ca2890047700583da3fe8b1172286752f0444ad73682b2badad0547f/detection

bk-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/35c08897bee529714430ac094cb83695084963881e35022c8ddd4aebca14c136/detection

cy-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/5179c1b24e5c7d3ede1a0aa6708df5f4fb8a1297fe1d4988a8fda432110bd83d/detection

dg-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/de34355f891af505bfbb63b191f373d6e2b850823908e3ed86a0db971f450498/detection

sfro-pey.cf

# Reference: https://www.virustotal.com/gui/file/e3bce2aa78ae1b5849b6978abfb8d44f5539ef6bc1fdd09a0d1060ddf17b8ed8/detection

dj-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/19b94b57d6e2c20597c9e93fe464a0310f44542a668dd69dc33691eb24cf6183/detection

da-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/5d0e7a6c1a02af94217b8552b712d2afecb69bfe7cc8203104b6fdfd65e8edc6/detection

dt-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/6b0809a196881a51a5d792ed91a1bb658f4af3698ac8d24d99cbcde78d780c28/detection

shasparak.cf

# Reference: https://www.virustotal.com/gui/file/473137809b0d1e05bb24d649d7ca9693b3af596fc6115b464c2e9b30ad9191df/detection

dv-shaparak.tk
dw-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/40b27eb992c0e2fd2ec66882a2d582296b803469ae20946ebd2939a005be8aaa/detection

shhaperak.cf

# Reference: https://www.virustotal.com/gui/file/5605ef33136d7248f895a0f4b83ba5b611392d86913ce07a001a0c4b8e53d8a5/detection

shasparak-ir.cf

# Reference: https://www.virustotal.com/gui/file/1409a66522d146c6e7b7153598b946cf4e1cd92ac4f5419cace904f1dbd850fc/detection

shaaperak-ir.cf

# Reference: https://www.virustotal.com/gui/file/a50b49a6f34473b7a18d3ceadbbf9070e4e6ac4f7fc4039d324f71db8a99d79d/detection

shhaparak-ir.cf

# Reference: https://www.virustotal.com/gui/file/38352988ee4732257835b50201e9d6b14e88db7dd0ee78708b7cd2f9459f240e/detection

cx-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/3a787c88f2a40c3749a33861a01190eb1d89b9f1f4b16f19f026532df2554385/detection

siant.site

# Reference: https://www.virustotal.com/gui/file/dcce573b59bbf91cd64a84b0d194880d9de072745121e5b73a75c56624bf8f13/detection

shaptarack.ga

# Reference: https://www.virustotal.com/gui/file/b00ce4b86e21740275db14aa8bd475ada3d84558dbedaba3312fbe212980b1b5/detection

shaaparalk.ga

# Reference: https://www.virustotal.com/gui/file/f9d8d5f9d609e641d3b8c5fed28001af986d9b766ebc1809f231a99a0550f046/detection

fp-shaparak.tk

# Reference: https://www.virustotal.com/gui/file/5e2e6e10d2cd01b6d116c280f4256be6a5e21ec07c96d411bb8510aaa1fdba30/detection

irblaghi-ir.ga
nlsrv.xyz
arsam.nlsrv.xyz

# Reference: https://www.virustotal.com/gui/ip-address/94.130.122.187/relations
# Reference: https://www.virustotal.com/gui/file/7b130bde0c05edfa28761f3420016c7cf76c4c9af0e868e2e7d5681058f5b2e7/detection

cana-eblaghi.ml
divar-ad.tk
divar-new.tk
e-payne.gq
e-payne.ml
ir-covid19.tk
ir-ista200.cf
ir-ista200.tk
k-paynes.cf
k-paynes.ga
pom-shq.tk
royal-amlak.ir
sana-1400-ablag.tk
shaparak-pay-org.gq
shaparal.cf
sysbsgajwh.ml
divar-new.liizradvip.xyz
shaparal.domain-com.tk

# Reference: https://www.virustotal.com/gui/file/0d3ebceaa5dd15e3b38f2a9b294caea063703d53b6ed6441b396e6f0695e267f/detection

sana-eblaghi.xyz

# Reference: https://www.virustotal.com/gui/file/0d3ebceaa5dd15e3b38f2a9b294caea063703d53b6ed6441b396e6f0695e267f/detection

eblagh-qhz.cf
sana-eblaghi.xyz

# Reference: https://www.virustotal.com/gui/ip-address/45.14.224.12/relations

firan-siteroi.ml
free-base-connection.tk
ggl-pamel.ml
iraninaijwe.tk
top-eblaghieiran.ml

# Reference: https://www.virustotal.com/gui/file/eb7fbfa9800c5f0e8ff21d66b5078aa944fda29d4f3ea7c27fd67085741dbba4/detection

free-base-connection.tk

# Reference: https://twitter.com/malwrhunterteam/status/1483188960910319616
# Reference: https://twitter.com/midnight_comms/status/1483513891745419270
# Reference: https://www.virustotal.com/gui/file/3870c14cfa20a750ef3bc66fccf52c190603917d0956f833f96af99cfec3b020/detection

adl-sana-w.tk

# Reference: https://www.virustotal.com/gui/file/bca218c8d6ecdb9d6014284384518efafe16df22afaa760bbfc467447eeb27be/detection

sena-peigri-ir.cf

# Reference: https://www.virustotal.com/gui/file/d3bbe121638fa2460b24a96dbfabaa69c5b98a81c2171c835301e20e22e796cd/detection

samaneh8.com

# Reference: https://www.virustotal.com/gui/file/4ed80b06744e69d00017cf3dd616b1d2f223ba1ef463e672546477318afcd93a/detection

peygirl-sna.cf

# Reference: https://www.virustotal.com/gui/file/d76644c48b65751dfc212b2aa3e834a07944dc0a961f3f6e09dd683f63552838/detection

lreadl.site

# Reference: https://twitter.com/malwrhunterteam/status/1483919535661101061
# Reference: https://twitter.com/midnight_comms/status/1484201646863310851
# Reference: https://www.virustotal.com/gui/file/2d45fd78e6e4ab488b4280e1f8536474c6084fa9e315254e94a437d1a07202a0/detection

ceblaghxi-sanki.xyz
sna-elc.com
sna-elc.online
/ahmagh/install.php
/ahmagh/up.php
/ahmagh/ups.php

# Reference: https://www.virustotal.com/gui/file/b4acd7267da3506e139d7d349e65bbf0c0cc2d2e892e481a88f911608da7f113/detection

drgusk.tk
ir-reti.ml
api.ir-reti.ml

# Reference: https://www.virustotal.com/gui/ip-address/195.20.55.174/relations
# Reference: https://www.virustotal.com/gui/ip-address/198.12.86.54/relations
# Reference: https://www.virustotal.com/gui/file/d85376ceff770d5a23c8b08f62d3b825d040b707eadc6a11377c7c6ea0174722/detection
# Reference: https://www.virustotal.com/gui/file/aec23695695495353161a97c02770d5e9f3537df7cfc54e827537f0683349eb0/detection

irn-shaparak-ir.tk
pardakht-eblagh.tk
qaqaqa0123.cf
rep-shaparak-ir.cf
shaparakpayer.cf
shotrak.ml
vabera000.ml

# Reference: https://www.virustotal.com/gui/file/d7f331476a69a8ea74d405048b2bbe7500a76f14521c96b85e9a10fde064cb2d/detection

powker.myfr.xyz

# Reference: https://www.virustotal.com/gui/file/c326cef84e4a388639f315097fae2f21533e211fba6b1afd04cec2f6ddea9222/detection

vafersa58t.cf

# Reference: https://www.virustotal.com/gui/file/5c30199bdcaf529ea389b75562b3a89a564cc80f5641481fb61b2640d4ed2900/detection

gaaaa48fw.ga

# Reference: https://www.virustotal.com/gui/file/5095571bb6bfeaab5e5d819628d1e5f70ada7b732a87195973fb41158994c780/detection

gaa558ww.tk

# Reference: https://www.virustotal.com/gui/file/da7874d18b97893b97e870799659cf7b6ee0e29782af5c43b163e72fb3398f44/detection

ir-kosarbank.cf

# Reference: https://www.virustotal.com/gui/file/f85cfec57ee75ddfa3126f9366e95ad362989d7b869871c73bce9fad62261234/detection

ir-kosarbank.ml

# Reference: https://www.virustotal.com/gui/file/3ec09fa71f9abc12e42a5b1a6e266694e46643ac4d05d255946b2c2c131c885f/detection

fh8hwd8fa.cf

# Reference: https://www.virustotal.com/gui/file/712a66a36e7438923100128bcebab18125c591055c44bd4f3552311bc5a2f63e/detection

szm-shaparak.ml

# Reference: https://www.virustotal.com/gui/file/a57d3a3cb8ea31ea48675538613301eca8a3c49ab972426a0c6e50bd5e9e3d35/detection

ah-shaparak.cf

# Reference: https://www.virustotal.com/gui/file/ec65535740ba0f83eee88ff5f7a0dbeb875369949a42ea864cda79489f30cda9/detection

bpm-ir.ml

# Reference: https://www.virustotal.com/gui/file/4a8e4f52776de56a59f51d1531d952189631f5ae183c9de61531d4f0164d12da/detection

saeena-eblghiy-ir.ml

# Reference: https://www.virustotal.com/gui/file/38cfb100b68f63bbaf6e0c1c9976308b272e6101f29dacc35f3d6789b284d499/detection

pqm-shaparak-portal.ml

# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.40/relations

account-tamin-ejtemai-ir.tk
adiley-iran.ml
al-saparak.cf
al-saparak.gq
application-eblagh.tk
asanprdaket1400.ml
asu-shaparak.ga
bmp-paya.cf
bmp-paya.ga
bmp-paya.ml
bot-learn.ir
eblagh-iranian.ga
epzy-shaparak.cf
epzy-shaparak.tk
fa-sana.ml
free-ir.tk
ir-asanpay.tk
ir-bmp-sepah.ml
ir-mellat.ga
ir-pardakht.tk
iranapps.ml
ireblaghie.ga
mellatbnk.ml
mtniirancell.ml
pgm-iranpardakht.ml
portal-adsl.tk
postbank.cf
postbank.ga
pqm-portal-shaparak.ml
pqm-shaprak.ga
sana-fa.ml
shaparak-mi-ir.cf
shaparak-rtg.tk
shaparak-services.tk
szm-shaparak.tk

# Reference: https://www.virustotal.com/gui/ip-address/198.12.85.88/relations

2030s.gq
30ia-pay.ml
ad-ir.ga
addliiran.tk
adiley-iran.ml
adiley-iran1.ml
adili.ga
adleey-ir.ml
adleey-lr.gq
adley-ir.ga
adleye-ir.ga
adleye.gq
adleye.ml
adli.ga
adliey-iran.ml
adlir-sna.ml
adliran-eblagh.ml
adlirsana-ir.tk
adlye.cf
aeeeeershaparak.tk
ahblagnew.tk
airdrop-trustwaleet.tk
americanussa.tk
apk-ebl.tk
apk-eblagh.tk
apk-pardakht.tk
asanprdaket1400.ml
bedi24.gq
best-price.ml
boofanoo-crm.tech
bpi-shahparek.tk
bullertakpar-com.ga
bullertakpar-com.ml
crm-sarema.tk
da-ga-h.tk
dad-g-a-h.ga
dad-gaa-h.tk
dad-gaa-hi.ga
dad-ir.ga
dad-saana.tk
dadd-yar.tk
daddgahi.ga
daddgahi.tk
dadga-sasna.tk
dadgaaahi.tk
dadgaahh.tk
dadgah.tk
dadsare.tk
divara.xyz
djejjdjdjs.gq
drgpec.tk
duodigital.ml
duodigital.tk
ebblagi2.ml
ebblagi4.ml
ebbllaq-sana-ir.ga
ebiaghe-snai.tk
ebl-ag1-ir.tk
ebl-eblaghey-ir.tk
ebl-ir.ml
ebl-ir.tk
eblag-adliran-ir.ga
eblag-adliran-lr.cf
eblag-adliran-lr.ga
eblag-adliran-lr.ml
eblag-adliran-lr.tk
eblageh-iran.tk
eblagh-adlir.cf
eblagh-adlir.tk
eblagh-iran.ga
eblagh-iran.gq
eblagh-iran.tk
eblagh-irani.cf
eblagh-irani.ga
eblagh-irani.ml
eblagh-irani.tk
eblagh-panel.cf
eblagh-panel.ml
eblagh-panel.tk
eblagh-s.ga
eblagh-s.ml
eblagh-s.tk
eblagh-sana-iran.gq
eblagh-sana-iran.ml
eblagh-sana-iran.tk
eblaghe-snai.tk
eblagheye.tk
eblaghi-sana.ml
eblaghir-sana.tk
eblaghq-ir.tk
eblaghs.tk
eblaghsana-ir.ml
eblaghsana-ir.tk
eblaghye-adliran.tk
eblaghye.gq
eblagie-sana-iranin.ga
eblaq-ada.ga
eblaq11.ga
eblaq12.ga
eblaq19.ga
eblaq856.ga
eblaqie-19-ir.ga
eblaqq-19.ga
eblaqqye.ga
eblghfa.ga
ebllage-iran.ga
ebllaq-ad.ga
ebllaqi-ir.ga
ebllaqsheeka-ir.tk
ebllaqwo.ga
eblogh-sans.cf
eblogh-sans.ga
ebloghs-ir.tk
eblogi1.tk
ee-melat-pay.cf
eghbaghi.ml
eiblag-ir.tk
eiblogh-sana.tk
elaq-ir.ga
elbaghsnas.tk
geeyyabii.tk
hamjens.tk
hostmmll.tk
iablaghs-san.tk
iamgay.gq
ieblaghi-ir.tk
iebloghs.tk
ir-dad-ir.ga
ir-eblgh.tk
ir-ieblagh.tk
ir-pardaket.ml
iran-addl-ir.ga
iran-adli-ir.ga
iran-dad-ga.tk
iran-dadga-ir.ga
iran-ebblaq.ga
iran-ebbllaq.ga
iran-eblage.ga
iran-eblagh-f.cf
iran-eblagh-f.ga
iran-eblagh-f.ml
iran-eblagh-f.tk
iran-eblaq-ir.ga
iran-eblaqi.ga
iran-ebllaq.ga
iran-jorm-ir.ga
iran-saana-ir.ga
iranad.ga
iranadilatil.ga
iranadldi.tk
iranadliera.ga
iranadlile-ir.ga
iraneblaq19.ga
iranirsana-ir.ga
iransana-ir.ga
iransanair-ir.ga
iransanat.tk
iranshekaya.tk
iranshekyaat.ga
iranwebir.ga
ireblaghie.cf
ireblaghie.ml
irsanairan-ir.ga
jorm-ir-ga.ga
kos-nne-fata.gq
livesxs-ir.ml
malletttrg.ml
malllet-llk.cf
melat-pay.tk
nazeem-vscode.ml
nazeem-vscode.tk
pardakht-eblaghey-ir.tk
paresh.gq
pay-eblagh-ir.tk
pay-eblaghey-ir.tk
pay-red.tk
pay-sjkrkrak.tk
pay-sjpkowak.tk
pay-sjpkrak.tk
pay2-ebyl.tk
payelza.ml
pep-shprak-ir.tk
pes-eblagh-ir.tk
pes-eblaghey-ir.tk
pes-shaparack.tk
pes-shiparek.tk
pey-shahparacki.gq
peygiri-adress.xyz
peygiri-eblagh.tk
peyman-ir.ga
qwi-shahparek-ir.gq
qwi-shahparek-ir.ml
qwi-shahparek-ir.tk
qwqwqwqwe5yuuiiu.ml
rubika-freenet.tk
saaana-dadga.tk
sad-behpardakht.ga
sad-behpardakht.ml
sad-behpardakht.tk
sad-shaparak.cf
samannesaana.tk
sana-airdroni.ga
sana-airdroni.ml
sana-alirdran.cf
sana-alirdran.tk
sana-alirdran.xyz
sana-c.tk
sana-eblaq-ir.ga
sana-i.tk
sana-ie.cf
sana-ieblagh.tk
sana-iranv.cf
sana-irn.tk
sana-irran-ir.ga
sana-n.cf
sanaeblagh-ir.tk
sanair-ir.ml
sanairana-ir.ga
sanaji-shapak.ga
sanaji-shapak.gq
sanaji-shapak.ml
sep-divar.tk
sep-eblagh-ir.tk
sep-ebyl.tk
sep-shekayat.tk
sep1-ebyli.tk
shapaark.tk
shaparak-pw.tk
shapark-tg.tk
shaprrk-zri.ml
sheekayyatt.tk
sheekkayyatt.tk
shekaayyaat.tk
shirazey.cf
shirazeyhost.tk
shpk-sanair.cf
shpk-sanair.ga
shpk-sanair.gq
shpk-sanair.tk
sigeh.tk
sjjwudidisieis.tk
sna-adl.cf
sna-eblaq.ml
soft-ezy.tk
sop-shekayat.tk
syy-pay.gq
trust-walettt.tk
trust.pay-red.tk
trustwallet-price.ml
trustweliat.ml
trustweliat.tk
utctm.tk
utyagram.ga
utyagram.ml
zir-pay.cf

# Reference: https://www.virustotal.com/gui/file/6556d68b85d691132db832318389431d46cc3fe3434c4fb438d2e8dd5beefda0/detection

robatsazking.pikohost.ir

# Reference: https://www.virustotal.com/gui/file/f5e2d1dab18a333aad29646337743fb5f039733993f08224cb1084e6ff205dea/detection

shaparak-internet-bank.cf

# Reference: https://www.virustotal.com/gui/file/d12cb0187e09ef35fc6f2acd5904c9ea4a6a2376d72408b0230cf71b042426b7/detection

meli-ir.xyz

# Reference: https://www.virustotal.com/gui/file/55ff02dd1388ccc6b471cf645a5cafef31c02b34316714e3e8ac34babc638abc/detection

yoindomin-irs.ga

# Reference: https://www.virustotal.com/gui/file/2fd928d640c4bf36fffc94ea7eca8de3a2a93ec074883a474409b49bb64a294d/detection

yoindomin-irs.gq

# Reference: https://www.virustotal.com/gui/ip-address/157.90.16.114/relations

ad-shparake-ir.cf
bci-shaparak.ml
bci-shaparak.tk
behpardakh-ir.ga
bmp-divvar.tk
dikak.ir
eblagh-electronic.tk
followerirani.tk
ir-mile.ml
iran-meiatt.cf
iran-meiatt.ga
iran-meiatt.gq
irmeli-shaparak-ir.tk
meiat-shaparak.ga
mellat-in.xyz
memberirani.tk
milat-ir-iran.tk
pardakht-bank-ir.tk
prdakht-melat-ir.tk
pyiran-shaparak.tk
sahparak-meliat.tk
shahparek-ir.ml
shailrk-lir.ml
shalioprk-ir.tk
shaliparik-ir.tk
shaolpark-bqm-milir.ml
shaparak-1nternet.ga
shaparak-1nternet.ml
shaparak-bamk-iran.ml
shaparak-bamk-iran.tk
shaparak-bmc.ga
shaparak-bmc.gq
shaparak-internet-bank.ga
shaparak-internet-bank.ml
shaparak-ir-ir.tk
shaparak-n.cf
shaparak-n.gq
shaparak-n.ml
shaparak-n.tk
shaparak-script.ga
shaparak-script.ml
shaparlik-irani.gq
shaprrak-melati-ir.ml
x-number.tk
x-shapwal.ga
yoindomin-irs.cf
yoindomin-irs.ml

# Reference: https://www.virustotal.com/gui/ip-address/88.218.17.127/relations

abl-edalat.cf
abl-edalet.cf
ablagh.site
abpa.pw
ah-shaparak.gq
al-saparak.cf
alinaghdi.ir
app-xron.gq
app-xron.tk
bot-iran051.ga
bottesthazratphp.tk
buyfrosgah.ml
cena-edalat.ml
cena-edalet.ml
cena-iran.ml
cena-iren.ml
cs-shaparak.cf
digital-ir.ml
dsdddgh.tk
eblaghe-sana-1.tk
edalat-iran-ir.ml
edalat-iran.ml
edalat-iren-ir.ml
edalat-iren.ml
edalat-saham-ir.tk
edalet-abl.ml
edalet-sena-ir.ml
edlp-d.cf
edlp-d.gq
edlp-ir.gq
edlp-ir.tk
edolat-cana-ir.tk
edolat-sena-ir.ml
edolet-sena-ir.ml
edolet-sena.tk
eghlnir.com
emcchanged.xyz
eqghbl.com
eqghlit.com
haf-kolez.ml
internet-digital.gq
internet-digital.ml
internet-digital.tk
ir-edalat-iran.ml
ir-edolat-sena.tk
ir-edolet-sena.tk
ir-iran-sena.cf
ir-iron--sena.tk
ir-iron-paigri.tk
ir-iron-paygri.cf
ir-iron-sena.tk
ir-sena-iran.cf
ir-sena-iron.tk
iran-sena-ir.ml
iren-edalat.ml
iren-sena-ir.ml
iron-paigri.ml
iron-paygri-irr.ml
iron-paygri.tk
iron-peygri-ir.cf
iron-sena-ir.tk
iron-sena.tk
iron-web-ir.cf
keshvwar.pw
makhbaz.tk
modern-digital.ir
peigisp1jqh.pw
pena7n.pw
peygirie-sna.tk
peygirshi.pw
sana-eblaghe-1400.ga
sanartir.com
sena-iren-ir.ml
sena-iron-ir.cf
sena-iron.ml
shaparak-ev.tk
shprk-iran-ir.ml
sighe-yabii.ml
taaaawe5555.ga
tajjcrete.ir
telegramself.ml
www-dadgah-ir.ml
www-dadgah.ml
www-iran.ml
www-iren.ml
www-iron-ir.ml
www-peygri-ir.ml
www-sana.ml
www-sena.ml
ze-ejrraftanet.pw

# Reference: https://www.virustotal.com/gui/file/2d9945db53c96fc8acfb19dcc51acc1945f968a53927c7af2176aef447b3fae1/detection

bizim-kala.ir

# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.223/relations
# Reference: https://www.virustotal.com/gui/file/1367d326a07392e4068b5c27cf9528af8141e0f589876484209a8d065ad69db4/detection

0--0.gq
0--0.ml
1--1.ga
adele-gov.ml
adiiran.tk
adl-eblagh-onlinir.tk
adl-eblaghe.online
adl-eblaghsana.com
adl-irane.ml
adl-online.tk
adl-pygiri.ml
adl2eblagh.com
adle-irane.cf
adle-irane.ga
adle-irane.gq
adle-irane.ml
adle-irane.tk
adlebir.ml
adleiran-gov.cf
adleiran-gov.ga
adliran-sena.tk
adliran-sna.cf
adliran2-eblagh.com
adliran2-eblaghi.com
adlirane.cf
adlirane.com
adlirane.ga
adlirane.gq
adlirane.tk
adliranmane.ml
adlirann.com
adll-irani.cf
adll-lran-ir.ga
adllebir.ml
adlliren-sana.ga
adlliren-sana.gq
adlliren-sana.tk
adlliron-sana.cf
adlliron-sana.ga
adlliron-sana.gq
adllran-eblagh.tk
adlsite.ml
aedl-iran.tk
agahi-eblagh.com
ajfgfesyefg.gq
api-res.cf
apr-irn.tk
barghmb.ga
bemolallremte.tk
benzin-sahmie.ml
byjmogk.ml
dadgostar-ir.ga
dadgostar-ir.gq
dadgostar-ir.ml
dadgostar-ir.tk
dadgostar.cf
dadgostar.ga
dadgostar.gq
dadgostar.ml
dadgostar.tk
dadgostari.ga
dadgosteei.ml
dadsra-meli.cf
dadsra.tk
dbu-irn.ml
dby-irn.tk
ddgostare-tk.tk
ddgstari.tk
ddgstri.cf
divar-downloed.ga
divar-downloed.ml
divar-downloed.tk
dostiyab8w.cf
dowload-irsna.tk
downlodsana-ir.ml
downlodsn-ir.tk
downlodsna-ir.cf
downlodsna-ir.ga
downlodsna-ir.gq
downlodsna-ir.ml
downlodsna-ir.tk
dowsn-ir.ga
e-pioygir.ml
e-samaneh.xyz
eadl.online
ebl-iranian-ir.cf
ebl-irenian-ir.tk
ebl-irenien-ir.cf
ebl-ironian-ir.ml
eblaagh-sna.ml
eblagaqaz.cf
eblage-cenaea.ga
eblage-cenaea.ml
eblagh-adii.ml
eblagh-adl.online
eblagh-adle.gq
eblagh-adle.tk
eblagh-agahi.com
eblagh-eir.ml
eblagh-fq.ml
eblagh-fq.tk
eblagh-ghzae.ml
eblagh-in.cf
eblagh-in.ga
eblagh-in.gq
eblagh-in.ml
eblagh-in.tk
eblagh-login.com
eblagh-mir.ml
eblagh-mm.tk
eblagh-mtf.cf
eblagh-new.gq
eblagh-oiri.ml
eblagh-pygiri.cf
eblagh-pygiri.ga
eblagh-pygiri.ml
eblagh-pygiri.tk
eblagh-shaparak.tk
eblagh-view.com
eblagh-w.ml
eblagh-web.info
eblagh-wk.cf
eblagh-wk.ga
eblagh-wk.gq
eblagh-wk.ml
eblagh-wk.tk
eblagh110police.tk
eblagh2-adliran.com
eblaghc.cf
eblaghe-kk.tk
eblaghe-snair.gq
eblaghe.com
eblagheh.cf
eblaghge-dolat.ga
eblaghh.cf
eblaghi-irm.ml
eblaghi-irmli.ml
eblaghi-irt.ml
eblaghi-iry.ml
eblaghi-m.ml
eblaghir-ir.ml
eblaghiy-sana.cf
eblaghom.cf
eblaghy.cf
eblaghy.ga
eblaghye.ml
eblaghyeh-s.cf
eblaghyehmeli.cf
eblaghyen.ga
eblagpqw.cf
eblap-aldea.ga
eblap-aldea.ml
eblape-fete.tk
eblape-sane.tk
eblaphe-cene.tk
eblaqe-eadell.ga
eblaqe-eadell.gq
eblaqhadliran.com
eblaqie-sna.tk
ebleghi-ir.cf
ebleghi-ir.ga
ebleghi-ir.tk
eblgh-adl.cf
eblgh-adl.ml
eblgh-adl.tk
eblgh-dadsra.ml
eblgh-hmrah.cf
eblgh-hmrah.ga
eblgh-new.cf
eblgh-new.gq
eblgh-new.tk
eblghie.ml
eblgie-sna.ga
eblgie-sna.gq
eblgie-sna.ml
ebligu.ml
ebllagh-ml.tk
ebllagh-paygiri.gq
ebllagh-sna.online
ebllagh-sna.tk
ebllape-fete.tk
ebllapea-fefe.tk
ebllgh-sana.tk
edalat-eblaghi.com
edalat-hamarah.com
edalat-hamrahdl.tk
edalat-iri.tk
edalat1-eblagh.com
edalat2-eblagh.com
edalathamrah.cf
edalathamrah.click
edalathamrahe.cf
edalathamrahe.gq
edalet-hamrah.tk
edallate-hamrrah.gq
edallathmrah.cf
edallathmrah.ga
edallathmrah.tk
edalthamrah.tk
edl-iiiran.ml
edl-iran.tk
edlathamrahe.gq
elbaghe.ml
enterone.site
eol1-eblaghe.ga
erin-blilq.ml
fata-eblaghe.tk
fata-eblaghie.tk
fata-eblaghj.tk
fata-eblagie.ml
fata-eblagie.tk
fata-eblghe.ga
fata-eblghe.tk
fata-ebllagh.tk
fata-ebllaghi.tk
fata-eblogh.tk
fete-eblapea.tk
fetea-cenw.tk
gaz-gz.ml
ghvye-ddsra.ml
giftirancellapp.cf
hafezom.ml
hafezxexop.ml
hamta-mobile.gq
hamyar-meli.cf
iampedaret.cf
idal-eblagh.ml
idal-eblagh.tk
ir-ebl-iranian.cf
ir-eblaghi.ga
ir-eblaghi.gq
ir-eblaghi.ml
ir-samane.xyz
iran-edalat.cf
iran-edalat.gq
iran-edalat.ml
iran-edalat.tk
iran-irsana.ml
iran-samane.tk
iran-sanaeblagh.cf
iran-sanna.ga
iran-sanna.gq
iran-sanna.ml
iran-sanna.tk
ireblaq-sanal.cf
irn-irbilq.cf
irsana-eblagh.ga
iyegfhkjd.ml
kirkhartokosnanat.cf
kurdnameserver.tk
link-eblagh.ml
maykat.ir
nameserver.cf
norton-movingostar.cf
norton-movingostar.ga
norton-movingostar.ml
norton-movingostar.tk
ok-eblagh.tk
pancakes.cf
qouvve-qazaiie.tk
qouvve-qazayie.tk
qouvve-qazayye.tk
qovve-qazayye.ml
quvve-qazaiie.cf
quvve-qazayie.cf
quvve-qazayye.cf
rahgirisana-gov.ml
remtoe-zeuse.tk
rioblaqh-ien.cf
roboxz.ga
rubika-fil.ga
samanee-sana.ml
samaneh.site
sana-adl.cf
sana-ald.ga
sana-eblaghiyeeee.tk
sana-ebli.ml
sana-ebllgh.cf
sana-gostar.ml
sana-gostar.tk
sana-iranian.site
sana-troy.cf
sana-troy.ga
sana-troy.ml
sana-troy.tk
sana1-app.com
sana1-edalat.com
sanaa-ej.ml
sanaa-ej.tk
sanaa-wk.gq
sanaa-wk.ml
sanaa-wk.tk
sanaeblaghlyir.ml
sanaireblagh.tk
sanna-mellatt.tk
semaneadl-gov.cf
semene-eblape.tk
sena-adl.tk
sena-ald.tk
sena-ir-iron.ml
sena-ireniai.ml
sena-site-ir.ml
senai-wab.ml
senai-web.ml
setting-api-trust.ml
shapaarack-ir.ga
shaparako.tk
shaqarack-pay.ml
sheaparakf.tk
shekayat-iran.tk
si-gh-e.tk
sld-ebllaghie.ml
slo-edliran.ml
smnlq.ga
snaeblaghir.tk
snair-eblagh.ml
snair-eblagh.tk
snowyka.tk
snowyna.tk
sqdir.ga
ssana-ebllaghe.ml
svt-irn.tk
t-wallet-airdrob.ml
t-wallet-apa.ml
tk0r-ebllaghe.ml
tog-eblloghe.ml
trust-gift-airdrob.ml
trust-org.ml
twalletbonus.tk
uo-rahgir.ml
vhy-irn.tk
wallet-api-docks.ga
web-sana-ir.ml
www-adliran-ir.cf
www-eblagh-ir.ml
www-sana-ir.ml
www-sena-ir.ml

# Reference: https://twitter.com/malwrhunterteam/status/1487049183207075842
# Reference: https://www.virustotal.com/gui/ip-address/208.91.104.146/relations
# Reference: https://www.virustotal.com/gui/file/71eff95073a5fcd5f270f4aaba72d90460304bdb71fd4d32844bf38ea6b4a11d/detection
# Reference: https://www.virustotal.com/gui/file/70f6af40cd8e90e4d5d5339d03e35b9067d5840131fe6c98b945861c65d771c4/detection

aadl-iran.cf
aadl-iran.ml
aadl-iran.tk
aadll-iran.ml
abdullah.cf
abdullah.gq
ablag-u.cf
ablag-u.ml
adi-sfir.ml
adii-iran.ga
adii-iran.tk
adil-cen.email
adil-irqm.tk
adilait.ga
adilapp.digital
adilisnm.ml
adilr-com.cf
adilr-com.email
adilr-sn.cf
adir-sana.email
adir-wb.email
adl-link.cf
adl-pay-1400.ml
adli-tech.ml
adli-web.email
adlibln.email
adlir-fir.ga
adlir-web.email
adlira-sn.tk
adliran-dadagah.gq
adlirani-ir.cf
adlirn-sn.email
adlisana.ml
adlisnai.email
adsanae.ml
adsgiz.email
aedie.email
aedl-iran.ga
aedl-iran.gq
aeslde.email
ahmadi.tk
air-sna.email
airdrop-gp.ga
aktareh-sana.ml
all-edgar-cayce.com
app-peigiri.xyz
asaigwndbwh.cf
asdana.xyz
asdilcv.ml
asnal.email
asnal.ml
asnaval.email
asnel.email
asnl.email
asnli-sn.email
balqhsn.email
bem-shekayt-ir.tk
blagh-com.cf
bmi-edi.tk
bq-bmi.cf
bq-sn.ga
c0llab-land.link
check-edalat.ml
check-edalat.tk
d-payment.cf
dadsara-irin.tk
dail-qa.email
dhusiyebie.gq
dinvtuger.ml
divar--update.tk
divar-download.me
divar-downloed.cf
divar-downloed.ga
divar-downloed.ml
divar-downloed.tk
divar-login.cf
divar-login.ga
divar-login.gq
divar-login.ml
divar-login.tk
divar-online.ga
divar-open.cf
divar-open.ga
divar-open.gq
divar-open.ml
divar-open.tk
divar-pay-ir.gq
divar-uepdte.ga
divar-uepdte.ml
divar-uepdte.tk
divar-updatea.cf
divar-updatea.ga
divar-updatea.gq
divar-updatea.ml
divar-updatea.tk
divar-updaten.xyz
divar-updato.tk
divar-updeti.cf
divar-updeti.ga
divar.email
divarapp-download.cf
divarapp-download.ga
divarapp-download.gq
divarapp-download.ml
divarapp-download.tk
djvisicm.ml
dr-rem2.tk
drio-sn.ml
dum-irn.xyz
eadil-com.email
eblageh-1400.ml
eblageh-iran.ml
eblagh-efa.xyz
eblagh-mn.cf
eblagh-mtf.cf
eblagh-mtf.ga
eblagh-mtf.gq
eblagh-mtf.ml
eblagh-mtf.tk
eblagh-novin.xyz
eblagh-pro.xyz
eblagh-qhz.ml
eblagh-rina.gq
eblagh-rina.tk
eblagh-roy.cf
eblagh-roy.ga
eblagh-roy.gq
eblagh-roy.ml
eblagh-roy.tk
eblagh-saman.cf
eblagh-saman.ga
eblagh-saman.ml
eblagh-saman.tk
eblagh-sanairr.ga
eblagh-sna1.tk
eblagh.email
eblaghah.ml
eblaghre.ml
eblagi-u.ga
eblaqh-sn.email
eblaqhi.email
eblegh-ir.site
ebllaapea-sana.tk
ebllagh-sana.tk
eda-lat.cf
edallat-saham.tk
edallat.co
edialat.email
edie.email
edli-wb.email
eedl-iran.tk
eidalait.tk
eidalat-web.email
eidalat.email
eidalit.email
eidalt.email
erimblqhi.email
erinsn.digital
esnbalq.email
estkhdam-kar.ml
exn-dfil.ga
farasana.ml
fastssdserver.tk
fatae-eblaqyea.tk
fdio-ernm.tk
fdiom-dfim.tk
fvn-wer.tk
gerl-dfil.tk
gugjsyge.ml
hamta-ir.ml
hamtaa.ga
hejab.tk
iam-dialt.tk
iblqsni.email
idalat.email
idalliat.tk
im-ed.tk
im-eidlt.ml
im-erdalay.tk
install-ratking.ml
install-ratking.tk
ion-df.ga
ir-dalit.tk
ir-eblagh-sad.tk
ir-link.tk
ir-nm.ml
ir-saham.ml
ir-sana-hoviyat.cf
ir-sana.xyz
ir-shprak.xyz
ir-sn.cf
ir-xyz.tk
irbilohq.ga
irdailt.email
irdalat.ml
iren-sna.tk
irin-erml.tk
irldalat.tk
irn-duim.xyz
irn-dum.xyz
irsnl.digital
iry-ofd.ga
it-bnf.cf
it-bni.ga
jrc-kyoto2.org
kapark-ir.ga
live-sexsy.ml
ll-shapark.tk
login-sana.tk
logistical.monster
lsana.ml
mayket-ir-tk.tk
mig-ads.ga
modernie2020.tk
mrin-ibn.cf
newsion-oi.cf
nixselphtest.tk
ofogh-koorosh.tk
on-sana.xyz
otpdfkxc.tk
otpfamsdkf.ml
p4zserver.tk
panel-eblaghy.tk
panel-ratat.tk
panel-ratr.tk
panel-ratta.tk
pay-pamant.ga
pay-vn.tk
paygieiyy.tk
paygiriyughh.tk
paygiry-aief.tk
payment-sana.tk
pesareshoja.tk
pesarshoja.tk
peygiri-app-ir.tk
peygiri-eblagh-ir.tk
peygiri-org.online
peygiri-portal.ml
pigirii.site
pishgiri-app.me
poyasana.ml
pulsana.ml
qdj-irn.tk
qo-zi.ml
qsanae.ml
rdil-ir.email
rem-hugo.ml
rih-ern.tk
rikn-dsn.tk
ril-dri.tk
rimot-ml.ml
rimot-ml.tk
rterterg.ml
sabt-ahval.tk
sabtahval.tk
saham-edalat.tk
saham-ir.tk
saham-ir1.ml
saham-iran.ml
saham-iran.tk
saham-meli.ml
saham-meli.tk
saham.email
sahami.email
sahamir.ml
salamt-beh1.ml
sana-adilm.tk
sana-adl.me
sana-adlya.tk
sana-com.tk
sana-fax.xyz
sana-fgo.cf
sana-fgo.ga
sana-fgo.ml
sana-fgo.tk
sana-goev.me
sana-gostar.cf
sana-gostar.ga
sana-gostar.ml
sana-gostar.tk
sana-gozar.xyz
sana-ir.ga
sana-login.me
sana-nom.cf
sana-nom.ga
sana-nom.gq
sana-nom.ml
sana-nom.tk
sana-panal.tk
sana-peigir.me
sana-piget.tk
sana-pishga.tk
sana-prot.cf
sana-prot.ga
sana-prot.gq
sana-prot.ml
sana-prot.tk
sana-prot.xyz
sana-save.ga
sana-server.xyz
sana-tor.ga
sana-uni.ga
sana-uni.tk
sanaeae.ml
sanaf.ml
sanagov.ml
sanaia.ml
sanairan.email
sanako.ml
sanaoa.ml
sanata.ml
sanaua.ml
sanaus.ml
sehge.ml
self-rez1.ml
sena-on.email
shagarak-ir.tk
shami.ml
sianat.tk
sianatnet.tk
sianl.ml
sighe-federal.tk
sighe-online.tk
sighei.cf
sigheyabir.ml
sihamim.cf
sihge.cf
sihgeir.tk
simcart.ga
sinsona.tk
sn-ed.ml
snal.tk
snaleblq.digital
sndir.email
spicyod.tk
teck-web.ml
trustsetting.tk
vtp-uio.cf
web-edalat.email
web-idalat.email
web-sn.ml
wer-asnl.email
wrbir.ml
xzc-vbn.tk
yadalat.tk
yiu-zil.ml
zcm-rim.cf
zzzvncodest.tk

# Reference: https://www.virustotal.com/gui/file/7e2ba298f06277c8a94d9c456e33ae41fc005d520884fec018a7bf29f781cc40/detection

rat-1223.xyz

# Reference: https://www.virustotal.com/gui/ip-address/46.4.197.237/relations
# Reference: https://www.virustotal.com/gui/file/9e18ff6b88adabadaff6103a9baf0e025d35f27f5c6b8b4a47b6dada40fd5b80/detection
# Reference: https://www.virustotal.com/gui/file/9e18ff6b88adabadaff6103a9baf0e025d35f27f5c6b8b4a47b6dada40fd5b80/detection

kutahyaisgood.xyz
mytestprojects.xyz

# Reference: https://www.virustotal.com/gui/file/d096a6e8e530b31167d985d044e05b1a79d194475e7f88b63868648af8545d68/detection

rk-shaprak.ga

# Reference: https://www.virustotal.com/gui/file/4f42c41b45f462a3ce8f2397bdce8f3e24972fd62dfec539190e2a8430d494f8/detection

dem-pwer.tk

# Reference: https://www.virustotal.com/gui/ip-address/46.4.197.237/relations

araghijat-kashan.ir
dgr-shaprqk.ga
divar-shaprakc.tk
eblagh-internet-ir.tk
forosh-kala.tk
frs-shapark.ga
gay-yabi-iran.cf
hotan-payment.xyz
internet-98.xyz
ir-madarebakhtak.tk
ir-saman.tk
ir-shalpoal.tk
ir-shalpolak.tk
iran-rf.com
lcn-shaprak.tk
m-akhgargodaz.ir
mellat-segkbx.ml
mellatnet-ir.ml
pey-park.cf
pirmensuy.tk
posti1.xyz
saberghadimi.ir
sahaparak.tk
sana-lran-com.tk
sem-parsan.tk
shap-pewt.tk
shatel.xyz
shhaparkii.ga
shomal-cityeert.tk
shomal-papiount.tk
tejarabnk.xyz
up-kiteseen.xyz
upkit.xyz

# Reference: https://www.virustotal.com/gui/file/1dd5b90d208a476bf7fbc0f4e9429088dd0f663487657354dbb9288c1215f208/detection
# Reference: https://www.virustotal.com/gui/file/4deab5a6b65c6359809259d1764e3a7443b9f0f4161af77448e850467921cc20/detection

sh-k-rem.tk

# Reference: https://www.virustotal.com/gui/file/b59bcb7588a51557cf48b20734afa2531b756399853e5b34420992e51bbf7556/detection
# Reference: https://www.virustotal.com/gui/file/9227a9615569eba65e2d86930a33a4b1de257459a25de064a6d2eb25be124ef7/detection

sesverffvar.co.vu
toxic-remote.xyz

# Reference: https://www.virustotal.com/gui/file/527bc6b3382e6c780822922d2bc36ae2cfc5a013df48432b056cbb2700bcb3f9/detection

hahadev.tk

# Reference: https://www.virustotal.com/gui/file/5aab1fc870638c506b2eb2cf4de042ab90d30530d3a856d9a14856128ca0d3bc/detection
# Reference: https://www.virustotal.com/gui/file/1b0bfd8fc03035f3ffb737461e41368b5bd8b81021b87e8016b5b304fdb0369f/detection

nipald.tech
qovve-qazaie.tk

# Reference: https://www.virustotal.com/gui/file/f37a685d6162125f6ab48f29b392841c7a1d385b723e7690053c7f5d3fbece9a/detection

teodor.click
trustwailette.tk

# Reference: https://www.virustotal.com/gui/file/e5d8929f07a55966e3bcd6e79603acefe65175895e902912ff525972a2629345/detection

eblaghye-iran.tk

# Reference: https://www.virustotal.com/gui/file/e5993a0cc0ec2a9cf0d51474d9621ce2d263cef87619c86f170dff316783ac38/detection

baccxaz.tk

# Reference: https://www.virustotal.com/gui/file/dd32bee8613974fe5b8b21af2b2e61852d158bfa6641ed5fd7f3c83cf43a036a/detection

thisiskia.tk

# Reference: https://www.virustotal.com/gui/file/d6cef1fd235750646f53aee70849bfb79c2bfb8271ca8488e807aa4c94044e48/detection

teodor.iromizban.ir

# Reference: https://www.virustotal.com/gui/file/d233685af1b13191219cd3e0425cf5af324e11ae90fcd932b569338389e48ac3/detection

ir-melibank.tk

# Reference: https://www.virustotal.com/gui/file/b6eb2c1a5d829e20119dc6f53bdb366f5e5cf873f696ff575951808a681d3e85/detection

dadgostari.link

# Reference: https://www.virustotal.com/gui/file/26774e1c32e13407cbac4fc2a53c7dcbd1e2ed0511ae14fc83cffc247b7fe9f0/detection

shasparak-ir.tk

# Reference: https://www.virustotal.com/gui/file/c9ac805ffedd739eb3556a80e1fd4a9978f230643da03e6a975f3f3d69a7421e/detection

sana-irplran.gq

# Reference: https://www.virustotal.com/gui/file/b9a8e4c3800ca0939c83cf508ba0fcea23623724d8361e356b422c7081304965/detection

adl-sana-peygiri.tk

# Reference: https://www.virustotal.com/gui/file/b3cf2924e55753f29860e30e9bf48783011dc75a83d01fd4c1164b099297d9e9/detection

dadsetani.online
portal.dadsetani.online

# Reference: https://www.virustotal.com/gui/file/9775d15769d12340899adee58f55e7c9d825e56e1930c39d0629c3fe568a8601/detection

anlghie.com

# Reference: https://www.virustotal.com/gui/file/85970d790096ec8023eab216342878bfc1b468e78ce99a25cb47f73d85c6bdd5/detection

pardakht.subnitro.xyz

# Reference: https://www.virustotal.com/gui/file/61c00faa048750696d34e2a786c604232de27a7513b03fa8265288b7a57ac33f/detection
# Reference: https://www.virustotal.com/gui/file/2eea4e883a6b7aa955ee1de815da157f769d04777ece24a4695f58b86dd1e8dd/detection

devamir.nlsrv.xyz
api.devamir.nlsrv.xyz
remote.devamir.nlsrv.xyz

# Reference: https://www.virustotal.com/gui/file/5f3990cf6f84473805d24f5d020b7ba3bb58861e0a15c2fdd872925b68909bfc/detection

adl-webeb.com
irandl.de

# Reference: https://www.virustotal.com/gui/file/395387f97126d0ccc16240d7ad1e21ef2121861a8953d73a87976f99c7e51836/detection

divarlenjan.ir

# Reference: https://www.virustotal.com/gui/ip-address/64.44.139.170/relations

adlliran.cf
dadgah.online
dadgoostari.site
dadgostari.site
dadsetani-online.gq
dadsetani.online
dadsetani.xyz
dadseteni-online.ml
eadliran.ml
eblghi-irp.ml
konkoor.online
sanairani.online
shekayat.online
shekayat.site
shekayat.space
teodor.host
adl.dadgostari.site
adliran.dadgostari.site
bot.nipald.tech
eblagh.dadgostari.site
peygiri.dadgostari.site
pigiri.dadsetani.online
rat.dadgostari.site
sana.dadgostari.site
test.dadgostari.site

# Reference: https://www.virustotal.com/gui/ip-address/185.178.208.182/relations

sana2v-ir.ml

# Reference: https://www.virustotal.com/gui/file/e45065a3368e68c58ead61832714c98672ef64d124763a45aaaec51c848a7dc5/detection

shapalack.gq

# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.144/relations
# Reference: https://www.virustotal.com/gui/file/e85302bab5c106ce3fcd30fd527929c83b1a068240313bd21267934b6fc45c55/detection

adl-mi.xyz
adl-sana-1400.cf
adl-sana-ir.ga
adl-sana-pay.ml
aitdayidayifw.tk
dex-network.tk
dowapp-sna.tk
eblagh-hh-h.ml
eblagh-hh-h.tk
edailet.xyz
edallat-bi.tk
edallet.xyz
edllat.xyz
edllir.xyz
er-sn.ga
eri-mni.tk
fataeeblagh.tk
fr-in.ml
ir-dadgostari.gq
ir-dadgostari.ml
ir-qmi.ml
irn-qm.tk
jstfakykwcoyf.tk
kkl-irn.tk
live-sexsy.tk
orn-bmi.ga
police-adlsana.cf
qm-hi.cf
ratttt.ml
samanres.tk
sana-allrdronll.ml
siqe-yabi.ml
trust-api.ml
ucgcuugcugcuufuf.tk
www-peygiri-ir.ml
www-sanna.ml
ratroid.xyz

# Reference: https://www.virustotal.com/gui/ip-address/46.4.98.114/relations

30panel.ml
a-h-karimi.ir
amirh-rezaii.ir
api-rasatm.tk
dehkadeh-salamat.ir
epay-bank.ga
epay-bank.ml
epay-shaprak.ga
estelam-ir.ml
hadaf-host.ir
imen-shaparak.ml
imen-shaparak.tk
ir-melibank.tk
ir-sana.com
ir-sepahbank.tk
lr-sana.ml
mellat-sodt.cf
mellat-sodt.gq
mmd-alizade.tk
nme-top.tk
reza-hacker.tk
sajadfarshidi.ir
sana-gps.ir
sana-online.ga
saaaanaa.ir
sanagps.ir
sanaradyab.ir
sanat-polymer.ir
sep-bimarzx.tk
sep-mellat-pay.ml
service-majazi.tk
bot.nlsrv.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1495843293116215299
# Reference: https://www.virustotal.com/gui/file/82e60036bc67844e755e156af8073da9a85e2c456064655e785e97b8bf19e1d7/detection

dolat-sahm-ir.tk
sanaavir.ga
/rat-webpage

# Reference: https://www.virustotal.com/gui/file/8e27b8c5fbe82062b24041f5ca6fbcedee2ea7fddd5295faa12a5f817eefb3fb/detection

cefouccqw.tk
sanaweb-ir.gq

# Reference: https://www.virustotal.com/gui/file/304e3f2147cfb766cff07a2be24a806ed0e26775986ba76d29de1d082bdbc898/detection

sana-ewdliran.tk

# Reference: https://www.virustotal.com/gui/file/3023afb6e8c8eb8a70d5e103081d4bbb29562ac4b0c889cb7af7749726168b19/detection

sanaducir.ml

# Reference: https://www.virustotal.com/gui/ip-address/51.68.204.165/relations
# Reference: https://www.virustotal.com/gui/file/58e9a36836d627c01a833a617fc9a5eed81a8e0ed2b0d0d3677852ce9ca49c79/detection

eg-tk.tk
eblage-sn.tk
chat-web.tk
dadsetani-online.tk
eblage-sn.tk
ablagh-in.tk
ablaghie-samene.tk
black-scam.cf
siqeh-vip.tk
ablagh-on.cf
siqeh-vip.tk
claim389-xyz.ml

# Reference: https://twitter.com/malwrhunterteam/status/1501528659018063872
# Reference: https://www.virustotal.com/gui/file/28afc35f57f8efd59ded0d7e17239b46d1167a8e411b699374c611eea7308893/detection

semanehe.tel

# Refecerence: https://www.virustotal.com/gui/ip-address/64.44.139.142/relations

adl-irane.tk
adliran.in
ald-iren-sena.ga
dadgoostari.online
fata.adliran.in
fewrt-ater.tk
khalifa.host
norton-movingostar.ga
cyber.dadgoostari.online
server.khalifa.host

# Reference: https://www.virustotal.com/gui/ip-address/83.149.110.150/relations

apprimote.ml
mummy-remote.tk
remote-best.xyz
vip-toxic.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1448942274692386821
# Reference: https://twitter.com/malwrhunterteam/status/1450115138535710723
# Reference: https://twitter.com/malwrhunterteam/status/1450171823010861058

adlliran-ir.tk
du-shaparak.tk
my-divar.xyz
/kurddarv/
/ratsms.php

# Reference: https://twitter.com/malwrhunterteam/status/1460311901041213442
# Reference: https://www.virustotal.com/gui/file/662c25851648793ef276f6da53bd57e6375ec2f219b9d47a510c10b2ade9ac52/detection

bpm-shaparck.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1510268204567961611
# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.170/relations
# Reference: https://www.virustotal.com/gui/file/8f77d7e50fae594dd1d8925c98d775b2ce681a3a4336b85cd66d086803d1aa3c/detection

adiiran.cf
adiiran.ml
adilrni.digital
adliiran.email
adlilran.digital
adliraneb.digital
adliranpa.digital
adllran.digital
amoo-godret.ga
coinsolotions.tk
cointrust.tk
daad-sara.digital
dad-saraa.digital
dad-sarae.digital
dadd-sara.digital
daddsara.digital
dadgostary.digital
dadsara.email
ddadsara.digital
eblaghri.cf
eblaq-sna.tk
ed-adli.digital
edalat-hamrah.digital
edalat-saham.digital
edalat-sod.digital
edallat-hamrah.bike
edallat-hamrah.digital
edallat-hamrah.org
edallate-hamrah.bike
eddl-ir.digital
er-snmi.cf
erin-bql.tk
erinsn.digital
firm-ern.tk
gay-irani.tk
gmx8z.tk
goin-dr.cf
hack-pedart.tk
hamta-peygiri.digital
iranfaloweer.cf
iraniamil.digital
kardar-manzel.ml
kardarmanzel.ml
mm-peygiri.tk
nameserver0.tk
new-sas.ml
new-sas.tk
peygiri-ausy.tk
peygiri-hiir.tk
qoirnm.tk
ratzx0572.tk
remote-godrat.tk
samane-sana.digital
samane-sanam.tk
sana-mp.tk
sighei.cf
sinalei.digital
sirnad.digital
snataji.digital
trustsolution.tk
vop-shaparak.tk
xxx-com.ml
yaranedolati.online
iranfaloweer.sana-mp.tk
samane-sanam.sana-mp.tk

# Reference: https://www.virustotal.com/gui/file/58e9a36836d627c01a833a617fc9a5eed81a8e0ed2b0d0d3677852ce9ca49c79/detection
# Reference: https://www.virustotal.com/gui/file/4ea85b171c4c3f6d4ef8831860bb5f9a81f06be9394941ffd400b8bb14be42e4/detection

sianat-iran.ml

# Reference: https://twitter.com/malwrhunterteam/status/1514674246689206276
# Reference: https://www.virustotal.com/gui/ip-address/137.74.247.226/relations
# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.78/relations
# Reference: https://www.virustotal.com/gui/file/585a58a92e4cd71abbb7aedd297f263c934439f903759b00d546a9cc2d460ce1/detection
# Reference: https://www.virustotal.com/gui/file/986940169e3976b20541389128431c13198ff9898c0e5e4189702288fb53cb9b/detection
# Reference: https://www.virustotal.com/gui/file/502db17a210e226d4b2a842f1e51bfb8381b6b34e3f3743a4e1bb103b558b41b/detection
# Reference: https://www.virustotal.com/gui/file/88a7fb687bdf99aa5a6ac457b3a6f51c8a6bff3768e0dacc48ae725e51d7d770/detection
# Reference: https://www.virustotal.com/gui/file/73d97171058f68af8877fbafc06bcd24adc11b4917c382caf831ad76ba2e8825/detection
# Reference: https://www.virustotal.com/gui/file/3ecbabb1c5f89eb79e6fc29088b3da192011573b8c905ee7726729079882e97c/detection
# Reference: https://www.virustotal.com/gui/file/1941165af140ad4ffe5a009077c58e632b161b6324760db6722a116305b84257/detection
# Reference: https://www.virustotal.com/gui/file/d802fe9b0cc7144197d85bfea2d3df95accf76106fe1e8c4d3cbbd337fc090c4/detection

aamirb.tk
adliran-lr.digital
adlirani.uno
amqwpoho.cf
badgirl.ml
davidsexy.tk
deldadyar.tk
ebailgiesna.digital
ebalasghksna-lir.ml
ebalasghsna-lir.tk
ebalasglhksna-lir.ml
eblaghsna-ir.tk
eblfhsna-air.ml
eblfhsna-air.tk
edalsanair.tk
ireblgh-isai.tk
jesusdastan.tk
kardarmanzel.gq
khodrosellir.tk
kirkoloft.tk
lezatsara.tk
pancakeswap.ga
pay-peygiri-vv.gq
peygir.digital
samanese.digital
sanab.digital
sanairan.email
sani-spn.digital
sarapkishlm.ml
seksoloz.tk
seyedhastam.tk
shprkishi.ml
sigeirn.ml
siggeyab.ml
sighe-hooilo.tk
sighebazan.tk
sigheirn.tk
sigheyabiyar.tk
sigheyaran.ga
sigheyaran.ml
sigheyaran.tk
sinbelq.digital
singin-adela.ml
singin-adelan.ml
trustsolution.tk
walletrust.tk
wallettrust.ml

# Reference: https://twitter.com/malwrhunterteam/status/1516138822563942400
# Reference: https://www.virustotal.com/gui/file/0d5ce5d95ccc63171bf093846fc5cded61fa139ec46b537e41e61dff02d0214c/detection

classicbody.ir

# Reference: https://www.virustotal.com/gui/ip-address/148.251.66.48/relations
# Reference: https://www.virustotal.com/gui/file/1c18842c99ab0e13e3cef1055be8d1644263bd5057c979fc1f6c581271eb614a/detection

gahertp.ga

# Reference: https://www.virustotal.com/gui/file/577f8851e85fcf3801bef2595910fd5cde82dd01678d17a5692007a77743cd1c/detection

bb-shaperak.gq

# Reference: https://www.virustotal.com/gui/file/610f11051f26e24785907da5fcf5437e4f6ee7b26a7d30073dabd15774339033/detection

adlir.site
irlink.uno

# Reference: https://www.virustotal.com/gui/file/c4164474725bc57dbd6687491555e50ffec6fd850dd458af8d7455ddf1944b54/detection

sana-ireblagh.ml

# Reference: https://www.virustotal.com/gui/ip-address/185.178.208.183/relations

airdorop-terkk.ml
eadl-iran.ml
eb-snn-ir.xyz
edilte-lr.today
plc-melli-sana.tk
samane-lr.digital
samaneh.digital
samanehi.today
sanaa-adliran-ir.tk
sharparak.cf
sharparak.ml
sharparak.site
v-eblaghe.ml

# Reference: https://www.virustotal.com/gui/ip-address/116.202.132.155/relations
# Reference: https://www.virustotal.com/gui/ip-address/185.224.129.204/relations

ablag.cf
ali-hm.tk
edlir.ga
poye-set.tk
sana-sork.ga
sana-sork.tk
sato-valahir.tk
shiila.tk
sigheh-iran.ml
sina-bot.tk

# Reference: https://www.virustotal.com/gui/file/391ae849d06813632cf071de3ce061583a2d57e8ed2b49687c895077c064e85c/detection

bqm-im.ml

# Reference: https://www.virustotal.com/gui/file/c41613463e4a30720b880c9b7927f85f18e769e9af086d4c8aa25f55377cc483/detection

sahamety.ml

# Reference: https://www.virustotal.com/gui/ip-address/185.7.33.56/relations

aatrau.ml
aatrau.tk
adll-iiran.cf
aidl-iran.tk
aodl-iran.tk
ardl-iran.tk
bqm-ir.cf
d-payment.tk
dartstsjk.ml
dghsdhdf.tk
ebelighahy.ml
eblaghe-da.tk
eblaghe-er.tk
eblaghu-sana.tk
edaiat-ir.gq
edalat-lr.ga
edalat-lr.ml
edallat-saham.gq
edallate.fun
eedl-iran.ml
emamatbnd.tk
ghkljbpl.ml
hamta-ir.tk
ir-hamta-t.ml
ir-onlineir.ga
iran-sana-ir.ml
iren-qmi.ga
it-bint.tk
kaqaz.ml
live-sexsy.ml
otpfamsdkf.tk
peygiri-simcart.tk
peygiri.tech
radl-iran.ml
rat-install.cf
rathathu.ml
rem-kirkoloft.tk
rezaking19083.tk
rimot.ml
sabtahval.ml
saham-adlt.tk
sahamedalat-ir.ml
sahamety.cf
sahamety.ga
sahamety.gq
sahamety.tk
sahmieff.tk
san-new.tk
san1-new.tk
settestyy.ml
shekayate-ed.cf
sighep-bmb.ml
webardl-iran.tk
webcoinsuloton.tk
webir-hamta-t.ml
webiran-sana-ir.ml
webit-bint.tk
webradl-iran.ml
webrat-install.cf
websahmieff.tk
y-divar.tk
yksjsuns.tk

# Reference: https://virustotal.com/gui/ip-address/23.235.232.236/relations

adalat-app.lol
adalat.lol
adaltiran.lol
adliran.pics
app-eblagh.lol
divar.pics
eablgh.autos
eadalatu.me
eadlat.xyz
eadlt.blog
eadualat.ml
eadualat.tk
ebilagh.blog
ebilagh.lol
ebilangh.lol
eblaegh.lol
eblagh-org.lol
eblagh.homes
eblagh.pics
eblaghi.lol
eblaghiu.lol
eblaghj.lol
eblaghl.lol
eblaglh.lol
eblagoh.lol
eblaigh.com
eblaigh.lol
eblajgh.gifts
eblangh.lol
ebleagh.mom
ebliegh-gov.autos
ebllagh.lol
edalat.autos
eunlagh.lol
novin-pay.lol
peigiry.autos
peygiri.lol
peygiri130.lol
peyguri.buzz
peyjgiri.buzz
peytgiri.buzz
samaneh.blog
samaneh.pics
sana.pics
sanaen.digital
seana-ir.buzz
update-divar.lol

# Reference: https://www.virustotal.com/gui/ip-address/194.36.191.196/relations
# Reference: https://www.virustotal.com/gui/file/02e3c37acc6d9f1c4352f5203a101ae02958333c61a8773487f807b256926781/detection

bghana.online
dlivar.mobi
dlivar.pics
duivar.blog
eablagh.lol
ebilaigh.lol
eblaghc.lol
eblaght.lol
ebluagh.lol
ebolagh.lol
edalat-pay.xyz
eiblagh.lol
eublagh.lol
iran-adi.blog
iran-dadl.mobi
iran-sna.ml
iran-sna.mobi
iran-sna.tk
orgsna.cf
orgsna.ga
orgsna.gq
orgsna.ml
orgsna.tk
sana-irj.tk
sanago.me
sinanem.tk
sininame.tk
sinoname.tk
sna-news.mobi
sna-org.digital
sna-pro.digital
sna130iraeian.com
snaio.cf
snaio.ga
snaio.ml
snaio.tk
snaorg.cf
snaorg.ga
snaorg.ml
snaorg.tk
snioun.tk
snoinu.tk
sunina.tk
cf.sininame.tk
ga.sininame.tk
gq.sininame.tk
ml.sininame.tk
tk.sininame.tk
dlivar.mobi.sininame.tk
dlivar.sininame.tk
duivar.sininame.tk
eablagh.sininame.tk
ebilangh.sininame.tk
eblagh.sininame.tk
eblaghc.sininame.tk
eblaght.sininame.tk
ebluagh.sininame.tk
ebolagh.sininame.tk
edalat-pay.sininame.tk
eiblagh.sininame.tk
eublagh.sininame.tk
iran-dadl.sininame.tk
iran-sna.sininame.tk
iran-sna.tk.sininame.tk
mobi.sininame.tk
orgsna.cf.sininame.tk
orgsna.ga.sininame.tk
orgsna.gq.sininame.tk
orgsna.ml.sininame.tk
orgsna.sininame.tk
sana-irj.sininame.tk
sanago.sininame.tk
sinanem.sininame.tk
sinoname.sininame.tk
sna-news.sininame.tk
sna-org.sininame.tk
sna-pro.sininame.tk
sna130iraeian.sininame.tk
snaio.cf.sininame.tk
snaio.ga.sininame.tk
snaio.ml.sininame.tk
snaio.sininame.tk
snaorg.cf.sininame.tk
snaorg.ga.sininame.tk
snaorg.gq.sininame.tk
snaorg.ml.sininame.tk
snioun.sininame.tk
snoinu.sininame.tk
sunina.sininame.tk

# Reference: https://www.virustotal.com/gui/ip-address/162.55.170.81/relations
# Reference: https://www.virustotal.com/gui/ip-address/167.235.56.216/relations
# Reference: https://www.virustotal.com/gui/file/5b3b612e0b32c57fd5469337b809cdd85cc92ca2b5ad45fcb136d083f4b5897e/detection

api-tel.xyz
daad-sara.lol
daadsara.mom
dad-saara.lol
dad-sara.lol
dad-sara.mom
dadd-sara.lol
daddsara.mom
dadsara.mom
dadssara.mom
ddad-sara.lol
ddadsara.mom
eblagie12.vin
edaallt.mom
edalaat.wtf
edalat.lol
edalat.mom
edalat.wiki
edalati.mom
edalati.wiki
edalitan.mom
edallat.lol
edallat.mom
edallat.wtf
eddalat.lol
edi2001f.xyz
edilat.mom
eedalat.lol
eedalat.mom
eedalat.wtf
iedalat.wtf
iranmeli.vip
iransaman.vip
livesex-iran.tk
redalat.lol
samaniran.vip

# Reference: https://www.virustotal.com/gui/ip-address/178.162.159.1/relations
# Reference: https://www.virustotal.com/gui/file/91fe8567ab09036639c495436867dc2e923fd631e25f51bd66e8bcae3a1de7d1/detection

bbb-dl.ir
blaze-api.site
bmq-shaparak.ml
digimajaz-bot.ir
herni-bot.ir
hidden-bot.tk
homaion-bot.ir
onlne-shop-bot.ir
panel-bot.xyz
qma-bot.ir
saiaair.site
shaikhaliii.tk
shaparack-iir.ga
shaparack-iir.tk
shapark-qp.tk
shapparak.tk
tame-salamati.ir
wedlost001.ir

# Reference: https://www.virustotal.com/gui/file/7888e4e7e9211f9fd771a5962f57d450879dcb1bf1672131ce6dc2cb460c7333/detection

fjzgsgsbusnak.gq
ueblaghocdgh.xyz

# Reference: https://www.virustotal.com/gui/ip-address/104.21.84.235/relations

eadalat.lol

# Reference: https://twitter.com/midnight_comms/status/1531037250275794945
# Reference: https://www.virustotal.com/gui/file/fcf3723de67b948068e4bb61edb18448648242e8be2a9e1548e2eef1ddd8049c/detection

app-lurd.xyz

# Reference: https://www.virustotal.com/gui/file/ba746e66e40bb7f888d5b0d5ebe185a45fd3a8343f1739c77943198a5b34a3aa/detection

scandarremote.xyz

# Reference: https://www.virustotal.com/gui/file/072b8d78574d6820c14781e47dbdaa00bdc1c9b79641e620c58948c22821224c/detection

lordremote.xyz

# Reference: https://www.virustotal.com/gui/file/1302e12ee2fe4425ffc370ed06d0983aa8de87d323d0ddf3fc86b463a68b1c49/detection

defeserremote.xyz

# Reference: https://www.virustotal.com/gui/file/55ba423284602722e8212f15899a5b40eab5fe69616d8b98e45a75e65b484d57/detection

estelame.boutique
mummy-vip.xyz

# Reference: https://www.virustotal.com/gui/ip-address/185.73.115.138/relations

sarane-nan.ml
taqva.cf

# Reference: https://www.virustotal.com/gui/ip-address/45.148.145.51/relations
# Reference: https://www.virustotal.com/gui/file/306cb23b6a95150dafd066e693210223f25753b2ee81f25c75e3ae319125cbd5/detection

0o0o0o00o.cf
adealat.xyz
adilq.com
adl-qmo.xyz
adli-wetin.ml
adlilran.cf
adlilran.ga
adlilran.gq
adlilran.ml
adlilran.tk
adlio-dir.xyz
ads-edif.ml
adualat.stream
adz-dfx.ml
aedalat.xyz
asdfgh-qqez1.tk
asdilt.com
asn-ijn.cf
asn-nqm.ml
bandar-bamdar.ml
bmiorn.cf
dadgh.lol
dadreci-ir.com
dogah.lol
dost-ir.ga
eblaghty.xyz
eblaghye-ediiran-gq.gq
eblaghyi.xyz
edarlat.xyz
edig-gof.cf
edilotsn.cf
edisn.xyz
esirdl.makeup
faffffffffmilyhsvsjsbsgs.tk
familylijnaikomsrjsg.tk
fkljwrw.com
ghsna.com
go-adlatcyon.cyou
gobtozendegi.tk
help-live.ml
hemtaw-ir.gq
hgad-ir.com
hmtlran22.tk
httphttpshttp.ga
httpshttpssl.cf
httpshtttpsslman.ga
i-dadres.com
i110-0o.ga
iedlati.cf
ir-bgft.tk
iran-ca.cf
iran-pas.ml
iran-pot.ml
irankhaldaliraniranghoreshshiran.tk
jshsyy.cf
jsnxjejsjsksks.ml
lichereuueueue.gq
livesexia.cf
markazi-tc.cf
markazi-tc.gq
markazi-tc.ml
mayket-iran.ga
mayket-iran.ml
mislon.ml
mountaining.tk
novin-adalat.click
o010101010j.cf
p0rdakhti.cf
paeygiri.com
peygieri.com
peygirei.com
peygiri-panel.cloud
peygiyri.com
polwer.xyz
portalesn.com
portkalesn.xyz
prakqme.tk
prc-ir.com
putifar-gangan.gq
q0i1-zx0m-01010js-https.ga
q0z1tb4im5p.ga
rayan-sana.xyz
refahe.xyz
remot-hell.ml
remot-seyedi.ml
rimot-tst.ml
salon-dl.tk
samaneyha.cf
samanosmani23.ml
samiram-mame.ga
samiram-mame.gq
samiram-mame.ml
samiram-mame.tk
sanator.lol
sandilom.ga
sarane-nan.cf
sarane-nan.com
sarane-nan.gq
sdfion.xyz
sdghim.ml
sdilen.co.uk
sdilsn.co.uk
sdinmg.cf
sedil.wiki
senea.cf
senea.ga
senea.gq
senea.ml
senea.tk
ser-opo.tk
serdlin.tk
serlinr.cf
siaqwe.ga
sighai.cf
sighe-iran-ir.cf
sighe-iran-ir.ga
silion.xyz
siljmr.ml
sissn-1om.ga
slidrin.wiki
sn-adl-eblqsnilopn0.ga
snaedil.com
sndirm.cf
snildl.co
sopi-edg.ml
star-new.lol
taqva.cf
tfdrtdtfdjk.ml
ufisna.com
up-dadsara.com
webedarlat.xyz
webpolwer.xyz
wern-asdfm.ga
wert-asxbn.tk
yno-peygir.cyou
yunbanm5.ga
ns1.o010101010j.cf
ns1.samanosmani23.ml
ns2.o010101010j.cf
ns2.samanosmani23.ml

# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.254/relations
# Reference: https://www.virustotal.com/gui/file/17f154479152a372be70d5441246a6e85e71a32cdce0e470065b031bb3715c86/detection

remote-best.cf
ad-lie.ga
ad-qm.xyz
adil-iren.cf
adir-li.tk
adkholrey.ml
adl-conteir.ml
coinsolution.tk
fir-gh.ml
gfhfghghhgfj.tk
goir-go.ga
hamta-iran.gq
hemayt-rayane.ml
htmta-iran.ml
htmta-iranmmmm.ml
ir-adli.ga
ir-foir.tk
nw-rea.tk
pn-eblegh.ml
qmi-adl.xyz
shop-rdix.ml
tabchi-arsllan.ml
tikwebir.cf
vzartir.cf

# Reference: https://www.virustotal.com/gui/ip-address/95.181.161.209/relations
# Reference: https://www.virustotal.com/gui/file/e93dd572c08dd5402fb3a34dd7015c521fbfa0e9daba9dedb7955782f0ca167d/detection

adl-center.in
adl-center.online
adl-snae.tk
adlirn-sana.ml
bargheman-ir.ml
dadgstreie.gq
dark-rem.tk
ddsra.ga
ddsra.ml
djvisicm.ml
dr-saz.cf
ebiligiieh-sanap.ml
ebiliqie-irsna.ml
ebl-edallate.tk
eblagh-da.ml
eblagh-er.ml
eblghiehe-irsna.ml
ebliqiehe-sanaps.ml
edl-center.nl
edu-center.eu
edu-center.us
hamdam-yab-ir.cf
hamta-fan-ir.ml
insta-log.ml
ir-ablaghie.ml
ir-dadgostari-sana.ml
ir-follwertik.ml
kart-melii.tk
melat-ir.ml
newe-eblghe.tk
semaneh.uk
shop-sap.ml
sianat-meli.cf
sighe-hallahs.cf
sighe-ir.ml
sigheg-on.ml
siyanat-ir.ml
snafta-ir.tk
snapkomak.tk
trustwallet-im.ml
vacsan-ir.tk

# Reference: https://www.virustotal.com/gui/file/e50d15ea51e487272e017b5ec39f8278e02a879496a1ff26a037c77179420de0/detection

commo.ir

# Reference: https://www.virustotal.com/gui/ip-address/91.223.82.6/relations

addlern.digital
adianqo.uno
adilapp.digital
adilran-ir.ga
adilran-ir.gq
adilran-ir.tk
adliran-ir.space
adliran-meli.site
adliran-site-ir.cf
adlisna.uno
adllity.zone
arizydigitall.tk
bqmi-ern.tk
bqmi-ernx.cf
d-payment.cf
d-payment.ga
diwarha.tk
ebliqhs.tk
edalat.email
edalatir.ga
edalatire.tk
edilat.digital
edilti.uno
ediltie.tk
ediltoi.uno
ediltoiq.tk
edlsanhj.tk
edlsanop.email
edrsmf.uno
eidalat.zone
eidalatd.uno
elatadesan.ml
elatadesan.tk
esamam.me
fetasnb.ml
i-shan.ir
inelat.uno
ir-edisn.tk
iran-eblagh-ir.cf
iredsln.tk
isnial.digital
king-mester.tk
mediadll.tk
neew-sha.gq
new-saq.ml
new-see-iran.email
payment-sana.ml
payment-sana.tk
pom-new.xyz
pom-shq.com
pom-shq.ml
rat-remote-kingscam.tk
samaneye-sana.ga
san-neew.cf
san-new.gq
san-pomw.cf
sernide.tk
shapark-eblagh.ml
sihge.ga
sna-edlt.tk
snaied.uno
snedalm.tk
tabgi-host.tk
vair.uno
vamir.digital

# Reference: https://www.virustotal.com/gui/file/580651faba9fe0f9d188b721697e6f560211155d816708078b5c2852bbacf856/detection

rimot.xyz

# Reference: https://www.virustotal.com/gui/file/c438a3794207612fb6a04234db93ea0d6afbd6c5533e058657e011d5571d2cd9/detection

farmspn.ml

# Reference: https://www.virustotal.com/gui/file/11a6eda2e4c3e2184983c70995c206bdab8d0cc84595d3cde047db6071606652/detection

irantafb.tk

# Reference: https://twitter.com/malwrhunterteam/status/1536447238611804160
# Reference: https://twitter.com/midnight_comms/status/1536464844194447360
# Reference: https://www.virustotal.com/gui/file/b2ee8266233bd20b3b477fb36a69b07c6043cdb0192c844d88c49e606cc1381b/detection

alidizstartf.xyz
indastanabade.xyz
/RezaDivar/GetLink.php
/RezaDivar/PingDevice.php
/RezaDivar/RegisterDevice.php
/RezaDivar/UpdateDevice.php
/RezaDivar/UploadSms.php

# Reference: https://www.virustotal.com/gui/file/1a8342f79b002ff8b3140f27d54a9cb2962d2a6d946e9339b779838aef81ac54/detection

ad-shaparak.gq

# Reference: https://www.virustotal.com/gui/ip-address/185.73.115.158/relations
# Reference: https://www.virustotal.com/gui/file/fb77a0e0ce719877c7104d2206eca9800ae390ea441996af2ca1aa03c6baa35f/detection
# Reference: https://www.virustotal.com/gui/file/f763535f6137bf4295c494e205d31a2b8c0fa271dbbfd9aacd4a5186db849b22/detection
# Reference: https://www.virustotal.com/gui/file/ad0ccd8886ee7d594047c7aa59eeca8a1671e0eba84ad9029424fa849da15033/detection
# Reference: https://www.virustotal.com/gui/file/85dcb883d0a3b75d18069d46d6b891603436f22744b0f3dde4ccc290dc90a079/detection
# Reference: https://www.virustotal.com/gui/file/6e9bafe47ceaeda715015f1439ef83402ee7273fbf920ca7ea14c2e95128664d/detection
# Reference: https://www.virustotal.com/gui/file/60d4847d936d9f8f26bc6f86b506bc17c2c28b23cc4610a94fe622bd6a91fd89/detection

defeserremote.xyz
wprowprorlflr2w.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1539612228051165186
# Reference: https://www.virustotal.com/gui/ip-address/192.227.158.58/relations
# Reference: https://www.virustotal.com/gui/ip-address/45.148.145.156/relations
# Reference: https://www.virustotal.com/gui/file/1aebaec4e84c940f63d5c1186e8b6ad1d7beb79f2b4c9ff12c523e309be09f3d/detection
# Reference: https://www.virustotal.com/gui/file/fda58e1a679fe1797dcd06048eb58dbf65c0b58e254ae552a87449a906d22341/detection
# Reference: https://www.virustotal.com/gui/file/cc5c482d8afc11d06c5f270126a1665ce3a40e64b975e3255deac9fef82dd175/detection

abnsdf.ml
abpoll.ga
abpoll.ml
abpoll.tk
acdpe.cf
acdpe.gq
acdpe.ml
acdpe.tk
adalet.ml
adcgdr.ml
adcgdr.tk
addbzna.ml
adelane.ml
adesri.cf
adesri.ga
adesri.gq
adesri.ml
adesri.tk
aetqwoi.tk
ahnzb.gq
aisioiie.ml
aisioiie.tk
alikinghell1.tk
amasip.tk
amestar.cf
amestar.ga
amestar.gq
amirturk.tk
amirwex.tk
amsdp.tk
ap-sighea.ml
apidas.ml
apksi.ml
aponk.ml
apouch.ga
apouch.gq
apouch.ml
apouch.tk
app-edlle.tk
apps-ebie.tk
apps-edle.tk
apps-sna.tk
areuri.cf
areuri.ga
areuri.gq
areuri.ml
aryuio.ga
aryuio.tk
asiosi.gq
asiosi.ml
aswei.ml
aszwi.ga
aszwi.ml
ausuc.cf
ausuc.ml
avnmz.tk
awf87t7igaufhgajh.tk
awfihwfhfwook.tk
awfrywafgh.tk
axcver.ga
axcver.ml
axcver.tk
azoiro.gq
azpwe.tk
barqq-ir.tk
barrq-ir.ml
bauskc.tk
bich-remot.cf
bk-to3el.xyz
bobew.gq
bobew.ml
brghmn2.tk
bsrak.tk
cchckecermmdapi.ml
cecioe.cf
cecioe.gq
cecioe.ml
cecioe.tk
cionic.cf
cionic.tk
cna-eblagh.tk
crate-wallet.tk
dabnzm.gq
dajajsjsshah.tk
dalxna.tk
dapbek.gq
daporn.gq
daudgah.cf
daudguh.ga
daudguhi.ml
daudguhi.tk
daunbs.tk
daymon.tk
divan-keshvar.ga
ebaun.ml
ebblqh-ir.tk
ebl-agie.ml
eblagh-asi.tk
eblagh-ir.ml
eblaghbn.tk
eblghlran2.tk
ebllagh-ir.ml
edalate-ir.tk
edie-ir.xyz
edipk.builders
edla-ir.xyz
edle-ft.tk
edle-ir.builders
edle-ir.xyz
edle.beauty
edlpk.builders
ehzarey.cf
ehzarey.ga
ehzarey.gq
ehzarey.ml
ehzarey.tk
ehzareye.ml
ehzareye.tk
epirk.tk
eqpwo.tk
etepat.ml
fast-follower.tk
ffuxhikmmjin.gq
fopami.ml
givelran2.tk
gyybie.ml
haamta-ir.ml
hampa-co.tk
hellofucker.tk
hellofuycer.tk
huslav.ga
huslav.gq
huslav.ml
huslav.tk
idrat.tk
iniawfhkfrfwa.tk
inkoial.ml
interrnetarzan.ml
iopqo.cf
iopqo.gq
iopqo.ml
iozexc.ga
ir-dsaz.tk
ir-snnaa-shprk.cf
irann.tk
isi-sharpak.cf
katds.tk
kaznsm.tk
khone-khaly.tk
kissybi.gq
kosnanatagekartnazani.tk
laeiebx.tk
laopls.gq
livealirezadalqak.ml
livedse.tk
livedsexy.tk
liveeeeemshikasrmoj.tk
liveeeemola.ml
liveemolayiietdhx.tk
livemashiiihi.tk
livemollayi.ml
livemollayimsh.tk
lives-sex.tk
lseueyeueueiei.tk
luvejsjskskeek.tk
madarsagmmdf.tk
masterrcraft.ga
maxgame.ml
nahubn.ml
neqw.ml
neqw.tk
nerios.cf
nerios.ml
newtm.xyz
neziwo.cf
oabhsm.tk
obneie.tk
obsah.tk
odlran2.tk
opwc.tk
paychsaz2.tk
payment-tokan.ml
piehcz.tk
pokya.gq
pokya.ml
remot-koniy.tk
remoteclowns.ml
remotepppo.ml
remsai.gq
remteseyedasal.ml
roewz.cf
roewz.gq
sabibd.tk
sabnme.tk
sahame-edait-ir.tk
samane-barq.cf
sapor.tk
saunbz.tk
sazman-bargh.tk
seghehmdl2.tk
setting-wallet.ga
settingwallet.ml
settting-wallet.tk
sexe-live.tk
sexjaj.tk
sexlivei.ml
sexlives.tk
sghe-ap.tk
sghe-hmdm-2.tk
shakvay.tk
sharj-r.tk
shaypor2.tk
sig-e.tk
sigh-e.cf
sigh-ham.ml
sighae.tk
sighe-ap.tk
sighe-app.tk
sighe-b.tk
sighe-epn.tk
sighe-hlo.tk
sigheai.tk
sighean.tk
sighey.tk
sigheyae.gq
siko.tk
sikokillerbet.tk
sjsshss.tk
snadebl.gq
spauab.xyz
stting-wallet.ml
supere-karlos.tk
suportwaiiet.com
syghe-i.tk
taobda.tk
terkswap.ml
thekingofbet.ml
trqlbn.gq
trqlbn.ml
trqlbn.tk
trust-setting.ml
trust-wallet.ga
ubskam.ml
ukedg.ml
unbiak.tk
unskam.gq
upaygir2.tk
upirre.ml
upirre.tk
userda.gq
usrnbsj.tk
uvbzna.gq
viopm.gq
viopm.ml
viopm.tk
vipcodel.ga
viponio.ga
viponio.ml
viponio.tk
volaka.tk
vopawio.tk
vorod-dudgah.tk
vwexi.ga
vwexi.gq
web-trustwallet.tk
webamsdp.tk
wiprh.tk
wiqlr.mom
wisna.tk
wrbir.tk
xarmy.cf
ybalfm.tk
ycakd.gq
yoyrego.tk
yzxch.ml

# Reference: https://www.virustotal.com/gui/file/0110aec813c4c0d75ad2d18491b80ba6affcabb9e7d553fb0d1e9d9cf5bac981/detection
# Reference: https://www.virustotal.com/gui/file/52931ebf8a5192ba328d64eac9c2fb275c19013c04891b33f8d124713eafc1b3/detection
# Reference: https://www.virustotal.com/gui/file/b4b0e5d1170f8c6085860845437b861dde757a34620fddee1d258d9df97f1d28/detection

rimote.xyz
welaogh.shop

# Reference: https://twitter.com/malwrhunterteam/status/1544056230863376387
# Reference: https://twitter.com/midnight_comms/status/1544365460602245121
# Reference: https://www.virustotal.com/gui/ip-address/46.23.109.149/relations
# Reference: https://www.virustotal.com/gui/ip-address/88.218.17.127/relations
# Reference: https://www.virustotal.com/gui/file/eff8594aa83411948b1e2211795f22064dec6b43fab36f08a053fbdda4b8c68f/detection

app-me.host
vip-app.cf
afsrg.com
azknc.com
dhnma.com
fjzuv.com
gmhaj.com
hsfdf.com
hsjcb.com
hskcm.com
hsnch.com
jkjdfs.com
jsgcb.com
jvdmn.com
jwhic.com
kdgck.com
kdhcj.com
ksbxu.com
ldrgh.com
mduxb.com
mmd-shz.tk
nshch.com
nsyud.com
oagsk.com
sdefrt.com
shnmz.com
shpaz.com
shpqz.com
shqpz.com
wtfdm.com
wtfhb.com
wtfzx.com
pay-shaparrak.tk
azknc.fjzuv.com
dhnma.shpqz.com
kdgck.shpqz.com
kdhcj.fjzuv.com
ldrgh.sdefrt.com
nsoagsk.hsjcb.com
nsyud.ksbxu.com
oagsk.hsjcb.com
shnmz.ksbxu.com
wtfzx.jwhic.com
/amir/rat.php
/amir/url.txt

# Reference: https://www.virustotal.com/gui/ip-address/213.202.212.117/relations
# Reference: https://www.virustotal.com/gui/file/68698c809d4e45f4fa2fc509fe9593f195f7465d66af76dd6dbd49aa0cedec5e/detection
# Reference: https://www.virustotal.com/gui/file/0a4be97009c473126589c22b8840f9c6be714f2893a5b408525d3fa57a5b3d7d/detection
# Reference: https://www.virustotal.com/gui/file/29a6bac0884a2a5bece982cd034af2da0cf4b33429873781c6a5511471f82bc1/detection
# Reference: https://www.virustotal.com/gui/file/3d42afb6b462868b42373c35fbd0b3a687961b135c840bc126d9fc4cb8954d44/detection

abdullahbtw.me
accouninthanlsc.tk
accountsfn.xyz
addbzan-ir.tk
adl1ran.cf
adllran.tk
alanoitaliano.pl
alfa-service.tk
aminpardazan.tk
amnpardazesh.gq
astroxhosting.com
automxh1s.site
b9hclub.games
baharpardakht.tk
bakawap.gq
barannama.tk
barnamesazan.tk
bastehsaman.tk
batlantiquebrci.com
battlegroundmobileindiaredeem.gq
bax-d.tk
bax-e.tk
bax-g.tk
bax-i.tk
bax-q.tk
bax-t.tk
bax-u.tk
bax-w.tk
bax-y.tk
baxbot.tk
baxsbot.tk
benamshop.cf
bestmobi.ml
bestmobi.tk
bgmieventofficialstar.xyz
bigdhon.com
bitshop-e.cf
black-coder.tk
bosnigozar.tk
botpardazan.tk
bottelegram.tk
boulwardgozar.tk
bpm-saraparak.ml
br3-sid.ml
circuzo.tk
circuzo365.tk
circuzohost.tk
cloudingbot.tk
codeshop.ga
codeshopvip.tk
control.tec-info.tk
copyrightcompanies.tk
cosmoismylove.tk
cpacenet.tk
cracked-game.com
crazyanimalcactus.ninja
cubepixel.host
customer-assistant.online
demopurpose.tk
demoweb1234.ga
digi-web-lev.gq
dnrr.tk
doithegiarefree.tk
dvfb.toitulam265.tk
eadlhamrah.ml
eb-webramz.ml
eblafuq.tk
eblaghie-online-ir.cf
eblaghie-online-ir.ga
estoneexchange.com
evertony.ml
filimoir.ml
findetehran.tk
fixemee.ddns.net
flacebook.ml
flashsub.tk
fm.sanujanc.tk
forzshop.cf
friends-forever.tk
gali-onlineban.tk
gali-sec.tk
galiciainthks.tk
galikc1.tk
galiser.tk
gautampro.tk
ghequa.gq
gjh71dk6dj5hlfklj.com
glembu.com
globalradarconnect.net
goldenhost8.tk
heek.ml
hellalgaran.tk
hopbot.cf
hosseindel.tk
hquancutes1tg.gq
ianparodi.com
includemi.com
instatech.me
ir-online-live.ml
ir-online-live.tk
iranarz.cf
iranliveonline.tk
iranteh.tk
jabook.tk
jm-digital.store
kartexbin.ml
kcartbit.ml
keyvipvn.tk
khansaabsmm.tk
kiakia.tk
killshop.tk
knowledgesharingblog.tk
kontakto.tk
kookoogaming.tk
kotob.ga
kotobi.ga
ldfollowers.live
ldfollowers.tech
linksub.tk
liveasistance.xyz
m-mahdi.tk
m71l.com
mahnamebot.tk
mainsmmcom.tk
matinkkkkk.tk
maxservir.tk
meerna.me
memedesimo.tk
mo-xz.tk
mpanel710.tk
mpranotewebku.tk
mrkiler.tk
mydigitalcart.gq
myketnambur.cf
mysoc.tk
namberownpool.tk
naranx.tk
neginrezaei.tk
neginrezaeiii.tk
neweblagh-sana.tk
newsalwys.com
nottyx.xyz
omega.alanoitaliano.pl
omidsazan.tk
onlineban.tk
osgtm.ml
owoo.tk
paigiri-iran.tk
paigiri.tk
parawarjaintia.tk
pardakhtbot.ga
pardakhtehran.tk
pardakhtgaranamn.tk
pardakhtgaranemomtaz.tk
passandazanefarda.tk
pastiglieperdieta.tk
paybill.dynv6.net
poblo-yar.ga
poolestanee.tk
poolkcart.ml
popcorns.cf
popcorns.ga
popcorns.gq
popy.tk
postyz-sana.gq
potoncita.com
psigiriy-iran110.ga
quanmxhthainguyen.tk
rayannama.tk
rem-doost.tk
remote-end.tk
remote-ku.gq
rockads.tk
roshdestan.tk
saderatearzi.tk
samaans.tk
samanebox.tk
samanenour.tk
samanparak.cf
sanaa-qo-ir.ml
sanujanc.tk
sanujans.tk
sanujasvps.tk
say-parapak.ga
sazmanneh.ml
scars.gq
secgali.tk
seenkia.tk
selaminko2345.gq
seo-studio.ga
seopanel.ga
shahkarefarda.tk
shahparyan.cf
shaparak-bpzz.cf
shaparak-ir-meli.tk
shlarak.ml
shoes-farda-shmal.tk
shomarestan.tk
shop-kal.ml
shop-kal.tk
shop-sap.cf
shop-sap.gq
shopdat09.tk
shopdatvina.gq
shopgamevip.gq
showtak.gq
shzremeb.tk
sidhant.ga
sidhant.ml
silvudv.tk
silvudvsd.tk
sivccert.tk
slqgl-ir.cf
socialexchangedemo.cf
splexhosting.net
splexmail.ml
ssecure.online
ssiveldv.tk
sslfree.tk
stacx-dev.tk
subdath.fun
subhongquan43.xyz
sulvedvs.tk
tec-info.tk
tehranpardakht.ml
tehranpaydar.tk
tehranshoping.tk
testearb.tk
theniclesty99.gq
thongtinuytin.gq
tijwal.ga
tiketshop.tk
tiktokdl.sanujanc.tk
toitulam265.tk
trustwallet-eng.tk
tstdelbara.tk
ttstbex.tk
twood.tk
userhat.cf
usershoping.gq
valct.tech
validservice.tk
vanilla.lol
vatanestan.tk
vatansazan.tk
virtualryzentools.tk
vivekshop.ml
vodsbot.ga
vqhteam.xyz
vqhteamtlbot.ga
web-sh.cf
web-sh.ga
web-sh.ml
web-sh.tk
webaddbzan-ir.tk
webalanoitaliano.pl
webalfa-service.tk
webamnpardazesh.gq
webbarannama.tk
webbarnamesazan.tk
webbastehsaman.tk
webbattlegroundmobileindiaredeem.gq
webbaxbot.tk
webbaxsbot.tk
webbigdhon.com
webbitshop-e.cf
webblack-coder.tk
webbosnigozar.tk
webbotpardazan.tk
webboulwardgozar.tk
webcloudingbot.tk
webcodeshopvip.tk
webcopyrightcompanies.tk
webcustomer-assistant.online
webeadlhamrah.ml
webeb-webramz.ml
webeblaghie-online-ir.ga
webfilimoir.ml
webforzshop.cf
webfriends-forever.tk
webgautampro.tk
webglembu.com
webglobalradarconnect.net
webgoldenhost8.tk
webheek.ml
webhellalgaran.tk
webhopbot.cf
webhquancutes1tg.gq
webir-online-live.ml
webir-online-live.tk
webiranarz.cf
webiranliveonline.tk
webiranteh.tk
webjm-digital.store
webkcartbit.ml
webknowledgesharingblog.tk
webkotob.ga
webkotobi.ga
webldfollowers.live
webmahnamebot.tk
webmaxservir.tk
webmpranotewebku.tk
webmysoc.tk
webnamberownpool.tk
webnewsalwys.com
webomidsazan.tk
webowoo.tk
webpardakhtehran.tk
webpardakhtgaranamn.tk
webpardakhtgaranemomtaz.tk
webpassandazanefarda.tk
webpoolestanee.tk
webpoolkcart.ml
webpopcorns.ga
webpopy.tk
webpotoncita.com
webrabetgozaran.tk
webrem-doost.tk
webrockads.tk
webroshdestan.tk
websaderatearzi.tk
websamanebox.tk
websamanenour.tk
webseo-studio.ga
webseopanel.ga
webshahkarefarda.tk
webshiro.tk
webshlarak.ml
webshomarestan.tk
webshowtak.gq
webshzremeb.tk
websiteface.tk
websplexhosting.net
websubhongquan43.xyz
webtec-info.tk
webtehranpardakht.ml
webtehranpaydar.tk
webtestearb.tk
webthongtinuytin.gq
webtijwal.ga
webtstdelbara.tk
webttstbex.tk
webuserhat.cf
webvatanestan.tk
webvodsbot.ga
webwebshiro.tk
webyavaraneomid.tk
webyooz-shop.tk
webzuuniverse.space
well-fargo-account-protection.tk
wells-protection.tk
xbdksklslskdjd.tk
xseeyoux.tk
yavaraneomid.tk
yooz-shop.tk
youseftechno.tk
zackworld.ml
zathiheo.tk
zaypaihtetportfolio.tk
zoxo.tk
zuuniverse.space

# Reference: https://www.virustotal.com/gui/ip-address/20.77.43.47/relations
# Reference: https://www.virustotal.com/gui/file/de6ca9b6c535bbaeec7ca37500e80f2dc7dc1e1933d21837a02caeb05e196a4f/detection

aadltiran.boutique
adallat--1401.tk
adl-14001.ga
adlt-iran.boutique
aidl-iran.boutique
asdllran2.tk
awior.ga
bahpadrmz.tk
dadgahieir.cf
dadgahieir.ml
dssd-cdwssssfj.ga
eadll-iran.cf
eadll-iran.ga
eadll-iran.gq
eadll-iran.ml
ebiagh.boutique
edalateire.tk
edalatire.ga
edltiran.boutique
edlxe.tk
eedl-iran.gq
eladate.ml
elanmask.boutique
estelame.boutique
exartn.cf
exartn.tk
godret-shah.online
gsoxnxow.gq
gy-ey.tk
iranine.xyz
iranion.boutique
iranion.gifts
iranion.lol
iredalat.tk
live-webb.cf
mey-myket.tk
mykt-nt.tk
odl-iran.cf
odl-iran.tk
padan-zeb.tk
pakadpakd.tk
panel-ratra.gq
panel-ratta.cf
peygirir.ml
peygirir.tk
plakdxkw.tech
radl-iran.cf
radl-iran.ga
sana--pxswhlkvg.ml
sanaadlin.tk
sanebillagh.boutique
shparkorg.tk
shprkinfo.tk
shrjpaynashnal2.tk
siigecom.tk
webaadltiran.boutique
webadlt-iran.boutique
webaidl-iran.boutique
webasdllran2.tk
webawior.ga
webdadgahieir.ml
webdssd-cdwssssfj.ga
webeadll-iran.cf
webeadll-iran.ga
webeadll-iran.gq
webeadll-iran.ml
webebiagh.boutique
webedltiran.boutique
webedlxe.tk
webeedl-iran.gq
webelanmask.boutique
webestelame.boutique
webexartn.cf
webexartn.tk
webgy-ey.tk
webiranine.xyz
webiranion.boutique
webiranion.gifts
webiranion.lol
weblive-webb.cf
webmey-myket.tk
webmykt-nt.tk
webodl-iran.cf
webodl-iran.tk
webpadan-zeb.tk
webpanel-ratra.gq
webpanel-ratta.cf
webradl-iran.cf
webradl-iran.ga
websana--pxswhlkvg.ml
websanaadlin.tk
websanebillagh.boutique
webshparkorg.tk
webshprkinfo.tk
webshrjpaynashnal2.tk
websiigecom.tk
webwipob.tk
webwrbir.tk
webwrblr.tk
webyarane-iran-ir.tk
wipob.tk
wrbir.tk
wrblr.tk
yar-ir.ml
yar-ir.tk
yarane--ir.online
yarane-iran-ir.ml
yarane-iran-ir.tk

# Reference: https://virustotal.com/gui/ip-address/5.135.243.203/relations
# Reference: https://virustotal.com/gui/ip-address/51.91.188.132/relations

1000ghe3.ir
213.academy
accu-optic.com
accunavsensor.com
afcivil.ir
afzoneh-nevis.com
afzoneh-nevis.ir
ajoreazadi.ir
alibabaproducts.ir
alibaghaeinia.ir
alimahjour.com
alimoghaddas.ir
alvandro.ir
amirkhosravan.ir
amlakkhas.ir
andishmandaniran.ir
appleidsell.ir
aryanbime.com
asarkharid.ir
asarpro.ir
asiyabani.ir
basaeer.ir
bornasanat-co.ir
bshmoghadas.ir
chamannejadian.ir
cncmegamaker.com
coldshop.site
coldshops.gq
cpanel-license.xyz
cslesani.ir
dollshousemoein.ir
dr-bidar.com
ecotak.ir
elmjoyanjavan.ir
faramovie.ir
fastpnet.xyz
foamara.com
ghara1400.ir
hassansadkhosravi.ir
hastiposh.ir
hosseinirad.de
hostasa.ir
hw-shop.ir
iust-educent.ir
jahesh-co.com
kamalafarin.com
kamalafarin.ir
kaminaz.ir
kamvardina.com
khalafian.ir
learnasan.ir
lorian.ir
luxiilo.ir
mahdiasgallery.ir
mahdinazifi.ir
manbegam.ir
medad.site
mehdidindar.ir
mfh-co.com
milcp.xyz
milvpn.xyz
mkejani.ir
mmjmarket.ir
mozeiri.ir
mr-alizade.ir
mrdindar.ir
n-asar-rr.co.ir
namalakp.tk
negarpardazesh.ir
nethostingtalk.ir
next-in.ir
nokhbeganqods.ir
pasarwood.com
performoffice.com
pranssmatic.ir
projectoverflow.ir
proprojectbot.ir
rahashopp.ir
saqarmarket.ir
say-parapak.ga
schoolmanagementsystem.ir
selinbeauty.site
sepehrkalatehran.ir
serverpix1.fun
serverprox.xyz
shakibservice.ir
shecharisma.com
shegma.ir
shiapajooh.ir
shiapajoohi.ir
shmh-edu.ir
shmh-majazi.ir
sport3news.ir
storeantik.ir
tamalakp.tk
telhostk.fun
telshap.ml
toysun.co
toysun.ir
web-burger.ir
webasa.ir
webcoldshop.site
webelmjoyanjavan.ir
webhw-shop.ir
webiust-educent.ir
webmrdindar.ir
webnamalakp.tk
webprojectoverflow.ir
webserverpix1.fun
webserverprox.xyz
webtelhostk.fun
weco.style
woody-handmaids.ir
yaparak.ml
zagrosco.org
zagrosgroup.co

# Reference: https://github.com/ti-research-io/ti/blob/main/ioc_extender/TF_SMSspy.json

adal1401.tk
adl-eran.cf
adl-eran.hgjgjg.tk
adliiran-sena.cf
adliiran-sena.ml
afrod-saina.hgjgjg.tk
afrod-saina.tk
dadgahieir.tk
dadghameli.com
dalateda.com
diltelr.ga
eblaagh-lr.ml
eblagb-adliran.ml.followern2.tk
edallateire.xyz
followern2.tk
halpopen-ir.tk
iran-eblagh-ir.cf.king-mester.tk
iran-eblagh-ir.cf.mester-sew.tk
kimo.vip
linkstrtaj.ga
mester-sew.tk
myadliran.com
ns1.p-server.top
ns1.server-shirazzi.ga
ns2.p-server.top
ns2.server-shirazzi.ga
ns7.p-server.top
ns8.p-server.top
p-server.top
pay-shaparrak.iranzamin.telegramrobot.xyz
rubikas-otp.ml
s1.kimo.vip
server-shirazzi.ga
tika.su
webbpm-saraparak.ml
webkimo.vip
websay-parapak.ga
webxwebapp.xyz
xwebapp.tika.su
xwebapp.xyz

# Reference: https://twitter.com/midnight_comms/status/1549450490743701504
# Reference: https://www.virustotal.com/gui/file/0578a3b8f36fb4cfd254f3db43179a0e7c3aa5c74b86a294159431a88fcf6d20/detection
# Reference: https://www.virustotal.com/gui/file/8774dfe8c18fc06d11c81ffedf55a3918e35ba1128f794374458a77c65a1dfb5/detection
# Reference: https://www.virustotal.com/gui/file/d3ded5770f6d5bea284c35916b6d2e8f5d1da5296824bb81bf1668e80fc77762/detection

delineme.xyz
sentry.phinix.dev
/Lurd_fish/Received.php

# Reference: https://www.virustotal.com/gui/file/e1a5d8c84214bf92f2975b754dbcaf6a22f99922ce9a2e2a5ed8f54ddba7b473/detection
# Reference: https://www.virustotal.com/gui/file/a3a12eb8471e9e7d0eac396c2159c388ef174efc9329dd826c087138d24362dd/detection
# Reference: https://www.virustotal.com/gui/file/9532fd91836bcde6fe4ddd83028f09cc3c18408739b55a47e99fa14e9f32e81f/detection
# Reference: https://www.virustotal.com/gui/file/52da8f74cbec475d162206784bdaff2ec58edda02974f70204019ac1aaaa42af/detection

abialghhi.com
abiiwiili.com
abiwilq.com
abiwliqih.com
edalaata.xyz

# Reference: https://www.virustotal.com/gui/ip-address/85.17.9.222/relations

adleld.xyz
ebblaghye.xyz
eddialatt.site
edialat.xyz
eldalatt.site
instagram-free-follower.xarmy.cf
mehrad.in
bammelli.eddialatt.site
bot.xarmy.cf
eldalatt.edialat.xyz
wallet.xarmy.cf

# Reference: https://www.virustotal.com/gui/ip-address/85.17.9.249/relations

abdiwiq.com
abdlaa.com
abialajh.com
abillagiihi.com
abimoi.com
abiwiigk.com
abiwk.com
abliwiqh.com
abweiqh.com
abwieib.com
adiqiw.com
adirlern.com
adlae.xyz
adleern.com
adlesena.com
adsamane.com
aedliiatdb.com
amanatei.com
amvalia.com
apliaaqh.com
asnade.com
auladgahe.com
balochsag.com
biwiqi.com
bmellibam.uno
bqiwia.com
cb24ir.click
cp-remote.site
crzdest.com
dadgahe.com
destoreme.com
dialaar.click
dolatemy.com
doloperc.com
dorosete.com
e98ir.online
eabqlai.com
ebiliwila.com
eblagyeh.xyz
ebsnea.com
ed-av.uno
ensanae.com
entrler.com
ep24ir.click
es24ir.click
euadal.com
hajirani.com
id24o.shop
inbaramh.com
io5e.shop
io5o.online
ir24oe.click
ir2e.site
ir98e.tech
isb42e.shop
majoliz.com
menmoei.com
merfanz.com
mersers.com
mserises.com
mtasliher.com
nemasin.com
nemishoe.com
nexelearn.online
o24sb.shop
reserche.com
samaneir.com
samenjan.com
seblaghia.com
seblapiq.com
semeena.com
semsedls.com
simanei.com
slameni.com
snebiwi.com
stefaze.com
tentensin.com
txiblagihq.com

# Reference: https://www.virustotal.com/gui/file/69b7cba636ef03dcdb5e2692e4cdaece0a65807496c1719ece10a079c4311621/detection

rayanertebatat.net

# Reference: https://www.virustotal.com/gui/file/6c9c34ae6ac575b3bc0668287de1a85b55b835f04dc4ff835f1164c22951ac0e/detection

rayanertebatshab.com

# Reference: https://www.virustotal.com/gui/ip-address/192.227.134.72/relations
# Reference: https://www.virustotal.com/gui/ip-address/198.144.189.66/relations
# Reference: https://www.virustotal.com/gui/ip-address/45.148.145.138/relations
# Reference: https://www.virustotal.com/gui/file/8b10d29548d66e9ff9d9241505e09b24425e38453991a41ea3836ca2c3223a06/detection

aaaawwww.ml
ad-lirean.tk
adelirn.com
adthcetggy.tk
aeblagherto.tk
akh-joonam.tk
aliraaaan-ir.tk
asdlin.tk
asltk.tk
auvdthcetggy.tk
azerakhah.cf
azerakhah.gq
bame-irani.ml
bank-ke.tk
bazpoorsi.tk
bazpors.cf
bazporsi.com
bazporsi.tk
bbarq-ir.ml
beheshti-mikham.cf
beheshti-rimoote.tk
betuuwcwjogey.tk
buvdthcetggy.tk
buvtsnmtk.ml
campus-kirai.tk
chiyt7uyryu.tk
cuvdthcetggy.tk
dadashambesmelah.ml
dargahpardakht.tk
darghah-joon.tk
darkioneshno.tk
dgjgr.tk
dollarnet-app.ml
dollarnet-app.tk
doset-daram-fata.tk
drgsz-x.ml
drsazihstdie.tk
dsfdfsdsdgd.tk
dyraghstm.tk
eabalaghiryt.tk
eabalahir.tk
eabalahiryt.tk
eabalghiryt.tk
eablgh.ml
eblag-ir.ml
eblagh-markaz.tk
eblaghie.ga
eblaqh-adliran.tk
edalat.builders
edalatum.ga
edalatum.gq
edalatum.ml
edalatum.tk
edaltiir.ml
edialna.tk
edinaa.online
energy100.xyz
energy101.ga
energy102.ga
energy144.tk
energy200.xyz
energy33.xyz
energy3838.tk
energy44.xyz
energy500.tk
energy54.tk
energy843.tk
engei-ir.ml
enonoesnodr.tk
enrgy322.tk
estart-ghadid.tk
eujdhdheiwhegdjfodohd.tk
f7t8t7iij.tk
fata-kon-mekhad.tk
fgjgql.tk
fiil-nakonta.tk
fiilter-nakonin.cf
fordarga-fill.tk
fuvdthcetggy.tk
fyuiiioogh.tk
gdue83bje.ml
ghcdroncsi.tk
ghoran-tv.ml
god-sahaqaeak-ir.tk
hajibesaz.tk
hamdam-yab-ir.gq
hamta-ir.ga
hdsgvkufnoye.ml
he772bje8h.ml
hoopsana.ml
iehraz-adliran.tk
iehraz-adm-ir.tk
ilove-mmad.ml
iran-net-ir.tk
iran-sighe-ir.ga
irmayienwk.tk
isr-shaparak-meilii.cf
isr-shaparak-meilii.gq
isr-shaparak-meilii.ml
isr-shaparak-meilii.tk
jfdkueschi.ml
jiramm-ftanoni.tk
jon-man-fill-nakon.ga
jooorj-konmedeh.tk
joorj-koni.tk
joorj.xyz
jsjsisisi.tk
jsjsususisk.tk
karkon-jonman.tk
kdisiifksjskkalakd.tk
keetab-dars.tk
khak-tosaret.cf
kharabam-fill-nakon.tk
khdajshsh.tk
kianoerniosn.tk
kiram-to-fata.tk
kiramto-fta.tk
kirramtohame-fta.tk
kisiremot.ga
kisiremot.gq
kisiremot.ml
kisiremot.tk
kjh75dd8dy875r.tk
kon-mokham.tk
konlagh-filnakon.tk
koonifta-zeus.cf
kos-mikham.cf
kospalak.tk
kospedarpari.gq
kuvtmnskt.ml
live-592.tk
live-hps.tk
live-live.cf
live-live.ga
live-ttg.tk
live-vedivoo.tk
live-veigami.tk
live-vile.ga
liveneokshin.tk
livesexxy.cf
livesexxy.ga
livesexxy.gq
livesexxy.tk
liveum.ga
liveum.ml
malayt-pardakht.cf
masih-arash.tk
mazenoec-ir.ml
maznonasli.tk
meansmsk-ir.tk
medive.ga
medive.tk
melato-mogam.tk
melli-bam-ir.ml
melli-bam-ir.tk
melonetoneshr.tk
mezonemezoem.tk
milat-ir-iran.tk
mli-inosen-ir.tk
mohsentstt.tk
molayikisihs.ml
molayimhaji.ml
mrx-rmt.ml
mrx666.xyz
msighe.ml
msksksjs.tk
muosic-kade.ml
mydargahsazgoogle.ml
myumlive.cf
myumlive.ga
myumlive.ml
myumlive.tk
nazanin-rimot.tk
nazanin-saham.tk
nazi-khoshgel.tk
nazi-ziba.tk
nenenmoseone.tk
net-meli.ml
net12gigmahmoharam-ir.tk
netfreeovin.cf
netintrnetins.tk
new-acc.cf
new-acc.ga
new-acc.ml
new-acc.tk
newdominok.tk
newpigre.tk
newserverm.tk
nncdtuuhf.tk
notificationi.tk
nrenomseomzs.tk
nuxksksiqt.ml
nvehsnovoo.ml
nwnwnwnwnnwwnnwnwnwnwnwnnwnwnwnwnnwnwwn.tk
otp-fam.tk
paygiri-online.ml
pedaletgholdam.ml
pedarsag-fillnakon.tk
phata.tk
pi-shaparak-meili.tk
pi-shaparak-meilii.tk
piejshsywws.ml
pigiridivar.tk
pigiridivari.tk
pishgiri-fata.cf
pishgiri-fata.tk
polldar.ml
pr-shaprk-meilii.ml
pr-shaprk-meilii.tk
pyiiiryhemmsl.ml
rat-ferdos.tk
ratiovinn.tk
ratovinn.cf
rdcggdsx.tk
remot-rat.tk
remoteclowns.ml
reyovinn.cf
rimot-anita.tk
rmmakergoogle.ml
sa-heamdariu.cf
sa-na.ml
sa-naa.ml
saa-na.ml
sahaamdar.tk
saham-dar-melii.tk
saham-daran-meli.tk
saham-darane.tk
saham-daraniran.tk
saham-edaalt.ml
saham-meli-iran.tk
sahamdar-iir.tk
sahamdaraan.tk
sahamdaran-ir.tk
sahamdaran-meli.ml
sahamr-daran.tk
salam-bereson.cf
salamat-tv.ga
samane-hamta-ir24.ga
sana-24ir.tk
sana-adilan-ir.tk
sana-adlirann-ir.tk
sana-ir-mliii.tk
sana-saman-ir.tk
sanairmobil.com
serverjoorj.tk
shapark.ml
shaparrak.cf
shaparrak.ga
shaparrak.tk
shapparak.ml
shaprak-ir.tk
shaprak-msjqiqwoq.cf
shaptak-shhawuiqiqiqq.cf
sighe-engh.ml
spcarnosnmcn.tk
sr-god-meilii.ml
sr-god-meilii.tk
ssighhemykt.ml
suvdthcetggy.tk
tahmasboiewn.tk
tbchi100.tk
tbchi50.tk
test-fordarghah.cf
test-mikonam.tk
tititititiititititiitititititiitititititit.tk
tof-to-fataa.tk
tof-to-konet.tk
toolboxx-saham.tk
tr-sulotions.ml
trsulotions.ml
trust-swup.ml
trust-walllet.ml
trustsulotions.ml
ufcutsxhiutdxg.ml
uiuiuiuiuuuiuiuuiuuiuiuiu.tk
umlive.gq
umlive.ml
vfwnvw2.tk
vkcbzgsyfu4u.tk
wdfdafdsadg.ml
webbazpors.cf
webbazporsi.tk
webeablgh.ml
webedinaa.online
webenergy100.xyz
webenergy101.ga
webenonoesnodr.tk
webiran-net-ir.tk
webisr-shaparak-meilii.ml
webkeetab-dars.tk
webnrenomseomzs.tk
webnvehsnovoo.ml
webpr-shaprk-meilii.ml
websa-naa.ml
webspcarnosnmcn.tk
webtof-to-fataa.tk
webtof-to-konet.tk
webtr-sulotions.ml
webyqyqyqyyqyqyqyqyqyqyqyyyqyqyyqy.tk
wuiwidudiei.tk
xar-fata.tk
xifzurxgkxf.ml
xznm-ason-ir.ml
yaallahyoum.tk
yaraneh-meli-iiran.tk
yaraneh-melii.tk
yaranneh-mahishati.tk
yarrane-meli.tk
yeudheueb.tk
yqyqyqyyqyqyqyqyqyqyqyyyqyqyyqy.tk
yr8u3virhhe.tk

# Reference: https://twitter.com/MalGamy12/status/1562967009381720064
# Reference: https://www.virustotal.com/gui/file/b18c21501da3eef12f8369ff3a73a3e9275594962ac76aa75e2da66c08d1343d/detection

rabetgozaran.tk
/6bX97UdW/rat.php

# Reference: https://www.virustotal.com/gui/ip-address/92.249.45.112/relations
# Reference: https://www.virustotal.com/gui/file/d86da41bbac1a8c9e04313f0db3c76ab661692e83c218b673e038cb75e42994e/detection

cosmiad.xyz
cosmidi.xyz
ebalat.sbs
eblaqie.sbs
jhone.link
lickers.tk
safedays.ml
/sep/rat.php

# Reference: https://www.virustotal.com/gui/file/ee130db290c431c15602855f2beeec768d73ae70b64a152bc51f3f0171be30ae/detection

evadlie.com

# Reference: https://www.virustotal.com/gui/file/de33e6dbd96021368e99cee200726599b1c2f8c1720b47bfc763942895837ce2/detection

ubebsni.page

# Reference: https://www.virustotal.com/gui/file/179b90a9566cadbaed5d9252513e0e67de40aa2d430b4658aa3629d53d5d161c/detection

jighju.com

# Reference: https://www.virustotal.com/gui/file/0411d0ab80171bf29a481608d60d4ad55f193b9bbb64c0520df2e4da941ed031/detection

glaknohjujm.ml

# Reference: https://www.virustotal.com/gui/collection/40a007fa13122d99dfce3bdb931611de37bb6b055fec6d6d2e3daac17618db65

185.235.43.67:8080
188.34.186.189:7073
adliran-sana1s.com
adliran-sps.cf
adliran-sps.ga
adliran-sps.gq
adliran-sps.ml
adliran-sps.tk
adliraniqw.cf
adlirantesla.gq
adlliranvw.tk
adlsana-ir.tk
adlsana.live
adrilnem.botvip.xyz
b4ir.sbs
bazpoorsi-markezi.tk
botvip.xyz
celebonparposha.ir
covax-ga.gq
d1.kimo.vip
dad-sarai.mom
dadsara19.baby
dansho.tk
direct.safone.tech
divar21665.xyz
eazy-samanehh.xyz
eblagh551.tk
eblaghie-sanas.cf
eblgh-sanae.tk
edalat-sana.mom
eddallatt.ml
edlat-hamrah.mom
edlat-sana.ml
edlat-sana.tk
er-dadsara.gq
ewblaqqieh.org
fexmantui.cf
glycloud.ml
glycloud.tk
insaz-samane.xyz
li-frin3ds-dlt.ml
li-link.herokuapp.com
lin2.link
maryket-in.tk
nazi-naz-nakon.tk
nervoushastam.xyz
nima-12.ml
omid-xbot.herokuapp.com
payamsocialimon.site
pep-saman-bmb.tk
pigi-ed.tk
pigre-edti.tk
py.tgdl.cf
qtourq.ir
re-service.ml
re-service.tk
saaiy19.mom
saberoi.gq
saham-darmelii.site
saham-darrmelii.ml
saham-edalatam.tk
saham-supoortto.ml
sahamdarisod.tk
sana-black.click
sana-blacka.tk
sana-digital.ml
sana-eblgh-gov.tk
sana-emeil.ml
sanablagh.mom
sanai151.mom
sanai19.baby
sanaiys1.mom
sanapaoamla.ml
sanavw.tk
shaprkk.tk
siejjejysyhss.ga
sms-dynamite.tk
te1files.ddns.net
tgdl.cf
the-end.ga
ueblghukm.gq
upir.ir
xfdl19.mom
xn--mgba8ac3gkj19e.ga
xn--mgby1cr00cvg.tk

# Reference: https://www.virustotal.com/gui/file/3cf954003a8aec7e0a08fb5926975cfb45a0bda948e75603fb570d6b89fc538a/detection

luiveusk.ml
xn--mgb2dlba59cthb.ga

# Reference: https://www.virustotal.com/gui/file/cfdbd0328c5e10eaba3a083e7bc6969d7891d1c4157042f33024e382bbbc0909/detection
# Reference: https://www.virustotal.com/gui/file/c2379cbc2ac2098f3435b3bb5ca8c03d86dcd30f1d1bf3311fe79b15443f3c2e/detection

jooki.tk
remotes.ga

# Reference: https://www.virustotal.com/gui/ip-address/23.95.191.199/relations

1401-06-26.ga
1401-06-ead.ga
ablisloove.h2h2h.tk
ablisloove.tk
adl----ir.ga
adl--ir--fta.tk
adl-ftak.ml
adl-ftak.tk
adl-iran-----fta.tk
adl-iran-qq.tk
adl-irans-ft.tk
adl-qq-fta.tk
adleiran.cf
adleiran.h2h2h.tk
adleiran.site
aredashkose.h2h2h.tk
aredashkose.tk
arekoobse.cf
arekoobse.h2h2h.tk
botclowns.h2h2h.tk
botclowns.tk
deletedshod.h2h2h.tk
deletedshod.tk
dl-app.h2h2h.tk
doostyabi-reza.h2h2h.tk
doostyabi-reza.tk
eblage.lol
eblaghye.lol
echadelivecom.tk
edalet.vip
ediran.vip
edlaghie.vip
edldjdag.mom
electronicsana.h2h2h.tk
goftamkezbe.h2h2h.tk
goftamkezbe.tk
gooyesh.h2h2h.tk
gooyesh.tk
h2h2h.tk
hatmandash.ga
hatmandash.h2h2h.tk
jooki.h2h2h.tk
kh-ale-reza.h2h2h.tk
kh-ale-reza.tk
koobs.cf
koobs.h2h2h.tk
kosnntddosbzani.ml
kosped.cf
kosped.h2h2h.tk
loove.h2h2h.tk
loove.ml
lovebazi.h2h2h.tk
lovebazi.tk
maka12peigiri.tk
makoahqqo8n.ml
moqir.tk
moshahede.guru
moshahede.lol
nadashkezb.h2h2h.tk
nadashkezb.tk
ns1.makoahqqo8n.ml
ns2.makoahqqo8n.ml
ooblagh-ir.h2h2h.tk
ooblagh-ir.tk
oqpqpqpqk.tk
pankiindirect.tk
pedarmmdok.tk
peygiri.uno
poiler.ml
porqer.h2h2h.tk
porqer.tk
protters.h2h2h.tk
protterse.cf
qnrim.h2h2h.tk
rayega.h2h2h.tk
rayegane.cf
remoteclowns.ml
remotes.h2h2h.tk
reza-kose.cf
reza-kose.h2h2h.tk
rmtm33.tk
s-ana.h2h2h.tk
samairan.vip
samanae.vip
samaneiran.co
sana-electronic.h2h2h.tk
sana.h2h2h.tk
sanna.h2h2h.tk
sieghlonthcstg.ml
sighlonthcstg.ml
sighlonthcsttg.ml
taeminejemaii.h2h2h.tk
taeminejemaii.tk
truaaatestwaaeoqlt.ml
trust-wallettool.ml
trustwallet-site.tk
wabit.cf
weqil.ga
widehjeejjeeewsdh.tk
wikot.ml
wikot.tk
wimeg.tk
wingo.cf
wipab.gq
wipoh.ml
wix-100.tk
wpiot.ml
yaaalaha.tk
yaalafwhof.tk

# Reference: https://www.virustotal.com/gui/ip-address/116.202.172.45/relations
# Reference: https://www.virustotal.com/gui/file/9c3e0fa862609d1ec431d12b66dcbfea76cbca7e36f9714eea810eadf7c564c5/detection

bot-remote.tk
dl-nimbaha.cf
eagle-sources.cf
farmande-live.tk
iranpanele.ir
mehran.server-mr.tk
mmd.server-mr.tk
nimmm2.server-mr.tk
nimmm3.server-mr.tk
nobitex-ir.tk
oghab.host
oghabhost.xyz
oghabhosting.ir
remote-ir.tk
reza-babaei.ir
s46.server-mr.cf
server-mr.cf
server-mr.tk
site-newultra.remote-ir.tk
site-newultra.tk
t13.server-mr.tk
t14.server-mr.tk
t15.server-mr.tk
t16.server-mr.tk
t17.server-mr.tk
t18.server-mr.tk
t19.server-mr.tk
t20.server-mr.tk
usk.oghabhosting.ir
web-live.click

# Reference: https://www.virustotal.com/gui/ip-address/85.10.193.11/relations

amir.gq
amirhossein.tk
apicrypto.cf
ar-team.ir
etrs1.ir
hamid.server-mr.tk
holo-ir.tk
iliyateam.ir
luiveusk.ga
luiveusk.gq
mmd-bilbo.ml
mory1.server-mr.tk
newstatemobile.ir
nimm.server-mr.cf
nimm2.server-mr.cf
nimm3.server-mr.cf
nimmm4.server-mr.tk
nimmm5.server-mr.tk
oghabhost.cf
parsaesfandyari.xyz
pishrorahliv.com
redexshop.ir
s1.server-mr.cf
s3.server-mr.cf
s4.server-mr.cf
s47.server-mr.cf
s48.server-mr.cf
s49.server-mr.cf
s50.server-mr.cf
s51.server-mr.cf
s52.server-mr.cf
s53.server-mr.cf
s54.server-mr.cf
s55.server-mr.cf
s56.server-mr.cf
s57.server-mr.cf
s58.server-mr.cf
s59.server-mr.cf
shoppack-ir.tk
support-shop.ml
t12.server-mr.tk
thesirsamir.com
tron.apicrypto.cf
ucstr.ir
ueblghukm.cf
ueblghukm.ga
ueblghukm.ml
ueblghukm.tk
xxlip.tk

# Reference: https://www.virustotal.com/gui/ip-address/85.17.9.160/relations

adalathamrah.tk
adilran.online
adleeiran.uno
adleiran.ml
adleiran.ml.dadghameli.com
adllalr.lol
adllalr.online
adlllran.online
bmb-plovaek.adalathamrah.tk
bmb-plovaek.tk
bmb-plovaek.tk.adalathamrah.tk
dadesra.com
dadesra.dadghameli.com
dadsralr.online
dadsrea.dadghameli.com
dadsrea.wiki
divarchat.com
ebieaqie.com
ebleaaqie.org
ebliaow.uk
ebliaqh.com
ebwiaqie.com
edlirran.uno
ewlaqhie.org
goleroz.dadghameli.com
goleroz.ga
hamta-ntsw.uno
hamtareg.online
l0l.site
qazaey.dadghameli.com
qazaey.wiki
r-rabit.adalathamrah.tk
r-rabit.cf
r-rabit.cf.adalathamrah.tk
residegi.org
samairani.dadghameli.com
samairani.ml
sanalran.site
sanwgov.uk
secovai.dadghameli.com
secovai.xyz
shakavya.org
shparak-ir.tk
sighehw.cf
webadlllran.online
webdadsralr.online
webl0l.site
whm.l0l.site
yarane-meli.dadghameli.com
yarane-meli.ml

# Reference: https://www.virustotal.com/gui/ip-address/46.23.109.32/relations
# Reference: https://www.virustotal.com/gui/file/1b4fd1821fc6196980e8d6cd67735d296eea26fd20f97d88cea57743c7868a83/detection

airanian.tk
aonmeo.tk
domaiininapp.tk
e-mxz.tk
eoernm.tk
iri-domainmote.tk
iri-samniya.tk
irmsx.tk
kunenanaehy-mashiirani.tk
lavat.fun
msertc.tk
s-nin.tk
sendmeinfo.tk
soelxs.tk
weopma.tk
wfhiahwfihwal.tk
ns1.kunenanaehy-mashiirani.tk
ns2.kunenanaehy-mashiirani.tk

# Reference: https://www.virustotal.com/gui/file/93858ba9c9fb6e5ff3b74bfaf8b950143723fae22f6eef56359b9d5368a0e983/detection

clickbot.site
topapi.xyz

# Reference: https://www.virustotal.com/gui/file/7220b1bbbef245ae8500b3b18bdaa12f68ecb600403cfd8008cce4905efb784d/detection

bastebandi.xyz

# Reference: https://www.virustotal.com/gui/file/46a8660671b8b28f218e90470c11b8dbfc59af478a1ffc9ea7dbc4b90299596d/detection

ebiag-sana.ml

# Reference: https://www.virustotal.com/gui/file/87a74ffbfac95b76731f5e48c5bb62b764aa01a8f221eb4ed2bf1e86f8034b0e/detection

eblg-ir.ga

# Reference: https://unit42.paloaltonetworks.com/malicious-newly-observed-domains/
# Reference: https://www.virustotal.com/gui/file/e9ad04ae0201307e061cdae350c392a6b4537876991b2c97857ea71086fa0496/detection

payment-downlaods.ga

# Reference: https://www.virustotal.com/gui/ip-address/202.87.31.194/relations
# Reference: https://www.virustotal.com/gui/file/2cc55abb99b91f85b6cf67ccdb8a83335e5c9d2a3d8f391b6e11b5e9d8c0accf/detection

shapareak-ir.tk
shaparuk-ir.tk

# Reference: https://twitter.com/malwrhunterteam/status/1584986780943912960
# Reference: https://twitter.com/MalGamy12/status/1585000133602988032
# Reference: https://www.virustotal.com/gui/file/b375e54d6ff5a18d2b90d19be594cedfe1b5393984c1aefa04e4601ba7136820/detection

alidizbayadbiad.tk
/Eblagh/PingDevice.php

# Reference: https://twitter.com/malwrhunterteam/status/1586324265573683203
# Reference: https://www.virustotal.com/gui/file/61efcce633c395d575bae1f4a2ae8b292a71500c171a4e1d1e8ea279155a27d1/detection

irdvsves.cf

# Reference: https://twitter.com/malwrhunterteam/status/1433520441029693443
# Reference: https://twitter.com/bl4ckh0l3z/status/1433539975119704068
# Reference: https://www.virustotal.com/gui/file/403b31100dfe13f9dbf5d45c87710ade1dd6138902c449844ff4ea3f50815840/detection

irvacsine.com
kos-nnt.shop

# Reference: https://www.virustotal.com/gui/ip-address/23.95.197.195/relations
# Reference: https://www.virustotal.com/gui/file/c58760e8c0e5e25c89ae8098d3593a4d4f3e4dfe2de1b7a321aa2757608c3fc7/detection

abl-iren.xyz
abl-peygiry.cf
abllagh-sna.ml
ad-erln.xyz
ad-iran.xyz
ad-jran.xyz
ad-liran.xyz
adel-iren.gq
adeli-iran.ml
adeli-iran.tk
adi-lran.xyz
adi-ran.xyz
adiel-irane.ml
adil-iran.online
adil-irane.click
adil-irane.ml
adiran-meli.ml
adl-e.xyz
adl-i.xyz
adl-iran-ir.xyz
adl-iran-peygiri.ga
adl-iren.tk
adl-mel.xyz
adle-ir.ml
adle-ir.tk
adliran-eblaghe.ml
adliran-service.cf
adliran-service.ml
adliran-service.tk
adliran-sna.ga
adliran-sna.gq
adlirane.site
adliranin.cf
adliranin.tk
adlirnin.tk
adllran-ir.gq
ald-iiran.xyz
aldiram.click
bank-iran.ml
blaighir.ga
divar-e.xyz
divar-hl.xyz
divar-melli.xyz
divar-shp.xyz
dlvar-shop.xyz
e-adi.xyz
e-adl.xyz
eadl-ew.tk
eadl-qw.tk
eadl-we.tk
eadl-wq.tk
ebelagh-iran.tk
ebiligeh-ir.ml
eblagah.ml
eblageh.ml
eblagh-a.ml
eblagh-al.ml
eblagh-ald.ml
eblagh-b.ml
eblagh-e.ml
eblagh-gh-adliran.tk
eblagh-hj.ga
eblagh-hj.ml
eblagh-irn.ml
eblagh-jh.cf
eblagh-kl.cf
eblagh-kl.tk
eblagh-l.ml
eblagh-nm.tk
eblagh-pay.ml
eblagh-pi.ml
eblagh-q.ml
eblagh-r.ml
eblagh-sed.ml
eblagh-sl.ml
eblagh-sld.ml
eblagh-vv.tk
eblaghe-bn.ga
eblaghe-bn.tk
eblaghe.site
eblaghsna-ir.tk
eblaq-web-ir.cf
eblegh-adel.ml
eblegh-ir.tk
ebleghe-iren.gq
ebleghe-iren.ml
eblghi.ml
eblghie-ir.tk
eblghie.tk
eblghir.tk
ebllagh-iran.tk
ebllagh-paygiri.cf
ebllagh-san.ga
ebllagh-san.ml
ebllagh-sane.tk
ebllaghsna-ir.cf
ebllaghsna-ir.gq
ebllegh-iran.ml
edaiat.xyz
edalat-lr.tk
edalathamrah.cam
edalatt.xyz
edalet-iran.ml
edalet-iren.ml
edallat.xyz
edilran.xyz
edl-iiiran.ml
edl-iiran.xyz
edl-iren.ml
edlagh.ml
eedl.xyz
eriblagh-sna.ml
estelam-adl.tk
garaem.gq
garaem.ml
garaem.tk
ham-ta.xyz
i-adl-iran.xyz
ir-eblaghi.ml
ir-eblaghi.tk
ir-edel.xyz
ir-iblagh.ml
ir-iranian-sena.ml
ir-irenian-sena.ml
ir-ironian-sena.ml
ir-peygri-edalet.cf
ir-sena-saite.cf
iran-ebelagh.tk
iran-eblgh.ml
iran-edalet.ml
iran-peygiri.ml
iran-peygiri.tk
iranian-sena-ir.tk
iranian-sena.ml
iren-edalet.ml
irenan-sena.ga
irenan-sena.ml
irenian-sena-ir.tk
irenian-sena.tk
ironian-sena-ir.tk
jaraem.cf
jaraem.ga
jaraem.gq
jaraem.tk
jarayem-iran.ga
lr-adl.xyz
moshahede-adl.cf
moshahede-adl.ga
moshahede-adl.gq
moshahede-adl.ml
moshahede-adl.tk
my-sahm.xyz
neew-sha.tk
new-mal.xyz
peigiri-ir.cf
person-adl.tk
peygiri-samane.tk
peygiri.click
portai-adilsna.ml
portai-adisna.ml
portai-adlisna.ml
portai-esna.ml
portai.cf
pygiiri-ebilagh.ml
pygiri-ebilagh.ml
pygiri-ebilagh.tk
rat-p.xyz
rat-pannel.xyz
residegi.ga
residegi.ml
residegi.tk
samane.gq
san-neew.gq
sarvic-iran.cf
sarvic-iran.ga
sarvic-iran.tk
search-peygiri.tk
senav.tk
servic-iran.tk
service-adliran.tk
service-ir.ml
service-iran.tk
service-peygiri-ir.gq
service-pishgiri.ga
sgd-irn.tk
shekayat-ir.tk
site-iran.ml
site-iranj.tk
t-adl.xyz
take-1222.ml
testdom-59.tk
web-samane.ml
xkaneki.tk
zho-irn.tk

# Reference: https://www.virustotal.com/gui/file/1d05d0933f2746bad101408f68a23914ddb793a0967c919d6b376c5961dae743/detection

samanlg.gq

# Reference: https://www.virustotal.com/gui/file/f7dab7f7f143b7a0526585efe1b6d9fe334e68552b9c34955f4651277bed6a8e/detection

armanrkcc.cf

# Reference: https://www.virustotal.com/gui/file/e9f0397598553c830336b17a542da947d381821ca9dac890091c36d817fa1805/detection

sleepsam.ml

# Reference: https://www.virustotal.com/gui/file/d6aa5e3a861520307cfa4a685385443bc83582b8f9e7dbe5a9eb1e870a50fe2f/detection

shukmio.cf
shukmiu.tk

# Reference: https://www.virustotal.com/gui/file/a2e31ee2568b70c30b44fe571ab48e798a5b4b15d8dcda5716b8d43d430de566/detection

alphakey.ml

# Reference: https://www.virustotal.com/gui/file/49418747576fb25eebab11691b2943235faeee3b51712cf3ef389222c6ad2a09/detection

alphario.cf

# Reference: https://www.virustotal.com/gui/file/38baca4ed0054e45c9de5802568631524c46dde833819130364692cbdf176ef4/detection

cloudbaat.gq

# Reference: https://www.virustotal.com/gui/file/fca034bd237e648bee460f02bf17e6a153ee0b274785c586f7e866e9efef9ae3/detection

sjudady.cf

# Reference: https://www.virustotal.com/gui/file/f4a92794655f1737a9560790d50d8dbfd3e1d4cbb71b317f1ab0841988d81044/detection

armanrkk.ga

# Reference: https://www.virustotal.com/gui/file/e6fbd713b618539217d4566466dc61c168acef20d53779986e9a4360e7c8cb4f/detection

eblaghe-adel.gq

# Reference: https://www.virustotal.com/gui/file/b861ab63e1f7248bbd16945d831347e4ff729316a68c4e87c8dcb9863e5f2134/detection

sleepsam.tk

# Reference: https://www.virustotal.com/gui/file/9da5468adf1638faab6ff7eb133424bdffc42b194c1b77e1d89fb156a0027caa/detection

iranplns.ml

# Reference: https://www.virustotal.com/gui/file/3a06cbfa38d49eea165efe0267e42bb3b347e9436fef88aa1cf9b9cc03c30097/detection

ah-shaperak.ga

# Reference: https://www.virustotal.com/gui/file/f24e7ed9e220a3c400ee6ad238f46e0ae623202d70c9d83802daee582c170fe7/detection

sleepbam.gq

# Reference: https://www.virustotal.com/gui/file/c97b2dcdca20afdbebc7e2217f04cd067c348846d02d037a85f0b76531adbf10/detection

185.8.175.85:8080
sleepbam.tk

# Reference: https://www.virustotal.com/gui/file/ef94e39aacfb050a3972d682f97a7a809a677256c27183337717e039724975c2/detection

pickotyy.gq

# Reference: https://www.virustotal.com/gui/file/ec55da463e34c54216173d074752476434692f329491e645f3fa2374aff1eab2/detection

snowiby.ml

# Reference: https://www.virustotal.com/gui/file/dae08b9c6b930ae8620b295c6f0ab99556f056b420d61350bc5752d8d5682d2f/detection

snowiby.tk

# Reference: https://www.virustotal.com/gui/file/d6b65c1533b2ce79d5f610d29155e6d96cebc56bab8ce5c8d85cb6c6cc18cab2/detection

apptramu.gq

# Reference: https://www.virustotal.com/gui/file/5b85fd4cb35a6ed16c8e24e5b65a5ece7e47c71f892cba3eed6b83f5e5328bff/detection

apptramu.ml

# Reference: https://www.virustotal.com/gui/file/d0991aa9d5a453cff8543c619fb11d50ef202924e1aa4424cc989d78fc3dc27b/detection

farmspn.tk

# Reference: https://www.virustotal.com/gui/file/c93d28c7a9320cf67ecb6ef298a9b683a146ae60453c2b67e32f6f2827029800/detection

iranplns.tk

# Reference: https://www.virustotal.com/gui/file/7d684046c8ce3c9769cb35395997b45e9fb3937f3b2067705b1b5373b5844817/detection

shatelmit.ml

# Reference: https://www.virustotal.com/gui/file/273f11d849cf87c30573a1d2f1135db50813d1ea0a405568866bd293b5a9db50/detection

armanrkk.gq

# Reference: https://www.virustotal.com/gui/file/a9bbba0ef64dfe5bc7edb1897fe40035e4fb9e35d6e25033ab32754fa40883a1/detection

eeblaghi-sanaa.ml

# Reference: https://www.virustotal.com/gui/file/f81e03ff585682c7e2df72473c52402e778a8821e80051ac428a28a0014c8528/detection
# Reference: https://www.virustotal.com/gui/file/e854beee6613ff387873e19f2ff09d92f2c05c65bf058db94cd12d2e543998d6/detection

129.227.17.167:8080
smallket.tk

# Reference: https://www.virustotal.com/gui/file/ed1ab8f06f6d42152a8f3da8f8c30933109201ef5e879693286cf543276b98d4/detection

armanrkc.ml

# Reference: https://www.virustotal.com/gui/file/ded3547b55b74be3c536819faf3aaa8e9b678b7d4b8d2385d1c1258d12c234a5/detection
# Reference: https://www.virustotal.com/gui/file/4529c3dec627a33c7a6532968566be60be542ec934ab255d7fc4f7f0a39da956/detection

moneykal.tk
moneyqal.cf

# Reference: https://www.virustotal.com/gui/file/db055f185a8b36d6e4d46585106c399996fc3f5cea6278de5095aedde72c60e0/detection

irantafk.ml

# Reference: https://www.virustotal.com/gui/file/cddb680d90655384f1d30b026b8c5e3f8527b52caaf9b80a8229d462b9e5b587/detection

snowaby.cf

# Reference: https://www.virustotal.com/gui/file/a3a66e5b61a4cb27db81774fe667363577375c97693c3e60c9e4f04bcdd3c2ef/detection

farmsun.ga

# Reference: https://www.virustotal.com/gui/file/9b020d58e01e1c6f317111d41fe635607c5d6c37542d70f391a64e5d8aa7af43/detection

easybals.ml

# Reference: https://www.virustotal.com/gui/file/4e4557fac61ddddf11eb80e04338c7f6e105828cb1283d4b9b2d50e99da4f970/detection

starpar-ir.ga

# Reference: https://www.virustotal.com/gui/file/44ff05c16fc051e96436bdc99d10cc906b88af5be047d5a32ae575969ce57d09/detection

sana-apk-ir.ga
sanaa-apkk.ml

# Reference: https://www.virustotal.com/gui/file/fed1931bb7289d205294c7045431a48a33e3de10e5d55a68fa226ce0e91e0eaa/detection

apptramu.ga

# Reference: https://www.virustotal.com/gui/file/f64942a0c1cfc127d5922ef0f06a78815125089a2bbcccd3d3977b5a4efe626b/detection

armanrkc.gq

# Reference: https://www.virustotal.com/gui/file/d874f761e2ed5b7fdf688d76e557b0511f06e0d75d450ccd0a38a4d669354a32/detection

farmspn.cf

# Reference: https://www.virustotal.com/gui/file/a73e268b46689787ce9dfe82b6323ffa26639a8c4e9608d1d5c02550441ac882/detection

samanld.tk

# Reference: https://www.virustotal.com/gui/file/9bfcc9813e7d37f620e677311dd76f7eaeb202c0e5fe672c2beb8c2b655fc962/detection

sjudaby.gq

# Reference: https://www.virustotal.com/gui/file/9b380909e2433b5a9fc23af9a616d5dea77483ca63ba3e7401028ed33dc56e85/detection

alihasanigift.ml

# Reference: https://www.virustotal.com/gui/file/86a7e168a5145a543535495266ba6c9825c37d4440b193f141f817d84d649027/detection

cloudbaat.tk

# Reference: https://www.virustotal.com/gui/file/708bd535ec87f0b373a368f9a45ba33c1284827cd6f75a7b2e3b3e65cea4cb7f/detection

ah-shaperak.ml

# Reference: https://www.virustotal.com/gui/file/6faa7dae21ea82f914b6cdbe184d330234f8edb91ef7167c38831f357c8013a6/detection

starpar-ir.cf

# Reference: https://www.virustotal.com/gui/file/3f9603d6bd9ea00531a10459ceba30419b3ba466a3a54defbb986a14c4b41356/detection

iranplns.gq

# Reference: https://www.virustotal.com/gui/file/04d32fae674eb19c7459803315fc0297a273b66e2c42e793fe0b6d0f4e278c2f/detection

shaplaku.ml

# Reference: https://www.virustotal.com/gui/file/4224e628c6c32d3c461d94db777e6091da08311ae027661917fe9c3b7e1fd837/detection

shplak-bmb.ml

# Reference: https://www.virustotal.com/gui/file/142b6e2fb251671d83da8e46dcb2df69650ed67f8710bdac68154f6dcbe2b283/detection

awdlir.ml

# Reference: https://www.virustotal.com/gui/file/ceeae3c3f43ede988e67748cf72a0fdd8c3fe2721ea36bf913b3168104f395e3/detection

ag-shaperak.ga

# Reference: https://www.virustotal.com/gui/file/883b04bd68f67e0786ddcb3bf13e59bd15fbc5acc358f1bdca12c30e483dea59/detection

sjudaby.tk

# Reference: https://www.virustotal.com/gui/file/ebbf85d90e01dae85573ba2f192e8fd8ea80f68e0ad15761457f7e874c58d1e2/detection

sana-irna.cf

# Reference: https://www.virustotal.com/gui/file/8922eb7ff8b93eae4dac86ca03bbe26e16969c1238291ddcd89e2d5c3410e60f/detection

eblaghe-my.tk

# Reference: https://www.virustotal.com/gui/file/6b799c36d091efc528e22eea0a17b6b4099dd7c453e6ff1026231618b0209d43/detection

ah-shaperak.gq

# Reference: https://www.virustotal.com/gui/file/5543d9f15260d9c6fc7c83ea8c4bb6da8e8a8c6fc6ed8168642e5f512d1fd8c9/detection

aa-shaperak.tk

# Reference: https://n0psn0ps.github.io/2023/01/27/android-malware-analysis-series-edalat-apk-part-2.1/
# Reference: https://n0psn0ps.github.io/2023/02/06/android-malware-analysis-series-edalat-apk-part-2.2/
# Reference: https://www.virustotal.com/gui/ip-address/107.175.150.74/relations
# Reference: https://www.virustotal.com/gui/file/355cd2b71db971dfb0fac1fc391eb4079e2b090025ca2cdc83d4a22a0ed8f082/detection

ad3-irran.ch
ad31-1ran.tk
adel-irn.tk
adi-eran.pl
adl-iron.pl
adl-ironii.tk
adl3-iiron.tk
adl3-iron.ml
adl3-iron.tk
adliran.blog
adlirani.uk
adliranii.net
adll-1rran.tk
adll-iran.digital
adll3-iron.ml
adll3-iron.tk
adllirran.ml
adllirran.ml.divar-ir.site
adllirran.tk
adllirran.tk.divar-ir.site
ado-iren.tk
aidl-iran.gq
amiroak.tk
amirsalib.tk
aqd-iran.pl
azdd-iran.tk
bp-saawbrak.tk
chrgesnapir.tk
dadsera.press
diltelr.tk
divar-ir.cf
divar-ir.cf.divar-ir.site
divar-ir.ga
divar-ir.gq
divar-ir.gq.divar-ir.site
divar-ir.site
eblagh--adliran.tk
eblagh--ir.tk
eblaghaiav.ga
eblaghie--ir.tk
eblaqie.org
eblateyshs.cf
eblateyshs.ga
eblateyshs.gq
eblateyshs.tk
ed3lrann.tk
edalat-eblaghye.site
eiranei.uk
emchanded.ga
gay-yabi-mehhrad.ga
gey-yabiira.ml
hosstt-amir.tk
ir-sanaa-blagh.gq
iran-saabtt.tk
iran-sabtt.tk
msq-shaprak.tk
paeygri-shekayat-lr.tk
pebalobe.site
pesasan.site
peygiri--shekayaat.ml
pi-adl-irn.tk
pqy-mell.site
qay-mell.site
remooooot.tk
rimott-hamed.ml
rimott-turrk.tk
sahasamanwu.ml
sahasamanwu.tk
sana-eblaghye.site
sanaeblafye.cf
sanaeblafye.ml
sanwheduq.ga
sanwheduq.ml
sanwheduq.tk
shekayaat--ir.tk
toran-com.tk

# Reference: https://www.virustotal.com/gui/file/e819d4c6e310f5132d5f359e88e255777476e2418ff39d18961a0d5bf43f1daa/detection

saham-edalar.tk

# Reference: https://www.virustotal.com/gui/file/d115c7c94429b16caafdaaa67b32d6feee75591fa381a964a11658d2d68750a1/detection

irn-eblwgh.tech

# Reference: https://www.virustotal.com/gui/file/0de1ba8ada0611073e8ce931cfaaffed46d191d072b53751fff955506555edfd/detection

telegramrobot.xyz
remah.telegramrobot.xyz

# Reference: https://www.virustotal.com/gui/file/02703c4a48d21060c7dd63860d07da9bf9b2ea7f55c0b3585ea61d8eec8105bb/detection

remote-phorot.ml
sub.remote-phorot.ml

# Reference: https://www.virustotal.com/gui/file/42850ddce57e40c759a0b9b29f717ec8f9456bd5ade701921cbee6beee6e9cd5/detection

fjzgsgsbusnak.tk

# Reference: https://www.virustotal.com/gui/file/dac3e8ebe8a08dddb724047f49df1e90efaea105d3b49d6f4f59af9ab0c35143/detection

ayseadee.telegramrobot.xyz

# Reference: https://www.virustotal.com/gui/ip-address/172.93.195.27/relations

amir.phorot.ml
amlak-ir.ga
amlak-ir.herodot.phorot.ml
hassan.phorot.ml
edaro.ml
hassan.phorot.ml
herodot.phorot.ml
edaro.ml
hassan.phorot.ml
herodot.phorot.ml
eblaghye-edliran-foir.amir.phorot.ml
eblaghye-edliran-foir.gq
edaro.edliran.ml
edaro.ml
edliran.ml
god.phorot.ml
hamtair-gov.amir.phorot.ml
hamtair-gov.gq
hassan.phorot.ml
herodot.phorot.ml
hoji.network
iranicard.ml
iranicard.nepton.phorot.ml
iranincard.god.phorot.ml
iranincard.ml
iranipep.ml
iranipep.nepton.phorot.ml
kospedarstrong.amir.phorot.ml
kospedarstrong.gq
licher-pedart-ir.amir.phorot.ml
licher-pedart-ir.gq
hassan.phorot.ml
nepton.phorot.ml
phorot.ml
remote-phorot.ml
remote.phorot.ml
sana2.cf
sanaiser.com
server.phorot.ml
hassan.phorot.ml
herodot.phorot.ml
webhassan.phorot.ml
webherodot.phorot.ml

# Reference: https://www.virustotal.com/gui/ip-address/91.198.77.154/relations

abolfaxlx.ir
aisignal.top
alirezamsf.top
amir2bot.xyz
amirhast.ir
amirword.ir
api-bot.ir
appsaz.site
arashwo.ir
awsometrade.ir
bazarpor.ir
bh-ts.ir
cinemaseven7.ir
cmplbot.ir
darga-saz41.gq
diamondtrade.site
digilance.ir
domainarea.ir
dsbot21.ir
eawall.ir
estsna.com
farsinserver.site
fjzgsgsbusnak.ga
godrat-dsaz5.tk
hamimteam.ir
iiit.ga
kasraf.ir
ketomeal.ir
khodam.org
kianselfbot.ir
king-ali.tk
madeline-bot.xyz
mehdiorg.xyz
membergram.info
memberhashtag.com
metialfa.ir
meysam-javanepoya.ir
mgweb.ir
mirir.ml
mitozist.ir
mmdorg.ml
mraventer.cf
mtlbacn.xyz
mytelbots.ir
neoticket.top
next-mhdpanel.ir
onenumberz.ir
opneowe.tk
osun-botik.ir
panelmedia.ir
paneltf.ir
paneltf2.ir
pouyazamani.ir
r3m.ir
remtxswap.info
ryoshop.ir
saboors.com
seniormahdy.tk
seriyaldoon.ir
signalazad.ir
sirmahdi.tk
sizdahorg.ir
tabchibottab.ir
tonfarmj.ir
tradeermaster.com
trirl.ml
ttrezak.tk
ul2.ir
variabot.ir
viradoor.ir
whatsstore.ir
whatsstore.online
zeus123.ir

# Reference: https://twitter.com/malwrhunterteam/status/1649895759825842176
# Reference: https://www.virustotal.com/gui/ip-address/45.83.22.82/relations
# Reference: https://www.virustotal.com/gui/file/c15cf5c7c58b0976cf7cd0e0f33495c596f02740331757b95f0ade6e2464fca6/detection
# Reference: https://www.virustotal.com/gui/file/c9e84d82d3d9789b0f212a0539bd6c145a8f39f667bfea4ae7fdc8ce73a634bb/detection
# Reference: https://www.virustotal.com/gui/file/b1a099b09877c2d7d87c06c1b8373624a49229c67c7790b9fa129970387e6833/detection
# Reference: https://www.virustotal.com/gui/file/98f5fa8a5e143e3825088f807292f12d9738d17bc2b5c39309e7d33c74aa28d8/detection
# Reference: https://www.virustotal.com/gui/file/8a07cb4b28e9ad8dc626bab357e17971f816ead4c5ee16731fc9fbe8f95cb0ed/detection
# Reference: https://www.virustotal.com/gui/file/5d686451209e165a55915ee61b3dee9775734ba9b1d92acf5c2129513932908d/detection

god-bot.xyz
edalatasham.online
moijawz.press
saham-iran.online
sagam.ddns.net
saham-edaallso.ddns.net
saham-edallet.ddns.net
saham-iran.ddns.net
sejam-1402.ddns.net
sahemn.uno
shmif.website

# Reference: https://www.virustotal.com/gui/file/137e9a2d5f3395a8f84a1e453bce93a38cbc42f4e13d0e096cd3714a7cb24b19/detection

nat-yuxixuy.ga

# Reference: https://www.virustotal.com/gui/ip-address/91.121.35.226/relations

aidltshm.uno
alidilt.cloud
asandeil.press
ascahm.host
asieldil.host
asnadlr.host
asnahid.uno
asnaid.host
bewchm.uno
cheshm.cloud
ciohman.uno
ciosbtn.uno
daftarha.host
edisbtni.uno
edlsabt.fun
edlsabt.site
edlsabt.tech
formhai.fun
hioperl.website
hjceng.online
iasnadh.uno
ihamen.host
insanad.host
iophesm.host
irsaham.host
iusharm.host
maghism.uno
meojawz.host
miogaviz.cloud
miojawz.host
miojwez.info
miojwz.press
miojwze.host
miowjz.host
mjaveiz.cloud
mjawz.host
mjawzi.fun
mogivz.host
moijahez.host
moijawz.press
mojawez.digital
mojawiz.host
mojawzi.uno
mojevzn.host
mojrviz.host
mojwvz.digital
mosihm.info
mougiwz.host
movweiz.host
mugiwez.host
mujvzan.host
nomesbt.host
odhesam.shop
odiosen.press
orginali.host
parwande.host
sabtshm.host
sabtshm.uno
sbtkhan.press
sbtweilt.host
sdadhm.host
sedatln.press
seroihn.uno
siebtshm.uno
sihamiha.host
siubtnm.website
snailatn.press
sybcam.online
wedicam.press

# Reference: https://www.virustotal.com/gui/ip-address/144.217.191.38/relations
# Reference: https://www.virustotal.com/gui/ip-address/87.98.136.237/relations

aidltshm.uno
alidilt.cloud
asandeil.press
ascahm.host
asieldil.host
asnadlr.host
asnahid.uno
asnaid.host
bewchm.uno
cenhn.website
cheshm.cloud
chiham.cloud
cianhem.host
cihyan.uno
ciohman.uno
ciosbtn.uno
ciuham.uno
cnsehl.uno
daftarha.host
disoham.cloud
dosyithm.online
edhiolt.uno
edisbtni.uno
edlsabt.fun
edlsabt.site
edlsabt.tech
edseahin.uno
eheilet.uno
ertiham.uno
esdihem.uno
ethilot.press
formhai.fun
hidealt.press
hidelatn.press
hioperl.website
hjceng.online
hjeham.online
iasnadh.uno
ihamen.host
insanad.host
iophesm.host
irsaham.host
iusharm.host
maghism.uno
meojawz.host
mi1seni.press
miogaviz.cloud
miojawz.host
miojwez.info
miojwz.press
miojwze.host
miowjz.host
mjaveiz.cloud
mjawz.host
mjawzi.fun
mogivz.host
moijahez.host
moijawz.press
mojawez.digital
mojawiz.host
mojawzi.uno
mojevzn.host
mojrviz.host
mojwvz.digital
mosihm.info
mougiwz.host
movweiz.host
mugiwez.host
mujvzan.host
newham.press
nijham.uno
nomesbt.host
odhesam.shop
odiosen.press
orginali.host
paigorn.press
parwande.host
peaigeir.uno
piager.press
piyager.uno
sabtshm.host
sabtshm.uno
sahemn.uno
samen.uno
sbtkhan.press
sbtweilt.host
sdadhm.host
sedatln.press
serdihm.website
seroihn.uno
siebtshm.uno
sihamiha.host
siubtnm.website
snailatn.press
sybcam.online
tiovdelt.uno
toycem.website
wbihdm.shop
wcfhemi.online
wcihen.uno
wecahm.cloud
wedicam.press
wsalnm.press
wsciwm.press
yonciahm.shop
yshmi.uno

# Reference: https://www.virustotal.com/gui/ip-address/5.255.113.62/relations
# Reference: https://www.virustotal.com/gui/file/f5d880c58e5ebeca50611b2ce6f109b19bf375817f3eae8ce3521e246780be2b/detection
# Reference: https://www.virustotal.com/gui/file/7eb4681f836bb481109604d49b0d1712274add1232c2bfc615e4ba6087d8f585/detection
# Reference: https://www.virustotal.com/gui/file/9dcb782f2d8222f6e6c27b21232f920c14db47427f976495ea2eed8b00b2b7f3/detection
# Reference: https://www.virustotal.com/gui/file/2efc726d036808dbded5b2c10f1096fb4f8d54b1cb9524fd21286f42e865b030/detection

5.255.113.62:1212
5.255.113.62:5000
5.255.113.62:5005
shmi.site
shml.site

# Reference: https://twitter.com/malwrhunterteam/status/1683849631359287297
# Reference: https://www.virustotal.com/gui/ip-address/178.162.171.242/relations
# Reference: https://www.virustotal.com/gui/ip-address/85.17.9.107/relations
# Reference: https://www.virustotal.com/gui/file/6d164da714d1faf234e7e98d016d77ba3764225ea93380062a5c0b3c5110f742/detection

biitmart.live
mobile-bank-melli.net
mobile-bank-melli.org
mobile-mellaate.art
mobile-mellaate.cam
mobile-mellaate.click
mobile-mellaate.tech
my-saderaat.net
my-saderaate.org
sadderaate-shams.net
saderaate-online.live
saderaate.online
tuveturk-web.live
tuveturk-web.pro
web-nobitex-ir.org
impixo.site
inthenameofnull.site
app.inthenameofnull.site
navid.inthenameofnull.site
remote.impixo.site
remote.inthenameofnull.site

# Reference: https://www.virustotal.com/gui/domain/edalat.press/relations
# Reference: https://www.virustotal.com/gui/file/dbf9ab052e342522ca11a6932f16924f9d4b5b232c312a3bbae2faeba87b97d1/detection

edalat.press
saham.edalat.press
samane.edalat.press

# Reference: https://www.virustotal.com/gui/ip-address/89.117.139.99/relations
# Reference: https://www.virustotal.com/gui/file/e52357af641d732490743bc0eefc8c876c88c05298dfc48fd7d49b551ceedecf/detection
# Reference: https://www.virustotal.com/gui/file/9978a535ca8a16cac64c67edfc1698bd2913c4aca14092fcf4ad28accad8067e/detection

bullyapk.cloud
samanie-shm.click
samanie-shm.cloud
samanie-shm.uno

# Reference: https://www.virustotal.com/gui/file/88d88afee78ae66224d4cad8ea9769a40c0e29e00968ddde942678b837737247/detection

pokermaster88.xyz

# Reference: https://www.virustotal.com/gui/ip-address/45.32.113.19/relations
# Reference: https://www.virustotal.com/gui/file/7c9dbcb3220875f9386a9c5ef3c3d41e12c9d1776938b849e6a7c8cf7fd7721d/detection

sahamedalat.hs.vc
sahamlol.hs.vc

# Reference: https://www.virustotal.com/gui/ip-address/194.5.195.109/relations
# Reference: https://www.virustotal.com/gui/file/2421c7aa65128376f68ad23d7a2e62cd70e0e0c0ab3b39ea968332a03c4cbbd0/detection

daryaftsahm.site
edalat-irani.site
edalatnes.site
edalatsaham.site
iransedalat.site
saham-meli.site
sahamesr.site
sahamirani.site
sahamma.site
sahamman.site
sahamwis.site
samanesaham.site
sapadsir.site

# Reference: https://www.virustotal.com/gui/ip-address/87.98.136.237/relations
# Reference: https://www.virustotal.com/gui/file/1e9379d9cd5f60aa480a0c8e7376605a8875461700548f91defd3ddad9737040/detection

adeilat.press
adiern.tech
adilern.press
adledilt.press
aosiuham.host
asodmi.host
cadihedn.host
cadman.host
cadsaum.host
calantern.press
cenhn.website
chiham.cloud
cianhem.host
cihyan.uno
cilaheilm.host
ciohjam.host
ciuham.uno
cnsehl.uno
codhami.press
codhiemi.host
dadctan.press
dadstan.press
daftarsh.host
dieltn.press
dilet.press
disoham.cloud
dodsara.press
dodstono.lol
doilat.press
doilate.press
doilernt.press
doiletn.sbs
doirnt.xyz
dosyithm.online
edalapk.press
edalatsabt.host
edhiolt.uno
edoilwt.press
edseahin.uno
eheilet.uno
ertiham.uno
esdihem.uno
ethilot.press
formsbtn.host
hemrahi.host
hidealt.press
hidelatn.press
hjeham.online
ilcahen.host
iransaham.host
iransaham.press
iranse.host
iransedalat.cloud
kaefori.space
kalantar.press
kilontar.host
klnteri.host
koilantin.press
kointer.press
kolanter.press
lisodmanh.host
mhojawz.host
mi1seni.press
mihansaham.host
miovjz.host
mipojwz.press
moiijwzi.host
moijwz.tech
mojawez.xyz
mojlavez.host
mojwz.host
netjahan.uno
newham.press
nijham.uno
odalanti.press
oildielt.tech
oizawez.press
paigorn.press
parsaham.host
parsaham.uno
pasgahi.press
pazjahie.host
peaigeir.uno
piager.press
pigerian.press
piyager.uno
poigery.press
poilerin.uno
sabtshm.tech
saeaham.tech
saehimo.press
sahamman.host
saharahm.tech
sahemn.uno
sahiran.host
sahuom.host
samen.uno
sanain.press
sandilen.host
sayhami.tech
sduhem.host
sedalat.cloud
sedalat.website
sedilatn.press
seihrn.host
selfin.host
seoherm.host
serdihm.website
shikaiat.press
sindeil.press
siuhanm.press
sodcam.host
sodhame.host
sodhem.space
sodtwan.press
sodwaham.host
souhern.host
souhiern.store
tiovdelt.uno
toweiltn.press
toycem.website
videlat.press
wbihdm.shop
wcfhemi.online
wcihen.uno
webaent.press
webdilt.press
webiam.tech
websod.host
wecahm.cloud
wefihem.uno
wisod.site
wsalnm.press
wsciwm.press
yoistnam.press
yonciahm.shop
yshmi.uno
yudilatn.press
ed.dadstani.lol
ed.doyilatn.press

# Reference: https://www.virustotal.com/gui/ip-address/188.165.49.104/relations
# Reference: https://www.virustotal.com/gui/file/1121fef77eb7c8f582bcb690bd9708f419455b0d74d275af8d38671413546146/detection

adelinr.press
apksna.press
appedisn.press
apsuham.host
baresie.press
barseha.press
calantr.press
calantri.host
calater.host
calinter.press
cilentor.host
cmoisid.host
coilantr.host
coilntar.host
coimzvz.press
cointern.host
coiwjsz.host
colanteri.host
colantr.host
colintore.host
conalter.host
contanti.site
contennet.tech
csodham.host
dadctani.press
dadstan.lol
dadstane.press
didstan.press
doideilt.press
doilati.press
doilet.press
doiltnesan.press
dolat.press
edalatsabt.cloud
ediloelt.press
erdoltn.press
hmrman.host
iransaham.website
koilantar.press
kolintren.host
masoied.host
moavzn.host
mocihan.host
modilrtn.xyz
mohsana.press
moiawez.press
moijawez.press
mopeshm.host
mowjivz.uno
mysaham.host
oilanter.press
omjawz.host
omranha.press
osarham.press
osdadhm.site
osihaman.website
parsaham.host
paygeri.press
peadilt.press
pigiern.press
plisahm.press
podaley.press
poiegern.host
poijaer.press
sahamint.host
sahammihan.host
saharehm.website
sardahm.space
sebchem.host
senah.press
shamto.host
snadil.press
souedin.host
souren.host
websna.press
wercalnt.press
ad.idelat.lol
er.didstan.press

# Reference: https://twitter.com/malwrhunterteam/status/1683855815323553794
# Reference: https://www.virustotal.com/gui/file/932319c0e2b1753a1b132972fb4faaa0c2bf38bbdd9849f69b241df2e6d85a45/detection
# Reference: https://www.virustotal.com/gui/file/932319c0e2b1753a1b132972fb4faaa0c2bf38bbdd9849f69b241df2e6d85a45/detection
# Reference: https://www.virustotal.com/gui/file/89cf643fb3af2a577496fe7bab998a81707b5a6d20b1459768b6dc79898ec756/detection
# Reference: https://www.virustotal.com/gui/file/63146328c9e73784b2c14062de19ec1215a96c40866e8936de38f51836adcb5d/detection
# Reference: https://www.virustotal.com/gui/file/1d00a5d41bcf238a57f1d82a1ca55b11fc0e1e4c50b5402460200cada5595478/detection

maykate.shop
ratejadid.top

# Reference: https://threatfox.abuse.ch/browse/malware/apk.irata/

172.86.66.185:1023
178.162.171.247:1004
23.88.43.247:7777
3points.click
5.255.113.62:6985
5.255.117.115:2070
93044live.ml
accorg.site
adlirans-usiran.ga
adlirans-usiran.ml
ailrdw.ml
amirmahdi-or.tk
amiropp-ir.tk
arloapp.host
artacrazy.s2.subdomainbot.top
asdl-ilran.tk
atagsggsshf.ga
bgdgtrg.ml
bgdgytg.ml
botclowns.ga
cuvmntlrzx.ml
dadjdi-jsk.cf
dadstan-rahimi.tk
dadstn-k.cf
dargh-xyata.ml
darghaki-eblog.tk
daysgone.tk
dicaueror.ml
dl.whatsong.ir
doshmhitler.tk
eblagh-sanae.ga
eblaghonline.host
eblaghviran.host
eblagiyeonline.host
eblgha-shkkga.tk
edalat.press
edham.techedlt.art
ensewqzxaap.tk
gtis.cf
hameda.tech
hellboyim80.ml
hitllerrs-ir.ml
homenull.ir
hvcruus.ga
ilivemukm.ga
impixo.site
incomiit.tk
internet-meli-24.ga
ir-live.ml
iuskmmdm.ml
iuskmmdm.tk
ixi-sigaho.ml
jfubdrg.ga
joker1719.ml
jrceh.gq
jsksushsgsh.cf
kiiriiremot.tk
ksjskdkjw-ir.tk
kxkkdei.cf
liveumusk.cf
liveumusk.gq
liveumusk.ml
liveumusk.tk
liviesxy.ml
loi.nitro-cpanel.xyz
lurd-iiooii.ml
mayketdosisigherell.tk
mayketdostyabesighe.tk
mayketdostyabisiighe.tk
mcfadyen.com
mmd-uskm.tk
mmduskm4.cf
mmduskm4.tk
mr-best-ir.tk
mr-xxyx.tk
mrnull.cf
musklive.ga
myremote-ir.tk
n1evewiopq-ir.gq
nazanin-fuzol.tk
ndnsjsj.cf
net-freebami.tk
new-edltiwe.tk
newozv.xyz
niloofarkhosravi.org
nitro-cpanel.xyz
nitrocpanel.xyz
payallmens.tk
pedaretam.tk
pixooriginal.org
pojhgfcved.cf
poliice-fata.tk
pubumlive.gq
pubumlive.tk
radicalhosts.ir
rat-xxx1.ga
rat-xxx1.tk
rat-xxx3.ga
remot-vs-bot.ml
remote-best.ml
remote.impixo.site
remote70y.ml
remotedark.xyz
remotegodrat-ir.tk
reoniwqzna.tk
reza.nitrocpanel.xyz
rihsamito.tk
rimot-anitain.tk
rimot-comin.tk
rimot-htmll.tk
rimot-lucifer.tk
rmtt12.cf
rmtt12.ga
runpanel.cf
s2.subdomainbot.top
sacaladz.tk
saham-a.mcfadyen.com
saham.edalat.press
sahamet.host
sahamirani.host
sahamusk.cf
sahm.host
sahmd.host
sahmi.host
sefid-ratt.tk
sehamechekt.gq
shafabakhsh.tk
shaparak.one
shapark-19.cf
siighe-yabiin.tk
sremot.tk
stillanir.tk
studmitt.tk
subdomainbot.top
techedlt.art
testingmamo.tk
uklivemy.cf
uklivemy.ga
uklivemy.gq
uklivemy.ml
uklivemy.tk
ulliveiku.ml
usenlghusk.ga
usenlghusk.gq
usenlghusk.ml
uskgavm.ga
uskgavm.gq
vffiwwg.ga
vsidg.tk
webriiz.radicalhosts.ir
wlirdan.tk
xn--mgba8a9ddg.ml
xn--mgba8ac3gkj19e.ml
xn--mgby1cr00cvg.ga
xx-amirxx.tk
xxt-remote.cf
xxx-mrxi.ga
xxx-rezaxi.ml
xxx-rmt.ml
years6677337766.ga

# Reference: https://www.virustotal.com/gui/file/f5ffea423f06f4813b2d73dea8cb6a0a29e98ae5db7a55a8598677ba6f073d1e/detection

lordkingmn.site

# Reference: https://threatfox.abuse.ch/ioc/1143521/
# Reference: https://www.virustotal.com/gui/file/b7ff30b39826db33a85fc677819a958cc9307ce2c54dde77c3e1239f39e6ec36/detection

http://5.255.115.135
sik-kon-dige-binamos.online

# Generic

/ahmagh/
/DargaSaz/
/eblaghe
/eblagh/
/ARMAN/requests.php?sms=
/chelchele/url.txt
/Eblagh/app.php
/mytop/receive.php?sms=
/Nobitex/UploadSms.php
/Ramzinex/UploadSms.php
/Remote/1005063728/req.php
/pay/mellat/Mellat.php
/public_html/senddata.php
/rat-webpage2
/ebimport.php
/eblagh.php
/eblagh1.php
/eblaghpay.php
/eblaghresult.php
/sana/pay.php
/sms5.php?phone=
/sana-result-post.php
/sna_eblagh.php
/ratsms.php?phone=
/rat/index.php?phone=
/USK/rat.php

# APK

/%D9%87%D9%85%D8%AA%D8%A7%20.apk
/abp-sana.apk
/abiagh.apk
/adliran-eblagh.apk
/dadsara.apk
/divar.apk
/eblagh-adliran.apk
/eblagh.apk
/eblaghie.apk
/edalat.apk
/EdalatHamrah7.2.apk
/hamrahedalat.apk
/isnaeblagh-sana.apk
/mellat.apk
/MellatBank.apk
/Saderat.apk
/saham-edalat.apk
/saham1401.apk
/sahamse.apk
/sana.apk
/shad.apk
/sighe.apk
/sigheyabi.apk
