RAT.txt

#
#**DO NOT RUN SAMPLES ON YOUR HOST COMPUTER! USE A VIRTUAL MACHINE**
#

#Lime-RAT/njRAT
http://securefiless-001-site1.ftempurl.com/windrr.exe
7d3799901b4031fdaea0e2e1c0822b1183766d12405039fd75d48344db61ab73
ee702cb54c3b6dd6f8f9e055a357f19b6ea8053c
df6d5e08ce43828353f5bdc43b44c795
71d6a7a3fe5f8dc878cd5bdeca0e09177efb85c01e9a8a10a95262cabefaa019
7d3799901b4031fdaea0e2e1c0822b1183766d12405039fd75d48344db61ab73
193.161.193.99


#njRAT/Bladabindi
http://zimshop.co.za/wp/wp-admin/milk.exe
38df39b8f59e65ddfc8558b554ed8449815e2a1da263911f5fa5adc610101ae5
24ffe3043b12a6db42cae02a6f46e213e3012fce
b6fb59b629ff7361ca59bc57d44b3ffe
mailsdc61.ga
194.5.97.31

#njRAT/Bladabindi
http://ghwls44.gabia.io/svchost.exe
6e8cfe6005442b9d088b114acb7683dd469a72eb1d0f4a087a4f565b125f96a3
aaedf15be5ab30814df92594a2dc7858709de0c4
be16bbcf9fd07fe8243f58c8eb1cc348
ghwls44.codns.com
175.192.57.66

#Win32/Agent.ZJL
http://down.1919wan.com/STEAM/ren001.exe
39a666d435132add8e4bc029b2bccbc9b15498f429c01ea5f4d6fc999250412b
44686808910a57aedef2958eb72a3feeb2dfc9cb
d5c27e579555e704806a5f242f2d36e7
apps.game.qq.com
www.mteng.top
brickola.cn
tinychinacdnweb.qiniu.com.w.kunlunno.com
dt003.china.line.qiniudns.com
brickola.cn.qiniudns.com
cdn.vy68.com
kibopd.com
js.26ji.cn
b8ca13ba720dbe49.58su.cn
58.common.58su.cn
180.163.15.188
104.193.88.77
139.224.174.28
180.163.26.100
58.49.225.146
58.49.225.142
106.14.52.31
58.49.225.141
http://cdn.vy68.com/api/userconfig/uc_cd0e231727a72d94b9301ee10a37e86c.json
http://apps.game.qq.com/comm-htdocs/ip/get_ip.php
http://cdn.vy68.com/file/modules/723a5b61cdf1571a/9ad5f3ce8b59c2a5c556193c8a81c2d697a0fde8a6eb33b1.zip
http://kibopd.com/api/r/ip
http://kibopd.com/api/r/mcm
http://brickola.cn/API/General/lsrpu
http://brickola.cn/api/file/4.json?type=2
http://brickola.cn/api/file/bizmoduleconfig.json?type=1
http://brickola.cn/API/General/faceimg
http://brickola.cn/file/modules/199a4f51f291a7f7/9ad5f3ce8b59c2a5380c47cafe26169c.zip
http://brickola.cn/file/modules/723a5b61cdf1571a/9ad5f3ce8b59c2a5c556193c8a81c2d697a0fde8a6eb33b1.zip
http://brickola.cn/file/modules/c39a92b5d5313f63/6ae3af4ff8fae1492c0fe26ced88e526.zip
http://brickola.cn/file/modules/5018e7abcc4200f4/4a60ef872bafb20377f392cd7c3f4a0f.zip
http://cdn.vy68.com/file/modules/5018e7abcc4200f4/4a60ef872bafb20377f392cd7c3f4a0f.zip
http://js.26ji.cn/file/modules/199a4f51f291a7f7/9ad5f3ce8b59c2a5380c47cafe26169c.zip
http://cdn.vy68.com/file/modules/199a4f51f291a7f7/9ad5f3ce8b59c2a5380c47cafe26169c.zip
http://js.26ji.cn/file/modules/723a5b61cdf1571a/9ad5f3ce8b59c2a5c556193c8a81c2d697a0fde8a6eb33b1.zip
http://js.26ji.cn/file/modules/5018e7abcc4200f4/4a60ef872bafb20377f392cd7c3f4a0f.zip
http://kibopd.com/api/r/kwu?info=4e42dbdc6e3cba0baaa236fb70a6cf4437d423c348d8bf530ab84e757b4d3b233f2a31124a2d7ed6cfde35261b4463dcc77100803fd849a25c3014b3ae54a128bb27a703638ea9648095d5bd2f420491b08040014ac470a3
http://kibopd.com/api/r/b?info=7dbcf7a501e6f06ab9f55d46f571595d5248dd1378aac089b801d31893cffdd0609f99174eae9514a91439ce391e45f52ba33b022491baf2e8e6c8447a74f89ae112a4efe9469e5d4a1c3d37fc8d41c962ebf790f6ce5047181de9408c7bbcbed39711b589d06da6fa589e6c1ed4112dd2c5eda8798e1d14cea29343c76ac4a66630a32ca8c34ca0311a643cd5c2a3ef10c102c2d7fee263d07e19657f6bbc7e791090b3be484775b14e337b8b028d2c3ed04e6239c90ef68d27804f3c74ed72b1839c4c7ac977f302cdb0328bd04c250d9e11c257c028484ef30c818a55a81d29ff5ea268ae56c01fe7a2a95cd74c7cf165b478c3e7bb9f2b2ac6d1c4b2ff95a1d6f81a94fe30022b8538c6cd635afbc367c2321826d82c525865152004cce5b308291605a9d965b4caebe695ad90c09e4e5239f0f800765e6247dc017cf02198153c929c4fa85582f58e71f9d533ca58b7a18d7e0980b2ea8158a156024776bb6935a845e03ec6bfba0d2d4e1745269cb6c0a10b500a09ec03fb11a49462d179f0015057a3056bb93e757d4a6bfca3410368d56e7fdd7a10b9ad81143fa4218160360c377b9e08ceee8203bfa27d38d20ee615767f2cab46cc48be3e27b090959f1125280fab7cbe1ba6c3b4fb87e896743c219bd676a8378f97103e54d90b6292cdfbc267b846f9ae3e25ad94bbe22847ee1ddde2010f4408eae8e2944ec724195500f9ca8e4359bbe52ac97de766b085b977caf382194075fc9aec7977a4d9ca1755c3c0702429daf40021aeed9697ee175055eee40130da861bf547e6f6a439577f4b807e95426159a359d0e52f7861c609dc8aedfa3d9faec8a151f878713afc7c9fc082d9e622f2584973382314e14b2726ec03ea1c19836544d4305336460f5da1fc8871536ec5fafb477cbc

#quasar
http://mijasgolfbreak.com/dw/scan07012019.exe
5e535771300fd7aa01027755c239df694a2f288090141e401c4d63f61f53e06a
81ac111e9c6d71c3d695ab4e87ca571223fe2090
05ced190269d2d11be1edaf5f9be2048
84.234.96.141

#njRAT/Bladabindi
#https://www.dropbox.com/s/2kn30ouin5i04r4/PO442df9bc210ac.xlsb?dl=1
97ad4c4cf3db5b69765b353599d3d0339e3ab8f9b3a122fce414b87f3d83d154
fb73a819b37523126c7708a1d06f3b8825fa60c926154ab2d511ba668f49dc4b
linkadrum.nl
jplymell.com
85.214.28.174
185.223.28.211

#Ave Maria RAT
http://pdfconverter.firewall-gateway.com/office/vbc.exe
f76e890b1277309ebc63302935a67e621ce12ef761a8dad0b5fc6b99c34bebc8
7ac3fa54e0641ca1e4fac97a0e3d374d7f53fe52
9388f307e47b54762e911293551adf54
blackpyramid.duckdns.org
216.38.2.195

#NanoCore.RAT
134716265d729b97c3dfbd7a39441eda57274a8afc549a24fa8621ed30fa2317
1ba03251f21bc011d8cac14305181c9a28adac0d
e2b84e91c3147789cd8cd5070187cd50
185.244.30.92

#Unknown
http://fdbvcdffd.ug/ndgfsxvcwe.exe
d2134a2c8e64997fcac21ae09a5c33c3fff7cbb7b34fc89e13a488eaf43385f6
c715ee212409155d3269f50c3bd93ca723c8b408
6547e79dae0df831f51daf24b660c93d
kjsdtrfuyhgxcv.ru
mardjdf.ug
185.244.30.74

#QUASAR
http://185.150.2.234/2/temp.exe
c960dc7aeadf52b354fac14ba3280106bce522479a0ea0daa16eaa92484882ea
158c2efd2ba719fb3f66ee53757a4b3b1d2fe59a
3b879cfdeb1567142e077f9956faf618

#NanoCore
http://myo.net.au/plugins/quickicon/counter/exe1.exe
f5be23df0cfd529674c9939bf11e4d0f61693f898cf989e7b7acf62202c0874e
06e41c2587ab8235c6782cf1af589099a6242666
3cf83ee9b1eca7399241843618e9ea5e
154.225.62.188
35.104.130.213
122.125.146.196
55.13.230.17
8.251.61.112
124.6.186.36
150.14.156.225
64.235.141.110
115.46.222.92
89.95.171.131
219.11.176.217
112.196.157.128
68.195.209.178
188.159.214.116
99.132.230.105
214.94.131.211
80.229.2.106
146.134.108.85
96.49.239.27
117.193.176.23
217.51.228.152
51.194.65.217
187.254.14.59
91.25.251.199
124.127.5.218
125.16.208.1
4.36.245.219
195.127.101.200
2.168.98.3
118.174.237.61
34.249.37.171
102.51.162.5
120.45.25.199
53.217.82.209
212.89.206.240
145.25.55.67
47.106.6.134
91.172.124.75
95.206.34.161
61.182.149.174
142.86.222.106
129.135.140.223
77.155.16.43
171.85.123.169
198.19.227.55
213.194.10.135
103.252.174.61
73.7.143.26
75.74.196.17
185.48.141.11
162.171.249.109
114.130.173.166
141.20.202.121
71.174.179.208
131.153.130.108
102.239.108.207
155.8.106.179
159.223.175.111
110.170.44.50
43.28.30.112
207.1.35.154
141.206.236.197
97.39.158.30
156.245.204.49
14.125.195.21
130.41.188.95
26.230.16.37
41.168.50.171
120.34.61.113
189.131.2.77
191.82.32.195
15.58.116.39
89.2.196.210
216.128.26.73
38.71.77.129
84.4.23.129
215.5.137.143
146.100.191.59
204.23.244.92
81.147.115.8
6.77.219.18
71.65.10.217
156.94.188.120
98.151.112.61
69.212.24.144
5.227.102.153
128.168.185.109
204.30.41.120
17.242.98.117
111.19.120.43
154.83.59.68
53.61.131.244
95.112.13.30
114.15.103.33
218.116.180.100
156.116.134.66
57.251.222.107
120.230.220.247
42.48.43.116
163.247.10.119
181.150.24.106
11.41.101.31
83.64.97.191
190.50.24.132
http://156.245.204.49/
http://141.20.202.121

#AZORult
http://eas1tlink.xyz/him.exe
efb39e6675ae76874c1565b0c4f195b89372d3a89f35d73fd208df788002faff
ec896e7670d0b73042d253f9aa86a28f0e65892b
96315cd65d90dfec6fa797bef002639b
eas1tlink.xyz
217.29.57.164
http://eas1tlink.xyz/index.php




#AZORult
http://82.146.48.98/c.exe
80aa60c0f067c47b565cf06dbf27f831b55d574f66456763dde8ba111fcf32ed
1e6483966a8d42321fe3265c7518a4909636de53
37a36e175dfeebbfd3a4d1dacebf0b32
hustdomains.host
193.178.169.71
http://hustdomains.host/index.php