Hashes

Loaders - Trojan.MSIL.NERAPACK
12425edb2c50eac79f06bf228cb2dd77bb1e847c4c4a2049c91e0c5b345df5f2
321febf2bc5603b58628e3a82fb063027bf175252a3b30869eccb90a78e59582
3ad24a438b9a67e4eff7ca7d34b06d5efc24b824e3e346488d534532faa619da
dd1afc083b7d82444fcec99e01e8293d51f744201cb968346ec334fb5dd32495
e488f0015f14a0eff4b756d10f252aa419bc960050a53cc04699d5cc8df86c8a
6b1b231a7d190651f8c89072e2514aade288dfe6bd87ea62171b6ecffe13d63e
e4a15537f767332a7ed08009f4e0c5a7b65e8cbd468eb81e3e20dc8dfc36aeed
a64e0c21494811ededf5d8af41b00937c1d5787d63dfcc399a7f32c19a553c99

Backdoors - Backdoor.Win64.CHISERCLIENT
ea2264f56ba315c4db49d06cce12365875502686f8f748570cb5a99cb213f008
182f07a00b93a00fae17b33fbfc25931afeddd80f075f241060b4338a49cd5cc
2167855743b9e488ce514c80f246fd5d0973a4296cb565f95517fa1dcfee8f74

Trojan.Win32.SMILESVRDRP
c6cac51035ef7df22c8ff3b5ba204721cdae97bc4728b0de68db1358c0c04035

Backdoor.Win32.SMILESVR
c6f17d39905d2006020c326c13bb514a66bccc5a42d533aade00e09456ca5dec
97e9bf8032e11bb618a77fbe92489e972b0c92e2e30b26f594f6129ee1cec987
507b0280105da31739159703e418e3d1b1e6e6817362bf69e2da3c0b305af605
819afbdc46b3b8f3e4b71e64c48df14ce886a273ce3c93d7a402f4760405b1a4

Backdoor.Win64.LILITH
b3c31192048576591a52bc025e82286d7d32429c2f0991e68d801555b2d74c65

Backdoor.Win32.GH0ST
996aa9c937b610efd1ab5c0ab173fc9fa78a70b423a193c3e2b505519bde7807
7e72ee1052b018250810e41ac01065ebd833293ecfc363415b7d19dd31734d49

Hacking tools
HackTool.MSIL.LOGKILLER
b914087ac90f8aa782ef4c22cee9c458f7bdfc3d37278327aa7e1442011f0e4a

HackTool.Win64.FRP
7ca64c811008e34b5dbb7538fa4bed84c1678ed9813e665071dc0ad0def5b74b

--------------------------------------------------------------------

C&C Servers

lastest[.]ctotw[.]tw:443
infos[.]friendship[.]tw:80
citilink[.]dsmtp[.]com:443
flight[.]goldentop[.]tw:80
cart[.]ns02[.]us
webadmin[.]mirrorstorage[.]org:443
api01[.]lflinkup[.]net:80
portal[.]blueraymax[.]com:80
ca[.]threatiy[.]com:443
cb[.]threatiy[.]com:8443
cc[.]threatiy[.]com:8080
193[.]42[.]40[.]126
157[.]119[.]234[.]100
158[.]247[.]199[.]191
45[.]77[.]214[.]244
195[.]123[.]221[.]7:8080