National Cyber Warfare Foundation (NCWF)

Sample Malware Phone Back C&C (Command and Control) MD5s From Domains Belonging to XSS Forum Users – A Compilation
0 user ratings		2026-04-04 19:47:16
milo
Blue Team (CND) , Breach

Dear blog readers,


In my most recent analysis I decided to take

a deeper look inside some of the domains which belong to members of the XSS forum are known to have been used as

malicious software phone back C&C (command and control) domains.


Here's the compilation:









































































































































































































































































206.su740d9cd8ea165302aa3cd7e6f198ea4c
23fefvdfmbhty5ouihksdfs.comc2a10312a002ad7de56237d9a419f2f8
adwords-limon.biz7e2c95f6297d372820df8bea6ec10c42
astfv43kol.comc5d8a48579e8bc4a2ff1ac229d7da4bb
auto-key.org17b35854c20ef15916bb6191d9018f33
bduioronebmemo.indcdd3063d89e813d72c8312280d21a81
bookdeel.ind4e9c7625f679a432eb4f7ce3e1bf3f8
bsdhveroorihrh.incfadd31220c21a81abafc39dd0426653
c0p1.com4ee484759d7484ecf828eff059c5555a
c0p1.coma664d2c1fe26cf7c54cc8d926614ced6
caribecunb.com868e416b34a1ef25e62c3a02a11b624e
clfrev.use562e5fe01744834ff603418d879a240
cnbravard.com348b2ccf7d90a3c468a94838dce6c801
cpro.moscow80707d363ee1068c2e14bde81831ef51
crysis5.info83966b7e9cbe4491a4330ad755fabf3d
devilz.co4e3f1de1b82030db5e1f3f0f2552efd0
elcrazyfrog.com52598dff416eb8c050ad214ba1728073
flurred.com5f7fef40dffcab695e74fcdfbe14b84a
forestfire.mea9e26a987720d7d7be4d28c635026bbf
ggvruxovlbrm.comf2a4ae0cb148e19d5c7dbce2c2be5143
guliverialand.asia96122bed38044a7670f88e7c0a8f6005
headover.mead49f064e234b5b6ce584054587cd362
hyperboot.suf358b0fa7c5961a72dfebc2cf26ae4fd
ibcbbgggowdg.com87a52fdccc7ed7f7e6321e795fb5f82f
infosearchresults.com61cf47b9e315441ce20bb92665891103
ituneshack.comee5b8493d37177b015b3bb65352148d3
jsmarkating.com46532f5480a0bc454ecfdb9ad1fcecda
khardamok.com8cbadb2055081e2c1cc07f976d4efa27
kinosezon.sited08482bb992c8155471a21260f7c940b
lucaname.net16ca0886d3d23f0270cc11580767edde
mashka.inc21b3634644c442266443f4705f802af
mastrio87.asia93059d28724c37f4c416765c9216b038
maxho.ru7682dfb7d6aea87094aef38ebe1b6458
micyberclub.com23c5e8bcc617dae7a2bc4eb5af6db3a4
micyberclub.com9cbf5558a4e1a96870b379ee373c9ce4
mikewaalspro.come305e5235d3ca837fc74be8d62b9a310
muk1w4.comc06596f157fd0ba8e19c6cf1603f8c3c
nt13.netb643cfbd4cc14525f822efa1cc8931d0
parkrosegroup.infodffe9cb91673bd89c01e1e785a5f0da2
phantom-inc.netede424a41d7162e20d4da906e64edf03
pohery.org5fcf430d3a1c13cc057c5ed50223efef
pufcer.clube31473f9133d5653c7f4d72fd0a3ee2f
qvvksmeemfgd.net99d73f14df11e38419adb789ec5cd2fb
re1.ng04e46b8950cf21638247b0a6eb020161
sapport.co.inf986c08083355731eee26085aa458ddb
sapport.ince246d78c9e7bd15659a403d35c6af9e
sapport.nz96c9f44a47e2bf673e9374a95634d13e
sapport.one0b3f788696398bc65682befaf9ce6d1b
sapport.run04960a815d836dfa31a5aa73ac0d7270
sevencandlestics.com43b6f97e218f19f34036662a8fe22513
shop-lehonda.biz6550833d297d7a23aedf4861be5b55f7
stjosephes.in50e3830b05a1ad30702ea2e47a380d58
subjec.in0ea6577c855815cc7565779ad5300851
tavel.in76b62c12dfe881421d99ae7bfcb519be
trishulengineer.com617ad978e603163363ffd31002efeef5
trishulengineer.com72e057b2f04e5c086e98943cde452a57
updatehost.club52b1b21d6884d9fceb0280f238a5f9ec
virtest.comad19b74a38b91153676a9fbebb850d7b
virtest.comfcfda10cc69563d24480fa83eda67034
webtrafficbuy.neteed4cba281e5bbba4f41258de3948935
whitepanda.infoa152df2d10257d7ed724e94f6ce0ba09
x1x2x3.meb967926bd8636a84ded0ce59bd00b7f5
xfalk0n.su2757b3ec512bcc4809e108756cc9f7f8
zadoya.comdd2b219854080cc010f7350958fbc350

Stay tuned.



The post Sample Malware Phone Back C&C (Command and Control) MD5s From Domains Belonging to XSS Forum Users – A Compilation appeared first on Security Boulevard.



Dancho Danchev

Source: Security Boulevard
Source Link: https://securityboulevard.com/2026/04/sample-malware-phone-back-cc-command-and-control-md5s-from-domains-belonging-to-xss-forum-users-a-compilation/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)
Breach


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.