# Malware - Win32. Collection of multiple win32.-families with few domains & hosts per feed.
# Command and Control domains for malware known as Win32.Shiz.ufj. These domains are extracted from malware sandbox reports using a Machine Learning model trained on a corpus of good and bad domains.
# Source: https://otx.alienvault.com/browse/global?section=All&q=Win32&include_inactive=0&sort=-modified&page=1&indicatorsSearch=modified:%22%22%20Win32
#
# INFO: https://www.f-secure.com/v-descs/win32_virus.shtml
#
# UPDATED 02-04-2021
#
# Every link reported should be considered harmefull and could result in an unwanted malware download. Use this file carrefully.
#
#                                                             **** Therefor my advice is ****
#                                                  **** If you experience sites that are being blocked ****
#                                                **** please double check your input in search field and ****
#                                           **** see if it's correct and verify that it is the correct page you ****
#                                             **** are going too! If it is correct then whitelist that site ****
#
#                                                           USE THIS LIST WITH CAUTION!
#
#
# *****The list is released without any warranty to the end users.*****
#
# *** This list contains domains and hosts ***
# *******************************************************************************************************************************************************************
#---------------------------------------------
# W32.Blackmoon - Malware Domain Feed V2
# Source: https://otx.alienvault.com/pulse/5cc6b94df225b0045a904d5b

# Domains
fffffh.site
luoyefeihua.site
syncc.xyz

# Hosts
0.0.0.0	0408sq2u.58guyu.com
0.0.0.0	91w2l6dt.58guyu.com
0.0.0.0	833u3k3i.58guyu.com
0.0.0.0	down01.58guyu.com
0.0.0.0	exe.58guyu.com
0.0.0.0	fpnt5n9r.58guyu.com
0.0.0.0	ftp271303.host553.zhujiwu.cn
0.0.0.0	ftp543845.host566.zhujiwu.me
0.0.0.0	gj.wxb2568.cn
0.0.0.0	ip.666888pya.xyz
0.0.0.0	k7vvazyq.58guyu.com
0.0.0.0	mprrpt.hjkl45678.xyz
0.0.0.0	nmprrpt.hjkl45678.xyz
0.0.0.0	p1hgivju.gdicoou.com
0.0.0.0	q9o7y27m.58guyu.com
0.0.0.0	qcyl.cyynet.com
0.0.0.0	sfqlbmxt.58guyu.com
0.0.0.0	tongji.58guyu.com
0.0.0.0	v216976v.58guyu.com
0.0.0.0	wkapi.kenfu1.com
0.0.0.0	www.362com.com
0.0.0.0	www.awen666.icu
0.0.0.0	www.dfafsd.cloud
0.0.0.0	www.joinbee.cn
0.0.0.0	www.panbaogui.com
0.0.0.0	www.yxlt.us
0.0.0.0	xxx.xxx.com
0.0.0.0	ys46waeu.adkuai8.com
0.0.0.0	yy4010.gotoip1.com
#---------------------------------------------
# Win32.Shiz.ufj - Malware Domain Feed V2
# Source: https://otx.alienvault.com/pulse/5ccb67aaa5bfa10ff6ffe535

# Domains
cihunemyror.eu
cilavocofer.eu
ciliqikytec.eu
cinepycusaw.eu
dikuvizigiz.eu
diselahidaf.eu
divesosisor.eu
dixesywyruc.eu
fodakyhijyv.eu
fokyxazolar.eu
foxivusozuc.eu
gacezobeqon.eu
gacok.eu
gacyryw.com
gacyzuz.com
gadufiwabim.eu
gadyniw.com
gahyqah.com
galykes.com
ganypih.com
gaqycos.com
jefapexytar.eu
jenokirifux.eu
jewuqyjywyv.eu
kefuwidijyp.eu
kejogydideq.eu
kemocujufys.eu
lygymoj.com
lygynud.com
lykyjad.com
lymyxid.com
lyruxyxaxaw.eu
lyryvex.com
lysul.eu
lysuxinebyg.eu
lysyfyj.com
lyvyxor.com
lyxylux.com
lyxywer.com
mamixikusah.eu
marytymenok.eu
nojejecebuw.eu
pufet.eu
pujuduvaxim.eu
pumed.eu
pupex.eu
pupod.eu
pupybul.com
purol.eu
purycap.com
puvem.eu
puvopalywet.eu
puvyxil.com
puzib.eu
puzutuqeqij.eu
qedyfyq.com
qedynul.com
qegyqaq.com
qekykev.com
qekyqop.com
qeqinuqypoq.eu
qeqyxov.com
qetyfuv.com
qexylup.com
qexyryl.com
rynazuqihoj.eu
ryqecolijet.eu
tulyboputal.eu
tunujolavez.eu
tupudyqusuj.eu
vocebufazap.eu
vocumucokaj.eu
vocyruk.com
vofez.eu
vofozymufok.eu
vojacikigep.eu
vojyjof.com
vojyqem.com
volec.eu
volyqat.com
vonodecidid.eu
vopep.eu
vopibycywow.eu
vopogakakud.eu
vowycac.com
vowydef.com
xukovoruput.eu
xuqohyxeqak.eu
xuxusujenes.eu

# Hosts
0.0.0.0	ww1.lysyfyj.com
0.0.0.0	ww11.lysyfyj.com
0.0.0.0	www.gadyniw.com
0.0.0.0	www.gahyqah.com
0.0.0.0	www.pupybul.com
0.0.0.0	www.vowycac.com
0.0.0.0	www.vowygem.com
#---------------------------------------------
# Win32.Floxif.A - Malware Domain Feed V2
# Source: https://otx.alienvault.com/pulse/5cc9aa3bcf78e0d4834b11ce
# Domains
8bb11f3597.pw
citygame.xyz
hostas4.cf
hostas8.ml
hostpp2.cf
xjpakmdcfuqe.biz
zcop.ru

# Hosts
0.0.0.0	ddl.serveftp.com
0.0.0.0	devid.drp.su
0.0.0.0	googlegmail.servehttp.com
0.0.0.0	latestapps.wen.ru
0.0.0.0	microsoft.mypicture.info
0.0.0.0	mzo.dyndns.org
0.0.0.0	nexter.x0rg.com
0.0.0.0	u.f321y.com
0.0.0.0	updatertestww.mkcl.org
0.0.0.0	www.balu001.0catch.com
0.0.0.0	www.balu002.0catch.com
0.0.0.0	www.balu003.0catch.com
0.0.0.0	www.balu004.0catch.com
0.0.0.0	www.balu007.0catch.com
0.0.0.0	www.balu008.0catch.com
0.0.0.0	www.balu010.0catch.com
0.0.0.0	www.balu013.0catch.com
0.0.0.0	www.blm35.net
0.0.0.0	www.gfkgeeoqgz.wen.ru
0.0.0.0	www.gugeeoqgz.wen.ru
0.0.0.0	www.gxgeeoqgz.wen.ru
0.0.0.0	www.hostpp2.cf
0.0.0.0	www.oqzoqbeoqgz.wen.ru
#---------------------------------------------
# Win32.Wacapew - Malware Domain Feed V2
# Source: https://otx.alienvault.com/pulse/5efe0e2e6887c757d99eaa2b

# Domains
08ba21b31b07e8b2.xyz
0856c981fac71ad2.xyz
1abb7c50a8e82d40.xyz
3afc5ff1c881b281.xyz
3cf900ecf0895e4a.xyz
5c98ff7eb35a6899.xyz
5df09f09188cb28e.xyz
6c2d8999fc5c1708.xyz
6d8b0272c433fd35.xyz
6ec8c1bc55203805.xyz
7fbaa5576a683a01.xyz
8a4997225ef680c2.xyz
8c365b78d1a7e8f8.xyz
8d96c6c8686c52e7.xyz
32ae7e2916cf4953.xyz
71ce0c9703a486f1.xyz
84cfba021a5a6662.xyz
628cbea9eb2bdecc.xyz
847c29d3e827a16e.xyz
5723edfc5207ff2d.xyz
29272a6bc0ef8ac8.xyz
54893f9638f5f23b.xyz
658537bb4cb52d28.xyz
750940a116beb395.xyz
7819552a3888d197.xyz
66124112b4188769.xyz
a5559c25c7aba201.xyz
bea0e4a218a01f2a.xyz
c8dd8ae6dc4dc644.xyz
c9b19ecacba2ea44.xyz
d0b9282d68078592.xyz
d048129eb1be65d5.xyz
e1bca370f5f49fe7.xyz
e5ee35320e7c970b.xyz
ef6df4af06ba6896.xyz
fa1e6f7334d84c84.xyz
fe0432d95d40b8a2.xyz
freekzvideo.cloud
post-back-url.com
trackpressure.website
zombiemaniya.ru

# Hosts
0.0.0.0	gfehi7.2ihsfa.com
0.0.0.0	uhgag43.2ihsfa.com
0.0.0.0	uhgargr.2ihsfa.com
0.0.0.0	www.infokscents.com
#---------------------------------------------
# Win32.BlackNET - Malware Domain Feed V2
# Source: https://otx.alienvault.com/pulse/5dfc6b8957112ec80405a93f

# Domains
alexknives.com
crackedworld.xyz
groupy.pro
informavoce.com
jonhost45.com
manchestergardensllc.com
meublesinde.in
otchaos.tk
raders.ru
ranonlinedominationep7.site
redbulllogistics.online
sitespy.club
svcupdate.com
testnexus1123.tk
tv-diaspora.eu

# Hosts
0.0.0.0	a.nvuty.ru
0.0.0.0	blackguy.power-plast.in
0.0.0.0	blacknet.all-hacks.org
0.0.0.0	blacknet.spy24.biz
0.0.0.0	blacknethost.000webhostapp.com
0.0.0.0	d3c0d3dd0cx.000webhostapp.com
0.0.0.0	dadacode2020.ddns.net
0.0.0.0	do.kemem.ga
0.0.0.0	f0374712.xsph.ru
0.0.0.0	f0386817.xsph.ru
0.0.0.0	f0401489.xsph.ru
0.0.0.0	fskakjgg.beget.tech
0.0.0.0	i9789238.beget.tech
0.0.0.0	mailstealer.zzz.com.ua
0.0.0.0	mosav5vz.beget.tech
0.0.0.0	perc30.beget.tech
0.0.0.0	sepasarg.beget.tech
0.0.0.0	test.darkstrom.com
0.0.0.0	tulsipada1.000webhostapp.com
0.0.0.0	updatesmanager.ddns.net
0.0.0.0	vovagaka.myjino.ru
0.0.0.0	wwe23pro.myjino.ru
0.0.0.0	xexob6ct.beget.tech