# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.lacework.com/blog/androxghost-the-python-malware-exploiting-your-aws-keys/
# Reference: https://blog.sicehice.com/2023/03/androxgh0st-stealing-your-aws-key-pairs.html
# Reference: https://otx.alienvault.com/pulse/63d43565fa3638d6d936705e

http://109.237.97.180
http://185.83.146.154

# Reference: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a
# Reference: https://otx.alienvault.com/pulse/65a7d3eed9b9cc8a7ed724cd

rockylinux.si
mc.rockylinux.si

# Generic

/data="0x%5B%5D=androxgh0st"