# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Note: "The malware is called Anubis and uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets"

# Reference: https://twitter.com/MsftSecIntel/status/1298752223321546754
# Reference: https://twitter.com/MsftSecIntel/status/1298752226425413633
# Reference: https://www.virustotal.com/gui/file/c2ca3c7810fbd2eb4933299433a0e58ffe0707700c780fe420b2c258e32ebe18/detection

webgethack.com

# Reference: https://www.virustotal.com/gui/file/895b3b6890d192de8bc3744ce0757edb909351081744403663a9c3b04e409125/detection
# Reference: https://www.virustotal.com/gui/file/341b474228bf3d99a3570a3b55b4a9b965db00cfbc52988236ffb49990aa8aef/detection

logsbanks.xyz

# Reference: https://seguranca-informatica.pt/anubis-networks-is-back-with-new-c2-server/

anubisnetwork.com
anubisnetwork.net
anubisnetwork.one
operador.anubisnetwork.net
operador.anubisnetwork.one