# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/h2jazi/status/1573309097021444096
# Reference: https://www.virustotal.com/gui/file/c75d905cd7826182505c15d39ebe952dca5b4c80fb62b8f7283fa09d7f51c815/detection

http://185.166.217.184
/CFVJKXIUPHESRHUSE4FHUREHUIFERAY97A4FXA/

# Reference: https://twitter.com/h2jazi/status/1636768039273377797
# Reference: https://www.virustotal.com/gui/ip-address/95.142.39.88/relations
# Reference: https://www.virustotal.com/gui/file/2df66c8258ca164e2138997754c9226d88748612e4df16cfdcb0aa89c5c874f4/detection

servicehost-update.net

# Reference: https://securelist.com/bad-magic-apt/109087/ (# CommonMagic/PowerMagic)
# Reference: https://www.virustotal.com/gui/ip-address/31.31.198.109/relations

webservice-srv.online
webservice-srv1.online

# Reference: https://twitter.com/ShadowChasing1/status/1377973764164476932
# Reference: https://twitter.com/ShadowChasing1/status/1377973769579360258
# Reference: https://www.malwarebytes.com/blog/threat-intelligence/2023/05/redstinger
# Reference: https://www.virustotal.com/gui/ip-address/45.154.116.147/relations
# Reference: https://www.virustotal.com/gui/file/fb48b9102388620bb02d1a47297ba101f755632f9a421d09e9ab419cbeb65db8/detection
# Reference: https://www.virustotal.com/gui/file/301e819008e19b9803ad8b75ecede9ecfa5b11a3ecd8df0316914588b95371c8/detection

http://176.114.9.192
http://45.154.116.147
http://91.234.33.108
http://91.234.33.185
185.166.217.184:2380
securitysearch.ddns.net