# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://github.com/ti-research-io/ti/blob/main/ioc_extender/ET_APT-FamousSparrow.json # Reference: https://www.virustotal.com/gui/ip-address/103.15.28.228/relations awsdns-531.com offices-analytics.com redcrossco.com credits.offices-analytics.com resource.offices-analytics.com services.offices-analytics.com soffice.offices-analytics.com c11r.awsdns-531.com cdn181.awsdns-531.com llnw-dd.awsdns-531.com rdmail.redcrossco.com redsquare.redcrossco.com tranning.redcrossco.com # Reference: https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ # Reference: https://otx.alienvault.com/pulse/614d9d97468b5d59e66efeec kkxx888666.com cdn.kkxx888666.com