# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: MarkiRAT # Reference: https://twitter.com/360CoreSec/status/1407604585896632323 # Reference: https://twitter.com/360CoreSec/status/1407653661816201226 # Reference: https://securelist.com/ferocious-kitten-6-years-of-covert-surveillance-in-iran/102806/ # Reference: https://www.virustotal.com/gui/file/5d69c23a226a5ad1068bb77b174cb8d00aa774c277e32824024f0d2fb21de1d9/detection # Reference: https://www.virustotal.com/gui/file/dd54da85e23ca2117ad962934cf1cefcdc24011780326e38dc48946da9bb84ec/detection # Reference: https://www.virustotal.com/gui/file/be984ef82521f1618edda34fd9d1738b543c0db9613536068eead736b822aff1/detection # Reference: https://www.virustotal.com/gui/file/361524fb3d40dd2f275ee7aa4f40fccfe21f0552cd36ec38f48fbf7e50e66810/detection # Reference: https://www.virustotal.com/gui/file/e53e265edcec04cdfb0db35139796944e867d49872e536d148af313e0b019ed7/detection # Reference: https://www.virustotal.com/gui/file/99eb211ea131834d93e25ba0c1066e37d5583f7694c51611337e1c44b60b7fa5/detection # Reference: https://www.virustotal.com/gui/file/9a38069efc55a19d50d26d300948b9095ab72538acbf4ed427ed5a77060aa259/behavior/Microsoft%20Sysinternals com-view.org com-view.space comuk.space unupdate.ml unupload.xyz updatei.com aparat.com-view.space khabarfarsi.com-view.org microsoft.com-view.space microsoft.unupdate.ml microsoft.unupload.xyz microsoft.updatei.com microsoft.comuk.space # Reference: https://twitter.com/360CoreSec/status/1435077875703562242 # Reference: https://www.virustotal.com/gui/file/b0d85647a0715e84a569fc79f6df3b9b82bac11e388948b767b4dbc7c721af47/detection microcaft.xyz microsoft.microcaft.xyz # Generic /ech/client.php?u= /ech/echo.php?req=rr&u= /ech/rite.php /up/uploadx.php?=u=