# Copyright (c) 2014-2019 Miroslav Stampar (@stamparm)
# See the file 'LICENSE' for copying permission

# Reference: https://cdn.securelist.com/files/2017/04/Lazarus_Under_The_Hood_PDF_final.pdf

exbonus.mrbasic.com
movis-es.ignorelist.com
tradeboard.mefound.com
update.toythieves.com
sap.misapor.ch

# Reference: https://securelist.com/operation-applejeus/87553/

www.celasllc.com
185.142.236.226
185.142.239.173
196.38.48.121
80.82.64.91

# Reference: https://www.alienvault.com/blogs/labs-research/malicious-documents-from-lazarus-group-targeting-south-korea

tpddata.com
itaddnet.com
wifispeedcheck.net
coinoen.org                          
coinmaketcape.com
bitfiniex.org
https://www.apshenyihl.com/include/arc.speclist.class.php                                   
https://www.ap8898.com/include/arc.search.class.php                              
https://www.anlway.com/include/arc.search.class.php                              
https://tpddata.com/skins/skin-8.thm                                   
https://tpddata.com/skins/skin-6.thm
http://168wangpi.com/include/charset.php
http://ando.co.kr/service/s_top.asp
http://ansetech.co.kr/smarteditor/common.asp
http://mileage.krb.co.kr/common/db_conf.asp
http://www.028xmz.com/include/common.php
http://www.33cow.com/include/control.php
http://www.51up.com/ace/main.asp
http://www.530hr.com/data/common.php
http://www.97nb.net/include/arc.sglistview.php
http://www.anlway.com/include/arc.search.class.php
http://www.ap8898.com/include/arc.search.class.php
http://www.apshenyihl.com/include/arc.speclist.class.php
http://www.marmarademo.com/include/extend.php
http://www.paulkaren.com/synthpop/main.asp
http://www.shieldonline.co.za/sitemap.asp