# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: BackdoorDiplomacy, Quarian, Turian # Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2013/2013-10-07-quarian-group-targets-victims-with-spearphishing-attacks/quarian-group-targets-victims-with-spearphishing-attacks.csv andyothers.acmetoy.com keep.ns3.name # Reference: https://www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/ # Reference: https://otx.alienvault.com/pulse/60c341dc8964edd2e2fcb651 pmdskm.top bill.microsoftbuys.com buffetfactory.oicp.io dnsupdate.dns1.us dnsupdate.dns2.us dynsystem.imbbs.in freedns02.dns2.us icta.worldmessg.com intelupdate.dns1.us officeupdate.ns01.us officeupdates.cleansite.us systeminfo.cleansite.info systeminfo.myftp.name systeminfo.oicp.net szsz.pmdskm.top update.officenews365.com updateip.onmypc.net web.vpnkerio.com winupdate.ns02.us