# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://twitter.com/Timele9527/status/1144069969845481474 # Reference: https://app.any.run/tasks/69351273-5fd3-4590-a5a5-da639f86f9ec/ # Reference: https://www.virustotal.com/gui/file/bf34be94275f5b05d82b3805bccb30f217020d88f501d156324f98b5eda9ba7e/detection # Reference: https://www.virustotal.com/gui/file/071c2ac354452d484a37e7af15dd4685061dd4af93abad4308f41df673132ff0/detection 192.99.241.4:4915 # Reference: https://twitter.com/Timele9527/status/1130670958971215873 # Reference: https://www.virustotal.com/gui/file/386ed7ba502e7bf0e60c546476c1c762cbc951eb2a2ba1f5b505be08d60310ef/detection # Reference: https://vtbehaviour.commondatastorage.googleapis.com/386ed7ba502e7bf0e60c546476c1c762cbc951eb2a2ba1f5b505be08d60310ef_Tencent%20HABO.html 95.168.176.141:4864 95.168.176.141:16672 # Reference: https://twitter.com/HONKONE_K/status/1122327639249698816 # Reference: https://www.freebuf.com/articles/network/197398.html bdrive.club bdrive.space cloudserve.online cynqms.com data-backup.online firebasebox.com scan9t.com tprlink.com # Reference: https://twitter.com/Timele9527/status/1121607912676261890 # Reference: https://www.virustotal.com/gui/file/b80635fed8c7fce92385ddb66fb6f58337a8a150c4a1d158888adaa8db0cfebc/detection # Reference: https://vtbehaviour.commondatastorage.googleapis.com/b80635fed8c7fce92385ddb66fb6f58337a8a150c4a1d158888adaa8db0cfebc_Tencent%20HABO.html peechtrees.com # Reference: https://twitter.com/HONKONE_K/status/1104951156730544128 # Reference: https://www.virustotal.com/gui/file/500f8798dd582b22928097f24d8516893beb84d155f5a2a6ebf30bbcf4d91dae/detection # Reference: https://vtbehaviour.commondatastorage.googleapis.com/500f8798dd582b22928097f24d8516893beb84d155f5a2a6ebf30bbcf4d91dae_Tencent%20HABO.html 81.17.56.226:3864 # Reference: https://www.proofpoint.com/sites/default/files/proofpoint-operation-transparent-tribe-threat-insight-en.pdf 178.238.228.113:7861 178.238.235.143:80 178.238.235.143:9001 193.37.152.28:9990 213.136.87.122:10001 5.189.143.225:11114 5.189.145.248:10032 5.189.145.248:1453 5.189.145.248:6318 62.4.23.46:1500 ad2.admart.tv afgcloud7.com avadhnama.com bbmdroid.com bbmsync2727.com bhai123.no-ip.biz bhai1.ddns.net brooksidebiblefellowship.org cdrfox.xyz intribune.blogspot.com lolxone.com mvssync8767.com ordering-checks.com thefriendsmedia.com sahirlodhi.com sms.totalworthy.com sudhir71nda.no-ip.org winupdatess.no-ip.biz comdtoscc.attachment.biz ceengrmes.attachment.biz email.attachment.biz fileshare.attachment.biz # Reference: https://twitter.com/Timele9527/status/1167626219916972032 kmcodecs.com # Reference: https://twitter.com/Timele9527/status/1186816375857139712 isroddp.com /rEmt1t_pE7o_pe0Ry/ # Reference: https://twitter.com/Arkbird_SOLG/status/1219769450989334528 198.46.177.73:6421 198.46.177.73:4920 198.46.177.73:10422 198.46.177.73:14823 198.46.177.73:16824 # Reference: https://twitter.com/_re_fox/status/1232402275181703169 185.136.163.197:4442 # Reference: https://twitter.com/_re_fox/status/1226344529046929408 awsyscloud.com /E@t!aBbU0le8hiInks/ /H!pT0pNSc3nd/ /eNn!T5eals/ /Pon0N.php /Cor2PoRJSet!On.php /f3dlPr00f.php /pR0T5o-Niums.php /Dev3l2Nmpo7nt.php /xwunThedic@t6.php