# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: romcom
# CERT-UA: UAC-0132

# Reference: https://unit42.paloaltonetworks.com/cuba-ransomware-tropical-scorpius/
# Reference: https://otx.alienvault.com/pulse/62f36c89909d6b719ba8d340

combinedresidency.org
optasko.com

# Reference: https://cert.gov.ua/article/2394117 (Ukrainian)
# Reference: https://www.virustotal.com/gui/file/c149474f97140c3381bda3ad2451f253e08e7ad4be76a68ac3a6f15bc4bd4e63/detection

185.56.137.104:4444
69.49.231.103:4444
69.49.245.55:4444
4qzm.com
advanced-ip-scaner.com
advanced-ip-scanners.com
aspx.io
notfiled.com
mill.co.ua
ua.aspx.io
mil.ua.aspx.io
gov.mil.ua.aspx.io

# Reference: https://twitter.com/Unit42_Intel/status/1588199843981402114
# Reference: https://twitter.com/malware_traffic/status/1588211727891570688

wveeam.com

# Reference: https://www.proofpoint.com/us/daily-ruleset-update-summary-20221104

keepas.org
you-supported.com