# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/suyog41/status/1130804704152305664

mikus192091.ddns.net

# Reference: https://twitter.com/luc4m/status/1106618159522635776

queda212.duckdns.org

# Reference: https://twitter.com/CERT_Polska/status/1072793091856392192
# Reference: https://www.cert.pl/news/single/trojan-oraz-ransomware-w-kampanii-podszywajacej-sie-pod-inpost/

213.152.161.99:47390
213.152.161.100:47390
213.152.161.101:47390
213.152.161.102:47390
213.152.161.103:47390
213.152.161.232:47390
213.152.161.233:47390
213.152.161.234:47390
213.152.161.235:47390
213.152.161.99:47392
213.152.161.100:47392
213.152.161.101:47392
213.152.161.102:47392
213.152.161.103:47392
213.152.161.232:47392
213.152.161.233:47392
213.152.161.234:47392
213.152.161.235:47392

# Reference: https://twitter.com/Threat_hunts/status/1135810121227882499
# Reference: https://app.any.run/tasks/5ad34df1-b5a8-415f-9496-334d9bfdd7b1/

95.167.151.253:7707

# Reference: https://twitter.com/James_inthe_box/status/1141072205771448320

kizzoyi.duckdns.org

# Reference: https://twitter.com/powershellcode/status/1148234398703030273

internetexploter.duckdns.org
systenfailued.ddns.com.br

# Reference: https://twitter.com/DynamicAnalysis/status/1165901579536539649

79.134.225.90:4782

# Reference: https://twitter.com/James_inthe_box/status/1167217092245872640
# Reference: https://app.any.run/tasks/8eb2d184-08ec-40ab-8742-32f6988c5638/

23.105.131.169:6606
193.56.28.173:7707
193.56.28.173:8808
rownip.3utilities.com
rownip.mooo.com
rownip.theworkpc.com
rownip.dyndnss.net
rowanyne.ooo

# Reference: https://twitter.com/JAMESWT_MHT/status/1169142417754337281
# Reference: https://app.any.run/tasks/308651b4-37c0-4c66-87ba-5bf05d1ff411/

79.134.225.115:4404
eg-east.com