# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: babyk, babuklocker, babuk-locker

# Reference: https://twitter.com/Glacius_/status/1345376488506462209
# Reference: https://app.any.run/tasks/95d2f695-025d-4a91-843e-66bb57b3519e/
# Reference: https://www.virustotal.com/gui/file/8203c2f00ecd3ae960cb3247a7d7bfb35e55c38939607c85dbdb5c92f0495fa9/detection

babukq4e2p4wu4iq.onion

# Reference: https://www.hackplayers.com/2021/02/sitios-cibercriminales-deepweb.html

gtmx56k4hutn3ikv.onion

# Reference: https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html

http://185.219.52.229
185.219.52.229:6666
185.219.52.229:8080
fbi.fund
xxxs.info

# Reference: https://github.com/thetanz/ransomwatch/blob/main/docs/INDEX.md

nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion

# Reference: https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/is-there-really-such-a-thing-as-a-low-paid-ransomware-operator/
# Reference: https://otx.alienvault.com/pulse/616ee12b44039d67eabb36e8

appmonitorplugin.sytes.net
atualziarsys.serveirc.com
services5500.sytes.net
suporte01092021.myftp.biz
suporte01928492.redirectme.net
suporte20082021.sytes.net

# Reference: https://twitter.com/malwrhunterteam/status/1571177967467864065

sonarmsng5vzwqezlvtu2iiwwdn3dxkhotftikhowpjuzg7p3ca5eid.onion