# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.mandiant.com/resources/seo-poisoning-batloader-atera
# Reference: https://www.virustotal.com/gui/file/e3d7f1af2bc790cf143827d2335b594dc3d54a0f49cb61e0b8d6a2d1f0ad27cb/detection
# Reference: https://www.virustotal.com/gui/file/0c3b0dda9f006860a3dfa7be0adb0194a5dfd5a4a1377933e7fb3681b8aadef7/detection

bartmaaz.com
cloudfiletehnology.com
clouds222.com
cmdadminu.com
commandaadmin.com
firsone1.online
kdsjdsadas.online
pornofilmspremium.com
sweepcakesoffers.com
team-viewer.site
websekir.com
zoomvideo-s.com
zoomvideo.site

# Reference: https://assets.sentinelone.com/sentinellabs/SentinelLabs-Zloader
# Reference: https://otx.alienvault.com/pulse/614056687e876ee92b3f7a1e

teamviewerdownload.fastforbusinessandpersonaluserourserviceaugust.alightindarkplacesbook.com

# Reference: https://tracker.viriback.com/ (# Batloader)
# Reference: https://twitter.com/1ZRR4H/status/1575364101148114944

a1a2a3b4.com
/013x1s/index/login
/01ex93/index/login
/g5i0nq/index/login
/p01kpc/index/login
/p3dr01/index/login
/sh1z01/index/login
/t1mw0r/index/login
/tyr4i1/index/login
/013x1s/index/
/01ex93/index/
/g5i0nq/index/
/p01kpc/index/
/p3dr01/index/
/sh1z01/index/
/t1mw0r/index/
/tyr4i1/index/

# Reference: https://twitter.com/1ZRR4H/status/1575364113542389762

anydeskos.com
logmein-cloud.com
teamcloudcomputing.com
teamviewclouds.com
zoomcloudcomputing.tech

# Reference: https://twitter.com/AlbertPriego/status/1575494025875927041

adueledem.online
appszik.com
/amzccadvadmin