# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: bifrose, bifrost, refroso # Reference: https://blog.talosintelligence.com/2020/02/threat-roundup-0221-0228.html (# Win.Dropper.Bifrost-7593600-0) lronaldinho.no-ip.biz snouci.no-ip.biz zoulou.zapto.org # Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0228-0306.html (# Win.Packed.Bifrost-7603033-1) dzalgerdz.no-ip.org hh.servecounterstrike.com # Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0313-0320.html (# Win.Worm.Bifrost-7616408-0) fisherman7.no-ip.biz noip2010.no-ip.org # Reference: https://www.virustotal.com/gui/file/24fd4a24f7bfe82cb6eef5fb11e3a9f677539d812e6eb074db6ccf657938932a/detection drive53.no-ip.biz # Reference: https://www.virustotal.com/gui/file/c72c3618ca584612806b0abe8a9857749cb69e51b11b64eea413f1da9b20eecf/detection drive53.no-ip.biz.ovh.net # Reference: https://www.virustotal.com/gui/file/297cfd8abb097b865aabc4f629f31dc31aab9883fea5467139161463fa4c5c47/detection recorder1171513gg.ftpaccess.cc # Reference: https://www.virustotal.com/gui/file/79a455f8a35202694f8337d2712d5f060e076cd182dec562a1bc7e4fa9337dde/detection 204.95.99.26:96 broklin.no-ip.org casawa1.no-ip.org # Reference: https://www.virustotal.com/gui/file/e4856ad9746aedc3b3518c625a07f8503f857ca32194e9704f36fa0c968f2394/detection karim.no-ip.org # Reference: https://blog.talosintelligence.com/2020/04/threat-roundup-0403-0410.html (# Win.Dropper.Bifrost-7646061-0) hmada12.hopto.org hooogo.no-ip.biz tt00.dyndns.tv # Reference: https://otx.alienvault.com/pulse/5e973946469296827b671df8 # Reference: https://www.virustotal.com/gui/file/3cad20318f36b020cf4d6b44320eb5a6dae0a78339a0fdc3a1fe5e280a8507f1/detection 107.191.61.247:443 # Reference: https://www.virustotal.com/gui/file/5774843d066e36b1f75d171bf3247cddf1779b5866dd66c6c323b9f74aa672e4/detection a1a5a4.no-ip.biz # Reference: https://www.virustotal.com/gui/file/bbe06c393df62ce5aed08ade02dab8667fab6d142b4a1be7ac312aee9901b1b8/detection hacker06.no-ip.biz souhailmejri.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1d142651ae48c447a3df697fefd8ac50e4e31d729d6f0a38bacb72577b2029dc/detection sami99.no-ip.biz # Reference: https://www.virustotal.com/gui/file/afd084c46dfb09d023d5fcf6d150c4e7c96257304e1c58ab3caa6ee8fa732adf/detection 94.73.32.235:82 # Reference: https://www.virustotal.com/gui/file/58f8382bd89ecdbf05d43a7a0f6fa25865a35d8c0cb35307b172d2fe233c8670/detection 58.158.177.102:4116 adsl196iam.sytes.net # Reference: https://www.virustotal.com/gui/file/6ac72d7442e19bf0457fdd6709f97f844a7249ab475d198d730222d2670911b1/detection thea7m.hopto.org # Reference: https://www.virustotal.com/gui/file/cb1bc5bc32a26c55cce3c005c1a0fb4243f595b5f18507409e792da30c0d3680/detection ttonline.hopto.org # Reference: https://www.virustotal.com/gui/file/c16c7f13bfaa05a60e81d3f5645d7d26e0776dbee0efbd87f8025980d61d36d7/detection 58.158.177.102:4562 hostdz.hopto.org # Reference: https://www.virustotal.com/gui/file/c05b20391b2a000fa21895dfd9308f599c2ba7e1341dcc689f3280a36b50f3d9/detection 94.73.31.192:3594 gniewkowiec0359.zapto.org # Reference: https://www.virustotal.com/gui/file/32c82467e4cd40a8164f27b98aed4a234ebf31393bb4dbc0fd0cd5d1c9fb23f5/detection hamada12.zapto.org hz12.no-ip.biz # Reference: https://www.virustotal.com/gui/file/96f5f04f8760ed900cb158465610fb99941acdf01e14c475fd1f86cfdd5d7526/detection 103.40.112.228:443 # Reference: https://www.virustotal.com/gui/file/3bf891ead3ed76811cb77874075cc6d6b8a4bc5a21127265933541816ab213b7/detection 45.77.181.203:443 45.77.181.203:53 # Reference: https://www.virustotal.com/gui/file/4d90b415aec3b2d8deb17f6d6bcfef180e172b54b4f06ea54fb1378116b1cb78/detection 220.133.229.149:443 # Reference: https://www.virustotal.com/gui/file/e81aac556cd6d142551f2ed173bdd56779f3761779b88e8f7d5ea1c171cb9a7e/detection 59.125.119.202:8080 # Reference: https://www.virustotal.com/gui/file/5eb4ce37527609e94f7a2b84a8e6248c1fbaa2f36015ec8be74f95a7fb433b86/detection 106.186.121.154:443 # Reference: https://www.virustotal.com/gui/file/b65aac5a5750d2f30aa874646a088a7476f49dcd93f0c0355379f225080f29b3/detection 172.104.92.110:443 172.104.92.110:53 # Reference: https://www.virustotal.com/gui/file/32f349bdf672093ac940d4730bfa2825aebb0bf0575d734380a0979605b378a6/detection kauan0802.duckdns.org # Reference: https://www.virustotal.com/gui/file/795cbaf2d1975a889ddb1abee4e814937ba03b61117c903c7f03e8e35b5db849/detection h4mm3r.no-ip.biz troja1.mine.nu