# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: bifrose, bifrost, refroso # Reference: https://blog.talosintelligence.com/2020/02/threat-roundup-0221-0228.html (# Win.Dropper.Bifrost-7593600-0) lronaldinho.no-ip.biz snouci.no-ip.biz zoulou.zapto.org # Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0228-0306.html (# Win.Packed.Bifrost-7603033-1) dzalgerdz.no-ip.org hh.servecounterstrike.com # Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0313-0320.html (# Win.Worm.Bifrost-7616408-0) fisherman7.no-ip.biz noip2010.no-ip.org # Reference: https://www.virustotal.com/gui/file/24fd4a24f7bfe82cb6eef5fb11e3a9f677539d812e6eb074db6ccf657938932a/detection drive53.no-ip.biz # Reference: https://www.virustotal.com/gui/file/c72c3618ca584612806b0abe8a9857749cb69e51b11b64eea413f1da9b20eecf/detection drive53.no-ip.biz.ovh.net # Reference: https://www.virustotal.com/gui/file/297cfd8abb097b865aabc4f629f31dc31aab9883fea5467139161463fa4c5c47/detection recorder1171513gg.ftpaccess.cc # Reference: https://www.virustotal.com/gui/file/79a455f8a35202694f8337d2712d5f060e076cd182dec562a1bc7e4fa9337dde/detection 204.95.99.26:96 broklin.no-ip.org casawa1.no-ip.org # Reference: https://www.virustotal.com/gui/file/e4856ad9746aedc3b3518c625a07f8503f857ca32194e9704f36fa0c968f2394/detection karim.no-ip.org # Reference: https://blog.talosintelligence.com/2020/04/threat-roundup-0403-0410.html (# Win.Dropper.Bifrost-7646061-0) hmada12.hopto.org hooogo.no-ip.biz tt00.dyndns.tv # Reference: https://otx.alienvault.com/pulse/5e973946469296827b671df8 # Reference: https://www.virustotal.com/gui/file/3cad20318f36b020cf4d6b44320eb5a6dae0a78339a0fdc3a1fe5e280a8507f1/detection 107.191.61.247:443 # Reference: https://www.virustotal.com/gui/file/5774843d066e36b1f75d171bf3247cddf1779b5866dd66c6c323b9f74aa672e4/detection a1a5a4.no-ip.biz # Reference: https://www.virustotal.com/gui/file/bbe06c393df62ce5aed08ade02dab8667fab6d142b4a1be7ac312aee9901b1b8/detection hacker06.no-ip.biz souhailmejri.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1d142651ae48c447a3df697fefd8ac50e4e31d729d6f0a38bacb72577b2029dc/detection sami99.no-ip.biz # Reference: https://www.virustotal.com/gui/file/afd084c46dfb09d023d5fcf6d150c4e7c96257304e1c58ab3caa6ee8fa732adf/detection 94.73.32.235:82 # Reference: https://www.virustotal.com/gui/file/58f8382bd89ecdbf05d43a7a0f6fa25865a35d8c0cb35307b172d2fe233c8670/detection 58.158.177.102:4116 adsl196iam.sytes.net # Reference: https://www.virustotal.com/gui/file/6ac72d7442e19bf0457fdd6709f97f844a7249ab475d198d730222d2670911b1/detection thea7m.hopto.org # Reference: https://www.virustotal.com/gui/file/cb1bc5bc32a26c55cce3c005c1a0fb4243f595b5f18507409e792da30c0d3680/detection ttonline.hopto.org # Reference: https://www.virustotal.com/gui/file/c16c7f13bfaa05a60e81d3f5645d7d26e0776dbee0efbd87f8025980d61d36d7/detection 58.158.177.102:4562 hostdz.hopto.org # Reference: https://www.virustotal.com/gui/file/c05b20391b2a000fa21895dfd9308f599c2ba7e1341dcc689f3280a36b50f3d9/detection 94.73.31.192:3594 gniewkowiec0359.zapto.org # Reference: https://www.virustotal.com/gui/file/32c82467e4cd40a8164f27b98aed4a234ebf31393bb4dbc0fd0cd5d1c9fb23f5/detection hamada12.zapto.org hz12.no-ip.biz # Reference: https://www.virustotal.com/gui/file/96f5f04f8760ed900cb158465610fb99941acdf01e14c475fd1f86cfdd5d7526/detection 103.40.112.228:443 # Reference: https://www.virustotal.com/gui/file/3bf891ead3ed76811cb77874075cc6d6b8a4bc5a21127265933541816ab213b7/detection 45.77.181.203:443 45.77.181.203:53 # Reference: https://www.virustotal.com/gui/file/4d90b415aec3b2d8deb17f6d6bcfef180e172b54b4f06ea54fb1378116b1cb78/detection 220.133.229.149:443 # Reference: https://www.virustotal.com/gui/file/e81aac556cd6d142551f2ed173bdd56779f3761779b88e8f7d5ea1c171cb9a7e/detection 59.125.119.202:8080 # Reference: https://www.virustotal.com/gui/file/5eb4ce37527609e94f7a2b84a8e6248c1fbaa2f36015ec8be74f95a7fb433b86/detection 106.186.121.154:443 # Reference: https://www.virustotal.com/gui/file/b65aac5a5750d2f30aa874646a088a7476f49dcd93f0c0355379f225080f29b3/detection 172.104.92.110:443 172.104.92.110:53 # Reference: https://www.virustotal.com/gui/file/32f349bdf672093ac940d4730bfa2825aebb0bf0575d734380a0979605b378a6/detection kauan0802.duckdns.org # Reference: https://www.virustotal.com/gui/file/795cbaf2d1975a889ddb1abee4e814937ba03b61117c903c7f03e8e35b5db849/detection h4mm3r.no-ip.biz troja1.mine.nu # Reference: https://www.virustotal.com/gui/file/e65c835fc5015c43a492d6765850fc28c5588e619c3cdbb1e8f077bac99e6d0a/detection luxmark44.no-ip.info # Reference: https://www.virustotal.com/gui/file/fc3eb5f181825888219fab2286ab6b4f7a3e237f3f9b4733c6b99d63c2d4b0ef/detection aztech222.no-ip.info # Reference: https://www.virustotal.com/gui/file/2bd2d0d8950189845d4da937e8ffe870d149f5c87de477aa25fe5441f6dfa9f3/detection alksa.no-ip.biz # Reference: https://www.virustotal.com/gui/file/c5023df9943dad24b05775e4b7a4918e94726513cd5b53ea02b6ae73d002df14/detection 38.130.96.128:82 mstlj-12.no-ip.biz # Reference: https://www.virustotal.com/gui/file/8962f0cb101de4b9c0f9416e963fae6c0e46d3465f5f20b582d8a6480bc19aad/detection 58.158.177.102:15963 # Reference: https://www.virustotal.com/gui/file/8ea422f5fdf000acd76c531be8f0222bd83f6de42193b14d3e5d5c1851dbc265/detection linda-78.no-ip.info # Reference: https://www.virustotal.com/gui/file/a1a4791635511ea13a6b8725d9778beb0ffee5e8cbc853741cc45f202e8ec514/detection 179.67.120.217:1022 179.67.120.217:1155 # Reference: https://www.virustotal.com/gui/file/531f7f1f44c44787e9c6c0328b687ddf129c1464770adbff9d0419ed26aad249/detection rromancy2005.no-ip.info # Reference: https://www.virustotal.com/gui/file/6ffbe5220ced9892ac3a6c147e6d863fd274ed7b3fb8f0c36d990d921252693f/detection fofa.no-ip.info toto2.no-ip.info # Reference: https://www.virustotal.com/gui/file/2c8e350d6cddeeb8bc1ac01118e728040966d2a7a96fa7b8d7a9f6c8c7e2a034/detection lechneb.no-ip.info # Reference: https://www.virustotal.com/gui/file/46539c3c38288273415a328f4856c8e37cbc48fcab788e383995decce49e9f61/detection ars0077.no-ip.info # Reference: https://www.virustotal.com/gui/file/ddf5296ee0edec8fa1fd6bbd5d5403fdc23a56c47a58690ec71c13f1cc3ef602/detection 204.95.99.142:1640 dx1-system.no-ip.org # Reference: https://www.virustotal.com/gui/file/b07fa15725fa339b554aef81c361ccb077476ed0b09794426f271dcb62402622/detection lllxxxlll.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1b6d798e33533caaadc1c3cf50fa9f80d90f288787145536be63fcc0855ee31c/detection 1726-knight.no-ip.biz # Reference: https://www.virustotal.com/gui/file/2f6c0e531f7e6482b6b2cc470f1c1c2d0f40a8c8ca3e801377e133b392f001c5/detection 2014hussein.no-ip.biz # Reference: https://www.virustotal.com/gui/file/5023794f66283481eb95861719f38aa28e7701d542041ab8df7be6b4ae783e0c/detection zaki.no-ip.info # Reference: https://www.virustotal.com/gui/file/c2887dca8e356ee33934b71d5b6ede54bcb6504f093c7a179dbf82c41902f9f6/detection yakup188.no-ip.biz yakup188.no-ip.biz.ovh.net # Reference: https://www.virustotal.com/gui/file/b56e86fbe0a0964b41e3135fbbb18758c1665087c13eede34260e65d3714c861/detection wesooo.no-ip.biz # Reference: https://www.virustotal.com/gui/file/75bf95db845963849fb6655d23ffa7854b0ba2db2b1c79e3ee23c566b0ae6b2f/detection abc97.no-ip.biz hitemwapp.ddns.net # Reference: https://www.virustotal.com/gui/file/9e8d87600e2a9c111daae725278c0abc87c68e64ed70e636b98a2974c173b97f/detection 6l6l.no-ip.biz l6l6.no-ip.biz # Reference: https://www.virustotal.com/gui/file/a4bb3d6adafc5477f7aff7a9bcd986c5ed3a266772a232de1d5d0b563a4e3c0e/detection bn-re.no-ip.biz sa7li1.no-ip.biz # Reference: https://www.virustotal.com/gui/file/57cc99a19df45989effc597b77488a1d98a3cdeb520040deb04c394ed2e27ba8/detection roo10.no-ip.biz # Reference: https://www.virustotal.com/gui/file/460ded41129044b5f43e85630265ad4f10e30dffe96065f6f941920335fd33d1/detection rock-master.no-ip.biz # Reference: https://www.virustotal.com/gui/file/33e81c273f9ac6137e1d4bb686214e3c334c68f47312e52debfd05ee21312034/detection spirale.no-ip.biz # Reference: https://www.virustotal.com/gui/file/ac3d06ee6081825ac3099f201157803a8e6eb7abff7a6ab05decc76a69b01520/detection spiderhack.no-ip.biz # Reference: https://www.virustotal.com/gui/file/d4004c713cb955f35d695ae61ad0624dee6270e05679655de6f5534584ab02b3/detection santivan.no-ip.biz # Reference: https://www.virustotal.com/gui/file/e6d63b5092333f39b300a7110f964fd70acac35f886a62baff8f2fc7ce12a356/detection sanfoura.no-ip.biz # Reference: https://www.virustotal.com/gui/file/f2779e3f1128caadc4beac7d85a24762a7632f423dc91c896d49bb567cbb4b21/detection samidz.no-ip.biz # Reference: https://www.virustotal.com/gui/file/35f3b4e7b3856ebea4c642249a5113e3fd228fd8985586049dceab263894fb12/detection samjal01.no-ip.biz # Reference: https://www.virustotal.com/gui/file/17f5356b8b7116a28f2334a9bac52c013737f4a3b3d7f6056175f6d4bfb6b0eb/detection samod.no-ip.biz samodur.no-ip.biz # Reference: https://www.virustotal.com/gui/file/6085992f257b7d504644f0b0e9bfec190b70c63733289de0b477af0b9809e019/detection samuel2k.no-ip.biz # Reference: https://www.virustotal.com/gui/file/c76238336093723b433a8b158604bdc160c122d808b3861cd3a5ec8f572c00b2/detection qassamas.no-ip.biz # Reference: https://www.virustotal.com/gui/file/136a867eb2c185d30c7653a85eb4fcdb5d0dd483e114c55610b1c7eea3ec87ac/detection ahm.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1c8b181a7e211679ca98ca3c5d887c8f4336b23c530ec7ba83b462c0df94d095/detection aserqazxswedcp.no-ip.biz fsugvdustigo.no-ip.org lpskhfvhidl123.no-ip.info tadaol.no-ip.org # Reference: https://www.virustotal.com/gui/file/12b5ef4b76dfd12b230c1d281ec55ca76bfd3f50bd6d379f3bc70b64739f84a6/detection atf-1988.no-ip.biz atfrai.no-ip.biz # Reference: https://www.virustotal.com/gui/file/9e3f65e8dd39606ac5e9cdfe76e0693dcb1e98ca80968c97fa7f54250f1782f8/detection assaaasa.no-ip.biz vbnsa.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1f5913311eca74106193eaf0a7d221d71916b54c9fc478fcb5d67f5455a27e13/detection 141.255.158.123:9202 webcast.duckdns.org # Reference: https://www.virustotal.com/gui/file/c60209fdc8f0a0228c58386fd3391c9ea22e0b6752eb536bcfe925eddbfc0302/detection akri3333.no-ip.biz # Reference: https://www.virustotal.com/gui/file/db4263fd36b1c51a0f7ad97263918716939d42701a810a430a4e89110caab70c/detection remila.no-ip.biz # Reference: https://www.virustotal.com/gui/file/100668b90df9996808b61051684a2c95026a5e1e14cd938cf7bc410cb3412d65/detection riadh391.no-ip.biz # Reference: https://www.virustotal.com/gui/file/623cf072e78c31a9f1a4171293441c5afe0e6e29c24ff9bfb6c21078ee0b5d79/detection pro-simo.no-ip.biz # Reference: https://www.virustotal.com/gui/file/bc868c66f284735eda7a4f515f199c57b887c53a6833927d9d5171f591c00f42/detection omar624.no-ip.biz # Reference: https://www.virustotal.com/gui/file/89e2c60f37394ab15e85a48f444b40255682b2b95d9d06cc9fa756001ebf1cf2/detection mtma-di.no-ip.biz # Reference: https://www.virustotal.com/gui/file/da90367492daecd2e1eb0515934928306be09618b09506e43490a1aeb30666c7/detection mshforever.no-ip.biz # Reference: https://www.virustotal.com/gui/file/dd3ffa34526c368d63a451ce3e658819835e0a1bf249fd243503a3b389bfea33/detection mhmd99.no-ip.biz mhmd99.no-ip.biz.ovh.net # Reference: https://www.virustotal.com/gui/file/6ddf5d88383ed28fec48784f6ab3b01bb458162463c904df6211cab3bb474894/detection mak.no-ip.biz micosto.no-ip.biz # Reference: https://www.virustotal.com/gui/file/86385db411311e97760c5c2d8e3ddffc8b7f425784b24b6ce330a14d5a86b11a/detection mafiarose39.no-ip.info # Reference: https://www.virustotal.com/gui/file/0ef7b22430e5e0f6ee6ce2421813e47366d72e734e5d3879e0adc4cfb8ca3657/detection mafiausax.no-ip.biz # Reference: https://www.virustotal.com/gui/file/dd1e7aa612a92750e750ea0c13e4fd0eba00d8782290f85e78e8b66afadf8e16/detection rianov.no-ip.biz # Reference: https://www.virustotal.com/gui/file/1dd3ba7879079da191957285862bcd3fc6c4669b8ce8848a90a563730ae28067/detection rabbou3a.no-ip.biz # Reference: https://www.virustotal.com/gui/file/f3a49eaa2aee8f5d96549f5635b5f5d34afda5ccf4217693db031bba8bdbcbae/detection # Reference: https://www.virustotal.com/gui/file/8d7df35ed75bb0a91af2c8a0a9cda5507dbcd8c7fef8a9734ace4d8f8d8fbd92/detection 197.160.81.197:5110 197.160.96.231:5110 radionitron.no-ip.biz # Reference: https://www.virustotal.com/gui/file/d333268f4d2de698845f50bc86d8e8a1d338c68637730ccbb9d166a53a088ac0/detection akramdz.no-ip.biz # Reference: https://www.virustotal.com/gui/file/066d25ba08f084ad4530343f33f3cb4ffd772bec08d7a57425a8833cac7648aa/detection koolman.no-ip.biz # Reference: https://www.virustotal.com/gui/file/a5a5f3cd1fb8b3a99f442136269dd2c72e99df63ab34d2ca20fe511b37939527/detection hx26.no-ip.biz