# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: bifrost, refroso

# Reference: https://blog.talosintelligence.com/2020/02/threat-roundup-0221-0228.html (# Win.Dropper.Bifrost-7593600-0)

lronaldinho.no-ip.biz
snouci.no-ip.biz
zoulou.zapto.org

# Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0228-0306.html (# Win.Packed.Bifrost-7603033-1)

dzalgerdz.no-ip.org
hh.servecounterstrike.com

# Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0313-0320.html (# Win.Worm.Bifrost-7616408-0)

fisherman7.no-ip.biz
noip2010.no-ip.org

# Reference: https://www.virustotal.com/gui/file/24fd4a24f7bfe82cb6eef5fb11e3a9f677539d812e6eb074db6ccf657938932a/detection

drive53.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/c72c3618ca584612806b0abe8a9857749cb69e51b11b64eea413f1da9b20eecf/detection

drive53.no-ip.biz.ovh.net

# Reference: https://www.virustotal.com/gui/file/297cfd8abb097b865aabc4f629f31dc31aab9883fea5467139161463fa4c5c47/detection

recorder1171513gg.ftpaccess.cc

# Reference: https://www.virustotal.com/gui/file/79a455f8a35202694f8337d2712d5f060e076cd182dec562a1bc7e4fa9337dde/detection

204.95.99.26:96
broklin.no-ip.org
casawa1.no-ip.org

# Reference: https://www.virustotal.com/gui/file/e4856ad9746aedc3b3518c625a07f8503f857ca32194e9704f36fa0c968f2394/detection

karim.no-ip.org

# Reference: https://blog.talosintelligence.com/2020/04/threat-roundup-0403-0410.html (# Win.Dropper.Bifrost-7646061-0)

hmada12.hopto.org
hooogo.no-ip.biz
tt00.dyndns.tv

# Reference: https://otx.alienvault.com/pulse/5e973946469296827b671df8
# Reference: https://www.virustotal.com/gui/file/3cad20318f36b020cf4d6b44320eb5a6dae0a78339a0fdc3a1fe5e280a8507f1/detection

107.191.61.247:443

# Reference: https://www.virustotal.com/gui/file/5774843d066e36b1f75d171bf3247cddf1779b5866dd66c6c323b9f74aa672e4/detection

a1a5a4.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/bbe06c393df62ce5aed08ade02dab8667fab6d142b4a1be7ac312aee9901b1b8/detection

hacker06.no-ip.biz
souhailmejri.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/1d142651ae48c447a3df697fefd8ac50e4e31d729d6f0a38bacb72577b2029dc/detection

sami99.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/afd084c46dfb09d023d5fcf6d150c4e7c96257304e1c58ab3caa6ee8fa732adf/detection

94.73.32.235:82

# Reference: https://www.virustotal.com/gui/file/58f8382bd89ecdbf05d43a7a0f6fa25865a35d8c0cb35307b172d2fe233c8670/detection

58.158.177.102:4116
adsl196iam.sytes.net