# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: krbanker

# Reference: https://twitter.com/Paladin3161/status/1185196100220665856

0x0x0x0x0.best
0x0x0x0x0.club
0x0x0x0x0.xyz
1c1c1c1c.best
oiwcvbnc2e.stream

# Reference: https://twitter.com/Kafan_MalwareHT/status/1359153542783774727
# Reference: https://app.any.run/tasks/7200fdbe-b752-41d1-8a74-9822e75cd2fc/
# Reference: https://www.virustotal.com/gui/file/1ac1a77ff3cf20c46f132c214a737ec2c2086f4ab42068a55a8ac30abfea432d/detection

r.pengyou.com
users.qzone.qq.com/fcg-bin/cgi_get_portrait.fcg?uins=1044446911

# Reference: https://www.virustotal.com/gui/file/008e45f4d75d423d8f77cec6b80ae4f87248b4c66ca6efba019329ea735e8eda/detection

14.18.141.27:33355

# Reference: https://www.virustotal.com/gui/file/eb603df8f80f6863a6602e73e335a0b3eb35087e19e5b518a141ad5189055fdc/detection

14.18.141.27:8668

# Reference: https://malpedia.caad.fkie.fraunhofer.de/details/win.krbanker
# Reference: https://www.virustotal.com/gui/file/008c859fb13090cf9a14190cbadf0aa6176264e18b2c9c34389f18f993fa5e42/detection

/fcg-bin/cgi_get_portrait.fcg?uins=

# Reference: https://tria.ge/220725-kbamjsbeck/behavioral1
# Reference: https://tria.ge/220725-kh522aagg8/behavioral1

91.208.245.116:10020
nxxxn.ga
r.nxxxn.ga
fuck88.f3322.net

# Reference: https://tria.ge/220722-pea5psfccn/behavioral1

http://106.126.11.167

# Reference: https://tria.ge/220624-mg3lmabfdq/behavioral1

110.42.64.64:11022

# Reference: https://tria.ge/220710-qc7xbsbegj/behavioral1

43.248.201.209:24303
qq2457600534.e2.luyouxia.net