# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: cageychameleon, cryptomimic, ta444, wslink # Reference: https://twitter.com/behindbreach/status/1287961015506927616 # Reference: https://www.clearskysec.com/wp-content/uploads/2020/06/CryptoCore_Group.pdf # Reference: https://otx.alienvault.com/pulse/5ef36f8f63a7d8a11972ca54 # Reference: https://vblocalhost.com/conference/presentations/unveiling-the-cryptomimic/ # Reference: https://vblocalhost.com/uploads/VB2020-Takai-etal.pdf # Reference: https://vblocalhost.com/uploads/VB2020-18.pdf # Reference: https://otx.alienvault.com/pulse/5f74bcb0be4abfe12d93d2bf 140.136.134.201:8080 41.85.145.164:8080 1driv.org 1drv.email 1drvmail.work amazonaws1.info amzonnews.club blockchaintransparency.institute bugscrowd.com cloudfiles.club cloudocs.space cloudsecure.space decurret.site digifincx.com drivegmail.top drivegoogle.org drivegooglshare.xyz euprotect.net fcloudshare.xyz filecloud.website financialmarketing.live gdriverfileshare.com gdrives.best gdrives.top gdriveshare.top gdriveshareslink.xyz gdriveupload.info gdriveupload.site gdrvauth.cloud gdrvcheck.co gdrvshare.site gdrvup.xyz gdrvupload.xyz gmaildrive.info gmaildrive.site gmaildriver.info gogleshare.xyz goglesheet.com googldocs.org googldrive.xyz googleapis.online googleauth.pro googlecloud.live googleclouddrive.com googlecstorage.com googledrive.download googledrive.email googledrive.network googledrive.online googledriver.info googledriver.net googledriver.xyz googledriveshare.com googledrv.com googleexplore.net googlefiledrive.com googlefileshare.com googleshare.org googleupload.info krypitalvc.com liveonedrvshare.xyz microsoftapp.life msupdatepms.xyz navicheck.xyz onedrivecloud.store onedriveglobal.com onedrivems.online onedrivrshares.xyz onedrvdn.co onedrvfile.site ownemail.me privacyshield.services provemail.net secureshares.online sendspace.buzz sharedrivegght.xyz sharegoogldrive.online sharesdown.xyz showprice.xyz uploadsfiles.xyz wechart.org armzon.onmypc.org blackwell.tekstar.us btcprime.itsaol.com chromeupdate.publicvm.com coindeck.onmypc.org coinnews.onmypc.org coinomic.itsaol.com connsec.publicvm.com ddsvr.itsaol.com drive.sharegoogldrive.online drivegoogle.publicvm.com drivegooogle.publicvm.com esosv.itemdb.com europegdprsec.onmypc.org eusharesrv.onmypc.org excinfo.itemdb.com gdrive.onmypc.org googledrive.dynu.net googledrive.linkpc.net googledrive.publicvm.com googleupdate.publicvm.com ledgerservice.itsaol.com matrixpartners.theworkpc.com mpksl.publicvm.com mskpupdate.publicvm.com msupdate.publicvm.com onedriveupdate.publicvm.com sevicebill.itemdb.com termsofservice.onmypc.org tokenomic.itsaol.com twosigma.publicvm.com vpset.onmypc.org vpsfree.linkpc.net windrvupdate.kozow.com # Reference: https://twitter.com/_re_fox/status/1280138335214804995 twosigmateam.info # Reference: https://twitter.com/_re_fox/status/1298281770597654529 drivegoogles.com # Reference: https://twitter.com/_re_fox/status/1232320036834025472 # Reference: https://app.any.run/tasks/8d5e66c9-3942-4e00-bfdf-8f2c24054a92/ 140.117.91.22:8080 blog.cloudsecure.space # Reference: https://community.emergingthreats.net/t/ruleset-update-summary-2022-12-19-v10199/212 prosec.ink cloud.prosec.ink cloudprotect.us.org # Reference: https://www.proofpoint.com/us/blog/threat-insight/ta444-apt-startup-aimed-at-your-funds autoprotect.com.de autoprotect.gb.net azurehosting.co azureprotect.online azureprotection.cloud azuresecurity.online azuresecurity.site bankofamerica.offerings.cloud careers.bankofamerica.nyc careersbankofamerica.us cloud.globiscapital.co cloud.mufg.uk cloud.tptf.ltd cloud.wpic.ink docs.azurehosting.co globiscapital.co hoststudio.org ledgercloud.com mufg.ink mufg.uk mufg.us.org share.anobaka.info tptf.fund unchainedcapital.co updatezone.org