# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.virustotal.com/#/ip-address/185.10.68.163
# Reference: https://twitter.com/luc4m/status/1044148790008205312

/miner.sh
/scanner.sh
/worlswest.sh
/bruteforce_ssh
/bruteforce_ssh_386
/bruteforce_ssh_arm
/tcpconnect_zmap_386
/tcpconnect_zmap_arm

# Reference: https://twitter.com/bad_packets/status/1127110083429654528

r00ts.online

# Reference: https://twitter.com/bad_packets/status/1127450801834680320

104.128.230.16:8000

# Reference: https://www.fortinet.com/blog/threat-research/closer-look-satan-ransomwares-propagation-technics.html

/conn32
/conn64

# Reference: https://twitter.com/ankit_anubhav/status/1132974251194011648
# Reference: https://twitter.com/0xrb/status/1133055807572959232

nadns.info
222.186.15.231:5555

# Reference: https://twitter.com/bad_packets/status/1133534604030169088

185.239.226.167:8480

# Reference: https://twitter.com/ankit_anubhav/status/1133682276045164544

cyberium.xyz

# Reference: https://twitter.com/smii_mondher/status/1134068251951083521

http://54.37.70.249

# Reference: https://twitter.com/bad_packets/status/1134920520644714496

45.79.9.153:8000

# Reference: https://twitter.com/bad_packets/status/1135623419670646784

216.176.179.106:9090