# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Note: Real-world UEFI bootkit that persists on the EFI System Partition (ESP). 

# Reference: https://www.welivesecurity.com/2021/10/05/uefi-threats-moving-esp-introducing-especter-bootkit/
# Reference: https://otx.alienvault.com/pulse/615da17a17aebe726ae818f1

http://103.212.69.175
http://183.90.187.65
http://196.1.2.111
http://61.178.79.69
103.212.69.175:443
183.90.187.65:443
196.1.2.111:443
61.178.79.69:443
swj02.gicp.net
microsoftassistant.com
mails.microsoftassistant.com
outlook.microsoftassistant.com
server.microsoftassistant.com
update.microsoftassistant.com
yspark.justdied.com