# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://misterch0c.blogspot.com/2019/04/threat-fox-stealer.html

a0287829.xsph.ru
androsha.ga
anticap.ml
ark-steal-free.tk
battlecash.ru
blackspace.site
bigbosslike.tk
bloodborn.xyz
bugtrackerjorkey.tk
coderxz.site
dexire.tk
djimbosfan.tk
docheat.site
exchangepe.cf
f0289264.xsph.ru
foxpanel734923vbb2.tk
gilork.ga
govoting.site
hjon1k21.tk
hooksixteenth.tk
jon1k2002.tk
kuzya001.tk
lexonlex31q.tk
lobsterkiller.tk
lucasik.tk
mrgrom.gq
oldfuck.tk
orangemail.tk
paketa.gq
panelys.tk
phust-adminpanel.ga
poolground.tk
reaper.tk
rondylog1337.ga
sashajeweler.tk
schoolmosreg.tk
squarez.icu
squarez16.site
stiller.tk
test1331.tk
webenginer.tk
wnukz.site
wsq22.ml
yadaynksta.ga
younglybae.tk
z1xrk.cf

# Reference: https://twitter.com/P3pperP0tts/status/1125726986159185920
# Reference: https://app.any.run/tasks/3068b154-d6f2-4483-ae72-60fbd5f3467f
# Reference: https://app.any.run/tasks/efda3189-9b24-46e1-8687-6c4e36c191f2
# Reference: https://app.any.run/tasks/aedd6873-d6dc-433a-9eaa-e99fb04e61a5

fristaylooo.ml
joskiyet.beget.tech

# Reference: https://www.virustotal.com/gui/file/0cbf6190e0a381a0ec20a2b54156f06615453bb80ae2e1256242cb8af96b065d/detection

moringb6.beget.tech

# Reference: http://tracker.viriback.com/dump.php (# 2019-11-04, FoxStealer)

f0293780.xsph.ru
tomanddd.tk

# Reference: https://twitter.com/malwrhunterteam/status/1117770064114126849

ark-steal-free.tk
duperu.ru
foxpanel734923vbb2.tk

# Reference: https://www.virustotal.com/gui/file/e1b1bc31a0ad91af3e1e77caaa41e32b9d818163035f93e3e2a269b45ebe6d2c/detection

cp57152.tmweb.ru
vh224.timeweb.ru

# Reference: https://twitter.com/FalconFeedsio/status/1741333409606341115

5.42.66.4:3000

# Reference: https://twitter.com/banthisguy9349/status/1778029253583425833
# Reference: https://urlscan.io/search/#filename:%22logo-e7746211.png%22

http://5.42.66.4
0p2q9.com.ru
2pgkbxhcalac.0p2q4.ru
c9fsjknsjb.volgae.ru
claims-dept.com
ebhpnpesmvv.9g1h2.ru
mailhost.freemsk.org
office.freemsk.org
themailonlinepersonel.com