# Copyright (c) 2014-2019 Miroslav Stampar (@stamparm)
# See the file 'LICENSE' for copying permission

# (aka DarkComet)

# Reference: https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Backdoor:Win32/Fynloski.A

slimx.comule.com
slimmy.noip.me

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Fynlosk-AC/detailed-analysis.aspx

malka-reklama.com

# Reference: https://www.virustotal.com/en/file/88b322f35736cb13ecaba8539366da9282321945f37deded86aab3a6d3418d95/analysis/
#            https://malwr.com/analysis/ZTFkNTkyOTIyYWY5NGQxNDg3OThhOThmMDY5NGM0OWQ/
#            https://malwr.com/analysis/NTliNzQ4MmUwODVlNGMxNWJiZmExMDViYTJjNzRkNmM/

nobodywithyou.quicksytes.com
unfaithfull.mine.nu
nobodylikeyou.broke-it.net
unfaithfull.golffan.us
noremotenj.dnsfor.me

# Reference: https://blog.talosintelligence.com/2018/09/threat-roundup-0907-0914.html (Win.Dropper.Darkkomet-6680876-0)

val.myftp.org

# Reference: https://citizenlab.ca/2016/08/group5-syria/

alienfiend.3utilities.com
alirezaz74.no-ip.info
amiir.ddns.net
ashiyane.ddns.net

# Reference: https://citizenlab.ca/2015/10/mapping-finfishers-continuing-proliferation/

a.ddns.me
r.ddns.me

# Reference: https://twitter.com/Racco42/status/1046878564359000064

elumadns.eluma101.com

# Reference: https://twitter.com/ScumBots/status/1048377827765223430

control-pc.ddns.net

# Reference: https://twitter.com/fumik0_/status/1050643239273779200

fanddes.ddns.net