# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# CERT-UA: UAC-0035

# Reference: https://github.com/eset/malware-ioc/tree/master/invisimole
# Reference: https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_InvisiMole.pdf
# Reference: https://otx.alienvault.com/pulse/5eeb8b9d068b1ec75b7d7bb3

activationstate.sytes.net
advstatecheck.sytes.net
akamai.sytes.net
blabla234342.sytes.net
statbfnl.sytes.net
time.servehttp.com
updchecking.sytes.net
wlsts.net
update.xn--6frz82g
adstat.red
statad.de
amz-eu401.com
adtrax.net
153.re
ns.statads.de
ns1.statads.de
ns2.statads.de

# Reference: https://cert.gov.ua/article/37829 (Ukrainian)

45.95.11.34:3000
45.95.11.34:88

# Reference: https://www.cybercom.mil/Media/News/Article/3098856/cyber-national-mission-force-discloses-iocs-from-ukrainian-networks/
# Reference: https://www.virustotal.com/gui/ip-address/195.154.255.211/relations

mx1.be
aaaaaaaaaaaae.153.re
aaaaaaaaaaaae.mx1.be
a8y1a442fibixcolmcy8eiyfncvafk7iqcnarcqxaaaaaaaaaaaaaaaalaaiaa.aaaaaaaaaaaae.153.re
a8yk66yshlbixcolmcy8eiyfncvafk7iqcnarcqxaaaaaaaaaaaaaaaalaaiaa.aaaaaaaaaaaae.mx1.be
a8yq99tadibixcolmcy8eiyfncvafk7iqcnarcqxaaaaaaaaaaaaaaaalaaiaa.aaaaaaaaaaaae.mx1.be