# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/VK_Intel/status/1185255932474904576
# Reference: https://www.virustotal.com/gui/file/f491fb72f106e879021b0bb1149c4678fb380c255d2ef11ac4e0897378793f49/detection
# Reference: https://kc.mcafee.com/corporate/index?page=content&id=KB92734

http://91.218.114.4
http://91.218.114.11
http://91.218.114.25
http://91.218.114.26
http://91.218.114.31
http://91.218.114.32
http://91.218.114.37
http://91.218.114.38
http://91.218.114.77
http://91.218.114.79

# Reference: https://github.com/StrangerealIntel/malware-notes/blob/master/Ransomware/Maze.md

aoacugmutagkwctu.onion
mazenews.top
mazedecrypt.top

# Reference: https://app.any.run/tasks/42be811a-6703-4a2a-ab68-ccbcdff12204/ (# Generic trails)

/egbrcwix.jspx
/qsumt.jspx
/vfcb.jspx
/laehhmcha.php
/wordupd.tmp