# Copyright (c) 2014-2019 Miroslav Stampar (@stamparm)
# See the file 'LICENSE' for copying permission

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~NetWire-EK/detailed-analysis.aspx

mommyreal.ddns.net

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~NetWire-CC/detailed-analysis.aspx

wwfvpsv9.serveftp.com

# Reference: https://www.cyren.com/blog/articles/bad-things-come-in-pairs-3004

dinesaad.hopto.org

# Reference: https://twitter.com/James_inthe_box/status/1044616045560967168

cboss33.hopto.org

# Reference: https://twitter.com/James_inthe_box/status/1044365272675573760

natigr.ddns.net
projectadmin.camdvr.org

# Reference: https://twitter.com/James_inthe_box/status/1044231367347732480

ddns.catamosky.biz

# Reference: https://twitter.com/Racco42/status/1042056130577489928

lagos042.ddns.net
manuel3.publicvm.com

# Reference: https://twitter.com/VK_Intel/status/983940199603474432

snoopdmoney2018.sytes.net
snoopdmoneybkup.sytes.net

# Reference: https://twitter.com/Racco42/status/1052222344259747841

manuel3.publicvm.com

# Reference: https://www.virustotal.com/#/file/a095a7acda9c73fc89bfbc170bbec75a4572c75114e1687a7c212e9228915945/detection
# Reference: http://www.kernelmode.info/forum/viewtopic.php?f=16&t=3966&sid=a2bb410851e96a6bb24b90b65966112f&start=300#p32187

ola100.hopto.org