# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.fireeye.com/blog/threat-research/2017/05/threat-actors-leverage-eternalblue-exploit-to-deliver-non-wannacry-payloads.html

hackqz.f3322.org
120.209.40.157:8880

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Nitol-P/detailed-analysis.aspx

dingtao333.3322.org

# Reference: https://twitter.com/securiteoff/status/739574861543149568
# Reference: https://www.virustotal.com/gui/file/20d841afa96e58fb7d2b4c5e8bb25d07ff36e25bbb14fc176f3f46c650cb016e/detection

feng12763.3322.org
qlsb.f3322.net

# Reference: https://twitter.com/P3pperP0tts/status/1153026768590258179

520yxsf.com