# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/James_inthe_box/status/1118968911590907904
# Reference: https://twitter.com/James_inthe_box/status/1121513004627927040

159.69.48.50:5655

# Reference: https://twitter.com/dave_daves/status/1130471755783573504
# Reference: https://app.any.run/tasks/f363c1d5-45ed-4b08-ab3c-54f1f5ac1636/

kentona.su
66.111.2.131:9030

# Reference: https://twitter.com/Bank_Security/status/1148471450422140929
# Reference: https://pastebin.com/0XNMhLP2
# Reference: https://blog.yoroi.company/research/ta505-is-expanding-its-operations/

217.12.201.159:5655

# Reference: https://www.proofpoint.com/us/threat-insight/post/ta505-targets-us-retail-industry-personalized-attachments

89.144.25.32:5655

# Reference: https://twitter.com/raby_mr/status/1184430613165572097
# Reference: https://app.any.run/tasks/90aaff29-18fe-4ad1-b385-a4e0d7f19564/

109.234.156.180:5655
rms-server.tektonit.ru

# Reference: https://twitter.com/JAMESWT_MHT/status/1185131622263377923
# Reference: https://app.any.run/tasks/b79dcfcd-5b9b-404f-aaf6-a9ea55109284/

79.134.225.73:3175
britianica.uk.com
