# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Androm-PE/detailed-analysis.aspx

afawydymss.blogoveg.org
azipev.blogoveg.org
ikvbog.blogoveg.org
ipufukavyd.blogoveg.org
iqtpyty.blogoveg.org
odenatl.blogoveg.org
omomeqygex.blogoveg.org
ozywopesb.blogoveg.org
ugejiju.blogoveg.org
uglz.blogoveg.org
ujoparq.blogoveg.org
ules.blogoveg.org
uxykeh.blogoveg.org
ysoc.blogoveg.org
yzuhk.blogoveg.org

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Androm-NE/detailed-analysis.aspx

ie.n502.com
900cpa.cc
ip138.com

# Reference: https://www.group-ib.com/resources/threat-research/Anunak_APT_against_financial_institutions.pdf
# Reference: https://www.virustotal.com/gui/file/98413cf9281d4b00f6503c18256aab3b7cb5b2c7017f3579388cc4641e8a1696/detection

ddnservice10.ru
ddnservice11.ru
/and/jopagate.php

# Reference: https://www.proofpoint.com/sites/default/files/proofpoint-operation-transparent-tribe-threat-insight-en.pdf

dvdonlinestore.net
eastmedia2112.com
mustache-styles.com
onlinestoreonsale.com
pradahandbagsshoes.com
vhideip.com
wisheshub.com
99mesotheliomalawyers.com

# Reference: https://twitter.com/malwrhunterteam/status/1188056259209158656
# Reference: https://www.virustotal.com/gui/file/8faa02e77c596d1c0e443de4939df308b27f163bae6268ad864d96a3d3e5ff84/detection

45.14.15.15:777

# Reference: https://www.virustotal.com/gui/ip-address/79.134.225.125/relations
# Reference: https://www.virustotal.com/gui/file/a5dd69b84ae8d3ff968d60e03d90d6b6b887e6d2e1de7f23f1bafba5f534f2e4/detection
# Reference: https://www.virustotal.com/gui/file/aae29c9e46532693e1d8a7451ccef47e4a58f8c4e46e76411dc19b8455be732c/detection
# Reference: https://www.virustotal.com/gui/file/cd12e7813669fcf107252997399e052ef03dd0aca5412614f56c8b3e6db43d66/detection

79.134.225.125:10001

# Reference: https://www.virustotal.com/gui/file/5fc7a819f5640918045e0431b4c31c8fa87c1c1485a4f6da7103ad9da620251b/detection

212.7.208.155:10001
rogerfries8.ddns.net

# Reference: https://www.virustotal.com/gui/file/4550db4e0c0f9e871b99164c94185e3b8cc92d3d5463d20092e8559aefe454d7/detection
# Reference: https://www.virustotal.com/gui/file/4550db4e0c0f9e871b99164c94185e3b8cc92d3d5463d20092e8559aefe454d7/detection

mikemonk88.ddns.net
