# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: bouncing golf, golfspy

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east/
# Reference: https://otx.alienvault.com/pulse/5d093c0e815e31a61883fc3b

androidsmedia.com
androidssystem.com
mediadownload.space
mediamobilereg.com
secandroid.com
sharpion.org
shileyfetwell.com

# Reference: https://twitter.com/malwrhunterteam/status/1337439778564935682

http://95.216.88.43

# Reference: https://www.virustotal.com/gui/file/5af00ecac0ea1ecaaf82d713305e0d62b16b1f53fdf6342302a6b47dd04a2c67/detection

88.119.171.200:443
services4me.net

# Reference: https://www.virustotal.com/gui/file/01c6cea3f07ea33aa1912afc41496acd880c936ba593396f911f34845862b565/detection

88.119.171.200:22222

# Generic

/gzza/ibbc.php
