# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/LookoutThreats/status/1339074028015919106
# Reference: https://twitter.com/malwrhunterteam/status/1255144050228752388
# Reference: https://twitter.com/bl4ckh0l3z/status/1339976719453794306
# Reference: https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail
# Reference: https://www.virustotal.com/gui/domain/w-video.vip/relations
# Reference: https://www.virustotal.com/gui/file/7c5c552028d30b0a0b208bb90ff5191c0341c3dbf88b29b2e8686a88711ef1dd/detection
# Reference: https://www.virustotal.com/gui/file/29805b908d65bd1a45ab742cd4f1db6c59dc9b8f2312e821f0c01258f36fe5f0/detection
# Reference: https://www.virustotal.com/gui/file/628ee109965ea2bdcddd235d9873ac10aa469ca8247a8a89acd3e04e940dabe8/detection

107.151.194.116:8080
27.124.6.226:8091
27.124.6.226:8083
27.124.6.244:8085
a-video.vip
bo-dycam.com
dalbam.vip
download-file.top
grd77.cn
hdcamera.vip
ladysizi.top
live-live.vip
livetalk.top
livetalk.vip
mimi18s.top
mimibox.top
mimicwt.net
mimimsg.net
mmbox.top
momomsg.top
my-player.vip
oncamera.top
oncamera.vip
oncast.top
red-v10.com
red-v8.com
redvios.com
ser-chat.com
signal-live.vip
signaltalk.top
super-voice.vip
tele-gram.vip
tocast.vip
twi-tter.vip
v-talk.top
v-talk.vip
videosound.vip
voicecontrol.top
voicesupport.vip
vtalk.vip
w-video.vip
zerobt.net
zerobyte.top

# Reference: https://twitter.com/malwaremansys/status/1375296162907840514
# Reference: https://www.virustotal.com/gui/ip-address/27.124.6.226/relations
# Reference: https://www.virustotal.com/gui/ip-address/27.124.6.244/relations
# Reference: https://www.virustotal.com/gui/ip-address/180.215.254.23/relations
# Reference: https://www.virustotal.com/gui/file/1eb701008665d10cbd430e56a2f34e9e7d55a01d5a4306c1ffc79d81b0bf2696/detection
# Reference: https://www.virustotal.com/gui/file/aaa4e1befb67204d356bbe83568bdc2c0f11231c951ea90789ef0400b1d91b59/detection
# Reference: https://www.virustotal.com/gui/file/b4a7b9d054693c73bac7c795e8edcc4c45726e93f3f638134de977d33d0d4dc4/detection
# Reference: https://www.virustotal.com/gui/file/b4a7b9d054693c73bac7c795e8edcc4c45726e93f3f638134de977d33d0d4dc4/detection
# Reference: https://www.virustotal.com/gui/file/9b6418ec31ab3cd4ad7fb014e8062ddb27d8b568b057a13f7b9f57c47e536521/detection
# Reference: https://www.virustotal.com/gui/file/c4695ce886c90071740902bb4a9d85682db99f71446bf49cdefd3303af5b80a1/detection
# Reference: https://www.virustotal.com/gui/file/2592beed857a50463d19c33b9d1fecf145e19122d1197f0a385ee67b359464af/detection
# Reference: https://www.virustotal.com/gui/file/75852f888b8f21404fccb3d73398d4abbd00755733c6b839f9741bab7cb7a3c3/detection
# Reference: https://www.virustotal.com/gui/file/bfde789d9b604bd5be8651aa4233b024805361ef5acb6313220c644b0a3ade33/detection
# Reference: https://www.virustotal.com/gui/file/5a2c8b6a693e121ca4e897c556bde059ac7b3a912c6d18147b3ca67a42a945ad/detection
# Reference: https://www.virustotal.com/gui/file/2e4cb2826b760db0defcb9f30d9768cf627470c54f8341fbc6f9bb67fbab731d/detection
# Reference: https://www.virustotal.com/gui/file/3056130621de439f622b9e2889b6f12ea976bc025318ddaa1e9b5cf35f226cff/detection
# Reference: https://www.virustotal.com/gui/file/dd6e9b2096bd7e3cceffeaeb05bb6084830d5c32a06e9730d5853026fd3ca15c/detection
# Reference: https://www.virustotal.com/gui/file/5a2c8b6a693e121ca4e897c556bde059ac7b3a912c6d18147b3ca67a42a945ad/detection
# Reference: https://www.virustotal.com/gui/file/f16cb9b2bc058c4e3bc9806e14fff0d749020d646c762936d6854e4ff254528a/detection
# Reference: https://www.virustotal.com/gui/file/02d52f45ab0f75dd79161c25d621848d4754dda8443d16c81dc78a6bbc0bdac8/detection

180.215.254.23:6506
180.215.254.23:8085
180.215.254.23:8203
180.215.254.23:8405
180.215.254.23:8607
180.215.254.23:9901
180.215.254.23:9903
180.215.254.23:9905
180.215.254.23:9906
180.215.254.23:9908
180.215.254.23:9910
180.215.254.23:9911
180.215.254.23:9925
a-video.vip
b-video.top
bo-dycam.com
c-gallery.top
dalbam.vip
g-video.top
hb-video.top
hdcamera.vip
hdtalk.vip
jp-voice.com
king-video.top
ladysizi.top
lets-go.top
live-live.vip
livetalk.vip
mimibox.top
mmbox.top
my-it.top
my-player.vip
oncamera.top
oncamera.vip
oncast.top
panelembrain.vip
play-video.net
redios.top
redvios.com
sec-ret.top
ser-chat.com
ser-tv.com
signal-live.vip
signaltalk.top
super-voice.vip
t-gallery.top
tele-gram.vip
tocast.vip
twi-tter.vip
u-video.top
v-talk.top
videosound.top
videosound.vip
voicecontrol.vip
voicesupport.vip
vtalk.vip
w-video.vip

# Reference: https://twitter.com/malwrhunterteam/status/1399426263916425219
# Reference: https://www.virustotal.com/gui/file/913724315d80ebb1057dbdb2bf5e808a957dc76e52a6f01f0f932966c229ce20/detection

http://180.215.254.23
27.124.6.244:6506

# Reference: https://www.virustotal.com/gui/file/6da89dfbafae43dd3d0a1cff24c77cabd01a5b0a421ba42bc8ccf5abae94ae18/detection

180.215.254.23:8304

# Reference: https://www.virustotal.com/gui/file/83f7ad90826b5967335883da51a4338c6ecc02d01f74bd6edda52a9823dd23aa/detection

27.124.3.92:7405

# Reference: https://twitter.com/malwrhunterteam/status/1403310991539163138
# Reference: https://www.virustotal.com/gui/file/9e1e419157af339be8f238164eb984e570a53211bdef915babf1290904dbfd3b/detection

27.124.6.244:6304

# Reference: https://www.virustotal.com/gui/ip-address/180.215.228.174/relations
# Reference: https://www.virustotal.com/gui/file/5764c4ad0f9a1947230551bfaed2b722f7108a1190001613de75e6c50830f9f3/detection

180.215.228.174:5813
myvideo3.top
q-gallery.top
r-gallery.top
tele-gram.top
videosound2.top
ygtalk.top

# Reference: https://www.virustotal.com/gui/file/58a9135a49fb03b330ee39cd6905d482e6ceb7a6008998f9242ea62957c63fed/detection

118.99.37.123:8080

# Reference: https://www.virustotal.com/gui/file/3d6bb3d3d2e6813ff52eef872570875b07126fe8bf110a59621c13842a8cc315/detection

27.124.3.92:7415

# Generic

/JYSystem/
/JYSystem/restInt/
/JYSystem/restInt/collect/postData
/JYSystem/restInt/log/app
/JYSystem/restInt/v3/collect/
/JYSystem/ws/appLink
