# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: fakem, fakemrat

# Reference: http://researchcenter.paloaltonetworks.com/2016/01/scarlet-mimic-years-long-espionage-targets-minority-activists/

googmail.org
yourturbe.org
aaa123.spdns.de
admin.spdns.org
detail43.myfirewall.org
economy.spdns.de
firefox.spdns.de
firewallupdate.firewall-gateway.net
intersecurity.firewall-gateway.com
kaspersky.firewall-gateway.net
kasperskysecurity.firewall-gateway.com
kissecurity.firewall-gateway.net
mail.firewall-gateway.com
news.firewall-gateway.com
opero.spdns.org
sys.firewall-gateway.net
account.websurprisemail.com
addi.apple.cloudns.org
bailee.alanna.cloudns.biz
bee.aoto.cloudns.org
book.websurprisemail.com
desk.websurprisemail.com
dolat.diyarpakzimin.com
dolat.websurprisemail.com
dolet.websurprisemail.com
github.ignorelist.com
islam.youtubesitegroup.com
mareva.catherine.cloudns.us
muslim.islamhood.net
p.klark.cloudns.in
ppcc.vasilevich.cloudns.info
press.ufoneconference.com
vip.yahoo.cloudns.info
207.204.225.117
accounts.yourturbe.org
addnow.zapto.org
bits.githubs.net
clean.popqueen.cloudns.org
economy.spdns.eu
eemete.freetcp.com
email.googmail.org
fish.seafood.cloudns.org
freeavg.sytes.net
freeonline.3d-game.com
ibmcorp.slyip.com
lemondtree.freetcp.com
liumingzhen.myftp.org
liumingzhen.zapto.org
n.popqueen.cloudns.org
news.googmail.org
oic-oci.3-a.net
polat.googmail.org
qq.ufoneconference.com
qq.yourturbe.org
sisiow.slyip.com
update.googmail.org
uprnd.flnet.org
video.googmail.org
webmail.yourturbe.org
worldwildlife.effers.com
angleegg.ddns.us
angleegg.xxxy.info
googmail.org
youturbe.co.cc
yycc.mrbonus.com
zjhao.dtdns.net
apple.lenovositegroup.com
mm.lenovositegroup.com
ftp112.lenta.cloudns.pw
gorlan.cloudns.pro
otcgk.border.cloudns.pw
ziba.lenovositegroup.com
apple12.crabdance.com
update.googmail.org
apple12.crabdance.com
alma.apple.cloudns.org


# Reference: https://github.com/kbandla/APTnotes/blob/master/2013/wp-fakem-rat.pdf

googmail.com
apple12.co.cc
avira.suroot.com
endless.zapto.org
freeavg.sites.net
zjhao.dtdns.net
