# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/fumik0_/status/1016767284122214400

cookiesdough.tk

# Reference: https://twitter.com/ViriBack/status/1046896338892406784

very.ruvmp.ru
/gate/setOnline.php

# Reference: https://twitter.com/fumik0_/status/1050643239273779200

testantik.ml

# Reference: https://twitter.com/James_inthe_box/status/1109835474493829120
# Reference: https://pastebin.com/tvn8EMyS

search.ac.ug

# Reference: http://tracker.viriback.com/dump.php (# 2019-11-04, Arkei)

slipcentral.com

# Reference: https://twitter.com/benkow_/status/1055005039733944320

filipmoris.ru.com

# Reference: https://www.virustotal.com/gui/file/3f706cae67af4a80592cb751dc6615d8b094381c6d39a3c2c734b7399c374e07/detection

arkei.foxovsky.ru

# Reference: https://www.virustotal.com/gui/file/0e4ed11a85e1b9f33695d12541f546b832c71466d9028ef1d783bfab3f948901/detection

a0446764.xsph.ru

# Reference: https://app.any.run/tasks/98681d08-941f-4b16-a0bc-263c1d0e55ba/
# Reference: https://github.com/tjnel/yara_repo/blob/master/trojans/arkei_stealer.yara
# Reference: https://infosec.cert-pa.it/analyze/536fc78ee97d2eea3a0e4b58364cd957.pdf
# Reference: https://otx.alienvault.com/indicator/file/d683da1f88fd8aaa0645c95aa1c2396e31f81dc1d0dd529c8d13179d654b9620/
# Reference: https://any.run/report/ef347bff5f4f139d04a50bc9272323d17714b638e5645047bfa9e0bf90d38635/b85be957-a60f-4b36-812b-009bed2acc57
# Reference: https://otx.alienvault.com/indicator/file/c06c94d831aa3170ecf8f0fddd33c383696ca2169cad412c77f64848ccf2817b/
# Reference: https://any.run/report/3895c8d1bc26750d298e9fa09b47642940cba88736cbc2fc3dbb9ad67ee9f1e0/29e69c61-a7d6-41f0-b1ab-5b4757803136

synchronization.ml
privatlux.pw
fdsgdsfg543.zzz.com.ua
kolyanologi.zzz.com.ua
nagiby.zzz.com.ua
spawnmas.ru

# Reference: https://www.virustotal.com/gui/file/74e5bf86405ad3d894b95c70d21d75dbde5233967254ec7048ed283f0a719da6/detection

doeros.xyz
funzel.info
hqans.com
nezzzo.com
poderoa.com
vromus.com
vxeudy.com

# Reference: https://twitter.com/maldatabase/status/1388826892246081537
# Reference: https://otx.alienvault.com/pulse/608e9574fe0220cf9bb407bf/

bestbundledealer.com
macakslcaq.ug
malcacnba.ac.ug

# Generic

/server/grubConfig
/server/checkingLicense
