# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Autoit-BXA/detailed-analysis.aspx

latestapps.wen.ru
guoqeeoqgb.wen.ru

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~AutoIt-BUH/detailed-analysis.aspx

apollo39.duia.ro
spectranet47.duia.eu

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Autoit-BXC/detailed-analysis.aspx

fifexont.com
mumeraxo.com
mutinenag.com
tonekrant.com

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Autoit-BNH/detailed-analysis.aspx

dw.downloadtesting.com

# Reference: https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Autoit-BVB/detailed-analysis.aspx

s3.dedicatedpanel.net

# Reference: https://www.threatcrowd.org/domain.php?domain=maniac.http80.info

maniac.http80.info

# Reference: https://www.virustotal.com/gui/file/01025f6c7ce7fd17c1571bd6610c497ce877e2b57b026cd6a98381736d619f28/detection

ricch-hood.servepics.com
103.199.18.145:30578

# Reference: https://www.virustotal.com/gui/file/76cf632e4d24b705fdf2eb314da93351b5dcf58e5001c584d615527741feddbe/detection
# Reference: https://www.virustotal.com/gui/file/f2f403d047bb68a6df3568a932b3f2dec7ea5536e1dee18cfb96cd919443d97a/detection

googlemoney.mywire.org
188.209.49.98:7890
188.209.49.98:8043

# Reference: https://www.virustotal.com/gui/file/456043794f874c6e14976ad9a14e4daa962c401377d2c85b7e4dadbe9e1ded9d/detection

192.169.69.25:47648

# Reference: https://www.virustotal.com/gui/file/cc5d5fa6d687aeb92430ef425ba763772182ce74ee2c950046d79e4fbea4c98a/detection
# Reference: https://www.virustotal.com/gui/file/de167f60d32bb83f5eef6ddd1bd987ecba4d59a57c678f9fa9ee04420b52e905/detection

186.192.119.176:2019
191.242.22.37:2019
sistemadecomunication90.duckdns.org

# Reference: https://www.virustotal.com/gui/file/73e316f59fdb3dab9b66ddb79e72b0999d2a9bd7a024e87568486b79ab678e18/detection

185.60.219.41:27128
avqu3r2t4phqkf2p.ddns.net
danger.serveirc.com
s3-cloud.hopto.me

# Reference: https://www.virustotal.com/gui/file/e42404eb133fc5e0f9ce872b30358ea7f56aafcde4f712dd0806dc69bfbc8997/detection

okansaner.info
vodo.me

# Reference: https://www.virustotal.com/gui/file/8acab560aa72f1d6a39b1bcdc48334e51cb9654fb21185da22413434bb01d22c/detection

fada231.freedynamicdns.org

# Reference: https://github.com/stamparm/maltrail/commit/733a4d2029755ad71c84caf07fc8dfb0e8332e60
# Reference: https://www.virustotal.com/gui/file/fc153c7e6f5b14b76827abab664752e2c2e9f0284c5682b3c5cdddb64b48e9bd/detection

chaseonlinepc.com
getmyandro.info

# Reference: https://www.virustotal.com/gui/file/c41bfd0e67c6b9d4632b90e9a1f6a174468042a728aa86ace0f289235d4adc33/detection

desirenews.com
fastalt.com

# Reference: https://www.virustotal.com/gui/file/218d91f3b5d4e17700df0ff27d90758812718302732c4f4e20867475039cabfc/detection

ericsmt67.hopto.org

# Reference: https://www.virustotal.com/gui/file/b1db6ccb1b0937d2fb89fecf2e779350d430b87d46ef76122464ec8a180732c4/detection

192.166.218.230:6386
lturange1.duckdns.org

# Reference: https://www.virustotal.com/gui/file/59f17449a1470324909805c55a67684846f322244436afb07bb1d22a5b88e02d/detection

94.73.34.195:1604
pasvar50.no-ip.org

# Reference: https://www.virustotal.com/gui/file/280cc91b57b9f4a3f58e3fac82670fdd19b1a78fcb3034af417903edfc5b1ad1/detection

lovesyr.sytes.net

# Reference: https://s3.amazonaws.com/snort-org/www/rules/community/community-rules.tar.gz
# Reference: https://snort-org-site.s3.amazonaws.com/production/release_files/files/000/012/156/original/snort3-community-rules.tar.gz

tooti15.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/aa69d82aadc7409eae208df5f9b0487ac3c79c9088ca4eca2e48ea0fee9db936/detection

tracking-recipient.net46.net

# Reference: https://www.virustotal.com/gui/file/cabc1e2d4678d6c8663cc97a0cc19194663a577636d6cb59c3256f05587c6cb9/detection

165.227.31.192:22474

# Reference: https://www.virustotal.com/gui/file/ab9e2997dcd220658626bc834e506ba3e7b2d2b9e51315aa322249bb9e961c40/detection
# Reference: https://www.virustotal.com/gui/file/5c1bdf5138bc16522429679e1a59105f69da57ada33b891e372cfa2bfe71fb29/detection

185.244.31.24:2477
212.7.208.151:2477
macho868686.hopto.org

# Reference: https://www.virustotal.com/gui/file/e2c1cd57dba8116335f296add54e8ed139026cb1dbdfe508019d31c21d648385/detection

141.255.145.148:81
brazil2014.linkpc.net

# Reference: https://www.virustotal.com/gui/file/71fe2fef8f075635a27a02d8e46a8218fa7dcd74664737755b70db0ab7710db6/detection
# Reference: https://www.virustotal.com/gui/file/a5ab1e621ae03df6ee423fbbfbff47bece2ac2525165cc09450989bd5d9a41e3/detection
# Reference: https://www.virustotal.com/gui/file/fa020bb967eefd6d406f0de1336fbac3948abffc2fbe999957f30a84aafe670b/detection

41.36.215.172:5000
daly.linkpc.net

# Reference: https://www.virustotal.com/gui/file/b3aa0dcde60084d5f9af91f7d7e388751db1230ff2c35aaff5e617454e15943d/detection

156.212.181.188:1742
micr0softs.linkpc.net

# Reference: https://www.virustotal.com/gui/file/4657b2098da604ef652e9fb0dd3a8446ef56123ce51c865a6fbd7384db022ce8/detection

windowsmiseajour.3utilities.com

# Reference: https://www.virustotal.com/gui/file/cbd75526640cac7307c0ca25653467cee064f4605e656942ccbb997e5ac3fd90/detection

microsoft01.system-ns.net

# Reference: https://www.virustotal.com/gui/file/3a853e38889c1fb3a57174f22a02669412dacae1c52d92558aba843838cbe194/detection

abdostoon.system-ns.net

# Reference: https://www.virustotal.com/gui/file/11ca8124eafada0030581d48756d74682044f61f5559828566a2fa5ab4a1e981/detection

153.248.77.175:8080
124m.system-ns.org

# Reference: https://www.virustotal.com/gui/file/87d571ed4164035f9ac242f3224cdeec0e470ff1738083fd81906b1fa9464ecd/detection

191.101.158.161:4664

# Reference: https://www.virustotal.com/gui/file/64862f3f32e143403f7c47a94c098e50df6ec2b9ef3b3f43d34e64a5e0ebd060/detection

bgddac.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/c10d363fa329a0d997661c56a197f4e23ed1060b3bc584c7008b08b8acf2063b/detection

cttihellobitches.chickenkiller.com

# Reference: https://www.virustotal.com/gui/file/1c29df5a28d3f974cb346e12d32670e38b59f837fb0033be5952999440e318d9/detection
# Reference: https://www.virustotal.com/gui/file/07ef414ba15fd2f3768ff97aa236610416e8a61f8301fe060646e85e17b00e2b/detection

ceo209.ddns.net

# Reference: https://www.virustotal.com/gui/file/d788d27b9ae9435211045adb5fb9b87c280fc6041c6b46b3f98cd52b7a2d8dca/detection

67.215.9.227:4902
zzz3494958kljfsdxcvcxvkjsdfsdf324234sdfsdf.publicvm.com

# Reference: https://www.virustotal.com/gui/file/1fd155e7fc507bd4df5d7c8ee6f5bf97cff1c38c8d2980d5ab6724065f22e2dc/detection

f0520683.xsph.ru

# Reference: https://www.virustotal.com/gui/file/6b120984118eddd360f31e22a97c5b16d5dae3182815ff2a626620ba0b7512c6/detection

f0517182.xsph.ru

# Reference: https://www.virustotal.com/gui/file/14a0a22f83ae9c07243fed8523a02308f65ea22447641312bf4227f6b40a60f8/detection
# Reference: https://www.virustotal.com/gui/file/1fd55dcc92f7b7f8192a3ab8857d22708188b09f6a05d61c06f8419732dc729c/detection
# Reference: https://www.virustotal.com/gui/file/7a47d84ee508a307fd872993321b5e43032057ad13b0589582dde1d0ab5607ac/detection
# Reference: https://www.virustotal.com/gui/file/c277eda6dd60d01d59bc2476d43eba7c665844a0adb164a99d503a907ef2a32b/detection

104.244.77.34:7079
198.98.49.245:7079
37.228.132.165:7079
45.77.147.196:7079
mailnmn.duckdns.org

# Reference: https://www.virustotal.com/gui/file/bf8db9669c9e6fda3503cd8e42443833f8ff679d558905d8576b1e3f8a53964e/detection

61.174.63.166:66
http://61.174.63.166/explorer.htm

# Reference: https://www.virustotal.com/gui/file/ed2a3e363a6e6b4e13df5e00779a1318a267376b4a7878df7b0b2e75907c747e/detection
# Reference: https://blog.netlab.360.com/necro-shi-yong-tor-dong-tai-yu-ming-dga-shuang-sha-windows-linux/

kek.gay

# Reference: https://www.virustotal.com/gui/file/f9addf98dbacf339a6164527cc148bb5184eb8b40094374e70f38ceec1d04762/detection

85.62.90.165:4267
ds4358x.hopto.org

# Reference: https://www.virustotal.com/gui/file/cbd85aedc732a02387112cbccb712f6c42ab93a053bcdf1fae8c991083f3889c/detection
# Reference: https://www.virustotal.com/gui/file/9b54abad8b76b676f5c23547aa4f1ce997cd69c74ea65a0993893361600fb147/detection

83.38.68.205:1605
godric.ddns.net

# Reference: https://www.virustotal.com/gui/file/09506fa58ec1c8f60940694eb6794171ba94429ac5bb5a1b356da032f78d41de/detection
# Reference: https://www.virustotal.com/gui/file/30cef4bd53cfdbfdb5ba8aca0181fd010e2287479dc21862cbe6d285aedcc4f8/detection

173.46.85.177:39360
185.247.228.96:39780
billions.ddns.net
makebillionaires.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/4989fe6f412cdde357763ad6ec368c3e6bd5566326957eb40aabe3bca67217b3/detection

178.124.140.139:1608
49.150.137.47:1608
ddserver.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/0c150b0f7d8d1b173ff680e8f3fe1334e95e100e53ca9d5081a6da3f4f2d75b4/detection

hotbest.warzonedns.com

# Reference: https://www.virustotal.com/gui/file/c6abe9a759f3d26cf3e48c1bb6c2614817d639f7932054eb0c3af8ae55b69c2a/detection

lexyvip.ddns.net

# Reference: https://www.virustotal.com/gui/file/c9af5d9bbcee50e58452ab483ab26672adfaabf45bd97ecf64ab41c343689f20/detection

debarrz.ddns.net

# Reference: https://www.virustotal.com/gui/file/f786947c789ad4ec0d6372a9ebedca86b93c380ce69e61fd35624cde22aac2ec/detection

dsfkljeworiu2789452734kludsfsdfewrwer.publicvm.com

# Reference: https://www.virustotal.com/gui/file/b726e038edf02a4b99707c7fd00ff991161cb76faae28a33a7931a2d7150a702/detection
# Reference: https://www.virustotal.com/gui/file/53fa7d042074ebe94cd34590d463fc53528badb8525708bf0862e032efcc07dd/detection

185.145.45.243:9976
67.214.175.69:9976
sdfxcvxcvsdfsdhjkfweyur23897423423swedrsdfwerwerwre.publicvm.com

# Reference: https://www.virustotal.com/gui/file/0dd54610fabc19c4a1039d419e8ddc82409639e894ca7e0f81290e02167e5e62/detection

jimasun.online

# Reference: https://www.virustotal.com/gui/file/8661227e1e645cd3f885c81f31d205fe77d1228a9392a39690dca5afa597a59f/detection

infikuje.freevnn.com

# Reference: https://www.virustotal.com/gui/file/92a2f90d24f96b761bbdeeb4961eca84a6d7cf74f5fe97cccdae3bd280f8f5eb/detection

boggan9t.beget.tech

# Reference: https://www.virustotal.com/gui/file/329573a48d1d1f23dbbb20339ea67377bdcc9dbc40672aaf4a48f13b18bd5ef3/detection

nostrel6fg.beget.tech

# Reference: https://www.virustotal.com/gui/file/21fec0ed890fc8720aa8e11660caf89a564b0802cb94cd98160c90011bf36dae/detection

ispverify.cable-modem.org
javaloadingsetts.ignorelist.com
s0und.myactivedirectory.com
securityssl.mymediapc.net
speedconectest.ciscofreak.com

# Reference: https://www.virustotal.com/gui/file/9a0b3a3ea780548ce054f7992cfc54402d6b9ed77d1438eebde56a94a4b04fa8/detection
# Reference: https://www.virustotal.com/gui/file/82f7a560d481b7a98828acb603474a7d1fdd866d8027d034504956df5f06abe2/detection

156.206.170.247:1601
192.3.138.58:1602
41.43.225.108:1601
41.43.225.108:1602
41.43.225.108:1603
82.205.15.96:6565
82.205.15.96:6566
eyebeam.myactivedirectory.com
eyebeam.myq-see.com
microsoft.net.linkpc.net
network-service.myq-see.com
systemupdat60.dahuaddns.com

# Reference: https://www.virustotal.com/gui/file/cb65edcfde748679cc140c48c03fec62c0ede1b3c9de7364b02262ea6a00f457/detection

haxorbaba.duckdns.org

# Reference: https://www.virustotal.com/gui/file/49b3c1cea44676e46f5dd2d99db7810d3e09d256318be8429d1faa25a53d80b6/detection

193.188.22.233:60743
professorlog.xyz

# Reference: https://www.virustotal.com/gui/file/fb8799ce1371689377771fb2368cf307693fca3fec98cd9e1629790055e696d0/detection

192.169.69.26:3333
176.84.231.83:5553
81.61.79.44:5553
88.13.144.181:5553
prueba0.hopto.org

# Reference: https://www.virustotal.com/gui/file/2c5bcf3f88a6848053f57223363adb22e49f41b1c8a54f8ddc370508c3043e70/detection

nixsd.xyz

# Reference: https://www.virustotal.com/gui/domain/nikss.webtm.ru/relations
# Reference: https://www.virustotal.com/gui/file/d5872f6fcbcbcaf395e7986543e55b68bdd08b56d082f979bfd0a51998a795e3/detection

nikss.webtm.ru

# Reference: https://www.virustotal.com/gui/file/948b6682700dd920a6df4b7c436ee42b53a674d8ec084c54e1a65bbea53e1d57/detection

http://146.0.72.82

# Reference: https://www.virustotal.com/gui/file/2bbb3d0327ff5e7b129db3ec6aa55edcf8295db4b564cac4fc409e77595ff4df/detection

23rajay.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/990593fa6873ffdf8e9eaf990767b481e96dda650e3dd3a1709e95bf9480a1d8/detection

spynetby147.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/a299812e8a6309e2a79c6a15ca0b94bc82e6f2e575d3a16d4b3f3c58a7181042/detection

achwakkoukou2015.no-ip.biz

# Reference: https://twitter.com/fr0s7_/status/1409112656645132290
# Reference: https://app.any.run/tasks/e044bdda-8e95-46bb-a60b-1dc142a22d09/
# Reference: https://www.virustotal.com/gui/file/3d0b3bc76d4fd108704b6457d4bc4c9ee80dbc71bd9cbf0206a5f4f24d47379c/detection

http://192.241.171.204
/new_vnc/new
/new_vnc/u/tasks
