# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: unc2628, unc2659

# Reference: https://twitter.com/JAMESWT_MHT/status/1331588273643413505
# Reference: https://twitter.com/JAMESWT_MHT/status/1331599141877805059
# Reference: https://app.any.run/tasks/056d7a48-4e36-4b7f-a4d0-c895841b66ce/
# Reference: https://www.virustotal.com/gui/file/6d656f110246990d10fe0b0132704b1323859d4003f2b1d5d03f665c710b8fd3/detection
# Reference: https://www.virustotal.com/gui/file/afb22b1ff281c085b60052831ead0a0ed300fac0160f87851dacc67d4e158178/detection

securebestapp20.com

# Reference: https://twitter.com/petrovic082/status/1364149992101982209
# Reference: https://app.any.run/tasks/101a068a-9893-4c8b-95e5-efbb98b9128c/
# Reference: https://www.virustotal.com/gui/domain/catsdegree.com/detection
# Reference: https://www.virustotal.com/gui/file/12ee27f56ec8a2a3eb2fe69179be3f7a7193ce2b92963ad33356ed299f7ed975/detection

catsdegree.com
temisleyes.com

# Reference: https://app.any.run/tasks/230f18f6-ec8c-4654-8d0a-410e1e769b05/

a0525271.xsph.ru

# Reference: https://www.virustotal.com/gui/file/b6855793aebdd821a7f368585335cb132a043d30cb1f8dccceb5d2127ed4b9a4/detection

baroquetees.com
rumahsia.com

# Reference: https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html
# Reference: https://otx.alienvault.com/pulse/609c0ee81a709f9d805ce108

http://45.77.64.111
http://173.234.155.208
104.193.252.197:443
162.244.81.253:443
185.180.197.86:443
athaliaoriginals.com
ctxinit.azureedge.net
darksidedxcftmqa.onion
darksidfqzcuhtk2.onion
koliz.xyz
lagrom.com
los-web.xyz
sol-doc.xyz

# Reference: https://twitter.com/darktracer_int/status/1394244644150472711

erc4xzvrchka5izw.onion
