# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html

msoftupdates.com
msoftupdates.eu
mylogisoft.com

# Reference: https://www.virustotal.com/gui/file/828595d68d450d68be7ac03bd654fdc1f47373b50f8ff23e0ef6e4f17e8856dc/detection

3.17.202.129:19185

# Reference: https://www.virustotal.com/gui/file/8115a146dc2059ab5f063c3cdfc9218c44d5a77bb21dbc03220db556454a3e79/detection

3.19.3.150:19185

# Reference: https://securelist.com/gravityrat-the-spy-returns/99097/
# Reference: https://timesofindia.indiatimes.com/city/lucknow/pakistan-spy-lured-98-targets-with-bots/articleshow/69867201.cms
# Reference: https://otx.alienvault.com/pulse/5f8dc76217a81be1371cb618

bollywoods.co.in
chat2hire.net
click2chat.org
cvstyler.co.in
enigma.net.in
gozap.co.in
melodymate.co.in
microsoftupdate.in
mozillaupdates.com
mozillaupdates.us
msoftserver.eu
nortonupdates.online
orangevault.net
savitabhabi.co.in
sharify.co.in
strongbox.in
teraspace.co.in
titaniumx.co.in
wesharex.net
windowsupdates.eu
x-trust.net

# Reference: https://app.any.run/tasks/0c397db6-3b87-45cc-9a07-b4ea0c3831c7/

58.158.177.102:46769
coreupdate.msoftupdates.com

# APK

/savitabhabi.apk
