# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: mewspy, mewsspy

# Reference: https://www.securityhome.eu/malware/malware.php?mal_id=7837428715a1e24d27a4fa7.97301329
# Reference: https://www.virustotal.com/gui/file/c71dee7464b6d7901ef12c7a3e8cba090535c66c588d33c58f8e23855ee26971/detection

176.31.246.49:14141
178.62.233.140:50000
213.186.113.10:62495
46.32.233.54:12204
46.32.233.54:53535
72.167.201.238:11080
arawerhaibod.com
xipuporebauwlas.com
laofcuedcip.ddns.net
moiwirixuxfuh.ddns.net
cxkefbwo7qcmlelb.onion
z3mm6cupmtw5b2xx.onion
awqausqaedsolo.localtunnel.me
beikawobwuoc.localtunnel.me
beipavcuxo.localtunnel.me
buebbowaniqiodt.localtunnel.me
buurikoq.localtunnel.me
causnuulnea.localtunnel.me
dasubaxagie.localtunnel.me
daugpoolsouwedt.localtunnel.me
doimsubeke.localtunnel.me
duheegtuoqekc.localtunnel.me
egleidef.localtunnel.me
ekucnevuif.localtunnel.me
escasion.localtunnel.me
etmuuqenimm.localtunnel.me
exadnaecitki.localtunnel.me
fuiqsaulogt.localtunnel.me
godumakokub.localtunnel.me
heokolexpeinx.localtunnel.me
hoeptuoqdiito.localtunnel.me
ibulboevaqduik.localtunnel.me
idxaotquesbo.localtunnel.me
ilufucvuiserer.localtunnel.me
iqnotirig.localtunnel.me
iximililekoqed.localtunnel.me
macoequpabe.localtunnel.me
miekwaukt.localtunnel.me
nihuseko.localtunnel.me
noobdeulux.localtunnel.me
obufisku.localtunnel.me
oceqmaadobe.localtunnel.me
ocluviraudurohc.localtunnel.me
ocwaohenwoaf.localtunnel.me
odoqomamlol.localtunnel.me
ogebbucuav.localtunnel.me
olahviuxcu.localtunnel.me
omovucve.localtunnel.me
orguabuhdumiro.localtunnel.me
pidopusoliba.localtunnel.me
puneahuckamu.localtunnel.me
qetahaaqk.localtunnel.me
ridekeobo.localtunnel.me
riifadasovafk.localtunnel.me
umnexiqoxi.localtunnel.me
umubtinanebeu.localtunnel.me
usirohsonuasa.localtunnel.me
uttohocoxit.localtunnel.me
uwaselloawm.localtunnel.me
vooqkoahxoebigu.localtunnel.me
wiitkoab.localtunnel.me
wocihekohuuh.localtunnel.me
wudiawokat.localtunnel.me
xaowuhopud.localtunnel.me

# Generic

/si.php?data
