# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://isc.sans.edu/forums/diary/Malicious+Word+Document+Delivering+an+Octopus+Backdoor/26918/
# Reference: https://app.any.run/tasks/7353f3a6-ac18-493c-8795-80a655aca736/
# Reference: https://app.any.run/tasks/2375a880-cd06-4a78-b401-7cac10255dbb/
# Reference: https://www.hybrid-analysis.com/sample/ab32fed5cdd9fd87f961011bc992f00070b73b6083e1e20e79fb2cc03d062903/5fe1f94b72a08b0abc74ef3e
# Reference: https://www.virustotal.com/gui/file/3f4ce9fcbe40c1f445aa844e4561346e9ff1cb812a6d8937387a31be7fb88592/detection

18.189.43.84:80
18.189.43.84:8080
18.189.43.84:81
51.103.66.128:8080
hpsj.firewall-gateway.net

# Reference: https://twitter.com/wwp96/status/1364612616816103425

http://159.89.238.15

# Generic

/hpjs.php
