# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/malware_traffic/status/1112776731331620865

hospitaleco.com

# Reference: https://twitter.com/malware_traffic/status/1103717653590482944

gettorrent.ac.ug

# Reference: https://twitter.com/malware_traffic/status/1101164760647847936

capitalinvest.ac.ug

# Reference: https://twitter.com/malware_traffic/status/1083771485997670400

tepingost.ug

# Reference: https://twitter.com/K_N1kolenko/status/1116263090562183168
# Reference: https://pastebin.com/jFhkBu32

bokolavrstos.com
newagenias.com
binacoirel.com
malansio.com
jamaliensor.com
kolobkoproms.ug
bastionprofi.ug
tepingost.ug
startolete-vn.ug
bestchope.ug
fashionhub.ug
mytradecrypto.ug
applezone.ug
travelups.co.ug
travelforyou.ac.ug
einvestment.ac.ug
newphone.ac.ug
newstoday.ug
globalcoin.ac.ug
yourseo.ac.ug
cryptoshop.ac.ug
capitalinvest.ac.ug
onlineinvestment.ac.ug
allcashbacks.ac.ug
getpayment.ac.ug
gettorrent.ac.ug
proshop.ac.ug
yandex.ac.ug
yandex.ug
google.ac.ug
search.ac.ug
hospitaleco.com
oldspicebest.com
refenansoro.com

# Reference: https://twitter.com/x42x5a/status/1121094286613852162

santaluisa.top

# Reference: https://twitter.com/VK_Intel/status/1125549719885893633

golenirose.com

# Reference: https://app.any.run/tasks/6faf55b6-9675-4c23-acf6-e165e1938e43/
# Reference: https://twitter.com/raby_mr/status/1136498987890925569

crypto-widget.live
penthausebrones.com

# Reference: https://twitter.com/JAMESWT_MHT/status/1166604400489639936

eroomia.com

# Reference: https://twitter.com/malware_traffic/status/1169727825823354880

xhth516682.com

# Reference: https://twitter.com/ActorExpose/status/1176782301222658048
# Reference: https://app.any.run/tasks/6d880837-3ba9-439c-b67b-ee6d2837b645/

aaenyhostel.org

# Reference: https://github.com/silence-is-best/c2db#vidar-stealer

weimachel.net

# Reference: https://twitter.com/0xFrost/status/1182973846208598017
# Reference: https://app.any.run/tasks/d498ebc5-51cd-446f-9d98-7e43628b56b5/

garbage-barabage.top

# Reference: https://app.any.run/tasks/52656d24-b866-416c-b703-ee0fae0e3f78/

klegrandlichgrum.com

# Reference: https://twitter.com/James_inthe_box/status/1191695072032460800

qubert.org

# Reference: https://pastebin.com/xwT2gAgE

acrelop.com
martinlloyd.net
pineloseesrae.com
qubert.org

# Reference: https://app.any.run/tasks/42a9a425-d8f8-4504-8bbf-63c0c10c4bda/

gebrauchlichtal.com

# Reference: https://twitter.com/Paladin3161/status/1162320397368381441

villadubois.org

# Reference: https://twitter.com/P3pperP0tts/status/1178820466917675008

lanokhasd.com

# Reference: https://twitter.com/P3pperP0tts/status/1196440836852125698

steerdemens.com

# Reference: https://twitter.com/P3pperP0tts/status/1197178756068257795
# Reference: https://www.virustotal.com/gui/ip-address/209.141.33.126/relations

http://209.141.33.126
steerdemens.com
starlikespace.org
longvoyages.com
xd.botnet.services

# Reference: https://twitter.com/P3pperP0tts/status/1198935640664133644

crarepo.com

# Reference: https://twitter.com/P3pperP0tts/status/1198984250420269057
# Reference: https://app.any.run/tasks/60002c6f-65b1-4597-a011-1b2de844e56f/
# Reference: https://app.any.run/tasks/16784961-e95f-403d-8726-ad04d37c7b8a/
# Reference: https://www.virustotal.com/gui/file/1223da902b1525073ad6a4a71214b1c1b062fa61ce23138dcea4e7c7bfe9b8ab/detection

agent1.icu
agent2.icu
amdsetup4.icu
amdsetup5.icu
juhubeachn.com
legion17.icu
toplegions1.icu
updateinfo3.top
updateinfo4.top

# Reference: https://pastebin.com/iDrBJG8j

fastupdate1.top
fastupdate2.top
fastupdate3.top
fastupdate4.top
foxupdate1.me
foxupdate2.me
homeporno228.com
legion17.com
thepleasurelive.com

# Reference: https://pastebin.com/x2qLz9FJ

voyagephoshop.org

# Reference: https://twitter.com/ViriBack/status/1202413165482409984

http://195.133.1.170
ahmatokomaro.pw
bestdead.pw
petordementyev.pw

# Reference: https://pastebin.com/HBSmJ4wb

789456123.monster
legion17.net
lowupdate3.top
lowupdate4.top
softupdate1.me
softupdate2.me
xylolle.com
ybookfli.net

# Reference: https://app.any.run/tasks/45b54b0e-6de2-4975-b640-779026655f7c/

grelkafestivales.com

# Reference: https://twitter.com/MBThreatIntel/status/1225917125493018624

naumokukea.com
porosnter55.xyz

# Reference: https://www.virustotal.com/gui/file/48c34dd8345ab24ac203e3efc7f46643c4817a42b12fcd7c8a62211b4f4fc02d/detection

gyeonggidoo.com

# Reference: https://twitter.com/P3pperP0tts/status/1228775071260594176

greenlandsurround.com

# Reference: https://app.any.run/tasks/2e1aa0da-69b6-4f5f-847b-243cfaaabd4a/

gewe.tech

# Reference: https://www.virustotal.com/gui/file/2ca7597f7b6a1227c6bace9b1441f2b439935f02a35ffa2a2562f5ccc6cff8e4/detection

maineacadia.com

# Reference: https://www.virustotal.com/gui/domain/paparazzis.pw/relations

paparazzis.pw

# Reference: https://twitter.com/malwrhunterteam/status/1242355604477423617

whoer-vpn.net

# Reference: https://www.virustotal.com/gui/ip-address/161.117.177.248/relations

verifiedomg.top

# Reference: https://twitter.com/JAMESWT_MHT/status/1246056096055406592
# Reference: https://app.any.run/tasks/d75d4f69-8381-46c7-9f0e-ce5ba2eb1ac1/

etips.fun

# Reference: https://app.any.run/tasks/fe00595d-b20e-4f2e-9c47-9f1cb79a63b3/

wrangellse.com

# Reference: https://twitter.com/James_inthe_box/status/1248964446505947136
# Reference: https://app.any.run/tasks/4cc95d8b-f2c7-457d-97d2-991d0115c1b4/

yrhealth.life

# Reference: https://app.any.run/tasks/d8a2ef38-b0a0-4619-ab21-918d7e6eefcf/
# Reference: https://www.virustotal.com/gui/domain/mastercard.ru.com/relations

mastercard.ru.com

# Reference: https://twitter.com/petrovic082/status/1257619785707393034
# Reference: https://app.any.run/tasks/a3380ace-5f86-4240-a986-f244231c05cc/

archessee.com

# Reference: https://app.any.run/tasks/93596f59-77f9-4b55-af25-3939594ed913/

repitoperano.pw

# Reference: https://www.virustotal.com/gui/domain/waterpocketfold.com/relations
# Reference: https://app.any.run/tasks/b7d1ca5f-e49f-4d50-b4b0-690e6b8b7783/

waterpocketfold.com

# Reference: https://app.any.run/tasks/d6a32934-daf9-4b83-9a2a-9f5a5feb4b64/

barddistocor.com

# Reference: https://app.any.run/tasks/32e30b47-f656-4505-af07-7e3f7c0c3b93/

http://213.226.114.54

# Reference: https://twitter.com/malwrhunterteam/status/1264259160918671363
# Reference: https://www.virustotal.com/gui/domain/sumliomicna.com/relations

sumliomicna.com

# Reference: https://www.virustotal.com/gui/file/ffc9319863cf7efe7575c36357ecd7102f99c99758ed94e97d31d78c7e1966a3/detection

headborro.com

# Reference: https://twitter.com/vigilantbeluga/status/1257891038582067200
# Reference: https://www.virustotal.com/gui/domain/chumashpeople.com/relations

chumashpeople.com

# Reference: https://www.virustotal.com/gui/file/13f8e88a6f37b999c12513887752d7a03637e32106ef4109e11a9a8f260ccfab/detection

piedmontteem.com

# Reference: https://www.virustotal.com/gui/file/aecddb3a9656759f5681708172573f435c3db0539d6a7a0230ec93b4e3f131a1/detection
# Reference: https://www.virustotal.com/gui/file/e0830aec7a5737f0558860a3ff192c6270bf57b2bc1c01ad514c012f7d039bae/detection
# Reference: https://www.virustotal.com/gui/file/87dac3be0edd3b599b3d50eec0edbe751e6d2951b22182a85b017acf26d485f7/detection

backgrounds.pk
jamshed.pk
karimgousa.ug
karimgouss.ug
levitt.ug
levitts.ug
marcakass.ug
tribunal.ug
zaragoza.co.ug

# Reference: https://www.virustotal.com/gui/file/f1d7ea9dcf7abe22f07f3d14fb21636e47bb0def2f766632a547d20f7d258aa5/detection

http://37.252.5.111

# Reference: https://www.virustotal.com/gui/file/f2a0fdf6caf5be2b84dcc0efb0c59082fa67350d49a1f2951b451df6f1d2bb21/detection

tomasisa.ug

# Reference: https://www.virustotal.com/gui/file/51b82ddc8786bdd8a0805baebaa243df7910711d422aad9f5fa867f46c7fcc71/detection
# Reference: https://www.virustotal.com/gui/file/cd8751bd47174dbae36c414383ca789d6d23062d528a34eaa81924cb3c0bfaf5/detection
# Reference: https://www.virustotal.com/gui/file/30ff25b4a60bd0e1f46e544dc44138aa3cf59ef87a84f1eafae990c61f1e5266/detection
# Reference: https://www.virustotal.com/gui/file/1969bcde226f3b3bcfb67912b5ff6efd8038383dc2655980a6f51730e8361d09/detection
# Reference: https://www.virustotal.com/gui/file/c81ae80ffb2e2a3af8c2b5ae405f848ed094e3f4112a501c4bb773d5f494239d/detection

lkjhgfdsa4.ru
zver.tech

# Reference: https://www.virustotal.com/gui/file/5282290d0d6e2b1add3d298052c4f607afa58e12559ddcf99da3a242d8329cf8/detection

sl9XA73g7u3EO07WT42n7f4vIn5fZH.biz

# Reference: https://www.virustotal.com/gui/file/bc275cd76478e4d3387740dd955d9b9b5b36f064656ecb1e1cea9b8649eec57d/detection

smarteyecare.in

# Reference: https://www.virustotal.com/gui/file/eb496b85f98f8b3f2b4f4150295b490c04b6b710818b9ebf592272b5dd3005c0/detection

precambrianera.com

# Reference: https://app.any.run/tasks/4b8bd5e5-b60d-45ee-9fa1-e631e591987b/

likeanimals.net

# Reference: https://www.virustotal.com/gui/file/50d214d5c28d4fe7980d89449aed8714b12285ec9f7e21e3bf21c66d3f2797d0/detection

nextgentoolkit.com

# Reference: https://www.virustotal.com/gui/ip-address/217.8.117.77/relations
# Reference: https://app.any.run/tasks/3b0bd018-731d-493c-a4d3-9a58a97e03ff/
# Reference: https://www.virustotal.com/gui/file/aba9f9d6904d1474f7a0693e80d182eff9cb8a1c185f0090876cf8eb83914cbb/detection
# Reference: https://www.virustotal.com/gui/file/c08958f222a52901aade88ebe2c3636a8bca3bf9fb6874ffbae93261ebfec86f/detection

agentt.ac.ug
agenttt.ac.ug
andreas.ac.ug
andres.ac.ug
courtneyhones.ac.ug
courtneyjjones.ac.ug
courtneyjones.ac.ug
courtneysdv.ac.ug
ferreira.ac.ug
ferreiranadii.ac.ug
foundsomebo.ac.ug
iloveyoubabu.ac.ug
iloveyoubaby.ac.ug
jamesrlongacre.ac.ug
jonescourtney.ac.ug
letitburnsf.ac.ug
malarcvgs.ac.ug
morasergio.ac.ug
morasergiov.ac.ug
nadia.ac.ug

# Reference: https://twitter.com/JAMESWT_MHT/status/1328290554912903169
# Reference: https://app.any.run/tasks/34c3a80a-83a1-476e-80ce-2ce62e40e0b7/
# Reference: https://www.virustotal.com/gui/file/0ea95746928602fad4896c1085ee0125dbeb29145dea813ad3444f648c9db2c8/detection
# Reference: https://www.virustotal.com/gui/file/95268ee22cb09ca871b56ede8eca4a1655490ef02ad14bbd2c02b60eea19481c/detection
# Reference: https://www.virustotal.com/gui/file/9dd08cf2672502db217f9772affb88657f8559d8f4d946af25c4b22428ea336a/detection
# Reference: https://www.virustotal.com/gui/file/a6dbfda2fe88b1f7e1184f3ab5fd3e206aece25707fb55d25b1fda513bf93007/detection

buydating.co.ug
gomisacar.com
rineialav.com
swiloodex.com

# Reference: https://www.virustotal.com/gui/file/9a5e8b3e5929b50b2ac4c44587fb01153ad9377681c3ca5c2dfee11830a2caec/detection

sbershit.com

# Reference: https://www.virustotal.com/gui/file/76ce130d2447f71bea8ed902959fd7e0aeac86b55f9e44a327c1f1c1bd73ba3f/detection

molothunsen.com

# Reference: https://www.virustotal.com/gui/file/9f7708675b4cb733db4405d8c42f54828d7069e990bc8238f74abe8222425037/detection

whoicehkestes.com

# Reference: https://www.virustotal.com/gui/file/628a9c97a55155f60d3b5ae29bc64f1dca5a6baf2b4f6a1a1de5e836cd4fb73f/detection

desperate.website

# Reference: https://www.virustotal.com/gui/file/95bf761c12eba2be84e29c60e31017bc60007ed0f38fcdf261d5fef34e8e4f2f/detection

badlandsparks.com

# Reference: https://www.virustotal.com/gui/file/0af341a92c789bd37e8d7d029f0c225f66f5137f678ea8082426bb565261e740/detection

paunsaugunt.com

# Reference: https://www.virustotal.com/gui/file/7b5a9d6119e910f5c0441ae27293b0367718a4257062f29ec8ef27342a0b8de8/detection

biscayneinn.com

# Reference: https://app.any.run/tasks/4ec40ce2-3250-47c5-96d8-07bcb4c4d1b9/

realmengame.com

# Reference: https://app.any.run/tasks/2c8c2f47-e965-4ca7-ab5f-bf8bcefd74b2/

marianne.ac.ug

# Reference: https://www.virustotal.com/gui/file/2953c2448667bc21d451fce8747513bfaaf0df312df1e0a47604ea49a2bbbda4/detection

prosecuredata.top

# Reference: https://www.virustotal.com/gui/file/b25e4f3d4cfb1ade5d4d68469d6f9b365dddc0296f4a66b2e60f29d476889db9/detection

altmessager.com

# Reference: https://www.virustotal.com/gui/file/3d4b459e2a4a78a2c693876b548b248acf9bb3278fb87ec66b5e4cf204a42cf9/detection
# Reference: https://www.virustotal.com/gui/file/b2ca76052b184c69881e79f3f7549ae884f38a57f50f5801fa40aa953f20b11b/detection

kenutduk.duckdns.org

# Reference: https://app.any.run/tasks/030e7573-8696-417e-8741-b8f80e43caa6/

goodssogood.com

# Reference: https://app.any.run/tasks/5a354632-e77c-42ab-8ff0-87bcad5c78fc/

/a/a/www/

# Reference: https://www.virustotal.com/gui/file/240a264d7565a846f6b1a1d83fbec957351de24e6096cf325e6fb24f229e81a1/detection

paperone.co.ug

# Reference: https://www.virustotal.com/gui/file/54976d4745f4fe0b1492cdecdfdb465a81b8acfe305e210d3e2a39b945889082/detection

hydrakupi.co.ug

# Reference: https://www.virustotal.com/gui/file/899940dfc0c21fb132d23ffb7f8bd4bfbef3bd52b741f1da49834dbcd4ac0578/detection

fastkisel.co.ug

# Reference: https://www.virustotal.com/gui/file/477c7d30787de3f979707583bdfae90fb84bd070003c2ccfd260cba2aed08234/detection

didntreadlol.com

# Reference: https://www.virustotal.com/gui/file/7a48e7fad9485df2316249060c7820a56ddb1b0c2841718744e31fe9b5b18786/detection

duckclack.com

# Reference: https://twitter.com/pmmkowalczyk/status/1369275271011041281
# Reference: https://www.virustotal.com/gui/file/d466ef9698569363af4f08b64235817c7838c726c1faee300582aab3d90f5683/detection

/lancer/getm.php?pid=

# Reference: https://www.virustotal.com/gui/file/0a98dfea9758a2d86facdd37086aae816688386cb897957d72ce95fe2c12093f/detection

zockzock.top

# Reference: https://www.virustotal.com/gui/file/802f2e368248bf75bb83af798f562f9fb2bf07227500b0986abc16a0b42d3ebb/detection
# Reference: https://www.virustotal.com/gui/file/6039cff3d4e528c47b3cd505d14ba6645b4056aa139a06150a0ace56c9cd402f/detection

test.adegokecollege.com

# Reference: https://www.virustotal.com/gui/file/2f4dc31023ec39356b3aa220863cba0ac8b25770641423bccf79ee2b10d77278/detection

nmorbertomo.ac.ug

# Reference: https://www.virustotal.com/gui/file/2e99c313e0c650e1550099cda6493a1896741c8ca294b201d2f2edd5238cdb7a/detection

http://45.147.198.62

# Reference: https://app.any.run/tasks/377e6816-2765-4384-bf2a-4818f84b2b8d/

cache.krishgarden.com

# Reference: https://www.virustotal.com/gui/file/764574a80f1738d589a165cb5fecc7840220c7e72ffe795be772ccf58a0f7ceb/detection

static.parafia-strumiany.pl

# Reference: https://www.virustotal.com/gui/file/0e55e17532909ad5ad34eb4e35d791b27c6951dd15a8baba34c29ae572c884d0/detection

ciaociaoline.com

# Reference: https://twitter.com/c3rb3ru5d3d53c/status/1380870829932744707
# Reference: https://app.any.run/tasks/edc50f68-7088-439e-8993-b6bf2fbb4cde/

data.parafia-strumiany.pl

# Reference: https://app.any.run/tasks/0273000c-ebf5-4a51-a89e-3d0159ff5bb3/

http://45.85.90.86

# Reference: https://twitter.com/fr0s7_/status/1384855677659660288
# Reference: https://app.any.run/tasks/210dcd67-5096-4f79-9cb7-21502ca24854/

stealer.xxxy.biz

# Reference: https://twitter.com/reecdeep/status/1387777010097852426

http://203.159.80.206

# Reference: https://www.virustotal.com/gui/file/e5686e76056d1a4ac0a3120e1de3e3ab9aca585fb151881e76885d36a6621092/detection

lotomoto.info

# Reference: https://twitter.com/James_inthe_box/status/1389233811251073033
# Reference: https://app.any.run/tasks/4a9b349d-ade4-4723-ac41-40415532e8bc/
# Reference: https://app.any.run/tasks/3e24fd12-9eed-4e6a-9b49-dfd3d8341a87/

http://31.210.21.181

# Reference: https://www.virustotal.com/gui/file/bbd4dd21dde67a96ac02aa9795ce662fa36d4edb90d13f2ffbdeee0d4aea5050/detection

vtqt.xyz

# Reference: https://www.virustotal.com/gui/file/3be583104ac2df031993b4f1bcbca40c01cefc5282050bc70b74e6e428291aba/detection

http://31.210.20.228

# Reference: https://www.virustotal.com/gui/file/55f1a2084fd1c1d5477519f06b02aa4fa4d917aaceffd116fc45820dc49a7795/detection

osiq.xyz

# Reference: https://www.virustotal.com/gui/file/7d449aa7f0c8097671688a2636f7b2d748f5ee3e4e63de3447d903fd371533f0/detection

http://45.144.225.173

# Reference: https://www.virustotal.com/gui/file/fa1b210bdfaa9d9ed60eeee1196af0a697ed9bb1b6fbcc7108ebf43b55a313a5/detection

http://159.69.87.239

# Reference: https://www.virustotal.com/gui/ip-address/188.34.193.205/relations
# Reference: https://www.virustotal.com/gui/file/83422a63a67f69382eb8b0770a89d1841b43aac04beb7ae14429d35ce4b77a3f/detection

http://188.34.193.205

# Reference: https://www.virustotal.com/gui/file/8209fcebdc81bc471b8abd57c07a18a7f222803f625028e26e343fde63183fda/detection

http://78.142.29.63

# Reference: https://www.virustotal.com/gui/file/1fa6a1833e1fe0875ea6f0ddf0dab47659a5a9cc8db80e6496177215bfbff498/detection

worstyear2020.com

# Reference: https://www.virustotal.com/gui/file/dfe963eae24c412b410f879df4f8fdec5b1a4fa8e20f44ab4eea4af4f811cf19/detection

dollartikuda.xyz
ys-gay.net

# Reference: https://www.virustotal.com/gui/file/c41aa6d6eeac57851b0a00a619609ed764072881b85b7dad25ac30f2856eda43/detection

support121.ddns.net

# Reference: https://www.virustotal.com/gui/file/f7a75dfb71ae46a4d6732100359c7d1b6fb5bb65338d6d1b702871ca492d3d54/detection

sefagusten.top

# Reference: https://www.virustotal.com/gui/file/cdeda69bc5ed54e292430a0e7017a66472ef4a1a25e3ebc125785fa2f9dc2bd9/detection

siwirnes.top

# Reference: https://www.virustotal.com/gui/file/573ac5d6b60b2965407c8fbf5c9d0f82067a19c27db420c4f5e9067798bcf6f9/detection

http://162.55.189.102

# Reference: https://www.virustotal.com/gui/file/835c8f02b83dd9bf4b3bf34f7e786b9b37c22924977eab54c6be9f69f1fefc69/detection

http://168.119.226.10

# Reference: https://www.virustotal.com/gui/file/326bebb9e00419c94b901a4597b8d8b1b56ac6ca9cbb96fc8f40df4d85d588cb/detection

http://176.123.4.140

# Reference: https://www.virustotal.com/gui/file/f4a1b439d5d5dcda842507571335e05665dfddc1cec1690d2fa66480c84d3e50/detection

http://185.99.133.218

# Reference: https://www.virustotal.com/gui/file/addabc3e06c8044f4eb4dfc9b63c0d40c4c3e628761ac097a8647d105376051c/detection

http://188.34.193.205

# Reference: https://www.virustotal.com/gui/file/dc466832b1cfeb541df94d49aea4de357c034f78bf70480c27fe265e440010bf/detection

http://159.69.87.239

# Reference: https://www.virustotal.com/gui/file/49b3c1cea44676e46f5dd2d99db7810d3e09d256318be8429d1faa25a53d80b6/detection

http://195.201.94.135

# Reference: https://www.virustotal.com/gui/file/8d2dbbfd60c93fa6faf7f7b3bcfe4ac73dc6c2870911fe8f2c1c4e14bff90499/detection

http://49.12.77.13

# Reference: https://www.virustotal.com/gui/file/d17da61df61aace32659d4c00fd886a6115c893ce48b84c1a819ed6cb7fc1a61/detection

http://198.98.55.103

# Reference: https://www.virustotal.com/gui/file/00bebbc8e8adec6a7133ea0b83663d072b50cdab673d6b4d42b41d0a3fd61bc7/detection

djalil.top

# Reference: https://www.virustotal.com/gui/file/cc981c93093a992a27a48072beda1ebeefd2c23d1e961fd427995d389960890b/detection

lookluck.net

# Reference: https://www.virustotal.com/gui/file/3436be047261b75482542deb4e22e89927e89f60b6061fa32d72043ef8e4afad/detection

http://205.185.127.90

# Reference: https://www.virustotal.com/gui/file/6d68a55fc9958ed4e1e38eb44159f7ef87c434f91c78ae5c8bc58a979526f0da/detection

http://116.203.140.224
http://78.47.81.226

# Reference: https://www.virustotal.com/gui/file/dccba229de62bcbd976968e97f5c2febecf9408e339c553371563e43e8f7be48/detection

http://78.47.87.144

# Reference: https://www.virustotal.com/gui/file/bf9be8425f9523539e9fadbd7b96ced4fc65eaabb1006996a6974c6da8041a7e/detection

http://88.198.106.10

# Reference: https://www.virustotal.com/gui/file/a439026408378e73e65afe890e517d9fd78ed55739840cd0eec1e0d83056dd33/detection

http://94.130.58.199

# Reference: https://medium.com/s2wlab/deep-analysis-of-vidar-stealer-ebfc3b557aed
# Reference: https://otx.alienvault.com/pulse/60b10fc3cf96ed70dad3bc07

bittracker.co.ug
blockbock.com
bockbock.top
bocksmoke.com
brainstormer.co.ug
cache.krishgarden.com
centos8lts.com
centoswiki.co.ug
choohchooh.com
ciaociaoline.com
ciaociaoline.top
customkitchaid.com
data.parafia-strumiany.pl
didntreadlol.com
djalil.top
dockclock.pro
duckclack.com
fastkisel.co.ug
flinstonehouse.co.ug
ftp.dwysokinski.me
fuckspha.com
gate.akadns9.net
goodssogood.com
guilmettemoron.com
hydrakupi.co.ug
juhjuh.com
kenutduk.duckdns.org
lookluck.net
mail.kiselev.co.ug
paperone.co.ug
promo.parafia-strumiany.pl
protestbonjer.ml
shirleyhorn.com
smtp.omplcement.com
static.accelerator-introlab.ml
static.helpmybusiness.ga
static.parafia-strumiany.pl
upload.krishgarden.com
yourpro.top
zockzock.top

# Reference: https://www.virustotal.com/gui/ip-address/185.215.113.114/relations
# Reference: https://www.virustotal.com/gui/file/4b17367ca1fa965f3e4c89a58c7f0325157c224eb80d3344490c7f368f12a833/detection

bilederina.top
binoders.top
cerolipak.top
manusorg.top
mutaleson.top
tenorimp.top
veribuman.top
cleardatass.com
datastatscl.com
statsdatacl.com
