# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: bifrose, bifrost, refroso

# Reference: https://blog.talosintelligence.com/2020/02/threat-roundup-0221-0228.html (# Win.Dropper.Bifrost-7593600-0)

lronaldinho.no-ip.biz
snouci.no-ip.biz
zoulou.zapto.org

# Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0228-0306.html (# Win.Packed.Bifrost-7603033-1)

dzalgerdz.no-ip.org
hh.servecounterstrike.com

# Reference: https://blog.talosintelligence.com/2020/03/threat-roundup-0313-0320.html (# Win.Worm.Bifrost-7616408-0)

fisherman7.no-ip.biz
noip2010.no-ip.org

# Reference: https://www.virustotal.com/gui/file/24fd4a24f7bfe82cb6eef5fb11e3a9f677539d812e6eb074db6ccf657938932a/detection

drive53.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/c72c3618ca584612806b0abe8a9857749cb69e51b11b64eea413f1da9b20eecf/detection

drive53.no-ip.biz.ovh.net

# Reference: https://www.virustotal.com/gui/file/297cfd8abb097b865aabc4f629f31dc31aab9883fea5467139161463fa4c5c47/detection

recorder1171513gg.ftpaccess.cc

# Reference: https://www.virustotal.com/gui/file/79a455f8a35202694f8337d2712d5f060e076cd182dec562a1bc7e4fa9337dde/detection

204.95.99.26:96
broklin.no-ip.org
casawa1.no-ip.org

# Reference: https://www.virustotal.com/gui/file/e4856ad9746aedc3b3518c625a07f8503f857ca32194e9704f36fa0c968f2394/detection

karim.no-ip.org

# Reference: https://blog.talosintelligence.com/2020/04/threat-roundup-0403-0410.html (# Win.Dropper.Bifrost-7646061-0)

hmada12.hopto.org
hooogo.no-ip.biz
tt00.dyndns.tv

# Reference: https://otx.alienvault.com/pulse/5e973946469296827b671df8
# Reference: https://www.virustotal.com/gui/file/3cad20318f36b020cf4d6b44320eb5a6dae0a78339a0fdc3a1fe5e280a8507f1/detection

107.191.61.247:443

# Reference: https://www.virustotal.com/gui/file/5774843d066e36b1f75d171bf3247cddf1779b5866dd66c6c323b9f74aa672e4/detection

a1a5a4.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/bbe06c393df62ce5aed08ade02dab8667fab6d142b4a1be7ac312aee9901b1b8/detection

hacker06.no-ip.biz
souhailmejri.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/1d142651ae48c447a3df697fefd8ac50e4e31d729d6f0a38bacb72577b2029dc/detection

sami99.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/afd084c46dfb09d023d5fcf6d150c4e7c96257304e1c58ab3caa6ee8fa732adf/detection

94.73.32.235:82

# Reference: https://www.virustotal.com/gui/file/58f8382bd89ecdbf05d43a7a0f6fa25865a35d8c0cb35307b172d2fe233c8670/detection

58.158.177.102:4116
adsl196iam.sytes.net

# Reference: https://www.virustotal.com/gui/file/6ac72d7442e19bf0457fdd6709f97f844a7249ab475d198d730222d2670911b1/detection

thea7m.hopto.org

# Reference: https://www.virustotal.com/gui/file/cb1bc5bc32a26c55cce3c005c1a0fb4243f595b5f18507409e792da30c0d3680/detection

ttonline.hopto.org

# Reference: https://www.virustotal.com/gui/file/c16c7f13bfaa05a60e81d3f5645d7d26e0776dbee0efbd87f8025980d61d36d7/detection

58.158.177.102:4562
hostdz.hopto.org

# Reference: https://www.virustotal.com/gui/file/c05b20391b2a000fa21895dfd9308f599c2ba7e1341dcc689f3280a36b50f3d9/detection

94.73.31.192:3594
gniewkowiec0359.zapto.org

# Reference: https://www.virustotal.com/gui/file/32c82467e4cd40a8164f27b98aed4a234ebf31393bb4dbc0fd0cd5d1c9fb23f5/detection

hamada12.zapto.org
hz12.no-ip.biz

# Reference: https://www.virustotal.com/gui/file/96f5f04f8760ed900cb158465610fb99941acdf01e14c475fd1f86cfdd5d7526/detection

103.40.112.228:443

# Reference: https://www.virustotal.com/gui/file/3bf891ead3ed76811cb77874075cc6d6b8a4bc5a21127265933541816ab213b7/detection

45.77.181.203:443
45.77.181.203:53

# Reference: https://www.virustotal.com/gui/file/4d90b415aec3b2d8deb17f6d6bcfef180e172b54b4f06ea54fb1378116b1cb78/detection

220.133.229.149:443

# Reference: https://www.virustotal.com/gui/file/e81aac556cd6d142551f2ed173bdd56779f3761779b88e8f7d5ea1c171cb9a7e/detection

59.125.119.202:8080

# Reference: https://www.virustotal.com/gui/file/5eb4ce37527609e94f7a2b84a8e6248c1fbaa2f36015ec8be74f95a7fb433b86/detection

106.186.121.154:443

# Reference: https://www.virustotal.com/gui/file/b65aac5a5750d2f30aa874646a088a7476f49dcd93f0c0355379f225080f29b3/detection

172.104.92.110:443
172.104.92.110:53

# Reference: https://www.virustotal.com/gui/file/32f349bdf672093ac940d4730bfa2825aebb0bf0575d734380a0979605b378a6/detection

kauan0802.duckdns.org

# Reference: https://www.virustotal.com/gui/file/795cbaf2d1975a889ddb1abee4e814937ba03b61117c903c7f03e8e35b5db849/detection

h4mm3r.no-ip.biz
troja1.mine.nu
