# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/hatching_io/status/1318213481213165570
# Reference: https://tria.ge/201019-52sls692an

contirecovery.info
m232fdxbfmbrcehbrj5iayknxnggf6niqfj6x4iedrgtab4qupzjlaid.onion

# Reference: https://www.hackplayers.com/2021/02/sitios-cibercriminales-deepweb.html

fylszpcqfel7joif.onion
htcltkjqoitnez5slo7fvhiou5lbno5bwczu7il2hmfpkowwdpj3q2yd.onion

# Reference: https://twitter.com/GossiTheDog/status/1426114648609337344
# Reference: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockfile-ransomware-new-petitpotam-windows
# Reference: https://otx.alienvault.com/pulse/612365feb824f7976425bb2e

209.14.0.234:443

# Reference: https://github.com/ti-research-io/ti/blob/main/ioc_extender/BB_Conti.json

belatedconstructs.com
clublatino.xyz
fanyglo.com
groupmentro.com
intensewarer.com
saferoiworks.com
todevelopskills.com
zanzibor.com

# Reference: https://github.com/thetanz/ransomwatch/blob/main/docs/INDEX.md

continews.click
continewsnv5otx5kaoje7krkto2qbu3gtqef22mnr7eaxw3y6ncz3ad.onion

# Reference: https://twitter.com/Dashowl/status/1498169213168586752

http://185.14.28.109
185.14.28.109:443

# Reference: https://medium.com/@arnozobec/analyzing-conti-leaks-without-speaking-russian-only-methodology-f5aecc594d1b

contirec7nchr45rx6ympez5rjldibnqzh7lsa56lvjvaeywhvoj3wad.onion
l66orrehfw4hovqme625bavlpz7m2achabov3iyqy76cai44oao6neqd.onion
q3mcco35auwcstmt.onion
/zeh7dkwfdxw99tdk/

# Reference: https://twitter.com/pollo290987/status/1499313323564806147

43oxsnqlub6aydymkwpn3agaaj7u2qexx4wybgrwug46c6cyldhuheid.onion
