# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: allcomeclipper, clipbanker, snojan

# Reference:  https://www.virustotal.com/gui/file/0f419357649d1a57ba5e12792b289029a08b64767dc31e26c8aecf97cd03e0db/detection

a0567226.xsph.ru
/cisCheckerstroke.php

# Reference: https://www.virustotal.com/gui/file/67d8e4f765313db72ae56b971dd875d20156bc4effb974641b1562b8a40d41da/detection

a0443179.xsph.ru

# Reference: https://www.virustotal.com/gui/file/430294a75c0360ae893f412d8d82451aa5c9c073761e53bbf2a2a924772c5e4d/detection

exapiserver.xyz

# Reference: https://www.virustotal.com/gui/file/5561234eeb067923c32d20eaea6c9adc83703274259ad0f5b0fca8e17283aafc/detection

64.235.39.32:4343

# Reference: https://twitter.com/3xp0rtblog/status/1486368999919300611
# Refereence: https://www.virustotal.com/gui/file/f234b6d1801e1d4105de18a74ecd99f64cbdd7c47d6079bb2994d38ed7b0de44/detection

dba692117be7b6d3480fe5220fdd58b38bf.xyz

# Reference: https://www.virustotal.com/gui/file/de0a87ad4f4214942257a4fc18403cd007ea52340dc5654f4d077552a9853f10/detection

185.92.74.28:2332
debiazzela.xyz

# Reference: https://www.virustotal.com/gui/file/ef008f47745e26566fcfd8d5343ea57e3760bf3499dfa0678630c5bdd99bab84/detection

45.150.67.128:34060

# Reference: https://www.virustotal.com/gui/file/eefb300d8edb258afaeb3fbc1915f152d7be7f2731cda229809d2ebee589a875/detection

91.243.59.37:61742

# Reference: https://www.virustotal.com/gui/file/ce1b83d495067a604d8bb5a1ba99e92bd06a1e767b7aeb73e3d165717a3b921d/detection

91.243.32.178:34437

# Reference: https://www.virustotal.com/gui/file/b24523cc458721146099476b2590d92110ed1c497719d939c957e1f26566287f/detection

144.76.173.68:16125

# Reference: https://www.virustotal.com/gui/file/8412c378ea1256412376b420584f3a25d9007d6afc7801fd829440f5a8e2ca53/detection

92.255.85.47:41320

# Reference: https://www.virustotal.com/gui/file/70abc52440a072755c6fbbc11d7c2a626108226bac1fe5b675fde6508d2d394f/detection

lomaebiepe.xyz
marketshares43.com

# Reference: https://www.virustotal.com/gui/file/50d40f979eb73bcf88ee3606a01032afbbeaae9926a1f2d16e1b31e7b8aefdfa/detection

91.243.32.178:34437

# Reference: https://www.virustotal.com/gui/file/f6a9881708b06e638873f9a2645a7fac541c8de37c306e6879419e49fc993c90/detection

185.242.160.248:3

# Reference: https://www.virustotal.com/gui/file/e7a6836bcd5f3ccfe5b57f7229f3429d126f1f99e1d7ed35e12f953ee7834cdc/detection

serverclient.sytes.net

# Reference: https://www.virustotal.com/gui/file/e513873f71583d53d5c29adfdcb4b324f41b199a1df29872b54dc6305d46f847/detection

3.124.67.191:11266
3.125.188.168:11266
3.126.224.214:11266
3.68.56.232:11266

# Reference: https://www.virustotal.com/gui/file/87c4223f28edac6244def04e951ceaef3ee3a18cbfa47bebf3f9977e60bf709a/detection

3.124.67.191:11266
3.126.224.214:11266
3.67.15.169:11266

# Reference: https://www.virustotal.com/gui/file/dde4ddc714c3d7b6bbd1dd2465db6a45fdbb2bf98a6a3d3a8f2baa122eb6298f/detection

194.132.123.81:9801

# Reference: https://www.virustotal.com/gui/file/caef23da4023b21af80547141a751c046893ddb92e6795e6a2ecf37030b4588a/detection

193.161.193.99:1761
betrun.portmap.host

# Reference: https://www.virustotal.com/gui/file/b9b641896a8f25737d366a42b5e4e42a60f38b7243dac0e3bdb9a6caabc5f2ce/detection

172.111.244.124:1511

# Reference: https://www.virustotal.com/gui/file/b2dd1306be7536a8ddb8ff062222c868acd046489255962fdd6e3fab139c56e8/detection

167.224.168.66:8692

# Reference: https://www.virustotal.com/gui/file/ab6cc0f1632e42a38e3e6d130ab8d49f8d788f097a38731ab04b51237d19005f/detection

89.40.7.145:1338
wealthychrist.duckdns.org

# Reference: https://www.virustotal.com/gui/file/aac638376068f5a72dd70ba2e3024c80707c345608cb99c7ed7465752b9a5509/detection

217.12.220.2:51838

# Reference: https://www.virustotal.com/gui/file/a8a03cf17c4cbd53fe7de8f9e2422581f2f9c6bb84e385f0f6448ab99a5c6442/detection

51.250.26.110:1338

# Reference: https://www.virustotal.com/gui/file/a84be7c1822d0b93910311a015318f4e49aa54082b37db8f001edc9fd661453c/detection

45.141.57.108:1337

# Reference: https://www.virustotal.com/gui/file/a30a2292b24e248f4caf88e7acd424a9b98ca9249d7b2c8593400ffb52bd374c/detection

79.134.225.71:7465
yeet.ezpz.work

# Reference: https://www.virustotal.com/gui/file/a164b2961939b97e18ad74cc6b80c382c62569903be7ecb379b04ed753efc517/detection
# Reference: https://www.virustotal.com/gui/file/349ab5f312ec1058c031bc0712ade0045500d58102ab02d05b6d38c672161961/detection

136.144.41.158:1338
136.144.41.158:2154
randomhost11.ddns.net

# Reference: https://www.virustotal.com/gui/file/a02b682eff1f90b91f4689829e9e34da5e0653cd45095bb122857c19c4844c22/detection

59.24.3.174:4443
lxrdstr.ddns.net

# Reference: https://www.virustotal.com/gui/file/9d02b4336cba93bf0516ffe3faebcc9fba9d5aafe68f77336773d9dbc969a0f1/detection

3.141.210.37:13561

# Reference: https://www.virustotal.com/gui/file/9cf883208111f24bf5b432b62959ff50860abe9e7dfc1ba07d5086d08cebb059/detection

51.79.237.105:7070

# Reference: https://www.virustotal.com/gui/file/8f3d185d7ad51983f2d727f795e8d3e86be580e04ffd236289d79adb73a17834/detection

193.56.29.237:1338

# Reference: https://www.virustotal.com/gui/file/8a3d555c8d1019b6d42721a2eea770d2101458fd70b208f6767db2eeb1cd44bc/detection

212.192.246.239:1338

# Reference: https://www.virustotal.com/gui/file/8a21c6035dc119765ac1df93ce7a798400d74f4f34589fddf7bcbe36e8224753/detection

193.23.127.27:5000

# Reference: https://www.virustotal.com/gui/file/89fcb09c981fdfe5be197c11c22ad1a6203caeac82d5f248b6d97c1d7b5c6a9b/detection

91.134.187.25:1335

# Reference: https://www.virustotal.com/gui/file/898f02755d50f36d0c99f76aeab267ca1a764bd9e789a6b09ead41405a721cab/detection

164.68.118.176:1335

# Reference: https://www.virustotal.com/gui/file/87c89cf86cd2f9339fb283319b5e4a49c0626943b4bc0d17112d675e4e377570/detection

195.133.18.193:45354

# Reference: https://www.virustotal.com/gui/file/87afe305e8fa3ad057b720d284f7aa46202bb2d1f16285d1ab2afbf7b86de688/detection

23.105.131.186:1338

# Reference: https://www.virustotal.com/gui/file/87a056d5211058f7b2dd8102c63eba032d07b00b0f47d462f72bc8eb96135db0/detection

91.243.32.50:63948

# Reference: https://www.virustotal.com/gui/file/8641093e34e0c22b1ebeb8e651cbb0d5b6032e7923b7dac82fe67cf5780fffb3/detection

77.78.22.216:7000

# Reference: https://www.virustotal.com/gui/file/84f9b7d30124ed8cacac720cc0746ebe144d567a4d6f3e6beb2ccddf9215e4fa/detection

3.132.159.158:13561

# Reference: https://www.virustotal.com/gui/file/7e79422db04ac0b81104d82915cb47dd777c9205a333f87fee6a026b7c7e9338/detection

155.138.175.10:1338

# Reference: https://www.virustotal.com/gui/file/7438ea5e9da45849d301169ec20435fe7b139b29a887288ec35c319ee5428038/detection

45.137.22.140:1336

# Reference: https://www.virustotal.com/gui/file/729ccaa00807cf86d2c2ecb295ddc8199c1e0a68fc3fb13023bd54e96533af97/detection

107.172.191.117:1338

# Reference: https://www.virustotal.com/gui/file/60f895ab7c455ac5f9966aea178156385d6833452a758a61b75e42a31235f0d3/detection

88.198.102.13:1338
johnnysimz.ddnsgeek.com

# Reference: https://www.virustotal.com/gui/file/5e2549c9d46f7cc2c2f0fe01b3ed869da698ad8a88024c6109f84f3d8f0a9647/detection

109.234.38.45:1338

# Reference: https://www.virustotal.com/gui/file/5d7ed1047933a676503ee36dd1d02d876d6f6790cf8577621a876498b03f28f4/detection

51.161.107.21:1338

# Reference: https://www.virustotal.com/gui/file/57d86674268579b10536888dc0501e0691aa9c03b888fb677fea2d21da57dae2/detection

199.195.253.181:30030

# Reference: https://www.virustotal.com/gui/file/542299f813eb26b1549b55cbed71a5e790ec348fb8cdf5aabef8a9d84751b08c/detection

80.80.130.104:1338
black.mentalitysoftware.com

# Reference: https://www.virustotal.com/gui/file/52de4929c559132649504b20cd412ddd3a801c6b3fe654880eb13c42b8a92400/detection

212.192.241.135:1338

# Reference: https://www.virustotal.com/gui/file/4d3593279be7b6a8a709953a88943b778d2067c557538d43be70ae6cd115a82c/detection

35.87.27.20:5050

# Reference: https://www.virustotal.com/gui/file/44f12b15a04e9d8a065f98ed59ed3c004595033869a2de004e39b44169a2b971/detection

107.172.191.117:1338

# Reference: https://www.virustotal.com/gui/file/42b990666d317f9c42a116fd388a06158ec91002581d3bda22dca2355ee2a779/detection

193.56.29.242:4444

# Reference: https://www.virustotal.com/gui/file/40d818db797142e55d72dee7d50c9be8686cab4a073ffc8bcbfecf786c10bbcf/detection

89.80.22.57:1025

# Reference: https://www.virustotal.com/gui/file/3dbd1065734c9b3e603bc2a81dbadb77beeb54c6a918a6a4ae0687659ac3c0fb/detection

51.178.165.162:1338

# Reference: https://www.virustotal.com/gui/file/3db16b64339313e26414df7549660f87e3b297a8c5e49fa582f37149baaeb347/detection

164.68.118.176:1335

# Reference: https://www.virustotal.com/gui/file/3c00e268ab53c1de58514fbe0258a734143b2699ba09dc7311ab756c2e414ed6/detection

217.64.31.3:7495

# Reference: https://www.virustotal.com/gui/file/3300b6806f96eae376939e611c3c2d71e6ae297500bf49618e6e64c24818bd61/detection

178.238.8.108:1338

# Reference: https://www.virustotal.com/gui/file/2c0bbf6f21d348eb1a19db565b751be23255cda929018b4890e60c4bcc3c220e/detection

supoeted.publicvm.com

# Reference: https://www.virustotal.com/gui/file/28711e8b02fcbb5b75f421fdbca40c693661d25333dbb5280a3d40dad741a963/detection

207.148.87.129:7771

# Reference: https://www.virustotal.com/gui/file/24c2e2db0cc9c3e42c687d64b3112c1d150c3972207b42099bac70ce6c29c5df/detection

212.193.30.230:5302

# Reference: https://www.virustotal.com/gui/file/198d9632e054d4b4f1f11b75c7f47c1cd5ed738d8a47fd26d536ed30ee768a6b/detection

205.185.118.52:30030

# Reference: https://www.virustotal.com/gui/file/164070780814fa7291f8e867e02ad585f45075df07f24f58e1dc4ffa44145c3e/detection

164.68.118.176:9919

# Reference: https://www.virustotal.com/gui/file/151b7ed47e2c8fee25d725824775d15e4662eace24e5c6410bcb4ec145078d79/detection

108.61.183.89:5203

# Reference: https://www.virustotal.com/gui/file/0d22f7eb95d9904fdc98b7c09e13814ff8ef316a9eff5caf4390fa6a926e9d28/detection

46.197.96.207:9702

# Reference: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/covid-19-phishing-lure-to-steal-and-mine-cryptocurrency/
# Reference: https://otx.alienvault.com/pulse/61c5a0f6b228644655962c31

coronavirus-notice.com

# Reference: https://www.virustotal.com/gui/file/d74fd3b348cda03bfec1f94e675c40a6cf32b9f9b0e6cc7c628813df9f449eb9/detection

51.254.27.112:1337
65.108.68.54:1338
vncgoga.duckdns.org

# Reference: https://www.virustotal.com/gui/file/259110b6055e9d6b3a0147d77303e210290688b94890b28ba8f493c96c1a5c77/detection

brershrowal.xyz

# Reference: https://asec.ahnlab.com/en/35981/
# Reference: https://otx.alienvault.com/pulse/62bc06911930b02bf65a51fb

both-those.xyz
brain-lover.xyz
broke-bridge.xyz
cool-story.xyz
cover-you.site
fall-hire.site
fall2sleep.xyz
feel-quite.xyz
fill-empty.xyz
heal-brain.xyz
interactive-soft.xyz
just-trust.xyz
load-brain.xyz
love-light.xyz
main-soft.site
polar-gift.xyz
really-software.xyz
retro-rave.xyz
side-soft.site
soft-viper.site
software-load.xyz
tech-lover.xyz
use-freedom.xyz
violance-heck.site
violance-rave.site
viper-air.xyz

# Reference: https://twitter.com/siri_urz/status/1546500374357594114
# Reference: https://www.virustotal.com/gui/file/1df21947a75dba51b4838ffbe986ac9cf38d2f5fada7949722da34ba0522d204/detection
# Reference: https://www.virustotal.com/gui/file/4df448d36e3409ecd712702ef66dba779d81961ae364243ccc0e2e5a6cb39334/detection
# Reference: https://www.virustotal.com/gui/file/99de9973a24c418fb48e9f284db005bed71419a25b70f38ee8571a86d275a13a/detection

paradies.cc
/paradies_api_v.php
