# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/malwaremustd1e/status/1256977666084761602
# Reference: https://www.virustotal.com/gui/domain/1.versionday.xyz/relations

1.versionday.xyz

# Reference: https://intezer.com/blog/research/kaiji-chinese-iot-malware-turning-to-golang/
# Reference: https://otx.alienvault.com/pulse/5eb19b29d53d234ac978f51b

aresboot.xyz
cu.versiondat.xyz

# Reference: https://twitter.com/albertzsigovits/status/1264909051227451395

45.138.81.176:35565
0.versiondat.xyz

# Reference: https://twitter.com/albertzsigovits/status/1265196913067991040

2s11.com
6x66.com
cocoserver.xyz

# Reference: https://twitter.com/r3dbU7z/status/1271053327242014721

136.243.18.221:808

# Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/xorddos-kaiji-botnet-malware-variants-target-exposed-docker-servers/
# Reference: https://otx.alienvault.com/pulse/5ef223cce7849b037b7614a5

122.51.133.49:10086

# Reference: https://twitter.com/r3dbU7z/status/1328650015842197506

173.230.150.166:37301

# Reference: https://twitter.com/CujoaiLabs/status/1423258390583812102
# Reference: https://www.virustotal.com/gui/file/e666735eb6c10a27617aac9ffbf1bf29435fa0d1e3d099787d6ce28e079c8768/detection

103.59.113.150:8989
luoyefeihua.site

# Reference: https://www.virustotal.com/gui/file/ee310139ba31770b69650d464c999c3526aa5cc4ab924ddcc53cf3cb06727c37/detection

20.187.127.241:11000
20.239.179.30:11001
20.247.3.55:11001
myjiaduobao.xyz
myjianlibao.xyz

# Reference: https://www.virustotal.com/gui/ip-address/20.247.3.55/relations
# Reference: https://www.virustotal.com/gui/file/d5f8e4fac3b005c15a8e5a440d411cb7513f18ab627c49e883e0d40c5f16c57e/detection
# Reference: https://www.virustotal.com/gui/file/ca3830454c715c79d8bdafc083d9108d139b155ab87f8cbf0f33ff515cb813de/detection

20.247.3.55:808
20.247.3.55:8567
kivspace.top
kivspace.xyz

# Reference: https://www.virustotal.com/gui/file/c07c45348a74ff71179a13ec1be8a398fc49183ab04e3f9b0c436c55f1bde423/detection
# Reference: https://www.virustotal.com/gui/file/420223e8f59e78148b21b2a90b2ffc080e0bb8084ffceca3f7e26b215eb09a0c/detection

103.254.72.193:10099
103.254.72.193:808
tomca1.com
