# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://twitter.com/_icebre4ker_/status/1459178538960097289
# Reference: https://www.cleafy.com/cleafy-labs/sharkbot-a-new-generation-of-android-trojan-is-targeting-banks-in-europe

sharkedtest1.xyz
sharkedtestuk.xyz

# Reference: https://twitter.com/midnight_comms/status/1459190518420852739
# Reference: https://twitter.com/_icebre4ker_/status/1461241411307769857
# Reference: https://www.virustotal.com/gui/file/4f1822817690d89943e7e57468ab4366e360772c0adce67bf74a7224b3732dee/behavior/VirusTotal%20R2DBox

c2hhcmtlzdq3cg9qqkk.xyz
c2hhcmtlzdq2cg9qqkk.info
c2hhcmtlzdq3cg9qqkk.info
c2hhcmtlzdq2cg9qqkk.xyz
c2hhcmtlzdq2cg9qqkk.cc
c2hhcmtlzdq2cg9qqkk.com
c2hhcmtlzdq2cg9qqkk.net
c2hhcmtlzdq2cg9qqkk.top
c2hhcmtlzdq3cg9qqkk.top
c2hhcmtlzdq2cg9qqkk.ru

# Reference: https://twitter.com/_icebre4ker_/status/1462707330877898754

nddwb2pcstlmsedgzgz.top

# Reference: https://twitter.com/cleafylabs/status/1491414401651458049
# Reference: https://www.virustotal.com/gui/ip-address/31.214.157.112/relations
# Reference: https://www.virustotal.com/gui/file/4b7945e3756abb48e2a9b62d8a3a7f633811a1073a20a7d46c121e29b41b6c31/detection

m3bvakjjouxir0zkzmd.xyz
mjaynhbvakjjouxir0z.xyz
mnbvakjjouxir0zkzmd.xyz

# Reference: https://blog.fox-it.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/

mjayoxbvakjjouxir0z.xyz
n3bvakjjouxir0zkzmd.xyz
statscodicefiscale.xyz

# Reference: https://twitter.com/_icebre4ker_/status/1506728296771461126
# Reference: https://www.virustotal.com/gui/file/917d7a3dff486a6b2908607dccf5d8a2929e05bb1ce988aec40bcb194d999bd0/detection

sigmastats.xyz

# Reference: https://research.checkpoint.com/2022/google-is-on-guard-sharks-shall-not-pass/
# Reference: https://otx.alienvault.com/pulse/62500ff8c7a4efb7d9e74ffb/

0f995b6f93c819a0.xyz
74071141daaf3521.xyz
c2hhcmtlzdq5cg9qqkk.top
mjaynxbvakjjouxir0z.xyz
mjaznxbvakjjouxir0z.xyz
ndlwb2pcstlmsedgzgz.top
y2znlm93bmvysuq0m3b.xyz

# Reference: https://twitter.com/malwrhunterteam/status/1525052607005446150
# Reference: https://www.virustotal.com/gui/ip-address/185.219.221.65/relations
# Reference: https://www.virustotal.com/gui/file/38b625b22d181132c67d9012cc86a8c15af3416e4d39ae9007d2c02792b2ce2b/detection

http://185.219.221.65
11358f75eef6ac5c.xyz
122503f3e91e84bf.xyz
c3f2c437622918b0.live
f3eac8de096e59ca.live

# Reference: https://twitter.com/_CPResearch_/status/1539598489495150593

aftelcom.top
comappday.site
gematolink.xyz
gematonick.xyz
originativ.co
vansciver.me

# Reference: https://www.virustotal.com/gui/ip-address/176.10.125.87/relations

61b5b05e79ddc1bf.info
66300d872f8568f0.xyz
6a1b9ec71eb4d837.net

# Reference: https://www.virustotal.com/gui/ip-address/185.158.249.30/relations

6a00a421e44ead9e.live
7a4edf69ed3d21f9.live
80b51e6b4a4942d8.live
92cf772e294ea095.store
d6c73e3ea9b2429d.live
