# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: sparkrat

# Reference: https://twitter.com/r3dbU7z/status/1591314417857466368
# Reference: https://www.virustotal.com/gui/file/ee58e44e285e6838c4172404338305d864969ad19b0d1e40287fc4b1e0443e42/detection

http://139.177.196.67
139.177.196.67:8000

# Reference: https://twitter.com/suyog41/status/1608776330543509505
# Reference: https://twitter.com/suyog41/status/1608779676721504256
# Reference: https://www.virustotal.com/gui/ip-address/141.164.47.246/relations
# Reference: https://www.virustotal.com/gui/file/53ad5aacd50d63623e924042b7e637355f68071ccb267eb51265dd68bef68fa3/detection
# Reference: https://www.virustotal.com/gui/file/49b8058f80e43f7271a8433ff1f42db5938e1acf083776e9d9d66ffee1212005/detection

134.122.186.155:8000
193.161.193.99:33373
duskland.xyz
sleep.duskland.xyz
ssh.duskland.xyz
hellwoun12-33373.portmap.io

# Reference: https://twitter.com/nahamike01/status/1643587575851126784

103.213.246.4:8000
104.156.149.58:8000
104.168.64.173:8000
120.26.87.12:8000
121.4.140.182:8000
129.152.13.80:8000
129.226.92.121:8000
139.84.138.232:8000
142.93.96.248:8000
164.90.179.76:8000
180.76.143.173:8000
20.187.85.45:8000
20.243.208.23:8000
202.95.1.24:8000
23.94.169.102:8000
47.93.7.75:8000
5.45.83.109:8000
51.91.100.41:8000
8.210.81.164:8000
81.169.241.63:8000

# Reference: https://twitter.com/suyog41/status/1655524692164214784
# Reference: https://www.virustotal.com/gui/file/f252274a873b52ec33625b8f8ddb77dcdf9dfc8781585d22461f11c9d337b39d/detection

130.185.238.251:7777

# Reference: https://twitter.com/r3dbU7z/status/1658465420138123271
# Reference: https://www.virustotal.com/gui/file/80ef5b531e2e8cb19403a8f06cfa1d6743900957ebf24d84f63211ae04d6bc1f/detection

23.108.57.242:443
23.108.57.242:8000

# Reference: https://asec.ahnlab.com/en/52899/

59.22.167.217:34646
webull.day
gwekekccef.webull.day

# Reference: https://twitter.com/malwrhunterteam/status/1681940382798471169
# Reference: https://www.virustotal.com/gui/file/fa4410eb44904c8943cc69bd6aed17aa7c92bb53d9211d37af63f683a62d7247/detection

http://175.27.236.90
175.27.236.90:8081
