# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: http://contagiominidump.blogspot.com/2012/12/trojanrussmssystemsecurity-toll-fraud.html
# Reference: https://www.virustotal.com/en/file/664725869278f478e5a50a5e359dc6d5cf4f2a7019d0c122e2fa1e318f19636b/analysis/
# Reference: https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=516
# Reference: http://securelist.com/blog/incidents/59384/new-threat-trojan-sms-androidos-stealer-a/#page_top

load-center.ru

# Reference: https://twitter.com/051R15/status/1068411354216722432

211.188.179.86:8686

# Reference: https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/

radiobalouch.com
/Debugging/process/process/resolving/system/ReadAllTracks.php

# Reference: https://twitter.com/ninoseki/status/1176732200873578496
# Reference: https://www.virustotal.com/gui/file/9cfea36afbc687f967a4509fb9a7f07b4439bf85b319dc3c937a262a142858cc/detection
# Reference: https://pastebin.com/c8JQLkf1

154.197.51.135:84
45.204.2.128:82
45.204.2.128:83
45.204.2.149:83
45.204.2.158:83
http://154.197.51.131
http://154.197.51.134
http://154.197.51.135
http://154.197.51.136
http://154.197.51.137
http://45.204.2.128
http://45.204.2.149
http://45.204.2.158
http://61.218.17.208
http://61.218.17.209
http://61.218.17.210
http://61.218.17.218
http://61.219.193.249
http://61.219.193.252
http://61.219.255.43
http://61.230.136.233
http://61.230.140.192

# Reference: https://github.com/advanced-threat-research/IOCs/blob/master/2016/2016-05-31-android-spyware-targets-security-job-seekers-in-saudi-arabia/android-spyware-targets-security-job-seekers-in-saudi-arabia.csv
# Reference: https://www.virustotal.com/gui/file/7cbf61fbb31c26530cafb46282f5c90bc10fe5c724442b8d1a0b87a8125204cb/detection
# Reference: https://www.virustotal.com/gui/file/4aef8d9a3c4cc1e66a6f2c6355ecc38d87d9c81bb2368f4ca07b2a02d2e4923b/detection

/Hac%20Mobaile/
/Hack%20Mobaile/ADDNewSMS.php
/Hack%20Mobaile/ADDIMSI.php
/Hack%20Mobaile/ADDVCF.php
/Hack%20Mobaile/ADDHISTORYINTERNET.php
/Hack%20Mobaile/ADDSMS.php
/Hack%20Mobaile/ADDNewSMS.php
