# Copyright (c) 2014-2019 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.fortinet.com/blog/threat-research/circle-of-the-fraud-more-information-about-bitcoin-orcus-rat-campaign.html

adobe.br.com
bitcolntalk.com
bitcolntalk.org
bltcointalk.com
bltcointalk.org
bltcolntalk.com
bltcolntalk.org
githvb.com
qithub.org
qunthy.org
wcx.nz
wex.ac.nz
wex.ms

# Reference: https://twitter.com/oguzpamuk/status/1165739004974817280
# Reference: https://app.any.run/tasks/bc90ea8c-24fd-43d1-a831-2246eca40e32/

65.49.81.174:1337

# Reference: https://twitter.com/JayTHL/status/1188666712813719552
# Reference: https://www.virustotal.com/gui/ip-address/176.227.191.12/relations
# Reference: https://www.virustotal.com/gui/file/ab27de99f9af5b25c51a452734624d275be3f375acb8e2e196753f58edd7ff61/detection

176.227.191.12:1337
176.227.191.12:8080
fbkw.tk
glared.ga
kekw.tk

# Reference: https://www.virustotal.com/gui/file/246ed49ede850eaafddff2794415bb71eca90238b8c3ef7969f2a2d9247761a5/detection

176.227.191.12:10134

# Reference: https://www.virustotal.com/gui/file/ba6ac57263f886ec57dbc7d91705bc997a6ee9e0e4753bb1e28036245fa5d954/detection

176.227.191.12:1564

# Reference: https://www.virustotal.com/gui/file/abbf1a3dc2074173f0679edbc25b7e835a799684151f4f5ceb2174515a30f2b6/detection

176.227.191.12:2002

# Reference: https://www.virustotal.com/gui/file/a83458a20fa9f2dd5f58d8bb0b08f9e3c64640b4898d14d4f1494130b9ef2357/detection

176.227.191.12:6666

# Reference: https://www.virustotal.com/gui/file/84a550cd5c0ab129a3e7ddf222e6e20b30e8126abf297d1765c17ef079c8ca9e/detection

176.227.191.12:7007
